[147138] in cryptography@c2.net mail archive
[Cryptography] A lot to learn from "Business Records FISA NSA
daemon@ATHENA.MIT.EDU (John Gilmore)
Sun Sep 15 17:42:59 2013
X-Original-To: cryptography@metzdowd.com
To: cryptography@metzdowd.com, gnu@toad.com
Date: Sat, 14 Sep 2013 20:37:07 -0700
From: John Gilmore <gnu@toad.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
See:
https://www.eff.org/document/nsa-business-records-fisa-redactedex-ocr
This is one of the documents that an EFF Freedom of Information
lawsuit asked for. The government had been claiming they could not
release ANY FISA court orders or submissions. When the President
ordered the intelligence community to declassify more info in order to
present a fuller picture of the issues that Edward Snowden's leaked
documents raised, they went back through all the relevant documents
and, last week, released hundreds of pages in a rough dozen documents,
that they had initially claimed were exempt. I read this document the
other night and learned a lot. I encourage y'all to read it -- and
other recently released documents.
These are not "leaked" documents from Mr. Snowden. These are
officially released documents from the NSA and Department of Justice.
While their choice of "what to release and what to black out" may have
been self-serving, the documents themselves are real and official.
They candidly describe a particular part of NSA's internal operations
that relate to the telephone metadata collected about on everyone in
the US.
Their main goal in writing this document was to convince the FISA
court (which had ordered them in 2009 to stop accessing the telephone
metadata after NSA told the court that some of it had leaked outside
the boundaries of the FISA court order) that they had their processes
in hand and that the court should let them go back to accessing the
metadata.
Their main goal in declassifying it is, I believe, to convince the
public that they are being very diligent to the court's orders and
to the limits that the court places on them. And to detail all the
internal restrictions, checks and balances that they go through
while collecting, processing, accessing and releasing this telephone
metadata. To show "the whole elephant".
And to that extent, they succeeded, both with the court and with me.
(However, I think the secret court made a fundamental error in ruling
that collecting info about everybody's phone calls is "relevant" to
any particular terrorism investigation. That assertion reminds me of
John Yoo's since-repudiated assertions from the early Bush days, like
"it isn't torture unless you really intend to cause great bodily
injury" and "the President has inherent power to do anything he
wants". When you start from a severely false premise, you can go a
long way into the wilderness before you notice your error.)
What NSA and DCI and DoJ also revealed, around the edges of this
document, is a lot of small bits of information about how the NSA
technical and managerial infrastructure works. Much of this is
information that we "already knew", or could have guessed based
on already existing information, but some of it is not. This document
supplies some context that help to fit the puzzle pieces together.
Things I learned there include:
* NSA's internal infrastructure runs on Unix. (Linux is a branch of
Unix.) Their analysts log in to Unix machines with logins and
passwords, as we do, and they use the standard Unix/Linux file
access controls ("user, group, and other" permissions).
* They use web servers and web browsers and HTML and URLs to deliver
their data to their "customers" at the FBI, CIA, and NCTC.
* NSANET, their internal Internet, is not encrypted! (It is almost
certainly protected by link encryption and fiber signal strength
monitoring when it crosses from one place to another, but not
inside their secured buildings.) It's just a bunch of machines
plugged into Ethernets, running standard protocols, like what all
of our infrastructure uses.
* I'm guessing the reason NSANET isn't encrypted is because they
don't seem to have any better encryption protocols for general
use inside NSA than we do outside. E.g. they don't seem to have
automatic end-to-end encryption. So in order to be able to buy
standard machines and plug them in and use them, they have to run
their whole net unencrypted. (I think it's funny that because my
old effort to embed automatic Opportunistic Encryption in Linux and
IPSEC failed, therefore NSA's internal network isn't encrypted.
Like they couldn't do it themselves!)
* They use a "PKI" (public key infrastructure) to control access to
some databases inside NSANET. When they wanted to stop one part of
NSA's tech infrastructure from accessing the telephone metadata,
they removed the "certificate" that gave it access credentials.
In other words, when it comes to general purpose computing, they are
running on almost exactly the same kind of infrastructure we are --
nothing better. This makes sense, but I had expected that with
billions of tax dollars every year they had made some improvements in
the security, authenticity and integrity of their protocols and
software. (But, I worked at Sun, which spent billions of dollars a
year on engineering their hardware and software, and Sun's machines
weren't much better than their competitors' at security, authenticity
or integrity either.) We in the outside world *invented* all of NSA's
infrastructure. They buy it from us, and are just "users" like most
computer users. (Yes, they have programmers and they write code, but
their code seems mostly applications, not lower level OS improvements
or protocols. I'm not talking about the parts of NSA that find
security holes in other peoples' infrastructure, nor the malware
writers.)
So go read the document anyway! Don't believe what I tell you...
draw your own conclusions.
Also it seems that:
* The vast majority of the information that they are squirting
around inside NSA, searching and correlating, comes with no
particular restrictions other than those that they impose
internally (like not revealing things that disclose their sources
and methods) and the general restrictions on releasing
information about US persons. They got that data "legally", or
anyway, "fair and square", by stealing it from signals in other
countries, and they can do what they want with it. Having to
deal with a judge who can put arbitrary restrictions on what they
can do with a large database is a novel experience for them, and
one that neither their personnel nor their infrastructure is
properly set up to handle. That's why they found that data was
"leaking" from the telephone metadata database nine or ten ways
that they hadn't yet noticed until they did an end-to-end review.
The leaks were mostly fairly minor, but if they hadn't been
forced to do the review, it's clear that more and more of NSA
would have just been treating the telephone metadata like any
other piece of stolen data.
* Their "need to know" culture and the maze of classifications and
code words often prevents the right hand from knowing what the
left hand is doing. This is deliberate and is to help figure out
who the insider threats ("moles") are, based on who had access to
what info before it leaked outside NSA. But the result is also
that nobody is really in charge. There are too many details that
don't percolate up and down the chain of command, so stuff
happens that isn't supposed to happen. Like, the programmers who
wrote the code for accessing the stored database of telephone
metadata knew that it could only be accessed with a search term
("selector") that met the court's standard for "RAS" ("Reasonable
Articulable Suspicion"), so they coded the software to check for
that. But the separate programmers who wrote the code for
IMPORTING new data into the database from the telcos, didn't know
that, so they wrote an "Alert list" (renamed "Activity Detection
List" during the review) that would send a note to an analyst
whenever new data came in for any selector on the list (e.g. when
someone of interest to that analyst made a phone call). These
selectors were not restricted to those that met the court's
standards, and indeed most of the selectors on the list did NOT
meet the standard (it had 1,935 RAS approved selectors and 15,900
unapproved ones). This is not because they tried to get around
the court -- but because they were not in control of their own
infrastructure, because of lack of internal sharing of relevant
information. Free cultures really do outperform authoritarian
ones!
This is all useful information. I recommend that folks also read other
documents that came out of that FOIA case -- there are about a dozen,
all listed on the EFF web site here:
https://www.eff.org/deeplinks/2013/09/government-releases-nsa-surveillance-docs-and-previously-secret-fisa-court
In that list, this one is called "June 25, 2009 -- Implementation of
the Foreign Intelligence Surveillance Court Authorized Business
Records FISA".
John
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography