Terrorists able to hide their communications? Thanks, Edward Snowden!

This one is for those you who think Edward Snowden’s betrayal of his country (“Betrayal of his country?” What a quaint concept! How droll! This old guy is really out of it!) did no harm.

Of course, Snowden fans won’t be bothered by it, thanks to the pied piper effect he has on privacy fetishists. They’ll still think it’s a good thing. But it isn’t.

Here’s what’s going on:

Senate Intelligence Committee leaders are vowing to explore ways to grant more government access to secure communications, after intelligence outfits failed to pick up on direct chatter between the perpetrators of the Paris attacks.

Lawmakers said it was time to intensify discussions over what technology companies such as Apple and Google could do to help unscramble key information on devices such as Iphones and apps like WhatsApp, where suspected terrorists have communicated. Those companies made changes last year to their smartphone operating systems preventing the companies themselves from accessing that information…

“It is likely that encryption, end-to-end encryption, was used to communicate between those individuals in Belgium, in France and in Syria,” said Senate Intelligence Committee Chairman Richard Burr (R-N.C.), following a closed-door briefing for committee members on Tuesday. “It’s a wake-up call for America and our global partners that globally, we need to begin the debate on what we do on encrypted networks, because it makes us blind to the communications and to the actions of potential adversaries.”…

Makes sense. The idea of allowing terrorists to privatize their use of public bandwidth so that they can kill innocents is an outrage, and fortunately one that is easy enough to address — technically, anyway. But there’s a rub, and you probably already know what it is:

Previously, the government could issue a warrant to force tech companies to cough up data from its users. But following the Edward Snowden leaks, and a heightened sense of privacy from the public about the government’s access to personal information, companies began clamping down….

Sure, there are other obstacles, such as Silicon Valley’s greed: As The Wall Street Journal reports,  the problem is “technology companies that sell products based on the promise that corporate data will be secure from hackers and government surveillance.” But politically, I believe that could be overcome, leaving the ridiculous attitude that Snowden has engendered in this country as the main problem.

If we can overcome that, we’ll have taken an important step back toward sanity in our security arrangements.

 

 

33 thoughts on “Terrorists able to hide their communications? Thanks, Edward Snowden!

  1. Michael Bramson

    The idea of allowing terrorists to privatize their use of public bandwidth so that they can kill innocents is an outrage, and fortunately one that is easy enough to address — technically, anyway.

    I don’t think this is true. Encryption protocols are publicly available. Terrorists need not use American tech companies to communicate. How do you prevent criminals from using encryption?

    Reply
    1. Dave Crockett

      You are absolutely correct, Michael. PGP (Pretty Good Privacy) and other encryption schemes for e-mail has been widely and freely available since the 1990s. Text/phone encrypting apps are a new wrinkle and Apple has the ability to ban any of them from the App Store, which is where essentially all apps have to go and be vetted by Apple before general distribution. Google is not so tight on distribution of their apps, unfortunately.

      Reply
  2. Mark Stewart

    Criminals always find ways to work around policing. Eventually they get caught, but outside of North Korea this happens everywhere – even China and Russia.

    I am more concerned that China is able to pilfer militarily sensitive data from defense contractors and the government. That’s a real national security breech.

    Reply
  3. Doug Ross

    If a lowly NSA tech worker could harm our national security, we’re screwed. Any terrorist with an internet connection could come up with any number of encryption techniques.

    Imagine that – people generally don’t want the government spying on their activities. (Please don’t go down the “it’s only metadata” rathole again – you don’t understand the concept.).

    Reply
    1. Brad Warthen Post author

      And to this: “If a lowly NSA tech worker could harm our national security, we’re screwed.”

      1. Yeah, we’re pretty screwed. Everything went wrong with this, and one of the biggest was that this marginal person was able to get access to information that was way outside the scope of what he should have known anything about. “Compartmentalization” has always been an important principle in intelligence-gathering organizations — you only know about the thing YOU are supposed to be working on, the thing you have a “need to know” about in order to do your job. Snowden apparently managed to hack into stuff he had no business knowing about, much less be able to steal. At least, that’s what I read when the story initially broke. I’ve never seen any followup on that, and I’d be curious to know more about what internal investigations revealed. Although, of course, I lack the “NEED to know.”

      2. We’re even more screwed because this lowly functionary was instantly made into a worldwide celebrity by Glenn Greenwald and the editors at The Guardian, with everything he revealed sensationalized to absurd degree. This made the POLITICAL impact of what he did 1,000 times more powerful than what might have happened with a typical traitor who simply steals the information and runs off to the Russians with it. The story played like major revelations (even though people who actually followed the news knew we’d been doing stuff like this for a decade), and everything was presented in the most sensational, hyperbolic terms. (For an example of that, look at his absurd, self-aggrandizing Christmas statement, which was absurd on many levels — but that doesn’t stop millions of gullible people from thinking he’s right when he says the lives we live today are worse than Orwellian. An assertion that should get him laughed off the planet, and yet that does not happen.

      And it’s the POLITICAL impact that matters, because he has singlehandedly created an atmosphere in Washington in which it has been impossible to take some very sensible measures that help protect our national security. And it’s sickeningly absurd that this marginal guy has managed to twist our government to his deluded will…

      Reply
      1. Michael Bramson

        Is it inconceivable that rational people might disagree about the appropriateness and the constitutionality of some of the programs revealed by Snowden’s leaks? Certainly the courts have found in certain instances that the intelligence community overstepped their authority and I don’t imagine that federal judges are being swayed by Snowden’s supposed demagoguery. Isn’t there room for a rational discussion about privacy and the Fourth Amendment in our response to terrorism without accusing everyone who disagrees with you of being caught up in some kind of frenzy?

        Reply
        1. bud

          Here here Michael. Seems like Snowden did us a service. Isn’t it worth knowing that our government is snooping on us? I find it nothing but hyperbolic fear-mongering to suggest Snowden made the Paris bombings more likely.

          Reply
        2. Brad Warthen Post author

          I certainly don’t mean to offend, but I confess that It’s hard for me to see it as rational. It strikes me as an emotion, one that I do not feel. There’s a fear of government intrusion that goes beyond reason.

          There is an impulse in libertarians that I admit mystifies me.

          So help me to see. Present me with a rational argument, something other than Snowden’s absurd, unsupported hyperbole about how our “surveillance state” is WORSE than Oceania in 1984.

          Where is the evidence that the public has been harmed by any of these NSA programs? For the Snowden position to have merit, it should be easy; the examples of injustice should abound.

          Reply
          1. bud

            We can play this game all day long. You say there are no legitimate constitutional rights infringed by the snooped exposed by Snowden. I say you are fear mongering by invoking all these imagined threats against the safety of Americans. Stalemate.

            Reply
            1. Brad Warthen Post author

              But see, I’m not. I’m talking about rational responses to actual events, actual violence.

              The Snowdenistas talk about imagined infringement of constitutional rights, and have no actual such violations to point to…

              Reply
              1. Michael Bramson

                Well, I think bud makes a good point, though. The odds of you or anyone you know becoming a victim of terrorism are incredibly minuscule, especially here in the Midlands. And the total number of people killed by terrorism in the West is quite small compared to other causes of death that people generally don’t get as worked up about. There are, of course, knock-on effects of terrorism as well, but the impact on your day-to-day life is just as much an emotional response as what you are accusing me of. I don’t think that means either viewpoint is wrong.

                As for actual infringement of rights: in Klayman v. Obama, a district court ruled that the NSA’s bulk collection of phone and Internet metadata is unconstitutional. You may not personally think that that matters, and the case is still under appeal, but claiming that such infringement is “imagined” is clearly false on its face. Some of us do believe that the Fourth Amendment is an important safeguard even if we personally don’t have anything to hide.

                I want to add that I absolutely think that some of these surveillance programs are invaluable to national security, but there are serious questions about much of it that reasonable people might disagree about. If we are to have a healthy democracy, even a representative one, then I think the public has a right to know about what the government is up to, within reasonable limits of the secrecy necessary to perform surveillance. I, and many others, feel that the massive increase in these surveillance programs, established in secret, monitored by secret courts, and pushing the limits of what many consider legal, had cut out the ability of the American people to have a say in how their government is run. If you think that makes me an irrational “Snowdenista,” then I guess there really is no room for constructive debate.

                Reply
                1. Brad Warthen Post author

                  Michael, I entirely respect the way you are approaching the subject. My comments about emotion were about the mass response to Snowden’s security violations.

                  I, too, believe the Fourth Amendment is important. And if I thought the Fourth Amendment were being violated, I might share your concern.

                  Now, I need to take a moment to explain something that I’ve explained here before, but I keep having to address. This line indicates a complete failure to communicate on my part: “The odds of you or anyone you know becoming a victim of terrorism are incredibly minuscule, especially here in the Midlands.”

                  If you think for a moment that it even OCCURS to me that I, personally, might be a victim of terrorism, and would make policy on the basis of that belief, then you’re failing to understand the way I approach public policy, whether we’re talking national security or tax policy or what have you.

                  It does not occur to me to think of policy in terms of how it affects ME. I just don’t look at the world that way, and I tend to have an aversion to people who do — or at least, to their arguments.

                  When it comes to terrorism, I look at what might be a credible threat to other Americans, or to our allies, or to our interests. And I advocate for policies with that in mind. If any Americans anywhere are endangered, we have an obligation to seek ways to minimize that risk.

                  In fact, this may well be why I find it so hard to see the point of view of privacy advocates. I’m about the public; they’re about the private.

                  They react against anything that might hint at even the slightest potential encroachment on what they regard as an ABSOLUTE right to privacy. (A lot of people fail to understand that I would object to the legal assumptions of Roe v. Wade even if it didn’t authorize the horror of abortion on demand. Totally aside from abortion, I regard the discovery of a hitherto unknown absolute right to PRIVACY in the Constitution in the Griswold case that preceded Roe, overriding legitimate public interests, to be outrageous and inimical to good government.) I object when their reaction impedes policies that I believe protect Americans and their interests.

                  I must blame myself if I fail to communicate clearly, but leaping to the conclusion that I am motivated by some personal fear of terrorism misses the fact that my views on the NSA programs arise from my whole worldview, or at least the way I view the role of government…

                  Reply
                2. Brad Warthen Post author

                  Also, I object to the idea that these programs were “established in secret.” They weren’t secret. If we were paying attention, we had a pretty good idea, in general, of what the NSA was doing. And as I wrote years ago here on the blog, I had no problem with it.

                  But the sensationalism of the Snowden story caused a lot of people who were NOT paying attention to sort of halfway pay attention for a change, and we got this huge gut reaction against the hyperbolically named “surveillance state.” Now, instead of having no idea of what the government is doing (through their own fault), millions of people THINK the government is doing things it isn’t doing, and objecting to it.

                  Reply
                  1. Brad Warthen Post author

                    By the way, I’m not asserting that I went on and on about surveillance programs pre-Snowden. But I did mention them once or twice in passing, in order to say that I was fine with them. Here’s one such instance:

                    You see, it doesn’t bother me a bit that the government is engaging in a variation on the classic intelligence-gathering technique of “traffic analysis.” I hope the sweeps are comprehensive enough to work, and help prevent the next 9/11. Ultimately, I think playing defense all the time will fail at some point — all the bad guys have to do is get lucky once. That’s why we need to be on the offensive on their turf, with the ultimate goal of changing the conditions that produce these nut jobs. But in the meantime, analyze phone records all you want….

                    Reply
                3. Michael Bramson

                  (Since we’ve apparently reached the comment nesting limit, I will reply here.)

                  Thank you for clarifying your position, it definitely helps me to understand where you are coming from.

                  I did not mean to suggest that responses to terrorism are solely predicated on a personal fear of being killed. One might argue that the greater impact of terrorism is not the individual lives lost, but rather the terror, i.e. the instilling of a feeling of unease in our everyday lives. I merely wanted to point out that this response is in many ways emotional and is possibly out of proportion compared to the actual events. Obesity, automobile accidents, gun crime, etc. result in the loss of more lives, but for various reasons they do not dominate our national discussion the way that terrorism does (well, maybe the school shootings do). I think that what you rightly point out is hyperbole about Orwellian snooping is similar in that the outrage is on a larger scale than the crime. That is different than saying that a problem does not exist.

                  I think you are probably right in your analysis of the fringe elements of my side of this debate and you are certainly right that some knowledge of these surveillance programs was available prior to Snowden, although I think he revealed a scale that was not previously clear. But that should not bear on what decisions we make as a country about surveillance, encryption, etc. going forward. Clearly you and I disagree on policy here, though.

                  Reply
                  1. Brad Warthen Post author

                    We disagree, but I think we’re both approaching it rationally.

                    And you’re right, of course, that anyone who IS personally fearful of terrorism is reacting emotionally. As is anyone who sees Big Brother everywhere…

                    Reply
          2. Assistant

            Most of the activities Snowden exposed were successful collection operations against foreign entities, the so-called family jewels of methods and targets. That exposure allowed the foreigners to devise means to thwart our collection capabilities, leaving a void that we’ve yet to recover from. That leave the US vulnerable, but that’s apparently difficult for many folks to understand.

            Several abuses within NSA – employees illegally using national assets to collect information on friends and lovers – were exposed at about the same time. These abusers should have been severely punished, but we’ve no info on what action, if any, was taken. That’s a problem. In the old days NSA was like a cloister with great folks doing amazing things quite selflessly. That apparently changed, and that’s a shame.

            Reply
            1. Brad Warthen Post author

              I’m glad you mention those abuses by some NSA employees. Yep, there were some bad actors who used the NSA’s tools for personal purposes.

              Which, of course, has ZERO to do with what we’re talking about. We’re talking about what the GOVERNMENT did, deliberately and as a matter of policy. Not to what individuals did in direct violation of government policy….

              Reply
        3. Assistant

          There certainly is room for a rational discussion about privacy and the Fourth Amendment in our response to terrorism, so let’s have it. How about “if one end of a transmission is located outside US borders, the transmission (whether it’s an email, a cell call, a landline call, or whatever) may be intercepted without a court order”?

          (Here I use the legal definition of “intercept” which is “to record.” That does not necessarily mean that any human or machine reads, listens to, or otherwise attempts to understand the intercept.)

          The externals of the intercept (date, time, duration, location [if known or derived] phone numbers / email addresses / whatevers) may be recorded and stored for later traffic analysis without a court order.

          Reply
  4. Peggy

    Don’t Blame Edward Snowden for Paris Attacks – We can’t rely on intelligence alone to prevent terrorist attacks

    “…But the intelligence blunders began long before Snowden leaked sensitive NSA documents, and trashing constitutionally protected freedoms for a false sense of security is not the answer. …as some of my NSA sources regularly tell me, there’s too much data, from too many sources, flowing way too fast. …”

    http://time.com/4114789/paris-attacks-intelligence/

    Reply
    1. Brad Warthen Post author

      Please name for me a single “constitutionally protected freedom” that has been even mildly impinged upon, much less “trashed.” This is the kind of hyperbole I’m talking about…

      Reply
      1. Assistant

        Most of the Snowden-boosters are concerned about privacy, yet few of them realize that the greater danger is posed not by NSA or CIA, but by the Consumer Financial Protection Bureau (CFPB) set up by Sen. Elizabeth Warren and President Obama with the able assistance of Senator Dodd and Representative Frank.

        From Wikipedia:

        According to Director Richard Cordray, the Bureau’s most pressing concerns are mortgages, credit cards and student loans.[3][4] It was designed to consolidate employees and responsibilities from a number of other federal regulatory bodies, including the Federal Reserve, the Federal Trade Commission, the Federal Deposit Insurance Corporation, the National Credit Union Administration and even the Department of Housing and Urban Development.[5] The bureau is an independent unit located inside and funded by the United States Federal Reserve, with interim affiliation with the U.S. Treasury Department. It writes and enforces rules for financial institutions, examines both bank and non-bank financial institutions, monitors and reports on markets, as well as collects and tracks consumer complaints.[4] Furthermore, as required under Dodd-Frank and outlined in the 2013 CFPB-State Supervisory Coordination Framework, the CFPB works closely with state regulators in coordinating supervision and enforcement activities.

        It is not under Congressional oversight, its potentially unlimited budget comes from the Federal Reserve, and, to perform its mission, it is building a database of financial transactions that includes virtually every citizen and every business in the US. But since the Bamster and Fauxcahontas like it, it’s okay.

        The CFPB is a hotbed of intrigue, racism, sexism, and outrageous overspending. The renovation of its HQ has boomed from $55M to $216M. Its temporary offices are being leased in a building owned by Neil G. Bluhm, a longtime friend and campaign bundler for President Obama. Most importantly, however, is the protection of citizens’ financial data that this corrupt political operation is collecting.

        Hey, I’m familiar with CIA and NSA. CFPB scares me!

        Reply
      2. Peggy

        Paris Attacks Blamed on Strong Cryptography and Edward Snowden
        https://www.schneier.com/blog/archives/2015/11/paris_attacks_b.html

        Mass Surveillance Isn’t the Answer to Fighting Terrorism
        “…In truth, intelligence authorities are still able to do most of what they did before — only now with a little more oversight by the courts and the public. There is no dispute that they and law enforcement agencies should have the necessary powers to detect and stop attacks before they happen. But that does not mean unquestioning acceptance of ineffective and very likely unconstitutional tactics that reduce civil liberties without making the public safer.”
        http://www.nytimes.com/2015/11/18/opinion/mass-surveillance-isnt-the-answer-to-fighting-terrorism.html

        Reply
        1. Brad Warthen Post author

          Ah, yes, The New York Times — which regards Snowden as a national hero.

          No nation that wished to survive would advocate for “a little more oversight by … the public” of intelligence-gathering operations.

          We already had oversight by courts and by Congress. That’s the sensible way to oversee such sensitive operations in a republic. We elect people to do these things…

          Reply
    2. Assistant

      While intelligence has always been plagued by the difficulty of winnowing the volume to uncover the nuggets, it’s also true that there are ways to target specific threats and the French will refine their methods accordingly, whether or not encryption is being used.

      Right now French (and US, UK, German, Russian, Anonymous, and others) are looking for the links and nodes, the tracks and trails that the various ISIS franchisees are using. Some chop shop modified at least one vehicle to carry weapons, ammunition, and explosives covertly. That vehicle is now in the hands of law enforcement, and they’ll exploit that. The very nature of the modifications gives police knowledge of where to look and what to look for. The baddies used GPS to plan their route. Bingo, cameras and sensors of all sorts will be deployed from the Adriatic to the Baltic to the Atlantic. You’ll see lots of cops with portable scales alongside major highways weighing passenger vehicles too. And dogs of all sorts are going to be all over, doing what they do best: sniffing.

      Most of the searches will be fruitless, but some will not. Those are the ones that will count.

      Reply
  5. T.J.

    Brad,

    There is a very good article on Tech Dirt (here: http://tinyurl.com/nhntgnm ) that lays out some good points that failure to stop this attack has nothing to do with encryption. First, the terrorists weren’t encrypting their messages and second, these were known bad actors who had already caught the eye of law enforcement. This is an intelligence community failure and no amount of electronic snooping into encrypted communications would have made a difference.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *