omnibus PRISM/NSA/free Edward Snowden/encryption tutorial thread

http://nymag.com/daily/intelligencer/2015/12/consorting-with-foreign-government-a-scandal-too.html

There's a lot we don't know beneath The Wall Street Journal's report today that the National Security Agency picked up intelligence on meetings with U.S. members of Congress and domestic political groups while spying on the Israeli government after credible reports (subsequently validated by the surveillance) that the Israelis were collecting and leaking intelligence on the sensitive U.S.-Iran nuclear talks.

The story has many dimensions. But, so far, virtually all of the reaction involves two questions: (1) Should the U.S. be spying on our ally Israel? (This was raised immediately if cautiously by Marco Rubio, who's in a bit of a quandary because he's normally a fan of surveillance.) And (2) should the Executive branch be spying, even incidentally, on the Legislative branch? (Former House Intelligence Committee chairman Peter Hoekstra called for an investigation of this possibility and for indictments if it turned out to be true.) These are both important and complex issues. But there should be a third question raised as well: Should members of Congress be consorting with agents of a foreign government to thwart U.S. diplomacy?

who's zoomin' who?

eh. obv i am a biased commentator here but ultimately isn't he arguing that congress should not meet w/ foreign leaders when they disagree w/ the president's policy? that means that, eg, mccain should not have had a relationship w/ saakashvili's gov during the time that he was advising a US military response to Russia encroachment on Georgia while Bush's policy was not military? like do we really believe that there's no place for members of congress to a) 'consort' with foreign leaders and b) disagree w/ the POTUS at the same time? seems both impossible + undesirable and really only an issue here bc a) omg israel and b) don't look but the WH just spied on congress.

like do we really believe that there's no place for members of congress to a) 'consort' with foreign leaders

Dems have gotten grief for this too, from Pelosi on back through the Reagan years, on issues from Central America to Iran...

Here the Republicans were arguably trying to undermine ongoing treaty negotiations and not just disagreeing with the President, Commander in Chief...I think Kilgore is arguing that there's no place for members of Congress to do that.

i agree that both parties have done this over the years - it seems like a consequence of how we've split foreign affairs power between the executive and legislative branches and probably a bit silly to bemoan. until it's illegal for congress to try to undermine the executive branch's diplomacy this kind of thing will continue to happen - esp when the branches are split by party.

http://articles.philly.com/1987-11-13/news/26175480_1_house-speaker-jim-wright-wright-and-ortega-wright-ortega

http://csrc.nist.gov/publications/drafts/nistir-8105/nistir_8105_draft.pdf

which one is you

This certainly confirms the hunches many people had about the NSA's announcement that it was abandoning ECC.

That's got to be a historically short lifespan for a technique - has anything else in the history of secret codes been brought into wide application and then rendered essentially useless within a little over a decade? I mean this is a projection, not a guarantee that quantum computing has been advanced enough to consistently and affordably crack everything, but one assumes NIST and their colleagues across the way have a pretty good handle on where stuff is going to be in the next few years.

I guess there were several systems introduced just prior to or during WW2 that became completely obsolete shortly thereafter.

Recently, some experiments using ion traps and superconducting circuits have demonstrated universal sets of quantum gates that are nominally below the highest theoretical fault-tolerance thresholds (around 1%) [9, 10]. This is a significant milestone, which has spurred increased investment from both government and industry. However, it is clear that substantial long-term efforts are needed to move from present day laboratory demonstrations involving one to ten qubits up to large-scale quantum computers involving thousands of logical qubits encoded in perhaps hundreds of thousands of physical qubits.

Note lack of even a ballpark guess as to how many years "substantial long-term efforts" will actually take. Yeesh.

When standards for quantum-resistant public key cryptography become available, NIST will reassess the imminence of the threat of quantum computers to existing standards, and may decide to deprecate or withdraw the affected standards thereafter as a result. Agencies should therefore be prepared to transition away from these algorithms as early as 10 years from now. As the replacements for currently standardized public-key algorithms are not yet ready, a focus on maintaining crypto agility is imperative.

Please be prepared to completely ditch all implementations of ECC and RSA in a hot minute. Lol, mobile.

I think a cancer therapy based on Crispr will be approved by the FDA before a high-scale quantum computer breaks an RSA key. Like that's the side of that bet I would take.

Apparently most of the world agrees with you because I haven't heard of any VC cash being thrown around at quantum-resistant crypto startups, like, at all

https://www.documentcloud.org/documents/2702948-Problem-Book-Redacted.html#document/p1

AUSCANNZUKUS is still my favorite all-caps word ever. I love that my phone knows it.

so there's this:

Robert Cattanach, a cybersecurity attorney and former Department of Justice special counsel to the secretary of the Navy, said the government's request leaves Apple in a difficult position as the company is now thrust into the center of the battle to balance privacy needs against counterterrorism efforts.

"The FBI's request to a U.S. Magistrate for an order requiring Apple to disable the auto-wipe feature after 10 unsuccessful attempts represents the next step in the journey to find the holy grail of back door unencryption, and the next salvo in the ever-escalating battle between law enforcement and tech companies," Cattanach said.

http://www.latimes.com/local/lanow/la-me-ln-apple-san-bernardino-security-20160217-story.html

@Snowden 6h6 hours ago
This is the most important tech case in a decade. Silence means @google picked a side, but it's not the public's.

Will be interesting to see how this plays out.

‏@ggreenwald
Claim Apple is doing this "only" for PR benefit is bizarre: PR in refusing FBI's demand to open phone of Muslim who mass-murdered Americans?

i wonder how awkward the pro-Apple chants will be here

Rally in New York, NY!
Apple is right. No government backdoor in our iPhones!
Tuesday February 23 2016 • 5:30 pm
Apple Store • 767 5th Avenue @60th Street

well, dayum, some guvmint lies don't last very long, now do they?

http://www.npr.org/sections/thetwo-way/2016/02/24/467943526/apple-has-gotten-federal-orders-to-unlock-at-least-13-devices

And in Noo Yawk, Cy Vance and Bill Bratton called a press conference to mention that they have 175 devices they want to unlock!

http://www.wired.com/2016/03/government-error-just-revealed-snowden-target-lavabit-case/

I'm surprised nobody on this thread ever brought up Signal. https://whispersystems.org/

Jonathan Ździarski
‏@JZdziarski
It took just over a month after FBI testified under oath that they couldn’t access a locked iPhone… to access a locked iPhone.

Edward Snowden
@Snowden
Remember when government officials used to lose their jobs for false testimony? First Clapper, now Comey.

@markknoller
On @HillaryClinton handling of e-mail, "there's classified and there's classified," says Pres Obama.

@Snowden
If only I had known.

well well

http://edition.cnn.com/2016/05/30/politics/axe-files-axelrod-eric-holder/index.html

yeah that's a pretty reasonable middle-of-the-road stance that pretty much any of us would take

once we're out of the Cabinet.

There is a certain degree of self-censorship that takes place when you're working in the organs of the institution, just like any job.

Yep, that's why I hate all these people. And the employed.

http://i.imgur.com/R8FyeTU.jpg

Edward Snowden
‏@Snowden

How Washington works: The day before a movie premieres about them violating everyone's rights, they meet in secret.

https://theintercept.com/2016/09/12/house-intelligence-committee-to-discuss-classified-report-on-snowden-ahead-of-movie-launch/

http://arstechnica.com/tech-policy/2016/09/op-ed-why-president-obama-wont-and-shouldnt-pardon-snowden/

https://theintercept.com/2016/09/18/washpost-makes-history-first-paper-to-call-for-prosecution-of-its-own-source-after-accepting-pulitzer/

x-post- Jack Goldsmith, who wrote the arstechnica.com opinion piece, is at the right-wing Hoover Institute and was an assistant AG in the Bush admin.

yes, hence E.S. shouldn't "expect a pardon" from the executive opposition in a war.

gah fuck the post

The mismatch between Fred Hiatt's ed board stances and the tenor of WaPo's reporting has always been and continues to be baffling and infuriating.

Anything on the arguments in the Ars op-ed, or just "fuck that guy?"

None of you actually see the problems with the "pardon Snowden" idea, do you.

no, i do, encouraging similar thefts?

burn baby burn

also, fuck that guy

in any case, there won't be a pardon

None of you actually see the problems with the "pardon Snowden" idea, do you.

not really. feel free to make a case for there being the problems rather than just saying they are there.

This is IMHO the important part of the op-ed that I linked to:

Another reason why Snowden won’t and shouldn’t be pardoned for his actions is that doing so would have a demoralizing effect on the thousands of intelligence community personnel who devote (and in some cases risk) their lives to US national security, who follow the rules laid down by Congress and the president, whose work was diminished, and whose jobs were made much harder as a result of Snowden’s non-US related disclosures. I disagree with Tim that “a pardon sets no precedent and so creates no incentives.”

Pardoning the perpetrator of the most damaging leak by far in American history would send a clear signal of approval for what Snowden did and a clear signal about a lack of seriousness on the part of the government about its truly most important secrets. Those signals would affect the attitude of everyone in the intelligence community about the value of our most important secrets and would have a terrible impact on the government’s already-difficult ability to keep such secrets. In saying this, I do not detract from the importance of the greater transparency that Snowden brought to the intelligence community. That community was self-defeatingly secretive and insular and terrible at explaining what it was doing and why. But to say that it needed to open up a great deal, especially about the extent of and legal bases of its domestic operations, is not to say the government should countenance disclosure of details about its lawful electronic intelligence operations abroad against non-US citizens, which is what the pardon Snowden seeks would do.

And I don't really care much about "demoralizing" people in the IC, but the pardon sends a ludicrous message that all your NDAs are null and void immediately, which is a simultaneously silly and horrible stance for any state to take.

seems like it boils down to it makes the intelligence community look bad cos they failed to do their job and they are too big to fail

uh okay sure

the pardon sends a ludicrous message that all your NDAs are null and void immediately, which is a simultaneously silly and horrible stance for any state to take

Seriously? Wouldn't there be some way around this sort of thing, administratively, legally?

But to say that it needed to open up a great deal, especially about the extent of and legal bases of its domestic operations, is not to say the government should countenance disclosure of details about its lawful electronic intelligence operations abroad against non-US citizens, which is what the pardon Snowden seeks would do.

I thought that the cost-benefit ratio of that whole "loss of civil liberties / invasion of privacy / absence of public accountability / operating in secrecy / violating the Constitution" thing vs. "actual effectiveness in prosecuting the War on Terror and preventing terrist attacks and so on" was rather lopsided, myself.

From the comments on the Ars article, this seems more persuasive to me:

Pardon is the wrong debate. Pardoning someone without a trial is hot bullshit. That is a way to cover up the truth, not to render justice. It was true of Richard Nixon, and it would be true of Edward Snowden. There is a reason why Justice Department guidelines oppose granting pardons this way.

Snowden's trial should be public, before a jury of his peers. The US government just wants to do a Chelsea Manning on Snowden, and that is some even hotter bullshit.

Persuasive how? "Everything is bullshit" oh good to know

good to remember

Here's the argument that Goldsmith was countering: http://arstechnica.com/tech-policy/2016/09/op-ed-why-obama-should-pardon-edward-snowden/

Key part:

If Snowden returned to the United States today, of course, he would have to stand trial for disclosing classification communications intelligence, among other serious crimes. This will never happen. Snowden’s lawyers know he would likely be convicted and would face a lengthy prison term. Under federal sentencing guidelines, an offender with no criminal history who is convicted of disclosing “Top Secret” communications information under 18 U.S.C. § 793(d) faces a prison term in the range of 168-210 months, or 14 to 17.5 years. See U.S.S.G.M. § 2M3.2. Snowden might face a considerably longer sentence if convicted of additional charges, or as a result of sentencing enhancements. Naturally, Snowden prefers to stay abroad.

The law does not allow the public interest defense that Snowden says he wants, nor should it. Permitting such a defense would encourage copycats. A Snowden wannabe might hope his lawyer could convince a credulous jury that his leaks also had some positive outcome, even if the benefits were scant. The Snowden disclosures were a unique watershed event, resulting in historic reforms. It is highly unlikely a future leak of classified surveillance information would produce such positive change.

While Snowden might be enticed to return if offered a favorable plea agreement, negotiating such a deal would create poor incentives. One idea, favored by the top lawyer for the intelligence community, was for Snowden to plead guilty to a single felony charge and serve three to five years in exchange for his help undoing the damage he caused. Through his lawyer, Snowden has said he would never plead guilty to a felony. If a plea deal was ever really on the table, Snowden has less to offer every day, as the information he leaked becomes stale and the intelligence community moves on. In any event, the Justice Department rightly objects to negotiating plea agreements with fugitives, to avoid giving those who flee prosecution an advantage over those that do not.

In short, the argument for giving Snowden a pardon rests solidly on a foundation of "he's special, none of the rules apply."