Keys, Immunity, And Valuation

-Submitted by David Drumm (Nal), Guest Blogger

keysThe U.S. government has demanded that internet companies turn over their master encryption keys that are used to secure Web communication. Web encryption is active when an HTTPS appears on the URL. The technique is called SSL, or Secure Sockets Layer. For example, HTTPS encrypts communications only between the browser and Gmail’s servers. With the master keys, decryption of the contents of the intercepted communication is possible. “Strongly encrypted data are virtually unreadable,” according to NSA director Keith Alexander. The internet is fast becoming an encrypted model as more internet companies adopt SSL.

The internet companies are refusing to say if the government has requested their master keys. A Google spokesperson said that Google has “never handed over keys” to the government. A more impressive response came from Richard Lovejoy, a director of the subsidiary FastMail, who said “Our interpretation is that we are prohibited by law from releasing our SSL key. In the event that we received such a request, we would refuse, for both legal and ethical reasons.”

Meanwhile, NSA director Keith Alexander has been working Congress to get them to provide blanket immunity to any internet service that helps the government fight cyberattackers. The concern for civil libertarians is that the immunity would be used to cover the companies violating privacy laws when giving the NSA data. A previous telecom immunity bill, supported in an about-face by then candidate Barack Obama, has left a bad taste in the mouths of many. One source has characterized Alexander’s requests for bill language that’s “as ill-defined as possible.”

Leading the Obama Administration’s charm offensive to convince us to love the surveillance state is John C. Inglis, the deputy director of the NSA. He had grand stories to impress on us that the billions spent spying on Americans are merited. Inglis picked two episodes to highlight the “contributions” provided by NSA programs. In the first case, several men in San Diego were sending money to a Somali terrorist group. In the second case, the NSA discovered that a suspect in a subway bomb plot, who was already under scrutiny, was using a different phone.

In the words of Jed Clampett: “Pitiful … just pitiful.”

A suspect under scrutiny means a suspect under surveillance. There are cheaper ways that spoof a cell phone into thinking it’s talking to a cell tower and collect the phone’s metadata.

Claims regarding the thwarting of 54 terrorist events and the capture of 300 terrorists are often cited to justify the effectiveness of NSA programs. However, these figures are from programs that target noncitizens abroad and have apparently been quite valuable. The success of foreign operations is often conflated with domestic surveillance programs to make it appear that domestic programs provide a valuable contribution. When the domestic program is isolated, as above, its real merit is expectedly dismal.

H/T: Charlie Savage and David E. Sanger,  Declan McCullagh, Kevin Drum, Tony Romm, Mano Singham, Steve M.

48 thoughts on “Keys, Immunity, And Valuation”

  1. “That is reflected on this blawg also.” (lotta)

    Ah, so you have noticed that too.

    Deliberate … wise counsel

  2. Darren and L.K.,

    USGinc. still has no right to mass surveillance of populations, foreign or domestic, even if they actually did thwart 300 terrorist attacks (which I don’t believe for a moment). We cannot let this be their excuse for tearing down the rule of law in multiple nations. We must stand firm, no matter what. The real danger is a govt. untethered to the rule of law. They can and will do anything up to and including torture and murder. We are/will rue the day when we accept the trade off of law for “safety”.

  3. Darren, I’m with you on calling BS on the claims. It did pop into my mind that those 300 terrorists may reflect captures of the number 2 guy(s) in al Qadea this year, we were hot and heavy on catching/killing him for awhile, I think I read we had done it again just a few weeks ago. That is one position I just wouldn’t put in for if a request for application came out. Uh uh, no way. 🙂

    http://www.cnn.com/2013/07/17/world/meast/yemen-al-qaeda-leader-killed

  4. Blouise: “Just be careful.” (lotta)

    “I understand what you are saying but in all actuality, they are the ones breaking the laws and acting recklessly.”
    *****

    Absolutely, I just occasionally think that there are certain folks on this blawg that might need to be very deliberate in what they do. I occasionally worry about that. It’s not about any wrongdoing on the part of the people I ruminate about but specifically the wrongdoing you point out.

    It’s amazing the speed with which the government here and in Britain are moving to consolidate their cyber-power. I think that will escalate in the near term because now that people are being made aware of the measures the government is taking they need to get their ducks in a row before the backlash (if there is an effective backlash) starts to impede their plans. Some people knew some/many things about the surveillance state gearing up for years. (and b**ched about it here and throughout the blawgasphere) but now it’s beginning to trickle throughout the population and political class. I think the government feels pressure to move quickly.

    I found myself on BoingBoing dot com, as I do every day and was struck by the number of stories just today on current efforts to expand surveillance powers. BoingBoing is not a political blawg but they have been focused on this issue and copyright and trademark trolls for quite a while now and their coverage of it has been expanding. That’s the case on a few of the non-political blawgs I visit. It’s a response to what is happening and happening with escalating frequency. That is reflected on this blawg also. It has become extremely political in the last few years. I am amazed at JT’s language choices regarding the government efforts and policies in the last few months. There is something afoot.

  5. Nice article David.

    I called BS also on the claim that over 300 terrorists were captured. Let me guess, 99% of them were in Kandahar. The handfull of terrorists that were captured in the U.S. all made big news. One would think that with 300 if supposedly in the US news of a captured terrorist would have been nearly a daily event. But, I haven’t seen this at all.

    And that 54 events were thwarted. Again, humbug it seems. For some reason I thought of the body count of VC during the Vietnam War where there was widespread reports of those numbers being padded up by field units wanting credit or perks for killing more enemy. I read a couple of times were they counted arms, legs, heads of the same individual as multiple “kills” in one case because a certain quota meant a case of beer back at base. Today I wouldn’t doubt if they found a terrorist with twelve hand-grenades they would claim to have thwarted 12 incidents.

    But, it is becoming increasingly easy to determine when we the citizens are being lied to because these pols and gov’t officials keep on spouting the same lines using the same tactics.

    It’s like when I worked the road for the Sheriff’s Office and pulled someone over on suspicion of DUI. When asked how much they had to drink, many would claim “Two Beers” and 95% of the time they were drunk, but for some reason the Lie Generator in the human brain is hardwired to reply “Two Beers” when asked by a LEO. I think the idea is that they want to claim 1 but it won’t be believed and more than two might look like they are actually drunk. They almost always say beer because it is viewed as being less “sinful” than two shots of whiskey or the hard stuff they were drinking. And in the case of these officials, they don’t say 5 because it sounds minimal and the public might not accept the cost of the spying would be worth the terrorists captured and they don’t want to say 500 because it would be too many, so they concoct 54 to meet it in the middle.

    But it’s just the same jabberwocky as with the drunk and just as unbelievable.

  6. This collusion with ISPs, either forced or “voluntary”, could be devestating to some ISPs in that people might decide to use internet services from a company in a foreign nation that will not submit to the NSA’s demands. Gary is right about the Clipper Chip to be installed on computers. The industry fought that tooth and nail and it never happened. But, I don’t see this kind of fortitude on behalf of ISPs.

    But, unfortunately, many people especially the young, don’t care as much about privacy and want all the bells and whistles the ISPs provide and they don’t want to pay for it, demanding everything be free.

    There are workarounds. First, don’t use an ISP like gmail or facebook. If you really want to protect yourself get a static IP address, register your own domain name, and put your own mail and web server into use. Use the highest encryption possible between your mail client and your server. Of course this only is effective if your recipient or sender is not using one of those sellout ISPs.

    Use anonymous web proxies to do web surfing or search engine access.

    When your computer is not in use, shut it off. Unless you have Wake on LAN enabled in the BIOS of your computer, nobody can access it remotely when it is shut off.

  7. Write your Senators, Write your Congressperson.

    When it comes time to vote in Nov 2014, remember how your Senator/Congressperson responded to your questions about NSA spying. Do not be intimated by rantings about the Green, Libertarian, Constitution, Pink, or Purple party. Give someone else a chance to screw up the country. The Rs and Ds sure are doing a dandy job.

  8. Lies by the government make us less safe not more. It is hard to believe anything they say. As a result, I immediately wonder what strategy goal any statement they issue is furthering.

  9. Metadata, Metadata, we got the Shaft!

    Do you notice how people employ the word data? Many employ the word like they are in some club — like their itShay don’t stink.
    Why not say that “We are collecting information on rats”, for example. No, they like to say apCray like: The data indicates that bla bla…

    Now the government is mushing all this spying by referring to it as Metadata collection– so that they can get terrorists. Yeah, right. And, they want to keep the conversation in the old time context of telephone calls. “We don’t listen in on telephone calls without a warrant” they say. The gloss over the fact that they read all of your emails. I am meeting the Muslim Brotherhood tonight with Dick Cheney to hire some spies for Iran. That ought to ruffle some metadata feathers. Magic buzz words.
    Xtra, Xtra, read all about it!

  10. the dictators always go for the radio and tv stations and the press. its the first thing they want to get control of.

    The internet is way bigger than that as it allows citizens to communicate with each other directly without a filter.

    If this is about Islamic terror plots, they should let us know how bad it is. Why shouldnt we know? Maybe because we would finally see how ineffective the war on terror was/is?

  11. Mike S., Please tell me that you edited your last comment… 😉 I thought that I saw that magic number “54”….

    ————

    “Senator Leahy Calls Bulls**t On Claim That Metadata Collection Stopped Terrorist Attacks”

    from the good-for-him dept

    http://www.techdirt.com/articles/20130731/11295424020/senator-leahy-calls-bullst-claim-that-metadata-collection-stopped-any-terrorist-attacks.shtml

    “One of the key claims that defenders of the NSA bulk data collection keep making is that the program was necessary to stop various terrorist “events” (note the careful choice of the word “events” rather than “attacks”). In fact, last week in arguing against the Amash Amendment, Rep. Mike Rogers directly claimed that “54 times this and the other program stopped and thwarted terrorist attacks.” Of course, as we pointed out, he carefully added the “and the other program” to make it seem like the bulk data collection program being debated was necessary. Amazingly, that claim of 54 terrorist “events” is significantly more than what intelligence officials have claimed. They say it’s more like 13. Yet, yesterday, Senators Ron Wyden and Mark Udall both said that there was no evidence to support this, and at this morning’s Senate Judiciary Committee hearings about the surveillance program, Senator Patrick Leahy was fairly direct in making it clear that what Rogers claimed last week was completely bogus:

    “If this program is not effective, it has to end,” Leahy said, noting that a classified list of uses of the phone record program “does not reflect dozens or even several terrorist plots that Section 215 helped thwart or prevent, let alone 54 as some have suggested.”

    Perhaps Rep. Mike Rogers’ staffers — rather than threatening me with bogus defamation claims — should focus on having their own boss not mislead Congress and the American public. Wouldn’t that be nice?

    Much of the rest of the hearing suggested, yet again, that Congress simply doesn’t believe intelligence officials and the administration (and the dwindling number of defenders of this surveillance) any more, as multiple Senators discussed introducing bills to limit the surveillance, and noted various problems with the programs.

    Sen. Jeff Flake, R-Ariz., raised the prospect of creating an independent counsel to consider surveillance requests presented to the secret Foreign Intelligence Surveillance Court to guard against potential privacy violations.

    “Don’t you think we have left the state relevance?” Sen. Mike Lee, R-Utah, asked, suggesting that the mass records collection was too large to be an effective counter-terrorism tool.

    “How can one get one’s mind around the concept (of) that amount of data?” Lee said.

    Said Sen. Richard Blumenthal, D-Conn.: “It appears this system is failing in maintaining the trust and credibility of the American people.”

    [….]

    “When you look at the reach of this (phone record collection) program, it envelopes a substantial number of Americans,” said Sen. Richard Durbin, D-Ill. “It seems to me that what is being described as a very narrow program is a very broad program.”

    “There are going to be some proposals for changes to the law,” Leahy said.

    Intelligence officials tried to defend the program, but it didn’t seem to win many people over. There was lots of talk of “connecting the dots” and “finding needles in haystacks,” but considering the lack of evidence that the program actually helps with either of those things, they didn’t make a very convincing case. Of course, the best response to all of this came, sarcastically, from Julian Sanchez’s commentary on the hearings:

    The only people who spend THIS much time “looking for needles” are addicts…

    So true. Time to get intelligence officials into rehab.”

  12. “Just be careful.” (lotta)

    I understand what you are saying but in all actuality, they are the ones breaking the laws and acting recklessly. The boss tells them to do something and they do it. Then, all of a sudden, that something turns out to be illegal and the boss disappears leaving them holding the bag. Ask the CIA torture dudes, ask Haldeman, Ehrlichman, and Dean … then really ask Scooter Libby.

    That’s what’s going on right now… the bosses are looking for a hidey hole and the underlings are panicking … as well they should.

    There’s only room for one Snowden … the rest of them are twisting in the wind.

  13. “To add–there is no reason to believe claims about foreign threats.”

    Jill is correct. The “foreign threats” are the bogeyman used to insure great power and more funding for the intelligence services. This is a situation akin to the use of the movie “reefer madness” in the 30’s to begin the initial “War on Drugs” by banning marijuana. Yes 9/11 was a horror, but it doesn’t justify trampling our individual rights in order to protect us from future threats. This isn’t about “National Security” it is about people padding their income, insuring their jobs and deriving greater power. This is the equivalent of saying BOO! to America. Good job David.

  14. Someone should remind the schmucks in government that there was The Judges Trial at the Nuremberg War Trials. Government officials and judges who leaned over and let the rest of us Germans and others get uttBay uckFayed by the Nazis were put on trial. Right now the Germans are pretty made at Obamba and his crew for spying on them. Perhaps that center of Justice in Nuremberg can be opened up. In the meantime if you want to confuse the igPays then intPray your ordWays in Pig Latin when on the internet. If it can get by WordPress it can confuse the likes of Cheney, idenBay, bumboBay, and Lee Atwater.

    1. Someone should remind the schmucks in government that there was The Judges Trial at the Nuremberg War Trials.

      I think they know. I don’t think they care. I don’t think they have a thing to worry about.
      Wasn’t it just a few weeks ago that the Italian Gov had convicted some CIA agents who had done some nasty bit of rendition and other such soft words denoting horror level doings – on the behalf of a grateful nation… or was it just Baby Bush and his sidekick Cheney? — who was detained in Panama, but nicked by the US before the Italians could get him deported?

      We want Snowden (though it is a marvel at how angry people can get over the man, and pay little attn to the facts of the case), other countries, like Italy, want some of our people. Countries in S.America want known terrorists that are now comfortably harbored here in the US.

      We feel justified in thrashing the world with our displeasure, violating all and any norms to get our way, while we slyly demur to attend to any other nations actual wounds and grievances.

      No. It will be some time way into the future before our war criminals have any Nuremberg like trials to be concerned about.
      Our murderers walk free. As long as they murder for the good of the nation. Buy by whose reckoning?

  15. And how safe from prying eyes are our medical/mental health records, now that it is mandated that all records be “electronic?”

  16. @James @Paul
    Re activism: What are some practical ideas/steps that can be taken that would be effective? At least more effective than clicking web petitions?

  17. Blouise, Jill and the others here that DO things: march, take unpopular cases, work with the unpopular causes and organizations. be careful out there. It used to be just an FBI file, we could afford to give the picture takers a big smile and mouth a ‘F*ck you’ to the camera. I’m worried about all the new tools to they have. Just be careful.

Comments are closed.