Write me down a mule
Not wise, but it seems a bit much for the intelligence agencies to beef about someone else's security discipline.
Journalists and their associates involved in the Edward Snowden NSA leaks affair followed almost unbelievably poor security practices while handling top-secret government files, according to a statement made in court by a British official today. The hearing was looking into the case of David Miranda, the partner of journalist …
"After forcing down the plane of a head of state over Europe....." Sorry to correct your hysterical shrieking but no such event happened. The Bolivian aircraft was merely refused permission to cross airspace, then was requested to submit to a passenger check. The Bolivians could have refused and returned to Russia but needed to refuel, but no-one was "forced down". Please do try to keep at least one foot in reality whilst bleating.
"So if say Canada merely refused permission for any flights to the US to enter it's airspace....." Yes, Canada has complete sovereinty of its airspace so it is within the rights of the Canadian government to close their airpsace to US flights. But diplomaticy they would need to supply a reason for doing so. In the case of Morale's aircraft, it was because he was suspected of transporting a person not on the passenger manifest, which is in breach of the Chicago Convention. Rather than go for a request for a search, France and Spain seem to have taken the slightly less diplomaticly upsetting refusal for overflight, as is their right. Austria simply added the request that if the Bolivian aircraft landed to refuel then the Austrians would exercise their right to check the manifest against the actual people on the aircraft. Morales could have refused and returned to Russia but decided to accept the Austrian request.
"....it seems a bit much for the intelligence agencies to beef about someone else's security discipline." Actually, the files in question seem to have come from Snowden, and he was a contract employee of the NSA, not GCHQ, so a Yank security problem, thank you.
Still, given what's going on, one imagines that they will learn from their mistakes quite quickly; maybe the guardian should invest in hiring an amazingly paranoid InfoSec adviser.
Still, given that these documents are almost certainly the contents of the latest wiki leaks insurance file, the possibility remains open that all of the information will be released to the public sooner or later no matter what they do - intimidation and accusations of criminality only increase the likelihood of this happening more quickly, as would any attempt to extradite/render Snowden or anyone connected with him against their will.
They apparently didn't learn anything from the last time. It was a Guardian journalist who published the password to 250,000 unredacted US government cables.
Admittedly he didn't know the password for his file would unlock the "insurance" file, and WikiLeaks are at fault for reusing passwords (another basic fail), but he shouldn't have published the password anyway. Just knowing the general form that WikiLeaks uses (eg, that it contained a date in verbose format), would help someone trying to crack other WikiLeaks files. (See http://www.wikileaks.org/Guardian-journalist-negligently.html.)
Whether this justifies the interference with the press is another matter.
".....Whether this justifies the interference with the press is another matter." Whilst you're right about both the Guardian journos and Dickileaks making far too many assumptions around security (and it the Guardian's case seemingly pretty uninformed about simple tech like zipped files), I would have to point out that Mr Miranda was not a Guardian employee nor a registered journalist, so no "interference with the press" took place.
Well, I suppose those thumb drives now have whatever the government says was on those thumb drives. However, since Snowden primarily leaked NSA documents, you can paint me sceptical.
My spider senses are telling me there's a stitch up in progress. Perhaps someone in the Westminster regime wants the Graun bringing to heel (or simply made to be history).
Anon, because I just know the honourable peeps at El Reg can be trusted not to leak my identify.
" "highly classified UK intelligence documents"."
This is the bit that's really confusing me. The Uk Gov keep going on about how Snowden has all these top security uk documents, but didn't he just dump a large part of the NSA database?
At what point did he access UK GCHQ servers?
This all smells to high heaven, and I personally think that the uk spooks just wanted to know what the US spooks knew about them (they don't tell each other *everything* obviously).
As a bonus they get loads of US-centric stuff too to boost their own intel. All the while they are dressing this up as some kind of crime by Snowden against the UK. They haven't said that exactly, but that seems to be the impression they are trying to portray.
The UK and US (and Canada, Australia and New Zealand) have long-standing arrangements to share much* of their intelligence information. So it's perfectly possible that NSA databases would contain sensitive UK material.
* Not everything, of course, material may be marked as NOFORN (at least, in the US where they're public about their security classification) - often stuff that says rude things about partner governments or intelligence services :)
Correct. In brief, when Margaret Thatcher wanted a couple of her senior ministers checked out for suspect associations, she passed the job on to either the Americans or the Canadians. I think the latter, but can't be sure. Dammit, I have to say it; Echelon is one of the facilities at work here, but no one seems to worry about it.
Oh that's better. Almost as good as a man dump. Now for a post work shower.
"Perhaps someone in the Westminster regime wants the Graun bringing to heel (or simply made to be history)."
One can live in hope that its forced out of existence ASAP. Its a hopless comic for communists with all the journalistic integrity of a teenage girls blog. I'm constantly amazed that its readers don't comprehend its being the left wing Dail Mail.
Not only that, but a general scan of the comments here indicate electric-Pavlovian-knee-jerk supportive comments of each other, all trying to be witty [while remaining ....generally unwitting...gotcha!..]
It's my guess that they're all quite young and have never had any real hands-on responsibility for much of anything.
When was the last time they posted pics of their genitals on the Internet?
Kiddies! Share your awesomeness! Here!
Mo'! Commenters! Are! Standin'! By!
"Perhaps someone in the Westminster regime wants the Graun bringing to heel (or simply made to be history)."
Sadly given its recent financial performance and insistence on throwing more and more money at the loss making online edition it may well do this to itself.
Well they did say the password unlocked a portion of the documents. Quite possible there was a hidden partition with the remaining docs locked away still. Miranda wouldn't even need to be aware of it. In his knowledge he gave them the password to the information.
Given that if you must hand over passwords when requested under threat of immediate imprisonment, (and possibly Gitmo if they think what you are hiding is dangerous enough) and that covers ANY password on any device you have or own. I think I might take precautions against forgetting the odd password.
I wonder why they even need a mule. There are so many places that documents can be dumped, and if they were signed and encrypted, then the recipient could be sure they had not been read or tampered with.
And even if they did use a mule they should give the mule the passphrase. And if they had to give him a passphrase, it should be to a shadow file which contains plausibly sensitive but harmless information while keeping the real data safe.
"It will not escape Reg readers' consideration that while the Guardian's security may have been poor, it was the US and UK governments' security regimes which allowed the information to escape in the first place."
Bingo. And unlike some mule and friend/partner of a newspaper journalist, the people surrounding the initial leaks are professionals in data security. Or supposed to be anyway.
On top of that it's foolish to believe that the some 58,000 documents do not exist anywhere else. And they certainly have never been stored on the graphics card in the picture published by the Guardian re destruction of data....
Assuming that digital data is gone once destroyed/seized is mid-20th century logic.
Seriously, who are the governments and authorities trying to fool.... their own "actors" (aka officials, MPs and up)?
They collared the guy before knowing anything about what he was carrying or how well protected it was. 9 hours being interrogated by spooks was going to cough a password either way, whether it had been written down or not.
If it had been written down and the password was immediately available, why the need to hold him for 9 hours?
I think it looks like a targeted arrest, I don't believe they should have used anti-terror laws, but it does appear that Miranda had a whole load of classified documents. It doesn't matter if other people have them as well, he had them. I'm only surprised that he was allowed to proceed as he was obviously being used as a courier for classified information.
In other comments: Who the hell sends their partner with classified material through an airport, they must have realised that the Police would want to have a chat with him as he'd be a prime suspect.
>Who the hell sends their partner with classified material through an airport
Someone trying to bait the powers that be into doing something pointless and dumb. It has been heavily speculated on Schneier's blog comments section that this was indeed the case, what with Greenwald releasing a little info, the spies scrambling to 'explain', Greenwald then shows how the 'explanation' is false with more evidence, cycle repeats.
Classic trolling, just give them more rope, they will invariably tie a noose. Hopefully if they get enough rope the head will just pop off when the trap door opens.
And I've probably capitulated in the circumstances.
But if I'd have been the mule, as would anyone with any sense, I'd have isolated myself from the encryption and password process then I could genuinely claim that I wasn't lying. What's more, I could even give particulars and they'd be little the wiser and no closer to the docs.
...And why didn't he (or others) send the stuff electronically beforehand (so there was nothing to intercept)? Also, why did he go via the U.K. anyway?
Essentially, Miranda is a fool or awfully naive.
If Miranda is not a fool then perhaps we're all being fed a fairytale and actual events are quite different.
"The whole not knowing the encryption key thing doesn't help you if the security services believe otherwise...." Indeed, the law states you have to provide the key, and is not conditional that you are the originator or that you know it yourself, so if the encryption has been done by others you still have to convince those others to hand over the key or suffer the consequences yourself.
"....there have been many martyrs throughout history....." Que? If you seriously believe Greenwald and co have any interest in martyrdom then I have some prime Florida river-side real estate to sell you! Greenwald's motivations are a lot more basic and monetary.
".....The fact remains that the security services are still left without the key....." So what? The prime aim is to stop the transfer of secret docs, so locking up all the people involved goes a long way towards that. It's also a powerful disincentive to others. You are forgetting that the NSA and GCHQ already know what's in the docs since they are their docs, what they want is to track down and arrest the people involved in stealing and distributing said docs. Tracking coms between them tells them all they need to know (conspirators' identities) without the need to decrypt docs. Once they then arrest (or stop under Schedule 7) a conspirator they can root through hiis or her data at their leisure. The ability to decrypt even a little of the docs for court evidence is a bonus, otherwise the authorities will settle for sending them to prison for several years at a time in repeat cycles until they do give up any keys. I bet the FBI are quite jealous of the UK police powers.
".....Even torture won't help them (expect to make them feel better of course)." Why do they need to torture anyone? It's kinda hard to be "an international journalist/film-maker/toyboy, tirelessly fighting the fight for the right" when you're locked up at HMG's pleasure.
1. Generate public-private key pair.
2. Write down the public key and take it to Germany. Or put it on a web site. Whatever.
3. Encrypt the data using the public key.
4. Transfer the data to the thumb drive.
5. Carry the thumb drive back to Brazil.
6. Get held at Heathrow but don't disclose the decryption key because YOU DON'T HAVE IT.
I had a similar thought. Sending both the encrypted files along the same route as the decryption key was a bad choice.
It would have been trivial to use the regular postal mail to send the thumb drive to the guardian. It would have also be trivial to send the decryption key that way. Neither of which would have been jacked with.
OR you could have sent 2 reporters in. One to get the decryption key and another to get the drive.
The reporters on this are showing that they still have no clue what security is.
From what I understand, UK has laws that give you a choice between jail and handing over the password. All of these fancy measures of not carrying the private key or sending the key and data with different reporters doesn't get around this.
The reporters may well not understand security, or maybe the revealed password was just the decoy volume of a hidden truecrypt operating system (see http://www.truecrypt.org/docs/hidden-volume). The mule need not even have known about this; one or two believable files in the outer volume that would explain the need for its encryption.
... and this way they get to post about the day their office got trashed.
Mine's the one with the mobile phone that definitely doesn't have a micro SD card inside it where these files could have been hidden had they not wanted this trouble.
I'd love to believe that this is just HMG trying to do a snowjob(*) on Miranda, Rushbridger et al, or that the journo's are working a sophisticated sting against the spooks; but, to be honest, it really does seem that the Graun and its fellow travellers are a bunch of incompetent innocents who aren't fit to be allowed near an abacus, let alone a sensitive computer system.
These documents would probably have been a lot more secure if Rushbridger and his crew had simply communicated with each other, carefully, via PGP/GPG encrypted emails.
It reminds me of that sniffy comment by Gandalf in LOTR about his exaggerated fear of Sauron vs. his overoptimistic faith in the Innkeeper Butterbur...
(*) well, they are anyway, but I simply can't stack up the comments by the Graun, Miranda and others and still assume that they are in any way competent.
To be generous to them: They could have encrypted the drive because they didn't want joe public to come across the information and let it leak onto the internet that way. That said, even if they believed the security services could decrypt the data, surely they were under the impression that the security services knew they had it anyway. More to this, even if they were just trying to keep Joe public away from the unredacted data - Why did they write down the key and sent it on the same flight? I'm not sure I understand any of the reasoning in this piss-poor example of IT security.
...in a library...
1. I want to get a copy of secret files out of UK reach
2. I make up up a shiney-shiney, a distraction, a bauble to attract the eye of spooks
3. I "hide" the real files among the shiney-shiney (encrypted differently).
4. I let it fall into the hands of GCHQ/NSA
5. Spooks are satisfied, but they don't know that the real thing has passed them by.
If you are going to Brazil from Germany, there are surely direct flights - if not, you go via Schiphol, not Heathrow. The only reason to go via Heathrow is to wave the shiney-shiney under the noses of the spooks.
The classic example of this is the Cullinan diamond. A big fanfair was made of it being transported by ship from South Africa to England. It was to be locked in the captain's safe and under constant guard for its entire journey. The safe only contained a fake and was a diversion - the real diamond had been sent as registered post with the rest of the mail.
You're not thinking like a journalist thinks.
They'll fly Heathrow cos they always fly Heathrow or because they have a regular flyer bonus or are collecting air miles.
They don't think like a character from a thriller normally, though one or two have written thrillers.
Why bother doing that? You could have a 128Gb drive full of stupid vacation photos, encrypt the files, and then use a steganography utility to hide the files in the vacation pics. Plod grabs device, looks, and only sees stupid vacation snaps. Lo and behold, plod is satisfied. You want their attention? Have a bunch of obviously encrypted files.
But yeah, we are talking about journalists here who might as well have not bothered with encryption at all. Usually it's hard enough to get them to get the facts straight, let alone follow any reasonable protocol for handling data.
To expand on what this government representative actually claimed in his submission, quoted in the BBC news item:
"[a] piece of paper containing basic instructions for accessing some data, together with a piece of paper that included the password for decrypting one of the encrypted files on the external hard drive".
ONE of the files?
Could it be that the file which Miranda had instructions on how to open contained contact information for a lawyer to assist if detained or even Rusbridger's phone number?
The government stooge also said that "many of the files were encrypted". So what was so damaging in the unencrypted files that their contents haven't been leaked by the government? His shopping list perhaps?
Who cares? The "secrets" weren't secret any longer.
The only point of security regarding this now-not-secret information might be its commercial value as news material to The Guardian and/or the involved journalists, and what they do or don't do to protect that is entirely up to them.
He is transiting through the UK with stuff and he knows that under RIPA he will go to jail if he doesnt give up the passwords so he brings a handy one with him to decrypt something.
Included in that data was the information that magically made its way to the independent newspaper.
Set a trap to catch a rat and it worked very well.
So , why does the UK feel that NSA documents have anything to do with them anyway, surely they didn't look at them then told the NSA they'd been destroyed?
Let alone the fact repeating these comments just goes to show they even admit they didn't have any concerns about Miranda being a terrorist, so should have used the correct laws.
Thumbdrives? Yeah those are sure to go unnoticed<snark>.
From day one of the Miranda drama, my question has been: where were the MicroSD card(s) hidden? Even a quick scan of TrueCrypt's own doc on plausible deniability reads like a script that Miranda executed fairly well.
Did the spooks strip his luggage down to the metal frame to discover the aluminum foil wrapped MicroSD card(s) that the xray scanner missed?
"Metropolitan Police Service Counter Terrorism Command is now carrying out a criminal investigation, which is at an early stage."
Fascinating. Against whom might they be preparing this (possible) case ? Against the heads of NSA and GCHQ for crininal negligence ? For breaches of the Official Secrets Acts ? For aiding and comforting terrorists ?
Or are they working on behalf of Data Protection Commissioner, preparing a case under the Data Protection Laws ?
"Here's the encrypted files. Here's the password for the files. Here's some instructions on how to use the password."
Does seem a bit weird. Either incredibly stupid or incredibly clever.
Scenario 1. The real shit's just a big encrypted file, uploaded to the cloud, and all that needs to be muled is the password. Decoy Dave is sent to look all nervous with a bagful of hard disks, the password, and, in case the police are extra slow, some instructions on how to open it.
Scenario 2. Snowden's been offered assylum, so he washes his hands of the whole thing, phones Greenwald in a panic, and says "get on over here and take it. I want nothing to do with it anymore. Passwords too..."
I can't decide...
The issue is that the UK used a flimsy pretext and a total lack of moral authority to arrest and detain someone for reasons that are utterly unclear but cannot reasonably be thought to be in the "national interest." That excuse, as was shown in Parliament on Thursday, is now viewed with extreme scepticism, as is the immediate compliance with US military/security establishment demands. Stories from gov sources changing the agenda should be seen as such.
It's remarkable to me that certain people here seem to hate their own countries more than those who are actually despotic, enough to support Snowden in his vainglorious attempt to get recognition. I mean the guy is HIDING IN RUSSIA, a country that tends to shoot awkward journalists rather than hold them at airports for a few hours.
You people DISGUST ME.
>It's remarkable to me that certain people here seem to hate their own countries more than those who are actually despotic, enough to support Snowden in his vainglorious attempt to get recognition.
Funny you say that, I do love my country within reasonable limits. I really don't like GCHQ and PRISM to spy on me. Both are breaking german law doing it!
I have to fundamentally disagree with you.
Whilst I might find the actions of a despotic regime in a foreign country obnoxious, I have no standing. However, when the actions of the government of the country of which I am a citizen go beyond the limits of civilized behaviour, I have the right, indeed the duty, to protest.
that certain governments seem to hate their own citizens more than those who are actually despotic.
It's well known that Russia is no bastion of human rights, but that doesn't justify abuses by western governments because "it's not as bad as Russia." If you were mugged, would you be satisfied if your attacker escaped justice on the grounds that they only hit you, in some places they might have shot you?
You depress me.
".....If you were mugged, would you be satisfied if your attacker escaped justice on the grounds that they only hit you, in some places they might have shot you?...." Yeah, so please show us on the doll where you were hit? Oh, you can't, becase no-one is interested in reading your delusional blatherings. You haven't been "mugged", you are just hapiilly living in some fantasy where you like to imagine you are just so gosh-darn cool and rebellious that the security services would consider you a top priority intercept target, when the reality is they have real fish to fry, not wannabes. Get over yourself.
It's possible that the Guardian were so useless they had the password written down. But it's stretching things a little - that's incompetence of comic proportions.
I've a theory to offer: The investigators actually got the password through another channel, one of dubious legality. Perhaps they have phone and email monitoring operations on everyone who works for the Guardian (I would be very surprised if they do not) or even bugs in the offices, or maybe someone on the inside leaking details, or perhaps GCHQ were able to use some advanced cryptoanalytics magic to find the key left behind in the swap file. However they got it, they don't want to admit how - so the 'password on a postit' line is just a lie made up to give a plausible explanation for how the investigators got that password, thus protecting the secrecy of whatever cloak-and-dagger operations they have going on. It even has the added bonus of making the Guardian look like a bunch of idiots.
Or the documents found might just be a plant, and he wasn't really carrying anything at all. At this point I think we've demonstrated that both US and UK governments are more than willing to outright lie to the public and frequently violate their own laws - planting evidence isn't that much of a leap. Being able to threaten Miranda with jail time could be a way to apply pressure to Greenwald. He may already have recieved the deniable communication: 'One way or another your boyfriend is going to jail for a few months - but if you publish any more documents, we'll see to it that he is locked up for five years before he so much as sees a trial, and thirty more after that.'
Wild speculation is quite acceptable here because we now know that government *lies* - even more so than was previously thought.
What does the UK charge him with? These files were not taken from any UK system, or within the UK, may not even be UK material, so I'm not sure how they can prosecute. They can try some vague thing about making terrorism easier but a jury (not abolished yet despite the obvious danger to NATIONAL SECURITY) might have the cheek to boot the case out the courtroom window. Which might be why they didn't arrest him after their nine hours of intimidation. After all the defence can claim, that since the alledgedly dangerous material was never a state secret, the prosecution can't refuse to disclose it
"What does the UK charge him with?...." If he is in possession of material covered by the Official Secrets Act, regardless of how they came to be in his possession, then he is in breach of that law.
"....These files were not taken from any UK system, or within the UK, may not even be UK material, so I'm not sure how they can prosecute...." Go read the relevant Act, it matters not one jot how the material was stolen, just that you have it in your possession and are not authorised to have it in your possession. If you show intent to distribute it that makes it worse.
"....They can try some vague thing about making terrorism...." The terrorism angle was simply used to stop him, it will be the OSA used to prosecute. They could go the extra mile in court and, if they can show that Miranda and co knew the material would be of interest to terrorists and still distributed it, charge them with material support of terrorism, but they don't need to when they can go to town with the OSA charges.
"....Which might be why they didn't arrest him after their nine hours...." I would suggest that the volume of documentation meant they simply hadn't processed enough to charge Miranda with inside the nine hours, so they let him go whilst still examining the data. It seems they ahve found plenty since as they are preparing a criminal case.
I thought if you wanted to send crypto keys secretly you used the old Greek system:
1. Shave head (of slave in Greek case, but hey, anyone will do)
2. Tattoo the key onto scalp (maybe just a permanent marker would do in this day and age)
3. Wait a week or two for hair to grow.
4. Off you go. Searches find nothing
5. Get to other end, shave head, et voila.
Biting the hand that feeds IT © 1998–2019