back to article Snowden leaks lack context says security studies professor

With the wash-up from December's Snowden leaks still sloshing around the 'net, The Register decided to discuss how to interpret the leaked documents with Thomas Rid of King's College London. In November, Rid (Professor of Security Studies) and colleague Robert Lee (currently undertaking his PhD at King's) published a piece …

  1. Ole Juul

    worse

    the documents often suggest that the NSA doesn't really have good internal communications.

    What could go wrong?

    . . . people say 'wow' they can do this! I don't know why we have the expectation that we have these superhero organisations.”

    I'm probably not the only one who hasn't been fooled into thinking that the NSA can do everything they wish they could. However, because they have so much power, the fact that they're not as organized and skilled as they pretend to be makes them even more dangerous.

    1. Otto is a bear.

      Re: worse

      No, you are not alone, the Security Services are organisations like any other, be it Church, State, Charity or Commercial. They all suffer from their own internal politics, they all have their own momentum, and they are above all made up of fallible human beings.

      In my experience, the best way to get management to fund your project is to wave lots of shiny things in front of the managers which play to their desired outcomes. Tell them they can achieve the stars, but they need to get on the road now, because it's a journey, and they like to be on-board for journeys.

      We should not forget that the vast majority of people have no idea what their employees, peers and managers really do all day, they have little grasp of reality, and assume that because they have seen it on TV or in the Cinema it must be possible. No one, especially managers, likes to admit they do not understand something being presented, so often, rather than question a claim, they accept it, just in case they might seem stupid.

      We should also remember that just because something seems possible, it doesn't mean someone is doing it, or for that matter even if it is definitely possible, they are doing it. So next time someone tells you X is happening, ask yourself, "How does that work then, Ted" and then How, much and how many.

    2. Anonymous Coward
      Anonymous Coward

      Re: worse

      More to the point, since they cache a lot (everything?) they sweep in, they have considerable ability to back analyze. So even if they have "issues" limiting them today, that does not mean they won't be able to overcome those issues in regards to "today's" data sometime in the future.

    3. streaky

      Re: worse

      @OP

      Couldn't agree more. Not only what you said but assuming what you said is true why are we throwing so much money at them [NSA/GCHQ].

      It's all going to end badly because as time goes on more things are going to be crypto-by-default (http/2 is a pefect example) and it's going to speed up adoption of stronger ciphers and bring about the faster demise of the weaker stuff (see: Google's jihad against sha-1).

      When all this comes to pass what do NSA/GCHQ do? Nothing - they effectively cease to exist because they have no real-world capability and all the money has to go where it should be going anyway, into humint.

      1. Roo

        Re: worse @ streaky

        "When all this comes to pass what do NSA/GCHQ do? Nothing - they effectively cease to exist because they have no real-world capability and all the money has to go where it should be going anyway, into humint."

        The vast majority of that encrypted traffic will still be vulnerable - they can lean on certificate authorities, service providers (not just ISPs, folks like Google et al), and carry on with their man in the middle attacks. It's not rocket science.

        The fact is mass surveillance has been their goal from the outset, they've spent a lot of money on it, they have the law on their side and they'll find a way and a lot more money to carry on doing it. As to why they are doing it, the hunting down criminals reasons don't make much economic sense to me unless they view the majority of the population as being criminals.

        1. Mike Dimmick

          Re: worse @ streaky

          Certificate authorities simply sign the server certificate to indicate that they issued it. It can imply that they did some background checks to ensure that the person requesting the certificate did in fact represent the organisation that the certificate claims to be generated by, although you pay for what you get: a CA that countersigns certificates for free is unlikely to have made substantial checks.

          The CA never sees the private key corresponding to the public key contained in the certificate, so cannot decrypt or help decrypt communications.

          The security services can subvert a certificate authority, to get them to sign a fake certificate that claims to be for the site that you're trying to use. That can then be used in a man-in-the-middle attack. It doesn't require that the CAs explicitly have an agreement to allow the NSA or GCHQ to do this, fraudulent certificates have been issued in the past simply through social engineering. If the security services can get their own CA into the browsers' list of trusted root authorities, they don't even have to do that.

          Google have proposed (and implemented in Chrome) a technology called 'public key pinning' which requires that, for a period of time, the certificate presented by a server must have been signed by a specific public key. That requires the attacker to actually compromise the CA that countersigned the genuine certificate, rather than compromising any CA or setting up a fake root CA.

          1. Anonymous Coward
            Anonymous Coward

            so far only South Korea has admitted to officially subverting CA's

            but as all CA authorities are part of the still obscure, locked in 1990's, CA/Browser Forum - and are subject to massive pressure to be helpful to the intelligence community - I still trust them not.

            CA's are fundamental to the 'web of trust', so it's a FAIL at the start, but if they could actually deliver a bit on their promised transparency then I'd consider to start to think about trusting their numbers!

            I can specify, with names, dates and powerpoints, how CA's are/have been helpful if you desire more context?

  2. Anonymous Coward
    Anonymous Coward

    "documents written by individuals trying to put their work in the best light to their superiors "

    Yes, no one is going to put a presentation together about the new wunderwaffe for their superiors and say that it won't work.

    Though, they might put one together that says it won't work unless they get a modest increase on their budget.

  3. kartstar

    I don't get it. The slides weren't the only things leaked by Snowden. There are a ton of other documents and files that only certain journalists (like Greenwald) have access to. Those journalists use these documents, and talking with Snowden and other people with insight to guide their articles. Maybe there are some people writing stories based on "just the PowerPoint slides" but I think to dismiss the leaks as lacking context based on only that fact is clearly a straw man argument. I think the PowerPoint slides are mainly used as a graphic to brighten up the articles, in the same way infographics are used.

    1. Cipher
      Big Brother

      @kartstar

      Agree.

      This work by the good academics has a certain revisionist smell to it, a bit of down playing - move on nothing dangerous here - kind of ring to it.

      Cherry pick a weak element and hope the entire NSA system is tarred with the same brush...

      1. Androgynous Cupboard Silver badge

        Disagree

        There's definitely something to this.

        Snowden was a system administrator, not a spook - he walked away with a huge number of files but almost certainly doesn't have the knowledge to put any of them into context. Imagine pulling random files off your work DMS and trying to put them into context, it's an impossibly task in most businesses, and it's going to cover plans that were shelved, revised, or just plan wrong, like it would in any business.

        Second, some of the claims are ludicrous. Tapping fibre at the bottom of the sea? With robots or in scuba gear, through an armoured cable, and all without being noticed? And they didn't fuck up once and get caught? Nope, I don't think so. It seems odd that we apply a healthy (and necessary) dose of skepticism to everything that comes out of the government except these leaks.

        1. Stuck-Record

          Re: Disagree

          As a non computer programmer there is something that always jarred about the Snowden revelations – at least how they were reported that maybe you can explain?

          It seems to be widely believed – certainly amongst the MSM and general public I encounter – that the NSA is recording or caching everything for analysis later. In fact someone in this very comments thread mentions it. Can someone explain how that is possible? Surely the sum of the traffic through the internet is greater than the traffic itself, and to attempt to store it would (very quickly, if not immediately) require more storage than exists. The problem being made worse every second.

          Am I misunderstanding this? Thanks.

          1. Anonymous Coward
            Anonymous Coward

            @Stuck-Record

            well, all the fourteen EU partner intelligence communities are recording as much of everything digital encrypted that they can afford, for either instant or later analysis. Wi-Fi, net, everything. Crypto is just a delaying mechanism, good crypto can delay plaintext for a long time, but compare this with the NSA/GCHQ aggressive effort to undermine & sabotage commercial cryptographic implementations, and steal/own the pre-shared keys of many systems.

            Hard disk prices are always dropping, massive HDD arrays are possible, more massive (slower but cheaper) tape-arrays are also possible. The Dec2014 Snowden docs revealed that just GCHQ looks at 10 billion Server encrypted handshake start/Hello’s per week = unselected data, just pure data fishing, with the implication that everything VPN/SSL connected is stored for around 6 months on the GCHQ Cloud, other stuff could be stored for longer.

            A couple of years ago Amesys-Bull was selling an "internet recorder in a box" that could record around an entire year of internet data for an average country - and allow keyword searches through the past year of traffic. I presume they sold hundreds of these to every earthly nation, including a lot of dubious dictators... that was mostly a Facebook profiling system for population, but was used for digital attack in Lybia, that we know about...

            This is why there is a need for a debate, bit of a one-sided debate with NSA/GCHQ as possibly a silent/subverting partner, as the systems to record & manipulate EVERYTHING digital were available a few years ago - so whilst I do happen to trust GCHQ at present, based on my sampling of the guys/gals who work there, and I do trust & respect UK politicos at present - there is a very deep worry about the near future and the loss for ever of any freedom/privacy that we thought we once had.

            memorex moments for everything you ever do/have done/will do/ online or just for who you are? - the potential for social/financial/life-essence exclusion if we ever get a Bad Boris running the country is bleak

            Happy Anniversary of Magna Carta anyone?

        2. Roo
          Windows

          Re: Disagree

          "Tapping fibre at the bottom of the sea? With robots or in scuba gear, through an armoured cable, and all without being noticed? And they didn't fuck up once and get caught? "

          Err, the not getting caught thing would be quite easy, there's a lot of water to hide in out there. Also you seem to have overlooked the fact that submarine cables seem to break as a matter of routine and they are repaired by private companies. I can't see those companies saying no to getting paid for some lawful work.

        3. John Deeb

          Re: Disagree

          Androgynous Cupboard, you're so wrong there:

          "Snowden was a system administrator, not a spook"

          Since he was sent abroad with diplomatic cover it would classify as spy in most books. And the term "system administrator" is something the feds suggested. Deeper investigation by several newspapers reveal a way broader expertise and training.

          "but almost certainly doesn't have the knowledge to put any of them into context."

          But Snowden didn't publish them! All the background check, verification and expansion appeared to have been done by a team of journalists and their contacts inside and outside intelligence. This is well documented by the way so you're commenting in lazy mode.

          Not sure why you dismiss so quickly tapping fibre at the bottom of the sea either. It was one of the most believable parts as it would be the logical place in those hotspots of the world where they could obviously not get into the main access points or core routers.

        4. Anonymous Coward
          Anonymous Coward

          Re: Disagree

          Down vote due to having been present for just such an op. It was interesting for certain values of interesting and a not so nice, i.e. vacation at Club Fed therefor extremely persuasive, NDA applied.

          AC for that pesky NDA from Hell.

        5. ElsmarMarc

          Cable tapping is easy

          "Tapping fibre at the bottom of the sea? With robots or in scuba gear, through an armoured cable, and all without being noticed? And they didn't fuck up once and get caught? "

          The US has been tapping underseas cables for many years. Nothing new.

          E.g.:

          http://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/

          http://motherboard.vice.com/blog/undersea-cable-surveillance-is-easy-its-just-a-matter-of-money

          And before that, going back to the early days of cables for teletext, etc., cable tapping has been going on for many, many years.

          1. Androgynous Cupboard Silver badge

            Re: Cable tapping is easy

            Alright, fair cop on the cable-tapping - that Atlantic article was a good one.

            And the AC above who has first hand knowledge of this - wowzers. Shame about that NDA - how long was your "holiday"? Our governments can be very generous with their accommodation when it suits them...

  4. PleebSmash
    Big Brother

    biggest NSA reporting error

    Probably the idea that the Utah Data Center would store 5 zettabytes or even yottabytes of data based on a guess by William Binney and some study. Orders of magnitude of wrong.

  5. Anonymous Coward 101

    Powerpoint is Bad

    I hate Powerpoint. It is frequently the worst tool for the job. Whenever I have to refer to an old Powerpoint for something, I find myself cursing the idiot that created it. Why couldn't they have written a brief note in prose to be referred to later, instead of arcane slides that have no information?

  6. codejunky Silver badge

    However

    The hiccup and major stumble of the NSA was to deny they were doing something, and then be proven without any doubt or hope of grey area that they were doing it ESPECIALLY when talking to the very people put in place to monitor them. This means the NSA can say they dont use mind control and people will be more than justified assuming the opposite. Their credibility is blown.

    Add to that the lack of action seen by the public and there is a good reason to assume that things carry on as before and with little oversight (or an unofficial nod). The chaotic and embarrassing way Snowden's credibility was attacked and was branded traitor but of little, then more, then high importance.

    Simply if the public image of Snowden's escape and clumsy attacks against his character along with outright NSA lying then people may trust that side of the story more than 1 man stuck in Russia. Which was achieved by the US trapping him there.

  7. Dan 55 Silver badge

    “The people wh make the slides are not the same people as have the technical insights,”

    I thought they were in this case, which is why they look awful.

  8. Alister

    This just seems like a very clumsy attempt to discredit Snowden's information. The leaks contain far more than just PowerPoint slides.

  9. Anonymous Coward
    Anonymous Coward

    This is always a difficulty when dealing with organisations for which silence and disinformation are at the heart of their reason to be. To take the NHS example, if the claim about cancer became public even disbelieving journalists would immediately ring up the NHS press office and get some kind of comment which they could then work to form a judgement on and build a story around.

    The NSA are highly unlikely to comment on anything and if a leak can be contained by silencing a journalist then that's a highly plausible route for them to take, while if the story does become widespread enough that a public statement is required people will legitimately wonder if it's true but not have any reliable way to substantiate it. That makes hearsay and speculation inevitable and tends to magnify the effect that peoples' preconceptions have on their interpretation of the story.

    A great example of this comes with last year's disappearing plane.

    Most of us were extremely surprised that modern satellite technology had lost a plane at all, let alone that a giant multinational effort couldn't locate it again. Opinion seems to be split roughly evenly between people who think that US intelligence is much less competent than it claims to be (even though it doesn't actually claim anything, we let tv like 24 speak on its behalf) and people who think that actually at least the US and possibly other intelligence agencies know what happened and where the plane is/was but won't make that information public.

    It's rare to meet anyone who thinks that the intelligence agencies both don't know where the plane is and shouldn't know where it is, but they're obviously not going to comment in any detail and we wouldn't believe them if they did, so the vacuum gets filled by another means.

    1. Anonymous Coward
      Anonymous Coward

      Er, no you are wrong.

      "Most of us were extremely surprised that modern satellite technology had lost a plane at all, let alone that a giant multinational effort couldn't locate it again"

      I wasn't at all surprised.

      Primary radar range is limited, secondary radar (it's not radar but ADSB is often referred to as radar) is also limited.in range. Go a few hundred miles from land and you are off the radar/ADSB.

      ACARS (HF and VHF) can provide more information if the aircraft is transmitting.

      HF ACARS gives much further range than VHF ACARS, in fact almost worldwide coverage, but ACARS transmissions don't always contain positional data.

      ACARS might tell you about position of an aircraft, but more likely it will tell you about an engine fault or a blocked toilet or arrival/departure gate.

      However many (maybe most) ACARS messages are just a response to a ping telling you nothing more than there is the ability to respond to said ping.

      The oceans are large and hard to find things in. Your brain is very small and even harder to find anything in.

  10. Sir Runcible Spoon
    Thumb Up

    On the other hand..

    even if the information in the slides isn't 100% accurate and is only intended for higher-ups - it still reveals the mindset of the organisation and what is considered acceptable practice.

    So even if a slide says 'we managed to obtain meta-data on 95% of all mobile calls in 2013' - it doesn't matter if the number is accurate - the intention is still there and there is almost certainly an effort to obtain 100% of the that meta-data.

    Good article though, it raises some good points.

  11. ukgnome

    I'm sorry but

    I am no longer buying into Snowden. The drip feeding of info and the like is just too convenient. If it looks like a duck and quacks like a duck.

    1. Dan 55 Silver badge

      Re: I'm sorry but

      Greenwald's already got everything from Snowden, he's the one that's collating and drip feeding the info. It was decided to do this to keep the issue in the public eye.

      1. ukgnome

        Re: I'm sorry but

        and my cocks a kipper!

    2. Sir Sham Cad

      Re: I'm sorry but

      What is it you're not "buying into"? That the leaked docs originated from the NSA? That Snowden leaked them for public interest reasons/whistleblowing? That Snowden isn't sat over a keyboard in the Kremlin sending out another snippet when Vlad gives the go ahead?

      What is this duck you speak of and what is it that you have identified as the duck-shaped object?

      1) The NSA and other authorities have already copped to the info being theirs and gone on the attack accusing Snowden of being a traitor/terrorist/ etc...

      2) There are easier ways to getting celebrity status if I'm honest.

      3) As has been said, Snowden spaffed the lot in one go before jumping on the plane to wherever the hell would take him and going into hiding. It's the journo who is now "leaking" the info on the drip feed, whether that's to keep it in the public eye (so it's not just one story that can be quickly forgotten when the next big story comes up) or to ensure a regular supply of articles or some of both isn't really relevant.

    3. Anonymous Coward
      Anonymous Coward

      Re: I'm sorry but

      Some of us have wondered whether this is a great deception operation. I hope for his sake Snowden gets out of Russia before they twig.

  12. amanfromMars 1 Silver badge

    A little knowledge is a dangerous thing

    Rid has previously told the world that cyber war won't be a war, and that cyber weapons aren't that dangerous.

    And has the Professor of Security Studies of Kings College, London, binned that nonsensical opinion and realised the real and present dangers that virtually inept and pathetically corrupt and politically perverse elites face, and the trials and tribulations that they and their sysadmins are/will be forced to submit to and endure during their power command and control demise, because of the efficient wielding of cyber weaponry against them and their ponzi fiat scheme and hacked and cracked Great Game plays/media hosted intelligently destroyed ploys?

    Or is such a fundamental volte-face for the professor, one small step and too great a giant quantum leap to make should so much be invested and rest upon the contrarian earlier espoused view?

    One imagines though that the world wasn’t really listening and knows better, for surely, to not imagine that it be so, and to act accordingly, would be as manna from heaven for all that which understands and operates in the future with current levers of remote anonymous control and practically autonomous command. And such be quite akin to being in possession of Arms of Perfect Protective Stealth, a both dangerously and/or disruptively creative cyber weapons systems.

    1. amanfromMars 1 Silver badge

      The Future Reality and Future of Reality......

      ....... is of AIManufacture and Ab Fab Fabless Construction with HyperRadioProActive Instruction

      “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.” – R. Buckminster Fuller

      Einstein advised “We cannot solve our problems with the same level of thinking that created them”. Yet that’s mostly what I see happening today on many levels.

      Many thanks, Changing the Script

      And Amen to all of that.

    2. KjetilS

      Re: A little knowledge is a dangerous thing

      That almost made sense...

      1. amanfromMars 1 Silver badge

        Re: A little knowledge is a dangerous thing and IT almost making HyperRadioProActive sense @ KjetilS

        Should it make little to no sense to existing powers that be [and they can be Security Services and other organisations like any Church, State, Charity or Commercial], be they virtually irrelevant and practically just as passengers for those who are able to enable and/or for that which is now leading with intelligent programming of ignorant assets and arrogant liabilities with relative impunity and freedom of action.

        Haven't y'all yet worked IT out for Command and Control of Bigger Pictures and the Great Game? Simply Complex Words to XSSXXXX Create Complex Simple Worlds to Administer and Provide for Reign with Ruling Reins ........ supplying SMARTR Advanced CyberIntelAIgent Direction with and for Novel and Noble ODay Trippers.

        Per Ardua ad Meta Astra and a Blithe Bletchley type Confection for Blighty Boffinry to Export and Exploit to Western XSSXXXX? Or is it configured with odd IT protocols to be considered and feared as an Exotic Eastern and Erotic Foreign Import and of Alien Extraction for a Virulent Infection? And that is/is that just the Way of IT in the Beginning of the Beginning of Futures with No Pasts to Present and Claim Domain and Dominion over?

      2. dogged

        Re: A little knowledge is a dangerous thing

        > That almost made sense...

        It's agonising, isn't it? With a normal amanfromMars1 post you pretty know what you're reading from the fifth word but that one started out as if it was going somewhere and then slowly fucked with your head.

        I really should start reading the poster names before I read the text. Self-preservation demands it.

        1. amanfromMars 1 Silver badge

          Words to the Wise and Fodder for Alternative Future Builders and Dark Web Enterprise Clients

          I really should start reading the poster names before I read the text. Self-preservation demands it. …. dogged

          Really, dogged? That is surely somewhat self-defeating for to ignore and avoid participation in and/or inquisition and constructive debate over what is happening all around you, has one immediately disadvantaged by ignorance which always has one easily misused and abused by corrupted and perverse circles/units/agencies flashing intelligence credentials.

          And as I’m sure it can be here wholeheartedly agreed, such credentials are so easily forged as to be practically worthless in the real world which jousts so disastrously with the considerably smarter and anonymous and virtual foe ..... an impressively substantive phantom enemy with intangible invisible phorms to fight and do battle against in vain, and in so doing reveal and expose to exploitation one's every last weakness in support of a failed strength and lost control which was protected and empowered by the arrogance which perceived ignorance and exclusive executive kept secrets afforded.

  13. All names Taken
    Paris Hilton

    Maybe ...

    ... just maybe people like hyperventilating due to over excitement or something and the press n news stories is just one other way of how to do that?

    (Get over excited about something systematically dramatised into something it isn't, wasn't and never likely to be apart from as s perception held by some?)

  14. Anonymous Coward
    Anonymous Coward

    So, is this report

    outing an Agent of the State whose psyops role is Chief of Deception and Misinformation Propaganda?

  15. JaitcH
    Thumb Down

    Rid (Professor of Security Studies) has proved what they say about PhD degrees.

    Simply more shit Piled Higher and Deeper.

    When I saw pictures of The Guardian having to smash up old Apple computers, I had little doubt that that piece of human slime called Jeremy Heywood, who hangs out in No. 10, had made threats against the newspaper.

    All without the aid of PowerPoint!

    Besides, the immediate reactions from GCHQ and NSA served as quite sufficient proof they were up to no good.

  16. Anonymous Coward
    Anonymous Coward

    It's amazing how quickly people are forgotten, I would expect to see Snowden in the Jungle at some point, undoubtedly playing the Roswell reel acquired from Ant and Dec's tent as originally used in Alien Autopsy.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon