Join 3,436 readers in helping fund MetaFilter (Hide)


NSA Whistleblower Alleges Illegal Spying
January 10, 2006 5:06 PM   Subscribe

Watch what you say. Russell Tice, the NSA whistleblower who was the source for the NYT, has alleged that the the technology exists to track and sort through every domestic and international phone call as they are switched through centers, such as one in New York, and to search for key words or phrases that a terrorist might use. "If you picked the word 'jihad' out of a conversation," Tice said, "the technology exists that you focus in on that conversation, and you pull it out of the system for processing." What else are they listening for?
posted by bukharin (87 comments total)

 
gud ting oy 7ype een k0d3.
posted by Heywood Mogroot at 5:19 PM on January 10, 2006


Quite a chin on that mofo.
posted by delmoi at 5:23 PM on January 10, 2006


Gettin' a little cheeky there...
posted by hal9k at 5:27 PM on January 10, 2006


Citizen: your IP address has been logged.
posted by killdevil at 5:30 PM on January 10, 2006


The link seems to have been disabled. What the jihad?
posted by longsleeves at 5:34 PM on January 10, 2006


delmoi was not kidding. heh

I guess in the ol' spy game you gotta listen in on everybody's conversation 'cause there might be somebody out there who might not know the phones are bugged!
posted by jaronson at 5:36 PM on January 10, 2006



Still works for me.
posted by bukharin at 5:36 PM on January 10, 2006


Citizen: your IP address has been logged.

What did you expect with only Red security clearance?
posted by Cyrano at 5:37 PM on January 10, 2006


The link is fine and thanks for it, Bukharin.

I wonder if the NSA system works by first processing the spoken conversation into text, and then using Bayesian analysis to determine the gist of the conversation and search for "hot" topics. [Self-link warning]: I wrote about one such technology in Wired years ago, and it's interesting to note that such a method could be used to identify the subject of a conversation even if it were encrypted.

Oh and, small world: one of the board members of the company I wrote about was arch neocon Richard Perle, one of the chief architects of the Iraq war.
posted by digaman at 5:53 PM on January 10, 2006


Now would be a good time for the word "jihad" to become a euphemism for something dirty.
posted by spock at 5:55 PM on January 10, 2006


For math geeks, the method that Autonomy was/is using to classify texts according to subject is called Bayesian inference. Microsoft has put a lot of money into researching Bayesian inference for use in its help programs to anticipate what you're asking about.
posted by digaman at 5:57 PM on January 10, 2006


jihad.

jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. 
jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. 
jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. 
jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. 
jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. 
jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. 
jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad.
 jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. jihad. 
jihad. jihad. jihad. jihad. jihad. jihad. 

PS: fuck the government
posted by keswick at 5:59 PM on January 10, 2006


oops, i didn't mean to break the width. sorry.
posted by keswick at 6:01 PM on January 10, 2006


I think we should just be sure to use the words "bomb" "president" and "jihad" in all our phone conversations, just to piss 'em off.
posted by Citizen Premier at 6:02 PM on January 10, 2006


^^^^ i seem to be having a porblem
posted by keswick at 6:02 PM on January 10, 2006


"The President is da bomb."
posted by brundlefly at 6:08 PM on January 10, 2006



Not to keep harping on Bayesian inference, but one crucial thing that sets it apart from keyword-type searches -- i.e. all this "jihad jihad" stuff -- is that it is able to zero in the subject of a corpus (as they say) without requiring the presence of a telltale keyword like "jihad" or "Al Qaeda." The example I used in the article was that the software was able to tell that a text was probably about penguins by picking up words like "arctic," "flightless," and "black and white," even if the word "penguin" was never used. In other words, does anybody seriously think that the guys Bush claims to be looking for sit around on phones jabbering about "jihad" and "bombs"? A technology that is able to determine the subject of a corpus even if certain keywords are studiously avoided, or if innocuous words are substituted for them, has the potential of being quite a bit more intrusive, or casting a wider net.
posted by digaman at 6:13 PM on January 10, 2006


Why do you all hate America?
posted by StrasbourgSecaucus at 6:14 PM on January 10, 2006


For math geeks, the method that Autonomy was/is using to classify texts according to subject is called Bayesian inference.

I don't know what autonomy was, but there are many methods for text classification, however, it sounds like they were using keyword search (keywords like 'jihad'), which you don't need Bayesian networks for. Usually for speech recognition Hidden Markov Models or neural networks.

If what Tice says is the complete technical specification of what the NSA is doing, then that's rather stupid. So I suspect it's not, but who knows. They might be doing some method to determine the word, and then a Bayesian (or support vector machine, etc, etc) for text classification. That would be much better for determining who's a terrorist, or at least who talks like a terrorist, without needing to worry about hearing all the words correctly.

By the way, the NSA has it's own CPU fabrication plant, so they aren't limited in computing power the way every one else is. They could be five or six years ahead of Intel or AMD. They have similar R&D budgets, but who knows what they spend it on CPU stuff compared to math, or networking or whatever.

They also do things like put finalized neural networks onto chips, hundreds of them, each chip able to parse hundreds of phone calls at once.
posted by delmoi at 6:19 PM on January 10, 2006


digaman, not much research has been done on trying to fool various text processing systems, because you could just use encryption.
posted by delmoi at 6:21 PM on January 10, 2006


A couple of jokers who toss "semtex jihad anthrax dirty bomb" into their online communication is just an annoyance. Now if the spammers could turn their evil technology on this problem, with fat email lists (the key), robust source masking, and random message generation now you might put a crimp into the program for a short while.
posted by caddis at 6:22 PM on January 10, 2006


Afghanistan banana stand.
posted by furtive at 6:25 PM on January 10, 2006


The NSA revoked Tice's security clearance in May of last year based on what it called psychological concerns and later dismissed him. Tice calls that bunk and says that's the way the NSA deals with troublemakers and whistleblowers.

This is the problem with whistleblowing on the NSA; they know everything you say.
posted by caddis at 6:25 PM on January 10, 2006


Thanks for the info, delmoi.

The point I was making was that software like Autonomy was able to classify even encrypted texts (and this was six years ago!), which could be used to identify people of interest for the kind of cross-checking that the NSA is doing, even if you couldn't break the encryption on a particular text.

By the way, are you kidding about the NSA having its own CPU fab? If not, I'd love to know more about it.
posted by digaman at 6:25 PM on January 10, 2006


So basically the president needed to bypass FISA because the technology being used is so utterly big brotherish that it is completely incompatible with the concept of warrants and court authorization, right?
posted by VulcanMike at 6:39 PM on January 10, 2006


Wow, no wonder whenever I talk about my homies, I hear a little clicking on the line: "Yo man, I was at this party, and G had some canapes out... "
posted by Alvy Ampersand at 6:55 PM on January 10, 2006


They also do things like put finalized neural networks onto chips, hundreds of them, each chip able to parse hundreds of phone calls at once.

Err, I mean they could do that.

By the way, are you kidding about the NSA having its own CPU fab? If not, I'd love to know more about it.

I read that somewhere a couple years ago, maybe in Wired.

We have a $28 billion dollar Intel budget, and the NSA gets most of that, supposedly. Intel (the CPU maker, integrated electronics) spends about $5 billion on R&D each year. If the NSA was 5 years ahead of Intel, they could stay in that position, although I personally doubt they are. They can still fab chips to their specifications, and build supercomputers with dedicated hardware for speech analysis, if they wanted too. But who knows what they want to do?

FWIW, searching google for "NSA fabrication" yields this paper right on nsa.gov about fabrication technology.

this page is about their fab, supposedly, but their site is flaking out. here is the google cache.
posted by delmoi at 7:00 PM on January 10, 2006


Geez....even the mafia uses code. Haven't they seen Casino?
posted by TeamBilly at 7:01 PM on January 10, 2006


(The want people to know about this to help them recruit)
posted by delmoi at 7:01 PM on January 10, 2006


You know, I really don't like it when people who drink wild irish rose, wear tinfoil hats, and sleep in abandoned churches turn out to be more or less correct about government surveillance.

I'm still doubting the fact that the president is a reptilian alien, but I'm on the fence with Cheney...

No, in all seriousness, this is tremendously and overwhelmingly bad, if it turns out to be true. Surely if they can figure out if you are a terrorist, they can figure out which way you're going to vote. And that, my friends is information I would not want in the hands of any politician, bureaucrat, or worse, general.
posted by Freen at 7:06 PM on January 10, 2006


they can figure out which way you're going to vote

Well, they already have the IRS working on that one.
posted by digaman at 7:25 PM on January 10, 2006


Freen. Once you accept the fact that you live in a totalitarian dictatorship of the mob with free speach, things get easier to deal with.

A little hawkeye vodka helps things along.
posted by delmoi at 7:30 PM on January 10, 2006


Pay no attention to the man behind the curtain.
posted by spock at 7:59 PM on January 10, 2006


What else are they listening for?

Snakes on a plane, bitches.
posted by deusdiabolus at 8:29 PM on January 10, 2006


I'd say this is shocking, except for the fact that it's not.

Yet even with all this, our greatest defense against attack is that very, very few people have the skill, desire and willingness to plan and execute a quality attack.
posted by I Love Tacos at 8:34 PM on January 10, 2006


Why do you all hate America?

what's america?
posted by mcsweetie at 8:49 PM on January 10, 2006


Through echelon and other technologies the feds have been spying on all conversations. Didn't we already know this? I remember a Village Voice cover story for it in 1995-6. Based on his revelations, what's new is the method with which they zoom in on a person. "If you picked the word 'Jihad' out of a conversation," Tice said, "the technology exists that you focus in on that conversation, and you pull it out of the system for processing." According to Tice, intelligence analysts use the information to develop graphs that resemble spider webs linking one suspect's phone number to hundreds or even thousands more.

This is scewed up. First of all there are no terrorists or suspects in this system; only people who are willing to discuss politics over their phone conversations. No real terrorist or Jihadist would ever say jihad on the phone. People who use words like this on the phone are those who are still not afraid of talking about what's on their mind –especially on the phone. Now let's assume the person who uses a word like Jihadist in his conversation probably deserves the suspicion (only a retard would suspect this, but still don't forget most humans are retards)

But what about those hundreds of people who are connected to this person by a web of phone calls and text messages? Do they deserve being watched? And what if this creates other problems with law and government for them? So nowadays, a person says Jihad, and suddenly hundreds of people will be under surveillance? What is this? Suspicion Network Protocol? A network organized around the utterance of a collection of suspicious word. Kind of like Alqeida itself. National Security gets even closer and closer to conceptual modern art in both form and content, theory and practice.
posted by sundaymag at 8:52 PM on January 10, 2006


this is the kind of boat people build when they have too much money.
posted by delmoi at 9:06 PM on January 10, 2006


I think we should just be sure to use the words "bomb" "president" and "jihad" in all our phone conversations, just to piss 'em off.
posted by Citizen Premier at 6:02 PM PST on January 10 [!]


Do they record *all* conversations, and only pull them for scrutinization of keywords are heard?
Can I be talking to my mother, and right before we are done, say, " Bomb, al Queda, Jihad, president, OK, Bye mom, I love you. " *click*
I wouldn't put it past them, but who is supplying all the memory space to pre-record all conversations for future reference?
posted by Balisong at 9:11 PM on January 10, 2006


National Security Agency mounted massive spy op on Baltimore peace group, documents show
posted by homunculus at 9:19 PM on January 10, 2006


While it's a blue-sky notion, I wonder if the best eventual course is for privacy to entirely whither away. Total surveilance, accessible to all.

Hell, me first: when I think no one's looking, I pick my nose in the car. See, that was easy.
posted by stackmonster at 9:19 PM on January 10, 2006



when I think no one's looking, I pick my nose in the car.

I bet you do more than that.
posted by bukharin at 9:22 PM on January 10, 2006


According to the documents, the Pledge of Resistance-Baltimore, a Quaker-linked peace group, has been monitored by the NSA working with the Baltimore Intelligence Unit of the Baltimore City Police Department.

I'm glad that they're finally going after those wily Quakerofacists. What with their oats and their William Penn and all....
posted by Afroblanco at 9:27 PM on January 10, 2006


I bet you do more than that.

Which is exactly why we need to give the President the authority he needs to protect innocent Americans with whom I might shake hands.

Look, the evolution of the State is and always has been towards greater control. We need to either learn to live within that, or do more than worry it like a puppy licking his nuticles.

Be that as it may, I will find a way to laugh.
posted by stackmonster at 9:37 PM on January 10, 2006


digaman, I'm not sure "encryption" is the word you're looking for. That, or you just don't know what it means.

Here's an encrypted conversation I could have just had with someone:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.1 (Darwin)

hQQOA5w8j+sALowFEA//RDa4DOagd4fCVUfQXmfaJtr0AWDNhOOr4oRA4pggLOgN
llw4arCB75AnUgDWPIVhkAREsZ+Ue1Lut0ceHhyoFkXVQP8eSXi4ydifwnL9NyQI
Dzng3RRebMQaWsECvR4ZDza3T2S1qGN8L3kZlpbDgKmBGwI8R3TsHePFyaIozHXr
+7vJUYVUGhLtnkoyIizggn7Wq8K/zZ4hu++kUNjDgPR4Sm3PrCMeGIJFzprXuDW6
bMKCWVv7bXqcyvI2xh9rXL+K7pz5GxGjHUDqaHGDOOj9q4x1Q4T6o9o23s5eBBFH
jrDMkRVy6Kj9PiTpD/LKzRz2j76l0NqNHAwq2radoMDLa7dmiRuHYo4GaegXIY4K
eIUUvbP3FqRn+YW98EWe/ZFlzkdTNiq6rVljcZc9J3vyrl64pd8I88zXAAOv4z8D

-----END PGP MESSAGE-----

It doesn't matter _what_ filtering you use. The above is indistinguishable from noise as far as that filter is concerned.

Perhaps what you were getting at was a system that works for plain english conversations even when codewords are used in place of the actual subjects?

How about the following?:

Domestic: Hello?
Foreign: Hey! Its Joe.
Domestic: Hey Joe, how's it going?
Foreign: Oh, pretty good. Listen do you have a minute? I emailed you the spreadsheet we were working on, but I can't figure out the best way to write the formula in E6. Take a look at it when you get a minute, ok?
Domestic: Sure, no problem. I get confused with those CSE formulas too. I'll just email you a revised copy when I fix it.
Foreign: Thanks, I really appreciate it.

Now, if the above conversation involved Foreign calling to confirm that Domestic was still onboard for the carbomb operation, and Domestic was simply waiting for information on the proper location (Grid coordinate E6), then what amount of filtering, no matter how intelligent, would pull this conversation from the ether and flag it as suspicious?

This technique is not an appropriate substitute for human intelligence, that's the long and the short of it.

However, it sure is a great technique for spying on your personal enemies, political or otherwise, without limitation or oversight.
posted by odinsdream at 9:37 PM on January 10, 2006


I knew a girl once. Jihad a nice ass.
posted by pmbuko at 9:45 PM on January 10, 2006


Doreen had five sisters. They all got ass. One of them had eyes as big as Jolly Ranchers. Beautiful girl.... Beautiful girl...
posted by keswick at 10:17 PM on January 10, 2006


----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.1 (Darwin)


I have no doubt that the NSA has the ability to crack PGP (using specialized processors) with about as much effort as opening a walnut. "haha! He's using PGP, and thinks it's secure!"
posted by mrbill at 10:41 PM on January 10, 2006


Don't they have backdoors to all the major codes?
posted by caddis at 10:45 PM on January 10, 2006


Well, I'm not by any means a student of cryptography (most of what i know i've read in wikipedia), however, AFAIK, for the encryption algorithms in PGP to be insecure, either the encryption scheme is mathematically weak, i.e. there is some way to factor very large numbers very quickly that the world outside of the NSA just doesn't know about, or the NSA has computational capabilities that are orders of magnitude above and beyond what is even imaginable today that would be necessary to brute force a modern encryption algorithm.
posted by Freen at 11:02 PM on January 10, 2006


Were any of you really shocked that the nsa does this? I read about echelon years ago, and assumed that if i could see pictures of massive listening facilities in Australia that they probably had worse shit than that.

I mean if any of you were actually taken aback by this could you let me know why? and for what reason you ever really felt like you had any privacy any more?
posted by sourbrew at 11:15 PM on January 10, 2006



Doreen had five sisters. They all got ass. One of them had eyes as big as Jolly Ranchers. Beautiful girl.... Beautiful girl...


OK--I give.
posted by sourwookie at 11:38 PM on January 10, 2006


It doesn't matter _what_ filtering you use. The above is indistinguishable from noise as far as that filter is concerned.

The filter will catch the PGP and put your communications right in the front of the queue.

NSA has a semiconductor /factory/ they built to make the chips to crack your comms.

Steganography is your best bet, but even using that will raise flags eventually.
posted by Heywood Mogroot at 11:58 PM on January 10, 2006


Ennui and jaded poses notwithstanding, can we all at least agree that in a truly free society the government does not proactively spy on its own citizens? Then perhaps we can move on to the realization that freedom and privacy are intimately linked. In fact, they are the same thing insofar as you can't have one without the other.

And then, with our newfound understanding of the primacy of privacy in a free society, we will take direct action against the monsters who have stolen our birthright. Seriously, I'm hoping that this issue spurs enough people to actually do something about the sad, sorry state of the nation; that popular opinion is won over by true patriots who speak up loudly against the defeatist memes like "privacy is dead" and "get over it".

It's time for a Privacy Revolution. It's time to make privacy a core American value.

stackmonster: While it's a blue-sky notion, I wonder if the best eventual course is for privacy to entirely whither away. Total surveilance, accessible to all.

I heard that idea many times, floated with varying degrees of seriousness. But even as a joke, it's wretched.
posted by oncogenesis at 1:45 AM on January 11, 2006


Quite a chin on that mofo.

That's where the forward looking infra red is stored.
posted by vbfg at 2:18 AM on January 11, 2006


They can do accents?!

Now assuming that the NSA could utilize its R&D money half as efficiently as Intel (to pull off some of the really scary scenarios you guys are mentioning), they might have alot to teach the rest of the government.
posted by stratastar at 2:22 AM on January 11, 2006


hQQOA5w8j+sALowFEA//RDa4DOagd4fCVUfQXmfaJtr0AWDNhOOr4oRA4pggLOgN
llw4arCB75AnUgDWPIVhkAREsZ+Ue1Lut0ceHhyoFkXVQP8eSXi4ydifwnL9NyQI
Dzng3RRebMQaWsECvR4ZDza3T2S1qGN8L3kZlpbDgKmBGwI8R3TsHePFyaIozHXr
+7vJUYVUGhLtnkoyIizggn7Wq8K/zZ4hu++kUNjDgPR4Sm3PrCMeGIJFzprXuDW6
bMKCWVv7bXqcyvI2xh9rXL+K7pz5GxGjHUDqaHGDOOj9q4x1Q4T6o9o23s5eBBFH
jrDMkRVy6Kj9PiTpD/LKzRz2j76l0NqNHAwq2radoMDLa7dmiRuHYo4GaegXIY4K
eIUUvbP3FqRn+YW98EWe/ZFlzkdTNiq6rVljcZc9J3vyrl64pd8I88zXAAOv4z8D
posted by magpie68 at 2:38 AM on January 11, 2006


It would be relatively simple to combine a modern PC's ability to generate speech from a (say) a text file, with a VOIP service to flood any network with randomly generated speech. If each of the PCs doing this also acted as a cheese-box (or proxy) for a configurable number of jumps, between like PCs from source to intended destination, it wouldn't be too difficult to bury a valid signal in all the noise. The downside is that the network would be hammered.
posted by veedubya at 3:25 AM on January 11, 2006


Call me cynical, but the NSA is a government agency. I wouldn't trust it to open a jar of pickles, much less actively monitor and archive all communication streams across the entire globe. The vast budget is probably just the cost of creating an elaborate aura of secrecy to scare enemies.
posted by hoverboards don't work on water at 3:36 AM on January 11, 2006


Does it work with Arabic? Presumably Arabs would be conversing with each other in Arabic. Or is that not the point?
posted by Grangousier at 3:39 AM on January 11, 2006


I suggest that it would be useful to read the two books by Bamford on the NSA and other intel agencies...the history given suggests that what is taking place is not a new thing but merely a variation of sorts. To sum up what goes on, one NSA worker has this motto aboive his work space: IN GOD WE TRUST. ALL OTHERS WE MONITOR.
posted by Postroad at 3:43 AM on January 11, 2006


My old dog had such bad mange he had to be put down.
posted by magpie68 at 4:45 AM on January 11, 2006


A friend of mine swore this was true in the late eighties. She would positively freak out if I dropped a keyword during phone conversations, like Shell Oil, bomb and even Coke®. All words that I took delight in dropping in all of a sudden, so eventually she refused to speak to me on the phone. Nice to know that nutter was right.
posted by dabitch at 4:47 AM on January 11, 2006


Here's my prognostication, without any facts whatsoever...
  • 9/11 changes everything, etc.
  • Domestic datamining begins
  • Copious outrage over government handling of personal info and privacy. Operations "shuttered" and data "destroyed".
  • Administration does an end run (see torture, Geneva Convention, 2000 Election, Case for War in Iraq, etc.) and outsources data collection and processing to private companies, allowing them to do things that the government cannot. That's right, private companies are making decisions on actionable intelligence, like burning you with a lightbulb, getting you with an orange jumper, and sending you to Guantanamo. Choicepoint is a major contractor.
  • Incidents of Identity Theft and compromised databases skyrocket (Greater exposure leads to greater occurences).
  • The GOP brags about their Voter Vault and it's ability to identify voters down to the most granular level. Totally unconnected in any way.
  • ???
  • Profit!

  • posted by rzklkng at 5:40 AM on January 11, 2006


    Now assuming that the NSA could utilize its R&D money half as efficiently as Intel

    That is a riduculous assumption. Assume that the NSA has all of Intel's, AMD's, and any other companies or countries R&D that it wants plus whatever it can do on its own.

    The idea behind encryption like PGP is not to conceal the encrypted message since they quite clearly stand out as encrypted. It is also not to make them crack-proof. Nothing is. The goal is to make so computationally expensive that eavesdroppers are better off going after lower hanging fruit.

    In the case of PGP that would be going after the key exchange mechanism somehow or rooting your computer to get keys.
    posted by srboisvert at 5:41 AM on January 11, 2006


    Evidently the idea behind not getting warrants is that they eavesdrop on everybody all the time.

    The downside of PGP is that it produces recognizeably encrypted output. I can easily see even just using that means of communication becoming a criteria for whether or not one becomes a member of the no-fly club some time down the line, especially if the same cabal is kept in power for much longer. After all if you're using strong crypto then you *must* have something to hide, no? You'd be surprised at the extent to which your country thinks like that.
    posted by clevershark at 5:48 AM on January 11, 2006


    this is the kind of boat people build when they have too much money.

    Uhh, the boat isn't that big a deal. It just moves large things about. Quite useful.

    The large thing in the well deck, though....

    It doesn't matter _what_ filtering you use. The above is indistinguishable from noise as far as that filter is concerned.

    Bullshit wrong. That's a way to get you killed.

    First: "Version: GnuPG v1.4.1 (Darwin):" Oops. You just told them how you encrypted them. We'll pretend you're smarter than that.

    Second. They just pipe this noise through a few dozen decryptors, and the one that pipes up "I need a passphrase" tells you how it is encrypted.

    PGP/GPG also have this lovely property. "Ahem. We're from the government. Somebody sent you this message. We want your secret key."

    Worse. "Hi. We're from the government. We found you have a PGP secret key, and we've found traffic encrypted with the public key. That traffic was obviously meant for you, and only you. We want the key."

    Then they get to the rubber-hose cryptoanalysis.

    Hint: If you don't want the government on your back, don't use encryption that states exactly who the message is intended for, and what you really want to know about is steganography, as well as cryptography. There's a reason for symmetrical encryption, this is one of them.

    Two: If you suddenly start emanating encrypted traffic, you are noticeable. What you very much want is to not be noticed. While you're looking things up, look up traffic analysis -- you can find out a whole bunch merely by noting who's talking to who, even if you can't read the traffic. For example:

    Shortly after D-Day, someone sets up a field headquarters in France, and starts sending orders to various German Divisions in the field. Allied intercept officers note that...

    1) Wow, this station we've never seen before is sending lots of traffic, mostly encrypted.

    2) The stations it is talking to respond very, very quickly to these messages. This implies that this new station has officers senior to the officers at these other stations.

    3) We know that one of these stations is the H.Q. of 2nd SS Panzer Division, because they screwed up earlier, and transmitted that in the clear.

    4) However, it's primarily responding to one station, not transmitting to it first. This implies that it's junior to that station.

    5) Therefore, we suspect this is a major command, and since 2SS Panzer is a subsidiary unit, it's larger than a division, since it's responding to a unit, it's not OB West (Supreme Command West). Therefore, it's either an Army or Army Group (B or G) or Panzer Group West.

    6) The stations it is communicating with are widespread enough to indicate this is more likely an Army Group command, rather than an Army command.

    7) 2SS Panzer is in Panzer Group West,

    C) Therefore, this is the new headquarters of Panzer Group West.

    In less than two hours after going on the air, and with no traffic decrypted, the Allied Intelligence gang was telling the forward commanders that they'd located the new field headquarters of Panzer Group West. A few phones calls, and mere hours after transmission started, this new headquarters was attacked by the RAF, and basically ceased to exist for several days, leaving the Germans with a real coordination problem.

    About a day later, the Ultra gang started providing the decrypted messages that the station had sent before the attack. Sure enough, it was PzG B -- but the Traffic Analysis gang figured that without cracking one bit.

    So, you pop up sending a bunch of encrypted messages, you become noticiable. Worse, with PGP/GPG, if they get your secret key, they can prove exactly which messages were meant for you.
    posted by eriko at 5:55 AM on January 11, 2006


    [fixed keswick's width-breaking]
    posted by jessamyn at 6:32 AM on January 11, 2006


    If you suddenly start emanating encrypted traffic, you are noticeable. What you very much want is to not be noticed.

    Well, maybe that's what you want if you're at the headquarters of Panzer Group West. If you're just writing love letters to your hacker girlfriend, and encrypt them just for fun, or as some token gesture to the NSA, then maybe you're not so worried about someone knowing that you were sending encrypted traffic. It depends just what you're trying to hide. For most of us, traffic analysis is much less destructive of privacy than is actual listening in on private-seeming conversations, simply because we're already used to, most of the time, the idea of who we frequently talk with being common public knowledge. Unless you really are fighting a war, there's no sense being quite that paranoid. Your average PGP user is not trying to hide anything that the NSA would care about. That it probably annoys them is just a side benefit.
    posted by sfenders at 6:38 AM on January 11, 2006


    What else are they listening for?

    "Bukkake"?
    posted by PenguinBukkake at 6:52 AM on January 11, 2006


    The fat man walks alone.
    posted by pekar wood at 7:42 AM on January 11, 2006


    Let's not be stupid here. "Bomb" and "jihad" aren't being flagged. More likely are particular names, places, and codewords. Which raises an even more interesting question and likely possibility - that many phone calls are being flagged by mistake and when someone says "I'm at home" it becomes "Imam Atta Homem."
    posted by iamck at 7:47 AM on January 11, 2006


    When we were in High School we always used the words "baseball cards" to refer to anything we didn't want our parents to hear.

    But we were extra tricky kids.
    posted by StickyCarpet at 7:48 AM on January 11, 2006


    OK, so they're gathering all this data...by the time an analyst gets to a genuine terrorist message, I'd bet that the information is too old to act on it. Data is useless unless you have resources to digest it.
    posted by pepcorn at 8:44 AM on January 11, 2006


    eriko: If you suddenly start emanating encrypted traffic, you are noticeable. What you very much want is to not be noticed.

    The obvious solution is to encrypt all traffic all the time as standard operating procedure. That's not going to happen any time soon in any public medium, but it is a solid antidote to the oppressive "all surveillance all the time" idea floated above.
    posted by oncogenesis at 9:27 AM on January 11, 2006


    It's natural for the NSA to focus on this kind of stuff because the NSA's job is signal intelligence. I wish (I hope) the intelligence community as a whole is more focused on human intelligence. The people with long histories of supressing Islamist and/or Arab nationalist terror successfully -- the Israelis, Turks, and Indians, to name three -- all have huge and highly effective spy networks amongst their adversaries.
    posted by MattD at 9:40 AM on January 11, 2006


    [fixed keswick's width-breaking]

    thank you
    posted by keswick at 10:28 AM on January 11, 2006


    Back to the statistical analysis, the problem with these kinds of statistical analysis methods is that if you are looking for the proverbial needle in the haystack, your detection method will get many more bits of straw that resemble needles than actual needles. This gets worse as your target becomes more rare. Even if your test has a 1% false positive rate, that false positive rate can explode to hundreds or thousands of false positives for every true positive.

    This is one of the reason why I find the idea of racial profiling in airport security to be dangerously flawed from both a civil liberties perspective and a security perspective. With over a million Arab-Americans in the United States, the number of false leads will overwhelm investigation, and any time you put a person in police custody their civil liberties are in danger.

    So to be honest, knowing a little bit behind the math involved, I have to admit to a high degree of skepticism. These kinds of analysis depend on having a fairly large and current corpus of terrorist discourse, and I have doubts that these statistical models can reach the precision necessary to spot the terrorist out of a million phone calls.

    eriko: Oops. You just told them how you encrypted them. We'll pretend you're smarter than that.

    A basic premise of cryptographic design theory is that the message should be secure even if the enemy knows the methods, and has the same equipment used to encrypt the text. Knowing that a message was encrypted using 3DES, AES, Blowfish or IDEA should not provide the attacker with any leverage.

    Also, one of the points behind the creation of PGP/GPG was to change the norms of internet communication from plaintext to cyphertext. From a PGP/GPG advocates perspective, ideally it should be plaintext that is suspicious.
    posted by KirkJobSluder at 11:06 AM on January 11, 2006


    It was a mistake to even broach the encryption topic, really. People entirely ignored the rest of my post, which as far as I was concerned, was the more substantive part - that completely benign conversations can represent mischevious events. This extremely simple concept is why the NSA cannot possibly succeed using this method of tagging words, concepts, or internation.

    So, having proven, without a doubt, that an enemy of the NSA can have a conversation that is indistinguishable from benign conversation, our discussion really ought to move forward. I'd suggest one of two scenarios:

    1. The people behind this plan, even with their extensive resources, have somehow not yet reached this obvious conclusion.
    2. The people behind the plan have reached the obvious conclusion, but do not believe it hinders their operation because the objective is not to uncover enemy communication.

    What, then, is a viable objective? Spying on your personal enemies. The system would be extremely good for monitoring vast numbers of known contacts (like, for example, congressional staff) who have no reason to believe they're targets, and thus have no reason to use trivially-coded speech.

    The system would be wonderful at allowing these vast numbers of conversations to be monitored virtually unattended, only bubbling up those where certain topics were under discussion, like "impeachment" or "exit strategy" or "alito."

    This is painfully obvious, and yet we're still having a conversation about this spy operation as if it weren't a demonstrably stupid method of spying on terrorist targets that know we're listening to them. Shell game.
    posted by odinsdream at 11:48 AM on January 11, 2006


    odinsdream: Well, I'd argue for a third scenario as a possibility.
    3. Disinformation regarding the capabilities of the system as a way to make potential enemies work harder to conceal communications.

    I would also point out that setting up and actually implementing such "open codes" as you mention is quite a bit more difficult than you assume. The posted article doesn't really provide enough detail to make any conclusions about the scope or capabilities of this spy program. Tice seems to mention both speech filtering and traffic analysis.

    But it should be mentioned that since the Clinton Administration and especially after the Seattle WTO blow-up, radical environmental and labor groups have been classified as enemies of the state and subjected to harassment by federal authorities.
    posted by KirkJobSluder at 12:15 PM on January 11, 2006


    I should also add that open codes such as the one used in the spreadsheet example are just another form of encryption. The primary problem with them is that you have to share a codebook, and making them sound inconspicuous except for non-trivial examples is extremely difficult. Especially if as the article hints that traffic analysis is also involved, conversations about spreadsheets between people with no known working relationship would stick out like a sore thumb.

    I would add yet another scenario in that this technology can be exploited for multiple goals. I don't buy the claim that it's useless for identifying terrorists or foreign enemies. During the cold war, US intelligence succeeded because even highly trained agents made mistakes like re-using one-time pad keys, or letting information slip in plaintext. Most signal intelligence breaks come from having ears open for the inevetable mistake.
    posted by KirkJobSluder at 12:33 PM on January 11, 2006


    I had a high school teacher (of "American Government" oddly enough) who claimed in 1988 that the NSA had those capabilities. He probably heard it from someone who claimed the same thing in 1966. It still sounds paranoid but it's more plausible now anyway.

    He also told us all about Rasputin, about African dictators whose bodyguards were bikini-clad girls with gold-plated Uzi's, and about how he used to hang out with Jimmy Buffet.

    He was caught with a shitload of drugs in his trunk during the summer school session, and busted for drug trafficking. Coincidence? I think so.
    posted by Foosnark at 2:45 PM on January 11, 2006


    A basic premise of cryptographic design theory is that the message should be secure even if the enemy knows the methods, and has the same equipment used to encrypt the text.

    Ahh, yes, a theoretical cryptographer. Have you met Bruce and Niels?

    1) Note the statement I was arguing was "The above is indistinguishable from noise as far as that filter is concerned." In fact, no, a PGP cryptostream is *quite* distinguishable from noise.

    2) There is a very real reason that people working in espionage do NOT use public key cryptography. This reason should be apparent at a glance. If not, you do not understand all the ramifications of public key systems. In fact, agents in the field still use OTP, despite the real difficulities in maintaing such cryptosystems in the real world. They do so for at least three reasons.

    3) Read the story I posted about traffic analysis again. Note how the attack was correct made with *no* comprimise of the cryptosystem. Yes, the German Enigma system was comprimised by this time, as was the Tunny/Lorenz SZ40. But it took on the order of a day to recover plaintext.

    In the timeframe given -- about eight hours -- Enigma and Lorenz worked to theoretical perfection. Despite the fact that the Allies knew exactly how the cryptosystems worked, they couldn't recover the plaintext in that time. This helped protect HQ Panzergruppe West none -- in less than eight hours, they had been noticed, indentified, attacked and destroyed -- with not one bit of the encrypted traffic read en clair.

    Now. What is the point I was trying to convey? Perhaps it is "Only fools think cryptography is all they need to be secure."

    Or maybe there's more than that. Hint: Who do you think came up with the term "Rubber Hose Cryptanalysis?" Hint, part 2: This system of cryptanalysis is usless if you don't know who holds the keys.
    posted by eriko at 7:01 PM on January 11, 2006


    I doubt the content of the conversation matters at all. Shifting through conversations and attempting to analyze their content is really a dead-end. There are just so many problems, from the enormous waste of computational expense to, as odinsdream pointed out, a significant amount of false positives, that such a strategy would get you nowhere. There's much more value in just knowing who is talking to who, when, and how frequently the conversations happen. You determine most everything you need to know just known the contact data. Once that's been established and you're aware of the relationships and networks out there, then you can attempt to determine keywords and decrypt specific conversations and the like. I just don't buy the idea that every single conversation routed through US-based switches (and UK and Australia and perhaps other friendly countries) is being monitored, recorded, and analyzed in any meaningful way.
    posted by nixerman at 7:48 PM on January 11, 2006


    nixerman: true, that isn't happening, however, the problem is this: it can, and beyond that, there is no legal oversight.
    posted by Freen at 8:22 PM on January 11, 2006


    eriko: Most of your points seemed to be spot-on. It was only that single comment that seemed to be promoting the idea of security through obscurity.

    But I would point out that steganography and OTPs do not improve the situation much against traffic analysis and rubber hose cryptography or other social engineering attacks.
    posted by KirkJobSluder at 7:46 AM on January 12, 2006


    The Congressional Research Service and Constitutional Law Scholars Weigh in on President Bush's Authorization of Warrantless Surveillance
    posted by homunculus at 1:20 PM on January 12, 2006


    « Older INTERNET AS HYPER-LIBERALISM:...  |  Tour d' Afrique,... Newer »


    This thread has been archived and is closed to new comments