Original thread to follow: http://www.metzdowd.com/pipermail/cryptography
To: cryptography[at]metzdowd.com, gnu[at]toad.com
Date: Sat, 14 Sep 2013 20:37:07 -0700
From: John Gilmore <gnu[at]toad.com>
Subject: [Cryptography] A lot to learn from “Business Records FISA NSA Review”
This is one of the documents that an EFF Freedom of Information lawsuit asked for. The government had been claiming they could not release ANY FISA court orders or submissions. When the President ordered the intelligence community to declassify more info in order to present a fuller picture of the issues that Edward Snowden’s leaked documents raised, they went back through all the relevant documents and, last week, released hundreds of pages in a rough dozen documents, that they had initially claimed were exempt. I read this document the other night and learned a lot. I encourage y’all to read it — and other recently released documents.
These are not “leaked” documents from Mr. Snowden. These are officially released documents from the NSA and Department of Justice. While their choice of “what to release and what to black out” may have been self-serving, the documents themselves are real and official. They candidly describe a particular part of NSA’s internal operations that relate to the telephone metadata collected about on everyone in the US.
Their main goal in writing this document was to convince the FISA court (which had ordered them in 2009 to stop accessing the telephone metadata after NSA told the court that some of it had leaked outside the boundaries of the FISA court order) that they had their processes in hand and that the court should let them go back to accessing the
Their main goal in declassifying it is, I believe, to convince the public that they are being very diligent to the court’s orders and to the limits that the court places on them. And to detail all the internal restrictions, checks and balances that they go through while collecting, processing, accessing and releasing this telephone metadata. To show “the whole elephant”.
And to that extent, they succeeded, both with the court and with me.
(However, I think the secret court made a fundamental error in ruling that collecting info about everybody’s phone calls is “relevant” to any particular terrorism investigation. That assertion reminds me of John Yoo’s since-repudiated assertions from the early Bush days, like “it isn’t torture unless you really intend to cause great bodily injury” and “the President has inherent power to do anything he wants”. When you start from a severely false premise, you can go a long way into the wilderness before you notice your error.)
What NSA and DCI and DoJ also revealed, around the edges of this document, is a lot of small bits of information about how the NSA technical and managerial infrastructure works. Much of this is information that we “already knew”, or could have guessed based on already existing information, but some of it is not. This document supplies some context that help to fit the puzzle pieces together.
Things I learned there include:
* NSA’s internal infrastructure runs on Unix. (Linux is a branch of Unix.) Their analysts log in to Unix machines with logins and passwords, as we do, and they use the standard Unix/Linux file access controls (“user, group, and other” permissions).
* They use web servers and web browsers and HTML and URLs to deliver their data to their “customers” at the FBI, CIA, and NCTC.
* NSANET, their internal Internet, is not encrypted! (It is almost certainly protected by link encryption and fiber signal strength monitoring when it crosses from one place to another, but not inside their secured buildings.) It’s just a bunch of machines plugged into Ethernets, running standard protocols, like what all of our infrastructure uses.
* I’m guessing the reason NSANET isn’t encrypted is because they don’t seem to have any better encryption protocols for general use inside NSA than we do outside. E.g. they don’t seem to have automatic end-to-end encryption. So in order to be able to buy standard machines and plug them in and use them, they have to run their whole net unencrypted. (I think it’s funny that because my old effort to embed automatic Opportunistic Encryption in Linux and IPSEC failed, therefore NSA’s internal network isn’t encrypted. Like they couldn’t do it themselves!)
* They use a “PKI” (public key infrastructure) to control access to some databases inside NSANET. When they wanted to stop one part of NSA’s tech infrastructure from accessing the telephone metadata, hey removed the “certificate” that gave it access credentials.
In other words, when it comes to general purpose computing, they are running on almost exactly the same kind of infrastructure we are — nothing better. This makes sense, but I had expected that with billions of tax dollars every year they had made some improvements in the security, authenticity and integrity of their protocols and software. (But, I worked at Sun, which spent billions of dollars a year on engineering their hardware and software, and Sun’s machines weren’t much better than their competitors’ at security, authenticity or integrity either.) We in the outside world *invented* all of NSA’s infrastructure. They buy it from us, and are just “users” like most computer users. (Yes, they have programmers and they write code, but their code seems mostly applications, not lower level OS improvements or protocols. I’m not talking about the parts of NSA that find security holes in other peoples’ infrastructure, nor the malware writers.)
So go read the document anyway! Don’t believe what I tell you… draw your own conclusions.
Also it seems that:
* The vast majority of the information that they are squirting around inside NSA, searching and correlating, comes with no particular restrictions other than those that they impose internally (like not revealing things that disclose their sources and methods) and the general restrictions on releasing information about US persons. They got that data “legally”, or anyway, “fair and square”, by stealing it from signals in other countries, and they can do what they want with it. Having to deal with a judge who can put arbitrary restrictions on what they can do with a large database is a novel experience for them, and one that neither their personnel nor their infrastructure is properly set up to handle. That’s why they found that data was “leaking” from the telephone metadata database nine or ten ways that they hadn’t yet noticed until they did an end-to-end review. The leaks were mostly fairly minor, but if they hadn’t been forced to do the review, it’s clear that more and more of NSA would have just been treating the telephone metadata like any other piece of stolen data.
* Their “need to know” culture and the maze of classifications and code words often prevents the right hand from knowing what the left hand is doing. This is deliberate and is to help figure out who the insider threats (“moles”) are, based on who had access to what info before it leaked outside NSA. But the result is also that nobody is really in charge. There are too many details that don’t percolate up and down the chain of command, so stuff happens that isn’t supposed to happen. Like, the programmers who wrote the code for accessing the stored database of telephone metadata knew that it could only be accessed with a search term (“selector”) that met the court’s standard for “RAS” (“Reasonable Articulable Suspicion”), so they coded the software to check for that. But the separate programmers who wrote the code for IMPORTING new data into the database from the telcos, didn’t know that, so they wrote an “Alert list” (renamed “Activity Detection List” during the review) that would send a note to an analyst whenever new data came in for any selector on the list (e.g. when someone of interest to that analyst made a phone call). These selectors were not restricted to those that met the court’s standards, and indeed most of the selectors on the list did NOT meet the standard (it had 1,935 RAS approved selectors and 15,900 unapproved ones). This is not because they tried to get around the court — but because they were not in control of their own infrastructure, because of lack of internal sharing of relevant information. Free cultures really do outperform authoritarian ones!
This is all useful information. I recommend that folks also read other documents that came out of that FOIA case — there are about a dozen, all listed on the EFF web site here:
In that list, this one is called “June 25, 2009 — Implementation of the Foreign Intelligence Surveillance Court Authorized Business Records FISA”.
The cryptography mailing list