Note - I give anyone and everyone my express permission to mirror or otherwise repost this article, anywhere in the world and for all time.
Dedication - To two wonderful friends I have abroad, each of whom has helped me greatly in his and her own way. My best wishes to both of you -- and keep safe!
IntroductionBack in the 1950's, the Egyptian
(
Read more... )
Lastly, I'm kind of surprised that someone who mistrusts the "Mainstream Media" as much as you do takes everything negative reported about the NSA at face value. Yes, individuals have abused their authority (and been punished for it), and it's likely some have done so and not been caught, but I daresay the ratio of intelligence analysts who have used a SIGINT system to listen to their girlfriend's phone calls is much, much lower than, say, the ratio of cops who have conducted an illegal search or D.A.s who have engaged in malicious prosecutions. Intelligence agencies, as you say, are run by humans, which is why U.S. intelligence agencies have a vast and cumbersome infrastructure of auditing and reporting systems. There are many, many watchers watching the watchmen.* This doesn't prevent abuses, but a dozen in ten years (most of them, if you read the news reports, being stupid and trivial, like a dumbass typing his ex's phone number in a query system to see what pops up) is hardly evidence of "widespread domestic spying."
Polygraphy, incidentally, is pseudoscience with no more validity than phrenology. Polygraphs don't detect "lies" or much of anything else. Jerry Springer and Maury Povich have done much damage with their theatrical and completely fictional portrayals of how polygraph machines work. Their only real effectiveness is in assisting an interrogator in "sweating" a subject who believes the polygraph can detect his reactions. So people who get caught under polygraph examination are caught not because the polygraph "detected" them lying about some specific thing they were asked about, but because they had a guilty conscience and broke under questioning.
* In the U.S. I laugh at all the people throwing hysterics about the NSA "invading their privacy" despite the extremely strict rules governing any U.S. agency's ability to so much as enter an American citizen's phone number into a database. Meanwhile, Google, Amazon, and Microsoft have no such restrictions, and let's not even talk about the FSB, the PLA, VEVAK, never mind our "friends" like France and Israel...
Reply
Actually, half the key is centrally-created and then spawned through random variation. The other half is your personal password. The thing is that if you crack the logic of the TPM chip itself -- any TPM chip -- you have a huge leg up on cracking any TPM password, because you can "deduce" (actually calculate using your own encryption equipment) the fundamental logic by which the firmware part of the key is generated. If you actually have the manufacturing records, you would have all the firmware keys and would then only need the private component to the passwords.
I'm neither knowledgeable enough about information theory or cryptography to figure out exactly how one would get from knowing the logic of a series of TPM chips in general to generating firmware password lists, but it should be possible with enough computing power allied with a quantum computing system (because quantum computing lets you look at very many possible solutions simultaneously). But if you had the manufacturing records, as the chip manufacturers would have and as the NSA would have given one court order or accepted threat, all you'd need to do would be to crack the private passwords, and that could be done through normal brute-force hacking techniques applied to lists of key numbers relating to the individual users (which could be obtained from government records).
What's more, once you hack into one machine on an intranet, one has a leg up on getting into any machine on an intranet (how much of a leg depends on the intranet protocol: in some cases that would be all that would be required).
The weakness is created because, to function normally, the TPM machines need to be able to query each other regarding their internal states. That means that you would start hacking with a lot of information about the target computer.
This is supposed to be impossible because the user can't completely control his own TPM chip, but as has been demonstrated, one can crack one's own TPM chip, and once this is fully cracked it can be used to help crack other TPM chips.
Reply
This hasn't BEEN reported in the MSM, and I know for sure that it is being censored on a lot of the Internet (particularly those parts run by companies with investments in TPM) as well. (If certain people would like to publicize their relevant experiences here, I'd appreciate it, but I won't talk about it myself).
And no, I mostly like, respect and admire the NSA. It's just that this technology offers such potential for abuse that I wouldn't feel safe unless the Lensman of E. E. "Doc" Smith's Galactic Patrol were running it.
There are many, many watchers watching the watchmen.
Right now, the ultimate "watcher" (the President of the United States of America) is demonstrably an arrogant and corrupt man who acts out of a deep disrespect for the US Constitution. But since one cannot guarantee that any particlar President will be competent or lawful (though admittedly, Obama's among the worst in this regard), it's obvious that the Executive cannot be trusted with this much power in general.
Polygraphy, incidentally, is pseudoscience with no more validity than phrenology.
This is untrue.
Polygraphs don't detect "lies" ...
True.
...or much of anything else.
Untrue. What they detect is metabolic stress. Most people suffer metabolic stress when they lie. The reason why polygraphs are unreliable is because a person can be metabolically stressed for reasons unrelated to lying, and some people can lie without metabolic stress.
I laugh at all the people throwing hysterics about the NSA "invading their privacy" despite the extremely strict rules governing any U.S. agency's ability to so much as enter an American citizen's phone number into a database.
Ah. And if these agencies break these rules at the behest of a US President who has a corrupt Attorney General (the case right now with Obama and Holder), who exactly enforces these rules upon them?
Reply
The TPM is a potential vulnerability, but you seem to have missed my point that it's no different from any other potential vulnerability that arises from large number of machines having the same chips and/or software running on them (e.g., Windows). And that this is not some new thing that was cooked up in 2011 to suddenly be thrust upon the entire world, as your article implies; the technology has been around, and in use, for over ten years.
Polygraphy: Yes, it detects stress. Or other biological reactions. Its accuracy rate is very low. Have you ever seen the episode of The Wire (also seen in Homicide) where the cops get a kid to confess to a crime by convincing him that a photocopier is a lie detector? That's about what a real polygraph machine is good for.
As for the NSA breaking rules because the President tells them to: no doubt every government agency has people who will "just follow orders," but if the President started ordering the entire Intelligence Community to ignore the Constitution, you would hear about it. Your scenario is akin to "What if the President ordered the National Guard to start mowing down protesters demonstrating against him?"
If we ever get to the dystopian police state you think Obama wants, then yes, we're screwed, but you can be sure that in the event that happens, the Internet would be a no-go anyway.
Moreover, my point was not that the NSA doesn't need to be watched and even feared, but that particularly all the non-U.S. citizens throwing conniptions because their metadata might have been collected in a databases somewhere (and I wish people would actually familiarize themselves with what "metadata" means - it does not mean "the NSA is reading your email") seem completely oblivious to the fact that Russia, China, Iran, and other countries (including their own) are very likely doing similar things, with a lot less oversight or accountability.
Reply
It's not "magical", but it does "allow brute-forcing" previously "unbreakable encryption keys." The reason why is that it acts as a multiplier to processing power of a system's capability. (The trade-off is that the system becomes more delicate, as it can crash by prematurely collapsing its state).
This of course does not make the system infinitely capable. But it does allow the system to do things a conventional system could not. When quantum computing was developed, a whole bunch of cryptographic systems which had previously been deemed mathematically "unbreakable" became "breakable."
One time pads are still unbreakable, but that's a system unavailable for the purposes of most users, and completely unavailable to TPM-based systems because they need to be able to access each other remotely and unpredictably in order to perform their distributed security function.
Furthermore, it's not an issue of brute force or subtler techniques, it's an issue of brute force and subtler techniques. Quantum computing allows the application of more brute force to existing subtler techniques.
The TPM is a potential vulnerability, but you seem to have missed my point that it's no different from any other potential vulnerability that arises from large number of machines having the same chips and/or software running on them (e.g., Windows).
Actually, it is different, and here's the difference: TPM requires that you let strange systems have at least limited access to your own computer, because without such access the distributed security system doesn't work. This offers a potential back door into your system, which can be opened wide enough to let an intruder completely in if he has cracked his own TPM chip (automatic for those with access to the manufacturers' information and proven possible even for those without) and he can guess your half of the password. Normally this last part would be the deal-killer, but the combination of user stupidity (half of all users choose dangerously-easy passwords) and the alliance of sophisticated techniques with repeated brute-force attacks open the backdoors into many systems for attackers with the resources of Powers or major Organizations backing them. And what's worse, if the user is on an intranet, this may open up the whole intranet to the attacker.
Note that I said "intranet," not "internet." An "intranet" is a local network. The "internet" is the global network. Intranets can be (and usually are) attached to the Internet. Examples of intranets are the arrangements of computers found in most business office suites, or in the home of someone with multiple computers and the desire to create one.
And that this is not some new thing that was cooked up in 2011 to suddenly be thrust upon the entire world, as your article implies; the technology has been around, and in use, for over ten years.
The "new thing" is that in later implementations of TPM the distributed security feature becomes mandatory: there is no designed way to turn off remote access to one's own computer. (This doesn't mean that it's not theoretically possible to do so, it just means that it requires actually cracking the system).
Reply
The difference is that massacring protesters must be done overtly, while selected and targeted copying, deletion or editing of dissidents' files could be done covertly. This makes such cyber-strikes much more attractive and deniable to an overweening President.
Moreover, my point was not that the NSA doesn't need to be watched and even feared, but that particularly all the non-U.S. citizens throwing conniptions because their metadata might have been collected in a databases somewhere (and I wish people would actually familiarize themselves with what "metadata" means - it does not mean "the NSA is reading your email") seem completely oblivious to the fact that Russia, China, Iran, and other countries (including their own) are very likely doing similar things, with a lot less oversight or accountability.
Did you actually read my whole article? One of the sections under "threats" discusses exactly this scenario, and it argues that TPM makes us much more vulnerable to such foreign cyber-attacks, while lulling us into a false sense of security against them. I directly analogized it to the way in which the Axis was vulnerable to codebreaking in World War II!
Reply
Er, no, it became theoretically possible to break them in a much shorter period of time using quantum parallelism. Quantum computers would effectively represent a quantum (heh) leap in processing power. Now, it's been a while since I was current in that particular area, but to my knowledge, a practical quantum computer that can break modern encryption has yet to be developed and most experts are skeptical that we are ever going to see an end to modern encryption as some of the more fanciful claims about the capabilities of quantum computing have predicted.
Experiments in quantum physics have theoretically communicated information bits faster than light, but we're no closer to building an Ansible.
I appreciate you explaining to me what an intranet is /sarcasm, but the "insider threat" problem is also not a new one, nor the problem of weak and insecurely communicated passwords.
I am not saying your concerns about the TPM representing a point of vulnerability are invalid. I'm saying (a) there are countermeasures, and the vulnerability, even if exploited, is very unlikely to allow a threat on the "doomsday" scale you are proposing, and (b) there already exist vulnerabilities that are much easier to exploit. How much do you trust your operating system? How do you know your OS doesn't have a backdoor built into it? Or an exploit? Yes, you have more choice over OSes than you do with hardware, but the vast majority of the world runs on a very small set of OSes and enterprise software, which is being cracked all the time.
My point about foreign outrage over U.S. surveillance was somewhat of a tangent (the French and the Germans are shocked, shocked!, that there is gambling going on in the casino *rolleyes*), but the way in which Axis codes were broken is far more analogous to my scenario (vulnerability in a common Operating System, or in the Germans' case, the Enigma machine) than yours (in which the closest analogy would be discovering that every radio used by the Axis had a switch that could be made to secretly transmit all their signals in the clear).
As for the President ordering the NSA to conduct surveillance and espionage against his domestic enemies, I do wonder just how you envision that working. Neither the President nor the Attorney General have the legal authority to order the Director of the NSA to do things that are explicitly spelled out as unconstitutional. For him to do what you are suggesting on any kind of scale would require a deeply corrupt government all the way down to the rank-and-file, in which case, again, we're all screwed anyway. Is it possible that some kind of shadow cabinet could be running black ops, with the complicity of a few high-ranking officials (in this scenario, you'd certainly have to include either the DIRNSA or some very highly-placed subordinates who are acting without the DIRNSA's knowledge). Yes, but the probability of this going on without being exposed eventually is very low. See: the Church Committee.
To be clear, I am all for transparency (which is a difficult thing to balance with legitimate national security concerns) and very stringent safeguards and oversight. But my point is that you seem to think that an Evil President can simply order any government agency to do whatever he likes. For someone prone to lecturing on how the Constitution works, I find this a strangely uninformed position for you to take.
Reply
(For those who are maybe a little less familiar with quantum computing: So, one of the big ways that modern security - RSA, let's say - works is by relying on certain properties of very large prime numbers. It turns out to be very time-consuming to factor a product of two extremely large primes; without doing this factoring, it is difficult/impossible to break the relevant encryptions.
With a sufficiently large quantum computer, though, it's possible to check all possible factorings simultaneously. Don't think of this as the computer being just "faster," or even "orders of magnitude faster": think of this as taking something that formerly took anywhere from a second to a few thousand years and making it always take a flat few seconds.
The reason we can still use things like RSA, then, is that there are - to our knowledge - no quantum computers large enough to allow this kind of work to be done on the kinds of very big primes currently in use. If that stops being true - if quantum computers of appropriate size are developed - everything changes, cryptographically-speaking.)
Reply
Well yeah -- that's what I meant by "orders of magnitude faster." An order of magnitude is a factor of 10 -- if something would normally take a millennium and now takes a second, it is roughly 10 orders of magnitude faster, as a millennium is some 30 trillion seconds long.
I think the limitation on quantum computing is resolution of the results -- you have to arrange the circuit very delicately to avoid premature collapse of the wave function and past a certain point of complexity your detection equipment wouldn't be able to figure out what the wave was doing fast enough to be of any use. Wouldn't the ultimate limit on performance here be the Heisenberg one itself, such that sufficiently complex problems would require absurdly large quantum computers?
Reply
Right, but it's not so much about the fact that the time is different as it is that the growth of the time is different - we move from time that's super-polynomial on the length of the product to time that's something like linear on the length of the product. That's a bigger deal, from an algorithmic point of view, than even a very large constant-factor speed-up.
Wouldn't the ultimate limit on performance here be the Heisenberg one itself, such that sufficiently complex problems would require absurdly large quantum computers?
*shrugs* Really depends on how far you're willing to push "ultimate," I guess. Quantum computing at a reasonable scale - let's say the storage capabilities of the traditional computers of a few decades ago - would smash anything remotely like current RSA, I think.
Reply
Oh, it's not that everyone at the NSA (or CIA, or FBI, or whatever alphabet-soup agency is under discussion) is utterly ruthless and disloyal to the Constitution. It's that all the President (who remember, as the ultimate boss of all these agencies has a lot with which to offer or threaten the ambitious or weak-willed) needs to do is find a few corruptible minions to do his bidding and oppress his personal enemies.
Remember, by the nature of things an intelligence agency such as the NSA works under compartmentalized security (exactly what the TMP chip lacks). So if (say) Project Nineveh and Tyre, composed of three guys whose job it is (for argument's sake) to frame dissidents for child pornography and tax evasion, is massively violating the Constitution, there's no reason why other parts of the NSA necessarily know what they're doing. The vast majority of NSA agents could be honest defenders of the Republic, while a few villains were dong the tyrant's bidding.
Reply
Leave a comment