Encryption, NSA, and terrorism

I find it odd that you would pooh-pooh Bamford's seminal, detailed, impeccably sourced books on the NSA in favor of a vague gee-whiz National Geographic documentary.

There's a difference between "can be" declassified and is already declassified. There is (or was) an automatic declassification rule in place via executive order, but it had plenty of loopholes and cryptological records of the NSA was one of them. There are also administrative and (if you're stubborn, have the time and the financial resources) legal avenues for challenging classification decisions. Sometimes portions of "declassified" documents that are still redacted (classified, and released only as black spaces in text) can be released on appeal. The very lack of resources assigned to declassification review means often that declassification won't occur until someone makes a valid FOIA request and/or challenges a classification decision. That in turn means you have to have an idea of what you're looking for as well as the technical sophistication to frame the request in a way that is likely to elicit a useful response.

It is my understanding he had some special courier standing so what he was carrying was not to be question normally.

BillRM wrote:

"I find it amusing that such a program had been claimed to be able to interfere with governments reading it messages. One hell of a self service bit of misinformation being put out by governments it would seems."

Here's an interesting article, about a year old, based on leaked (not declassified)documents:

http://m.spiegel.de/international/germany/a-1010361.html

There are a couple dozen imbedded links to photocopies of the original documents included.

Personally, I have to wonder if some of the "newly released" stuff isn't part of a disinformation campaign designed to encourage the use of cracked cipher techniques, but that's just my speculation.

My understanding is that Ames got drunk as a coot, swept piles of super-secret documents off his desk into shopping bags, and waltzed out the door of CIA HQ.

Regardless of Ames's status, access to paper documents that are classified Top Secret and are on a Special Access Program restricted distribution list should only be made available in a dedicated high-security reading room under the watchful supervision of an in-person monitor. The exception would be documents requested for high-level meetings, which should be delivered by two custodians who can keep an eye on each other, which are given to the presiding officer after the meeting has been convened, signed for, and collected before the meeting is ended.

Access to virtual documents should be similarly restricted, with a cyber-audit to keep track.

No less than once a week, security officers should review the audit record to determine how many documents have been accessed, by whom, and under what circumstances. Patterns of abuse would be much clearer.

Of course, this would inconvenience those who prefer an easier and more informal procedure.

You find Bamford useful, great. The documentary only provides the most open examination of the NSA I have ever seen. I don't think it was a gee-whiz extravaganza, it only explains or outlines the mission and some of the orgs set in place.

If you think the intelligence agencies will ever be a complete open book, you will be disappointed. Try imagining calling your State Police Barracks and telling them you would like to interview the detectives involved in undercover work. There is a really good reason why they won't give you access, actually 2, undercover work is not effective if you know who the undercover detectives are and 2) if everybody knows what the target is, how do you get an advantage?

I'm not trying to discourage you, I'm just saying I have a different take on DOD. You are free to see Bamford as an intelligence wizard, I can only tell you that both my husband and I spent our entire careers at NSA, and we still can't share old target information with each other. Keep in mind, one person's career won't expose you to every discipline, but when outsiders venture guesses on the scope of your target, it's not likely the analyst will be blown away on the accuracy of the outsiders guesses.

I never said that the NSA was an open book or anything close to it. I never said that Bamford is an infallible wizard. Bamford is unquestionably well informed for an outsider, and his books are valuable precisely because they aren't based on guesswork but rather primary source documents and interviews of participants. Again, he is primarily a historian of the NSA, by necessity, since most of its current affairs are deeply under wraps. It's no less useful for that, and it does lend itself to extrapolation. There is some more recent material but it is clearly qualified by the author as uncertain, where warranted.

A television documentary is by its very nature low information density. An hour long program has a short transcript.

You claim Bamford could get little personal access to the NSA (though his forwards do thank high level officials such as the director for assistance). Yet you talk about the "open" access of a television documentary as if its producers would be shown and told anything that the NSA wasn't comfortable in disclosing.

Perhaps you have a problem with Bamford's disclosure of NSA dirty laundry.

Interesting Link but I question the claims that they can do massive breaking of SSL connections still we should move to Perfect Forward Secrecy instead of using the server public key just in case.

On reading more from your link I ran into it calling AES an electronic codebook and no one would dream of using AES or any other chain cipher for that matter in code book mode.

Why would experts call a block chain cipher an electronic codebook where the word codebook refer to the weaken possible mode of use for such ciphers?

They was a fairly open book as far as Snowden was concern. Talk about lack of security.