(Sorry to top post - I want to cherry pick one point). >> What is a game changer is the relationship between the NSA and the other >> USA civilian agencies. The breach of the civil/military line is the one >> thing that has sent the fear level rocketing sky high, Information sharing among agencies such as the FBI and CIA was written into the original NSA charter back in the 1950s. In fact, some would argue the failure to abide by the charter with respect to information sharing contributed to 9/11.
>From the charter (http://w2.eff.org/Privacy/Key_escrow/Clipper/nsa.charter): b. The Board shall be composed of the following members: (1) The Director of Central Intelligence, who shall be the Chairman of the Board. (2) A representative of the Secretary of State. (3) A representative of the Secretary of Defense (4) A representative of the Director of the Federal Bureau of Investigation. (5) The Director of the National Security Agency. (6) A representative of the Department of the Army. (7) A representative of the Department of the Navy. (8) A representative of the Department of the Air Force. (9) A representative of the Central Intelligence Agency. Jeff On Tue, Jan 7, 2014 at 10:24 AM, Adam Back <a...@cypherspace.org> wrote: > This is indeed an interesting and scary question: > > On Sun, Jan 05, 2014 at 08:31:42PM +0300, ianG wrote: >> >> What is a game changer is the relationship between the NSA and the other >> USA civilian agencies. The breach of the civil/military line is the one >> thing that has sent the fear level rocketing sky high, as there is a >> widespread suspicion that the civil agencies cannot be trusted to keep their >> fingers out of the pie. AKA systemic corruption. If allied to national >> sigint capabilities, we're in a world of pain. >> >> Question: Is there anything that can put some meat&metrics on how >> developed and advanced this relationship is, how far the poison has spread? >> How afraid should people in America be? > > > maybe the most interesting and portenteous shift in power towards > Orwellianism and totalitarianism in a century, as it affects the > effectiveness of rule of law, and already weak separation of politics from > law enforcement and justice system in the (current though slipping) > super-power with unfortunate aspirations of extra-territorialism and > international bullying. We're still a few decades from the cross over of > financial dominance to Asia and BRICs, and most of those places are probably > worse than the US by aspiration if thats possible, though less internet > spying budget and capability. Unless something shapes up towards democracy > in the super-power competitors we're in for a dismal century seemingly. > > That the NSA, and now seemingly FBI, see this I think maybe this FBI mission > creep suggests the national security / law enforcement separation is > slipping badly: > > http://news.slashdot.org/story/14/01/07/0015255/fbi-edits-mission-statement-removes-law-enforcement-as-primary-purpose > > | "Following the 9/11 attacks, the FBI picked up scores of new > | responsibilities related to terrorism and counterintelligence while > | maintaining a finite amount of resources. What's not in question is that > | government agencies tend to benefit in numerous ways when considered > | critical to national security as opposed to law enforcement. 'If you tie > | yourself to national security, you get funding and you get exemptions on > | disclosure cases,' said McClanahan. 'You get all the wonderful arguments > | about how if you don't get your way, buildings will blow up and the > | country will be less safe.'" > > so if even the FBI are getting their nose into the tent of unfetter access > to historical data on everyone, plus informal channels and "tip-offs" on > dirt on politically unpopular pepople - eg say effective security > researchers like Applebaum, or effective journalists like Greenwald. (No > "foreigners" dont feel very comforted, and the explict acknowledgment of > tip-offs, and inforation channels to US domestic and international law > enforcement, basically puts the entire planet at risk of politicaly > motivated interference.) > > With retroactive search of your entire lifes electronic foot print including > every "encrypted" IM, skype voip channel, contacts, emails, attorney client > privileged and not, with no warrant or evidence presented to a judge for > subpoena, the Orwell 2.0 system can probably fabricate or concoct trouble > for 99% of the adult population of the planet. George Orwell 30 years late. > > We're pretty close to fucked as a civilization unless something pretty > radical shifts in the political thinking and authorizations. And > realistically it not even clear the NSA can politically be controlled > anymore by the political system. Its very hard to influence something with > that much skull-duggery built into its DNA, that many 10s of billions in > outsourced defense contractor lobbying power, that much inertia and will to > survive as an org, with military PSYOPs to turn on its own populace and > political system, and black bag covert ops ties to dirty tricks in CIA, and > judicial and law virtual immunity. They probably realistically went full > speed ahead since the 11 Sep 2001, if not earlier on such things, and the > scrapping. TIA wiki > http://en.wikipedia.org/wiki/Total_Information_Awareness > > | Although the program was formally suspended [as of late 2003], its data > | mining software was later adopted by other government agencies, with only > | superficial changes being made. > > Probably even before since we nominally won the export regulation debacle > and democractic countries were forced to admit it was inconsistent with > their self-perception as open democratic countries, to be controlling and > banning encryption software. The 21st century equivalent of book burning. > > Can we rectify this with the cypherpunks write code? Maybe as Schneier said > in a discussion on this topic with Eben Moglen (at Moglen's respective > university) maybe we can make it more expensive by deploying more crypto > that is end to end secure, secure by default. ie more TOFU, more cert > pinning, more certificate transparency distributed cert validation. Even > the cert valiation maybe behind the game, perhaps NSA really do already have > a lot of actual SSL private keys via hardware, software hacking and > backdoors with manufacturer complicity or not, as well as just demanding > them with NSL orders, gag orders as Lavabit showed finally with evidence. I > wonder what proportion of SSL certs worldwide the five eyes/Orwell 2.0 > shadow orwell 2.0 government have copies of? > _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
