[Cryptography] Equation Group Multiple Malware Program, NSA Implicated

[John Gilmore]

This is a fascinating discussion.

> >> In contrast, I'd say we are somewhat ahead in protocol work.  That is, the push for eg CAESAR, QUIC, sponge construction, is coming from open community not from them.
> > Why would they push for new stuff out in the open world?
> 
> Maintenance of protocols is really hard, really expensive.  I know, I 
> manage a 100kloc code base with several hard crypto protocols in it, and 
> I'm drowning, perpetually.  Whatever we can do to get that into the open 
> source world, the better.

It seems, both from listening to Mr. Snowden's descriptions of the
work environment inside NSA, and from some of the documents that he
released through the press or that have been declassified since his
inspiration, that NSA's internal networks are generally not encrypted.
They seem to operate in the clear (except with link encryption when
they go outside secure facilities).

This to me is the height of foolishness, unless NSA finds itself unable
to develop crypto protocols any better than the open world.

NSA basically uses the same computers and the same operating systems
internally as what we see in the sane world.  They have nothing
better!  And since in the sane world, we can't get working end-to-end
encryption in a way that a large organization can sanely manage, they
don't seem to have it either.

NSA likes to project an image of importance and invulnerability, but I
am coming to believe that instead they are more like petty thieves,
like jays stealing pretty trinkets from the public for their
collection.  Thieves that are paid with tax dollars and receive
impunity for their misdeeds can do a lot of minor damage.  Thieves
that can covertly influence policies imposed by a government that has
run roughshod over all the fences that were designed 200 years ago to
keep it from becoming despotic are much more dangerous.  Weinberg's
Second Law, "If builders built buildings the way programmers write
programs, then the first woodpecker that came along would destroy
civilization," was more prescient than Weinberg realized.  NSA are the
first woodpeckers, and they are doing their best to destroy
civilization for their own benefit.  We now see plenty of other birds
noting the rich pickings and flocking together with NSA.  Their
ugly colors are more readily visible to us -- as destructive malware,
cyber thieves, organized crime, and cyber war against civilian
targets.

I find it ironic that my efforts toward scalable "opportunistic
encryption" protocols and implementations might eventually allow NSA
to encrypt their own internal network.  But it will be worth it if
we can also encrypt the large bulk of the sane world, helping to
protect the public against the birds that would be happy to eat the
seed corn of civilization -- fundamental rights of privacy and
personal autonomy.

It's particularly ironic since NSA has been actively working in
standards committees to defeat public efforts to standardize better
encryption, particularly end-to-end encryption.  The reason they can't
encrypt their own networks is because they have used their influence
and our tax dollars to deter the rest of us from doing so.  Not only
have they shot themselves in the foot -- we're ALL limping because
the thieves have taken over the asylum at NSA.

> > They *should* be pushing for it, because they *should* be putting more emphasis on defense of non-NSA systems.
> 
> Yes.  That is the huge mystery.  It's pretty clear the NSA is doing the 
> non-NSA mission huge damage.  Yet no movement on the priorities, just 
> blather about 'sharing' from Obama.  That's a mystery.

Back in the '90s during the First Crypto War, it took me a while but I
eventually figured out that in the organization of the US Government,
there was nobody below the level of the Vice President whose job it was
to figure out what the best crypto policy was for the whole society.

Every agency had the incentive to tug the crypto policy in whatever
direction would make that agency's job easier.  State Dept, Commerce
Dept, NSA, Justice Dept, euphemistic Dept. of War, all sat on the
internal secret committees and all pulled for their own convenience.
The policies that resulted varied, basically depending on which agency
had strong personalities pushing hardest at the time.  Not a one of
the agencies had an eye out for the *public* interest.  (Further, NSA
sees its interest as making it easier to steal and disrupt
information, rather than easier to secure information, even though it
theoretically has both missions.)

Eventually I realized that *I* was in a better position to figure out
a good crypto policy for the whole society, than anyone inside the
government.  Even when participants like NSA weren't telling the
whole story and were actively lying about the impacts of various
policies.  Because at least I didn't have a hidden agenda of making
my own job easier.

That made me feel better about putting serious effort into creating
crypto code and crypto policies that matched my intuitions about what
would be best for the public.  And explained why the government was
clueless and incompetent at doing so.

Even the National Academy of Sciences' CRISIS report, a supposedly
independent body who took input from everybody, ended up recommending
that the policy should push everyone to use DES (by making everything
stronger non-exportable), even though multiple academics starting with
Diffie in the '70s had broken DES by brute force in paper designs.  By
then EFF was (privately) well on its way to building the physical
machine that proved to the world that DES was useless and therefore
that the CRISIS report was fatally flawed.

And nobody except EFF and a few supporters cared that the export
controls on encryption violated the fundamental rights of freedom of
speech and academic freedom of inquiry.  For that argument, we got
zero support from government agencies (though the initial clue did
come from a little known publication of the DoJ Office of Legal
Counsel, DoJ and NSA opposed us every step of the way), no support
from Congress, no support from the White House, little support from
commercial companies, and not even much from academics.
Constitutional rights seemed to them a quaint anachronism, a speed
bump that had already been passed decades ago, useless in the
hurly-burly of the market and in the political compromise process.
But that was the argument that ultimately forced a policy change, via
the federal courts, because the export controls on software
publications were BLATANTLY unconstitutional, a quintessential
licensing regime for censoring protected speech.

But the thieves found a defense against that.  In the intervening
decades they have hobbled the federal courts via the "state secrets
doctrine" -- so now anytime you sue them over something that the
spooks are doing, they just throw the case out.  But how else could
the federal government defend indefinite imprisonment without trial,
torture, indiscriminate mass wiretapping, a prior restraint licensing
scheme for travel, and their other serious crimes infringing
fundamental personal rights that we haven't yet discovered?  If the
courts had remained honest, these crooks would be out of a job.  From
the agencies' point of view (again not seeking the best result for the
public), it's better to screw up the courts than to get caught at
destroying another few cornerstones of civilization.

	John