Friday, 6 September 2013

Privacy, Trust and the Network

It isn't hyperbole to say that the modern world is entirely dependent on the internet. It has suffused every part of day to day life, with complex digital ecosystems underpinning everything from communications to financial transactions.

Key to these systems is a belief that these systems are, in most cases, secure from outside monitoring or influence. Further trust is placed in the belief that if you want to make something secure you can. Extensive efforts were made in the 1990s to "ban" encryption (in whole or in part), and later the suggestion was made that all (US) electronic communications devices be fitted with a so called "Clipper Chip":
The Clipper Chip is a cryptographic device purportedly intended to protect private communications while at the same time permitting government agents to obtain the "keys" upon presentation of what has been vaguely characterized as "legal authorization." The "keys" are held by two government "escrow agents" and would enable the government to access the encrypted private communication. While Clipper would be used to encrypt voice transmissions, a similar chip known as Capstone would be used to encrypt data.
The underlying cryptographic algorithm, known as Skipjack, was developed by the National Security Agency (NSA), a super-secret military intelligence agency responsible for intercepting foreign government communications and breaking the codes that protect such transmissions. In 1987, Congress passed the Computer Security Act, a law intended to limit NSA's role in developing standards for the civilian communications system. In spite of that legislation, the agency has played a leading role in the Clipper initiative and other civilian security proposals, such as the Digital Signature Standard. NSA has classified the Skipjack algorithm on national security grounds, thus precluding independent evaluation of the system's strength.
The round of the conflict was won by privacy advocates, who understood the need to maintain private communications in the digital space, and now the ability to encode data is a major part of the internet's infrastructure.

Today marks the first time when I have looked at the Snowden "revelations" with anything other than casual interest. It bothers me not a jot that spy agencies are engaged in spying, thats what they do, and although agencies in both the UK and USA have gone further than they should have, their actions do not seem to have been illegal within the confines of the law. Civil servants will always push the boundaries of legislation to maximise their power and effectiveness, expecting otherwise is at best naive.

The New York Times, in its reveal of the latest information hits the nail on the head:
Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth.
The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.
The N.S.A. hacked into target computers to snare messages before they were encrypted. In some cases, companies say they were coerced by the government into handing over their master encryption keys or building in a back door. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.
“For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
Although it is possible to view this as "spies being spies" the issue goes far deeper. Breaking into encryption is very different to breaking encryption itself by producing flawed technologies to "help out" Governments.

Encryption which is fundamentally flawed is fundamentally broken, it doesn't do what is advertised. One of my favourite TV shows, Person of Interest, sums this issue up rather neatly:
" should remember any exploit is a total exploit. The tiniest crack becomes a flood. If we build the backdoor into this machine and someone else finds out about it, that would be…very bad."
It appears that huge swathes of security technologies now contain exploits, exploits which will in many cases have been identified by "bad actors". With so many hackers operating in collaboration with nation states it is impossible to imagine that many of the exploits so beloved by the NSA haven't made their way into the hands of foreign Governments and their employees. The "flood" of cybercrime in recent years suggests that the cracks are no longer tiny.

In reality this means that Athens Affair level hacks are likely to reoccur. For those not familiar:
The Greek wiretapping case of 2004-2005, also referred to as Greek Watergate, involved the illegal tapping of more than 100 mobile phones on the Vodafone Greece network belonging mostly to members of the Greek government and top-ranking civil servants. The taps began sometime near the beginning of August 2004 and were removed in March 2005 without discovering the identity of the perpetrators.
The phones tapped included those of the Prime Minister Kostas Karamanlis and members of his family, the Mayor of Athens, Dora Bakoyannis, most phones of the top officers at the Ministry of Defense, the Ministry of Foreign Affairs, the Ministry for Public Order, members of the ruling party, ranking members of the opposition Panhellenic Socialist Movement party (PASOK), the Hellenic Navy General Staff, the previous Minister of Defense and one phone of a locally hired Greek American employee of the American Embassy. Phones of Athens-based Arab businessmen were also tapped.
What is clear is that even measures previously deemed secure, and necessarily so, are not secure. Their insecurity is not based on the raw power of the NSA to decrypt after interception, which would be reasonable, if uncomfortable, but instead is based on fundamental flaws in the mechanisms of security themselves. This poses a huge challenge for the future
As the ACLU's Chris Soghoian put it today in a statement, "The encryption technologies that the NSA has exploited to enable its secret dragnet surveillance are the same technologies that protect our most sensitive information, including medical records, financial transactions, and commercial secrets. Even as the NSA demands more powers to invade our privacy in the name of cybersecurity, it is making the Internet less secure and exposing us to criminal hacking, foreign espionage, and unlawful surveillance. The NSA's efforts to secretly defeat encryption are recklessly shortsighted and will further erode not only the United States' reputation as a global champion of civil liberties and privacy but the economic competitiveness of its largest companies."
Or as the inimitable Bruce Schiener put it today
By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.
Trust in the existence of secure and private spaces online is a requirement of a healthy and useful internet. Are businesses going to trust a system subject to constant US, British, Chinese and Russian (to name but a few) monitoring? Of course not, and why should they? Do they have an alternative? Not for the time being, but those alternatives will arise. Tools like mesh networking, and new encryption concepts will emerge over time, but trust will be slow to return.

As with all policy and Government behaviours we should ask ourselves not "What is being done today" but "What could be done with this tomorrow". History demonstrates time and again that Governments cannot, and should not, be trusted with extreme powers, and there is little more extreme than the elimination of privacy for the citizen and the institution online.


No comments:

Post a Comment