Death and the NSA: A Q&A With Bruce Schneier

Daniel_Stuckey writes "Since Edward Snowden's disclosures about widespread NSA surveillance, Americans and people everywhere have been presented with a digital variation on an old analog threat: the erosion of freedoms and privacy in exchange, presumably, for safety and security. Bruce Schneier knows the debate well. He's an expert in cryptography and he wrote the book on computer security; Applied Cryptography is one of the field's basic resources, 'the book the NSA never wanted to be published,' raved Wired in 1994. He knows the evidence well too: lately he's been helping the Guardian and the journalist Glenn Greenwald review the documents they have gathered from Snowden, in order to help explain some of the agency's top secret and highly complex spying programs. To do that, Schneier has taken his careful digital privacy regime to a new level, relying on a laptop with an encrypted hard drive that he never connects to the internet. That couldn't prevent a pilfered laptop during, say, a 'black bag operation,' of course. 'I know that if some government really wanted to get my data, there'd be little I could do to stop them,' he says."

I thought

[Runaway1956]

Security is a process, not a product. For instance, one cannot purchase some product that guarantees your online security, then babble endlessly on Facebook about your every bowel movement while expecting to be "secure". McCafee may promise that online stalkers can't track you, but your posts to Facebook informs that stalker where he can find you every afternoon at 1:30. Don't be surprised when he kicks the bathroom stall open, and has his way with you.

Re:obligatory quote

[Ghaoth]

If one truly believes that the laptop will be stolen and the contents of the drive must never be revealed, then don't store the contents on the drive. Decoys, deception and hiding things in plain sight are paramount to paranoia. Yes, sometimes they are out to get you. Or place a small explosive charge within the drive itself that will be triggered unless an authorised command is sent. (yes, it can be done).

Re:Cold warriors

[gl4ss]

classic infiltration? the kind of where the "intelligence" agency recruits some people to do something and then they bust them for being recruited to do something?

Re:I thought

[steelfood]

Problem exists between keyboard and chair. Every security professional knows this. The math is an upper bound of security. What sits between keyboard and chair is the lower bound.

The real question is how to solve this problem. My traditional answer is education, but that's been actively attacked for the past 100 years. Fear does the same in 6 months what education does in 50 years. How do you make people fear for their loss of privacy enough that they will lash out against it? That's the million-(billion-?)dollar question freedom advocates have to answer.

Re:obligatory quote

[phantomfive]

I think you're missing that this is what Schneier is talking about [xkcd.com].

false flag?

[rogoshen1]

The snowden leaks almost seem like a false flag type situation. the scary NSA/CIA/FBI are snooping on you, queue the outrage! Meanwhile every single fucking corporation in the USA is doing the same, with far less oversight, and far spookier goals. (Sure a government agency should be expected to come along and strong-arm entities such as google and facebook (though who am I kidding? they're basically partners.) so either way they get the data..). How is it not commented on, that short of a few very specific use cases, 'big data' is basically the solution to personal privacy?

GIve it 10 years and you'll have your health and life insurance companies discussing your shopping habits with your grocery store, your car insurance company with it's lojack device in your car (or failing that, your smartphones GPS data), and 100% of your web-usage habits tracked and correlated to YOU. It's 12:30 am and maybe it's the wine, but as melodramatic as this sounds, we're a society marching into our own yokes -- all for the sake of convenience and saving 10 cents on a pack of toilet paper.

Basically the score is this: the security/privacy/sanity focused crowd is up in arms over the NSA, which represents about 1% of the population, half of whom bleat about privacy while still using the services that enable the NSA/FBI/Whoever. 99.5% of the population is either not using these services, or is indifferent (in actions, though perhaps not in words.).

... in the Land of the Free...

[ImOuttaHere]

So... America as an open, strong democracy that liberates people to express their highest ideals, to be allowed live their lives as they see fit, and is a force of good around the world is... what?... a lie?

There seems to be quite a gap between what people believe about America and reality. Maybe somewhat enlightened people in the US are coming to understand reality, but, no matter how many people have awoken, this is not the America I thought I grew up in. The citizens of that formerly great country remain too complacent for any true, lasting change to take place.

"Land of the Free?" I think not. "We're number One?" Only in per capita incarceration rates and military spending. "Hey, look! It's a Wookie!!" Ya, right. Go back to sleep.

To me it's a mark of reality to understand we absolutely need people like Snowden, Manning, and Assange, as well as writers like Hersch, Greenwald, and Schneier.

Re:Cold warriors

[gweihir]

What terrorism? You mean the semi-cretins that needed massive help from the FBI?

"Terrorism" is not a relevant threat today.

They already have his data

[aaaaaaargh!]

Or do you think they have spared Schneier from being forced to hand out Snowden's data, while they have destroyed Lavabit just to get to his emails? C'mon people, this is ridiculous! Of course he had to give it to them!

On a side note, I wouldn't be surprised if he had been somehow prevented (presumably in some 'legal' way) from re-editing and updating Applied Cryptography after the 2nd edition. At least in this case it's fairly hard to see any other reason why the best selling and most popular book on cryptography shouldn't have been modernized.

So then,

[Runaway1956]

which organism in nature has developed an unassailable position, from which it cannot be dislodged?

The word "secure" implies that "I'm safe, and I don't need to worry about stuff". And, that is the attitude that most internet users seem to develop. Install some magical suite of software from a "reputable" vendor, and you are home free.

In fact, all organisms in nature are in constant battle with their environment. The hawk will starve if he doesn't eat, and the rabbit is dinner if he doesn't stay alert. The flowers in the garden are fighting for their own survival, warding off parasites, while luring pollinators, all the while maintaining their positions in the sun.

There is no "security" in nature - none.

Re:I thought

[geekmux]

Problem exists between keyboard and chair. Every security professional knows this. The math is an upper bound of security. What sits between keyboard and chair is the lower bound.

The real question is how to solve this problem.

That's a strong assumption that the upper bound is the math. We haven't seen the rest of Snowden's documents.

We used to think that monitoring 300 million Americans at once was a mathematically impossible (or at least highly improbable) task. We were proven wrong.

And as we've seen even parodied in cartoon, a pipe wrench can beat the shit out of most crypto. Literally. Physical security is always the first line of defense.

Re:I thought

[weilawei]

True, but if you stop actively participating in social media, you may find that most of your "friends" forget you ever existed.

Re:false flag?

[geekmux]

The snowden leaks almost seem like a false flag type situation. the scary NSA/CIA/FBI are snooping on you, queue the outrage! Meanwhile every single fucking corporation in the USA is doing the same, with far less oversight, and far spookier goals.

The CIA is authorized to eliminate threats, foreign or domestic. In 10 years time, that might simply be accomplished via a mouse click to send the signal to an armed drone. Speaking of false flag, let's hope the threat algorithms are not automated and tied to that drone army.

Whatever Google/Facebook/Yahoo/Microsoft wants to do with my data, I highly doubt it could get much spookier than that.

You may remove your rose-colored glasses now. And put the Constitution and Bill of Rights away. Those are nothing more than art exhibits.

Re:obligatory quote

[Nerdfest]

Many of us don't even care that much about the actual data, but are trying to secure our *right* to privacy.

WTF ?!

[Taco Cowboy]

America is a lot more free than many countries, arguably less free than a few others, and certainly falls short of the (unattainable) ideal many citizens believe it to be.

It's exactly this kind of mindset that is KILLING THE UNITED STATES OF AMERICA

Unattainable ideal ?

You gave up even before you started the journey ?!

Re:I thought

[drinkypoo]

The real question is how to solve this problem. My traditional answer is education, but that's been actively attacked for the past 100 years.

The answer is engagement. You must actively engage. Part of that is proselytization. Nobody wants to be the marketing dick (except the dicks who are selling us shit we don't need, mostly) but we all need to get other people to engage, too. Right after we get off our own arses.

Actually, no.

[Anonymous Coward]

Americans and people everywhere have been presented with a digital variation on an old analog threat: the erosion of freedoms and privacy in exchange, presumably, for safety and security

Mostly the rest of the world has been presented with the erosion of freedoms and privacy in exchange for Americans presumably having better safety and security, but with nothing in return.

Somehow the expectation is that everyone else in the world give up our freedom and privacy in order to benefit the Americans.

And, really, none of us were asked if we think that's fair, and many of us are past the point of accepting what makes Americans more secure if it means that we have lost some of our rights.

If the choice is between me keeping my freedom and privacy and Americans having security, quite frankly, I'd rather keep my rights intact. I'm not sacrificing myself for you, because you wouldn't do the same for me.

So fuck that. I didn't sign up for it. America might think that's an equitable arrangement, but it isn't.

Wrong scale.

[DrYak]

We used to think that monitoring 300 million Americans at once was a mathematically impossible (or at least highly improbable) task. We were proven wrong.

It's not impossible. It was considered to cumbersome, because it would require too much ressource. (i.e.: it was considered practically impossible. It is feasible, but we though that it wouldn't be worth the effort and nobody would try the hassle).
But the NSA came and showed they *are* really ready to throw the vast amount of ressource. They were the people ready to go through all the practical hurdles.

What is currently considered mathematically and physically impossible is breaking most of the current secure algorithms:
- Brute forcing can't be done. At all. Not as in "it requires a too big computer" [as was back the case in WW2 regarding Enigma. Enigma was practically not breakable, but the Allie were ready to throw the ressources at building even bigger computers to brute-force it]. But as is "the computer required for can't physically exist" - the range to brute force (the "bits of security" concept) is so vast that you'll reach the heat-death of the universe before ending-up finding a solution. Brute-forcing doesn't work, at least not with current mathematics in the current universe.
- The only way out is either exotic new forms of computing that work on different physical principles (the well known hypothetical "quantum computer" example)
- Or finding a flaw in the maths behind an algorithm that vastly reduces the range to brute-force (as in: you don't need to scan the whole range, you can deduce more likely candidate and only test them. Small scale example: a "ceasar substitution cypher" has 25 possible rotation of the alphabet. Brute force would require testing all 25 of them (and as its only 26, its doable). But a simple statistic test gives out 1 or maybe 2 most likely rotation to test)

As a side note, Bitcoin and Altcoin are a very interesting test-case on modern crypto: They all relly on modern cryptography for their inner working
- ECDSA for all transaction signing on all protocols
- SHA256 for block validation on Bitcoin (and co)
- Scrypt for block validation on Litecoin (and co)
- large prime factoring for block validation on Primecoin (and co)
- all SHA-3 candidate on Quark, Yacoin (and co)
- etc.
Given the huge money at stake, there would be a big pressure to actually break the algorithms, and if there were flaws, someone would be bound to break them and laughs his/her way to the bank, why everybody else complains about stolen wallets.
But that hasn't happened yet.
The only thing that happened is people building even bigger and more absurde machine to do regular bruteforcing (as part of the normal block-validation procedure). And a few heist happening due to actual implementation bugs (DSA requires cryptographically-good random numbers).

The NSA can't break this. They usually proceed differently:
- bribe/inflitrate their way into bogus SSL certificates/stolen root private keys
- count on- or even intentionnally plant- implementation bugs (See the various random-generator stories)
- count on- or even intentionnally plant- backdoors (See spying through Google, Yahoo, Microsoft, and co).
- publish bogus/asinine/or booby trapped standards.
The perfect security of maths isn't a guarantee by itself if anything else in the system is broken.