39 comments

[ 0.17 ms ] story [ 1514 ms ] thread
Would the NSA prefer to have these dumps be vaguely attributed to an insider?

I wonder if they would because any mistake in handling data calls into question their competence which calls into question their ability to keep that big database safe. The one with all our call records, etc.

There are plenty of reasons they might.

The (mainstream) Snowden narrative was one of disgruntled employees and treason. The contents of the leak drove some muttering about NSA regulation, but the nature of the leak didn't. It just led to a lot of calls for "internal whistleblowing", which has been repeatedly proved useless.

Enemy action, by contrast, doesn't support a focus on the attacker. Nobody expects Russia to play nice, and nobody can realistically suggest 'discouraging' state powers from hacking and leaking. The tools will be misused (from a US government viewpoint) since the new owner has US-unaligned goals. The only barrier left is security, which appears to have failed.

If insiders leak details, then it's just a conversation about what the NSA does with its tools. If foreign powers get those details, then the "reveal and patch" crowd is bolstered by the knowledge that outsiders are using the same tools.

>Nobody expects Russia to play nice,

I do! I expect Russia, China, the US, the UK, Australia, and even places like the Middle East to play nice when it comes to their Intel services.

Why? Because I expect them to be staffed by exactly (precisely) people like you and me and the people reading this forum, and I believe there is an incentive for the intelligentsia to completely ignore all political things and simply be awesome stewards of a safe world. In fact, I think that there should be a secret conspiracy by every single intel worker worldwide to band together online in a meta-community. I think they should state in this very forum (HN) if they are being asked to do evil - such as in reply to this comment - because they're part of this meta-conspiracy.

I don't think this is hopelessly naive because I can say with certitude that there are people reading this from intelligence agencies all over the world. Why wouldn't they?

I expect this to be viciously downvoted and I don't care. I think I'm on the right side of history and I think that the people who expect these geeks to wage war on each other are on the wrong side of world history.

It's very black and white. (The reach and extent of the activities of these respective services is a different matter entirely and not a subject of this comment.)

I often fantasize about this being true.
I don't think your comment is naive. Given some basic life necessities and niceties such as food, shelter, personal freedom, financial security and access to social services, most people would rather do the "correct" thing and think of a global benefit rather then a state benefit. But when the state is the entity providing those necessities in the first place, on the condition that you switch around those two priorities, then the number of people willing to do the "correct" thing drops off significantly.

Now if those people can be assured of anonymity in their actions and safety from persecution by the state while still receiving the benefits of the state, the number goes up again by some percentage.

Many physicists didn't want to work on nuclear bombs but they were convinced to help develop it because they were afraid other scientists with even less ethics would build one first. It only takes one Leo Szilard to ruin it for the whole human race.
I'm reminded of Einstein wanting 1,000 copies of the famous Hiroshima edition[1] of the New Yorker (70 years ago this week) to send to colleagues.

[1] http://www.newyorker.com/magazine/1946/08/31/hiroshima

That story is an excellent read - first hand accounts of the Hiroshima bombing. I'd forgotten the article existed - I seem to remember it being released for free in the last year or so? Thanks.
What you're missing is that people respond to incentives on a local scale, not a global scale. As in, people want to satisfy their managers in order to get paid more, not cure global warming or whatever other lofty goal that would benefit all humanity.
You're presuming that a member of an intel service views "the correct thing" from the perspective of the whole human race, rather than from the perspective of their specific nation-state. So I think that you are hopelessly naive.
Well put. People talk like Kissinger was a lunatic, but his actions made a lot of sense if you value American success much higher foreign wellbeing. There are plenty of people doing intelligence work in the sincere belief that they're right and the internationalists are wrong.
I don't think this is hopelessly naive. History is filled with brave insiders who stood up for what was right. And this doesn't necessitate career suicide.

Oskar Schindler, Daniel Ellsberg, and Smedley Butler are some notable examples within the 20th century.

On a smaller scale, internal pushback has changed policies in government organizations and corporations. It is not always possible, but proposing an alternate, less-destructive method of accomplishing an organizational mission is one way to achieve this.

I think the best example of this in action is Stanislav Petrov, who defied protocol to launch a retaliatory nuclear strike against the Americans. It turned out the alarm was raised by a fault relating to weather conditions.

https://en.wikipedia.org/wiki/Stanislav_Petrov

One country's/government's definition of "nice" may vary from another's.

I somewhat agree with your point, but note that these people are enforcing the will of their country's top leadership. And the Russian government has every reason to not play nice with the US government.

I actually wouldn't be surprised if NSA is one of the "nicest" intelligence agencies out there, though. Relatively speaking.

Yeah,

It's hard for the US to express anger that the Russian government's secret services hacked America secret services to steal the tools the American government used to hack other governments...

Precisely. If it's just internal dissent, then you can say "the tools would be safe with us if not for these whistleblowers!" When it's your exact counterparts in another country robbing you, there's not much to say except "oops".
Makes sense. A bit like how during Stalin's regime and later, there was a lot of emphasis on enemies of the people, on saboteurs, capitalist spies and so on.

The idea was it could effectively explain away the internal inefficiency, waste, stupidity, corruption and bureaucracy as everyone can point to and say "See, we can't have nice things because we have traitors in our midst"

> No team of “hackers” would want to piss off Equation Group this much. That’s the kind of cojones that only come from having a nation state protecting you

I like that part. Yes, don't make the middle aged dads from Fort Mead angry.

Would Lulsec in its prime have been willing to piss off the equation group? To me the answer is clearly yes.
Yeah, not only would they be willing but it practically be what they existed for. I think your typical black hat has very different weights on risk and reward for these sorts of things than your typical software engineer; hence why they went the life path they did.
...and your typical blackhat is not Lulzsec. I suspect that the media-hungry blackhats are the tip of the iceberg. No surer way to getting a taskforce assigned to finding you than doing high-profile media stunts (ask DPR), most hackers don't want this, but some clearly do.
EXACTLY! This is what they were trying to prove that if you think you are that good but do not practice good hygiene you get what you get. Who wouldnt want to drop that on the NSA who is trying to prove they are protector of the USG but can't protect themselves.
Sabu of Lulzsec was working with/for the FBI.

might as well consider them government provocateurs.

For what it's worth: the people doing the actual hacking work at NSA are in their early 20s.

Generally, "hacking groups" that have picked fights with the USG have a somewhat spotty track record of retaining their freedom.

> For what it's worth: the people doing the actual hacking work at NSA are in their early 20s.

How does that work? Are older employees promoted away from this work into management? Is there an age limit to joining the hacking organization?

It's probably more along the lines of the vast majority requiring Title 10 authority. The military operators performing the work on average would be younger. 25-35 is probably the norm. Most at that age would move out of the govt. to higher paying contracting positions or into leadership roles.
I don't believe most of the people doing this are military, FWIW.
(comment deleted)
Almost half the NSA is military. TAO - ROC Operators in particular are most definitely staffed heavy with military due to laws of war.
Likely, BYU grads doing the hacking, considering the odds.
I'm not sure I'd assume that men like Clapper don't have egos.
Lots of people are talking like it's a political move, insiders, super team hackers... but imho this is just to level up the game. Pretty sure that this tools are know to the NSA to be leaked and probably saw a small guy using this therefore they release the stash of the most "shared" tools to the general public via this charade and the small players start again from zero and the big league players (equation group) can dominate the the field again with his 0-days.
You're pretty sure the NSA is behind the EQ auction, because they're burning their exploits after noticing someone else using them?
Hi tptacek big fan of yours here...

Well if i were part EQ and saw my exploits leaked somewhere else, this is what i will personally recommend doing, to level up the game and meanwhile let's blame russia so my job is secure (finding exploits in TAO) and to keep out of the game the small league players (HackingTeam, NSO, FinFisher, et al).

If I want Cisco to patch the vuln that some small player is exploiting, I can think of better ways to accomplish that than publishing the exploit myself.
Like what? normal disclosure or leaking the exploit to big guys like taviso? nah this won't do shit... cisco will patch and charge you his "premium membership" to download updates and sysadmins won't update now that shit hit the fan and the average kiddie can, cisco will be forced to release the update as free (to protect his stock) and sysadmins will be forced to update asap.
Have you seen anything to support this theory or are you just practicing your creative writing?
I am going to steal this creative writing line and add it to my other favorites

Don't meet trouble halfway.

You are entitled to your own opinions but not your own facts

There are two kinds of problems: yours and mine and this is not mine

Well let's say i do the plots for the sitcom "Mr Robot" from time to time.
Puts on tinfoil hat

I'm a little naive when it comes to this sort of tech, but does anybody else wonder if this leak could be a notice from the Russians that they do, in fact, have all of Hillary's emails?