Nick once again tries his hand at congressional oversight. The questions the SSCI and HPSCI should be asking NSA about the Shadow Brokers leak.
Latest in National Security Agency (NSA)
Monday was a tough day for those in the business of computer espionage. Russia, still using the alias Guccifer2.0, dumped even more DNC documents. And on Twitter, Mikko Hypponen noted an announcement on Github that had gone overlooked for two days, a group is hosting an auction for code from the “Equation Group,” which is more commonly known as the NSA. The auctioneer’s pitch is simple, brutal, and to the point:
Last week, Symantec and Kasperksy released a series of reports on a nation-state malware attacker that is almost certainly the NSA. What does that mean?
There is an interesting exchange in the new Snowden FOIA release (h/t Marcy Wheeler) that has me concerned as a technologist. In it Snowden provides some technical support from NSA Hawaii to NSA headquarters.
Over the weekend, VICE published a story entitled “Exclusive: Snowden Tried to Tell NSA About Surveillance Concerns, Documents Reveal.” If you haven’t read it, don’t bother. By its incendiary headline, the story—the product of documents released as part of a FOIA lawsuit—would purport to be an outright validation of Edward Snowden’s claims that he repeatedly tried to raise surveillance concerns with NSA officials but was ignored.
In the first two parts of this series, I noted the general tendencies of the FBI’s critics to assume away the problems posed by Going Dark by insisting that the NSA—or the intelligence community more broadly—can and will find methods of exceptional access when the police really need them to.
In Part I of this series, I noted the tendency of commentators—without any actual knowledge—to assert that NSA could simply break into a given locked iPhone.
Let’s start with a point that will be significant emotional satisfaction to many readers: Richard Clarke was dead wrong.
In a remarkable statement last week, the former Clinton and early Bush administration counterterrorism official told NPR’s Morning Edition:
Yesterday, Susan defended the NSA21 reorganization based on her experience working for the Agency. Her views regarding the roles and incentives of offense and defense might be entirely accurate. But none of that actually matters, because the problem with the NSA reorganization is one of trust and perception. And merging offensive and defensive capacities does nothing to help—and plenty to hurt—public trust.
Over at Just Security, Ross Schulman opines that “When NSA Merges Its Offense and Defense, Encryption Loses.” Schulman argues that under NSA’s newly announced reorganization, the Information Assurance Directorate (IAD) “will be subsumed by the intelligence-gathering program” and “effectively cease to exist.”