Slashdot Mirror
NSA Building US's Biggest Spy Center
New submitter AstroPhilosopher writes "The National Security Agency is building a complex to monitor and store 'all' communications in a million-square-foot facility. One of its secret roles? Code-breaking your private, personal information. Everybody's a target. Quoting Wired: 'Breaking into those complex mathematical shells like the AES is one of the key reasons for the construction going on in Bluffdale. That kind of cryptanalysis requires two major ingredients: super-fast computers to conduct brute-force attacks on encrypted messages and a massive number of those messages for the computers to analyze. The more messages from a given target, the more likely it is for the computers to detect telltale patterns, and Bluffdale will be able to hold a great many messages. "We questioned it one time," says another source, a senior intelligence manager who was also involved with the planning. "Why were we building this NSA facility? And, boy, they rolled out all the old guys—the crypto guys." According to the official, these experts told then-director of national intelligence Dennis Blair, "You’ve got to build this thing because we just don’t have the capability of doing the code-breaking." It was a candid admission.'"
Panopticon this week; Maybe we'll get Skynet by accident?
That might be best for everyone in the long run...
Truth isn't Truth - Guliani
In american America, people monitor the government.
In soviet America, the government monitors the people.
First, I already assumed they were doing this. second, i don't know so just a thought. could you create an encryption method that generates a new encryption key for every new message.
...seems appropriate as a term for how the US government takes its stance towards the rest of the world. Even although broke. How long, yet ?
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
I thought we were bankrupt. Don't we have better things to spend (or save) our money on?
How many bits should we use for encryption now?
Give me Classic Slashdot or give me death!
The more messages from a given target, the more likely it is for the computers to detect telltale patterns
IIRC, that's not true, for a good encryptation system.
For a *perfect* encryptation system, the messages would be indistinguishable from random patterns of bits.
Sheesh, evil *and* a jerk. -- Jade
The whole we-can't-break-codes-anymore story is told in
http://www.amazon.com/Coded-Messages-Hoodwink-Congress-People/dp/0875868142/ref=sr_1_1?ie=UTF8&qid=1331918025&sr=8-1
Coded Messages: How the CIA and the NSA Hoodwink Congress and the People
by Nelson McAvoy, former NSA person, who claims to have been at the early meetings from when the NSA was formed.
One of its secret roles? Code-breaking your private, personal information. Everybody's a target.
Gee, if that is a secret, I promise not to tell anyone. Anyone joining me on that? Just hope that no one will read this article who doesn't already know, that would kind of spoil it.
Ezekiel 23:20
How sure are you that they are actually breaking into anything there?
I am Slashdot. Are you Slashdot as well?
First post, never got that before.
You must be using the new FTL neutrino submission system.
Sheesh, evil *and* a jerk. -- Jade
I wonder if that sentence says more than they intended it to. Could it be that the skills of the NSA people are eroding just like the skills at CIA did? I knew that CIA was in trouble - tradecraft-wise - when a COS let an asset into their HQ and he blew half the station to kingdom come. No one would have done that in the old days. Maybe NSA is having the same problem.
No one ever had to evacuate a city because the solar panels broke!
We use our signals intelligence capability to pass the trade secrets of foreign companies on to our own domestic companies; there is plenty of money to be made from being able to decrypt messages that the NSA intercepts.
Palm trees and 8
My understanding is that the best known general cryptanalytic attacks on AES are only marginally better than brute-force. Even AES-128 is essentially unbreakable under any known attacks then, since brute forcing a single AES-128 password is so far beyond feasibility, it's absurd. My understanding is that the best known attacks on AES are side-channel attacks, which require only modest computational resources, but need access to the encrypting machine, and related-key attacks that are only effective for certain small classes of keys.
So we can then assume that NSA has a general attack on AES that makes it many, many orders of magnitude easier to break than the best known published attacks? Or is this more likely to be disinformation spread to make people *think* that AES is broken by NSA? My understanding was that NSA is generally somewhat but not extremely far beyond the academic state of the art these days.
And there have been several reports of FBI and other federal agencies being unable to recover AES-256 encrypted hard drives. So if NSA has the capability to do so even for small numbers of keys using existing computing power, they obviously keep it incredibly restricted and under wraps.
So... this is BS by somebody, right? Either congress is getting BSed into funding stuff that won't do what they're being told it will do, or the public is getting BSed into believing that using encryption is pointless because NSA can real-time decrypt anything, so just don't bother, mmm'kay?
uckfay offway ationalnay ecuritysay agencyway
I think I've been watching too much Person of Interest.
Because codebreaking has been obsolete since 1978, as the NSA will find out the hard way.
Just wondering if anyone has the exact latitude & longitude coordinates for this facility.
Gonna need 'em for programming all the home-brew autonomous high-explosive and incendiary-carrying kamikaze drones needed to take this facility out.
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
WHO would work for them, I ask you?
decades ago, the people didn't view their government quite the way they do today. some patriotism did exist and people wanted to help their government. *generally*.
today we all see how invasive and evil our government has become. totally 100% lost its way. almost anything it does, it does badly and hurts people, long and short run.
if I was offered a job for the so-called white hats (which I now see as black hats) I'd turn it down. I would not be able to live with myself knowing I'm helping an evil force become more evil and more forceful.
I do realize a lot of people can easily shelve their ethics and see money-making jobs as separate. but I wonder how many people still believe that if they join the government or gov-sponsored jobs, that they are really HELPING things?
too many black marks on the government. working for them could be as bad as working for the old mafias. the people that they do get, I would not trust. they are whores.
--
"It is now safe to switch off your computer."
when a COS let an asset into their HQ and he blew half the station to kingdom come.
In case anyone else didn't get the reference.
The one time pad could make a comeback in the form of a one time DVD's or maybe even SD or Micro SD chips. I know, it is not scalable due to the problem of distribution. It is also symmetric in that the same "key" encrypts and decrypts, but it is also immune to brute force since your one time key is equal to or longer than the message length. An interesting variation might be to use an image file that is very long, but completely innocent as a pseudo random key and only have two copies of that exact image. The former Soviet Union used a one time cypher for all of their clandestine agent communications.
same thing, different tech
you collect data, look for patterns and break the code
if someone is spying to blow up a building then they will do it for months and report back. the code they use for the target will probably never change and you just have to look for similar patterns
The NSA is located in Maryland. At the end of the shift, traffic is bad enough between there and Columbia to block up the Interstates. That includes not just the cryptoanalysts, but the vast support staff: IT, cafeteria workers, security, human resources, etc etc etc.
Who's in Bluffdale? Where is all that support staff going to come from, and what are they going to do with the rest of their lives? Although the NSA is on a military base, a lot of the work is done by civilians, and you can't just order them into the middle of nowhere the way you can with soldiers.
Code-breaking your private, personal information. Everybody's a target.
To target everyone would be a total waste of resources. I would spend as much money figuring out who to target as I would decrypting anything send by that target.
It's like saying, "We're going to mine the whole state of California to find the gold there."
If I used a sig over again, would anyone notice?
WHO would work for them, I ask you?
Someone who likes lots of money.
In the land of the blind, the one-eyed man is usually crucified.
Mostly mathematicians. Where I went to college, after finishing undergrad you either went on to grad school, or you went and worked for the NSA. One of my friends who went to grad school to study abstract mathematics (as well as some encryption) said you could always tell the NSA people from the academics because they had no name tags on.
smoke and mirrors. The public hears "we need this for cryptoanalysis, brute force code breaking of AES, insert whatever you want the public to know. The reality of it will never be told to the public. This is the NSA people, smoke and mirrors to cover what the are really doing.
You may want to reconsider your use of "we". If you don't benefit from this latest expansion of government (which you've implied), and you didn't take part in the decision-making process (which you've also implied), then logically, you are not part of the "we".
Yep.
SJW: Someone who has run out of real oppression, and has to fake it.
A tribute to "Person of Interest". The Machine.
I wonder if that sentence says more than they intended it to. Could it be that the skills of the NSA people are eroding just like the skills at CIA did? I knew that CIA was in trouble - tradecraft-wise - when a COS let an asset into their HQ and he blew half the station to kingdom come. No one would have done that in the old days. Maybe NSA is having the same problem.
Crypto-guys are the "old guys" from a tradecraft point of view. AFAIK, in the NSA, many of the old-guys are involved with developing clever new internal ciphers (so-called classified "suite-A" algorithms). Since many of the "bad-guys" aren't nation states with heavy duty crypto development capablities, they often are using off the shelf stuff like AES/ECDSA (members of the "suite-B" algorithms). Until someone discovers a huge gaping hole backdoor, breaking these "suite-B" algorithms benefit from mostly from brute force (even if you know a few clever tricks that others do not which chops things down an order of magnitude or two). This is pretty much an admission that there is no huge gaping back door in these suite-B algorithms, not that any crypto-tradecraft capability was in trouble.
I find it oddly somewhat comforting that the we have "old-guys" that realize that sometimes the best thing to do is to throw this problem at a box of computers and spend their time on other pursuits. Who knows, this facility might be dedicated to cranking on some clever cracking algorithm that is unknown to the public, all we know it it takes lots of OPS. Isn't surpising to me that cracking these algorithms are hard. As a historical data point, DES was apparently hard for even the NSA to crack so they deliberatly limited the DES key size from the original 64-bits, to the final 56-bit (although the NSA apparently lobbied for a mere 48-bits).
Ask a bunch of people whether they need more resources and they got back a "yes! we can't do your job with what we have".
For comparison, The Pentagon is 6.5 million square feet. Maybe I'm just jaded, but is the CIA more efficient, or is this building grossly undersized for the task it's designed for? Looking ahead 50 years, it would seem that the CIA's importance is going to dwarf the military's as we continue the long slow slide in to a permanent cold war with the rest of the world.
I am glad, however, that they're moving some of these larger installations off the east coast. Too many major federal buildings are located within 100 miles of the capitol building.
moox. for a new generation.
I actually doubt that they are most interested in brute-force codebreaking through the front door except in a few rare situations.
Most of the time, it's massive traffic analysis: searching and analyzing a titanic, dynamically changing graph, nodes are IP addresses and phone numbers of the planet.
Once they find a 'target of interest', then they would usually ask the FBI or other authority just to put a tap on a specific line, or if necessary break in and install a trojan on the target's phone or computer, avoiding front-door code-bashing, which isn't generally feasible in large scale any more.
There are companies (e.g. http://www.conveycomputer.com/) which make highly parallel co-processors from FPGA's which give user-definable vectorized instructions on enormous memory bandwidth.
This is just the thing for the NSA.
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Ahhh. This was from version 1.0 and no longer applies.
* Carthago Delenda Est *
unless you're a private contractor, you're not going to make a lot of money off the government. the oversight is too steep. government is expensive, not because it pays out huge secret bonuses to individuals, but because it pays out average wages to hordes of pencil-pushing regulators who watch each other and make sure no one is breaking the rules, which are in a constant state of flux.
http://www.beanleafpress.com
There was a list of keywords the CIA was known to filter on, so we'd often just insert them randomly into postings so they'd get read by some poor overworked CIA analyst.
This should be fun!
-Matt
The NSA is basically admitting that since they declassified that Nash algorithm,
http://www.nsa.gov/public_info/press_room/2012/nash_exhibit.shtml
unbreakable encryption will be the rule, not the exception..
Companies everywhere are already looking to commercialize this kind of technology so the NSA stuff just wasn't competitive anymore.
http://www.tag.md/public/ca_nash.png
I find the lack of comments on this story disturbing.
Are Americans so jaded that we can't be bothered to comment on a story about an internal spy agency increasing their capacity to snoop on us?
I for one am outraged that my tax dollars are wasted on things like this. I'm sick of the governmental alphabet soup eroding our rights.
Please, join me in voting 3rd party. Boycott Republicrats. Talk your friends into boycotting Republicrats. Talk them into voting if you have to. (Statistically speaking likely.)
Where some Animals are more equal than other animals.
Truth isn't Truth - Guliani
Can't believe a candidate for the GOP nomination ran on a promise to terminate the department of energy...Do these guys even know what the DoE does?
Depends. The nice thing about the OpenPGP protocol is that one can specify different algorithms. If I wanted DSS and Triple-DES, that is doable. However, RSA and AES are the most common used.
One of the interesting things that came out when this first was announced here in Utah was that this one facility would use about 65 MW of power. 40-50 thousand homes worth of power. That's as much power as all of Salt Lake City. That's a freakin lot of power for a "bunch of servers". ( and the AC to cool them. )
There is no computer that can break all code, not even a quantum computer.
Here is why: Abstract language is only meaningful to those who agree upon the meanings attached to the words and phrases use and those meaning can be totally secret between those using the words and phrases.
i.e. "pick up some milk on your way home." is recognized by most as what it says, but its abstract symbols in sequences that can have any meaning attached. Programmers do this all the time in writing functions, procedures, etc.. and on teh web when was the last time you search for something an got nothing but what you were looking for? (because someone else attached a different meaning to a word or phrase, etc..
Simply put, the spy cent is so totally wasteful of resources. The best thing that can come from it is overcoming the need for it.
If they think they need a facility that big, it sounds like they're anticipating collecting A LOT of communication. We all know most stuff isn't encrypted, but a lot of the important stuff is. Anyway, does this mean they've got a real set of "quantum" computers? - and I use that loosely because the few commercial items out there haven't proved themselves yet.
----- obSig
"Best of all, your secret: nothing extant could extract it.
By 2025 a children's Speak-and-Spell could crack it.
You can't hide secrets from the future with math.
You can try, but I bet that in the future they laugh,
at the half-assed schemes and algorithms amassed
to enforce cryptographs in the past."
- MC Frontalot, Secrets from the Future
Secrets cost money. How long do you need to keep them? Today we believe - with good reason - that most cryptographic protocols are secure. Bue even if that's true (and there's no guarantee), why not hoover up the data while it's available and wait for your opponent to slip up, or your mathematicians (or computer engineers) to make a breakthrough, whichever comes first?
Why do you think they built it in Utah?
We play the game with the bravery of being out of range
Your federal taxes are due on April 15th. Let's all tip them a little bit more for providing us with such great service.
The Wolfpack Project: BitCoin + Crowdfunding = Political Accountability
This isn't about reading your mail. This is to crack all the VPNs from retail stores so they can track what you buy. They then sell this to marketers to help pay off the US debt. If that doesn't pull in enough money, then they just start grabbing credit card numbers.
-- I have a private email server in my basement.
Why is this happening? We're being robbed by bankers who appear to be above justice (bank of america), ruled by politicians who are installed by the same big-money criminals that are bankrupting us and printing money to cover unfinanced wars and bailouts of corrupt institutions, our teachers are taking pay cuts and we have the highest medical care costs in the world and THIS is what the government needs to spend money on?
This town needs an enema.
"No good deed goes unpunished"
Whatever we conceive to be the "future" knowledge of cryptography *now* is probably where they are already at, at the NSA. They were decades ahead of everyone else for the longest time, until crypto broke into the public consciousness - they are undoubtedly still a decade or two ahead of the masses.
I *highly* recommend the book "Crypto" by Stephen Levy, if you haven't read it.
The answer with all personal cryptography is to provide just enough difficulty in solving it to protect the information long enough to suit your purposes. Nothing will ever prevent the future decipherment of your text down the road, if anyone cares to try to decipher it and has the resources (i.e. this new facility).
The only other solution to crypto that can help you is for more people to use it routinely for everything, thus obscuring your traffic in a sea of other traffic. Thats no protection at all if they already have their eyes on you of course.
Basically we're fucked with regards to privacy via encryption.
"The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
Why shouldn't I work for the N.S.A.? That's a tough one, but I'll take a shot. Say I'm working at N.S.A. Somebody puts a code on my desk, something nobody else can break. Maybe I take a shot at it and maybe I break it. And I'm real happy with myself, 'cause I did my job well. But maybe that code was the location of some rebel army in North Africa or the Middle East. Once they have that location, they bomb the village where the rebels were hiding and fifteen hundred people I never met, never had no problem with, get killed. Now the politicians are sayin', "Oh, send in the Marines to secure the area" 'cause they don't give a shit. It won't be their kid over there, gettin' shot. Just like it wasn't them when their number got called, 'cause they were pullin' a tour in the National Guard. It'll be some kid from Southie takin' shrapnel in the ass. And he comes back to find that the plant he used to work at got exported to the country he just got back from. And the guy who put the shrapnel in his ass got his old job, 'cause he'll work for fifteen cents a day and no bathroom breaks. Meanwhile, he realizes the only reason he was over there in the first place was so we could install a government that would sell us oil at a good price. And, of course, the oil companies used the skirmish over there to scare up domestic oil prices. A cute little ancillary benefit for them, but it ain't helping my buddy at two-fifty a gallon. And they're takin' their sweet time bringin' the oil back, of course, and maybe even took the liberty of hiring an alcoholic skipper who likes to drink martinis and fuckin' play slalom with the icebergs, and it ain't too long 'til he hits one, spills the oil and kills all the sea life in the North Atlantic. So now my buddy's out of work and he can't afford to drive, so he's got to walk to the fuckin' job interviews, which sucks 'cause the shrapnel in his ass is givin' him chronic hemorrhoids. And meanwhile he's starvin', 'cause every time he tries to get a bite to eat, the only blue plate special they're servin' is North Atlantic scrod with Quaker State. So what did I think? I'm holdin' out for somethin' better. I figure fuck it, while I'm at it why not just shoot my buddy, take his job, give it to his sworn enemy, hike up gas prices, bomb a village, club a baby seal, hit the hash pipe and join the National Guard? I could be elected president.
US-UK-Israel: The real Axis of Evil
That's why I put a lot of "weasel word qualifiers". What I have is a couple of very good ideas, based on new possibilities of the Cloud that were not available before, and some general properties of computers I do not believe have been exploited.
There's a couple of good replies - but they're all AC's! THAT's fascinating!
My basic problem is that true per one of the AC's above, I don't have the chops to finish off the job - the best I can do is proof of concept demos. I've glanced over the Schneier stuff before, and it's a fair point too. But then again, below national critical interest, I think there's room here. After all, we can't even be bothered to read articles!
There's a middle ground though, in the obscurity, and that's why my general question was in fact to test myself against a couple of real Pros. I don't think AC can crack my stuff in three hours, but I don't expect it to stand up forever either. In fact I did get a reply from a fellow who works in web security, so I'll see what he thinks.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
I think I found my answer. Let's hope I phrase it right.
I was definitely thinking of one time pads but I ended up in 1-time digital Book Ciphers with extra obfuscation using high*er* entropy than a regular Book Cipher.
So the breakability is proportional to the non-randomness of the gobbledygook against the skill of the analyst. I was headed towards Schneier's Multi-Encryption but the better answer is CD/Downloadable 1-time pads.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Why would they spend so much money when they could just buy a wrench? http://xkcd.com/538/