Slashdot Mirror
Whistleblowers: How NSA Created the 'Largest Failure' In Its History (zdnet.com)
An anonymous reader writes: Former NSA whistleblowers contend that the agency shut down a program that could have "absolutely prevented" some of the worst terror attacks in memory. According to the ZDNet story: "Weeks prior to the September 11 terrorist attacks, a test-bed program dubbed ThinThread was shut down in favor of a more expensive, privacy-invasive program that too would see its eventual demise some three years later -- not before wasting billions of Americans' tax dollars. Four whistleblowers, including a congressional senior staffer, came out against the intelligence community they had served, after ThinThread. designed to modernize the agency's intelligence gathering effort, was cancelled. Speaking at the premier of a new documentary film A Good American in New York, which chronicles the rise and demise of the program, the whistleblowers spoke in support of the program, led by former NSA technical director William Binney."
Only goes to show. Of course, we have no proof that thin thread would of actually worked, but instead of caring about America's safety, the NSA only cared about getting more money.
Be seeing you...
Where the powers that be were convinced that warrantless wiretapping of everyone was an improvement over concentrating on terror targets.
I imagine it got really cold in that room with all the hand waving going on.
... there you have it - the real incentive, the unique driving factor for USSA MIC
It's very easy after a disaster to claim that an unfunded or ignored project would have prevented the disaster. Since the whistleblowers in the article are talking about the 9/11 terrorist attack, it seems a bit late. to be blowing whistles on it now.
It does seem clear that the NSA suffered, and is suffering, from Jerry Pournell's "Iron Law of Bureaucracy"
>> First, there will be those who are devoted to the goals of the organization.
>> Secondly, there will be those dedicated to the organization itself
The amount of money, time, and manpower burned on oversampling incredible amounts of personal traffic would seem much better focused on parts of the world, and populations, where the monitoring is likely to bear more fruit. But that doesn't expand the NSA itself and its overall capacity.
The best clue for detecting bullshit in the efficacy claims for any intelligence apparatus is when its proponents state it would have prevented a complex security lapse like 9/11. Reading the article further it seems like a bunch of people just mad their ideas weren't adopted.
If NSA hadn't been caught searching and storing content there wouldn't now be such effort into encrypting everything.
And after conversations are encrypted effort will be made to render traffic analysis useless as well.
Well given the CIA report entited "Bin Laden determined to attack US" mentioning flying planes into buildings... and with the spooks trying to get emergency meetings with El Presidente Bush, I don't think Thin Thread would have helped.
The problem with 9/11 was a President who was too lazy to act, and was family friends with the Bin Ladens, so had a reason to ignore anything that might cause his friends/business partners bad press. It happened to suit his friends political agendas too. Giving them the excuse to pass Patriot act, and, as we learned from some of the leaks, the mass surveillance started 1998, and 9/11 Patriot act simply gave it a legal cover.
If my grandmother had wheels, she would've been a bike. Are we really supposed to attribute the failures of the three letter agencies to "unfortunate mistakes" and otherwise believe in their efficacy? Well, I consider myself a millionaire: Unfortunately I chose the wrong numbers on the lottery ticket, but other than that, I'm rich!
Let's say the NSA somehow knows there is a message between two people they want to decrypt. With the computing power they have how long would it take? What I'm getting at is if the NSA had to concentrate only on targets would they be able to break the encryption?
I love Jesus, except for his foreign policy.
Legends and myths grow around the historic events.
It is true that a couple of years before 9/11 events CNN/ABC sent a crew to meet Bin Laden's to get the interviews multiple times. Even two months before the events bin Laden was giving interviews to the local journalists.
If journalists could meet, why the fuck do we need electronic surveillance at all and later we hear complains saying that we needed more surveillance, since if we had more surveillance events would have been prevented. If journalists can get interviews freely, then I would be really stupid to believe that US, which has very powerful and most expensive intelligence agencies in the world, really wanted to catch him, because they did not.
Money may be a necessary evil, but the problem is not the money it's the way we structure our society and government around it. There should be absolutely no way for politicians to make money from anything except their paycheck, period. Sure, give them a nice salary and pension so they can live well, but any other income should be illegal, period. Direct or indirect. If you want the privilege of representing your fellow Americans in the government, there is a price you pay. Americans should be absolutely disgusted with the amount of corruption in the government. I really don't understand how people can be so complacent about it.
So sadly true. People don't even expect their leaders to be honest or have any integrity anymore. But really, are the people any different? I think that it's a representative government. The lack of integrity in the public is reflected in their leaders.
Even with minimum wage, corporations have people working for no money. As long as they can pretend that the work serves some sort of educational purpose, they can use people as unpaid interns and get away with it.
Yeah, then it turns out to be some patsy in a setup...
“He’s not deformed, he’s just drunk!”
money is our method of assigning value. It's wildly flawed but it is our system. that has no bearing on what we DO with that assigned value.
Take the asshat who bought up the cancer medication and raised it's price by 5000%. That's what you say should rule.?
People in cars cause accidents....accidents in cars cause people
Should they be able to make money? just like everyone else yes they should. Preventing them from doing so is problematic, but disclosure is not. If you don't want your finances public, don't run for fucking office. That way we *know* when they are trading on their influence...they are automatically recused from anything in their financial portfolio or it's a crime.
The real tricky part is the revolving door between gov and private sector. That a congress member can make laws and then take a job in the industry making use of those laws is a real problem. You need qualified experts in government to regulate private business effectively but you won't get them if you prevent them from subsequently working in their expert field when they leave gov service.
How that's reconciled I'm not sure.
People in cars cause accidents....accidents in cars cause people
And how old are YOU?
When money goes from being an important consideration to being the only consideration, society goes to hell. Perhaps with age you'll learn the subtlty of thought needed to understand that balance.
He won't pay me a living wage for mopping his floor once and I won't be his galley slave for whatever table scraps his dog doesn't want.
This really depends on the type of encryption used, and if the key can be discovered. When you discuss cryptanalysis from a math position, you have ideas like "this is a known plaintext attack- we know the first X bytes of the message, can we recover the rest of the message, or the key?" and so on down the list. If something is encrypted with a symmetric key- for instance, AES 128, or Serpent, or Twofish- then the odds of recovering the data given just the key, or a plaintext sample, seem hopeless.
But if you are asking from the perspective of law enforcement, you have a great deal of other options for not having to fight that mathematically impossible fight- you might be able to look at other communications, or exploit a weakness in the design of the sender or receiver, etc. You could keylog them, or put listen to their conversation with a microphone, etc.
To answer your question generally- no, the NSA could not decrypt the information of only targets. If you go get Veracrypt (or Truecrypt, or LUKS, or anything else using a block cipher), make a drive with it, and then never screw up your security, it would be beyond the current hypothesized resources of humanity to ever recover the data. If you died with a secret that would change society for the better in that drive, it would be more reasonable to cryopreserve your brain, because it's likely that within the next few millenia someone will learn how to read data out of a frozen human brain, and get the key that way- that would be a more effective way to get the key than trying to break the crypto.
So no, the NSA couldn't just focus their computing power on just targets and get to read everything they do, even assuming targets could be chosen with exact accuracy. The fact that the government knew that something was suspicious about most terrorists before they terrorize is generally something in their favor- but it skips that there are quite a few people who wish us harm at any given time, most of whom never get the chance or simply never turn their politics and rhetoric into violence.
Now, what the feds could *maybe* do, that more Americans *might* be ok with, is to greatly dial up their amount of targeted surveillance of suspected foreign nationals. While probably better for privacy than the "wide net" that we see, this obviously has other issues- not only is this extraordinarily expensive in ways that databases are not, but it is also fraught with privacy concerns as well, just not the exact same ones.
Yeah, yer right. It is easy to figure out which messages to decrypt, all you have to do is ask the sender and receiver if it is important and dangerous to U.S. security.
Why in the world do you think he should react any differently when you ask him to give you his money for free?
You are the only one talking about getting something for free. For everyone else it's quid pro quo.
I think a good answer would be a combination of transparency, delays, and being fully subject to insider trading and other financial laws (no more "speech and debate" defenses). I don't think it would be too much to ask that elected officials give up much more of their financial privacy during their term of office, especially if a delay in the release of the information is incorporated. I also think it would make sense for public officials (and in some cases their staff) to be forced to wait to buy or sell securities for at least two full trading days after publicly announcing the order. Once they announce the intent they have to follow through: they can protect themselves from swings in the market during the delay by placing limit orders. For quid pro quos that execute a year or more after they leave office, PACs, etc.: heck if I know.
Didn't you read the follow-up story?. The free market fixed that problem, and the medicine is selling for a buck now.
Not quite that simple: many folks won't have access to a compounding pharmacy, the drug isn't for sale yet that I can tell, and for many or most drugs a compounding pharmacy won't be able to help. I think the real answer is pretty similar to your answer about money: not all monopolies are evil and we shouldn't abandon all monopolies. When rent seekers like Actelion and Turing learn to game the system it's time to reform the rules on restricted distribution and returning generic drugs to exclusive status; it's not time to blow up the FDA.
That's why I got out of the business. You folks need to realize TT was a program of many. You know in the black projects world, there are multiple stovepipes, more are doing the same thing, due to creating of competing teams. Where's the academic paper that shows how better this system was... against others? All we know is the politics since TBlazer was the big, most bloated, known contract of the time.
Though TT has some merit in its creation and performance, there's a dozen others you don't know about that could have did the same as TT... or better. Just that TT is being a poster child due to a few grumpy employees that did get a conscience to expose it.
No news here folks.
Making money is the problem in US politics, that and failure being rewarded and celebrated as long as sufficient corporate profits are generated. Take the failure in the Ukraine, Victoria Nuland and Geoffrey Pyatt, basically spent 5 billion dollars to give Russia back the Crimea for free. Nuland and Pyatt are still celebrated basically for being the greatest fuck ups in modern times, trotted off to Russia to try to humiliate the Russians but the Russian can barely contain the mocking and laughter. From the Russian view point, how much would they have paid to Nuland and Pyatt, to achieve what they achieved, return the Crimea and get rid of the economic leach of the Ukraine, would Russia have paid 5 billion dollars to get back the Crimea and get rid of the Ukraine, how much were they spending subsidising the Ukraine to maintain access to the Crimea, something they no longer have to spend, another major win.
Blatant failure celebrated because a big chunk of that five billion spent in the Ukraine was successfully syphoned off by contractors who did not give a shit about outcomes, beyond how much they would make and whether it would generate more conflict and chaos for greater profit opportunities.
Business government partnerships and contracting are nothing more than exercises in corruption and the more money wasted the more they are heralded as great success stories, something you are of course bound to do as covering up exercises. The fuck ups are allowed to roam free, no matter how great their failures because seemingly nothing more than embarrassment factor and their exposure might lead to greater investigation. Failure has become the norm in US government administration because failure means spending more money, success means problem solved and the end of cash flow, perversely the biggest failures become the greatest success stories for corporations ie F35 and it's now required replacement at even greater cost (this failure even forced on other countries via corporate driven US diplomatic threats, woot).
Chaos - everything, everywhere, everywhen
As long as they can pretend that the work serves some sort of educational purpose, they can use people as unpaid interns and get away with it.
Thats awful, and a good example of how the Corporation *do* rule America, far more than in other developed countries where such exploitation is illegal.
Why should they automatically get a pension? They should pay for their own pension like every other person has so.
No sig. Move along - nothing to see here.
There's already a solution. Put all major assets in a blind trust for duration of the term. Already being done in the case of the President.
Il n'y a pas de Planet B.
Nobody doubts that the CIA and other parts of the federal government have occasionally cultivated a public image of incompetence to mask their very competent evil. I totally disagree with your assertions about Snowden however. You call those revelations "zilch"? WTF more can there be? NSA nanobots infecting our bodies and reporting on our biometric data? He really did give us the smoking gun as well as the dead body of the U.S. Constitution. The ho-hum reaction is due to ignorance and indifference; I don't think the public actively approves of this crap. Nor do they approve of a government which will not punish its own employees for their crimes.
Just check the status of the evil bit:
http://www.faqs.org/rfcs/rfc35...