cypherpunks
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
October 2013
- 143 participants
- 357 discussions
----- Forwarded message from Tim Retout <diocles(a)debian.org> -----
Date: Thu, 10 Oct 2013 23:25:18 +0100
From: Tim Retout <diocles(a)debian.org>
To: freedombox-discuss(a)lists.alioth.debian.org
Subject: Re: [Freedombox-discuss] Tor
Message-ID: <1381443918.9831.69.camel@air>
X-Mailer: Evolution 3.8.5-2
On Tue, 2013-10-08 at 11:04 +0200, Petter Reinholdtsen wrote:
> So to me, it seem like routing all traffic through Tor bring the
> advantage of making it harder to track your location while changing
> the set of people that can perform MITM attack on you. It is not like
> using Tor for everything is introducing some new threat. It is
> already known that NSA and China rutinely perform MITM attach on
> non-Tor traffic, and I assume others do as well. So we are left with
> probability calculations instead to evaluate the threat.
I agree to some extent, but my assessment of the probabilities is still
that using Tor unencrypted is going to cause you new and interesting
security problems.
Privacy and anonymity are different things, and actually I am more
worried about privacy first. There's no point using Tor to access a
cloud-based email service. I want to focus on getting everyone's data
decentralized, and their communications encrypted.
> While talking about these topics with a friend, I just got a tip
> about PORTALofPi, which is a ARch based Raspberry Pi setup to force
> all traffic over Tor. See <URL: https://github.com/grugq/PORTALofPi/ >
> for that recipe.
Grugq's writing is very interesting: http://grugq.github.io/
He recommends using a VPN over Tor to avoid monitoring by malicious exit
nodes (which of course won't avoid monitoring by the VPN provider):
http://grugq.github.io/blog/2013/06/14/you-cant-get-there-from-here/
http://www.slideshare.net/grugq/opsec-for-hackers (NSFW, slide 137
onwards)
--
Tim Retout <diocles(a)debian.org>
_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss(a)lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
----- Forwarded message from carlo von lynX <lynX(a)time.to.get.psyced.org> -----
Date: Fri, 11 Oct 2013 00:08:47 +0200
From: carlo von lynX <lynX(a)time.to.get.psyced.org>
To: liberationtech <liberationtech(a)mailman.stanford.edu>
Subject: Re: [liberationtech] 10 reasons not to start using PGP
Message-ID: <20131010220847.GH22105(a)lo.psyced.org>
User-Agent: Mutt/1.5.20 (2009-06-14)
Reply-To: liberationtech <liberationtech(a)lists.stanford.edu>
Hello again. I will answer to most comments all in a single mail
to avoid clogging libtech. While I wrote this another ten mails
have slipped in, so expect another large reply to those. :-)
On 10/10/2013 10:00 PM, Richard Brooks wrote:
> 10 reasons to give up, stop trying, hide in a corner, and die.
Sorry if I start talking about the alternatives only at the very end
of the document. This is about becoming aware of how serious the
problem is and to start directing some energy into fueling the
alternatives which are popping up like mushrooms just recently.
For the obvious reasons. And I specifically mention peer reviewing
them. So the message is: go get yourself new tools and teach your
peers to use the new tool of the day.
On 10/10/2013 10:11 PM, Pranesh Prakash wrote:
> Interesting. But someone should also write a piece called "1 reason not
> to criticise security tech without clearly stating threat model which
> serves as basis for that criticism". What if Mallory isn't a
> well-funded governmental organization but is the admin who runs your
> employer's email servers?
That's a good point. The reason why I don't pay attention to lesser
threat models is that the loss in quality of democracy we are currently
experiencing is large enough that I don't see much use for a distinction
of threat models - especially since alternatives that work better than
PGP exist, so they are obviously also better for lesser threat models.
For example, I don't think that a dissident in Irya (ficticious country)
is better off if no-one but Google Mail knows that he is a dissident.
Should at any later time in his life someone with access to that data
find it useful to use it against the dissident, he can still do it.
And who knows what the world looks like in twenty years from now?
Not saying give up and die. Saying if you can opt for better security,
don't postpone learning about it. If you can invest money in making
it a safe option, don't waste time with yet another PGP GUI project.
> This should actually be two lists: reasons not to use e-mail, and
> reasons not to use OpenPGP over e-mail.
Fine with me. I don't think it makes much difference for the end
user whether SMTP federation or actual PGP is failing her.
> Only reasons 2, 3, 4, 5, 7, 8 are really about OpenPGP (you should've
> stuck to "6 reasons not to use PGP"), and at least three of them are
> really good reasons to look for alternatives. There are no good
> alternatives over e-mail: S/MIME unfortunately suffers from many of the
> same issues as OpenPGP, and then some more.
I don't find S/MIME worth mentioning anymore. It has so failed us.
But maybe I should for completeness?
> And reason #1 is something that the client should take care of (ideally
> with default settings), and not the encryption protocol. Why are you
> attacking OpenPGP and OTR for this?
Because it's not true that the client can handle it. The fact that an
email address exists implies that some folks will send unencrypted
stuff to it. I experienced this. Just yesterday a friend changed his
life plans because of an unencrypted message. Yes, you could enforce
PGP once it's configured - but you can't opt out from e-mail. That is
evil.
Look at any of the alternatives instead. None of them allow you to
transmit an unencrypted message. In fact all the modern systems use
the public key for addressing, so you can't do it wrong.
> And thank you so much for the comparative chart. It is *very* useful.
My pleasure. I felt the need to do this since I get asked for
recommendations frequently - and I don't like to say.. wait until
secushare is ready. I don't want to wait for it myself.
> Why doesn't telephony have SIP?
It should. What would the icons be that you would put there?
I'm not familiar with end-to-end encryption over SIP for instance.
On 10/10/2013 10:33 PM, Marcin de Kaminski wrote:
> Agreed. The threat model discussion clearly is too often lost in all
> the current post-Snowden debates. We need to remember that a lot if
> solutions might not be enough to protect anyone against NSAish
> authorities but more than enough against other, most real, threats
> to peoples personal safety. Regular employers, schools, parents, skiddies, whatever.
I think if employers, schools, parents, skiddies can find out who
you are exchanging encrypted messages with, that can be a very real
threat to you. Using a tool that looks like it does something
totally different.. on your screen, over the network and even on
your hard disk.. can save your physical integrity.
On 10/10/2013 09:55 PM, adrelanos wrote:
> Thank you for doing this work!
> The world needs someone facing the truth, explaining why gpg isn't the
> solution, advocating positive change. It's a communicative task, a very
> difficult one. As long there is gpg, most geeks don't see need to create
> better alternatives.
Glad someone is understanding the positivity in awareness and
will to move forward. Ignoring threats just because they are
depressing is a bit like sticking your head in the ground.
> I'd say, gpg's development slowed down. They're qualified but standing
> in their own way. They should break compatibility with commercial PGP
> (not because thats good, just because it's easier to implement better
> solutions), also break compatibility with RFCs, implement better
> solutions and standardize later. The current "first standardize, then
> maybe implement, and don't implement if it's not standardized" approach
> is much too slow, can't keep up with real developments in real word.
The whole architecture is wrong. There is hardly anything worth keeping
in the old PGP approach except for the cryptographic basics. All the
modern alternatives use a completely different approach.
> (Still don't even have mail subject encryption.) If Bitmessage succeeds
> (I haven't learned much about it yet), and actually provides better
> protection than gpg, I am happy with that also if there isn't a RFC. If
> Bitmessage gets really popular, I am sure they'll somehow work things
> out and happen to standardize it later.
Thanks for reminding me to look at Bitmessage. I was postponing that
unnecessarily. I read the whitepaper and have added it to the comparison
table according to the claims in it. The architecture sounds a bit
like the one of IRC, but without multicast routing - so I expect it
to run into serious scalability issues. It will probably have to split
into several incompatible networks as it grows. It will also probably
keep your computer a lot more busy than you expect from a communication
tool. But for the time being it is a crypto-strategically much safer
approach than PGP.
Concerning standardization: It is a VERY BAD development that it has
become en vogue to require standardization from projects that haven't
even started functioning. It has been detrimental to the social tool
scene: None of them work well enough to actually scale and replace
Facebook, but the scalability problems are already being cemented into
"open standards," ensuring that they never will.
You must ALWAYS have a working pioneer tool FIRST, then dissect the
way it works and derive a standard out of it. Bittorrent is a good
example for that. It's one of the few things that actually works.
Imagine if Napster and Soulseek had developed an open standard. It
would only have delayed the introduction of Bittorrent, promoting
an inferior technology by standardization.
Open standards are part of the problem, not the solution.
> Sometimes I even think, if there wasn't gpg, new approaches had better
> chances reaching critical mass.
Good point. libtech is the place where people put time and money
into these things. Figuring out the ultimate UX fix for PGP won't
solve the underlying problems. The number of PGP critics is growing.
On Thu, Oct 10, 2013 at 12:40:55PM -0700, Jillian C. York wrote:
> In my opinion, this makes about as much sense as telling people who are
> already having sex not to use condoms.
I am saying to use condoms that don't slip off during intercourse
and explaining why the old condom technology has a tendency to break.
> Consider mine a critique of why this post makes almost no sense to and
> won't convince any member of the public. I'm sure some of the geeks here
> will have a field day with it, but some of it is barely in my realm of
> understanding (and while I'm admittedly not a 'geek', I've been working in
> this field for a long time, which puts me at the top rung of your 'average
> user' base).
Well, maybe we can find wordings that make it more understandable.
Of course the links are meant for being clicked upon when necessary.
> TL;DR: This may well be a solid argument for convincing developers to
> implement better UIs, etc, but it doesn't work for its intended purpose,
> which seems to be convincing n00bs not to use PGP.
No, it is exactly about not trying to fix on the UI level what is
fundamentally beyond repair.
> > 2. The OpenPGP Format: You might aswell run around the city naked.
> >
> > As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP
> > Message Format it is an easy exercise for any manufacturer of [07]Deep
> > Packet Inspection hardware to offer a detection capability for
> > PGP-encrypted messages anywhere in the flow of Internet communications,
> > not only within SMTP. So by using PGP you are making yourself visible.
> >
> > Stf has been suggesting to use a non-detectable wrapping format. That's
> > something, but it doesn't handle all the other problems with PGP.
>
> Okay, this part requires more explanation for the layman, methinks. It's
> not intuitive for a non-tech to understand.
Didn't feel like including an explanation of Deep Packet Inspection
and elaborate on the recognizable characteristics of the OpenPGP format
as it would explode the paragraph a bit, but maybe that's wrong. Depends
on who my target audience is. Somebody like you could be. Does it work by
following the links or does it get too abstract from there .. in the sense
that you can read the Wikipedia pages but fail to connect the dots?
> > 3. Transaction Data: He knows who you are talking to.
> >
> > Should Mallory not [08]possess the private keys to your mail provider's
> > TLS connection yet, he can simply intercept the communication by means
> > of a [11]man-in-the-middle attack, using a valid fake certificate that
> > he can make for himself on the fly. It's a bull run, you know?
>
> You're not going to convince anyone with jargony talk.
If this is still jargony to you, hmmm... you are unlikely to understand
the risks you are exposed to by using the Internet from day to day.
These are concepts that anyone in the circumvention business must
be aware of. You can choose to not read the Guardian article and not
try to understand what's going on, but then you should better just
trust that the conclusion is not made up:
> > Even if you employ PGP, Mallory can trace who you are talking to, when
> > and how long. He can guess at what you are talking about, especially
> > since some of you will put something meaningful in the unencrypted
> > Subject header.
>
> Again, this is a call for better education around email practices, not for
> people to stop using PGP.
There is nothing you can do with email that saves you from this happening.
Thus, it's not a problem of practices. It's a question of throwing away
the broken condom and learn about new contraceptive technology.
> > Should Mallory have been distracted, he can still recover your mails by
> > visiting your provider's server. Something to do with a PRISM, I heard.
> > On top of that, TLS itself is being recklessly deployed without forward
> > secrecy most of the time.
> >
> > 4. No Forward Secrecy: It makes sense to collect it all.
> >
> > As Eddie has told us, Mallory is keeping a complete collection of all
> > PGP mails being sent over the Internet, just in case the necessary
> > private keys may one day fall into his hands. This makes sense because
> > PGP lacks [12]forward secrecy. The characteristic by which encryption
> > keys are frequently refreshed, thus the private key matching the
> > message is soon destroyed. Technically PGP is capable of refreshing
> > subkeys, but it is so tedious, it is not being practiced - let alone
> > being practiced the way it should be: at least daily.
>
> Again: Fair criticism, but unclear why this should convince one NOT to use
> PGP. Rather, it should convince us to improve mechanisms and add forward
> secrecy.
You mean I should explain why it is impossible to add forward secrecy
to PGP over e-mail by design? I thought that was going to be clear.
> > 6. Federation: Get off the inter-server super-highway.
> >
> > NSA officials have been reported saying that NSA does not keep track of
> > all the peer-to-peer traffic as it is just large amounts of mostly
> > irrelevant copyright infringement. It is thus a very good idea to
> > develop a communications tool that embeds its ECC- encrypted
> > information into plenty of P2P cover traffic.
> >
> > Although this information is only given by hearsay, it is a reasonable
> > consideration to make. By travelling the well-established and
> > surveilled paths of e-mail, PGP is unnecessarily superexposed. Would be
> > much better, if the same PGP was being handed from computer to computer
> > directly. Maybe even embedded into a picture, movie or piece of music
> > using [17]steganography.
>
> Steganography, really? Sigh.
One of the options that are safer than PGP is steganography, yes.
> > 7. Statistical Analysis: Guessing on the size of messages.
> >
> > Especially for chats and remote computer administration it is known
> > that the size and frequency of small encrypted snippets can be observed
> > long enough to guess the contents. This is a problem with SSH and OTR
> > more than with PGP, but also PGP would be smarter if the messages were
> > padded to certain standard sizes, making them look all uniform.
>
> It would be great, yes. Still doesn't convince me that using PGP isn't
> worthwhile.
This one alone not necessarily, it's the least bad one of all.
> > 8. Workflow: Group messaging with PGP is impractical.
> >
> > Have you tried making a mailing list with people sharing private
> > messages? It's a cumbersome configuration procedure and inefficient
> > since each copy is re-encrypted. You can alternatively all share the
> > same key, but that's a different cumbersome configuration procedure.
> >
> > Modern communication tools automate the generation and distribution of
> > group session keys so you don't need to worry. You just open up a
> > working group and invite the people to work with.
>
> Okay, yes, you've got me here. PGP sucks for group discussion, although I
> fail to see why group discussion is an imperative. But what, do you
> suggest, is an immediate alternative? Nothing? Right, okay...still using
> PGP.
The article is not meant to be an advertisement for the alternatives.
With my working group we are currently exchanging materials by means
of RetroShare. It takes a bit getting used to as you would not expect
that a file sharing app should be used for by-the-way features like
its built-in homebrewn mail system and forum messaging - and to expect
it to be safer than regular e-mail. But RetroShare does indeed solve
some of the things listed in this long list (see the comparison for
details). The downside is, nobody is willing to put her hands in the
fire to guarantee it is a safe choice of software and the source code,
as frequently with file sharing tools, is too complex to be an easy
read. So it is an amazing feature beast pending peer review.
Briar is expected to be a better solution, but it is in alpha stage.
Both should probably be used over Tor for obfuscation, as they don't
provide for that themselves.
And then there is Pond, which is technologically a work of art, but it
doesn't facilitate group communication (yet).
> > 9. TL;DR: I don't care. I've got nothing to hide.
> >
> > So you think PGP is enough for you since you aren't saying anything
> > reaaally confidential? Nobody actually cares how much you want to lie
> > yourself stating you have nothing to hide. If that was the case, why
> > don't you do it on the street, as John Lennon used to ask?
> >
> > It's not about you, it's about your civic duty not to be a member of a
> > predictable populace. If somebody is able to know all your preferences,
> > habits and political views, you are causing severe damage to democratic
> > society. That's why it is not enough that you are covering naughty
> > parts of yourself with a bit of PGP, if all the rest of it is still in
> > the nude. Start feeling guilty. Now.
>
> Again: This is merely a reason to convince people to use encryption MORE
> OFTEN (which EFF does and which I fully support).
I agree that you should use encryption MORE.. but use it BETTER!
> > 10. The Bootstrap Fallacy: But my friends already have e-mail!
> >
> > But everyone I know already has e-mail, so it is much easier to teach
> > them to use PGP. Why would I want to teach them a new software!?
> >
> > That's a fallacy. Truth is, all people that want to start improving
> > their privacy have to install new software. Be it on top of
> > super-surveilled e-mail or safely independent from it. In any case you
> > will have to make a [18]safe exchange of the public keys, and e-mail
> > won't be very helpful at that. In fact you make it easy for Mallory to
> > connect your identity to your public key for all future times.
> >
> > If you really think your e-mail consumption set-up is so amazing and
> > you absolutely don't want to start all over with a completely different
> > kind of software, look out for upcoming tools that let you use mail
> > clients on top. Not the other way around.
>
> I don't even get what you're saying here. What, do you suggest, is the new
> software to teach people if not PGP?
I am saying that teaching people PGP is MORE work than getting them
to installed any of
- Pond
- Briar
- RetroShare
- Bitmessage
And that I hope that we will have more projects to list and that we will
not feel guilty for doing so. RetroShare has a terribly confusing UI (but
the developers are just waiting for some UX designer to tell them what to
do) and I bet the others need a hand on that front, too.
> > But what should I do then!??
> >
> > So that now we know 10 reasons not to use PGP over e-mail, let's first
> > acknowledge that there is no easy answer. Electronic privacy is a crime
> > zone with blood freshly spilled all over. None of the existing tools
> > are fully good enough. We have to get used to the fact that new tools
> > will come out twice a year.
>
> Cop-out. "Don't use PGP but I can't suggest anything for you." Silly.
Where does it say that?
Here comes the part that you were missing:
> > In the [09]comparison we have listed a few currently existing
> > technologies, that provide a safer messaging experience than PGP. The
> > problem with those frequently is, that they haven't been peer reviewed.
> > You may want to invest time or money in having projects peer reviewed
> > for safety.
> >
> > Pond is currently among the most interesting projects for mail privacy,
> > hiding its padded undetectable crypto in the general noise of Tor. Tor
> > is a good place to hide private communication since the bulk of Tor
> > traffic seems to be anonymized transactions with Facebook and the like.
> > Even better source of cover traffic is file sharing, that's why
> > RetroShare and GNUnet both have solid file sharing functionality to let
> > you hide your communications in.
You gave up reading just a few paragraphs too early....
--
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys(a)stanford.edu.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
----- Forwarded message from frank(a)journalistsecurity.net -----
Date: Thu, 10 Oct 2013 13:00:00 -0700
From: frank(a)journalistsecurity.net
To: liberationtech <liberationtech(a)lists.stanford.edu>
Subject: [liberationtech] CPJ: Obama and the Press
User-Agent: Workspace Webmail 5.6.43
Message-Id: <20131010130000.1dfe975c9695ebf5a1af6ff0ac4840df.42412b554a.wbe(a)email15.secureserver.net>
Reply-To: liberationtech <liberationtech(a)lists.stanford.edu>
The piece below may be of even more interest to many here. It goes
through case by case of Obama administration investigations, subpoenas
and surveillance of US journalists. And it may well be the longest
report CPJ has ever produced. Significant in that over 90 percent of
CPJ's work is focused on press freedom and related issues in less
developed nations.
http://www.cpj.org/reports/2013/10/obama-and-the-press-us-leaks-surveillanc…
The Obama Administration and the Press
Leak investigations and surveillance in post-9/11 America
U.S. President Barack Obama came into office pledging open government,
but he has fallen short of his promise. Journalists and transparency
advocates say the White House curbs routine disclosure of information
and deploys its own media to evade scrutiny by the press. Aggressive
prosecution of leakers of classified information and broad electronic
surveillance programs deter government sources from speaking to
journalists. A CPJ special report by Leonard Downie Jr. with reporting
by Sara Rafsky
Barack Obama leaves a press conference in the East Room of the White
House August 9. (AFP/Saul Loeb)
Barack Obama leaves a press conference in the East Room of the White
House August 9. (AFP/Saul Loeb)
Published October 10, 2013
WASHINGTON, D.C.
In the Obama administration’s Washington, government officials are
increasingly afraid to talk to the press. Those suspected of discussing
with reporters anything that the government has classified as secret are
subject to investigation, including lie-detector tests and scrutiny of
their telephone and e-mail records. An “Insider Threat Program”
being implemented in every government department requires all federal
employees to help prevent unauthorized disclosures of information by
monitoring the behavior of their colleagues.
Six government employees, plus two contractors including Edward Snowden,
have been subjects of felony criminal prosecutions since 2009 under the
1917 Espionage Act, accused of leaking classified information to the
press—compared with a total of three such prosecutions in all previous
U.S. administrations. Still more criminal investigations into leaks are
under way. Reporters’ phone logs and e-mails were secretly subpoenaed
and seized by the Justice Department in two of the investigations, and a
Fox News reporter was accused in an affidavit for one of those subpoenas
of being “an aider, abettor and/or conspirator” of an indicted leak
defendant, exposing him to possible prosecution for doing his job as a
journalist. In another leak case, a New York Times reporter has been
ordered to testify against a defendant or go to jail.
More in this report
• CPJ’s Recommendations
On the blog
• The US press is our press
In print
• Download the pdf
In other languages
• Español
• Português
Compounding the concerns of journalists and the government officials
they contact, news stories based on classified documents obtained from
Snowden have revealed extensive surveillance of Americans’ telephone
and e-mail traffic by the National Security Agency. Numerous
Washington-based journalists told me that officials are reluctant to
discuss even unclassified information with them because they fear that
leak investigations and government surveillance make it more difficult
for reporters to protect them as sources. “I worry now about calling
somebody because the contact can be found out through a check of phone
records or e-mails,” said veteran national security journalist R.
Jeffrey Smith of the Center for Public Integrity, an influential
nonprofit government accountability news organization in Washington.
“It leaves a digital trail that makes it easier for the government to
monitor those contacts,” he said.
“I think we have a real problem,” said New York Times national
security reporter Scott Shane. “Most people are deterred by those
leaks prosecutions. They’re scared to death. There’s a gray zone
between classified and unclassified information, and most sources were
in that gray zone. Sources are now afraid to enter that gray zone.
It’s having a deterrent effect. If we consider aggressive press
coverage of government activities being at the core of American
democracy, this tips the balance heavily in favor of the government.”
At the same time, the journalists told me, designated administration
spokesmen are often unresponsive or hostile to press inquiries, even
when reporters have been sent to them by officials who won’t talk on
their own. Despite President Barack Obama’s repeated promise that his
administration would be the most open and transparent in American
history, reporters and government transparency advocates said they are
disappointed by its performance in improving access to the information
they need.
“This is the most closed, control freak administration I’ve ever
covered,” said David E. Sanger, veteran chief Washington correspondent
of The New York Times.
Obama and host Jay Leno tape 'The Tonight Show with Jay Leno' at NBC
Studios on August 6 in Burbank, California. (AFP/Mandel Ngan)
Obama and host Jay Leno tape 'The Tonight Show with Jay Leno' at NBC
Studios on August 6 in Burbank, California. (AFP/Mandel Ngan)
The Obama administration has notably used social media, videos, and its
own sophisticated websites to provide the public with
administration-generated information about its activities, along with
considerable government data useful for consumers and businesses.
However, with some exceptions, such as putting the White House
visitors’ logs on the whitehouse.gov website and selected declassified
documents on the new U.S. Intelligence Community website, it discloses
too little of the information most needed by the press and public to
hold the administration accountable for its policies and actions.
“Government should be transparent,” Obama stated on the White House
website, as he has repeatedly in presidential directives.
“Transparency promotes accountability and provides information for
citizens about what their government is doing.”
But his administration’s actions have too often contradicted Obama’s
stated intentions. “Instead,” New York Times public editor Margaret
Sullivan wrote earlier this year, “it’s turning out to be the
administration of unprecedented secrecy and unprecedented attacks on a
free press.”
“President Obama had said that default should be disclosure,” Times
reporter Shane told me. “The culture they’ve created is not one that
favors disclosure.”
White House officials, in discussions with me, strongly objected to such
characterizations. They cited statistics showing that Obama gave more
interviews to news, entertainment, and digital media in his first
four-plus years in office than Presidents George W. Bush and Bill
Clinton did in their respective first terms, combined. They pointed to
presidential directives to put more government data online, to speed up
processing of Freedom of Information Act requests, and to limit the
amount of government information classified as secret. And they noted
the declassification and public release of information about NSA
communications surveillance programs in the wake of Snowden’s leak of
voluminous secret documents to The Washington Post and the Guardian.
“The idea that people are shutting up and not leaking to reporters is
belied by the facts,” Obama’s press secretary, Jay Carney, told me,
pointing in frustration to anonymously sourced media reports that same
day about planning for military action against the government of
President Bashar al-Assad in Syria.
“We make an effort to communicate about national security issues in
on-the-record and background briefings by sanctioned sources,” said
deputy White House national security adviser Ben Rhodes. “And we still
see investigative reporting from nonsanctioned sources with lots of
unclassified information and some sensitive information.”
He cited as an example the administration’s growing, if belated,
official openness about its use of drone aircraft to attack suspected
terrorists, including declassification of information about strikes in
Yemen and Somalia, following revelations about drone attacks in the news
media. “If you can be transparent, you can defend the policy,”
Rhodes told me. “But then you’re accused of jeopardizing national
security. You’re damned if you do and damned if you don’t. There is
so much political controversy over everything in Washington. It can be a
disincentive.”
The administration’s war on leaks and other efforts to control
information are the most aggressive I’ve seen since the Nixon
administration, when I was one of the editors involved in The Washington
Post’s investigation of Watergate. The 30 experienced Washington
journalists at a variety of news organizations whom I interviewed for
this report could not remember any precedent.
“There’s no question that sources are looking over their
shoulders,” Michael Oreskes, a senior managing editor of The
Associated Press, told me months after the government, in an extensive
leak investigation, secretly subpoenaed and seized records for telephone
lines and switchboards used by more than 100 AP reporters in its
Washington bureau and elsewhere. “Sources are more jittery and more
standoffish, not just in national security reporting. A lot of
skittishness is at the more routine level. The Obama administration has
been extremely controlling and extremely resistant to journalistic
intervention. There’s a mind-set and approach that holds journalists
at a greater distance.”
Washington Post national security reporter Rajiv Chandrasekaran, a
member of CPJ’s board of directors, told me that “one of the most
pernicious effects is the chilling effect created across government on
matters that are less sensitive but certainly in the public interest as
a check on government and elected officials. It serves to shield and
obscure the business of government from necessary accountability.”
Obama answers questions from the media in the Brady press briefing room
at the White House, April 30. (Reuters/Jason Reed)
Obama answers questions from the media in the Brady press briefing room
at the White House, April 30. (Reuters/Jason Reed)
Frank Sesno, a former CNN Washington bureau chief who is now director of
the School of Media and Public Affairs at George Washington University,
said he thought the combined efforts of the administration were
“squeezing the flow of information at several pressure points.” He
cited investigations of “leakers and journalists doing business with
them” and limitations on “everyday access necessary for the
administration to explain itself and be held accountable.”
The Insider Threat Program being implemented throughout the Obama
administration to stop leaks—first detailed by the McClatchy
newspapers’ Washington bureau in late June—has already “created
internal surveillance, heightened a degree of paranoia in government and
made people conscious of contacts with the public, advocates, and the
press,” said a prominent transparency advocate, Steven Aftergood,
director of the Government Secrecy Project at the Federation of American
Scientists in Washington. None of these measures is anything like the
government controls, censorship, repression, physical danger, and even
death that journalists and their sources face daily in many countries
throughout the world—from Asia, the Middle East and Africa to Russia,
parts of Europe and Latin America, and including nations that have
offered asylum from U.S. prosecution to Snowden. But the United States,
with its unique constitutional guarantees of free speech and a free
press—essential to its tradition of government accountability—is not
any other country.
“The investigation and potential indictment of investigative
journalists for the crime of doing their jobs well enough to make the
government squirm is nothing new,” Suzanne Nossel, executive director
of PEN American Center, wrote earlier this year. “It happens all over
the world, and is part of what the Obama administration has fought
against in championing press and Internet freedom globally. By allowing
its own campaign against national security leaks to become grounds for
trampling free expression, the administration has put a significant
piece of its very own foreign policy and human rights legacy at risk.”
Financial Times correspondent Richard McGregor told me that, after
coming to Washington several years ago from a posting in China, he was
surprised to find that “covering this White House is pretty miserable
in terms of getting anything of substance to report on in what should be
a much more open system. If the U.S. starts backsliding, it is not only
a bad example for more closed states, but also for other democracies
that have been influenced by the U.S.” to make their governments more
transparent.
This report will examine all these issues: legal policies of the Obama
administration that disrupt relationships between journalists and
government sources; the surveillance programs that cast doubt on
journalists’ ability to protect those sources; restrictive practices
for disclosing information that make it more difficult to hold the
government accountable for its actions and decision-making; and
manipulative use of administration-controlled media to circumvent
scrutiny by the press.
September 11, 2001, is a watershed
Of course, every U.S. administration in modern times has tried, with
varying degrees of success, to control its message and manage contacts
with the media and the public. “When I’m asked what is the most
manipulative and secretive administration I’ve covered, I always say
it’s the one in office now,” Bob Schieffer, the veteran CBS
television news anchor and chief Washington correspondent, told me.
“Every administration learns from the previous administration. They
become more secretive and put tighter clamps on information. This
administration exercises more control than George W. Bush’s did, and
his before that.”
The terrorist attacks on the United States on September 11, 2001, were a
watershed. They led to a rapid buildup of what The Washington Post later
characterized as a sprawling “Top Secret America” of intelligence
and other government agencies, special military forces, and private
contractors to combat terrorism. The “black budget” for the 16 U.S.
intelligence agencies alone was more than $50 billion for the fiscal
year 2013, according to an NSA document Edward Snowden gave to The Post.
Since the 9/11 attacks, “the national security role of the government
has increased hugely,” said Harvard Law School professor Jack
Goldsmith, a senior national security lawyer in the Pentagon and the
Justice Department during the Bush administration. It has amounted to a
“gigantic expansion of the secrecy system,” he told me, “both the
number of secrets and the numbers of people with access to secrets.”
By 2011, more than 4 million Americans had security clearances for
access to classified information of one kind or another, according to a
U. S. Intelligence Community report to Congress required by the 2010
Intelligence Authorization Act, and more and more information was being
classified as secret. In that year alone, government employees made 92
million decisions to classify information—one measure of what
Goldsmith called “massive, massive over-classification.” For
example, the 250,000 U.S. State Department cables that Army Pvt. Chelsea
Manning (then known as Pvt. Bradley Manning) downloaded and gave to the
Wikileaks website included countless previously published newspaper
articles that were classified as secret in diplomatic dispatches to
Washington.
President George W. Bush is applauded after signing the FISA Amendments
Act of 2008 in the White House Rose Garden. (AP/Ron Edmonds)
President George W. Bush is applauded after signing the FISA Amendments
Act of 2008 in the White House Rose Garden. (AP/Ron Edmonds)
The Patriot Act, passed by Congress after the 9/11 attacks and since
amended and extended in duration, gave the government increased powers
to protect national security, including secret investigations of
suspected terrorist activity. During the Bush administration, the NSA,
working with the Federal Bureau of Investigation, secretly monitored
large amounts of telephone calls that flowed through U.S.
telecommunications companies and facilities. This electronic
surveillance to detect terrorism threats was eventually authorized and
expanded by the closed FISA court created by the 1978 Foreign
Intelligence Surveillance Act, enabling the NSA to secretly collect,
store, and access records of most telephone and Internet traffic in and
passing through the United States.
Initially, the American press did not discover these or other secret
counterterrorism activities. It also did not appear to be aggressive in
challenging President George W. Bush’s rationale for going to war in
Iraq, in addition to the continuing military activity in Afghanistan.
“The Bush administration was working to sell the wars and covert
programs to journalists,” syndicated foreign affairs columnist David
Ignatius told me. “Access was a routine matter.”
But the press coverage gradually changed. In 2003, reporter Barton
Gellman detailed in The Washington Post how an American task force had
been unable to find any evidence of weapons of mass destruction in Iraq
after the American invasion. In 2004, CBS television news and New Yorker
magazine writer Seymour Hersh separately reported that U.S. soldiers and
intelligence agency interrogators had abused and tortured wartime
prisoners in Iraq’s Abu Ghraib prison. In 2005, Washington Post
reporter Dana Priest revealed that the Central Intelligence Agency had
detained and aggressively interrogated terrorism suspects in extralegal
“black site” secret prisons outside the U.S. Later that year, New
York Times reporters James Risen and Eric Lichtblau first reported about
the warrantless intercepts of Americans’ telephone calls in the
NSA’s secret electronic surveillance program. In 2006, Risen published
a book in which he revealed a failed CIA covert operation to sabotage
Iran’s nuclear program.
These kinds of revelations enabled Americans to learn about questionable
actions by their government and judge for themselves. But they
infuriated Bush administration officials, who tried to persuade news
executives to stop or delay such stories, which depended, in part, on
confidential government sources of classified information. The Bush
administration started intensive investigations to identify the sources
for the stories on CIA secret prisons and NSA electronic surveillance
and for Risen’s book. By the time Bush left office, no one had been
prosecuted, although a CIA officer was fired for unreported contacts
with Priest, and several Justice Department investigations were
continuing.
The Bush White House and Vice President Dick Cheney did not hesitate to
take issue with an increasingly adversarial press publicly and
privately, especially as the wars in Iraq and Afghanistan—and the Bush
administration itself—became more unpopular. But journalists and news
executives, including myself, were still able to engage knowledgeable
officials at the highest levels of the administration in productive
dialogue, including discussions of sensitive stories about classified
national security activities. “The Bush administration had a worse
reputation,” Marcus Brauchli, my immediate successor as executive
editor of The Washington Post, told me, “but, in practice, it was much
more accepting of the role of journalism in national security.”
And not just in national security. Ellen Weiss, Washington bureau chief
for E.W. Scripps newspapers and stations, said “the Obama
administration is far worse than the Bush administration” in trying to
thwart accountability reporting about government agencies. Among several
examples she cited, the Environmental Protection Agency “just
wouldn’t talk to us” or release records about environmental policy
review panels “filled by people with ties to target companies.”
Obama promises transparency
Obama, who during the 2008 campaign had criticized the “excessive
secrecy” of the Bush administration, came into the Oval Office
promising an unprecedentedly open government. By the end of his first
full day there on January 21, 2009, he had issued directives to
government agencies to speed up their responses to Freedom of
Information Act requests and to establish “Open Government
Initiative” websites with information about their activities and the
data they collect.
Obama’s ‘Open Government Initiative’ websites turned out to be
part of a strategy to minimize the administration’s exposure to the
press. (CPJ)
Obama’s ‘Open Government Initiative’ websites turned out to be
part of a strategy to minimize the administration’s exposure to the
press. (CPJ)
The government websites turned out to be part of a strategy, honed
during Obama’s presidential campaign, to use the Internet to dispense
to the public large amounts of favorable information and images
generated by his administration, while limiting its exposure to probing
by the press. Veteran political journalists Jim VandeHei and Mike Allen
described the administration’s message machine this way on the news
website Politico: “One authentically new technique pioneered by the
Obama White House is government creation of content—photos of the
president, videos of White House officials, blog posts written by Obama
aides—which can then be instantly released to the masses through
social media. And they are obsessed with taking advantage of Twitter,
Facebook, YouTube and every other social media forum, not just for
campaigning, but governing. They are more disciplined about cracking
down on staff that leak, or reporters who write things they don’t
like.”
A senior White House official told me, “There are new means available
to us because of changes in the media, and we’d be guilty of
malpractice if we didn’t use them.” The official said that, for
example, the White House often communicated brief news announcements on
Twitter to the more than 4 million followers of @whitehouse.
“Some of you have said that I’m ignoring the Washington press
corps—that we’re too controlling,” Obama jokingly told assembled
journalists at the annual Gridiron Dinner in Washington in March.
“Well, you know what? You were right. I was wrong, and I want to
apologize in a video you can watch exclusively at whitehouse.gov,” one
of the administration’s websites.
“There is no access to the daily business in the Oval Office, who the
president meets with, who he gets advice from,” said ABC News White
House correspondent Ann Compton, who has been covering presidents since
Gerald Ford. She said many of Obama’s important meetings with major
figures from outside the administration on issues like health care,
immigration, or the economy are not even listed on Obama’s public
schedule. This makes it more difficult for the news media to inform
citizens about how the president makes decisions and who is influencing
them.
“In the past,” Compton told me, “we would often be called into the
Roosevelt Room at the beginning of meetings to hear the president’s
opening remarks and see who’s in the meeting, and then we could talk
to some of them outside on the driveway afterward. This president has
wiped all that coverage off the map. He’s the least transparent of the
seven presidents I’ve covered in terms of how he does his daily
business.”
The White House produces its own short newscast, ‘West Wing Week,’
on events which journalists may not have known about. (CPJ)
The White House produces its own short newscast, ‘West Wing Week,’
on events which journalists may not have known about. (CPJ)
Instead of providing greater access for reporting by knowledgeable
members of the press, Compton noted, the Obama White House produces its
own short newscast, “West Wing Week,” which it posts on the White
House website. “It’s five minutes of their own video and sound from
events the press didn’t even know about,” she said.
“When you call the White House press office to ask a question or seek
information, they refer us to White House websites,” said Chris
Schlemon, Washington producer for Britain’s Channel 4 television news
network. “We have to use White House website content, White House
videos of the president’s interviews with local television stations
and White House photographs of the president.”
The Obama administration is using social media “to end run the news
media completely,” Sesno at George Washington University told me.
“Open dialogue with the public without filters is good, but if used
for propaganda and to avoid contact with journalists, it’s a slippery
slope.”
Brushing off such concerns as special pleading from the news media, a
senior administration official told me that White House videos of
otherwise closed meetings, for example, provide the public with “a net
increase in the visibility of these meetings.” Several reporters told
me that the White House press office and public affairs officials in
many government agencies often don’t respond to their questions and
interview requests or are bullying when they do. “In the Obama
administration, there is across-the-board hostility to the media,”
said veteran Washington correspondent and author Josh Meyer, who reports
for the Atlantic Media national news website Quartz. “They don’t
return repeated phone calls and e-mails. They feel entitled to and
expect supportive media coverage.”
Reporters and editors said they often get calls from the White House
complaining about news content about the administration. “Sometimes
their levels of sensitivity amaze me—about something on Twitter or a
headline on our website,” said Washington Post Managing Editor Kevin
Merida.
Obama press secretary Carney, who had covered the White House for Time
magazine, minimized such complaints as being part of a “natural
tension” in any administration’s relationship with the press.
“That’s not new. I was yelled at by people during the Clinton and
Bush administrations,” he told me.
White House Press Secretary Jay Carney, a former journalist, says media
complaints are part of a 'natural tension' in any administration’s
relationship with the press. (Reuters/Kevin Lamarque)
White House Press Secretary Jay Carney, a former journalist, says media
complaints are part of a 'natural tension' in any administration’s
relationship with the press. (Reuters/Kevin Lamarque)
“The Obama people will spend an hour with you, off the record, arguing
about the premise of the story,” said Josh Gerstein, who covers the
White House and its information policies for Politico. “If the story
is basically one that they don’t want to come out, they won’t even
give you the basic facts.”
Eric Schmitt, national security correspondent of The New York Times,
told me: “There’s almost an obligation to control the message the
way they did during the campaign. More insidious than the chilling
effect of the leaks investigations is the slow roll or stall. People
say, ‘I have to get back to you. I have to clear it with public
affairs.’”
“They’re so on message,” said Channel 4’s Schlemon. “I thought
Bush was on message, but they’ve taken it to a whole new level.”
White House under pressure to stop leaks
As this information-control culture took root after Obama entered the
White House in January 2009, his administration also came under growing
pressure from U.S. intelligence agencies and congressional intelligence
committees to stem what they considered an alarming accumulation of
leaks of national security information. According to a New York Times
story this summer, Obama’s first director of national intelligence,
Dennis C. Blair, noted that during the previous four years 153 national
security leaks had been referred by the intelligence agencies in
“crime reports” to the Justice Department, but that only 24 had been
investigated by the FBI, and no leaker had yet been prosecuted in those
investigations.
“According to Mr. Blair,” The Times reported, “the effort got
under way after Fox News reported in June 2009 that American
intelligence had gleaned word from within North Korea of plans for an
imminent nuclear test.” Blair told The Times that he and Attorney
General Eric H. Holder Jr. then coordinated a more aggressive approach
aimed at producing speedy prosecutions. “We were hoping to get
somebody and make people realize that there are consequences to this and
it needed to stop,” Blair told The Times. “It was never a conscious
decision to bring more of these cases than we ever had,” Matthew
Miller, Holder’s spokesman at the time, told me this summer. “It was
a combination of things. There were more crime reports from the
intelligence agencies than in previous years. There was pressure” from
Capitol Hill, where Holder, Blair and other administration officials
“were being harangued by both sides: ‘Why aren’t leakers being
prosecuted? Why aren’t they being disciplined?’”
“Some strong cases,” inherited from the Bush administration, “were
already in process,” Miller said. “And a number of cases popped up
that were easier to prosecute” with “electronic evidence,”
including telephone and e-mail records of government officials and
journalists. “Before, you needed to have the leaker admit it, which
doesn’t happen,” he added, “or the reporter to testify about it,
which doesn’t happen.”
Leak prosecutions under Obama have been “a kind of slap in the
face,” said Smith of the Center for Public Integrity. “It means you
have to use extraordinary measures for contacts with officials speaking
without authorization.”
Use of Espionage Act gathers steam
The first Obama administration prosecution for leaking information
popped up quickly in April 2009, when a Hebrew linguist under contract
with the FBI, Shamai K. Leibowitz, gave a blogger classified information
about Israel. The administration has never disclosed the nature of the
information, the identity of the blogger, or the government’s evidence
in the relatively little-noticed case. Leibowitz pleaded guilty in May
2010, and was sentenced to 20 months in prison for a violation of the
1917 Espionage Act. It was the Obama administration’s initial use of a
law passed during World War I to prevent spying for foreign enemies.
The campaign against leaks then gathered steam with Espionage Act
prosecutions in two of the investigations inherited from the Bush
administration.
In the first, NSA employee Thomas Drake was indicted on April 14, 2010,
on charges of providing information to The Baltimore Sun in 2006 and
2007 about spending and management issues at the NSA, including
disagreements about competing secret communications surveillance
programs. Drake gave information to Siobhan Gorman, then a Sun reporter,
including copies of documents that, in his view, showed the NSA had
wrongly shelved a cheaper surveillance program with privacy safeguards
for Americans in favor of a much more costly program without such
safeguards. Drake and two of his NSA colleagues believed they were
whistle-blowers who had first voiced their concerns within the NSA and
to a sympathetic congressional investigator, to no avail. Gorman’s
stories in the Sun angered government officials, including Gen. Michael
Hayden, who was the NSA director when Drake objected to Hayden’s
decision to switch the communications surveillance programs.
At the time when the Sun was publishing Gorman’s stories, the Bush
administration’s investigation of the 2005 New York Times story about
NSA warrantless communications surveillance had not found any leakers to
prosecute. Apparently Drake, his NSA colleagues, and the congressional
investigator to whom Drake had turned then became the focus of that
investigation, even though they were never identified as sources for The
Times. The homes of the other three—former NSA officials William
Binney and J. Kirk Weibe and House Intelligence Committee staff member
Diane Roark—were raided by armed federal agents on July 26, 2007. The
raids frightened and angered them, but they were not prosecuted.
However, when Drake’s home was searched four months later, federal
agents found copies of documents about the NSA programs that were the
subjects of The Baltimore Sun stories. Drake volunteered to
investigators that, acting as a whistle-blower, he had sent copies of
documents and hundreds of e-mails to Sun reporter Gorman. Only after the
Obama administration took office more than a year later, and the Justice
Department became more aggressive in prosecuting leakers, was Drake
indicted on 10 felony counts, including violations of the Espionage Act,
for “willful retention of national defense information” and
“making false statements” when he insisted to federal agents that
the documents he had copies of were not secret.
Eventually, Drake’s lawyers and supporters showed that most of the
information at issue was not classified or, as former Justice spokesman
Miller told me, “other officials had been talking about the same
things.” In June, as the government’s case “fell apart,” in
Miller’s words, the federal prosecutor agreed not to seek a prison
sentence for Drake in return for his guilty plea to the misdemeanor
crime of misusing the NSA’s computer system. When Judge Richard D.
Bennett sentenced Drake in Federal District Court to a year’s
probation and 240 hours of community service, he said it was
“unconscionable” that Drake and his family had endured “four years
of hell” before the government dismissed its 10-count felony
indictment. Drake, who was forced to resign from the NSA, now works in
an Apple computer store.
Former NSA director Hayden told me that, despite his differences with
Drake, the employee should never have been prosecuted under the
Espionage Act. “He should have been fired for unauthorized meetings
with the press,” Hayden said. “Prosecutorial overreach was so great
that it collapsed under its own weight.”
Whatever his role in the NSA’s internal rivalries at the time, Drake
appears to be a whistle-blower whose information about the secretive
agency’s telecommunications surveillance methods should have resulted
in greater government accountability at the time, rather than a criminal
prosecution for spying.
Who is a whistle-blower?
In the second investigation inherited from the Bush administration,
former CIA officer Jeffrey Sterling was indicted on Dec. 22, 2010, and
arrested on Jan. 6, 2011, on charges of providing New York Times
reporter James Risen with extensive information about a failed CIA
effort to sabotage Iran’s nuclear program. The Times never published a
story about it, but the information appeared to be the basis for a
chapter in Risen’s 2006 book, State of War. Sterling, who is black,
had unsuccessfully sued the CIA for discrimination after he lost his job
there.
New York Times reporter James Risen has vowed to go to jail rather than
identify a source in court. (AP/The New York Times)
New York Times reporter James Risen has vowed to go to jail rather than
identify a source in court. (AP/The New York Times)
Years of communications records for the two men were subpoenaed and
seized during the government’s investigation—and itemized in
Sterling’s indictment. They showed dozens of telephone calls and
e-mails between Sterling and Risen, beginning in 2002, when Risen wrote
in The Times about Sterling’s allegations of racial discrimination
when he worked on the CIA’s Iran task force. In hindsight, it was the
first clear evidence that the Justice Department was digging into the
phone and e-mail records of both government officials and journalists
while investigating leaks.
“Jeffrey Sterling is not a whistle-blower,” Miller, the former
Justice Department spokesman, insisted to me, even though Sterling,
whatever his motive, apparently was knowledgeable about significant
problems plaguing the CIA at the time. “He was fired for cause. He
went to court and the case was thrown out. No waste, fraud, or abuse was
involved.”
This is a disturbing distinction that the Obama administration has made
repeatedly. Exposing “waste, fraud and abuse” is considered to be
whistle-blowing. But exposing questionable government policies and
actions, even if they could be illegal or unconstitutional, is often
considered to be leaking that must be stopped and punished. This greatly
reduces the potential for the press to help hold the government
accountable to citizens.
Beginning in early 2008, the Justice Department repeatedly tried to
subpoena Risen to testify against Sterling in what has become a
long-running legal battle closely watched by journalists and media
lawyers. In support of the latest subpoena, filed in April 2010, Justice
argued that “James Risen is an eyewitness to the serious crimes with
which the grand jury charged Sterling.”
In July 2011, Judge Leonie Brinkema ruled in Federal District Court
that, while Risen must testify to the accuracy of his reporting, he
could not be compelled by the government to reveal his source. She
concluded that courts, dating back to the U.S. Supreme Court’s divided
ruling in Branzburg v. Hayes in 1972, had, in effect, established a
qualified privilege under the First Amendment that protects reporters
against identifying their sources if their need to protect their
sources’ identities to do their reporting outweighs the government’s
need for the reporters’ testimony to establish its case. It was the
first time a reporter had successfully invoked such a privilege at the
grand jury and trial stages of a federal prosecution.
The Obama administration appealed Brinkema’s decision, leaving the
Sterling trial in limbo. A coalition of 29 news organizations and
related groups came forward to support Risen, a two-time winner of the
Pulitzer Prize for journalism. In an appellate brief, they pointed to
the many significant national security and government accountability
news stories over the years that could not have been reported by the
press without confidential sources.
However, in July this year, a three-judge panel of the U.S. Court of
Appeals for the Fourth Circuit in Richmond, Va., reversed Brinkema’s
decision from two years earlier. A 2-to-1 majority ruled that the First
Amendment did not protect Risen from being forced to testify against his
source. Also citing Branzburg, Chief Judge William Byrd Traxler wrote:
“Clearly, Risen’s direct, firsthand account of the criminal conduct
indicted by the grand jury cannot be obtained by alternative means, as
Risen is without dispute the only witness who can offer this
testimony.”
Ominously, perhaps, Traxler added that Risen “is inextricably involved
in it. Without him, the alleged crime would not have occurred, since he
was the recipient of illegally-disclosed, classified information.”
Dissenting, Judge Roger Gregory argued that the decision could be a
serious blow to investigative journalism. “The majority exalts the
interests of the government while unduly trampling those of the
press,” he wrote, “and, in doing so, severely impinges on the press
and the free flow of information in our society.”
Risen asked the full 15-judge appellate court to review the case, and he
vowed to go to jail rather than identify his source. Backed once again
by many press organizations, he also formally asked the Justice
Department to withdraw the subpoena. The Justice Department has
continued to press for enforcement of the subpoena by asking the full
appellate court not to hear further arguments in the case.
Manning case is a turning point
The Obama administration’s next prosecution originated with a June 11,
2009, story on the Fox News network’s website. Fox News’s chief
Washington correspondent, James Rosen, reported that U.S. Intelligence
had discovered that North Korea was planning, in defiance of the United
Nations, to escalate its nuclear program and conduct another nuclear
weapons test. The Justice Department soon began a secret investigation,
which produced an August 19, 2010, felony indictment of Stephen Jin-Woo
Kim, a State Department contract analyst. He was charged with violating
the Espionage Act by giving classified intelligence information about
North Korea to Rosen, who was not named in the indictment.
The indictment of Kim contained just two bare-bones paragraphs—the tip
of an iceberg of secret investigations on which the Obama administration
and the press would collide resoundingly nearly three years later.
Overshadowing the Kim case at the time was the arrest in May 2010 of
Manning, the Army private, in the most voluminous leak of classified
documents in U.S. history. Manning was an emotionally troubled young
soldier concerned about U.S. conduct in the wars in Iraq and
Afghanistan. Manning used computer access as an Army intelligence
analyst in Baghdad to download an enormous amount of classified
information and give it to the anti-secrecy group Wikileaks. The data
included more than 250,000 U.S. State Department diplomatic cables,
500,000 U.S. Army incident reports from the two wars, dossiers on
terrorist suspects detained at Guantánamo Bay, and videos of two
American airstrikes that killed civilians in Iraq and Afghanistan.
Army Pvt. Chelsea Manning (then known as Pvt. Bradley Manning) was
arrested for the most voluminous leak of classified documents in U.S.
history. (AP/Patrick Semansky)
Army Pvt. Chelsea Manning (then known as Pvt. Bradley Manning) was
arrested for the most voluminous leak of classified documents in U.S.
history. (AP/Patrick Semansky)
News media throughout the world published scores of stories based on the
documents obtained through Wikileaks during 2010 and 2011. The State
Department cables contained American diplomats’ unvarnished views of
numerous countries’ government and diplomatic activities. The military
logs detailed troubling issues, including civilian deaths, in waging the
wars in Iraq and Afghanistan. While news organizations did further
reporting for what they published, and decided to leave out some names
and other details after talking to government officials, Wikileaks
posted unredacted documents on its own website, exposing, among other
things, the identities of foreign nationals in contact with U.S.
embassies around the world.
Manning was eventually charged in a military court with 22 offenses,
including violations of the Espionage Act, and pleaded guilty in
February 2013 to 10 of the lesser charges of accessing and communicating
classified information. The government nevertheless continued to pursue
the prosecution, and Manning was convicted by a military judge in July
of the rest of the charges, except the most serious offense under the
Uniform Code of Military Justice—aiding the enemy. In August, the
court-martial judge, Col. Denise R. Lind, sentenced Manning to 35 years
in prison. With credit for time served awaiting the trial and verdict,
she could be eligible for parole in seven years. It was a long sentence
for leaking classified information, as extensive as it was, to news
media, rather than spying for a foreign government.
The Manning case appears to have been another turning point. “After
Wikileaks, the administration got together and decided we’re not going
to let this happen again,” said Lucy Dalglish, who monitored
developments closely while director of the Reporters Committee for the
Freedom of the Press. “Prosecution under the 1917 Espionage Act is
almost their only tool,” she told me. “They’re sending a message.
It’s a strategy.”
Dalglish, now dean of the Philip Merrill College of Journalism at the
University of Maryland, along with Danielle Brian of the Project on
Government Oversight (POGO) and other longtime government transparency
advocates, met with President Obama in the Oval Office on March 28,
2011, to thank him for his frequent promises about transparency and
early actions on open government. They used the opportunity to explain
why they thought much more needed to be done. According to Brian’s
written account in the POGO blog the next day, the president seemed
sympathetic to the issues they raised, including the over-classification
of government information as secret.
But when Brian brought up “the current aggressive prosecution of
national security whistle-blowers” and the “need to create safe
channels for disclosure of wrongdoing in national security agencies,”
she wrote, “The president shifted in his seat and learned forward. He
said he wanted to engage on this topic because that may be where we have
some differences. He said he doesn’t want to protect the people who
leak to the media war plans that could impact the troops. He
differentiated these leaks from those whistle-blowers exposing a
contractor getting paid for work they are not performing.”
Dalglish told me there was a follow-up meeting at the White House in
June 2011, with national security journalists and lawyers from the
director of national intelligence, CIA, FBI and the Pentagon. But they
made little progress. “When the journalists said that in the past you
could negotiate with agencies” about national security information,
“there was no real response,” Dalglish recalled. When they asked,
with the Risen subpoena in mind, about a proposed federal shield law
that could protect reporters from being forced to identify their
sources, Dalglish said, the lawyers told them, “You can get a shield
law, but you’ve probably seen your last subpoena. We don’t need you
anymore.”
Another leaker’s motives in question
On October 7, 2011, the Obama White House launched an ambitious new
effort to curb leaks. “Following the unlawful disclosure of classified
information by Wikileaks,” it announced, “the National Security
Staff formed an interagency committee to review the policies and
practices surrounding the handling of classified information, and to
recommend government-wide actions to reduce the risk of a future
breach.” An accompanying executive order from the president
established an Insider Threat Task Force to develop within a year “a
government-wide program for insider threat detection and prevention to
improve protection and reduce potential vulnerabilities of classified
information from exploitation, compromise, or other unauthorized
disclosure.”
Meanwhile, the administration launched another Espionage Act
prosecution. Former CIA officer John Kiriakou was indicted on April 5,
2012, on five felony counts accusing him of disclosing classified
information, including the names of two CIA agents, to freelance
journalist Matthew Cole and to New York Times reporter Scott Shane.
Kiriakou, who retired from the CIA in 2004, had led the team that
located and captured senior Al Qaeda operative Abu Zubaydah in 2002 in
Pakistan. He became a sought-after news source—and a bête noire for
the CIA—after a 2007 ABC News television interview in which he
confirmed that Zubaydah had been water-boarded during his interrogation.
Kiriakou said he believed the measure was necessary, legal, and
effective, but probably constituted torture that should not be used
again.
Amid his many subsequent media appearances and contacts with
journalists, Kiriakou discussed a covert CIA agent with Cole, who, in
turn, discussed the agent with a researcher for defense lawyers for Al
Qaeda suspects detained at Guantánamo Bay. Later, Kiriakou confirmed to
Shane the identity of a former CIA officer, Deuce Martinez, who was
involved in the Zubaydah interrogation. Shane told me that Kiriakou had
showed him a non-CIA private business card for Martinez, whom Shane was
trying to locate. “Martinez had been undercover, but he had asked that
he no longer be, and he wasn’t,” said Shane, who wrote a detailed
Times story about “enhanced interrogations” of terrorist suspects,
which stated that Martinez had declined to be interviewed.
Former CIA officer John Kiriakou walks to U.S. District Court in
Alexandria, Virginia, October 23, 2012. (AP/Cliff Owen)
Former CIA officer John Kiriakou walks to U.S. District Court in
Alexandria, Virginia, October 23, 2012. (AP/Cliff Owen)
When government officials discovered that the Guantánamo defense
lawyers were identifying CIA witnesses to their clients’
interrogation, the agency filed a crime report that prompted a Justice
Department investigation. A defense lawyer and a researcher, who had
been targets of the inquiry, were eventually cleared of any illegality.
Instead, the investigation turned into a criminal leaks case after
investigators seized scores of e-mails between Kiriakou and journalists.
They revealed Kiriakou as both Cole’s source of the identity of the
covert CIA agent and a frequent contact of Times reporter Shane. In a
plea bargain, Kiriakou admitted guilt on October 22, 2012, to a single
count of violating the Intelligence Identities Protection Act for giving
the covert CIA agent’s name to Cole. In return, the other charges,
including three counts of violating the Espionage Act, were dropped.
Kiriakou was sentenced to 30 months in prison.
Once again, there was disagreement about the leaker’s motivation in a
questionable espionage case. Kiriakou and his supporters characterized
him as a patriotic, if self-promoting, whistle-blower who exposed
abusive interrogation methods later condemned as torture, while none of
the government officials responsible for them had been punished.
However, Judge Brinkema said in sentencing Kiriakou, “this is not a
case of a whistle-blower” because of the seriousness of revealing the
identity of a covert intelligence officer.
In a statement to CIA employees the day after Kiriakou’s sentencing,
David H. Petraeus, then the CIA director, made clear the
administration’s intentions. “The case yielded the first successful
prosecution”—under the Intelligence Identities Protection
Act—“in 27 years, and it marks an important victory for our agency,
for our intelligence community, and for the country,” Petraeus told
them. “Oaths do matter, and there are indeed consequences for those
who believe they are above the laws that protect our fellow officers and
enable American intelligence agencies to operate with the requisite
degree of secrecy.”
The chilling lesson for reporters and sources, The Times’s Shane told
me, contrary to Petraeus, “is that seemingly innocuous e-mails not
containing classified information can be construed as a crime.”
Journalist and author Steve Coll, now dean of the Columbia School of
Journalism, raised questions about the case in a New Yorker magazine
article last April. “Which matters more: Kiriakou’s motives or his
reliability, or the fact that, however inelegantly, he helped to reveal
that a sitting president”—George W. Bush—“had ordered
international crimes?” Coll asked. “Does the emphasis on the
messenger obscure the message?” There is no “perfect solution to
this problem” of how to protect necessary secrets while informing
citizens about their government, Jack Goldsmith, the Harvard Law
professor and former Bush administration lawyer, told me. “Too much
secrecy and too much leaking are both bad.” he said. “A leaker has
to be prepared to subject himself to the penalties of law, but leaks can
serve a really important role in helping to correct government
malfeasance, to encourage government to be careful about what it does in
secret and to preserve democratic processes.”
Climate of fear sets in
The next escalation in the Obama administration’s war on leaks had
already been prompted by a May 7, 2012, Associated Press story revealing
the CIA’s success in penetrating a Yemen-based group, Al-Qaeda in the
Arabian Peninsula, that had developed an improved “underwear bomb”
improvised explosive device (IED) for a suicide bomber to detonate
aboard U.S.-bound aircraft. At the request of the White House and the
CIA, the AP had held the story for five days to protect continuing
aspects of the covert operation. The AP’s discussions with government
officials were similar to many I had participated in with several
administrations during my years as executive editor of The Washington
Post, when I was deciding how to publish significant stories about
national security without causing unnecessary harm.
After the AP story first appeared on its wire service, the White House
spoke freely about it on the record, publicly congratulating the CIA.
Intelligence officials, however, were angry that the AP story and
subsequent reporting had revealed their covert operation in Yemen.
“The irresponsible and damaging leak of information was made,” CIA
Director John Brennan later told Congress, “when someone informed The
Associated Press that the U.S. had intercepted an IED that was supposed
to be used in an attack and that the U.S. government currently had the
IED in its possession and was studying it.” Brennan said that he had
himself been questioned by the FBI in the investigation of the leak.
Then, on June 1, 2012, The New York Times published a story by David E.
Sanger describing a covert operation code-named Olympic Games, in which
a computer worm called Stuxnet, developed by the U.S. and Israel, had
been used in cyberattacks on the computer systems running Iran’s main
nuclear enrichment facilities. Sanger also detailed the operation in his
book, Confront and Conceal, published at the same time.
Even though the existence of the worm was already known because a
computer error had sent it around the world two years earlier, the
details in Sanger’s story and book helped cause political trouble for
Obama. Republicans in Congress and conservative pundits loudly accused
the administration of purposely leaking classified information used in
the AP and New York Times stories to embellish Obama’s
counterterrorism credentials in an election year.
The Justice Department responded by opening aggressive investigations to
find and prosecute the unnamed sources of both stories. Rejecting
Republican calls for special prosecutors, Attorney General Holder
assigned two senior U.S. attorneys to run the investigations. The New
York Times reported that federal prosecutors and the FBI questioned
scores of officials throughout the government who had knowledge of
either covert operation or who were identified in computer analyses of
phone, text, and e-mail records as having any contact with the
journalists involved.
“A memo went out from the chief of staff a year ago to White House
employees and the intelligence agencies that told people to freeze and
retain any e-mail, and presumably phone logs, of communications with
me,” Sanger told me. As a result, he said, longtime sources would no
longer talk to him. “They tell me, ‘David, I love you, but don’t
e-mail me. Let’s don’t chat until this blows over.’”
Director of National Intelligence James Clapper testifies at a Senate
Intelligence Committee hearing on FISA legislation on September 26.
(Reuters/Jason Reed)
Director of National Intelligence James Clapper testifies at a Senate
Intelligence Committee hearing on FISA legislation on September 26.
(Reuters/Jason Reed)
The director of national intelligence, James Clapper, announced on June
25, 2012, his own internal steps to stem leaks. Employees of all 16 U.S.
intelligence agencies—including the CIA, NSA, FBI and Defense
Intelligence Agency—would be asked during routine polygraph
examinations whether they had disclosed any classified information to
anyone. And the new inspector general for the Intelligence Community,
with jurisdiction over all its agencies, would investigate leak cases
that had not produced prosecutions by the Justice Department to
determine what alternative action should be taken. A classified report
from the inspector general to Clapper, obtained about the same time by
the Federation of American Scientists’ Project on Government Secrecy,
showed that the inspector general was already reviewing 375 unresolved
investigations of intelligence agency employees.
Five months later, on November 21, 2012, after a year’s planning by
its Insider Threat Task Force, the White House issued a presidential
memorandum instructing all federal government departments and agencies
to set up Insider Threat Programs to monitor employees with access to
classified information and prevent “unauthorized disclosure.”
According to the National Insider Threat Policy, each agency must, among
other things, develop procedures “ensuring employee awareness of their
responsibility to report, as well as how and to whom to report,
suspected insider threat activity.” Officials cited the Manning case
as the kind of threat the program was intended to prevent.
A survey of government department and agencies this summer by the
Washington bureau of the McClatchy newspapers found that they had wide
latitude in defining what kinds of behavior constituted a threat.
“Government documents reviewed by McClatchy illustrate how some
agencies are using that latitude to pursue unauthorized disclosures of
any information, not just classified material,” it reported in June.
“They also show how millions of federal employees and contractors must
watch for ‘high-risk persons or behaviors’ among co-workers and
could face penalties, including criminal charges, for failing to report
them. Leaks to media are equated with espionage.”
Michael Hayden, who was director of the NSA and then the CIA during the
Bush administration, told me that, in his view, the unfolding Insider
Threat Program “is designed to chill any conversation whatsoever.”
“The simplest thing to do is to avoid contacts with the press,” the
government transparency advocate Steven Aftergood said about the
program. “It discourages even casual contacts with the press and
members of the public,” he said.
“Reporters are interviewing sources through intermediaries now,”
Washington Post national news editor Cameron Barr told me, “so the
sources can truthfully answer on polygraphs that they didn’t talk to
reporters.”
Media outraged over AP secret subpoena
In May of this year, two revelations of Justice Department tactics in
the war on leaks caused already roiling tensions between news media and
the Obama administration to boil over.
On May 13, the Justice Department informed the Associated Press—three
months after the fact—that as part of its investigation of the AP
story a year earlier about the CIA’s covert operation in Yemen, it had
secretly subpoenaed and seized all records for 20 AP telephone lines and
switchboards for April and May of 2012. The records included outgoing
calls for the work and personal phone lines of individual reporters, for
AP news bureau lines in New York, Washington, and Hartford, Conn., and
for the main AP phone number in the press gallery of the U.S. House of
Representatives. Although only five AP reporters and an editor were
involved in the May 12, 2012, Yemen story, “thousands upon thousands
of newsgathering calls” by more than 100 AP journalists using
newsroom, home, and mobile phones were included in the seized records,
AP President Gary Pruitt said in an interview with CBS News’ “Face
the Nation” television program. “There can be no possible
justification for such an overbroad collection of the telephone
communications of The Associated Press and its reporters,” Pruitt
wrote in a letter of protest to Attorney General Holder. “These
records potentially reveal communications with confidential sources
across all of the newsgathering activities undertaken by the AP during a
two-month period, provide a road map to AP’s newsgathering operations
and disclose information about AP’s activities and operation that the
government has no conceivable right to know.”
“I don’t know what their motive is,” Pruitt said on “Face the
Nation.” But, he added, “I know what the message being sent is: If
you talk to the press, we’re going after you.” There was an
immediate outcry from the rest of the press. The next day, a coalition
of more than 50 American news media organizations—including the
Newspaper Association of America, National Association of Broadcasters,
American Society of News Editors, Society of Professional Journalists,
ABC, NBC, CNN, NPR, Gannett, McClatchy, Tribune, The New York Times, and
The Washington Post—joined the Reporters Committee for the Freedom of
the Press in a strong protest letter to Holder. The secret subpoena and
seizure of AP phone records, the letter stated, call “into question
the very integrity of Department of Justice policies toward the press
and its ability to balance, on its own, its police powers against the
First Amendment rights of the news media and the public’s interest in
reporting all manner of government conduct, including matters touching
on national security which lie at the heart of this case.” CPJ’s
board of directors also sent an unprecedented letter of protest to
Holder.
News organizations accuse Attorney General Eric Holder of ignoring
Justice Department guidelines governing subpoenas of journalists. (AP/J.
Scott Applewhite)
News organizations accuse Attorney General Eric Holder of ignoring
Justice Department guidelines governing subpoenas of journalists. (AP/J.
Scott Applewhite)
Substantively, the news organizations charged in their letter that the
Justice Department “appears to have ignored or brushed aside almost
every aspect” of its own four-decade-old guidelines governing
subpoenas of journalists and news organizations. The Justice guidelines
prescribed that such a subpoena should be used only a last resort in a
federal investigation. They stated that “the subpoena should be as
narrowly drawn as possible,” that the targeted news organization
“shall be given reasonable and timely notice” to negotiate the
subpoena with Justice or to fight it in court, and that “the approach
in every case must be to strike the proper balance between the
public’s interest in the free dissemination of ideas and information
and the public’s interest in effective law enforcement and the fair
administration of justice.”
By secretly serving the subpoena for the records directly on telephone
companies without notifying the AP, the Justice Department avoided
negotiations with the news agency or a court challenge over its broad
scope. That would be permitted as an exception to the Justice guidelines
if prosecutors believed prior notification and negotiations would
“pose a substantial threat to the integrity of the investigation.”
But there was never an explanation of what threat might have been posed
in this case, since preservation of the records by the phone companies
was never in question and the news leak under investigation had occurred
long before.
I can remember only one similar event during my 17 years as executive
editor of The Washington Post. In 2008, the FBI director at the time,
Robert S. Mueller III, formally apologized to me and to the executive
editor of The New York Times for the unexplained secret seizure four
years earlier of the phone records of our foreign correspondents working
in Jakarta, Indonesia—because the Justice guidelines had been violated
and no subpoena had been issued. But I recall a number of instances
during several U.S. administrations in which other federal investigative
requests, for which the newspaper had prior notification, were
successfully negotiated in ways that protected our newsgathering
independence in accordance with the Justice guidelines.
A week after the revelation of the secret seizure of AP telephone
records, The Washington Post reported that the Justice Department had
also secretly subpoenaed and seized telephone and e-mail records of the
Fox News chief Washington correspondent, James Rosen, in the Espionage
Act prosecution of Stephen Jin-Woo Kim. Federal investigators used the
records to trace phone conversations and e-mail exchanges between Rosen
and Kim in June, 2009, at the time of Rosen’s story about U.S.
intelligence monitoring of North Korea’s nuclear program. Although
investigators had already gathered evidence from Kim’s phone records
and computer at the State Department, where he worked as a contract
analyst with access to classified information, they used the secret
subpoena to seize Rosen’s phone records and personal e-mails. They
also used electronic security badge records to track the comings and
goings of Rosen and Kim at the State Department.
Most disturbing for journalists and news organizations, the FBI
affidavit filed in support of the successful federal court application
for the secret subpoena declared that “there is probable cause to
believe that the reporter has committed or is committing a violation”
of the Espionage Act—“at the very least, either as an aider, abettor
and/or co-conspirator” —in seeking and accepting information from
Kim while doing his job as a journalist. “The reporter did so by
employing flattery and playing to Mr. Kim’s vanity and ego,” the
affidavit said, potentially—if not laughably—criminalizing a routine
interview tip taught to every cub reporter.
Although the secret subpoena was approved by Holder in May 2010, it and
the records seizure did not become known until court records were
unsealed three years later. Those records showed that the Justice
Department went back to court repeatedly during that time for approval
to avoid notifying Rosen and Fox News about the subpoena, in an apparent
effort to continue to monitor Rosen’s e-mail for other contacts with
government officials. It amounted to open-ended government surveillance
of a reporter’s communications.
“As with the AP subpoenas, this search is overbroad and has a chilling
effect on reporters,” stated a Wall Street Journal editorial that
expressed a view widespread among journalists. “The chilling is even
worse in this case because Mr. Rosen’s personal communications were
subject to search for what appears to be an extended period of time.
With the Fox News search following the AP subpoenas, we now have
evidence of a pattern of anti-media behavior. … The suspicion has to
be that maybe these ‘leak’ investigations are less about deterring
leakers and more about intimidating the press.”
In the midst of the controversy, Obama said in a major speech on
national security at the National Defense University on May 23 that he
was “troubled by the possibility that leak investigations may chill
the investigative journalism that holds government accountable.” He
said, “Journalists should not be at legal risk for doing their
jobs,” even though his administration would still aggressively
investigate government officials “who break the law” by leaking
classified information.
The president asked Holder “to review existing Department of Justice
guidelines governing investigations that involve reporters.” And Obama
called on Congress to revive and pass a federal “shield
law”—similar to those in 40 states and the District of
Columbia—that would spell out defenses for journalists facing legal
efforts to uncover their confidential sources and reporting contacts.
Two months later, after a series of Justice Department meetings with
news executives, reporters, and media lawyers, Holder announced
Obama-approved revisions to the Justice guidelines that somewhat
narrowed the circumstances under which federal investigators could
subpoena and seize communications records of news organizations or
reporters. News organizations would be given advance notice of such
subpoenas unless the attorney general personally determined “for
compelling reasons” that it would pose a clear and substantial threat
to an investigation. Search warrants could be issued for a reporter’s
phone and e-mail records only if the journalist was the focus of a
criminal investigation for conduct not connected to ordinary
newsgathering.
“Members of the news media will not be subject to prosecution based
solely on newsgathering activities,” the Justice Department said. It
also would explore “ways in which intelligence agencies themselves, in
the first instance, can address information leaks internally through
administrative means, such as the withdrawal of security clearances and
imposition of other sanctions,” rather than criminal prosecutions.
Media lawyers who negotiated with Justice welcomed the revisions to the
guidelines as significant progress, despite remaining exceptions. The
reactions of journalists were mixed. Times reporter Sanger told me that
the revisions were “just formalizing what was observed in past
administrations. The guidelines worked pretty well until the Obama
administration came in.”
Even as the Justice Department was working with the news media on
revising the guidelines, it was using the Associated Press reporters’
phone records it had secretly seized to identify and convict a former
FBI agent for the leak about the covert CIA operation in Yemen. On
September 23, Justice announced that Donald J. Sachtleben, a former FBI
bomb technician working as a contractor for the bureau, had agreed to
plead guilty to “unlawfully disclosing national defense information
relating to a disrupted terrorist plot” in Yemen. “Sachtleben was
identified as a suspect in the case of this unauthorized disclosure”
to a reporter, according to the announcement, “only after toll records
for phone numbers related to the reporter were obtained through a
subpoena and compared to other evidence collected during the leak
investigation.” Sachtleben agreed to a 43-month prison sentence in the
leak case, in addition to a 97-month sentence for his guilty plea in an
unrelated child pornography case.
U.S. Senators South Carolina Republican Lindsey Graham, right, and
Charles Schumer, a New York Democrat, proposed a new shield law to
protect journalists from having to identify their sources.
(Reuters/Claro Cortes IV)
U.S. Senators South Carolina Republican Lindsey Graham, right, and
Charles Schumer, a New York Democrat, proposed a new shield law to
protect journalists from having to identify their sources.
(Reuters/Claro Cortes IV)
Focusing on what it called the defendant’s “egregious betrayal of
our national security” in the AP case, the Justice announcement
contained another strong warning to potential leakers of classified
information to the news media. “This prosecution demonstrates our deep
resolve to hold accountable anyone who would violate their solemn duty
to protect our nation’s secrets and to prevent future, potentially
devastating leaks by those who would wantonly ignore their obligations
to safeguard classified information,” it stated. “With these
charges, a message has been sent that this type of behavior is
completely unacceptable and no person is above the law.”
After reiterating that the seized phone records of AP reporters had
enabled the FBI to identify Sachtleben, the statement added, “The FBI
will continue to take all necessary steps to pursue such individuals who
put the security of our nation and the lives of others at risk by their
disclosure of sensitive information.” While it didn’t address the
breadth and secrecy of the AP subpoena, Justice appeared to be vowing
that it would, when it deemed necessary, make aggressive use of the
national security exceptions in both its revised guidelines and a
proposed federal shield law for reporters.
Weeks before this announcement, a supporter of a federal shield law,
Sen. Ron Wyden, the Oregon Democrat, expressed his concerns about
targeting reporters’ phone records to discover their sources. “As a
member of the Senate Intelligence Committee for a decade now, I won’t
take a back seat to anybody in protecting genuine national security
information, but that doesn’t mean that everything done in the name of
stopping leaks is a good public policy,” Wyden told me. “Some of the
tactics the Justice Department has used in recent leaks investigations
have been overly broad. Seizing phone records of journalists is in
effect treating journalists as accomplices in committing crimes.”
Obama and Holder have both expressed support for congressional passage
of a federal reporter shield law. A compromise bill approved by the
Senate Judiciary Committee on September 12 would make it more difficult
for the government in federal investigations to compel reporters to
reveal their sources except in “classified leak cases when information
would prevent or mitigate an act of terrorism or harm to national
security.” It would require a judge, not the attorney general, to
approve subpoenas for reporters’ records or sources.
A potential sticking point for the shield law had been how Congress
should define who is a journalist in this participatory digital media
era. The compromise language in the Senate bill would cover anyone who
had an “employment relationship” with a news organization for at
least one year in the past 20 years, or three months in the previous
five years; student journalists; anyone with a “substantial track
record” of freelance journalism in the previous five years; and anyone
else “whom a federal judge has decided should be able to avail him or
herself of the protections of the privilege, consistent with the
interests of justice and the protection of lawful and legitimate
newsgathering activities.” Journalists and press freedom advocates are
divided over whether the federal government should define who is a
journalist at all, even though many state shield laws already do. They
are concerned about any restrictions on whose journalism would be
protected.
“You give us a definition of what a journalist is, you define
exemptions, you’re painting us into a corner,” Scott Armstrong, an
independent investigative journalist and the executive director of the
government transparency advocate Information Trust, said of the reporter
shield legislation at a Newseum Institute panel discussion in Washington
in September. Armstrong said that, as a First Amendment absolutist, he
opposes any congressional legislation governing the press. He added that
the national security exemption means that the legislation “won’t
protect national security reporters. Federal agencies can still
investigate us.”
But others on the panel argued that a shield law would provide some
needed protection from federal government interference for countless
journalists covering other subjects across the country. “This shield
law could keep a lot of reporters out of court,” said Kevin Goldberg,
legal counsel for the American Society of News Editors.
Congressional passage of a federal shield law in some form would “not
be a cure-all, but helpful,” Michael Oreskes of the AP told me, if it
is “a statement that the act of reporting and finding sources is as
important as the constitutional right to publish.”
Surveillance revelations deepen the chill
While the fate of the shield legislation remained uncertain, the Obama
administration, Congress, and the American people reacted to Snowden’s
revelations about the NSA’s extensive secret collection and
surveillance of American and foreign telephone and e-mail traffic. On
June 5, the Guardian and The Washington Post began publishing what
became a steady stream of stories, documents, and exhibits from the
large amount of highly classified information Snowden had given
separately to Post reporter Barton Gellman and Guardian reporter Glenn
Greenwald. Snowden was connected to them by documentary filmmaker Laura
Poitras, who was developing a documentary about U.S. electronic
surveillance, and who shared some reporting with the two journalists.
A monitor in a Hong Kong shopping mall broadcasts news on the charges
against Edward Snowden on June 22, 2013. (Reuters/Bobby Yip)
A monitor in a Hong Kong shopping mall broadcasts news on the charges
against Edward Snowden on June 22, 2013. (Reuters/Bobby Yip)
Snowden, while working as a Booz Allen Hamilton consultant for the NSA
in Hawaii in the spring of 2013, downloaded a still-unknown amount of
information about the NSA’s secret surveillance programs. He
communicated with Gellman by encrypted e-mail and met secretly with
Greenwald and Poitras in Hong Kong. Their stories revealed details of
secret NSA operations that acquire, store, and search huge amounts of
telephone call, text, and e-mail data from American telephone and
Internet companies, under secret FISA court authorization, to find and
track communications that might be tied to terrorist activity. The
published documents also included the “black budget” for U.S.
intelligence agencies, classified government charts illustrating how the
NSA surveillance programs operate, and legal memos and FISA court
decisions underpinning the programs.
Not long after publication began in The Post and the Guardian, Snowden
publicly identified himself as the source of their information. When
Gellman asked him at the time about his motive, Snowden said he had
discovered an immense expansion of government electronic surveillance,
which is “such a direct threat to democratic government that I have
risked my life and family for it.”
On June 21, the Justice Department unsealed a criminal complaint, filed
a week earlier, charging Snowden with several violations of the
Espionage Act. The U.S. government began a wide-ranging effort to have
him extradited to the United States, including revoking his passport.
But Snowden eventually made his way from Hong Kong to Russia, where he
was granted temporary asylum on August 1.
Greenwald and Poitras worked on his stories and her documentary in
Brazil, expressing concern about the U.S. and allied governments’
using border security powers to harass and hamper them. Poitras, whose
previous films were critical of U.S. anti-terrorism policies, had
already been stopped and questioned and had her computers searched
several times by the U.S. Customs and Border Patrol when re-entering the
country in recent years. Greenwald’s partner, David Miranda, serving
as a courier for him and the Guardian, was similarly detained and his
equipment confiscated at Heathrow airport in London on his way back to
Rio de Janeiro from Europe in mid-August.
That appeared to be part of an effort by British officials to stop or
limit the Guardian’s publication of material from Snowden, which
included U.S. government documents describing the NSA’s collaboration
on electronic surveillance with its secretive British counterpart,
Government Communications Headquarters (GCHQ). After threatening the use
of Britain’s draconian Official Secrets Act, officials supervised
destruction in the Guardian offices of computer hard drives containing
some of the secret files obtained by Snowden, even though other copies
remained in the U.S. and Brazil. Like The Washington Post, the Guardian
continued to publish stories based on Snowden’s documents, and it
began sharing some of them with The New York Times and the nonprofit
investigative reporting group ProPublica, based in New York.
At this writing, no connection has been established between the NSA
surveillance programs and the many leak investigations being conducted
by the Obama administration—but the surveillance has added to the
fearful atmosphere surrounding contacts between American journalists and
government sources.
“There is greater concern that their communications are being
monitored—office phones, e-mail systems,” Post reporter
Chandrasekaran said. “I have to resort to personal e-mail or face to
face, even for things I would consider routine.”
Journalists who aren’t worried about their communications being
monitored should be; if not, they could be putting their sources at
risk, said Oktavía Jónsdóttir, program director of the S.A.F.E.
Initiative of the Washington-based nonprofit IREX, which advocates for
independent media and civil society internationally.
“The key I think is whether journalists today can guarantee their
sources anonymity, and at this point that is very difficult, but I will
say, not impossible,” Jónsdóttir said. “Sources need to understand
the risks they take, agree with the journalists how far they will go and
then put ultimate trust in that individual’s ability to protect that
information and ensure that even though the information may be
compromised, the source is not.”
Washington Post national security reporter Dana Priest told me:
“People think they’re looking at reporters’ records. I’m writing
fewer things in e-mail. I’m even afraid to tell officials what I want
to talk about because it’s all going into one giant computer.”
The work of foreign journalists could be especially vulnerable to
surveillance by the NSA or other U.S. intelligence agencies, because
they are legally authorized to monitor telephone and Internet
communications of non-U.S. nationals. The German magazine Der Spiegel,
citing documents from Snowden, reported in August that the NSA had
hacked into internal communications of the international news
organization Al-Jazeera. The Qatar-based broadcaster and the U.S.
government have often been at odds since it broadcast videotaped
statements by Osama bin Laden after the 9/11 attacks.
Peter Horrocks, director of global news at the BBC, said all journalists
at the British broadcaster must now take training in information
security. “The nature of their work means journalists are often in
touch with organizations representing extremist viewpoints and sources
whose identities must be protected, and the BBC is particularly
concerned with protecting those journalists who are travelling and
working in sensitive locations,” he said.
Germans protest the U.S. National Security Agency's monitoring of
international Internet traffic in Frankfurt on July 27, 2013.
(Reuters/Kai Pfaffenbach)
Germans protest the U.S. National Security Agency's monitoring of
international Internet traffic in Frankfurt on July 27, 2013.
(Reuters/Kai Pfaffenbach)
The European Union opened an investigation in September “to determine
the impact of [U.S.] surveillance activities on EU citizens,”
including journalists. In teleconferenced testimony to the European
Parliament’s Civil Liberties Committee, Guardian editor Alan
Rusbridger said that Miranda’s airport detention and the destruction
of NSA materials at the Guardian could be “chilling and obstructive to
journalism.” He called for EU oversight of such actions by member
governments, adding, “Please find ways to protect journalism.”
Five days after Snowden was charged, Barton Gellman was asked in a panel
discussion at the Center for Strategic and International Studies in
Washington why he and The Post had published stories based on classified
documents from Snowden. “Congress passes a vague law and a secret
court makes secret rulings,” Gellman said. “Where should the line be
between intelligence gathering and privacy? We haven’t had that
discussion.”
The discussion started by Snowden’s revelations quickly grew into a
national debate. Members of Congress complained publicly that they had
been kept in the dark or misled about the nature and dimensions of the
NSA programs. Clapper, the director of national intelligence, was forced
to apologize for falsely denying in earlier testimony to Congress that
the NSA had secretly collected data about the telephone calls of
millions of Americans. A bipartisan group of 26 senators wrote to
Clapper to demand more information about the NSA surveillance, which
they said “raises serious civil liberties concerns and all but removes
the public from an informed national security and civil liberties
debate.” Two judges of the secret FISA court gave unprecedented, if
brief, statements about how it worked to The Washington Post. Senate
Intelligence Committee chairwoman Dianne Feinstein wrote an opinion
article in The Post defending the NSA surveillance as a necessary
counterterrorism tool, while promising to work in Congress to make
changes “to increase transparency and improve privacy protections.”
In July, as more members of Congress expressed skepticism about the NSA
programs and what they knew about them, several of them introduced bills
to rein in the programs. On July 24, a bipartisan plan to defund the
NSA’s telephone data collection program was defeated by just seven
votes in the House of Representatives.
The Obama administration responded by explaining for the first time the
legal rationale, execution and oversight of the secret NSA surveillance
programs. The president declassified and ordered the release of many
previously secret government reports, court decisions, and other
documents, including the total number of surveillance orders issued each
year to telecommunications companies. At a news conference on August 9,
the president said he would ask Congress to tighten privacy protections
in the Patriot Act authorization of the NSA programs and add an advocate
for privacy rights to the secret FISA court proceedings that govern the
NSA programs, in which only the government has been represented. He also
created a panel to assess the phone records collection programs and
suggest changes by the end of the year.
Adding to his administration’s roster of government-run information
sites, Obama announced that the 16-agency U.S. Intelligence Community
was launching its own website, “IC on the Record.” The website posts
statements from intelligence agencies, responses to what they
characterize as erroneous press reports, and copies of declassified
documents, which were dramatically labeled on the website with
illustrations of opened locks.
Though the White House is taking credit for this welcome new openness
about the NSA’s activities, the fact is that the Obama
administration—and the Bush administration before it—should have
been more open and accountable for the NSA’s surveillance activities
in the first place. It seems highly unlikely this new transparency would
have begun without Snowden’s disclosures. That would appear to make
him a whistle-blower, although he obviously broke laws governing access
to highly classified information and his own security clearance, and the
full extent, distribution and potential national security impact of the
information he obtained is still not known.
In November, the president signed the congressionally passed
Whistle-Blower Act of 2012, along with a presidential policy directive
aimed at protecting from retaliation all government whistle-blowers,
including employees—but not contractors—in intelligence agencies.
However, the administration won an appellate court decision in August
that takes away from the many federal employees in designated
“national security sensitive” positions the right to appeal
personnel actions by their agencies, which could include retaliation for
whistle-blowing. And the administration has insisted that government
whistle-blowers first raise their issues internally, rather than to
outsiders, including the press.
Senator Wyden told me that he has studied the intelligence agencies’
personnel rules and found that whistle-blowers “have to go first to
the people perpetrating the problems they want to expose, before they
can come to Congress, for example. There are a mountain of barriers and
hurdles for intelligence agency whistle-blowers,” he said.
“We have a president with two minds in regard to whistle-blowing,”
said Angela Canterbury, director of public policy for the Project on
Government Oversight. “He deserves credit for doing more than any
other president, but there’s a different policy for classified
information whistle-blowers.”
The 16-agency U.S. Intelligence Community launched a new website
following criticism that surveillance policies were not transparent.
(CPJ)
The 16-agency U.S. Intelligence Community launched a new website
following criticism that surveillance policies were not transparent.
(CPJ)
When I asked deputy national security adviser Ben Rhodes about this, he
said, “The president doesn’t like leaks of unauthorized information
that can harm national security.” But not nearly all
“unauthorized” or classified government information presents that
danger. The Obama administration could do much more to reduce
unnecessary classification. “The system is bent deeply in the
direction of over-classification of information,” Senator Wyden said.
“If done properly to protect only genuine national security
information, it would be easier to protect government secrets.” He
said it seemed as if classification were being used more to protect
people from political embarrassment.
“Even when acting in good faith, officials are liable to
over-classify,” said open government advocate Steven Aftergood.
“There is no review of classification decisions.”
Obama directed government officials in a December 2009 executive order
not to classify information if they had significant doubts about whether
it needed to be secret. The number of newly classified documents has
declined somewhat since then, according to the White House, and
declassification of older documents has accelerated. But the
administration has yet to take action on more far-reaching
recommendations to reduce over-classification made to the president in a
December 6, 2012, report by the congressionally authorized Public
Interest Declassification Board (PIDB). It concluded that “present
practices for classification and declassification of national security
information are outmoded, unsustainable and keep too much information
from the public.”
The administration’s accelerated cyberwarfare activities, revealed in
news reports of documents provided by Snowden, were cited by The
Times’sSanger as an example of information the government should have
declassified in some form before it was leaked. “I think there is a
public interest in revealing things like that to alert the American
people that an entirely new class of weapons to which the U.S. would be
vulnerable were being deployed by the U.S.—to start public debate,
even if the details of it are classified.”
In an April 23, 2013, open letter, 30 government transparency
organizations called on the president “to promptly establish and
provide active White House leadership for a Security Classification
Reform Steering Committee” to push government agencies to implement
the PIDB recommendations “to help correct what you have called ‘the
problem of over-classification.’” The groups urged that the White
House “take ownership of the reform effort.”
The White House and the Justice Department should also vigorously
enforce the directive they issued on the president’s first full day in
office, ordering government agencies to respond to Freedom of
Information Act requests “promptly and in a spirit of cooperation.”
It directed that information should not be withheld merely because
“public officials might be embarrassed by disclosure, because errors
and failures might be revealed, or because of speculative or abstract
fears.” The default response to information inquiries, with or without
formal FOIA requests, was supposed to be disclosure.
Instead, reporters and open government advocates told me that their FOIA
requests too often faced denials, delays, unresponsiveness or demands
for exorbitant fees, with cooperation or obstruction varying widely from
agency to agency. Government transparency advocate Danielle Brian of
POGO told me that, while “non-intelligence parts” of the Pentagon
were responsive to information requests, many other parts of the Obama
administration—especially the State Department, Agency for
International Development, and the Environmental Protection
Agency—were “off the charts bad on FOIA.”
An Associated Press analysis, published in March, found that “more
often than it ever has,” the Obama administration “cited legal
exceptions to censor or withhold the material” and “frequently cited
the need to protect national security and internal deliberations.”
Some of the administration’s new government information policies also
contain vague privacy exceptions that could be used to hide records
crucial to accountability reporting about such subjects as health care
payments, government subsidies, workplace accidents, or detentions of
terrorism suspects.
A Washington-based consortium of more than 80 open government advocacy
organizations called OpenTheGovernment.org is working on
recommendations to the Obama administration to make the FOIA work better
for the press and the public. They include reducing the number and
breadth of exemptions used to withhold requested information, creating
an effective process for appealing and overturning denials of
information, reforming fee systems in federal agencies, and streamlining
and centralizing the federal FOIA system, as some other countries have
done.
When I asked Lucy Dalglish what she thought the Obama administration
should do to fulfill the president’s promises of transparency and open
government, her list included: Keep fewer secrets, improve the FOIA
process, be open and honest about government surveillance, and build
better bridges with the press, rather than trying to control or shut it
out.
With so much government information digitally accessible in so many
places to so many people, there are likely to be more Mannings and
Snowdens among those who grew up in a digital world with blurred
boundaries between public and private, shared and secret information.
That makes access by the press to a range of government sources of
information and guidance more important than ever.
“Closing doors to reporters is hurting themselves,” Washington Post
journalist and author Bob Woodward told me, “because less responsible
news organizations will publish or broadcast whatever they want. In the
end, it does not hurt the press; it can damage national security.”
Journalists from other countries pointed out that hostility by the U.S.
government to the news media can be damaging to press freedom elsewhere,
contrary to the openness the Obama administration has been advocating
internationally. Mohamed Elmenshawy, the widely published Egyptian
columnist and director of regional studies at the Middle Eastern
Institute in Washington, said, “As journalists from Third World
countries, we look at the U.S. as a model for the very things we want:
more freedom of expression and professionalism. We are fighting for free
news and not to be threatened, and when we see some issues here
regarding regulating news and reporting, it is bad news for us because
usually our governments, especially undemocratic ones, use this as an
example in a very negative way.”
President Obama is faced with many challenges during his remaining years
in office, the outcome of which will help shape his legacy. Among them
is fulfilling his very first promise—to make his administration the
most transparent in American history amid national security concerns,
economic uncertainty, political polarization, and rapid technological
change. Whether he succeeds could have a lasting impact on U.S.
government accountability and on the standing of America as an
international example of press freedom.
Leonard Downie Jr., vice president at large and former executive editor
of The Washington Post, is the Weil Family Professor of Journalism at
Arizona State University’s Walter Cronkite School of Journalism and
Mass Communication. He is a founder and a current director of
Investigative Reporters and Editors and the author of five books.
Sara Rafsky, Americas research associate for the Committee to Protect
Journalists in New York, contributed to this report.
October 10, 2013 10:00 AM ET
Frank SmythExecutive DirectorGlobal Journalist
Securityfrank(a)journalistsecurity.netTel. + 1 202 244 0717Cell + 1 202
352 1736Twitter: @JournoSecurityWebsite: www.journalistsecurity.netPGP
Public Key 92861E6B
--
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys(a)stanford.edu.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
----- Forwarded message from carlo von lynX <lynX(a)time.to.get.psyced.org> -----
Date: Thu, 10 Oct 2013 21:23:28 +0200
From: carlo von lynX <lynX(a)time.to.get.psyced.org>
To: liberationtech(a)mailman.stanford.edu
Subject: [liberationtech] 10 reasons not to start using PGP
Message-ID: <20131010192328.GA18814(a)lo.psyced.org>
User-Agent: Mutt/1.5.20 (2009-06-14)
Reply-To: liberationtech <liberationtech(a)lists.stanford.edu>
We had some debate on this topic at the Circumvention Tech
Summit and I got some requests to publish my six reasons
not to use PGP. Well, I spent a bit more time on it and now
they turned into 10 reasons not to. Some may appear similar
or identical, but actually they are on top of each other.
Corrections and religious flame wars are welcome. YMMV.
----------------------------------
TEN REASONS NOT TO START USING PGP
----------------------------------
Coloured version at http://secushare.org/PGP
[01]Pretty Good Privacy is better than no encryption at all, and being
[02]end-to-end it is also better than relying on [03]SMTP over [04]TLS
(that is, point-to-point between the mail servers while the message is
unencrypted in-between), but is it still a good choice for the future?
Is it something we should recommend to people who are asking for better
privacy today?
1. Downgrade Attack: The risk of using it wrong.
Modern cryptographic communication tools simply do not provide means to
exchange messages without encryption. With e-mail the risk always
remains that somebody will send you sensitive information in cleartext
- simply because they can, because it is easier, because they don't
have your public key yet and don't bother to find out about it, or just
by mistake. Maybe even because they know they can make you angry that
way - and excuse themselves pretending incompetence. Some people even
manage to reply unencrypted to an encrypted message, although PGP
software should keep them from doing so.
The way you can simply not use encryption is also the number one
problem with [05]OTR, the off-the-record cryptography method for
instant messaging.
2. The OpenPGP Format: You might aswell run around the city naked.
As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP
Message Format it is an easy exercise for any manufacturer of [07]Deep
Packet Inspection hardware to offer a detection capability for
PGP-encrypted messages anywhere in the flow of Internet communications,
not only within SMTP. So by using PGP you are making yourself visible.
Stf has been suggesting to use a non-detectable wrapping format. That's
something, but it doesn't handle all the other problems with PGP.
3. Transaction Data: He knows who you are talking to.
Should Mallory not [08]possess the private keys to your mail provider's
TLS connection yet, he can simply intercept the communication by means
of a [11]man-in-the-middle attack, using a valid fake certificate that
he can make for himself on the fly. It's a bull run, you know?
Even if you employ PGP, Mallory can trace who you are talking to, when
and how long. He can guess at what you are talking about, especially
since some of you will put something meaningful in the unencrypted
Subject header.
Should Mallory have been distracted, he can still recover your mails by
visiting your provider's server. Something to do with a PRISM, I heard.
On top of that, TLS itself is being recklessly deployed without forward
secrecy most of the time.
4. No Forward Secrecy: It makes sense to collect it all.
As Eddie has told us, Mallory is keeping a complete collection of all
PGP mails being sent over the Internet, just in case the necessary
private keys may one day fall into his hands. This makes sense because
PGP lacks [12]forward secrecy. The characteristic by which encryption
keys are frequently refreshed, thus the private key matching the
message is soon destroyed. Technically PGP is capable of refreshing
subkeys, but it is so tedious, it is not being practiced - let alone
being practiced the way it should be: at least daily.
5. Cryptogeddon: Time to upgrade cryptography itself?
Mallory may also be awaiting the day when RSA cryptography will be
cracked and all encrypted messages will be retroactively readable.
Anyone who recorded as much PGP traffic as possible will one day gain
strategic advantages out of that. According to Mr Alex Stamos that day
may be closer than PGP advocates think as [13]RSA cryptography may soon
be cracked.
This might be true, or it may be counter-intelligence to scare people
away from RSA into the arms of [14]elleptic curve cryptography (ECC). A
motivation to do so would have been to get people to use the curves
recommended by the NIST, as they were created using magic numbers
chosen without explanation by the NSA. No surprise they are suspected
[15]to be corrupted.
With both of these developments in mind, the alert cryptography
activist scene seems now to converge on [16]Curve25519, a variant of
ECC whose parameters where elaborated mathematically (they are the
smallest numbers that satisfy all mathematical criteria that were set
forth).
ECC also happens to be a faster and more compact encryption technique,
which you should take as an incentive to increase the size of your
encryption keys. It is up to you to worry if it's more likely that RSA
or ECC will be cracked in future, or you may want to ask a
mathematician.
6. Federation: Get off the inter-server super-highway.
NSA officials have been reported saying that NSA does not keep track of
all the peer-to-peer traffic as it is just large amounts of mostly
irrelevant copyright infringement. It is thus a very good idea to
develop a communications tool that embeds its ECC- encrypted
information into plenty of P2P cover traffic.
Although this information is only given by hearsay, it is a reasonable
consideration to make. By travelling the well-established and
surveilled paths of e-mail, PGP is unnecessarily superexposed. Would be
much better, if the same PGP was being handed from computer to computer
directly. Maybe even embedded into a picture, movie or piece of music
using [17]steganography.
7. Statistical Analysis: Guessing on the size of messages.
Especially for chats and remote computer administration it is known
that the size and frequency of small encrypted snippets can be observed
long enough to guess the contents. This is a problem with SSH and OTR
more than with PGP, but also PGP would be smarter if the messages were
padded to certain standard sizes, making them look all uniform.
8. Workflow: Group messaging with PGP is impractical.
Have you tried making a mailing list with people sharing private
messages? It's a cumbersome configuration procedure and inefficient
since each copy is re-encrypted. You can alternatively all share the
same key, but that's a different cumbersome configuration procedure.
Modern communication tools automate the generation and distribution of
group session keys so you don't need to worry. You just open up a
working group and invite the people to work with.
9. TL;DR: I don't care. I've got nothing to hide.
So you think PGP is enough for you since you aren't saying anything
reaaally confidential? Nobody actually cares how much you want to lie
yourself stating you have nothing to hide. If that was the case, why
don't you do it on the street, as John Lennon used to ask?
It's not about you, it's about your civic duty not to be a member of a
predictable populace. If somebody is able to know all your preferences,
habits and political views, you are causing severe damage to democratic
society. That's why it is not enough that you are covering naughty
parts of yourself with a bit of PGP, if all the rest of it is still in
the nude. Start feeling guilty. Now.
10. The Bootstrap Fallacy: But my friends already have e-mail!
But everyone I know already has e-mail, so it is much easier to teach
them to use PGP. Why would I want to teach them a new software!?
That's a fallacy. Truth is, all people that want to start improving
their privacy have to install new software. Be it on top of
super-surveilled e-mail or safely independent from it. In any case you
will have to make a [18]safe exchange of the public keys, and e-mail
won't be very helpful at that. In fact you make it easy for Mallory to
connect your identity to your public key for all future times.
If you really think your e-mail consumption set-up is so amazing and
you absolutely don't want to start all over with a completely different
kind of software, look out for upcoming tools that let you use mail
clients on top. Not the other way around.
But what should I do then!??
So that now we know 10 reasons not to use PGP over e-mail, let's first
acknowledge that there is no easy answer. Electronic privacy is a crime
zone with blood freshly spilled all over. None of the existing tools
are fully good enough. We have to get used to the fact that new tools
will come out twice a year.
Mallory has an interest in making us believe encryption isn't going to
work anyway - but internal data leaked by Mr Snowden shows that
encryption actually works. We should just care to use it the best way.
That means, not with PGP.
There is no one magic bullet you can learn about.
You have to get used to learning new software frequently. You have to
teach the basics of encryption independently from any software,
especially from the one that does it wrong the most.
In the [09]comparison we have listed a few currently existing
technologies, that provide a safer messaging experience than PGP. The
problem with those frequently is, that they haven't been peer reviewed.
You may want to invest time or money in having projects peer reviewed
for safety.
Pond is currently among the most interesting projects for mail privacy,
hiding its padded undetectable crypto in the general noise of Tor. Tor
is a good place to hide private communication since the bulk of Tor
traffic seems to be anonymized transactions with Facebook and the like.
Even better source of cover traffic is file sharing, that's why
RetroShare and GNUnet both have solid file sharing functionality to let
you hide your communications in.
Mallory will try to adapt and keep track of our communications as we
dive into cover traffic, but it will be a very hard challenge for him,
also because all of these technologies are working to switch to
Curve25519. Secushare intends to only support Curve25519 to impede
[10]downgrade attacks. Until the next best practice comes out. It's an
arms race. Time to lay down your old bayonet while Mallory is pointing
a nuclear missile at you.
Thank you, PGP.
Thank you Mr Zimmermann for bringing encryption technology to the
simple people, back in 1991. It has been an invaluable tool for twenty
years, we will never forget. But it is overdue to move on.
References
01. https://en.wikipedia.org/wiki/Pretty%20Good%20Privacy
02. http://secushare.org/end2end
03. https://en.wikipedia.org/wiki/SMTP
04. https://en.wikipedia.org/wiki/TLS
05. https://en.wikipedia.org/wiki/Off-the-Record_Messaging
06. http://tools.ietf.org/html/rfc4880
07. https://en.wikipedia.org/wiki/Deep_packet_inspection
08. http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-secu…
09. http://secushare.org/comparison
10. http://crypto.stackexchange.com/questions/10493/why-is-tls-susceptible-to-p…
11. http://en.wikipedia.org/wiki/man-in-the-middle%20attack
12. https://en.wikipedia.org/wiki/Forward_secrecy
13. http://www.heise.de/tr/artikel/Die-Krypto-Apokalypse-droht-1942212.html
14. https://en.wikipedia.org/wiki/Elliptic_curve_cryptography
15. http://www.wired.com/threatlevel/2013/09/rsa-advisory-nsa-algorithm/
16. https://gnunet.org/curve25519
17. https://en.wikipedia.org/wiki/steganography
18. http://secushare.org/rendezvous
P.S.
Thanks for feedback to tg, duy and especially Mr Grothoff.
--
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys(a)stanford.edu.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
Re: [pfSense] Can pfSense be considered trusted? What implementations of VPNs can now be trusted?
by Eugen Leitl 11 Oct '13
by Eugen Leitl 11 Oct '13
11 Oct '13
----- Forwarded message from Vick Khera <vivek(a)khera.org> -----
Date: Thu, 10 Oct 2013 15:23:06 -0400
From: Vick Khera <vivek(a)khera.org>
To: pfSense support and discussion <list(a)lists.pfsense.org>
Subject: Re: [pfSense] Can pfSense be considered trusted? What implementations of VPNs can now be trusted?
Message-ID: <CALd+dcctKmfLxK+nnyCYGkc0Z6JCYJi3e3wUuOHc=+ObaOhZeQ(a)mail.gmail.com>
Reply-To: pfSense support and discussion <list(a)lists.pfsense.org>
On Thu, Oct 10, 2013 at 1:19 PM, Jim Thompson <jim(a)netgate.com> wrote:
> > Is there any mechanism to insert ciphers into Pfsense that are not
> currently supported?
>
> You have the source code.
>
> I, for one, am uninterested in non standards-compliant (and thus
> interoperable) implementations.
>
I personally choose the ciphers that are "hardware" optimized, since my
low-end home router (ALIX) gets me faster vpn performance when I do, and I
transfer files to/from office all the time. So if the GUI recommends XYZ
because it is hardware accelerated, I choose it.
That said, a lot of the panic-driven-secure-your-web-sites-against-the-NSA
instructions recommend enabling ciphers that use ephemeral session keys.
The OpenSSL included in pfSense 2.1 supports many of these. Type this
"/usr/local/bin/openssl ciphers" to see them all. The ones that end with
"E" in the first component are the ones with the ephemeral key-. Now, how
to convince the GUI to make use of these for IPsec or OpenVPN I do not
know. I'm sure you can do it via direct config file tweakage, though. I
think IPsec renegotiates keys every 60 minutes anyway, so they'd have to do
a lot of key breaking to snoop your data, unless they could predict your
keys or sneak a MitM attack on you.
To list the "strong" ciphers only, use this: /usr/local/bin/openssl ciphers
"TLSv1.2:-MD5:-RC4:-aNULL:-MED:-LOW:-EXP:-NULL"
_______________________________________________
List mailing list
List(a)lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
----- Forwarded message from Max Jonas Werner <mail(a)makk.es> -----
Date: Thu, 10 Oct 2013 21:19:33 +0200
From: Max Jonas Werner <mail(a)makk.es>
To: webp2p(a)librelist.com
Subject: [webp2p] Demo of a WebRTC P2P network
Message-Id: <5256FDC5.9090906(a)makk.es>
Reply-To: webp2p(a)librelist.com
(this is an x-post from discuss-webrtc)
Hi,
for all those interested in WebRTC DataChannel development: We've
released a prototype implementation of an in-browser P2P network this
week. You can find the library and demos at https://github.com/boplish/
This is actually part of a bigger project the details of which you'll
find in our papers
(http://inet.cpt.haw-hamburg.de/publications/vws-lwpcd-13.html and
http://inet.cpt.haw-hamburg.de/publications/vws-cunwp-13.html) so we'll
be working constantly on extending the codebase and appreciate any feedback.
Cheers!
Max
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
----- Forwarded message from Jim Pingle <lists(a)pingle.org> -----
Date: Thu, 10 Oct 2013 08:19:40 -0400
From: Jim Pingle <lists(a)pingle.org>
To: pfSense support and discussion <list(a)lists.pfsense.org>
Subject: [pfSense] Crypto/RNG Suggestions
Message-ID: <52569B5C.5030804(a)pingle.org>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
Reply-To: pfSense support and discussion <list(a)lists.pfsense.org>
I'm moving this to a fresh thread so that it will be unencumbered by the
other discussion that has strayed a bit. Even if one were to ignore
government agency interference, finding the best crypto choices is a
good topic, but it can easily get lost in the other discussion when some
people have written off the other topic. So lets try to keep this thread
solely on the technical topic of cryptographic quality.
On 10/10/2013 5:39 AM, Giles Coochey wrote:
> 1. Which Ciphers & Transforms should we now consider secure (pfsense
> provides quite a few cipher choices over some other off the shelf
hardware.
I haven't yet seen anything conclusive. People have called into question
some or all of ECC, NSA's suggested Suite B, and so on. I put some links
in a previous message[1]. If anyone knows of some solid research showing
specific ciphers have been compromised, I'd love to see it so we can
inform users.
> 2. What hardware / software & configuration changes can we consider to
> improve RNG and ensure that should we increase the bit size of our
> encryption, reduce lifetimes of our SAs that we can still ensure we have
> enough entropy in the RNG on a device that is typically starved of
> traditional entropy sources.
We use the RNG from FreeBSD so that may be a better question for a
FreeBSD-specific forum or list. There may be people here that know,
however, you're more likely to get better feedback from FreeBSD directly.
Jim
1: http://lists.pfsense.org/pipermail/list/2013-October/004773.html
_______________________________________________
List mailing list
List(a)lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
2
1
Re: [pfSense] Can pfSense be considered trusted? What implementations of VPNs can now be trusted?
by Eugen Leitl 10 Oct '13
by Eugen Leitl 10 Oct '13
10 Oct '13
----- Forwarded message from Giles Coochey <giles(a)coochey.net> -----
Date: Thu, 10 Oct 2013 14:50:41 +0100
From: Giles Coochey <giles(a)coochey.net>
To: list(a)lists.pfsense.org
Subject: Re: [pfSense] Can pfSense be considered trusted? What implementations of VPNs can now be trusted?
Message-ID: <5256B0B1.2050501(a)coochey.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
Reply-To: pfSense support and discussion <list(a)lists.pfsense.org>
Trying to get this back on-topic, I will change the subject however,
to alleviate the issues the anti-tin-foil-hat-brigade have. (ps I am
also top-posting on purpose as I believe the conversation below has
near to no relevance to my questions, but simply is an argument as to
whether these questions should be asked, to which I believe in the
affirmative).
I have various questions to offer for discussion which have been
bothering me since various security related issues that have appeared
in the media recently: (see:
https://www.schneier.com/crypto-gram-1309.html)
Clearly, at the moment, open source security tools ought to have an
advantage over closed-source tools. However, peer review of
open-source code is not always complete, and there have been questions
whether even algorithms have been subverted.
1. The random number generator - As pfSense uses FreeBSD this may well
be a FreeBSD specific question, however, are there any ways within
pfsense that we can improve the entropy pool that the random number
gets its randomness from? Has anyone had any experience of
implementing an external entropy source (e.g.
http://www.entropykey.co.uk/) in pfsense?
2. Cipher Selection - we're not all cryptoanalysts, so statements like
'trust the math' don't always mean much to us, given the reports in
the media, what is considered a safe cypher? I recently switched from
AES-256 to Blowfish-256, hashing from SHA-1 to SHA-512 and pfs group 2
to pfs group 5, and I reduced my SA lifetimes from 28800 to 1800.
Could that be considered overkill? What Cipher's are others using?
Have any of you, who have been made recently aware of the media
coverage recently, also changed your cipher selection? What kind of
changes did you make?
3. pfSense - In general do you consider pfsense secure?? As we are
apparently told, asking whether the NSA has inserted or influenced the
code in any way either in the pfsense code, or the upstream base
(FreeBSD) is a question that we can't ask, as if it were the case then
the NSA would have instructed someone in the know, to answer in the
no.
On 10/10/2013 12:33, Rüdiger G. Biernat wrote:
> This discussion about security/NSA/encryption IS important. Please go on.
>
>
> Von Samsung Mobile gesendet
>
>
> -------- Ursprüngliche Nachricht --------
> Von: Giles Coochey
> Datum:10.10.2013 11:39 (GMT+01:00)
> An: list(a)lists.pfsense.org
> Betreff: Re: [pfSense] NSA: Is pfSense infiltrated by "big brother"
> NSA or others?
>
> On 10/10/2013 09:38, Thinker Rix wrote:
> > On 2013-10-10 01:13, Przemys?aw Pawe?czyk wrote:
> >> On Thu, 10 Oct 2013 00:05:22 +0300
> >> Thinker Rix <thinkerix(a)rocketmail.com> wrote:
> >>
> >>> Well, actually I started this thread with a pretty frank,
> >>> straight-forward and very simple question.
> >> That's right and they were justified.
> >
> > Thank you!
> >
> >> BTW, you pushed to the corner the (un)famous American hubris (Obama: US
> >> is exceptional.), that's the nasty answers from some.
> >
> > Yes, I guess I have hit a whole bunch of different nerves with my
> > question, and I find it to be highly interesting to observe some of
> > the awkward reactions, socioscientificly and psychologically.
> >
> > I have been insulted, I have been bullied, I have been called to
> > self-censor myself and at the end some users "virtually joined" to
> > give the illusion of a majority an muzzle me, stating, that my
> > question has no place at this pfSense mailing list. Really amazing,
> > partly hilarious reactions, I think.
> > These reactions say so much about how far the whole surveillance and
> > mind-suppression has proceeded already and how much it has influenced
> > the thoughts and behavior of formerly free people by now. Frightening.
> >
> >> Thinker Rix, you are not alone at your unease pressing you to ask
> >> those questions about pfSense and NSA.
> >
> > Thank you for showing your support openly!
>
> I too was surprised to see some activity on the pfsense list, after
> seeing only a few posts per week I checked today to find several dozen
> messages talking about a topic I have been concerned with myself - as a
> network security specialist, how much can I trust the firewalls I use,
> be they embedded devices, software packages, or 'hardware' from
> manufacturers.
> There are many on-topic things to discuss here:
> 1. Which Ciphers & Transforms should we now consider secure (pfsense
> provides quite a few cipher choices over some other off the shelf
> hardware.
> 2. What hardware / software & configuration changes can we consider to
> improve RNG and ensure that should we increase the bit size of our
> encryption, reduce lifetimes of our SAs that we can still ensure we have
> enough entropy in the RNG on a device that is typically starved of
> traditional entropy sources.
>
> This is so much on-topic, I am surprised that there has been a movement
> to call this thread to stop, granted - it may seem that the conversation
> may drift into a political one, with regard to privacy law etc...
> however, that is a valid sub-topic for a discussion list that addresses
> devices that are designed and implemented to safe-guard privacy.
>
> --
> Regards,
>
> Giles Coochey, CCNP, CCNA, CCNAS
> NetSecSpec Ltd
> +44 (0) 8444 780677
> +44 (0) 7983 877438
> http://www.coochey.net
> http://www.netsecspec.co.uk
> giles(a)coochey.net
>
>
>
> _______________________________________________
> List mailing list
> List(a)lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
>
>
> _______________________________________________
> List mailing list
> List(a)lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles(a)coochey.net
_______________________________________________
List mailing list
List(a)lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
2
1
10 Oct '13
Hi all,
may I have a question?
I need to manage key for encrypt/sign of [not-only] e-mail communication
for group of peoplewhich is partially dynamic. Basically it is some
elected administrative board.
My ideawas to create some master key than subkeys and in case subkeys
are revoced [member of admin-board was not elected,whole admin-board is
re-elected etc.].
Problem is, that all of the members are using same email e.g.
member(a)board.eg
As soon as member should not be able to read this email, his key should
be disallowed to decrypt messages on this email.
Can I ask for some HowTo or just correct my point of view, because it
seems definitely wrong.
Thx,
~ Over
--
“Borders I have never seen one. But I have heard they exist in the minds of some people.”
― Thor Heyerdahl
www...................http://overdrive.a-nihil.net
twitter...............https://twitter.com/#!/idoru23
blog..................http://d8ofh8.blogspot.com
GnuPG public key......http://overdrive.a-nihil.net/overdrive.txt
GnuPG key FingerPrint.072C C0AD 88EF F681 5E52 5329 8483 4860 6E19 949D
3
2
Re: [pfSense] Can pfSense be considered trusted? What implementations of VPNs can now be trusted?
by Eugen Leitl 10 Oct '13
by Eugen Leitl 10 Oct '13
10 Oct '13
----- Forwarded message from Ian Bowers <iggdawg(a)gmail.com> -----
Date: Thu, 10 Oct 2013 10:13:51 -0400
From: Ian Bowers <iggdawg(a)gmail.com>
To: pfSense support and discussion <list(a)lists.pfsense.org>
Subject: Re: [pfSense] Can pfSense be considered trusted? What implementations of VPNs can now be trusted?
Message-ID: <CAOtTuaoHDtm21xvTW941JTBgj3Wo93TxZ7X25ECFS7WPbi+_7Q(a)mail.gmail.com>
Reply-To: pfSense support and discussion <list(a)lists.pfsense.org>
On Thu, Oct 10, 2013 at 9:50 AM, Giles Coochey <giles(a)coochey.net> wrote:
> Trying to get this back on-topic, I will change the subject however, to
> alleviate the issues the anti-tin-foil-hat-brigade have. (ps I am also
> top-posting on purpose as I believe the conversation below has near to no
> relevance to my questions, but simply is an argument as to whether these
> questions should be asked, to which I believe in the affirmative).
>
> I have various questions to offer for discussion which have been
> bothering me since various security related issues that have appeared in
> the media recently: (see: https://www.schneier.com/crypto-gram-1309.html)
>
> Clearly, at the moment, open source security tools ought to have an
> advantage over closed-source tools. However, peer review of open-source
> code is not always complete, and there have been questions whether even
> algorithms have been subverted.
>
> 1. The random number generator - As pfSense uses FreeBSD this may well be
> a FreeBSD specific question, however, are there any ways within pfsense
> that we can improve the entropy pool that the random number gets its
> randomness from? Has anyone had any experience of implementing an external
> entropy source (e.g. http://www.entropykey.co.uk/) in pfsense?
> 2. Cipher Selection - we're not all cryptoanalysts, so statements like
> 'trust the math' don't always mean much to us, given the reports in the
> media, what is considered a safe cypher? I recently switched from AES-256
> to Blowfish-256, hashing from SHA-1 to SHA-512 and pfs group 2 to pfs group
> 5, and I reduced my SA lifetimes from 28800 to 1800. Could that be
> considered overkill? What Cipher's are others using? Have any of you, who
> have been made recently aware of the media coverage recently, also changed
> your cipher selection? What kind of changes did you make?
> 3. pfSense - In general do you consider pfsense secure?? As we are
> apparently told, asking whether the NSA has inserted or influenced the code
> in any way either in the pfsense code, or the upstream base (FreeBSD) is a
> question that we can't ask, as if it were the case then the NSA would have
> instructed someone in the know, to answer in the no.
>
>
>
>
1) I don't have the expertise to talk about RNGs in such a way that I feel
confident that my response is something other people should actually listen
to. The good ones are based on thermal noise or some other sort of "truly"
random source. but flaws in the software that processes this can make it
less random. This is a rabbit hole I've chosen not to dive down yet, but
made it a point to be aware of and follow along with as things unfold. So
I'll defer to others here.
2) Apologies for answering out of order, but it's early and my brain is
working that way. PFS group 5 is typically a good functional minimum, I
bump it up where appropriate, but I find in the higher PFS group I run into
interop issues when connecting to different vendors. Most everything
supports groups 1, 2, and 5, but 5 is my minimum unless someone has a good
reason. Cisco has a reputation for support of legacy protocols and
configurations (which is a double edged sword for sure), and even they are
saying groups 1 and 2 should not be used. For SA lifetimes I'm ok with
28800 for phase 1, and 3600 for phase 2. Phase 2 is really where you need
to mix it up frequently. it's less important with phase 1. Opinions on
this differ, but if you have PFS in play on phase 2, the lifetime of phase
1 becomes much less important. But play it how you like it, modern CPUs
have the horsepower to renegotiate frequently. For encryption ciphers I
rock AES-256 all day every day when I can. I've done my homework on the
AES development and selection process, and I'm satisfied (for now) with how
open it was and how it was critiqued. It's also the strongest encryption
cipher that with widespread support, and even on my home network I have
LAN-2-LAN tunnels to multiple vendors' gear. roll that into how primitive
many remote access clients can be, and AES-256 typically comes out on top
as the best you can get and still have a good chance of your peer
supporting it. As far as hashing, I'm still rocking SHA-1 for now because
I see abuse of the hashing algorithm for a functional attack as something
that would only realistically be used in a real-time man in the middle type
attack. A lot of other cards have to have fallen down for this to become a
problem. I'm under that kind of attack, I've got bigger problems. That
being said, I can't think of a good reason NOT to bump up hashing either.
so play it as you like it.
3) FreeBSD is very mature, and very well reviewed. I've looked into
FreeBSD to my personal satisfaction. OpenBSD may be abrasive as a
community at times, but their work product is pretty impressive in terms of
being clean and funcitonal. I was very happy with how they handled that
whole IPSec fiasco in 2011. I've been following pfSense for a while now,
and I've used it off and on for years. I'm very satisfied by the quality
and oversight of the coding. But by all means dig as long as your
curiosity holds out. you can never be "100% sure" of the security of any
software, but "sufficiently sure" is absolutely worth looking into.
Ian
_______________________________________________
List mailing list
List(a)lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0