I feel like we need to change our direction in terms of "identity" all together.
We seem to be relying on an "identity" that is our name, ssn, phone number, credit card number, or all these different little bits of data clumped together. Too messy, too easy to steal, to fake, to easy to sell.
Maybe our identity is more like a bitcoin wallet. It's an encrypted clump of data that we only keep with ourselves, and ourselves alone. It could store money, confirm that we are who we say we are because it can have our picture in it, our names, our "numbers" for various things.
Then, when someone needs ANYTHING from us, be it proof of identity, money, or trivial info, we can send them a piece of useless information salted with something that they then return to us with the same salt to get back a confirmation, or money, or access to "use" our other numbers, but they never GET our other numbers.
If you want my phone number, you send a request to me asking for it. I get the request, confirm it, send back another piece of data to you. This is NOT my phone number, but something you can use to send to me again in the future when you want to call me, and then my number is dialed, but you never see it. At any time, I can wipe you off my safe list, and you don't have my phone number anymore. Same thing can work when paying for something, or proving I am who I say I am when getting a loan, buying beer, whatever.
A great talk by Jake Appelbaum that one should watch: https://www.youtube.com/watch?v=6kilAPZ-vGA A very in depth and revealing talk about the current state of the union of 'identity' on the web and the apparent digital doppelgängers we carry around with us. Frankly the notion of a digital doppelgänger is hillarious and identity is not a hard problem when people are effectively schizoid when they surf and flitter between multiple idens all the time.
"You pick eight entities; they may be your friends, your employer, some corporation, nonprofit or even in the future a government, and if anything goes wrong a combination of five of them can recover your key. This concept of social multi-signature backup is perhaps one of the most powerful mechanisms to use in any kind of decentralized system design, and provides a very high amount of security very cheaply and without relying on centralized trust."
If you're not paying attention to Ethereum, you're missing out on the biggest story in technology ever. They're building systems that combine cryptographic identities and a global tamper-proof execution environment to bring the costs of interacting with any stranger on the planet to nearly zero. Every large organization on the planet (i.e. companies and governments) formed as a reaction to today's levels of transaction costs. Eliminating those transaction costs will reshape our society in ways that increase liberty and wealth. You can build the software that helps make that happen. My email's in my profile for anyone who wants help getting started or learning more.
Since this is something that is encrypted and can be backed up, you could have a second, third, fourth, as many as you want. You can leave your "wallet" with anyone, and it would be safe. I guess the trick is keeping them synced up, but really, there are a few things that never change, and you can update it again with the things that do.
What happens when this method meets the general public, huge numbers of which consistently lose things, or fail to understand basic security measures (sometimes wilfully)?
Any system based on "so, you have this physical|virtual thing, right..." is going to run into troubles when it meets the general public.
Did you notice that the GP was suggesting to do away with all of those things and replace it with a single doohickey?
People lose each of the things you list every day. They can generally prove who they are to the relevant vendor with the other things they haven't lost yet. How do you do that with a single doohickey?
And, as ams6110 mentioned, none of the things in your list require anything like 2FA - perhaps a PIN code on the bank card, but that's it. And those codes are generally four numeric digits. That's the level you need to pitch at for 'general public' consumption.
I fear that seeing how people "love the fingerprint readers on their phones" the governments will think - well then, they will probably love having to use their fingerprint for federal services, too - by giving us the fingerprint to store (which means the government will also be able to use that fingerprint to log into all the devices and services for which you'll be using that fingerprint).
Today's data breach at the very least shows that we shouldn't allow them to push for that. The fingerprint should always stay on our devices in a hardware secure module.
They will lure hordes of buffoons by making it look like a valuable thing:
"Free version limited to storing only most recent two fingerprints on our servers! For unlimited storage, upgrade to Middle Finger Pro for only $1.99!"
Huge data breech and the FBI is screaming from an Ivory tower that encryption is hallmark of all evil and that backdoors are a really good idea.
""Privacy, above all other things, including safety and freedom from terrorism, is not where we want to go..."" FBI Associate director Michael Steinbach
The USG reserves the use of backdoor-free software and strong encryption for itself, so I'm not sure that this is a worry with regard to the recent data breach.
The FBI means that consumers and foreign markets should not have encryption or backdoor-free software. I understand that this is a double standard, but we need to be clear that the double standard doesn't have to do with this most recent breach.
But it does. It's harder to have good security when all the normal solutions suck - they've all been poisoned. Its like when somebody told it's bad to be the most ambitious person in the room - it takes more effort to stand out than to blend in. If your the most ambitious one, merely being the in that state has a dampening effe.
I'm not sure I get the analogy to being the most ambitious person in the room. I think you mean that relative to intelligence agencies (not just US intelligence) and the most elite hacking groups domestic computers are products are not up to snuff?
I'm not sure that top intelligence agencies backdooring products has really made that gap so much worse.
I sorry I don't think I fully understood your point.
It is relevant in the general sense that it would only be a matter of time before a "massive data breach" included the keys/procedures to open some or all of the backdoors.
This has already been done. During Operation Aurora the Chinese hacked into the FBI backdoor built into GMail by Google and used it to gather information about intelligence operations being performed by the United States against Chinese nationals and also used it to perform surveillance of their own against their terrorist and dissident watch lists.
There are probably more examples.
I do not know of a single database that has 'all the keys' to the all software and encryption back doors. If such a thing existed it would be a very valuable target. Somehow, though, I imagine that there isn't such a centralized database.
During Operation Aurora the Chinese hacked into the FBI backdoor built into GMail by Google and used it to gather information about intelligence operations being performed by the United States against Chinese nationals
>Former government officials with knowledge of the breach said attackers successfully accessed a database that flagged Gmail accounts marked for court-ordered wiretaps.
To me it sounds like Gmail was compromised, and during the compromise, the attackers identified a database containing information that was of great intelligence value to them. This database does not appear to have been the vector that allowed the attackers to get in, nor was it a "backdoor". I suspect the attackers also had access to many, many other databases.
It's certainly possible the primary intended goal of the breach was to access this information (for counter-intelligence purposes), but it's not how they actually got in, nor did it help them get in.
Continue to read. You will find that this was the target of the operation. It was not the vector that allowed them to get in (not soley). It is usually the case that a successful breach gives very wide access, so I would suspect this as well.
I think you'll find that on the whole I am right. That the system was there for US intelligence and the Chinese were there for counter-espionage and that the backdoor allowed the Chinese used the system to access email information that they would have had to compromise a different way to get - thus their getting access through a back door.
There are a lot of security analysts who say the target of the operation was indeed that database, and there's certainly a good chance of that, but still, it's definitely not the same as a backdoor.
I'm afraid this is heading the direction of 'let's define a backdoor'. What remains true is that China targeted a system built for the FBI to get unencrypted access to GMail systems and customer data that did not require 'front door' access. Many people here would call a service run for the FBI without oversight or a lengthy and transparent approval process with the requirement for a warrant a backdoor. We don't have to call it that if you don't like - I think the terminology is not so important for the point.
I will leave the semantic discussion to whether such a system constituted a 'front door' or a 'back door' to folks who enjoy such deliberations.
Ultimately I hope that readers see how hacking of 'side systems' built for intelligence agencies to make full data requests have been used to gain access to the larger systems they connect - in the spirit of the original thread.
> Many people here would call a service run for the FBI without oversight or a lengthy and transparent approval process with the requirement for a warrant a backdoor
Er, what? No one would call it a front or back door. If someone gets root access to my machine and uses that to get access to data on my machine, that data was not the entry point. The phrase "without oversight or a lengthy and transparent approval process with the requirement for a warrant" shows what a red herring this is.
Right, but if there is a system to access your machine without your usual creds and that system gets hacked, that's backdoor access. You can say - the system for US intelligence is like 'another account' or a 'second root' and is known to Google and so it is not a backdoor - but is that really within the spirit of the discussion?
If you didn't understand that this was a separate system with separate access data, specifically for law enforcement requests, then that should clear it up.
If not we can go over semantics a ton but I don't like those games (everyone loses [time]).
I think the point you're trying to make is that this database of accounts under FBI surveillance is such a juicy target that it enticed China to go after Google. If the database didn't exist China wouldn't have had a reason to break in.
You have a point, but I don't think it applies in this situation. Google was a valuable target for Chinese intelligence for a whole variety of reasons. Google itself suspected that the primary motivation was to gather information on Chinese activists that were using the service.[1] The fact that there was apparently a database of FBI targets is just added benefit for them, and there's no evidence that I've seen to indicate that they knew of the database to begin with.
No, that's not quite the claim I'm making. I'm making a strictly stronger claim - backed by the brunt of articles - which is that China was purposefully performing a counter-espionage operation that involved Google because Google had (and has) a partnership with US intelligence.
You being in the role and expertise that you are - excluding Operation Aurora for now because you seem to have a certain characterization of it - you know that China and the US hack each other for strategic purposes and that when China hacks the US it is not about dissidents.
We can't predict an alternate history here whether China would have gone after Google for other reasons. What we do know is that China went after the intelligence system linked up to GMail and used it for counter-espionage purposes. One Google personal relations spokesperson did say they suspected China of using the system to collect information of terrorists and dissidents as well.
Attributing motive of course changes the narrative. Making it sound like China wanted to hack Google for the sole purpose of getting to dissidents makes it sound all spooky and evil. The reporting that has China hacking Google to track down terrorists and dissidents usually 'forgets' to mention the counter-espionage link at all or that the database they accessed was for law enforcement or that they gained access to Google's systems exclusively through this system; so I tend to believe the reporting and sources that include more, rather than less, information.
There's purpose behind casting doubt on the intentions of China and the context of the compromise: this is known as spin. Spin is important - for PR and for propaganda - but if you want people to have a real conversation you've got to do what you can to minimize it.
> You being in the role and expertise that you are...
I didn't mean to imply that I have any inside knowledge of the hack - I'm basing my views on this from what I've read in news outlets. I doubt I have any more knowledge on the subject than you. (Unless I'm misinterpreting sarcasm on your part)
> China and the US hack each other for strategic purposes and that when China hacks the US it is not about dissidents.
The Chinese intelligence services are going to focus on targets that will forward their own national goals. This will off course include strategic goals such as increasing economic and regional military influence, but don't discount their desire to maintain internal stability. They invest a significant amount of resources into controlling content on the internet and other media venues. In recent memory, their Great Firewall infrastructure was used to target dissidents hosting their materials within the US (which incensed the HN crowd with the whole Github DDOS).
There's plenty of good reasons for China to target Google. They have every reason to distrust Google as the US government has to distrust Chinese tech companies, and there's bound to be a wealth of information on their servers useful for counter intelligence, economic, political and likely even military gain as well. I don't we'll ever know exactly what all of their reasons were for breaking in, but I don't think the theory that one of the primary motivations was targeting dissidents can be waved away as just spin.
Oh no I meant your area of professional expertise in the area of cyber security. I did not mean this particular hack.
> wealth of information on their servers useful for counter intelligence, economic, political and likely even military gain as well
Perhaps you could go further and tease out why a US company would have information on their servers useful for counter intelligence, political and likely even military gain - beyond of course the merely mundane trope of suggesting that the algorithms or IP are the reason.
I'll take a stab, but I'd love to hear how your characterize it: It's because US tech companies, like other multinational corporations inside the US, partner with the US government which some times means intelligence or military sectors - either to provide products and services - to perform research or to fund research - or to offer capabilities as a de facto extension.
The Foreign Intelligence Surveillance Act weaponized the US tech service sector to provide data and metadata for US intelligence efforts and for the targeting of foreign nationals.
(Incidentally, it's true also that individuals located at Google hacked back into the Chinese C2Cs.)
Chinese Intelligence is fully aware of FISA and the USG use of technology product and service backdoors.
> I don't we'll ever know exactly what all of their reasons were for breaking in, but I don't think the theory that one of the primary motivations was targeting dissidents can be waved away as just spin.
You really don't motivate why we should take the PR statement more seriously than the journalism. And references to 'I don't think we can ever be certain' is an appeal to uncertainty that isn't really there.
> Perhaps you could go further and tease out why...
I suggested it for much more mundane than you suggested: Google is likely to have valuable political, economic and political information because politicians, businessmen and service members have personal Google accounts, and employees are the weakest link in an organization's security. I don't think anyone's going to be sending out the designs for the next stealth fighter over Gmail, but plenty of people would be sending out innocuous documents, contact information, personal problems, etc. Intelligence services thrive on innocuous information in aggregate.
Is it the case that FISA weaponizes US tech services as claimed above? Could you go on at length about the Snowden disclosures and how they and the FISA Court pertain to overseas national spying - and Google and other companyies' roles?
I doubt there could be such a database today, but I'm thinking in terms of a scenario where all "secure" communications channels available to the public are required to choose from some list of compromised encryption standards. Perhaps each company would maintain its own keys at first, but after a few cases of being unable to comply with court orders because someone lost the keys, the obvious next step would be a central registry.
I understand this. Such a database would definitely be a juicy target. Concentrating backdoor keys and information is unwise.
I'm not sure we want to base policy on something speculative like that. Agreed that conversations should be had - both about widespead backdoors and about centralizing the keys to these backdoors - if the scenario ever comes to pass.
In the meantime we can't say that the backdooring contributed to this Chinese attributed breach.
I don't see anyone claiming a backdoor contributed to this breach in particular. It's just a bit ironic (and convenient, frankly) that the news would break on the same day an FBI official calls to further weaken U.S. digital security under the extremely dubious assumption that the U.S. government, now and forever, would be the only power capable of exploiting those weaknesses.
It is ironic in a certain sense. Comments here unfortunately were and are linking the two in a causal way rather than just pointing out the double standard.
The point of these backdoor programs is that there is an asymmetry in how the vulnerabilities can be exploited. The point being that the calculus has been done - right now the benefit to national security (the place of the US in the 'world pecking order' - it's ability to project power and protect its strategic interests) is greater than its detriment to national security.
Now, it absolutely does weaken 'personal security'. Broken encryption, backdoors, weak protocols, federated auth, these things decrease the digital security of companies and persons.
As a person not involved in performing the calculus of national security (again global strategic interests) it is easy to see these programs as merely a threat with no obvious gain. Those concerned with national security and global competition see this as a small price to pay to wield a large amount of global influence.
This is a good way to understand why the FBI will say things that seem so plainly wrong to the HN crowd.
I happen to agree with the HN folk wisdom - that the national security apparatus is there to protect our democracy not the other way around - but to really engage with the issue its important to understand what the 'other side' is arguing more fully.
This is a very complicated space. Very important policy scholars (Sunstein) even recommends reinterpreting free speech to mean something closer to what we've historically criticized China for.
Going forward we need as much informed debate as possible. The national security apparatus isn't going to listen to the public if the public can't understand the issues they grapple with and engage it charitably.
There isn't such a centralized database yet. With NSA surveillance and FBI calls for backdoors, that is quickly changing as various three-letter-agencies gobble up all the data they physically can and in the process make themselves easy and obvious targets.
This seems sort of speculative to me - at least too speculative to base (important) policy on.
The way the US government would be likely to handle this situation is that they would recognize the threat and mandate that no such single database be created or that one be separated were it to exist. I don't know that they would change their mind about backdooring products and services when they can mitigate the scenario and address concerns a much easier way.
Even the Wikipedia article is pretty good. Honestly I would recommend Googling around for it. There's bound to be declassified aspects to the attacks you can trace down if you are dogged, but it's likely you'll find everything you want with standard internet search.
But the government will use this as yet another excuse to pass more cyber surveillance laws.
Also, with the FBI promoting an anti-encryption culture and the NSA promoting an anti-security culture in terms of what laws politicians should pass, it's only a matter of time before that culture spills into the government's own agencies, too.
For instance, politicians can be brainwashed so much by the NSA/FBI that encryption is some "dark sorcery that only terrorists and child pornographers use" to the point where they'll start voting against bills that aim to secure government's websites and so on.
It's likely that scare tactics and politics will use whatever justification they can to achieve their goals - including politicization of large media events.
That's not really how it has worked. CAs can't be trusted because, in part, the USG wants to corrupt them as needed. Encryption systems get weakened because the NSA wants to be able to break them. Vulns don't get reported. Etc. It isn't a "double standard." The tech industry well has been poisoned in the same of surveillance.
> CAs can't be trusted because, in part, the USG wants to corrupt them as needed
Has this happened? Or did a U.S. government official slip up and admit the future intention publicly? (I wouldn't be surprised)
The only CA corruption I've heard of was a MOIS/VAJA operation against DigiNotar and a corporation overstepping its agreement with a CA by abusing a delegate root CA.
No, but it means that breaches like this will be even more dangerous to the American public, since now such breaches will have the potential of exposing access to "secure" backdoors and the wealth of surveillance data various LEAs have accumulated.
There's other threads here were people suggest this.
It seems pretty speculative to me that there's some large database with all of the mandated software backdoors and keys to get access to. And if it existed, I don't know that it would be such a large threat.
Certainly security bugs and professionals inside of industry are targeted by hackers already.
Given everything else, I don't know how large an issue this is (compared to say, hacking nuclear defense systems, energy grid, military C2C, etc).
It would be interesting to see whether this is considered a threat scenario by the USG.
> It seems pretty speculative to me that there's some large database with all of the mandated software backdoors and keys to get access to.
You overestimate the competence of government agencies.
> Given everything else, I don't know how large an issue this is
A significantly large issue, seeing as it puts the safety of the vast majority of Americans at risk by exposing their personal information (everything from banking information to patient records to their precise movements).
> It would be interesting to see whether this is considered a threat scenario by the USG.
If it's not, then I've lost any sliver of confidence in the Feds that I might have had previously.
As a former government contractor, I wish I could say I'm surprised. Unfortunately, computer/network security in many government agencies frequently has more to do with policy documents than with anyone technical actually determining whether the system is secure.
"Cyber databases" was the clincher for me. At least all of the others are using the adjective to (ostensibly) distinguish from a more general version of the same. A cyber-attack versus a straight-up physical attack. A cyber-intrusion versus physical trespassing.
But who uses the term "database" to refer to anything but a store of data on a computer system?
I realize the BBC has some old-fashioned style guide it's using here, but "cyber databases" betrays a bit of a need to revisit that guide.
> Using a new security system known as Einstein, the OPM detected a network intrusion in April 2015. The FBI said it is investigating the breach.
> Ken Ammon, chief strategy officer of Xceedium - a information security firm - warned that the hacked data could be used to impersonate or blackmail federal employees with access to sensitive information.
> Congressman Adam Schiff has called for database software to be upgraded in light of the most recent attack.
> Americans "expect that federal computer networks are maintained with state of the art defenses", Mr Schiff said.
> "The threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily basis, and it's clear that a substantial improvement in our databases and defenses is perilously overdue."
> But who uses the term "database" to refer to anything but a store of data on a computer system?
Technically, a "database" is just an organized collection of data. While nowadays it's increasingly rare to encounter a non-electronic database, these were once upon very commonplace. One specific example that I recall rather fondly is the list of Dewey Decimal cards that libraries would keep in narrow file cabinets so that users could search through them and find the books they wanted. While my school library's catalog was already digitized, I still used these cards sometimes, finding books that had been omitted from the digital system for whatever reason (though these were eventually cleaned up when the digital system itself started to include the creation of spine labels, thus causing non-cataloged books to become more obvious).
I am familiar with the term as it was used prior to computers. But the BBC's insistence on qualifying a database as a "cyber-database" in 2015 is gross anachronism the likes of using the phrases "touch-tone phone" or "world-wide web."
A more accurate analogy would be using the phrases like "cell phone," which are certainly still commonplace. Adjectives tend to stick around longer than necessary for disambiguation, but that doesn't mean they are useless.
All the English-language mainstream media outlets have a broadly pro-Western slant so it's not unusual that they present the viewpoints of their allies, playing up attacks against the West and downplaying or simply not reporting Western nations attacks against their "enemies". Stuxnet was one exception and the US government admitted, IIRC, that it and Israel had developed it and deployed it against Iranian targets. But generally it's only widely reported when the "bad guys" ostensibly attack the "good guys" and no verifiable evidence is provided and we only have official government sources' word to go on. It is a given, I think, that governments spy on each other and strategically launch attacks on each other's networks and databases. However, after the Snowden revelations the US/UK and their allies lost the (bogus) moral high ground when it was revealed they do the same covert attacks that were blamed on China, Russia etc. Only the really naïve were surprised by this. The mass surveillance of their own citizens is a different matter.
Bruce Schneier's latest book 'Data and Goliath' examines the implications of mass surveillance in a calm, levelheaded manner. He also outlines detailed, and realistic, solutions that recognize the benefits of data- mining and covert surveillance while reining in the excessively secret bulk data collection practices of state intelligence agencies and the bulk data-mining practiced by corporations like Google and Facebook.
They generally toe the official government line, at least the mainstream media does. The opinion pages contain the odd piece here and there that deviates from this narrow perspective. But don't rely on the English-language (or any language) media to present an unbiased viewpoint that gives equal weight to both sides of an argument when it involves the US or an ally/client state and an "enemy" state like China or Iran.
Why? Actually using existing standards would have worked just fine. Making existing standards easier to use might have helped, but the problems in government use of IT extend far deeper than just the choice of crypto standards.
It's hard not to make this trivial comment so let's make it:
At least it may give a taste to US nationals of what it feels like to have your country hacked by a foreign power, like most European countries nationals felt after the Snowden leaks.
You seem to think this is something the US is unfamiliar with. The US has been one of the largest targets of attacks for a long time now. This is just the first time the government itself has been attacked on such a large scale rather than private parties.
IIRC the list of attackers isn't very stable other than China being #1, the US almost always being #2, and Russia usually being pretty high. Right now it's a close race for third between Bulgaria and Russia, and the Netherlands isn't launching any attacks.
>You seem to think this is something the US is unfamiliar with. The US has been one of the largest targets of attacks for a long time now.
Or so they say -- to make the case for more budget and that they are "victims too" not just agressors. And of course to paint some provincial BS backwaters as "credible threats".
It seems both unrealistic and weirdly dismissive toward China to call them a "provincial backwater" and suggest they don't have computer experts capable of attacking US targets.
Oh this isn't new. There has been cyberwarfare now for close to two decades, although there's certainly been increasing amounts of activity.
The US of course will reply in kind. It is US defense policy in cyber to retaliate for cyber attacks - specifically this is part of a deterrence strategy.
For some time I've been in the process of forming a personal opinion on the subject. I'm not through. I don't know. I will say that my impression is that a small amount of quite clandestine surveillance of civilians that is never acknowledged (to the contrary, denied or even destroyed if it comes down to it - and this part is very important) but has certain official channels in extraordinary cases may make a small amount of sense. (I won't outline my entire reasoning here, but the basic argument is that if we as a society do officially acknowledge and use the surveillance, it becomes a dictatorial police state.) Note that I want no part of such an apparatus and very greatly do value my freedom. I think people should be free from government surveillance into their privacy. But perhaps meaning that the possibility of this is not acknowledged, which in some philosophical sense is possibly quite similar in effect, especially to a utilitarian. So perhaps it could exist behind closed channels and not acknowledged.
For a typical example for why this may be okay to exist, we can simply posit (for the sake of argument) someone who 0-days every server in the world and holds everything on any of their hard-drives for the ransom of 1 milliiiion dollars, oh not individually per person but total, from behind tor relays and to be paid in bitcoin, divided out among a few thousand or ten thousand or million or ten million targets. Brazenly. What does the world do - just pay? (collectively, individually, whatever.) That means he now has a budget of 1 milliiiiion dollars for round 2. So in a case like this, I would think that society would want to say, all right, enough is enough of these shenanigans, we are going to peek behind the curtain here (violating your privacy). It's not that there's any disagreement that it's illegal, it's that you need to violate privacy to prevent this very real possibility that actually occurs every day, today. As I mentioned however, I do not have very firm opinions on the subject. This kind of ransomware isn't a theoretical exercise however - it exists, and it's great when we have resources like this: https://noransom.kaspersky.com/ that nullify it. There is also generally a reason that there is a legal system in place and if you didn't have laws, people would do whatever they can physically get away with, which in a technological society that puts multipliers and levers on all of our efforts, is a lot. That the mechanism for getting that data have to be extraordinary is a given, however.
But even though I think a small amount of surveillance may be important, by my current impression I am massively opposed to very large amounts of surveillance, I think it's a tremendous waste of resources. See this thread for my opinions about when companies receive huge windfall payments for it - https://news.ycombinator.com/item?id=9549597 -- I'm simply opposed.
So far my theoretical model (as a personal philosophical exercise, and bearing in mind that I am undecided on a larger scale) extends to within a single country, or group of closely allied countries. It makes sense to encourage companies to innovate, to grow, to create things - creative innovators are the things we as a society are protecting, from people who would, for example, steal their designs and hold them for ransom.
But I'd like to ask people's opinions about countries such as China, which I believe have much to learn before they can be as "good" actors as Western powers - including for their own populations. (i.e. this is a separate question from what is good.)
Just some of the factors that are important for China although they may not realize it are environmental issues, I mean you can hardly breathe in Beijing, continued very high economic growth and, yes, increased "lawfulness" in several areas where they will be well ahead by, for example, respecting IP and innovation of both foreign companies and their own. Now here specifically, we can use a simple example: if their hackers (people just like the readership here, except reading everything in Chinese but like us also clever computer geeks, except sitting in some hacking center doing 8 hour shifts of hacking, instead of building millions of dollars of real economic value with their same mental cycles) - they are busy hacking the US government, they're not busy creating the next Google, Microsoft, Apple, and so forth. We're also not benefiting from their research either.
So it seems, to me, that they are not ahead from this overseas hacking. Specifically, I think it holds their economy back.
But more broadly - and here is where I am getting into something philosophical and on a topic where I'm very undecided: isn't it fair to say that it would be quite impossible to imagine the FBI actively hacking another Federal government agency? Likewise, if in some sense there were a more international version of a democratic world power, wouldn't this save massive state resources on all sides?
That is to say, although I am trying to reason from first principles and extreme use cases, it seems to me that if there isn't a world order today, there should be. (This is a tentative impression!!) I also think that the readership here - the computer geeks, the entrepreneurs, the scientists, the smartest of the smart, all over the world automatically do form a community. While we might not have many Chinese readers today, I doubt the same would be true in ten years, especially given the fact that English for better or for worse is the de facto international language of communications and technology, (and science/research) in particular.
Basically, what I am asking about is why we wouldn't want to live under a flag of the Earth representing some ecumenical world power. As an advantage, we would save precisely the costs that the FBI saves by not trying to hack the other agencies of America. (Since they're all under one flag, why would they waste resources hacking each other.)
This is quite a separate issue from surveillance, which is sort-of orthogonal to this question. Basically, what if anything would be the cons to an international world order? At a minimum, wouldn't this stop the acts of "your country hacked by a foreign power" as we would expect them to? Wouldn't those resources be automatically put to better use? The guy who can't get work hacking some government while that government hacks his, would instead use his powers more creatively.
I ask this with the distinct goal of attempting to better understand what kind of world we would even want to live in. If this is much too tangential or I elicit very unconstructive responses I can delete this comment.
Basically, on the level of economic growth, productivity, and, yes, freedom - what is wrong with a world order and cooperation? (I assume there's something wrong with it, because the phrase "world order" is a negative one!)
There's a lot to reply here and I'm not uniquely qualified to do it, but I figured I'd write something given the effort you've put into sharing your thoughts and feelings.
With regard to the FBI hacking another agency - the CIA hacked Congress when they were investigating them for torture. Rounding that down to something a founding father could say: the executive branch spied on the legislative branch while it was investigating the executive branch for breach of law.
With regard to US world order - it's so hard to tell when an empire is doing the world more good than bad - and between various 'opportunity costs' to the good it could do the world under its order.
In this sense, the US does do some very, very dirty deeds. It is not above killing and even torturing and then killing innocent people, committing mass fraud on the world to justify its interests, or involving itself in the rape of children, and trafficking of arms and drugs internationally (illegally) to supply proxy forces. It propagandizes and it censors and it disappears people. It steals resources and engages in protectionist trade while espousing free markets. It rigs elections overseas and it coups genuine leadership. It assassinates key figures to decide geostrategic events. It has a long list of scandals.
To maintain its justified place at the top of the world order it needs to maintain an image of legitimacy. If you ask those who know about its special operations who is on the US's side you will hear precisely what you have mused about: the good that America does in keeping a world order with static boundaries based on trade and other forms of competition is collectively a better world to live in, even if some people - in the eyes of the power elite - need to be subjected to torture for it to continue.
Digesting this statement requires a neigh impossible task: predicting alternate futures where current order never developed and in its place another one does. Quickly this task becomes an imaginative one that falls prey to the leanings and biases of the person imagining it: those who favor the US imagine a more chaotic world and those who favor another nation a more peaceful one.
It's nearly impossible to ask this question, so the real work to be done is through alternate questions. What can we do now? What questionable programs and opinions exist today that can be dismantled? What powers are needed to maintain a peaceful sphere? Should the world have one protector, or is it possible for some Wilsonian (or other) creation to succeed at the task?
I can't give you those answers. I don't have them myself.
As an aside - one I hope is interesting - the United States relies very heavily on its reputation as a just and kind force to maintain its legitimacy. Were qualms with the US to bubble into a loss of legitimacy the world order would quickly dissipate.
This is what the US fears the most. It has to keep the optics at a higher bar than it can keep its practices. It hopes, it wishes and it needs to find solutions that allow for international stability - where it remains the top dog - and where it can keep its reputation.
We get to see how our leadership and representatives navigate this space and we get to be the primary sources for the historians to annotate it for the future.
So thanks for your reply, but it's along totally different lines from what I had in mind. (I added an Edit on the bottom.) What I mean is more along the lines of the 'new world order' conspiracy I linked. Why wouldn't we want something like that? It would save all of the costs of the same colluding powers hacking each other. In this specific example, why wouldn't we want China and the U.S. colluding rather than hacking each other? But this collusion is kind of the definition of a "new world order". Why wouldn't we want all the countries in on it?
You are certainly right that my impressions are quite shallow, I am mostly proceeding from first principles, a few use cases, ideas, and philosophy. Thanks for your thoughts.
This is part of an ongoing cyberwar between great powers - the largest adversaries to the US being China (mostly smash and grab) and Russia (primarily sophisticated and surgical).
It would be nice if there was some place where we could see the scoreboard to know how effective and how often we hack the Chinese back. Right now it looks like our tax dollars are being spent getting hacked, but the US government has doubled down many times on offensive cyberwar capabilities and now have professional cybersoldier career tracks in the DoD.
Actually, this is an interesting question. The U.S. may well be hacking China left, right, and centre. There is nothing forcing China to disclose when they are hacked. There might be political advantage in loudly complaining. On the other hand, they might find it better not to admit weakness, especially to their own people.
The US undoubtedly hacks China, though there's some forms of asymmetry whereby the US has more to lose.
There's also a language and media bubble that filters out information and criticisms of the United States. These bi- and multi-lateral criticisms happen all the time but rarely are subject of US media reporting.
Fair point, but you are assuming I rely on U.S. media reporting. I most certainly do not; in fact, I pay little attention to U.S. media reporting. I do rely on English language reporting, however.
No, Canadian mainstream media reporting is NOT reliable! Canadians tend to believe everything Canada does is just a bit better than what the US offers. Definitely not the case with the media. In fact, Canada's English-language media is in a pretty sad state. See my other post in this thread for more info.
Well, I haven't lived in Canada for a few years . . . I find Canadian reporting to be somewhat better than the U.S., but not nearly as good as some of the international sources like the BBC and Al Jazeera.
I disagree. Three or four corporations own almost the entire Canadian media, from traditional print publications to television and Internet. The range of viewpoints on offer is extremely limited. For example, the two daily newspapers in Vancouver are owned by the same company. The two (or is it three?) private "over the air" TV networks are run by the same companies that own the two national daily newspapers. This type of media concentration would be illegal in the US. The Canadian media is incestuous and prone to nepotism and corruption. The CBC network took government money to produce a series run on their flagship nightly newscast that sent their chief correspondent (who was also a Bilderberg guest) on a tour of the Northwest Passage aboard a Coast Guard ice breaker. This coincided with the government's ramping up PR about a "strong northern presence to assert Canadian sovereignty". A CBC business corespondent was on the payroll of a national financial institution, and married to a high-level employee of said bank)when she did an "independent analysis" of this institution which just happened to show them in a very positive light.
And Canada is the only Anglophone nation without a tradition of media criticism. So, no, Canadian journalism is not in any way superior to US reporting. Quite the opposite in fact. Canadaland, a weekly podcast started by a dude who has worked for a variety of Canadian media outlets directly confronts the sick and feeble nature of Canada's media landscape.
Pretty damning anecdote about reporting on the arctic. Press coverage that happily glosses over international uncertainty and debate in favor of a national narrative and interests conclusively outs coverage for what it is.
Media concentration is extremely high inside the United States as well, and of course reporting is similarly colored.
My post was a response to a claim that the Canadian media offers a higher quality product than its US counterpart. I disagree and gave my reasons and provided a couple of examples. I did not, however, claim that US media concentration isn't high. It is, but it's not as extreme as the Canadian example.
Independent media is almost non-existent in Canada, online or otherwise. Viewpoints that deviate from the mainstream are far and in between. The only online independent journalism site I can think of that has gained a wider audience is The Tyee based in Vancouver. The Canadaland podcast, created and hosted by journalist Jesse Brown, also seeks to provide a wider variety of viewpoints and it directly addresses the sad state of Canadian media culture (something Brown is intimately familiar with).
A lot of people here are commenting, rightly, that this is an example of why the USG should be strengthening encryption. It's also a reminder that, despite its disproportionate focus in media, including on HN, the US is obviously not the only government engaged in this behavior.
I wonder how much social engineering was involved in the hack. No matter how great is your tech, if your staff is not trained to be paranoid you're going to suffer the consequences.
"Hey I just found a usb pen on the floor. I wonder what it's inside it..."
This is perhaps a stupid or uninformed question, but if databases are so vulnerable, why is so much information still stored in cleartext? It seems to me that taking the extra step to strongly encrypt data prior to writing to tables would make the intruder's job much harder.
I speak not only as a programmer and database guy from way back, but as one of the millions of Anthem subscribers whose personal data was stolen a few months ago in a massive breach.
I know that "data breach" might well mean the keys were stolen which decrypted an otherwise secure file, but the terminology suggests that the breach was simple access into the system rather than acquisition of the precious keys themselves.
Someone with superior knowledge of these things, kindly explain.
There's likely a couple of factors which could include these:
* A breach to internal database level would, in the majority of systems mean the attacker already has all the keys to use the database system
* A database cannot perform a lot of its functionality (e.g. JOINs) without access to the data & if the encryption keys were usable at the database level to perform such functionality it would make the encryption redundant.
A working 'encrypted database' system would likely need to use Hardware Security Modules (HSMs) to prevent key exfiltration, you would distribute these to people who need to use the database, who would need to decrypt it in mostly its entirety to use it.
It's possible by reworking entirely how modern databases work (fully homomorphic encryption is probably useful here) you could create a system where the database doesn't have to already be fully decrypted for you to use it, but as far as I know it doesn't exist (startup idea?).
If it's a relational database, the core function of the database is to make it searchable. If you encrypt the fields, you have to decrypt everything to search them. So if search or relationships are important to you, encrypting the whole database would be disruptive.
There is a type of encryption called "homomorphic" which could allow you to perform operations on encrypted information. I haven't ever tried to implement it and consider it one of those seductive ideas that probably can't get implemented correctly in practice. But if there was a way to deliver an entire encrypted database and still make it useful, homomorphic encryption is the only way I am aware of that would make it work.
Perhaps the data you need to search is not the same as the data you might want to encrypt? For instance name, address, ssn (or similar), billing info, etc. could all be encrypted and you could still look for e.g. 50yo women in the Northeast USA who haven't had a checkup in the last three years.
Of course many DBs need to search by name, but maybe it can be set up to search by a hash of name? Hashes seem a bit simpler than homomorphic search.
>>Perhaps the data you need to search is not the same as the data you might want to encrypt?
Bingo. That would be the correct middle ground. This is why some of the database compromises that have happened are not complete disasters. I know there have been a few instances of systems that had their db's dumped, but passwords were safely protected by appropriate salting solutions.
A suitable response would be to present proof of what happened and who did it, then pursue law enforcement solutions and public shaming.
If this had been a land incursion, and the public Army had been the responding department, there'd be no question, and we'd have pictures of tanks and AK-47s on the front page of every newspaper. Congress would be discussing nothing else.
However, it's the spies, and FBI wannabe-spies that are probably handling this. The proof is not as obvious as a tank in North Dakota, but I suspect that there's is enough evidence and forensics to prove to the NSA and their ilk who did it and how.
But a spy's natural instinct is to hide the fact that they know something. It's a card up the sleeve, and their concern is more about being able to continue to spy than to stop a currently ongoing crime.
Well, they could confront the issue instead of publicly ignoring it for a change. Haven't heard much about China's massive DDoS against github. Even github won't point the finger at China even though it was clearly done at the Great Firewall.
The US is trying to establish norms for cyber operations in the international community - this is a missing and critical piece.
But the US does have cyberwarfare policies. As part of a deterrence strategy the US strikes back when it can attribute attacks to a specific party. You may also remember the recent Executive Order from the Obama Administration whereby a series of policies were joined so that the US is organized to levy sanctions against governments, actors and corporations overseas that are involved in sponsoring intrusions into US networks.
How would we know? The most notable attestation I can think of was NK-Sony, and that is dubious at best. I'll stipulate that China is behind lots of hacks, but that means attributing any particular one to them could be just a good guess.
The NK-SONY episode was undoubtedly NK or NK-sympathizers.
The malware analysis from Fireeye is a good start for this (it was a variant of malware used by NK to target SK media outlets that run negative press against the regime, was compiled with Korean character sets, and much more), but it's also true that the motive of the hack, written by the Guardians of Peace themselves, was to punish the US for the State Department and CIA's involvement in the creation of The Interview and the plans to get the movie into NK.
Curiously linguistic analysis of the Guardian of Peace messages suggest that the author was possibly Russian and variants of the malware package had also been used in an Iranian attack on US oil companies in the Middle East. (These nations are known to collaborate in malware development and tactics, tools and proceedures.)
This hit every US news service. How is it so low in points?
"breach could potentially affect every federal agency, officials said"
I love HN's ability to filter news that matters to dev/tech-professionals, but when stuff like this pops up it should be top 10, for at _least_ a few hours. This is some serious shit. Who here does business with government agencies? Most of you have IRS Tax/Employer IDs... with the rate that this is "expanding" what is to say that it wasn't just HR records, but more. Your e-filed IRS return could be sitting with folks outside of the IRS...
No intention to fear monger but think of the statement "breach could potentially affect every federal agency" - every business in the US does something, with sensitive data, with an agency :/
It's not a data breach, it's essential that the US keep their database unencrypted so that the Chinese national security agency can search their records for ties to terrorism.
If anything China just did the OPM a favour to help them keep their freedom.
Note the Office of Personnel Management's scores in this report, and note the scores of the State Department. Ms. Clinton's e-mails may have been more secure at her private residence :-\
Interested in hearing the details about this one. How much of it was facilitated by phishing or social engineering? Are there any government systems that require two-factor auth? So much of federal web infrastructure is based on old code/systems that, while invulnerable to a mass exploit of Rails/WordPress/Bash, have not even remotely been tested and studied against edge cases in the way that large scale open source platforms have.
The US government has some of the best CNA/E defense anywhere in the world - certainly better than almost all of industry - even departments that you would otherwise think are puny.
The backdooring and lack of encryption in software is because the US is still a primary exporter of technology and we want to be able to continue to hack, surveil, message and control those who get US technology. US FedRAMP and other compliance minimums insist on the use of properly configured encryption in private industry to protect government information and cyber sharing programs enable both the sharing of data between private and public sectors for surveillance and for the detection and analysis of foreign cyber attacks. The US government has state of the art encryption (for the most part) and some of the most heavily monitored perimeters.
None of this is enough to stop cyberattacks, which have all of the advantages in their favor.
So while I'm inclined to agree with you that the US should stop mandating backdoors and weak encryption I don't think its a fair characterization to suggest this anything to do with why the US was breached.
China and the US are battling each other in several arenas of influence, as are Russia and the US. In this case the US is trying to stop Russia and China's global and regional power projection and these countries do not accept the US world order and their current place in it.
Conflict is inevitable. It will be interesting to read the history books to see what gets written about the role of the information warfare space and what role it plays in whatever outcome we get.
> state of the art encryption
Encryption Is not rocket science. It's trivial to make encryption arbitrarily harder to crack by using larger keys. There is no practical limit to key sizes.
Encryption is extremely hard to get right. Increasing key sizes does not matter if your scheme, protocol, padding, chaining mode, implementation, nonce values, randomness, key management, user interface, key agreement, key generation, IV generation, constants and settings, etc are done poorly - and it is difficult to get essentially every one of these right.
There is state of the art encryption. Encryption is not about key size.
> user interface
Yeah, if you are implementing it for other users, you can be forced to put backdoors. All bets are off. I mean encryption for your own use. All you need is a hashing algorithm like sha256 and your key.
> randomness
Why would you trust a computer with randomness. Take a picture, and hash it... Not so hard.
> 3rd party encryption is probably backdoored even in "state of the art" nsa employees hands. I doubt they trust their own employees. They know they probably have double agents around.
> The backdooring and lack of encryption in software is because the US is still a primary exporter of technology and we want to be able to continue to hack, surveil, message and control those who get US technology.
We seem to be relying on an "identity" that is our name, ssn, phone number, credit card number, or all these different little bits of data clumped together. Too messy, too easy to steal, to fake, to easy to sell.
Maybe our identity is more like a bitcoin wallet. It's an encrypted clump of data that we only keep with ourselves, and ourselves alone. It could store money, confirm that we are who we say we are because it can have our picture in it, our names, our "numbers" for various things.
Then, when someone needs ANYTHING from us, be it proof of identity, money, or trivial info, we can send them a piece of useless information salted with something that they then return to us with the same salt to get back a confirmation, or money, or access to "use" our other numbers, but they never GET our other numbers.
If you want my phone number, you send a request to me asking for it. I get the request, confirm it, send back another piece of data to you. This is NOT my phone number, but something you can use to send to me again in the future when you want to call me, and then my number is dialed, but you never see it. At any time, I can wipe you off my safe list, and you don't have my phone number anymore. Same thing can work when paying for something, or proving I am who I say I am when getting a loan, buying beer, whatever.
Maybe this is ridiculous.