Last week's PRISM news, complemented by today's Guardian outing of NSA's related "Boundless Informant" tool which enables the Agency to catalog its global - including U.S. - surveillance data (link to Guardian article), would seem to indicate that the U.S. - not China - still reigns cyber-supreme, not just in disruptive capability (e.g. Stuxnet), but also in espionage and data exfiltration.
This really shouldn't come as any surprise to anyone, although the depth and breadth of the NSA reach is astounding, as is the compromising of American Internet companies. Indeed, to this latter point, we may be witnessing perhaps the most remarkable instance ever of the U.S. Government effectively torpedoing one of our most successful and vibrant industries. See Friday's post - linked.
Today's Washington Post offered a bit more visibility into how PRISM supposedly works, continuing to rely on a confidential informant or informants. The Post also reiterated official public statements from the various compromised U.S. Internet companies, which continue to deny any knowledge of any system that allows the government to directly query their central servers.
At the same time, the Post quoted anonymous Internet company sources that did indeed acknowledge PRISM's existence as a tool for the NSA and other Agencies to access information about foreign customers. These sources reportedly told the Post that they were pressured by authorities to grant easier access to data they were "entitled to" under secret Federal Intelligence Surveillance Act (FISA) court orders.
Such Court orders are believed to be, in many cases, blanket, open-ended requests, per Section 702 of FISA.
According to today's Post and other reports, the way PRISM works is via "equipment" installed at Internet company locations which is "tasked" by NSA "collection managers" who receive results without interaction with company staff. Sounds a bit as if the Internet companies are mirroring the data on their servers to PRISM gear, which would make their claims of "no direct server access" a bit, um, coy.
Speaking of mirrors...
In my initial June 6 post on PRISM (linked), I briefly observed that the U.S. Government compromising of commercial entities via programs like PRISM might explain why companies like my employer - China-headquartered Huawei - have been alleged to be susceptible to Chinese Government manipulation. I suggested that the U.S. Government was looking in the mirror, assuming its behavior of others.
My observation was somewhat flawed.
You see, PRISM, and other such programs, treat networks like plumbing. In the case of PRISM, the Government compromised the Internet companies to tap data in a manner utterly agnostic to the "pipes" - the telecom infrastructure - over which such data flowed. So, the mirror analogy doesn't work in terms of the political-protectionist policies blocking companies like Huawei from bringing competition to the U.S.
So-called national security concerns related to Huawei have been based on perceptions that due to its Chinese heritage, company employees might be coerced by the Chinese Government into planting "backdoors" in the gear it builds, enabling the Chinese Government to somehow access networks to extract data.
This is technologically feasible (but nowhere near as reliable and universal as PRISM), but such rogue employee activity would be quickly detected and quashed by Huawei security assurance programs. And the U.S. Government knows this. Moreover, they know that every other telecom vendor is vulnerable to the same potential compromise as Huawei, given that they all operate globally, including in China.
Wouldn't it be fair for the U.S. Government to believe that Huawei could be compromised the same way that NSA compromised U.S. Internet companies? No. Secret and discrete PRISM "equipment" tapped into or otherwise mirroring Internet company servers known only to select company executives is a believable scenario (indeed, the proof is in the fact that it has remained covert for six years).
But, a scenario in which tens or hundreds of thousands of individual commodity network infrastructure components - built and tested to global standards to ensure interoperability across multiple vendors - could all be compromised and coordinated to produce actionable intelligence in any sustainable fashion without being detected?
That's a conspiracy theory that would require the complicity of thousands. That just doesn't hold up in the real world.
That's a conspiracy theory that would require the complicity of thousands. That just doesn't hold up in the real world.
No comments:
Post a Comment