Johns Hopkins Tells Security Researcher To Remove Blog Post About NSA Encryption Attacks From University Server

from the now-take-a-look dept

Last week, a great blog post by cryptographer and research professor Matthew Green was posted, providing some fantastic details about the likely attack vectors by the NSA to compromise encryption schemes. It's a well written and detailed piece from someone who clearly knows what he's talking about. Oh, and it kicks off with an amusing story about how the reporters working on the "NSA builds backdoors into encryption" story had contacted him for comments and, because they didn't reveal too many details, he was concerned about coming off as too paranoid or too much of a "crank." However, after the details came out, he realized he "wasn't cranky enough."
Oddness aside it was a fun (if brief) set of conversations, mostly involving hypotheticals. If the NSA could do this, how might they do it? What would the impact be? I admit that at this point one of my biggest concerns was to avoid coming off like a crank. After all, if I got quoted sounding too much like an NSA conspiracy nut, my colleagues would laugh at me. Then I might not get invited to the cool security parties.

All of this is a long way of saying that I was totally unprepared for today's bombshell revelations describing the NSA's efforts to defeat encryption. Not only does the worst possible hypothetical I discussed appear to be true, but it's true on a scale I couldn't even imagine. I'm no longer the crank. I wasn't even close to cranky enough.
He then goes on to explain where the most probable attacks are coming from and what we should be most worried about and what's likely still safe. I had hoped to write up something about the post in general, but today something new came up. Green noted that the Dean where he teaches, at Johns Hopkins, had asked him to remove the blog post from the university's servers. The blog post was cross-posted both to a blog on the university's servers, as well as to Green's personal blog on Blogger. The personal blog post is still up (and now about to get that much more attention for the takedown). He also notes that this "isn't my Dean's fault" though plenty of folks are curious whose fault it might be. For what it's worth, it appears that Hopkins has a close relationship with the NSA, and the school really isn't that far from the NSA's headquarters.

Either way, for a whole variety of reasons, demanding the blog post be taken down seems fairly pointless. Not only will it draw much more attention to the original post, it now creates additional scrutiny towards Johns Hopkins as to why it's stifling the speech of one of its professors on a key topic of public interest.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 11:52am

    Who's to say that the NSA didn't force financial leverage on Johns Hopkins?

    I mean, given the revelations thus far, I wouldn't put it past those rat bastards.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    ChurchHatesTucker (profile), Sep 9th, 2013 @ 11:54am

    Not surprised

    There's a whole lot of Secret Squirel Stuff going on at the Hop. It also has a ton of International faculty/students. This could get interesting.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    Internet Zen Master (profile), Sep 9th, 2013 @ 12:01pm

    Hmm...

    At a glance, it looks like John Hopkins has NSA-sponsored programs that are pretty much training for future cyber-security employees (read: future NSA n00bs). I guess the NSA probably politely asked Hopkins to have their prof take down a blog post that would make hiring new recruits even more difficult. I doubt the NSA wants a repeat of what happened the last time they went out recruiting at a college on a campus that is a hell of a lot closer to home.

    Of course, that's just me making a harmless speculative guess. It would be interesting to find out the real reason though, if it's ever revealed.

    As the Zen Master says, "We'll see."

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Anononymous Coward, Sep 9th, 2013 @ 12:08pm

    Streisanded

    Dear NSA:

    Don't you already have a fairly complete dossier on the keywords "Streisand AND Effect"?

    If so, please study 'correlation and cause' whilst holding up a hand mirror to your face.

    Yours Truly

    The Internets

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 12:10pm

    NSA appears to be trying to bury everybody else head in the sand to make their revealed secrets secret again!

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    Namel3ss (profile), Sep 9th, 2013 @ 12:10pm

    Ah the Streisand effect...

    They just never will learn, will they?

     

    reply to this | link to this | view in thread ]

  7. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Sep 9th, 2013 @ 12:15pm

    All hail the "conspiracy kooks" who turned out to be RIGHT.

    The tide is slightly turning, but took real courage before to go against the masses of placid dolts who just couldn't believe that the gov't is actively evil.

    I'm not bragging personally because not one who's done the work of publicizing info over the last three or so decades, but now clear that it's almost impossible to be "cranky enough" with regard to the surveillance state. It has nearly unlimited money with which to buy research and people.

    But I'm confident that what I believe about Facebook and Google as actual components of the NSA will soon be proven. That's one of the items they really wish to protect, because gives the illusion of not only separation between gov't and corporations, but that there's some varied interests in the society, instead of all under ONE over-arching conspiracy.

    Spying is the main 'business model' of the internet, especially for Google and Facebook.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    gojomo (profile), Sep 9th, 2013 @ 12:16pm

    Maybe also motivated by clumsy DoD site-blocking policies

    Another possibility: the DoD thinks the post is 'dangerous viewing' for troops. So, as when they blocked access to the entire Guardian website (http://www.techdirt.com/articles/20130627/22485123649/defense-department-blocks-all-web-access-to-g uardian-response-to-nsa-leaks.shtml), they will be blocking any *.jhu.edu domains that host it.

    But, those same domains may include other information that the DoD/troops need (and have "paid for" in research grants and joint programs). Hence, because (like early versions of China's firewall) their censoring tech is crude and whole domain/IP-address oriented, they pressure JHU to segregate content for troop-friendliness.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 12:21pm

    "wasn't even close to cranky enough."

    I have similar feelings when I see conspiracy nuts come by and claim something. Then I hit them with a newspaper and go
    "Whatever you just said was less crazy than what's being confirmed as true facts right now!"

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 12:25pm

    NSA: Hey, if we can't even find evidence of terrorists in all our data to prevent the Boston Bombings then there's NO WAY the Internet will find Matthew Green's posts criticizing us if we make him take it off the John Hopkins server.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Internet Zen Master (profile), Sep 9th, 2013 @ 12:31pm

    Re: All hail the "conspiracy kooks" who turned out to be RIGHT.

    Until the Guardian posts an article explicitly stating that Facebook and Google are actually part of the NSA (i.e. part of the government itself) and not just corporations that have been forced (to a certain extent, depending on the company involved.) to reluctantly cooperate with an intrusive government which can make their existence a living nightmare if they wanted, you are still making baseless claims.

    Seriously blue, stop and think for a moment. How many people would have to know about this single giant conspiracy you keep saying exists? Thousands? Hundreds of thousands? The odds of everyone involved being able to keep their mouths shut, or no information leaking out onto the web, are very, very low.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Baldaur Regis (profile), Sep 9th, 2013 @ 12:35pm

    Re: Not surprised

    To the NSA, "International faculty/students" is code for "TERRORISTS!!!!" And "blogger" is code for "LITERATE TERRORISTS!!!"

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Arthur Moore (profile), Sep 9th, 2013 @ 12:43pm

    Re: Maybe also motivated by clumsy DoD site-blocking policies

    Hmm, that's an interesting possibility. Unfortunately, having necessary military information and services sharing the same domain as self hosted websites is just a bad idea.

    I'm aware that different subdomains can be completely separated, but the cost of a domain name is so cheap that it's not worth the potential trouble. The largest reason to not go with a separate domain name is shared hosting. At that point domain names are the least of the universities security troubles.

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Chris ODonnell (profile), Sep 9th, 2013 @ 12:44pm

    You would think that an agency that has already hoovered up all of MIke's email would be familiar with the Streisand Effect.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 12:44pm

    Re: Re: All hail the "conspiracy kooks" who turned out to be RIGHT.

    Hey, I've ALWAYS kept my mouth shut about how the 'G' in 'USG' stood for Goog....oh crap.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    Rikuo (profile), Sep 9th, 2013 @ 12:47pm

    Re: All hail the "conspiracy kooks" who turned out to be RIGHT.

    Can you explain for us just why you're so worried about Google and Facebook? Why it is that you focus so much of your attention and the thrust of your comments towards them? Yes, we know Google and Facebook collect massive amounts of information, information that is WILLINGLY given to them by their users. No-one is worried about what those two corporations can do. They don't have police. They don't have prisons.
    The government does. The government is who is demanding all this information, and will then, inevitably use that information to arrest people, indeed already has what with the DEA having laundered tips they get from the NSA.
    If you're so worried about Google and Facebook having your information and then passing it along, stop using them. Look to other services. There will doubtlessly be new services within the next year or two that have as part of their marketing campaign "Not based or have any ties to the US at all! Free from NSA spying!"

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    Rikuo (profile), Sep 9th, 2013 @ 12:49pm

    Re:

    Ahh but they haven't read Mike's emails, now have they?

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    PopeRatzo (profile), Sep 9th, 2013 @ 1:15pm

    Re:

    "Financial" nothing. After what we've learned, they might have the dean's kids in a cell somewhere.

    I think we've passed the point where there is something - some "red line" - that the NSA will not cross. Torture? Natch. Blackmail? You bet. Setting up a fatal "accident"? Almost certainly.

    Our government has declared all of us the enemy.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Peter Henry, Sep 9th, 2013 @ 1:27pm

    Dean, meet Barbra

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    ChurchHatesTucker (profile), Sep 9th, 2013 @ 3:08pm

    Re: Re: Not surprised

    They got that memo long ago.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 4:43pm

    CYA screwup

    As noted elsewhere, this sort of thing often turns out to be a ham-fisted attempt at CYA by a clueless academic administrator. They never learn. At a guess, someone in the upper reaches of Johns Hopkins is worried about the NSA money spigot, and decided to preemptively lean on the Dean. No specific NSA pressure needed. And of course, it promptly blew up in their face. As both the academic and the Dean in question perhaps hoped.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    SturdyNeuronz, Sep 10th, 2013 @ 6:19am

    Really?

    The internet was formerly darpanet. It's purpose was to link .gov to .edu together (ie: to influence academia). So this is not surprising.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Security Vancouver, Sep 16th, 2013 @ 2:46am

    To censor is never a good thing! To bury, to create secrets... Safety and security are important but here it's very exaggerated !

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    pacifique, Mar 11th, 2014 @ 2:54am

    I think it is very difficult for human being not being under by other people or any organization but the most important is how to adapt yourself with the new situation .I found a site which gives the better web hosting .The site is http://www.internetbizwebpage.info

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This