Haystack Situation Looking Worse And Worse: Why Did The State Dept. Endorse This Mess?
from the this-isn't-looking-good dept
A couple weeks ago, we noted that there were increasingly serious questions being asked about Haystack, the high profile app that was being championed in the press for supposedly helping Iranian dissidents use the internet to communicate safely. While Haystack’s founder, Austin Heap, responded to the accusations by calling it “brain dead journalism,” it’s increasingly looking like the real brain dead journalism was in the original stories. The deeper people looked at Haystack the worse it has looked, and various experts have ripped the program to shreds, noting massive security holes in the software which likely placed users at risk.
“The more I have learned about the system, the worse it has gotten,” Appelbaum said. “Even if they turn Haystack off, if people try to use it, it still presents a risk…. It would be possible for an adversary to specifically pinpoint individual users of Haystack.”
Giving the increasing levels of criticism, Heap has announced that the program has been shut down, but others have noted that, not only is it still available, but people are using it without Heap realizing it — which could be quite dangerous if people think it’s safe. The more you read, the more this project sounds like pure hype from the beginning and a total mess in reality. Just take the following resignation letter from the program’s chief developer who, according to Wired, had recently taken a “hiatus” over questions about the way the program was being developed and pushed:
I would like to stress that I am not resigning in shame over the much-maligned test program. It is as bad as Appelbaum makes it out to be. But I maintain that it was a diagnostic tool never intended for dissemination, never mind hype. I did have a solid, reasonable design, and described it in our brief overture of transparency. _That_ is what Haystack would have been. It would have worked!
What I am resigning over is the inability of my organization to operate effectively, maturely, and responsibly. We have been disgraced. I am resigning over dismissing pointed criticism as nonsense. I am resigning over hype trumping security. I am resigning over being misled, and over others being misled in my name.
The whole thing is a complete mess, and it sounds like a situation where some folks were more interested in getting press attention for a very early prototype, which they then pretended was a complete and legitimate product. If you’re making a random blogging tool or some web 2.0 service, that’s fine. When you’re trying to make something that people will rely on so that their government doesn’t lock them up and throw away the key, it’s not.
There is, of course, plenty of blame to go around here, for the lack of more detailed scrutiny from the press and others, but the really stunning part, of course, is that the US State Department specifically endorsed this product. As Evgeny Morozov notes in his blog post (first link above), that’s the true head scratcher:
Just to make it clear: Haystack is not at fault here; the State Department — I am not so sure. Austin Heap can make whatever statements he likes; the government, however, is supposed to treat such statements with due skepticism and think through the political implications of their endorsement of any technologies. All this fast-tracking stuff would surely reflect bad on the State Department if after an independent security review it does turn out that Haystack has severe security flaws, which its testers — or other Iranian uses — may not have been aware of.
And why did Clinton choose to speak about Haystack and not say Tor or any other tool? Also, not very clear. Were the diplomats charmed by all the buzz around Haystack in the media? Possibly. That said, it would be very good to know whether the State Department did ANY analysis/testing of Haystack’s claimed capabilities, thought through how well it could scale in Iran, and whether they may be hurting its users in Iran — current and future ones — by lining up behind them. Were these questions asked and answered?
Comments on “Haystack Situation Looking Worse And Worse: Why Did The State Dept. Endorse This Mess?”
jesus…that’s not just one cockup, that’s a whole series of cockups.
Hmm, bad intel being run with by politicians, causing the deaths of people they’ll never meet. I wish i was surprised.
Things that smell bad usually are
I was interested when I first heard about Haystack. I was interested in helping. But it didn’t take long to curb my enthusiasm. Reading the web site, it just didn’t look like the people running Haystack knew what they were doing. The final straw for me was only distributing the software to people they trusted. It is ridiculous to think that this was really keeping the software out of government hands, and anyone who knows anything about security knows that security through obscurity does not work very well in serious applications. My thought at the time was that the real reason might be that they didn’t want scrutiny of their product. It turns out that may not have been too far from the truth.
I don’t know why this reminds me of the guy who was caught trying to rob a bank and when showed the security video was flabbergasted and exclaimed “But I used the s%&$, how could they see me?!”(the s%&$ was lime juice).
Not the one I mentioned but apparently some robbers believe in invisible spells. I guess they believe Harry Porter is real.
The lemon juice burglar.
The article is about the Dunning–Kruger effect.
This article credits Appelbaum for doing a security audit of Haystack and letting the public know of its shortcomings.
This is good.
Appelbaum also helped set up the security for Wikileaks. Can he tell us publicly if it is 100 percent safe? Or if Wikileaks needs an independant security audit as well?
“Just to make it clear: Haystack is not at fault here; the State Department — I am not so sure. Austin Heap can make whatever statements he likes”… So, it’s not Austin Heap’s fault that he chatted up Haystack as the best thing ever, when it clearly was not? And it’s not Heap’s fault that he helped to lead the State Department believe that Haystack was secure?
"the true head scratcher:"
It’s *entirely* consistent with the obvious intent of US and Israel to attack Iran (on pretext of a non-existent nuclear weapons program) that Clinton and US State Department would endorse this program. It’s difficult to come up with any other possible reason why it got to Clinton’s level. As to its security: they don’t care beans about actual results for Iranian dissidents; they’re as expendable as any other pawns.
If you don’t wise up to obvious machinations, you’ll scratch your head bald.