NSA Tapping UN Isn't A Huge Surprise — But Ability To Crack Video Conferencing Encryption Raises Questions
from the yay! dept
Over the weekend, Der Spiegel broke the somewhat unsurprising news that the NSA had bugged the UN and various EU embassies in the US and had hacked into the UN’s videoconferencing software to be able to get access to such calls. On a first pass, this isn’t all that surprising. As we noted with some earlier leaks, spying on foreign diplomats is just something that countries do. Spying on foreign government officials is very different than spying on the public. Of course, since the NSA insists that it does everything to avoid intercepting communications of people inside the US, I wondered how they could make that claim while directly tapping conference calls from the UN in NY. The answer is likely to be yet another classic NSA twisting of the words to find a loophole. While the UN headquarters are in NYC, “technically” the headquarters are outside of the US and in the control of the UN itself, but with an agreement that it abides by all local laws. This is similar to embassies, which are often treated as if they are the territory of the country that uses them. I’m wondering if the NSA is using that to argue these are fair game, since they’re “outside” the US.
There’s also the issue, as noted in the article, that President Obama has insisted that the spying on people was only done to prevent terrorism — and spying on EU diplomats seems unlikely to have anything to do with terrorism prevention. But, again, spying between government officials is kind of expected, and not quite a huge deal, even if it may present a diplomatic problem for the US.
Much more interesting to me, however, is the snippet claiming that the NSA had figured out how to hack into the UN’s video conferencing software, allowing them to record internal video conferences. In fact, after this was cracked just a year ago, a document was sent around, “celebrating” this:
Furthermore, NSA technicians working for the Blarney program have managed to decrypt the UN’s internal video teleconferencing (VTC) system. The combination of this new access to the UN and the cracked encryption code have led to “a dramatic improvement in VTC data quality and (the) ability to decrypt the VTC traffic,” the NSA agents noted with great satisfaction: “This traffic is getting us internal UN VTCs (yay!).” Within just under three weeks, the number of decrypted communications increased from 12 to 458.
Yay! We can spy on more things! Yay! Either way, I’m curious if anyone knows who provides the UN’s video conferencing technology, because that’s now a much more interesting issue. The suggestion being made that the NSA “cracked” the encryption that was being used could have much wider implications if true — so it would be nice to know what kind of encryption, and what sort of system is being used. Either way, I’m guessing that many in the UN will be seeking out alternative communication methods shortly.