The Deeper Meaning Of Miranda's Detention And The Destruction Of The Guardian's Hard Drives

from the deny-and-disrupt dept

As many have already observed, the detention of David Miranda comes across as an act of blatant intimidation, as does the farcical destruction of the Guardian’s hard drives. But something doesn’t ring true about these episodes: spooks may be cynical and ruthless, but they are not generally clueless idiots.

They would have guessed that Miranda would not possess the keys for any encrypted files that he was carrying, so seizing his equipment simply left them with a bunch of ones and zeroes that they were unable to read (unless strong encryption has been broken and we don’t yet know about it). Equally, they would have assumed that the Guardian had made backups of its files on the hard drives, so destroying them was literally quite pointless. What’s really going on here? A brilliant post by author Barry Eisler, who used to work for the CIA, offers perhaps the most plausible explanation so far:

The purpose was to demonstrate to journalists that what they thought was a secure secondary means of communication — a courier, possibly to ferry encrypted thumb drives from one air-gapped computer to another — can be compromised, and thereby to make the journalists’ efforts harder and slower.

The same is true for the destruction of the Guardian’s hard drives:

The point was to make the Guardian spend time and energy developing suboptimal backup options — that is, to make journalism harder, slower, and less secure.

What is particularly chilling, as Eisler notes, is that this technique is not new:

Does this sort of “deny and disrupt” campaign sound familiar? It should: you’ve seen it before, deployed against terror networks. That’s because part of the value in targeting the electronic communications of actual terrorists is that the terrorists are forced to use far slower means of plotting. The NSA has learned this lesson well, and is now applying it to journalists. I suppose it’s fitting that Miranda was held pursuant to a law that is ostensibly limited to anti-terror efforts. The National Surveillance State understands that what works for one can be usefully directed against the other. In fact, it’s not clear the National Surveillance State even recognizes a meaningful difference.

The US and UK governments’ equating of journalism and whistleblowing with terrorism is becoming clearer by the day.

Follow me @glynmoody on Twitter or, and on Google+

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The Deeper Meaning Of Miranda's Detention And The Destruction Of The Guardian's Hard Drives”

Subscribe: RSS Leave a comment
theskyrider (profile) says:

The best way around both.

Take your information and throw a big encrypted wrapper on it (truecrypt volume) and upload it to usenet. from there, any person in any country could download the file, but only those who hold the keys can unlock the file.

Not only that, but usenet would serve as a free online backup for the file, and you could download it later. This is easier than a cyberlocker, and it would be held for three years plus on the servers, effectively for free.

Your only problem would be DMCA complaints against the file, taking it off the servers faster than you can say “Peter Piper picked a peck of pickled peppers.”

(Just thought of this: Ideally put three wrappers on the files, just to hamper cracking efforts.)

Bergman (profile) says:

Re: The best way around both.

Two other things you should also do:

Don’t just upload sensitive files, also upload things like core dumps and the complete works of Shakespeare. All massively encrypted like the actual files you want to transfer. Don’t just keep them guessing, keep them BUSY.

Upload things that they don’t WANT to decrypt — things that they’re not supposed to know (courtesy of Wikileaks, for example) and disgusting image files (clown or midget porn, anyone?).

Naturally, use different keys, encryption algorithms and all for each file, and perhaps make the ugly stuff easier to open, heh.

Can you imagine the horror of them seizing a computer, discovering it contains 50,000+ encrypted files…and 99.99% of them are things they will wish they could un-see?

art guerrilla (profile) says:

Re: The best way around both.

disagree, the ‘best’ method, is simply to expose ALL OF IT, totally unredacted…

THEN what are the spooks going to do ? ? ?

I REFUSE to believe the bullshit that these revelations would endanger untold _____(dozens ? hundreds ? thousands ?) of spooks, spook-lites, and spook informants/etc who are doing dirty works…

GOOD, expose them all, run the evil pukes out of town, and/or some/all get killed ? cry me a fucking river, THEY are RESPONSIBLE -directly and indirectly- for the deaths OF MILLIONS, and i’m supposed to be contrite because BAD GUYS (so what they are ‘our’ bad guys?) get -probably RIGHTEOUSLY- killed for doing their dirty deeds in the dark ? ? ?

no, golden rule them: THEIR mantra is ‘kill’em all, let dog sort’em out…’ okay, assholes, we’ll do the same to you, then, how is that shoe pinching on the other foot, evil spook slime ? ? ?

i’m sick of the whole mess, they DESERVE whatever bad karma comes there way; it is not OUR job to protect secret spooks doing evil…

art guerrilla
aka ann archy

Loki says:

Re: Re: The best way around both.

Actually, rather than intimidation as many people think, I believe that THIS is exactly what they are hoping for. Look at it this way, as Tim pointed out in another piece, the current cycle works as such.

1. Leak reveals evidence of NSA overreach or wrongdoing.

2. NSA issues statement explaining how leak is being misinterpreted or is an aberration.

3.NSA attends hearings and issues statements declaring it doesn’t abuse its power. (Frequently qualified with “not under this program.”)

4. New leak reveals evidence of NSA overreach or wrongdoing, proving NSA’s most recent statements were pretty much “incomplete lies” or “least untruthful” answers.

5. Repeat.

This not only gives people time to process the information, but it also helps keep the story in the news cycle.

If you just data dump everything, the press, in an effort to one up each other will flood the media with more information than people can easily process, and try to post the most egregious violations, leaving perhaps less damning but otherwise important information overlooked.

Our Short Attention Span Theater stricken society will be momentary outraged by revelations they don’t totally comprehend (due to the massive amount of data involved), and rather than taking the time themselves to comprehend it properly (unless it is spoon fed to them) it will be quickly forgotten the minute the next “Miley Cyrus” outrage comes along.

Anonymous Coward says:

“…unless strong encryption has been broken and we don’t yet know about it”

Yes, the encryption cipher was probably strong, but that doesn’t mean the user password was equally strong. A Cryptologists will always attempt to break a password first, instead of the encryption cipher’s mathematical algorithm itself.

For example, most ciphers are 128-256bits in strength. If a user chooses a password that is 16 characters in length, then the password only has around 16bits of strength.

2^16 = 65536 possible password combinations to break the password. The NSA can probably chew through thousands of password attempts per second. Probably much, much more attempts per second, unless key stretching is used. Such as bcrypt, scrypt or pbkdf. In order to slow down password guessing attempts using multiple hashing rounds on the password.

The fact Greenwald and Poitras seem to be using the sneaker net (transportation of information using tennis shoes), this leads me to believe they were worried about their cryptographic capabilities.

Thus, I’m forced to assume there’s a high probability their password lengths were far shorter than 128-256 characters long. Not to mention a fully random password with that is impossible to remember. Otherwise the password will be low on entropy (randomness).

I hope I’m wrong about all these assumptions. I really do.

As to why the UK and US Governments detained Miranda and stole his digital devices. I believe it has less to do with intimidation, and more to do with the UK and US Governments wanting to know what documents Snowden downloaded.

It’s already been stated multiple times the the US Gov. has no idea what documents Snowden, and the media, are in possession of. The US Gov. is finding it very difficult to lie to the American people about the NSA’s unconstitutional spying capabilities.

The moment they make a false statement in public, a new leak comes out contradicting the lie they just made. That has to be embarrassing.

The US Gov. wants to know what those documents are, and they probably figured Greenwald and Poitras’ cryptographic skills were weak enough that they’d have a shot at breaking their weak passwords to see what documents they’re up against.

Like I said, I hope I’m wrong about all this. All the circumstantial information seems to be pointing towards this though.

As for the UK Gov. destroying the Guardian’s hard drives. That was indeed meant to intimidate media organizations. There’s no other explanation for that barbaric move.

Anonymous Coward says:

Poitras is supposed to be pretty adroit at security

Bruce Schneier comments someplace that Greenwald was pretty naive about security, but that Laura Poitras was quite competent. The package in question was heading from P to G, so I expect the crypto was good.

Which suggests that the crypto was not broken, and when the UK govt described to the court the GCHQ documents Miranda was allegedly carrying, they might have been lying. Presumably to FUD G&P, but judges don’t usually like liars.

JH says:

Re: Poitras is supposed to be pretty adroit at security

There are a couple of comments from Greenwald today under his latest blog piece for the Guardian, discussing court filings made by the UK Government yesterday:

Were the files David was carrying encrypted and if so it seems they were decrypted by the UK security services?

Yes, they were encrypted. And no: they haven’t been able to get access to those documents, as they acknowledged today.


In their court filing. I don’t know the exact numbers, but they said they were only able to access something like 75 documents of the tens of thousands they claim he was carrying – and I’d be willing to bet those 75 they claimed they access have absolutely nothing to do with NSA.

— so the anon @ 6:06am may indeed have been right, when he wrote that “The package in question was heading from P to G, so I expect the crypto was good. Which suggests that the crypto was not broken, and when the UK govt described to the court the GCHQ documents Miranda was allegedly carrying, they might have been lying. Presumably to FUD G&P, but judges don’t usually like liars.”

On the other hand, for tinfoil hat brigade, maybe it is now that the UK Govt is dissembling, to downplay its proficiency at decryption…

It will be interesting to see what the judges make of it.

Techdirt Lurker says:

Re: 95^16?

don’t bother hurting your brain thinking about cryptography when you can’t even grasp fundamental concepts of how to use a calculator. hint: the 31 denotes how many times you move the decimal to the right in 4.4012667

also, if you weren’t aware, google can be used for more than finding horse porn:

sorry if i come off as an a-hole here, but i have no patience for people actively trying to remain ignorant when the worlds largest repository of information is literally at their fingertips.

Some Guy says:

Re: Re: 95^16?

Did you miss the part where he entered the numbers into Google?

And why would he search for “what does e+number mean on calculator“, when he wasn’t using a calculator?

A more logical search would be simply “what does e+number mean”, which, when I try it, returns a description of the European Union’s system of codes for food additives.

The guy (or girl — apologies for assumption about sex) did try “the worlds largest repository of information” as far as he could; and when he got stuck and turned to the community for help, you were a jerk to him.

Way to spread enlightenment, dude.

Anonymous Coward says:

Suboptimal backup options?

If they had all the data in a single place, where a single accident (for instance, a fire) can destroy it, that is a suboptimal backup option.

By forcing them to destroy the data that was kept in a single location, they make the Guardian (and everyone else who is watching) spend time and energy developing a better backup option. That is the opposite of making them develop a suboptimal backup option.

Shon Gale (profile) says:

None of these government(s) will ever give up any of their power base to the people of their country. You can vote until you are blue in the face and you will never change a thing. Presidents change, Prime Ministers come and go, Kings and Queens live and die, but the policing and security structures always remain the same and are promoted from within. In other words these people don’t work for you. They work for their power base, for their control.
Remember we warned all of you during and after the Vietnam war about the lock they have on everything now. Remember we warned you about Big Brother, well he is here and he is watching and he is controlling the money, the power and your entire life. When we complained they gave us inflation.

Anonymous Coward says:

Quoted from Wikipedia:

“NIST Special Publication 800-63 suggests the following scheme to roughly estimate the entropy of human-generated passwords:[2]

The entropy of the first character is four bits;

The entropy of the next seven characters are two bits per character;

The ninth through the twentieth character has 1.5 bits of entropy per character;

Characters 21 and above have one bit of entropy per character.

A “bonus” of six bits is added if both upper case letters and non-alphabetic characters are used.

A “bonus” of six bits is added for passwords of length 1 through 19 characters following an extensive dictionary check to ensure the password is not contained within a large dictionary. Passwords of 20 characters or more do not receive this bonus because it is assumed they are pass-phrases consisting of multiple dictionary words.”

Using the above NIST calculation, a 16 character long password has at best.

4+2+2+2+2+2+2+2+1.5+1.5+1.5+1.5+6+6=36bits of entropy.

That’s assuming the password does not contain any words found in a dictionary (+6bit bonus). Contains both uppercase and lowercase letters, plus non-alphabetic characters are used (+6bit bonus).

Just for fun, let’s say the NSA has a really slow supercomputer at their disposal. One which can only make 71,000 password guesses a second against a Bcrypt hashed password. Such as this homemade 25-GPU cluster computer.

The calculation of time needed to break our 16 character password with 36bits of entropy would be.

Total guesses:
2^36 = 68,719,476,736

71,000 guesses a second:
68,719,476,736 / 71,000 = 967,879 seconds to break password

Convert 967,879 seconds into minutes:
967,879 / 60 = 16,131 minutes to break password

Convert 16,131 minutes to hours:
16,131/60=268 hours to break password

Convert 268 hours to days:
268/24=11 days to break password

Usually it only takes around half the total number of guesses before the password breaks.

Total number of days divided by two:
11 / 2 = 5.5 days to break a 16 character password that has a high entropy, using a home built civilian PC.

What kind of supercomputers do you think the NSA has at their disposal? Maybe something along the lines of…

Titan Supercomputer Specs:

18,688 AMD Opteron 6274 16-core CPUs

18,688 Nvidia Tesla K20X GPUs

Total Power Draw: 8.2 Megawatts

That’s a tad more powerful than a 25-GPU civilian computer. If the NSA is you adversary, I’d recommend really long passwords. Double or triple encrypting a file, with at least two or three different sets of passwords would be a wise move too.

Davey (profile) says:

This is going to sound corny, but...

The parallels between this saga and the movie Firefly are troubling. The Powers That Be haven’t yet learned that they can’t stop the signal and are still trying to keep a lid on the story. They’ll lose.

The big difference is that they’re turning the entire world into Browncoats. Mal would be proud.

Anonymous Coward says:

Postal service

If you really want to be anonymous, follow the same methods de Beers uses to send diamonds, the postal service.

A thick, stiff card with a thank you note written on it could easily contain a microSD card. Posted from a letter box and arriving at a post office for ‘general delivery’ or one of those mailing address companies, it would be very, very hard to find. You could even do what check scammers do and have an innocent (but naive) third-party forward the mail.

DB Cooper (profile) says:

While you guys debate the best password , encryptions etc you miss the real question of why this had to happen in the first place. What both Snowden and Manning did was not whistle blowing, It was espionage. These two didnt do it for the public good, they did it to get their picture in the news and it didnt matter who was hurt in the process. The intent on both cases was to harm the US to punish/get even wit it for some percieved wrong the country had done to them. No real whistle blowers will be treated as criminals.

nasch (profile) says:

Re: Re:

What both Snowden and Manning did was not whistle blowing, It was espionage. These two didnt do it for the public good, they did it to get their picture in the news and it didnt matter who was hurt in the process. The intent on both cases was to harm the US to punish/get even wit it for some percieved wrong the country had done to them. No real whistle blowers will be treated as criminals.

Evidence needed for every statement you just made.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...