UK Asked New York Times To Destroy Edward Snowden Documents; NY Times Ignored Request
from the good-for-them dept
There’s been some back and forth concerning the David Miranda legal fight today and it’s getting fairly ridiculous. The UK government is making some extraordinary claims about Miranda and the encrypted information he was carrying. They claim that some of the information was potentially incredibly damaging to UK national security interests (the same rhetoric we always hear, but is rarely shown to be true) and they also claim that they found a piece of paper on Miranda that allowed them to “decrypt one file on his seized hard drive.” Furthermore, they claim that Miranda (and Greenwald and Poitras) “demonstrated very poor judgment in their security arrangements with respect to the material,” in order to suggest that it might easily fall into dangerous hands.
Of course, there are many reasons to suggest that this is all hogwash. The choice of wording from the UK government is pretty precise. Note that they don’t actually claim they’ve unencrypted any of the Snowden files. They make two separate claims in succession: one is that there were 58,000 documents that Miranda had and then, separately, that he had a password that allowed them to get into a file on his drives, and then they use that to insist that there was poor security. But they don’t reveal what that one file was, nor do they admit to having figured out what was actually on the drives. Glenn Greenwald says that it’s a flat out lie that Miranda had a password on him that would allow anyone to decrypt the documents (suggesting any password he might have had on him was totally unrelated). Greenwald also mocks the idea that Poitras’s security was “sloppy,” since it appears that the UK hasn’t yet been able to figure out what was actually on the hard drives.
However, the strongest response to all of this comes from The Guardian itself, who reveals that after the Prime Minister’s office ordered them to destroy hard drives, the Guardian told the UK government that the NY Times and Pro Publica also had copies of all of the documents related to the UK spying by GCHQ… and the UK government didn’t seem particularly concerned:
“The government wanted the judge to believe that they have at all times behaved with the utmost urgency because of a grave threat to national security represented by newspapers working responsibly on the Snowden documents and their implications for society,” he said. “But for most of the time since early June little has happened. On July 22 the Guardian directed the government towards the New York Times and ProPublica, both of whom had secret material from GCHQ. It was more than three weeks before anyone contacted the NYT. No one has contacted Pro Publica, and there has been two weeks of further silence towards the NYT from the government. This five weeks in which nothing has happened tells a different story from the alarmist claims before the court. The government’s behaviour does not match their rhetoric in trying to justify and exploit this dismaying blurring of terror and journalism.”
This leads to an even more mystifying situation, in which (as noted above), weeks later, UK officials asked the NY Times to destroy the documents, and the NY Times basically ignored the request entirely:
The British government has asked the New York Times to destroy copies of documents leaked by former National Security Agency contractor Edward Snowden related to the operations of the U.S. spy agency and its British partner, Government Communications Headquarters (GCHQ), people familiar with the matter said.
The British request, made to Times executive editor Jill Abramson by a senior official at the British Embassy in Washington D.C., was greeted by Abramson with silence, according to the sources. British officials indicated they intended to follow up on their request later with the Times, but never did, one of the sources said.
Ah, freedom of the press. Either way, this suggests that the UK’s arguments against Miranda are just misleading FUD designed to paper over the thuggish behavior of detaining Miranda in the first place.
Filed Under: david miranda, ed snowden, encryption, first amendment, freedom of the press, glenn greenwald, jill abramson, national security, uk
Companies: ny times
Comments on “UK Asked New York Times To Destroy Edward Snowden Documents; NY Times Ignored Request”
HEY
new york tmes can i have a copy , i am a hacker group in canada….and we wont destroy shit…let the fucking uk govt tangle with us….no really
they would wake up tomorrow and there would be 3300 people with encrypted copies
Re: HEY
You are a group of people? Sure you’re not just touched in the head?
Re: Re: HEY
Maybe that AC has an MPD and each persona works on a different aspect of hacking.
Re: Re: Re: HEY
It’s actually called Dissociative Identity Disorder now.
The more you know!
Since the info is with the NY times and some of that information has to do with the NSA (presumably the U.S. is partly behind why the UK wants to delete it) then it stands to reason that it’s the U.S. government’s responsibility to go after the information and the U.K. can’t do anything to please the U.S. here.
Perhaps the information could find asylum in some Russian press or something.
Re: Re:
If i recall it correctly Greenwalds reaction to the UK detaining Miranda was “Well, we can publish stuff on the UK aswell”. Shortly after that The Guardians harddrives were killed off.
Take it back a step
These “Documents” that are supposedly on David Miranda’s computer came from where? Apparently from a Guardian source, or more specifically Ed Snownden. So by inference, the NSA has copies of highly sensitive UK government documents
Before lashing out, shouldn’t David Cameron look deeper into the original source of these highly classified documents, if they exist at all?
Re: Take it back a step
shared intelligence gathering amongst certain close allies, (oddly enough, the white english spekaing ones mostly) is the norm. they spy on our citizens for us, we spy on their citizens for them, it’s one big happy family of spies
If you look at the statements of the UK police they are tailored to justify:
1). The detention of Miranda for 9 hours under Schedule 7 of the Terrorism Act 2000.
2). The confiscation and continued holding of Miranda’s electronic possessions beyond the 7 day limit.
3). The inspection and analysis (and sharing with NSA if I may be so bold in suggesting this) of the contents of Miranda’s hard drive. This is being done despite the temporary injunction which restricts examination and analysis of the hard drive, unless:
a). For the purpose of the protection of national security, including by preventing or avoiding the endangering of life of any person; and
b). For the purpose of investigating whether Mr Miranda is a person who is or has been concerned in the commission, preparation or instigation of acts of terrorism.?
4). Bringing charges against Miranda under either the Terrorism Act 2000, section 1 of the Official Secrets Act 1911, or various offences under the Official Secrets Act 1989.
You can already see how the police are stretching the truth to cover their need for justification. This is why you see some very odd things.
-How do the police know there are 58,000 Documents. The hard drive is encrypted with TrueCrypt. I am guessing that full disk encryption wasn’t used. However, one would encrypt an entire volume(s) containing the secret files. Unless you are able to decrypt the volume you cannot know the number of files within that volume.
-The 58,000 file are all characterized as, “highly classified UK intelligence documents.” They are saying they all originate with the UK despite the fact that these are, supposedly, the NSA documents that Snowden leaked.
-The police and GCHQ have supposedly decrypted 75 of the 58,000. But they are not specific about what these files are. Are they even related to the NSA leaks? Greenwald has denied that they have been able to decrypt any of the secret documents. Remember that even the UK police say they haven’t decrypted most of the hard drive. If all the secret documents are contained in the same TrueCrypt volume, then none have been decrypted.
-There is a claim that some of those document contain information that “would do serious damage to UK national security and ultimately risk lives”. How would the UK police know this if the secret documents have not been decrypted?
-There is an emphasis on the password that was written down on a piece of paper in Miranda’s possession. Greenwald denies that this was a password related to encryption of the secret documents. The UK police want to show how sloppy and reckless Miranda, Poitras, and Greenwald have been in protecting the documents from terrorists. All the police need to do is convince a judge, who may not be well versed in the finer points of cryptography, of this sloppiness.
Re: Re:
The 58,000 files
From the statement to the court, GCHQ determined that it was possible that Snowden had accessed up to 58,000 files. Robbins then states that the information from the one decrypted file showed that there was, roughly, a similar number of files on the hard drive. From this he concludes there are 58,000 highly classified UK intelligence documents on the hard drive.
These guys aren’t dumb, they know you can’t reason like that. Just who do they expect will accept that sort of logic?
Re: Re:
I for one will laugh my tits off if somehow the UK police are able to decrypt the 58,000 documents and ALL of them turn out to be hardcore porn videos…..
That would outclass Prenda for funniest story of the year so far..
One time key?
What if Miranda were simply carrying a one-time key?
That has no small amount of value to Greemwald
You can be sure that the info on those drives, encrypted or not were copied and sent long before David ever left the airport holding area.
This is going to work out very similar to Kim Dotcom’s affair. The info was copied and sent via UPS before the data even got out of the police’s hands in New Zealand. The judge made an issue of saying the US had to return that data and it never did and it isn’t going to.
The time to act to get that data was right then before any courts could make any rulings or any part of government could countermand it.
As long as Miranda’s laptop wasn’t used to access any of the TrueCrypt volumes, then the GCHQ probably doesn’t have anything to go on.
If Miranda’s laptop was used to access file on the TrueCrypt volume(s), then there’s a high probability of evidence being left behind. Evidence in the form of OS and application history logs.
Windows and Linux OS’s, and most applications, leave behind traces of files that have been recently opened.
– Recently Opened Files leaves behind a history of the last 20 or so files recently opened
– Microsoft Word saves unencrypted versions of ‘drafts’files, currently being worked on. Unless the whole operating system itself, is encrypted.
– Windows Registry entries are created when opening files and mounting drives which provides a log for forensic personal to analyze.
– PDF software applications usually store their own, seperate ‘history’ of the most recently opened documents.
So as long as Miranda and Poitras didn’t used the seized laptop’s operating system to view any of the classified documents. Then they’re probably alright.
If they did though, then the GCHQ probably has a log of encrypted filenames that were opened using that laptop.
GCHQ probably can’t decrypt any of the TrueCrypt volumes, but they might have a log of some filenames that were opened on that laptop.
Either way, it seems like Governments around the world are attempting to slander the reputation of journalists, by attempting to undermine their security skills.
These Governments don’t really have a leg to stand on when it comes to ‘system security’. I love how they start preaching about ‘system security’, when it’s their insecure systems which started this debate in the first place.
I think the real underlying issue here is the fact Governments are attempting to turn journalists into criminals. They’re basically stating, any journalist who leaks or has in their possession classified information, is a danger to ‘national security’ and is therefor a criminal.
That’s what this is really about. Criminalizing journalism.
Re: Re:
It looks like the UK police and GCHQ only have the number of files, if they really do have that information. If they had any filenames they might well have one that originated from GCHQ. Instead, they went through a ridiculous twist of logic to conclude there were 58,000 files from GCHQ but cannot point to a single one.
You are correct about the traces left from applications. I believe that, not only Poitras but Greenwald would have been brought up to speed on such vulnerabilities and avoided opening files on a laptop used for traveling. One potential trace that you missed is the indexing of volumes that occurs at least on Windows OSs. The indexes are stored permanently and are used to optimize searching. I use PGP software to encrypt volumes and I can’t remember offhand if I had to manually opt-out of indexing for mounted volumes. The PGP software may have restricted the OS from indexing those volumes while they are decrypted. I have actually disabled indexing entirely for this very reason. I was wondering if this is how the UK police came across the number of encrypted files, however, I believe this would have given them the filenames as well.
Re: Re:
I am not sure it is about criminalizing journalism yet. There has been intimidation but it remains to be seen whether criminal charges are ever brought by the UK concerning anyone who has ever possessed files from the Snowden leaks. What is scary about the statement brought before the court is that they explicitly talk about potential charges against Miranda. The same rational can be used on anyone who possesses documents from the Snowden leaks. That includes Greenwald, Poitras, and numerous individuals at the Guardian. They did not arrest anyone at the Guardian. Nor did they confiscate the computers at the Guardian that contained the leaked files. Maybe they will start arresting people in the future but I don’t think that will go over well with the public. What is wrong is that a law exists that is vague enough to allow such arrests or even the threat of arrests to intimidate journalists. At least the U.S. has stronger protections for freedom of speech.
Re: Re: Re:
It is about criminalizing journalism, even if it may not have reached the level of legal prosecution yet. These actions merely reinforce the notion among a growing number of people that the mainstream press is no longer about journalism but is slowly becoming little more than a public relations arm of local governments (who themselves are merely becoming local administrator for the large megacorporations – who not surprisingly, own most of the mainstream media outlets).
The witness statements
For reference, here is a link to the full pdf of the witness statement by Oliver Robbins, the UK Government’s intelligence advisor. (Posted by Carl Gardner on his Head of Legal blog)
There was also a separate withness statement by Caroline Goode for the Metropolitan Police, which says that so far they have only been able to reconstruct 75 documents. Here is the summary of her witness statement from the Daily Mail:
Re: The witness statements
Ooops… Didn’t notice that Mike had already included the Robbins statement at the end of his blog. Apologies!
Re: The witness statements
Is it me or does that sound like one of 2 things:
1/ “We’re bullshitting”
or
2/ “In the time we’ve had this harddrive, we’ve managed to brute-force decrypt 0.1% of the data by throwing absolutely everything we’ve got at it so obviously it’s insecure… right?”
This, as is the case with virtually every series of articles associated with the information taken from US Government records by “Father Teresa” Snowden, once again carries through with giving nary a thought to the real possibility that the US and foreign governments might just be raising very legitimate concerns that could, contrary to the group think so prevalent here, actually harm to varying degrees its and its allies national security.
Using but one recent example, while there may be information in the recently disclosed “black hat” budget involving at least the CIA and NSA of interest to persons within the US and its allies, it is really wise to lay open information readily accessible to their enemies that describes areas where these agencies are devoting substantial amounts of resources. Before the disclosure they could only guess. Now they know for sure and can use that information to act accordingly.
I readily agree that overclassification of government documents is rampant. However, to use this as a justification for the willy-nilly disclosure of information, much of which has certainly been properly classified, is simply wrong and the persons doing so should be soundly and resoundly criticized.
Re: Re:
If terrorism scares you this much you must be terrified to drive a car.
Re: Re:
If they are really worried about that, then offering free basic security lessons to journalists and their staff might be a really great idea.
But I guess declaring them terrorists and arresting them works too.
Re: Re:
And the warrantless and continued snooping into the private lives of hundreds of millions of innocent people the world over should also be equally and continually criticized.
This spying power has grown far beyond absurdity. There is no justification for this. None.
Don’t give me the “but, but terrorists!” excuse. The terrorists have already won! Terrorists kill people, for sure, but their larger aim is to strike fear into the hearts of millions of people more because they know they can’t kill everyone. They’ve succeeded with the fear years ago. But, most people don’t think much about it after a time and it dissipates. However, it doesn’t dissipate in governments the world over who use that fear to try to justify the trampling of the rights of millions of people. And this is all designed to keep the people under control and to make rich a few people who have a financial incentive to see the spying continue.
You guys aren’t protecting anyone except your own wallet.
There is a large group of people around the world who are infuriated by governments ability to spy on ordinary people. If that is considered group think, then I proudly wear my group membership badge.
Re: Re:
Then perhaps they should stop fucking honeypotting could-be-terrorists.
Jesus, this isn’t exactly trying to disprove Pythagoras or proving non-Euclidean geometry in a non-insane way.
Furthermore, they claim that Miranda (and Greenwald and Poitras) “demonstrated very poor judgment in their security arrangements with respect to the material,” in order to suggest that it might easily fall into dangerous hands.
Some could argue that the material was poorly secured and was in dangerous hands before Snowden, Greenwald, Poitras, and Miranda had it.
Encryption is easy.
The UK government is pretending that they’re testing to see if Miranda’s data storage was well-engineered enough. But let’s not forget that proper encryption is easy if you’re just carrying data.
For example, he could have done this:
* Greenwald in Brazil generates public/private key pair using open-source software (available in any linux)
* Greenwald mails/IMs his PUBLIC key to Miranda in Scandinavia
* Miranda encrypts data with public key
* Miranda can now carry the data, without being able to unencrypt it himself (he doesn’t have the private key) nor can anyone else (again, private key needed)
* After arriving in Brazil, if needed, the private key Greenwald has on his pc, can be used to unencrypt
http://en.wikipedia.org/wiki/Public-key_infrastructure
Bonus points for additional security (bordering on paranoia):
* Verify by phone (recognizing Greenwald’s voice) that public key arrived correctly and hasn’t been altered/swapped in transit over the internet
* Generate public/private key on a pc NOT CONNECTED TO THE INTERNET, only transfer the public (not the private!) key to a PC with email using usb stick, or better: by typing.
* All done, can’t think of extra safety to add
Interest
“They claim that some of the information was potentially incredibly damaging to UK national security interests (the same rhetoric we always hear, but is rarely shown to be true)”
Oh it is true. Whenever these types mention security interests they are talking about the security of billions of dollars of public money going into their bank accounts with no oversight.
Re: Interest
Yeah, what they meant was “Some of the information is potentially incredibly damaging to UK national security apparatus.”
The NY Times should have cooperated and hoped for a chance encounter with the NSA. The NSA came for me once and I’m much happier now. When it’s time, the NSA will come for you too.
It could be he had a TrueCrypt volume on the drive, with a hidden TrueCrypt volume inside. He carried the password to the outer volume (containing innocent files) for plausible deniability, as UK can threaten with arrest for not handing over a password, while not having the key to the hidden volume at all. Makes sense with Greenwald’s statement about having multiple passwords.
http://www.truecrypt.org/docs/hidden-volume
The UK goverment does realize
That the NYT is the paper that broke the whole story on the Pentagon Papers, right?
I’m wondering if the New York Times‘ reaction to the UK government’s request by their paper’s legal team was a combination of “you’re kidding right?” and struggling not to burst out laughing in the UK official’s face.
Of course time erodes memories.
It’s pretty obvious they thought that was a one-time event..and that they don’t understand the precedent setting ruling issued by the Supreme Court in that case.
Yeah, after they left their calling card, I’m sure that the editor called everyone in for a conference and said:
“Pass the whiskey, ladies and gentlemen-for we have another stupid government request to destroy documents!”
There upon the entire building erupted in sound-shattering laughing that went on for hours.
They claim that some of the information was potentially incredibly damaging to UK national security interests
Using the dictionary these guys are using I think it is very plausible to state that national probably means government and security means self-preservation. Which would mean that above sentence would read:
They claim that some of the information was potentially incredibly damaging to UK government self-preservation interests
That sounds a LOT more accurate.
“One potential trace that you missed is the indexing of volumes that occurs at least on Windows OSs. The indexes are stored permanently and are used to optimize searching.”
Excellent point! I forgot about file name indexing services. If an encrypted volume was mounted, with this service enabled, then this might be how GCHQ is coming up with the 58,000 number.
To be honest, I’m surprised that the US government hasn’t mounted a commando-style raid on the New York Times to go in and find everything they have from Snowden. It’s not like it would be out of character for them…
It would also be illegal.
The Constitution has several amendments that rather frown on it:
The First Amendment-Freedom of Religion, Press, Expression
The Fourth Amendendment-Search and Seizure
And of course this little item:
http://en.wikipedia.org/wiki/New_York_Times_Co._v._United_States
Just because the government wants to do something illegal so badly that they can taste it, does not mean they can get away with it, despite what the NSA thinks.
Re: Re:
“It would also be illegal.
The Constitution has several amendments that rather frown on it”
Based on recent history, our government doesn’t give a rip. The Constitution is just a speed bump.
UK National Security
Clearly what just took place in the House of Commons shows that British National Security has been threatened by Public Knowledge of GCHQ Extra-Legal Intel Activities
Though perhaps this Threat is more to the Political Durty Secrets Department