Bruce Schneier and Edward Snowden @ Harvard Data Privacy Symposium 1/23/15

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

You'd think someone at Harvard could comprehend levels when recording from two separate audio sources.

👍︎︎ 22 👤︎︎ u/roofuskit 📅︎︎ Jan 25 2015 🗫︎ replies

For some reason them using Google Hangouts feels really inappropriate

👍︎︎ 13 👤︎︎ u/ATTENTIO 📅︎︎ Jan 25 2015 🗫︎ replies

If only Snowden's audio went better through. Schneier is easy enough to hear.

👍︎︎ 5 👤︎︎ u/grav 📅︎︎ Jan 25 2015 🗫︎ replies

Good watch. Thanks for the link.

👍︎︎ 5 👤︎︎ u/flipbits 📅︎︎ Jan 25 2015 🗫︎ replies

"I won't comment on anything that is yet to be published"

Fuck you Snowden. If you tell us next year that you have known all along that a commonly used protocol was broken, that would make you complicit.

In my tinfoil days I feel that Snowden is pretty much acting like a controlled leak from NSA would act. He is stealing the steam from wikileaks and revealing nothing of much value.

👍︎︎ 1 👤︎︎ u/keepthepace 📅︎︎ Jan 26 2015 🗫︎ replies

Captions

but as you know our first part of the program is a conversation between Bruce Schneier and Edward Snowden Bruce is one of the world's leading experts on Computer Society who have been extremely fortunate to have visiting here at Harvard as a fellow at the Berkman Center for the Internet and Society for the past year and a half one thing is really remarkable about Bruce is the extremely wide span of the kind of work he does it ranges from mathematical research papers on the design and analysis of cryptographic algorithms to policy engagement by serving on government committees and testifying before Congress and a huge amount of writing about computer security for lay audience through popular articles blog posts and a number of books the latest of which is data and Goliath the new book that is coming out I believe on March 2nd and Bruce will be having a conversation with Edward Snowden who probably needs no introduction but Edward is a former intelligence officer who's served at the CIA NSA and DIA as an expert on technology and cyber security for nearly a decade before the disclosure of classified documents in 2013 while he was a consultant at the NSA last year epic the Electronic Privacy Information Center gave gave Edward one of its champions of freedom Awards for the effect of what he did on transforming the public debate on privacy and we're really thrilled that he could join us today for this conversation by videoconference with Bruce Schneier to talk about surveillance and and tools for addressing it I'm pretty sure that applauses for you not for me well welcome to Harvard goodness thank you thank you very much and I'd like to thank you and Harvard and the Berkman Center everybody ball for the opportunity to speak I have to say the Berkman Center from my perspective during my time with the NSA and every 2013 has always been kind of on the leading edge of these topics and issues and thinking sort of ahead of the curve on the debate so I just want to say thanks for everything thank you so let's start by talking about about cryptography and what can and can't be done I mean to me the biggest surprise in all the NSA documents is the lack of big surprises that we don't see any any any major secret sauce of quantum computers or you know anything that that says they or really any Intelligence Agency can do magical things and to me that's really interesting right III would say it's it's critical and it's important because it reminds us that despite all of the documentation they've seen all of that that outcome of the revelations and everyone's been concerned is that encryption really is one of the few things the mathematics of it when it's properly hanging with it that we can rely on and this is fundamental when we talk about computer security because we've got to have some foundation we've got to have some basis for trust from which we can start building things and when we look at the software typically this was not a reliable but when we look at the stories that have come out and been reported publicly about how the NSA attacks encryption properly implemented encryption does work the hour those of the math are often sound and when they do attack it it's typically through some kind of weakness some sort of shortcut that that sort of reduces the resistance but typically not a clean break there's no magic key than a lock script oh yeah and then it was trying to go around and steal the keys off of the endpoints so there's something in in in the the black budget it was cooked clamors introduction and he has an interesting sentence and I was always I always talked about this he says we are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic so as an interesting quote I mean it doesn't sound like we're hiring a bunch of mathematicians and hoping they get lucky it sounds like you know right we got something in the back room we got the massive computer we got the cool piece of math you know is he just is that just a PR sentence and trying to make whatever congressman and and staffers read that optimistic you know it is what my questions I'm thinking about this so I do they have like a break on our c4 or is this a massive database of SSL keys or is it something against some amateur stuff and what would basically cause more harm because I have a strong and by trusting these decisions to the institutions of the press they can sort of remove that bias and make a more reliable system so I want to get to there but what I will say is that what do you think about government culture yes there is some strong rightness these budget black budget documents are typically the results of budget justification they go around and they ask all the offices you know what are your success is what are the things you can do what are the things you're working on and we can pitch to get one one and this is how ultimately we end up with 75 billion dollar-a-year intelligence in sculpture we have that but when we look at the actual cryptographic accessing methods that have been typically pursued yes there there are some successes there is a lot of success against home-brewed crypto sort of boutique crypto commercial closed-source crypto and critically hardware the mutations in crypto but when we talk about the the real academic open-source peer-reviewed standards things like a yes Blowfish to fish those are pretty reliable and we have seen within the documentation references that indicate that there are certain we saw this in we saw this in some documents of Spiegel released in December that OTR PGP that these are tor that these are open security cryptographic standards that are giving the NSA a lot of trouble so so might we are we are learning that interesting they'll be the black budget it's it's hard to check the numbers but it seems to me it's thirty five thousand people and 11 billion are part of what are called the consolidated Cryptologic program that's the that's dod-wide about four percent of that goes to research and technology that's foreign 240 million so there's a lot of money being spent on the math and i mean i think it's a credit to the math that this much money this much effort whether it's the NSA or China or any other country isn't producing these fantastic results I mean ten twenty years ago we would assume that we in the academic world were a decade behind the NSA in other countries and it seems that that's that might not be true that there is more parity than we thought I I do think the community is much closer to the NSA's understanding of the math today past encrypted you know kind of a black arc along with computer security for decades and decades recently we have seen this sort of capability gap consider it and this is around the world not just within the US community really shrink it's come closer together but this mathematical expenditure I mean it is valuable it does have a payoff in certain respects one of the keys are sometimes governments use their for example the Russian government has their own encryption algorithm standards for protecting their classified data so when we talk about things that are publicly used these are really dangerous and honestly if NSA has some capability against it they should not be using it there should be reporting and enclosing because it actually weakens us the United States and the public internationally around the world if we have or security but if they're using this against sort of again boutique crypto that's only used it sort of adversary contexts this is something that they should be investing heavily in researching when they do have successes there you know I've heard this period after these documents called the second Dark Age of cryptography because again we have a lot of people suddenly not trusting anything building home-brewed stuff the way which is inherently more vulnerable just like we saw in the mid 90s and we didn't know anything and people are inventing their own crypto systems so BIA so what you said is what I think we're learning is that the way again not just the NSA wait everybody gets around cryptography is by getting around the cryptography one of the documents that Spiegel published talked about VPNs now several of them did PPTP is a VPN standard it's insecure I mean I wrote a paper that broke it I think 1998 and here it is still being used and of course it's being exploited I mean not just by the NSA probably by everybody so we do see a lot of these commercial systems that are poorly designed being exploited either you know by by whoever right and what sort of the academic implementation we're talking about practical implementations that work at scale for VPN exploitation we're talking about automation of the detection of it the ingestion of it from the front and collection systems pulling it back sort of to our storage systems where we can keep it forever and the automation of using sort of a gigantic resource analysis to do that in a standardized way where you don't have to have an individual human going and doing all of this it simply just happens in the background 24/7 while the lights are off and it provides them access into store our private watch profit records and this has intelligence of value but also has significant risks to sort of the fabric of the internet in the infrastructure now at the same time we should be relying on its old bad standards that we know we also with encryption one of the things that we've seen is given this sort of Dark Age mentality that you mentioned there are really two risks one is that the algorithm itself could be weak weakness that we are not currently aware of also the implementation could be bad when we get new crypto tools it normally takes a number of years before we know they're robust and eventually they may reach a level where they're sort of compensable for algorithms we don't have that same same standard typically because there's not that many people who can attack them in a credible way which is quite small which is why when we get a new crypto we don't see the doctor for ten years what I wonder is if there's any way we could sort of pull this curve forward by doing research into cascading cryptographic algorithms where we don't rely on a a single implementation a single algorithm at a single bit length but actually use two or three or you know arbitrary number of different cryptographic algorithms that are you you'll see that's sometimes right in in general the algorithm is the strongest piece I mean this is this is what we're learning so whether you know here we are building a wall and now we're arguing whether one post should be a mile hall taller mile-and-a-half tall and in a sense it doesn't matter what we really have to worry about is the rest of the rest of everything so the bad Haitians the the week keys any kind of back doors gonna be inserted in the software and we're seeing a lot of that we I don't remember there was a back door found it wasn't inserted but almost was into Linux a few years ago we don't know who did it it showed up in the code it almost got in now it could have been any government we so that is a much bigger risk I was reading last night some of the documentation on the surveillance arms manufacturers the companies like hacking team RCS that are sold to third world countries that I do much the same things that the NSA does not at the scale but it is hacking into a computer reading the encrypted traffic after it's been encrypted it didn't decrypt it key loggers grabbing passwords and I'm reading what these capabilities are and it's very much the same as the NSA toolkit presumably a Chinese government toolkit and we're seeing this democratization of these techniques well what countries have that I think what the major countries have is is the budgets to do the parallelization at what you said doing it automatically 24 by 7 based on privileged sources on the Internet the Chinese can do that just because of the way their internet works within their country Russia is trying to get the same capability the NSA has a lot so that because so much traffic goes through the United States and and that's something else you said early on that that it's the endpoints that are weak that it's not the data in transit that's weak it's the endpoints which then can break the data in transit so I'm interesting to see that interplay right ultimately comes down to the level of effort that the adversary wants to expend when you're thinking of it from the offensive side you know what I'm going after it's hard you look at the target and you go how can I get them now the reason we see this explosion and masks or badness that we've had between post 9/11 era is because passive is cheap it's easy it's simple if you're a nation-state whether your China or France u.s. whatever if you can go to the telecom providers and there's a lot of plain text out there just pull it off the lines and there you have it you've won sort of you got communication we've got the association's we've got content you've got whatever you need on the lot now the benefit of encryption across the wire is that it makes that much more difficult they have to either attack they have to subvert the typical authorities they have to go after the key material to explain one of the you kind of hinted at this earlier what are the real dangers of the current security model at scale for defenders is aggregation key material if you have a centralized database of keys that is a massive time they'll go after that either remotely or they will send someone to get higher into your organization to develop access eventually exfiltrate that Tyrael because again they don't want to attack the crimpable they don't want to expend computational resources they want to just be able to unlock it like getting parameter that your since the wall is high so rather than go over it they'd rather have it a whole one trip or walk around and something else is happening the United States at least is we have these these legal attempts to get keys so we saw the whole lavabit example where write compulsion where the FBI went to the law the bed went to the courts and said give us the master key we saw this with Skype which something we didn't know for a for a few years we knew that the that microsoft did something to skype to make it more he's dropping friendly we didn't know what and there was a document in in the latest Spiegel a release that talked about it that they redesigned the system so that they had the keys and now the US government can go with a with a FISA warrant and and demand access to the keys for whatever Skype traffic they wanted and reading the the NSA document looks like they got broad access to Skype the the audio and the text and presumably other countries can do the same thing with the companies that they would they have that legal compulsion indiscriminate targeted compulsion whatever that happens but it tells us stories in general they they have three methods for going after these systems that like they've got coercion compulsion and they've got intrude you know they also have bribery right we know that they'll occasionally pay okay fair enough but that's exactly I mean some subversion being what they did with missed the standards organizations where they they will sort of abused the trust that the industry the commercial sector the academics that there has in them in their brand the idea that they're called the National Security Agency so we assume they're going is to tear our communications without necessarily being aware that they have this dual role this to a mission and in the last you know decade plus they have really shifted their focus there are much less defensive organization they've ever been and a much larger much higher portion of their efforts is committed to offense so really if if the NSA is knocking on your door and asking for your help if it's not on a compelled basis where you know there's some kind of court involvement you should really be asking yourself why is this proper is this appropriate and does this serve the public's needs broad am i sort of benefiting and intelligence agency a group of spies a State Security Bureau or am i benefiting the public the country you know actually I want to get back to that later but said I'm going sort of talking more about this way of collecting the data again I think the surprise from the NSA documents is is not a lot of magic so when I was working with the Guardian in October and released the story about tor the the big thing that the Guardian the NSA were negotiating and they didn't want released was quanta there the quantum program which is basically packet injection and what surprised me is how that's not a big secret but well it's you see it everywhere I mean there are hacker tools to do packet injection the Great Firewall of China works on packet injection both finfisher and hacking teams sell packet injection to pretty much any third world country who wants and a lot of the techniques are very democratic Fox acid the big NSA system that does exploiting individual computers looks like Metasploit it's another hacking tool yes it has a bigger budget probably a better user interface certainly better tech supports but this isn't these aren't major differences so I I think we have to start looking at a world where these capabilities are everywhere it's what you're saying it's attack versus defense but these defenses affect everybody because these attack tools are very very common they they are common and the difference again is scale its reach its complexity and it's it's it's resourcing and it's also how they're applied and how we expect them to be applied when hackers are doing this we socially recognized that this is not a public good if it's security researchers doing it to demonstrate a vulnerability that's one thing but otherwise this is this is a criminal act we were not aware that these agencies of broadly were involved in criminal activities and they were I mean these these still are in many cases criminal act is there is no explicit legal authorization for these programs many of these even on to occur in this way they could be there's nothing that say they could be prohibited but if we live you know in a constitutional society where we have a government with specific enumerated powers and there's no authorizing legislation that says hey you can hack these people by impersonating private companies such as LinkedIn that aren't actually from Reuters that's a significant departure and the government agencies both domestically and abroad were aware of this I in fact in the GCHQ we saw that in their own internal classified documents they said they weren't concerned about these capabilities being revealed because it would provide some kind of real security layer with reduce their capabilities it was because they were afraid of a quote damaging public debate they were afraid of the fact that if we knew about this it would enable legal challenges that might change and restrain the way they operate well let's talk about this I think it's interesting it's a notion of risk now one of the differences between passively listening on on a wire and collecting the data and going into the adversaries computer and either grabbing traffic for its encrypted or changing router table so traffic moves to where you can intercept it you know any of any of these more active penetrating techniques is there a higher risk where you have more risk of getting caught larysa getting noticed now depending on who you are whether you're a criminal whether you're a country whether you're a major power you're your appetite for risk who's gonna change it'll depend on who who your target is depending on who you are and one of the things I noticed early on reading some of the documents is how risk-averse the NSA was I was reading the manual for forfox acid and it was I mean it felt like it was a manual design to take an unskilled soldier and turn him into a cyber warrior and it was full of if this happens stop if it looks weird stop if there's a problem stop if there's if decimal chance of you getting caught stop stop stop stop my compare that to let's say a cyber criminal organization operating out of you know someplace in in Southeast Asia there's got a far fewer stop conditions right they'll go and they'll try because maybe they'll get lucky and there's not a lot of risk so when you look at it from the from the from the offensive standpoint right when I'm sitting at my desk at the NSA using these operations you know the chief in one of these offices directing these things again the biggest thing is the fear of life they realize that some of these things again are not and so they've got to be careful not to have these things exposed they don't want it to be revealed and when you're using passive operations you're not leaving long interest it's not gonna follow you home as you said when you switched active operations suddenly you're leaving evidence you're leaving something that could come back to haunt you someday and again the Der Spiegel stories recently they showed that the NSA will intentionally try to make itself look less capable when it hacks somebody to go all this couldn't be these guys don't know what they're doing and they would use sort of cutouts they would use third countries to exfiltrate the data so the hack country Eddie send the data from country in country B so they think country we hacked them and they then they send it home through their sort of expiration back plus their there is a big risk aversion there as well and how the person else managed as you said sort of be the checklists they go through people have this mental conception of tal DNS it's happening the tailored access operations and there are rocks as they call them on remote operation centers and they think these operators these guys are sort of these you know mystical physical hackers on steroids guys these guys are like you know amazing but the majority of them are not necessarily enjoy them but they report of them are junior enlisted military guys they don't have a you know particular training on this that's exceptional they've gone for a couple weeks of training really it's a paint-by-numbers operation and the reason they have so many stop conditions you say it's to limit liability that somebody who may be clever but also may not be so clever leave something behind they get a little phony they go a little beyond their skills and they make a mistake now obviously there's different levels of capability different levels of skill for each person but by constricting this bureaucratize in it they can minimize their sort of political risks their public risks and that is that's reasonable in a lot of ways and that's why they do it now something that we've seen though is over the last you know I began and sort of this this terrorism that level of hunger for risk has greatly increased they've been hacking everybody as we've moved on through the decade until sort of 2013 and them because everything's will in their faces they've sort of backed off but while they do have they do have these policies in place to try to mitigate the risks I think it's moving to say that they're risk-averse contemporaneously because we see the the targets they're picking in a lot of cases are crazy Aaron justified I mean the GCHQ for example be sort of British NSA was just revealed by the Guardian a few days ago to have intercepted and stored the emails from journalists from the New York Times from EBC they knew they had journalists emails but they kept them anyway why you know these are things that shouldn't be happening and if they were truly risk-averse they wouldn't be doing this because they well I mean there's a couple of things one of the things I'm trying to contrast what I see the NSA and GCHQ doing is some of the attacks coming out of China I mean looking at the past decade or more of Chinese military attacks against the United States against government networks against defense contractors it's surprising how sloppy a lot of those attacks were it's surprising how how risky they were and and there's some China watchers that that talked about relationship between the attackers in the government that is not they're not necessarily employees they're free actors who just know if they find something good to pass it on to their handlers and I think we found I mean is I sing Christmas creasing sophistication in cyber attacks around the world as in a sense this is becoming normalized the body knowledge is increasing as well I mean again not everybody knew how to do this it wasn't a paint-by-numbers thing as you have more people going through these organizations as you have the level of academic knowledge improving as you have sort of the tools techniques you know developing and improving increasing sophistication that sort of bleeds out it expands and covers a larger body of people to by actors and you have more people involved more actors more noticed activity more exceptional actors who are never noticed because they're never caught but also people who are not very good in are are caught regularly the other thing is again the difference in culture in liability I actually worked against the Chinese target so I know quite a bit about this I can't talk you know he's here but in general the the level of sophistication in Chinese the summary is not great I mean there are people in this room who probably were much more capable than a Chinese military cyber unit when they were teenagers but again the difference is when you're a military unit paying military wages selecting from military rosters you've only got a certain level of talent all the guys still some of the other actors are people who are moonlighting you know they may be working in intelligence organization and may be working a military unit and again they realized that as they've worked there their skills developed and they're not being compensated relative to sort of their product so they go home at night they continue acting they aggregate information they excavate it and then they sell it and then sort of on the other end you have almost the script kiddies of National Intelligence right the companies that are buying the finfisher and whether and I'm think of Uzbekistan or Ethiopia or Syria and we will see these countries using them to target dissidents and journalists so again the same tools that these bigger countries are using much sloppier I'm sure easier to detect I'm sure you know not with not a lot of skill and you know then we saw we have the monks school up in Toronto finding a lot of these these attack tools on computers on phones of people around the world so we are seeing this this huge array of risk averseness I I seem to think the United States is changing I was reading some of the Reagan stuff when that was that came out last fall it was surprising of the array of targets that the United States was targeting with this tool very sophisticated attack tool and similar in scope to some of the the Russian the Chinese the the the other tools that the antivirus companies expose off and on I think since it's it surprises me that as risk-averse as the NSA was there really never was a plan for one copy of everything we've ever written being published that was sort of a scenario that was beyond the scope of risk planning and I would think that now you know the NSA GCHQ is gonna have to look at every one of their programs and say this is probably gonna become public in five years do we think that's okay and that will cause a change right and we've already seen that happen I mean we've seen that highest levels of government the President himself said that the the way they go about looking at which operation is authorizing which one there passed on as it has completely changed based on the principle just because we can do it doesn't mean we should and this is wise because the thing is when you have organizations like the NSA which are basically completely free from any meaningful oversight they they have sort of hand-wavy oversight they've got compliance officers but the Washington Post reported that they had more than two thousand seven hundred and seventy six privacy violations in a single year and you know these these are only the ones that are self-reported by the NSA these are the only ones that are detected that employees say hey I did this it was wrong it was a mistake the majority people who are doing the audit thing are the Friends of the end they work in the same office they're not full-time all others they're guys we have to store the other duties as assigned additional job there are a few travelling auditors and things like that but really it's not robust beyond that they're regulated by a secret court which is a rubber-stamp now I can't remember the exact figures but it's something like another they were asked thirty-one thousand times or something like that for warrants over last you know 10 15 years and they said no I think I think it's it's some small number it's some small number like that well I mean that could be just a really good warrant writers so this is the challenge when you're operating in this environment a culture of impunity develops where the people working at us say they're not bad people you know these aren't villains they're not trying to but they go I can do this I can do that I can do any because it's for just cause and the technologists when you take it the political oversight out of it and we take the judicial oversight again meaningful judicial oversight not not sort of a fake surveillance panel but a real court with real judges as opposed to FISA judges you get a really different quality of decision and this has a significant impact on the kind of decision for the minute and I do think things have changed significantly for the people in the audience who weren't familiar you mentioned Regan earlier the Regan operation that was a it's called operation socialist the United Kingdom they're in a save the GCHQ decided to hacked into the belgian state telecommunications provider that's used by every country rather than seeking access through the emmalin mutual legal aid treatment to those countries because they didn't want the Belgians to know about it they basically damaged critical infrastructure caused millions of dollars of harm to these systems which by the way still hasn't fixed according to the employees they're using NSA capabilities so you get this weird chain where the NSA sharing infrastructure their sharing capabilities with third parties with foreign countries basically they're then using our tool sets to hack other foreign countries with which we are allied with which we have friendly relations we have no idea we can't we can't really think ahead and figure out how this has been worked out in the end because there's no model well I mean there's two different kinds of oversight and then one is the tactical I mean I think that the NSA is very good at tactical oversight that are we doing things right are we following the rules and that's what we saw in those self-reporting privacy violations we broke our rules we made a mistake that's very different than are these the right rules and it's a form of oversight but it's not oversight that can happen inside the organization it has to happen at a greater level but are we doing the right things right not is this is this legal by the rules we have we have agreed to that have been given to us the interpretations of the laws that we've made but is this the correct thing that we as a country should do and that's a very different kind of question and the way you get that greater oversight is the arts is through these discussions of what makes sense a what is moral in our society what is proper we just because we can doesn't mean we should or maybe it does there's a big question there is the potential intelligence that we gain work the potential cost a good example of this it's the fact this is sort of a picture of what the NSA considers industrial relations you know that's a Cisco box therefore anybody can see it in the wallets they're intercepting sort of American products and services whether it's Facebook whether it's Google whether it's a Cisco physical router and their subversion they're weakening the security of them in some cases like this case they're implanting Trojans and sort of malware where they're going to the hardware level putting a firmware on applications BIOS modifications in there they're reducing the trust in the security of American products and this is critical in American infrastructure because it has a real cost not just for us morally not just for us legally not just ethically but financially I mean the American technical sector is critical to the future economic health of the country and we've had studies done since the 2013 revelations they've shown the NSA's activities just ones that have been revealed so far have cost us somewhere between 35 billion and 185 billion dollars I mean that's more than their budget in harm as a relationship just poorly thought operation before the thought of operations that never should have been done the first place there are again methods that they could do this lawfully legally and with the public's knowledge and consent where we don't have to go yes it's okay hack that particular individual yes organization but we should at least have a reasonable understanding of the broad outlines of policies and powers that they're investing themselves with if it's happening behind closed doors that can't really be said to be representing our interests because they are I mean then that that's just go by that Cisco story I think is really interesting to see the the implant going into the the box and and we certainly worry about Chinese implants coming in and equipment that what there and brought into this country so interesting to see us very generally all of this government surveillance is fueled by by corporations that mean it's not that the NSA woke up one morning and said we want to spy on the entire Internet they woke up one morning and said you know corporations are spying on the entire Internet let's get ourselves a copy and whether it's getting a copy by you know putting an implant in a Cisco router or by going into Google's trunk links between the data centers or going to Microsoft Skype with a court order and demanding a key I mean this is all data that is sloshing around the corporate world you know we've built an Internet force surveillance we've decided that that advertising that marketing that personal information is is the currency by which we all buy our Internet and that fuels what countries can do in any and again not just the US it's everybody everybody's using all of these platforms so to me it's interesting to see now that these NSA stories are public which I think are also shining lights on what other countries are doing what what criminals are doing the democratization of all of these are these techniques so they're showing how insecure everybody is I think we're seeing changing attitudes in some cases in the standards bodies and in in some of the tech companies may the IETF in an engineering task force is trying to build more security into the Internet we're seeing Google encrypting trunk leaks you know it's Google so I mean at one point they're saying you know and as always amusing to see when they complain about the government spying on their users because it's their job to spy on their users but we are we are seeing that this change so maybe there is some hope for technology to make this better there is a little bit of rethinking going on there I mean it's it's a complicated issue there's there's a lot of the baby had their I don't even reach started yet I think we've lost you your back sorry you can go back right so state actors broaden around the world have been piggybacking on sort of this aggregation of data that's happening in sort of all these different corporate sites around the world and that that's siloing that aggregation those centers of gravity they're simply too rich too interesting for governments to in order and and that's a danger you know we need to think about how to do this and this is where decentralized models are interesting right now the current sort of business model with the internet is as you said we're exchanging our private records the value of those for access to special service and this has happened in ways that are about knowing for example the Google model where we have been generally we're saying yeah Gmail account I put all my email on your server so of course you have access to it but also other ways there they're not we're not so where I've been reading your book data in July and in the intro to it you mentioned sort of cell phone networks it's a sort of brief introduction from non-technical people and it just explains that if you have a cell phone in your pocket you're without being aware of it necessarily agreeing to allow the cell phone provider to know your location wherever you learn all the time because that's how calls are wrapped it's sort of a byproduct of the service but it's a real question of does it have to be that way and of course it we know it doesn't now at least on broad terms that sort of a artifact of the way the architecture developed but we have decentralized rather models now we have proxies we can use cryptographic tokens or hashes to represent an individual we can have transient tokenization blockchain different methods of tracking and recording interactions with complex systems that could substitute for the traditional models we have the real questions where do we go is where we draw the lines and this is what the 2013 revelations changes before it there was no cost to collaboration at the expense of the users because nobody knew just how badly they were doing so yeah after 2013 we saw immediately at home Google Facebook basically everybody who showed up on the prism slides they said you know everybody who's whose logo is at the top of that slide right there suddenly they're well maybe we should change this yes we'll cooperated government but you've got to come into the front the very least you have to use normally process you have to the warrant you have to show probable cause that there is a requirement it's data you can't just do what you've been doing in hacking with the back end you know sort of this trunk that's a may be interesting to see it mean there is husband over the decades a lot of research in privacy preserving technologies and ways to do you know possibly cellphone be able to deliver calls to cell phones without keeping a database of where every phone is and having a cell phone being of being a tracking device ways to do electronic transfer that are anonymous we must have digital cache protocols since the 80s of course has been no appetite for it or there's been no appetite because companies want that data they want it for marketing and now governments are piggybacking on it so be interesting to see if we can rebuild some of these systems with less metadata and one things we haven't talked about is how much of this information can't easily be encrypted I mean a lot of what not just the NSA but what everyone does is use this data to collect Association graphs it doesn't matter what we are talking about what matters is that you and I are conversing and who you converse with who I converse with this is this is the whole metadata conversation this is the the multiple hops and that data isn't easily encrypted it the network needs it at least the way it's built today and I think one of the open questions is can we build a more privacy-preserving Network can we do better than that right and I think one way for sort of the tankful audience here to think about how how do you conceptualize this metadata at this encrypted issue encrypted content issue is even if I for example I'm doing for the counter cyber investigation we're trying to attribute an attack and I can't see the content because the content using some kind of exploit kid encrypts all of its exfiltration all of its exfiltrated data but I have the accesses to install you know basically a tiny equivalent Wireshark you just pcap do a packet capture on all of the traffic on a given system I can see what it's communicating I can look at the volumes and I can go this is user day this is user activity and this is anomalous activity and then even though I don't know what it is I can go but well it's going to this hub out here that's clearly you know one step in your expectation there operation and then you go to that one you do the same thing you hack that box you capture its traffic and this is assuming you don't have passive if you got passive collection the back once you do this you can then pack the next box you know who is it talking to and even if you can't read the content the whole way at home eventually you can follow and eventually the encryption drops off because it's at the end even if that chain is a hundred miles long you know if you keep at it you'll get there eventually and we've seen increasingly that sort of the arguments for mass surveillance that the government's have had aren't really reliable they're they're not really meaningful they said you know this is to stop but we know it doesn't stop terrorism the the Pequod's the privacy and civil liberties oversight board President appointed this the White House pointed this it was packed with you know former CIA directors and things like that people who have every incentive to say these programs are great you know we want them they're wonderful said they had never stopped a single terrorist attack this is a broad contrast to what the NSA eventually originally was was the warning 54 plots and then later the Senate questioned them and they said no in fact it wasn't 54 plots no they weren't acting like that it wasn't even 54 in fact it was one guy a cab driver in California sending a couple thousand dollars to his planets mom so there's actually a really good New Yorker article a purity the last week we before talking all about that case it's a really interesting case and right right what were your worth reading it so we're close to out of time I want to sort of end with with one issue that I think pulls us all together and that's the equities issue the notion that the NSA has to balance two different focuses defend our networks and attack their networks and those missions and I think made a lot more sense during the Cold War when you could defend the u.s. radios and attack the Soviet radios because the radios were different that there was us and then and we use different stuff what's changed since then is that we're all using the same stuff right everyone uses tcp/ip Microsoft Word Firefox windows computers cisco routers we're all using the same stuff and whenever you would you have a technique to attack their stuff you are necessarily leaving our stuff vulnerable right well it's conversely whenever you fix our stuff you are fixing their stuff right and this requires a different way of thinking about security versus surveillance a different way of balancing that we can't simultaneously do both and when we look at all of the attack tools out there the vulnerabilities are are great and every time we horde vonda's erode a horde of vulnerability we're leaving ourselves open to attack from anybody absolutely and the way to conceptualize this is to think about when you launch an attack you're not stealing a fixed amount of you know points cyber points from you know research data intelligence data whatever it's really a percentage base based on the size of their investment the size of their economy the size of their R&D fund if we hack the Chinese and the Chinese have sort of a hundred cyber points to behead that attack is worth ten percent of the points we got ten points but if we have you know a million phones and they hacked us once because we weaken the standard doesn't matter if we if we hacked them you know all ten times or all a hundred with their son of a-- points if they hack us wants because we weaken back common standard they're far far ahead because they have a hundred thousand and that's that's really something and this is our problem it's our problem with hacking back to North Korea they have what a dozen computers it makes it a lot harder a Spiegel story actually drew this in a large way that was not really noticed the significance of it was not notice and this was that we had compromised their networks according to the NSA documentation since 2010 we have been hacking North Korea successfully and yet they didn't provide us a lot of details that could provide us a lot of information we missed missile launches immunised nuclear tests we missed leadership changes we missed health issues needs military drills and we even missed the somehing attacks that they watch even though we were hacking them to be with eating their lunch over and over and over again of course years but then they hack us once just one time with Sony and you know everyone in the nation is renting their garments and going this is this is terrible they're attacking our our our basic values because it was so much more valuable to them to win once than it was for us mm so this is something that has to stop if I could add one point just for people to think about because a common trope sort of a meme that we see government officials around the world now advocating to sort of defend mass surveillance besides what I'm going to say it stops terrorism we know whether it's Paris or London with Boston and why none of the mass surveillance program stopped any piece of tax they say encryption right they said we got a ban encryption we got a mandate backdoors we've got to have a way in everybody has to collaborate they have to give us some way to access your data or we're gonna go dark we're not going to be able to we're not gonna be able to continue to investigate murderers are gonna walk free you know our children are gonna be violent all these terrible things happen paying attention to the Silk Road case that's going on right now sort of the the tour online drug market was shut down the accused Ross Ulbricht allegedly the mastermind behind the sort of this whole Silk Road up there used PGP which we know from their own documents they could not break he had fully irresistible encrypted material and yet just yesterday in court they were reading out his encrypted diary entries to a little full of reporters why is that it's because as you said encryption is not the endpoint is a weakness and if the user and at any point Edward view then encrypted material it is vulnerable to the adversaries sees that without any new authorities well we could probably keep going for another four hours but I think everyone else will get mad thank you very much for for being here and and hopefully you could bring you back in person next time thank you thank you

Info

Channel: Harvard Institute for Applied Computational Science

Views: 55,956

Rating: 4.9178514 out of 5

Keywords: Edward Snowden (Award Winner), edward snowden, cryptography, schneier, data and goliath, harvard data privacy, harvard data symposium, data privacy and security, nsa, national security agency, bruce schneier, data science, big data, citizen4, Information Privacy (Literature Subject), Privacy (Legal Subject), Harvard University (College/University), center for research on computation and society, Symposium (Type Of Conference), digital surveillance, surveillance

Id: 7Ui3tLbzIgQ

Channel Id: undefined

Length: 55min 14sec (3314 seconds)

Published: Fri Jan 23 2015