What to do about PRISM is unclear as of yet

I haven’t written a lot yet about Mr. Edward Snowden and the NSA PRISM program. I will in time, but want to be careful not to be spreading misinformation, and not to merely be repeating what everyone else says.

There’s been no shortage of advice on encrypting your own data, but there is one pitfall to that.

The NSA claims that communications from U.S. citizens are dropped once they are discovered. That would be the correct thing to do from a legal standpoint. What I want, more than anything, is assurance from the POTUS that the NSA is, in fact, doing exactly that.

I haven’t started signing my e-mail messages with “Sent by a U.S. citizen from an IP address owned by AT&T in the United States of America,” but it’s very tempting. My IP address is in the mail header, so the only question is my citizenship. If the NSA kept a database of U.S. e-mail addresses, that would be the fastest way to resolve that. Resolving an IP address to the country it belongs to is trivial. For that matter, resolving my IP address to the part of St. Louis I’m in is rather easy. That’s why, for example, when you’re visiting a web site for a newspaper in a different city, you still see ads relevant to the city you live in. I get St. Louis sales pitches when I’m checking up on the Kansas City Royals.

The problem when you encrypt is that it suddenly becomes nontrivial–if not downright impossible–to sift U.S. communication from non-U.S. communication. So intercepted communications are kept indefinitely.

This is a bit of a cop-out, since the mail headers are unencrypted–only the attachment is encrypted. But that’s not something everyone knows.

So my snarky side wants to create a script that encrypts worthless pictures of cats and e-mails them to random people continuously. That would be a good way to protest–it violates no laws and harms no one. Deliberately encrypting the pictures with a weak password and a weak encryption algorithm increases the chances that they’ll decode the pictures and know that they’re intercepting garbage.

If you have a Mac or Linux box, you could use OpenSSL to encrypt the data using RC2 encryption, which is easy to break. That might be the only practical use for RC2, come to think of it. Windows users will need to install command-line OpenSSL, then they can do the same thing. The command would look something like this:

openssl rc2 -in cat.jpg -out secretsquirrel.jpg

When prompted for a password, keep it simple. Something like “cat” or “ged” or “nsa” seem appropriate.

Do I believe the NSA is telling the whole truth? Absolutely not. But I am inclined to believe some of what they’re saying. And as someone who worked seven years as a government contractor and was better qualified for Edward Snowden’s job than he was, I know he was exaggerating about some things. Some of his exaggeration was clearly deliberate, and some was likely accidental. I’ll get into that at a later date.

I’m pretty sure that the knee-jerk reaction to start encrypting all e-mail messages, regardless of how mundane, is overreacting. At the very least, it causes undue attention to be called to you.

If you found this post informative or helpful, please share it!

4 thoughts on “What to do about PRISM is unclear as of yet

  • June 24, 2013 at 12:04 pm
    Permalink

    I’m also in St Louis, am a US Citizen, but not by birth. My email address is in a .uk domain, so it’s not immediately obvious I’m even in the US, let alone a Citizen.

    In any case, ever since I learnt about PGP, it made sense to me that everyone should be encrypting everything. The problem is getting enough traction, because I need the recipient’s co-operation to make a public key for me to use.

    Let us imagine a world in which people habitually sent snail mail by postcard. When I want to send you something secret, I put it in an envelope. That item immediately becomes a target, because it’s different. It makes it an easy target. A spy in the post office could easily identify envelopes from postcards, and focus their energies there.

    By putting everything in envelopes, it makes it much harder to tell the important from the innocuous. Sure, there are other analyses you can perform. If the sender or recipient is my bank, chances are it has some more important information there. But the postal worker spy would need to do more work. They’d need to know names and addresses of banks, and then look at the sender/recipient address of every piece of mail to see if there were a match. That’s more work than simply picking out envelopes.

    I think there’s a similar case to be made for encrypting emails. By making everything encrypted, it’s much harder for interceptors to know which items are worth directing their efforts at. The problem, of course, is getting the buy in from everyone.

    • June 24, 2013 at 8:31 pm
      Permalink

      I agree, if even a simple majority of people encrypted, that would be better. But I can’t even get loan officers to type a simple password to open an encrypted zip file in it–they expect me to send a document with my social security number and my checking account number in the clear because typing a password is too hard. (Yes, this annoys me to no end.) But when I start talking about encryption, they look at me like I just asked them to disassemble a rocket engine with nothing more than a coat hanger and a toothpick.

      And people wonder why we have trouble with identity theft? I can’t believe anyone manages to get a mortgage without getting their identity stolen.

      That’s just one other benefit, besides keeping government agencies honest.

      Now, having worked for the Air Force for many years, we had encrypted e-mail. We’d insert a smartcard, type a PIN, and we could sign and/or encrypt mail. Click the appropriate icon, enter a PIN, and bam, it’s done. Easy. That’s what we need everywhere. Another reason: Making SMTP servers bounce any e-mail that doesn’t have a digital signature would have the oh-so-unfortunate side effect of completely eliminating spam. But people would gripe about needing a “license to use a computer.”

      So instead, we live with a completely broken system, where I get incessant e-mail from Christian Mingle Singles (I’m married, dipsticks!), Female Seduction Secrets, Stop Struggling With Heavy Hoses (I really wish I was making this crap up), and Designer Watch Replica, all just this morning. And some computer in Baltimore (and, undoubtedly, its counterpart in China) pays better attention to my e-mail than I do.

      Oh, and I traced your IP address. .co.uk e-mail address or no .co.uk e-mail address, you ought to be perfectly fine. And I can’t wait for the ACLU and/or the EFF to force the NSA to prove it.

  • June 25, 2013 at 10:49 am
    Permalink

    What needs to be encrypted that isn’t already encrypted? Bank communications, and the sort, need encryption. Most others do not.
    I don’t do or say anything that the POTUS would find objectionable. At least not in the light of day.
    All bow down to the NSA and its computing abilities.
    …..
    “Live in such a way that you would not be ashamed to sell your parrot to the town gossip.”
    Will Rogers

    • June 25, 2013 at 7:54 pm
      Permalink

      I can think of a dozen things that I’d send encrypted if I could. Anything related to finance, health, or that personally identifies you ought to be.

      But beyond that. If a good amount of mundane stuff were encrypted, then encrypting stuff wouldn’t call attention to it. Encrypted stuff would just be normal, and if you went to the trouble of brute-forcing it, you wouldn’t know if you were getting something juicy, or just someone’s grocery list.

      So encrypting mundane stuff protects the important stuff too.

      And beyond that, the Fourth Amendment never was repealed, so it still applies. Produce a subpoena, and I’ll hand over my e-mail. There’s no reason whatsoever to hand it over a moment before.

Comments are closed.