Ukraine, Snowden, and SIGINT proliferation

OK, so what do EU chief diplomat Catherine Ashton, US assistant secretary of state Victoria Nuland, Estonian foreign minister Urmas Paet, Russian ambassador to Eritrea Sergei Bakharev, and his colleague in Zimbabwe Igor Chubarev all have in common? They’ve all had their mobile phone calls intercepted and leaked onto the web.

The first three, well, Russia, obviously. The bizarrely distant ambassadors are presumably a gesture by the US to demonstrate the reach of the NSA. At least that is what you might have said a few years ago. But we live in an age of intelligence proliferation today.

If you want to intercept GSM calls these days, you need a USRP, a few hundred dollars’ worth, and copies of GNU Radio, OpenBTS, and a few other open-source software packages, all of which are entirely free. Osmocom will be useful too, also free. A couple of £15 Motorola C115 phones. And of course a laptop. (If you just want to listen to voicemail, well, call Glenn Mulcaire.)

The same computational abundance that made it possible for the NSA and friends to overreach so spectacularly has also brought capability that not so long ago was reserved to them within the power of hayseed cops, nonstate groups, and competent individuals with a few hundred bucks. It didn’t have to be the Russians; it could have been Yanuk’s cops, or freelance anti-Maidan activists, or even rebels hoping to force the EU to act. It’s now probably easier to intercept real traffic and edit the recording before leaking it than it is to fake the whole thing.

You’d think people would take more care – someone should point the EU SITCEN at the Blackphone project at least – but then I learned something interesting. The State Department, after all, has all the secure communications it needs, but they have the problem that they are not secure against the boss, and fairly often it is necessary to say things you don’t want to send back to Washington. It’s a fascinating lesson.

In the other direction, here’s a detailed discussion of the Mexican Zetas’ radio network, although sadly lacking in technical content.

In general, we should expect much more of this.

This interacts with the whole Snowden affair in complicated ways. There’s a reassuring story (well, for some people) that says: Look, the silly Europeans and journalists and such have run into the Russians now. It’s like the Cold War. I’m young again!

Of course, it’s actually true that NATO member states near the borders are worried and are asking urgently for the alliance’s forces to be seen more often. But we shouldn’t be fooled that the case is now closed. Those same states are also exposed to information security threats, and the NSA (and friends) interference with major security infrastructure projects has exposed them further. It has also harmed the degree of confidence their allies can offer them. It’s in the nature of the technology that once you create an exploit, you can’t guarantee others won’t find it.

This also matters for less macro-scale politics. Back in 2007, I played a minor role in Dan Hardie’s campaign to get the British Army’s Iraqi employees landed in the UK. This involved communicating with people in places like Syria who were under varying degrees of threat, and Dan asked me for advice. At the time, you could be reasonably confident in Skype’s encryption and its distributed architecture, and that’s what we used. It had the huge advantage that it was utterly uncontroversial software that anyone might have, and that didn’t require us to distribute code or key material securely. I gave quite a bit of thought to this, in case it became necessary, and never arrived at any solution I found even close to convincing myself, let alone anyone else.

Today, thanks to the subversion of Skype, I would have to come up with some sort of scheme to deploy one of the hardened messaging apps, probably circumventing censorship en route, generate keys, and get them deployed and configured. Granted, most of the users would have a smartphone or netbook or tablet with them rather than using untrusted public machines, but on the other hand, potential interceptors are so much more aware of the possibilities now I think I might not try. In the current case, this activist in Belarus appears to have had his Skype calls intercepted.

This is a pity. Eli Lake reckons the US won’t share satellite imagery with Ukraine, but I’m not sure of the sourcing and I keep seeing US diplomats tweeting overhead photos. Do they need to, though? Proliferation cuts both ways. As I was saying with Dr Strauss, advice on working with the new tool set might be as good or better. Like this. Or this:

There’s a better photo here – the ones with the bubble under the nose are the Mi-24 attack helicopters.

No-one who reads this has any voice in the decision, but whether Insider Guy, Intelligence/Administrative Guy, or [name redacted, yes, seriously] gets the GCHQ top job is far less important than whether we decide to free the CESG security wing of the organisation and bring it back to London.

This entry was posted in A Fistful Of Euros by Alex Harrowell. Bookmark the permalink.

About Alex Harrowell

Alex Harrowell is a 33-year old research analyst for a start-up telecoms consulting firm. He's from Yorkshire, now an economic migrant in London. His specialist subjects are military history, Germany, the telecommunications industry, and networks of all kinds. He would like to point out that it's nothing personal. Writes the Yorkshire Ranter.

3 thoughts on “Ukraine, Snowden, and SIGINT proliferation

  1. Pingback: [BLOG] Some Thursday links | A Bit More Detail

  2. Pingback: TYR open newslist, the second | The Yorkshire Ranter

  3. Pingback: More intercepts. | A Fistful Of Euros