If anything, what [Bytes, Bombs and Spies] points out is how little value you can get from traditional political-science terms and concepts. Escalatory ladder makes little sense with a domain where a half-decade of battlefield preparation and pre-placement are required for attacks, where attacks have a more nebulous connection to effect, deniability is a dominant characteristic, and where intelligence gathering and kinetic effect require the same access and where emergent behavior during offensive operations happens far beyond human reaction time.
- Dave Aitel, There is no Escalatory Ladder in the Matrix
Via Foreign Policy:
This focus on signals and technical intelligence persisted until much more recently, multiple former U.S. intelligence officials told me. “It was almost like everyone they had there was a technical guy, as opposed to a human-intelligence guy,” one former official recalled. “The way they protected those people — they were rarely out in the community. It was work, home, work, home. When they’d go out and about, to play hockey or to drink, they’d be in a group. It was hard to penetrate.” The same official also noted that San Francisco was integral to the discovery by U.S. intelligence of a new class of Russian “technical-type” intelligence officer, working for the rough Russian equivalent of the National Security Agency, before this organization was eventually folded by Putin back into the FSB. This group, which was not based at the consulate itself, was identified via its members’ travel patterns — they would visit the Bay Area frequently — and the types of individuals, all in high-tech development, with whom they sought contact. According to this former U.S. official, these Russian intelligence officers were particularly interested in discussing cryptology and the Next Generation Internet program.
But it was the consulate’s location — perched high atop that hill in Pacific Heights, with a direct line of sight out to the ocean — that likely determined the concentration of signals activity. Certain types of highly encrypted communications cannot be transmitted over long distances, and multiple sources told me that U.S. officials believed that Russian intelligence potentially took advantage of the consulate’s location to communicate with submarines, trawlers, or listening posts located in international waters off the Northern California coast. (Russian intelligence officers may also have been remotely transmitting data to spy stations offshore, multiple former intelligence officials told me, explaining the odd behaviors on Stinson Beach.) It is also “very possible,” said one former intelligence official, that the Russians were using the San Francisco consulate to monitor the movements, and perhaps communications, of the dozen or so U.S. nuclear-armed submarines that routinely patrol the Pacific from their base in Washington state.
All in all, said this same official, it was “very likely” that the consulate functioned for Russia as a classified communications hub for the entire western United States — and, perhaps, the entire western part of the hemisphere.
There is a lot to this very long form piece, including descriptions of Russian intelligence operations and communications patterns, how lawful Russian overflights of American territory might be used for a variety of intelligence purposes, and the Trump administration’s likely cluelessness about why closing the Russian consulate in San Francisco was so significant. But most interestingly, for me, was how the consulate likely functioned as an outpost for Russian signals intelligence operations, both due to the depth of analysis in the article but also for what it tells us about how Western-allied consulates and diplomatic facilities are likely used.1 In effect, the concerns raised by former FBI and other American counter-intelligence officers speaks to how America and her allies may conduct their own forms of surveillance.
- In a provincial sense, the concerns and opinions espoused by American counter-intelligence officers also raises questions as to the role of Canada’s significant number of diplomatic facilities scattered throughout China and other regions where the United States is more challenged in building out State Department facilities. ↩
Europeans citizens and their settlers have long treated the natural world as mere ‘stuff’ that can be manipulated to achieve our human-centric ends. It wasn’t that long ago that animals were regarded as dumb beasts without the ability to genuinely feel pain or have thoughts or memories. It turns out that our presumptions of plants are similarly undergoing radical reevaluations by some in the scientific community.
After training the plants, Gagliano withheld the light. When she next turned on the fans, she had switched them to the opposite branch of the Y shape. She wanted to see if the plants had learned to associate airflow with light, or its absence, strongly enough to react to the breeze, even if it was coming from a different direction, with no light as a signal. It worked. The plants that had been trained to associate the two stimuli grew toward the fan; the plants that had been taught to separate them grew away from the airflow.
“In that context, memory is actually not the interesting bit—of course you have memory, otherwise you wouldn’t be able to do the trick,” she says. “Memory is part of the learning process. But—who is doing the learning? What is actually happening? Who is it that is actually making the association between fan and light?”
It’s telling that Gagliano uses the word “who,” which many people would be unlikely to apply to plants. Even though they’re alive, we tend to think of plants as objects rather than dynamic, breathing, growing beings. We see them as mechanistic things that react to simple stimuli. But to some extent, that’s true of every type of life on Earth. Everything that lives is a bundle of chemicals and electrical signals in dialogue with the environment in which it exists. A memory, such as of the heat of summer on last year’s beach vacation, is a biochemical marker registered from a set of external inputs. A plant’s epigenetic memory, of the cold of winter months, on a fundamental level, is not so different.
It’s absolutely amazing to learn how much we do not know, and similarly striking that so many people actively work to prevent scientists from learning more about the natural world.
Individual details, like lawyer Michael Cohen’s trip to Prague or the spelling of a name or two, may indeed be disproven. Not everything in these reports is 100% accurate.
However, it is extremely important to emphasize that micro-level inaccuracies do not detract from the credibility of the two broad points that I establish above: that Trump’s organization has had a relationship with the Kremlin and that he is subject to blackmail.
This is one of the better analyses of how to understand the dossier that was released this week on Donald Trump’s activities in Russia and involvement with the Russian government.
From The Australian:
For a piece I published in September, about what Trump’s first term could look like, I spoke to a former Republican White House official whom Trump has consulted, who told me, “Honestly, the problem with Donald is he doesn’t know what he doesn’t know.” It turns out that is half of the problem; the other half is that he has surrounded himself with people who know how much he doesn’t know. Since Election Day, Trump has largely avoided receiving intelligence briefings, either because he doesn’t think it’s important that he receive them or because he just doesn’t care about them. George W. Bush, in the first months of 2001, ignored warnings about Osama bin Laden. Only in our darkest imaginings can we wonder what warnings Trump is ignoring now.
While the point that Trump’s team is dangerously able to manipulate him is fair, linking that capability with Trump not receiving intelligence briefings (and the 9/11 attacks) is unfair and misleading. Other past President-elects have also been slow to receive intelligence briefings and the current tempo of such briefings remains a relatively new phenomenon in the history of the United States presidency.
The Canada Security Intelligence Service (CSIS) released a public statement after the Federal Court found the Service to be breaking the law by permanently retaining metadata they had been collecting. To date, the Public Safety Minister has refused to clarify the numbers of Canadians who have been caught up in this ‘catch once, catch forever’ surveillance regime.
The Service’s statement is incredibly misleading. It is designed to trick Canadians and parliamentarians into thinking that CSIS didn’t do anything that was really ‘that’ bad. I fundamentally disagree with CSIS’ activities in this regard and, as a result, I’ve conducted a detailed evaluation of each sentence of the Service’s statement.
You can read my dissection of CSIS’ statement at Technology, Thoughts, and Trinkets.
“Any program that scans all the mail that Yahoo has access to would have scanned this email,” Gillmor wrote me in a message.
“If Yahoo chose to segment their scanning by limiting it only to mails that have ‘@yahoo.com’ email addresses [and omitted those sent from @rogers.com], of course, then they would have chosen to exclude this email from the scan,” Gillmor continued. “It’s not clear to me whether any such constraint was in place, though.”
“I’d imagine that, yes, the program would have applied to Rogers customer emails, unless Yahoo elected to specifically exclude them,” wrote Marczak in an email.
Yahoo declined to comment on whether the alleged system filtered out emails from Rogers customers.
Tobi Cohen, a spokesperson for the Office of the Privacy Commissioner, confirmed that Rogers consulted the office in the wake of the Yahoo hack. But as far as the possibility that Rogers customer emails had been siphoned into a surveillance dragnet goes, “Given we don’t have detailed information about the matter, we are not in a position to comment,” Cohen wrote.
When asked if Rogers was aware of the allegations against Yahoo or if the company is concerned that a backdoor could have affected its customers, spokesperson Garas referred me to Yahoo’s statement and wrote that “as such, we believe this matter is closed.”
Great to know that Rogers thinks it shouldn’t (or, worse, doesn’t have to) explain how one of its contracted service providers may have grossly violated the privacy of Rogers’ customers.
“Any respectable think tank has been hacked,” Lewis told Defense One on Monday. “The Russians just don’t get the idea of independent institutions, so they are looking for secret instructions from Obama. Another benefit is they can go to their bosses and show what they took to prove their worth as spies.”
Any respectable think tank is proud to have such garbage security that the intellectual property it hopes to profit from, to say nothing of political advocacy, is available to unauthorized third parties.
Another new factor is the presence of Canadians in CSE’s hunting grounds. CSE was unable to assist during the FLQ crisis in 1970—it had no capability to monitor Canadians. In the post-2001 era, that is no longer true: the Internet traffic of Canadians mixes with that of everybody else, and CSE encounters it even when it is trying not to. When operating under judicial warrants obtained by CSIS or the RCMP, it deliberately goes after Canadian communications. CSE also passes on information about Canadians collected by its Five Eyes partners.
A special watchdog—the CSE Commissioner—was established in 1996 to monitor the legality of CSE’s activities. Over the years, Commissioners have often reported weaknesses in the measures the agency takes to protect Canadian privacy, but only once, last year, has a Commissioner declared CSE in non-compliance with the law.
Whether CSE’s watchdog is an adequate safeguard for the privacy of Canadians is a matter of continuing debate. One thing, however, is clear: As CSE enters its 71st year, the days when its gaze faced exclusively outward are gone for good.
Bill Robinson has done a terrific job providing a historical overview of Canada’s equivalent of the National Security Agency (NSA). His knowledge of the Communications Security Establishment (CSE) is immense.
Canadians now live in a country wherein this secretive institution, the CSE, is capable of massively monitoring our domestic as well as foreign communications. And, in fact, a constitutional challenge is before the courts that is intended to restrain CSE’s domestic surveillance. But before that case is decided CSE will analyze, share, and act on our domestic communications infrastructure without genuine public accountability. As an intelligence, as opposed to policing, organization its methods, techniques, and activities are almost entirely hidden from the public and its political representatives, as well as from most of Canada’s legal profession. A democracy can easily wilt when basic freedoms of speech and association are infringed upon and, in the case of CSE, such freedoms might be impacted without the speakers or those engaging with one another online ever realizing that their basic rights were being inhibited. Such possibilities raise existential threats to democratic governance and need to be alleviated as much as possible if our democracy is to be maintained, fostered, and enhanced.
“The Snowden docs demonstrate that CSE is active in identifying vulnerabilities,” Christopher Parsons, a post-doctoral fellow at Citizen Lab, told CBC.
“The fact that CSE identifies vulnerabilities and is not reporting them means users are not receiving patches in order to secure their networks.”
Parsons said this “creates a really dangerous scenario.”
“Canadians need to have a discussion about this. Do we want to live in a world in which we’re protecting our own citizens? Or should the priority of Canadian government organizations [like CSE] be first and foremost hacking foreign systems?”
Canadian politicians, judges, journalists and business leaders use smartphones vulnerable to the flaws now fixed by Apple — and to flaws still unknown. The country’s infrastructure is increasingly networked and vulnerable to sabotage by a foreign intelligence agency.
In such a world, Parsons wondered, does national security mean using security flaws against potential enemies? Or disclosing and fixing them?
“We haven’t had that debate in this country,” he said.
It’s increasingly looking like we are going to have the debate concerning whether the Canadian government should be stockpiling vulnerabiltiies or actively working to close identified vulnerabilties. Let’s hope that the debate tilts in favour of protecting the citizenry instead of leaving it vulnerable to domestic and foreign attackers.