Quote

Transparency certainly destroys secrecy: but it may not limit the deception and deliberate misinformation that undermine relations of trust. If we want to restore trust we need to reduce deception and lies rather than secrecy. Some sorts of secrecy indeed support deception, others do not. Transparency and openness may not be the unconditional goods that they are fashionably supposed to be. By the same token, secrecy and lack of transparency may not be the enemies of trust.

* Onora O’Neill, “Trust and Transparency”, the BBC Reith Lectures.
Quote

It is disconcerting to realize that the reassessment of classification policy described by Mr. Litt was not prompted by the diligent exercise of congressional oversight or by judicial review or by ordinary advocacy. Rather it was explicitly inspired by the Snowden leaks, which Mr. Litt described as “criminal.” The upshot is that leaks emerge as a uniquely powerful tool for shaping intelligence classification policy, while conventional checks and balances appear all but irrelevant by comparison.

Moreover, the purpose of the newfound push for greater transparency seems to be instrumental, not principled. In other words, it is driven by tactical considerations, not by statutory requirements or any other objective norm.

“I strongly believe that the best way to prevent the damage that leakers can cause is by increased transparency on our part,” Mr. Litt said. “Transparency can both lessen the incentive for disaffected employees to disclose our activities improperly, and provide the public appropriate context to evaluate leaks when they occur.”

That implies that what is needed is only as much transparency as it takes to achieve these imprecise and transient goals. It is a unilateral move that can be unilaterally reversed.

Quote

In 2010 and 2011, many discounted and differentiated Julian Assange from mainstream journalists by comparing him to a spy or foreign agent, despite the fact that he was just doing what every major US journalism organization does: publishing leaked classified information in the public interest.

Well, the government alleges in Rosen’s case that he acted “much like an intelligence officer would run a clandestine intelligence source” and communicated his “clandestine communications plan.” This is reminiscent of a disturbing House Judiciary hearing last year where the committee’s lead witness compared the New York Times’ David Sanger to a spy, saying he “systematically penetrating the Obama White House as effectively as any foreign agent.”

By that language, the government is arguing journalism is now akin to spying, no matter if its WikiLeaks or the mainstream press.

Quote

Cheney’s office, according to Leonard, took secrecy to excessive lengths – attempting to classify as much as possible, and often bypassing the system altogether by inventing classification markings. Even documents as ordinary as Cheney’s talking points were marked Treated as Top Secret/SCI or Treated as Top Secret/Codeword.

“That’s not a recognized marking,” said Leonard. “I have no idea if it was the intent, but I can guarantee you what the consequences of those markings are. When any of this material eventually does end up at a presidential library and access demands are being made, or it’s being processed for release, when some poor archivist sees material marked Handle as SCI, it’s going into the bottom of the pile, and it is going to get much more conservative review. Whether it was the intent to retard the eventual release of the information, I know that’s going to be a consequence of it.”

Link

On Masons, Cryptography, and History

Wired has a terrific piece that details how a secret order in the 18th century used a combination of cryptography, obfuscation, and operational secrecy to either spy on the Masons, or keep the Masonic traditions and rituals alive during a time of persecution. It’s a longer read, but worth your time. Wired’s article also demonstrates the value of academic freedom: it gives scholars the ability to explore and solve intriguing problems. Their work may never provide a monetary ‘return on investment’ but it will likely enrich society and culture nevertheless .

Link

Could Email Undermine the 2012 American Election?

In the aftermath of Hurricane Sandy, some of the polling stations that would have been used by Americans to cast ballots are gone. Moreover, some citizens in New Jersey are unlikely to either find their new polling station or take the time to find a station and vote. Quite simply, they’re rebuilding their lives: presidential politics aren’t necessarily centre of mind at the moment.

In the wake of the disaster, New Jersey will let some voters cast their ballots by fax and email. One American expert has identified a range of possible attack vectors that could be used to compromise people’s votes. He’s quoted as saying,

Those are just some of the more obvious and potentially catastrophic ways a direct security failure could affect this election … The email voting scheme has so many ways it can fail or that doubt can be cast on the integrity of the results, that if a race somewhere in New Jersey is decided by email ballots, it seems almost guaranteed that we’re going to have a bunch of mini-2000-in-Floridas all over the state.

In addition to basic security concerns around voting, it’s critical to understand that voting by email (effectively) removes secrecy provisions. Messages will not have to be encrypted, meaning that if employees cast their ballots at work then their employer(s) could ascertain how their employees are voting. This is an incredibly serious issue.

In the best of worlds, the New Jersey elections won’t rely or depend on the emailed votes to determine a winner. This said, even if the votes don’t change the local results – if individuals win seats by sufficient margins that the emailed ‘ballots’ wouldn’t affect who won – the national vote could the endangered if the New Jersey voting system is connected to the national system. The risk, here, is that if an attacker could compromise the New Jersey voting infrastructure (perhaps by sending an infected attachment to an email message) then the rest of the infrastructure could also be compromised. Such an attack, were it to occur, could compromise not just the New Jersey results but, potentially, races across the United States.

While it’s evident why the government decided to let people vote by email – to ensure that Americans could cast their ballot despite the horrific natural disaster – these good intentions could result in very, very bad results. Worse, it could encourage trust and confidence in online voting systems more generally, systems that simply cannot be adequately secured (for more as to why, see this and this). While paper ballets are infuriating for many they remain an ideal means of confidently expressing voting intentions. While alternate approaches certainly need to be considered to let people vote, especially in times of crisis, voting by email is not an idea that should have been contemplated, let alone adopted, as a solution to the Sandy-related voting problems.