dexX7 Attacking Tor: how the NSA targets users' online anonymity << i recommend this one, very rich of information
mircea_popescu dexX7 it's really very badly written, nonsensical goop.
mircea_popescu i can't imagine schneider actually penned that. he must have sent sometyhing that got "edited for clarity"
dexX7 are you saying "the content is inconsistent" or "the presentation is just bad"?
mircea_popescu i am saying that numerous concepts are employed in a way which belies unfamiliarity with the field, and the general structuring of the narrative is such that you suspect the author does not have a birds eye view of the topic.
mircea_popescu neither of those goes with the alleged author, unless he was very very drunk at the time.
mircea_popescu but anyway, i guess now i have to go into details as otherwise this is all useless nonsense. brb.
Let's consider the damned thing.
The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.
The problem with this paragraph is chiefly its circular nature. It proceeds as : "A is B, the work to B is done by C, which is part of D, which is where most people doing B stuff work. D is tasked with the job of D."
Related to that problem, but distinguishable from it, the very poor formalism employed. On top of common currency terms such as "world" or "employees", the following exotic concepts are involved : 1. Tor ; 2. NSA ; 3. Application Vulnerabilities Branch ; 4. Systems Intelligence Directorate ; 5. Data ; 6. Communications systems. None of these are defined, explicitly or even implicitly in the text.i None of these work in any particular way in the context, nor is it indeed possible on the strength of the text presented to distinguish any from each other or from a box of shoe wax.
Flowing directly from the "exotic concept soup" problem, the liberal use of otherwise meaningless interjections known as "buzzwords". The most egregious case is the "around the world" finale, which in no way adds any meaning but merely creates the (false) impression in the reader that he has generally understood the text on the grounds of familiarity, having recognised a semantic symbol seen other places. This very cheap sort of fake comprehensibility, together with the absolute poverty of meaning being conveyed, and supported by the conceptual confusion at the root of the construction mark this text as the product of an anonymous representative of the unthinking herd of cattle (such as, for instance, a journalist) rather than the product of a technical expert (such as, for instance, Bruce Schneier).
The three problems described, ie. lack of knowledge of the field (as shown in poor, absent or dysfunctional implicit definitions for terms used), lack of understanding generally (as shown in nonsensical constructions that are both logically unsuited for the task at hand and ineffectual from a praxis standpoint) and a tendency to fake comprehensibility through the "recognition=understanding" trick do not subside as the text progresses, but indeed build to an eventual fever pitch. Consider :
one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser.
The opening "one" requires that the subsequent text briefly explain the particulars of the one item considered along its specific differences that allow it be distinguished from "another" similar item. This may only proceed once a general category has been established (which the text itself fails to do). Here's a cannonical example :
[Animals are conventionally considered those live beings which use hemoglobin to transport respiration gases to and from cells, thus allowing them to grow significantly past diffusion size]. One such animal is the finch. In the case of the finch, as with most birds, the metabolic rates are relatively high, which supports the large energy cost of flight, and also results in a higher body temperature. Other animals with lower metabolic rates are usually terrestrial or aquatic.
Now consider how the "computer security" write-up would sound if the same structure it employs were preserved to describe the much more familiar topic of animal biology :
One animal that exists involves the parabronchi, a collection of small air capillaries that have cross-current gas exchange and thus provide oxygen. This happens to birds when they are in flight through the air, and then they can land on a branch.
So rendered, it's quite obvious that the author is simultaneously very, very bad at biology and also very, very bad at thinking in general. Unless the author is mentally handicapped such text would not normally be an acceptable submission past freshman year in junior high. The unfortunate happenstance that cryptography, machine security and more generally the Internet or programming of numeric machines are entirely exotic, Martian topics for most of the population, much more so than the banal characteristics of birds in spite of same population spending more time keyboard warrior-ing than birdwatching, does not meaningfully alter the sad state of the text being considered.
It's still very bad, even if most readers lack the requisite factual knowledge to readily discover the appalling quality of the writing. It is much worse in its effects than simple stupidity however, because inasmuch as young or otherwise naive minds read nothing but this goop, they naturally end up with very distorted expectations as to what thinking looks like when captured in written form, and generally as to how the business of the mind proceeds along its merry way.
It's still very bad, and it still gets worse :
The first step of this process is finding Tor users. To accomplish this, the NSA relies on its vast capability to monitor large parts of the internet. This is done via the agency's partnership with US telecoms firms under programs codenamed Stormbrew, Fairview, Oakstar and Blarney.
The NSA creates "fingerprints" that detect http requests from the Tor network to particular servers. These fingerprints are loaded into NSA database systems like XKeyscore, a bespoke collection and analysis tool which NSA boasts allows its analysts to see "almost everything" a target does on the internet.
The putative "vast capability to monitor" is introduced without explanation. This is bad form. A number of four words without immediate meaning or any particular manner to distinguish one from the other are also introduced. They serve no purpose within the text, except for the exact same purpose served by "around the world" in the first paragraph considered : they create a superficial similarity with other broken texts produced by other broken minds on the topic, and by virtue of this broken process a superficial impression in the mind of the reader that he has gained familiarity, and thus ease with the topic at hand.
This is all a fraud : asked "what is Oakstar ?" the avid student of the topic of journalistic nonsense will promptly answer something along the lines of "one of the four codenames" and expect a gold star for his intellectual performance. Unfortunately for him, the gold star is reserved for the response that reads "one of the arbitrary and otherwise meaningless strings employed for unknown reasons by a troop of illiterate monkeys belabouring unexplainably under the delusion that they are discussing computer security, the Internet and US privacy infringement."
Using powerful data analysis tools with codenames such as Turbulence, Turmoil and Tumult, the NSA automatically sifts through the enormous amount of internet traffic that it sees, looking for Tor connections.
This is the very dreary banal. Using unfortunately-not-as-powerful-as-advertised data analysis tools with codenames such as "Cisco router", every single computer in the history of the web sifts through the enormous amounts of traffic such as they are in its day and time, routing it all every which way as requested. There is literally nothing here, and the need for a codename is grossly exaggerated, let alone three of them!
Last month, Brazilian TV news show Fantastico showed screenshots of an NSA tool that had the ability to identify Tor users by monitoring internet traffic.
Do I even need to consider this ? Completely nonsequitur, planted here about in the manner and after the fashion of commercial copy for pinksheet fraud and miraculous tooth whitening. Seriously, a TV show in a country that speaks a different language showed screenshots of someone else's tool that did something for the conveyance of which both video and still pictures are notoriously inadequate ? I am impressed, I can only hope they also showed footage of someone typing on a keyboard without ever touching the space bar or either shift, and in general limiting themselves to pressing a lot of F keys.
If my argument for the higher metabolism of finches was something along the lines of "last month Brazilian TV news show Fantasticoii showed"... I am sorry, I have to take a break at the point where the news show showed showings. Is this text intended to be read by brains made out of wood shavings ?
The very feature that makes Tor a powerful anonymity service, and the fact that all Tor users look alike on the internet, makes it easy to differentiate Tor users from other web users.
This statement is nonsensical on its face. It essentially says that whatever makes an item indistinguishable from another of its class also makes it stand out from all the others in the class. This would be the exact equivalent of the paralogism embodied in selling mass produced identical shirts inviting the wearer to "be unique" through the use of a mass marketed uniform item. This approach to writing is wrong.
On the other hand, the anonymity provided by Tor makes it impossible for the NSA to know who the user is, or whether or not the user is in the US.
In nucet, that which distinguishes damns yet damnation is impersonal. This is not an embodiment of reasoning, this is pure metaphysics (and banal metaphysics at that) re-written by unskilled hands to appear technical in nature. It is not, and I must say it's sad to consider just how much and how varied ignorance the author betrays by writing down a thousand words on a topic he doesn't understand.
After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems.
Considering that in the previous paragraph it was being held as impossible "for the NSA to know who the user is, or whether or not the user is in the US", it comes as a surprise to see the opening of this current paragraph treating the exact opposite as a given. What the original author intended to convey, and what the mangled remains of his text fail to even vaguely suggest, is that Tor users are in principle and as advertised indistinguishable from one another, but may be in most circumstances distinguished from non-Tor users, and also in some circumstances may be in fact distinguished from one another, contrary to what Tor is advertised to do. This version is still tenseiii, but at least it doesn't read like chickens pecking at a keyboard penned it.
As a side serving, the mysterious and unexplained process of using "secret servers" to redirect to other, presumably equally "secret servers" belies the following problem : how do we distinguish between putative "sets" of "different" equally secret, unidentifiable servers ?
All this offensive offal aside, the actual facts of the matter are :
- That the NSA, alongside other nations' dedicated programs, currently are and historically always have, watched as broad a spectrum of signals as feasible on the day's technology. This includes the Internet, it includes the sounds perceptible on the ocean floor, it includes radiopulsar emissions from outer space and everything else.
- That contrary to planted disinformation of which the Guardian article is a fine example, the NSA has complete and unlimited, instantaneous access to any and all information passed through the TOR network in its entirety, as a matter of course and by design.
- That the NSA, through a program of dubious legality that is nevertheless well documentediv introduces false information into legal proceedings, such as most recently falsely claiming to have had identified Ross William Ulbricht through an amusing collection of "rookie mistakes" on his part, when in fact he was identified through the normal, ordinary working of the Tor network.
- That since the embarrassing Snowden defection, the USG has been marshaling any resources available in an attempt to represent the by now well known and well documented, fundamental and intentional Tor vulnerabilities as unrelated to Tor itself, but a function of "bundles", "secret servers acting as matchmakers", "codenames" and assorted goop. This is understandable, as the significant upfront investment made by the USG in creating the Tor network has not yet been defrayed by the few prosecutions of gullible kids it has so far allowed.
Now, would it be possible, dear Guardian, to hire some people that can actually write ? Instead of having social sciences undergrads butcher Bruce's text to the degree it only serves to further intellectually embarrass those you seek to protect ?———
- There are available an array of methods to implicitly define terms of art and exotic concepts in texts intended for a mass audience, such as the simile, or effectual limitation etc. [↩]
- What a name for a news show, it sounds exactly like what onion.tv would name it. [↩]
- Because the correct statement would be "Tor is broken", which statement the author does not wish to make for purely political reasons. [↩]
- Reuters, Washington Post etc. [↩]