Just lean over there and hit the “rewind” button for a second; take us back to… July 2016.
Thanks. Right. So, right about then the issue of the day was Hillary Clinton’s e-mails. There were two questions, really:
- Was she violating federal records-keeping directives?
- Was she exposing classified information in her emails?
Remember that? I do. I even wrote about it [stderr] in my capacity as a former UNIX systems administrator and occasional digital forensics analyst who has been deposed for actual court cases. My conclusion, at that time, was that Hillary Clinton was either stupid or lying and I know she’s not stupid. So…
Then there was the classified information question, and the deleted emails; possibly a cover-up. I’m inclined to go with cover-up, because (as I said then) one does not selectively delete a bunch of stuff and lose it, and one’s backups, and forget everything one talked about, fairly recently.
Now, that’s the baseline for summer 2016. Could you push the “fast-forward” button to sometime in the recent past? Let’s look at what’s been going on, since then:
Trump blurts a bunch of secret information to Russian embassy staff.
The Trump team is so leaky that, in order to detect them leaking, Trump’s chief of staff starts complaining that they’re using chat-apps that encrypt messages and delete them after they’re read or they expire. One is “exposing classified information” and the other is “violating federal records-keeping directives.”
Of course, we’re all cynical as can be here, and we all know that none of the kerfuffle back in July 2016 was anything more than an extension of Benghazi! politics-by-investigation, which Hillary Clinton left herself open to through her staffers being a bit incompetent and her being a bit sneaky. We probably should have forgiven her for being sneaky; she’s a Clinton and it appears to be a family tradition – you know, like being corrupt, greedy, and mendacious is a Trump family tradition.
But since Clinton and Trump both work to skirt federal records-keeping regulations, and everyone in Washington appears to be leaking top secret information, what’s the big deal? Why not let’s just decide it’s OK not to keep records, and to leak like mad? Oh, that wouldn’t work because then we couldn’t hate Chelsea Manning, Edward Snowden, Daniel Ellsberg, and so many others.
Put the button over to “now”, would you? Thanks.
Now, it looks like none of it matters at all. That’s the downside of the post-truth world. The other downside is, when you move into a post-truth world, your only guide-line for navigation is opinion (i.e.: authority). So it’s bad when Hillary Clinton deletes emails, but it’s OK with the NSA – oops: [thehill]
The National Security Agency (NSA) deleted data related to surveillance operations despite promises to preserve the data, according to a new report.
The data was connected to a case alleging the NSA surveilled American digital and telecommunications as part of a warrantless wiretapping program ordered by former President George W. Bush.
Politico reported that the NSA was under court orders to preserve data related to the case.
Are there any other former or current system administrators here? Because: wave your hands in the air if you smell something fishy.
I’ve been deposed in a couple of lawsuits, and have been a source of digital evidence. Let me tell you how that works: you get a court order to preserve the data, so you tell your system administrator to back up the data then pull the original hard drives and put them in zip-loc bags with stay-dry packs and turn them over to your legal counsel to put in their safe. Then, you put new drives in, restore the data from backup, and resume operation. Because, as I wrote in my piece about Hillary Clinton’s emails: if you’ve got any competent IT at all, it’s backed up. The corollary to that is: if it gets deleted, and the backup gets deleted too, it’s not an accident.
Is the indicator still on “Now”? Because in the post-truth world, the fact that the NSA just deleted evidence of a crime, in defiance of a court order, appears to be being accepted as a whoopsie.
“The NSA sincerely regrets its failure to prevent the deletion of this data,” the NSA’s deputy director of capabilities, identified as “Elizabeth B.,” said in an October court filing obtained by Politico. “NSA senior management is fully aware of this failure, and the Agency is committed to taking swift action to respond to the loss of this data.”
I suspect the “swift action” NSA is taking in response is to make s’mores over the bonfire where they burned the backup tapes. Actually, burning tape smells awful; maybe they’ll just dance around it and laugh.
It gets better:
The spy agency also revealed to the court that backup tapes of the intercepted communications were also erased in 2009, 2011 and 2016, according to Politico.
Please, all you current and former systems administrators – stop that high-pitched giggling; it’s kind of creepy. Let me try to contextualize that for those of you who are not former systems administrators: Imagine you’re a coroner and you’re looking at a corpse with 3 bullet holes – one in the head, one in the heart, and one in the back – and a cop sidles over and says, “looks like another suicide, huh?”
In fairness – the backups and the data may have been stored in a hierarchical storage system, and got expired out over the course of 17 years. That does happen. But it does not happen when you’re under a court order to preserve the data, and have given it to your lawyer. By the way, hierarchical storage systems are specifically designed to make it hard to lose data – what it probably took is someone calling a systems admin over and saying “purge ${data} and ${backups}” and when the shocked systems admin said “put that in writing?” they gave them the orders on a piece of paper written in disappearing ink. Because after Snowden it’s hard to get good systems administrators any more.
I bet the CIA, which had to do some back-flips to pretend that not only had it never seen but never made and certainly destroyed all the tapes it made of people being tortured. And none of that ever wound up in a digital format where it would have been backed up; remember – not only do they want you to believe they don’t know who tortured whom and when, but they were still using mag-tape camcorders.
The obvious end-game is, if you work in government, to commit your crimes in such a way that they clean up after themselves. [thehill]
Trump administration staffers are reportedly communicating by using an encrypted messaging app that erases messages shortly after they have been received.
The Washington Post reported on Tuesday that officials were using the app, called Confide, to avoid being caught talking to the media, as President Trump moves to crack down on leaks.
The Post report followed a report from Axios last week that reported Confide had become a favorite app for Republican staffers.
I can’t keep up anymore. So, after all that concern about Hillary Clinton not keeping good records of her emails – even the FBI went around investigating servers and laptops, there’s no concern at all that Trump uses a personal cell phone specifically so there are no call-records of who he talks to. And there’s only concern that staffers are violating federal record-keeping guidelines because they might be leaking to the press. Then there’s the fact that anyone who has watched any House of Cards knows they need to have a “work” phone and a “personal” phone. That, by the way, is exactly what Hillary Clinton was doing, which got her in trouble over records-keeping and she was only the secretary of state. Meanwhile a great big smoking dump of a book comes out that is a litany of who was leaking to whom about what.
Got it? I don’t know what Hillary Clinton was even supposed to have done that was behind all the Benghazi! investigation, but I’m pretty sure Donald Trump could do that thing (whatever it is) and the American People would all go, “whatever” and the FBI would open a new investigation into Hillary Clinton’s actions – and hill democrats would all be waiting for that same FBI to rid them of Donald Trump.
It’s recursively stupid. Hit “Fast Forward” and let it run for a while.
The other part I do not get in all this is the supine response to the FBI’s rather obvious interference in the election. Who do you think had a bigger impact on the election, the Russian intelligence service, or James Comey announcing “we probably won’t be charging Hillary Clinton with any crimes regarding her email – yet.” There was no way that the timing of that was not deliberate – the announcement was completely unnecessary. But, now (push the “Now” button) the FBI is the great white hope that is investigating Trump? The following things are obvious to anyone who thinks for a few seconds:
- Hillary Clinton’s staff deleted a bunch of emails and lied about them being “personal” (but who cares?)
- Donald Trump is a crook (but he’s not going down for it)
- The NSA broke the law repeatedly and covered it up by deleting evidence (but they forgave themselves)
- The CIA tortured some folks and deleted most of the copies of their torture-porn stash (but it’s still out there; Dick Cheney probably jerks off to it)
- The FBI is playing politics (it’s got factions on both sides, so it’s sure to be on the winning side!)
- The NSA probably was surveilling the Trump campaign because they listen to everybody but especially people who are talking to Russian consular staff. Duh!
Since I mentioned Benghazi! remember: that was the CIA‘s screw-up. Not Hillary Clinton’s. The CIA has achieved the highest possible level of bureaucratic skills: they can attribute their screw-ups to others, with no saving throw.
A blame-mancer, by the way, that would be pretty cool:
DM: “You look over the pit, there is a huge dragon there. It is gnawing on a dead villager.”
Sverri The Blameless (level 20 blame-mancer): “Ok, blame the villager’s death on his own incompetence.”
DM: “Roll.”
Sverri The Blameless: “00”
DM: “Oh, wow. The villager’s death is not only his own fault, but he just got the blame for the entire dragon-rampage.”
sonofrojblake says
Here’s the thing I can’t forgive the Democrats for: they knew that. They knew their opponent could strangle a baby on 5th Avenue while sodomising a Mexican, and his poll numbers would go UP, especially if the Mexican didn’t enjoy it, while their candidate had to be squeaky clean and very, very obviously wasn’t. And still she was nominated.
Still, at least they’ve learned from this mistake and for the 2018 allowing engaged grass-roots candidates to replace the usual suspects who are in the pockets of big busin hahahahahahahahahahaha just kidding they’ve learned nothing.
jrkrideau says
Well, Benghazi! was a Russian operation to set the stage for Donald Trump’s presidential bid. How could you miss that?
And losing a few backup tapes? Hey anyone can make silly mistake. These things happen. Did you bring the marshmallows?
Absent earthquakes, tsunami, wildfire, meteor strikes and so on, that could, conceivably, take out both original and backups, my inclination would be to order the court to assume the accusation was true and assume a reverse burden of truth applies.
Dunc says
For folks who aren’t familiar with proper backup solutions: we’re not just talking about one backup here, we’re talking about an entire set of rolling backups. Anybody want to guess at how thorough the NSA’s backups are? I’d assume “very”, since the only real limitation is how much money you have to spend, and they have lots. I’d bet their tape storage facility looks like that warehouse at the end of Raiders of the Lost Ark…
komarov says
On the other hand you may get really lucky and find out that admin kept a personal backup and has already handed it over to the court* to save your organisation the embarassment. I bet the NSA would be really relieved if that happened.
Anyroad, what good is a data gathering agency if it can’t hang on to data? Of course noone could ever think there was malicious intent involved, perish the thought. So no recriminations but there should be reasonable consequences, i.e. defunding the NSA in toto. Tools that don’t work get thrown out…
*Possibly by e-mailing them a wikileaks-link…
Reginald Selkirk says
So the NSA doesn’t have it any more; maybe somebody else does. Everybody is hacking everybody it seems.
Report: Dutch spies caught Russian hackers on tape
Marcus Ranum says
Reginald Selkirk@#5:
The NSA doesn’t have it any more; maybe somebody else does. Everybody is hacking everybody it seems.
The FSB announced they have re-activated KGB.ru as a cloud storage and backup service for archived secrets!
Reginald Selkirk says
On the other hand, we can be reasonably certain that the Russians didn’t steal any files from Hillary’s server (as opposed to the DNC server) because they would have been made known by someone by now.
Owlmirror says
I wonder if something like this could work:
1) Request some completely innocuous data from the NSA. I guess I’m guessing that they’ll give it up without problems.
2) Repeat step 1 a few more times, maybe 5 total.
3) Then request the problematic data really desired from the NSA.
4) When problematic data is reported “accidentally erased/lost”, argue that the fact that the successful data transfers were made means that the claims of “accident” are statistically likely to be false, and charge the ones responsible for contempt of court, at least.
Could that work, or am I being hopelessly, painfully naive?
Or would the NSA suspect that something was up and “lose” the data the first few times anyway?
springa73 says
I have no special expertise in IT or systems administration, but as someone who has worked as a professional archivist the fact that important people and agencies in the government are ignoring federal record keeping guidelines and conveniently “losing” important information really pisses me off.
With the Trump administration, they get away with a lot more than other administrations because they have done so many bad things, ranging from merely obnoxious to downright illegal, that many people have lost the ability to get really outraged about any one thing. The next crazy thing Trump or his assistants say or do quickly pushes the last one out of the public view. I don’t know if this is the result of a devious strategy or simply a fortunate accident (fortunate for Trump, that is).
Marcus Ranum says
sonofrojblake@#1:
Here’s the thing I can’t forgive the Democrats for: they knew that.
Yes, and they knew that Hillary Clinton was going to come in trailing a whole lot of garbage behind her. Although, to be honest, and democrat candidate was going to get festooned with garbage – even if it was completely made up “birther-“style garbage. On the flip side, Obama was startlingly scandal-free – the democrats should have known to run a candidate that was going to have a teflon(r) outer coating, who actually could have gunned Donald Trump down in the street in broad daylight, and let them.
Marcus Ranum says
jrkrideau@#2:
And losing a few backup tapes? Hey anyone can make silly mistake. These things happen. Did you bring the marshmallows?
Oh, dear. All the backup tapes were in the same bag as the marshmallows and I threw the whole thing into the fire.
Marcus Ranum says
Reginald Selkirk@#7:
On the other hand, we can be reasonably certain that the Russians didn’t steal any files from Hillary’s server (as opposed to the DNC server) because they would have been made known by someone by now.
Good point! The Israelis would have probably found them and told the CIA, who promptly would have not told the FBI.
I’m not sure, by the way, why the DNC’s files are any more special than any other US organization or individual’s. Are there specific laws that govern taking extra special care of political incompetents’ data? The NSA is chartered to help protect the executive branch’s communications but the DNC?
I’d say “the real surprise in 2016 is how incompetent, computer-security-wise, the DNC and RNC are” except that’s not a surprise at all.
Marcus Ranum says
Owlmirror@#8:
Could that work, or am I being hopelessly, painfully naive?
Or would the NSA suspect that something was up and “lose” the data the first few times anyway?
The NSA’s approach has always been to not share anything with anyone, so they first deny that the NSA exists. Then they say they can’t even say if they have any data of that type. Then they say they have no idea what you’re talking about. Then they say you need a court order to learn if the data even exists. Then the judge says you can’t get a court order for something that doesn’t exist. Etc. They have so many bureaucratic protections that they are above any law, and they know it, which means they act that way.
Marcus Ranum says
Besides, we appear to be learning that the FBI believed they knew a Russian attack was in progress, long before the election. In the spirit of “not playing politics” they continued to widely publicize their investigation of Hillary Clinton’s emails, while pretending to ignore what appears to be a fairly open attempt to collude with the Russians. I’m not quite sure how that works except they appear to have decided it wouldn’t be a problem unless/until Trump won. Further, it now appears that other intelligence agencies were telling the US intelligence community, who, in a 9/11-style show of competence told Barack Obama, who decided not to tell anyone else – or something like that.
We shouldn’t forget that now, apparently we know that Obama knew a lot about what was going on. Is it possible that the dems were told by Obama, and just figured they had the election sewed up? Is it possible that the dems were told by Obama and we too incompetent to react effectively so they are just blaming the Russians now? (the Macron campaign being an example of “how to react effectively”) If Obama had the information people are claiming he had, why didn’t he leak it? He’d already shown that he was quite willing to arrange a judicious leak when necessary. Maybe he thought Trump was no threat, either.
I think that the interesting questions relate to what Obama knew, not what Trump’s clown-car knew. But look at how smoothly he faded from the landscape. As president, Obama (unlike Trump) had a pretty good relationship with the intelligence community; it beggars the imagination that Obama didn’t have a heads up about this, probably well before Veselnitskaya trolled the Trumpies. The NSA absolutely would be monitoring her comms, and absolutely would have flagged that she was talking to Trumpies. The NSA is probably sitting back feeling like it dodged a bullet: everyone else looks stupid, but not them. I mean, other than leaking all their malware all over the internet and having to blame Russia for that, instead of their own incompetent contractors. Maybe that’s why NSA isn’t talking about Russia so much…