The NSA’s Credibility Takes Another Hit

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.


Henry Farrell passes along the news that the NSA is merging two of its major divisions into a single directorate:

The NSA has traditionally had two big responsibilities. The first — spying and surveillance — gets the lion’s share of public attention (and, it would appear, resources). Yet the second responsibility — protecting U.S. networks from external attack — is also very important….Protecting private U.S. networks and computers from intrusion means creating secure cryptographic standards that make it a lot harder for outsiders to break in. The problem is that other networks in other countries are likely to start using the same standards. This means that the better that the NSA does at securing U.S. computers and networks against foreign intrusion, the harder it is going to be for the NSA to break into foreign computers and networks that use the same standards. If, alternatively, it cheats by promoting weak standards, the security of U.S. networks will be weakened, but it will also be easier for the NSA to break into foreign ones.

As Farrell points out, the Snowden leaks showed that the NSA did cheat: they deliberately tried to introduce weaknesses into crypto standards so they’d be able to break into foreign networks. This makes their merger of offense and defense a big problem:

When the NSA had visibly separate organizational structures, with separate budget lines for offense (attacking other people’s systems) and defense (defending one’s own systems), it helped reassure outside observers a little that the defense perspective has its internal advocates within the organization, even if those advocates often lost. In a combined structure, that is no longer the case. Outsiders will find it harder to adjudicate whether the organization is prepared to prioritize defense over offense (at least some of the time).

And that has consequences….It may make it less likely that businesses will trust the NSA with information about vulnerabilities….It may further erode the dominance of U.S. security standards (and U.S. firms) in world markets. It will surely make the cryptographic community more skeptical of cooperating with the NSA. Because the NSA is the kind of organization it is, it has great difficulty in communicating its true intentions and getting others to believe them, even when it wants to. Split organizational structures (which are costly because they go along with budget lines, factional fighting and so on) are one of the very few ways that it can credibly communicate its priorities to outsiders, and reassure them, if it wants to reassure them, that it is interested in protecting networks as well as subverting them.

To be honest, I’m surprised the crypto community—especially overseas—is willing to cooperate with the NSA at all, given what we now know. They are plainly pretty obsessed with sneaking backdoors into both crypto standards and network devices. If the Snowden leaks didn’t destroy their credibility on this subject forever, I’m not sure what would.

In any case, this is some boring bureaucratic news that might have some real-world consequences. You’ll probably never hear about it again, so I figured it might be worth hearing about it at least once.

WHO DOESN’T LOVE A POSITIVE STORY—OR TWO?

“Great journalism really does make a difference in this world: it can even save kids.”

That’s what a civil rights lawyer wrote to Julia Lurie, the day after her major investigation into a psychiatric hospital chain that uses foster children as “cash cows” published, letting her know he was using her findings that same day in a hearing to keep a child out of one of the facilities we investigated.

That’s awesome. As is the fact that Julia, who spent a full year reporting this challenging story, promptly heard from a Senate committee that will use her work in their own investigation of Universal Health Services. There’s no doubt her revelations will continue to have a big impact in the months and years to come.

Like another story about Mother Jones’ real-world impact.

This one, a multiyear investigation, published in 2021, exposed conditions in sugar work camps in the Dominican Republic owned by Central Romana—the conglomerate behind brands like C&H and Domino, whose product ends up in our Hershey bars and other sweets. A year ago, the Biden administration banned sugar imports from Central Romana. And just recently, we learned of a previously undisclosed investigation from the Department of Homeland Security, looking into working conditions at Central Romana. How big of a deal is this?

“This could be the first time a corporation would be held criminally liable for forced labor in their own supply chains,” according to a retired special agent we talked to.

Wow.

And it is only because Mother Jones is funded primarily by donations from readers that we can mount ambitious, yearlong—or more—investigations like these two stories that are making waves.

About that: It’s unfathomably hard in the news business right now, and we came up about $28,000 short during our recent fall fundraising campaign. We simply have to make that up soon to avoid falling further behind than can be made up for, or needing to somehow trim $1 million from our budget, like happened last year.

If you can, please support the reporting you get from Mother Jones—that exists to make a difference, not a profit—with a donation of any amount today. We need more donations than normal to come in from this specific blurb to help close our funding gap before it gets any bigger.

payment methods

WHO DOESN’T LOVE A POSITIVE STORY—OR TWO?

“Great journalism really does make a difference in this world: it can even save kids.”

That’s what a civil rights lawyer wrote to Julia Lurie, the day after her major investigation into a psychiatric hospital chain that uses foster children as “cash cows” published, letting her know he was using her findings that same day in a hearing to keep a child out of one of the facilities we investigated.

That’s awesome. As is the fact that Julia, who spent a full year reporting this challenging story, promptly heard from a Senate committee that will use her work in their own investigation of Universal Health Services. There’s no doubt her revelations will continue to have a big impact in the months and years to come.

Like another story about Mother Jones’ real-world impact.

This one, a multiyear investigation, published in 2021, exposed conditions in sugar work camps in the Dominican Republic owned by Central Romana—the conglomerate behind brands like C&H and Domino, whose product ends up in our Hershey bars and other sweets. A year ago, the Biden administration banned sugar imports from Central Romana. And just recently, we learned of a previously undisclosed investigation from the Department of Homeland Security, looking into working conditions at Central Romana. How big of a deal is this?

“This could be the first time a corporation would be held criminally liable for forced labor in their own supply chains,” according to a retired special agent we talked to.

Wow.

And it is only because Mother Jones is funded primarily by donations from readers that we can mount ambitious, yearlong—or more—investigations like these two stories that are making waves.

About that: It’s unfathomably hard in the news business right now, and we came up about $28,000 short during our recent fall fundraising campaign. We simply have to make that up soon to avoid falling further behind than can be made up for, or needing to somehow trim $1 million from our budget, like happened last year.

If you can, please support the reporting you get from Mother Jones—that exists to make a difference, not a profit—with a donation of any amount today. We need more donations than normal to come in from this specific blurb to help close our funding gap before it gets any bigger.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate