Sunday, March 20, 2016

Why we are upset with the NYTimes Paris terrorist article

On the Twitters, we've been mocking that NYTimes article on the Paris terrorists and how they used "encryption". I thought I'd write up a brief note as to why.

It's a typical example of yellow journalism. The public isn't familiar with "encryption", so it's easy to sensationalize it, to make it seem like something sinister is going on.
At one point, the article says:
According to the police report and interviews with officials, none of the attackers’ emails or other electronic communications have been found, prompting the authorities to conclude that the group used encryption. What kind of encryption remains unknown, and is among the details that Mr. Abdeslam’s capture could help reveal.
That's not how encryption works. Instead, if "encryption" were the one thing the terrorists were using to hide, then you'd certainly find encrypted emails and encrypted messages -- ones you couldn't read without knowing the key.

The lack of emails/messages instead hints that the terrorists were meeting in person, passing paper notes to each other, or using telepathy. All of these, even telepathy, are more likely explanation for the lack of evidence than "encryption".

This article cites anonymous "authorities" here as concluding encryption was used. The New York Times has a long track record of abusing anonymous sources like this. Because we don't know the identities of the authorities, there is no way to know if they are technically competent to come to such a conclusion or whether they have a political ax to grind. There is no way to challenge who made that conclusion.

But in this case, we do know that the source of this quote is political. Law enforcement wants backdoors in crypto to further their own power. They want to scare the public into accepting backdoors by tying "terrorists" to "encryption". That's what frustrates us about this NYTimes article. It repeats the government's talking points without itself challenging the government, and without citing the source allowing the rest of us to challenge the government.

The truth about encryption is that it's baked into everything we do on the Internet. You are probably using encryption right now when reading this blog post. The terrorists probably used encryption whenever they used the Internet without knowing about it. It exists because without it, hackers would be breaking into everything we do on the Internet. Even if the terrorists used a privacy-focused chat app like Wickr, the salient feature of that app is that it auto deletes messages after a time, not that its encryption is anything better than that baked into everything else.

So yes, after a fashion, it's true that the terrorists used "encryption" at one point. But this isn't the story. The story is that the terrorists were very good at "opsec", avoiding intelligence services spying on them, such as meeting in person, or if using the Internet, avoiding standard messaging systems that would reveal "metadata", such as the existence of secret messages between them. That's the story -- not that they are using something like PGP encrypted email (which would normally leave evidence), but they successfully hid that fact from the police.

Or, if you want it from the other direction, it's a story about intelligence failures, since the terrorists were well-known, including their leader being quoted in terrorist magazines as wanting to carry out terrorist attacks. Hindsight is 20/20, so I'm loathe to criticize intelligence services for missing the obvious, but there sure is a ton of obvious clues that they missed. So much un-encrypted evidence existed that you can't blame encryption as the cause.


So this is why we are angry at this NYTimes article. Government wants encryption backdoors. Government will tie any terrorist attack to encryption. The NYTimes repeats the government talking point without questioning them. Worse, by keeping it's sources anonymous, it prevents the rest of us from challenging them. While we can't challenge the sources, we can point to the obvious logic errors, as I do in the quote above. But even this doesn't work, as the journalist insists there's some additional data they have that makes it all work out, data they can't share with us, of course.


6 comments:

Unknown said...

Folks, I appreciate your desire to be accurate. But I wish you hadn't included the paragraph about "everybody uses encryption" because, as you've already noticed, people can barely process one argument about this topic at a time.

Making the conceptual shift from PGP style *message* encryption and browser *transport* encryption is probably going to be beyond the average person who doesn't pay a lot of attention to this. Keep in mind that the NYTimes reporter who bills herself as specializing in ISIS thinks that encryption looks like gibberish on the screen, like a bad cyberpunk movie from 90s.

Throsby said...

All true, except I doubt the average person reads this blog😄
Umm, me excepted ..

Mike said...

ArsTechnica has an article that supports what Robert is saying his article. There is plenty of evidence that the Paris attackers used burner (prepaid) phones to hide, not encryption.
Article: http://arstechnica.com/tech-policy/2016/03/paris-terrorist-attacks-burner-phones-not-encryption/

Greg Nation said...

> You are probably using encryption right now when reading this blog post.

Iceweasel is telling me: "The website blog.erratasec.com does not support encryption for the page you are viewing."

Comrade Misfit said...

The NYTimes repeats the government talking point without questioning them.

NFS, folks. Did you think that Judith Miller was an anomaly?

Sudharshan said...
This comment has been removed by a blog administrator.