All this talk about Jared Kushner wanting to utilize a secure line inside Russian facilities to talk to the Kremlin without US intelligence catching on got me to wondering, exactly what is a secure line? I assume it isn’t a line at all, but rather an encryption of some sort where even if you managed to tap into it, it would be unintelligible without the proper de-encryption device. But I could be wrong, maybe there really is a physical line between Moscow and Washington that is impervious to tapping. In any event, the reason that we know about this is because the US intercepted a communication, so maybe it’s not so secure after all. So what’s the story- how does sensitive communication take place securely? Or is none of it truly secure?
*The secure line’s earliest days can be traced back to the development of a machine called SIGSALY at Bell Telephone Laboratories during World War II. It was meant to replace the seemingly scrambled, high-frequency radio communication then–employed by the Allies – which, it turned out, eavesdropping Axis forces had already managed to decrypt.
So what was SIGSALY? “Consisting of 40 racks of equipment, it weighed over 50 tons, and featured two turntables which were synchronized on both the sending and the receiving end by an agreed upon timing signal from the U.S. Naval Observatory,” according to the National Security Agency’s historical account of the device.
The two turntables played identical copies of randomly generated noise that was mixed into a call. “One would mix in noise, and the other would basically subtract out that noise. And anybody listening would just hear noise,” explained Matthew Green, an assistant research professor at the Johns Hopkins Information Security Institute. “But somebody who subtracted out the noise would hear the phone call.”*
Tested — What Is A Secure Line ?
Along with photos of Obama and the Elder Bush making phone calls.
To be fair, Hillary for one, thought it more trouble than it was worth:
“I give up. Call me on my home [number],” Clinton told then-chief of staff Cheryl Mills in a February 2009 email after more than an hour of trouble trying to communicate via a secure line.
“I just spoke to ops and called you reg line — we have to wait until we see each other b/c [the] technology is not working,” Mills said in another email sent at almost exactly the same time.
“Pls try again,” responded Clinton, a few moments later.
The Hill
I’m not sure if she was wrong. Security can be fetishized. Following the advice of the redoubtable Bruce Schneier, I’ve just disabled security in my WiFi router, because it might help someone and there’s not much that can attack my meagre little ASDL.
Just to add, I doubt if anyone of interest to American Intelligence could possibly escape their relentless and persistent surveillance; and that includes Trump, Obama, and anyone wandering along the line of fire. Trying to evade it would only make them all excited.
The thing to realize with this particular thing, is that “secure line” is a CONCEPT, not an actual specific OBJECT.
Most of the “security” here was based on DIRECT HUMAN CONTACT, not on devices so much. All security, after all, depends on the PEOPLE USING IT to pay attention to the necessary details, far more than it depends on mechanisms or encryptions.
If the whole thing with Kushner trying to set up a “secure line” by asking the Russians for one is true then it displays a laughably incompetent degree of lack of knowledge of encryption.
You want a secure line to anyone? Sign up for a bunch of different vpn companies and then use signal to communicate. Alternate between different vpn companies for each message you send to make it harder for someone to do traffic analysis. Signal client and server are both open source so people can verify it really is strong encryption without backdoors.
Theres also protonmail which is based in switzerland (so out of reach of NSA letters) and uses strong encryption on all messages such that even their own staff can’t even decrypt your mailbox. Also, If you forget your mailbox decrypt password with protonmail it cannot be recovered, you lose access to that mailbox and have to make a new one.
State level actors might be able to get around the above by using firmware hacks or other zero day exploits to install a logger on your phone or computer, but it’s still a hell of a lot more secure than having to send someone to a known russian diplomatic compound to send a message.
That depends on what sort of security you want. Do you just want it to be impossible for others to intercept your communications, or do you want it to be impossible to tell that you’re communicating at all?
I use Tutanota.de.
Is it true that written communication is more secure than verbal? Are attachments secure? Say I put the nuclear codes in a Word document and password protect it. Can the enemy get into it without knowing the password?
With Microsoft’s legendary approach to security there are any number of ways to break a Word password; however even if it were almost uncrackable — as nothing is — and even if it applied to any other document format, this would still be a phenomenally unwise idea.
The mere fact they have the document tells them that with world enough and time they can open it. At least voice communication unrecorded is transitory.
A password-protected Word document?
I can open those in literally two minutes. I do it just about every day at work for lawyers who have password-protected their documents and then forgotten their passwords.
I hope government officials are doing better than that.
Sent from my Nexus 5 using Tapatalk
There isn’t world enough, or time if the algorithm’s good.
And further note, quantum cryptography isn’t magical:
The irony is that “secure line” Kushner wanted to use to avoid monitoring by the NSA/CIA/etc would seem to the same system the Russian Ambassador used to report their conversation to Moscow. Granted it’s also possible that the Russians do actually have a more secure communication system, and deliberately communicated this on a system they knew was being monitored .
Sent from my SM-G950U using Tapatalk
A “secure line” typically has meant a STU-III desk set.
See: Secure telephone - Wikipedia
According to Wiki, it has been replaced by a better system. According to the above post about Clinton, better is a relative term.
Actual secure lines (like the Moscow-Washington hotline) useone-time pad encryption. This is mathematically guaranteed to be unbreakable (unless you have the key), but requires a key as long as the message itself. Because of this it is only really feasible for very important, but rarely used communication channels.
There is similarly secure means of communicating available in the Russian embassy, this is what Kushner was suggesting to use (which is espionage, plain and simple IMO)
How is it espionage to use a secure means of communication ? Are you suggesting he was giving the Russians secrets ?
To use another country’s secure means of communication? A means of communication that exists solely for that county’s agents in the US to be able to communicate to their superiors without detection by the US intelligence agencies.
There is exactly one reason why anyone in the US would request to use such a means of communication, and that reason is some kind of espionage. If member of the US intelligent services was caught doing so, that alone would be enough for them to face prosecution for espionage.
That said, this is a side track from the OP.
When I think of secure lines, I am thinking about actual separate lines, not just secured or encrypted terminals. Computers and phones used to process classified material are connected to a completely different internet. The Ethernet cables and junction boxes for these machines are physically secured and locked. The routing of these cables from terminal device all the way to the satellite dish are protected. I’m not an expert on the technology and hardware involved, by any means. But when I need to use a secured telephone line, it’s going to be some type of VOIP, and it’s physically a different “line” (even color-coded to distinguish it) than the unsecured VOIP system. It’s not just different hardware and encryption on each end. The cables and network are different and separate. When working with ISAF, we usually had three systems and three separate lines. There was the unsecured NIPR line, the SIPR (secured, classified, US-Only) line, and the CENTRIXS (secured Shared NATO) line. A person cannot access one network from the other. They’re independent of each other. So, in my experience, a “secured line” is more than a concept. It is, in fact, a physical thing.
Physical separation isn’t sufficient for secure communications, given that your threat model includes people with physical access to at least routers and cables, such that you have to assume they can install undetectable network hubs to tap communications and record everything which passes through a line to high-capacity storage media, like, say, a few MicroSD cards they bought at Target on their way to work.
I didn’t mean to imply that physical separation was the only method of security. The information is encrypted, of course. I just meant that the systems are also separate, in addition to all of the hardware and software based encryption behind every message.
Not really. There are any number of reasons for wanting a secure chat, including business. And prosecution relies on more definition than ‘some kind of espionage’.
Suppose that member was given explicit permission from his immediate superiors or the POTUS ?