Then the obvious conclusion would be his immediate superior (or the POTUS) was attempting to commit espionage
Yeah, except it’s kind of a bad look to hide it from the US while leaving it open to the Russians. If it’s important to US interests, the US should be providing that secure channel. Otherwise it looks like Kushner conducting Russian business that he really would rather the FBI/CIA not know about.
Or that he really would prefer business rivals not know about. Industrial Espionage outrivals political espionage by a long shot nowadays.
What’s more likely ? The little chap was trying to make money or that he was selling political and military secrets ?
The whole thing is very like the witch-hunt on Bill Clinton for betraying America to the ChiComs
Wouldn’t traffic analyis give the NSA/CIA/FBI the knowledge of what telephone calls they wanted to tap ? Ironically the use of the certified secure line was like using a PA system to do it… the authorisied tracked it all.
Not sure if service was USA government provided… it may be that the encryption used was eschrowed so that the gov can tap the calls. For the same purpose, you can just pick up your mobile phone and make the call … its secure so that only the government can tap it… but its weak in that the govenment agency can tap it.
“How the NSA can break trillions of encrypted Web and VPN connections
Researchers show how mass decryption is well within the NSA’s $11 billion budget.”
Some of the weaknesses in key exchange of the various encryptions (VPN, WEP, SSL, etc) may be on purpose.
If Jared was better versed in his own country’s history, he could just take a leaffrom the US Army in WW2 and set someone up from near the bottom of this list in a nice apartment in Trump Tower, and their friend in Moscow, and they could just whitter away on Skye all day long.
Sarcasm aside, the fact that the list is so long is something that should make us all sad, even a president who has all the best words.
That’s a valid reason to have a secure channel, but not to have a channel that you’re trying to hide from the FBI/NSA.
What matters is that in working with Russians to keep things secret from US intelligence, he’s compromised himself in a damning way. The fact of making such a request in itself is the kind of dirt that the Russians use to convert assets.
That’s something Trump’s defenders can’t seem to comprehend. Foreign contacts are of concern, but the truly dangerous thing is when foreign powers hold secrets over high-ranking government officials. It looks like Trump staff (Flynn, Kushner, Trump himself) are too dumb to know when they’re getting in this kind of trouble.
Um no. If you want a secure line for business then you use commercial strong encryption solutions like the ones I mentioned above. The only reason you go to Russian diplomats / intelligence agents and ask them for a secure line is because you are collaborating with them.
FWIW, you can in hear the portions of the 9/11 tapes from NORAD, the soldier who answers/transfers the calls from FAA and even within the military, I think (too depressing to go check the YouTube tape) answers each with “something something location, non-secure line.”
You’ll note you’re following 9 year old advice. The threat is different today than it was then. He was also talking in an era when WEP was *the * common security protocol. One that had been proven defective right out of the box. So in that era the choice was between “no security” or “the pure illusion of security with no real security”. There was no third choice for “at least decent security against the bad guys of the day”.
I do respect his perspective that “wardriving” was always overrated as a real threat to ordinary people. At the same time, so are locked front doors on most houses.
In my era it was USAF standard to answer every phone call with “<department>, <rank><name>, this is a non-secure line.” The point being to remind both parties that the call is 100% open to eavesdropping by anyone and everyone.
The larger risk for servicemembers not in ultra-high security jobs is not blabbing classified stuff, but just generally talking about what they’re doing. Which tidbits of unclassified information can be gathered and collated to give the bad guys a pretty good indication of what’s going on. The verbal reminder doesn’t mean “don’t talk classified”. It means “The enemy is listening now. Be deliberately and consciously minimalist in what you say.”
In the (real US Government) secure communication world, there is something called red/black separation. Red is electronic communication equipment that processes unencrypted classified information. After it is encrypted, it becomes black. It is assumed that the enemy is listening to and recording all black transmissions, so thou shall always keep red and black separate. There are a multitude of rules on how to do this.
The important point is that for communication over any real distance it becomes impossible to prevent the enemy from listening, so once it’s encrypted, you can use any transmission media that works best - radio, public telephone system, even blinking lights. It’s the encryption that makes it secure.
There are secure networks that are separate from the public internet, but even those might use nonsecure long distant lines from, say, AT&T. But those will also be encrypted, and not used for any other traffic.
So, parts of the systems are separate, parts aren’t.
Do you have a cite for this? Classified networks like SIPRNET and JWICS are not accessible from the regular internet. They’re physically isolated, using different hardware and infrastructure.
Those circuits would be exclusive leased lines, and not shared with any other users. They might belong to a commercial carrier, but they would only carry the single customers data.
No cite at hand, just experience.
Here’s something.
They say encryption isn’t needed, and for business usage, it may not be. However, for US classified, that would not be true.
Security is a meaningless concept without a threat model.
If your threat model is other corporate adversaries with no special ins at the phone company, and no low-level peon moles in the relevant IT departments, then having a physically separate line which only terminates at those trusted endpoints is sufficient.
It would even suffice for using the normal Internet, if you assume that not having an in at the phone company implies not having an in at the relevant ISP or any transit ISPs, and not being able to use BGP poisoning to fraudulently redirect traffic, but then you must further assume that your Internet-connected computers at the trusted endpoints can’t be penetrated.
So, if you’re saying that a physically separate private line is insufficiently secure if it isn’t also encrypted in-flight using a real encryption algorithm, you’re stating that your threat model includes people who can walk into a server room and install a hub and a computer which can record traffic, or can physically dig up and splice a line buried in a right-of-way to accomplish the same thing. That’s quite a statement about the people who you think are trying to get to you.
It’s also fence post security: You’re building a single fence post ten feet high in the middle of an empty field, and betting that anyone trying to get to you will run headlong into it instead of going around. Focusing on in-flight security to that extent (physically separate line and encryption!) is just more egregious, given that valuable data is, by its nature, valuable, and is therefore going to sit around on backup servers for years, where umpty-thousands of people are going to have physical access because of natural job turnover.
Maybe the next Keyhole or Have Blue or Canoe or Metroid will deserve that kind of security. Maybe the State Department really is crawling with Homosexuals. But at some point, you have to ask yourself hard questions about what your threat model is, and leave your mere paranoia to twist in the wind.
Well, there are technicians at the Central Office who have to access the line for testing. You might have a distant end beyond US borders. If you have a circuit from NYC to LA, are you sure that every manhole across the country is secure 24/7? Wanna bet?
Remember that I was talking about US Government classified, so the people trying to get at the circuit do have considerable resources, and are quite motivated.
What you’re betting is part of the threat model, yes.
And, yes, it remains a truism that tools and techniques are useful for diagnosis and repair to the same degree they’re useful for espionage, which means technicians are necessarily the most trusted people in any organization, whether or not management realizes it.
(Therefore, the smart way to ask for a useful hole in the security model is to demand to be able to diagnose and repair problems in the component you’re trying to subvert.)
I work at an Air Force Base, and sometimes we call each other on a “DSN” line.
Supposedly it’s a “secure” line.
It can be. But your everyday DSN line is not secure. Defense Switched Network - Wikipedia
Let’s see what Wikipedia has to say:
Not if your strictly commercial business is with the Russian government.
The Democrat Mr. Podesta who has business contact with the Kremlin could have used better security.
Note: I am definitely not suggesting his and other Democrats contacts were anything but innocent and commercial.
He still leaves his WiFi open.
And as I live in a fairly ordinary British neighbourhood and not in NY I shall too. I only lock my back door if I’ll be away for a couple of nights.