>But the CIA’s interim system contained a technical error: It connected back architecturally to the CIA’s main covert communications platform. When the compromise was suspected, the FBI and NSA both ran “penetration tests” to determine the security of the interim system. They found that cyber experts with access to the interim system could also access the broader covert communications system the agency was using to interact with its vetted sources, according to the former officials.
>In the words of one of the former officials, the CIA had “fucked up the firewall” between the two systems.
If you read between the lines, this raises the suspicion that there's a common underlying infrastructure which handles the communications, with management front-ends for different users which are firewalled off from each other, and the security of the system relied upon the firewall between the different front-ends to prevent users from finding out about each other. However, an attacker who compromised the "less secure" front end, could use that as a launching pad to attack the underlying communication infrastructure, and if the attacker pwned the infrastructure, then he'd have a back entrance to the "more secure" front end.
If that's the case, then somebody was grossly incompetent, depending on the age of the system: if the system is old enough, then somebody running ops in the CIA is incompetent, for continuing to operate a system whose security model ("all you need is a strong enough firewall!") was obsolete; if the system is young enough, then either the original architects, or the security engineers who certified the architecture (if there were any), for proposing an architecture with an obsolete security model.
Arguably, that incompetence amounts to criminal negligence, since it resulted in the deaths of US agents, and somebody should be tried for it.
> U.S. intelligence officers were also able to identify digital links between the covert communications system and the U.S. government itself, according to one former official—links the Chinese agencies almost certainly found as well. These digital links would have made it relatively easy for China to deduce that the covert communications system was being used by the CIA. In fact, some of these links pointed back to parts of the CIA’s own website, according to the former official.
How was this approved? This is such an obvious no-no. Would have expected a completely standalone, ring-fenced platform with absolutely no relationship to the government's known IP addresses and domains?
Why are they using an off the shelf secure communication system from the Middle East? Surely something this important is a national secret and should be developed in house with your best minds.
If it's off the shelf and others are using, then they can just buy the equipment and look for flaws (like this massive one).
Off the shelf may also mean you dont have to smuggle it. It is much easier to hide if there is no special equipment in someone's closet. It sounds like they were using Tor.
Approved by who? Senior spies who aren't developers?
And who do you think developed this communications system they use? Given government pay scales probably relatively junior web developers trained and used to a consumer-oriented software culture in which "oh let's just drop in this convenient re-usable library" is a no-brainer.
> and the security of the system relied upon the firewall between the different front-ends
I really don't think there's anything to conclude from the "firewall" comment. This term has become a layman way of describing any kind of intended separation between computer systems. People know what firewalls are and so it becomes an overused analogy. It's like how passwords are described as being "encrypted" in layman media.
I obviously have no technical info, but my guess from this article is that 'back entrance' is probably inferring too much.
I would bet that communication apps A and B made connections to the same someCIADomain/IP range (or other less obvious metadata patterns, maybe the shared methods produced enough entropy on the whole to fingerprint).
Thus even if one can't read the content of the message the firewall matches the discovered pattern === likely a spy; so if the less vetted App A source was compromised offline and thus the shared online pattern is now known so too are sources using App B who were less likely to be compromised offline.
How stupid it is to spend so much effort on compartmentalising their intel net in the country, but have all spies report by dialing in into the same website in a country employing few brigades worth of people reading tcpdumps 24/7?
Compare that to one way coded messages over hf radio: a place for pick up of a dead drop in n days is broadcasted, then it is picked up by a man who reads it, destroys it, and gtfos from the country. In that scheme nobody in any way contacts anybody in real time other that the HQ.
One would hope they created a new hostname/IP for each source, but even then it is astonishing that they used the same communication method for so many sources.
Perhaps, but given the volume and variety of modern electronics, it's easier than ever for a receiver to look like something else, at least if you don't crack open the case. An antenna can be harder to conceal, but you can often pick up transmissions by tying into unconventional antennas, like the rebar in a slab of concrete, or a long metal railing. You could probably fit a purpose-built receiver / demodulator for FT8 in a usb stick.
Number stations, though, are usually used for things like one-time pads or to send a previously agreed upon command. Detailed instructions are not really what number stations are good for.
My guess is that this is actually relatively new system that was implemented after the criticisms in the week of the September 11 attacks. One of the stories you keep hearing is that the plot was not discovered in time because agencies were not sharing enough information.
There was a time when the NSA was in the white hat business; securing networks, identifying vulnerabilities and contributing to net sec projects. SELinux has been their most famous contribution. This all changed with the war on terrorism. Finding and exploiting vulnerabilities was the mission.
> There was a time when the NSA was in the white hat business; securing networks, identifying vulnerabilities and contributing to net sec projects. SELinux has been their most famous contribution. This all changed with the war on terrorism. Finding and exploiting vulnerabilities was the mission.
No, they've always had both roles. For instance, their experience and knowledge of advanced code-breaking techniques allowed them to strengthen the DES cipher's S-boxes in ways that weren't publicly understood until decades later.
The CIA has a tendency to do its own thing, and the NSA found the vulnerabilities. To my mind, this suggests that the NSA is competent at their job when allowed to do it. Further, the CIA could stand to benefit by allowing the specialists at the NSA to perform their function rather than trying to replicate it in-house.
This is naught but my opinion, and I understand where others might differ in their reading of the situation presented to us.
Deploys on computers. Web-based. Detectable through decryption or pattern analysis. Firewalls. It was a pair of Tor hidden services. The mistake was probably that they ran both on the same machine with only a firewall separating them, rather than physically different servers.
And on the hidden website there was a link back to cia.gov somewhere.
On the other hand I'm surprised tor works in China at all. I would expect the Great Firewall to shut down all entrance/exit nodes going into or out of the country, except maybe for a few controlled by the government.
The security level varies frequently. It's known that meek still works in China, which is probably a major reason why both Google and Amazon have shut down domain fronting.
Which sounds like a management decision to cut costs by running them on the same server. This is probably why we are seeing ex regime department heads in the news lately as political pundits in hopes they create enough deflection to avoid prosecution for 30+ agents dying on their watch.
The less money they spend on this kind of thing, the more they have to funnel to their second cousin's shell corporation. With no oversight, performance degrades.
Sure, that's some manager's performance bonus. When I briefly worked for Nav Canada our manager decided to buy the cheapest dollar store pens possible in order to pad his performance metrics. We also had to sign them out individually from his safe. Not at all surprised if a CIA manager did a risk analysis and decided lets use the same server(s) and save a few dollars the risk is acceptable.
Here I was always assuming they employed the types of people who read HN to build systems like this. I'd expect e2e crypto, perfect forward secrecy, perhaps something akin to tor, and maybe even the ability to use steganography to disguise the fact any comms were really happening at all.
Oh look at this cute kitten picture, let me save it and then get the encrypted code out of it. That's great, let me upload this equally cute puppy riding a skateboard picture to the forum that contains my reply.
it wouldn’t surprise me if it was a tor service via bridge. the snowden docs showed that gchq uses tor to communicate with assets. a big part of the value of tor is that even if youre detected connecting to it, that doesnt prove youre doing anything in particular on it, only that you’re using the network.
This makes a good case for an official software engineering licensing program like what we have for other kinds of engineers, at least for high-risk things like medical control systems and government security. Right now, a nontechnical person has no basis for evaluating the quality of engineer which they hired to do this job, except by asking other engineers, etc.
It took 8 years for the CIA to figure out what happened?? This certainly explains why China and Russia continue to conduct cyber operations basically at the same level of intensity they have been for years - US intelligence, despite its enormous, unaccountable budget is unable to stop them or even know where they are compromised. If there is an actual hot conflict between the US and either of these nations, I shudder to think what will happen.
I don't believe the US lacks in technical skill at the operational level. These failures are management and organizational failures.
The problem is that the real conflict the US faces is whether it should let its foreign policy be run by facts, or whether the intelligence agencies are simply there to manufacture consent for whatever the ruling party has decided to invade next. In the latter case the intelligence on the ground doesn't actually matter, so there's no political pressure to make sure it's done well.
Yeah the recent revelation of this episode certainly made it more difficult to stomach the various retired intelligence blowhards making the rounds of the news programs this morning to firmly declare risible canards like "Intelligence is about the Truth!" Somehow getting one's clearance lifted seems less draconian than overseeing the deaths of multitudes...
I wonder if this is due to the ever increasing scale of the US intelligence services.
From my working life perspective smaller teams of talented people are often more impactful than significantly larger teams. E.g. Large teams create bureaucracy. And 'weak links' become harder to spot and typically allowed to remain.
I know nothing about this area so take my comment as curiosity only, but I wonder what USA gets/achieves for this $50-100bn intelligence budget? And what would they get at a $2bn funded group utilising a much smaller group of the best employees within the existing orgs.
I don't think that's it. I personally think the best window into this world is William Binney and his thinthread project. He developed thinthread to protect Americans privacy, and it only was going to cost a handful of millions.
His functioning program was scrapped for a billion dollar program that didn't protect Americans privacy and that didn't work because all it did was make the haystack so big finding the needle became neigh impossible.
That is a clear example of the good ol boy kickback system being allowed to take over and actually reduced national security. There is a reason that since 9/11, multiple counties in VA have the most growth of millionaires in the country.
As for the CIA, most sources I listen to (Ray McGovern, John Kirakou, Bob Bear, etc) indicate they have been getting rid of analysts who speak "truth to power" due to the over politicalization of intelligence, so combine that with good ol boy kickback cruft, it's no wonder incompetence is allowed to abound.
This is only a part of the reason the military Intel community has tended to have an adversarial attitude to the company.
Often it's not so much that the billion dollar program was created to make defense contractors rich. It's that the attitude of the US military and intelligence agencies is that if it's worth doing, it's worth overdoing. The defense and intelligence contracting industries simply aid, abet, and exploit that propensity to enrich themselves.
So where a simple and cost effective solution would work, the US Military/Spy Agencies would want a platinum-plated solution that would give them total dominance in the situation at hand, which would spiral the costs and complexity to the point that the solution doesn't work at all. Contractors are never going to be a brake in that situation because it makes them filthy rich. And any employees who object get swept aside because the powers that be want to pursue the most aggressive and ambitious solution possible.
I mean.. Have you heard anything he's said lately?
Here's his appearance on Infowars.. where he explains to Alex Jones how the "deep state" is setting up Donald Trump by scapegoating the Russians: https://www.youtube.com/watch?v=r5XE96G5kN0
1/6 extremely capable and dedicated high performers
1/6 extremely capable and dedicated but go home at 5pm
1/3 average (not going to screw things up massively, but also never going to make a large contribution)
1/3 shocking (as in where do you even find people this useless and disagreeable - if you’re lucky their managers put them in an office and don’t let them touch anything, if not, they wreak havoc)
You literally work inside a room with no windows, poor ventilation, and sound dampening. Anyone who doesn't go home after 8 hours has something wrong with them.
The low performers are beyond low performers, the 6th decile at the federal govnerment would be the bottom decile at most larger well run private organizations. Again i am talking white collar federal government.
At the margin, in corporate america salaried professionals have a focus on deadlines and deliverables (because a. If the company goes under They’re out of a job and b. If they consistently miss deadlines they’re out of a job), so if that means the occasional late night, or an an expectation around a 10 hr work day - ok. On the federal government side the attitude CAN be “if it’s late, it’s late - what are they going to do, fire me?” Without some sense of urgency (however that is inspired) productivity is bad and tends to get worse.
Because federal employees cannot practically be fired it is very common to try to move them sideways to get rid of them. Eventually they just get promoted.
A decade from now, perhaps we'll learn about the CYA failure that resulted in news of this disaster being released to the public... I reckon that just like everything else about the unsupervised services, this is just the tip of the awful iceberg. Probably there are ten failures like this for every one we learn of.
For starters they can't really pay market salaries for the skills they need so to some degree this has more to do with laws on the books than with management and organizational failures.
That's why agencies like the FBl just raid people and then flip them into Confidential Human Sources (CHS). They dont have to pay them anything and use the threat of jail time in exchange for skills/information.
That's a situation created by Congress, not federal agencies. Federal agencies with dire needs for high demand/high pay skills would love nothing more than to be able to hire full-time employees at market rates but it is very difficult for them to do so because of the federal pay scale and hiring guidelines.
It's part of the whole charade of smaller government. The number of actual government employees is reduced but then the government pays contracting companies 2x or 3x (or more) for contractors and ends up with same number of butts in seats.
The same "they" you are referring to. The ones writing the checks. I don't care about the precise technicality that enables wage suppression. I literally don't care. The constitution also says no spying on Americans, but somehow that precise word of law was elided. The bottom line is: they have billions, they suppress wages for employees, and they enrich billion dollar contracting firms. Nothing I claim is untrue.
No, it shows that unfortunately you don't know what you're talking about. Federal employee salaries are set by legislation and may not be changed. They can't get bonuses or anything else. Contracts are bid and are paid out of completely different budgets.
Yes, we actually can get yearly bonuses though they are minimal and tied to the performance rating process and tenure to the agency (at least at my agency). For those that are interested, I’d check out the General Schedule pay scales on the Office of Personnel Management’s (OPM) website. OPM is the agency responsible for providing guidance to federal agencies on all matters related to HR. OPM’s pay scales: https://www.opm.gov/policy-data-oversight/pay-leave/salaries...
However, some agencies have gotten special permission from Congress to use another pay scale which was designed to allow agencies to pay for performance rather than guaranteed raises over time. Though I’ve heard that it doesn’t always work the way it was intended. I was actually initially offered a lot lower salary at another agency that used the pay for performance than my current agency that uses the General Schedule scale.
For general reference: GS-7: B.A./B.S. and GS-9: Master’s.
For all intelligence positions, you are required to pass and maintain a Top Secret/Special Compartmented Information clearance which takes about a year these days due to backlog. This hinders the agencies ability to recruit top talent. I recommend checking out the SF-86 Questionnaire for National Security Positions if you want to see what all is asked.
Right now, I could switch to the private sector and make a lot more than I am making now. But I stay because I believe in the mission and work of my agency. I get to do things that I would never get to do in the private sector. Maybe one day I will switch but for right now I am staying.
"I get to do things that I would never get to do in the private sector" well I know people who switched from NSA to private sector and pretty much keep doing the same things :)
So I guess it depends :)
I’ve been on both sides of the coin so to speak (contractor and Fed). I felt when I was working on site as a contractor, I was walking a delicate tight rope balancing allegiances between my contract company who paid me and the agency I actually did the work for. I only met my contract company supervisor twice for the entire year I supported that contract (1. Interview; 2. Dropping me off at my office) and technically Feds can’t fill that role so I was essentially my own boss. This sounds great but I didn’t have any support or advocate to help me progress in my career. As a Fed, I have opportunities to push my organization’s boundaries in ways I wouldn’t be able to do as a contractor because I can be frank and outspoken about issues. I am also not tied to a statement of work so I can pursue interests outside my daily tasks/assignments. The contract company I worked for was very stingy on training, but in my current position the government offers me a lot of training opportunities in my field. For me, being a Fed is a better fit at least for now.
The government has the money. As evidenced by their defense budget.
The government does not pay the money to their employees. As evidenced by NSA employees making less than high-grade truck drivers.
The government does pay billions to corporations such as Lockheed or Booz, etc.
SO let's recap: they have the money, they just choose not to pay it to their employees. But instead it inexplicably gets rerouted to rent-seeking gatekeepers.
Saying you don't know what you're talking about is not a personal attack when you seem to be going out of your way to prove me right.
"The government" is not a gigantic neolithic behemoth doing whatever it wants whenever it wants. You might be surprised to learn that there are in fact three branches of government in the United States. Congress has passed more than one law detailing the manner in which federal employees can be paid, and limiting how much each given position may be paid.[0] Similarly, Congress sets the budget for the Executive agencies. Because the Pentagon get billions of dollars does not mean that it's trivial to raise the salary of everyone at the Food & Drug Administration.
USG employees make significantly less than their private sector counterparts (usually) because they get quite a few benefits unavailable to the private sector:
* Generous paid leave in the form of sick time, vacation time, comp time, and scheduled holidays
* Accrued paid leave is paid out when you leave government employment
* Government pension
Ignoring the completely nonsensical "rent-seeking gatekeepers" comment, Lockheed and BAH receive government contracts through open bid procurement processes. You'll get no argument from me that often times these bids are written so only 1-3 firms in the world even qualify, but that's sort of the nature of the beast when the bid is to develop a new missile or something.
let's recap who are they? The Congress passed the pay caps if you show me any evidence that there is a broad voter support for removing those caps the "they" claim might have some merit otherwise "they"="we"
The point that was being made is China/Russia perhaps is still not there with all their covert operation guns out and blazing. If situation does arise (hot conflict or otherwise) then one "shudders to think" what would be the implications.
That's I meant too,even in WWII communication was key, imagine today when all is computer controlled. China and Russia might be in the system already and waiting
I think it's pretty safe to say, while these games are always cat and mouse, that globally cyber defense is not approached with the same determination as cyber offence, and perhaps it can't be with resources in the same order.
I think personally it's pretty likely that they're in our systems, and we're in theirs, for almost any major nation - ally or not.
Intelligence isn't just about human intelligence sources. Historically the US has been terrible at human intelligence and peerless at technical intelligence such as spy satellites, bugs, signals intercept, etc...
"This didn't make it into the piece, but here's how the Chinese treated people working with the CIA: According to one source, one asset working at a state tech institutes, and his pregnant wife, were executed live on closed circuit TV in front of the staff."
Obviously a revelation on Twitter about a secretive organisation's workings should always be taken with a grain of salt. However these sorts of reports aren't too uncommon, and it surprises me how there's a lot of pro-china commentators in communities such as HN who seem to glaze over these sorts of things and still aggressively promote the "Chinese way of doing things" is superior to whatever western value or opinion is the discussion point of the day.
I agree that I see a lot of Chinese apologism in the form of "this is the Chinese way" here.
I wouldn't say that the comments are necessarily pro-China though, but rather just explaining that it is a different culture and things are done in a different way.
I do think it's a bullshit cop out though. I think that it's ignorant at best and racist at worst when people make comments here along the lines of "Chinese people like authoritarian societies and couldn't function in a democracy", usually justified by saying that China has been an authoritarian society since day 0. Europe, until recently, was a continent ruled by autocrats (whether in the form of kings, presidents, or emperors).
There are plenty of Chinese democracy activists, and I'm yet to meet a Chinese immigrant who has any love for the CCP and the Chinese government.
It's a popular argument that "Asian values" legitimise China's approach. But it appears to be wrong:
> Findings from our multinational survey suggest no obvious relationship between Asian values and support for freedom of expression at the country level. At the individual level, the data suggest a positive relationship between Asian values and support for freedom of expression when Asian values are treated as a single concept.
I migrated from New Zealand to Australia, yet I like the current ruling coalition and government in New Zealand and dislike the Australian ruling coalition and government.
There's been a lot of discussion recently about Chinese influence or interference in Australia, and much of that is through Chinese people living in Australia. For example, Chau Chak Wing is a Chinese-Australian billionaire with ties to the Chinese Communist Party, is one of Australia's top political donors, and is the unindicted co-conspirator in a bribery case involving the former president of the UN general assembly.
Edit: In today's news, more controversy around another Chinese billionaire with permanent residence in Australia and how he's getting involved in Australian politics for the benefit of the CCP https://www.smh.com.au/politics/western-australia/wyatt-s-al...
I think what we call the skill of "analysis" is to divide an abstract object into a set of its containing elements, and then differentiate those elements and treat each element for its own different case.
China is one such abstract object...It's never about pro-china or anti-china -- after all it is a society of 1 billion individuals who are all differentiable from each other (and we have to differentiate a random chinese people from their government)...if we find a certain aspect of China appealing and potentially benecial to our own society, then why not just "like" that aspect and learn from them?
In the last few decades of the 5th century BC, Sparta and Athens fought a war with each other, which Athens had lost...but this did not prevent Plato (who was an Athenian) from praising certain aspects of Spartan society.
And also didn't prevent us (a couple thousand years later) from lumping them all together as "ancient Greece". Distance from the components, in time or space, lets us paint the set as homogeneous.
sorry...analogy quite often can cause confusions...I will try to make more intuitive and relevant ones in the future...
It's just that the current situation between China and the U.S. bears a lot of similarities as that between Peloponnesian League (led by Sparta) and Athenian Empire during the Peloponnesian War. At the time, Sparta was an oligarchic society and Athens was a democratic one. Thucydides considered the cause of the war was because Sparta was worried about the rise of Athens could threaten its own way of life, and Athens wanted to spread democracy to other city states. There seemed to be no intrinsic conflict between the two states...the problem was that they did not trust each other, only because they were different. I personally feel this situation is quite like the current situation between US and China...There is no intrinsic conflict; they just don't trust each other (sometime even a bit phobic of each other), only because they are different...
If you study the grammar on a lot of these posts, all over the internet even, you may come to the conclusion that the posters are government plants or Chinese CCP zealots.
I wouldn't rule out a massive propoganda campaign; HN, mainstream news article comments, suspicious Quora "questions" about China with manipulative "answers", Confucius Institutes!..
It would be nice if someone could come up with an algorithm that automatically tell which posts are astroturfing, just like fakespot.com But apparently this would be much more difficult than the algorithm used by fakespot, and seem to be less domain specific...
But at least, perhaps, we could do some information clustering, as comments written by independent individuals are more likely to have greater variances -- and quite often, difference is what makes an individual human so valuable...
I've read plenty of news articles that view China and their foreign policy with suspiciously rose tinted glasses. Especially around the One Belt One Road initiative.
The Chinese have an active propaganda machine for decades which tells all Chinese people the world is out to get them. They have completely internalized that. This makes them defensive and nationalistic so they can defend whatever the state does to them.
Yeah it's barbaric what the Chinese do to spies. Next thing you know they'll be waterboarding prisoners or holding people without trial for a decade. Good thing we're superior westerners, huh?
Most of the comments are not pro China but highlight the brazen hypocrisy of getting worked out about China in the face of all encompassing surveillance currently run by the NSA, GCHQ and Google, Facebook and others which is a far bigger and ongoing threat to democracy and citizens here. China's actions are limited to China.
There is hardly any activism against the invasive surveillance of SV companies or protests against the NSA. This forum itself has its fair share of apologists for surveillance capitalism. So where are the protests in front of Google and Facebooks campuses and in Washington?
So if people don't care about these issues at home how can they care about them in China? This is simply not credible or serious.
China's actions don't impact people here, your governments and companies here do. In the absence of any mainstream activism, just singling out China for outrage and anger is duplicitous and comes across as motivated more by politics than any genuine concern for the issues or people impacted.
And using human rights for cheap points ultimately trivializes it and risks bad actors who have no interest in human rights pushing their own agenda. So better for the Chinese to fix their country, there are 1.3 billion of them, and for us to fix ours.
Out of curiosity, how do you think traitors providing potentially critical intelligence to one of the most dangerous agencies of a powerful and aggressive unfriendly foreign power should be treated, when there is literally zero doubt as to their guilt?
And to be clear, I'm not condoning this action but I'm also not so quick condemn it. I'm genuinely uncertain if I somehow were the Chinese government what my decision would be, but I think you are quite certain -- and it's sparked my curiosity.
Admittedly that only applies to non-US nationals outside the US, but the CIA and American overseas military operations have relied for years on executing people (and their wives, children, neighbours, wedding guests, and first responders) with missiles.
This is a false equivalency, and your language seems to be intentionally politicized to provoke an emotional response rather than a rational one. It reeks of "whataboutism."
You argument is comparing the actions of the US military against a foreign enemy - and their associates - to the actions of the Chinese internal security against their own people. Are you saying the Chinese are at war with their own people?
Spies are people that turn against their own country, often for little more than a payoff, and participate in activities that can and have resulted in the death, torture, and worse of countless individuals. For instance Augusto Pinochet, as just one example among many, was the direct and orchestrated product of a CIA "regime change" -- an activity that at it's most fundamental level relies on traitors. Spying is taking a position of trust and using it to intentionally hurt, potentially severely, immense numbers of people - for what is often a token payoff.
We can even see that in this exact case. Earlier this year, there were reports that this issue was not caused by a technological issue but by various spies. One, former CIA agent Jerry Chun Shing Lee [1], allegedly gave away the names of these CIA spies to the Chinese for $25,000. It's ironic that the CIA spies faced death, and probably worse, because of other spies - but that is the very essence of what spies do. Cause death and suffering, generally for small amounts of money. It's despicable.
And do you know what a straw man is? The reason I ignored suggestion of the wife being executed in my response is likely the same reason that the author's assertion was cut from the piece. Its based on one source referencing exactly one individual. This not only substantially increases the probability of this being a lie (consider: traitorous spies have, by definition, already shown an interest in hurting their nation and the people of it for money, and are willing to lie, cheat, and steal to achieve that end), but provides 0 information on what happened and why - which leaves the reader, you in this case, left to fill in the gaps with the most heinous story imaginable.
You were implicitly stating you oppose the execution of spies. And that is certainly your right. At the same time, I think many people do not consider what traitorous spies actually are and do. I'm also generally against the death penalty, but not unconditionally - traitorous espionage would certainly be near the top of the shortlist of things that I think fully justify execution.
I think executing the pregnant wife of said traitors is a bit barbaric and in the long run barbaric regimes have tended to be less stable compared to countries/regimes which have treated traitors in a more civilized manner (due process, not executing their relatives etc).
I'm just surprised they didn't try to make them double agents or at least feed them false information. It seems like a rash judgement to suddenly eliminate 30+ people who you know are spies.
There's an incentive to do it all at once, or as rapidly as possible. If you try to recruit them, you run the risk of them reporting this and suddenly the other 29 spies are exfiltrated.
> It seems like a rash judgement to suddenly eliminate 30+ people who you know are spies.
It isn't a rash judgement if the CCP is so confident of their counter-intelligence program, that they evaluate the effort of neutralizing with disinfo or turning those 30+ is not worth their trouble and informational value. Considering the scale and depth of surveillance they employ within China, and continued heavy investment into more, I wouldn't want to off-hand rule out that possibility.
> According to three of the officials, one was shot in front of his colleagues in the courtyard of a government building — a message to others who might have been working for the C.I.A.
USA has the death penalty for treason too. Now you can argue back and forth (US wants China to eventually be democratic so I'm helping China by spying for CIA...etc) but they essentially betrayed their country. Chinese efficiency: Torture them till they tell want they know and then teach others a lesson along the way too.
Whoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere, is guilty of treason and shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States.
The last execution of an American for treason was in 1862.
Martin James Monti, United States Army Air Forces pilot, convicted of treason for defecting to the Waffen SS in 1944. He was paroled in 1960.
Robert Henry Best, convicted of treason on April 16, 1948 and served a life sentence. (Which turned out to be 4 years. Died in 1952 in prison of a cerebral hemorrhage.)
Iva Toguri D'Aquino, who is frequently identified by the name "Tokyo Rose", convicted 1949. Subsequently, pardoned by President Gerald Ford. (She was fined $10,000 and given a 10-year prison sentence. Paroled after 6.)
Mildred Gillars, also known as "Axis Sally", convicted of treason on March 8, 1949; served 12 years of a 10- to 30-year prison sentence.
Tomoya Kawakita, sentenced to death for treason in 1952, but eventually released by President John F. Kennedy to be deported to Japan. (In 1953, Eisenhower commuted sentence to $10,000 fine and life imprisonment. Kennedy ordered him released in 1963 on condition that he leave the US and not return.)
Robert Hanssen, a high-ranking FBI agent who was a spy for Russia, is spending several life sentences in the pokey but wasn't convicted of treason.
Quick Google suggests they were convicted for espionage (under the Espionage Act), not treason. Though it's really unclear to me why espionage against your own country and for another would not qualify as treason.
edit: Sibling commenter had a view on it: "Technically, this wouldn't be treason according to the US definition, because treason is only possible in the context of a declared enemy of the USA (i.e., war)."
So part of the reason is that since the end of WWII we have not technically been "at war" because that requires Congressional approval and politics gets involved.
Technically, this wouldn't be treason according to the US definition, because treason is only possible in the context of a declared enemy of the USA (i.e., war).
Also, there is a judicial process in the USA, not a summary execution.
Also, the pregnant wives of traitors aren't executed in the USA.
You're right, but it's worth remembering that the distinction appears to be eroding. I was going to mention the same case that my sibling, throwawayt1894, mentioned.
Drone strikes against US citizens in a country not a war with the US is at least worth thinking about. I can generally buy the ends-justify-the-means argument (or at least consider it), but the press secretary's response to this always rubbed me the wrong way: 'I would suggest that you should have a far more responsible father...'
Yeah, the perpetual state of war and the drone strikes that coincide with that that America has gotten itself into is concerning. Still, I would strongly argue that there is a world of difference between the sins of America and China about targeting family members.
The third parties (i.e., children or wives) that are killed in drone strikes are surely collateral damage. America isn't targeting these people. (I'm certainly not arguing that it's right.)
China has shown on many occasions that it is willing to use the relatives of people it doesn't like as leverage. I don't know if it's because it has a long history of it [1] or just because it's effective and China isn't constrained by the rule of law. There have been many cases where the relatives of journalists working overseas have suffered [2], and Liu Xia was under house arrest for almost a decade because of her husbands "crimes" despite never being charged herself [3].
Unless you think the boy was deliberately targeted to be killed, surely you can understand that being killed in a drone strike targeting another is very different to being deliberately shot to death.
It's a discussion directly comparing how two countries act towards the same crime. Don't participate in the thread if you don't find whataboutism helpful?
I don't have the strong moral reservations many have against drone strikes. Tactically advantageous, cheaper, no pilot at risk. Pretty compelling. But in their own way, they're terrifying specifically for the reason you mention: they are less discriminating.
You can think delibery shooting is much worse. And I can see how someone would feel that way. But I think a reasonable person ought to be able to understand how another reasonable person might see things differently.
>>Also, the pregnant wives of traitors aren't executed in the USA.
No one meant to say that both countries treat people the same. However, Chinese treat traitors like USA treats, more or less terrorists. Traitors do cause a LOT of damage, in lives, money and potentially a lot more down the road.
China might have made his wife "confess" to knowing and abetting, just so all the boxes are checked. Their system is rigged, but I doubt they would just kill a person simply for being his wife, without trial. The legal justification might be that she confessed and is a traitor.
Chinese intelligence executed 30 operatives? Good thing we have a decentralized unaccountable police force larger than ALL national armies to carry out summary executions to the tune of 1,000 citizens per year and save us money.
>Good thing we have a decentralized unaccountable police force larger than ALL national armies to carry out summary executions to the tune of 1,000 citizens per year
I'm not in favor of that either.
And its still apples to oranges. A police shooting in the moment is much different from a planned and televised execution.
I am sure they got a trial, albeit a 2 minute one, appeals included. Even in China looks like they improved from "Hanged, drawn and quartered," but let's be honest, things are different over there.
Or we may want to ask about being treated with dignity those that are in Guantanamo Bay. Bottom line, one that betrays his country should know the--locally decided--risks. In Russia they kill you even after "forgiving" you (see last case in UK)
This is exactly like the wild claims about "Iraqi babies being killed in incubators" [1]. It's an absurd, baseless claim but somehow it gets regularly accepted as true.
At some point you would think that journalists would show even a little intelligence, a little competence, a little skepticism.
I think the reason why Chinese government would execute defected officials, instead of putting them in prison for life, is because historically defected officials often caused very serious losses to the chinese communist party. For instance, one of the most damaging defectors in their history was Gu Shunzhang, who led to the arrest of hundreds of their underground communists (many of those arrested were executed by the KMT government at the time). In those early days, the Chinese communist party was very weak and had to fight for its own survival. So as a result, Zhou Enlai ordered the assassination of almost Gu's entire family, as warning and revenge [1]...
I think this bears a certain similarity to the rationale of that IRA members assassinated their defectors and French executed their traitors in WWII...
It's just sad to see that certain traditions still remained unchanged with the Chinese government (or more specifically, their communist party) ...but at least we can see how much they hate defectors; and we can find some common root of that in all humanity...
Perhaps things will change when they value human life more, which I think they will do when their individual's economic condition continues to improve...When the existence of an average life makes little difference to a society, statistically, life would be socially regarded as cheap...
I don't think it has anything to do with valuing human life or not.
I'm sure we both agree the US values human life, but the government is more than willing to accept the death of a 16 year old American citizen when trying to target his father during a drone strike.
I'm more surprised that they would reveal their hand so suddenly. Maybe I watch too many movies, but I would think if you have exposed the entire network, then doing counter-espionage would be the smarter tactic.
At the time of the drone strike, perhaps to the remote drone pilots, conceptually, the 16-year old kid was not an American citizen but merely someone who was different than they were...
The CIA has a long and storied history of arrogance, incompetence, and letting down sources. The book, “Legacy of Ashes” provides an excellent readable, detailed history of the Agency since its creation, with tons of primary-source interviews and research.
(The title refers to a quote by Eisenhower, who left the Presidency disappointed at the “legacy of ashes” which was all he felt the CIA accomplished during his tenure.)
I treat any media 'story' about spooks with great suspicion, because it almost almost invariably winds up over time that there are far more layers to the onion than are revealed in these types of exposes.
I wonder what 'The disaster in China has led some officials to conclude that internet-based systems, even ones that employ sophisticated encryption, can never be counted on to shield assets' is going to lead to? Some sort of new infrastructure may even already be in use...
When the Russians were concerned about security, they switched back to using typewriters. Don't assume that a high tech solution would always be the answer...
Another way to look at it is to consider that it’s really embarassing to suffer an extremely high cost in lives lost, over a misconfigured Group Policy Object or Windows Registry Key or /etc/hosts file.
Something like that is akin to trusting cheap sheetrock/gypsum board and a couple of molly screws to support the weight of some priceless oil painting in a massive ornamental frame.
To see a priceless thing destroyed, but for want of a proper wall to mount it on is insult to injury.
110% pure fantasy but could google be encouraged by the CIA to enter the Chinese market with whatever restrictions the Chinese government imposes but provide secure communication for whoever the CIA needs it for?
This is a fascinating story. But I always think about what the motives are to reveal such information. What you read is always different than the actual...
In a separate note, I'm not sure technically what the right solution is, but I imagine an encrypted stenographic message on a popular peer to peer internet service would be the best way to avoid detection. ... When the entire web is being monitored.
It’d be best to imagine something else. Stenographers are much too busy in court, recording transcripts of proceedings as they transpire. They wouldn’t have time to help avoid detection.
I think it’s probably better to use a stegosaurus, given their spiked tail, and boney plates, which will scare off any attackers.
Or maybe just safely conclude that casually pondering what might or might not work isn’t good enough, and cannot compare to what’s faced in a real situation, where simply knowing what the word steganography means wouldn’t help either.
HN has only ever been civilized by way of preferential moderation. Don’t delude yourself with rose colored glasses. Just continue to take my comments personally, as if you were being attacked by a close friend.
Knowing how absurdly insecure any civilian consumer system is (laptop, smart phone, home assistant, self driving car), with zero day fire-and-not-a-drill-at-all advisories, pretty much every month, I don’t get how this sort of thing happens.
I also fail to see how a decision like this could be made:
The CIA had imported the system
from its Middle East operations...
To China? The degree of technical differences between those two regions is so intuitively disparate, that without having been to either, I’d still never estimate that a game plan for one would work in the other.
Cell phones make sense in desert territories with good satellite coverage, and attacking, as much as operating those same cell phones makes sense too, in a volatile atmosphere.
Meanwhile, in China, with world class supercomputing facilities operated at scientific research institutions, one can only safely assume that no amount of cryptography or electronic transmission is safe. Not even one-time pads.
Each seems like it’s own game, with it’s own rules. What a mistake to not approach them differently. It’s like trying to steal cars from a suburban driveway at dinner time, versus a city parking garage during rush hour. A car is not simply a thing with wheels, that rolls away as soon as you can hop inside.
What direct cryptographic attack do you know that works on a one time pad? (Aslong as the randomness used to build it is real, it is implemented properly and not re-used etc)
No one really tries to break encryption, when side channel attacks can capture a message during the process of encryption.
No one thinks in encrypted text. The plain text is always created and then translated over to the enciphered copy. The plain text will always exist in some way, so that a message may be proof-read before sending. Even if printed on the sceen of a secure display monitor.
If an environment is stifling enough, it might be painfully obvious that someone is stepping out of line to work on carefully disclosing secrets. Obviously laws don’t matter in China, and if there’s a scent of dishonesty in the wrong context, I’m sure it wouldn’t take much find a way to watch every second of someone’s humble existence, if they’re not above executing pregnant women to send a message about what not watching your husband gets you.
Maybe they should have used BBM/iMessage/WhatsApp - all the civilian gear governments are screaming they need backdoors into because they’re too tough to crack...
Yes I say this partly in jest and also partly as a ‘why didn’t they’. BBM Enterprise over a VPN service popular with movie streamers would have actually helped them blend in... digitally speaking.
An intelligence operation has different requirements. While those listed applications might hide the contents of the messages, you can still see that messages were sent/received, and that might be enough to warrant you for summary execution in China.
During WW2/WW1 the British knew when air raids were coming from Germany by recognizing radio traffic patterns, and activity. The radio traffic was encrypted, and they could not understand whatever was sent, but the traffic itself created patterns that alerted them.
Just because the Albuquerque Police Department can't crack <insert secure messenger here> doesn't mean the NSA can't.
Interesting point about blending in, but I suspect they thought they could build a system more secure than the commercial options and/or didn't trust their security in the hands of a third party.
Security is hard. I’d take a commercial system that has years of history and that many major governments have rallied against (BES) over a home-grown system that obviously got tested in the field... and cost lives!
Fucking A man. As an American tax payer and patriot I am pissed that China gets away with shit like this. Time for us to play dirty games and get retribution.
It's probably also a mistake to use the set of communication systems for all your agents, even if you trust them. For something as high-risk as this, they should use bespoke systems for each agent or each sub-network. Doing otherwise is putting all their eggs in one basket.
Typically chinese way of doing things, making the opponent thinking that he's invincible then striking hard and fast at the right time. That in every domain.
>In the words of one of the former officials, the CIA had “fucked up the firewall” between the two systems.
If you read between the lines, this raises the suspicion that there's a common underlying infrastructure which handles the communications, with management front-ends for different users which are firewalled off from each other, and the security of the system relied upon the firewall between the different front-ends to prevent users from finding out about each other. However, an attacker who compromised the "less secure" front end, could use that as a launching pad to attack the underlying communication infrastructure, and if the attacker pwned the infrastructure, then he'd have a back entrance to the "more secure" front end.
If that's the case, then somebody was grossly incompetent, depending on the age of the system: if the system is old enough, then somebody running ops in the CIA is incompetent, for continuing to operate a system whose security model ("all you need is a strong enough firewall!") was obsolete; if the system is young enough, then either the original architects, or the security engineers who certified the architecture (if there were any), for proposing an architecture with an obsolete security model.
Arguably, that incompetence amounts to criminal negligence, since it resulted in the deaths of US agents, and somebody should be tried for it.