Hacker News new | ask | show | jobs
by jlgreco 4713 days ago
If it's not a bluff, then it would behoove anyone with an insurance file to give the decryption keys for at least some of it to the intelligence agency that they are protecting themselves from to prove that it is not a bluff. If that wasn't done, I would naturally assume a bluff.
1 comments
trotsky 4713 days ago
The way these things work is no one person actually has the whole key - portions of it are distributed to various people you trust but may otherwise be unlikely to conspire. They might not even know who has the other parts. The idea is it takes an extreme event to bring them together to decide to combine the key. That way no one is in danger of being intimidated etc. into revealing the key by a hostile party.

I'm sure nobody doubts there is an encrypted file with unreleased documents and that the key has been split and distributed. The only question is, exactly what is it that is in that cache and how damaging would it be to be released publicly.

The element of the unknown in terms of what precisely stays unreleased is the primary nexus point in US policy here. Even if they believe nothing of considerable value is left, anyone the gambles there and loses no longer has a career in the us government. Providing any specific damaging proof to them alone is only helpful to them - it allows them to confirm how accurate they've been at estimating the leak, and they can preemptively act to diffuse the impact or provide disinformation. And they get a good read on what the higher end of the stuff he has is.

I'm 90% sure this is what the leak of the Brussels/EU tap and intrusion documents were about. They were released soon after the cache was first mentioned, and at a time he was being effectively held captive in an airport as every sympathetic country was suddenly being offered huge incentives to turn their backs.

It certainly served as proof some highly damaging documents still had been held back. It may not have softened US rhetoric much, but it may have been effective in convincing the us to stop applying as much pressure on potential sources of asylum.

The biggest problem is that the NSA really isn't super worried about what the public finds out as much as they are institutionally built to be worried about what other foreign services learn. They have to assume that somebody has or will get the whole cache privately - either covertly or as a trade for passage etc. And while they aren't happy about it becoming public either, it isn't the end of the world. After all, the same year they got caught illegally wiretapping everyone they got the telecoms blanket immunity and were at that very moment developing PRISM. The NSA leaks have been huge, yet there are no serious calls for congressional hearings, the executive isn't disowning it, there is zero risk the public is about to stage a revolution and most significantly - they haven't even said they're going to stop doing any of it.

While Alexander will probably be losing his job, the publicity may even end up as a net positive for surveillance USA. Now that its out in the open and not resulted in any apparent systemic meltdown in sigint - it only makes it easier to start the next even more expansive program. After all, whoever they go to will know that Schmidt and Zuckerberg ended up just fine, and people barely even remember that verizon gave away cdr for every customer call without question. I bet there hasn't even been a blip in verizon subscriber numbers.

They really have carte-blanche now, and tons of people in the community were expecting that these leaks would have a great deal more blowback.

link