- Twitch streamer’s mom, roommate get into brawl during live broadcast Thursday 8:41 PM
- Top NFL draft pick Nick Bosa scrubs racist, homophobic social media activity Thursday 8:18 PM
- Jared Kushner’s ‘comprehensive immigration plan’ is just 2 bullet points Thursday 8:16 PM
- ‘Lil Billie Xanish’ is the deepfake mashup of Billie Eilish and Lil Xan Thursday 5:10 PM
- Gossip account the Shade Room to launch 3 original series on Instagram Thursday 4:46 PM
- Biden says he asked Obama not to endorse him—but people aren’t buying it Thursday 3:17 PM
- Marvel makes more money than Harry Potter and Star Wars combined Thursday 3:13 PM
- ‘Avengers: Endgame’: Obituaries for the fallen heroes Thursday 2:51 PM
- T-Mobile, Verizon admit most Americans won’t see fast 5G Thursday 1:52 PM
- PlayStation Vue is offering a sweet streaming deal for a limited time Thursday 1:42 PM
- Twitter reportedly worried banning white nationalists would also flag some Republicans Thursday 1:31 PM
- Lawyer of cop in viral assault case calls the crime a ‘Facebook misdemeanor’ Thursday 12:33 PM
- Biden’s ‘all men’-focused announcement gets roasted Thursday 11:49 AM
- Skillshare is offering new users one month of premium for free Thursday 10:44 AM
- Report: Facebook is punishing Black people for talking about racism (updated) Thursday 10:15 AM
Leaked document outlines the NSA’s backdoor security industry relationships
Confirmed: NSA “obtains cryptographic details of commercial cryptographic information security systems through industry relationships.”
The National Security Agency has been the subject of an astonishing number of leaked documents, many of which have proven to be game changing in their import. But sometimes the huge revelations are almost too large to take in.
One of the latest leaks, published by the Guardian, is much smaller, but it provides a sort of lens by which the bigger picture can be seen more clearly.
The devil, after all, is in the details.
Documents released recently have shown in detail how the NSA began partnering with technology companies in the early 2000s to gain backdoor access to encrypted information. But alongside that, the Guardian released a simple document, the NSA’s 2005 “Classification Guide for Cryptanalysts.”
Only three pages long, the document outlines what elements of the agency’s relationship with outside parties have which level of classification. The document gives a peek into one small part of the day-to-day life of an NSA analyst and gives us a sense of what those analysts were able to talk about in what contexts.
Security classifications increasingly need to be machine-readable according to a standardized classification marking system and so have to be understood and applied in a standard fashion. Presumably this document also helps NSA analysts to mark documents according to the Classification and Control Markings Register created by the Department of Defense and representatives of the U.S. intelligence community.
Here are examples of NSA security levels for some of the knowledge that could now be classified “common knowledge.”
The fact that NSA/CSS exploits cryptographic information security devices and systems.
These are devices or systems which provides authentication, confidentiality, data integrity or authorization services. Security systems, in other words.
The fact that NSA/CSS works with Second Party partners on exploiting cryptographic information security devices and systems. .
The fact that NSA/CSS works with Third Party partners on exploiting cryptographic information security devices and systems.
TOP SECRET (at a minimum)
The fact that NSA/CSS obtains cryptographic details of commercial cryptographic information security systems through industry relationships.
TOP SECRET//COMINT (at a minimum)
The fact that NSA/CSS makes modifications to commercial or indigenous information security devices or systems in order to make them exploitable.
“Indigenous” indicates a non-commercial cryptographic system developed by an NSA target, such as a foreign country. “COMINT” stands for “communications intelligence,” a type of signals intelligence that focuses on information intercepted from foreign communications.
H/T Guardian | Photo by Alan Levine/Flickr
Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers