'Einstein 3' Raises Privacy Concerns (Here We Go!)

New cyber security system -- Einstein 3 -- will be rolled out across all U.S. government agencies; in addition to detecting malicious software, the system can read e-mails and other Internet traffic

Homeland Security Newswire

A new version of a computer intrusion detection system being developed by DHS has raised concerns from advocacy groups over privacy and the involvement of the National Security Agency (NSA) in the development of the software. The new system, known as Einstein 3, can reportedly read email as well as its original function, to detect malicious software (see 9 July 2009 HSNW).

Futuregov's Robin Hicks writes that Einstein 2 is able to detect malicious code during predefined code signatures, while Einstein 3 will also be able to read e-mail and other Internet traffic. Civil rights group Center for Democracy and Technology (CDT) called on the Obama administration to release information about the legal implications of Einstein 3, which will be rolled out across all government agencies.

"While its predecessor merely detected and reported malicious code, Einstein 3 is to have the capability of intercepting threatening Internet traffic before it reaches a government system," said a CDT spokesperson.

Hicks writes that concerns over the involvement of NSA have been raised because of the agency's track record of conducting surveillance of U.S. residents exchanging telephone calls or email messages with foreigners with suspected ties to terrorism.

CDT also called to question the role of the private sector in the development of Einstein 2 and 3, and the safeguards that will be put in place to prevent the misuse of private information collected.

Don Adams, chief security officer and CTO, Worldwide, Public Sector, said, however, that the project is unlikely to be derailed because of privacy concerns. He told FutureGov: "Einstein 3 is absolutely necessary to the defense of the U.S. Government. It will move the Forward Edge of the Battle Area (FEBA) for cyber warfare to the major private sector Internet carriers where traffic is shaped and delivered to government sites."

I'm sure we've all been waiting for this news. I could't find the proposed 'go live' date for this system, but it is obviously meant to encompass, monitor and interfere with traffic generated from private ISPs.

"The two biggest differences between Einstein 2, which still exists today, and Einstein 3 are: the inclusion of U.S. Civilian Government Agencies to those protected from cyber attacks, and moving the FEBA outside of the government systems and networks under daily attack."

FEBA = Forward Edge Battle Area. That means our ISPs, our home networks and anywhere on the Internet. Of course, they will ONLY employ countermeasures in the event that attacks are detected......riiiiiiiight.

Yay NSA!!

reply to post by KSPigpen


That is why I encrypt my email (emails that are private that is).

reply to post by lucentenigma


And here would be a list of Encryption Schemes that NSA allegedly participated in the creation of.

NSA has participated in the development of several encryption systems for public use. These include:

* Suite B - a set of public key algorithm standards based on elliptic curve cryptography.
* Advanced Encryption Standard (AES) - an encryption algorithm, selected by NIST after a public competition. In 2003, NSA certified AES for Type 1 use in some NSA-approved systems.
* Secure Hash Algorithm - a widely-used family of hash algorithms developed by NSA based on earlier designs by Ron Rivest.
* Digital Signature Algorithm
* Data Encryption Standard (DES) - NSA's degree of involvement in DES is disputed.
* Skipjack - the cipher developed for Clipper and finally published in 1998.
* Clipper chip - a controversial failure that convinced NSA that it was advisable to stay out of the public arena.
* Security-Enhanced Linux - not strictly an encryption system, but a recognition that in the 21st century, operating system improvements are more vital to information security than better ciphers.

RSA.com

As the premier cryptographic government agency, the NSA has huge financial and computer resources and employs a host of cryptographers. Developments in cryptography achieved at the NSA are not made public; this secrecy has led to many rumors about the NSA's ability to break popular cryptosystems like DES (see Section 3.2), as well as rumors that the NSA has secretly placed weaknesses, called ``trapdoors,'' in government-endorsed cryptosystems. These rumors have never been proved or disproved. Also the criteria used by the NSA in selecting cryptography standards have never been made public.

I would hope that your 'encryption' wasn't created by the very agency that is rolling out Einstein 3. I suppose if you have nothing to hide though, everything should be just fine.

You can still encrypt your emails using any number of encryption schemes before sending them, or if you want more security use an encrypted secure tunnel. Maybe the government has backdoors into all the encryption schemes out there, but the consensus I've seen on most security sites if many of these are still safe.

I am a computer professional and have been for 15 years. I don't know how users see it but I have ALWAYS assumed that the entire internet and anything connected to it are accessable by the government agencies (and all their bastard children) that planned and started it. I fail to understand why anyone would think otherwise.

I don't think there has ever been true privacy on the internet except for the extrememely clever and devoted among us who have taken the time to become the experts.

Originally posted by Ambient Sound
I am a computer professional and have been for 15 years. I don't know how users see it but I have ALWAYS assumed that the entire internet and anything connected to it are accessable by the government agencies (and all their bastard children) that planned and started it. I fail to understand why anyone would think otherwise.

I don't think there has ever been true privacy on the internet except for the extrememely clever and devoted among us who have taken the time to become the experts.

I am firmly in agreement with you here on MOST points. I hold a few security certs and have programmed for more years than I care to disclose right now.

The 'illusion' of 'privacy' has forever been just that. I DO think that there are a lot of folks out there thinking that because they use WPA, or heaven forbid, WEP on their wireless, that they are ok and can browse and communicate with impunity. Because they are running anti-virus, or a firewall, that they are protected and shielded from any nefarious activities. Because they erase a file, and empty the recycle bin, they won't get caught. Misconceptions are rampant in the field.

The disturbing part of this for me, is the brazen introduction of this technology ADMITTING its use on private ISPs and networks. At least they halfway appeared to deny that before. With SOP being the sniffing of ALL traffic, as opposed to select routes, this WILL impact the seemingly free flow of information.

When a broad brush is used to color what constitutes an 'attack' or what constitutes a 'combatant,' there is free license, supported by the courts to obtain every minuscule detail of any activity across the entirety of the system.

Though we know of many systems used covertly for such activities in the past, the current climate of distrust towards citizens, the newly bolstered capabilities of the administration and the universal, persistent, warrant-less observation and recording of ALL our traffic leaves us only one way to go from here. Down.

Preemptive strikes have worked great for militaries and are most often encouraged and applauded. Web sites such as ATS, bastions of dissent and free discussion, will be deemed a threat to 'national security' and also be subjected to preemptive strikes.

I fear though, much like the mosquito, the ones that bite are NOT the ones making the buzz in your ear. It's when you DON'T hear anything that you need to worry. In short order (although more than likely already here on ATS) your activities online, REGARDLESS of who you are, or what list you may have avoided being placed on, are going to be recorded and used to deny your freedom of speech.

The one bright spot for me on this issue is the resilience and adaptability of the human spirit. I can't wait to see what the come up with next to counter the countermeasures. You have to admit this can be pretty entertaining.

To the 'experts' :

If you have some pointers for folks to allow them to communicate more securely, lay them on us. (of course while maintaining your OWN security and perhaps even plausible deniability.)