Secrecy & Leaks

The Intercept, SecureDrop, and Foreign Intelligence Services: A Response

By Benjamin Wittes, Cody M. Poplin
Thursday, February 5, 2015, 2:30 PM

Those readers who do not spend a lot of time on Twitter may have missed the beating Ben has been taking there for this post last week suggesting that the folks at The Intercept may be overestimating their security capabilities relative to the offensive capabilities of nation state intelligence services. The claim in the original article was pretty modest: In flamboyantly inviting potential sources to commit crimes by leaking them classified materials, and in setting up a SecureDrop system to help them do it, The Intercept folks are also issuing an invitation to foreign intelligence services---and possibly a way into their systems.

The criticism, which included a huge volume of tweets, involved at least three distinct lines of criticism. One came from Barton Gelman, the reporter who broke a bunch of the Snowden stories for the Washington Post:

The second, and dominant, strain of criticism focused on a few stray lines in the piece disparaging the cybersecurity capabilities of The Intercept team relative to those of a professional intelligence agency:

The third strain was indignant at the suggestion that installing a SecureDrop system to protect leakers may create an opportunity for adversaries to spy on The Intercept:

As it happens, we have read the security review to which Appelbaum refers---and it's an interesting read.

Just after SecureDrop's first deployment by the New Yorker, a team of cybersecurity experts led by Alexi Cxeskis---and which also included Bruce Schneier and Appelbaum himself---conducted a detailed security assessment of the system in August 2013. They concluded that the system is a "step forward" and that there were no critical flaws in the code itself. But they "caution[ed] that the system will likely be unable to protect the source against the most powerful type of adversaries." Hmmmm.

The assessment's evaluation of SecureDrop proceeded based on two very different threats. First, a persistent and highly-capable nation-state adversary could potentially compromise the system. And second, a non-expert user could undermine the system's anonymity with a simple mistake. Indeed, the authors write that "the technical properties of DeadDrop (the previous name of SecureDrop) are decent; however, we do not believe that DeadDrop is yet ready for deployment in an ecosystem with nation-state capable adversaries and non-expert users." In the long list of problems, they outline "the lack of software versioning, reliance on VPN, the errors in the installation and deployment documentation, leaking of document metadata, and lack of anonymity best practices all contribute to our reluctance for suggesting that DeadDrop is ready for mass deployment." A later report, released in December 2013 found similar vulnerabilities, concluding that an adversary capable of conducting traffic analysis could "deanonymize a source."

The managers of the SecureDrop program, the Freedom of the Press Foundation, issued a response to the audit, agreeing to fix all recommendations from the panel, while noting that the August security audit found no critical flaws with the code of SecureDrop itself. And improvements have followed. SecureDrop also now uses a DiceWare password system, increasing the number of words in the passphase and making brute force attacks much harder, for example. And other problems have been addressed as well.

So our point here is not that every issue raised 18 month ago remains current. Our point, rather, is that the very audits that people point to as showing that SecureDrop is secure specifically do not claim it to be secure against the sort of actors we're likely dealing with here.

More fundamentally, the SecureDrop system does not exist in a vacuum. It exists in a larger security ecosystem in which a number of reporters---who are, indeed, security amateurs---are constantly interfacing with the outside world and with each other. This, in turn, takes place in the context of a highly decentralized organization that has not been, shall we say, a model of organizational discipline. The Intercept itself has reported on the internal managerial chaos of First Look Media and has proudly declared that one of its organizing principles is that "the newsroom would avoid rigid top-down hierarchies and instead would be driven by the journalists and their stories." So the question is whether SecureDrop in the context of a chaotically run company staffed by security amateurs---as well as, yes, first-rate security professionals---who are committed to an anti-hierarchical model driven by journalists opens a potential window to attack by a committed nation state actor that is interested in what such journalists may be obtaining.

We posed this question to Gen. Michael Hayden, who knows something about attacking foreign intelligence targets: How confident should Greenwald and Poitras and their security experts be that they can keep out the Russians and the Chinese? And how confident should a leaker be that when he or she uses The Intercept's SecureDrop system, he or she is only talking to The Intercept?

Responded Hayden: "We use[d] to love it when a target had great confidence that it was (unbreakably) secure!!"

Finally, a brief word about Gellman's criticism, which would be a fair one had the original post been about, say, the Washington Post's SecureDrop system. The Post's page describes its SecureDrop only as "a discreet way for readers to share messages and materials with our journalists. It offers greater security and anonymity than conventional email and web forms." And yes, Gellman is right that people have lots of reasons for talking confidentially to reporters and that not all leaks involve classified information or criminality.

But The Intercept's solicitation is far less restrained than the Post's, and to the extent it isn't an overt solicitation for criminal behavior, a reasonable reader would wonder if its authors are just being coy. It is entitled, "How to Leak to The Intercept." And its second sentence makes clear who its model is: "This publication was created in part as a platform for journalism arising from unauthorized disclosures by NSA contractor Edward Snowden."

Now, you can say many things in defense of Snowden, who remains a fugitive in Russia, but one thing you cannot say is that what he did was legal. And at various points, the document assumes the activity it describes will not be legal: "Don’t risk your freedom by talking to anyone about leaking documents," The Intercept warns its would-be users. Why should leakers use the Tails operating system? "It’s the operating system that Edward Snowden, Glenn Greenwald, Laura Poitras, and I used to keep the NSA journalism safe from spies."

But don't take our word for it: Read the document yourself and see if you think it is, on the whole, not both soliciting criminal behavior and offering a how-to guide for committing it. And compare it to the Post's page.

The problem here is not our reading of The Intercept's model of journalism. It is the model itself.

We may never learn for sure whether the combination of this model---predicated on theft of classified (and other) material---and an undying faith in encryption makes The Intercept as tempting an intelligence target as we suspect. After all, to the extent foreign intelligence services are trying to penetrate it, they're not about to say so. But we stand by the earlier post: Glenn Greenwald can insist that he has kept the Snowden documents secure, but he doesn't know that, and he also doesn't know that The Intercept can keep its systems safe in the future either.