Saturday, January 17, 2009

Mr. Obama, Please Call General Alexander on the Gray Phone

It's obvious that President-elect Barack Obama has never heard of communications security (COMSEC).

If he had any familiarity with that term--and what it entails--Mr. Obama might be a bit more flexible on his plan to retain a Blackberry. As AFP reports, Obama wants to hang on his smartphone, despite security and legal concerns:

Interviewed by CNN Friday, Obama said the Blackberry was among the tools that he would use to stay in touch with real Americans and avoid becoming trapped inside the presidential "bubble."

"I think we're going to be able to hang on to one of these. My working assumption, and this is not new, is that anything I write on an email could end up being on CNN," he said.


"So I make sure to think before I press 'send'," he said of his Blackberry, which was an ever-present fixture on his belt or in his hand on the campaign trail.

Obama did not divulge just how he will overcome legal constraints, given the requirement of the post-Watergate Presidential Records Act of 1978 to keep a record of every White House communication.

As an attorney, you'd think Mr. Obama would be wary of any device capable of voice and data communications that could be subject to subpoena or other legal action. Let's assume the next president keeps his Blackberry. When his administration hits its first scandal, Mr. Obama's communications will be the first target of political opponents, or groups like Judicial Watch. Better get those "executive privilege" arguments ready.

But, from our perspective, security concerns pose a far better reason for Barack Obama to temporarily "retire" that Blackberry. He should understand that hostile intelligence services operate "outside" the presidential bubble, and they must be salivating at the prospect of a presidential PDA. Several foreign embassies in Washington, D.C., house SIGINT operations and our major adversaries can collect cell phone traffic around the world.

We'll assume that President Obama will be utilizing a Blackberry with some sort of encryption software. But the security of that phone will only be as good as its encryption system. Virtually any cypher can be broken, given enough time and the right tools. Obviously, the world's major intelligence services have access to those tools, and it's a sure bet that "cracking" the encrypted PDA would be a high priority, to sustain collection on Obama's communications.

While no one has divulged details on the president-elect's Blackberry, the device will clearly have security features beyond those available on the standard phone. But Mr. Obama wants to "make sure that people can still reach me.

"If I'm doing something stupid, somebody in Chicago can send me an email and say, 'What are you doing?'

"I want to be able to have voices, other than the people who are immediately working for me, be able to reach out and send me a message about what's happening in America."

But there is a tradeoff between security and accessibility. Mr. Obama's desire to "reach out" to virtually anyone will place certain constraints on the security of his Blackberry. And as security decreases, the phone becomes an easier target for hostile intelligence collection.

That's one reason that presidents don't send e-mail, or carry cell phones or PDAs. The security risks have been judged as unacceptable, at least until now. True, security technology for mobile devices has improved dramatically in recent years, but no encryption system is perfect, or invulnerable to deciphering. History is filled with examples of secrets that were lost because a nation--and its leaders--believed their cyphers were impenetrable.

Upon entering the Oval Office, a president loses certainly "rights" that many of us take for granted. Among those is the ability to pick up a cell phone, or dash off an e-mail. The potential security and legal ramifications are simply too high.

But Mr. Obama believes those risks can be mitigated. Predictably, the AFP story doesn't address the obvious questions surrounding the president-elect and his Blackberry. First, has the National Security Agency (NSA) been consulted on the matter? And beyond that, did the agency director, Lieutenant General Keith Alexander, try to dissuade the president-elect from maintaining his Blackberry. We can't imagine that General Alexander is exactly thrilled with the prospect of a president "reaching out" on his cell phone.

***

ADDENDUM: Before he makes that first Blackberry call from the White House, Mr. Obama might consider the example of Bill Clinton. There are reports that his phone conversations with Monica Lewinsky were intercepted (and recorded) by Israel's intelligence service, the Mossad. That claim has never been fully verified, but in one call, Clinton told Ms. Lewinsky that he suspected a foreign embassy was tapping his phone conversations.

We also know that the Clinton team reportedly stopped the search for a high-level Israeli mole (nicknamed Mega), after the Tel Aviv government began blackmailing the president over his affair. And it all began with the Mossad's access to Monica Lewinsky's cell phone.

Then, there's a problem called "electronic spillage," the storing of classified data on laptops and other systems (including PDAs) that aren't cleared for that material. According to Bill Gertz of the Washington Times, the Navy is spending at least $5 million a year to remove classified files from unauthorized systems. There's been no estimate on how much information is being compromised by the spillage problem.

All the more reason for Mr. Obama to give General Alexander a call (on a secure phone) and reconsider the Blackberry plan.

9 comments:

fmfnavydoc said...

I love this quote...

"If I'm doing something stupid, somebody in Chicago can send me an email and say, 'What are you doing?'

His buddies in Chicago are "real Americans"...I don't think so. He just wants to keep in touch with his cronies, while not having to keep his conversations documented. The guy is looking for trouble, and will find it real quick...

Corky Boyd said...

When I was in the navy we conducted COMSEC analyses against our fleet exercises. It was very interesting and sometimes very worrisome to see our vulnerabilities.

It might be interesting to show the new President exactly what other governments are able to read and see. Don't know whether it is legal to do this. But I think he would drop his Blackberry like a hot potato when he saw the results.

SChaser said...

I agree with most of the article, but the following is simply not true:

" Virtually any cypher can be broken, given enough time and the right tools. Obviously, the world's major intelligence services have access to those tools"

Modern knowledge of cryptographic systems (really, the math behind them) shows that it is not hard for a skilled organization (such as the NSA) to come up with a cipher that is, for all practical purposes, unbreakable. To this day, triple-DES is considered safe (and it was developed in the '70s by IBM and NSA) just for commercial use.

However, using such a thing on the Blackberry does not mean the system is unbreakable. For example, the Blackberry is not a Tempest spec device. It may also have other leaks (for example, weak modulation from the plain-text voice signal even though encryption is used). Key management might be weak. Etc. Etc.

Ed Rasimus said...

And in the process, by focussing every pro and amateur hacker in the entire world on the Blackberry system, he is pretty well going to screw up my phone as well.

kitanis said...

Funny.

The blackberry is getting bashed all the time..

But when I was assigned to Ellsworth AFB in the Comm Squadron, ALL the commanders had blackberrys..

We hated the things because there was always something going wrong with them and 97% of the time it was Blackberry system itself that the commanders would insist that we fix. The other 3% of the time.. it was the commanders themselves who would foul those things up.

But I think Obama needs to consider the warning that some of his communications maybe interecepted...

Stephanie said...

For many business and gov agencies, the Blackberry with Voltage SecureMail is a great option. It uses Identity-Based encryption to make sending secure messages super easy for both parties. Here's a link for US and Canada using it: http://www.voltage.com/pdf/GPG_IBE_May_June_2007.pdf

GeorgeH said...

I'm sure every embassy in Washington is installing a new high gain antenna pointed at the Whitehouse and so is Hillary Clinton and the RNC.

Wally Gator said...

Lets not forget how is its is to leave a Blackberry behind or lose it and have it fall into the wrong hands.

Utopia Parkway said...

I'm wondering if WHATREALLYHAPPENED is one of your customary sources for info on foreign affairs. That's the site that your link about the Mossad bugging Bill Clinton's X-rated phone sex calls comes from. I think the original source is from Lyndon LaRouche (EIRNS).

And when you say We also know that the Clinton team reportedly stopped the search for a high-level Israeli mole (nicknamed Mega), after the Tel Aviv government began blackmailing the president over his affair. I notice there is no source at all.

Curiosly, this article on Lyndon Larouche's site says that Mega wasn't a mole at all. If not then there'd be no reason to blackmail anyone over it.

If you look at the home page of the WHATREALLYHAPPENED site you find such gems as this poll "Should the US pull the plug on Israel?" with choices of 1) Hell Yes and 2) No.I like being Israel's bitch. There's also a series of anti-Israel articles like "They even killed the cats" mostly related to the recent events in Gaza, and this gem "Pictured: the 2.5lb kidney stone the size of a coconut surgeons removed from a man's stomach."

Overall it looks like the Weekly World News run by the Aryan Nation. Lovely.