Posts Tagged ‘Snowden’

NSA contractor arrested over ‘stolen secret code used to hack Russia’

October 6, 2016


The suspected theft raises fears of more damaging intelligence leaks just three years after the Edward Snowden affair

By Tim Walker US Correspondent
The Independent

The FBI has secretly arrested a National Security Agency (NSA) contractor suspected of stealing highly classified computer codes used to hack the computer systems of foreign governments including Russia and China, raising fears of another embarrassing intelligence leak to rival the Edward Snowden affair.

Law enforcement and intelligence sources told the New York Times that, like Mr Snowden, the contractor worked for consulting firm Booz Allen, which is behind many of the NSA’s most sensitive cyberoperations. In 2013, Mr Snowden leaked more than 1.5 million documents relating to the agency’s surveillance programmes, including some that targeted US citizens.

The contractor in this case was named in a criminal complaint announced by the Justice Department on Wednesday as Harold Thomas Martin III. Mr Martin, who lives in Glen Burnie, Maryland – around 10 miles from the NSA’s Fort Meade headquarters – has been in custody since his arrest on 27 August, according to the Associated Press.

 The National Security Agency campus in Fort Meade, Md.

In a raid on his property that month, authorities searched Mr Martin’s home, two storage sheds and his car, reportedly finding highly classified information there in both physical documents and digital files. He was charged with theft of government property, and with the unauthorised removal or retention of classified documents. Some of the information was classified as “sensitive compartmented” a level higher even than “top secret”.

Mr Martin at first denied having taken the materials, but later admitted that “he knew what he had done was wrong,” the complaint stated. An unnamed administration official told theTimes that there is so far little indication that his actions were “politically motivated”, and that he may have taken the documents and digital files before Mr Snowden’s leaks.

The 51-year-old contractor is suspected of stealing the NSA’s “source code” used to break into the computer networks of rival powers such as Russia, China, Iran and North Korea. The news comes as Mr Snowden, who is currently living in Russia, has been arguing for a pardon from the US amid the release of Snowden, a film about his case by director Oliver Stone.


Edward Snowden

This is huge. Did the FBI secretly arrest the person behind the reports NSA sat on huge flaws in US products? 

N.S.A. Contractor Arrested in Possible New Theft of Secrets

The F.B.I. is investigating whether Harold T. Martin III, a National Security Agency contractor, stole and disclosed highly classified computer code, officials said.

The information allegedly stolen in this case could have been the source for a 2013 report by Der Spiegel about the agency’s top hacking unit, which was not attributed to Mr Snowden’s leaks. It might also be related to a recent dump of stolen data by a hacking group called the “Shadow Brokers”, which included source code traced to the NSA and built to break into secure networks, such as those created by US IT infrastructure firms including Cisco.


WikiLeaks and Assange may have more emails? It isn’t over until the fat lady sings….

October 3, 2016


Ten years on, WikiLeaks and Assange as controversial as ever

AFP | October 3, 2016
WikiLeaks launched in January 2007, with Assange saying it would use encryption and a censorship-proof website to protect sources and publicise secret information. The site has since published more than 10 million leaked documents.
BERLIN: Celebrating its 10th anniversary this week, anonymous whistleblowing platform WikiLeaks can look back on a decade that saw it turn classified documents into global headlines and inspire a host of copycat leaks.
But with founder Julian Assange hiding in Ecuador’s London embassy to evade rape allegations and critics accusing the site of being manipulated by shadowy forces for political gain, the organisation is fighting to maintain its image.
An anniversary party in Berlin on Tuesday will commemorate the 2006 registration of the domain name, while Assange will make a rare public appearance on the balcony of his 18-square-metre room.
WikiLeaks launched in January 2007, with Assange saying it would use encryption and a censorship-proof website to protect sources and publicise secret information.
The site has since published more than 10 million leaked documents.
It first caught the world’s attention when it released manuals for prison guards at Guantanamo Bay.
But it really hit its stride in 2010, unveiling logs of US military operations in Iraq and Afghanistan and a video showing a US helicopter crew mowing down a group of unarmed civilians — including two journalists — in Baghdad.
That same year it also published a cache of diplomatic cables from US embassies around the world, deeply embarrassing Washington.
“The most important single collection of material we have published is the US diplomatic cable series,” Assange told German news weekly Der Spiegel in an interview at the weekend.
But 2010 also saw grave blows to the organisation.
Assange was accused of having sex with a woman while she was asleep after the two met at a Stockholm conference.
The white-haired WikiLeaks founder took refuge in the London embassy of Ecuador — which granted him political asylum in 2012 after he lost a legal battle to block his extradition to Sweden.
The 45-year-old has always maintained the allegations are false and has refused to travel to Stockholm for questioning due to concerns that Sweden will hand him over to the US to stand trial for espionage.
In September, staffer Daniel Domscheit-Berg quit WikiLeaks, accusing Assange of being “chaotic” and “power-obsessed” in a 2011 book.
“The press said WikiLeaks was the end of journalism and the beginning of something totally new,” Domscheit-Berg remembers of the “hype” of 2010.
But Assange’s abrasive style and insistence on publishing unredacted documents quickly grated on colleagues and journalists who worked with him.
“If an Afghan civilian helps coalition forces, he deserves to die,” Guardian investigative journalist Nick Davies later recalled Assange saying in an argument over whether to remove names from the war logs.
Domscheit-Berg suspects Assange’s inflexibility discouraged future sources from turning to the organisation.
In 2013, former US National Security Agency contractor Edward Snowden chose to leak documents exposing intelligence agencies’ mass surveillance programmes to selected journalists instead of offering the trove to WikiLeaks.
And many later whistleblowers have turned to other organisations.
The International Consortium of Investigative Journalists this year published stories based on data dumps from tax havens Panama and the Bahamas, while environmental group Greenpeace in May released documents from negotiations over a controversial US-EU free trade deal.
Tool for influence?
WikiLeaks caused a fresh stir in July when it leaked emails showing US Democratic Party officials favouring Hillary Clinton over left-winger Bernie Sanders in presidential primary elections, forcing high-ranking party members to resign.
After US intelligence organisations speculated that Russian hackers were behind the leak, some accused Assange of abetting a foreign power’s bid to influence the US election.
“We’re not going to start censoring our publications because there is a US election. Our role is to publish,” Assange told Spiegel magazine, pointing out that the site had also published documents relating to Russia and its President Vladimir Putin.
But Domscheit-Berg sees a danger in this publish-and-be-damned policy.
“Today people mostly go to WikiLeaks who see it as a tool, who want to instrumentalise it,” he said.
Assange himself is unmoved by criticisms of his organisation.
“We believe in what we’re doing,” he told Spiegel. “The attacks only make us stronger.”
UPDATED: After canceling a planned announcement in London, Wikileaks founder Julian Assange is now planning to appear via video link Tuesday morning at Wikileak’s tenth anniversary celebration in Berlin.
.He’s a last-minute addition to the roster of festivities taking place this week in Germany.

According to @wikileaks, Julian Assange will appear via video link at Berlin press conference on Tuesday AM

Wikileaks used its Facebook page to confirm that Assange would speak at the event, which takes place at 3am Eastern time.

Sources close to the event tell Heat Street that Assange may be planning to release some new information his organization has obtained about the U.S. Democratic Party. But Heat Street has yet to receive independent confirmation that Assange plans to dump information specifically on Hillary Clinton.

The news that Assange plans to appear (remotely) in Berlin comes after Wikileaks abruptly canceled a much-anticipated announcement in London that was to be made from the balcony of London’s Ecuadorian Embassy, where Assange has sought sanctuary for years. The cancelation was first reported by NBC News. According to NBC’s Jesse Rodriguez, the announcement was canceled due to “security concerns”.

From 33,000 feet the world looks a little bit smaller. And now it feels it too, with the largest network of any airline.
The world’s greatest flyers fly American.
Ad by American Airlines

There had been widespread anticipating that Tuesday’s announcement might have been Assange’s long-promised document dump on Hillary Clinton.

Due to security concerns at the Ecuadorian Embassy, Julian Assange’s balcony announcement on Tues has been cancelled, per @wikileaks


Julian Assange set to make an announcement from his balcony in London next Tuesday, according to @WikiLeaks

Assange appeared on Fox News last month, repeating his assertion that Wikileaks has damaging documents on Clinton and suggested WikiLeaks may soon release “teasers”. More than three weeks later, that release has yet to take place.

Clinton’s more fervent opponents have hoped for weeks that the promised document dump would be an “October surprise” – damaging and revelatory emails or the like — and inflict a mortal wound on her campaign. There’s no evidence however that such damaging information even exists.

It was only this summer that Assange’s group leaked thousands of embarrassing emails from the Democratic National Committee which showed their disdain for Bernie Sanders’ insurgent campaign for the Democratic presidential nomination. The uproar over the disclosures forced DNC Chairwoman Debbie Wasserman-Schultz to resign in disgrace on the eve of the Democratic National Convention.

The political provocateur and bomb-thrower Roger Stone, a fervent Donald Trump supporter, predicted Sunday morning that Wikileaks’ revelations would doom Clinton’s campaign.

It’s unclear if Stone was aware that Wikileaks, according to NBC News, has canceled their Tuesday announcement.

Assange and his supporters have long claimed that his personal safety is at risk due to the danger he (supposedly) represents to Clinton’s presidential ambitions. In August, liberal commentator Bob Beckel suggested in a TV appearance that Assange be murdered, proclaiming that someone should “shoot the son of a bitch!”

Hillary Clinton strategist Bob Beckel called for WikiLeaks editor Julian Assange to be assassinated.

Assange himself has also recently hinted publicly that low-level DNC staffer Seth Rich, who was murdered this summer in Washington DC, had been the source for Wikileaks’ document dump on the DNC. And that Rich’s alleged role in the leaks was linked to his death.

There has been no evidence linking Rich to the leak and no evidence that his murder was anything more than a botched robbery.

Nonetheless, the Wikileaks’ cancellation of Tuesday’s announcement in London — and the scheduling of the Tuesday video link in Berlin — has anti-Clinton conspiracy theorists working up a frantic stew of speculation.

NSA whistleblower says DNC hack was not done by Russia, but by U.S. intelligence — U.S. intelligence community angry over Hillary Clinton’s compromise of national security data with her email use

August 2, 2016

“Hillary Clinton has endangered U.S. national security information and the lives of U.S. agents.”

Bloggers Predict More Hillary Clinton Email Revelations

NSA has all of Clinton’s “deleted” emails
On Aaron Klein’s Sunday radio program, “Aaron Klein Investigative Radio” (broadcast on New York’s AM 970 The Answer and Philadelphia’s NewsTalk 990 AM), US government whistleblower William Binney threw his hat into the DNC hack ring by stating that the Democratic National Committee’s server was not hacked by Russia but by a disgruntled U.S. intelligence worker.

The motivation of the hacker…concern over Hillary Clinton’s disregard of national security secrets when she used a personal email and consistently lied about it.

Binney was just getting started with revelations we are sure no main stream media news site will dare to cover. The“Putin did it” fairytale is just to easy for the sheep to follow.

Binney also proclaimed that the NSA has all of Clinton’s deleted emails, and the FBI could gain access to them if they so wished.  No need for Trump to ask the Russians for those emails, he can just call on the FBI or NSA to hand them over.

Breitbart reports further

Binney referenced testimony before the Senate Judiciary Committee in March 2011 by then-FBI Director Robert S. Mueller in which Meuller spoke of the FBI’s ability to access various secretive databases “to track down known and suspected terrorists.”

Stated Binney: “Now what he (Mueller) is talking about is going into the NSA database, which is shown of course in the (Edward) Snowden material released, which shows a direct access into the NSA database by the FBI and the CIA. Which there is no oversight of by the way. So that means that NSA and a number of agencies in the U.S. government also have those emails.”

“So if the FBI really wanted them they can go into that database and get them right now,” he stated of Clinton’s emails as well as DNC emails.

Asked point blank if he believed the NSA has copies of “all” of Clinton’s emails, including the deleted correspondence, Binney replied in the affirmative.

“Yes,” he responded. “That would be my point. They have them all and the FBI can get them right there.”

Binney surmised that the hack of the DNC could have been coordinated by someone inside the U.S. intelligence community angry over Clinton’s compromise of national security data with her email use.

And the other point is that Hillary, according to an article published by the Observer in March of this year, has a problem with NSA because she compromised Gamma material.  Now that is the most sensitive material at NSA. And so there were a number of NSA officials complaining to the press or to the people who wrote the article that she did that. She lifted the material that was in her emails directly out of Gamma reporting. That is a direct compromise of the most sensitive material at the NSA. So she’s got a real problem there. So there are many people who have problems with what she has done in the past. So I don’t necessarily look at the Russians as the only one(s) who got into those emails.

The Observer defined the GAMMA classification:

GAMMA compartment, which is an NSA handling caveat that is applied to extraordinarily sensitive information (for instance, decrypted conversations between top foreign leadership, as this was).

Zerohedge has some background on Binney, who is about as rock solid a security analyst as you could get.

Over a year before Edward Snowden shocked the world in the summer of 2013 with revelations that have since changed everything from domestic to foreign US policy but most of all, provided everyone  a glimpse into just what the NSA truly does on a daily basis, a former NSA staffer, and now famous whistleblower, William Binney, gave excruciating detail to Wired magazine about all that Snowden would substantiate the following summer.

We covered it in a 2012 post titled “We Are This Far From A Turnkey Totalitarian State” – Big Brother Goes Live September 2013.” Not surprisingly, Binney received little attention in 2012 – his suggestions at the time were seen as preposterous and ridiculously conspiratorial. Only after the fact, did it become obvious that he was right. More importantly, in the aftermath of the Snowden revelations, what Binney has to say has become gospel.

Binney was an architect of the NSA’s surveillance program. He became a famed whistleblower when he resigned on October 31, 2001, after spending more than 30 years with the agency. He referenced testimony before the Senate Judiciary Committee in March 2011 by then-FBI Director Robert S. Mueller in which Meuller spoke of the FBI’s ability to access various secretive databases “to track down known and suspected terrorists.”


One blogger told Peace and Freedom“If Hillary Clinton ever saw it on a computer, we’ve got it.”

Hillary Clinton’s Damning Emails — Democrats Don’t Seem To Care

May 1, 2016

Before the Democrats lock in their choice for President, they might want to know if Hillary Clinton broke the law with her unsecure emails and may be indicted, a question that ex-CIA analyst Ray McGovern addresses.

Then-Secretary of State Hillary Rodham Clinton preparing to testify before the House Foreign Affairs Committee in 2012.  (Photo: House Committee on Foreign Affairs/flickr/cc)


A few weeks after leaving office, former Secretary of State Hillary Clinton may have breathed a sigh of relief and reassurance when Director of National Intelligence James Clapper denied reports of the National Security Agency eavesdropping on Americans. After all, Clinton had been handling official business at the State Department like many Americans do with their personal business, on an unsecured server.

In sworn testimony before the Senate Intelligence Committee on March 12, 2013, Clapper said the NSA was not collecting, wittingly, “any type of data at all on millions or hundreds of millions of Americans,” which presumably would have covered Clinton’s unsecured emails.

But NSA contractor Edward Snowden’s revelations — starting on June 5, 2013 — gave the lie to Clapper’s testimony, which Clapper then retracted on June 21 – coincidentally, Snowden’s 30th birthday – when Clapper sent a letter to the Senators to whom he had, well, lied. Clapper admitted his “response was clearly erroneous – for which I apologize.”  (On the chance you are wondering what became of Clapper, he is still DNI.)

I would guess that Clapper’s confession may have come as a shock to then ex-Secretary Clinton, as she became aware that her own emails might be among the trillions of communications that NSA was vacuuming up. Nevertheless, she found Snowden’s truth-telling a safer target for her fury than Clapper’s dishonesty and NSA’s dragnet.

In April 2014, Clinton suggested that Snowden had helped terrorists by giving “all kinds of information, not only to big countries, but to networks and terrorist groups and the like.” Clinton was particularly hard on Snowden for going to China (Hong Kong) and Russia to escape a vengeful prosecution by the U.S. government.

Clinton even explained what extraordinary lengths she and her people went to in safeguarding government secrets: “When I would go to China or would go to Russia, we would leave all my electronic equipment on the plane with the batteries out, because …they’re trying to find out not just about what we do in our government, they’re … going after the personal emails of people who worked in the State Department.” Yes, she said that. (emphasis added)

Hoisted on Her Own Petard

Alas, nearly a year later, in March 2015, it became known that during her tenure as Secretary of State she had not been as diligent as she led the American people to believe. She had used a private server for official communications, rather than the usual official State Department email accounts maintained on federal servers. Thousands of those emails would retroactively be marked classified – some at the TOP SECRET/Codeword level – by the department.

During an interview last September, Snowden was asked to respond to the revelations about highly classified material showing up on Clinton’s personal server: “When the unclassified systems of the United States government, which has a full-time information security staff, regularly gets hacked, the idea that someone keeping a private server in the renovated bathroom of a server farm in Colorado is more secure is completely ridiculous.”

Hillary Clinton. Credit Andrew Burton, Getty Images

Asked if Clinton “intentionally endangered US international security by being so careless with her email,” Snowden said it was not his place to say. Nor, it would seem, is it President Barack Obama’s place to say, especially considering that the FBI is actively investigating Clinton’s security breach. But Obama has said it anyway.

“She would never intentionally put America in any kind of jeopardy,” the President said on April 10. In the same interview, Obama told Chris Wallace, “I guarantee that there is no political influence in any investigation conducted by the Justice Department, or the FBI – not just in this case, but in any case. Full stop. Period.”

But, although a former professor of Constitutional law, the President sports a checkered history when it comes to prejudicing investigations and even trials, conducted by those ultimately reporting to him. For example, more than two years before Bradley (Chelsea) Manning was brought to trial, the President stated publicly: “We are a nation of laws. We don’t let individuals make decisions about how the law operates. He [Bradley Manning] broke the law!”

Not surprisingly, the ensuing court martial found Manning guilty, just as the Commander in Chief had predicted. Though Manning’s purpose in disclosing mostly low-level classified information was to alert the American public about war crimes and other abuses by the U.S. government, Manning was sentenced to 35 years in prison.

On March 9, when presidential candidate Clinton was asked, impertinently during a debate, whether she would withdraw from the race if she were indicted for her cavalier handling of government secrets, she offered her own certain prediction: “Oh, for goodness sake! It’s not going to happen. I’m not even answering that question.”

Prosecutorial Double Standards

Merited or not, there is, sadly, some precedent for Clinton’s supreme confidence. Retired General and ex-CIA Director David Petraeus, after all, lied to the FBI (a felony for “lesser” folks) about giving his mistress/biographer highly classified information and got off with a slap on the wrist, a misdemeanor fine and probation, no jail time – a deal that Obama’s first Attorney General Eric Holder did on his way out the door.

We are likely to learn shortly whether Attorney General Loretta Lynch is as malleable as Holder or whether she will allow FBI Director James Comey, who held his nose in letting Petraeus cop a plea, to conduct an unfettered investigation this time – or simply whether Comey will be compelled to enforce Clinton’s assurance that “it’s not going to happen.”

Last week, Fox News TV legal commentator Andrew Napolitano said the FBI is in the final stages of its investigation into Clinton and her private email server. His sources tell him that “the evidence of her guilt is overwhelming,” and that the FBI has enough evidence to indict and convict.

Whether Napolitano has it right or not, it seems likely that Clinton is reading President Obama correctly – no profile in courage is he. Nor is Obama likely to kill the political fortunes of the now presumptive Democratic presidential nominee. Yet, if he orders Lynch and Comey not to hold Hillary Clinton accountable for what – in my opinion and that of most other veteran intelligence officials whom I’ve consulted – amounts to at least criminal negligence, another noxious precedent will be set.

Knowing Too Much

This time, however, the equities and interests of the powerful, secretive NSA, as well as the FBI and Justice, are deeply involved. And by now all of them know “where the bodies are buried,” as the smart folks inside the Beltway like to say. So the question becomes would a future President Hillary Clinton have total freedom of maneuver if she were beholden to those all well aware of her past infractions and the harm they have done to this country.

One very important, though as yet unmentioned, question is whether security lapses involving Clinton and her emails contributed to what Clinton has deemed her worst moment as Secretary of State, the killing of Ambassador Christopher Stevens and three other U.S. personnel at the lightly guarded U.S. “mission” (a very small, idiosyncratic, consulate-type complex not performing any consular affairs) in Benghazi, Libya, on Sept. 11, 2012.

Somehow the terrorists who mounted the assault were aware of the absence of meaningful security at the facility, though obviously there were other means for them to have made that determination, including the State Department’s reliance on unreliable local militias who might well have shared that inside information with the attackers.

However, if there is any indication that Clinton’s belatedly classified emails contained information about internal State Department discussions regarding the consulate’s security shortcomings, questions may be raised about whether that information was somehow compromised by a foreign intelligence agency and shared with the attackers.

We know that State Department bureaucrats under Secretary Clinton overruled repeated requests for additional security in Benghazi. We also know that Clinton disregarded NSA’s repeated warnings against the use of unencrypted communications. One of NSA’s core missions, after all, is to create and maintain secure communications for military, diplomatic, and other government users.

Clinton’s flouting of the rules, in NSA’s face, would have created additional incentive for NSA to keep an especially close watch on her emails and telephone calls. The NSA also might know whether some intelligence service successfully hacked into Clinton’s server, but there’s no reason to think that the NSA would share that sort of information with the FBI, given the NSA’s history of not sharing its data with other federal agencies even when doing so makes sense.

The NSA arrogates to itself the prerogative of deciding what information to keep within NSA walls and what to share with the other intelligence and law enforcement agencies like the FBI. (One bitter consequence of this jealously guarded parochialism was the NSA’s failure to share very precise information that could have thwarted the attacks of 9/11, as former NSA insiders have revealed.)

It is altogether likely that Gen. Keith Alexander, head of NSA from 2005 to 2014, neglected to tell the Secretary of State of NSA’s “collect it all” dragnet collection that included the emails and telephone calls of Americans – including Clinton’s. This need not have been simply the result of Alexander’s pique at her disdain for communications security requirements, but rather mostly a consequence of NSA’s modus operandi.

With the mindset at NSA, one could readily argue that the Secretary of State – and perhaps the President himself – had no “need-to-know.” And, needless to say, the fewer briefed on the NSA’s flagrant disregard for Fourth Amendment protections against unreasonable searches and seizures the better.

So, if there is something incriminating – or at least politically damaging – in Clinton’s emails, it’s a safe bet that at least the NSA and maybe the FBI, as well, knows. And that could make life difficult for a Clinton-45 presidency. Inside the Beltway, we don’t say the word “blackmail,” but the potential will be there. The whole thing needs to be cleaned up now before the choices for the next President are locked in.

Did An NSA Backdoor Bring Down Security of U.S. Government and Corporate Computer Systems?

December 23, 2015


By Kim Zetter

Security researchers believe they have finally solved the mystery around how a sophisticated backdoor embedded in Juniper firewalls works. Juniper Networks, a tech giant that produces networking equipment used by an array of corporate and government systems, announced on Thursday that it had discovered two unauthorized backdoors in its firewalls, including one that allows the attackers to decrypt protected traffic passing through Juniper’s devices.

The researchers’ findings suggest that the NSA may be responsible for that backdoor, at least indirectly. Even if the NSA did not plant the backdoor in the company’s source code, the spy agency may in fact be indirectly responsible for it by having created weaknesses the attackers exploited.

Evidence uncovered by Ralf-Philipp Weinmann, founder and CEO of Comsecuris, a security consultancy in Germany, suggests that the Juniper culprits repurposed an encryption backdoor previously believed to have been engineered by the NSA, and tweaked it to use for their own spying purposes. Weinmann reported his findings in an extensive post published late Monday.

They did this by exploiting weaknesses the NSA allegedly placed in a government-approved encryption algorithm known as Dual_EC, a pseudo-random number generator that Juniper uses to encrypt traffic passing through the VPN in its NetScreen firewalls. But in addition to these inherent weaknesses, the attackers also relied on a mistake Juniper apparently made in configuring the VPN encryption scheme in its NetScreen devices, according to Weinmann and other cryptographers who examined the issue. This made it possible for the culprits to pull off their attack.

Weinmann says the Juniper backdoor is a textbook example of how someone can exploit the existing weaknesses in the Dual_EC algorithm, noting that the method they used matches exactly a method the security community warned about back in 2007.

The new information about how the backdoor works also suggests that a patch Juniper sent to customers last week doesn’t entirely fix the backdoor problem, since the major configuration error Juniper made still exists.

“One [more] line of code could fix this,” Weinmann says. He’s not sure why Juniper didn’t add this fix to the patch it sent to customers last week.

Although the party behind the Juniper backdoor could be the NSA or an NSA spying partner like the UK or Israel, news reports last week quoted unnamed US officials saying they don’t believe the US intelligence community is behind it, and that the FBI is investigating the issue. Other possible culprits behind the sophisticated attack, of course, could be Russia or China.

If someone other than the US did plant the backdoor, security experts say the attack on Juniper firewalls underscores precisely why they have been saying for a long time that government backdoors in systems are a bad idea—because they can be hijacked and repurposed by other parties.

How the Backdoor Works

According to Weinmann, to make their scheme work, the attackers behind the Juniper backdoor altered Juniper’s source code to change a so-called constant or point that the Dual_EC algorithm uses to randomly generate a key for encrypting data. It’s assumed the attackers also possess a second secret key that only they know. This secret key, combined with the point they changed in Juniper’s software, the inherent weaknesses in Dual_EC, and the configuration error Juniper made, would allow them to decrypt Juniper’s VPN traffic.

The weaknesses in Dual_EC have been known for at least eight years. In 2007, a Microsoft employee named Dan Shumow gave a five-minute talk at a cryptography conference in California discussing discoveries that he and a Microsoft colleague named Niels Ferguson had made in the algorithm. The algorithm had recently been approved by the National Institute of Standards and Technology, along with three other random number generators, for inclusion in a standard that could be used to encrypt government classified communication. Each of the four approved generators are based on a different cryptographic design. The Dual_EC is based on elliptic curves. The NSA had long championed elliptic curve cryptography in general and publicly championed the inclusion of Dual_EC specifically for inclusion in the standard.

Random number generators play a crucial role in creating cryptographic keys. But Shumow and Ferguson found that problems with the Dual_EC made it possible to predict what the random number generator would generate, making the encryption produced with it susceptible to cracking. But this wasn’t the only problem.

The NIST standard also included guidelines for implementing the algorithm and recommended using specific constants or points—static numbers—for the elliptic curve that the random number generator relies on to work. These constants serve as a kind of public key for the algorithm. Dual_EC needs two parameters or two points on the elliptic curve; Shumow and Ferguson referred to them as P and Q.

They showed that if Q is not a true randomly generated point, and the party responsible for generating Q also generates a secret key, what they referred to as “e”, then whoever has the secret key can effectively break the generator. They determined that anyone who possessed this secret key could predict the output of the random number generator with only a very small sample of data produced by the generator—just 32 bytes of output from it. With that small amount, the party in possession of the secret key could crack the entire encryption system.

No one knew who had produced the constants, but people in the security community assumed the NSA had produced them because the spy agency had been so instrumental in having the Dual_EC algorithm included in the standard. If the NSA did produce the constants, there was concern that the spy agency might have also generated a secret key.

Cryptographer Bruce Schneier called it “scary stuff” in a piece he wrote for WIRED in 2007, but he said the flaws must have been accidental because they were too obvious—therefore developers of web sites and software applications wouldn’t use it to secure their products and systems.

The only problem with this is that major companies, like Cisco, RSA, and Juniper did use Dual_EC. The companies believed this was okay because for years no one in the security community could agree if the weakness in Dual_EC was actually an intentional backdoor. But in September 2013, the New York Times seemed to confirm this when it asserted that Top Secret memos leaked by Edward Snowden showed that the weaknesses in Dual_EC were intentional and had been created by the NSA as part of a $250-million, decade-long covert operation to weaken and undermine the integrity of encryption systems in general.

Despite questions about the accuracy of the Times story, it raised enough concerns about the security of the algorithm that NIST subsequently withdrew support for it. Security and crypto companies around the world scrambled to examine their systems to determine if the compromised algorithm played a role in any of their products.
In an announcement posted to its web site after the Times story, Juniper acknowledged that the ScreenOS software running on its NetScreen firewalls does use the Dual_EC_DRBG algorithm. But the company apparently believed it had designed its system securely so that the inherent weakness in Dual_EC was not a problem.

Juniper wrote that its encryption scheme does not use Dual_EC as its primary random number generator and that it had also implemented the generator in a secure way so that its inherent vulnerabilities didn’t matter. It did this by generating its own constant, or Q point, to use with the generator instead of the questionable one that had been attributed to the NSA. Juniper also used a second random number generator known as ANSI X.9.31. The Dual_EC generated initial output that was supposed to then be run through the ANSI generator. The output from the second random generator would theoretically cancel out any vulnerabilities that were inherent in the Dual_EC output.

Except Juniper’s system contained a bug, according to Willem Pinckaers, an independent security researcher in the San Francisco area who examined the system with Weinmann. Instead of using the second generator, it ignored this one and used only the output from the bad Dual_EC generator.

“What’s happening is they managed to screw it up in all the firmware, such that the ANSI code is there but it’s never used,” Weinmann told WIRED. “That’s a catastrophic fail.”

This put the output at risk of being compromised if an attacker also possessed a secret key that could be used with the Q point to unlock the encryption.

Weinmann and others discovered that the attackers altered Juniper’s Q and changed it to a Q they had generated. The attackers appear to have made that change in August 2012—at least that’s when Juniper started shipping a version of its ScreenOS firmware with a Q point that was different than previous versions used.

So essentially, although Juniper used its own Q point instead of using the one allegedly generated by the NSA, in an effort to make the Dual_EC more secure, the company hadn’t anticipated that attackers might break into Juniper’s network, gain access to critical systems used to build its source code, and change the Q again to something of their own choosing. And presumably, they also possess the secret key that works with the Q to unlock the encryption, otherwise they would not have gone to the trouble of changing Q. “It stands to reason that whoever managed to slip in their own Q [into the software] will also know the corresponding e,” Weinmann says.
This would not have been enough to make the backdoor work, however, if Juniper had indeed configured its system the way it said it did—using two random number generators and relying only on the second one, the ANSI generator, for the final output. But we now know it failed to do that. The backdoor remained undetected for at least three years, until Juniper recently discovered it during a code review.

Matthew Green, a cryptographer and professor at Johns Hopkins University, says that the ANSI failure raises additional questions about Juniper. “I don’t want to say that Juniper did this on purpose. But if you wanted to create a deliberate backdoor based on Dual_EC and make it look safe, while also having it be vulnerable, this is the way you’d do it. The best backdoor is a backdoor that looks like a bug, where you look at the thing and say, ‘Whoops, someone forgot a line of code or got a symbol wrong.’ … It makes it deniable. But this bug happens to be sitting there right next to this incredibly dangerous NSA-designed random number generator, and it makes that generator actually dangerous where it might not have been otherwise.”

The evidence that someone intentionally changed the Q parameter in Juniper’s software confirms what Shumow and Ferguson had warned: The inherent weaknesses in Dual_EC provide the perfect backdoor to the algorithm. Even if the algorithm was not intended to create a backdoor for the NSA, it made it possible for someone to piggyback on its weaknesses to turn it into a backdoor for themselves.

Even more worrisome is that Juniper systems are still essentially insecure. Juniper didn’t patch the problem by removing Dual_EC altogether or by altering the configuration so that the VPN encryption scheme relies on output from the ANSI generator; instead Juniper patched it simply by changing the Q point back to what the company originally had in the system. This leaves the firewalls susceptible to attack again if attackers can change the points a second time without Juniper detecting it.

The company, Weinmann says, should at least issue a new patch that makes the system use the ANSI generator and not the Dual_EC one.

“It would take one line of code to fix this,” he says.

And there’s another problem, he notes.

Juniper admitted that it had generated its own Q for Dual_EC, but it has not revealed how it generated Q—so others can’t verify that Juniper did it in a truly random way that would ensure its security. And in generating its own Q, it raises questions about whether Juniper also generated its own secret key, or “e” for the generator, which would essentially give Juniper a backdoor to the encrypted VPN traffic. This should worry customers just as much as the NSA holding a key to the backdoor, Weinmann says.

“It now depends on whether you trust them to have generated this point randomly or not. I would probably not do that at this point,” he says, given the other mistakes the company made.

Green says because of the weakness inherent in Dual_EC, Juniper should have removed it back in 2013 after the Times story published and should do so now to protect customers. “There’s no legitimate reason to put Dual_EC in a product,” he says. “There never was. This is an incredibly powerful and dangerous code and you put it in your system and it creates a capability that would not have been there otherwise. There’s no way to use it safely.”


Juniper Networks announced a serious security flaw on 17 December but said there was ‘no way to detect that this vulnerability was exploited’. Photograph: Oliver Berg/DPA/Corbis

Juniper Networks security flaw may have exposed US government data

Secure networking devices used by the US Defense Department and the FBI could have been targeted by a vulnerability that lay undetected for three years

Two security flaws that lay undiscovered in Juniper Networks’ widely used corporate virtual private network (VPN) software for three years could have exposed sensitive informative to foreign governments or criminal groups, researchers have said.

The vulnerabilities were in the form of “unauthorised code” discovered during a recent internal code review and announced on 17 December. One of the flaws could have allowed hackers to decrypt information passing through Juniper’s devices, including equipment for a secure network used by companies internally.

“Whoever planted it would have access to all the VPN traffic,” said Seth Rosenblatt, managing editor of the security and privacy site the Parallax. “Data that the VPN user thought was protected from prying eyes may have been spied on.”

The FBI is reportedly investigating the breach, which could be the work of a foreign government, though the investigation is ongoing.

German security researcher Ralf-Philipp Weinmann suggested the hack took advantage of weaknesses in the password encryption algorithm “Dual_EC” that were reportedly engineered by the NSA, which then promoted the tool as a standard.

“Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections,” said Bob Worrall, SVP and chief information officer at Juniper Networks.

Read the rest:


Former CIA Director Says Edward Snowden “Has Blood on His Hands,” Should Be Hanged

November 21, 2015

By Bradford Richardson
The Hill

James Woolsey
A former CIA director says leaker Edward Snowden should be convicted of treason and given the death penalty in the wake of the terrorist attack on Paris.

“It’s still a capital crime, and I would give him the death sentence, and I would prefer to see him hanged by the neck until he’s dead, rather than merely electrocuted,” James Woolsey told CNN’s Brooke Baldwin on Thursday.

Woolsey said Snowden, who divulged classified in 2013, is partly responsible for the terrorist attack in France last week that left at least 120 dead and hundreds injured.
“I think the blood of a lot of these French young people is on his hands,” he said.

Woolsey, who served as the head of the CIA from 1993 to 1995, said the Snowden leak was “substantial.”

“They turned loose not only material about some procedural aspects of something, they turned loose, for example, some substantial material about the Mexican intelligence service and law enforcement working together against human trafficking,” he said.

Woolsey wondered if Snowden were “pro-pimp.”

Current CIA Director John Brennan has recently echoed his predecessor’s sentiments, arguing that Snowden’s disclosures make it harder for intelligence officials to track terror plots.

“I think any unauthorized disclosures made by individuals that have dishonored the oath of office, that they have raised their hand and attested to, undermines this nation’s security,” Brennan said about Snowden at the Overseas Security Advisory Council’s annual meeting on Wednesday.

Snowden fled the country after stealing classified information and disclosing the extent of U.S. surveillance programs. He currently resides in Russia, where he has been granted temporary asylum.

China Daily: China, US gradually move to manage cyber dispute

September 14, 2015


By Chen Weihua in Washington(China Daily USA)

While cybersecurity has been a thorny issue between China and the United States in the last few years, there are signs in the past days that both sides do not want it to spill into the overall bilateral relationship and impact negatively on the upcoming state visit to the US by President Xi Jinping.

A high-level Chinese delegation, led by Meng Jianzhu, Xi’s special envoy and a member of the Politburo of the Communist Party of China (CPC), concluded a four-day talk on the issue in Washington last Saturday with senior US officials.

“The two countries have reached important consensus on combating cyber crimes,” was how Xinhua News Agency described the meeting.

During the visit, Meng, also head of the Commission for Political and Legal Affairs of the CPC Central Committee, exchanged in-depth views on tackling outstanding issues of law enforcement and security, including cyber crimes, with US Secretary of State John Kerry, Secretary of the Department of Homeland Security Jeh Johnson and US National Security Advisor Susan Rice.

The Chinese delegation included officials from the ministries of public security, state security, justice and information technology.

China and the US are both countries with highly developed Internet technology. Against a backdrop of frequent incidents and ever-increasing security threats in cyberspace, it is especially important for the two to enhance mutual trust and cooperation in the sphere of cybersecurity, Xinhua quoted Meng as saying.

Meng reiterated China’s firm stand against cyberattacks and commercial cyber espionage. He said anyone who conducts such acts in the Chinese territory violates the laws of China and will be subject to legal liability.

Meng said China-US dialogue and cooperation on combating cyber crime serve the common interest of both countries and the international community.

A White House statement said Rice had a “frank and open exchange about cyber issues” in her meeting with Meng.

Before Meng’s trip, Zhang Yesui, Chinese executive vice-minister of foreign affairs and several other senior Chinese officials have visited the US, while Rice, Daniel Russel, assistant secretary of state for East Asian and Pacific Affairs, and other senior US officials have visited China to prepare for Xi’s trip late this month.

These visits have been seen as indications that both sides want to make Xi’s trip a success despite issues such as cyber hacking and tensions over the South China Sea having cast a shadow over the bilateral relationship.

White House and State Department spokesmen have both spoken positively about Xi’s trip.

In a statement after Rice’s trip to Beijing in late August, the National Security Council spokesman Ned Price said that Rice in her meeting with Xi reaffirmed US commitment to develop and deepen practical cooperation in areas of overlapping interest and to address disagreements forthrightly and effectively.

There has been widespread concern that tensions over cybersecurity could escalate after a Washington Post report on Aug 30 saying that the Obama administration is considering applying sanctions against Chinese companies and individuals it believes have benefited from hacking of US trade secrets. It said the sanctions could come as quickly as the coming two weeks.

Both White House and State Department spokesmen have downplayed the report, describing such sanctions as a tool in the toolbox and dismissing that the US has decided to retaliate on alleged Chinese cyber theft.

Many observers have seen the Post report as a message deliberately leaked by the White House to call for more attention for the Chinese side.

On Friday, Obama said during his visit to Fort Meade, Maryland, that “we have made very clear to the Chinese that there are certain practices that they’re engaging in that we know are emanating from China and are not acceptable”.

“And we can choose to make this an area of competition — which I guarantee you we’ll win if we have to — or, alternatively, we can come to an agreement in which we say, this isn’t helping anybody; let’s instead try to have some basic rules of the road in terms of how we operate,” Obama said at Fort Meade, also home to the National Security Agency (NSA).

China has long claimed to be a victim of cyberattacks, many of which originated from the US. Revelations made by former NSA contractor Edward Snowden have shown that the US has been conducting aggressive and wide-ranging cyber espionage in the world, including against the Chinese government, universities and corporations.

Targets of US cyber espionage also have included leaders and corporations in Germany, France, Japan and Brazil, most of which are US allies.

Most countries, including China, have regarded such US cyber surveillance activities as unacceptable.

As a result, US technology companies, which have been willingly and unwillingly collaborative with NSA, also have become victims of US government activities.

A June report by the Washington-based Information Technology and Innovation Foundation said the NSA’s pervasive digital surveillance will likely cost US companies more than $35 billion in foreign business in 2016 after Snowden’s revelations pushed foreigners away from US-made technologies.

Contact the writer at



Big Brother Is Watching: U.S. Government Compiles Largest Consolidation of Personal Data On American Citizens in US History

July 18, 2015

By Paul Sperry

A key part of President Obama’s legacy will be the fed’s unprecedented collection of sensitive data on Americans by race. The government is prying into our most personal information at the most local levels, all for the purpose of “racial and economic justice.”

Unbeknown to most Americans, Obama’s racial bean counters are furiously mining data on their health, home loans, credit cards, places of work, neighborhoods, even how their kids are disciplined in school — all to document “inequalities” between minorities and whites.

This Orwellian-style stockpile of statistics includes a vast and permanent network of discrimination databases, which Obama already is using to make “disparate impact” cases against: banks that don’t make enough prime loans to minorities; schools that suspend too many blacks; cities that don’t offer enough Section 8 and other low-income housing for minorities; and employers who turn down African-Americans for jobs due to criminal backgrounds.

Big Brother Barack wants the databases operational before he leaves office, and much of the data in them will be posted online.

So civil-rights attorneys and urban activist groups will be able to exploit them to show patterns of “racial disparities” and “segregation,” even if no other evidence of discrimination exists.

Housing database

The granddaddy of them all is the Affirmatively Furthering Fair Housing database, which the Department of Housing and Urban Development rolled out earlier this month to racially balance the nation, ZIP code by ZIP code. It will map every US neighborhood by four racial groups — white, Asian, black or African-American, and Hispanic/Latino — and publish “geospatial data” pinpointing racial imbalances.

The agency proposes using nonwhite populations of 50% or higher as the threshold for classifying segregated areas.

Federally funded cities deemed overly segregated will be pressured to change their zoning laws to allow construction of more subsidized housing in affluent areas in the suburbs, and relocate inner-city minorities to those predominantly white areas. HUD’s maps, which use dots to show the racial distribution or density in residential areas, will be used to select affordable-housing sites.

HUD plans to drill down to an even more granular level, detailing the proximity of black residents to transportation sites, good schools, parks and even supermarkets. If the agency’s social engineers rule the distance between blacks and these suburban “amenities” is too far, municipalities must find ways to close the gap or forfeit federal grant money and face possible lawsuits for housing discrimination.

Civil-rights groups will have access to the agency’s sophisticated mapping software, and will participate in city plans to re-engineer neighborhoods under new community outreach requirements.

“By opening this data to everybody, everyone in a community can weigh in,” Obama said. “If you want affordable housing nearby, now you’ll have the data you need to make your case.”

Mortgage database

Meanwhile, the Federal Housing Finance Agency, headed by former Congressional Black Caucus leader Mel Watt, is building its own database for racially balancing home loans. The so-called National Mortgage Database Project will compile 16 years of lending data, broken down by race, and hold everything from individual credit scores and employment records.

Mortgage contracts won’t be the only financial records vacuumed up by the database. According to federal documents, the repository will include “all credit lines,” from credit cards to student loans to car loans — anything reported to credit bureaus. This is even more information than the IRS collects.

The FHFA will also pry into your personal assets and debts and whether you have any bankruptcies. The agency even wants to know the square footage and lot size of your home, as well as your interest rate.

FHFA will share the info with Obama’s brainchild, the Consumer Financial Protection Bureau, which acts more like a civil-rights agency, aggressively investigating lenders for racial bias.

The FHFA has offered no clear explanation as to why the government wants to sweep up so much sensitive information on Americans, other than stating it’s for “research” and “policymaking.”

However, CFPB Director Richard Cordray was more forthcoming, explaining in a recent talk to the radical California-based Greenlining Institute: “We will be better able to identify possible discriminatory lending patterns.”

Credit database

CFPB is separately amassing a database to monitor ordinary citizens’ credit-card transactions. It hopes to vacuum up some 900 million credit-card accounts — all sorted by race — representing roughly 85% of the US credit-card market. Why? To sniff out “disparities” in interest rates, charge-offs and collections.

Employment database

CFPB also just finalized a rule requiring all regulated banks to report data on minority hiring to an Office of Minority and Women Inclusion. It will collect reams of employment data, broken down by race, to police diversity on Wall Street as part of yet another fishing expedition.

School database

Through its mandatory Civil Rights Data Collection project, the Education Department is gathering information on student suspensions and expulsions, by race, from every public school district in the country. Districts that show disparities in discipline will be targeted for reform.

Those that don’t comply will be punished. Several already have been forced to revise their discipline policies, which has led to violent disruptions in classrooms.

Obama’s educrats want to know how many blacks versus whites are enrolled in gifted-and-talented and advanced placement classes.

Schools that show blacks and Latinos under-enrolled in such curricula, to an undefined “statistically significant degree,” could open themselves up to investigation and lawsuits by the department’s Civil Rights Office.

Count on a flood of private lawsuits to piggyback federal discrimination claims, as civil-rights lawyers use the new federal discipline data in their legal strategies against the supposedly racist US school system.

Even if no one has complained about discrimination, even if there is no other evidence of racism, the numbers themselves will “prove” that things are unfair.

Such databases have never before existed. Obama is presiding over the largest consolidation of personal data in US history. He is creating a diversity police state where government race cops and civil-rights lawyers will micromanage demographic outcomes in virtually every aspect of society.

The first black president, quite brilliantly, has built a quasi-reparations infrastructure perpetually fed by racial data that will outlast his administration.

Paul Sperry is a Hoover Institution media fellow and author of “The Great American Bank Robbery,” which exposes the racial politics behind the mortgage bust.


America’s global standing has been diminished — Can greatness again be found?

July 10, 2015

America’s global standing has been diminished


Washington Monument at the turn of the millennium

Standing on the Washington Mall at the turn of the new millennium, it was impossible not to be struck by America’s power and global pre-eminence.

Victory in the Cold War made it the hegemon in a unipolar world.

Few argued when the 20th Century was dubbed the “American Century”, a term first coined in the early 1940s when the country was still overcoming its isolationist instincts.

Even the New Year’s fireworks, which illuminated the obelisk of the Washington Monument in a way that made it resemble a giant number one, projected the country’s supremacy as the world’s sole superpower.

Over the past 15 years, America’s fortunes have changed with dizzying speed.

First came the tremors: the dot-com bust and a disputed presidential election in 2000. Then came the massive convulsions: the destruction of the Twin Towers in 2001 and the collapse of Lehman Brothers in 2008.

Long wars in Afghanistan and Iraq have exacted an enormous blood price – the lives of 6,852 American military personnel – not to mention immense financial expense, estimated to be as high as $6 trillion (£3.9tn).

The detention centre at Guantanamo Bay has undermined American ideals, just as the NSA and Wikileaks spying scandals have undercut American diplomacy.


George W Bush, a president with a Manichean worldview, was widely seen as over-eager to project America’s military might, without adequately considering the long-term consequences.

Barack Obama, who campaigned in 2008 on a platform of extricating America from its unpopular and exhausting wars, has drawn criticism for disengaging too much.

Under both presidents – the first an impulsive unilateralist, the second an instinctive multilateralist content sometimes to lead from behind – America’s global standing has been diminished.

Lost fear factor

Polls regularly show that Americans recognise that their country’s international standing has waned.

Among the young, this trendline has fallen sharply. Only 15% of 18-29-year-olds believe that America is the “greatest country in the world”, according to Pew, down from 27% in 2011.

Tellingly, however, there has been no great public outcry.

No longer is there much appetite for America playing its long-standing role of global policeman, even in the face of the rise of the group calling itself Islamic State.

The cost, human and financial, is considered too great. Americans increasingly think that other countries should share the burden.


Obama, while continuing to trumpet “American exceptionalism”, regularly prefaces remarks on foreign affairs by acknowledging the limits of US power, again with little public outcry.

The upshot is that the United States is no longer so keen to exert leadership in an increasingly messy world.

Yet one of the reasons why the world has become so disorderly is because America is no longer so active in imposing order.

Over the course of this century Washington has lost its fear factor.

Ignoring the White House

World leaders nowadays seem prepared to provoke the wrath of the White House, confident that it will never rain down on them.

It explains why the Syrian President Bashar al-Assad, after unleashing chemical weapons against his people, continues to bombard them with barrel bombs.

Why Vladimir Putin annexed Crimea, and also offered a safe haven for the NSA whistleblower Edward Snowden.

And also why Benjamin Netanyahu thumbed his nose at the Obama administration, by accepting an invitation from the Republican congressional leadership to address a joint session of Congress, a platform he used to lambast the Iran nuclear deal.

Assad’s flouting of American warnings is especially noteworthy.


Rebel-held Douma was hit hard by Syrian government forces in February

In killing so many civilians with chemical weapons, he flagrantly crossed the “red line” imposed by Obama, but escaped punishment.

The president was unwilling to carry through on an explicit threat, in what was the biggest foreign policy climbdown of his presidency and also one of the most significant in the past 50 years.

Even supporters of Barack Obama believe he made a fatal strategic mistake, because it demonstrated endless flexibility and a lack of American resolve.

Needless to say, despots around the world took note.

Weak hand

America’s reluctance to launch new military actions has also had a major bearing on the nuclear negotiations with Iran.

Tehran has managed to extract notable concessions, such as the ongoing ability to enrich uranium, hitherto ruled out by the Americans.

It has played a weak hand strongly, because it knows that America has what the foreign affairs columnist Thomas Friedman calls “an empty holster”.

Nor is it just America’s enemies who no longer fear the White House to the extent they once did.

In recent months, two close allies, Britain and Australia, have defied the Obama administration byjoining the Asian Infrastructure Investment Bank.

By signing up to the AIIB, they are effectively endorsing Beijing’s effort to establish financial rivals to the Bretton Woods institutions, the World Bank and International Monetary Fund (IMF), which are dominated by America.

Ambiguous language

By seeking improved commercial and diplomatic relations with China, Britain and Australia are also hedging.

They suspect that America will not be the dominant Pacific military power indefinitely, nor the world’s foremost economic powerhouse.


Other American allies would complain that the “dependability factor” has also gone.

Israel feels badly let down by the Obama administration over the Iran deal, and relations between Benjamin Netanyahu and Barack Obama are poisonous.

The president, by using deliberately ambiguous language, has even signalled that his administration might end its traditional protection of Israel at the United Nations.

Like Israel, Saudi Arabia has been enraged by the prospective nuclear deal with the Iranians.

Riyadh also knows that America is no longer so dependent on its oil, the cornerstone of the relationship since the end of World War Two.

Egypt was angered in 2012 when Obama said Cairo was neither an ally nor an enemy.

Later, the State Department issued an embarrassing correction, and reinstated Cairo as a “major non-Nato ally.”

No massaging

Maybe Obama’s Egyptian error, and the slight it conveyed, was truly a Freudian slip.

After all, he hasn’t invested the same energy nurturing alliances as his predecessors. The detached air that has been a hallmark of his presidency also extends to foreign affairs.

America’s diplomacy has also been complicated by the dysfunction and hyper-partisanship in Washington

Here, I gather, Obama recognises intellectually that he could do far more in terms of massaging the egos of world leaders, but cannot quite bring himself to do so.

Indeed, a common complaint is that the Obama administration has prioritised normalising relations with its one-time enemies, Iran and Cuba, at the expense of fostering longstanding friendships.

Realising that America is no longer so supportive, and no longer so engaged in the Middle East, the Saudis have recently taken military action of their own in Yemen.

There’s also been a warming of relations between Riyadh and Moscow.

And Egypt launched airstrikes in February against the Islamic State group in Libya.

America’s standing in the Middle East has unquestionably waned, along with its ability to shape events.

Unexpected stats

More surprising has been its slippage in Africa, Obama’s ancestral home, and Asia, the focus of his much vaunted pivot.

In Asia, America’s median approval rating in 2014, as measured by Gallup, was 39%, a 6% drop since 2011.

In Africa, the median approval went down to 59%, the lowest since polling began, despite Obama hosting the US-Africa Leaders’ Summit in Washington in August, last year.

It even dropped in Kenya, his father’s birthplace.

America’s diplomacy has also been complicated by the dysfunction and hyper-partisanship in Washington.

Republican lawmakers actively sought to derail the Iran nuclear deal by sending a letter to the supreme leader Ayatollah Ali Khamenei.

President or Congress?

House speaker John Boehner invited Netanyahu to address Congress, knowing it would infuriate the White House.

Democrats with reservations about free trade have tried to sabotage the Trans-Pacific Partnership, the biggest trade deal since Nafta.

There’s also been strong congressional opposition to one of the big plays of Obama’s second term, the rapprochement with Cuba.

Should countries listen to the president or Congress?

America cannot even lay claim any more to its great, uncontested boast since 1872, of being the world’s largest economy.

The IMF now estimates that China’s economy is fractionally bigger.

Yet it would be a mistake to exaggerate the downsizing of American influence.

US military spending continues to dwarf its rivals, and up until last year amounted to more than the next 10 countries combined.

In 2014, America spent $731bn, compared to China’s $143bn.

Even though China’s economy is now larger, America’s per capita spending power is in a different league – $53,000 to $11,868.


Though America is contending with the rise of the rest – China, India, Brazil, Germany and Russia – it has not yet been overtaken by emergent rivals.

Indeed, there are foreign policy thinkers here who predict that America will preserve its pre-eminence for at least another 20 years.

Yet the unipolar moment ushered in by the fall of the Berlin Wall has proved to be just that: momentary.

Moreover, hopes of a new world order following the collapse of the Soviet Union have given way to widespread pessimism about the spread, even the contagion, of global disorder.

Gone are the certainties of America’s Cold War thinking, when the containment of communism governed its international actions.

Gone are the doctrines that gave US foreign policy such a rigid frame, throughout the Cold War and in the aftermath of 9/11.

Gone, too, is the notion that every fight is an American fight and along with it a redefinition of what constitutes the US national interest.

Barack Obama has instead advocated pragmatism and diplomatic dexterity, trying to steer a path between America being overextended and undercommitted.

Maybe the overriding challenge for US diplomacy over the next 20 years is to strike the proper balance.