Code Warriors: NSA’s Codebreakers and the Secret Intelligence War Against the Soviet Union (Budiansky 2016) is an interesting book despite the challenge of getting information about the NSA. It is timely because of the recent Wikileaks release regarding the CIA’s efforts to get hold of messages on smartphones before they are encrypted.
I had no idea that Edward Snowden relied on a social attack to get information:
In May 2013, a twenty-nine-year-old computer security expert who had worked for three months as a $200,000-a-year contractor for the National Security Agency in Hawaii told his employer he needed to take a leave of absence for “a couple of weeks” to receive treatment for the epileptic condition he had recently been diagnosed with. On May 20, Edward J. Snowden boarded a flight to Hong Kong, carrying with him computer drives to which he had surreptitiously copied thousands of classified intelligence documents.
It was a move he had been secretly preparing for some time, having secured the job with the specific aim of gaining access to classified NSA material. (He was ultimately able to do so only by duping more than twenty coworkers into giving him their computer passwords, which he said he needed for his duties as a systems administrator; most of the colleagues whom he betrayed were subsequently fired.)
Can it really be as easy to get a password from an NSA employee with a top-secret clearance as it is to get one from a 93-year-old AOL user? Apparently the answer is “yes”!
Since “women doing jobs involving numbers” is newsworthy today…
More than 70 percent of the staff at Arlington Hall were civilians, and by the war’s end more than 90 percent of those were women. A similar balance of the sexes quickly took hold at the Navy’s signals intelligence headquarters, across the Potomac River. The Navy had a deep tradition of never permitting a situation to arise where an officer might have to take orders from a civilian, and insisted on putting all of its new hires in uniform. But with its establishment in summer 1942 of the WAVES—Women Accepted for Voluntary Emergency Service, which allowed women to serve in the Navy as officers and enlisted personnel—the service was also able to freely recruit women for codebreaking duty, and some 80 percent of its cryptanalysts by the war’s end were female.
It is doubtful that Uber will be resurrecting one particular NSA tradition:
A photograph in NSA’s historical files from this period showed the finalists in the annual Miss NSA beauty pageant, the contestants in evening gowns and each wearing a sash bearing the number of the section they worked in.
Contrary to Hollywood portrayals, the smartest people may also be the nicest…
Von Neumann had been an intellectual prodigy as a child, able to divide eight-digit numbers in his head at age six. Throughout his life he could effortlessly recite entire books verbatim after a single reading, and equally effortlessly provide a running translation in any number of languages. Years later, after he got to know him well, Goldstine tried to test von Neumann by asking him how Charles Dickens’s Tale of Two Cities begins. He was still going fifteen minutes later, without pause, when Goldstine finally stopped him. As a scientist, von Neumann had made seminal contributions to a bewildering array of fields, including game theory, quantum mechanics, economics, topology, and the theory of shock waves.
That day on the train platform the younger man, with some temerity, approached his world-famous colleague and introduced himself: Fortunately for me von Neumann was a warm, friendly person who did his best to make people feel relaxed in his presence.
The exciting age of code-breaking turns out to have mostly ended during World War II. The NSA funded a lot of powerful computers, but combinatorics worked against them.
The IBM 701, which IBM originally called the “Defense Calculator,” was much more of a number-cruncher designed to meet the needs of Los Alamos’s nuclear weapons designers, meteorologists at the U.S. Weather Bureau, and ballistics engineers at the Army’s ordnance labs. The new IBM machine that the company was now proposing was turning into the same bait and switch. In the summer of 1955, NSA agreed to provide IBM the $800,000 in funding it needed to develop the high-speed core memory that was to be the heart of the new “Stretch” computer. But meanwhile IBM also negotiated a deal with the Atomic Energy Commission to supply Los Alamos with a Stretch computer, too, for a fixed price of $4.3 million; then the company’s top management began to insist that whatever the final design, it had to be marketable to commercial users as well. “As usual the agency has a firm hold on the IBM leash and is being dragged down the street,” an NSA engineer assigned to keep tabs on the company’s work reported as the project progressed.
By the time the first machine was delivered to NSA in 1962, the price of the project had ballooned to $19 million, which did not include $1 million for supplies such as magnetic tapes and cartridges; $4.2 million for training, additional personnel, and software development; $196,045 for “installation”; and $765,000 a year in rental fees. IBM had resolved the problem of building a computer that could simultaneously serve scientific, cryptanalytic, and commercial customers by designing a flexible central processor, a high-speed arithmetic add-on unit for the AEC, and an add-on streaming unit for NSA, modeled on Abner’s “Swish” function. The special NSA add-on was called “Harvest,” which eventually became the name of the whole system; its official designation was the IBM 7950.
“There is not nearly enough energy in the universe to power the computer” that could test every setting of such a rotor machine, which had an effective cryptanalytic keyspace on the order of 1044. Even the “more modest undertaking” of recovering the setting of an individual message enciphered on such a machine whose internal configuration has already been recovered, which would involve testing about 1016 possibilities, would cost $2,000,000,000,000,000,000,000 per message for the electricity required to power any known or projected computing devices.55 (In 1998 a $250,000 machine built with 1,856 custom-made chips successfully carried out an exhaustive key search on the 56-bit key DES encryption system—a keyspace slightly greater than 1016—in two days. But a 128-bit key, with a keyspace of the order 1038, can be shown to resist an exhaustive search even by the most theoretically energy-efficient computer that the laws of physics permit.)
With the exception of a short-lived and still-classified 1979 breakthrough using Cray-1 supercomputers against Soviet codes, the modern age is all about sifting through massive volumes of plain-language communications, planting bugs to get plaintext prior to encryption, and recruiting spies.
For decades, standard histories of the air war in Korea attributed the sudden improvement in mid-1951 in the kill ratio achieved by American fighter pilots against Chinese MiG-15 jets to the arrival of the new and more capable American F-86. During the final year of the war U.S. fighters shot down 345 MiGs in air battles with a loss of only 18 F-86s, a kill ratio of 19 to 1. In fact, the real breakthrough had come from pulling together all of the signals intelligence sources in one center so that they could be rapidly correlated and passed on to fighters in the air. “The present top-heavy success of the F-86 against MiG-15s dates almost from the day of the inception of the new integrated [signals intelligence] service,” reported an officer involved in the operation. On one day, a visiting ASA colonel observed the system in action as 15 MiGs were shot down without a single loss by U.S. F-86s. With more enthusiasm than originality, the colonel said it was “just like shooting ducks in a rain barrel,” but it was an unmistakable demonstration of the incredible force multiplier that the signal interception and reporting system had provided: not a single one of the MiGs was tracked on U.S. radar during the course of the battle; all of the information passed to U.S. pilots had come from listening, in real time, to the communications of the enemy controllers and planes.39 An analysis of ground control traffic in June 1952 concluded that more than 90 percent of MiGs engaged in air operations over Korea were being flown by Russians.
The most famous penetration of the U.S. embassy was the Great Seal bug, also discovered during Kennan’s ambassadorship. Having requested a thorough sweep of his residence and the embassy, Kennan was sent a security team from Washington. To check for any voice-activated bugs, one of the technicians asked the ambassador to sit at his desk at Spaso House after hours and go through the motions of dictating a letter to his secretary. Kennan, with a certain touch of humor, chose to read from his 1936 cable in which he did nothing but recycle his predecessor’s dispatches from czarist Russia to show that nothing had changed under the Communist regime. Suddenly detecting a UHF signal coming from behind Kennan’s desk, the technician began hacking at the wall behind a wooden replica of the Great Seal of the United States that hung there. He then turned his hammer to the seal itself and pulled from behind the carved eagle’s beak a three-quarter-inch-diameter diaphragm-covered cylinder, attached to a short rod antenna.10 The seal had been presented as a gift from Russian schoolchildren to Ambassador Averell Harriman in 1945 and had hung there ever since. The American engineers who discovered it dubbed it “the Thing.” Its principle of operation was ingenious. The Thing was entirely passive, requiring no power supply and giving off no signal itself until it was illuminated by a microwave radio beam aimed from an adjoining building. As the diaphragm vibrated in and out in response to sound waves coming from the room, it minutely changed the shape, and thus the resonant frequency, of the cavity formed by the small cylinder. That slight distuning of a resonant frequency around 1800 MHz caused the strength of one of the harmonics of the incoming illuminating signal to fluctuate, producing a modulated radio signal of the same kind generated by an AM radio transmitter. The resulting signal could be picked up from a nearby location outside the building.
How did Americans find Soviet spies in their midst? “The science was settled” on the polygraph:
“The Director has repeatedly emphasized his firm conviction that the polygraph is more reliable and more protective of security than the background investigation,” his deputy for administration wrote in a 1956 memorandum that argued for periodically polygraphing existing civilian employees as well, to probe for “membership in subversive organizations,” “association with known or suspected subversives,” and unauthorized disclosure of classified information. … The trouble, aside from the abuse of privacy and due process inherent in the whole business, was that conscientious but perfectly innocent people tended to show a “deceptive” response in the standard polygraph examination, while pathological liars sailed through. In their zeal to clear the initial backlog of pending clearances, NSA scoured police departments and private detective agencies around the country to hire supposed polygraph experts to administer the tests, which took place in hastily erected soundproof rooms at the U Street building.
How well did it work?
Staff Sergeant Jack E. Dunlap was the holder of a Purple Heart and Bronze Star for “coolness under fire and sincere devotion to duty” in the Korean War. On July 22, 1963, he was found sitting dead in his car at his home near NSA headquarters, a length of radiator hose from the exhaust pipe running through the right front window and the engine idling. A month later his widow turned over to Army investigators a pile of classified documents from the attic of their home. She said her husband had told her that since mid-1960 he had been meeting a member of the Soviet embassy staff at rendezvous around Washington; in exchange for $40,000 he
Full post, including comments 
