Monthly Archives: July 2013


Documents Reveal How the NSA Cracked the Kryptos Sculpture Years Before the CIA

It took more than eight years for a CIA analyst and a California computer scientist to crack three of the four coded messages on the CIA’s famed Kryptos sculpture in the late ’90s.

Little did either of them know that a small group of cryptanalysts inside the NSA had beat them to it, and deciphered the same three sections of Kryptos years earlier — and they did it in less than a month, according to new documents obtained from the NSA.

These days the NSA is best known for its broad, indiscriminate spying on Americans and foreigners. But the Kryptos crack shows how some of the agency’s smartest geeks once blew off steam in the relatively quiet days between the end of the Cold War and the September 11 attacks.

The popular story of Kryptos has long held that CIA analyst David Stein was the first to crack three of the cryptographic sculpture’s four puzzles in 1998.

Stein decrypted the coded messages after spending some 400 hours’ worth of lunch hours working through the puzzles using only paper and pencil. Many people, on and off the CIA campus in Langley, Virginia, had tried to break the coded puzzle, but only Stein, a member of the agency’s Directorate of Intelligence, succeeded. Stein’s work on the code was kept secret, however. In 1999, he wrote a fascinating account of how he cracked three of the sculpture’s four coded messages, but it was only published in an internal CIA newsletter that remained classified until years later.

The secrecy over Stein’s achievement allowed California computer scientist Jim Gillogly to steal the spotlight a year later in 1999, when he announced that he’d also cracked the same three messages, only he used a Pentium II to do it.

But new documents released by the National Security Agency show how the Defense Department’s spy agency beat Stein and Gillogly to the punch years earlier.

It’s a story that has largely remained buried in the NSA archives until Elonka Dunin unearthed it in a recent FOIA request. Dunin is the premier expert on Kryptos who oversees a Yahoo Group dedicated to cracking the code and also maintains a website dedicated to the sculpture.

Although a Baltimore Sun story about Kryptos in 2000 disclosed that the NSA had cracked three sections of the puzzle, many of the details behind the efforts were not revealed.

It all began in 1988 when the CIA Fine Arts Commission commissioned local artist James Sanborn to create a cryptographic sculpture for a courtyard on the CIA campus. Sanborn completed the two-part sculpture in 1990, which included stones laid out in International Morse code near the front entrance of the CIA campus, and a 12-foot-high, verdigrised copper, granite and petrified wood sculpture. The latter, which is the more famous part of Kryptos, was inscribed with four encrypted messages composed from some 1,800 letters carved out of the copper plate.

One of the memos notes that the layout of the two-part sculpture was “a landscaping scheme designed to recall the natural stone out-cropping that existed on the site before the Agency, and that will endure as do mountains.” The placement of the sculpture “in a geologic context reinforces the text’s ‘hidden-ness’ as if it were a fossil or an image frozen in time.”

In 1991, while on a trip to the CIA, a group of NSA cryptanalysis “interns” diligently scribbled all the letters from the sculpture onto sheets of paper and brought them back to the NSA so curious analysts there could take a crack at it. In December 1991 a group of NSA analysts met in a conference room at the NSA to discuss the sculpture and what methods of decryption they might apply, including classified methods used internally by the NSA.

A memo about this meeting indicates that “any discussion of ‘in-house’ techniques or applications (being classified) are not mentioned in this text as it is to be unclassified.” The memo also included a note to participants not to discuss their efforts to crack the puzzle in public, as some of the methods they used might be classified, as well as a message at the bottom of the memo indicating that “these notes were prepared at NO expense to the US Government.”

After that initial NSA meeting, however, nothing further was done on the puzzle. Over the next year, the CIA tried to crack the sculpture on its own, but with no success.

The sculpture remained unsolved until 1992, when Adm. William O. Studeman, the CIA’s then-deputy director and a former NSA director, issued a formal challenge to his former colleagues at the NSA to solve the CIA’s new courtyard puzzle. The NSA’s director at the time, Vice Admiral Mike McConnell, announced the challenge during an internal ceremony at the NSA, and a small cadre of cryptanalysts from the agency’s Z Group — the internal name for the cryptanalysts division — “enthusiastically responded.”

Left on their own, NSA employees had shown little passion for cracking the ciphers, but once a formal challenge was on the table from the CIA, it was hard to resist. The group was so intent on cracking the code that they formed an informal task force in November 1992, according to the recently released documents, which include a number of internal NSA memos describing how they cracked the ciphers.

Working from the transcription obtained by interns a year earlier, they quickly determined, using computer diagnostic tools, that the sculpture consisted of four parts — using at least three different ciphers — and a cryptographic table based on an encryption method developed in the 16th century by a Frenchman named Blaise de Vigenere that was key to helping them solve parts of the puzzle.

They were sure to note that subsequent analysis and solutions of the code “did not require any computer power” but were done by hand.

They quickly discovered that the encrypted sections included intentional spelling errors made by artist James Sanborn, and misaligned characters set higher on a line of text than characters around them.

Then “within two days of receiving the information tasking from Chief, Z,” they had solved parts one through three of the puzzle. They spent another day on the fourth section, but very quickly “a decision was made to stop any further work” on it. “Given the suspected cryptography, the last section is too short to solve without diverting a great deal of effort from operational problems,” they wrote in the memo.

In the end, it was just three analysts who solved the codes, one tackling each section of the puzzle. Although the names are redacted in the documents released by the NSA, Dennis McDaniels was identified as one of the crackers in the Baltimore Sun article. Ken Miller was also identified as another member of the group, though someone knowledgeable about the project told Wired that he didn’t decipher any of the sections but worked closely with the group to write up their notes.

In June 1993, after the three parts were cracked, an internal letter announcing the feat was sent to Admiral McConnell at the NSA, marked “For Official Use Only” and informing him that the deed was done. It was returned with a request to forward the note to Admiral Studeman at the CIA, no doubt with an air of glee and arrogance that the NSA had beat the CIA at cracking its own puzzle. Another scribbled note on the memo read, “Great Story!”

The documents describe their efforts through “many wrong turns” to arrive at the solutions.

The first part of the sculpture used a periodic polyalphabetic substitution cipher using 10 alphabets, and when decrypted was a poetic phrase that Sanborn had composed himself: “Between subtle shading and the absence of light lies the nuance of iqlusion” (“iqlusion” was an intentional misspelling of illusion).

Part two used a periodic polyalphabetic substitution cipher using 8 alphabets. When decrypted, the passage hinted at something buried:

It was totally invisible. How’s that possible? They used the Earth’s magnetic field. x The information was gathered and transmitted underground to an unknown location. x Does Langley know about this? They should: It’s buried out there somewhere. x Who knows the exact location? Only WW. This was his last message. x Thirty-eight degrees fifty-seven minutes six point five seconds north, seventy-seven degrees eight minutes forty-four seconds west. ID by rows.

The cryptanalysts correctly guessed that WW referred to William Webster, which Wired confirmed in 2005 during an interview with artist Sanborn. “The coordinates,” the memo noted, “refer to the location of or a location within the Central Intelligence Agency.” But the significance of the I.D. by Rows? That remained “undetermined,” the NSA’s puzzle crackers wrote.

In fact, Sanborn had made an error in the puzzle and inadvertently introduced a typo in the section. The mistake involved an “x” that he intentionally deleted from the end of a line in section two for aesthetic reasons, to keep the sculpture visually balanced. The “x” was supposed to signify a period or section break at the end of a phrase, but Sanborn removed it thinking it wouldn’t affect the way the puzzle was deciphered. It turned out the “x” made all the difference, however.

Instead of “ID by rows” it actually should have been deciphered to read “layer two,” though code breakers wouldn’t discover this until years after the NSA cryptanalysts had their crack at the code.

Part three used a keyed columnar transposition cipher, which the cryptanalysts partly diagnosed solely by “eyeballing” the text.

“The most likely explanation for this is a transposition system,” they write, “perhaps a keyed columnar transposition. In such a system, the plain text is inscribed horizontally into a matrix, normally a rectangle, and then the latter are extracted vertically, according to a pre-determined sequence.”

When decrypted, it was a paraphrased page taken from the diary of archaeologist Howard Carter describing the opening of a door in King Tut’s tomb on Nov. 26, 1922.

Slowly, desperately slowly, the remains of passage debris that encumbered the lower part of the doorway was removed. With trembling hands I made a tiny breach in the upper left-hand corner. And then, widening the hole a little, I inserted the candle and peered in. The hot air escaping from the chamber caused the flame to flicker, but presently details of the room within emerged from the mist. x Can you see anything? q

According to a former Defense Department cryptanalyst who spoke with Wired, McDaniels was responsible for cracking section three and did it in just six hours lying on his living room couch with paper and pencil after coming home exhausted one day from playing volleyball. McDaniels is now retired from the NSA and declined to speak with Wired about his work on the sculpture. But the source told Wired that McDaniels had been out all day playing volleyball and came home around 10pm.

“He plopped down on the couch in the living room, picked up his draft notes for K3,” the source said. “He had tinkered with it before but could never get into it. He knew it was just basic transposition, so he started with the letter Q and [the letter U after it] and found there were five instances of the letter U, and he just tried all five of those. Then he had to try every other vowel that came after and he finally found something that broke it. By then it was about 4am and he was done.”

Unfortunately the fourth section stymied the NSA code breakers, as it has continued to do other cryptanalysts for 23 years. The documents noted that “although ideas abound” for deciphering it, the final 97 characters of the sculpture “continue to elude solution.”


They speculated that this section might employ a combination of the techniques used in other sections. “First the message is encrypted using some set of alphabets,” they write, “as was done in the first and third breakthroughs, and then the cipher is put through a transposition, such as that used in the second breakthrough.” But even with that they were never able to solve it.

In 2010, Sanborn, surprised that the final section had remained unsolved for so long, and perhaps feeling guilty about an error he had made in the sculpture that misled puzzle-solvers for years, decided to disclose six of the 97 letters in the last section. The six letters — NYPVTT — are the 64th through 69th letters of the final section and when deciphered spell out the word “BERLIN.”

The clue has yet to be the breakthrough that code crackers had hoped it would be, however, and the last section still remains unsolved.

Even when that final section is solved, however, sleuths still won’t know what the sculpture means. The deciphered text contains a riddle, which will require them to be on the CIA grounds in order to solve it.

“In part of the code that’s been deciphered, I refer to an act that took place when I was at the agency and a location that’s on the ground of the agency,” Sanborn told Wired in 2005. He may be referring to something he buried on the CIA grounds, though he won’t say for sure. The decrypted text gives latitude and longitude coordinates (38 57 6.5 N, 77 8 44 W), which Sanborn has said refer to “locations of the agency.” So sleuths will have to first decipher the code then find their way onto the CIA grounds and locate that place in order to finally discover what it all means.


Microsoft settled 3,265 software piracy cases in 43 countries during its last fiscal year

Screen Shot 2013-07-09 at 3.56.45 PM

Microsoft settles a lot of lawsuits, that’s pretty much a given when your company is the size of the Redmond software (and hardware) maker. But now, thanks to a release, we know exactly how many of those settlements were software piracy cases.

According to the official stats, Microsoft settled 3,265 software piracy cases in 43 countries in the fiscal year ending June 30th. Only 35 of those were in the U.S. and only 19 states are named. The other 3,230 cases were international, and were spread across 42 countries.

“Software counterfeiting negatively impacts local and global economic growth, stifles innovation, and puts consumers and businesses at risk,” said David Finn, associate general counsel in the Microsoft Cybercrime Center in a statement.

Microsoft says that those messages which urge you to ‘report this software as stolen’ when you fire up an inauthentic copy of Windows are actually working, too. Since 2005, it has gotten over 450,000 counterfeit reports from customers.

One case that Microsoft calls out is an infringement by Ningbo Beyond Group, part of an ongoing suit brought by the Attorney General of California after it determined that the garment manufacturing company wasn’t paying for its software, and therefore gaining an unfair advantage over its stateside competitors.

Retrieved from The Next Web


Why Steve Ballmer Is Reorganizing Microsoft

Microsoft CEO Steve Ballmer                                                                                      REUTERS/Robert Galbraith
Microsoft CEO Steve Ballmer

Steve Ballmer is reportedly going to announce his plans for a massive  reorganization of Microsoft’s corporate structure on Thursday.

This reorg will shape the remaining years of Ballmer’s tenure as CEO.

In the past, he’s told executives at Microsoft he plans to stay on as chief until his youngest child is in  college, which would be around 2017, or 2018. Assuming he hasn’t changed his  mind, this reorg will probably be his last big structural change to Microsoft’s  org chart before he leaves.

Drips of information have leaked on what Ballmer’s planning, but much of the  change is still unknown, since this is Ballmer’s plan and he’s keeping it fairly  private.

However, you don’t need an inside source to figure out his  priorities. Ballmer told the world what  he’s planning for Microsoft in a letter to shareholders last year.

Steve Ballmer wants to transform Microsoft  from a company of multiple business groups working in relative silos to a truly  collaborative company focused on “devices and services”.

That last bit is very big inside Microsoft.  I was at Microsoft’s headquarters a few weeks ago meeting with company execs and  getting a tour of the place.

The phrase “devices and services” popped up  regularly.

So, what does devices and services  mean?

First, let’s explain what  it doesn’t mean.

It doesn’t mean copying Apple and becoming  a vertically integrated company that controls everything from top to  bottom.

Sure, Microsoft released the Surface. And  it has the Xbox. And it will do more hardware in the future.

But that doesn’t mean it’s going down  Apple’s route.

Microsoft wants to do a half-way  Apple.

It wants its partners to build top-notch  devices that run Microsoft’s services flawlessly out of the box. To do this,  Microsoft wants to work more closely with its hardware partners, and give them a  tight set of parameters for manufacturing Windows-based  devices.

In this way, it gets a variation in devices  like Google has with Android, but with less fragmentation and bad user  experiences.

Here’s Ballmer’s explanation of what  devices and services means from his shareholder letter:

We will continue to work with a vast ecosystem of  partners to deliver a broad spectrum of Windows PCs, tablets and phones. We do  this because our customers want great choices and we believe there is no way one  size suits over 1.3 billion Windows users around the world. There will be times  when we build specific devices for specific purposes, as we have chosen to do  with Xbox and the recently announced Microsoft Surface. In all our work with  partners and on our own devices, we will focus relentlessly on delivering  delightful, seamless experiences across hardware, software and services. This  means as we, with our partners, develop new Windows devices we’ll build in  services people want. Further, as we develop and update our consumer services,  we’ll do so in ways that take full advantage of hardware advances, that  complement one another and that unify all the devices people use daily. So right  out of the box, a customer will get a stunning device that is connected to  unique communications, productivity and entertainment services from Microsoft as  well as access to great services and applications from our partners and  developers around the world.

If you glossed over that paragraph, stop  right now, and re-read it. It’s Ballmer’s manifesto for how he wants Microsoft  to operate in the next five years.

Over the years, investors, analysts, and  pundits have called for Microsoft to break up. Even today, one of the most  respected Microsoft analysts, Rick Sherlund at Nomura, believes Microsoft should be broken up. He thinks the Xbox division  should be spun out, Bing should be sold off, and headcount should be  reduced.

Ballmer, clearly, doesn’t  agree.

If anything, now, more than ever, Microsoft  can use its multiple business groups to deliver high-quality computing  experiences that rival Apple and Google.

Microsoft’s suite of services are probably  the best in tech right now: Office, Skype, SkyDrive, Bing, and Xbox Live can go  head-t0-head with anything Apple or Google offer.

But, Microsoft is falling behind those  companies because it hasn’t successfully married those services with good  devices.

There are a few reasons Microsoft failed to  combine its services with good devices.

First, it’s still suffering a hangover from  when the Justice Department blocked it from bundling its services. That had a  big impact on how Microsoft operated, and it’s just getting over  it.

Second, it didn’t have Windows Phone, or  Windows 8, which are platforms that allow for all its services to be delivered  in one unified experience.

With Windows 8 in place, Ballmer can fit  all the pieces of Microsoft together into the devices and services company he  envisions.

That’s what his reorg should do. It should  realign the company around his vision of creating high-quality devices  seamlessly operating Microsoft’s software and services.

As for the particulars of the reorg, we’ll  find out soon enough.

Retrieved from Business Insider

Differences on Cybertheft Complicate China Talks

WASHINGTON — Vice President Joseph R. Biden Jr. opened annual strategic talks with senior Chinese leaders here on Wednesday by repeating the United States’ accusation that the electronic theft of American intellectual property could undermine the relationship between the world’s two largest economies.

And to no one’s surprise, the Chinese had an answer ready: that the publication of secret documents showing the extent of American surveillance of Chinese universities and other institutions undercuts the Obama administration’s case.

That friction, American officials conceded in private, underscores how difficult it will be for the United States to make progress on what President Obama and his top aides have said is now a central issue between two countries whose economies are intertwined and whose militaries are in competition.

And at a time when the Chinese economy is showing signs that it is headed into a period of slower growth, the administration’s hopes of persuading Chinese leaders to crack down on the daily barrage of theft and espionage over the Internet — considered crucial to keep China competitive — is likely to be even more difficult.

“We both will benefit from an open, secure, reliable Internet,” Mr. Biden said at the opening of the talks, the Strategic and Economic Dialogue, an annual effort to bring together top Chinese and American cabinet and subcabinet officials on a range of problems. “Outright cyber-enabling theft that U.S. companies are experiencing now must be viewed as out of bounds and needs to stop.”

Mr. Biden was making the same point that Mr. Obama repeated in recent weeks, including during a meeting with China’s new president, Xi Jingping, in California. To the Americans, China’s cybertheft — often directed by units of the People’s Liberation Army — is different, and far more corrosive, than standard government espionage.

An American official who was sent out to brief reporters after the first day of talks said that when it came to the theft of intellectual property — including the designs of commercial products and military aircraft — “we don’t do it, and we don’t think any country should do it.”

China has always viewed the issue differently, seeing far less of a distinction involving what it regards as issues of economic and military security.

“For many Chinese, it is bizarre that how Washington can continue to pose as the biggest cyberespionage victim and demand others behave well,” China Daily, a government-influenced publication, wrote before the meeting, “after former U.S. intelligence contractor Edward Snowden revealed that U.S. spy agencies hacked deep into China and other countries’ computer networks, including those of government, military, research, educational and business organizations.”

It concluded that “by dividing cyberespionage into ‘bad’ and ‘good’ activities, Washington is trying to dictate the rules for global cyberdomain, which is a public space.”

American and Chinese cyberexperts met Monday for the first time in a working group intended to address the issue. That alone was progress: when the United States asked Chinese officials to discuss cybertheft, cyberespionage and cybersecurity at a meeting several years ago, there was almost no give and take. But new attention focused on the activities of the Chinese military, notably Unit 61398 of the People’s Liberation Army, has made it harder for Mr. Xi’s government to ignore the United States’ protests.

Mr. Snowden’s revelations may be a gift to the Chinese, because they shift the focus from China’s covert activities to Washington’s. And even American scholars say the Chinese have a good argument. “It is not true that ‘unwritten rules’ prohibit economic espionage,” said Jack Goldsmith, a Harvard law professor and cyberexpert who served in the Bush administration. “Economic espionage is expressly prohibited by U.S. domestic law but is not prohibited by international law, written or unwritten, and it is widely practiced.”

The most fruitful part of the conversations, American officials indicated in a briefing late on Wednesday, dealt with North Korea and climate change, two areas where the governments have been moving into alignment.

Retrieved from NYtimes


Fruit-Themed Spam Hits Instagram

                         Instagram Fruit Spam

Fruit spam?

Fruit spam.

If you’ve been noticing a strange rise of fruit-related pictures in your Instagram feed today, don’t worry.  Your friends haven’t become (even more) obsessed with taking pictures of their healthy meals.

Well, you might want to worry a wee bit, because the pictures might be linked to a fruit-themed spam attack that’s slowly making its way around the popular photo-sharing service.  It’s unclear just how said spammers are getting a hold of users’ login credentials, but the attack results in a number of pictures of fruit – of all things – being posted to a person’s Instagram account.

The text accompanying the pictures also includes a Bitly hyperlink – clicked on more than 35,000 times as of this article’s writing – that takes users to a fake BBC page promoting weight-loss coffee.

“Ever seen this stuff?  I guess its super healthy, im giving it a try. I saw it on Dr Oz’s show! Link is in my bio #lovemyfollowers #health,” reads an example of one spammy photo’s description.

To its credit, Bitly is now throwing up a giant warning message for users attempting to click through to the aforementioned link.  It’s possible the fake BBC site could just be a follow-through for the spam attack that attempts to pull money (and credit card credentials) from users foolish enough to place an order for the coffee, but there could also be some kind of method for pulling a user’s login credentials hosted on the itself.  That’s the part we remain a bit in the dark on – how spammers get one’s credentials in the first place and load up one’s account with the fruity photos (in addition to changing a user’s bio to reference said fake BBC page).

The spam attack was first reported by GigaOm’s Om Malik earlier today and, according to him, Facebook hasn’t offered up any comment as to what might be going on.

Those who feel as if their accounts have been compromised only really have one major recourse: Resetting their passwords (and, hopefully, using as strong a passphrase as they can remember).  It’s also worth going into one’s third-party application access list – accessible via this link – which allows you to see what non-Instagram sites have access to your account.  Revoke the privileges of anything that sounds unknown or odd.

Beyond that, users can also check their follower lists to make sure they aren’t following any obvious spam accounts — and do report those, or any spam-filled comments you happen to find on your photos, if that’s the case.

Retrieved from PC Mag