Daily Archives: May 15, 2017

Trump updates his Russian friends on the latest intelligence

Posted on by

Now this you couldn’t make up. (Actually, given Trump, you could).

President Trump revealed highly classified information to the Russian foreign minister and ambassador in a White House meeting last week, according to current and former U.S. officials, who said Trump’s disclosures jeopardized a critical source of intelligence on the Islamic State.

The information the president relayed had been provided by a U.S. partner through an intelligence-sharing arrangement considered so sensitive that details have been withheld from allies and tightly restricted even within the U.S. government, officials said.

The partner had not given the United States permission to share the material with Russia, and officials said Trump’s decision to do so endangers cooperation from an ally that has access to the inner workings of the Islamic State…“This is code-word information,” said a U.S. official familiar with the matter, using terminology that refers to one of the highest classification levels used by American spy agencies. Trump “revealed more information to the Russian ambassador than we have shared with our own allies.”

WannaCry? Not really

Posted on by

If you’re overwhelmed by all the good, bad and simply awful reporting of the WannaCry ‘ransomware’ attack, here are links to two sane and well-informed pieces.

  • Ross Anderson’s post on Light Blue Touchpaper — “Bad Malware, Worse Reporting”.
  • Ben Thomson’s long and thoughtful post on his Strachery blog — “WANNACRY ABOUT BUSINESS MODELS”.

Also…

The Economist had a useful briefing a while back on the general topic of our chronic insecurity — “Computer security is broken from top to bottom”.

And of course it goes without saying that this whole debacle provides a salutary confirmation of the foolishness of demanding that there should be ‘backdoors’ in encryption ‘for government use only’. WannaCry was turbocharged by some software written by the NSA (which knew about the Windows XP vulnerability but didn’t tell Microsoft) to exploit it. The moral: if the government knows about a vulnerability, then other people will too. And some of them will be more even more unscrupulous.