Author Archives: Marcus J. Ranum

About Marcus J. Ranum

Marcus J. Ranum, CSO at Tenable Network Security, Inc., is a world-renowned expert on security system design and implementation. He has been involved in every level of operations of a security product business, from developer, to founder and CEO.

The Empire Strikes Back: The Demonization of Snowden Begins

Summary: Marcus Ranum, our in-house cyber-expert, looks at the next stage of the government’s defense against the revelations of NSA surveillance. Like the surveillance itself, they rely on non-governmental agents to get the job done.

I’m sure we’re all shocked to see attempts to downplay the significance of the PRISM story.

What’s that you say? You’re not? Well, me either.

That was why I rushed together my article about finely slicing the word salad of “direct access” to servers, etc. It’s useful to try to clarify in advance the lies you are about to be told – it makes them more clear.

The attacks on Greenwald’s scoop tend to break into four categories:

  1. Traitor! Traitor! USA USA USA!
  2. It’s not new; we already knew all that.
  3. It’s not possible, it’s not feasible (reasons given)
  4. That’s not true! (no reasons given)

The people taking the second line of reasoning above either haven’t done their research or are deliberately ignoring the rich history of leaks about this kind of stuff dating back years. Past leaks about the surveillance state show not only the desire to massively tap data, but the resources spent doing so, and the technological capabilities. It is the latter that give the lie to responses such as farcical stories about thumb drives and FTP. Oh, we can be sure that thumb drives and FTP have occasionally been used, but that’s probably to collect information that can’t be gotten indirectly.

People who claim that Greenwald has it wrong are ignoring the rather obvious fact that the “Boundless Informant” slides show 97 billion records of data being injected into the system daily. That’s a lot of thumb-drives worth! They also are ignoring that Greenwald says there are more disclosures to come; my suspicion is that Greenwald has a couple bombs left up his sleeve and he’s waiting for the surveillance state to strongly stake out a position before he pulls the carpet out from under them.

Articles such as Rick Perlstein’s article in The Nation (“Glenn Greenwald’s Epic Botch?“) – title complete with face-saving question mark – show a lack of understanding of history. If Perlstein’s “no expert”, as he says, he should probably invest a day or two studying, rather than an hour or two writing. I find it amazing that any journalist would take a corporate spokesperson’s words at face value when they’re responding to a crisis, without researching the back-story. Was he born yesterday?

Room 641a

Previous whistle-blowers such as Mark Klein, who revealed the existence of Room 641A, have already described systems that align perfectly with what Snowden has revealed. For that matter, Duncan Campbell was documenting ECHELON back in the 80s.

Continue reading

Someone call Nixon’s plumbers. We need them again.

Summary: Marcus Ranum looks to our past — the government’s history of surveillance — to see the future which the government’s vast surveillance machinery makes possible, and perhaps will help bring into being.

We prepare the way for a Leader

We prepare the way for a Leader


The NSA Doppleganger and Enemies

The Nation currently has an excellent piece on some of the history of surveillance in the US. Combine it with reading Tim Weiner’s latest book Enemies, and you have a picture of a government that has always illegally surveilled its citizens (also see Subversives: The FBI’s War on Student Radicals, and Reagan’s Rise to Power).

Occasionally, as today, we are brought to confront that fact, and it’s always instructive because you can tell from the backlash how badly it stung those who enjoy secret power and status. The rule of law is something that you criticize other countries for not following. This amounts to moving from “US Exceptionalism” to exceptionalism for the US power elites.

In the long-term it’s poor strategy because it amounts to building the weapons that will eventually be used against one faction when there’s a disagreement among elites. It’s laying the framework for an eventual takeover of the republic by centralized power. The more you centralize and aggregate power, the worse it is when your Stalin or Bonaparte comes along. As soon as one faction of the power elites realizes they can use the power of the police state to silence internal dissent among the elites, rather than simply controlling the lumpenproletariat, the republican experiment will be conclusively ended.

What the article at The Nation, and Enemies show us is the constant presence and evolution of a society that does double-entry bookkeeping regarding the rule of law. While the US sports the largest prison population in the world thanks to the endless and unwinnable War On Drugs, the elites casually excuse each other for crimes that would result in long jail sentences for the 99%. Indeed the very notion of criminality becomes inverted and corrupted when it’s a greater crime to disclose a crime than it was to commit it in the first place.

The problem with living under a system that is so immoral, Kant would tell us, is that we can only expect its immorality will eventually be turned upon us and we will suffer in turn.

Irony is not the tool for patching leaks

Continue reading

What they mean when the government says “We do not have ‘direct’ access to your info”

Summary: Even the best journalists and national security experts have difficulty with technical stories like the recent NSA revelations. Today Marcus Ranum (bio) cuts through the government’s lies, explaining the truth behind the NSA’s tapping vital telephone and email communication systems.

These are the small ones.

These are the small ones; America’s nerves


When politicians and spokespeople choose their words with exquisite care, then it’s time to examine them with extra care. Let’s talk a little bit about the realities of how one might monitor a data center, shall we?


“We have no direct access to their systems.”

Of course you don’t. By “direct access” you mean that you can log in and collect data directly from the system, or have database administrators’ credentials and can issue queries, or whatever. You wouldn’t want that, anyway, because the queries and the activities might then become public knowledge — those are traceable, you know.

When someone logs into a system, gains administrative rights, and looks at someone’s email in-box that leaves traces in the system logs, and that’s completely unacceptable because what you’re querying for is classified and suddenly those system logs contain extremely sensitive data, indeed.

Here’s how you do it

Those big outfits decrypt all their traffic at the edges of the network using a load-balancer/redirector that’s capable of offloading the CPU-intensive activity of decryption from the backend servers. Inside the provider’s core network, the traffic carried within their switches is all in the clear.

You show up with a national security letter and maybe a warrant and tell the provider that you’ve got a system that does classified stuff and they’re going to plug it into their network and have the core switches span some of the traffic between, say, the mail servers and everything else, and the user authentication servers and everything else, and send a copy of that traffic to the mystery box (or boxes, depending on the load you need to consume) and that’s it.

There’s no need even to give the box an IP address, which is a feature also, because that makes the box impossible for anyone to see other than in the configuration of the core switch or if they get into the special locked room in the data center and count the number of boxes in the rack there.

The box is a sniffer. Remember the old FBI CARNIVORE system that was “outed” back in 2000? That’s how CARNIVORE worked, pre 9-11. The newer systems may look like Insight.

Sniffing traffic is fairly straightforward

Continue reading

About American exceptionalism – what it really means

Summary:  As an afterword to the campaign, Marcus Ranum takes a look at American Exceptionalism.  While either false or daft as a doctrine, every presidential candidate had to profess allegiance to it.


But first, let’s look at the origin of the phrase “American exceptionalism”:

The position of the Americans is therefore quite exceptional, and it may be believed that no democratic people will ever be placed in a similar one. {Circumstances} have singularly concurred to fix the mind of the American upon purely practical objects. His passions, his wants, his education, and everything about him seem to unite in drawing the native of the United States earthward; his religion alone bids him turn, from time to time, a transient and distracted glance to heaven. Let us cease, then, to view all democratic nations under the example of the American people, and attempt to survey them at length with their own features.
— Alexis de Tocqueville’s Democracy in America, Book I, chapter 9 (1840)

“Communists in the 1920s talked of “American exceptionalism,”, the belief that thanks to its natural resources, industrial capacity, and absence of rigid class distinction, American might for a long while avoid the crisis that must eventually befall every capitalist society. American exceptionalism explained to Communists why their movement, like the rival Socialist movement, fared so poorly here in the most advanced capitalist country on earth.”
Communism in America: A History in Documents, Albert Fried (1997)

When we use the term “exceptionalism” what we’re really saying is that whoever’s doing it has abandoned the most simple and central premise of moral argument: what applies to me, applies to you. And vice-versa.

This principle is found in every moral system that I’m aware of, and is often re-cast as The Golden Rule, or The Categorical Imperative. Lao-Tze expressed it as:  “Do not do to others what you do not want done to yourself” and Buddha as “Hurt not others in ways that you yourself would find hurtful.”

This is an important principle because, I believe, most people understand it. Indeed, the core principle of arguing about anything is to “turn the tables” on your interlocutor and “put yourself in their shoes.” I submit to you, that when leaders begin to abandon such an obvious principle, they lose credibility. And that’s as it should be — because it indicates that those leaders are comfortable adopting a policy of exceptionalism, which is ultimately dictatorial.

Continue reading

Cyberwar, the Power of Nightmares

Summary: Today’s post by Marcus Ranum discusses Adam Curtis’ brilliant BBC documentary series “The Power of Nightmares”. Cutris deconstructs the dynamic of government as protector against unknown threats. His analysis of how generalized fears of terrorism manipulate the public apply exactly to cyberwar, as well.

“Both [the Islamists and Neoconservatives] were idealists who were born out of the failure of the liberal dream to build a better world. And both had a very similar explanation for what caused that failure. These two groups have changed the world, but not in the way that either intended. Together, they created today’s nightmare vision of a secret, organized evil that threatens the world. A fantasy that politicians then found restored their power and authority in a disillusioned age. And those with the darkest fears became the most powerful.

The Power of Nightmares, subtitled The Rise of the Politics of Fear, a BBC documentary film series written and produced by Adam Curtis in 2004.  Download here.


  1. The power of Nightmares
  2. The Man Who Was Thursday (A Nightmare)
  3. Anatomy of a Tail-spin
  4. Curtis’ Words
  5. For More Information

(1) The Power of Nightmares

Adam Curtis’ brillant documentary series offers a view of the present as a consequence of the search for meaning of the political class. In short: they need something to do, to justify their existence. After all, if everyone were simply happy and comfortable, sooner or later we might wake up and wonder, “what are we giving you guys so much power, for, anyway?” Curtis’ series describes an entirely plausible scenario of what I call an “emergent conspiracy” – a conspiracy that was not planned by a secret committee wearing black velvet capes and meeting in dimly lit corridors of power, but rather a conspiracy that happens and snowballs because it’s convenient and spares the conspirator’s having to deal with the truth.

We can think of emergent conspiracies as a result of co-evolution or co-dependency: all of the parties involved want something, and they stumble around creating a great big whopping lie in order to get it. Then they tell that lie to themselves, and believe it. They act on the lie, and are surprised by the consequences they must, thereafter, live with.

(2) The Man Who Was Thursday (A Nightmare)

“We say that the most dangerous criminal now is the entirely lawless modern philosopher. Compared to him, burglars and bigamists are essentially moral men; my heart goes out to them.
— G.K. Chesterton, The Man Who Was Thursday (1908)

Continue reading