I saw this article this morning. Thought it was really interesting. I am a sucker for Cryptography stories and NSA stories. It is amazing when it is a crypto story combines with the NSA to make in my opinion a Super Story.
From a new article. I thought it explained Cryptography well and how the NSA may have cracked a math problem. A very significant math problem. I have read this theory may be incorrect. I tend to believe it is a combination of two main factors. Companies have routinely let the NSA have access to everything from Emails to Search History to controls over your browser by the insidious allowance of back doors that are there to be exploited by the NSA. It has been said the Govt has been paying these companies to help comply. I know in Bramfords famous story on the NSA Bluffdale story that the NSA had made a significant break at cracking most cryptography. That does not sound like it is convincing companies to allow backdoors. That sounds like they cracked the math on some very significant level. If you know about Crypto it is very much MATH. Very complicated Math.
Bramfords thoughts from 3 years ago
But “this is more than just a data center,” says one senior intelligence official who until recently was involved with the program. The mammoth Bluffdale center will have another important and far more secret role that until now has gone unrevealed. It is also critical, he says, for breaking codes. And code-breaking is crucial, because much of the data that the center will handle—financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal documents, confidential personal communications—will be heavily encrypted. According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”
The article about if the NSA has cracked a significant math problem.
In a recent story about the U.S. National Security Agency’s controversial Internet surveillance operations, the New York Times reported that “the agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems.”
The bolding is mine, because if in fact the agency did crack the encryption schemes used for bank transactions (the Times is somewhat unclear on that point), then in doing so it may have solved a math problem that has long puzzled cryptographers and number theorists alike.
The problem in question is that of integer factorization. It has been shown that every integer (e.g. 1, 2, 3, 4, 5…) can be written as the product of prime numbers. To review, a number is said to be prime if it is divisible only by itself and 1. (The first 10 prime numbers are 2, 3, 5, 7, 11, 13, 17, 19, 23, and 29.)
That means if we pick a number, say 50, we should be able to write it as a product of primes: In this case, it would be 5 x 5 x 2. For small numbers like 50, determining prime factors is within reach of any middle schooler. However, take a sufficiently large number—one that is hundreds of digits long—and the problem quickly becomes intractable, not only for humans but even for modern computers.
To date, there is no known shortcut to quickly factor large integers into primes. It has never been proven that no such shortcut exists. We’ve just never found one.
Another Wired article on what they speculate is going on.
Perhaps the NSA has some new mathematics that breaks one or more of the popular encryption algorithms: AES, Twofish, Serpent, triple-DES, Serpent. It wouldn’t be the first time this happened. Back in the 1970s, the NSA knew of a cryptanalytic technique called “differential cryptanalysis” that was unknown in the academic world. That technique broke a variety of other academic and commercial algorithms that we all thought secure. We learned better in the early 1990s, and now design algorithms to be resistant to that technique.
It’s very probable that the NSA has newer techniques that remain undiscovered in academia. Even so, such techniques are unlikely to result in a practical attack that can break actual encrypted plaintext.
Bruce Schneier is a security technologist and author. His latest book is Liars and Outliers: Enabling the Trust Society Needs to Survive.
The naive way to break an encryption algorithm is to brute-force the key. The complexity of that attack is 2n, where n is the key length. All cryptanalytic attacks can be viewed as shortcuts to that method. And since the efficacy of a brute-force attack is a direct function of key length, these attacks effectively shorten the key. So if, for example, the best attack against DES has a complexity of 239, that effectively shortens DES’s 56-bit key by 17 bits.
That’s a really good attack, by the way.
Right now the upper practical limit on brute force is somewhere under 80 bits. However, using that as a guide gives us some indication as to how good an attack has to be to break any of the modern algorithms. These days, encryption algorithms have, at a minimum, 128-bit keys.
That means any NSA cryptoanalytic breakthrough has to reduce the effective key length by at least 48 bits in order to be practical.
Pro Publica article on NSA
What’s New Here
The NSA has secretly and successfully worked to break many types of encryption, the widely used technology that is supposed to make it impossible to read intercepted communications.
Referring to the NSA’s efforts, a 2010 British document stated: “Vast amounts of encrypted Internet data are now exploitable.” Another British memo said: “Those not already briefed were gobsmacked!”
The NSA has worked with American and foreign tech companies to introduce weaknesses into commercial encryption products, allowing backdoor access to data that users believe is secure.
The NSA has deliberately weakened the international encryption standards adopted by developers around the globe.
BULLRUN Briefing Sheet from GCHQ
SIGINT Enabling Project
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.
The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.
The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – “the use of ubiquitous encryption across the internet”.
Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with “brute force”, and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves.
Government and industry have betrayed the internet, and us.
By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.
This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.
Size of US army presence in Africa
Thought this was fascinating and it totally makes sense to me.
The Pentagon’s Africa Command will tell you there’s one military base on the entire continent. Don’t believe them.
They’re involved in Algeria and Angola, Benin and Botswana, Burkina Faso and Burundi, Cameroon and the Cape Verde Islands. And that’s just the ABCs of the situation. Skip to the end of the alphabet and the story remains the same: Senegal and the Seychelles, Togo and Tunisia, Uganda and Zambia. From north to south, east to west, the Horn of Africa to the Sahel, the heart of the continent to the islands off its coasts, the US military is at work. Base construction, security cooperation engagements, training exercises, advisory deployments, special operations missions, and a growing logistics network, all undeniable evidence of expansion—except at US Africa Command.
To hear AFRICOM tell it, US military involvement on the continent ranges from the miniscule to the microscopic. The command is adamant that it has only a single “military base” in all of Africa: Camp Lemonnier in Djibouti. The head of the command insists that the US military maintains a “small footprint” on the continent. AFRICOM’s chief spokesman has consistently minimized the scope of its operations and the number of facilities it maintains or shares with host nations, asserting that only “a small presence of personnel who conduct short-duration engagements” are operating from “several locations” on the continent at any given time.
This has been in the news for awhile and I have been discussing aspects of it for months.
The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.
Enlarge This Image
This undated photo released by the United States government shows the National Security Agency campus in Fort Meade, Md.
This article has been reported in partnership among The New York Times, The Guardian and ProPublica based on documents obtained by The Guardian. For The Guardian: James Ball, Julian Borger, Glenn Greenwald. For The New York Times: Nicole Perlroth, Scott Shane. For ProPublica: Jeff Larson.
The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.
Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor.
Unlocking Private Communications
Below are encryption tools the N.S.A. has had some success in cracking, according to documents provided by Edward J. Snowden describing the agency’s code-breaking capabilities.
Virtual Private Networks
Commonly used by businesses to allow employees to access work networks from outside the office, via an encrypted “tunnel” through a public network.
Available with chat programs like Adium or with software added to programs like AOL Instant Messenger, providing “end to end” encryption, in which the data cannot be decrypted at any point along the transfer (even by the messaging service).
SSH Secure Shell
For Linux and Mac operating system users, this is the standard way to gain access to a remote computer.
This has long been a standard way to encrypt password and financial information when sending information from a computer to a server, and it is becoming more common with social media sites like Facebook and Twitter and Webmail services like Gmail. A URL that begins with “https://” and displays a small padlock icon designates a secured web page.
Transport Layer Security/
Secure Sockets Layer
The most common way to secure information sent over the Internet (including Web browsing and e-mail) and internal servers. HTTPS is secured by applying TLS/SSL to a Web site.
Voice over Internet Protocol
Services like Microsoft’s Skype and Apple’s FaceTime allow users to make free, encrypted phone and video calls over the Internet. The documents suggest that the N.S.A. is working with some VoIP services to obtain pre-encryption access to such messages.
Six years ago, two Microsoft cryptography researchers discovered some weirdness in an obscure cryptography standard authored by the National Security Agency. There was a bug in a government-standard random number generator that could be used to encrypt data.
The researchers, Dan Shumow and Niels Ferguson, found that the number generator appeared to have been built with a backdoor — it came with a secret numeric key that could allow a third party to decrypt code that it helped generate.
According to Thursday’s reports by the ProPublica, the Guardian, and The New York Times, classified documents leaked by NSA whistleblower Edward Snowdon appear to confirm what everyone suspected: that the backdoor was engineered by the NSA. Worse still, a top-secret NSA document published with the reports says that the NSA has worked with industry partners to “covertly influence” technology products.
What the NSA says about Suite B
The secure sharing of information among Department of Defense, coalition forces, and first responders motivates the need for widespread cryptographic interoperability and for NSA-approved information assurance products that meet appropriate security standards to protect classified information.
A Cryptographic Interoperability Strategy (CIS) was developed to find ways to increase assured rapid sharing of information both within the U.S. and between the U.S. and partners through the use of a common suite of public standards, protocols, algorithms and modes referred to as the “Secure Sharing Suite” or S.3. The implementation of CIS will facilitate the development of a broader range of secure cryptographic products which will be available to a wide customer base. Some operational examples include enabling the U.S. Government to share intelligence information securely with State and local First Responders and providing war fighters on the battlefield the capability to share time-sensitive information securely with non-traditional coalition partners. To achieve the Strategy, NSA is working to influence International standards groups as well as national policies for securing National Security Systems. The use of selected public cryptographic standards and protocols and Suite B is the core of CIS.
Commercial Solutions for Classified (CSFC) will allow COTS information assurance products to be used in layered solutions to protect classified information. Click on the “Commercial Solutions for Classified Program” tab for more information.
Suite B cryptography has been selected from cryptography that has been approved by NIST for use by the U.S. Government and specified in NIST standards or recommendations. Suite B Cryptography is formalized in CNSSP-15, National Information Assurance Policy on the Use of Public Standards for the Secure Sharing of Information Among National Security Systems, dated March 2010.
The focus has been to leverage Federal and Internet standards, protocols and algorithms. Several Internet Engineering Task Force (IETF) protocol standards have been identified as having potential widespread use. IETF Request for Comments (RFCs) have been established to allow the use of Suite B Cryptography with these protocols. Additional IETF protocols are being assessed for their potential widespread use. The development of Internet Drafts to allow the use of Suite B Cryptography is either underway or being considered for these.
The next three sections identify the current IETF and NIST algorithm, protocol and modes standards that relate to Suite B Cryptography.
In 2005, NSA publicly announced Suite B Cryptography which built on the National Policy on the use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information (CNSSP-15). CNSSP-15 has been updated to address CIS and Suite B. In addition to AES, Suite B includes cryptographic algorithms for key exchange, digital signatures, and hashing; specifically
AES with 128-bit keys provides adequate protection for classified information up to the SECRET level. Similarly, ECDH and ECDSA using the 256-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-256 provide adequate protection for classified information up to the SECRET level. Until the conclusion of the transition period defined in CNSSP-15, DH, DSA and RSA can be used with a 2048-bit modulus to protect classified information up to the SECRET level.
AES with 256-bit keys, Elliptic Curve Public Key Cryptography using the 384-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-384 are required to protect classified information at the TOP SECRET level. Since some products approved to protect classified information up to the TOP SECRET level will only contain algorithms with these parameters, algorithm interoperability between various products can only be guaranteed by having these parameters as options.
After yesterday’s NSA codebreaking revelations, there’s some good news for cryptography. A Toshiba research lab has announced a crucial breakthrough in quantum cryptography, the last truly unbreakable form of encryption, which could pave the way for a new generation of private communications networks.
Quantum cryptography uses the properties of light to create effectively unbreakable encryption. Any attempt to tap in affects the signal and can be instantly detected. The system is already in use in some expensive and high-profile setups, most notably in Geneva’s banking sector, but it comes with serious limitations. The laser-based process only works over short distances, and it can only be used to connect two computers at a time.
The new breakthrough, published this week in Nature, offers a way to solve the second problem, connecting as many as 64 computers in a setup they describe as a “quantum access network.” The breakthrough comes from an improved photon detector that can handle 1 billion photons per second, allowing it to manage photon streams from more than one computer at once. That lets quantum engineers build networks on a more common hub-and-spoke model, potentially opening the door for more sophisticated quantum-powered networks in the future.
Source Quartz, Nature
The abstract from the paper
The theoretically proven security of quantum key distribution (QKD) could revolutionize the way in which information exchange is protected in the future1, 2. Several field tests of QKD have proven it to be a reliable technology for cryptographic key exchange and have demonstrated nodal networks of point-to-point links3, 4, 5. However, until now no convincing answer has been given to the question of how to extend the scope of QKD beyond niche applications in dedicated high security networks. Here we introduce and experimentally demonstrate the concept of a ‘quantum access network’: based on simple and cost-effective telecommunication technologies, the scheme can greatly expand the number of users in quantum networks and therefore vastly broaden their appeal. We show that a high-speed single-photon detector positioned at a network node can be shared between up to 64 users for exchanging secret keys with the node, thereby significantly reducing the hardware requirements for each user added to the network. This point-to-multipoint architecture removes one of the main obstacles restricting the widespread application of QKD. It presents a viable method for realizing multi-user QKD networks with efficient use of resources, and brings QKD closer to becoming a widespread technology.
IN A recent blog post Babbage speculated what exactly an apparent cryptographic “breakthrough” achieved by America’s National Security Agency (NSA) might be. The three possibilities were, in ascending order of likelihood: the development of a quantum computer, some fundamental progress in attacking the mathematics underlying cryptographic algorithms, or else the discovery of flaws in the specific implementations of those mathematics in individual bits of software.
Reports published on Septemper 5th in the Guardian and the New York Times about the code-breaking efforts of the NSA and its British counterpart, GCHQ, add a lot of weight to the idea that, besides powerful supercomputers and court orders, the spooks are relying on dodgy software to help them to read messages. The central allegation is that the agencies have deliberately introduced flaws into the encryption used by many websites, sometimes with the connivance of the companies that run them. In the jargon (which has percolated into popular culture) this sort of flaw is known as a “back door”.
More thoughts later.
Per the article..
The United States and its allies are considering an attack against Syria’s government. Such an attack is limited only by the people, aircraft, ships, and vehicles available in the area, so when the U.S. Navy moves more ships into the eastern Mediterranean, it starts to look a little like war.
This infographic, by Farwa Rizwan at Al Arabiya English, looks at the military maneuvers already underway. France and the U.S., with Turkish and UK airbases serving as a staging point, are the nations most likely to act against Syria’s government. Until yesterday, when this map was published, the United Kingdom looked ready to intervene, but then its Parliament voted against intervention. I’ve left every reference to British military assets on the map intact here, but it’s unlikely now that the UK will play a direct role. All these countries are allies as part of NATO. Here is what they could bring to an intervention:
Runways and Airplanes
It’s hard to conduct a bombing campaign without a place for the warplanes to land. France has an aircraft carrier in the western Mediterranean that could be moved closer; there’s a shared U.S./Turkish airbase in Turkey; the UK has an air base in Cyprus, about 160 miles away from Syria; France and the U.S. both have bases in the United Arab Emirates; and the U.S also has bases in Qatar and Bahrain. There are also two American aircraft carriers in the region: the USS Nimitz and the USS Harry Truman, both in the Persian Gulf. It takes about 5 days for a carrier to move between the Suez and the Persian Gulf (provdied Egypt doesn’t close the canal), but they might not even need to do that. With mid-air refueling, and with permission from Iraq, American fighters could take off from carriers in the Persian gulf and attack Syria.
The map also shows American F-16s and British Typhoon planes. These are strike aircraft, or known in an earlier era as fighter-bombers. They can fight enemies in the air, as well as attack vehicles, buildings, and troops on the ground.
Submarines and Destroyers
America, France, and the UK all have ships in the Mediterranean Sea ready to strike at Syria, if need be, with cruise missiles. Both ships and subs carry cruise missiles, which can hit targets more than 1,000 miles away. You can read more about cruise missiles, and how they work, here.
Also noted on the map are Patriot missiles, which is a bit of an odd choice. Patriot missiles are anti-ballistic, fired to intercept incoming enemy missiles. Syria has some long range ballistic missiles and last summer threatened to use them against foreign intervention.
Why not a cyber offensive?
Seriously the brag in the various medias about how sophisticated the Govts computers are.. They have had considerable success with Stuxnet In Iran if reports are to be believed..
Famous NYTimes article about Stuxnet and Olympic Games
WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.
Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.
At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.
“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.
Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.
As Congress debates strikes against Syria for using chemical weapons against its own people, much attention has focused on using cruise missiles for limited strikes. The risks are evident. Will these be seen as a delayed, empty gesture that inflicts little damage but prods Bashar Assad into stepping up further attacks? Would casualties inflicted merely deepen bitterness between the sides and fuel the bloody conflict? Having declared use of chemical weapons a red line, will limited U.S. action convince other parties—notably Iran, China and Russia—that American threats should be taken seriously?
The United States must, as Steve Yates has observed, act with a sense of purpose and power. We must define the goal. Merely punishing Assad raises a problem. Secretary of State John Kerry has spoken powerfully and eloquently on why Assad should be punished. But a 1994 U.S. Senate Committee on Banking, Housing and Urban Affairs reported that the United States approved shipments to Saddam Hussein of materials that can be used in the production of biological weapons during his war with Iran. Make no mistake. No matter what they say today, any strike aimed at punishing this Arab regime for will draw criticism from Arabs and others as hypocrisy. That holds especially true if U.S. bombing or missile strikes result in Arab deaths or injury.
A goal of weakening the regime risks drawing the United States into the center of the conflict. For over a year, we have cautioned that the enemies of our enemy may not be our friends. We must tread carefully. Any use of force must define how far the United States is willing to go. There’s good reason Winston Churchill noted that sound foreign policy is driven by interests, not friendship. Our key strategic interest lies in ensuring that Assad’s formidable arsenal of chemical weapons does not get loose. That poses a threat to the international community. Israel has rightly said that any effort to transfer those weapons is cause for war. Here surfaces another problem.
The United States has declared it won’t put American boots on the ground. But containing Assad’s WMD arsenal may well require special operations that almost certainly would require intervention by special forces, even if in tandem with Arab partner states.
These considerations mandate that any strike—whether to punish, deter or weaken Assad—eschew what the military terms “kinetic” strikes (e.g., using missiles or bombs) in favor of cyber attacks. Taking out Assad’s air force and making his runways unusable might be a meaningful option, but there seems no realistic possibility the United States will opt for that. Well-targeted cyber attacks will send Assad and interested parties a strong message that we’re serious and put a meat axe into his command-and-control capabilities by sowing confusion, distrust, and chaos into those systems. The key is to direct attacks against Syrian cyber assets. That means find, fix, and finish activities against Syrian Electronic Army operatives – many of whom operate outside of Syria in the Gulf and Maghreb countries – and who can be identified and taken off the battlefield.
Rand policy paper. Danger of intervention in Syria
I have posted this before but it seems even more timely to do so again.
In the midst of growing public wariness about large-scale foreign interventions, the Obama administration has decided to arm the Syrian rebels. Those who call for increasing the scope of U.S. aid to the Syrian rebels argue that (1) arming the rebels is the cheapest way to halt a humanitarian catastrophe, hasten the fall of the Assad regime through a rebel military victory or a negotiated settlement, and allow the Obama administration to influence the broader direc- tion of Syrian politics in a post-Assad world; (2) failure to step up U.S. involvement will damage America’s credibility and reputation in the eyes of our allies and adversaries; and (3) U.S. objec- tives can be accomplished with a relatively small level of U.S. commitment in Syria.
These arguments are wrong on all counts. There is a high risk that the decision to arm the Syrian rebels will drag the United States into a more extensive involvement later, the very sce- nario that the advocates for intervention claim they are trying to avoid. The unique characteris- tics of alliances between states and armed non-
state groups, in particular their informal nature and secrecy about the existence of the alliance or its specific provisions, create conditions for states to become locked into unpalatable obli- gations. That seems especially likely in this case. The specific way the administration has chosen to increase the scope of its support to the rebels sets the stage for even greater U.S. commitment in Syria in the future. The Obama administra- tion, therefore, should not have decided to arm the Syrian rebels.
Looking ahead, it is important for policy- makers to understand the nature of alliances between states and armed nonstate groups even after the Syria conflict is resolved. Given that Americans are unwilling to support large-scale interventions in far-flung reaches of the globe, policymakers looking for military solutions to political problems may conclude that arming proxy groups may be an attractive policy choice. They should instead, however, avoid committing to conflicts that don’t threaten core national se- curity interests.
Chemical Weapons. Our shady past
The US has used Chemical Weapons in combat before. We have supplied Saddam Hussein with the components to use Chemical Weapons on his people and we have tested Chemical Weapons on our own Citizens and Armed forces.
Totally unknown till 35 years after the Vietnam War was the DoD’s Project Shipboard Hazard and Defense (SHAD), a highly classified program, which from 1962 to 1971 tested whether US warships and their troops could withstand attacks from chemical and biological weapons. From overhead planes and nearby aircraft carriers, the military aimed lethal gases at ships carrying mostly unsuspecting sailors and marines. In the 1990s, veterans stationed on SHAD boats reported respiratory conditions and cancers only to be told by VA that nothing called Project SHAD had ever existed. Finally, after CBS broke the story in May 2001, the Department of Defense admitted to SHAD’s existence and its almost decade-long program of toxic testing.
In 1998, a CNN two-part Sunday night news report revealed that a special commando unit in 1970 used sarin gas in Laos to kill American defectors. The story about “Operation Tailwind” was researched, written and produced by seasoned journalists April Oliver and Jack Smith, with help from Pulitzer Prize-winning Peter Arnett, who narrated the broadcast. Under pressure from Henry Kissinger and others, many claim, CNN retracted the story, and fired Oliver and Smith, and Arnett soon after. ( Newsroom’s Aaron Sorkin recently explained on the Daily Show that he used “Operation Tailwind” as the basis of the second season’s centerpiece, Operation Genoa, a secret mission set in Pakistan, in which the US supposedly used sarin against civilians. CNN’s reporting, Sorkin told John Oliver, offered an intriguing example of journalism gone awry with compromising research and doctored videos.)
The story of Operation Tailwind has never been proven wrong, as Jennifer Epps persuasively documented recently on the Daily Kos. According to Oliver and Smith, the story’s prime source, Admiral Thomas Moorer, read and signed off on the script; and according to Reese Schonfeld, CNN’s co-founder, Moorer stated in a legal deposition that he had said what the journalists quoted him as saying. Even CNN’s attorneys Floyd Abrams and David Kohler “found no credible evidence at all of any falsification of an intentional nature at any point in the journalistic process….We do not believe it can reasonably be suggested that any of the information on which the broadcast was based was fabricated or nonexistent.” The attorneys asserted that high-level and reliable military personnel had been confidential sources for the story. Yet the story was pulled and the journalists fired.