Sum Ting Wong

Ironies abound. For example, even  as Dick Durbin  defined  journalists as anyone who got a media paycheck, a San Francisco news outlet demonstrated that they were not exempt from making stupid mistakes.

And the worst mistake would be to underestimate the Chinese. Gordon Chang at the Gatestone Institute argues that Edward Snowden, rather than being a mere "whistleblower" or even an ordinary spy, may actually have been a "dropbox" for an even bigger spy cell within the NSA and the FBI. In other words, he was just the tip of the iceberg.

This theory explains how Snowden could possess information to which he did not have access. It is possible he figured out how to bypass barriers in NSA's systems, but it is more likely he had help. Eli Lake of the Daily Beast reports that the FBI is investigating whether Snowden obtained documents "from a leak inside the secret FISA court." Similarly, Mike Rogers, chairman of the House Select Committee on Intelligence, has suggested Snowden probably had an accomplice in the NSA who gave him information.

Beijing may also have encouraged Mr. Snowden to leave Hawaii. One of my sources indicates that Chinese intelligence, either directly or through FBI personnel working for China, tipped Snowden off that NSA investigators were closing in on him.

There still is no proof of this allegation, but it is telling that Snowden chose to run to Hong Kong.

This theory implies that not just American intelligence, but its counterintelligence apparatus has been penetrated and compromised. Some of the bad guys are not only the perps, they're also the cops.

The word some of you may be thinking of is rootkit. Suppose the Chinese or the Russians -- or the Saudis -- have instead of infiltrating ordinary spies, managed to install a rootkit in the US government? "A rootkit is a stealthy type of software, often malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer." In plain language, suppose they managed to take over the United States government from the top. This is how computers are sometimes attacked and it is where the term "rootkit" comes from.

A "rootkit" in this case would be a network of enemy agents placed high up in trusted positions of great power, in such a situation of trust they could hardly ever be questioned.

Of course the idea of takeover from the top is an old one. Julius Caesar understood it in principle. "“The greatest enemy will hide in the last place you would ever look.” Nor was he wrong. The Roman Empire was dealt a near mortal blow by an enemy from within. The Romanized barbarian Arminius led Varus and his legions into an ambush in the Teutoberg forest, a setback from which the imperium arguably never recovered. Rootkits are deadly.

Once installed, it becomes possible to hide the intrusion as well as to maintain privileged access. The key is the root/Administrator access. Full control over a system means that existing software can be modified, including software that might otherwise be used to detect or circumvent it.

Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative and trusted operating system, behavioral-based methods, signature scanning, difference scanning, and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem. When dealing with firmware rootkits, removal may require hardware replacement, or specialized equipment. ...

The fundamental problem with rootkit detection is that if the operating system has been subverted, particularly by a kernel-level rootkit, it cannot be trusted to find unauthorized modifications to itself or its components. Actions such as requesting a list of running processes, or a list of files in a directory, cannot be trusted to behave as expected. In other words, rootkit detectors that work while running on infected systems are only effective against rootkits that have some defect in their camouflage, or that run with lower user-mode privileges than the detection software in the kernel. As with computer viruses, the detection and elimination of rootkits is an ongoing struggle between both sides of this conflict

About the only way the public can tell that Sum Ting Wong is detecting behavioral anomalies in the system. The OS will report itself clean because the OS has been taken over. Therefore the only clues are that things no longer work as before. The system is perverse.  It gives manifestly wrong outputs. And often the only fix is to reboot from a known clean copy of the OS, which in this case would be the US Constitution -- a document more than a hundred years old that nobody reads.

The fact that Snowden fled to Hong Kong and then Russia strongly suggests that the rootkit -- if in fact it does exist -- has not completely taken over the system. There was still someone left to come after him. But the fact that he got so far and that efforts to spread surveillance into every aspect of American life have gotten even further imply that, Ho Lee Fuk, the malware is well along.

The usual solution to this kind of problem is a political reboot, whose main goal is to purge the system of bad information. Over time garbage accumulates in the memory space of an information system and unless it is purged, then it is Bang Ding Ow! for its processes. We do this for our own computers, but think that "permanent majorities" are a good thing in government. Yet they are not. With the government collecting information on everyone and the (Chinese, Russians, Saudis) abstracting it in turn, we are Wi Tu Lo at this point.

Did you know that you can purchase some of these books and pamphlets by Richard Fernandez and share them with you friends? They will receive a link in their email and it will automatically give them access to a Kindle reader on their smartphone, computer or even as a web-readable document.

The War of the Words for $3.99, Understanding the crisis of the early 21st century in terms of

information corruption in the financial, security and political spheres

Rebranding Christianity for $3.99, or why the truth shall make you free

The Three Conjectures at Amazon Kindle for $1.99, reflections on terrorism and the nuclear age

Storming the Castle at Amazon Kindle for $3.99, why government should get small

No Way In, a novel at Amazon Kindle $8.95, print $9.99

Storm Over the South China Sea $0.99, how China is restarting history in the Pacific

Tip Jar or Subscribe or Unsubscribe