Talk:Bullrun (decryption program)

Latest comment: 9 years ago by VoxLuna in topic Bullrun vs BULLRUN

Huawei Controversy

edit

The US and Western governments have been very active in controlling the influence of Huawei in network infrastructure, it would seem because they have no influence over back door and have in fact accused Huawei of compliance with the Chinese government in doing the same thing. [[1]] It would seem to be relevant to suggest that Western governments are against Huawei equipment because they don't have the desired level of influence over development. — Preceding unsigned comment added by 86.54.181.194 (talk) 07:54, 10 September 2013 (UTC)Reply

Code name (title of article)

edit

Reuters news exclusive today, saying NSA paid RSA $10M to subvert encryption as part BullRun project. http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220 --- — Preceding unsigned comment added by 172.251.172.174 (talk) 09:57, 21 December 2013 (UTC) Bullrun isn't a code name. It's a program. Just as PRISM is a program, Boundless Informant is a program, XKeyScore is a program, Tempora is a program, etc. etc. The subject of this article is no more a "code name" than Bullrun the TV series is a "name of a TV series." But the title of that article isn't Bullrun (name of TV series).Reply

Yes, it's a matter of semantics, but these are important semantics that we should correct right away. --Dr. Fleischman (talk) 22:00, 5 September 2013 (UTC)Reply

Hi Dr. Fleischman. Sure, feel free to move the article if you think there's a more suitable title. I was following the examples of Blarney (code name), Ragtime (code name), and Stellar Wind (code name). By the way, I cleaned up the BullrunBullrun (TV series) links already, so we're all set there. --MZMcBride (talk) 22:54, 5 September 2013 (UTC)Reply
Hm, it seems there's no consistency here. Those three have "(code name)" but then there's "PRISM (surveillance program)", "Fairview (surveillance program)", and "Turbulence (NSA)". I prefer "Bullrun (decryption program)" for the reasons I already mentioned, but I'll give it 24 hours in case other editors want to way in. --Dr. Fleischman (talk) 23:51, 5 September 2013 (UTC)Reply
Personally, I think "anti-encryption" is more accurate than "decryption." The articles could probably all be standardized to "___ (program)". --MZMcBride (talk) 02:05, 6 September 2013 (UTC)Reply
I'm agree. This is not really a decryption program. It is rather a program to cheat. 92.106.151.60 (talk) 06:56, 6 September 2013 (UTC)Reply
BULLRUN in caps (cf PRISM). Encryption suppression and subversion seems to describe it. Widefox; talk 09:50, 6 September 2013 (UTC)Reply
I favour the term "Project Bullrun", which appears in a quotation from one of the leaked documents in the Guardian article. It would appear to be the official name (apart from capitalisation), and it does not require disambiguation. —rybec 17:55, 6 September 2013 (UTC)Reply
  • "anti-encryption program": Sounds somewhat reasonable to me except for two things. First, decryption need not be brute force to be "decryption"; that's why it's called "brute force decryption" (as opposed to just "decryption"). Second, the reliable sources aren't using "anti-encryption." The Guardian called it a "decryption program," and the NY Times/ProPublica just called it "highly classified program" (though ProPublica referred to their story as "the decryption story"). --Dr. Fleischman (talk) 18:09, 6 September 2013 (UTC)Reply
  • "program": I like this for standardization. Although... sometimes people refer to a TV show as a program? Would this be too vague/ambiguous? --Dr. Fleischman (talk) 18:09, 6 September 2013 (UTC)Reply
  • "Project Bullrun": I'm against a name that appears in only one primary source and has not been used by the reliable secondary sources.
  • capitalization: PRISM has been frequently (though not uniformly) referenced in the reliable sources using capital letters, hence the decision to use capitals for the title of the article. I believe you can go back to the early talk page discussions of the article to verify. Bullrun, on the other hand, was referenced in mixed caps by both the Guardian and the NY Times/ProPublica. --Dr. Fleischman (talk) 18:09, 6 September 2013 (UTC)Reply
I have difficulty understanding your comment about "Project Bullrun". As I said, the term "Project Bullrun" was used in a quotation in the Guardian article. Are you saying that by quoting, the Guardian is not using the term? Are you saying the Guardian is not a reliable secondary source? Are you saying that there are other primary sources which use different names? —rybec 18:21, 6 September 2013 (UTC)Reply
Yes to your first question. When a secondary source quotes a primary source, the contents of the quote don't magically become more reliable. The Guardian never subjected the contents of the "Project Bullrun" quote to editorial scrutiny, i.e. to decide whether the terminology was appropriate. All they did was confirm that the slide actually said that. Put another way, if the Guardian had removed the word "Project" then that would have been inaccurate because it would have misquoted the slide. But clearly the paper made a decision that it would refer to the program simply as "Bullrun" when speaking in its own voice. --Dr. Fleischman (talk) 21:37, 6 September 2013 (UTC)Reply
In the NSA's own classification guide it's "project BULLRUN". It's not really clear what the exact status of this project is (it's not a codeword for an SCI compartment), but it's common practice to write all these nicknames and codewords capitalized. P2Peter (talk) 20:13, 6 September 2013 (UTC)Reply
That's a primary source. We should adhere to reliable secondary sources. --Dr. Fleischman (talk) 21:23, 6 September 2013 (UTC)Reply
Well, since these disclosures started, it stated out that you really gave to read the original documents, because the news reports are heavily biased, and there are only very few balanced analyses yet. P2Peter (talk) 22:03, 6 September 2013 (UTC)Reply
Where the Guardian presents one of the documents, [2] (caution, marked "top secret"), it uses the title "Project Bullrun — classification guide to the NSA's decryption program" and refers to it as "Bullrun" in the description. In the actual document, the title is different: it has an abbreviation. In titling its Web page, the Guardian chose to omit the abbreviation, but chose to use the term "Project Bullrun". The title of the Web page is a creation of the Guardian, not simply a parroting of what the NSA calls the document. When making the quotation we discussed earlier, they could have chosen to omit the word "Project".
This was just made public around a day ago, so further stories about it may appear. It may be best to wait for that. —rybec 22:42, 6 September 2013 (UTC)Reply
P2Peter, are you suggesting that the Guardian, the New York Times, and ProPublica were biased in their decision to call the program "Bullrun" instead of something else? --Dr. Fleischman (talk) 23:44, 6 September 2013 (UTC)Reply
Sorry, that was meant generally. But as mentioned above, also for the name itself, it's good to compare the papers with the original documents. P2Peter (talk) 01:02, 7 September 2013 (UTC)Reply
With regards to capitalization, NSA code names are ALLCAPS, no spaces. that's the standard, not always adhered to even in the documents. With regards to sources, in this the people with access to the documents themselves will be more reliable, they have seen more, not all of which are online. Secondary sources in this case are problematic, they tend to contain much less information than the primary articles. And we should go back to the documents themselves: I know of the following
--Paulmd199 (talk) 00:40, 8 September 2013 (UTC)Reply

Regarding capitalization, at least for the New York Times, this piece explains why this is. Basically any word over four letters gets de-capitalized. --MZMcBride (talk) 03:13, 9 September 2013 (UTC)Reply

Turmoil slide

edit

The slide is just not accurate in its present form

  • The Corporate logos imply relations that are not directly supported by the documents
  • It says that TURMOIL is a pilot program by the GCHQ. It is neither Pilot, nor GCHQ.
    • The existence of TURMOIL was revealed to the Baltimore Sun in February 2007 by NSA whistleblower Thomas Andrews Drake.
    • It an NSA program that is part of a larger effort called TURBULENCE.
  • The Slide implies a flow of information that is also not directly supported by documents relating to turmoil. Its connection to BULLRUN, which is also NSA, not GCHQ is only tangential, by the weight of the released documents so far. Both are codebreaking, but beyond that, no supporting documents linking the two have been released.
  • The British pilot program is "Edgehill"

I have commented out the slide for now.

Note: the word program is used in the classic sense and does not mean that there is a software program called TURMOIL, just that it is an organized effort. --Paulmd199 (talk) 02:19, 9 September 2013 (UTC)Reply

" all encryption"

edit

What is this supposed to mean? I made my own encryption scheme during a drunken haze back in the 1990es (sorry, just like this article, I don't remember the year exactly). I never told anyone about it. Please tell me how the NSA managed to try and insert a backdoor into it. --79.240.205.80 (talk) 12:42, 9 September 2013 (UTC)Reply

I've rewritten the paragraph, taking out "all encryption", adding citations and adding mentions of CALEA, the Cyberspace Electronic Security Act, Bernstein v. United States, Skipjack (cipher) and the Clipper chip. Better, or worse? —rybec 19:43, 9 September 2013 (UTC)Reply
All encryption would be the goal, but the implementation is constrained by resources, and the limits of influence: biggest fish first, they don't actually get to sit on every committee, opensource is harder to backdoor. --Paulmd199 (talk) 22:53, 9 September 2013 (UTC)Reply

Map graphic needs a key

edit

The map of global NSA data collection is useless in its current form as there is no indication of what the colours mean.

Bullrun vs BULLRUN

edit

There are different instances of capitalization throughout the article. The introduction begins with "Bullrun (stylized BULLRUN)", then proceeds to use both in various places. I don't know how to correct them, because I'm not sure if WP prefers one or the other. Besides the introductory explanation, they should maintain one format or another. — VoxLuna  orbitland   18:14, 3 August 2015 (UTC)Reply