Is there an Extinction Level Event coming for the Deep State?

An Extinction Level Event is when something - we typically don't really understand what - causes a mass die-off, with 60% or more of species disappearing. The most famous of these was the asteroid that finished off the dinosaurs (if you believe that; I'm skeptical that the answer to their demise is so neat and tidy).

Well Donald Trump said he's going to appoint Elon Musk to lead a "Government Efficiency Commission":

Former President Donald Trump says that if reelected, he’ll create a government efficiency task force — and that Elon Musk has already agreed to lead it. During a speech in New York on Thursday, Trump said the new efficiency commission would conduct a “complete financial and performance audit of the entire federal government” and make recommendations for “drastic reforms.”

There's no need to look at Tesla's 50% Electric Vehicle market share, or compare SpaceX's launch rate to, well, the rest of the world combined.  Most relevant to this discussion is how Elon cut 80% of Twitter's headcount, turning the company around.

Even though reports have Government employees cutting back expenditures in anticipation of potential cuts, lots of folks are skeptical that this can be done at all.

I'm not one of the skeptics, because I've seen this my very own self, in my career at Three Letter Intelligence Agency.  It was the mid-1980s and I was a wet-behind-the-ears Electronics Engineer in the COMSEC R&D organization.  Their recent triumph was the introduction of the STU-III secure telephone.

The STU-III was a technological marvel, providing high level (Type 1) encryption in a telephony device that, well, worked like a telephone.  And it was delivered 2 years early because of a manager who might be described as the 1980s COMSEC version of Elon Musk.

Walt Deeley was a very senior Intelligence Manager.  He is listed on the NSA's web site:

As Deputy Director of Communications Security in the early 1980s, Mr. Deeley pushed the development and deployment of the STU-III secure telephone, which has been called the most significant improvement to the security of government voice communications in fifty years. He perceived the need for a new approach, and deployed an affordable and effective telephone security system within two years.

...


Walter Deeley was known as a strong-willed manager who pushed his subordinates hard to get results. While a tough taskmaster, the technical advances and mission achievements he led made the United States more secure.

Bold added by me.  Let me give some additional color around that.  He was a legend in the COMSEC R&D organization.  His reputation was equal parts admiration and fear - it was almost like he who must not be named.  People remembered the careers he derailed in his quest for an encrypting telephone.

One story told to me by an old hand was how Deeley had come into the office one Saturday to see how the program was working.  He called down to the program office, and the phone rang and rang and rang.  Finally one guy who happened to be in the office on the weekend answered.  Deeley asked for the Program Manager.  When told that the PM wasn't in because it was a Saturday, Deeley told the guy who was there that he was the new PM and to see him first thing on Monday.  It was very Elon-Must-at-Twitter.

True story - at least I believed it was.  And I for sure wasn't the only one there who did.

So to those who say you can't change how the Government works, color me skeptical.  I'm skeptical because I've actually seen it change (well, heard from people who did).

The interesting question here is how you scale this throughout all the Federal Agencies.  I think the answer is to use business-as-usual: different offices play office politics against each other to get budget and headcount.  That's how the game is played.  So set up an incentive structure for Office A to rat our Office B's inefficiencies and duplications to save their own skins.  I expect that this would pay big dividends.

It's sort of like setting one type of dinosaur against another, in a battle to the death.

UPDATE 28 OCTOBER 2024 14:51: Elon says they can reduce the Federal budget by $2 Trillion.

Secret or no secret?

If this were such a big deal, would the Chinese be talking about it?

According to a Chinese state-sanctioned study, signals from SpaceX Starlink broadband internet satellites could be used to track US stealth fighters, such as the F-22.

...

The research details how the academics were able to recognize the rough location of a commercial drone by observing disturbances in electromagnetic signals from Starlink satellites caused by aircraft passing through them. The system could "provide significant advantages in detecting small and stealth targets," the team claimed.

The academics, led by professor Yi Jianxin from Wuhan University's School of Electronic Information, launched [paywall] a commercial DJI Phantom 4 Pro drone and sent it over the coast near the Chinese city of Guangdong. The researchers chose the drone as they estimated it has the same radar signature as a modern F-22 fighter.

They reported being able to detect up the drone – not by hammering it with easily identifiable radar pulses (which would invite a counterattack in a war situation) but by identifying where the drone reflected the signals from a Starlink satellite orbiting overhead. The test was overseen by the Chinese government's State Radio Monitoring Centre.

This looks to be pretty similar to a system of passive radar that the Germans used in World War II.

You would think that if this were effective (or if the Chinese thought it could be made to be effective), they wouldn't say anything about it.

Cisco Webex call recording released by Russia

Wow:

The German Ministry of Defense (Bundeswehr) has confirmed that a recording of a call between high-ranking officials discussing war efforts in Ukraine, leaked by Russian media, is legitimate.

Senior government officials have also confirmed Russian reports that the call was hosted on and tapped via Cisco's WebEx video conferencing platform rather than any kind of secure, military-grade comms.

Roderich Kiesewetter, deputy chairman of the German parliament's oversight committee, said the Bundeswehr leak was possibly caused by a Russian agent inside the WebEx call or the Bundeswehr's implementation of it, but the country is still working on discovering how the intrusion took place.

As someone who worked at Cisco (in both their security and Webex business units) I can say that Cisco takes security very, very seriously.  Not knowing more than this article, it very well may be a mole.

Dad Joke CCIX

You can't keep secrets in a bank.  There are too many tellers. 

The Woman In The Red Dress is not on your side

Life imitates art, and not in a good way.  An early scene from The Matrix shows a simulation that Morpheus uses to instruct Neo on how the "reality" he experiences is all a front, a distraction, a dangerous  manipulation:

Here we are 23 years later, and we find that social media is precisely what was shown in this scene:

Lots of people commented on it and how it looked as much like a Fed Boi false flag as the "Only Feds" one last September.  "Hello, fellow insurrectionists! I'm happy to meet you for the first time so we can all MAGA together. Let's ask the other MAGAs if they have forgotten their AR-15,'s and offer to give them some." 

...

It seems that there's some evidence being talked about that one of the main voices behind the "rally" on Twitter is an AI Bot, given an AI face blend (made up face) of a pretty young blond woman.  (Because that won't attract attention, right?) 

...  There’s an entire Twitter thread devoted to this young lady, who joined Twitter last month and whose existence can’t be verified anywhere else.  The guy who posted this picture says he did a search engine dive for the screen name she's using, “Sheryl Lewellen,” and can find only one other thing she supposedly posted: a GoFundMe to help her friend's dog get surgery.  

That's right, no Google history at all.  Two Twitter threads.

The only difference between her and the Woman In The Red Dress is that this bot seems to "like dogs".  23 years doesn't seem like a very long time for this sort of prediction to become apparent reality.  And so the next time someone on social media who tells you Hello, fellow insurrectionists! I'm happy to meet you for the first time so we can all MAGA together, remember one thing: there is no spoon.

Seriously.  There is no spoon, at least none that you'll get from someone on social media.  Especially if she's blonde.

OPSEC for COMSEC

There have been a number of questions and comments about yesterday's post regarding COMSEC for the new year.  These seem to me to be related to OPSEC - Operational Security which as I mentioned is very hard to pull off flawlessly.  But it's terribly important and so I'd like to talk at least briefly about them.

Toirdhealbheach Beucail mentioned that TOR is difficult to use, which is God's Own Truth.  This makes it easy to screw up, which can expose bread crumbs that can lead the Federales back to you.  Use of a VPN and a privacy enhanced browser (like Brave which I recommend) are Very Good Things Indeed, but a VPN will also shine the light of suspicion on you.  Also, you have to ask yourself just how much you trust your VPN provider not to, say, comply with warrants and National Security Letters and such.  In short, a healthy paranoia is worthwhile and VPN won't replace what I was talking about yesterday.

Chuck Pergiel mentioned that Ross Ulbricht (the Dread Pirate Roberts who ran The Silk Road) was caught because a one-time user account only needed for the initial setup of something leaked out and let the Feds trace back to him.  Ross was said to be particularly good about OPSEC and this still happened.  Basically, he had to be perfect every single time he was online and the Feds only needed a single screw up.  I'll post tomorrow about an OS-on-a-stick and how to use it securely, but the important thing is that you can't use anything from your public OS on the private one, and vice-versa.

Jonathan H mentioned Eschelon which was a blast from the past.  He also mentioned using fax with handwritten messages.  I'm not so sure here, for a couple reasons.  Firstly, optical character recognition is advancing every year and this seems like an area where machine learning may end up able to read even doctor's handwriting, and secondly the public fax services may save copies of your transmissions.  There are lots of questions here.

Stefan points us to Pixelknot for Android.  Android is a problem, for a couple of reasons.  Google is the funder of Android and while it is Open Source, there are millions and millions of lines of code.  Google's revenue model is based on collecting data on users and I just don't trust the OS not to do that to me.  Also, if you run this on a mobile phone there will be geolocation data added to user data that is collected.  No bueno.

Paranoia runs deep - at least it should.

Johnny Rivers - Secret Agent Man

Sean Connery is dead at 90.  He defined movie cool in the 1960s, and made the James Bond franchise into a huge success.  That franchise inspired a million copy cats including a British TV spy series called Danger Man.  CBS bought the US rights to the show which they were going to air as Secret Agent.  The opening riff is one of the most recognizable in music, and the lyrics included a salute to Connery as Bond: they're giving you a number and taking away you name.

"Iconic" doesn't begin to cover this.

Secret Agent Man (Songwriters: P.F. Sloan, Steve Barri)

There's a man who lives a life of danger
To everyone he meets, he stays a stranger
With every move he makes another chance he takes
Odds are he won't live to see tomorrow

Secret agent man, secret agent man
They've given you a number and taken away your name

Beware of pretty faces that you find
A pretty face can hide an evil mind
Oh, be careful what you say or you'll give yourself away
Odds are you won't live to see tomorrow

Secret agent man, secret agent man
They've given you a number and taken away your name

Secret agent man, secret agent man
They've given you a number and taken away your name

Swinging on the Riviera one day
And then layin' in the Bombay alley next day
Oh, no you let the wrong word slip while kissing persuasive lips
The odds are you won't live to see tomorrow

Secret agent man, secret agent man
They've given you a number and taken away your name
Secret agent man

But Connery was much more than just James Bond, and went on to many outstanding performances.  I particularly liked him in The Wind And The Lion:

I find it charming that, while married twice, he is survived by his wife of 45 years.  I wonder what she thought in 1999 (at their 24th anniversary) when People Magazine designated him the Sexiest Man of the Century.

Rest in Peace, Sir Sean (knighted in 2000).  Thanks for the grace, and style.  They broke the mold when you were born.

How to read Pravda

Back during the Cold War when I was a newly minted engineer (Electrical, thanks for asking!) I took a job at Three Letter Intelligence Agency.  Everything there was burn-before-reading Top Secret, and the security clearances for some of the new hires hadn't been completed yet.  So what does a big agency do with these folks?  

Well, they sent us to training.  One of the things that the taught us about was Traffic Analysis which is absolutely terrifying in today's Internet Age.  However, some of the things were less techie.  One of these were techniques on how to read Pravda.

Pravda, of course, was the official newspaper of the Soviet Union's Communist Party.  It was well known to basically everybody that it was a propaganda sheet.  Indeed, there was an old joke from the time about Pravda and its sibling newspaper Isvestia, playing on the meanings of both names.  "Pravda" means "truth" in Russian, and "Isvestia" means "news".  The joke went "There's no news in Pravda and no truth in Isvestia".  Good times, good times.

As it turns out, that joke was wrong - at least according to the trainer at Three Letter Agency.  We were taught that there's quite a lot of actual information that you can get from Pravda, if you know how to read it.  Here from memory are some of the techniques for gleaning what is actually going on from the most famous propaganda rag in history:

1. The Front Page belongs to the Party.  Everything you see on the front page is the Party's most important messaging.  The more prominent the article, the more you can assume that it is pure propaganda.  Front Page above-the-fold articles are nothing but propaganda.
2. Most of the time there will be actual journalistic facts reported in the story.  You know, the Who/What/Where/When stuff.  This will in general be in articles buried inside the newspapers, and/or buried in paragraph 25 (under the assumption that most people will scan the front page and maybe the first 2 or 3 paragraphs).  Our trainer essentially taught us to read Pravda backwards, starting from the end and working our way back towards the front.
3. Things that really, really bother the Party will be prominently displayed.  Things that really really bother the Party will be on the front page, above the fold.  While this seems to contradict item #1 above, it really doesn't.  Sure, the actual contents of the article are nothing but propaganda, the information to be gleaned is that the subject is something that the Party hates.

An example of #3 from the 1980s was the Strategic Defense Initiative ("Star Wars").  The Party hated this with the fire of a million suns.  It made frequent appearances on page 1 of Pravda, talking about how awful it was.  Duly noted - SDI got under the skin of the Communist Party of the Soviet Union.

As it turns out, this skill has turned out to be handy in getting actual information out of today's New York Times (and other, lesser news outlets).  There's a lot that you can get from the news today if you ignore the front page.  Lawrence has a great example of this - skipping past the Supreme Court stories (item #3 above - this really bugs the Great and the Good) to things from page A29 - like what's going on with China?  Quite a bit as it turns out, but you need to read our newspapers backwards just like you would read Pravda.

Observe the power of this fully operational MiniTru

 George Orwell's prophetic 1984 had a dystopian future where everything was controlled by the government.  The agency charged with rewriting history was called the Ministry of Truth, or MiniTru.  Lawrence has discovered that Orwell wasn't a novel, but rather an instruction manual.

Very cool story about Jerry Pournelle

 I knew that he was the most interesting man in the world, but didn't know just how interesting he was.  Like "Plan the overthrow of the Communist government of Albania" interesting.

Spycraft, Google, and Donald Trump

The problem facing an Intelligence Agency is the same as the problem facing a historian studying some past civilization: what are the sources you have, and how much do you trust them?  For both the Intelligence Analyst and the Historian, sources may be few and far between.  A great example of this in history is the Heroninos Archive, a set of ancient Roman records literally rescued by accident from a trash heap.  The archive is the most complete set of documents about how a large Roman farm was run, and we almost didn't have it.

For an example of whether you can trust a source, you can't do better than Procopius.  He was the personal secretary of the great general Belisarius who tried to (and nearly succeeded) reconquer the western portion of the Roman Empire for Justinian the Great.  Procopius wrote about the campaigns in The History Of The Wars, and wrote about Justinian's many building projects in The Buildings.  Both books describe the glories and virtues of Emperor and General in glowing terms.  So far, so good.

But all is not what it seems.  In 1623 another of Procopius' books was discovered in the Vatican Library.  The Secret History is a savage description of the private lives and moral failures of the Emperor and his wife, and the General and his wife.  Procopius pours scorn on them all, sometimes in X-rated detail.

So we have Procopius' sources, but which do we believe?  Aye, there's the rub.  They can't both be true, can they?

We see this in our day.  A huge set of Google internal documents were released yesterday, describing how the company (allegedly) purposely changes search results:

A Google staffer today released documents exposing a massive censorship campaign where the ubiquitous Google search engine purposefully censored pro-life and conservative web sites, including LifeNews.com.

Google Insider Zachary Vorhies has given an interview to watchdog group Project Veritas where he discusses how he documented Google censorship of leading pro-life and conservative web sites for over a year. He made the decision to go public in an on-the-record video interview after Google went after him following the release of the information to Project Veritas.

He decided to go public after receiving a letter from Google, and after he says Google allegedly called the police to perform a “wellness check” on him.

This effects us in our daily efforts to understand the world in which we live.  What sources do we have?  Do we trust them?  I haven't trusted Google, for a very long time.  I use and recommend Duckduckgo, which combines multiple sources and which also doesn't spy on you.  But even here there's a problem, because Google results are included there - there's a ripple effect of Google censor algorithms that spreads far into the online world.  And since Google is a near-monopoly, the spread of these ripples is unknowable but presumably far indeed.

We are entering a new election cycle, one where Google is accused of manipulating election outcomes:

Google’s biased search algorithm actually flipped seats in the 2018 US midterm elections, according to a researcher who found the search engine’s “dramatically biased” results could have shifted over 78 million votes to Democrats.

“Upwards of 25 percent of the national elections in the world are being decided without people’s knowledge by Google’s search algorithm,” senior research psychologist Dr. Robert Epstein of the American Institute for Behavioral Research and Technology told RT, calling the search engine the “deciding factor” in close races.

This is a source.  Do we believe it?  RT is the rebranded Russia Today, paid for (to some extent) by the Kremlin.  Do they have an agenda?  Certainly.  Does what they say sound like it might be true?  As the Mythbusters might put it: plausible.

Google is clearly opposed to conservative views in general, and to Donald Trump in particular.  It's been known for years (detailed in my post above) that they manipulate results in furtherance of their ideology.  This much seems clear.  How much they manipulate the results - and their ability to swing elections - is less clear.  But it's not zero.

This is a problem for us today, as it is for historians.  What if everything you hear about Donald Trump is worse than things actually are, because the sources are biased?  It's like everything you know comes from a Donald Trump version of Procopius' Secret History.  Actually, when you consider the stories in the press about him, that's perhaps not very far off the mark.

But what if everything a person hears is distorted?  The sources are unreliable, because they either are pushing an opposite agenda or they're being hidden (like a Heroninos Archive that ends up in the incinerator)?  This isn't far fetched at all - we see this in history, where it may be that everything that we know about the Byzantine Emperor Thomas the Slav is wrong, because of this very problem. (Note: if you don't want to listen to the Life and deeds of Thomas, skip to the last 4 or 5 minutes of this podcast where it discusses the reliability - actually the lack thereof - of the sources).

We know that opinion polls in the run up to elections are inaccurate.  Polls are a source, but how much do you trust them?

Quite frankly, you shouldn't trust them.  You shouldn't trust your search results - while they may not turn up biased sources, the most important sources may not turn up at all.  This is the most important thing that you should tell your friends and family.  Certainly people are trying to manipulate them, even if we don't know by how much.  In today's "Information Age", they need to have a healthy skepticism over what they see.  What sources are they seeing?  How trustworthy are they?

Oh, and tell them to use Duckduckgo instead of Google.  It's more accurate, and it doesn't spy on you.

Nazi sub base gets repurposed as a data center

It is near the termination of submarine cables from the Middle East, and so there's low latency (combined with political stability).  And it's pretty near bomb proof:

That has made Marseille a magnet for data-center operations—where data and application providers can "put platforms in a safe environment in terms of legal and financial environments like Europe and particularly the European Union and at the same time be connected to 46 countries directly with a very low latency," Coquio explained. "Basically, in the last 15 years, we have [cut] the cost of a submarine cable to a [10th of what it was] and multiplied the capacity by 50."

As a result of this transformation of the Internet world and the corresponding rise of Marseille as a digital content center for the world, demand for co-location space has driven Interxion to undertake an interesting construction project: the conversion of a former Nazi submarine base into a seaside data center.

Pretty cool in a Bond-villian-evil-lair sort of way.  But it has a way to go for top spot in that category:

In an underground bunker 100 feet beneath Stockholm lies a unique facility operated by the Swedish ISP Bahnhof. It’s become known as the “James Bond Villain Data Center” after it was featured on the Pingdom web site last year. Dean Nelson of Data Center Pulse recently got a tour of the data center from Bahnhof CEO Jon Karlung, who provided a look at the many unusual features of the facility, a former military bunker designed to withstand a hydrogen bomb blast. Karlung has said he drew his inspiration for many of the center’s flourishes from James Bond villains (especially Ernst Blofeld), hence the waterfalls, greenhouse-style NOC, glass-enclosed conference room “floating” above the colocation floor, and blue-lit diesel engines (supposedly used in German submarines).

But the Marseille one has "low latency", doesn't it?

Tab clearing

Lots of good stuff that is worth your attention:

Epic rant is epic.  Aesop brings it.  Long - almost Borepatchian in length - but is a must read.

The "Opiod Epidemic" explained.  The stupid War On Drugs is killing more Americans than the Nazis did in that war.  And since it enriches police departments and gives idiot Congresscritters tons of chances to mug for the cameras, we'll never get a sane policy.

Funeral of 92 year old Bletchley Park codebreaker.  She married an American and lived out her life in Nebraska, keeping her part in the "Ultra Secret" Enigma decoding project secret.  Good on the UK for giving her Military Honors at her funeral.  (Hat tip: Chris Lynch)

Home Owner's Association doesn't like man's Sherman Tank.  Man tells them "Come and tow it, bitches!"  'Murica!

What's the biggest threat to your privacy?

It's your cell phone.

This is a fascinating talk about how the Italian police identified a CIA operation in 2003.  It points out just how much information your phone gives out, and how the government can use it to piece together way more than you think.  It also points out just how hard it is for even intelligence professionals not to get busted (hint: really hard).



Note: this talk was given at the 2013 Black Hat Briefings (perhaps the world's most interesting security conference).  I was there, but didn't attend this talk.  I did live blog General Alexander's keynote address, though.  My skepticism at the time was perhaps more percent that I'd like:

He talks a lot about internal NSA training and individual auditing. The big concern isn't rogue NSA employees, but a directed program from NSA management. He isn't addressing this at all.

*cough*Russian dossier/FISA*cough*

Your cell phone is the Police State's best friend.

Franz Kafka predicted the Surveillance State

Franz Kafka wrote a book (The Trial) in which the State refused to tell the accused man what crime he was accused of.  It seems that the book is uncomfortably close to home for our own day:

Back in 2014, the tech firm challenged an order issued under Section 702 of the 2008 Foreign Intelligence Surveillance Amendments Act, a law that allows the US government to request telecommunications data on non-US citizens. The wide-ranging powers in that act, due for renewal at the end of this year, have been highly controversial ever since the Edward Snowden archives brought them to public attention. 

The heavily redacted documents [PDF] were published this week, and come from the secret Foreign Intelligence Surveillance Court, which oversees Uncle Sam's spying efforts. They detail a request by the unnamed company for copies of previous decisions the judges had made on Section 702 hearings, so that it could prepare its case. 

Instead of allowing the firm to gather the evidence it needed, Judge Rosemary Collyer ruled that the government was perfectly within its rights to deny the company the information it requested.

So there is no right to see court rulings that effect your case.  And this part is the truly Kafkaesque bit:

Instead, the judge told the company to rely on the Department of Justice's accounts of previous Section 702 hearings, rather than seeing the legal cases for themselves.

Well, OK then.  When I grew up, we thought it was the Soviet Union that had secret courts.

Offered without comment

CIA Hack details - beware of what you read in the media

The media has a poor track record of getting security stories right, and the CIA Wikileaks document dump is no exception.  For example, they don't hack your TV over the network:

The CIA didn't remotely hack a TV. The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. If you aren't afraid of the CIA breaking in an installing a listening device, then you should't be afraid of the CIA installing listening software.

So as long as you're not worried about a CIA operative breaking into your house, this specific exploit isn't going to be aimed at you.  Does this mean you should hook your smart TV up to the 'net?  Oh hells no.  Just no.

And this is pretty interesting:

There's no false flags. In several places, the CIA talks about making sure that what they do isn't so unique, so it can't be attributed to them. However, Wikileaks's press release hints that the "UMBRAGE" program is deliberately stealing techniques from Russia to use as a false-flag operation. This is nonsense. For example, the DNC hack attribution was live command-and-control servers simultaneously used against different Russian targets -- not a few snippets of code. [More here]

Like I said, it's hard to get stories like this right and mostly the Press doesn't.  There are more examples at the link.

The Second NSA leaker comes to light

There was buzz around this a couple years ago.  I guess it's possible that this isn't another leaker, in which case there's still another leaker.

You must be at least 52" to hack the head of the CIA

Stephen emails to point out this bit of hilarity:

A British teenager is suspected of being a mystery hacker who infiltrated the personal email account of the director of the CIA and posting personal details online.

...

It is alleged that Cracka called US Internet provider Verizon posing as a technician and persuaded them to hand over personal details of Mr Brennan’s AOL email address.

He then allegedly called AOL and convinced a representative to reset the password, using the personal details he obtained from Verizon to get through security.

Yeah, OK, this is an old trick.  But the kid was 15 years old at the time.

Note: this was not his government email, it was his personal account on AOL.  Why the Director of the CIA is on AOL is perhaps the biggest cause for concern ...

Is the NSA making friends and influencing people at other agencies?

Because Congress is grilling those other agencies over their use of equipment containing backdoors probably put there by NSA:

A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. 

The House of Representatives' Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen devices were used in federal systems. 

Juniper's ScreenOS software – the firmware that powers in its firewalls – was tampered with by mystery hackers a few years ago to introduce two vulnerabilities: one was an administrator-level backdooraccessible via Telnet or SSH using a hardcoded password, and the other allowed eavesdroppers to decrypt intercepted VPN traffic. The flaws, which were smuggled into the source code of the firmware, were discovered on December 17 by Juniper, and patches were issued three days later to correct the faults.

The speculation is that there aren't many other actors other than the NSA who could have pulled this off.  Speculation, of course - there's no smoking gun, as you'd expect.

But everyone suspects them, which means they're incompetent: either they did this and got caught, or they didn't do this but have made everyone distrust them anyway.  Way to go!