NSA's Latest Euphemism For Security Lapses That Allowed Snowden Leaks: The Leaks Were 'Masked By His Job Duties'
from the in-other-words,-it-was-not-secure dept
We've already covered a few times how, despite the NSA's (and its defenders') repeated claims that its systems can't be abused because of its vaunted "auditability," the fact that Snowden got access to all those documents without anyone being able to figure out what he took shows that the audits don't work. It became clear that the audits appear to only apply to analysts, but not sys admins like Snowden, and there are around 1,000 of those, leading to the obvious question: how many others also got classified info without anyone noticing it? One officials has tried to make it out that Snowden was "too brilliant" to work for the NSA, since he covered his tracks. While every indication is that Snowden was, in fact, quite good at his job, and able to cover his tracks well, it's not at all clear that what he did was particularly unique or special.
In fact, the latest spin from the NSA is to claim that he wasn't that "gifted" at all, but rather than the leaks were "masked by his job duties."
"His job was to do what he did. He wasn't a ghost. He wasn't that clever. He did his job. He was observed [moving documents], but it was his job."That report also quotes the NSA's CTO as saying that now, about four months later, the NSA finally has a "good idea" of what Snowden got:
"We have an extremely good idea of exactly what data he got access to and how exactly he got access to it," says the NSA's chief technology officer, Lonny Anderson.Only took four months. Of course, all of this, once again, raises all sorts of questions. It shows that the NSA's audits were basically non-existent for a very large number of people. It shows that the NSA has almost no legitimate way to go back and see if there were widespread abuses among others with similar "job duties." If it was his "job" to do these kinds of things, and there was no real way to track him without many months of work (and even then, only to the degree that the NSA has a "good idea" of what he did), then there's no real accountability there at all. At this point, it seems reasonable to use this to assume that the NSA's systems aren't even remotely secure, and have regularly been abused, without anyone at the NSA even knowing about it. After all, the NSA itself is admitting that someone doesn't even need to be "that clever" to abscond with tens of thousands of classified info on top secret programs and leave an almost non-existent trail.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: accountability, audits, ed snowden, lonny anderson, nsa, nsa surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
It's a good thing...
He could have sold all classified dealings to Russia and China, putting troops in harms way, revealing spies that worked for the CIA, gotten China and Russia HUGE advantages when it comes to economic policies for money.
Or even worse, he could have given it to Al Qaeda secretly so they could kill more people easier in the Middle East.
I bet that there's at least one person who works for the NSA that would have or could have done that.
[ link to this | view in thread ]
Duh
He made the rules, they have no idea how much he took not even a good idea that's BS just to save face. They see what he let them.
[ link to this | view in thread ]
Re: It's a good thing...
Given that the left does not know what the right hand is doing, exactly how are we more secure with NSAs functions? I'd say it is the opposite. When they have a known, verifiable, leak and can't tell precisely what was taken, how much easier must it be to be an unknown doing that? Again we see that the functions the NSA wants to continue doing, is highly suspect.
We're not even talking about how the public views these operations nor how the public is considered the enemy. This is a bad setup, doing illegal things against the Constitution, with no oversight, no accountability, and no method of knowing exactly what anyone is really doing to look at it on the surface.
The more that comes out, the worse it continues to look.
[ link to this | view in thread ]
Re: Re: It's a good thing...
[ link to this | view in thread ]
Re: Duh
That Snowden appeared to have both indicates a key process flaw at the NSA. That this is SOP in regulated private sector should be particularly embarrassing to the NSA.
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: It's a good thing...
If they can't tell now, what Snowden got exactly, how will they tell when the next yoyo comes up to try it? Would they be able for instance to say that all operatives in such and such area are now known and pull them out or would it come down to so many turning up dead before they figure out it isn't accidents, it's planned reprisal. Without being able to trace who goes where and does what on an internal supposedly secure network, there's no clue as what or who is in danger. Much better not to have that supposed data gathered in the same network at all.
Yet we are to trust big brother with this info when even they can't get a handle on it nor tell with all of it there that there is early warning of some incident happening. With all the clues, with Russia telling them there was a problem with two brothers, with a couple of years advance notice, they still weren't able to prevent the Boston Bombing. Sure doesn't sound to me with the risk involved that it is worth having that data, much less collecting it.
[ link to this | view in thread ]
Re: It's a good thing...
[ link to this | view in thread ]
[ link to this | view in thread ]
Everything?
[ link to this | view in thread ]
from the NSA
[ link to this | view in thread ]
http://nakedsecurity.sophos.com/2012/03/15/health-insurer-fined-data-breach/
[ link to this | view in thread ]
Re: Re: Duh
[ link to this | view in thread ]
Doesn't the NSA understand...
Every misstep they take in this public relations skirmish could have one wondering - are they really this incompetent and out of touch with their audience, the public? or is it some strategy of three dimensional chess they're mounting?
I think neither. It's easy to play dumb when you've done something dumb, because dumb never has to apologize or pay penance for being dumb. It's considered politely excusable. It's an easy strategy to fade into the shadows, like some juvenal embarrassment...which is where all this sneaky, unconstitutional and perverse behavior by the NSA started.
[ link to this | view in thread ]
Re: Re: It's a good thing...
[ link to this | view in thread ]
NSA hacked Belgium Foreign Ministry
Not proven yet, but with the $50 billion dollar guerrilla (sic) in the room, it's a near certainty.
[ link to this | view in thread ]
Re: Re: Duh
[ link to this | view in thread ]
Re: from the NSA
I have a very sound clue as to what he did.
And the fact that they say they know, or they don't know,
has to tell you that they are liars.
That have to have a good idea (since I do), and for
some reason, they don't really want to admit it.
Which tells you how really insecure their systems are.
When the NSA kicks Microsoft to the curb, maybe, just maybe,
you can start believing what they have to say.
Until then, the NSA is completely non-trustable.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
How many were there who did the bad thing?
[ link to this | view in thread ]
[ link to this | view in thread ]
Thanks
Everything?
[ link to this | view in thread ]