If Russian And Chinese Intelligence Could Supposedly Get Access To Snowden's Documents So Easily, Why Couldn't The NSA Figure Out What He Has?

from the allegations-are-great-if-you-never-have-to-prove-them dept

Democracy Now! recently hosted a debate between ardent NSA supporter Stewart Baker and whistleblower Daniel Ellsberg. The entire debate is worth watching/reading (a full transcript is provided) but Baker's opening statement reiterated a claim some NSA supporters have made in an effort to portray Snowden as at least an accidental traitor, if not a more deliberate conspirator.

What Edward Snowden did was quite deliberately change jobs to gather as much, perhaps millions of documents, from as many places as he could around the National Security Agency, but involving other agencies, as well. He stored them on a computer and handed them out to—who exactly, we don’t know, but certainly to journalists, and with controls that probably make it likely that sophisticated intelligence agencies have been able to get access to them, and allowed them to be disclosed at the journalists’ discretion, more or less with some guidance from Snowden.
Now, Baker may have misspoken when he said "sophisticated intelligence agencies have been able to get access to [the documents]," but if so, he was never questioned about it. The mention of "controls" would seem to indicate he meant "haven't" instead of "have" (it's "have" in both the transcript and the video), but its not as though this -- that the Chinese/Russians obtained access with or without Snowden's permission -- hasn't been heavily implied before. (And Baker does follow it by stating that the leaks damaged the NSA's ability to "keep an eye on Iranian and North Korean and Chinese and Russian operations.")

Reporter Kurt Eichenwald declared back in November that Snowden "left all of his documents in Hong Kong" and implied the whistleblower was working with the Chinese government. A former NSA official claimed Snowden was a Russian spy and was working in concert with Russian intelligence and Wikileaks to hand over his documents to the Russians. Others have speculated that Snowden's security measures had been subverted the moment he set foot in Hong Kong/Russia.

Back in the real world, the NSA still admits it has no idea what Snowden has in his possession. (Or, rather, what's been distributed to journalists around the world. Snowden apparently "divested" himself of his "holdings" before heading to Russia.)

The underlying implication of these claims is that even with Snowden trying to protect the documents, it's likely that intelligence agencies in these two countries were able to gain access. That claim is either a) ridiculous or b) an indictment of the NSA's internal security and hacking prowess.

If we're to believe the Russians or Chinese gained access before Snowden unloaded the document trove, the question becomes why hasn't the NSA -- arguably the top intelligence agency in the world -- been able to gain access? After all, our spycraft is the best spycraft and the NSA's tools are apparently some of the best in the world. And yet, even with an inside track -- its own internal systems -- the NSA still can't figure out what Snowden grabbed.

If the NSA can't get to Snowden, then it's unlikely any other intelligence agency did either. This puts those pushing this narrative in the position of claiming Snowden worked directly with foreign intelligence agencies to provide them with sensitive documents, an assertion that few of the NSA's most fervent supporters are reluctant to make.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: china, edward snowden, nsa, russia


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 21 Feb 2014 @ 8:53am

    the answer is quite simple. they were too interested in making sure they knew what all ordinary people, including USA citizens, everywhere else, were doing and just ignored their own back yard!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 8:58am

    They can't get at the documents because they are Neanderthals who happened to come across a computer. Other intelligence agencies might be able to access the documents because they are not morons.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 9:18am

    I hold to a different theory.

    Snowden gave all his intel to the Norwegian intelligence agency, but, being intelligent, the Norwegians found the info to be so ordinary, so pedestrian - that US agencies are dicks, not out of meanness but just because they can be dicks, knowledge that only some americans find astonishing - that they threw all that stuff into a dumpster. The Chinese and Russians recovered the intel and are using it to swap jokes - how many NSA agents does it take to change a lightbulb, that sort of thing.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Feb 2014 @ 10:20am

      Re:

      None, they use at least three contractors for that, each one a firm belonging to a person close to a congressional overseer.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 9:24am

    Every time you hear some public announcement dealing with Snowden from the government, the NSA, or the NSA apologists, it is nearly always coupled with some sort of slight or worse character assassination attempt. It always seems to couple in with covering up their own inadequacy.

    This is now the standard fare when the name Snowden comes up through official channels. What that tells me is they are butt hurt over what it's exposed and just how far they have exceeded their mandate.

    link to this | view in chronology ]

  • icon
    Lance Bledsoe (profile), 21 Feb 2014 @ 9:46am

    (typo)

    (That last line should read: "...an assertion that few of the NSA's most fervent supporters are willing to make" or "...an assertion that even the NSA's most fervent supporters are reluctant to make.")

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 10:17am

    > Baker may have misspoken when he said "sophisticated intelligence agencies have been able to get access to [the documents],"

    > The mention of "controls" would seem to indicate he meant "haven't" instead of "have"

    You are taking Baker's quotation way out of context and warping its meaning. The quotation in question is: "with controls that probably make it likely that sophisticated intelligence agencies have been able to get access to them."

    Allow me to translate: "if the controls are weak enough, or perhaps not understood well enough by the journalists, it's possible that sophisticated intelligence agencies have been able to gain access to them." My translation arguably still makes the assumptions and implications you are trying to force with your out-of-context interpretation, but you completely confused the meaning of Baker's words.

    > even with an inside track -- its own internal systems -- the NSA still can't figure out what Snowden grabbed.

    Let me give you an analogy. I have cash in my wallet. I don't know how much exactly, maybe a few 20's, maybe a few 1's. My wallet gets stolen. The thief knows exactly how much money I had in my wallet, but I don't.

    From a technical standpoint, unauthorized access to files on sensitive systems is frequently logged...but I've never heard of logging authorized access to files. If Snowden had authorized access—which it appears he was able to obtain—then there's no reason the NSA should know what Snowden took.

    Anothing thing to think about is the ease with which the NSA can access systems. It's very easy in the US; they just go up to a telco with a court order. What do you think would happen if a couple of FBI agents went up to a Russian telco, in Russia, with a court order? My guess is that the Russians have better access to their own telcos than the US and that the Chinese have better access to their telcos than the US.

    I think you really took on the worst quotations from the debate. There were a lot of other much better points you could have made, especially if you highlighted some of the things that Ellsburg said.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Feb 2014 @ 10:51am

      Re:

      "I've never heard of logging authorized access to files."

      I have, on Linux systems in a bash shell type 'history' as a user. It will give you a list of all of the commands the user has typed in the shell. Sure there are other ways to access the files that don't get logged in the shell history but many of those other systems have logging mechanisms of their own.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Feb 2014 @ 10:53am

      Re:

      I agree though, there is a lot juicier stuff in there. My favorite is at the end where Baker blames the FISC for 9/11.

      link to this | view in chronology ]

    • icon
      John Fenderson (profile), 21 Feb 2014 @ 11:06am

      Re:

      "From a technical standpoint, unauthorized access to files on sensitive systems is frequently logged...but I've never heard of logging authorized access to files."

      Sensitive systems log ALL accesses, authorized or not. It's often a legal requirement, called "audibility".

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Feb 2014 @ 11:11am

        Re: Re:

        Except, apparently the NSA's. :P

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Feb 2014 @ 11:17am

        Re: Re:

        the only reasons i can think that authorized access to files weren't being logged are A) plausible deniability and B) amateur hour

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 Feb 2014 @ 11:35am

          Re: Re: Re:

          Personally, I think they know what he got copies of, however to admit they know would invite the questions of how much and what else, which for them would invite awkwardness and more embarrassment so it's just easier for them to say they don't know.

          link to this | view in chronology ]

          • icon
            That One Guy (profile), 21 Feb 2014 @ 12:54pm

            Re: Re: Re: Re:

            I really doubt they have any idea what exactly he grabbed actually, considering how many blatantly false statements they've put out, statements that were almost immediately shown to be lies with the next release of info on their actions.

            You do not flatly state 'I have not done X', when you know the other person has evidence to the contrary, and they've been burned on that several times, which is why they've moved to general statements with no hard yes/no's on what they've done.

            link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Feb 2014 @ 12:04pm

        Re: Re:

        Ah, well, now I have heard of logging authorized accesses! ;)

        I have a question about such logging. Say I have root access to a linux machine. I can copy the contents of an entire block device with something like dd if=/dev/sda of=/dev/usb (assuming /dev/usb is some external device). That never touches the file system, so what would be logged?

        Also, I suppose, if Snowden had root access, he could just have deleted the pertinent entries in the logs when finished copying.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 Feb 2014 @ 12:07pm

          Re: Re: Re:

          Sorry, to clarify, I'd imagine it would log a large read from /dev/sda, but nothing else.

          link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 Feb 2014 @ 12:15pm

          Re: Re: Re:

          history would show that you ran dd over the block. And history entries are numbered so if you delete some of them then there will be obvious gaps showing that they were deleted.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 21 Feb 2014 @ 12:51pm

            Re: Re: Re: Re:

            Here's a fun trick, stick HISTCONTROL=ignorespace in your .bashrc, put a space before a command, and it won't show up in your history. Of course, if you don't have write access to your history file, then you can't do that...but then you probably can't access juicy files.

            With root access, any sort of log or history system can be circumvented.

            link to this | view in chronology ]

            • identicon
              Anonymous Coward, 21 Feb 2014 @ 1:35pm

              Re: Re: Re: Re: Re:

              Sure. With root you can do almost anything. And that is why on most big systems that have lots of users and sensitive data most of the admins don't even get root. They get sudo set up for the things that they need root level permissions to do.

              link to this | view in chronology ]

        • icon
          John Fenderson (profile), 21 Feb 2014 @ 12:24pm

          Re: Re: Re:

          " I can copy the contents of an entire block device with something like dd if=/dev/sda of=/dev/usb (assuming /dev/usb is some external device). That never touches the file system, so what would be logged?"

          It depends on how the security of the system is set up. If everything is being logged, then your execution of that command would be logged.

          If it were a very high security system, that command would simply not be available for execution.

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 10:19am

    Let's give other intel agencies some credit

    The Russians and the Chinese have both long since demonstrated that they have serious spycraft skills. I'm sure that ANYTHING interesting that crosses the desks of people in the NSA or GCHQ is dutifully passed along to Moscow and Beijing, where it's also read. And vice versa.

    All these agencies are far too large to maintain effective operational security. Cut the NSA down to 10 people -- and then, maybe. But otherwise? There will be leaks and bribes, payoffs and slips, mistakes and disclosures, spies and counterspies, and everything else.

    None of this poses the slightest threat to anti-terrorist operations of course. The Chinese, for example, have a vested interest in protecting American property because they own a substantial chunk of it, and they'd prefer not to see their massive investments devalued by a bunch of whack jobs with a bomb or two. It's rather more likely that if they come into possession of some actionable intelligence that they might choose to save the CIA the trouble and take out a few bad guys themselves.

    So all this hand-wringing by NSA defenders is bullshit. I doubt anything Snowden walked out with was worthwhile to the Russians or Chinese because they've already got it.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 10:49am

    probably make it likely


    Probably likely? So there's at least a 51% chance it's likely? If "likely" is also 51%, that brings it to a 26% chance.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 11:38am

    How can the NSA NOT know?

    Given that the NSA is hoovering up all communications just in case it needs to reconnect the dots, why is it that they are unable to know what Snowden took and if he farmed it out to foreign intelligence agencies?

    Has Snowden really illustrated how ineffective having all those "dots" really is? Because if we can't expect them to be able to even audit their own systems effectively, how exactly are we supposed to trust that they'll be able to find anything REALLY important, like those dang turrorists?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2014 @ 11:51am

    I agree with Clapper here. Got to assume worst.

    link to this | view in chronology ]

  • identicon
    Trevor, 21 Feb 2014 @ 1:04pm

    Maybe they think it's like copyright, and wrongly think that if they don't keep saying this, they can't use it later...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Feb 2014 @ 12:16pm

    Maybe you missed that part where the NSA and co. is filled with incompetent idiots. They posted that pic of their new sat on twitter ffs.
    This whole "global monitoring" relies entirely on the law which forces US companies to let them in, there is no spy stuff here and they dont have to be good at their job to do this. All they need is a corrupt government.
    Not saying that the russian or chinese government is better, but they are definetly not as stupid as these guys

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.