If Russian And Chinese Intelligence Could Supposedly Get Access To Snowden's Documents So Easily, Why Couldn't The NSA Figure Out What He Has?
from the allegations-are-great-if-you-never-have-to-prove-them dept
Democracy Now! recently hosted a debate between ardent NSA supporter Stewart Baker and whistleblower Daniel Ellsberg. The entire debate is worth watching/reading (a full transcript is provided) but Baker's opening statement reiterated a claim some NSA supporters have made in an effort to portray Snowden as at least an accidental traitor, if not a more deliberate conspirator.
What Edward Snowden did was quite deliberately change jobs to gather as much, perhaps millions of documents, from as many places as he could around the National Security Agency, but involving other agencies, as well. He stored them on a computer and handed them out to—who exactly, we don’t know, but certainly to journalists, and with controls that probably make it likely that sophisticated intelligence agencies have been able to get access to them, and allowed them to be disclosed at the journalists’ discretion, more or less with some guidance from Snowden.Now, Baker may have misspoken when he said "sophisticated intelligence agencies have been able to get access to [the documents]," but if so, he was never questioned about it. The mention of "controls" would seem to indicate he meant "haven't" instead of "have" (it's "have" in both the transcript and the video), but its not as though this -- that the Chinese/Russians obtained access with or without Snowden's permission -- hasn't been heavily implied before. (And Baker does follow it by stating that the leaks damaged the NSA's ability to "keep an eye on Iranian and North Korean and Chinese and Russian operations.")
Reporter Kurt Eichenwald declared back in November that Snowden "left all of his documents in Hong Kong" and implied the whistleblower was working with the Chinese government. A former NSA official claimed Snowden was a Russian spy and was working in concert with Russian intelligence and Wikileaks to hand over his documents to the Russians. Others have speculated that Snowden's security measures had been subverted the moment he set foot in Hong Kong/Russia.
Back in the real world, the NSA still admits it has no idea what Snowden has in his possession. (Or, rather, what's been distributed to journalists around the world. Snowden apparently "divested" himself of his "holdings" before heading to Russia.)
The underlying implication of these claims is that even with Snowden trying to protect the documents, it's likely that intelligence agencies in these two countries were able to gain access. That claim is either a) ridiculous or b) an indictment of the NSA's internal security and hacking prowess.
If we're to believe the Russians or Chinese gained access before Snowden unloaded the document trove, the question becomes why hasn't the NSA -- arguably the top intelligence agency in the world -- been able to gain access? After all, our spycraft is the best spycraft and the NSA's tools are apparently some of the best in the world. And yet, even with an inside track -- its own internal systems -- the NSA still can't figure out what Snowden grabbed.
If the NSA can't get to Snowden, then it's unlikely any other intelligence agency did either. This puts those pushing this narrative in the position of claiming Snowden worked directly with foreign intelligence agencies to provide them with sensitive documents, an assertion that few of the NSA's most fervent supporters are reluctant to make.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: china, edward snowden, nsa, russia
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
[ link to this | view in thread ]
Snowden gave all his intel to the Norwegian intelligence agency, but, being intelligent, the Norwegians found the info to be so ordinary, so pedestrian - that US agencies are dicks, not out of meanness but just because they can be dicks, knowledge that only some americans find astonishing - that they threw all that stuff into a dumpster. The Chinese and Russians recovered the intel and are using it to swap jokes - how many NSA agents does it take to change a lightbulb, that sort of thing.
[ link to this | view in thread ]
This is now the standard fare when the name Snowden comes up through official channels. What that tells me is they are butt hurt over what it's exposed and just how far they have exceeded their mandate.
[ link to this | view in thread ]
(typo)
[ link to this | view in thread ]
> The mention of "controls" would seem to indicate he meant "haven't" instead of "have"
You are taking Baker's quotation way out of context and warping its meaning. The quotation in question is: "with controls that probably make it likely that sophisticated intelligence agencies have been able to get access to them."
Allow me to translate: "if the controls are weak enough, or perhaps not understood well enough by the journalists, it's possible that sophisticated intelligence agencies have been able to gain access to them." My translation arguably still makes the assumptions and implications you are trying to force with your out-of-context interpretation, but you completely confused the meaning of Baker's words.
> even with an inside track -- its own internal systems -- the NSA still can't figure out what Snowden grabbed.
Let me give you an analogy. I have cash in my wallet. I don't know how much exactly, maybe a few 20's, maybe a few 1's. My wallet gets stolen. The thief knows exactly how much money I had in my wallet, but I don't.
From a technical standpoint, unauthorized access to files on sensitive systems is frequently logged...but I've never heard of logging authorized access to files. If Snowden had authorized access—which it appears he was able to obtain—then there's no reason the NSA should know what Snowden took.
Anothing thing to think about is the ease with which the NSA can access systems. It's very easy in the US; they just go up to a telco with a court order. What do you think would happen if a couple of FBI agents went up to a Russian telco, in Russia, with a court order? My guess is that the Russians have better access to their own telcos than the US and that the Chinese have better access to their telcos than the US.
I think you really took on the worst quotations from the debate. There were a lot of other much better points you could have made, especially if you highlighted some of the things that Ellsburg said.
[ link to this | view in thread ]
Let's give other intel agencies some credit
All these agencies are far too large to maintain effective operational security. Cut the NSA down to 10 people -- and then, maybe. But otherwise? There will be leaks and bribes, payoffs and slips, mistakes and disclosures, spies and counterspies, and everything else.
None of this poses the slightest threat to anti-terrorist operations of course. The Chinese, for example, have a vested interest in protecting American property because they own a substantial chunk of it, and they'd prefer not to see their massive investments devalued by a bunch of whack jobs with a bomb or two. It's rather more likely that if they come into possession of some actionable intelligence that they might choose to save the CIA the trouble and take out a few bad guys themselves.
So all this hand-wringing by NSA defenders is bullshit. I doubt anything Snowden walked out with was worthwhile to the Russians or Chinese because they've already got it.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Probably likely? So there's at least a 51% chance it's likely? If "likely" is also 51%, that brings it to a 26% chance.
[ link to this | view in thread ]
Re:
I have, on Linux systems in a bash shell type 'history' as a user. It will give you a list of all of the commands the user has typed in the shell. Sure there are other ways to access the files that don't get logged in the shell history but many of those other systems have logging mechanisms of their own.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
Sensitive systems log ALL accesses, authorized or not. It's often a legal requirement, called "audibility".
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
How can the NSA NOT know?
Has Snowden really illustrated how ineffective having all those "dots" really is? Because if we can't expect them to be able to even audit their own systems effectively, how exactly are we supposed to trust that they'll be able to find anything REALLY important, like those dang turrorists?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
I have a question about such logging. Say I have root access to a linux machine. I can copy the contents of an entire block device with something like dd if=/dev/sda of=/dev/usb (assuming /dev/usb is some external device). That never touches the file system, so what would be logged?
Also, I suppose, if Snowden had root access, he could just have deleted the pertinent entries in the logs when finished copying.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
It depends on how the security of the system is set up. If everything is being logged, then your execution of that command would be logged.
If it were a very high security system, that command would simply not be available for execution.
[ link to this | view in thread ]
Re: Re: Re: Re:
With root access, any sort of log or history system can be circumvented.
[ link to this | view in thread ]
Re: Re: Re: Re:
You do not flatly state 'I have not done X', when you know the other person has evidence to the contrary, and they've been burned on that several times, which is why they've moved to general statements with no hard yes/no's on what they've done.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
[ link to this | view in thread ]
This whole "global monitoring" relies entirely on the law which forces US companies to let them in, there is no spy stuff here and they dont have to be good at their job to do this. All they need is a corrupt government.
Not saying that the russian or chinese government is better, but they are definetly not as stupid as these guys
[ link to this | view in thread ]