Snowden Says NSA Employees 'Routinely' Passed Around Naked Photos That Had Been Intercepted
from the because-of-course-they-would dept
One of the repeated talking points by the NSA for years has been about how there are all these "strict controls" on who has access to data and how it's used. We've seen pretty clear evidence that the NSA's definition of "strict controls" (like so many NSA definitions of plain English words and phrases) is different than what most people consider "strict controls." After all, it insisted for months that Snowden didn't have any access to actual surveillance data... until it was revealed that he did. There were also all those cases of flagrant abuses of the NSA's system that were revealed last fall. The NSA pretended this showed how good they were at catching anyone who abused the system, but the details suggested otherwise. Many of the "caught" abuses only came out years later when the people who abused the systems to spy on lovers and friends admitted to it during interviews.Keith Alexander insisted that the NSA had "100% audibility" of the actions of their employees and they made sure that no one abused their powers:
"The assumption is our people are just out there wheeling and dealing. Nothing could be further from the truth. We have tremendous oversight over these programs. We can audit the actions of our people 100%, and we do that," he said.Of course, that doesn't explain why so many of the "LOVINT" cases only came out after people self-confessed many years later, rather than through any audits.
Addressing the Black Hat convention in Las Vegas, an annual gathering for the information security industry, he gave a personal example: "I have four daughters. Can I go and intercept their emails? No. The technical limitations are in there." Should anyone in the NSA try to circumvent that, in defiance of policy, they would be held accountable, he said: "There is 100% audibility."
Meanwhile, in the latest Ed Snowden interview (done with the Guardian's Alan Rusbridger), Snowden reveals that NSA employees routinely would share naked photos that had been intercepted:
“You've got young enlisted guys, 18 to 22 years old,” Snowden said. “They've suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records. In the course of their daily work they stumble across something that is completely unrelated to their work in any sort of necessary sense. For example, an intimate nude photo of someone in a sexually compromising position. But they're extremely attractive.Of course, none of this is really that new. Way back in 2008, you may recall, that it was revealed that NSA analysts were listening in on pillow talk phone calls between Americans overseas and loved ones back home... and sharing those recordings around the office:
“So what do they do? They turn around in their chair and show their co-worker. The co-worker says: ‘Hey that's great. Send that to Bill down the way.’ And then Bill sends it to George and George sends it to Tom. And sooner or later this person's whole life has been seen by all of these other people. It's never reported. Nobody ever knows about it because the auditing of these systems is incredibly weak. The fact that your private images, records of your private lives, records of your intimate moments have been taken from your private communications stream from the intended recipient and given to the government without any specific authorization without any specific need is itself a violation of your rights. Why is that in a government database?”
Then Alan Rusbridger, The Guardian’s editor-in-chief, asked: “You saw instances of that happening?”
“Yeah,” Snowden responded.
“Numerous?”
“It's routine enough, depending on the company that you keep, it could be more or less frequent. These are seen as the fringe benefits of surveillance positions."
Not only were calls between Americans listened to and recorded on a regular basis, the "good parts" (i.e., phone sex) were sent around to other operators to listen to as well. One of the operators said that on a regular basis messages would be sent around with messages like: "Hey, check this out. There's good phone sex or there's some pillow talk, pull up this call, it's really funny, go check it out."That was revealed years before Snowden even worked for the NSA. It would appear that little has changed.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: audits, controls, ed snowden, naked pictures, nsa, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Old-school version
[ link to this | view in chronology ]
Re: Old-school version
Just like the NSA, I'm sure there must be plenty of telephone company workers with some wild stories to tell.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Typo
Should be, "That was revealed years before Snowden even worked for the NSA contractor, Booz Allen Hamilton."
[ link to this | view in chronology ]
Re: Typo
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Take that you NSA spying bastards!!!
[ link to this | view in chronology ]
Re:
If we can strike them all blind with appalling naked pictures then we could make a great leap forwards for civil liberties.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Ha ha. By clicking on that link, the NSA now considers you an extremist and is targeting you. This is way better than a rickroll. ::trollface::
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Oh my!! Somebody is in big trouble...er alot of people.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
but those pictures were passed around for security purposes. Think of it this way. If a doctor has a patient profile and he's not sure what's wrong with the patient or is not sure what treatment is best s/he may consult with other doctors to help diagnose and treat the patient. This is the same thing!! See, some TSA agents may not be sure if there is something in the photo that poses a threat so they pass around these pictures to other experts to get a second opinion. It's for your own security!!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
TITS OR GTFO!
[ link to this | view in chronology ]
Snowden is then asked if he uses Google or Skype for private conversations, and bursts into laughter at the thought. Snowden's a wise individual.
He then goes on the recommend SpiderOak for cloud storage, due to their Zero-Knowledge encryption system. I used SpiderOak for a while. It's a great service.
Unfortunately SpiderOak has offices in US jurisdiction. Which means they're subject to secret National Security Letters.
Once the Snowden stories broke, I decided to stop using SpiderOak. Every US company is required by law to assist the US federal government, or face prosecution.
That means SpiderOak can be compelled to push out software updates that target individual users. That update would then log a user's password from their keyboard, which would then allow the NSA to decrypt everything because all SpiderOak user keys are stored (encrypted by your plain text user password) on SpiderOak's servers.
Even if user keys weren't being stored on SpiderOak's servers in encrypted format, it still wouldn't make a difference. The National Security Letter would just force SpiderOak to grab the user's key off their personal computer and upload it somewhere. Just like the above scenario. Via a customized, targeted software update that steals the key off a user's computer.
SpiderOak stores user keys (encrypted) on their servers, in case a user's hard drive crashes. Normally SpiderOak never sees a user's password. User passwords are never sent over the wire in plain text. Even if SSL/TLS is used, a plain text password still isn't being sent using SSL/TLS.
Only a salted hash of the user's password is sent to SpiderOak in order to authenticate the user. If the hash matches what SpiderOak has on file, then SpiderOak sends the user's key back to them. Then the user decrypts the outer encryption layer around their key, locally on their own computer, by typing in their plain text password. They now have access to the symmetric encryption/decryption key and can encrypt/decrypt files in their SpiderOak account.
It's an impressive design. Unfortunately they're not immune to National Security Letters that force them to log a user's plain text password, by pushing out a keylogger update to targeted users if compelled to do so in secret from a Nation Security Letter. No US company is immune to that requirement.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
https://www.techdirt.com/articles/20140715/18204627886/doj-tells-court-that-course-it-can-go- fishing-expedition-globally-emails-microsoft-stores-overseas.shtml
[ link to this | view in chronology ]
tenaka
[ link to this | view in chronology ]
Re: tenaka
[ link to this | view in chronology ]
"auditable" doesn't mean there are audits
[ link to this | view in chronology ]
Re: "auditable" doesn't mean there are audits
[ link to this | view in chronology ]
[ link to this | view in chronology ]
There's a cool FOIA request
I want copies of all emails from any NSA employee toe any other NSA employee that contain attachments which might reasonably be considered NSFW images.
We'll just select the time period when Snwden was working there.
[ link to this | view in chronology ]
Re: There's a cool FOIA request
[ link to this | view in chronology ]
Snowden
About Snowden and Russian hackers - article (in Russian).
http://newreal.org/snoud1.htm
[ link to this | view in chronology ]