Snowden Says NSA Employees 'Routinely' Passed Around Naked Photos That Had Been Intercepted

from the because-of-course-they-would dept

One of the repeated talking points by the NSA for years has been about how there are all these "strict controls" on who has access to data and how it's used. We've seen pretty clear evidence that the NSA's definition of "strict controls" (like so many NSA definitions of plain English words and phrases) is different than what most people consider "strict controls." After all, it insisted for months that Snowden didn't have any access to actual surveillance data... until it was revealed that he did. There were also all those cases of flagrant abuses of the NSA's system that were revealed last fall. The NSA pretended this showed how good they were at catching anyone who abused the system, but the details suggested otherwise. Many of the "caught" abuses only came out years later when the people who abused the systems to spy on lovers and friends admitted to it during interviews.

Keith Alexander insisted that the NSA had "100% audibility" of the actions of their employees and they made sure that no one abused their powers:
"The assumption is our people are just out there wheeling and dealing. Nothing could be further from the truth. We have tremendous oversight over these programs. We can audit the actions of our people 100%, and we do that," he said.

Addressing the Black Hat convention in Las Vegas, an annual gathering for the information security industry, he gave a personal example: "I have four daughters. Can I go and intercept their emails? No. The technical limitations are in there." Should anyone in the NSA try to circumvent that, in defiance of policy, they would be held accountable, he said: "There is 100% audibility."
Of course, that doesn't explain why so many of the "LOVINT" cases only came out after people self-confessed many years later, rather than through any audits.

Meanwhile, in the latest Ed Snowden interview (done with the Guardian's Alan Rusbridger), Snowden reveals that NSA employees routinely would share naked photos that had been intercepted:
“You've got young enlisted guys, 18 to 22 years old,” Snowden said. “They've suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records. In the course of their daily work they stumble across something that is completely unrelated to their work in any sort of necessary sense. For example, an intimate nude photo of someone in a sexually compromising position. But they're extremely attractive.

“So what do they do? They turn around in their chair and show their co-worker. The co-worker says: ‘Hey that's great. Send that to Bill down the way.’ And then Bill sends it to George and George sends it to Tom. And sooner or later this person's whole life has been seen by all of these other people. It's never reported. Nobody ever knows about it because the auditing of these systems is incredibly weak. The fact that your private images, records of your private lives, records of your intimate moments have been taken from your private communications stream from the intended recipient and given to the government without any specific authorization without any specific need is itself a violation of your rights. Why is that in a government database?”

Then Alan Rusbridger, The Guardian’s editor-in-chief, asked: “You saw instances of that happening?”

“Yeah,” Snowden responded.

“Numerous?”

“It's routine enough, depending on the company that you keep, it could be more or less frequent. These are seen as the fringe benefits of surveillance positions."
Of course, none of this is really that new. Way back in 2008, you may recall, that it was revealed that NSA analysts were listening in on pillow talk phone calls between Americans overseas and loved ones back home... and sharing those recordings around the office:
Not only were calls between Americans listened to and recorded on a regular basis, the "good parts" (i.e., phone sex) were sent around to other operators to listen to as well. One of the operators said that on a regular basis messages would be sent around with messages like: "Hey, check this out. There's good phone sex or there's some pillow talk, pull up this call, it's really funny, go check it out."
That was revealed years before Snowden even worked for the NSA. It would appear that little has changed.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: audits, controls, ed snowden, naked pictures, nsa, surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Ninja (profile), 18 Jul 2014 @ 4:00am

    Bah, this is no news, I go through those regularly. Now he's confusing NSA surveillance with the Internet. /s

    link to this | view in chronology ]

    • identicon
      Anonymous Anonymous Coward, 18 Jul 2014 @ 6:36am

      Re:

      This is the problem with the DOJ going after the 'Dark Net'. They cannot tell the difference between the actual Dark Net and the NSA stream.

      link to this | view in chronology ]

  • icon
    Vidiot (profile), 18 Jul 2014 @ 5:52am

    Old-school version

    Pre-Internet, telco employees would routinely get their jollies by monitoring late night bedroom conversations... phone sex, essentially. According to people I knew, CO (central office) technical staff were expected to monitor "line quality" by listening to random calls; and once you found something steamy, the monitoring might just go on and on and on. Ahh, good times.

    link to this | view in chronology ]

    • identicon
      zip, 18 Jul 2014 @ 7:18am

      Re: Old-school version

      It gets worse than that. Many people kept telephones next to their bed, and the vibrations from their voices could easily be picked up by their phones sitting just a foot or two away, and their 'bedtime' conversations transmitted down the copper wires. It's not unlike those things we did as kids, like putting your ear against a (sheetmetal) HVAC vent and clearly hearing people talk from the far side of the building. People don't seem to realize that metal transmits sound extremely well, and all the wires, pipes, and ducts in a building can easily be employed as ready-made listening devices.

      Just like the NSA, I'm sure there must be plenty of telephone company workers with some wild stories to tell.

      link to this | view in chronology ]

  • icon
    Bt Garner (profile), 18 Jul 2014 @ 5:55am

    So let's get this straight. If I pass around a sexually explicit photo at my job, I will get fired for sexual harassment, and creating a hostile work environment. But if I worked for the NSA.. .then all is well, right? Where do I sign up for this job?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 5:56am

    Typo

    > That was revealed years before Snowden even worked for the NSA.

    Should be, "That was revealed years before Snowden even worked for the NSA contractor, Booz Allen Hamilton."

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Jul 2014 @ 7:47am

      Re: Typo

      The NSA directly supervised him. He worked for the NSA as a contractor.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 6:43am

    And this is what Whatever supports?

    link to this | view in chronology ]

  • identicon
    private frazer, 18 Jul 2014 @ 7:12am

    please stop making out that GCHQ and the NSA are evil! I mean, if you've done nothing wrong you've got nothing to hide. Stands to reason.

    link to this | view in chronology ]

  • identicon
    Michael, 18 Jul 2014 @ 7:27am

    I just sent out a bunch of naked pictures of myself.

    Take that you NSA spying bastards!!!

    link to this | view in chronology ]

    • identicon
      Call me Al, 18 Jul 2014 @ 7:44am

      Re:

      Bravo sir!

      If we can strike them all blind with appalling naked pictures then we could make a great leap forwards for civil liberties.

      link to this | view in chronology ]

    • icon
      limbodog (profile), 18 Jul 2014 @ 9:37am

      Re:

      I hope you did a search for encryption technology first, to guarantee they spied on you. "What is TOR?"

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 18 Jul 2014 @ 7:32pm

        Re: Re:

        You are all extremists. Click this link to find out why.

        Ha ha. By clicking on that link, the NSA now considers you an extremist and is targeting you. This is way better than a rickroll. ::trollface::

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 7:33am

    No worries. Those photos are nothing to hide, right?

    link to this | view in chronology ]

  • identicon
    Baron von Robber, 18 Jul 2014 @ 8:28am

    And if any of those pics are under the age of 18?

    Oh my!! Somebody is in big trouble...er alot of people.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 8:28am

    Hopefully this will be useful for getting the puritan crowd on our side. Unconstitutional spying is well and good to them, but naked pictures? It fits with the Bill Clinton precedent of illegitimate sex life being impeachable, war crimes not.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 8:41am

    "Snowden Says NSA Employees 'Routinely' Passed Around Naked Photos That Had Been Intercepted"

    but those pictures were passed around for security purposes. Think of it this way. If a doctor has a patient profile and he's not sure what's wrong with the patient or is not sure what treatment is best s/he may consult with other doctors to help diagnose and treat the patient. This is the same thing!! See, some TSA agents may not be sure if there is something in the photo that poses a threat so they pass around these pictures to other experts to get a second opinion. It's for your own security!!

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Jul 2014 @ 8:44am

      Re:

      (oops, I meant NSA, though I'm sure the TSA does the same thing for similar reasons).

      link to this | view in chronology ]

  • icon
    MonkeyFracasJr (profile), 18 Jul 2014 @ 8:45am

    TITS OR GTFO!

    I for one, would like examine the evidence!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 8:50am

    My favorite part of the interview is when Snowden suggested that Dropbox is probably a PRISM wannabe and that NSA-loving Condoleezza Rice is on Dropbox's Board of Directors.

    Snowden is then asked if he uses Google or Skype for private conversations, and bursts into laughter at the thought. Snowden's a wise individual.

    He then goes on the recommend SpiderOak for cloud storage, due to their Zero-Knowledge encryption system. I used SpiderOak for a while. It's a great service.

    Unfortunately SpiderOak has offices in US jurisdiction. Which means they're subject to secret National Security Letters.

    Once the Snowden stories broke, I decided to stop using SpiderOak. Every US company is required by law to assist the US federal government, or face prosecution.

    That means SpiderOak can be compelled to push out software updates that target individual users. That update would then log a user's password from their keyboard, which would then allow the NSA to decrypt everything because all SpiderOak user keys are stored (encrypted by your plain text user password) on SpiderOak's servers.

    Even if user keys weren't being stored on SpiderOak's servers in encrypted format, it still wouldn't make a difference. The National Security Letter would just force SpiderOak to grab the user's key off their personal computer and upload it somewhere. Just like the above scenario. Via a customized, targeted software update that steals the key off a user's computer.

    SpiderOak stores user keys (encrypted) on their servers, in case a user's hard drive crashes. Normally SpiderOak never sees a user's password. User passwords are never sent over the wire in plain text. Even if SSL/TLS is used, a plain text password still isn't being sent using SSL/TLS.

    Only a salted hash of the user's password is sent to SpiderOak in order to authenticate the user. If the hash matches what SpiderOak has on file, then SpiderOak sends the user's key back to them. Then the user decrypts the outer encryption layer around their key, locally on their own computer, by typing in their plain text password. They now have access to the symmetric encryption/decryption key and can encrypt/decrypt files in their SpiderOak account.

    It's an impressive design. Unfortunately they're not immune to National Security Letters that force them to log a user's plain text password, by pushing out a keylogger update to targeted users if compelled to do so in secret from a Nation Security Letter. No US company is immune to that requirement.

    link to this | view in chronology ]

  • icon
    nasch (profile), 18 Jul 2014 @ 9:23am

    tenaka

    So kenichi tenaka, do you still think NSA spying is no problem if you're not a terrorist?

    link to this | view in chronology ]

  • identicon
    Chris Brand, 18 Jul 2014 @ 10:13am

    "auditable" doesn't mean there are audits

    It's great to make things "auditable", but you still aren't going to find problems unless you actually do audits...

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Jul 2014 @ 4:04am

      Re: "auditable" doesn't mean there are audits

      ...and do it on contractors as well as "our people."

      link to this | view in chronology ]

  • icon
    Easily Amused (profile), 18 Jul 2014 @ 11:05am

    how odd... it appears that the cadre of security apparatus white-knighters all took the same day off....

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jul 2014 @ 1:16pm

    There's a cool FOIA request

    here's a cool FOIA request.

    I want copies of all emails from any NSA employee toe any other NSA employee that contain attachments which might reasonably be considered NSFW images.

    We'll just select the time period when Snwden was working there.

    link to this | view in chronology ]

  • identicon
    valery555, 22 Jul 2014 @ 11:48am

    Snowden

    Snowden to be romantic and idealistic identity. In Russian hackers usually work on bandits and terrorists. In America, the hackers are working highly paid experts. Protecting Data from all the intelligence world - a complex and expensive project. Do not quite understand how he he is going to solve this problem. Where will the money or assistants?
    About Snowden and Russian hackers - article (in Russian).
    http://newreal.org/snoud1.htm

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.