Former senior NSA official: Maybe only 30 or 40 agency officials had access to that FISA order that leaked

posted at 2:01 pm on June 11, 2013 by Allahpundit

Normally, this is where I’d say there are only two obvious possibilities: Either I’m right that he conspired with someone higher up the chain who fed him these highly sensitive documents or the guy’s some sort of master hacker who managed to slip past NSA’s internal security to lift top-secret stuff off their servers. But I can’t say that in this case because none of us really has any idea how NSA operates. Could the IT guy have had routine access to bombshell surveillance program data? I … don’t think so, but I … guess, maybe?

Even the intel guys can’t figure it out:

Among the questions is how a contract employee at a distant NSA satellite office was able to obtain a copy of an order from the Foreign Intelligence Surveillance Court, a highly classified document that would presumably be sealed from most employees and of little use to someone in his position.

A former senior NSA official said that the number of agency officials with access to such court orders is “maybe 30 or maybe 40. Not large numbers.”…

Officials questioned some of Snowden’s assertions in his interview with the Guardian, saying that several of his claims seemed exaggerated. Among them were assertions that he could order wiretaps on anyone from “a federal judge to even the president.”

“When he said he had access to every CIA station around the world, he’s lying,” said a former senior agency official, who added that information is so closely compartmented that only a handful of top-ranking executives at the agency could access it.

“Investigators also need to determine whether anyone else was involved in disclosing the information to reporters,” per WaPo’s sources. That’s one possibility — Snowden in cahoots with a more senior person who wants the information out but doesn’t want his fingerprints on it. In theory, though, security at NSA is so tight that there’s no way to access, let alone remove, information without leaving a cyber-fingerprint of some kind. That’s the whole point of PRISM, right? Finding even the faintest cyber-prints? An agency that can track people’s physical movements based on their use of electronic devices should, one would think, be able to track their own contracted employees’ virtual movements on their premises. And yet here we are, with Snowden safely decamped with the goods to Hong Kong and Glenn Greenwald promising even more revelations.

Theory two, then: Snowden’s a hacking genius who somehow beat NSA’s internal security. Marc Ambinder assesses the degree of difficulty:

According to several current and former officials who’ve worked on NSANet, every keystroke is logged and subject to random audits. “Screengrabs” are prohibited. Documents can be printed with special facilities but that, too, leaves a record. As a mission support specialist, Snowden would have had access as part of his jobs to the physical servers and hard drives that contain material.

If he did not want to leave an audit trail, he might have disconnected a hard drive containing temporarily cached documents, brought them into an area that included desktops and hardware not cleared for such access, connected them, and then printed documents out. It is also possible that he disabled, under the guise of fixing something, access privileges for auditors. He could have temporarily escalated his own access privileges, although this would have raised flags among his superiors.

In theory, this would have alerted NISIRT, the NSA’s Information Systems Incident Response Team, which maintains a 24/7 watch over the backend of NSANet. Operational branches, including Special Source Operations (domestic and compartmented collection programs), Global Access Operations (satellites and other international SIGINT platforms), and Tailored Access Operations (cyber) have their own NISIRT team.

The agency also has a counterspy team that looks at NSA employees — and contractors? — in hopes of anticipating who might be ready to leak. Evidently they missed the Ron-Paul-donating loner who’d apparently been in contact with Glenn Greenwald for months before he skipped town. And if Ambinder’s scenario is correct, they also missed one of their hard drives going offline. Would a powerpoint on PRISM and a FISA order authorizing phone-record harvesting even be on the same hard drive? I.e. did Snowden collect this stuff steadily over time, by accessing different NSA “compartments,” rather than in one grand heist? Because if so, that’s an even more catastrophic internal security breakdown. Could NSA counterspies have missed repeated breaches?

Hopefully we’ll be able to game all of this out as part of the great national debate on NSA spying that Obama supposedly welcomes but won’t lift a finger to actually make possible. (“If President Obama really welcomed a debate, there are all kinds of things he could do in terms of declassification and disclosure to foster it.”) Exit question: Why did Snowden claim he was making $200,000 a year if he was only making $122,000? Is he including benefits in measuring his compensation? Any lie he tells, however small, will raise doubts about his motives. Seems weird that he’d open himself up to a challenge on something as minor as that.


Related Posts:

Breaking on Hot Air

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Trackbacks/Pings

Trackback URL

Comments

Comment pages: 1 2

Normally, this is where I’d say there are only two obvious possibilities: Either I’m right that he conspired with someone higher up the chain who fed him these highly sensitive documents or the guy’s some sort of master hacker who managed to slip past NSA’s internal security to lift top-secret stuff off their servers.

Maybe Snowden’s a Clinton Tool…

and now we have a State Dept. Sex scandal in response?

workingclass artist on June 11, 2013 at 2:06 PM

Don’t forget, Manning got all his information out by hiding it in Music CD cases.

I have no faith in the NSA’s security procedures/methods in safeguarding information. As for only 30-40 people having access to it, I call BS.

If it’s on a hard drive, on paper, or on disk, anybody can gain access to it no matter how secure you think it is.

portlandon on June 11, 2013 at 2:07 PM

Theory three: PRC (or some faction within the PRC) gave hom the documents.

kcewa on June 11, 2013 at 2:08 PM

Any lie he tells, however small, will raise doubts about his motives.

Maybe, I guess. But explain to me again why we care about his motives, or indeed his credibility? The documents speak for themselves and are either true or false. Has anyone anywhere suggested that the documents are forged or doctored, such that Snowden’s motives and credibility become relevant?

Fabozz on June 11, 2013 at 2:09 PM

Don’t forget, Manning got all his information out by hiding it in Music CD cases.

I have no faith in the NSA’s security procedures/methods in safeguarding information. As for only 30-40 people having access to it, I call BS.

portlandon on June 11, 2013 at 2:07 PM

Exactly – and with the chi coms hacking everything from your neighborhood VFW to nuclear power plants, how safe is it exactly even outside of these so called ’40′ people? It’s not.

LaughterJones on June 11, 2013 at 2:11 PM

Theory Three. Snowden is only the public face on documents he got from the Chinese because they were the ones who could hack into the NSA computers. Sounds far-fetched but I always question the timing of this stuff, he was lurking in Hong Kong, and I just don’t buy this guy as a computer genius who had only been working for this contractor a couple months.

Happy Nomad on June 11, 2013 at 2:12 PM

Either I’m right that he conspired with someone higher up the chain who fed him these highly sensitive documents

.
You are right, Ed. He had help.

But it may have been from more than one person.

Why did Snowden claim he was making $200,000 a year if he was only making $122,000? Is he including benefits in measuring his compensation?

.
This one is even easier. Snowden can be counting all potential benefits and bonuses.

Booz-Allen may only be giving his base salary … and their number has to be taken with a grain of salt because there is no way to check their number and it allows them to create an instant “credibility gap”.

PolAgnostic on June 11, 2013 at 2:12 PM

Seems to me Booz Allen Hamiltion has more incentive to lie than Snowden but who knows? I just know that I trust my government unconditionally!

d1carter on June 11, 2013 at 2:12 PM

Someone has rootly powers. And that person can see everything. Unless individual files are encrypted, in which case all you see is the encrypted file.

I wouldn’t expect that person to be a contractor. That said, it is much easier to breach a secure network from inside the external firewalls. And if some of the software on the network was, shall we say, less-than-secure, or improperly set up you could find holes were you didn’t think you had any.

You network routers, or even printers can be a source of insecurity.

I R A Darth Aggie on June 11, 2013 at 2:12 PM

I’m guessing he didn’t use a Lady Gaga CD.

Christien on June 11, 2013 at 2:13 PM

Any lie he tells, however small, will raise doubts about his motives. Seems weird that he’d open himself up to a challenge on something as minor as that.

Who knows why insane megalomaniacs lie about minor details? They are just that way.

thuja on June 11, 2013 at 2:13 PM

Maybe only 30 or 40 agency officials had access to that FISA order that leaked

Twenty of which probably used “P4$$w0rd” as their password.

The Rogue Tomato on June 11, 2013 at 2:14 PM

Google glasses?

Christien on June 11, 2013 at 2:14 PM

This seems to answer my question from another thread which was How is Snowden’s case different from Binney’s.

Maybe they want Snowden to get whoever supplied him with the FISA order.

workingclass artist on June 11, 2013 at 2:15 PM

jms on June 11, 2013 at 1:22 AM

jms had a really good post on the other Snowden thread about how the IT guys have nearly unlimited access – they just typically don’t abuse that access.

dentarthurdent on June 11, 2013 at 2:16 PM

Any lie he tells, however small, will raise doubts about his motives. Seems weird that he’d open himself up to a challenge on something as minor as that.

Why do we care?

Axe on June 11, 2013 at 2:16 PM

Snowden is the Zaphod Beeblebrox of this clusterfark.

Count it.

Purple Fury on June 11, 2013 at 2:17 PM

If this kid was so skilled with computers that he was able to gain a high security clearance and a six figure job after being a security guard with no degrees, I would bet on the hacker angle.

eski502 on June 11, 2013 at 2:17 PM

Putin is having a good week watching all of this.

workingclass artist on June 11, 2013 at 2:17 PM

Either I’m right that he conspired with someone higher up the chain who fed him these highly sensitive documents or the guy’s some sort of master hacker who managed to slip past NSA’s internal security to lift top-secret stuff off their servers.

Or he’s exaggerating. Maybe he got some documents, somehow, and is spinning it into a much bigger story that what it actually is, knowing that the NSA can’t call BS because that would then force them to out what they’re actually doing.

rbj on June 11, 2013 at 2:17 PM

Has anyone checked to see if Snowden has any connections to Sandy “Socks” Berger?

Dusty on June 11, 2013 at 2:18 PM

I just know that I trust my government unconditionally!

d1carter on June 11, 2013 at 2:12 PM

…especially anyone from NSA or IRS who might be reading these posts…..

dentarthurdent on June 11, 2013 at 2:18 PM

Maybe only 30 or 40 people had access, but that’s 30 or 40 too many.

Plus, if Snowden got the goods while not having authorized access, then all I can say is, “Great job of oversight there, NSA!”

Liam on June 11, 2013 at 2:18 PM

Twenty of which probably used “P4$$w0rd” as their password.

The Rogue Tomato on June 11, 2013 at 2:14 PM

Yeah and about five more used their kids names.

Happy Nomad on June 11, 2013 at 2:19 PM

Any lie he tells, however small, will raise doubts about his motives.

If only this were true of everyone that’s involved in government.

AScott on June 11, 2013 at 2:19 PM

I know a guy that did IT. He would have to come in and fix the General’s computer. Sometimes, he would have to log in. He was told by the people that if the general didn’t leave his computer logged in, you could find the password to it on the last page of the blotter on his desk.

Now here’s the thing. We deal with information that we’re trusted to deal with because we have to. It’s understood by both parties that doing untoward stuff with the information is in no-one’s best interest, it is a situation of honor.

As for NSA’s network, seem like the NSANet was a massive virtual or even real intranet; a person with the right privileges who is a sysadmin *IS A PERSON WITH ROOT ACCESS.* The majority of people who work in these places, who may have HIGHER RANKS than the sysadmins (up to the top technical officer, at least in private/contract environments) do not have the level of access the sysadmin does, though in theory the sysadmin is their servant and thus is following orders from these higher-ups.

The problem is you can’t give the higher ups the ROOT access because they don’t know what to do with it. Without trust this system does not work. This is why insiders are the most important way information is leaked out. Mass surveillance does not compare to human intelligence, especially a human intelligence that knows how the system works.

RiverCocytus on June 11, 2013 at 2:20 PM

If this is the case, then maybe one or maybe more of the maybe 30 or maybe 40 may have called that IT guy maybe Ed to fix their computer problems?

Christien on June 11, 2013 at 2:21 PM

He lied for the same reasons people like Al Gore and John Kerry lie. The need to embellish his accomplishments because he is such a panty waste.

bopbottle on June 11, 2013 at 2:21 PM

Snowden is the Zaphod Beeblebrox of this clusterfark.

Count it.

Purple Fury on June 11, 2013 at 2:17 PM

Nah. Not as cool.

MadisonConservative on June 11, 2013 at 2:21 PM

Maybe only 30 or 40 agency officials had access to that FISA order that leaked

Twenty of which probably used “P4$$w0rd” as their password.
The Rogue Tomato on June 11, 2013 at 2:14 PM

I’m willing to give them the benefit of the doubt and say they are smarter than that. They used “ASDFG”.

whatcat on June 11, 2013 at 2:22 PM

Like the TSA, another example of security theater. Under the auspices of making us safer, the federal government is creating an illusion of security and spending hundreds of millions to do it, while simultaneously eroding our liberty and potentially putting us as risk by ignoring real threats.

Dead Hand Control on June 11, 2013 at 2:22 PM

I mean this huge PRISM didn’t detect the boston bombers, and got hacked by a rogue “contract” employee. If Snowden can do this, imagine how many super hackers in China, and other rogue countries can?

So the question is, does anyone really expect this to keep us safe from terrorists?

Raquel Pinkbullet on June 11, 2013 at 2:23 PM

Way to go!!!

Schadenfreude on June 11, 2013 at 2:23 PM

So the question is, does anyone really expect this to keep us safe from terrorists?

Raquel Pinkbullet on June 11, 2013 at 2:23 PM

NO – it didn’t stop 5 domestic terrorist acts since 9/11.

The claim that it stopped a big act in NY’s subway system was disputed by the cops there.

Schadenfreude on June 11, 2013 at 2:24 PM

I just know that I trust my government unconditionally!

d1carter on June 11, 2013 at 2:12 PM

We really ought to have an NSA Stasi appreciation day. Everybody could ping the system with the same keyword(s) just as way of saying “hey” to our friends at the NSA.

Happy Nomad on June 11, 2013 at 2:25 PM

Worth reposting from very early this morning:

IT systems administrators are odd birds. I was a systems administrator for a university. You can compartmentalize all of the analysts, and put security limits on everyone else in the organization, but the system administrator is the digital equivalent of the maintenance man with the master key to the building who goes around and fixes broken faucets and the broken light switch in the CEO’s office after hours. Everywhere, but invisible. Systems administrators often have full root access and all the master passwords to all of the machines they are responsible for, because someone has to have all that access and all those passwords in order to go in and fix the computers when they break, and that person is the sysadmin. They are the exception to the security rules because they have to fix the security machinery when it breaks. Now you can control and regulate system administrator access, but most institutions don’t. Sysadmins tend to become the most trusted of employees.

Systems administration tends to attract a certain personality type — people who keep to themselves and only care about keeping the computers running. A system administrator might well have full access to all files on a computer, all the email of everyone using the computer, but would never think of reading the email or looking at the files — all he would be interested in is whether the disk was filling up or if the machine was crashing. It’s the Aspergers-near-autistic personality type. They could read the CEO’s email without fear of detection with a few keystrokes, but this would be as unthinkable as breaking into his office and opening his mail. I was in a group of a dozen sysadmins, and as far as I know, none of us ever went snooping. We would have been insulted by the idea that we would abuse our trust in that fashion. The NSA may well have let their guard down by the general invisibility of the system administrator.

As a sysadmin, Snowden was probably much more of a fly-on-the-wall than anyone around him realized. He probably really could have copied Barack Obama’s email. Or done a Manning-style data dump of the NSA servers. He may well have been one of only a few people in the whole NSA capable of executing this leak.

A couple of observations —

1) Obviously he copied a powerpoint presentation. It seems very unlikely that this was all he copied. I would fully expect that he would have copied a lot more than just one powerpoint presentation. The NSA must at this point assume that all of their activities — everything — may be compromised.

2) The H1B visa program is bringing more and more foreign students into the system administration field. If our national adversaries wanted to plant spies in U.S. industry and government, the H1B program would be exactly the place to put them. So there is a real question about the wisdom of bringing in foreign workers to such sensitive positions.

jms on June 11, 2013 at 1:22 AM

dentarthurdent on June 11, 2013 at 2:25 PM

Interesting…….

cmsinaz on June 11, 2013 at 2:25 PM

My bet is that, if Snowden had help, he doesn’t have any idea who gave it to him.

A System Admin would obviously have lots of rights most other people don’t have and it would be easy for a senior sys admin to grant additional rights, or get them granted, to someone like Snowden.

Sometimes when you lead a horse to water you can indeed get him to drink, and Snowden sounds like the sort of guy (or ego) who, upon discovering he had mysteriously been granted extensive rights, fully intended to use them. And did.

MTF on June 11, 2013 at 2:25 PM

Maybe, I guess. But explain to me again why we care about his motives, or indeed his credibility? The documents speak for themselves and are either true or false. Has anyone anywhere suggested that the documents are forged or doctored, such that Snowden’s motives and credibility become relevant?

Fabozz on June 11, 2013 at 2:09 PM

I suspect the reason they are doing this is to try and get out front and mitigate the rest of the stuff he claims to have in his possession.

As a lawyer once told me, if you can prove the little facts of any witness statements are false, you can destroy their credibility in a criminal/civil case. It is the little details that almost always trip people up he said.

Johnnyreb on June 11, 2013 at 2:25 PM

did Snowden collect this stuff steadily over time, by accessing different NSA “compartments,” rather than in one grand heist? Because if so, that’s an even more catastrophic internal security breakdown. Could NSA counterspies have missed repeated breaches?

AP don’t believe the “official spokesperson.” IT people have access across everything. Could he order a “wiretap?” I don’t think so. Could he snoop on a lot of stored docs on various PCs. Yeah very likely. Booz says he only worked there three months at a rate of $122k. He’s earning over $60 and hour W2 contract and with overtime and bennies, he could take in close to 200k.

What this tells me is their internal net is not secure, their individual machines are not secure and he just walked off with power point deck and other files that he copied from someone’s PC who has their drive shared. He doesn’t have the hacker mojo to do anything else.

dogsoldier on June 11, 2013 at 2:26 PM

If this kid was so skilled with computers that he was able to gain a high security clearance and a six figure job after being a security guard with no degrees, I would bet on the hacker angle.

[eski502 on June 11, 2013 at 2:17 PM]

At one time the tech companies were hiring the computer geeks right out of high school, though IIRC it was the gaming industry that was the big drain on the supply. But since the demand for the cream was so high, the Feds were stuck with taking what was left. That might be second rate, but probably still good enough to do what would be needed, and he would have been able to learn a lot on the job.

Dusty on June 11, 2013 at 2:26 PM

Great idea HN @2:25

cmsinaz on June 11, 2013 at 2:28 PM

maybe 30 or maybe 40

big range

Robert_Paulson on June 11, 2013 at 2:28 PM

http://www.boozallen.com/media-center/press-releases/48399320/statement-reports-leaked-information-060913

LESS than three months. So he sat down and grabbed files off of unsecured servers or individual PCs. users do dumb stuff like sharing drives and download trojan laced porn all the time.

One place I worked recently was still using security software from the last century… How secure do you think that was?

dogsoldier on June 11, 2013 at 2:29 PM

the tendency is to say the person addressed to. these officials have secretaries and support staff. why could’t it be one of them

gerrym51 on June 11, 2013 at 2:30 PM

Hopefully we’ll be able to game all of this out as part of the great national debate on NSA spying that Obama supposedly welcomes but won’t lift a finger to actually make possible.
-Allah

THe debate was yesterday. It’s over now. We all agree that Snowden is a traitor who compromised our security.

Now let’s move on to the next debate – should million newly legalized ‘immigrants’ be allowed to vote in 10 or 11 years? As a Republican and a border hawk, I’m for 11 years. I think the dem’s 10 year plan is too liberal.

BoxHead1 on June 11, 2013 at 2:31 PM

Like the TSA, another example of security theater. Under the auspices of making us safer, the federal government is creating an illusion of security and spending hundreds of millions to do it, while simultaneously eroding our liberty and potentially putting us as risk by ignoring real threats.

Dead Hand Control on June 11, 2013 at 2:22 PM

I mean this huge PRISM didn’t detect the boston bombers, and got hacked by a rogue “contract” employee. If Snowden can do this, imagine how many super hackers in China, and other rogue countries can?

So the question is, does anyone really expect this to keep us safe from terrorists?

Raquel Pinkbullet on June 11, 2013 at 2:23 PM

Has anyone NOT seen Live Free or Die Hard – about the hacker “fire sale” attack?
This whole Prism thing is starting to make that movie plot look way too real.

dentarthurdent on June 11, 2013 at 2:31 PM

NO – it didn’t stop 5 domestic terrorist acts since 9/11.

The claim that it stopped a big act in NY’s subway system was disputed by the cops there.

Schadenfreude on June 11, 2013 at 2:24 PM

I agree. It’s not about protecting US.

This program is about PROTECTING THE ARISTOCRACY – AND CONTROLLING US.

dogsoldier on June 11, 2013 at 2:31 PM

@dentarthurdent

There is a sort of professionalism; kind of like how doctors don’t subtly poison you when you get surgery so you have to come back for more treatment. There’s a tacit code of honor.

However, I have heard horror stories about the NSA, about disillusioned people going nuts and so forth, so if anyone is vulnerable to a spontaneous defection, it would be the NSA.

And no, someone didn’t ‘magically’ grant him rights to this from high up. Read dentarthurdent’s comment, it explains it better than I can.

RiverCocytus on June 11, 2013 at 2:33 PM

Could the IT guy have had routine access to bombshell surveillance program data?

Yes. Don’t think that the NSA is so great at internal security. That is pretty much never a government forte – nor a particular concern.

ThePrimordialOrderedPair on June 11, 2013 at 2:33 PM

I suspect the reason they are doing this is to try and get out front and mitigate the rest of the stuff he claims to have in his possession.

Oh, I understand completely why the government and its courtiers in the Fourth Estate are doing this; if I were they I’d do it too. I just don’t understand why everyone else is going along with it.

Fabozz on June 11, 2013 at 2:34 PM

Hopefully he got Barry’s college transcripts.

Philly on June 11, 2013 at 2:35 PM

Hopefully he got Barry’s college transcripts.

Philly on June 11, 2013 at 2:35 PM

Now that would be interesting, but you know if they contained great grades, he would have them mounted on billboards coast to coast or at least on an 80 million dollar website.

dogsoldier on June 11, 2013 at 2:36 PM

Hopefully he got Barry’s college transcripts.

Philly on June 11, 2013 at 2:35 PM

Now THAT would demonstrate some real top quality hacker/IT skills…

dentarthurdent on June 11, 2013 at 2:37 PM

Like the website he built to expound on the benefits of the Porulous.

Remember that?

dogsoldier on June 11, 2013 at 2:38 PM

Well look at the bright side. Even if the NSA is collecting all of our data and Obama is using it against his political enemies, they are at least incompetent.

William Eaton on June 11, 2013 at 2:38 PM

Any lie he tells, however small, will raise doubts about his motives.

This applies to Hussein too ?

burrata on June 11, 2013 at 2:38 PM

SNOWDEN SQUIRREL!

Midas on June 11, 2013 at 2:39 PM

Hopefully he got Barry’s college transcripts.

Philly on June 11, 2013 at 2:35 PM

Maybe Pootin has them .

burrata on June 11, 2013 at 2:40 PM

Normally, this is where I’d say there are only two obvious possibilities: Either I’m right that he conspired with someone higher up the chain who fed him these highly sensitive documents or the guy’s some sort of master hacker who managed to slip past NSA’s internal security to lift top-secret stuff off their servers. But I can’t say that in this case because none of us really has any idea how NSA operates. Could the IT guy have had routine access to bombshell surveillance program data? I … don’t think so, but I … guess, maybe?

Yes AllahP, this is the correct question.
…something fishy bout this.

Fleuries on June 11, 2013 at 2:41 PM

“Screengrabs” are prohibited.

I would hope that cell phones are collected at the door to any facility with “behind the firewall” access but anyone can “screen grab” with any camera.

trapeze on June 11, 2013 at 2:42 PM

That IT guy who worked for Brennan’s firm had no problem “breaking” into Barky’s passport data back in the 2008 campaign. Of course, Quarrels is now dead (shot in the head while sitting in his car in his church parking lot … happens all the time) and Barky’s skank mom’s passport records from that time have interestingly “disappeared”.

ThePrimordialOrderedPair on June 11, 2013 at 2:42 PM

jms on June 11, 2013 at 1:22 AM

.
dentarthurdent on June 11, 2013 at 2:25 PM

.

dogsoldier on June 11, 2013 at 2:26 PM

.

MTF on June 11, 2013 at 2:25 PM

.
The problem with all of the theories being put forward is they are based on a LAN/WAN/ServerOS frame of reference.

The NSA systems have audit trails out the wazoo. I’ll spare you the technical details but audit trails are designed so EVERY SINGLE action by ANYONE regardless of “root” or “privilege” level leaves a trail.

At a NSA type of agency, the audit trails form a multidimensional matrix that allows cross validation of each individual audit trail system against multiple separate audit trail systems.

Edward Snowden HAD other people who supplied him with material.

He is just the “mule” delivering the product to the media.

The reason Feinstein, Boehner et al are throwing out the word “TRAITOR” is because they’ve BEEN told it was a existential impossibility for Snowden to have accessed everything he provided to the Guardian. They are being used to apply pressure to the unknown person(s) who sourced information to Snowden.

PolAgnostic on June 11, 2013 at 2:44 PM

Hopefully he got Barry’s college transcripts.

Philly on June 11, 2013 at 2:35 PM

I’m more interested in Barky’s board scores. You want a laugh? Wait until you see his SATs and LSATs.

ThePrimordialOrderedPair on June 11, 2013 at 2:45 PM

PolAgnostic on June 11, 2013 at 2:44 PM

Audit trails don’t preclude access. They are only after-the-fact “security”.

ThePrimordialOrderedPair on June 11, 2013 at 2:47 PM

One of the problems of the neo-ludditism promoted by companies such as Apple is that when you can’t see the seams, you forget the technology really being used.

The person who maintains the security system always has trusted access. It’s like Calvin says in Calvin & Hobbes when his Dad asks him why he complimented the barber after his haircut. He replies, “I figure, never insult a guy with a razor.”

RiverCocytus on June 11, 2013 at 2:47 PM

The reason Feinstein, Boehner et al are throwing out the word “TRAITOR” is because they’ve BEEN told it was a existential impossibility for Snowden to have accessed everything he provided to the Guardian. They are being used to apply pressure to the unknown person(s) who sourced information to Snowden.

PolAgnostic on June 11, 2013 at 2:44 PM

I think that the reason Feinstein, Boehner et al are throwing out the word “TRAITOR” is because their allegiance is to Hussein, NOT to USA .

burrata on June 11, 2013 at 2:47 PM

users do dumb stuff like sharing drives and download trojan laced porn all the time.

[dogsoldier on June 11, 2013 at 2:29 PM]

Or like using non-governmental sockpuppet e-mail addresses to communicate out of reach of FOIA?

Dusty on June 11, 2013 at 2:48 PM

That’s one possibility — Snowden in cahoots with a more senior person who wants the information out but doesn’t want his fingerprints on it.

That’s exactly the conclusion I came to two days ago. There is no way ANYONE in Hawaii would need access to that FISA order.

Has The Guardian ever said explicitly that it got the FISA order from Snowden?

crosspatch on June 11, 2013 at 2:48 PM

That’s the new thing they are trying to float out there. So, that means:

- Snowden got his info from someone else up the food chain and agreed to front the leak.

- Snowden is an idiot and a liar, but really security for all this is so bad and they are spinning on how much of a moron he is in order to save face.

- Snowden is some kind of sooper whiz that managed to hack into the NSA files.

Or any bit and piece here and there. The actual truth is probably something mundane so Occam’s razor usually applies – that Snowden is neither remarkable nor an idiot and was able to get past a not-so-secure system and get what he wanted.

And the water will be so muddied that we’ll never really know the truth.

kim roy on June 11, 2013 at 2:48 PM

PolAgnostic

And what about the person who maintains the audit system?

;)

RiverCocytus on June 11, 2013 at 2:49 PM

NO – it didn’t stop 5 domestic terrorist acts since 9/11.

The claim that it stopped a big act in NY’s subway system was disputed by the cops there.

Schadenfreude on June 11, 2013 at 2:24 PM

The claim is now up to 5????

DiFi claimed the programme prevented 2 attacks two days ago. Those attacks were:

1. The planned NYC subway bombing, which was not, in fact, prevented by PRISM or the metadata collection from phone companies.

2. The attack in Mumbai (not domestic), which happened ANYWAY and resulted in the deaths of 166 people.

Just those two claims are bogus. What are the other 3 attacks that the Surveillance State allegedly prevented? Did they say?

Resist We Much on June 11, 2013 at 2:49 PM

I just know that I trust my government unconditionally!

d1carter on June 11, 2013 at 2:12 PM

…especially anyone from NSA or IRS who might be reading these posts…..

dentarthurdent on June 11, 2013 at 2:18 PM

Yup , those guys are the best .
( please verify my IP when the purges starts)

the_nile on June 11, 2013 at 2:50 PM

I have no faith in the NSA’s security procedures/methods in safeguarding information. As for only 30-40 people having access to it, I call BS.

If it’s on a hard drive, on paper, or on disk, anybody can gain access to it no matter how secure you think it is.

portlandon on June 11, 2013 at 2:07 PM

Exactly. And system administrators frequently can access pretty much anything. Even if the government isn’t using this data to spy on US citizens, the fact that a repository exists makes it far easier for anyone to access the data for their own purposes.

talkingpoints on June 11, 2013 at 2:51 PM

RWM – he said ‘didn’t', not, did

I set up an extensive audit system for some software we created. But the audit only applies to those using the software in the front end. Anyone who has access to the database to maintain it can make modifications without audit.

NSA has some software that does audit on the actions at workstations, sure. The printers audit actions as well, Ok.

But how hard is it, if you are responsible for the security maintenance, to circumvent these controls so you can actually fix stuff?

I keep saying this – if these aren’t physical documents, the ‘where’ of Hawaii is meaningless. It’s not like someone mailed them there, you doofs! If the computers were on the network that could access NSA’s probably WONDERFULLY CENTRALIZED data trove, then it doesn’t matter whether they ‘need to be in Hawaii’ or not. It only matters that this security person had access, which we can only assume he did for the purpose of imaging hard drives, setting up the audit software on the workstations, and so forth.

And since all of this is secret, we don’t know that the NSA doesn’t actually have a record of what he did – and doesn’t want to reveal that they actually can’t keep up with their own audit trails well enough to stop a leak like this.

RiverCocytus on June 11, 2013 at 2:55 PM

Or any bit and piece here and there. The actual truth is probably something mundane so Occam’s razor usually applies – that Snowden is neither remarkable nor an idiot and was able to get past a not-so-secure system and get what he wanted.

The problem is he seems to have full copies of real documents that one would not think would exist in Hawaii (well, at least the FISA order wouldn’t exist there locally). The PRISM powerpoint might have been a training aid for new analysts, I have no idea, but if it was, it could have existed anywhere.

And system administrators frequently can access pretty much anything. Even if the government isn’t using this data to spy on US citizens, the fact that a repository exists makes it far easier for anyone to access the data for their own purposes.

You are assuming there is a “repository”. Since Snowden was not directly involved in any of these projects, it sounds to me like there is a lot of speculation on his part.

crosspatch on June 11, 2013 at 2:59 PM

Washington Post is already backing down from a lot of the earlier reporting:

http://legalinsurrection.com/2013/06/five-clarifications-we-cant-ask-of-edward-snowden/

crosspatch on June 11, 2013 at 3:03 PM

If Manning could copy all that info , a sys admin would have no problem compromising the system.

the_nile on June 11, 2013 at 3:05 PM

Call up Adam Baldwin. John Casey would know the answer.

FiveG on June 11, 2013 at 3:06 PM

If Manning could copy all that info , a sys admin would have no problem compromising the system.

the_nile on June 11, 2013 at 3:05 PM

As far as I know, Manning had access to diplomatic cables and that is pretty much about it besides some local product from where he was working.

crosspatch on June 11, 2013 at 3:08 PM

He got the document from a couple of low level staffers in Cincinnati.

bopbottle on June 11, 2013 at 3:08 PM

Audit trails don’t preclude access. They are only after-the-fact “security”.

ThePrimordialOrderedPair on June 11, 2013 at 2:47 PM

.
With all due respect, you are completely wrong. I caught an internal hacker with root level privileges as part of his job requirement because he believed he had turned “tracking off”.

It cost him his job when the evidence was provided to the owner of the company, who was a lawyer and wanted proof that would hold up in court.

And what about the person who maintains the audit system?

;)

RiverCocytus on June 11, 2013 at 2:49 PM

.
What I am referring to as “audit trail” sytems are built into the operating system down at the “silicon level”, as we used to call it.

There is only ONE way to turn off a true audit trail system.

Power the system down completely.

For an NSA type facility, the hardware is “audited” by a spearate system “owned” by a separate group of people under a different reporting chain.

As I mentioned in my previous post, there is no “Mission Impossible” hack that applies to this type of facility.

I know the term “multidimensional matrix that allows cross validation of each individual audit trail system against multiple separate audit trail systems” is not necessarily self explanatory so I’ll take a different tack.

The world’s smartest mathmeticians, hardware gurus and paranoid schizophrenics designed everything used at the NSA from the ground up to prevent anyone being able to access anything without leaving a trail AND requiring a multiple person team drawn from separate antagonistic groups to be able to attempt something.

Or it just takes one of the 30 – 40 “trusted souls” deciding they want to share what they know.

FYI, the PowerPoint presentation was recreated outside of the NSA by someone with an eidetic memory.

PolAgnostic on June 11, 2013 at 3:17 PM

RWM – he said ‘didn’t’, not, did

Schad’s my buddy and I wasn’t criticising him. I read his post as a rebuttal to someone, who claimed that the NSA programmes HAD prevented 5 attacks. Since the last claim that I had heard was only the two that I named in my post, I was interested in what these other 3 were prevented attacks were. I was only curious is Schad had details on the other three.

Resist We Much on June 11, 2013 at 3:19 PM

PolAgnostic on June 11, 2013 at 2:44 PM

Yeah yeah, I know all that. Two points.

1. IT puts all that software in place and monitors it.
2. Those “safeguards” can be circumvented. You know that. I won’t describe details.

He didn’t work there long enough to make friends in high places, although it’s odd he got the job in the first place. I’ll tell you straight up he doesn’t have mad hacking skills or he’d be working with a different group.

Occams razor people. He got this material through some overlooked mundane mechanism. A gaping hole that no one considered.

dogsoldier on June 11, 2013 at 3:26 PM

You forgot one Allah, a very likely one:

Maybe the NSA, like other bloated Fed agencies, is simply incompetent!

For reference see
-IRS
-USPS
-EPA
-Congress
-WH
-DHS
-CIA
-FBI
etc…

Pattosensei on June 11, 2013 at 3:30 PM

Theory Three. Snowden is only the public face on documents he got from the Chinese because they were the ones who could hack into the NSA computers. Sounds far-fetched but I always question the timing of this stuff, he was lurking in Hong Kong, and I just don’t buy this guy as a computer genius who had only been working for this contractor a couple months.

Happy Nomad on June 11, 2013 at 2:12 PM

IF the PRC had a source in the NSA, would they burn it just to make the US look two-faced on complaints about Chinese hacking?

KW64 on June 11, 2013 at 3:32 PM

300 million Americans can’t keep up with their own email. A few thousand at NSA certainly aren’t.

I am convinced of the following:

PRISM was, indeed, likely targeted only at foreigners who have accounts on US services such as gmail and yahoo and skype, etc.

The telephone records, which were requested by FBI (NSA wasn’t “targeting” citizens here, FBI was, and they have jurisdiction over US domestic communications monitoring) were likely done for analysis to discover domestic networks of individuals communicating with known bad guys overseas.

But a lot of people are just going off on wild tangents.

crosspatch on June 11, 2013 at 3:36 PM

He could just be the guy who runs back-ups.

A few damaged pieces of storage media destined for the crusher/shredder/incinerator get misplaced and there you go. Audit trail done, media accounted for as destroyed. Data smuggled out or just intercepted on a loading dock.

In theory these folks don’t care about what they are backing up… but that puts the whole theory and practice conundrum into play. And practice always trumps theory, every single time.

The problem at these INTEL agencies is that digital storage is getting way too cheap, way too small and way too easy to move data to. Just because you have a big facility with lots of storage doesn’t mean it isn’t going to leak like a sieve…better to stay small, focused and concentrated on a very few tasks. Too bad the politicians think that bigger is better… now the price will start to be paid for that mentality.

ajacksonian on June 11, 2013 at 3:41 PM

With all due respect, you are completely wrong. I caught an internal hacker with root level privileges as part of his job requirement because he believed he had turned “tracking off”.

With all due respect, caught him doing WHAT? Trying to access data or actually having accessed it?

Audit trails don’t stop access any more than video surveillance stops physical access. Most video surveillance is to provide information about WHAT ALREADY HAPPENED, as it is more expensive to have 24/7 real-time monitoring of all video surveillance than it is to build or run the system, itself.

It cost him his job when the evidence was provided to the owner of the company, who was a lawyer and wanted proof that would hold up in court.

Again, proof of what? An unsuccessful attempt to access because you got the audit alarm in real time and stopped him as he was typing at his keyboard (which I don’t know why that would be necessary in court unless you were pressing charges, which doesn’t appear to be what your company did) or proof of actual access (i.e. after-the-fact information)?

ThePrimordialOrderedPair on June 11, 2013 at 3:41 PM

PERSONS OF INTEREST, and THE MACHINE
What information did Edward Snowden release?
Can not seem to get an answer to that question.
What information that dose seem to be attributed to him can be back traced to news and info pieces published earlier in other sources written by other people. Any revelations and release of insider operations is being made available by the Intel Community and various government agencies. This is most important, let me try it another way. If there was 100 lbs of poop coming out of this, 98 lbs is being leaked by the government in their denials and cover-ups. Only 2 lbs is coming from Edward Snowden.
Something about this whole thing smells of set-up.
Just like a script from the TV show “Persons of Interest”.

I posted this in another place then felt that this may be more appropriate since it is providing insider information by the government and kind of proves my point.

jpcpt03 on June 11, 2013 at 3:42 PM

Truth, Snowden and the Surveillance State

Islam rises alongside our collectivist Superstate. Mosques prolierate in this country, sharia advances, the superstate flexes, freedom of speech constricts, policing becomes more thuggish, the superstate stockpiles bullets, crowd control becomes more restrictive, fear grows, privacy is extinct, the superstate imposes, requires, invades, provides, rewards, punishes, socializes medicine, targets individuals, covers up everything, ramps up the IRS for your “health,” tracks your electronic life, your phone calls, your travel, your mail.

Snowden strikes, grabs our attention about what we should have known was happening.

It was a gigantic act of courage, it has struck me so far, seemingly from idealism, seemingly to unmask the machine secretly grinding away any remaining semblance of the American republic. Then again, as others have noted, this is a young man who seems to consider himself a citizen of the world. Then again, given that he is a creature of his time, how could he not? What school system in America teaches youngsters pride in the founding of this country?

Is Snowden real? Was he duped? Is he dead? We don’t know. Is he a hero? I think so, but if it turns out he is working for China or takes refuge in Russia — both totalitarian enemies of liberty — then I will think again.

What I do know for sure is that Edward Snowden has thrown down the gauntlet.

The heroism is up to us.

VorDaj on June 11, 2013 at 3:46 PM

Yeah yeah, I know all that. Two points.

1. IT puts all that software in place and monitors it.
2. Those “safeguards” can be circumvented. You know that. I won’t describe details.

He didn’t work there long enough to make friends in high places, although it’s odd he got the job in the first place. I’ll tell you straight up he doesn’t have mad hacking skills or he’d be working with a different group.

Occams razor people. He got this material through some overlooked mundane mechanism. A gaping hole that no one considered.

dogsoldier on June 11, 2013 at 3:26 PM

I will refer you to my later post.

PolAgnostic on June 11, 2013 at 3:17 PM

.
If you want to believe true audit trail systems can be bypassed, you are welcome to your opinion.

For anyone else, especially those who work on true audit trail systems – believing you can bypass an audit trail system is a great way to end up unemployed, at best, or incarcerated (and many firms now press charges against internal hackers as S.O.P. to “encourage the others”)

PolAgnostic on June 11, 2013 at 3:46 PM

300 million Americans can’t keep up with their own email. A few thousand at NSA certainly aren’t.

crosspatch on June 11, 2013 at 3:36 PM

A few thousand at the NSA and their patrons in government and maybe any union boss with a NSA connection could access any ONE of the 300million accounts that are in the NSA db through the PRISM front end.

That we are forgetful with our emails is NOT RELEVANT.

BoxHead1 on June 11, 2013 at 3:54 PM

A connection in the NSA

BoxHead1 on June 11, 2013 at 3:55 PM

ajacksonian on June 11, 2013 at 3:41 PM

An NSA level facility has all of your proposed methods covered.

If you want to believe true audit trail systems can be bypassed, you are welcome to your opinion.

ThePrimordialOrderedPair on June 11, 2013 at 3:41 PM

Having been a global, corporate director and having been through weeks of HR training related; details of personnel actions are CONFIDENTIAL … FOREVER … for the simple reason that sharing them anywhere, much less the internet, is a GREAT way to end up being sued.

If you want to believe true audit trail systems can be bypassed, you are welcome to your opinion.

SIDE NOTE: People tend to think “being in the know” is cool … or something. It isn’t cool. There are things you learn about people’s lives when you are “in the know” which will literally make you sick to your stomach and wish you didn’t know … because you still end up having to treat those people in a “professional manner” regardless of what you have learned.

PolAgnostic on June 11, 2013 at 3:59 PM

I AM SO SICK OF THE DIVERSIONS AND DEFLECTIONS.

WHy in the world would any thinking person assume that agents, BEHOLDEN TO A PATRON – A POLITICAL BOSS – will not use our private emails and PRISM’s broad analysis capabilities in order to hold on and further their own power?

Who here believes that man is inherently pure and honest? It seems some of us do. Our founders didn’t. Reagan didn’t. Marx DID.

BoxHead1 on June 11, 2013 at 4:02 PM

If you want to believe true audit trail systems can be bypassed, you are welcome to your opinion.

Why do you keep trying to refute this point? This is NOT what I said, nor anything related to what I argued. Not even close. I said that audit trails are for after-the-fact information, which they are. I gave you the analogy with video surveillance to help make that perfectly clear.

ThePrimordialOrderedPair on June 11, 2013 at 4:03 PM

I have been a network engineer for tech companies who have national and international users for 20 years. I work in silicon valley. I have never, ever, seen any outside “direct access” to anyone’s servers or any constant 100% monitoring of all traffic. That would be physically impossible. We would have to double the US bandwidth infrastructure to do it. It is not only wrong, it’s crazy. Please stop making things up in your heads and spewing it like it is fact. It’s nuts.

crosspatch on June 11, 2013 at 4:07 PM

Comment pages: 1 2