General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsSnowden smuggled out THOUSANDS of documents on a thumb drive.
But he thinks he's not like Bradley Manning because Snowden only leaked selectively.
Right. What's he going to do with the rest of the documents that he hasn't leaked yet? Use them to extort concessions from the US? Sell them to China? What's this unemployed computer guy going to do?
http://www.wired.com/threatlevel/2013/06/snowden-thumb-drive/
The dreaded thumb drive has struck the Defense Department again as word comes that NSA whistleblower Edward Snowden smuggled out thousands of classified documents on one of the portable devices, despite the militarys efforts to ban them.
Investigators also know how many documents Snowden downloaded from the NSA network and what server he took them from, according to the Los Angeles Times, quoting an unnamed official.
Officials have not indicated how many documents Snowden swiped, but the Guardian reported this week that Snowden left Hawaii with four laptops that enabled him to gain access to some of the US governments most highly-classified secrets.
Snowden was a systems administrator, contracted out to the NSA by Booz Allan Hamilton. He worked at the NSAs facility in Hawaii just four weeks before he asked for a leave of absence without pay, then absconded with the documents hed siphoned from the NSA network on the thumb drive and flew to Hong Kong, where hes been since May 20.
SNIP
http://www.latimes.com/news/politics/la-pn-snowden-nsa-secrets-thumb-drive-20130613,0,791040.story
Officials said they still dont know how Snowden got access to an order marked Top Secret from the Foreign Intelligence Surveillance Court, or a highly-classified directive from President Obama authorizing a military target list for cyber attacks. Neither document would be widely shared, or normally available to a low-level NSA employee.
Bonobo
(29,257 posts)that he should have the charge of secretly stealing data leveled against him by the people who secretly stole the data of tens of millions of people.
pnwmom
(108,977 posts)that unidentified phone numbers were being collected.
Bonobo
(29,257 posts)It was a hell of a lot more than that. And yes, in secret. Much of most of it is still secret.
pnwmom
(108,977 posts)If the government wanted more information, such as a wiretap, they'd have to go to the judge with probable cause and get a warrant.
And this collection of phone numbers was debated in public when the Patriot Act was passed, which you'd know if you'd been paying attention. It was no secret.
nadinbrzezinski
(154,021 posts)Most hearings, when held are cosed door.
frylock
(34,825 posts)using that to rationalize this program is fucking ludicrous.
pnwmom
(108,977 posts)when it passed and everyone knew it involved collecting phone numbers. That wasn't a secret.
The only part of what Snowden said about this that was "news" turned out to be false. The Prism program collects data from foreign targets, not U.S.
Exactly. They want us to trust them to use the data legally and in a responsible manner but can't even protect the friggin' information from being leaked. Trust them? Not in this lifetime.
randome
(34,845 posts)[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]
dixiegrrrrl
(60,010 posts)pinboy3niner
(53,339 posts)Blue Owl
(50,351 posts)geek tragedy
(68,868 posts)What kind of lax security do they have?
pnwmom
(108,977 posts)that were supposed to protect against unauthorized downloads.
I know nothing about computers but this seems like an extremely hard problem to solve -- everything seems to hinge on the honesty of the tech people.
Aerows
(39,961 posts)Well that much is clear. This is about as easy to solve as a script and locking down the BIOS.
CakeGrrl
(10,611 posts)This exposes his employer as having very lax security. They should know or should track who has the privileges of copying data to external media to thumb drives, but should rethink how or why they allow that capability. Seems pretty clear that he's abused his sys admin privileges at minimum.
They should at least have logged what was copied from his computer to the thumb drive.
I suspect he'll go down as a common data thief / trafficker of government documents rather than the hunted martyr.
Aerows
(39,961 posts)Describes it all.
Aerows
(39,961 posts)This is dumb as stumps levels of technology and just as easy to prevent from happening.
NightWatcher
(39,343 posts)None that I had access to even had USB sockets on them. I wonder what/how he figured that out.
FarCenter
(19,429 posts)Normally, you'd install software to disable the USB ports for almost all employees, but a sysadmin would have the ability to turn them back on.
railsback
(1,881 posts)The ones everyone here is trusting with their data.
NightWatcher
(39,343 posts)This guy just keeps looking like a criminal.
Aerows
(39,961 posts)conscientious administrators lock them down both via hardware and via OS.
HipChick
(25,485 posts)does that classify as stealing govt. equipment yet?
Aerows
(39,961 posts)not haphazard fools.
pnwmom
(108,977 posts)How is that supposed to work?
Clearly, the system failed. But that doesn't let him off the hook. He still stole documents. The fact that they made it too easy for him to do so doesn't mitigate his admitted crime.
Aerows
(39,961 posts)I don't work for Booz Allen. Maybe I should. It is clearly a circus there.
Nay
(12,051 posts)contractors get to flout all the normal and expected security measures? This thing is so effed up.
Aerows
(39,961 posts)they are inaccessible if you have a halfway decent admin. I swear, Booz Allen sounds like Cletus the slack-jawed yokel of security firms.
"Some folk'll never lose a toe"
"But some folk'll"
Cali_Democrat
(30,439 posts)The new DU hero turned out to be a Chinese agent (likely paid) with a fake resume.
FSogol
(45,480 posts)Cali_Democrat
(30,439 posts)Downwinder
(12,869 posts)the U.S. spook house? Heads going to roll over this?
Cali_Democrat
(30,439 posts)It's totally unacceptable.
Whisp
(24,096 posts)sis boom bah, China! yah, that's the ticket.
yah, Eddie! we will cheer even louder if some of the info you have results in a major attack in some large U.S. city! yah! you go, man! There are more people dieing from slipping on dog shit than terror attacks so who the hell cares about numbers. Numbers, Schmumbers!
ljm2002
(10,751 posts)...it is highly unlikely that he would have gone public like he did.
railsback
(1,881 posts)Demanding a get-a-way car and cash for his silence.
Tierra_y_Libertad
(50,414 posts)OTOH, NSA might be worried about us finding out who else they've been spying on.
DevonRex
(22,541 posts)That was the other part he claimed to know - the names of operatives and station chiefs.
OilemFirchen
(7,143 posts)DevonRex
(22,541 posts)pretend deadly agents who he warned the Washington Post reporter about. He's nothing but a poser trying to act smarter than he is, more important than he is.
He might have managed to steal a few things. But he's still a loser.
OilemFirchen
(7,143 posts)But I meant why would Tierra_y_Libertad care?
Tierra_y_Libertad
(50,414 posts)And, everywhere else.
DevonRex
(22,541 posts)Even close to what he claimed. Impossible. But he might have managed to learn a couple. But personally I'd play the game of chicken out and let the agents handle themselves. They've known since he popped up in HK and said what he did about identities.
Aerows
(39,961 posts)is that if you are upset that data got leaked look at who is in charge of the data.
DevonRex
(22,541 posts)That bothers me. Never should have happened. Somebody vouched for him. Or there's a background investigator out there who's doing a lot of damage.
Aerows
(39,961 posts)doesn't it?
I'm not as worried about the system stuff because I know 2 things. One is that corporations have all this anyway, and unencrypted. I know they cannot be trusted.
Next, I know the security system isn't as he described it. That would be like a single sign-on system and it's ludicrous on its face. One guy being able to rewrite code from one location and bring down the entire intelligence network. No other humans involved, no other verification but computer code, passwords, etc?
Not only no but I'm still giggling.
Aerows
(39,961 posts)do you use a salt for your password, and modify it based upon where you log in? If not, there are probably a few locations that can access your data at will. Using the same password is pretty much a recipe for your data getting accessed. Just food for thought.
Aerows
(39,961 posts)but it's the truth. Logs reveal you passwords, and if you use the same one over and over without variation, it's simple to hack. Use a salt. That way you can remember it, but it's a variation.
I'm talking about levels in which an actual physical presence is required to be verified at different stages, in different ways. When you're talking about agencies of analysts and cryptographers and programmers, other methods are used, especially when you're talking about rewriting code to make the system disappear completely. And it wouldn't be just one person, either.
That's why I giggled at him.
Aerows
(39,961 posts)boondoggle.
Whisp
(24,096 posts)yep, most likely there are others involved in a much higher position than Edward. Someone on the inside may have paved the way.
Remember than Glen knew Ed before Ed started working there. There are at least 3 people involved in all this at that level.
Aerows
(39,961 posts)There must be a couple of others involved at this clearance level.
DevonRex
(22,541 posts)something like this. People with resentment and a need to prove they're smarter than everybody else (especially the mean government they resent for not letting them be in the Green Berets) are low hanging fruit.
pnwmom
(108,977 posts)so they just have to trust that the computer people working for them aren't working for the Chinese. Or anybody else.
Aerows
(39,961 posts)You have some pure idiots in charge of hiring. I say that without malice, it's just the truth.
Aerows
(39,961 posts)get nuclear on me for that observation?
FarCenter
(19,429 posts)Something like software and networking -- not so much.
I worked on a project managed by a retired Navy Captain -- It was all about how many "resources" do you have on this or that task. They can count people, severs, routers, etc., but they have very little understanding of what the people do or how the software is designed.
It was that way longer ago in commercial work, when minicomputers were new, and projects were run by electrical engineers who had never programmed computers.
BeyondGeography
(39,369 posts)Aerows
(39,961 posts)But it doesn't excuse the lax security at his firm. They are going to own that forever.
anyone doubt it?
JI7
(89,247 posts)even if he didn't want chinese authorities to see it could he prevent them from seeing it if they are able to get it from him ?
pnwmom
(108,977 posts)them from seeing it.
The Straight Story
(48,121 posts)and they wonder why we find things worrisome?
morningfog
(18,115 posts)hrmjustin
(71,265 posts)NCTraveler
(30,481 posts)that the state is extremely competent when securing stored information.
sibelian
(7,804 posts)I am going to be SO FUCKING DISPLEASED if some plagiaristic Asian bastard brings out a sci fi epic featuring telepathic dolphins. IT WAS MY IDEA FIRST.
It's going to happen, isn't it?
BASTARDS.