Snowden Says NSA Employees 'Routinely' Passed Around Naked Photos That Had Been Intercepted
from the because-of-course-they-would dept
One of the repeated talking points by the NSA for years has been about how there are all these “strict controls” on who has access to data and how it’s used. We’ve seen pretty clear evidence that the NSA’s definition of “strict controls” (like so many NSA definitions of plain English words and phrases) is different than what most people consider “strict controls.” After all, it insisted for months that Snowden didn’t have any access to actual surveillance data… until it was revealed that he did. There were also all those cases of flagrant abuses of the NSA’s system that were revealed last fall. The NSA pretended this showed how good they were at catching anyone who abused the system, but the details suggested otherwise. Many of the “caught” abuses only came out years later when the people who abused the systems to spy on lovers and friends admitted to it during interviews.
Keith Alexander insisted that the NSA had “100% audibility” of the actions of their employees and they made sure that no one abused their powers:
“The assumption is our people are just out there wheeling and dealing. Nothing could be further from the truth. We have tremendous oversight over these programs. We can audit the actions of our people 100%, and we do that,” he said.
Addressing the Black Hat convention in Las Vegas, an annual gathering for the information security industry, he gave a personal example: “I have four daughters. Can I go and intercept their emails? No. The technical limitations are in there.” Should anyone in the NSA try to circumvent that, in defiance of policy, they would be held accountable, he said: “There is 100% audibility.”
Of course, that doesn’t explain why so many of the “LOVINT” cases only came out after people self-confessed many years later, rather than through any audits.
Meanwhile, in the latest Ed Snowden interview (done with the Guardian’s Alan Rusbridger), Snowden reveals that NSA employees routinely would share naked photos that had been intercepted:
?You’ve got young enlisted guys, 18 to 22 years old,? Snowden said. ?They’ve suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records. In the course of their daily work they stumble across something that is completely unrelated to their work in any sort of necessary sense. For example, an intimate nude photo of someone in a sexually compromising position. But they’re extremely attractive.
?So what do they do? They turn around in their chair and show their co-worker. The co-worker says: ?Hey that’s great. Send that to Bill down the way.? And then Bill sends it to George and George sends it to Tom. And sooner or later this person’s whole life has been seen by all of these other people. It’s never reported. Nobody ever knows about it because the auditing of these systems is incredibly weak. The fact that your private images, records of your private lives, records of your intimate moments have been taken from your private communications stream from the intended recipient and given to the government without any specific authorization without any specific need is itself a violation of your rights. Why is that in a government database??
Then Alan Rusbridger, The Guardian?s editor-in-chief, asked: ?You saw instances of that happening??
?Yeah,? Snowden responded.
?It’s routine enough, depending on the company that you keep, it could be more or less frequent. These are seen as the fringe benefits of surveillance positions.”
Of course, none of this is really that new. Way back in 2008, you may recall, that it was revealed that NSA analysts were listening in on pillow talk phone calls between Americans overseas and loved ones back home… and sharing those recordings around the office:
Not only were calls between Americans listened to and recorded on a regular basis, the “good parts” (i.e., phone sex) were sent around to other operators to listen to as well. One of the operators said that on a regular basis messages would be sent around with messages like: “Hey, check this out. There’s good phone sex or there’s some pillow talk, pull up this call, it’s really funny, go check it out.”
That was revealed years before Snowden even worked for the NSA. It would appear that little has changed.
Filed Under: audits, controls, ed snowden, naked pictures, nsa, surveillance
Comments on “Snowden Says NSA Employees 'Routinely' Passed Around Naked Photos That Had Been Intercepted”
Bah, this is no news, I go through those regularly. Now he’s confusing NSA surveillance with the Internet. /s
This is the problem with the DOJ going after the ‘Dark Net’. They cannot tell the difference between the actual Dark Net and the NSA stream.
Pre-Internet, telco employees would routinely get their jollies by monitoring late night bedroom conversations… phone sex, essentially. According to people I knew, CO (central office) technical staff were expected to monitor “line quality” by listening to random calls; and once you found something steamy, the monitoring might just go on and on and on. Ahh, good times.
Re: Old-school version
It gets worse than that. Many people kept telephones next to their bed, and the vibrations from their voices could easily be picked up by their phones sitting just a foot or two away, and their ‘bedtime’ conversations transmitted down the copper wires. It’s not unlike those things we did as kids, like putting your ear against a (sheetmetal) HVAC vent and clearly hearing people talk from the far side of the building. People don’t seem to realize that metal transmits sound extremely well, and all the wires, pipes, and ducts in a building can easily be employed as ready-made listening devices.
Just like the NSA, I’m sure there must be plenty of telephone company workers with some wild stories to tell.
So let’s get this straight. If I pass around a sexually explicit photo at my job, I will get fired for sexual harassment, and creating a hostile work environment. But if I worked for the NSA.. .then all is well, right? Where do I sign up for this job?
I believe you have to sign a contract with the red horny one.
> That was revealed years before Snowden even worked for the NSA.
Should be, “That was revealed years before Snowden even worked for the NSA contractor, Booz Allen Hamilton.”
The NSA directly supervised him. He worked for the NSA as a contractor.
And this is what Whatever supports?
please stop making out that GCHQ and the NSA are evil! I mean, if you’ve done nothing wrong you’ve got nothing to hide. Stands to reason.
I just sent out a bunch of naked pictures of myself.
Take that you NSA spying bastards!!!
If we can strike them all blind with appalling naked pictures then we could make a great leap forwards for civil liberties.
I hope you did a search for encryption technology first, to guarantee they spied on you. “What is TOR?”
Re: Re: Re:
You are all extremists. Click this link to find out why.
Ha ha. By clicking on that link, the NSA now considers you an extremist and is targeting you. This is way better than a rickroll. ::trollface::
No worries. Those photos are nothing to hide, right?
And if any of those pics are under the age of 18?
Oh my!! Somebody is in big trouble…er alot of people.
Hopefully this will be useful for getting the puritan crowd on our side. Unconstitutional spying is well and good to them, but naked pictures? It fits with the Bill Clinton precedent of illegitimate sex life being impeachable, war crimes not.
“Snowden Says NSA Employees ‘Routinely’ Passed Around Naked Photos That Had Been Intercepted”
but those pictures were passed around for security purposes. Think of it this way. If a doctor has a patient profile and he’s not sure what’s wrong with the patient or is not sure what treatment is best s/he may consult with other doctors to help diagnose and treat the patient. This is the same thing!! See, some TSA agents may not be sure if there is something in the photo that poses a threat so they pass around these pictures to other experts to get a second opinion. It’s for your own security!!
(oops, I meant NSA, though I’m sure the TSA does the same thing for similar reasons).
TITS OR GTFO!
I for one, would like examine the evidence!
My favorite part of the interview is when Snowden suggested that Dropbox is probably a PRISM wannabe and that NSA-loving Condoleezza Rice is on Dropbox’s Board of Directors.
Snowden is then asked if he uses Google or Skype for private conversations, and bursts into laughter at the thought. Snowden’s a wise individual.
He then goes on the recommend SpiderOak for cloud storage, due to their Zero-Knowledge encryption system. I used SpiderOak for a while. It’s a great service.
Unfortunately SpiderOak has offices in US jurisdiction. Which means they’re subject to secret National Security Letters.
Once the Snowden stories broke, I decided to stop using SpiderOak. Every US company is required by law to assist the US federal government, or face prosecution.
That means SpiderOak can be compelled to push out software updates that target individual users. That update would then log a user’s password from their keyboard, which would then allow the NSA to decrypt everything because all SpiderOak user keys are stored (encrypted by your plain text user password) on SpiderOak’s servers.
Even if user keys weren’t being stored on SpiderOak’s servers in encrypted format, it still wouldn’t make a difference. The National Security Letter would just force SpiderOak to grab the user’s key off their personal computer and upload it somewhere. Just like the above scenario. Via a customized, targeted software update that steals the key off a user’s computer.
SpiderOak stores user keys (encrypted) on their servers, in case a user’s hard drive crashes. Normally SpiderOak never sees a user’s password. User passwords are never sent over the wire in plain text. Even if SSL/TLS is used, a plain text password still isn’t being sent using SSL/TLS.
Only a salted hash of the user’s password is sent to SpiderOak in order to authenticate the user. If the hash matches what SpiderOak has on file, then SpiderOak sends the user’s key back to them. Then the user decrypts the outer encryption layer around their key, locally on their own computer, by typing in their plain text password. They now have access to the symmetric encryption/decryption key and can encrypt/decrypt files in their SpiderOak account.
It’s an impressive design. Unfortunately they’re not immune to National Security Letters that force them to log a user’s plain text password, by pushing out a keylogger update to targeted users if compelled to do so in secret from a Nation Security Letter. No US company is immune to that requirement.
Any good non-US alternative?
Being outside the US doesn’t seem to matter much either.
So kenichi tenaka, do you still think NSA spying is no problem if you’re not a terrorist?
He’s probably fapping away at the thought.
"auditable" doesn't mean there are audits
It’s great to make things “auditable”, but you still aren’t going to find problems unless you actually do audits…
Re: "auditable" doesn't mean there are audits
…and do it on contractors as well as “our people.”
how odd… it appears that the cadre of security apparatus white-knighters all took the same day off….
There's a cool FOIA request
here’s a cool FOIA request.
I want copies of all emails from any NSA employee toe any other NSA employee that contain attachments which might reasonably be considered NSFW images.
We’ll just select the time period when Snwden was working there.
Re: There's a cool FOIA request
“There’s no central method to search an email at this time with the way our records are set up, unfortunately“.
Snowden to be romantic and idealistic identity. In Russian hackers usually work on bandits and terrorists. In America, the hackers are working highly paid experts. Protecting Data from all the intelligence world – a complex and expensive project. Do not quite understand how he he is going to solve this problem. Where will the money or assistants?
About Snowden and Russian hackers – article (in Russian).