New York Times Suffers Redaction Failure, Exposes Name Of NSA Agent And Targeted Network In Uploaded PDF
from the make-sure-to-dot-all-i's-and-blot-out-all-sensitive-info dept
It appears as if the New York Times, in its latest publication of leaked NSA documents, failed to properly redact the PDF it uploaded, exposing the name of the NSA agent who composed the presentation as well as the name of a targeted network.
Cryptome seems to have been the first site that noticed the redactions that actually weren't, issuing a couple of tweets that informed its followers of this fact. This led to Bob Cesca at the Daily Banter turning the NYT's error into an anti-Snowden rant (which I found via F-Secure's blog) that decried everyone involved while "virtuously" refusing to name the entity that had discovered the poorly-done redactions (but including the uncredited tweets in full for easy searching).
As soon as the article was posted, someone from or associated with a popular cryptography website claims to have downloaded a pdf of the Snowden document from The New York Times and discovered that three of the redactions that were intended to obscure sensitive national security information were easily accessible by highlighting, copying and pasting the text. The poorly-redacted file was subsequently posted to the cryptography website, then promoted via Twitter. (We’re not going to post the name of the website that posted the file to protect the information contained within.)Cesca somehow feels the privacy of a single NSA agent trumps the public's interest in infringements on their own privacy -- not just here in the US but all over the world. Certainly, the New York Times should have made sure its redactions were actually redactions before publishing the document, but Cesca's hyperbolic attack isn't doing his side any favor.
So, the identity of an NSA agent is out there in public view within the same document in which a target of this program is named. All of this is due to the incompetence of whoever failed to properly redact the pdf before publishing it for the world to see — as well as for the aforementioned cryptography site to nab and republish it.'
This was bound to happen at some point in this ongoing saga: the name of an American agent has been leaked to the public via a document stolen by Edward Snowden. To add to the irresponsibility of how Snowden went about this operation, he distributed untold thousands of documents to a gaggle of technological neophytes who barely understand how to used Adobe Acrobat, much less the phenomenally complicated details of top secret NSA operations.
One agent's name was exposed, one who may not even be employed by the agency at this point. (The documents are from 2010.) The target revealed is nothing more than the Al Qaeda's "branch operation" in Mosul, Iraq. Al Qaeda has been the focus of counterterrorism efforts since before the 9/11 attacks and the revelation that the NSA is targeting mobile networks in Mosul shouldn't come as a shock to anybody, least of all Al Qaeda members.
This doesn't excuse the NYT's carelessness, however. It is disseminating some very sensitive NSA documents and should be ensuring any information it chooses to withhold stays withheld. But this error doesn't invalidate Snowden's exposure of the NSA's programs, no matter how Cesca (and those like him) spin it.
The NSA and other government agencies have suffered redaction failures as well, accidentally exposing information they would rather have withheld from the public. Does the government get held to the same standard by the NSA's booster club? Hardly. Humans make mistakes, no matter which side of this issue they're on.
[The original document uploaded by the NY Times is posted below (via Cryptome). To see the unredacted text, simply click on the Text tab.]