If Russian And Chinese Intelligence Could Supposedly Get Access To Snowden's Documents So Easily, Why Couldn't The NSA Figure Out What He Has?

from the allegations-are-great-if-you-never-have-to-prove-them dept

Democracy Now! recently hosted a debate between ardent NSA supporter Stewart Baker and whistleblower Daniel Ellsberg. The entire debate is worth watching/reading (a full transcript is provided) but Baker's opening statement reiterated a claim some NSA supporters have made in an effort to portray Snowden as at least an accidental traitor, if not a more deliberate conspirator.

What Edward Snowden did was quite deliberately change jobs to gather as much, perhaps millions of documents, from as many places as he could around the National Security Agency, but involving other agencies, as well. He stored them on a computer and handed them out to—who exactly, we don’t know, but certainly to journalists, and with controls that probably make it likely that sophisticated intelligence agencies have been able to get access to them, and allowed them to be disclosed at the journalists’ discretion, more or less with some guidance from Snowden.
Now, Baker may have misspoken when he said "sophisticated intelligence agencies have been able to get access to [the documents]," but if so, he was never questioned about it. The mention of "controls" would seem to indicate he meant "haven't" instead of "have" (it's "have" in both the transcript and the video), but its not as though this -- that the Chinese/Russians obtained access with or without Snowden's permission -- hasn't been heavily implied before. (And Baker does follow it by stating that the leaks damaged the NSA's ability to "keep an eye on Iranian and North Korean and Chinese and Russian operations.")

Reporter Kurt Eichenwald declared back in November that Snowden "left all of his documents in Hong Kong" and implied the whistleblower was working with the Chinese government. A former NSA official claimed Snowden was a Russian spy and was working in concert with Russian intelligence and Wikileaks to hand over his documents to the Russians. Others have speculated that Snowden's security measures had been subverted the moment he set foot in Hong Kong/Russia.

Back in the real world, the NSA still admits it has no idea what Snowden has in his possession. (Or, rather, what's been distributed to journalists around the world. Snowden apparently "divested" himself of his "holdings" before heading to Russia.)

The underlying implication of these claims is that even with Snowden trying to protect the documents, it's likely that intelligence agencies in these two countries were able to gain access. That claim is either a) ridiculous or b) an indictment of the NSA's internal security and hacking prowess.

If we're to believe the Russians or Chinese gained access before Snowden unloaded the document trove, the question becomes why hasn't the NSA -- arguably the top intelligence agency in the world -- been able to gain access? After all, our spycraft is the best spycraft and the NSA's tools are apparently some of the best in the world. And yet, even with an inside track -- its own internal systems -- the NSA still can't figure out what Snowden grabbed.

If the NSA can't get to Snowden, then it's unlikely any other intelligence agency did either. This puts those pushing this narrative in the position of claiming Snowden worked directly with foreign intelligence agencies to provide them with sensitive documents, an assertion that few of the NSA's most fervent supporters are reluctant to make.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 8:53am

    the answer is quite simple. they were too interested in making sure they knew what all ordinary people, including USA citizens, everywhere else, were doing and just ignored their own back yard!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 8:58am

    They can't get at the documents because they are Neanderthals who happened to come across a computer. Other intelligence agencies might be able to access the documents because they are not morons.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 9:18am

    I hold to a different theory.

    Snowden gave all his intel to the Norwegian intelligence agency, but, being intelligent, the Norwegians found the info to be so ordinary, so pedestrian - that US agencies are dicks, not out of meanness but just because they can be dicks, knowledge that only some americans find astonishing - that they threw all that stuff into a dumpster. The Chinese and Russians recovered the intel and are using it to swap jokes - how many NSA agents does it take to change a lightbulb, that sort of thing.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 21st, 2014 @ 10:20am

      Re:

      None, they use at least three contractors for that, each one a firm belonging to a person close to a congressional overseer.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 9:24am

    Every time you hear some public announcement dealing with Snowden from the government, the NSA, or the NSA apologists, it is nearly always coupled with some sort of slight or worse character assassination attempt. It always seems to couple in with covering up their own inadequacy.

    This is now the standard fare when the name Snowden comes up through official channels. What that tells me is they are butt hurt over what it's exposed and just how far they have exceeded their mandate.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Lance Bledsoe (profile), Feb 21st, 2014 @ 9:46am

    (typo)

    (That last line should read: "...an assertion that few of the NSA's most fervent supporters are willing to make" or "...an assertion that even the NSA's most fervent supporters are reluctant to make.")

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 10:17am

    > Baker may have misspoken when he said "sophisticated intelligence agencies have been able to get access to [the documents],"

    > The mention of "controls" would seem to indicate he meant "haven't" instead of "have"

    You are taking Baker's quotation way out of context and warping its meaning. The quotation in question is: "with controls that probably make it likely that sophisticated intelligence agencies have been able to get access to them."

    Allow me to translate: "if the controls are weak enough, or perhaps not understood well enough by the journalists, it's possible that sophisticated intelligence agencies have been able to gain access to them." My translation arguably still makes the assumptions and implications you are trying to force with your out-of-context interpretation, but you completely confused the meaning of Baker's words.

    > even with an inside track -- its own internal systems -- the NSA still can't figure out what Snowden grabbed.

    Let me give you an analogy. I have cash in my wallet. I don't know how much exactly, maybe a few 20's, maybe a few 1's. My wallet gets stolen. The thief knows exactly how much money I had in my wallet, but I don't.

    From a technical standpoint, unauthorized access to files on sensitive systems is frequently logged...but I've never heard of logging authorized access to files. If Snowden had authorized access—which it appears he was able to obtain—then there's no reason the NSA should know what Snowden took.

    Anothing thing to think about is the ease with which the NSA can access systems. It's very easy in the US; they just go up to a telco with a court order. What do you think would happen if a couple of FBI agents went up to a Russian telco, in Russia, with a court order? My guess is that the Russians have better access to their own telcos than the US and that the Chinese have better access to their telcos than the US.

    I think you really took on the worst quotations from the debate. There were a lot of other much better points you could have made, especially if you highlighted some of the things that Ellsburg said.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 21st, 2014 @ 10:51am

      Re:

      "I've never heard of logging authorized access to files."

      I have, on Linux systems in a bash shell type 'history' as a user. It will give you a list of all of the commands the user has typed in the shell. Sure there are other ways to access the files that don't get logged in the shell history but many of those other systems have logging mechanisms of their own.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 21st, 2014 @ 10:53am

      Re:

      I agree though, there is a lot juicier stuff in there. My favorite is at the end where Baker blames the FISC for 9/11.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Feb 21st, 2014 @ 11:06am

      Re:

      "From a technical standpoint, unauthorized access to files on sensitive systems is frequently logged...but I've never heard of logging authorized access to files."

      Sensitive systems log ALL accesses, authorized or not. It's often a legal requirement, called "audibility".

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 21st, 2014 @ 11:11am

        Re: Re:

        Except, apparently the NSA's. :P

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 21st, 2014 @ 11:17am

        Re: Re:

        the only reasons i can think that authorized access to files weren't being logged are A) plausible deniability and B) amateur hour

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 21st, 2014 @ 11:35am

          Re: Re: Re:

          Personally, I think they know what he got copies of, however to admit they know would invite the questions of how much and what else, which for them would invite awkwardness and more embarrassment so it's just easier for them to say they don't know.

           

          reply to this | link to this | view in chronology ]

          •  
            icon
            That One Guy (profile), Feb 21st, 2014 @ 12:54pm

            Re: Re: Re: Re:

            I really doubt they have any idea what exactly he grabbed actually, considering how many blatantly false statements they've put out, statements that were almost immediately shown to be lies with the next release of info on their actions.

            You do not flatly state 'I have not done X', when you know the other person has evidence to the contrary, and they've been burned on that several times, which is why they've moved to general statements with no hard yes/no's on what they've done.

             

            reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 21st, 2014 @ 12:04pm

        Re: Re:

        Ah, well, now I have heard of logging authorized accesses! ;)

        I have a question about such logging. Say I have root access to a linux machine. I can copy the contents of an entire block device with something like dd if=/dev/sda of=/dev/usb (assuming /dev/usb is some external device). That never touches the file system, so what would be logged?

        Also, I suppose, if Snowden had root access, he could just have deleted the pertinent entries in the logs when finished copying.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 21st, 2014 @ 12:07pm

          Re: Re: Re:

          Sorry, to clarify, I'd imagine it would log a large read from /dev/sda, but nothing else.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 21st, 2014 @ 12:15pm

          Re: Re: Re:

          history would show that you ran dd over the block. And history entries are numbered so if you delete some of them then there will be obvious gaps showing that they were deleted.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 21st, 2014 @ 12:51pm

            Re: Re: Re: Re:

            Here's a fun trick, stick HISTCONTROL=ignorespace in your .bashrc, put a space before a command, and it won't show up in your history. Of course, if you don't have write access to your history file, then you can't do that...but then you probably can't access juicy files.

            With root access, any sort of log or history system can be circumvented.

             

            reply to this | link to this | view in chronology ]

            •  
              identicon
              Anonymous Coward, Feb 21st, 2014 @ 1:35pm

              Re: Re: Re: Re: Re:

              Sure. With root you can do almost anything. And that is why on most big systems that have lots of users and sensitive data most of the admins don't even get root. They get sudo set up for the things that they need root level permissions to do.

               

              reply to this | link to this | view in chronology ]

        •  
          icon
          John Fenderson (profile), Feb 21st, 2014 @ 12:24pm

          Re: Re: Re:

          " I can copy the contents of an entire block device with something like dd if=/dev/sda of=/dev/usb (assuming /dev/usb is some external device). That never touches the file system, so what would be logged?"

          It depends on how the security of the system is set up. If everything is being logged, then your execution of that command would be logged.

          If it were a very high security system, that command would simply not be available for execution.

           

          reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 10:19am

    Let's give other intel agencies some credit

    The Russians and the Chinese have both long since demonstrated that they have serious spycraft skills. I'm sure that ANYTHING interesting that crosses the desks of people in the NSA or GCHQ is dutifully passed along to Moscow and Beijing, where it's also read. And vice versa.

    All these agencies are far too large to maintain effective operational security. Cut the NSA down to 10 people -- and then, maybe. But otherwise? There will be leaks and bribes, payoffs and slips, mistakes and disclosures, spies and counterspies, and everything else.

    None of this poses the slightest threat to anti-terrorist operations of course. The Chinese, for example, have a vested interest in protecting American property because they own a substantial chunk of it, and they'd prefer not to see their massive investments devalued by a bunch of whack jobs with a bomb or two. It's rather more likely that if they come into possession of some actionable intelligence that they might choose to save the CIA the trouble and take out a few bad guys themselves.

    So all this hand-wringing by NSA defenders is bullshit. I doubt anything Snowden walked out with was worthwhile to the Russians or Chinese because they've already got it.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 10:49am

    probably make it likely


    Probably likely? So there's at least a 51% chance it's likely? If "likely" is also 51%, that brings it to a 26% chance.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 11:38am

    How can the NSA NOT know?

    Given that the NSA is hoovering up all communications just in case it needs to reconnect the dots, why is it that they are unable to know what Snowden took and if he farmed it out to foreign intelligence agencies?

    Has Snowden really illustrated how ineffective having all those "dots" really is? Because if we can't expect them to be able to even audit their own systems effectively, how exactly are we supposed to trust that they'll be able to find anything REALLY important, like those dang turrorists?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 21st, 2014 @ 11:51am

    I agree with Clapper here. Got to assume worst.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Trevor, Feb 21st, 2014 @ 1:04pm

    Maybe they think it's like copyright, and wrongly think that if they don't keep saying this, they can't use it later...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 22nd, 2014 @ 12:16pm

    Maybe you missed that part where the NSA and co. is filled with incompetent idiots. They posted that pic of their new sat on twitter ffs.
    This whole "global monitoring" relies entirely on the law which forces US companies to let them in, there is no spy stuff here and they dont have to be good at their job to do this. All they need is a corrupt government.
    Not saying that the russian or chinese government is better, but they are definetly not as stupid as these guys

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Techdirt Reading List
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.