Ex-NSA Employee Gets 5 Years In Prison For Taking Home Top Secret Files (cnet.com) 174
Former NSA employee Nghia Hoang Pho, 64, was sentenced to five and a half years in prison for taking top secret U.S. defense files to his home. Pho pleaded guilty in December to willful retention of national defense information, the U.S. Justice Department said in a statement. The maximum sentence for this crime is 10 years, but prosecutors were recommending a sentence of eight years. CNET reports: Pho, a naturalized U.S. citizen originally from Vietnam, worked in the NSA's Tailored Access Group, the agency's team that focuses on tools that can directly hack surveillance targets. Between 2010 and March 2015, Pho took home paper and digital copies of U.S. government documents and writings that contained national defense information on them, the Justice Department said. Pho reportedly had antivirus software from Kaspersky Lab on his home computer network and the software scooped up the top secret information as part of its virus scanning process. Kaspersky has acknowledged that its software lifted hacking tools from a home computer in 2014 but said it wasn't part of an intentional effort to steal information from the NSA. Pho said in court he took the materials home so he could put in more work to earn a promotion, according to CBS Baltimore.
Comment removed (Score:5, Insightful)
Re: (Score:3)
Only place where bringing home work with you would mess that more would be if you're OB/GYN....
Re: (Score:2)
"I go with my wife to hers (male)."
So. Much. Confusion.
Re: (Score:2)
"Sheâ(TM)s a girl (male)."
She. The wife, or the Gyno?
And of course the other question...
Re: (Score:2)
Clarity.
One rule for the rank and file... (Score:1, Insightful)
...another rule for Hilary.
Re: (Score:1)
Elite status has it's perks.
Seriously, this IS the same kind of thing, putting classified information on unclassified computers. I don't know if Hillary actually was the one who copied the classified stuff down, but it was on her unclassified E-mail system and apparently she sent and received such information.
I suppose the "ignorance" defense, "I didn't know it was classified" is worth something, but if this guy gets 8 years, shouldn't those responsible for the classified information on Clinton's E-mail
Comey said as much (Score:5, Informative)
"There is evidence to support a conclusion that any reasonable person in Secretary Clinton’s position, or in the position of those government employees with whom she was corresponding about these matters, should have known that an unclassified system was no place for that conversation.
"To be clear, this is not to suggest that in similar circumstances, a person who engaged in this activity would face no consequences. To the contrary, those individuals are often subject to security or administrative sanctions. But that is not what we are deciding now.
Re:Comey said as much (Score:5, Insightful)
I'm glad someone mentioned Hillary. She did the same thing as this convicted felon, but faced no consequences. (Even a trial that ended "not guilty" would have been better than nothing.)
Two justices exist in this world: Us and them. Us get punished and Them rarely do, even when they break the same laws.
Re:Comey said as much (Score:5, Informative)
Worse yet, there wasn't even a real investigation. Just preemptive exoneration before she had even been "interviewed" (The quotes around interview are justified in that when an interview finally was done, she was not under oath, as is normal practice in cases involving Top Secret/SCI information...)
Re: (Score:1)
false equivalency. drumpf fellates our enemies. That is who you choose, daily. You daily chose a cocksucker cuck.
Re:One rule for the rank and file... (Score:5, Insightful)
The ignorance defense wasn't worth shit, as the documents found had the classification markings still on them. There's no chance you become Secretary of State without being able to recognize a classification marking, and receive training on the proper care and handling of documents with those markings.
This is completely a double standard.
Re: (Score:2, Insightful)
Even ignoring that, she should have been brought up on obstruction of justice charges for "losing" all those files that would be needed to assess the situation. She also likely violated the law with regards to public records as those records should have been screen to verify that there weren't any public records involved. While many of those emails were classified at the time, there were others that won't and classified documents frequently get declassified in the future when they're no longer deemed sensit
Re: (Score:2)
Mutually Assured Destruction (MAD). If Hillary goes down, the DNC dumps it's dirt, then the RNC dumps it's dirt.
Why isn't Cheney is prison? Same answer.
Think of it as a reboot of American politics. We can hope.
If you don't get this, you don't get the internal R stress. Why Sessions is there, just to start.
Also expect Trump's behavior to change if the DNC ever gets actual dirt on him.
Re: (Score:2)
Both parties have large groups of 'dumb as rocks' partisans.
They can and are 'weaponized' by the other side. The left is just mid tantrum.
At the top, they know the 'other side' has them by the short and curlies. But they also know the 'other side' is a show and is in fact them.
I still have hope the 'moron chanters' will trigger 'the big dump', if not, there is always the 'moron thumpers'.
Re: (Score:2)
Nah, the Kavanaugh thing is completely about filibustering, even though they can't actually filibuster. They want to throw as much FUD as they can on it, and pray that the public raises a stink and wants the FBI involved, so it can draw out until after the November election, and hopefully into the next Congress that hopefully has a different political division. They figure that with some luck, they take back the Senate in November and delay this thing into January, which means that seat on the bench stays
Re: (Score:2)
To some extent, yes, there is a double standard. But consequences matter, too.
If you're texting while driving and a cop sees you, you get a ticket. If you're texting while driving and you run over a kid, you go to prison.
If you mishandle sensitive documents and your boss finds out, you get a reprimand. If you mishandle sensitive documents and they end up in Russia, you go to prison.
Is it fair? Not really, since the same negligence on your part can have vastly different punishments. But it is human nature, a
Re: (Score:2)
And even if they weren't the talking point was still deliberate misdirection. If Hillary, say, emailed the ambassador to Saudi Arabia about the war on Yemen, that conversation was inherently classified. It didn't have to wait for a state department flunky to mark it as such.
If the CIA manages to do a snatch-and-grab on Snowden, I hope he has the chutzpah to argue "it was ok to leak those document
Re: (Score:3, Insightful)
[One rule for the rank and file... ] ...another rule for Hilary.
History will judge Hillary and Bill and those who conspired with them, and it will not be kind.
Strat
Re: (Score:2)
History judges no one and no thing.
People, you and I for instance, consider history and make our own judgments. But the judgment of true justice is lacking in this example. No real consequences suffered, and the claim that this cost someone their opportunity to gain an office of the highest responsibility is even made betrays a misunderstanding of just how deep the betrayal was.
No, there is yet no justice in this 'matter'. And as such, it only encourages future abuses and betrayals. Even if somehow there is
alll because (Score:1)
Scooped Up Information cough cough (Score:5, Interesting)
Basically the kaspersky anti-virus tool picked up on hacking software by it's coding signature. Strings of code, designed to hack other computers, it is recognisable when you do scans, especially when you do https://en.wikipedia.org/wiki/... [wikipedia.org] ie sound likes, looks like, hacking code.
Now as it turns out when you scan for virusy like code, whether it is the tool to apply the code or the applied code itself, well, it's going to contain the same hacking code, be identified and been contained and a copy sent back for further analysis if you allow it. SO the twisty swervy version of that, ohh ahh, the Russians stole information (no the sent a copy of the code, containing hacking heuristics for further analysis, as the user agreed to when they installed the product).
The main reason the US government wants to ban kaspersky, it is the intention of the US government to back door all security software and obviously they will not be able to do that to a Russian program. Still not as bad as the wobbly told be the fellow claiming he took it home to do extra work on it, that near retirement, it was taken home to fund retirement in various non legal ways.
I will at least take the fellows recommendation for the use of Kaspersky software, why because clearly the NSA hates it, makes life all together too difficult for them. They much prefer software with individually identified security upgrades so they know exactly the user getting the security upgrade, to ensure they get a downgrade instead, instead of a lock and wide open back door but I suppose it's still better to allow those third grade anal retentive tech types to hack your computer to spy on nothing rather than have them kicking your front and back doors down, accidentally repeatedly shooting you and stealing your computers.
Re: (Score:2)
is the intention of the US government to back door all security software and obviously they will not be able to do that to a Russian program.
What Kaspersky should do is engage in Information Sharing with other non-US-based non-EU-based Antivirus companies and publicize that to ensure they can all detect the backdoors, and then "Ban Kaspersky" won't be a means to that end anymore.
Re: (Score:2)
Basically the kaspersky anti-virus tool picked up on hacking software by it's coding signature.
Actually, some antivirus programs like kaspersky double as a RAT [wikipedia.org]. From what I've read, when it detects files from a state-sponsored APT (in this case the NSA) it will open a line of communications and send a notification back to HQ. At that time they simply told the antivirus to send back all the files in the same directory. This is how they got a hold of all the tools.
The primary use of heuristic analysis in file scanning is to identify new versions/variants of an existing virus as it commonly generates
Re: (Score:2)
Proof? Talk is cheap.
Re: (Score:2)
Re: (Score:2)
You also don't "need" a condom. But it is still a very good idea to use one.
In this case the condom is the safe browsing and the antivirus software is aids medication.
Missing facts (Score:5, Interesting)
There IMHO some important facts missing in the description:
a) He did not have a Office license, so he downloaded a key generator.
b) The Kaspersky software would not let him run that generator because it considered it harmful
c) He disabled Kaspersky, ran the key generator and got his PC infected
d) He re-enabled Kaspersky, the software detected an infection and began looking for malicious files
e) The software found the NSA written malware and did exactly what it was supposed to do: it was configured to upload new suspicious files to Kaspersky.
f) The upload server was under surveillance by the Israeli secret service.
Re: (Score:1)
Why bother running an antivirus if you're just going to disable it to run malicious software in spite of its warnings
Is NSA really this incompetent that they'd hire a guy like this or is it just a psy-op
Re: (Score:2)
Re: Missing facts (Score:2)
Why bother running an antivirus if you're just going to disable it to run malicious software in spite of its warnings
Because a lot of the time the antivirus will "warn" you about software which poses no risk. I've had port scanner and such flagged as "hacking tools" and prevented from running. If you're certain that the software you're about to run doesn't actually pose a risk then it makes sense to temporarily disable the antivirus (or put in an exception rule if possible).
Re: (Score:2)
And then there are the PDF converters.
Re: Missing facts (Score:2)
A lot of the keygens and cracks are released by reputable groups and can be obtained through official channels, you dipshit. KMSPico gets flagged as dangerous regardless of whether or not it's actually doing anything harmful.
If I don't trust the source I'll run it in a VM instead, then scan the VM afterwards to see if the antivirus picks up a problem. 95%+ of the time there are no issues; it's just flagging the keygen itself as malicious.
Re: (Score:2)
You're 100% correct. Some people do infect the keygens with trojans but the legit copies of "Microsoft Toolkit" always get flagged as hacking software.
Re: (Score:2)
If you are a business owner, letting an employee run a keygen on company hardware is a literal nightmare.
The potential liability is bankrupting.
Re: (Score:1)
Because f wasn't the Israelis, it was the Russian FSB who has free access to everything that Kaspersky saw who promptly DL'ed everything and redistributed it through their "Guccifer 2.0" front blaming the NSA for leaking it.
The Israeli involvement is that they penetrated Kaspersky and saw the FSB doing it.
The Israelis didn't redistribute the NSA code to the public.
The NSA didn't redistribute the NSA code to the public.
The FSB redistributed the NSA code to the public.
Re: (Score:2)
Proof? Lots of claims but no one ever produces shit for proof.
the best and the brightest at the NSA (Score:2)
I'm glad to see that the NSA is hiring "the best and the brightest" when it comes to computer security!
Re: (Score:2)
Funny. Back in the day I used to run a simple machine in my lab just to use dodgy software. It suffered, as if you can call Windows ME anything else but suffering, so much that it often took hours to boot, more hours to deliver a usable cursor, and days to clean out and recover. Not a record, a client delivered us a Windows ME machine that took 6 hours to boot - we did that just to see. It was unfortunate. Just plugging your ME machine into your Internet router is, was, and always has been spectacularly ba
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Promotion (Score:3, Funny)
Pho said in court he took the materials home so he could put in more work to earn a promotion
He went from an NSA employee to a convicted felon. That's a promotion in status in my eyes.
Re: (Score:2)
True. A reasonably competent review should have resulted in several lateral arabesques.
just a lucky break then (Score:2)
Kaspersky has acknowledged that its software lifted hacking tools from a home computer in 2014 but said it wasn't part of an intentional effort to steal information from the NSA
just a lucky break for the Russians then....
Re: (Score:2)
Communism is for other people. Stupid git.
Don't work at home. Sleep at work. (Score:4, Insightful)
Yah. Perverse work morale.
I do feel sorry for this guy. OTOH, I hope he learns the lesson: If you kill yourself at work, your boss won't give a shit. If you don't kill yourself at work, (s)he won't, eiter. What to do?
Kill your boss, of course.
Re: (Score:2)
Re: (Score:2)
The government discourages working and also discourages 'attending' for more than 40 hours a week.
Lesson learned (Score:5, Interesting)
NEVER TAKE WORK HOME!
And nobody was interested if his name is pronounced Fa?
The lack of any apparent controls at the NSA regarding removing classified information should cause some serious investigations of the agency and it's processes.
Re: (Score:2)
And honestly pay for the software you want to use... Seriously, for all the abundance of comments here, no one mentioned the inherent dishonesty of his trying to crack Microsoft Office — and getting burned by the "free" tool he used to do it...
Re: (Score:2, Interesting)
Are you advocating that classified information should only be held by native americans? Because everyone else is descended from naturalized immigrants at some point...
Re: Lesson learned (Score:5, Insightful)
The Europeans who colonized the Americas by ship were no more "naturalized immigrants" than the Asians who colonized it by walking over the Bering Strait. Don't let your racist tendencies cloud your view of history.
Re: (Score:2)
He is advocating for the requirement to be "American by birth" — as a presidential candidates must be, for example — rather than by naturalization.
Re: (Score:2)
Curious Can the NOFORN classification be overridden by higher classifications? Hmmm...
I forget, does higher classification explicitly also enforce lower classifications? I think NOFORN is distinct from and parallel to Confidential, Restricted, and Secret. After that it gets more granular I think.
Re: (Score:2)
I saw it on Confidential and Restricted. I did not have TS clearance.
Re: (Score:2)
And yes, I entirely ignore Unclassified...
Re: (Score:1)
Re: (Score:2)
Not being a General mishandling document to his mistress. Being a peon, a plebeian, is hard. Fair!
Hint: google Petraeus.
Totally different! In this case it looks like someone stupidly broke security for the purposes of doing legitimate work at home, with no intention of letting anyone else see the information, while Petraeus intentionally gave classified info to someone who wasn't supposed to have it.
Of course the Director of the CIA intentionally giving classified info to someone else should be charged with a misdemeanor, while a lower level employee taking work home deserves jail time! We need to send a broad message to the
Re: (Score:1)
You remember wrong, citizen. All you saw was the light from Venus reflecting off a weather balloon.
Clinton (Score:1, Troll)
Re: (Score:2)
Re: (Score:3, Insightful)
The UN? Isn't that the place that puts countries like Saudi Arabia and Afghanistan on its "Human Rights Council"?
Getting laughed at by such a clown gathering is a badge of honor.
How to justify all the world's leaders laughing at your leader. If it's such a clown gathering why would he even show up? I guess I just answered my own question.
Re: (Score:3)
The UN may be a disreputable organization composed of mostly disreputable nations, but like it or not, we have to deal with the rest of the world, unpleasant as that may be.
Re: (Score:3)
The UN may be a disreputable organization composed of mostly disreputable nations, but like it or not, we have to deal with the rest of the world, unpleasant as that may be.
Yeah, it's just now the rest of the world is laughing at you.
Re: (Score:2)
"Now"? You are a bit unfamiliar with history, it seems. Politicians and intellectuals in the rest of the world have been laughing at the US since it was founded. It's not something Americans care about or should care about. Ordinary people (like myself) have voted with our feet.
Re: (Score:2)
"If it's such a clown gathering why would he even show up?"
Ah, but the worldwide audience. That's why.
No, not the privileged, the righteous, the ones who know better than you and the rest of the 43%. Sadly, many of those who needed to hear his address won;t be able to, for their leaders will not permit it.
Re: (Score:3)
Re: (Score:2)
Actually, you missed Huma and Anthony. And Lois, Loretta, Eric, Sally, John (Longface), Samantha, and Barack.
I'm certain I missed several.
Re: (Score:1)
Re: (Score:2)
Do you know how much money her handlers spent?
How much do you figure each of the other, possibly electable, Ds took to bow out?
How much do you figure each of the other Rs took to bow out or get 'put out' (to get her chosen opponent)?
She wasn't 'owed the job', but her owners had fucking well paid for it. You know they are PISSED.
Re: (Score:2)
Re: (Score:2)
Not ALL countries do this.
Just the ones who can.
Re: (Score:2)
Well, he can always get a pardon from Trump. He just have to become a rapist first, Trump only pardons rapists.
Trump Pardons:
Dwight and Steven Hammond - Both where convicted of Arson.
Alice Marie Johnson - non-violent drug offenses.
Dinesh D'Souza - Campaign finance violations.
Jack Johnson - posthumous, Mann Act Violations
Lewis "Scooter" Libby - Lying to the FBI.
Kristian Saucier - For taking photos of classified equipment.
Sholom Rubashkin - Bank Fraud, commuted sentence, conviction remains.
Joe Arpaio - Civil rights violations, as Sherriff.
I'm not seeing even one rapist here.. Did I miss somebody?