Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy

Looking Back at the Snowden Revelations (cryptographyengineering.com) 105

Matthew Green, a cryptographer and professor at Johns Hopkins University, writes: So what did Snowden's leaks really tell us? The brilliant thing about the Snowden leaks was that he didn't tell us much of anything. He showed us. Most of the revelations came in the form of a Powerpoint slide deck, the misery of which somehow made it all more real. And despite all the revelation fatigue, the things he showed us were remarkable. I'm going to hit a few of the highlights from my perspective. Many are cryptography-related, just because that's what this blog is about. Others tell a more basic story about how vulnerable our networks are.

"Collect it all"

Prior to Snowden, even surveillance-skeptics would probably concede that, yes, the NSA collects data on specific targets. But even the most paranoid observers were shocked by the sheer scale of what the NSA was actually doing out there. The Snowden revelations detailed several programs that were so astonishing in the breadth and scale of the data being collected, the only real limits on them were caused by technical limitations in the NSA's hardware. Most of us are familiar with the famous examples, like nationwide phone metadata collection. But it's the bizarre, obscure leaks that really drive this home. "Optic Nerve": From 2008-2010 the NSA and GCHQ collected millions of still images from every Yahoo! Messenger webchat stream, and used them to build a massive database for facial recognition. The collection of data had no particular rhyme or reason -- i.e., it didn't target specific users who might be a national security threat. It was just... everything.

This discussion has been archived. No new comments can be posted.

Looking Back at the Snowden Revelations

Comments Filter:
  • Still pertinent (Score:4, Interesting)

    by Empiric ( 675968 ) on Monday September 30, 2019 @10:41AM (#59252698)

    "Men judge generally more by the eye than by the hand, for everyone can see and few can feel. Every one sees what you appear to be, few really know what you are."

    --Machiavelli

    • Re:Still pertinent (Score:5, Insightful)

      by Anonymous Coward on Monday September 30, 2019 @11:05AM (#59252786)

      Power corrupts, absolute power corrupts absolutely.

      Some day there is going to be a man sitting in my present chair who has not been raised in the military services and who will have little understanding of where slashes in their estimates can be made with little or no damage. If that should happen while we still have the state of tension that now exists in the world, I shudder to think of what could happen in this country ~ Dwight D. Eisenhower

      You know how impossible it is, in short, to have a free nation if it is a military nation and under military orders ~ Woodrow Wilson

      In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists, and will persist. ~ Dwight D. Eisenhower

      The very word 'secrecy' is repugnant in a free and open society; and we are as a people inherently and historically opposed to secret societies, to secret oaths, and to secret proceedings. ~ John F. Kennedy

      Power corrupts, and there is nothing more corrupting than power exercised in secret. ~ Daniel Schorr

      The liberties of a people never were, nor ever will be, secure, when the transactions of their rulers may be concealed from them. ~ Patrick Henry

      • by Anonymous Coward

        "Since I entered politics, I have chiefly had men's views confided to me privately. Some of the biggest men in the United States, in the field of commerce and manufacture, are afraid of something. They know that there is a power somewhere so organized, so subtle, so watchful, so interlocked, so complete, so pervasive, that they had better not speak above their breath when they speak in condemnation of it." ~ Woodrow Wilson

        "Behind the ostensible government sits enthroned an invisible government owing no alle

      • We give away more and more freedom each day in the name of security.
  • Keep *everything*.
    You can always sort it out later.

    Adding exceptions also takes work.
    While just spying on everyone is easier, if you got the budget.

    None of that isn't a crime in any civilized state, of course.

    • by tinkerton ( 199273 ) on Monday September 30, 2019 @11:01AM (#59252772)

      There is a good argument to be made that the CIA and the NSA carry the main responsibility for 9/11 (without actually organizing it or deliberately letting it happen)
      The CIA by protecting Atta's team from the FBI because the CIA had their own plans to infiltrate Al Qaeda and they weren't interested in domestic security. Let the FBI fix their own problems, we're not helping them.
      The NSA by going all out on the big budget 'collect it all' approach which would allow them to sort things out later but blinded them to what was going on at the moment.

      The solution after 911 was 'we need to give these institutions more power to do whatever they like' . That lacks all good sense and contributed significantly to the current permanent war state.

      • There was also the matter of policy established in 1995 [fas.org] that effectively forced any information the CIA had to funnel it through a convoluted maze of Courts and US Attorneys instead of handing it straight to the FBI - and vice versa. That created and codified a highly dysfunctional system for intelligence sharing.
        • And how relevant was this matter?
          Conclusion page 35: The information sharing failures in the summer of 2001 were not the result of legal barriers but of the failure of individuals to understand that the barriers did not apply to the facts at hand. Simply put, there was no legal reason why the information could not have been shared."

          And the report is being too nice there.

      • "There is a good argument to be made that the CIA and the NSA carry the main responsibility for 9/11 (without actually organizing it or deliberately letting it happen)"

        9/11 was a CIA operation. The mission goals were achieved with resounding success.

        • I think that theory lacks imagination. But 'helping Al Qaeda while they are preparing 9/11' does come pretty close.

      • by Agripa ( 139780 )

        There is a good argument to be made that the CIA and the NSA carry the main responsibility for 9/11 (without actually organizing it or deliberately letting it happen)

        And yet none of their failures would have mattered if Congress had not deliberately stripped the militia of its power. And even doing that was not enough to allow one of the planes to make it to its target which is a shame given that the target was likely Congress.

        Since Congress had the authority, it was their responsibility. That includes the entirety of both parties.

  • by ghoul ( 157158 ) on Monday September 30, 2019 @11:13AM (#59252822)

    Prior to Snowden the American Intelligence and Security communities had an attitude "Our shit doesnt stink" or in more polite language "Trust US. We are from the govt and we are here to help you".
    Snowden leaks showed people working at NSA were just lazy and would rather embed backdoors into commercial American software and hardware than try and get the intelligence in other ways.
    This reduced the brand value of American software and hardware and probably a big reason that the world is shifting to Huawei away from Cisco.
    The reasoning goes - "if we are going to be spied on anyway than lets get the Chinese stuff which is cheaper and faster then the overpriced American stuff"
    Once again big govt has kicked American private industry in the nuts.

    • Re: (Score:2, Insightful)

      by geek ( 5680 )

      We KNOW American shit stinks. We've known since the 60's. Conspiracies have a funny way of proving true, just look at the JFK assassination. JFK literally made comments before his death that the CIA should be disbanded. Then poof, his head's blown off by someone who just so happened to have been trained by the CIA.

      Everyone knows, most are afraid to say.

      • [JFK]

        "head's blown off by someone who just so happened to have been trained by the CIA"

        There is no credible evidence that Lee Harvey Oswald was ever trained by the CIA. Your conspiracy theory is obviously baseless.

        • "There is no credible evidence that Lee Harvey Oswald was ever trained by the CIA. Your conspiracy theory is obviously baseless."

          Why do you assume that Lee Harvey Oswald blowed off JFK's head? Were you a witness to the event?

          • Why do you assume that Lee Harvey Oswald blowed off JFK's head? Were you a witness to the event?

            Damn straight.
            Hillary Clinton shot him.

    • I don't think "lazy" is the right word, if anything they were overzealous in gathering electronic intercepts by literally any means possible, even if they had neither a use for the info that was collected, or even the means to process it. Also I seriously doubt you need to look beyond cheaper to explain a move to Chinese manufacturers.
  • by Ksevio ( 865461 ) on Monday September 30, 2019 @11:18AM (#59252844) Homepage
    It also goes to show how the whistle blower process works legally and illegally. Snowden went the illegal route, the information was revealed and meaningful change came from it. Much more of the web is encrypted in direct response to the revelations. He personally lives in exile now and people accuse him of treason, but at least the revelations were useful.

    On the legal path, we had someone go through the process who the president is still accusing of treason and is basically living in hiding, but also the hearings last week revealed the House intelligence committee regularly receives these complaints - so much so that they said the most recent one was out of the norm. Maybe congress has been quietly fixing the issues of all these complaints, but I really doubt it.
    • Snowden tried the legal approach:

      Snowden says he gradually became disillusioned with the programs with which he was involved and that he tried to raise his ethical concerns through internal channels but was ignored.

      https://en.wikipedia.org/wiki/... [wikipedia.org]

      The longer, detailed version from the Wiki:

      Snowden has said that he had told multiple employees and two supervisors about his concerns, but the NSA disputes his claim.[71] Snowden elaborated in January 2014, saying "[I] made tremendous efforts to report these prog

  • :-) Heh, not at all, sir. It always was plain as day. He only confirmed what we already knew, just by observing, and a bit of paranoia to keep us alert.

    Obviously the revelations still have no affect. Reelections rates remain at 95%...

  • No one lost their job.

    No one was hauled before Congress.

    The only person in trouble from this is the whistleblower !!

    This makes it very hard for me to trust the government.
    • by Oswald McWeany ( 2428506 ) on Monday September 30, 2019 @12:10PM (#59253018)

      The only person in trouble from this is the whistleblower !! This makes it very hard for me to trust the government.

      Aye, and here we are several years later; another government whistleblower and the president is essentially saying that this whistleblowing is treason and whistleblowers should be killed. "we used to handle treason differently" (we all know what that is code for- death penalty is only penalty for treason).

      How are we doing as a democracy when one whistleblower (Snowden) gets chased into Russia by one administration; and another whistleblower gets threatened with murder by the President of the next administration? These whistleblowers are the heroes who risk everything to reduce corruption and the country treats them like shit.

      • Re: (Score:3, Insightful)

        by meta-monkey ( 321000 )

        another whistleblower gets threatened with murder by the President of the next administration?

        Because this "whistleblower" isn't blowing the whistle on anything illegal? It's just the "intelligence community" leaking for partisan political reasons.

        These whistleblowers are the heroes who risk everything to reduce corruption and the country treats them like shit.

        Trump was trying to investigate the corrupt actions Joe Biden took in Ukraine and I think the Democrats' response is, yeah, "treating him like shit."

        • Honestly, I don't think there is enough evidence in the whistleblowers report, or the transcripts to impeach Trump. I do think Pelosi's decision to act is mainly political.

          So what? That does not give Trump the right to try and threaten the lives of heroes who report what they perceive as injustices and flaws in the democratic system. We have a constitution and precedent of how things should proceed. We should follow them. Trump's reaction, trying to suggest the whistle blower should be killed goes agai

          • That does not give Trump the right to try and threaten the lives of heroes who report what they perceive as injustices and flaws in the democratic system.

            Except that's not what happened. This "hero" you speak of didn't hear anything first-hand. Someone else *told* this "hero" they heard something. This "hero" was given very explicit instructions by someone (or various someones) with a great deal of legal expertise on exactly what to say, how to say it, and who to say it to. Whoever instructed your "hero" is using them to accomplish something they themselves are unwilling to take responsibility for, likely because the Ukrainian "story" would be revealed f

            • Except that's not what happened. This "hero" you speak of didn't hear anything first-hand.

              Does that make it acceptable to threaten a whistleblower, if they don't witness something first-hand and only know about the incident from a secondary source?

              The issue at hand here is not about whether or not Trump is guilty of pressuring Ukraine- that's a topic that will be no doubt discussed in a thousand other forums (and I really don't care if he is guilty or not for the purpose of this thread).

              Staying on topic here for this thread, the issue is; should whistleblowers be protected?

              The answer is Yes, the

              • Re: (Score:2, Troll)

                by meta-monkey ( 321000 )

                Yes, whistleblowers who blow the whistle on illegal activity should be protected. Leakers who spill secrets about activities that are not illegal for political reasons should be nailed to the wall. If you're going to leak the contents of a conversation between the President and another world leader, the conduct better be Capital B Bad. Otherwise, great, you've just ruined the ability for world leaders to talk to the President candidly. Now they have to assume whatever they say to the President is going to w

                • It's hard to draw the line between them. Surely nearly everything pertaining to a president can be painted in a partisan light if you choose to.

                  I'm also pretty inclined to believe that there is something here. Trump has pretty much threatened to kill this whistleblower. I can't say I've been in any remotely comparable situation, but I can't see why I'd seek out vengeance on someone who obviously didn't have anything of value on me.

                • Yes, whistleblowers who blow the whistle on illegal activity should be protected. Leakers who spill secrets about activities that are not illegal for political reasons should be nailed to the wall.

                  Can you point to the trial that decided that this whistleblower has done anything illegal? "Pointing out potential abuses made by a candidate you personally like" is not "illegal"- it certainly doesn't warrant death-threats from the President.

                  If there is nothing to this case it should blow over; it's never acceptable to threaten whistleblowers.

                  • "Pointing out potential abuses made by a candidate you personally like" is not "illegal"

                    It is when the "potential abuses" are classified. Conversations between the President and other world leaders are classified Secret. If you're going to leak classified information to the press, it better be more than "potential abuses." It was not. Trump did nothing illegal or abusive in the conversation with Zelensky. You do not get the whistleblower protection when you're not blowing the whistle on anything illegal.

                    it certainly doesn't warrant death-threats from the President.

                    Then it's a good thing he didn't get a death threat from the President.

                    • It is when the "potential abuses" are classified. Conversations between the President and other world leaders are classified Secret. If you're going to leak classified information to the press,.

                      He didn't leak anything to the press; he followed the correct and legitimate procedures for whistle blowers.

                      Then it's a good thing he didn't get a death threat from the President.

                      Don't be obtuse. "treason" and "we used to handle treason differently" - everyone knows what he is implying. He also hasn't done anything to try and stop the people trying to raise funds so they can "track down the whistleblower". He's deliberately stirring the pot and trying to make it a threatening environment for the whistleblower or any future whistleblower.

                      Look, the problem here is that you're

                    • He didn't leak anything to the press; he followed the correct and legitimate procedures for whistle blowers.

                      This is woefully naive. The entire point was to get this to Schiff so he could leak it.

                      Say Warren, or Bernie, or Biden were to win the election and had their own skeletons to hide, you would want them prosecuted wouldn't you?

                      If they did something illegal, yes. However, if they just started leaking secret information about Warren, Bernie or Biden doing something legal but embarrassing or politically damaging I would be very mad at them, because they're wrecking the whole system for everybody for their short-term political gain.

                      Do you understand the difference? Trump did not do anything illegal or even unseemly [slashdot.org].

          • Trump saying that spies and traitors used to be executed is not a threat - unless you also think that all these people saying that Trump should be thrown in jail are also making threats.

            Both are referring to end outcomes of a legal process. And referring to that legal process and its outcomes is a constant refrain of every prosecutor, politician, police officer, lawyer, or even judge. When someone says that a contract breaker should lose money, are they advocating robbery? When a lawyer tells a witness t

        • For the sake of argument, let's assume that everything Trump asserts or insinuates about Biden and this case is 100% true.

          Assuming you've read the transcript (which you should; it's not long, it's important for context, and it could potentially be a large part of our historical record going forward; plus, Trump has personally asked you to read it), you will know that directly following the Ukrainian President's request to start receiving missiles again (Trump cut them off earlier in the year), Trump asks
        • Because this "whistleblower" isn't blowing the whistle on anything illegal?

          If Trump was attempting to get dirt on a political opponent from a foreign national, that's a violation of campaign finance laws, a felony. If he was offering compensation for it, that probably also makes it bribery. Or maybe extortion.

          We'll see what the truth of the allegations is, probably, but what the whistleblower has alleged is definitely illegal. Unless you're taking the position that the president can't be indicted so nothing he does can be illegal?

          • If Trump was attempting to get dirt on a political opponent from a foreign national, that's a violation of campaign finance laws, a felony. If he was offering compensation for it, that probably also makes it bribery. Or maybe extortion.

            Hillary Clinton and the DNC hired a lawyer to pay a foreign national (Steele) who paid Russian intelligence officers for dirt on a political opponent. This is not a violation of campaign finance laws because she paid for it. This might be unseemly, but there is nothing illegal about it. It's only illegal to get stuff from foreigners if you don't pay for it, then it's an illegal campaign contribution (on their part). I have no idea where you get "bribery" from, that's just paying for goods purchased. When yo

            • Hillary Clinton and the DNC hired a lawyer to pay a foreign national (Steele) who paid Russian intelligence officers for dirt on a political opponent. This is not a violation of campaign finance laws because she paid for it.

              I'm not sure this is entirely true as stated, but I'll assume it is for argument. Yes, buying political research with legitimately (domestically) contributed campaign funds, properly accounting for both the origin and the destination of the expense is entirely legal. It's ugly, and perhaps it ought not to be legal, but it is. It's also not remotely related to what Trump did.

              I have no idea where you get "bribery" from, that's just paying for goods purchased.

              From (possibly) tying the delivery of hundreds of millions of dollars in foreign aid and military equipment to the digging up of sai

      • You just mentioned the current President, while we are talking about Snowden, who was hired in 2013 (Obama Admin), leaked in 2013 (Obama Admin), charged in 2013 (Obama Admin). If that isn't deflection, I don't know what is. Why not mention that Snowden criticized Obama for continuing the surveillance state Dubya had. Perhaps it was because you remember as recently as the last election Obama was using that same surveillance state to spy on his party's opponent in the last election using information from a fo
        • You just mentioned the current President, while we are talking about Snowden, who was hired in 2013 (Obama Admin), leaked in 2013 (Obama Admin), charged in 2013 (Obama Admin). If that isn't deflection, I don't know what is. Why not mention that Snowden criticized Obama for continuing the surveillance state Dubya had.

          Your comprehension skills are pretty bad. I specifically mentioned that we had a failure to protect whistleblowers in two separate institutions; both the current and the previous. I couldn't give a fuck about Republicans or Democrats or your partisanship, stop protecting bad behavior just because it is from your party. Both have been negligent in protecting whistleblowers unless it has been politically convenient for them to do so. What you allow one side to do, the other will try to do next.

          The Trump e

    • Reforms were made at the CIA and NSA (and probably other government agencies) in regards to how classified material is accessed and how their cyber security is setup. It still isn't perfect, and it does slow things down compared to how it was in the past, but it is better.

  • I remember seeing a lot of the things he revealed mentioned on Slashdot by people before Snowden went live with it. The difference is, the people saying about how big the spying were on here had no evidence and "could have been tin-foil hat types"; Snowden gave evidence. Snowden made what a lot of people on here suspected seem real to everyone and showed us, the tin-foil hat people were right in how bad the government was abusing it's power.

    • by Agripa ( 139780 )

      I remember seeing a lot of the things he revealed mentioned on Slashdot by people before Snowden went live with it. The difference is, the people saying about how big the spying were on here had no evidence and "could have been tin-foil hat types"; Snowden gave evidence. Snowden made what a lot of people on here suspected seem real to everyone and showed us, the tin-foil hat people were right in how bad the government was abusing it's power.

      There was evidence outside of Snowden including the NSA controlling the committee responsible for IPSEC, Dual_EC_DRBG, and everything leading up to Congress passing telecom immunity. And nothing has changed for the better in Government since these things or Snowden's revelations.

  • "But even the most paranoid observers were shocked by the sheer scale of what the NSA was actually doing out there. " -- Uh, no we weren't. The NSA has been spying on all communications overseas prior to digital communications and spying on all digital communications. First it was SHAMROCK, then it was ECHELON, then it was PRISM. I could be swapping the names because at the end of the day it was always the full telcos giving the government unfettered access as Mark Klein alleged. Dubya and Obama gave the
  • In retrospect, mass surveillance was rather predictable. The task of preventing another 9/11 is unimaginably difficult. Yet there had never been more money and mandate for it. What else were they going to spend it on?
  • In a way, the leaks really ended up being more of a cautionary tale for leakers than anything else. It is unlikely that the CIA or NSA have changed their practices much, and the decision makers are probably all still in power. On the other hand, the life of the leaker has been pretty ruined... so it sends a strong message of 'don't embrassas the US, it will not change anything and either we or our partisans will make your life difficult'.
  • The government spying on me has had no impact because I am not a terrorist or planning anything bad. If Snowden had proof that it was being used to target political opponents or to create a database of political party loyalty, that would have been something. Or wait, that is what Facebook did and sold it to the current administration (they would have sold it to Clinton too, but they didn't know what they were doing on-line and thought they had it won). And SAP and IT organizations spying on workers is go

  • At 75 I doubt I'll be around to vote for Snowden for President. Perhaps one of you young guys could do me that favor. Thanks!

No man is an island if he's on at least one mailing list.

Working...