The US Intelligence Community has a Third Leaker

Ever since the Intercept published this story about the US government's Terrorist Screening Database, the press has been writing about a "second leaker":

The Intercept article focuses on the growth in U.S. government databases of known or suspected terrorist names during the Obama administration.
The article cites documents prepared by the National Counterterrorism Center dated August 2013, which is after Snowden left the United States to avoid criminal charges.

Greenwald has suggested there was another leaker. In July, he said on Twitter "it seems clear at this point" that there was another.

Everyone's miscounting. This is the third leaker:

Leaker #1: Edward Snowden.
Leaker #2: The person who is passing secrets to Jake Appelbaum, Laura Poitras and others in Germany: the Angela Merkel surveillance story, the TAO catalog, the X-KEYSCORE rules. My guess is that this is either an NSA employee or contractor working in Germany, or someone from German intelligence who has access to NSA documents. Snowden has said that he is not the source for the Merkel story, and Greenwald has confirmed that the Snowden documents are not the source for the X-KEYSCORE rules. I have also heard privately that the NSA knows that this is a second leaker.
Leaker #3: This new leaker, with access to a different stream of information (the NCTC is not the NSA), whom the Intercept calls "a source in the intelligence community."

Harvard Law School professor Yochai Benkler has written an excellent law-review article on the need for a whistleblower defense. And there's this excellent article by David Pozen on why government leaks are, in general, a good thing.

Tags: Edward Snowden, intelligence, leaks, NSA, privacy, surveillance

Posted on August 7, 2014 at 12:14 PM • 53 Comments

Comments

Chase • August 7, 2014 12:24 PM

Hi Bruce,

I have been following your work for a year or two and would like to say thank you for all the great work you do.

I also want to speculate on the third leaker. Given that Jeremy Scahill has been working with The Intercept (and given his recent work in Dirty Wars), I suspect he has sources in the NCTC and JSOC that likely provided the material.

Food for thought.

Greg Slepak • August 7, 2014 1:21 PM

How are we sure that Leaker's 2 and 3 aren't the same person?

Greg Slepak • August 7, 2014 1:22 PM

*leakers

Q • August 7, 2014 1:43 PM

@ Schneier on August 7, 2014 at 12:14 PM

The (mis)spelling of ¨Angela Merkle¨ (Angela Merkel) speaks for itself we think.

Nick P • August 7, 2014 2:28 PM

I'm with Greg: what evidence do we have they aren't the same? Manning leaked Army, State Department and other documents. Had he not been ID'd, Wikileaks could've said they had sources in each agency and nobody would've questioned it. Yet, it was just one guy. Later, Snowden uses both legitimate and illegitimate access to take all kinds of data. At that point, we know of two leakers and still know the second only because he ID'd himself.

Now, there's a new series of documents coming out. Once again, they represent a number of different programs and access to diverse source material. Previous leaks indicate it could be one person, two, or an unknown number of leakers. Even the recipients couldn't be sure of the leaker's identity unless the leaker used a very unique writing style (or unique address) for personal communications, which all recipients compared.

So, I'm wondering why anyone believes there is a "third" leaker rather than "two or more."

Bruce Schneier • August 7, 2014 3:08 PM

"So, I'm wondering why anyone believes there is a 'third' leaker rather than 'two or more.'"

Different types of documents. Different avenues of leaking.

Bruce Schneier • August 7, 2014 3:09 PM

"The (mis)spelling of 'Angela Merkle' (Angela Merkel) speaks for itself we think."

Indeed.

Fixed.

Thank you.

Apokrif • August 7, 2014 3:30 PM

"My guess is that this is either an NSA employee or contractor working in Germany, or someone from German intelligence who has access to NSA documents"

Is it likely that Germans intelligence officers could have access to documents about intelligence operations against their own country?

Bob S. • August 7, 2014 3:51 PM

Maybe 'leaker' is not the right term.

The Germans were quite annoyed by the Snowden Revelations yet at the same time have very close relations, intimate some say, with NSA and GCHQ. That's a tough spot. Thus the Germans might have done some planned, purposeful leaking to even the score.

I guess I am saying if the boss said it was OK to do it, it's not a leak.

Another possibility is dating of the documents. Maybe it was pre-dated or had a proposed release date, maybe there was a typo and so on.

If there are a couple more conscientious leakers none of us would be surprised. Indeed I am surprised there isn't a lot of data bubbling up from the swamp.

Millions of people have top secret clearances now, many of the background checks were shoddy, many workers are scofflaws owing back taxes and maybe some are simply very patriotic and don't like what they see.

Clearly going through channels to right the wrongs is a losing proposition.

Anyway, I suspect all will be known eventually. A problem with secrets: If you tell millions of people the secret, somebody is liable to find it out that isn't supposed to.

John Campbell • August 7, 2014 4:22 PM

Why is it that having a conscience only seems true in the USA? We don't see such crises of conscience from other nations, do we?

I don't know, but I believe that a refresh of Nuremberg's point that "I was only following orders" is not an adequate defense when you are doing something that would, in a wider purview be considered illegal.

I also know that some things HAVE to be done behind a veil; I don't know where the cut lines between transparency, translucence and opacity should be, for I think those lines vary with each of us.

IMHO the prosecution-- and, likely, persecution, too-- is just to keep the people still "within the walls" from acting up.

If the leadership isn't doing something wrong then they have nothing to be ashamed of, do they? If we're being told that we've nothing to worry about if we're not doing anything wrong, maybe a reminder that this little principle cuts both ways would be useful.

I know I have no answers... but there's sure a lot of questions!

Clive Robinson • August 7, 2014 4:30 PM

Hmm,

There is a fundemental rule of thumb that says in nature only three numbers make sense, zero, one and infinity.

That is, there is zero examples of something, there is a unique example of something and there are an uknown number of non unique somethings.

Thus I would suspect that there are an unknown number of leakers.

For instance if there are leakers in Germany, why take the risk of going outside the country, parts of the German press are way way better at handling this sort of thing than the UK's Guardian newspaper. Not being nasty about Mr Greenwald, but his level of OpSec leaves a great deal to be desired. And now he is in effect a self exiled celebrity geting any kind of data to him is going to be dangerous because he's almost certainly under the ICs microscope, as are those of one two and even three degrees away from him.

Also there is the issue of position in the hierarchy the higher up you are the more carefull you have to be about not just how but what you leak. Thus for a person with a foot in more than one camp, they would need to appear to be more than one person leaking information, and each identity would have to be camp related as any crossover would identify them as having access to more than one camp, which almost immediately rules out the majority of suspects...

To be a successful leaker who survives, you have to be either very carefull not to make a mistake that could identify you. Or you have to "fit up" one or more other people as "fall guys", so they get identified in preference to you and also act as an early warning system.

As Ed Snowden said the reason he outed himself was to protect others. As we subsiquently found he'd been fairly adept at stealing information via others credentials thus if he had taken an amoral attitude he could well have "fitted up" others, and maintained his life in Hawaii at their expense.

The trouble is in the game there is a lot of smoke and mirrors, and you never quite know what's going on till people make or appear to make mistakes, even then....

TulipManiac • August 7, 2014 5:22 PM

On the possibilities of your second leaker (TAO/ANT catalog and others)- It is unlikely to be a german national, as a lot of the material is Five Eyes only, excluding Germans.

The third is probably a different individual, may even be within TSA, but more likely IC.

Another question we should ask though, is who exactly Michael Hastings was talking to when he wrote an email to his colleagues "RE: NSA", warning them they would soon be under investigation, the morning before he died in a rather dubious car accident.

It would seem the Ship of Fools is full of holes. And it was Manning, Binney, Drake, and Ellsberg that inspired them to cast some sunshine on our current morass of secret law and government.

Matthew Case • August 7, 2014 6:11 PM

At what point will there be a counter intel operation where an NSA "leaker" begins sending misinformation to the press?

Anura • August 7, 2014 6:15 PM

@Matthew Case

That's business as usual.

Benni • August 7, 2014 6:43 PM

Usually every BND operation ends up, sooner or later, in DER SPIEGEl.

So if this comes from BND, then there are not just three leakers, but maybe a dozen. How does spiegel say in his piece on John Kerry

http://www.spiegel.de/international/world/us-secretary-of-state-seeks-to-redefine-us-foreign-policy-a-984346.html

"Several sources in the intelligence community have confirmed to SPIEGEL that a large part of these discussions, which ran over satellite uplinks, were listened in on by at least two intelligence services, including that of the Israelis. The Chinese and the Russians were also probably monitoring the calls. As a result, the Israelis often knew exactly what Kerry had discussed with the other side. Kerry knew the risk, but he wanted results -- and the conversations were more important to him than his security people's concerns. Neither the Israelis nor the State Department would comment on the phone monitoring."

So 1) Spiegel says he has several sources in the intelligence community.
2) If Spiegel has no certain information on whether the Russians or Chinese are listening, it would have to be another service that has good signals intelligence.

Either Spiegel has sources in the Israeli service, or that was just the "several sources" Spiegel has at BND....

In the book DER NSA KOMPLEX, spiegel indeed says that they got the message on Merkel's phone from a source first, and not from Snowden. In its articles between NSA and germany, Spiegel says:

http://www.spiegel.de/international/germany/the-german-bnd-and-american-nsa-cooperate-more-closely-than-thought-a-975445.html

"SPIEGEL has seen from the archive of whistleblower Edward Snowden, when combined with SPIEGEL's own reporting, open up a much broader panorama."

The official nature of the cooperation between Germany and the US in Bad Aibling is documented in a contract, written two years prior to the NSA's official departure, drafted under the auspices of then-Chancellery Chief of Staff Frank-Walter Steinmeier, now Germany's foreign minister. The "Memorandum of Agreement," signed on April 28, 2002, is six pages long and marked Top Secret. It is not from Snowden's material.

And I still wonder where they get information like this:
http://www.spiegel.de/politik/ausland/russland-putins-propaganda-wird-dreister-und-funktioniert-a-984074.html

"the reality is: The Russian intercontinental missile SS-18 consists of parts where over 2/3 come from Ukraine. The turbines of the transport airplane AN-124 and the Russian army helicopters come from the Ukrainian city Saporischja and 90% of the machines from which Russia creates material for its army are bought from western countries."

Der Spiegel has the largest fact checking department of a newspaper worldwide, with over 50 full time fact checkers going over each article before it gets published.

In order to determine that 2/3 of the parts of an intercontinental missile comes from Ukraine, you need to know how much parts this rocket consists of and who delivers which parts. Similarly, in order to know how many percent of the machines that build Russian army gear come from the west you need to have detailed insight how these things are produced.

I hereby ask DER SPIEGEL: if it has blueprints and instructions on how Russian intercontinental missiles, army helicopters, and Russian army gear is made, please release all this to Wikileaks for immediate publication.

uh, Mike • August 7, 2014 7:36 PM

Liberty requires distrust of government, and accountability thrives on it.

Thoth • August 7, 2014 8:21 PM

Adding onto uh, Mike's words:
"But global surveillance and civil suppressions prevents liberty and accountability from taking place".

ismar • August 7, 2014 8:54 PM

The tide is turning :-) !

Fuzzer • August 7, 2014 9:09 PM

The NSA has gone overboard. They are bureaucrats set on protecting the US, but the unwillingness to take *any* risk shown by this "suspect everyone" approach is damaging the very country they are, most of them patriotically, trying to protect.

However, your reasoning is also going overboard. Government leaks are usually a good thing, you theorize. Even granting this point without question, it is entirely another matter when national security capabilities are involved. These leaks included things (like the spying on Merkel, or the catalog of NSA capabilities) which have *nothing* to do with protecting US citizens's right or curtailing NSA spying on private citizens, in the US or otherwise.

WWII was won in no small part thanks to intelligence capabilities - breaking enigma took a year off the European conflict, and breaking Japan's code turned a stream of victories into a stream of defeats for Japan (not to mention cost Yamamoto his life). Since Europe has conveniently opted out of the global security game (they would rather have the US spend the money and free ride on the stability and security NATO provides), Canada, Japan or Australia are not capable of self-defense, and Russia has decided that being a spoiler is so much fun, who else are you looking at to provide stability? weakening US intelligence the way these bogus self-appointed patriots leaking any secret they get their hands on is disgrace, because it makes a rapidly destabilizing world (everyone has figured the US cannot pay for another war, just like England after WWI) even more insecure.

My point will be made just as soon as Russia invades a european country, or China starts a shooting war with Vietnam, Japan, or some other country about a couple of stupid rocks in the ocean. Then, having the US around to provide security will not look so bad. But the general consensus is to take security for granted, and complain about the fact that the NSA has your text messages with the milk/bread/bananas shopping list.

Way to go. For those of you in Europe: Law is enforced by force or the threat of force, not by talking people's ears off. Since the end of the cold war,75 wars have broken out in Europe (3 in the Balkans, 2 in Chechenia, Georgia, Crimea). NONE were resolved by the EU's parade of hapless talking heads — some were resolved by NATO, others were left to their own.

regardless of what one thinks of blanket spying on citizens of the US or of allied countries (I take the dim view of the whole thing that it is unconstitutional on the US people and misguided on the allied ones), spying on government officials, even of allied countries, is perfectly normal. And the leak of the ANT database severely compromised US intel capabilities, doing nothing to accomplish the stated objective of protecting normal people and making the world a less secure place.

It is easy to rant everything is black and white. It is not. The NSA are not bad guys, but what they are doing is so misguided to be *nuts*. Blanket advocating for leaks is equally nuts however.

Fuzzer • August 7, 2014 9:13 PM

7 wars, not 75 — thank goodness. Sorry for the typo.

ian mannix • August 7, 2014 9:29 PM

Other countries do have consciences in crisis. This week Wikileaks provided Australians with a cache about a court order accusing numerous international heads of govt of being involved in a fraud case - the courts had suppressed that info. on the basis of "national security." So someone in the Australian system had to leak that.

Jonathan • August 8, 2014 12:39 AM

Fuzzer @9:09pm,

doing nothing to accomplish the stated objective of protecting normal people and making the world a less secure place.

Do you believe everything you see on TV too?

The effect these disclosures have had is to weaken capabilities that, as history shows again and again, will inevitably be deployed against "normal people" as soon as it is expedient. The Intercept has shown that, indeed, they are now being deployed against "normal people". Some 1 in 1000 USPERs are suspected "lone wolf" terrorists, which under current law means anyone who doesn't bow and scrape to a licensed and bonded oligarch or tries to upset the oligarchs' punch bowl even as they squeeze people into it like so many lime wedges. Can you name a single government that has built out this sort of infrastructure and not invented a reason to use it to capacity within a generation or two?

Truths of adulthood Americans don't usually learn as children: You are not entitled to win. Your edifice is not entitled to eternal life. You are not entitled to force people to play your rigged game if they don't want to, much less if you're a known compulsive cheater. Bullies get their toys broken. Bullies are not entitled for any reason not to get the stuffing beaten out of them by the kids they've wronged. And last but not least, as Charles de Gaulle and most of us who have worked in office situations know, those who declaim their own supreme indispensability can be summarily terminated then and there with rarely any ill effect on the company, and usually significant benefit.

Other nations' own oligarchs' high crimes and misdemeanors will be exposed and dealt with in due course and probably more quickly without the US propping them up and running interference for them. And if not, it's none of your rightful business anyway.

Clive Robinson • August 8, 2014 2:51 AM

@ Fuzzer,

Way to go. For those of you in Europe: Law is enforced by force or the threat of force, not by talking people's ears off. Since the end of the cold war,75 wars have broken out in Europe (3 in the Balkans, 2 in Chechenia, Georgia, Crimea).

I guess you need to study history a bit more.

Untill fairly recently few regarded those countries as "European" but as either CCCP or USSR which to the US ment they were the "enemy" of the cold war.

With the end of the cold war and the collapse of Russian strangle hold on these nations old emnities from WWII and earlier resurfaced. These were exploited by various factions for both political and financial gain (a process we see still occuring today). This is not a unique problem to what you describe as Europe, you only have to look at the middle east (Iraq) and Africa (Somalia et) to see this happening, all fought with cold war and later weapons of foreign manufacture.

Now you have to ask where the weapons to fight these wars come from, and oh look which country is top of the list of exporting weapons... it's the "Good old boys" in the US.

So many would agree that as the US is the major polluter of the world with weapons one way or another, then perhaps it should clear up the mess it created and so grossly profited by, to the enjoyment and comfort of it's citizens...

Gerard van Vooren • August 8, 2014 3:16 AM

@ Fuzzer

Let's talk about history.

Are you aware that after WW1 and especially WW2 Europe was in ruins? Totally in ruins? How many bombs have been falling down in Washington DC, New York City, LA, San Francisco or Miami? How many bridges have been blown away in the US? How many people in the US have been starving to death, or raped, killed, wounded, evacuated, traumatized? How many firestorms have there been?

And during the Vietnam era. How many bridges, houses, people, cities have been blown away in the US? How many people in the US have been killed by machine guns? The same with Panama, Afghanistan and Iraq.

And tell me, which of these wars, after WW2, was absolutely necessary? Which of these wars was not based on lies?

I think that all the above is the reason that in Europe we are a bit hold back to go into arms.

Andrew_K • August 8, 2014 3:25 AM

@Benni

If I were a journalist, I would certainly not release leaked documents to Wikileaks for at least two reasons:

1. I should never assume that I completely understand everything I see (or even that I see everything that is physically present). Even if I think that a document is cleared from everything linking it to my source, there may still be enough evidence for an Intelligence to identify suspect persons. Aside: Calculations as made in DER SPIEGEL may result from dozens of pieces of information collected over years -- which cannot be traced to a source.

Cheap example: Intelligence may use linguistic steganography in documents once they're searching a leak. All they have to do is wait for a quotation.

2. I would horribly cheat on my source. If my source intended making the documents publicly available, the person could have arranged that surely alone (hey, they were clever enough to find their way to me). But instead, they handed it over to me -- trusting me not to publish any information that would risk their identification.

Winter • August 8, 2014 3:28 AM

@Fuzzer
"Way to go. For those of you in Europe: Law is enforced by force or the threat of force, not by talking people's ears off. Since the end of the cold war,75 wars have broken out in Europe (3 in the Balkans, 2 in Chechenia, Georgia, Crimea). NONE were resolved by the EU's parade of hapless talking heads — some were resolved by NATO, others were left to their own."

Three remarks:
1) No wars have been fought inside any country that was part of the EU. All wars you mention were outside of the EU. And these wars were all possible due to Russian political and military support.
(Btw, you forgot the war in Moldovia that gave us the pirate nest of Transniestria. Leaders of the Urkanian seperatists were heavily involved in "governing" Transniestria)

2) The USA considers any country that is strong enough to defend itself against it as an enemy. It will actively undermine attempts by European countries to become strong military powers. Obviously, you can buy US weapons systems, because these will not work against the wishes of the USA. In short, the USA will not allow Europe to become a strong military power. NATO is a truce between Europe and the USA.

3) There are good historical reasons to keep Germany and Japan from arming up. In the end, providing defense capabilities for them might be the cheapest option.

Ben • August 8, 2014 3:52 AM

@Fuzzer:

it is entirely another matter when national security capabilities are involved. These leaks included things (like the spying on Merkel, or the catalog of NSA capabilities) which have *nothing* to do with protecting US citizens's right or curtailing NSA spying on private citizens, in the US or otherwise.
WWII was won in no small part thanks to intelligence capabilities

You have missed the point. Merkel knew she was being spied upon. Great Powers play this game all the time. The point is not that Merkel was upset by the spying the point is she was embarrassed at having it revealed to the voting public.

Bob S. • August 8, 2014 7:09 AM

Re: "Some 1 in 1000 USPERs are suspected "lone wolf" terrorists" ~ Jonathon

That's about 31.7 MILLION (give or take a few hundred thousand) people and speaks volumes about justifications for mass surveillance.

For all intents then, assuming the government operates on this assumption, we are all terrorists or interacting with terrorists. The whole country is over flowing with terrorists, their families, friends, co-workers, pizza deliverers and such.

OMG....are you a terrorist, too?

I will be hiding under my cubicle for the rest of the day.

DB • August 8, 2014 7:33 AM

lol now we have people arguing that the NSA is both good and nuts at the same time ;)

Uhu • August 8, 2014 7:56 AM

@Fuzzer

I also believe that the majority of the people working for the NSA are not bad guys. In fact, I am convinced that they believe to make the world a saver place. And before we forget it, what they achieved and probably still achieve is amazing (too bad for them that it has to remain secret).

I believe that what the NSA does, and thus what the leaders decided to do, is bad and counterproductive for the US and humanity as a whole. There are a few bad guys (with a lot of power) while the majority is good (but potentially misguided).

More precisely, I think that mass surveillance is extremely bad, while targeted surveillance is what the NSA (and other secret services) should be about. Concerning targeted surveillance, I am concerned that it gets used too widely and without proper oversight.

The US used to be a symbol for freedom and democracy. It has become a symbol for greed, fear and control. I believe that freedom and democracy are stronger, and I thus believe that the US should strive to become again the symbol for these fundamental values. As was pointed out in other places, the leaks were not a big surprise for many of us. The big value of the leaks for the US could be that it allows the US to come clean with its practices and change the behavior.

Edward Snowden probably decided he had to leak material concerning other countries, as the current situation in the US would not have forced a wide-spread discussion. This way, other countries (e.g., Brazil) make sure the discussion happens.

"... who else are you looking at to provide stability?" Are you kidding me? Many people outside the US see the US as the SOURCE of the instability. Besides the obvious conflict zones, it might very well be that other countries indeed rely too much on the US to provide peace, instead of looking after themselves. If the US was not "protecting" the rest of the world, maybe they would get used to do it themselves, but they might also be less easy to control for those in power in the US.

In summary, I wish the US would become The Good Guy again. That they would respect democracy, both domestically and abroad, instead of secret laws, secret courts, interfering with elections and legitimate governments in other countries, etc. That they would care about and defend fundamental values of humanity, be it The Constitution (not only for Americans, but for everyone) or be it The Universal Declaration of Human Rights.

Mark Felt • August 8, 2014 8:01 AM

The initial Merkel news did not credit Snowden, but a subsequent followup story corroborated it with documents that were attributed to him.

Is there reason to believe that the initial Merkel document came from the same source as the ANT catalog and the XKS source code other than Appelbaum's involvement in all three stories?

I suspect there are more than three sources.

Christos • August 8, 2014 8:45 AM

@ Fuzzer:

'WWII was won in no small part thanks to intelligence capabilities'

Actually it would have ended sooner had the Allies been more careful in securing their own codes. Google Fellers code, Naval Cypher No3, A-3 speech scrambler, State Department's strip cipher etc etc

The NSA should focus more on securing systems than breaking them.

Bruce Schneier • August 8, 2014 8:53 AM

"Is there reason to believe that the initial Merkel document came from the same source as the ANT catalog and the XKS source code other than Appelbaum's involvement in all three stories?"

Yes, but nothing I want to say publicly.

Otter • August 8, 2014 10:45 AM

"I wish the US would become The Good Guy again."

The punchline is "You gotta at least buy a ticket!"

Skeptical • August 8, 2014 1:53 PM

I do not see sufficient evidence to conclude Leaker #2 is not Snowden.

Leaker #3 though is plausibly not Snowden.

Evidence that Leaker #2 is Snowden:

- stories are published by individuals with known access to Snowden material

- stories are published by individuals who have directly met with Snowden

- information contained in stories is from timeframe of documents which Snowden took

- information contained in stories is extremely similar to confirmed Snowden-sourced stories published in other outlets

- information contained in at least some stories is confirmed to be in files provided by Snowden (including the Merkel story)

Separately, did Snowden deny being the source for the Merkel story?

If so, that is especially interesting given that The Guardian confirmed the story based on files provided by Snowden.

If Snowden did deny it, this indicates at least one of the following to me:

(1) He was unaware that the information was within the documents he leaked;
(2) He was assured by journalists that they derived the information independently from another source, and relied on their words;
(3) He was lying;
(4) The Guardian was mistaken;
(5) The Guardian was lying.

At this point, his mendacity (which I'm sure he views as justified) is such that (3) would be unsurprising, though given the volume of information he took, (1) seems equally likely.

What is the evidence that Leaker #2 is not Snowden?

- Greenwald says Snowden documents do not contain XKS rules.
- The stories did not explicitly cite Snowden.

It's certainly possible that Leaker #2 is not Snowden, but I don't think the evidence available so far is persuasive. If Greenwald is accurate (I've only seen speculation from him as to a second leaker, incidentally - has he actually confirmed that the XKS material is not in the Snowden documents?), then that may simply indicate that Snowden gave different material to someone else.

I think it's most likely that (1) Snowden gave additional material to Poitras or Appelbaum (or has not provided Greenwald with information necessary to view that additional material), and (2) efforts by some, in which I do not include Schneier, to obfuscate Snowden as the source are designed to mislead the US and to encourage additional leakers.

I do think that there's a tentatively persuasive argument that Leaker #3 is not Snowden, given the date on the document and the nature of the document. But, there are alternative explanations for those things which are compatible with Snowden being the source.

Sancho_P • August 8, 2014 2:38 PM

@Skeptical:

I’m not a native speaker, but your “evidence” sound like “observations” to me?

Nova • August 8, 2014 3:16 PM

@Fuzzer

Say you have a little town, with a little police department. And the people are well pleased with that police department. They keep law and order, and are fair, and merciful. But, then, someone comes out and discloses to the townspeople that there actually has been - all along - severe corruption in that police department.

That they were operating as criminals, effectively simply arresting their competition.

In this metaphor, the leakers, are the whistleblowers. This antagonizes the police department. All of a sudden people are upset with them. They want the guilty parties found, exposed, and condemned. They want the innocent parties whom they jailed and wrongly convicted let go.

To the police department, then, the really bad guy, are those whistleblowers. They created the problem. They destablized everything. Their own crimes? Why, they were effectively non-existent before one of their turn coats busted them on it!

Can not the townspeople see? They have badges. They have low pay. Their jobs are constantly subjecting them to threat of loss of life and limb. They simply deserve to be paid extremely well for all their efforts.

After all, what are they but simply humble servants of the people?

And then, the Mayor comes and says, "You know what, I will wave my magic wand, and make legal all of their crimes and all of their criminal activities and organizations".

So, then the cops say, "See? It is all legal. No crimes committed."

If your government is doing the same thing as the governments you condemn, your government should not expect to escape condemnation for those crimes.

I do believe matters are complicated. The US Government - and these other governments - are large organizations full of competing organizations and agendas. It is said, "do not let your left hand know what your right hand is doing", and their left hand tries to feed their body, while their right tries to knock that hand away.

Together, the good done operates simply as a guise for the bad done.

Especially if these crimes are not punished, if they are not condemned.

The moral authority vanishes, and the core of the entire system is corroded. Exactly as if people injected destroying acid into it. The very people entrusted with keeping it stable.
*

Further, there are many forms of guilt here: there is guilt of those who lie to themselves, there is guilt of those ignorant, there is guilt of those who are complacent. There is guilt of those actively performing these criminal actions. And there is guilt of the judges who close their eyes to them.

Snowden, and these other leakers, they did not create the crimes, they merely reported them.

I hate to say it, but it reminds me of how, the other night, I had left out one sumptuous piece of pizza. Well, night had grown, and the light was turned off. I am telling you -- not but for a second! But, what happened when I turned on the light and went to go towards that slice? You can guess it. There was a cockroach. It saw me coming, got up, and took off.

While, I think, one might say there is a "three second rule" here, I will assure you, with great disgust, I threw that slice of pizza out!

Likewise, "a fly destroys the whole bottle of ointment", and a "speck of shit corrupts an entire garment".

The "three second rule" here **was** Obama, and the governments (pluraral), chance to quickly correct these problems, investigate them, and act rightly, justly towards them. This they did not do. So that three second rule is far up.

How I wish it were that so many good deeds might not end up being worthless and thrown down the toilet. Or that so much built up moral authority might not be destroyed. But, this is the case, and not the previous whistleblowers, nor the current, nor the future are - in *any way* - guilty of this.

No, they bravely did and do their service.

It is true, however, are they not as but talking heads? Powerless? They bravely risked all and suffer much to report these crimes, but to death ears and eager persecution.

So, is it but by guns and money, that all wars are won, truth is defined, and "moral authority" is nothing but the imaginings of a Really Good Propaganda System?

I think not.

No, I am old fashioned and believe that justice comes around. Those wheels turn slow, often very slow, but turn they do.

And that which has become trash, regardless of whatever good it may have had in it, is, crunched up in those merciless wheels, ground up, like teeth, and thrown into the heap to be burned and destroyed.

Truth is like a ghost, it haunts people at night, and looks back at them under the face in the mirror. It gnaws at them like a worm, and ultimately, it will burn them.

Jacob • August 8, 2014 3:35 PM

Skeptical reminds me of Vizzini from "The Princess Bride" at the Battle of Wits.

Nova • August 8, 2014 3:41 PM

@Fuzzer

On the value of intelligence, and of the requirement for the world's stability on American authority and power...

On the intelligence successes of WWII: What you are arguing there is ultimately biased speculation. There is strong evidence that Allied intelligence helped shorten that war. But, I do not think you considered the possibility that this sort of foundation, that all of that evidence, may be as a red herring. A distraction. It is basic biased analysis. You consider your arguments based on a theory borne by what is ultimately merely circumstantial evidence without considering competing theories.

"My point will be made just as soon as Russia invades a european country, or China starts a shooting war with Vietnam, Japan, or some other country about a couple of stupid rocks in the ocean. Then, having the US around to provide security will not look so bad. But the general consensus is to take security for granted, and complain about the fact that the NSA has your text messages with the milk/bread/bananas shopping list."

Russia invading a European country has nothing to do with the US.

China deciding to start a shooting war with Vietnam, Japan, or some other country? This also has nothing to do with the US.

All of this is deeply flawed reasoning, which, yet again, is building a vast theory on circumstantial evidence that is biased and not considering equally any manner of competing theory.

I do completely understand how all of this is very compelling for you. But, I am quite sure you your self also must get that little nag that says, "Hello, this is true. You have created a mental house of cards and declared it a castle of brick." It will fall.

If your hypothesis is correct, you argue, then, you have stated your own measure of proof for that.

Do you not see how incorrect this entire line of reasoning is? Think about it.

I do not, however, believe your heart is in the wrong place in this way: I think you are a person who tries. But, this is failing. Who can blame you? You are a subjective person, in a subjective environment. Though, it would probably be wise to seek objectivity and be cognizant of your subjectivity before completing your foundation of beliefs.

Let me say something else here: Nobody is looking to nor asking for America to be their global savior. You know what people have looked to America for? Because their founding documents were so inherently glorious. People across the world, they come here, and they have admired that. They have understood something which was previously unknown to nations. That a nation can be free, it can be just.

So, corruption does matter in America. Does it make it less important if that corruption was performed under the auspices of that very liberty? No, it merely corrupts the whole mix.

I assure you, the reason why these stories resonant with a certain spectrum of people is not because they are reprobate communists and traitors to the Cause of freedom. Far from it. No, it is because they are far better studied in exactly how - for governments - the road to hell can be paved with seemingly good deeds. They are vigilant.

They do not buy into sloganeering and auspices of righteous cause.

One step forward, two steps back.

If America and these other "free" nations collapse, then that is it, for everyone.

That is not because of some Arab or Persian with an opinion. That is because of their own governments betraying their own positions.

End of sermon.

Nova • August 8, 2014 4:16 PM

@Skeptical

I am sorry, but you do not seem to properly address the evidence Bruce gave, which I believe is very weighty. Though I say that I believe your skepticism here is not without some weight, though there are some seemingly minor points here which do undermine your arguments dramatically.

- "Snowden has said that he is not the source for the Merkel story"
- "Greenwald has confirmed that the Snowden documents are not the source for the X-KEYSCORE rules"
- "I have also heard privately that the NSA knows that this is a second leaker."

I might add here, during the initial Snowden releases, there were also other information releases not related to Snowden's archive of data.

These stories were anonymously sourced.

I have well noticed some of these stories did not gain much traction, though in my own view, their impact was severe.

I do believe some of these stories have just sort of lumped themselves together, and people have not really gone and attempted to organize all the leaks.

I am here, of course, not talking about leaks that appear to be official or by seemingly (or true) employees.

You state:

- " If Greenwald is accurate (I've only seen speculation from him as to a second leaker, incidentally - has he actually confirmed that the XKS material is not in the Snowden documents?)"

Bruce says he did. While Bruce has made mistakes from time to time, my guess is he is not mistaken here.

Bruce does also have a habit of correcting his mistakes when so informed. Those tend to be stories he is not as close to as these stories, is my experience, from reading him over the years.

Which then brings us to this statement of yours:

- "then that may simply indicate that Snowden gave different material to someone else."

I am not sure how valid that opinion is. Isn't it also true these other material was not sourced?

So you have there a Big Coincidence, don't you? And when considering such things, do you believe Big Coincidences are likely just to be coincidences?

Specifically, you state:

- "efforts by some, in which I do not include Schneier, to obfuscate Snowden as the source are designed to mislead the US and to encourage additional leakers."

What is the coincidence I speak of there?

- that it just happens Greenwald was not privy to this material, potentially, according to your speculation
- that it also happens Applebaum just happened to be unaware of this fact, and also just happened to give no Snowden attribution to this data

Put another way: Do you really believe Applebaum was so aware of what he was to release was *not* in Greenwald's archive, that he just happened to know which material *not* to attribute to Snowden?

*That* is "crux of the matter number one". I apologize, so much backdrop was necessary before getting to it. Think on this. A little convoluted, but I do believe it is weighty.

You also leave out piece of evidence three from Bruce. Which is important.

- "I have also heard privately that the NSA knows that this is a second leaker."

Now, I think your instincts to do so there are sound. That is hearsay information. But, let us consider two points on this:

1. Do you find it plausible that Bruce is incorrect in stating that he heard from the NSA (directly or indirectly) that they believe there is another leaker?

2. Do you believe that you should disregard anything Bruce may have heard (directly or indirectly) from the NSA, because spies may be liars?

I state this because... of this statement of yours, which is very much in context for these two points, and I shall repeat:

- "efforts by some, in which I do not include Schneier, to obfuscate Snowden as the source are designed to mislead the US and to encourage additional leakers."

So, considering the above two points, with this point of yours in mind:

1. Do you believe an NSA agent would disclose this information intending to encourage leakers and mislead the US?

If so, what would this mean?

1. That someone who is not NSA has posed as NSA so as to misinform Bruce.

2. Or, that someone who is NSA is attempting to "mislead the US" and "encourage additional leakers"

If it is #2 you choose there, then you effectively have your other leaker already, correct?

If it is #1, well, that is something else. Anyone can be fooled, I suppose, though I would be surprised if Bruce was incorrect to believe in the validity of his source. I find that implausible.

And if true, then, oh no, you have an entirely new problem: people posing as intelligence agents speaking authoritatively on intelligence agencies waylaying major pundits on the topic.

Which is an entirely new bag of worms.

Now, consider this possibility:

1. The NSA information given was sincere and even under official capacity, to help discern who the other leaker is.

renke • August 8, 2014 5:10 PM

@benni

"I hereby ask DER SPIEGEL: if it has blueprints and instructions on how Russian intercontinental missiles, army helicopters, and Russian army gear is made, please release all this to Wikileaks for immediate publication."

Not sure about the 2/3 quote but it is no state secret that the manufacturer of the R-36 (SS-18 in NATO speak) is Yuzhmash, an Ukrainian company. One of the more important aircraft engine producers in the Soviet Union is nowadays known as Ivchenko-Progress (also Ukrainan), they build the turbofans for the AN-124 and many Mil helicopters.

Nothing arcane to see here, only the remains of the SU system of distributed manufacturing.

Skeptical • August 8, 2014 5:31 PM

@Nova: Russia invading a European country has nothing to do with the US.

Unless one of those countries is in NATO, or borders a NATO country, or the invasion reduces the security and stability of Europe. In short it has a lot to do with the US.

China deciding to start a shooting war with Vietnam, Japan, or some other country? This also has nothing to do with the US.

Except the US has a defense treaty with Japan, and considers Japan one of its closest allies. Nor would a war between the PRC and Vietnam be anything but deeply unsettling to the region. So, in short again, it has a lot to do with the US.

Put another way: Do you really believe Applebaum was so aware of what he was to release was *not* in Greenwald's archive, that he just happened to know which material *not* to attribute to Snowden?

I think he knows precisely what is in Greenwald's archive. But he doesn't need to know to simply not attribute stories to Snowden.

Weighed against the evidence that Leaker #2 is Snowden, Greenwald's claim that XKS isn't in his archive doesn't persuade me that there's a second NSA leaker.

As to what Schneier has heard privately, I have no opinion, because I do not know his source or what was said exactly. It's not evidence that I can weigh.

Nova • August 8, 2014 6:14 PM

@Skeptical

I appreciate your responses.

"Russia invading a European country has nothing to do with the US.

Unless one of those countries is in NATO, or borders a NATO country, or the invasion reduces the security and stability of Europe. In short it has a lot to do with the US."

The poster I was responding was claiming "my thesis is true, if Russia invades another European country". My point is: If Russia does or does not invade another European country does not prove that his thesis is true.

He posited a hypothesis then tried to set the proof for that hypothesis. But, his standard for proof was entirely flawed.

In security terms, it would be like saying, "Okay, we think Suspect X was behind the murder. Now, if he goes to Burger King tomorrow, as he likes to do, then that will be proof he is the one who committed the murder!"

Suspect X may or may not have committed the murder. But whether Suspect X goes to Burger King or not tomorrow is a very poor measure of proving that. There is another flaw in this: you know it is likely that Suspect X will go to Burger King tomorrow.

It could be I misunderstood what he was trying to say. Otherwise, I was simply pointing out that his method of reasoning was sorely flawed.

Your second argument is covered by this response, as well.

I do believe this sort of deductive analysis is alien to many otherwise very smart people. They simply have not had to rely on this day after day with demands of rigorous proof provided, and little forgiveness for error.

If this is the case, I think they would expect to have severe errors in the logic of their analysis.

"Put another way: Do you really believe Applebaum was so aware of what he was to release was *not* in Greenwald's archive, that he just happened to know which material *not* to attribute to Snowden?

I think he knows precisely what is in Greenwald's archive. But he doesn't need to know to simply not attribute stories to Snowden.

Weighed against the evidence that Leaker #2 is Snowden, Greenwald's claim that XKS isn't in his archive doesn't persuade me that there's a second NSA leaker.

As to what Schneier has heard privately, I have no opinion, because I do not know his source or what was said exactly. It's not evidence that I can weigh."

Let's break this down a little:

(Again, using your format)

- I think he knows precisely what is in Greenwald's archive.

- But he doesn't need to know to simply not attribute stories to Snowden.

You make two strong contentions there.

The first contention is astounding to me. So you believe Applebaum knows exactly what is in Greenwald's archive, but Greenwald does not know exactly what is in Applebaum's archive?

What is your evidence for believing this? How do you believe this came to transpire?

Now, to your second contention.

- But he doesn't need to know to simply not attribute stories to Snowden.

No, he does not need to know this. This was the crux of the argument I said to think on. Of all the stories he published, he just happened to have settled on not providing attribution for the very stories Greenwald simply did not happen to have in his archives?

Help me out here. I am confused.

I could see Applebaum randomly deciding to pick just the right articles from his archive. Though it seems far more unlikely Applebaum entirely knows which documents are in Greenwald's archive, but Greenwald does not know exactly what is in Applebaum's archive.

"As to what Schneier has heard privately, I have no opinion, because I do not know his source or what was said exactly. It's not evidence that I can weigh."

Not at all unreasonable.

And this does reveal that you have had to perform analysis in an unforgiving environment. Do you mind telling me what your background is?

Skeptical • August 9, 2014 7:33 PM

@Nova - The poster I was responding was claiming "my thesis is true, if Russia invades another European country". My point is: If Russia does or does not invade another European country does not prove that his thesis is true.

Ah, I see. Then I think you and he are talking at cross-purposes. His argument is, as I read it, different than what you think it is.

As I read it, his argument is: "we, and especially citizens in certain EU countries, are undervaluing the importance of certain intelligence programs to national security. When we all feel threatened again, and look to US power to aid us, we'll think differently about certain intelligence programs and about the wisdom of leaks revealing foreign intelligence collection capabilities."

You seem to be responding to him that the leaks are important as a means of preventing the US from becoming an undemocratic, authoritarian state, and if this is not done then it does not matter whether the US intervenes elsewhere.

Do I have your response right?

The first contention is astounding to me. So you believe Applebaum knows exactly what is in Greenwald's archive, but Greenwald does not know exactly what is in Applebaum's archive?

This is speculative on my part, and may well be false. But there are aspects that make this a salient possibility.

Consider a few items, which could tie together to a form a coherent narrative consistent with the above:

1 - Snowden believes that the Intelligence Community would kill journalists to prevent the disclosure of information he has taken [claims to believe at least; possible that the claim was made for propaganda purposes, but fits with other facts];
2 - Snowden believes that the programs and tools revealed enable the government to easily implement an authoritarian system;
3 - Snowden claims to be a well-trained intelligence officer, familiar with operations planning concepts and methods;
4 - Snowden believes (claimed to believe) that the US might hire organized crime figures to kill him.

Put those together. An individual believes himself to be in a struggle with a dark adversary limited only by what it can get away with, with the future of freedom on the line, and is trained (or has otherwise absorbed via obsessive reading) in concepts and methods of military operations planning.

Such an individual, had he the time and forethought, would prepare a multi-layered plan, including preparations for contingencies he believes possible.

Part of that plan might involve self-identification for his own safety. Other parts might involve deceiving his adversary as to the number of leakers they face, sowing confusion and distrust within their ranks; so in addition to the first track of attributed leaks, the plan may involve a second track of non-attributed leaks. Such a second track would also make more credible a threat of escalation by Snowden, which, given his view of the US Government, might well seem prudent to him. Given some distrust of Greenwald, and greater trust in Appelbaum and Poitras, Snowden may well have entrusted the latter with greater responsibility and access (a supposition strengthened by the ferrying of documents to Greenwald via Miranda from Poitras). He would want the second track to be in the hands of those he trusted most; and he would want someone around to coordinate operations should the Triads take him out.

Now, again, this is highly speculative. It assumes a level of planning that may or may not have actually existed, it takes some of Snowden's more paranoid statements at face value and not as theatre, and obviously it assumes certain choices were made as part of his planning. The pieces fit, but the pieces fit into other narratives as well.

- But he doesn't need to know to simply not attribute stories to Snowden.

Let me ask this: has Appelbaum ever attributed any of his stories to Snowden? The theme of hinting at multiple leakers dates to the very first Snowden story. Those involved in publicizing Snowden's name would be less able to hint at multiple leakers credibly, but Appelbaum, with his connections to Wikileaks and better opsec than Greenwald, might be better placed to sell that theme with some success.

And this does reveal that you have had to perform analysis in an unforgiving environment.

No, and certainly much less unforgiving than others have endured. But is an unforgiving environment the best learning environment in any case? Mistakes should sting sometimes, but I have some doubts about the educational value of dying.

Bruce Schneier • August 9, 2014 7:40 PM

"On the possibilities of your second leaker (TAO/ANT catalog and others)- It is unlikely to be a german national, as a lot of the material is Five Eyes only, excluding Germans."

That's a good point. I (sloppily) missed that.

Bruce Schneier • August 9, 2014 7:45 PM

"I do not see sufficient evidence to conclude Leaker #2 is not Snowden."

I understand your skepticism, but no one who knows stuff -- not Greenwald, not the NSA, not Snowden himself -- thinks that Leaker #2 is Snowden.

Bruce Schneier • August 9, 2014 7:48 PM

"Bruce says he did. While Bruce has made mistakes from time to time, my guess is he is not mistaken here. Bruce does also have a habit of correcting his mistakes when so informed. Those tend to be stories he is not as close to as these stories, is my experience, from reading him over the years."

Oh, I make mistakes about all sorts of things. But I do correct them when I can. In this case, I know that Leaker #1 (Snowden) is not Leaker #2. I believe based on the document leaked, the manner of the leak, and the reaction of the US government, that Leaker #2 is not Leaker #3.

Skeptical • August 10, 2014 7:57 AM

@Bruce - You do correct any mistakes you catch, and you've been, so far as I can tell, an honest and forthright person in discussions like this.

Your own strong belief that Leaker #2 is not Snowden based on what you've seen does itself constitute significant evidence that Leaker#2 is not Snowden, especially given your additional access and sources.

Still... if I could point to some of the documents in Snowden's archive that make me dubious about the claim.

Take this Der Spiegel document, for example. It's a GCHQ wiki on XKS, documenting "microplugins" that can help "find types of traffic that can't be detected by keywords or regular expressions alone." There are links within the document that would likely contain examples of the sort of XKS rules which were later published by Appelbaum. Does Greenwald have these documents, incidentally?

Since the above document comes from Snowden, it seems highly likely that content from the links would also have been downloaded by him and then given to someone.

The other documents - the TAO catalog, and the Merkel document - are both of the sort that would be in Snowden's collection, are from the same timeframe of the documents he took, and were published and reported on simultaneously with other documents he took.

To me this is very strong circumstantial evidence that Snowden is the source for those leaks.

Mike • August 10, 2014 9:49 AM

Here is a list of whistle blowers, https://en.wikipedia.org/wiki/List_of_whistleblowers I especially recommend checking out Russ Tice, Thomas Drake, Sibel Edmonds, Gary Webb

Tom • August 12, 2014 4:49 AM

Now I'm curious, Bruce.

"Leaker #2: The person who is passing secrets to Jake Appelbaum, Laura Poitras and others in Germany: the Angela Merkel surveillance story, the TAO catalog, the X-KEYSCORE rules."

"In this case, I know that Leaker #1 (Snowden) is not Leaker #2."

Do you also know that Leaker #2 is indeed one single Leaker #2?
The X-KEYSCORE rules's story
- appeared on state-owned German TV, unlike any other leak
- appeared at the same time German government found a US mole
- did not state Snowden as the source
And it is totally possible that the source was within Germany, maybe BND, as the BND has had access to X-KEYSCORE for testing purposes.

Thus, I also concluded this might probably have been a Leaker #2. But the Merkel surveillance story and the TAO catalog? Do you also know they come from the same source or do you just know they don't come from Snowden?

Sancho_P • August 12, 2014 10:44 AM

@ Tom:

Good point.
I especially love your careful statement:
“… concluded this might probably have been leaker #2.”

There are others seeing evidence in in each observation that fits their mindset.
A bullet hole + a bullet would be evidence for a shooting.
A dead body is NOT evidence for a murder.
Too much bad TV today.

However, I think we must not hunt down whistleblowers or provide hints to those poor droids who are supposed to get them.

Slang • February 22, 2015 5:24 PM

the correct term is witness

who's on 1st • March 26, 2015 3:24 PM

@greg

Who's on First? Leaker #2 and #3

First Base: Who
Second Base: What
Third Base: I Don't Know
Left field: Why
Center field: Because
Pitcher: Tomorrow
Catcher: Today
Shortstop: I Don't Care/I Don't Give a Darn/I Don't Give a Damn

Name (required):

E-mail Address:

URL:

Fill in the blank: the name of this blog is Schneier on ___________ (required):

Comments:

Allowed HTML: <a href="URL"> • <cite> • • • <ul> <ol> <li> • <blockquote> <pre>

← Over a Billion Passwords Stolen? Social Engineering a Telemarketer →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.

The US Intelligence Community has a Third Leaker

Comments

Leave a comment