Bart Gellman on Snowden

Bart Gellman's long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a couple of weeks. There is an adapted excerpt in the Atlantic.

It's an interesting read, mostly about the government surveillance of him and other journalists. He speaks about an NSA program called FIRSTFRUITS that specifically spies on US journalists. (This isn't news; we learned about this in 2006. But there are lots of new details.)

One paragraph in the excerpt struck me:

Years later Richard Ledgett, who oversaw the NSA's media-leaks task force and went on to become the agency's deputy director, told me matter-of-factly to assume that my defenses had been breached. "My take is, whatever you guys had was pretty immediately in the hands of any foreign intelligence service that wanted it," he said, "whether it was Russians, Chinese, French, the Israelis, the Brits. Between you, Poitras, and Greenwald, pretty sure you guys can't stand up to a full-fledged nation-state attempt to exploit your IT. To include not just remote stuff, but hands-on, sneak-into-your-house-at-night kind of stuff. That's my guess."

I remember thinking the same thing. It was the summer of 2013, and I was visiting Glenn Greenwald in Rio de Janeiro. This was just after Greenwald's partner was detained in the UK trying to ferry some documents from Laura Poitras in Berlin back to Greenwald. It was an opsec disaster; they would have been much more secure if they'd emailed the encrypted files. In fact, I told them to do that, every single day. I wanted them to send encrypted random junk back and forth constantly, to hide when they were actually sharing real data.

As soon as I saw their house I realized exactly what Ledgett said. I remember standing outside the house, looking into the dense forest for TEMPEST receivers. I didn't see any, which only told me they were well hidden. I guessed that black-bag teams from various countries had already been all over the house when they were out for dinner, and wondered what would have happened if teams from different countries bumped into each other. I assumed that all the countries Ledgett listed above -- plus the US and a few more -- had a full take of what Snowden gave the journalists. These journalists against those governments just wasn't a fair fight.

I'm looking forward to reading Gellman's book. I'm kind of surprised no one sent me an advance copy.

Posted on May 20, 2020 at 2:08 PM • 47 Comments

Comments

JakeMay 20, 2020 2:29 PM

Please be sure to write about your take on the book. I've always thought that Snowden is a fascinating individual who is a true American Hero. He exemplifies the very best in our intelligence community.

DarioMay 20, 2020 2:39 PM

Definitely a must-read book. Even more intriguing that you were on the ground with Greenwald et al. in 2013 when all this was happening.

bcsMay 20, 2020 3:17 PM

Re: black bags teams: I kind of what to see that movie. I can Just imagin the (unoffical) negotiation: "We all want it, but do we want to get it more than we want to prevent you from getting it? [I'm guessing yes] ... Here, lets set up a Google Calander to schedule things."

Stephen John SmoogenMay 20, 2020 3:20 PM

Maybe check to see if the black bag team left it under the bed last night? No sorry under the bathroom sink behind the drano.

RachelMay 20, 2020 5:07 PM

A rare moment of real candour from Mr Schneier. Thankyou for sharing.
I had a good laugh at the thought of various caricatures of nationalities bumping into each other in the dark Peter Sellers style. The French naturally cluctching baguette, exclaiminag Sacrebleu! The yanks chomping a cigar.
Whoever failed to send you an advance copy should hang their heads in shame and send you a formal apology.
Wouldn't Snowden have briefed the journalists on secure handling on the material? He would have well been aware he was entrusting it to civilians.

Mr Schneier, you were well across TEMPEST even at that stage? You would not have reviewed the material at that point. I seem to recall you were dubious about the tecchnology

Bruce SchneierMay 20, 2020 5:45 PM

@Rachel:

"Mr Schneier, you were well across TEMPEST even at that stage? You would not have reviewed the material at that point. I seem to recall you were dubious about the tecchnology"

I knew about TEMPEST attacks in the 1980s, well before I wrote my first book. I don't remember anything about them in the Snowden documents I read. Almost all of it was bulk SIGINT of Internet and telephony.

Clive RobinsonMay 20, 2020 7:11 PM

@ Bruce, Rachel,

I don't remember anything about them in the Snowden documents I read. Almost all of it was bulk SIGINT of Internet and telephony.

That does not supprise me in the slightest.

If you think about it TEMPEST EmSec and other such attacks are very resource intensive and used against "targets of interest". The same with "Black Bag", "Wet Work" etc attacks. All of which are usually carried out not by rank and file staff that Ed Snowden dealt with but exmilitary and domain specialists (way above "Echo 4" pay grade) often employed as "contractors" or those classed as "NOC's" for "arms length" / "deniability" reasons. Such people are often not even payed monetarily, they can get what are in effect "insider trading tips" or "other commodities" etc.

The "rank and file" Ed Snowden provided SysAdmin for, were most definitely not into "targeted collection" but "bulk collection" that is they did wherever possible hide atleast "one router upstream" of users and corporates from which they hovered up data where the only people who could see them were one or two of the staff in "Telco Operator" exchanges etc.

Back in the 50's through 80's when much of the UK "Trunk" was done by microwave links the UK GCHQ did not even go anywhere near the Telco Opetators sites. They set up what looked like "grain silos" some miles away, and at the very top installed specialized monitoring equipment that picked up "dish spill" etc. A specialised unit within the GPO later BT euphemisticaly called "secret squirrels" by other technical staff put in the specialised links back from those monitoring sites to the likes of Hanslope Park.

The advent of "fiber optics" caused major issues as the monitoring equipment now had to be some how "co-located" where it would be visable to way to many eyes. This was often achived by putting in remote/unmaned" "relay nodes" that were classified as being for "service expansion" and what many thought was "dark fiber" pulled through for later expansion was, in fact only awaiting the normal technicial instalation staff "to move off site" so the real job of setting it up could be carried out by just a couple of "secret squirrels". The fun side of the "secret squirrels" that were cleared for MI5 and GCHQ work was that they actually hid behind another group of technicians that people thought were the secret sqirrles. These were technical staff cleared for working on "secret / secure" military bases and "Regonal Command Centers" put in place for a devolved Government should the "Ash City" predictions become true. Sadly the real secret squirrels who worked with people like MI5's Tony Sale --who also rescued Bletchly Park-- are mostly nolonger with most having reached retirment age in the late 1980's.

Clive RobinsonMay 20, 2020 7:52 PM

@ Bruce,

This was just after Greenwald's partner was detained in the UK trying to ferry some documents from Laura Poitras in Berlin back to Greenwald.

I've always had my suspicions about the Heathrow Incident, was it "a minor failure" or "a sting" designed to make the UK security forces look some what inept / bumbling or even stupid (which they were).

Laura Poitras was well aware from her own experiences what fate was going to be awaiting David Miranda, when his feet touched "London air side". Thus it appears very strange that she would not have taken certain precautions, such as a "dry run" etc.

Especially when you consider how paranoid the Guardian --for whom Glenn Greenwald was working initialy-- were about how other journalists got access to the files.

There is still a lot yet to be told about Glenn Greenwald and his behaviour, not that I expect anyone to actually dig in and publish it any time soon, if ever.

JonKnowsNothingMay 20, 2020 8:23 PM

re: early Snowden

iirc from MSM Guardian and later some books, there was a huge hurdle to even get some of the group to do any security at all.

There was one set of You Can't Believe Its where GG wouldn't even give the time of day to this presented and vouched-for source (thinking it was a plant) and it took months for him to perform the basic computer setups requested with constant coaching on which buttons to push.

After reading all that and the fallout later, I gave up on any idea of trying to do something "secure" even if it was just as a matter of principle. It was clear that someone like myself, a JonKnowsNothing person, didn't stand a chance. The years since, hasn't improved my chances at all.

I remember the Guardian having to drill out their server down to the circuit board level and grinding out all the chips. I thought it was a bit "over blown" that the UK would demand this and that it was done more for spite and cost nuisance to replace the server at that time. Now we all know a lot better.

When DM got yanked at the airport there were just a few stories how the global security services could yank people getting on/off planes. Mostly touted as drug-mule hunting. Now we know they weren't hunting for that either. Today their system is more sophisticated to ensure that when they yank you, you don't get a refund on your trip to Disneyland or a return fare.

JonKnowsNothingMay 20, 2020 8:29 PM

@Clive
re:

Laura Poitras was well aware from her own experiences what fate was going to be awaiting David Miranda, when his feet touched "London air side". Thus it appears very strange that she would not have taken certain precautions, such as a "dry run" etc.

iirc At the time, DM was not supposed to land in London. It was claimed by the Guardian that "someone on staff" who booked the flights selected the cheaper flight with 2 hops instead of 1 non-stop.

It was also said, that they had flown that 2 hop route before without issues.

ymmv I don't think there were frequent flyer miles involved.

SteveMay 20, 2020 9:13 PM

@Bruce

As soon as I saw their house I realized exactly what Ledgett said. I remember standing outside the house, looking into the dense forest for TEMPEST receivers. I didn't see any, which only told me they were well hidden.

Somehow, I'm reminded of this poem:

Yesterday, upon the stair,
I met a man who wasn't there
He wasn't there again today
I wish, I wish he'd go away...
When I came home last night at three
The man was waiting there for me
But when I looked around the hall
I couldn't see him there at all!
Go away, go away, don't you come back any more!
Go away, go away, and please don't slam the door... (slam!)
Last night I saw upon the stair
A little man who wasn't there
He wasn't there again today
Oh, how I wish he'd go away...
-- Antigonish [I met a man who wasn't there]
Hughes Mearns

SteveMay 20, 2020 9:41 PM

@Bruce

This was just after Greenwald's partner was detained in the UK trying to ferry some documents from Laura Poitras in Berlin back to Greenwald. It was an opsec disaster;
It was hardly a "disaster. Greenwald got exactly what he wanted, which was some nice free publicity at his husband's expense.

RachelMay 20, 2020 11:21 PM

Clive

Can you comment more about the 'yet to be told' aspects of Greenwalds behaviour?
The general image held by all including his enemies, is of an altogether upright, ethical and brave individual

For those unaware,the aeroport incident is explained, along with every other step of the story, in GG's definitive account 'No Place To Hide'. It's also the go-to source for countering a lot of the unfounded claims made about Snowden

Steve

So you feel GG was acting from purely opportunistic and exploitative intent?
I see Clives comment about the possible 'sting' aspect, it does sound incredibly risky in view of everything they'd been experiencing. I can't see GG or Poitras willing to abuse the risks their source had taken

JonKnowsNothing

Thankyou. Yes I recall GG was unwilling or unable to do the OpSec required of him and the joke was, later reporting back to that source quite some time later, proudly indicating he had learnt the required tools. To discover said source was in fact already hanging out with him in the same hotel
I suppose it not only educated GG but spawned a new generation of journalists
more careful about handling sensitive material and practicing OpSec/InfoSec

Mr Schneier
Kind of you to respond,and so promptly, thankyou. I just don't get that Snowden didn't demonstrate to GG ways of handling the material carefully. It would have been foremost in his mind.
In Citizen Four the film we see Snowden hiding under a blanket to type in his password. And et cetera.

The casual comment made by the NSA media leaks guy virtually condones that sort of illegal behaviour? Just because all the spooks all want to steal all the things, and it can be expected they will, doesn't make it justifiable

SocraticGadflyMay 21, 2020 12:03 AM

@Clive: Besides unanswered questions about Snowden himself, why GG hasn't published most of what Snowden gave him, and why he then put it in a 'lockbox" are thinks that have my bamfuzzed or something. What's Snowden's take on this? For that matter, what's Gellman's take? I wouldn't trust GG much further than I could throw him. And Poitras, for that matter.

SpaceLifeFormMay 21, 2020 12:03 AM

@JonKnowsNothing

'I remember the Guardian having to drill out their server down to the circuit board level and grinding out all the chips. I thought it was a bit "over blown" that the UK would demand this and that it was done more for spite and cost nuisance to replace the server at that time.'

Except, they (GCHQ) knew that copies existed. At first, I concluded it was theatre mostly. But, then I looked at it from another angle.

"You've had your fun. Now we want the stuff back," one of them said.

No, they did not 'want it back'.

And, I do not believe they really wanted the data.

GCHQ knew what was there (mostly documentation).

But, probably of more concern to GCHQ and NSA was that buried in the data, there existed evidence (smoking gun), of an *active* APT op. Possibly the gun.

hxxps://www.theguardian.com/world/2013/aug/20/nsa-snowden-files-drives-destroyed-london

SteveMay 21, 2020 8:00 AM

@Rachel

So you feel GG was acting from purely opportunistic and exploitative intent?
I see Clives comment about the possible 'sting' aspect, it does sound incredibly risky in view of everything they'd been experiencing. I can't see GG or Poitras willing to abuse the risks their source had taken
The "theatrical" aspects of the whole brouhaha seemed to me rather obvious at the time.

JonKnowsNothingMay 21, 2020 8:41 AM

@SpaceLifeForm @SocraticGadfly @Clive

re: Copies and Publishing

iirc(badly) from MSM reports and the books that followed:

There were quite a few copies in the hands of journalists and possibly journalists-government-contacts. There was a great amount of newspaper-envy and a lot of folks pretending to be journalists.

In the UK there is something called a Letter D(?) which is a high level All Stop letter. Clive might be able to shed more light on what that is but I think it is similar to the USA National Security Letter. A NSL is a big deal government hammer and from some few that have been released into the public domain with a great deal of black all over it, they contain some serious admonitions and conditions like: You Cannot Talk About This Even To Your Lawyer (see Lavabit). The Guardian may have received one at some point when their reporting began to taper off. The Editor at the time Alan Rusbridger did a pretty good stand against the UK government during one of their kangaroo sessions.

In the USA there was the new Guardian Outlet (which is how I found The Guardian to begin with as I'd never heard of them before being a non-Brit) which was pretty shaky in the initial setup trying to work in the USA under the glare of Congress. There were also the major national papers all wanting a piece of the action and there was a lot of blow back and forth about their access to or non-access to the Snowden files. Some of these papers have a documented pipeline right to the CIA, FBI, and all letters of the alphabet. They have historically been loud-mouth pieces supporting USA Government policies regardless merit. There was also some concerns about them getting a NSL in the USA and being forced into a compromising situation.

Other countries got portions that related to their governments. Brazil, Denmark, Germany and a bunch of others. All of it very embarrassing for their governments. To be found out that in spite of their local laws, they were all piggybacking on the NSA data streams. Israel got special call outs too, they got everything before the 5EY and that caused some angst. So parts of the archives did go else-where.

After much criticism the new outlet The Intercept did produce some tech pieces iirc Micah Lee did the analysis.

It was said, after sometime had passed, that the majority parts of the unpublished archive were not of interest "journalistically" which means "you could go to jail" for printing or writing about it (see Julian Assange). What was left was "too technical" or "no longer relevant" as decided by the holders of the archives. Publishing un-redacted information is highly dangerous thing to do if you want to keep breathing and Wikileaks has taken a lot of flak for their no-redaction (or not too much redaction) policies (see Julian again).

Some holders have stated they no longer will maintain the Snowden files, iirc The Intercept said they won't keep them anymore. This may be to avoid a NSL or other legal hassles like FISA Court Orders.

How many archives are out and about globally I don't know but GG is not the only holder, just one of many.


ht tps://en.wikipedia.org/wiki/National_security_letter

ht tps://en.wikipedia.org/wiki/Alan_Rusbridger

ht tps://en.wikipedia.org/wiki/The_Intercept
ht tps://theintercept.com/staff/micah-lee/

ht tps://en.wikipedia.org/wiki/Lavabit
(url fractured to prevent autorun)

myliitMay 21, 2020 11:10 AM

@Bruce, Clive Robinson, JonKnowsNothing, Rachel, SoS [1] popcorn eaters, etc., or misc.

re: scheduling multiple countries’ intelligence services, or not, in Brazil

Bruce wrote: “... I guessed that black-bag teams from various countries had already been all over the house when they were out for dinner, and wondered what would have happened if teams from different countries bumped into each other. ...”

Rachel wrote: “... I had a good laugh at the thought of various caricatures of nationalities bumping into each other in the dark Peter Sellers style. ...”

I would guess that front channels or back channels among intelligence services of different countries may have prevented some of that. [2] In addition, higher ups might not want their staff or contractors fraternizing too much with other intelligence services, or worse.

Nationalism seems so petty, and dangerous, at times. Look at our president and Xi blaming each other for Covid-19.

[1] Schneier on Security

[2] Presumably back channels help prevent wars, prevent friendly fire deaths, etc., and may result in lower costs (shared bugs, perhaps, when feasible). For example, I hope that the U.S and China, Iran and Israel, Pakistan and India, etc., have robust back channels to help prevent hot wars and the like.


Clive RobinsonMay 21, 2020 1:23 PM

@ JonKnowsNothing, SpaceLifeForm, SocraticGadfly,

In the UK there is something called a Letter D(?)

It's actually used to be called a "D-Notice" the original D-Notice system was introduced in 1912 the D standing for "Defence". The system has been changed a few times over the years, mostly more recently with the growth of the Internet weakening the "Press Barrons" etc.

Many however assume incorrectly that the D was the first letter of DORA which is short for "Defence of the Realm Act" introduced right at the begining of WWI in 1914. Which is what many people get told "officialy" but incorrectly (I guess because it hides the voluntary aspect).

In theory the D-Notice was issued by a "committee" but the reality is the committee followed what ever the Cabinet Office "suggested".

A D-Notice used to be issued to the senior editors of newspapers. It wasactually "advisory" and thus had no it was followed "voluntarily"... However not following it could cause the newspaper to not get contacts with government officials etc thus, "Whilst there was no stick, the carrot could be whipped away".

Whilst they can still be used politicians these days have zero respect for journalists, editors or media organisations, thus they prefere something with teeth, to ensure compliance.

This can be seen from what went on in 2013 and not a million miles from the subject of this thread.

In June 2013, a DA-Notice was issued asking the media to refrain from running stories on the US PRISM surveillance programme, and on British involvement therein. Supprise supprise it got ignored and various politicos and civil servants who should have known better got "their panties in a wad" part of which was the shanefull behaviour at Heathrow and in the Guardian basement.

Thus the UK Prime Minister David Cameron made things worse. In october 2013 he made a compleate tit of himself and was laughed at because he made a veiled threat to newspapers over NSA and GCHQ leaks, stating in Parliament that the government might use D-Notices, injunctions or other what he intermated were tougher measures, all to restrain publication of leaked classified information if newspapers did not voluntarily stop publishing them.

Guess how far that got him...

As was pointed out even by other politicians GCHQ had been upto highly questionable if not what they considered illegal activities and they wanted answers. Especially when it became clear that all MP's their advisors etc were routinely spied upon by GCHQ, and as the Whestminster IT system used Office 365 out of Eire (Southern Ireland) that ment just about every keystroke crossed an international border... Opps, and was thus fair game. Thus the head of GCHQ infront of a house of commons committee made it bluntly clear that the "Harold Wilson" edict was not in any way law thus had no bearing on GCHQ's activities towards UK poloticians etc (Obama did something similar with US political calls to Israel, which shocked quite a few US politicians who had effectively got into bed with the worst of the worst of Israeli leaders and amongst other things doing what they later accused others of doing with Russia).

I guess few interested in the Ed Snowden Trove or story, ever realy think what effect it had on the broader Five Eyes group. The one thing the politicians and civil servants have taken great care not to talk about, is that the Five Eyes as a group have set themselves up above all their respective nations elected representatives, and are thus beyond the reach of not just the politicians but those who vote for the politicians, the hard working tax paying citizens of those nations.

Which brings us to two D-Notices issued in March 2018 over the Sergei Skripal Affair because of the Trump Dossier... Yup it was known to quite a few but there was not much people were alowed to say, and because it involved a lot of political embarrassment both in the UK for "seniors" in Cambridge Analytica, and in the GOP because one of the three families trying to get control of the GOP had set up and funded Cambridge Analytica including the money they had funneled through Russia...

For those that don't know the connection, Sergei Skripal was recruited by MI6 Officer Pablo Miller, who was under diplomatic cover in the UK embassy to Estonia in Tallinn. Another heavilt involved MI6 officer under diplomatic cover at the time in Moscow was somebody called Christopher Steele. Miller remained Skripal's handler / case officer after Skripal was jailed and then released by Russia in a spy swap.

Of more interest Both Skripal and Miller lived in Salisbury for reasons most can guess. But by then Miller had set up with Steele "Orbis Business Intelligence" which was first payed by the Republicans and then the Democrats for the highly controversial "Trump–Russia" dossier. As some may remember the dossier comprised 17 memos written in 2016 alleging misconduct and conspiracy between Donald Trump's presidential campaign and the Putin administration. The problem was the intel gathering was not done in.a reliable way, people were payed in effect to say things to intermediaries in Russia that then reported back to Christopher Steel, who took little or no action to verify what he was being told... This was made worse because in intel terms "Steel went of the reservation" and became emotionaly involved and exhibiting cognative bias... So much so he in effect broke several unwritten rules that made him not just visable but lit up more than the Xmas tree in Trafalgar Square. As it turns out his dossier became a joke and was waved around by cranks and conspiracy theorists, and appart from being a "five minute wonder" achived very little against it's intended target, but created a whole bunch of difficulties for the UK Gov who sudenly found themselves wanting the whole mess to just get out of the press. Which in turn caused claims of a UK cover up, especially when certain right wing european entities started getting involved and producing amongst other things highly suspect photographs...

As the old saying has it "you could not make it up if you tried" but some sure did try and try very hard indeed.

SocraticGadflyMay 21, 2020 2:35 PM

@JonKnowsNothing @Clive

If nothing else, isn't it incumbent on GG to at least drop hints of why he won't publish more? Isn't it incumbent on him not to "lockbox" the unpublished items?

Isn't it incumbent upon Snowden to comment?

Isn't it incumbent on two fellow libertarians to be honest about how the privatization of US intelligence has itself been a problem?

JonKnowsNothingMay 21, 2020 3:30 PM

@SocraticGadfly @All

re:    "isn't it incumbent on ..."

In short, The Answer is: NO.

However, it MAYBE incumbent on YOU.

What YOU decide to do about it, what actions, what considerations, what monetary decisions YOU decide is 100% up to YOU. You might do NOTHING, or SOMETHING, or THINK or continue in SHEEPLE mode.

Enlightenment is there for you.

note: the above is IMNSHO, ymmv
 IMNSHO - In My Not So Humble Opinion
 YMMV - Your Mileage May Vary
 Enlightenment - the "full comprehension of a situation".

Clive RobinsonMay 21, 2020 4:02 PM

@ SocraticGadfly, JonKnowsNothing,

Isn't it incumbent on two fellow libertarians to be honest about how the privatization of US intelligence has itself been a problem?

In a free, fair, open and honest system yes.

But I would argue ot is nolonger a free, fair, open and honest system.

The current and previous incumbrants of the Whitehouse are wirhout doubt control freeks of the worst possible form. That is rather than persuade the spy and persecute journalists for doing their job.

Glen Greenwald has recently been subject to significant persecution in the country he lives in and would have bo real idea where the impetus for that persecution originated.

After all the US effectively "bought of Ecuador" with an eye watering amount of US taxpayer money ostensibly to get revenge on a single individual Julian Assange. The fact that the UK government is not just playing along but actively involved up to it's nostrils and beyond is caution enough for most people.

The fact that the US still wants to do the same to Ed Snowden or any other person closely related to Ed Snowden journalistically would be sufficient cause for Glen Greenwald to consider that the US were in part behind what has happened to him in Brazil.

There is of course the old saying about "power corupting" and what absolute power can do. Some have reason to think that there might not be an election in November for exactly that reason...

These are uncertain times, history tells us that after a major epidemic or pandemic "social change happens" lokewise with major conflict. Whilst this is often good for the average citizen, that is not always the case. In more recent times the way the world functions has changed the human world has been stripped of resiliance by a tiny number of people who amongst other things see profit in chaos and disaster. Often they conspire to bring uncertainty to the point of chaos simply to create more profit. Such people are not just self entitled they realy do believe they are entitled above all others. Thus healthcare systems have been stripped back below capacity for normal times, simply to exploit supply and demand. The result is that we have no resilience in the face of any kind of minute strain. Some politicians have proved themselves not just incompetent but actually incapable of behaving rationaly based on clear and overwhelming evidence (such as finally addmiting after two months that anosmia is a significant symptom in women and the young).

The politicians excuse is of course that "Science is to blaim" or something similar as they try to rewrite history more favourably to themselves, which is always a very bad sign in any kind of leader.

Thus in these times caution is something to be followed assiduously and not thrown to the winds of fate, thus in all honesty I can not blaim people for trying not to become martyrs to some narcissists delusions and psychopathic tendencies.

SocraticGadflyMay 21, 2020 4:21 PM

@Clive @Jon The "incumbent" was rhetorical, if nothing else.

The neoliberal privatization of the national security state, in reality, is surely right up the alley of GG and Snowden.

As a socialist who thinks the US needs the old pre-1971 Post OFFICE and an NHS, not "just" single-payer, I in reality expect the two of them to be fine with the continued hollowing out of American government. Nor do I expect GG to ever let go of his "lockbox" or Snowden to protest over that.

I don't think it's just government persecution. I think that we'd see a lot of the additional problems of the "national security privatization state" if this other stuff were published.

In other words, it's not the government worried as much as Fluor and the many other contractors.

JonKnowsNothingMay 21, 2020 6:42 PM

@SocraticGadfly @Clive @All

I do think it is an important question. The answers as noted by Clive and yourself show that it is not so simple and yet it has a simple format.

Daily, I watch my already poor chances of surviving COVID19 diminish even more. The actions of not just the USA but UK, Sweden, Brazil, and a host of countries affect my individual outcome. The status of my personal state of breathing doesn't bother "them" one bit.

Except... who is The THEM? or who are The THEY?

It isn't up to GG or ES to do any more than they have done. We know and we knew but we closed our eyes for the price of a Latte. We continue to close our eyes and buy the schlock from Apple and Google and Amazon and The Wal-Marts because it suits us.

I know nothing and yet, I know much. What I can do is limited but yet, what I can do is a lot. I do what I can to make things change.

Does anyone listen or care? Not really.

I am the falling tree in the forest.

What is important is that I was here and I did what I could.

Clive RobinsonMay 21, 2020 10:20 PM

@SocraticGadfly,

As a socialist who thinks the US needs the old pre-1971 Post OFFICE and an NHS, not "just" single-payer,

Wanting both of those and other similar things most definitely does not make you a "socialist" just a "realist" or "pragmatist". Also the US interpretation of "socialist" is not just wrong it's prejudiced, just as certain words we nolonger use were during the 1960's and into this century.

As I've mentioned before you have to judge where the balance should be between "Individual-v-Societal rights and responsabilities lie".

The expression "No man is an island" implies that we can not act in a purely individual state, that is we have to exist collectively in a society. This makes sense when you realise that just as "no man is an island" also "no man is a master of all trades". That is makinds "high estate" is very much dependent on individuals becoming masters of trades, then trading their skills with others to the benifit of all.

The neo-liberal view point whilst portrayed as something "good" is actually parasitic in nature. That is it demands society fills the neo-liberal pocket but that the neo-liberal pocket should not in any way pay anything back to society. Thus it's the same outlook on life that the worst of criminals have to take and abuse quite literally to "Rape, Pillage and Plunder" with no remorse, as if they are doing it by "Divine Right" they are the very antithesis of democratic principles.

Some neo-liberals will argue that the US is a "Republic" not a "Democracy", but that is by changing the fundemental meaning of what a "Republic" is.

As the second president of the United States John Adams pointed out,

    "[The] science of politics is the science of social happiness"

And a republic is the form of government arrived at when the science of politics is appropriately applied to the creation of a rationally designed government (see John Adams Defense of the Constitution[1]).

Unfortunately since then many have perverted the meaning to their own ends and I doubt John Adams would recognise the mess of misalined dogma and mantra that many try to squeeze under the title to in effect wrap themselves in the flag. As I pointed out a number of years ago on this blog Donald Trump is not a Republican in any way shape or form and was just self interested, for some reason that observation surprised people back then...

If you think about it logically society is strongest when things work best for society under the simple principle "A rising tide rises all well found boats". This however has implications for individuals who wish to "Rape, Pillage and Plunder", they need society not just to be weak but unstable because that presents them with most opportunity to suck the life blood out of society. There is a reason why the Rolling stone article gave us the now famous expression of "vampire squid" during the financial crisis, and that is the actions against society and it's well being that would otherwise be considered illegal, if the financial industry lobbyists had not "bought off" the representatives of the people who are responsible for legislation.

Thus your wish for a better postal and health service is fully inline with the original thinking of John Adams and others of what the Republic of the United States of America should be like. Not the perversion it has become.

[1] Can be found in "John Adams, The Works of John Adams, vol. 10 (Letters 1811-1825)" published in 1854.

JonKnowsNothingMay 22, 2020 1:12 AM

@Clive @SocraticGadfly

re:

I doubt John Adams would recognize the mess

Anecdote from the dark ages of University:

On First Day a professor read extracts from two books. Both had their bindings covered. The professor challenged the class as to which two books the passages came from Book A or Book B. And which selection best described The American Way.

The class overwhelming voted that their preferred selection was from Book A. They completely rejected the other selection assigning it to Book B.

When the professor revealed the correct books for each passage, there was an enormous uproar in the class. The students vehemently rejected the correct attributions.

Later they demanded political enquiries about the professor.

The rejected passages came from Book B: The Wealth of Nations. Every aspect of those passages was rejected as Anti-American until the students learned the title of the other book.

I knew which books each passage came from but kept silent. It wasn't safe to indicate such knowledge, then or now.

Clive RobinsonMay 22, 2020 7:56 AM

@ JonKnowsNothing,

It wasn't safe to indicate such knowledge, then or now.

As our host @Bruce has noted in the past ICT in it's application by power bases is taking us back to a feudal society.

This is essentialy one where information thus knowledge and education is reserved for those with power and thus status. History shows us that such times are very bad for humanity, society stalls then goes backwards into "dark ages" where rationality is replaced by superstition and worse.

George Orwell also noticed this control and restriction on information as a way not just to make society extreamly hierarchical but strongly segregated into not just a class system but a cast system. That is you would be assignrd to a cast and neither you nor your decedents would be alowed to leave the cast they were placed in.

In Europe such cast systems whilst concentrating power in the hands of a few also reduced breeding prospects via the notion of "blood purity". Thus a "closed stud" breeding book was formed. And as we now know this causes all sorts of nasty effects. To the point that something like six out of ten members of the upper classes had "inbred genetic disorders" and some where it was ten out of ten as with the Habsburg jaw (mandibular prognathism). Which had unfortunate but predictable consequences as pedigree livestock and dog breeders are only to aware of. The Habsburg jaw was a visable sign of incestuous marriage to maintain power thus the Spanish Crown. They died out when the last male heir was not just mad, riddled with genetic disorders, weak and suffering from malnutrition but also infertile.

The thing is that this is seen in nearly all cast systems as you aproach the top of the hierarchy. Nature has shown that "hybrid vigour" is what is sustainable as it increases resilience.

However when knowledge is held in so few and decreasing numbers of hands "the madness of power" acts in a way that makes being anything other than stupid as a flag to be marked out for death (see Pol Pot's killing fields). That is those in power see any kind of inteligence as being a threat to them so they remove the percieved threats.

We see something similar with silicon valley corps like Uber, some call them "disruptive technologies" but in reality they have seen a way to prey on an existing stable culture. As they gain power they fear those "Who will do unto them, what they have done unto others" with the result they bribe legislators to introduce legislation to stop that happening. Thus theu try to "pull up the draw bridge" behind them.

Unfortunatly they suffer the fate of the inbred, they become less and less resilient and incapable, if not the equivelent of mad. Thus they fail...

A clasic example of this is "business consultants" each new scheme they come up with is not thought out for it's long term results only the short term profit of the "business consultants". The result is that many who follow such advice become less resiliant and thus increasingly likely to fail. But worse once the leaders of such business do adopt the schemes they start on a downward spiral, because the profit benifit to a business of adopting such schemes is fleeting at best whilst the injury is long lasting. The result is such businesses start on a downward spiral and cessation of existence.

The thing about this current pandemic is it is showing up the failings not just of neo-liberalism, but worse the utter dependence some politicians have become on it... Nation states should not fail, but they do, and the failure falls on the citizens for unknown numbers of generations. We can see this in the UK and US where the "political cast" has clearly started to show it's Habsburg Jaw, and the idiocy and madness that accompanies it.

As you note now is not a good time for those who are young to shout out that "The Emperor has no clothes". But as for the old, it's easier for some to be brave, as they realise immortality happens only in the minds of those that remember us, and with luck our descendants. Thus passing on knowledge is a way to achieve some measure of immortality, whilst hopefully not becoming a martyr due to the imbicility of the inbred, be they "Any person legal or natural".

JonKnowsNothingMay 22, 2020 9:41 AM

@Clive @All

re:

This is essentially one where information thus knowledge and education is reserved for those with power and thus status

In the USA we have a inverse relationship with knowledge: we want it but we reject it at the same time. It's contained in our national mythos of the "bootstrap cowboy standing alone against the world". Anything that challenges the "pull yourself up by the bootstraps" gets a quick swat down.

Anecdote:

Some years ago I went kayaking with a friend. We parked at the top of a pretty steep path and we had a dolly-cradle for the boat and rolled it down hill to the water. We had a nice time on the lake. After our nice and tiring paddle we had to push the boat up the incline.

It was not fun and it took a long while and I was on the point of exhaustion trying to push the thing which now seemed to weigh ten times more up the darn hill.

I asked my friend if we couldn't use some sort of technology to help us get the boat up the incline?

The answer was NO! We don't need anything new or fancy, just push...

I replied, well I wasn't thinking of anything "new or fancy" just something about 2,000 years old like a rope pulley system - you know the kind that Archimedes used....


There is another aspect of the current situation or epoch where some information is not only gated but outright prohibited. These are materials have booby-trap trackers in the electronic versions and the webpages were you might go to download it are also booby-trapped. Ordering such materials in hard copy will also set off the booby traps. This is a slightly different version than censoring pages or excising chapters because the material is "available" but at a personal cost: your freedom.

These sorts of trap-triggers are used by LEOs everywhere and are set out as "honey pots" for the curious. There are many reasons given why such materials are left "in the open" even if they are dangerous generically.

Per ES and MSM reports all TOR downloads, their web hosting sites and data packets are not only compromised but trip such triggers.

Curiosity might lead one to want to "check out" a topic or read an essay but if you trip the trigger, your life changes: no more flying, no more passports, no more travel, constant surveillance and special visitations. There is no exit from the No Fly List.

Reading Galileo or Copernicus had similar dangers.


ht tps://en.wikipedia.org/wiki/Pulley
ht tps://en.wikipedia.org/wiki/Archimedes
ht tps://en.wikipedia.org/wiki/Galileo_Galilei
ht tps://en.wikipedia.org/wiki/Nicolaus_Copernicus
(url fractured to prevent autorun)

myliitMay 23, 2020 9:37 AM

"... [Barton Gellman's book is] an interesting read, mostly about the government surveillance of him and other journalists. ..."

Obviously any potential leaker/whistleblower should dial their fear/paranoia appropriately when approaching
the media. For example, see Reality Winner.

Perhaps cultivating investigative journalists, like Snowden did, makes sense. Anybody know best practices for whistleblowers/leakers today? Regardless, here are some things to consider:

https://theintercept.com/source/#securedrop
"The Intercept Welcomes Whistleblowers"

From a cursory search, w/o javascript on, its not clear how an anonymous whistleblower or leaker might try to throw something over-the-transom to the: Wall Street Journal, New York Times, Washington Post, or Guardian. I assume that throwing something over-the-transom, could be fraught with risk for the newspapers, too, now (attempted stings).

Regardless, between now and November, in the united states of amnesia, we may need facts and people with courage more than ever.

JonKnowsNothingMay 23, 2020 11:41 AM

@myliit

re:

Anybody know best practices for whistleblowers/leakers today? ... its not clear how an anonymous whistleblower or leaker might try to throw something over-the-transom

Be aware that asking for how-to information is currently one of the USA Government Prosecution positions that Wikileaks was engaging in espionage because there was some documented text(?) exchanges where the accused was trying to upload information and had difficulty following the directions and asked for assistance. 1

There is no method where you cannot be tracked or traced. And dead drops won't work either.

The selective aspect of prosecutions depends on whether the information is being provided by the government to a journalist for publication (ex: as propaganda) or the information comes from a "whistleblower" that exposes some unknown, hidden or undocumented embarrassment. The first does not get prosecuted.

1. Marcy Wheeler is following/tracking at least one case. The case is convoluted and complex in both presentation and law.

ht tps://en.wikipedia.org/wiki/Dead_drop

A dead drop or dead letter box is a method of espionage tradecraft used to pass items or information between two individuals (e.g., a case officer and an agent, or two agents) using a secret location. By avoiding direct meetings, they could maintain operational security. The method stands in contrast to the live drop, so-called because two persons meet to exchange items or information.

(url fractured to prevent autorun)

myliitMay 23, 2020 12:39 PM

@JonKnowsNothing

"Be aware that asking for how-to information is currently one of the USA Government Prosecution positions that Wikileaks was engaging in ..."

Thanks for the warning or heads-up. iirc, that prosecution may involve something like Assange allegedly helped Manning's effort to crack a USG DoD password(s).

A takeaway may be that individuals and journalists need to be careful in what help they do, or do not, provide. Of course, there is always the book "Three Felonies A Day: ..."...

myliitMay 23, 2020 12:58 PM

Oops, the: Guardian, New York Times, Washington Post, in addition to: Barton Gellman, numerous newspapers, tv stations, etc., from around the world, NGOs, non-profits, etc., appear to try to accept "anonymous" drops:

https://securedrop.org

"Securedrop
Share and accept documents securely.

SecureDrop is an open source whistleblower submission system that media organizations and NGOs can install to securely accept documents from anonymous sources. It was originally created by the late Aaron Swartz and is now managed by Freedom of the Press Foundation. SecureDrop is available in 20 languages."

List of Secure Drops

https://securedrop.org/directory/ four pages

Bruce SchneierMay 24, 2020 7:56 PM

@Steve:

"It was hardly a "disaster. Greenwald got exactly what he wanted, which was some nice free publicity at his husband's expense."

No.

Given the timeline. Given all the publicity the leaks had a the time. Given what Greenwald's -- and the Guardian's -- plans were at the time, that makes no sense.

It was an OPSEC error.

WaelMay 24, 2020 11:07 PM

@Bruce,

I'm kind of surprised no one sent me an advance copy.

Easy! They saw you walking with your iPhone (playing Pokémon) and thought you were dropping TEMPEST receivers all over the globe and obtained an unauthorized advance copy! ←That, or they anticipated you could guess about three nines[1] of the content anyway.

You should've surprised them and sent them the review, chief! [2]

No one? Isn't it just Bart Gellman?

I knew about TEMPEST attacks in the 1980s

I knew about it in the seventies and I built one for a project circa 1983. Quite rudimentary by today's standard.

[1] Longer to write; shorter to pronounce (99.9%)
[2] They were told not to send it, or they sent it to you and it got intercepted and blocked.

Clive RobinsonMay 25, 2020 8:25 AM

@ Wael, Bruce,

I knew about [TEMPEST] in the seventies

Yup 1973-5 if my memory serves me correctly, It kind of went "public" big style in the UK when the BBC had a program, showing the image of a VDU being picked up near on a hundred yards away, and talked about how it was done.

However a friend of my fathers from the war (Ken Gravit) used to work for the "General Post Office" (GPO, later BT) who had those "comma vans" that used to pick up either local oscilator radiation or the ~30Mhz IF from peoples televisions. Either would give away what TV station the set was tuned into. Thus if you were not on the list of "licence payers" a knock on the door would follow.

This was not exactly a secret any one with technical involvment with SOE or the Secret Service (MI6) knew that the German army radio service used to Direction Find (DF, also in the Navy "Huf Duf") the local oscilator in what we now call "spy sets".

They had a major design flaw which was understandable, they used a Crystal Oscilator or Variable frequency Oscilator for both transmit and receive as the reciever was what we would call "Direct Conversion" (DC) or "Zero IF". To save the number of thermionic valves/tubes the oscilator was insufficiently isolated from the antenna, thus it got radiated for quite some distance.

The same thing happened in early transistorised "Walki-Talkis" used in the early "Citizans Band" (CB) frequency ranges.

The Australian Amature Radio operater VK3YE has a Utube video showing one such early transistor CB Walki-Talki oscilator being picked up more than 50yards away.

Those "spy sets" used lower HF frequencies[1] for longer ranges and because they used valves with a high anode voltage the leaked oscilator signal would have been easily receivable on the "ground wave" 10-30miles away.

But as far as I'm aware via my Maternal Grandfather who's brother was a "Radio Experimenter" pre World War One, The earliest use of TEMPEST techniques in war was listening in on German Field telephones from amongst other things secretly dug tunnels. The equipment was extreamly fragile and very unreliable, thus the operator had to be very experienced and capable of building the equipment from scratch each time it was used somewhere new.

I was told about it when I was not even a teenager back in the 1960's when it was clear I had not just a mechanical aptitude with mechanics and picking locks, but also very basic electronics. My grand uncle uesd to call me "Sparks" much to my mothers anoyance, as she thought it only encoraged me. However my dad who had become a highly qualified accountant, was kind of a square peg in a round hole, as he had a yearning towards mechanics and electronics, he kind of encoraged me. Sadly he did not live long enough to see me qualified and becoming fairly successful as a design engineer in what were at the time "leading edge techniques".

So I was long aware of "TEMPEST" techniques long long before I found out what it's "code name" was. And when "officialy told" what a let down. The "instructors" were very suprised about just how much I knew, especially about "the plasma in fluorescent lights acting as resonant abtennas and the implications of that. Which was a lot more than most of the instructors understood. Likewise as being cursed with a curious mind, I'd already found my own way well past passive TEMPEST attacks, into "active EmSec attacks" (which were apparently "oh so very very secret"...). All of which was a bit of a joke as far as I was concerned, because there were other way more interesting tricks (like making "Data Diodes" transparent in the reverse direction in various ways).

As I point out from time to time,

    If the laws of physics alow, then someone will try and eventually succeed.

For nearly anyone who wants to know the basics of "TEMPEST" these days there are several undergraduate and above books on electronic design, along with which there are a number on "Electromagnetic Compatability" (EMC). But if you want to see one aspect of "active EmSec" in action those "cats eyes" you see along roads lit up at night, or those nightclub photographs with "red eye" will give you a significant indicator. From realising about what the internal reflection tells you about the "reflector" and applying a little transmission line theory you realise that those "Pasive TEMPEST receivers" can be not just identified but located... So the "battle of wills" goes on (it's the same principle "The Great Seal Bug" works on, as do a whole bunch of those toys from the catalogue Bruce put up a few years back).

[1] I've an SOE crystal in my collection used by a base transmitter that came my way in the early 1980's. The crystal is a "Standard Radio 4002 Quartz Plate" that you can take apart. Interestingly it has the date of manufacture "Feb 1942" and a serial number "S 163729" but no frequency. The reason was they were after delivery "hand ground" to the required "secret" frequency. Unfortunatly due to age, it's very tempremental but does operate in the lower HF frrquencies which will tell several people what part of the world the operator was probably in...

Clive RobinsonMay 25, 2020 12:15 PM

@ Wael,

Easier to pick the carrier!

With "Direct conversion" the oscilator frequency is the carrier frequency, the only difference was in the radiated power.

The SOE "suitcase" sets put out about 5watts of carrier power that at some frequecies and with a semi-sensible antenna could go all the way around the world back then because of a lack of QRM.

Because of this the operators actually "key downed" the transmitter for as short a time as possible, sometimes less than a minute, which was not enough time to DF them. However due to things like mechanical clocks, tube warm up and tune up, the operator could have the set on for ten minutes or more, which gave LO leakage which was not just DF-able it also gave enough time to get a fairly good DF fix on the transmitter, thus home in on the opperator and send in shock troops to grab/kill.

Never heard the expression!

Whoops small typo on my behalf but see these two links,

https://en.m.wikipedia.org/wiki/TV_detector_van

https://en.m.wikipedia.org/wiki/Commer

WaelMay 25, 2020 12:32 PM

@Clive Robinson,

However due to things like mechanical clocks, tube warm up and tune up, the operator could have the set on for ten minutes or more

Makes sense!

myliitMay 25, 2020 2:43 PM

@Clive Robinson, Wael, Bruce, SoS fans, SoS detractors, popcorn, tired or not tired of it, etc., and so on

From perhaps the first existentialist country song [1], Jimmy Webb wrote [2]:

“ I am a lineman for the county.
And I drive the mainroad.
Lookin' in the sun for another overload.
I hear you singing in the wire.

Chorus 1
I can hear you thru the whine.
And the Wichita Lineman,
is still on the line.
I know I need a small vacation.
But it don't look like rain.
And if it snows that stretch down south,
won't ever stand the strain.
And I need you more than want you

Chorus 2
And I want you for all time.
And the Wichita Lineman,
is still on the line.

(Lead, then Repeat last chorus) ...”

3 takes:

https://www.youtube.com/watch?v=ok45aqTd0cM

https://www.youtube.com/watch?v=4qoymGCDYzU

https://www.youtube.com/watch?v=AxSarBcsKLU


[1] http://bmpaudio.com/the-sounds-of-america-wichita-lineman/ http 15:08 8 April 2020 +1, imo
The Sounds of America: “Wichita Lineman”

[2] https://www.metrolyrics.com/lineman-for-the-county-lyrics-campbell-glen.html

Bruno AraujoMay 29, 2020 10:08 AM

Barton Gellman has written a fascinating book about a story that has not yet been told in its entirety. He tells the tale of the initial contact with Edward Snowden and takes us through the whole process.

James MjombaMay 31, 2020 6:37 PM

Gellman's Dark Mirror is now available as an audiobook, at audible.com Length is about 12 hours.

Drive/Drone-By Microwave IdealogueJune 1, 2020 10:35 PM

@Bruce - I knew about TEMPEST attacks in the 1980s, well before I wrote my first book. I don't remember anything about them in the Snowden documents I read. Almost all of it was bulk SIGINT of Internet and telephony.

A notable one that sticks out IIRC was where the usb port (or anywhere) is intentionally compromised to allow exfiltration powered by a nearby directional microwave causing exitation. I.e. something clearly mitigated by a faraday cage. And perhaps not so scalable, but OTOH it seemed perhaps in the realm of a simple thing they might get away with doing to cripple the hardware security (of perhaps an interesting fraction of dominant mainstream manufacturers) akin to other efforts at subverting the crypto algorithms.

Anybody know where I can get a usnavy-n.e.r.d. style android tablet at comporable COTS pricing (

Drive/Drone-By Microwave IdealogueJune 1, 2020 10:38 PM

comment parsing oops- continuation:

(less than $100?). I was pretty bummed when I got an old android phone disassembled to where I could disconnect antennas, but the mainboard side of the antennas was still able to talk to ~25% of previously visible wifi aps...

myliitJune 6, 2020 8:55 AM

A list of past and upcoming Gellman speaking events about Dark Mirror, Snowden and the American Surveillance State, and links to recordings. You may recognize some of the venues and interviewers. New York Public Library,11 June 2020

https://www.bartongellman.com/dark-mirror/events/

“... A virtual tour has one advantage: tune in and send questions from anywhere

May 18, 2020: Live on MSNBC’s Morning Joe and the 11th Hour with Brian Williams
May 19, 2020: AtlanticLIVE book talk with editor Jeff Goldberg
May 20, 2020: Conversation with David Ignatius at Politics & Prose
May 20, 2020: Interview with Dave Davies on Fresh Air
May 21, 2020: The Skullduggery podcast with Dan Klaidman and Michael Isikoff
May 21, 2020: Background Briefing with Ian Masters
May 22, 2020: Sirius XM’s Press Pool with Julie Mason
May 27, 2020: Video podcast with Nick Gillespie on the Reason Interview
May 27, 2020: Conversation with Carol Leonnig at Town Hall in Seattle
May 30, 2020: Conversation with Chris Chambers at Princeton Reunions
June 1, 2020: The Lawfare Podcast with Jack Goldsmith
June 2, 2020: The Cyberlaw Podcast with Stewart Baker
June 4, 2020: Tech Nation podcast with Moira Gunn
June 5, 2020: [POSTPONED] Ask Me Anything on Reddit
June 10, 2020: Conversation with Anne Kornblut at the Commonwealth Club
June 11, 2020: Conversation with Emily Bell at the New York Public Library
June 17, 2020: Conversation with Del Wilber at National Press Club
June 22, 2020: Conversation with Craig Snyder at the World Affairs Council of Philadelphia
June 23, 2020: Book talk at Dallas World Affairs Council ...”

myliitJune 8, 2020 11:44 AM

@TheUsualSuspects or not

Maybe our host, Schneier and Gellman could hold a talk, a joint ask me anything, etc., perhaps with Snowden participating ...

Perhaps under the auspices of Harvard ...

Perhaps with some good questions submitted in advance, ranked, chosen ...

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.