Some Thoughts on the Snowden Fallout

Email Print

The Guardian just published new revelations on past and ongoing data sniffing by the National Security Agency on foreigners as well as U.S. citizens. For now I do not have time to go into those and will leave it to emptywheel and others to comment on them.

But lets think a bit of what all these revelations mean for the NSA and for Snowden’s future.

Snowden had system administrator access to a whole bunch, if not all, of network and server equipment at the NSA. Sysadmin access means being in total control of the machine. While a typical Unix computer like those the NSA uses, typically logs all access events a sysadmin can hide that he accessed a machine, loaded stuff up and down or started or stopped this or that process.

Unless the NSA is using some unknown super-tool to supervise and log what its sysadmins do (and who would system administrate that tool?) it will have no clear idea what systems Snowden actually accessed or what he did to those machines.

It is the worst case any Chief Information Officer can think about. What did Snowden take? Did he leave some virus? Did he leave some logic time bomb that could wipe out anything it reaches? Where?

The NSA’s damage assessment team will also have lots of questions. What papers or files does Snowden have? What does he know additionally to what is in those files? Who might he have given those files to? Only the Guardian and the Washington Post? What about the Chinese and the Russians? They sure would love to have copies. What about the encrypted “insurance files” Snowden gave to “some people” who will be able to open and publish them should someone capture or kill him?

There are so many questions to ponder. Even if Snowden did not talk with the Chinese and Russian secret services the NSA will have to assume that he did and that they now have access to all the material Snowden acquired including, possibly, secret U.S. communication codes.

In short: For the next years at least the NSA is fucked. It will have to revise all its systems and network components. This as it can no longer trust its system administrators. It will have to go to a “four eyes rule” for sysadmins so any access and change can only be made by two persons working together. This will kill productivity. Sysadmins do not work that way. A four eye rule will also require many new system administrators – by definition a rare commodity – all of whom will have to be highly trained and need high level clearances.

The NSA will have to assume that potential enemies now know exactly what it is doing, how it is doing it and will act on that knowledge. All the now interesting traffic the NSA watches will soon be fully encrypted. As it is now known that the U.S. services copy all internet traffic and have access to all service providers in the U.S. and UK, all interesting foreign stuff that might have been found through such access will now vanish from the NSA’s eyes. Other countries will revise and harden their systems making the NSA’s future work much more difficult.

The NSA’s spying on U.S. citizen may not yet have such consequences. Unless there is a huge case where NSA spying is directly connected to a Watergate like scandal Congress will do nothing to reign the NSA in. But the scandal will come. As a former East German STASI officer says:

“It is the height of naivete to think that once collected this information won’t be used,” he said. “This is the nature of secret government organizations. …”

As for Snowden. He is also fucked. There is no way out for him. The U.S. intelligence community will try to get him now and forever. If only to set an example. Even if he manages to get to Ecuador the country is too small and too weak to be able to protect him. The only good chance he has is to ask the Russians for asylum and for a new personality. They will ask him to spill the beans and to tell them everything he knows. He should agree to such a deal. The NSA already has to assume that the Russians know and have whatever Snowden knows and has. The additional security damage Snowden could create for the U.S. is thereby rather minimal. Snowden can wait and work in the Moscow airport transit area until most of what needs publishing from his cache is published. He can then “vanish” and write the book that needs to be written. How one lone libertarian sysadmin found a conscience, screwed the U.S. intelligence community and regained some internet freedom for the world.

Reprinted with permission from Moon of Alabama.

Email Print