Jul 15, 2014

Is a second Snowden spilling more NSA secrets?

Not only has the NSA targeted people for merely reading about privacy-enhancing software, there's now speculation that there might be a second Snowden.

Stilgherrian — Technology writer and broadcaster


Technology writer and broadcaster

For the last couple of weeks, sections of the cyber security community have been absorbed by questions of greater import that those of the round ball. Is Edward Snowden the only whistleblower, or does the National Security Agency now face a second leaker? If so, what do they know? And what does it mean for the surveillance debate? The speculation began after German television network Das Erste reported on XKeyscore, a system used by the NSA and its Five Eyes intelligence partners -- and approved partner nations, including Germany and Sweden -- to filter the massive inflow of raw communications intercepts to find the nuggets of interest. It's a search engine, in other words -- except that according to previously revealed presentations, it can also operate in real time, with each installation sifting through 10 gigabits per second of data that's being channeled into it from anywhere. XKeyscore runs at multiple locations around the world, including three sites operated by Britain's NSA partner agency, Government Communications Headquarters, under the codename TEMPORA. That presumably includes the highly secret Middle East stations in Oman that, The Register revealed, "tap into various undersea cables passing through the Strait of Hormuz into the Persian/Arabian Gulf" and elsewhere. Until now, most discussion has been about the potential capabilities of XKeyscore. It's obvious why an intelligence agency might want to intercept communications in and out of Iraq or Yemen, say, but how much of that can be read? The Das Erste report now reveals how the NSA is using XKeyscore in practice. The researchers, who include Tor Project members Jacob Appelbaum, Aaron Gibson and Leif Ryge, had access to what is supposedly some of XKeyscore's targeting code. It indicates that the NSA has been looking for people who not only download and use the Tor privacy tool, the Tails secure operating system and the like, but also those who just read about them:
* Two servers in Germany -- in Berlin and Nuremberg -- are under surveillance by the NSA. * Merely searching the web for the privacy-enhancing software tools outlined in the XKeyscore rules causes the NSA to mark and track the IP address of the person doing the search. Not only are German privacy software users tracked, but the source code shows that privacy software users worldwide are tracked by the NSA.
Personally, I'd suspected that the NSA might target individual Tor and Tails users. An argument can be made that it's worth taking a quick look at anyone using these tools to make sure they're not up to something bad, just as the police might stop a young adult with a mountain bike, hoodie and satchel because he's dressed like a drug courier, before filing him under "mostly harmless". An argument can also be made that this is inappropriate, of course. But the targeting of people who simply read about such tools -- perhaps including you, right now -- seems over the top. Watch this space. But the report raises another question. So far, pretty much every news item about NSA leaks has mentioned Edward Snowden -- for search engine optimisation if nothing else. This one doesn't. That's led to speculation that there's a second leaker, a fact apparently confirmed by Boing Boing's Cory Doctorow and supported by high-profile cryptographer Bruce Schneier. According to security analyst James Turner, spokesperson for the Australian Information Security Association (AISA), we shouldn't be surprised. As he told Crikey by email on Monday:
"Who knows how many leaks happened before Snowden actually declared his? We have no idea how much information has already been handed across by other leakers to other intelligence agencies, or even private sector organisations ... And the NSA does not have answers to these questions, either. "It puts the NSA on the back foot as it struggles to identify who else has leaked, when they leaked, and what they leaked... The idea of a second whistleblower starts the speculation of who else is coming forward, and it normalises Snowden's actions. It's the principle that Derek Sivers talks about: what makes a leader is actually their first follower. "The more whistleblowers that come forward the more the public discussion will become ... about the culture of the organisation that did not tolerate oversight, questioning or dissent. We've learnt through history that this kind of behaviour is dangerous. I wouldn't be surprised if within 12 months there is a public inquiry into the culture and leadership at the NSA."
Yet in Australia, there's a rush to give the intelligence agencies more power with less oversight. As I said, watch this space.

Free Trial

You've hit members-only content.

Sign up for a FREE 21-day trial to keep reading and get the best of Crikey straight to your inbox

By starting a free trial, you agree to accept Crikey’s terms and conditions


Leave a comment

4 thoughts on “Is a second Snowden spilling more NSA secrets?

  1. Limited News

    No doubt Appelbaum et al are frustrated beyond belief at Greenwald’s ponderous release of the Snowden leaks, via his elite-funded First Look outfit.

  2. Yclept

    There’s a way to create jobs. A viral campaign to have millions of people searching those terms regularly. What a boon for the security industry!

  3. AR

    It is a mundanioty but those who would yield the freedom for security will get neither but we’ve given far more for far less, EZY shopping & porn.
    Why did anyone ever imagine that bureaucrats, who’ve been around since cuneiform & soft clay – through Kafka’s bicycle licence to the brisk round up of Dutch Jews – would not get their claws into this.
    And without all those uncomfortable, leaky trenchcoats and windy corners,

  4. Ian

    Greenwald’s ponderous release of the leaks are probably a good idea, firstly because it allows time for research into the various revelations and secondly because it keeps the public and media continually engaged.

Share this article with a friend

Just fill out the fields below and we'll send your friend a link to this article along with a message from you.

Your details

Your friend's details