Snowden Spoofed Top Officials' Identity To Mine NSA Secrets

schnell writes "As government investigators continue to try to figure out just how much data whistleblower Edward Snowden had access to, MSNBC is reporting that Snowden used his sysadmin privileges to assume the user profiles of top NSA officials in order to gain access to the most sensitive files. His sysadmin privileges also enabled him to do something other NSA users can't — download classified files from NSAnet onto a thumb drive. 'Every day, they are learning how brilliant [Snowden] was,' said a former U.S. official with knowledge of the case. 'This is why you don't hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble.'"

Brilliant?

[khb]

Surely someone at the NSA knows about multi-level security, SELinux, and the like. No one should have had root access. Having architected the system so poorly, it hardly took a genius to walk off with their secrets.

Re:Brilliant?

Best comment I have read in a long time.

For those who don't get it (although this is SD, so there shouldn't be), the NSA wrote SELinux.

Re:Brilliant?

[Phics]

Perhaps if the right people make Snowden seem like a mad brilliant genius, the public will brush aside questions of how secure processes at the NSA are?

Re:Amended quote

[jedidiah]

Just goes to show what utter trash journalism has become. Invariably, if you have any knowledge of a subject you can't get over just how badly "journalists" get things wrong or intentionally leave out crucial details.

A sysadmin had root? Imagine that?

Re:Amended quote

[Motard]

Mod this up. I know one large pharmaceutical company that requires dual logins (i.e. two sysadmins) to do anything out of the ordinary - and everything is logged. Why the f-ing NSA can't do this is beyond me.