Snowden Spoofed Top Officials' Identity To Mine NSA Secrets

schnell writes "As government investigators continue to try to figure out just how much data whistleblower Edward Snowden had access to, MSNBC is reporting that Snowden used his sysadmin privileges to assume the user profiles of top NSA officials in order to gain access to the most sensitive files. His sysadmin privileges also enabled him to do something other NSA users can't — download classified files from NSAnet onto a thumb drive. 'Every day, they are learning how brilliant [Snowden] was,' said a former U.S. official with knowledge of the case. 'This is why you don't hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble.'"

You don't get to hire smart people for this job.

[intermodal]

You either get brilliant or you get mildly capable. Smart people know they don't want to work in that environment. Brilliant people will take the job knowing they can use it to some kind of end. Mildly capable people handle requests and not much more, but are just happy to have a stable job in their field.

Re:so he did in fact break the law

[aristotle-dude]

Sorry, I am a fan of him and grateful he leaked only certain documents as opposed to Manning just dumping everything out into public, but stealing classified documents to leak is a bit different than the story we've been given as a true whistle-blower.

I think the type of information Snowden took was of a different sort. He stole information detailing the existence of spying programs, how they worked and their extent putting the programs themselves at risk whereas Manning stole and leaked operational information that potentially put lives at risk by exposing agents in the field and/or operational plans in the field.

What Snowden leaked so far embarrasses the government but is not "outing" anyone as an agent. This is more inline with what a whistleblower would usually talk about. He leaked the powerpoint slides as evidence of his claims.

Re:Amended quote

[iamhassi]

I'm more worried that they're saying he was "brilliant." Those actions are trivial. I'm disappointed that's all he had to do to get that info.

Agree with his actions or not, anyone who declared him anything more than "some sysadmin who took some liberties with his access" shouldn't be in charge of gathering, investigating or protecting anyone's sensitive data.

THIS.

I came to post the same thing. This is like calling a child that signs their parents name on a school note as "brilliant". Sysadmin has access to everything, it's like saying the locksmith is "brilliant" for opening the door.

Re:Amended quote

[Cow+Jones]

"... and by the way, in order to prevent such brilliant people from exposing us like that in the future, we've just told all the sysadmins with the same access level that 90% of them will be fired."

Brilliant, indeed.

Re:Amended quote

[Chelloveck]

Yeah, well, that's because they want to portrait him as a brilliant evil genuis who should be incarcerated for the rest of his life (as he's obviously so dangerous) rather than just a guy who downloaded stuff on his thumbdrive because their internal security was shit.

This. A thousand times this.

Read the two articles linked in the summary. They're both on NBC news and published within three days of each other, and both are essentially the same story. The difference in the articles?

The older one (byline "Richard Esposito and Matthew Cole") says, "Duh. He's a sysadmin. He's capable of creating accounts with arbitrary permissions, and of violating the air gap between the secure and insecure sides. Of course he can do that, it's in his job description!"

The newer one (byline "Richard Esposito, Matthew Cole and Robert Windrem") says, "Whoa! This guy knows how to impersonate people on a computer! No one but a brilliant uber-hacker could do that! This guy is a menace! An evil genius of a degree seen only in Bond villains!"

I don't read or watch NBC news, and I've never even heard of any of these reporters before. But my guess is that Esposito and Cole are the tech beat guys, and Windrem is managerial. If we assume stupidity, Windrem simply said "This story is dull. I'd better punch it up a bit." If we assume malice, Windrem said "This makes the NSA sound dumb. Let's play it for the brilliant hacker angle instead." If we assume conspiracy, some nice men in dark sunglasses approached Windrem and said "This story doesn't fit with our narrative of Snowden being a dirty rotten traitor. Fix it."