Slashdot Mirror
Now On Video: GCHQ Destroying Laptop Full of Snowden Disclosures
An anonymous reader writes "On Saturday 20 July 2013, in the basement of the Guardian's office in Kings Cross, London, watched by two GCHQ technicians, Guardian editors destroyed hard drives and memory cards on which encrypted files leaked by Edward Snowden had been stored. This is the first time footage of the event has been released."
Such documents trove belongs to ThePirateBay (and everyone of us).
Oh, wait... I think it was books they were burning in the movie... Or people... Maybe both...
Great another show for America to copy from the UK. You know the American version will be totally lame
I'm sure those are locked away safely.
What the hell was that? They threatened to shut down the Guardian if the media wasn't handed over; it appears though that they didn't have the balls to go through with the threat. Instead they came up with this bizarre compromise that involved 'destroying' the data. Why do this? Was it just a way for the government to save face and not have to back down from some crazy ass redline that threw out there? They must know that the files were immediately duplicated and spread around the world. That was by far one of the strangest things I've ever seen a newspaper do.
This one's tricky. You have to use imaginary numbers, like eleventeen... --Hobbes
Not from that particular copy of the data.
Is this the end of the leaks then? No smoking gun?
No, just a bunch of smoking HDs. But seriously, a "smoking gun" is what you need in a case where the evidence is thus far not conclusive. In this case, however, I don't know of anything Snowden released which has been denied by officials and much of it has been confirmed or corroborated by others.
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
I'm dumbfounded.
Why on earth would GCHQ and/or the government want to show us so clearly that they are complete morons?
I might assume they are not and that there was some deep purpose to this display of idiocy but I don't see it.
It's just a stupid as the US response taking out and replacing every part of every computer and network that Snowden accessed.
I mean, really - the CAT-5? Come on. Just a stupid excuse for work and so that they can claim "Oh he did millions of $$ damages, see we had to replace everything including a new coat of paint on the data center".
Absolute tripe.
-- You are in a maze of little, twisty passages, all different... --
For many many reasons but I post for one you'd be surprised at.
http://hardware.slashdot.org/c...
People continue to do this stupid shit to perfectly good hardware, sure it's symbolic in this case to prove a point, none the less any of us here with a fucking grain of common sense realise it's a load of complete shit.
That data could've been copied 10,000 times over from that machine by now (obviously)
Video Footage just covers the time from timestamp A to B... what happened before A (A-X) and after (B+Y) is not seen. On the other hand, what did those guys want to show? Fear?Moral?Believes? Truth has a way of its own, so destroying some disks will not change the fact that it already made it out once...
It's just a stupid as the US response taking out and replacing every part of every computer and network that Snowden accessed.
Disagree. No matter what you think of the NSA, in the whole circus they are one of the few people who actually know their stuff. These guys are scary good at what they do. If I had to clean up a place that was bugged by the NSA, I'd do the same - rip out everything and replace it.
You can buy keyloggers that fit into a USB plug these days. I'm pretty sure the NSA has stuff like Ethernet monitors that fit into slightly-larger-than-usual CAT-5 plugs. And if you consider the size of Raspberry Pi, you'll realize that you can fit a whole second computer into the case of another computer.
When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.
This is the same, just in hardware.
Assorted stuff I do sometimes: Lemuria.org
I viewed the video and I read the related article... and it says here:
A small team of trusted senior reporters examined Snowden's files in a secure fourth-floor room in the Guardian's King's Cross office. The material was kept on four laptops. None had ever been connected to the internet or any other network. There were numerous other security measures, including round-the-clock guards, multiple passwords, and a ban on electronics.
Okay, 4 laptops are fine. So why does the video show a desktop keyboard? And why is there a completely destroyed ATX desktop motherboard shown there?
If they can't be assured that destroying the machines will do it, then take it one step further. If they don't quit it, they'll learn how deep and quick of an exfoliation can come from an angle grinder.
If it makes The Guardian actually complain, then you know you're doing the right thing.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.
Depending on the nature of the server, I'd be tempted to replace the hardware as well and shred the old stuff as well.
Formatting a hard drive doesn't really remove everything, even a "secure" erase isn't the same thing as simply buying a new one.
Yes, let us NOW close the barn doors after the cats have escaped.....that will stop the cats from escaping!
From my view(USA), the U.K. seems to be following in our footsteps with afterburners engaged.
I remember when everyone was claiming computers would make life easier. LOL! Paperless offices FTW!
(don't misunderstand; I like computers and networks, but from the beginning, I have always questioned the implementation of them as it occurred...one of the reasons why I don't own a cell phone, and studied networking so I could protect some of my privacy, just as I studied driving a vehicle before driving)
The cat is out of the bag/barn door, the best thing for the gov't.s involved is to admit it and make acceptable changes, but don't hold your breath waiting.
The question now is:
Do we fight this crap, or grease up our bungholes and take like a good consumer?(we are no longer citizens or customers...just livestock consuming the crap corp.'s and their bitches(gov't) shovel out.
If you use the term 'consumer' for anything outside of eating and drinking, or physically using something to depletion, then you are part of the problem by accepting this crap.
Consume various media?
I have NEVER eaten or drank an music or video file, I've watched/listened to them, and THEY ARE STILL THERE! So I could not have consumed them.
This may seem like an offtopic rant, but the brainwash mentality is what makes this crap work.
We have gotten into a mindset from this tactic that makes this shite easier to swallow, because we get used to swallowing shite. We have forgotten how to find out for ourselves, we WANT the 10 second soundbite because we are too busy swallowing the shite, to fit in with our shite swallowing peers.
I personally am too old, broken down, and poor to start the needed coup, but will gladly join in if it ever happens.
Here in the USA 20 years ago, if what happened under Bush jr.'s reign happened then, I would have started(or at least attempted) another revolution...strictly out of patriotic feelings for the oath I took to defend the Constitution of the USA, and Dubya and company would have been first against the wall to be shot as a traitor to the Constitution I pledged to uphold against enemies foreign and domestic.
Apparently, my peers are happy to have the following generations buggered, and now it's showing up.
In retrospect, I would include Obama and co. for not doing away with all of Bush/Cheney's constitutional violations.
As it stands, I will do everything within my power and ability to train and educate the younger generations to combat this crap.
Note to self: Quit posting when drinking!
I meant everything above, but focus and eloquence decline severely when drinking!
Apologies if I sound like some butthurt old geezer, but I am one, due to the 'War on Drugs', 'War on terrorism', War on this', War on that', alcohol is my only outlet short of ending up on the evening news as some nutjob taken out by the local SWAT Team. :-)
OK, now all of you all, get off my lawn!
*chugs bottle of Geritol*
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
I think the Guardian guy is being deliberately vague, since they now have evidence that they destroyed all of their copies.
They are now only going to report on the information that others are leaking.
It is PR for GCHQ and the Government, i.e. don't hold documents you know you shouldn't cos we'll smash your shit up.
It is part of the legal defence of the Guardian, "We aren't distributing this information, but are now free to report the information that others have released to the public"
By the way IANAL, it just seems like common sense to me.
A "laugh track".
Just sayin'...
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.
Those were the good ol' days. These days everybody knows there are half a dozen backdoors in the various firmwares that even an OS wipe won't get. (disk, network, bios, etc)
If I had to clean up a place that was bugged by the NSA, I'd do the same - rip out everything and replace it.
I'd be tempted to torch the place for the insurance money and move.
Disagree. No matter what you think of the NSA, in the whole circus they are one of the few people who actually know their stuff.
If that were true, Snowden wouldn't have been able to access and distribute the sensitive security documents he did and we wouldn't be talking about this at all. Doesn't seem they are particularly competent with regards to security to me.
I suppose you could use the fan tachometer wire to read some arbitrary data stored on that fan.
competent != perfect
If you run an organisation of this size, you have security holes, period. There is no such thing as perfect security, and everyone knows it (though some snake-oil sellers pretend otherwise).
Assorted stuff I do sometimes: Lemuria.org
These guys are scary good at what they do. If I had to clean up a place that was bugged by the NSA, I'd do the same - rip out everything and replace it.
And dig up the foundation.
"First they came for the slanderers and i said nothing."
That, as well as the other comment much to the same, is very true.
However, it depends on your threat scenario. If you are the victim of a regular hack, i.e. someone gained entry over the network, then you know your hardware is unchanged, so you can keep it. That is the scenario I was referring to. If, of course, someone physically broke into your server room, you should mistrust your hardware unless you know exactly what they did and didn't do (say you have a video that you know was not tampered with).
I don't think much of Microsoft as anyone who's been following me on /. knows, but they have a good set of rules which includes "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore".
Assorted stuff I do sometimes: Lemuria.org
Yes he would, because his job and vetting level allowed him unsupervised access to materials at that level of protection. The flaw in their system was either their vetting - I have no idea if there was anything in Snowden's past that should have given them a reason to consider him unreliable - or that his access was unsupervised.
The problem with requiring supervised access to materials or infrastructure you (potentially) routinely access as part of your job is you've just doubled (at least) the number of people you need to do anything. Basically any system of security is going to require that at some point you have to trust people, otherwise the entire system becomes an unworkable nightmare and no-one can get anything done.
Yeah, I had a sig once; I got bored of it.
GCHQ Destroying Laptop Full of Snowden Disclosures
As the summary actually makes clear, one of the interesting about this incident is that the Guardian editors opted to destroy the laptop themselves, instead of letting GCHQ do it.
systemd is Roko's Basilisk.
NSA certainly bugs ethernet sockets – see http://images.dailytech.com/ni... .
The amount of destruction on motherboard teaches us a thing: GCHQ destroyed elements they KNOW could be used for storing data/snooping. So we say ”morons”, but they actually are ahead of us in spying. And they expect other intelligences to have similar capacities as NSA/GCHQ.
:wq
It's probably been so long since they released it because GCHQ had to vet the video to make sure you couldn't reconstruct the document from the fragments visible during the video.
They seem to be about that level of tech-literate.
You could in principle re-flash the BIOS to hold small amounts of confidential data (or more likely, decryption keys for confidential data).
The Tao of math: The numbers you can count are not the real numbers.
Well, given that it was the Guardian destroying the computers under oversight of GCHQ, and they knew it was filmed, I can imagine them fulfilling the order ridiculously to the letter, to make the stupidity of it obvious without the GCHQ being able to complain.
The Tao of math: The numbers you can count are not the real numbers.
Even if it was true that one can economically retrieve data after it has been erased / overwritten a few times, the buzz-sawing of individual chips in this video fans the paranoia of people over hard drives. You can disassemble the hard drive, or hit it once with a ball peen hammer. Drilling multiple holes through ceramic chips borders on the Pythonesque. Perhaps they were being tongue-in-cheek during the application of physical overkill, but it fans the billion dollar planned obsolescence industry. Most data theft occurs from machines still in use (hacked or downloaded from or stolen), I'm unaware of a single case of a hard drive chip being reassembled to get out the latent data.
Anyway, the safest thing would actually be to produce fake, falsified, false positive Snowden files, hire a team of anti-Snowdens to just make up balderdash, and distribute their files all over the web, not by trying to physically destroy hardware on which the real data is stored. Metadata should be particularly easy to camouflage with digital haystacks of misinformation.
Gently reply
The NSA failed at basic information security. There are plenty of corporate IT departments that have more robust information security than the NSA it would seem.
I didn't think I'd use that abbreviation ever again, but: ROTFLMAO
Most corporate IT security is a joke. There's a reason the security consulting business is thriving, and it's that when they get called in, they always find yet another problem. What corporate IT is good at is creating bullshit rules that placate management types and don't add any actual security. Yes, I'm looking at you, SOX. And don't get me wrong, I worked as the Senior Manager IT Compliance for a fairly big company. It was a lot of fun, but most of what SOX adds is so basic in security that its main benefit is in revealing just how horrible the IT security in most corporations sucks.
Everyone has security problems, and the NSA is not special. But claiming that corporations are better is just ridiculous given that a lot of my friends regularily walk out of corporate headquarters with their biggest secrets in their hands when they conduct pentests or social engineering tests.
Assorted stuff I do sometimes: Lemuria.org
Yes. In theory, you're right. But when the secret service thugs start showing up at newspapers -- as it's happening now -- perhaps it's time to think about uncontrolled release.
$DEITY knows how often newspapers just hadn't the courage.
When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall.
And then get countermanded/overridden by the server or workstation technician or management, because wiping and reinstalling is too time consuming and/or expensive. Just get some antivirus and security scanners software setup, clean out all the malware, and resecure it, so the system works again.
"We won't tolerate laziness from you security folks. You have to do your job and make sure the system is clean in a timely way. No you cannot make the user reinstall their Windows 7. No to revoking admin rights... all our employees have to have admin rights to their workstations, so they can install software, as the need arises..."
If you do a wipe and restore of the OS from backup, from a date you can verifiably show was before the compromise; AND repair the security holes and vulnerabilities, and make sure to change all security credentials -- passwords, etc, , before reconnecting to the internet.
Then after so restoring... the biggest things you actually should worry about are.... (1) Something else on your network may likewise be compromised, such as other servers or networking infrastructure - especially anything Telnet is used to manage, anything managed from the server or having shared credentials, OR whose credentials were used on or through the server --- during the compromise, the hacker may have sniffed credentials, logged keystrokes entered by admins via RDP or SSH, or the hacker may have covertly pivoted through the broken system to quietly compromise or place undetectable covert backdoors in other systems; (3) You didn't actually close the bug used to compromise, due to complete info, OR (4) There is yet another similar bug, that the persistent attacker, or another attacker will find..... and undo all that repair work seconds after the system is back up.
Those were the good ol' days. These days everybody knows there are half a dozen backdoors in the various firmwares that even an OS wipe won't get. (disk, network, bios, etc)
Hogwash. While it is true that such backdoors can created, and nation-states may have had backdoor tampering installed in the server, first -- it is not shown to be used, and firmware based attacks are also hard because they are hardware-specific, AND computer hardware varies widely. FOR NOW, you still do not need to worry about system firmwares. There are scant if any significant cases, where firmware backdoors have been leveraged by hackers.
I see post-compromise firmware backdoors firmly on my security radar, but it's not really a major threat or risk yet.
It's kind of like talking about ARP-injection based sniffing malware. It's certainly possible, but the bad guys have not reached that level of tooling or technological enablement just yet.
I'd be tempted to torch the place for the insurance money and move.
Which would play right into the NSA's hands, as you move on from your torched building, and agents quietly recover some fireproof surveillance blackbox units which had been dropped down various walls, that your torching made retrieval a simple task.
There is no such thing as perfect security, and everyone knows it
This is why the notion "It is OKAY if we have all these backdoors and all this data collection, the only quantum computer, etc, as long as it is controlled by strong security controls, laws, regulations, oversight" is absurd.
This is why the notion "It is OKAY if we have all these backdoors and all this data collection, the only quantum computer, etc, as long as it is controlled by strong security controls, laws, regulations, oversight" is absurd.
Oh, I agree completely. But don't forget that, like any big organisation, what the NSA actually thinks internally and what it says in public statements are two very different things and in many cases there is very little connection between the two.
Assorted stuff I do sometimes: Lemuria.org
Now, no matter what the government demands, the Guardian can always say "Oh yeah, that .. it was on that laptop. Remember that laptop?"
I have already sent in my email to their customer support letting them know if this happens I cancel my account.
"GET / HTTP/1.0" 200 51230 "-" "Mozilla/4.0 (compatible; Setec Astronomy)"
That, as well as the other comment much to the same, is very true.
However, it depends on your threat scenario. If you are the victim of a regular hack, i.e. someone gained entry over the network, then you know your hardware is unchanged,
Firmware and BIOS are software, not hardware. At least the kind that are stored on read-write flash instead of Read Only Memory. Which is most of them these days I believe.
However, I don't want to detract from your sentiment softening my comments. The kind of threat model I was describing involves mal-firmware that, asside from reports of NSA-level usage, have not (yet) seen widespread known usage from 'ordinary hackers'. For the threat model of non-state-or-mafia-supported-hackers, doing a wipe of drive, and perhaps for extra paranoia a reflash of the bios and any other user-supported-flashable firmwares, is a reasonable track. But if you are worried about the NSA, it is not enough.
also, in case anybody is reading this for educational purposes I should further clarify-
Yes, Tom did say "victim of regular hack". However today's extraordinary hack is tomorrow's script kiddie 'regular hack'. Also, I was implying "firmwares flashable by the OS, or anyone who has gotten root on the OS via a network hack". There can be firmwares that require physical access (write enable jumper) to reflash. I suspect a conspiracy is responsible for write enable jumpers for firmware flashing disappearing (but I'm pretty paranoid).
Wikileaks can go to multiple journalists to avoid whatever problems with individual journalists/or papers, and they do. The main problem I see with journalists is the 'mainstream journalism' problems that Chomsky described. A kind of conformism that is timid , compliant, and narrowminded, but not really coerced. They'll publish, but will draw weak conclusions and miss the point.
I think Greenwald's ideas are actually pretty close to Chomsky on this and I wonder what he'd have to say about Assange wanting to publish on his own.
There were some really good points to it - putting the story into coherent form requires somebody reading through immense piles of documentation to find the interesting individual parts and the interesting trends from the big pile of other data, and releasing it at a pace that's going to keep the public's attention rather than either not getting noticed or having their eyes glaze over (how much of the public actually read through the whole Pentagon Papers - or needed to do so to get the general idea of what their government was doing?)
And yes, there are parts that it's important NOT to release without redaction - the EFF's slide about "Why Metadata Matters" also means that there might be documents in the Snowden collection that are metadata about "people who are not targets and we're, like, totally not 'collecting' data on" that the government shouldn't have collected, like "AIDS Clinic A called Person X, who called Dr. D and Insurance Company I", or "Hey, Agent Smith, here's the data we've got on Ahmed A, is it enough to put him on the no-fly list?" "No, not really".
But except for any personal data that ought to be redacted, I think it makes sense to have the whole pile available to the public. The NSA's argument that it might reveal "sources and methods" just says "Hey, dude, not fair releasing metadata on us!"
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
They DO belong on the piratebay. You said it yourself; they are /false/ accusations. By giving them to an intermediary to prevent these false accusations from being brought into play you /actually give credibility/ to these false accusations. :).
Then again, it does give the leaker some protection against prosecution for these false accusations
But to me, the balance is still wrong: stepping back for false accusations is a road into the abyss. The only wise long-term approach in this case is to fight all falsehood right-on.
While that's true, it only applies to the technology used. Script kiddies never evolve, that's what makes them script kiddies (those who do stop being one). So what their hacks lack is creativity. They apply tools they downloaded in scripts they copied for rote attacks. That's why a similarily rote defense and recovery is good enough.
Assorted stuff I do sometimes: Lemuria.org
The "Can you recover overwritten data?" question was answered a few years ago in the paper Overwriting Hard Drive Data: The Great Wiping Controversy. The conclusion was with an electron microscope you could get 1 bit back but the chance of recovering more than that is negligible (and that is in the new barely used drive scenario).
Vetting, Vetting, who does the vetting? We certainly don't want the government to be the lord and master of what we can see, hear, and read. That is one of the first steps to a totalitarian state. Still, as the press has virtually stopped reporting and now make the news. Rather than talking heads doing the partisan bit, the reporting is biased to the point of absurdity. Reporters ceased being reporters some time back and now report the news to favor, or denounce candidates, the constitution, people's life style, and religion. They discredit anyone who disagrees with them, be it left or right. So the networks can not be trusted to present stories in an unbiased light either. At present many of the networks just parrot the present administration's views. As I said, that's the talking heads job, not the reporter's. It would certainly be nice to be able to find unbiased news. If the FCC stuck by its own rules, they’d revoke the licenses of most radio and TV networks. I'm old enough that I can remember when we had real reporters, not cheerleaders for one side or the other. In general they didn’t distort the facts to suit their goals. Today, it takes no more than a few sentences to know where the reporter is headed with a story. That's the job of the talking heads, not the reporter. Theirs is to write the story, not their opinion, nor to distort the facts, or make them up where none exist. Cast doubt on the opposition. Most of these so called reporters wouldn't have been able to keep a job 30 years ago. “The News” is no longer a place where a person can stay informed. It is only a presentation for the left or right. .