Snowden Used Software Scraper, Say NSA Officials

An anonymous reader writes with this excerpt from the New York Times: "Intelligence officials investigating how Edward J. Snowden gained access to a huge trove of the country's most highly classified documents say they have determined that he used inexpensive and widely available software to 'scrape' the National Security Agency's networks, and kept at it even after he was briefly challenged by agency officials. Using 'web crawler' software designed to search, index and back up a website, Mr. Snowden 'scraped data out of our systems' while he went about his day job, according to a senior intelligence official. 'We do not believe this was an individual sitting at a machine and downloading this much material in sequence,' the official said. The process, he added, was 'quite automated.'"

Stunning.

[quenda]

Who'd have thought? Experienced IT guy didn't manually download each file!?

"Inexpensive and widely available" - I hope they don't mean some evil subversive communist open-source tool.

Re:Stunning.

Oh my god .... could it be .... wget ?

Re:Stunning.

[jsh1972]

I'd have thought he went in each day with wheelbarrow full of 1.44" floppies and just copied until he got it all... That's some mighty fine detective work, Lou.

Re:Stunning.

[fatphil]

But you don't understand. Terrorists use wget for drug dealing with paedophiles who use slashdot beta. Wget must be banned!

Re:Stunning.

[Bert64]

But why would someone with admin level access want to scrape the website rather than just take a backup of the database?

Re:Stunning.

TFA mentions that wget was "less powerful than the tool Mr. Snowden used"

Re:Stunning.

[scarboni888]

I read TFA and I still can' figure out... who's "Lou"?

Re:Stunning.

[gl4ss]

the malicious and now banned weapons grade tool is called "wget" by underground unix hackers.

Re:Stunning.

But experts say they may well have been downloaded not by him but by the program acting on his behalf.

Evidence presented during Private Manning’s court-martial ... revealed that he had used a program called “wget” ... but it is considered less powerful than the tool Mr. Snowden used.

Re:Stunning.

[Arrogant-Bastard]

There's zero reason to believe the NSA's version of this and every reason to believe Snowden's

Why?

Because, so far, every single thing that Snowden has said has turned out to be true when cross-checked. And, so far, every NSA official spokesperson has been caught repeatedly lying.

Re:Stunning.

[Wonko+the+Sane]

Because, so far, every single thing that Snowden has said has turned out to be true when cross-checked. And, so far, every NSA official spokesperson has been caught repeatedly lying.

What? You're using logic and critical thinking? You must be a terrorist and/or traitor.

Re:Stunning.

[VortexCortex]

The very first program (after "Hello World") I wrote in Java was a website scraper. I used it to download all of Sun's API and tutorial pages for Java and rewrite links to be relative. Younger and dumber. This created two copies of each set of docs: The scraped version and the compressed version, which I only discovered existed after having scraped the downloadable offline version of said docs.

Point being: My scraper was written in a few hours and far less powerful than wget.

Re:Stunning.

[DarkOx]

Well if you knew a SIEM system had rules which might trigger alters if a database backup is started off hours or if the backup files are accessed for one. As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.

Questioning if who you might eventually leak the data to will have the technical chops and resources put the information together from the database file, as opposed to just reading through a bunch of handy precomputed html pages and office documents for another.

Re:Stunning.

[Tim+the+Gecko]

Here's what the internet has to say ( http://www.reddit.com/r/gaming... )

Yep. 100% sure. I've even researched how so many people can believe this is an actual quote when it isn't (which is a strange phenomenon). I'm also a huge Simpsons geek.

The actual quote is: Wiggum: Well that's some good work, Lou. You'll make sergeant for this.

But almost universally people say and believe it to be "That's some (mighty) fine detective work, Lou"

Re:Stunning.

The Simpsons.

Re:Stunning.

[scarboni888]

Thank you.

Re:Stunning.

So... what was it? HTTrack?

Re: Stunning.

It's true, the NSA lies. After all, it's manned by spies, sneaky, underhanded people who have somehow been granted immunity to do things you or I would be thrown in jail for life if we did, people who essentially have more rights than we, the second class citizens have.

But if you criticize this, isn't this an indictment of the government and thus an indictment of our entire system?

Well I don't know about you, but I don't have to sit here and listen to you badmouth, The United States of America!

Re:Stunning.

[horza]

According to the BBC the new Director of the NSA says:
"There's no place where it's an analyst and a database and you can search for whatever you like and there's no record and no after the fact," Mr DeLong says.

So it should be pretty easy for them to figure out which information Snowdon got and when. Unless nowhere means unless outside of Fort Meade...

Phillip.

Re:Stunning.

[dcollins117]

Now that we have documented proof of a rogue government agency that ignores the law and then lies about it, I'm waiting for some enterprising criminal defense attorney to realize they've got the perfect patsy. Regardless of what crime their client is alleged to commit, just deny involvement in the crime and claim that it was committed by the NSA.

I'm not a lawyer, I just play one on Slashdot. But it seems to me that should be sufficient to raise reasonable doubt.

Re:Stunning.

Thanks for reminding me of why I can't stand reddit. Fork slashdot!

Re:Stunning.

[ToasterMonkey]

There's zero reason to believe the NSA's version of this and every reason to believe Snowden's

Why?

Because, so far, every single thing that Snowden has said has turned out to be true when cross-checked. And, so far, every NSA official spokesperson has been caught repeatedly lying.

Once you start using absolutes, we're past the point where every single thing you want to believe is true, and every single thing you don't is a lie.

Consider that.

Re:Stunning.

[hoboroadie]

It's a Clancy Wiggum quote.
I don't recall the episode.

Re:Stunning.

[s.petry]

Slightly more powerful than wget to me is a wrapper around wget. Perl and Bash scripts are way beyond the average users. To politicians scripts can be used to claim "voodoo" or "saintly" depending on who writes the scripts. The NSAs scripts are obviously saintly, while anybody else is probably voodoo.

Re:Stunning.

[AchilleTalon]

I think many here are missing the point. Point the Moon with your finger and the fool will look at the finger.

The entire point about the use of automated tools to scrape data here and there on the NSA network is that Snowden wasn't going at the only data he needs to prove the point he says he wants to make. He was just grabbing a full load of data hoping for some of it to prove something that could make him a credible whistleblower. This is playing against him if he would have to convince a judge he is a "legitimate" whistleblower just wanting to free America from the dictatorship of the NSA. He did grab way too much data and some of it having no relation at all with the point he supposedly wants to make. But worst, he just gave everything to a third party rather than just what was necessary to prove that point about the NSA and the violation of US citizen rights.

So, the point is not about the automation of the data scraping, it is about the indistinct data scraping itself. And NSA may make a point here.

Re:Stunning.

[davester666]

Well, they knew from vetting Snowden that he wasn't a leet haxtor, so he must of got these scripts from his Russian handlers.

Re:Stunning.

[anagama]

From the TFA:

[Chelsea Manning] had used a program called âoewgetâ to download the batches of files. That program automates the retrieval of large numbers of files, but it is considered less powerful than the tool Mr. Snowden used.

So no -- not wget. Unless the NSA is lying about it.

Re:Stunning.

[flyneye]

I like to think of this article as evidence the NSA is manned by ineffectual morons who should be banned from sharp table cuttlery.
I, living in this nation, feel less secure because of the existence of this agency, ironic, isnt it?
Is this really what, Im paying for? Bullshit! I want ALL my tax dollars BACK! Including Medicare and Social security!
I can see that it all an elaborate bait and switch conducted by charlatans like President Clinton and her sidekick Omama.
Snowden COULD be the first President elected in exile....

Re:Stunning.

[Jeremiah+Cornelius]

You're ALL missing the point.

This is not a "news item" because he used some "arcane technology" from the view of the uninitiated.

This is a calculated iteration in the advancement of declaring web automation tools "instruments of terror" and "cyber weapons", for prosecutorial purposes.

You vilate a ToS with these, and WHAM! Terror suspect!

Re:Stunning.

[Kazoo+the+Clown]

Must be "curl" then...

Re:Stunning.

[bigpat]

I'd have thought he went in each day with wheelbarrow full of 1.44" floppies and just copied until he got it all... That's some mighty fine detective work, Lou.

Apparently the "wheelbarrow full of 1.44" floppies" was actually what their security was set up to prevent.

Re:Stunning.

[Chris+Mattern]

Apparently the "wheelbarrow full of 1.44" floppies" was actually what their security was set up to prevent.

And the joke was on them--he was actually stealing wheelbarrows!

Re:Stunning.

Snowden claims he wrote a backup system for NSA. NSA claims he used a web scraper.

Correct Answer: Snowden wrote a backup system for the NSA.

Re:Stunning.

[93+Escort+Wagon]

Is "wheelbarrow full of 1.44" floppies" anything like "binders full of women"?

Re:Stunning.

[Jane+Q.+Public]

"Slightly more powerful than wget to me is a wrapper around wget. Perl and Bash scripts are way beyond the average users. To politicians scripts can be used to claim "voodoo" or "saintly" depending on who writes the scripts. The NSAs scripts are obviously saintly, while anybody else is probably voodoo."

Even funnier is the assertion that such "web crawling" would be easy to detect. As someone who has done remote automation and data scraping for a living, I can tell you that it doesn't look any different than any other web traffic.

About the only way to detect it is to do traffic analysis, to see if the same IP address is hitting nodes a lot, or hitting many nodes in a short period of time, and especially if they are rapid-fire.

But the latter is easy to get around. I won't say just how here, because even if it's not hard to figure out it's still something of a trade secret.

Re:Stunning.

[richlv]

zomg !

BAN WGET !

(don't ban, fuck beta)

Re:Stunning.

[gman003]

Not Slashdot Beta! Those fiends!

Re:Stunning.

[Githaron]

Is there evidence that we gave everything that he collected?

Re:Stunning.

[mtrachtenberg]

They tried to use an automated tool in developing healthcare.gov but were told it was classified. Someone argued, I think, but top management fired him. Automated tools are no way to get more direct reports, you know. And we need unemployment to go down, not up.

Did you know you can double your "lines of code" output with just a few keystrokes? Write for more info!

Re:Stunning.

[mtrachtenberg]

Next week's report: Snowden used flexible plastic card to break into secure server room. These commie cheats will stop at nothing, I tell you. Better double NSA's funding.

Re:Stunning.

It's not (solely) The Simpsons. "Lou" is short for "Lieutenant," as in the rank.

Sergeant is the rank below Lieutenant, so The Simpsons is making a joke akin to, "you'll be demoted" (i.e., 'we of the Springfield P.D. do not take kindly to success 'round these parts') and/or "despite being chief, I don't know what the ranks mean." The straight version would be, "... You'll make captain for this."

Re:Stunning.

[Cyberax]

Well, technically all Perl scripts are 'voodoo' by default.

Re:Stunning.

You don't know shit. Snowden was a SharePoint Admin, but not all of the information was contained in SharePoint Content Databases that he had access to from, and therefore he could not Central Admin (SharePoint's Admin control panel). Performing a Content Database backup and restoring to just any SharePoint instance is non-trivial. While I don't agree with Snowden's activities, I can say that he did what most would have done with the same level of knowledge. DarkOx is FUCK BETA TARD.

Re:Stunning.

[cheesybagel]

Actually there are options in wget for that.

Re:Stunning.

[fatphil]

It must be stopped!

And it's 23:something here, so for me the boycott starts very soon.

Here's to increased productivity for (at least) a week.

Just in case...
# echo '127.0.0.1 slashdot.org' > /etc/hosts

Re:Stunning.

[Bert64]

There will also be logs of the GET requests (as there seems to be from the article), and if a database backup triggers logs then you could always extract data from the filesystem directly, or from other backups...

Re:Stunning.

[Jane+Q.+Public]

"Actually there are options in wget for that."

Well, yes. But while wget could be part of a full-featured crawler, it just doesn't have the functionality to do it all, by itself.

For example: while you can download a whole directory with wget, you have to know that directory exists in the first place. wget does not help you with that part.

Re:Stunning.

[Runaway1956]

We are all terrorists unless we toe the Party Line. Don't forget that "Politically Correct" came directly from the old Soviet. Progressives are something like second or third cousins to Soviet Russia's party.

Re:Stunning.

[Runaway1956]

Who, precisely, needs unemployment to go down, rather than up? It isn't the corporations, who incidentally all have lobbyists in Washington offering all sorts of rewards to congress critters are cooperative.

Re:Stunning.

[Runaway1956]

Because so far, Snowdon hasn't yet been proven wrong, and the NSA has failed to offer any sort of rationalization that even approximates truth.

Is that better?

Re:Stunning.

[mjwalshe]

I woudl have thought that the NSA with all its budget would have systems to audit what goes on.

Re:Stunning.

Have a tinfoil hat.

Re:Stunning.

[lister+king+of+smeg]

Once you start using absolutes, we're past the point where every single thing you want to believe is true, and every single thing you don't is a lie.

Consider that.

Are you absolutely sure of that?

Re: Stunning.

Could you get an injunction against Beta then?

Re:Stunning.

[MrBigInThePants]

This is just a PR angle for the unwashed masses who don't know what the fuck he is talking about. The word "scraping" when said with the right inflection can come off as sinister sounding.

Of course to those in the know this is nothing more than an evil, sociopathic organisation trying to spread FUD and discredit innocent people to advance their own organisation's aims at the expense of freedom and liberty.

But then I think that is what the NSA's mission statement is...

Re:Stunning.

[fritsd]

I woudl have thought that the NSA with all its budget would have systems to audit what goes on.

Yeah, but the downside of that would be, you know, people in their function of "Grand Inquisitor" could audit what went on.

Re:Stunning.

[LazyBoot]

You know the character in The Simpsons is called "Lou", right?

Re:Stunning.

[Jeremiah+Cornelius]

Have a tinfoil hat.

Yes. I will place it on the grave of Aaron Schwartz

Re:Stunning.

[mjwalshe]

yes might have caught Hanssen and Walker a lot quicker

Re:Stunning.

[DarkOx]

Nice fail AC

From my original post:

As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.

Something like SwearPoint typically sees tens of GETs from a single client over a very short period so any kind of log analyzer is very very likely to be trained against alterting on HTTP success logs from such a server. I should mention those would be 2XX since you are obviously a zero knowledge basement dweller trying to sound smart by nitpicking my post and failing at it.

Also there is this concept call filesystem audition almost any Linux/UNIX/Windows system supports generally you have that ON for things like backup servers that handle data from other sensitive systems and so when you go to copy that database backup file, FLAG GOES UP! unless its the normally scheduled job that writes it off to tape.

So yes *I* would have done it they way Snowden did as well, because like Snowden I would have wanted to get the data egress-ed and get myself out of dodge before the CERT team came bangin on my office door with one of the gun toting security thugs in tow. You would have done it that way because some wget one liners you found on stackoverflow is most likely all you know.

Re: Stunning.

That's kind of my point.

Re:Stunning.

There's zero reason to believe the NSA's version of this and every reason to believe Snowden's

Why?

Because, so far, every single thing that Snowden has said has turned out to be true
when cross-checked. And, so far, every NSA official spokesperson has been caught repeatedly
lying.

That's funny. He lied about his educational background to get his job. He lied about his job experience. He, obviously, lied about not revealing information. He lied to his girlfriend and family about life in general. When did he become a saint? He left his job after an investigation was started into the company that took federal money without doing their job and granted him a security clearance without actually checking his background.

The NSAs job is acquiring information. It's what they do. They probably, well certainly, go above and beyond to do it. Not too surprising really. They don't reveal trade secrets publicly, but then I'd fire them for doing it if it was up to me. I expect them to lie when questioned publicly about it. Better yet, just say nothing. The press shouldn't be questioning them, Congress should be. It's an intelligence agency. And YOU have no need to know. Sorry if that "lack of transparency" bothers you. Congress has a right to know, at least the appropriate oversight committees, the president and people involved with intelligence and policy in the executive branch have a right to know, the appropriate elements of the federal judiciary have a right to know. Barring your membership in the above, you do not.

We elect people to do a job. They act for us. The people can not, and should not, know everything the government does for reasons that are obvious. To anybody, I hope. If you expect the intelligence services of the United States to look to you, or the general public, for approval... you are mistaken. Among other things.

So, in short, drop the "Saint Snowden" bit. Expect you're elected officials to do their job (or elect different ones if you have a problem with their performance). And quit expecting perfect knowledge to be your right. It's not. And our intelligence apparatus already leaks like a sieve. No need to make it worse.

Re:Stunning.

I'd have thought he went in each day with wheelbarrow full of 1.44" floppies and just copied until he got it all... That's some mighty fine detective work, Lou.

Don't you come in here with your technology of the future, punk. In my day we whistled access codes at Fort Meade and punched the resultant SIGINT into 80-column.

Re:Stunning.

Well, yes. But while wget could be part of a full-featured crawler, it just doesn't have the functionality to do it all, by itself. For example: while you can download a whole directory with wget, you have to know that directory exists in the first place. wget does not help you with that part.

Maybe, just maybe, he was using curl , html2text and grep in a BASH script, like in "Ethical Hacking" 101, which is a course he lists on his resume.

And you're wrong about wget "needing to know if the directory exists". RTFM (sigh).

Demonoid Penguin, moderating comments as useful as speculating on "what we'd do if Martians invaded", pointless - especially given the total lack of actual knowledge possessed by many of the commenters.
Note that the original story was writen by a cretin, for a publication with a history of publishing what it's told. (speculation by the uniformed, based (loosely) on speculation based on slanted "information" also written by the uninformed. About much chance of approaching the truth as I have of winning a lottery with a ticket that blew in through the windows.

Carry on as you were.

Re:Stunning.

Nice fail AC

From my original post:

As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.

What neither of you get is that Snowden is the guy that would have recieved the "alerts" on his activity - if he hadn't made the trivial effort required to negate them. That and the minor matter of him working on the backups of the system you're discussing so knowledgably - which ain't Winders (that's front-end and mid-range - he worked on the back-end, you know, the system with SEsomething).

Re:Stunning.

There will also be logs of the GET requests (as there seems to be from the article), and if a database backup triggers logs then you could always extract data from the filesystem directly, or from other backups...

Moron! (don't take that the wrong way)
The sysadmin has access and control of that, and the IDS. You win an all-day sucker if you can guess who the sysadmin was (sigh).

Re:Stunning.

>But the latter is easy to get around.

Don't worry. You can say the phrase "SEO" here. We all know why the datacenters are offering batches of IP addresses with distinct C-classes at a stupidly inflated price :)

Re:Stunning.

[TapeCutter]

The chance of a random westerner being killed in a terror attack is miniscule. The chances that you or I will meet the same fate as Swartz are even less. You and the Runaway1956 are both engaging in partisan hyperbole similar to that displayed by Schwartz prosecutors, it might feel good to vent at the injustice but the hypocrisy of your methods will almost certainly undermine the validity of your point.

Re:Stunning.

Anyone else irked that OP and Replies keep calling 3.5-inch, 1.44 MB floppies "1.44-inch" floppies?

Re:Stunning.

[But almost universally people say and believe it to be "That's some (mighty) fine detective work, Lou"]

they are probably mixing it up with the "that's some mighty fine spelunking" quote

Re:Stunning.

[Jeremiah+Cornelius]

There are no terrorists. Just people who define "Terror" for political expedience.

Re:Stunning.

[Gallomimia]

It's entirely possible he ran the results through grep or maybe sed to determine which documents were valuable and which were worthless. Therefore anyone who uses wget, grep, or sed throughout their daily work is going to be added to a terrorist watch list and interrogated on weekends at Guantanamo.

Re:Stunning.

[Gallomimia]

They just want to prevent people from archiving all the porn pay sites and releasing them via torrents.

Re:Stunning.

[Jane+Q.+Public]

"Maybe, just maybe, he was using curl , html2text and grep in a BASH script, like in "Ethical Hacking" 101, which is a course he lists on his resume."

And if he was, then he wasn't "just" using wget.

"And you're wrong about wget "needing to know if the directory exists". RTFM (sigh)."

I did RTFM, and no, I'm not wrong. Wget can follow links and do recursive gets, but it does so unintelligently. As I stated: by itself, it just isn't an effective web crawler.

I do this stuff for a living, man. I didn't just pull uninformed opinions out of my ass.

Re:Stunning.

[ender9441]

"You wouldn't download a wheelbarrow!" I can see it playing before movies at the theater.

Re:Stunning.

[Demonoid-Penguin]

(wget) "needing to know if the directory exists".

I did RTFM, and no, I'm not wrong

You expand beyond the quotes. So yes, you are wrong.

If a comment was directed at you I've quoted it, otherwise it's directed at the thread. But then - when it rains you shake your fist at the sky and cry "why rain on me?". Too much emotional content.

I do this stuff for a living, man.

I make stuffups like that for a living, man.

TFTFY (your comprehension skills are exceeded only by your vanity).

Re:Stunning.

[lucien86]

Sorry AC you're an idiot, that kind of argument might wash in China or North Korea but it shouldn't in the US or UK. What the NSA and GCHQ have done is criminal its as simple as that. Where there were deliberate laws to limit what they were allowed to spy on they used the other agency to do the spying for them to get around those rules. Their methods of spying have done enormous damage to the American public + people around the world + the computing industry, back doors, weakened encryption, and poor security are the cyber criminals friend. - Let me put it simply WHAT THE NSA HAVE DONE HAS AIDED CYBER CRIMINALS AROUND THE WORLD.
In fact closer to the truth is that there is very little difference between spies and criminals - in fact some of the most successful spies actually start as criminals. A simple additional reason I don't want the NSA or whoever spying on me (above privacy) is that I don't trust them not to sell it on, or for a lone agent to steal it or lose it, etc etc.
At the end of the day though the biggest argument against you is freedom of speech which requires openness, democracy which requires openness, and the basic right to privacy which requires a limit on what intelligence agencies should be allowed to do. Snowden saw that they were breaking those limits and decided to act (on principle) to tell the truth despite that he knew how he would be treated afterwards. - Labelled as a traitor, coward, enemy of America, and so on, threatened with extradition, execution, lifetime in prison, torture, a lifetime on the run, even potential assassination. Sorry but the only word for Snowden is Hero.

Re:Stunning.

[Jane+Q.+Public]

"You expand beyond the quotes. So yes, you are wrong."

Okay, if you want to nitpick over semantics, technically you are correct.

However, as a practical matter, wget is a SHITTY basis for a web crawler. IT WASN'T DESIGNED FOR THAT SPECIFIC PURPOSE AND DOESN'T HAVE ANY INTELLIGENCE. About all you can do with it by itself is set it to snarf up everything in its path within narrowly defined parameters. That is all. And that just isn't enough for a generally useful web crawler.

If you want to do anything other than massive blind data grabbing, you have to control it via some scripting language(s), augment it with curl or OpenURI, or use something else (the vastly preferred solution).

Which brings us RIGHT BACK to my original reply to you:

Actually there are options in wget for that.

Well, yes. But while wget could be part of a full-featured crawler, it just doesn't have the functionality to do it all, by itself. [emphasis added]

My comment stands and I owe you no apologies. If all you want to do is semantic nitpicking, you are just wasting everybody's time.

Re:Stunning.

[Demonoid-Penguin]

Okay, if you want to nitpick over semantics, technically you are correct.

Semantics is when I tell you to go look up the meaning of semantics (the meaning of which you don't comprehend). Maybe you "meant" nitpicking and just got too emotionally attached to your own insistence that wget "needing to know if the directory exists" - which'd explain why you're now out on a limb with Shirley McLain trying to shift those goal posts to "shitty basis for a web crawler" - "not designed for that" (when wrong digress?). Neither of which I disagree with, their just not relevant to anything other than your ego.

While you're there looking up the difference between parenthisis and semantics, check the meaning of sophist argument, context, and recalcitrant.

As for what wget was designed for - you conflate wishful "thinking" on your part with the designs of Hrvoje and Giuseppe. A little arrogant don't you think?

Wow...

[fuzzyfuzzyfungus]

You mean to tell me that an NSA tech contractor used wget or something, rather than loading up IE6 and clicking until his fingers fell off?

Knock me over with a feather, spooks. You fucking hired people to build what is probably the largest collection of signals intelligence scraping systems on the planet, targeted at a wide variety of differently structured systems. Why would you even consider, except as a last resort, the notion that you are dealing with a bunch of noobs?

(Oh, incidentally, maybe you should spend a bit less time reading everybody's email and work on that 'hilarious leaked diplomatic calls' problem, I'm told that sort of thing used to be your job at some point in the past...)

Re:Wow...

[SpzToid]

Please consider the bureaucracy, of the NSA. They obviously have both technical talent with which to operate and that other thing.

Also, don't forget about weekends. People wants weekends, and their downtime.

Peoples' downtime is like a cancer in any 24/7 bureaucracy as well.

Re:Wow...

What's surprising to me is that this means they obviously weren't using any type of IDS tool to detect and block such attacks, since the automated downloading of every page on the server should be easy to spot if only in the sheer number of log entries within a period of time.

Re:Wow...

[fuzzyfuzzyfungus]

I suspect the posturing about 'zOMG, Snowden is clearly working for the commie russians and/or chinese taleban!!!!' to be the purest of bullshit; but if I were a member of the US clandestine services, I'd be shitting myself wondering about the existence of people who are working for somebody and running up against the same... impressive... security measures. If there are any actual moles, it is not looking good for what they were likely able to get their hands on.

Re:Wow...

[dcollins117]

From TFA:

Agency officials insist that if Mr. Snowden had been working from N.S.A. headquarters at Fort Meade, Md., which was equipped with monitors designed to detect when a huge volume of data was being accessed and downloaded, he almost certainly would have been caught. But because he worked at an agency outpost that had not yet been upgraded with modern security measures, his copying of what the agency's newly appointed No. 2 officer, Rick Ledgett, recently called "the keys to the kingdom" raised few alarms. "Some place had to be last" in getting the security upgrade, said one official familiar with Mr. Snowden's activities. But he added that Mr. Snowden's actions had been "challenged a few times".

So they knew he was doing it, even questioned him, and he still got away with the data. To the people who maintain the NSA has the best and brightest security people perhaps they (NSA security) should use that expertise to improve their own security instead of weakening everyone else's.

And yes, this is precisely why they must not be trusted with the data they are gathering due to mass surveillance.

Re:Wow...

[ToasterMonkey]

Knock me over with a feather, spooks. You fucking hired people to build what is probably the largest collection of signals intelligence scraping systems on the planet, targeted at a wide variety of differently structured systems. Why would you even consider, except as a last resort, the notion that you are dealing with a bunch of noobs?

Someone made a comment that the collection was automated and you read all THIS from it? To the people in the position to know the volume of data taken, the fact it was automated is obvious.

Do you think it isn't?

Do you feel good attacking that straw man?

Re:Wow...

[wiredlogic]

Why would you even consider, except as a last resort, the notion that you are dealing with a bunch of noobs?

Because all the middle management MBAs don't have flying clue how computers work and feel the need to compensate for their perceived inferiority in the face of the technical employees who deliver real value. Demonizing them is the easiest way to accomplish that.

Re:Wow...

[Toad-san]

Yep, that's how I'd do it, if I had access to those kinds of networks and an overwhelming curiousity (or suspicion). Not that I'd ever do anything like that of course [glances over shoulder] .. or even think of harming one of our most valuable national assets [glances at black helicopter over trees and discounts] ...

Excuse me, there's someone at the ...

Re:Wow...

The sad truth is the people who run the NSA have no clue how to actually work computers. He did because its his job. The point is he didn't download huge volumes of data. He used website crawler to scape to an offsite location that he could then walk off with There are so many failures with the NSA that not only should everyone involved be flogged but then need to be banned from data use fro the rest of their natural life.
If you hire someone smarter than you expect them to BE smarter.

Gosh a computer person using Automation...

Maybe he typed it all...

In Soviet Slashdot

Beta scrapes you!

...and that makes it better?

If the network can't identify that something accessing the network sporadically and in repeated succession is a bot and should be stopped maybe the NSA shouldn't have access to this much data to start with....

What if a legitimate foreign hacker was able to get in and do the exact same thing? Obviously, they have very shitty standards when it comes to network security - you'd expect thousands of honey pots, ability to intercept attempted attacks, flat out network filtering of these kinds of requests. But alas, that would make sense!

Re: ...and that makes it better?

NSA's internal logging / reporting is probably minimal - plausable deniability. We really oughta create silkroad for intelligence data, this way we can use their surveillance against themselves. F.ex bitcoin chip-in, 1000 BTC for obamas emails while in office etc

Re:...and that makes it better?

[inasity_rules]

What if a legitimate foreign hacker was ...

As opposed to a bastard foreign hacker?

Re: ...and that makes it better?

[dk20]

Seriously, they should have "accidented" the whole plane? So how many innocent people should have died to protect their poorly guarded secrets?

"I'm all for whistleblower status, but Snowden should have been DEAD, HORRIBLY"
You sure downt sound like you are for whistleblower. I dont many people forget that the NSA violated many US laws.

Re: ...and that makes it better?

[Somebody+Is+Using+My]

You know, whether you agree or disagree with what Snowden did, that in no way justifies killing him without a... oh, what was that quaint thing we used to require? That's right, a trial. Rule of law, and all that. I think that's what the country was based on originally.

Of course, it's embarrassing for the NSA that Snowden waltzed out with so much confidential information, and arguably he should have been ARRESTED within 24 hours of "that flight to Hong Kong", but killed? To even think that sort of thing is disturbing.

Having said that, I am glad he managed to get away, since his revelations are shining an absolutely necessary light on the murky behavior of our government and its actions. An educated populace is necessary to ensuring our freedoms and for too long the government has been hiding its wrong-doings from the ones it purports to serve. Whether Snowden acted as a foreign agent, or for his own advantage, or out of idealism, his actions were necessary and should not be so readily scorned.

(oh right, and fuckbeta and all that jazz. It's gonna be hard doing that boycott tomorrow)

Re: ...and that makes it better?

You're missing his point. If NSA > incompetent, Snowden = dead. The guy isn't saying Snowden should've been killed, in the sense that he deserved it - he's saying no self-respecting defense agency should be so incompetent.

Re: ...and that makes it better?

[mrbester]

There's no such thing as "innocent people". Just "collateral damage within accepted limits".

Re: ...and that makes it better?

[dk20]

Fortunately people such as yourself don't make these decisions. Out of curiosity, does this sort of logic apply uniformly? I mean if the plane to HK was full of US citizens would their deaths be within "accepted limits"?

Seems many terrorist organizations seem to feel the same way as you, what makes you different from them?

Re: ...and that makes it better?

And if they committ suicide right now we won't have to arrest theirs families too.

Observe the thought process of the national security state.

Re: ...and that makes it better?

Hey you forgot the part where to be able to preserve the way of life "some" murky actions are necessary ,and of course "they" think we can't handle the truth.

Re: ...and that makes it better?

[anagama]

Our rulers do make exactly such decisions, things like invading an entire country on a made up pretext, or using drones to blow up weddings. The kinds of people in control of the Executive branch have staged a soft coup, usurping legislative and judicial powers (e.g., signing statements, due process free execution/detention, executive declared wars, extremely broad executive orders). To think that such evil motherfuckers would not blow up a plane is ridiculous.

I was at a presentation in Tacoma last night where Thomas Drake spoke. He repeated a conversation he had with some Germans -- "We know we live in a post-fascist country -- you Americans don't yet know you live in a pre-fascist country."

Really, when there are no consequences for murder of American citizens (for that is what it is when done without trial), let alone others, and Agency officials have carte blanche to commit perjury without any consequences whatsoever -- we should start to realize that we do actually live in a country with rulers who would blow a plane out of the sky to get one person.

Re:...and that makes it better?

[bigpat]

If the network can't identify that something accessing the network sporadically and in repeated succession is a bot and should be stopped maybe the NSA shouldn't have access to this much data to start with....

What if a legitimate foreign hacker was able to get in and do the exact same thing? Obviously, they have very shitty standards when it comes to network security - you'd expect thousands of honey pots, ability to intercept attempted attacks, flat out network filtering of these kinds of requests. But alas, that would make sense!

This is the other big glaring issue... Forgetting that the constitution prohibits the sort of forced collection of people's data for a second, which we really really shouldn't forget ... with the ability and clear intention to eventually put all the business and communications data in the US into one giant repository the NSA is saying they can protect access to it, but the Snowden leaks are a very big glaring example that some policy isn't in control, people are.

And let's not forget that Snowden knew he would get caught because otherwise if he had just submitted the documents anonymously then the reporters couldn't verify their authenticity and the story would have died there. So in all likelihood Snowden could have walked out the door with all this data and if he had sold it to some foreign intelligence agency then he could have probably laundered the money somehow or kept it in a suitcase for ten years or for however long it took for anyone to remember that he ever worked for the government and everyone would have thought security of all this data was just fine.

The NSA and US government in general is probably the biggest target in the world for intelligence agencies, terrorist groups and criminal gangs even. To think that a huge central repository by which you can piece together all the relationships that people in the US have, all their financial interests, etc etc is somehow going to be more tightly controlled than was access to the nations other top secret information is ludicrously absurd. The bigger the database gets, the bigger the efforts will be to exploit it for other than its originally intended purposes and the more damage that will be done with all that data.

Re:...and that makes it better?

The NSA will fix this - they'll add a robots.txt file.
That should make you feel better about this.

Re: ...and that makes it better?

[cbiltcliffe]

Hey you forgot the part where to be able to preserve the way of life "some" murky actions are necessary ,and of course "they" think we can't handle the truth.

You mean the "way of life" where we're free people, not spied on by a fascist government, and executed whenever we piss off the king/emperor? Yeah....that's been preserved REAAAALLY well...

Re: ...and that makes it better?

[greenbird]

You know, whether you agree or disagree with what Snowden did, that in no way justifies killing him without a... oh, what was that quaint thing we used to require? That's right, a trial. Rule of law, and all that.

If there were to be a trial it is almost certain they would exclude pretty much all avenues of defense that support what he actually did and why. Rule of Law is no more in this country. Just ask Aron Schwartz, Bradley Manning and the host of other whistle blowers prosecuted by the self proclaimed most open administration in history. If they want you gone they simple twist the millions of laws that exist and make up new interpretations if that's not enough. But you will be gone.

Re: ...and that makes it better?

[mrbester]

You really think nationality is a factor to those who would consider and condone this? Aww, you're adorable. And jingoistic as I'm not a US citizen.

It's *unfortunate* that people like me don't make these decisions, because we aren't war-mongering, power crazy scum who would agree to this. They threatened to shoot down a diplomatic aircraft (with non-US citizens on it, natch, don't want to muddy the waters that much just yet) over foreign soil / international waters, depending on where it was at the time, when they weren't even sure a particular US citizen was even on board. They didn't care about anything that rational people would find wrong about any of that. Not one iota of a fuck was given.

But just imagine the uproar if a different country had threatened this to a US diplomatic aircraft. How dare they?! Only *we* are allowed to do things like this! We even made it legal and stuff, see? We need to deal with these folks, they're obviously terrorists. Yes, even the children. Kill 'em all.

*That's* the kind of shithead you're defending.

Re: ...and that makes it better?

Rule of law? Ridiculous statement in a country where the President decides which laws are enforce. All he would need to do is suspend any laws that protected Snowden until the right thing was done. Just like he has done with marijuana.

Re: ...and that makes it better?

You know, whether you agree or disagree with what Snowden did, that in no way justifies killing him without a... oh, what was that quaint thing we used to require?

Congratulations! You have just been added to the potential Snowden accomplices database.

[Warning: Individuals identified by the government as accomplices of Snowden may be summarily given the same expected sentence as Snowden.]

Re: ...and that makes it better?

Well I think you sound like a fascist, and that can be very dangerous so by your standard we need to imprison or possibly kill everyone in your neighborhood.

And I don't know who you've been talking to! For all I know you're two years from becoming Hitler 2.0!

"The Agency's Internal equivalent of wikipedia"

This is why open source software is a good idea.

NO backdoors (that we know of)
FREE to download, modify, and redistribute.
FREE to use behind iron curtains even against dictatorships...

And for every open source tool used for evil there is one that can be used for good.

GNU wget and/or GPL httrack.

Go forth little lines of code, be fruitful and multiply.

*wipes tear from eye*

wget

or httrack ftw. And you don't really need to write this stuff. :-)

The trick

"because he worked at an agency outpost that had not yet been upgraded with modern security measures."

"when he was questioned, Mr. Snowden provided what were later described to investigators as legitimate-sounding explanations for his activities"

Speechless.

Re: The trick

[daemonenwind]

I, too, an speechless.

The NSA scrapes terabytes of data per day in the hope of scanning through it to find juicy tidbits.

The very idea that an NSA analyst should be scanning through data to find juicy tidbits should have raised red flags with the finest Keystone Cops.

Seriously people, this was his job. OF COURSE it was explainable. Hell, the tools he used were probably provided to him.

Re: The trick

[cbiltcliffe]

His job was to find juicy tidbits in data scraped from external sources. His job was definitely NOT to find juicy tidbits in internal NSA documentation. The fact that he could easily and massively access this documentation without anyone seriously questioning his activities is a huge problem.
The assumption could be made that internal documentation and externally sourced data are stored on the same servers, and accessed using the exact same methods.

There is no possible explanation for this which doesn't involve the NSA having absolutely piss poor internal security.

Re:Please read before modding down.

I read it. Now, may I mod it down?

Middle Initial

Anyone else notice that Snowden is increasingly being referred to as "Edward J. Snowden" instead of just "Edward Snowden"?

Re:Middle Initial

[SpzToid]

Huh. Just like Homer J. Simpson. Coincidence? I'll bet all my mod points on it!

Maybe this is in reference to Jay Ward?

Could this possibly be a conspiracy, brought to you by the same evil mind that gave us Rocky, Bullwinkle, Natasha, and Boris? Stay tuned for the next adventures of...

https://en.wikipedia.org/wiki/...

Re:Middle Initial

[wirefarm]

Jerry: David Berkowitz, Ted Bundy, Richard Speck...
Alice: What about them?
Jerry: Serial killers. Serial killers only have two names. You ever notice that? But lone gunmen assassins, they always have three names. John Wilkes Booth, Lee Harvey Oswald, Mark David Chapman...
Alice: John Hinckley. He shot Reagan. He only has two names.
Jerry: Yeah, but he only just shot Reagan. Reagan didn't die. If Reagan had died, I'm pretty sure we probably would all know what John Hinckley's middle name was.

Re:Middle Initial

[orgenegro]

Orge: John Wayne Gacy, Sirhan Sirhan, how do they fit in Jerry?

Re: Middle Initial

John Wayne Gacy and Henry Lee Lucas, idiot.

When you are a criminal

[nurb432]

You use proper tools.

Re:When you are a criminal

Proper tools for criminals. Yes. I take it you mean:

In this case you use the new york times as your tool to do some criminal unauthorised leaking to try a smear on a whistleblower to deflect attention from your criminality.

I don't suppose the new york times stenographers are remotely worried about being hauled before a judge to reveal their sources. The rule of law, RIP.

Re:When you are a criminal

[wonkey_monkey]

When you are anyone trying to do anything efficiently (such as the legally questionable automated gathering and storage of records of millions of phone calls and text messages?), you use proper tools.

Re:When you are a criminal

[nurb432]

Snowden clearly broke the law. NSA, not so clear.

Re:When you are a criminal

[Ralph+Spoilsport]

In order to bring to public light a horrible truth. Therefore: he is a hero, not a criminal.

Re:When you are a criminal

[nurb432]

He broke the law. He even admits it. This makes him a criminal.

Also, I don't care what think your motive is, you don't turn over classified documents to the enemy. He's a traitor and should hang.

Re:When you are a criminal

[Jah-Wren+Ryel]

Also, I don't care what think your motive is, you don't turn over classified documents to the enemy.

And there it is ... the free press is nurb432's enemy.

Re:When you are a criminal

[Spad]

Yeah, it's clear.

Re:When you are a criminal

[cold+fjord]

Extra! Extra! Read all about it! Normandy Invasion D-Day set for next week! Generals are concerned!

Re:When you are a criminal

[matfud]

Which enemy? The rest of the world?

Re:When you are a criminal

That's right. If you do any such thing, especially giving any aid to Jews, straight to the concentration camp fo ryou!

Yes, I've invoked a Godwin's Law incident. But in this case, the comparison is actually relevant. Seeing all exposure of abuses by the state as treasonous because it may aid the enemy is exactly where fascist abuses flourish.

Re:When you are a criminal

[Antique+Geekmeister]

Congress. They leak _everything_.

Re:When you are a criminal

"Snowden clearly broke the law."
Yeah, so did all the guys who signed the Declaration of Independence of the states of North America. So did Jesus... Nelson Mandela...so did thousands of true heroes and patriots.

And Fork slashdot!

Re:When you are a criminal

The signers of the Declaration of Independence were criminals and traitors too. Sometimes the law isn't right and the only way to make it right is to break it. We wouldn't have the United States if all the founding fathers decided to be good subjects because they were worried about the gallows.

But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security.

Re:When you are a criminal

Extra! Extra! Read all about it! Normandy Invasion D-Day set for next week! Generals are concerned!

And the master of false equivalences tags in!

Re:When you are a criminal

[dcollins117]

Snowden clearly broke the law. NSA, not so clear.

Why NSA phone-records spying is totally, utterly illegal

http://boingboing.net/2014/01/29/nsa-phone-records-spying-is-to.html/

Re:When you are a criminal

[93+Escort+Wagon]

Which enemy? The rest of the world?

Angela Merkel.

Re:When you are a criminal

Please define "criminal".

Then please define "ethical".

Lastly, please try to reconcile the two. See in what situations they might complement eachother, and see what situations they oppose eachother.

Sometimes, the most hideous thing you can do, is to not break the law.

Re:When you are a criminal

[ganjadude]

He broke the law. He even admits it. This makes him a criminal.

says the person who thinks booth is a patriot?

Re:When you are a criminal

You are a laughable sheep piece of shit. Fucking statist lackey, just keep baaaaaa-ing.

Re:When you are a criminal

Maybe not the law, depending on whether you ask lawyers like John Yoo, but they certainly rewrote the Constitution, in secret.

That would be called what it is, a military coup, in a sane society with a real media consisting of people with independent judgment.

Our military sucks $1T/year out of this society. Really cushy jobs, and they have set the world up for continuous war via creating enemies faster than they can kill them, and protected themselves for the future by building a searchable database with all the world's blackmail information. Each of us is automatically categorized by the varieties of blackmail info, e.g. social patterns of man and wife and girlfriend or boyfriend, in all the possible combinations.

It has worked well : criticism in Congress is only offered by the squeaky clean and replayed in MSM, the only place it can generate political pressure, by MSM that isn't controlled by the half dozen big corporations the government can control.

Noi conviction would be possible if the gov ran a fair trial : informing the jury about their right to judge the justice of the law, as well as the facts of the case and putting his fellow nerds on the jury.

This is, sadly, nearly my last post, last reading of slashdot comments for a week. Fuck you Dice management for making such a step necessary.

But I am going to see what I can do to foster altslashdot.org for that week and will spend some time looking at alternatives, just in case Dice management continues to act as foolish, stupid, short-sighted and mis-directed as I know they are. Who knows, altslashdot may end up a lot better than slashdot.

That evil program, wget

[sensei+moreh]

Hey, NSA: ~$ rpm -q wget wget-1.15-1.fc21.x86_64

Re:That evil program, wget

[VortexCortex]

no no no no. You fail to understand the intelligence at work here. The proper command would be:
sudo cat /dev/urandom > /dev/sda

Dawww, this cat is ultra random! Crazy like a devil / silly damn animal.

Amused

[Spad]

"This automated and indiscriminate bulk collection of data is unacceptable!"

Re:Amused

[drinkypoo]

Oddly, government is complaining that people will be able to take the various facts that he assembled and figure out what we're really up to. You know, the kind of thing they say they can't do with our metadata.

Re:Amused

[mtrachtenberg]

All he got was metadata.

To avoid the Beta

Just modify your bookmark to

http://slashdot.org/?nobeta=1

Its the incantation used in the link at the bottom of the beta page, so its not as if you're using a commie hack. It just means that you're not randomly redirected to that festering midden of rancid shit that is Slashdot Beta.

Hmmmmmmmm.... Do you think my characterisation of the beta was a little extreme????

(Captcha "bellman". Ting Ting!!!)

How Many More NSA Employees?

[retroworks]

Now the question is, how many other NSA contractors / staff / moles / spies have been doing the same thing, without Snowden's intention to disclose their behavior?

Re:How Many More NSA Employees?

[quenda]

Now the question is, how many other NSA contractors / staff / moles / spies have been doing the same thing, without Snowden's intention to disclose their behavior?

I'm sure the NSA assumes they have moles, and none of the data Snowden released is a surprise to the Russians or Chinese.
The NSA was just not prepared for the truth to leak to their real enemy - the general public.

Re:How Many More NSA Employees?

[elucido]

The NSA puts too much trust in it's employees obviously.

Re:How Many More NSA Employees?

They don't care. Criticism of The State is a far worse crime than stealing confidential information and handing it over to other nations.

Re:How Many More NSA Employees?

[VortexCortex]

All of them. That's why they fired all their IT guys.

Re:How Many More NSA Employees?

... to their real enemy - the general public.

That is such a load of crap.

Why? I'm quite sure that most governments at the very least had a general idea of what the NSA was up to before Snowden's leak, it's only members of the general public that would get painted as conspiracy theorists and ignored whenever the they tried to draw attention to this sort of thing.

Re:How Many More NSA Employees?

[cold+fjord]

Now the question is, how many other NSA contractors / staff / moles / spies have been doing the same thing, without Snowden's intention to disclose their behavior?

As has been previously demonstrated on Slashdot the number will be assumed to be as many as are needed to render Snowden's crimes "meaningless," so "therefore he should be pardoned."

Re:How Many More NSA Employees?

[ebno-10db]

That is such a load of crap.

How so? The real enemy of any bureaucracy is those who would dismantle, or at least limit it, in terms of power and growth. No foreign power is going to do that to the NSA. If (and I'm afraid it's a big if) anything limits the power and growth of the NSA it will be the outrage of the American people. Therefore the American people are the true enemy of the bureaucracy.

Re:How Many More NSA Employees?

If you work at the NSA and you are not copying their entire blackmail database for your personal use you are an idiot.
Just think about it. If you ever get fired or whatever you will need an insurance policy against those people, and what better way than to use their own data.
Of course Snowden ruined it for everyone by releasing all the data, so all the insurance is worthless now.

Re:How Many More NSA Employees?

[ToasterMonkey]

Now the question is, how many other NSA contractors / staff / moles / spies have been doing the same thing, without Snowden's intention to disclose their behavior?

Is this some variation of "If a tree falls in the woods, and nobody is around to hear it, and it hits a mime, does anyone care?"

Re:How Many More NSA Employees?

[Shaiken]

As others have said: "How so?"

It's a logical conclusion based on the available evidence: No safeguards were in place to defend against an analyst stealing data and giving it to someone else, despite this being an obvious threat the NSA could not possibly have been unaware of.

No such measures were taking until someone (i.e. Snowden) leaked this information to the public. Add this to the extremely negative way in which the NSA and the entire administration talks about journalists reporting on this, and the response to other whistleblowers and this really is the most likely explaination.

Re:How Many More NSA Employees?

[cold+fjord]

I'll overlook the fact that your post strayed from the assertion that I responded to and point out that nearly your entire post is false. It isn't even close.

To begin with, there certainly were safeguards in place. To begin with you had to have a Top Secret security clearance following an investigation to get access to the data. The data was limited to the NSA network where you would have had to work and be granted access to it. Snowden wasn't an analyst that would have had more restrictions, but was working as a system administrator which allowed him greater access and a ready excuse for some of his devious behavior and actions. He was detected copying the large and unusual amounts of data, but repeatedly lied to coworkers and investigators when challenged. That was already on top of the lying he did to get his clearance and job to begin with.

As it was Snowden had a narrow window to complete his actions after he started that job since the NSA was in the process of installing new security software that would have made his breaches obvious. That started before Snowden's theft and leaks, not after.

The administration and political establishment condemn the leaks because they are damaging. Snowden's leaks are going to cost billions of tax dollars to work around, and if you live in the Western world you'll almost certainly be paying your share since the US, UK, Australia, Canada, New Zealand, and other nations have been compromised.

So no, you didn't correctly evaluate the available evidence. In fact you have it pretty much backward.

Re:How Many More NSA Employees?

[cold+fjord]

To you the term "enemy" is rhetorical, or metaphorical. It is a figure of speech that one casually throws around based on the whims of your politics. The NSA and military deal with enemy on a much more concrete basis: nations aiming nuclear weapons at the US, that probe its defenses with bombers and submarines, that attempt to kill Americans by poison, bomb, machinegun, or beheading. They focus on nations engaging in aggression against American allies. The NSA and military are protecting the US from that sort of enemy. They are clear that the American people aren't their enemy but the ones they are defending. The confusion regarding friend and foe, who the actually enemy is, seems to be a malady common to commenters on Slashdot. It is unfortunate that so many otherwise intelligent people get this wrong, but fringe politics will do that.

Re:How Many More NSA Employees?

[cold+fjord]

Yes, most governments would have had a general idea of what the NSA was up to, in much the same way that identity thieves have a general idea that you have a social security number and a bank account number. They can't steal from you unless they get that specific information. Snowden is providing specific information. Let's put it another way: the Germans knew the Allied powers would invade France in the 1940s to free the French people and defeat Nazi Germany. What they didn't know was when, where, and how. If they had known that the invasion would have been a disaster. Snowden is providing the when, where, and how. You're worrying about the wrong things.

Re:How Many More NSA Employees?

Actually as 1 in 40,000 he should be ignored as meaningless, isn't that what you claimed of other transgressions?

Re:How Many More NSA Employees?

Yes, as the president of Germany has nuclear weapons aimed at the us, and quite often goes around with her machinegun shooting and poisoning any American she meets. When noone is looking she also plants bombs and beheads people, its quite a busy job on top of all the submarines and bombers she is sending to test American defences. Maybe its the US who has trouble telling friend from foe...

Re:How Many More NSA Employees?

[Shaiken]

A few points:

It turns out that (one of) the companies responsible for performing the background checks didn't actually do them (and not "failed once or twice", but "systematically faked them to increase their profit margins). There was a total failure on every level to provide any sort of auditing.

You assert damage, just like the US government has. Just like the US government you fail to provide any sort of evidence for this. In fact, there are reports that these programs are totally ineffective anyway. Any political damage from them happened because they existed, not because they are revealed in the same way (in exactly the same way, because that's what this is. A crime.) that prison time results from the crime, not from being caught.

Even if there was massive damage, the decision about wether or not we're willing to sacrifice essential freedoms (like not being watched 24/7) in return for (alleged) safety from terrorists is one which needs to be made by the people, in the open. Not by a secret court interpreting secret laws.

Re:How Many More NSA Employees?

[cold+fjord]

Many European countries have significant numbers of extremists in them that are either involved in terrorism or support it, including France, the UK, and Germany. One of the terrorist cells that conducted the 9/11 attacks came out of Hamburg. Germany has seen a rise of neo-Nazi violence, including a string of murders, and there have been concerns that the government was looking the other way to allow it. At the same time Germany has been a key supplier of sophisticated weapons to various countries, including Israel. It was also a country that did a lot of business with Saddam. There are growing tensions among countries in the EU over a number of issues, including the financial and economic problems, and some old hatreds seem to be stirring in many places. These sort of tensions have previously led to war and genocide. Russia, China, and probably Iran, all have many spies in Germany. Chancellor Merkel's phone was being monitored by five (5) different countries, not just the US. Russia especially would like to neutralize Germany, and see NATO fall apart, and who knows what with the EU. The potential for the Euro to fall apart in a meaningful concern, and the German central bank plays a key part there. There is certainly more beyond that to be concerned about. If you can't figure out some reasons why the US may be interested in the domestic affairs of not only Germany, but other nations to varying degrees, you don't really have much useful to say on the matter.

Re:How Many More NSA Employees?

Hahaha, I'm sure all those bad people you just mentioned call Chancellor Merkel's phone all the time, just for a chat I guess.

Russia wants to neutralise Germany and see NATO fall apart, does the US also want this? they are acting the same by spying the same? Some enemies of Germany taped her phone and also an 'ally', do you see the difference yet? Soon you wont have any allies left, and you creating terrorists left right and center. Missions accomplished I guess if thats what your country is all about.

ps. Everybody here already knows how useful you are to any given discussion...

Re:How Many More NSA Employees?

[cold+fjord]

If you think the US is creating terrorists then you don't understand their motives, at all. You should look into that. Start you search looking for Caliphate and Sharia. You'll find that they want you to live under it too. I doubt you'll like it.

Someone has to bring the unpleasant facts to the discussion. That is often me. Discussing the actual facts is pretty useful.

Useless NYT article ..

[DTentilhao]

"Agency officials insist that if Mr. Snowden had been working from N.S.A. headquarters at Fort Meade .. he almost certainly would have been caught. But because he worked at an agency outpost that had not yet been upgraded with modern security measures, his copying .. raised few alarms."

This is retrospective ass-covering cyberbullshit. It is precisely at the edge that the security attacks would come from. What they were doing putting such material on Web servers and Wikis beggers credulity. Didn't senior management not realize that as keepers of the nations secrets they would be subject to attacks both internally and externally. Given the state of non-security at the NSA I would suspect that Snowden wasn't the only hostile with access to the “the keys to the kingdom”.

Re:Useless NYT article ..

[Spad]

"Sure, we left the windows open, but the door was impenetrable"

Re:Useless NYT article ..

[maxwell+demon]

Next in: "We couldn't detect this attack because it was performed over the internet. If the attacker had tried to enter the building physically, we surely would have caught him before he could do any damage."

Re:Useless NYT article ..

"If we have people inside our network, we have much bigger problems". I hear this from at least one idiot in IT at every company I've been at for the last decade, and it's usually from the system architect.

Re:Useless NYT article ..

While working a 1 year temp contract, I heard this on the trading floor of a tier 1 bank.

At the time, I had the root password to their global internal FX trading database plus the password to their order handling software. I was the one who specified their audit procedures and made sure they were running at go-live. I provided the both the server-side and client-side executables to be distributed, even though I didn't work for the vendor. I tried not to think of the potential, but it was basically limited to my imagination at that point.

Re:Useless NYT article ..

This is retrospective ass-covering cyberbullshit. It is precisely at the edge that the security attacks would come from. What they were doing putting such material on Web servers and Wikis beggers credulity.

What do you expect them to do write all of their technology stacks and IS platforms in-house from scratch? Unless you preach at the church of security by obscurity we are all better off if they don't even think about it.

Didn't senior management not realize that as keepers of the nations secrets they would be subject to attacks both internally and externally.

Judging by parade of NSA spokes spooks early media appearances regarding "sophistication" of Snowden's activities. I suspect they are all absolutely clueless.

Given the state of non-security at the NSA I would suspect that Snowden wasn't the only hostile with access to the âoethe keys to the kingdomâ.

Operating effectively in a trust-no-one environment and still expecting to get work done is a very difficult problem.. From public accounts it is hard not to draw the conclusion they didn't even try.

Re:Useless NYT article ..

[wiredlogic]

These people are part of the same defense establishment that thought it was a good idea to make CD writers available on "secured" networks where people like Manning could access them. The people working for defense contractors have fairly well secured and locked down systems because there are serious financial penalties for unintentional disclosures. Within the DoD institutions themselves, however, it's an anything goes wild-west in the name of expediency. In that sphere, it's all a good 'ol boys club where no general will ever take the hit for security deficiencies under his chain of command.

In his defense

[lxs]

In his defense mr. Snowden explained that his scraper was only gathering metadata and therefore by their own standards the NSA has nothing to worry about.

When asked for comment NSA director James Clapper replied : "Whoa that's deep bro!"

Re:In his defense

[leftbrainstrain]

As long as he was only using a program to "scrape" and "back up" the data, everything was fine. So it's after he "backs up" the data and takes it with him, when he chooses to "collect" it (you know, when he actually opens a file and views it) without proper "need to know" that there is a problem, right?

Of course the NSA is most definitely not performing mass data collection ... they're choosing to "scrape" and/or "back up" our data.

Re:In his defense

[Livius]

And in fact Snowden could not be convicted for anything in relation to a document that he didn't read himself but that he might only have given to journalists to "back up".

There no conclusive proof he looked at anything besides metadata.

Re:In his defense

In his defense mr. Snowden explained that his scraper was only gathering metadata and therefore by their own standards the NSA has nothing to worry about.

The major newspapers stated that the data is only searched when we have a warrant^H^H^H^H journalist review it. Additionally, the newspapers are looking at ways to allow the data to remain at the NSA until publication.

(Before newspapers like the NYT or The Guardian publish, they let the US government "review" the articles.)

Additional

And we were caught!

A friendly reminder:

[Vintermann]

There's absolutely zero reason to believe anything the NSA says about how Snowden got the documents, or indeed, about anything. They believe they are entitled to lie to congress, so the public isn't even a question.

Wget or Curl?

Do you think he used wget or curl?

Regulate it

[jbssm]

wget must be regulated in order to protect the freedom of the American people!

SCRAPE THE BETA

[FUCK+BETA,+FUCK+DICE]

Please post this to new articles if it hasn't been posted yet. (Copy-paste the html from here so links don't get mangled!)

On February 5, 2014, Slashdot announced through a javascript popup that they are starting to "move in to" the new Slashdot Beta design. Slashdot Beta is a trend-following attempt to give Slashdot a fresh look, an approach that has led to less space for text and an abandonment of the traditional Slashdot look. Much worse than that, Slashdot Beta fundamentally breaks the classic Slashdot discussion and moderation system.

If you haven't seen Slashdot Beta already, open this in a new tab. After seeing that, click here to return to classic Slashdot.

We should boycott stories and only discuss the abomination that is Slashdot Beta until Dice abandons the project.
We should boycott slashdot entirely during the week of Feb 10 to Feb 17 as part of the wider slashcott

Moderators - only spend mod points on comments that discuss Beta
Commentors - only discuss Beta
http://slashdot.org/recent - Vote up the Fuck Beta stories

Keep this up for a few days and we may finally get the PHBs attention.

-----=====##### LINKS #####=====-----

Discussion of Beta: http://slashdot.org/firehose.pl?op=view&id=56395415
Discussion of where to go if Beta goes live: http://slashdot.org/firehose.pl?op=view&type=submission&id=3321441
Alternative Slashdot: http://altslashdot.org (thanks Okian Warrior (537106))

Snowden is a patriot; the NSA is treasonous

[Tenebrousedge]

The idea of military specialists of whatever type being employed against the society they belong to, is treasonous and fucking retarded no matter what legal acrobatics are employed in their defense.

You may have some sort of mystic devotion to the law, but I believe laws are made by (generally corrupt) men for their own interests, and I am familiar enough with the world outside the borders and political influence of the United States to know there is an enormous difference between legality and rightousness. The U.S.A. may not be the kind of country where you are expected to bribe every public official however minor -- we generally reserve that for higher office. It takes a special kind of idiocy to use military forces against their homeland, though.

Government at its core is the body to which we have delegated our inherent right to violence -- a right being defined in this case as something which cannot be taken from you. We delegate this right to others, specialized in its use, with the express understanding that [a] as applied to civilian life, the exercise of violence by police will be applied fairly and equally as men can manage, and [b] that the unrestricted expression of this (as embodied by military force) be only employed against our enemies. War is hell, and we do not bring hell home.

Snowden is a patriot, and the NSA is treasonous -- whether or not the law can be made to serve whichever purpose. Beyond all other argument, potentially felonious violation of the law is so common with the continual proliferation of laws that lawfulness cannot be the only measure of either justice or rightousness. May all those who support the NSA have a fair trial.

You are confused.....

[rts008]

I'm trying to see how your sig. fits with your comment, and can only conclude you have no clue....

wow, Snowden wasn't stupid.

seriously? this is news?

Snowden used computer technology to gather the evidence??

GOOD ON HIM.

Hang him high

I look forward to the day when sNOwden hangs for high treason against the people of the United States of America.

Re:Hang him high

[cbiltcliffe]

I look forward to the day when sNOwden hangs for high treason against the government spooks of the United States of America.

FTFY.

Maybe I'm missing the point

[Shemmie]

Shouldn't the shock and horror be that Snowden was able to scrape the juiciest pages from the NSA information dump on basically everyone, without so much as a 403 error?

Re:Maybe I'm missing the point

[Shemmie]

To reply to myself; no, the shock and horror should be that there is a database out there with everything in it. :/

Re:Maybe I'm missing the point

[rainer_d]

Shouldn't the shock and horror be that Snowden was able to scrape the juiciest pages from the NSA information dump on basically everyone, without so much as a 403 error?

It was the intranet - I guess they trusted everybody with an AD account ;-)

I believe, though, it's no coincidence that Snowden ended up in the HW office. He was probably aware of the lack of security when he requested the transfer.
God only knows how many guys have downloaded that data before him and sold it to the highest bidder.

Re:Maybe I'm missing the point

[Shemmie]

It's terrifying, really, that it seems like there's no granular, highly-tuned security system in-place for all this; rather a "You have permission to view", "You do not".

Inmates are running the asylum

Actually most spy agencies are full of incompetent paranoid lunatics. The are the same people as the conspiracy nuts, just on the other side of the fence. They live in a bizarre world where they are so busy looking for enemy action and seeing enemies all over the place. If an operation fails its because the enemy was smarter, we need more resources to look closer. If they can't find a terrorist/spy its because they are really good at hiding and concealing their tracks.

They aren't able to entertain the idea that maybe what they are looking for doesn't actually exist.

Read this amusing essay about MI5
http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER

SCP Script?

[atari2600a]

SCP Script.

That spoonfull of sugar

[TigerPlish]

That spoonful of sugar can't mask the bitter taste of your own medicine, can it, fancy espionage agency?

breaking news

one man didnt read millions of pages, he used software to get those millions. "this just in, someone followed the laws of sanity". idiots.

This is even scarier!!! Re:Stunning.

I'd have thought he went in each day with wheelbarrow full of 1.44" floppies and just copied until he got it all... That's some mighty fine detective work, Lou.

What is even more scary - nobody seems to have picked up that the floppy disks in question were 1.44 MB and were 3.5" in width - NOT 1.44" !!!

Re: This is even scarier!!! Re:Stunning.

[jsh1972]

D'oh!

Re:This is even scarier!!! Re:Stunning.

[Runaway1956]

I just thought that maybe they were high velocity floppies. Aren't all the terrorists resorting to high velocity floppies now?

"briefly challenged"

I love how they keep pretending they were on to him, but he was just so nefarious he escaped. You think a spy agency would be prepared to deal with spies. Or did they believe the polygraph results were actually accurate? There's a reason they are not allowed in courts of law.

dirlisting/autoindex ENABLED ? More likely ftp

[redelm]

For a spider (scraper?) to work, it has to get the filenames from somewhere, usually another file like ./index.html . I cannot see anyone building webpages of the memos, but they might very well be stored as files in some directory structure. Turning on dirlisting (or autoindex) is an invitation for total access -- http is a protocol for info you _want_ to spread. Not even the USG is that incompetent.

What might have happened is that netadmins like Snowden had uid/pwd that allowed ftp access (necessary to fix files). Then run the directories just as `archie` did 20+ years ago.

wtf?

[Spiked_Three]

People are finding back door in open software on a daily basis. Wait until stories start coming out about hardware backdoors that have been coerced. In any case, get a clue.

so?

[epyT-R]

Is this supposed to convince me that snowden was a criminal instead of a patriot reporting on the behavior of corrupt government?

look like

google is the biggest terrorist of them all then

not in my front yard

SLASHCOTT FEB 10-17

Goodbye for a week!

[fritsd]

putting it in my /etc/hosts file so I don't relapse :-)
BTW it is slightly evil of you to say
echo '127.0.0.1 slashdot.org' > /etc/hosts
instead of
echo '127.0.0.1 slashdot.org' >> /etc/hosts

Bye everybody! Bruce, you have my full mental support FWIW!

Beta is fine

Stop posting this message, attention whore !

Re:dirlisting/autoindex ENABLED ? More likely ftp

[mysidia]

What might have happened is that netadmins like Snowden had uid/pwd that allowed ftp access (necessary to fix files). Then run the directories just as `archie` did 20+ years ago.

The tool he had access to that was 'more advanced' than WGET was probably called Rsync

The point is that he copied the NSA's intranet

Who cares what tool he used? wget, some wrapper for it, etc... the point here is that the nsa is saying the information that snowden got was probably just what was available via the nsa's intranet, and maybe all shared drives with bad permissions, drop boxes, temp volumes that admins forget to clean out, etc...

and it can also be a subtle way of telling journalists to be careful about blindly trusting the data from snowden.

Interesting

[golodh]

You're probably right about the NSA trying to make this point. Whether they have succeeded is another matter.

It's obvious that for someone trying to extract documents from the NSA network stealth is essential. Not spending too much time at work fine-tuning queries or wading through lots of material you don't have any business looking at is a start. Therefore using some sort of script or other software tool for the job is practically a necessity.

The suggestion that Snowden's "take" contained a disproportional amount of files related to military goings-on (as opposed to spying on US citizens) would need substantiation. Probably in the form of a copy of the script/tool he used plus the search terms used *plus* the ratio of military to non-military material in NSA's systems.

For example, it could very well be that search terms that cover how the NSA collects its data (Snowden's focus in publications) will return large amounts of militarily-oriented hits without specifically targeting military stuff. After all, NSA runs a large number of monitoring stations, most of whose data feed goes into military assessments rather than anti-terrorism related ones (I hear). So this mil/non-mil ratio would have significant impact on the ratio of mil/non-mil stuff that Snowden's query got him.

Somehow I doubt that NSA would like to divulge that ratio in a public court.

Re:Interesting

[AchilleTalon]

I don't believe NSA needs to demonstrate all of this to make the point. The simple fact that Snowden didn't know where the evidence to make his point was is enough to conclude he was really going fishing here hoping to find what he was seeking for, because in first place his conviction the NSA was breaking the law was not well founded.

And second, NSA can always request a closed trial due to the nature of the proof.

Re:Interesting

[Sepodati]

I think the way that news keeps coming out in piecemeal as people discover what's in the files, helps to show that "data" was grabbed, rather than just proof of illegal spying.

web crawler? For real?

Who would host top secret documents on a web server, so any clown with HTTrack can download them all?

Lou

The Coen brothers' movie Fargo, as in " I'm not sure I agree with you a hundred percent on your police work, there, Lou. "

Re:web crawler? For real?

[American+Patent+Guy]

"Who would host top secret documents on a web server, so any clown with HTTrack can download them all?"

A government agency that wants a straw man to distract the public from other activities they are doing. I'm not worried about what Snowden is disclosing. I'm worried about what Snowden didn't get his hands on.

wget declared illegal

[tconnors]

wget declared illegal. Film at 11.

Don't get me started on perl hackers. Heck, they even admit to be being evil, calling themselves hackers! They probably work in black magic too!

DRM Solution

[Elixon]

And you thought that Encrypted Media Extensions coming to HTML is evil!

If NSA followed future open (read "closed") standards to protect state secrets you would not have a problem like this.

Snowden would need to deal with serious messages like "Click here to purchase one copy of 'Guide to PRISM, part 2.' from NSA for only $4.99 incl. VAT"... And of course he would be limited to share such documents only with maximum of one additional reading device. That would definitely put the uncontrolled spread of information (for the people, by the people) to the end.

Plus if "wget" was not freaking-OSS he could read something like "wget is not licensed to be run on computer NSA-1AD1-489, please purchase full version"...

See how evil is OSS and open web?

Maybe it's a side effect of growing up during the

I have to wonder. Snowden's actions are right out of the playbook of the KGB. Maybe I've watched too many spy movies from the 80s but it's starting to ring like Snowden is a classic double agent working for Moscow.

Re:Maybe it's a side effect of growing up during t

Yeah, there's that Bond film too, where a KGB agent reveals to newspapers the illegal and intrusive plans of Bond and his agency. Wait...

Fishing ?

[golodh]

I don't agree with your argument that not knowing the exact location of files you want in a huge system, and then writing a query that will probably get everything you want alongside a lot of stuff you're not primarily interested in, implies that you're going on a fishing expedition.

Far from it. In fact if you're looking for illegal data-collection methods you know the mechanism but not the location, the name of the program, or the actual method.

Most database queries and WWW search engine queries work like that. Especially when the figure of merit is "don't overlook something we want to know about" and "minimise the effort on the query" instead of "minimise the number of hits returned".

After all, you can carry gigabytes of data with you on a USB stick and you can sift through it later when you're about to publish...

So err ... given the constraints I'd say it would be very hard to argue that Snowden went on a fishing trip.