NSA Contractor Indicted Over Mammoth Theft of Classified Data

Dustin Volz, reporting for Reuters: A former National Security Agency contractor was indicted on Wednesday by a federal grand jury on charges he willfully retained national defense information, in what U.S. officials have said may have been the largest heist of classified government information in history. The indictment alleges that Harold Thomas Martin, 52, spent up to 20 years stealing highly sensitive government material from the U.S. intelligence community related to national defense, collecting a trove of secrets he hoarded at his home in Glen Burnie, Maryland. The government has not said what, if anything, Martin did with the stolen data. Martin faces 20 criminal counts, each punishable by up to 10 years in prison, the Justice Department said. "For as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government," said U.S. Attorney Rod Rosenstein.

Good reason...

... not to take work home with you

Re:Good reason...

[WheezyJoe]

... not to out-source critical shit to contractors.

But you want to be able to hire and fire them easily, on the whims of the budget, right? And to show efficiency with as tiny a staff as possible, right? And to obfuscate responsibility if something goes wrong, right? If your assistant commits treason on your watch, you're to blame because you should have picked up on it, at least. But a contractor? Who takes the fall for contracting the contractor? Fingers point everywhere but nobody's directly responsible for what a contractor does (except when he does something good, you can take credit).

Out-sourcing. Your stepping-stone to success in management.

Re:Good reason...

The contractor arrangement is occurring for several reasons. Of course, because the government allows it. But also many young professionals in the DC area are doing it intentionally in order to make more money. You can get a higher salary if you're a "contractor" to the NSA than you would being hired straight to the NSA. Ignoring things like benefits, the government just doesn't pay enough for security personnel. Hell, last time I looked the NSA was offering *up to* $104,000 for a job that required 5 years experience and a master's degree for software engineering (and probably requires a security clearance as well, which typically adds value to an individual....especially if you hire them when they already have the required clearance. In some cases the value can be up to $15,000-30,000, so employers can give you a $10,000 'bonus' simply for already being cleared and still come out ahead compared to hiring someone who isn't cleared at all).

Compared to the private sector in the same area, salaries seem to be at least $120,000+ for the same requirements (5 years + masters). With that level of experience it's not uncommon to reach $130,000-140,000 for software engineers who have specialized in system security in the DC area.

Now, with contracting, you have to go even higher because you're on the hook for your own benefits. So that person who would make $120k full-time in the private sector is probably somewhere up to $170k or higher. Now they contract themselves to the US government, which would have only paid them $100k to start with, but they have the $170k price tag based on the private sector, and they pocket the $20k difference (less taxes). So you do the same work (government work, which is infamous for being slow-paced and secure), have less risk compared to real contract/freelance work, and get more money.

In DC you're almost guaranteed to have better benefits and more in-pocket cash if you're a "contractor". Most of these "contractor" types don't actually freelance or work anywhere else, they're just gaming the system because they know the NSA and other three letter agencies will play along.

Re: Good reason...

Mostly accurate. However, quite a few (most?) contractors work for large companies that do offer benefits. You don't have to go out on your own.

But otherwise, yeah. In technical agencies it's very common for government employees to sit beside a contractor doing the same job for twice the pay. As you can imagine that is somewhat demoralizing.

Re:Good reason...

Contractors also have to actually work, which nearly all government civilians don't have to do. I know, since I have been both.

I don't buy it

They said he stole 50+ TB of data from the NSA.

I'm not sure how this is possible?

Re:I don't buy it

[MightyYar]

Assume 50 TB over 50 working weeks a year and that's 1TB a week, divided over 20 years gives you an average of 5GB a week. That's well within the realm of feasibility, even if the bulk of his data collection came within the last 10 years and he was relying on thumb drives, SD cards, or the like.

Re:I don't buy it

[smooth+wombat]

You can't see how someone, over a 20 year period, was able to gather 50TB of data? 2.5TB of material per year is insignificant to the amount of data people such as him have access to.

Re:I don't buy it

[admin7087]

That and as someone else said somewhere else, it's the National Security Agency and not the Secure National Agency.

Re:I don't buy it

Assuming the NSA uses tapes for backups (common in some places), all the guy had to do is pocket a few backup tapes every week and he'd hit that quota very quickly.

Tape capacity ranges from 200GB to about 6TB, I believe, and they are much easier to steal than hard drives.

Re:I don't buy it

Zzzzzzt. Arithmetic error. I count 50GB a week, not 5GB. That would have been very annoying to do 20 years ago.

50 weeks X 20 years = 1000 weeks. 50TB / 1000 weeks = 50 GB per week.

Re:I don't buy it

[DivineKnight]

Nevermind that. Does anyone know where he's being held? Because we need to send him his shirt.

Re:I don't buy it

I'm not sure how this is possible?

It's probably exaggerated to hell and back the same way prosecutors love to inflate narcotics valuations. You get caught with a pound of weed, and instead of $2000 they put out a press release saying they took $450,000 worth of drugs off the street, because they break it down to grams, and in some alternate universe they've decided a gram is worth $1000. Could be the same thing here.

Let's say you steal 100 pages worth of data. 100 pages of raw text could easily fit into 50KB. But if you print those 100 pages, then scan them in as PDFs at 3MB per page, suddenly your 50KB worth of text weighs in at 300MB and it sounds like you stole a whole lot more than you really did. For all we know the NSA printed out bankers boxes worth of documents they found on this guy, then scanned them in at the highest possible quality, eventually you get a stupid amount of data and your "bust" looks amazing.

Re:I don't buy it

[nospam007]

"They said he stole 50+ TB of data from the NSA.
I'm not sure how this is possible?"

Read again, he also stole a mammoth to transport the stuff.

Re:I don't buy it

[MightyYar]

Ya got me. Still, even in 2007, 100GB/week is feasible. And the amount he could bring home grew exponentially with the capacity of flash memory, so he could have been doing 1TB/week no problem the last year or so (hell, 1TB/day is feasible to a single stick if he's sitting in the server room doing drive images and such as a routine part of his job).

Re:I don't buy it

[Bartles]

20 years ago 2.5TB was not insignificant.

Re:I don't buy it

[ausekilis]

That's ~5GB a day over one year. So he managed to dig up and exfiltrate a DVD's worth of information, on top of his normal duties, every day?

Nope... he was doing it for 20 years, which brings that average down to 250 MB/day. That's still A LOT of information for 20 years ago, when hard drives were still measured in MB. The fact that he was able to keep going for so long is dumbfounding to me. Most places have random inspections, you'd think over the course of 20 years, he'd have been busted a few times.

Re: I don't buy it

May be today, but try lugging around 2.5TB 20 years ago. Something tells me the data collection rate followed a particularly well known curve.

Re:I don't buy it

He didn't steal a mammoth. Read TFS again - the mammoth was hired as a contractor.

Re:I don't buy it

[interkin3tic]

Maybe 50 tb isn't that much compared to the monsoons of data the NSA is collecting from all of us with no idea what to do with it?

Re:I don't buy it

[tsotha]

I worked in a highly secure shop and we never once had a random inspection in the four years I was there. Part of the reason is those kinds of inspections increase the number of people who have access to the data. Presumably trusted people, but still...

Re:I don't buy it

[AHuxley]

AC don't worry about size. With modern compression and consumer storage in the terabyte (TB) and gigs amount is not the issues.
The next question for the NSA is was it networked and on what OS?
How do Tailored Access Operations set their tools up? As the first sign of any network in the wild do they activate and become mission ready?
Mission ready on any network in the wild? Was some distant server of interest to the NSA contacted from not a NSA staging server?
Did another nation, admin or a person then have the skills to see code try to alter their server and follow it home only to discover its not some protected staging server this time?
Did anyone in the wild follow activated NSA tools back and extract data from a network the NSA was not aware of?
Was cloud AV used? Did AV see something and report back to some company?
Think of the most modern consumer grade OS that indexes and then shares search results with a brand unless privacy settings are altered?

Re:I don't buy it

[quenda]

I heard "mammoth" is just NSA slang for gigaabyte .

The mammoth DNA has been sequenced - 4 billion base pairs, each pair is two bits. 1GB.
So this guy simply made "offsite backups" of one mammoth per day, on average.

Re:I don't buy it

[freeze128]

...and if the NSA had any mind for security, those tapes would be encrypted, giving the contractor NO USEFUL DATA WHATSOEVER. Now whose fault is it?

Re:I don't buy it

[Narcocide]

But only villains use encryption, remember? Why would the NSA do that? They're the good guys!

Re:I don't buy it

[Narcocide]

(Yes, I meant this sarcastically.)

Re:I don't buy it

Depending on the era, backup tapes could have been the giant reel to reel or the small cartridge tapes, both of which I imagine are obsolete. OTOH, I haven't been there for 40 years or more. And when I was, it was as a low-level originator of material, not a high level filterer of such. (US Army Security Agency)

I never used computers, as such, in the Army, but in school, they were punch card input, which is somewhat lower data density.

Re:I don't buy it

[RockDoctor]

Since mammoths are elephants(*), and elephants never forget (**), then estimating the information content of a mammoth is ... tricky.

Let's say ... two eyes at around 4k.pixel square each and 20 frames per second is around 231,928.234*10^9 bytes/day for the eyes. What is sound? About 1MB/minute (I don't do music, so that's a wild guess.) for 1.5*10^9 bytes/ day. All other sensory and thought data - let's round it up to 250TB/day. Even if you assume JPEG-ish or MPEG-ish lossy compression for the visual information, you're probably still up at several TB/ day.

There's more going on in that mammoth than you'd think.

Re: I don't buy it

So, the NSA's problem seems to be finding people that are trusted. That just means they need to vet people better, increase the number of people they vet, and increase the number of people they hire, and pay people to rat other people out. They need to create a culture of security.

I mean, honestly, this really disaapoints me. If there is one guy, there are probably more.

Gee, more NSA illegal activity documents found???

So what did the alphabet agency do this time that they don't want the world to know about?

In other news

Museum of Natural History contractor indicted over theft of classified mammoth data

Re:In other news

[coastwalker]

One assumes that in a fit of enthusiasm to do a good job he took home a copy of anything interesting to look at later. One also assumes he will be executed for his trouble. Frankly if I were you I would not worry about stealing pens from the bastards that own your company, or doing a good job either. Just my 2 cents worth.

the NSA should put him on the payroll

[turkeydance]

if he's THAT good for THAT long

Re:the NSA should put him on the payroll

This. Fuck, they should give him a nice cushy pension and his own private island for giving them the methods he used to steal said information over those 20 years.
I'd take that in a heartbeat.

Why punish what you can learn from?

Re:the NSA should put him on the payroll

[hey!]

This. Fuck, they should give him a nice cushy pension and his own private island for giving them the methods he used to steal said information over those 20 years.

Unless the method he used was to exploit bureaucratic inertia and dysfunction. It's only worth paying people for information you plan to do something about. If you don't plan to do something about it, the next best choice would be to make an example of people who expose your incompetence.

Re:the NSA should put him on the payroll

[gosand]

RTFA

"Martin was employed as a private contractor by at least seven different companies, working for several government agencies beginning in 1993 after serving in the U.S. Navy for four years, according to the indictment. "

Re:the NSA should put him on the payroll

[g01d4]

exploit bureaucratic inertia and dysfunction

I think it's more a question of trust. If you've worked on classified programs you know there's a trade-off between security practices and getting the job done in a sensible fashion. Part of obtaining a clearance depends on assessments of character. Of course mistakes will be made. Given the number of clearances and issues one might think the bureaucrats are actually doing a decent job.

Re:the NSA should put him on the payroll

[tsotha]

The problem is, paraphrasing Rumsfeld, we don't know what we don't know. It may be we're getting pwned by anybody with a semi-competent spy service and just don't realize it.

Re:the NSA should put him on the payroll

[Dread_ed]

Definitely a paraphrase. There is a distinction between "what you know you don't know" and "what you don't know you don't know."

I can point to what I know I don't know. For instance, I know I don't know how to speak Korean. If I don't know I don't know something I can't even.

Double standard

[Hylandr]

But Hillary did nothing wrong.

Re:Double standard

Interesting you bring that up. Never before has intent been necessary for mishandling classified information to be a crime. This guy obviously had intent, but I'm wondering what will happen when someone else claims the same argument of not intending (bullshit) as Hillary. Is this now a precedent or was it yet another rule that only applies to a Clinton?

Re:Double standard

[stevez67]

This wasn't mishandling, it was theft. Mrs. Clinton didn't "steal" her emails. Mrs. Clinton did as 2 of her predecessors in her job did with a personal email server, but I don't see anyone demanding the arrest of Secretary Powell or Rice. This guy obviously had no such role models in his immediate work environment, or they'd have been arrested as well.

Re:Double standard

[Fire_Wraith]

IANAL, but in terms of the law as written, you're correct that intent doesn't matter. In terms of how the law has been applied, it does - and this matters to some degree, because the U.S. is part of the English legal tradition, rather than the French/Napoleonic (with the exception of Louisiana state law).
More specifically, if you look back over the case law for this, people generally get prosecuted if:
A) They get caught lying to the investigators
B) Had the intent to steal, whether for profit or ideology
To date, no one has been prosecuted without one of those two, or without prosecutors alleging one of those two. When I was in the military, I saw several cases where someone screwed up and put classified material on a system that wasn't rated for it, including email. Investigations were conducted, servers were purged, and those responsible got a slap on the wrist and a note in their file for committing a security violation (if you get enough of those, you lose your clearance). This is why Comey said what he did - cases like Clinton's result in administrative punishment at most, and the worst penalty was loss of clearance and thus job (which didn't apply anymore for her because she was no longer Secretary of State).

In the case of this guy, likely the Prosecutors feel they have enough evidence to allege that he was trying to sell the data, probably based on his pattern of conduct, and probably also because those selfsame tools showed up for sale on the internet.

Re:Double standard

[misexistentialist]

Did those emails really "belong" to her? It's like taking your office chair home with you

Re:Double standard

This wasn't mishandling, it was theft. Mrs. Clinton didn't "steal" her emails. .

No, she didn't STEAL anything.. But that's not the point. She MISHANDLED classified information which undoubtedly caused it's disclosure to or advisories. Mishandling is EXACTLY what this guy will be charged with (assuming he didn't give it to anybody) and if he did, unauthorized disclosure will be added to the charges he faces.

The "intent" part is really the only possible difference here. Hillary claims she didn't know she was mishandling classified information, that she was ignorant of the actual rules and procedures (Personally I don't think she's that stupid, but what does it matter now?).. After 20 years, it is unlikely this guy can claim to be ignorant..

Re:Double standard

[edtice1559]

Even though this is not brought up in the article (or any of the other very good responses to this thread), US law has a tradition of mens rea meaning that somebody has to have a criminal sate of mind to be charged with a crime. We tend to lose sight of this because mens rea is *not* necessary for civil liability and oftentimes civil penalties are so severe that they feel like criminal prosecution. But they are still civil. Also sometimes, criminal negligence is a surrogate mens rea. But we still have this legal principle. I am most definitely not a lawyer, this is not legal advice, and if you get legal advice from me you would be quite foolish.

Re:Double standard

So what about the guy who took a couple of cell phone pictures inside a nuclear submarine? He never showed them to anybody that we know of, it was more of a personal photo album on his cell phone... There was no profit or ideology problem here... Don't know if he lied to investigators, but that's not what got him sent to jail as far as I can tell.

Re:Double standard

[dmiller1984]

That guy purposefully destroyed evidence after a 2012 interview with the FBI. I imagine that is what led to the jail sentence.

Re: Double standard

[will_die]

because as any free thinker who is not just repeating whst was told them that they did nit transmit classified info and thery hasd permission. parts of thge issues becasuse of thast lead to new laws that if Hillary had more than a intro level in politics would of known since it was in the training she hasd to taske.

Re:Double standard

Sauce for the goose... Ignoring the security/classified-content angle for a moment, I've been quite incredulous that someone at that level would think that, as a government employee, it was appropriate to use a personal server for anything work-related. Imagine someone in your governor's office, or someone at NASA doing that. People working in those jobs wouldn't even consider it, it's just clearly wrong. And so, it was wrong of Clinton, as it was wrong of Powell, and Rice too (though I'd not heard that one), and anyone else. If not illegal, it's certainly terrible optics. And, frankly, I would have it explicitly made illegal, so that we don't have to have another "email-gate". Yes, I realize we'll substitute one scandal for another, but one step at a time...

Re:Double standard

I thought Powell used AOL email, not his own server. Granted, AOL was probably not the best choice, but nobody complained.

Re:Double standard

[Perl-Pusher]

And using bleach bit to permanently delete emails wasn't destroying evidence? Even though it was a fools errand because it existed on recipient computers is beside the point. There was a clear intent there to conceal. So yes there is a very big double standard. A Navy guy in Portsmouth VA was convicted and all he did was connect his tablet to receive emails in the field. No intent, no destroying evidence, just mishandling. I can recount an airman getting an article 15 for leaving a safe unlocked. The safe was in a secure facility designed to allow and store classified information. Basically a safe inside a vault. Career ruined over a simple lapse.

Re:Double standard

[Bartles]

Which previous SoS to Clinton had a private email server that they used to conduct all State business?

Re:Double standard

It was *because* of her knowledge of government systems (both comp and human) that it made so much sense to her to have a personal server. Remember, her system did not get hacked.

Re:Double standard

The current President of the United States is still using his Samsung phone, even after it was reported that he had given up the phone in exchange for a hardened replacement.

That certainly deserves the same censure and punishment as Hillary got for her email server, don't you think so, conservatives?

Re:Double standard

Didn't get hacked? Good one.... How would anybody know, they managed this thing using Remote Desktop and for a time didn't even have any kind of virus or malware protection installed... If you had (or could guess) the administrative password, you'd never see anything in the logs after the fact. If you hacked it, it's not like it's hard to crack a windows password, get admin, clean up any evidence you where there and hover up all the data you like, when it suits you....

Not that you'd have to actually hack the thing anyway... The way SMTP works pretty much makes it super easy to snag a copy of anything going over a network segment you have access to and she used this thing on foreign soil often. It doesn't take a network engineer to invent ways to get copies of what she was sending and receiving so I'm sure everybody who wanted copies where getting their own feeds...

Re:Double standard

[stevez67]

Read my post, both Rice and Powell. And no SoS conducted ALL business on a single server, they used both state department and private servers; subject matter they "expected" to be classified was on the department servers, those they felt wouldn't be classified were on the private servers. Additionally, Powell gave her advice on use of phones and email (it's in the investigation files released by the FBI). The SoS's used private servers because the state department servers were old, not updated, slow, and the system was cumbersome to use.

Re: Double standard

[Bartles]

I'm, sorry but that's simply incorrect.

Re: Double standard

Guess you can't use Bengazi anymore since Trump tucked up with Yemen, so email is all you have left. Can you go on. The record now, with hiw Pence is great, or will you wait for Trump to get amendment 25ed first?

Re: Double standard

It's a custom, hardened one quarter scale replica of an actual big boy galaxy phone. He needs it so his stubby fingers can reach all the keys.

Re:Double standard

[mrchaotica]

Mrs. Clinton did as 2 of her predecessors in her job did with a personal email server, but I don't see anyone demanding the arrest of Secretary Powell or Rice.

If that's true, it's only because you were deliberately avoiding looking.

Re:Double standard

And using bleach bit to permanently delete emails wasn't destroying evidence? Even though it was a fools errand because it existed on recipient computers is beside the point. There was a clear intent there to conceal. So yes there is a very big double standard. A Navy guy in Portsmouth VA was convicted and all he did was connect his tablet to receive emails in the field. No intent, no destroying evidence, just mishandling. I can recount an airman getting an article 15 for leaving a safe unlocked. The safe was in a secure facility designed to allow and store classified information. Basically a safe inside a vault. Career ruined over a simple lapse.

Um, nice try. From what I recall Hillary directed the deletion of what she no longer needed well before any investigation. She had every right to do so, as they were deemed personal. The fact that the dumb tech didn't do his job in a timely manner, but somehow delayed it until there was an investigation is out of her control. There was no intent to conceal. I'm sure she regrets the original order.

I can't find your source for the navy guy. Link please?

Your second source is completely unsourced and has no hope of being looked up. Article 15 is a military non judicial judgment. Basically when you volunteer you agree to be bound by both civilian law and whatever the military comes up with. Hillary was not in the military, so it is not a valid comparison. For that matter that applies to your first apparent link as well.

Simply put, while they technically could have prosecuted Hillary as a result of the witch hunt, which had as its sole task to destroy Hillary. (They never cared about the truth. The one guy even admitted it at one point. (gowdy i think)). She didn't lie to investigators and there was no proof of intent. Had either of those been true it would have fallen into the kind of case that is usual to prosecute, but it didn't, and they are not going to prosecute Hillary for something that is not normally prosecuted. That would have shown bias. Comey explained this.

I'd imagine I'll have to spent four years correcting lies. it gets old, and some of these guys are probably getting paid.

Trump is far more dangerous for our democracy than Clinton ever was. He is actively trying to destroy it, by making people afraid to speak out, including reporters, lawmakers, and judges...

Re: Double standard

[stevez67]

Intro level of politics? First Lady for 8 years, U.S. Senator, Secretary of State. Maybe you need to redefine your definition of "intro." And no one knows if Dr. Rice and Secretary Powell transmitted classified information, they weren't investigated nor did they turn their HDDs over to the FBI.

Re:Double standard

[stratzvyda]

Deemed personal by her employees. Including actionable intelligence on north korea's nuclear program. She leads a very interesting personal life.

Re: Double standard

Her... or Powell or Rice.

Re: Double standard

That is even worse.

Re: Double standard

Her... or Powell or Rice. In fact, both Powell and Rice had worse security than Clinton, so if anything they should go after those two first. The whole email thing is a political game the Republicans are playing, and apparently, their deception paid off and got them into the white house and Congress and a stolen Supreme Court seat.

Re: Double standard

Quit being a pendantic asshole. You know very well what was meant. The vast majority of accusations are against Clinton, even though she actually had the most secure setup between her Powell and Rice. It is all just political fake news from conservatives, but if not, we have to impeach Trump for using his Samsung phone... and withholding his taxes... and lying to the American public about his health... and using the power of the presidency to help family members, etc....

Re:Double standard

[david_thornley]

Looking over past cases, the intent to mishandle is the dividing point between prosecution and no prosecution. (I can't find any distinction based on what the mishandler intended to do with the data.)

Re:Double standard

[david_thornley]

It was clear that the submarine guy was taking the pictures knowing this was against the rules, meaning an intent to steal. What the perp intended to do with the classified material, or actually did, doesn't seem to affect the prosecution much.

Re:Double standard

[david_thornley]

Apparently she gave appropriate orders and didn't follow up to see that they were carried about well. I have drawn one conclusion from this mess: I will NEVER give any IT person anything based on Clinton's recommendation.

Re:Double standard

[Whorhay]

I couldn't find a link for that Portsmouth guy in a quick google search but I did find this one for someone in California. Mishandling classified information is definitely something that gets prosecuted even just for negligence.

Re:Double standard

[Anonymous+Cow+Ward]

I direct you to this comment for a nice explanation as to why Hillary's case is different than Powell or Rice. The TL;DR version is that neither Powell nor Rice stored classified information from other agencies/departments (i.e., stuff they didn't have the authority to declassify) on their private server. They both failed to turn over non-classified emails, and are thus also in violation of records preservation laws, but neither mishandled classified information.

Re: Double standard

[Anonymous+Cow+Ward]

Without supporting Trump, Benghazi and Yemen are pretty different scenarios; the US was the aggressor in Yemen, for one.

Re:Double standard

[stevez67]

You don't see the conflict between "... both failed to turn over non-classified emails ..." and your statement "... neither Powell nor Rice stored classified information from other agencies/departments ..." because if the alleged non-classified material was never turned over no one knows if any of it would have been marked classified in hindsight like in Clinton's case. Remember, none of the materials on the Clinton server were marked classified at the time they landed there, only in retrospect were any of them deemed classified at the lowest level.

Bottom line, it's all political grandstanding.

Re:Double standard

[Anonymous+Cow+Ward]

I'm saying there's no evidence that they did anything other than failed to comply with record-keeping laws. All known examples of Powell emailing classified information are on the server he was supposed to use.

Remember, none of the materials on the Clinton server were marked classified at the time they landed there, only in retrospect were any of them deemed classified at the lowest level.

That's not true; she got materials that were marked classified, she got stuff that was Top Secret at the time of sending (even if it wasn't marked properly, she should have known it was as part of her duties), and only some of the stuff was retroactively classified.

Certainly, some of it is political grandstanding, but not all.

Positive possibilities

Perhaps he was a prepper, a book writer, wanted to make a video game, weapons hoarding and hiding enthusiast (you know, the ones answering the call to service after an EMP strike and the meltdown of public order) or a sufferer of paranoid schizophrenia. Stay positive, prosecuting prosecutors!

Abused Trust

[freeze128]

Why is the trust that the government placed in the contractor worth more than the trust that the citizens of the U.S. have placed in the government? It works both ways, guys.

Re:Abused Trust

I placed MY trust in THIS contractor to do the RIGHT thing.... LEAK THE DAMN SECRETS so I can see and control what the government is doing against US, against OTHERS and against HUMANITY and just plain STUPIDITY.

But NO, he was apparently a hoarder mental case, so we will have to wait for another PATRIOT to STAND UP and DUMP THEIR OWN COLLECTION.
Snowden, Manning, and this guy are just the start... there are more patriots out there that haven't dumped or been rolled up yet...

Re:Abused Trust

Because your trust is irrelevant. As indicated by the fact that even when you are monitored constantly by everyone and their dog with a advertising network contract, even when you have your rights taken from you, even when the government ignores your requests or demands, even when the government commits atrocities in your name, you will do absolutely nothing about it. The most you may actually do about it is make an angry post about the issue, or maybe a video on youtube saying how horrible the government's actions are. There is no penalty to betraying your "trust" so you are not considered. Period.

Re:Barbarism is the the genes

is this written by the screaming shitgibbon currently in charge of the white house? or one of his syncophants like the brand new AG?

Private Server!

I'm sure they'll fry him for this. Unless he was keeping the data on his secure private server (hidden in the closet under a pile of sweatsocks), then it's cool.

Re:Private Server!

He should have wiped it with a cloth or something.

Get with the times

His name was Edward Snowden and we already know about. Old news. Dumb.

Why steal a Mammoth????

Holy shit aren't those things extinct?

So another fail for the NSA

20 years!!!

Re:So another fail for the NSA

[hambone142]

Naw. He'll change his gender identity and get a presidential pardon.

That's how it works.

Re:So another fail for the NSA

Manning did not get a pardon. He got a commutation, that is significantly different.

You don't have to live in ignorance ya know.

Hang by the NUTZ until he is dead

is the only punishment fit for treenuts traders.

mammoth translates to how many Giga?

For the remaining 5 nerds who still come here to get their news!

Re:Barbarism is the the genes

This is so ridiculous that I'm wondering if you actually believe this shit, as opposed to merely trolling.

Islam is not a race.

Check out the facial differences between Indonesians, Pakistanis, Saudis and Somalis. They look fuck-all like each other, therefore your post is shit.

Amazing!

[Stele]

Didn't have time to read the full description... but, wow!

They've already got mammoths cloned from ancient DNA, and they're training them to steal classified data? What CAN'T the NSA do?

Re: Amazing!

[mmell]

What can't the NSA do?

Keep the POTUS from monetizing the White House, or the Ku Klux Klan from undoing over half a century of social progress?

Re: Amazing!

They could, but they don't want to do so.

Re:Amazing!

What CAN'T the NSA do?

Protect their secret shit, apparently.

Re:Amazing!

You should see the agency's cloned prehistoric star-fish commando division. They can sneak up & devour a fishing pier in under three years. The poor saps fishing off of it will never know what hit 'em!

PROOF:
A memorial plaque in honor of Division 37's infamous "Bubble Squad" who, when going undercover at the zoo, succeeded in a clandestine mission that revealed so many secret things that can not even be described they're so astounding.

https://cdn6.bigcommerce.com/s-fme25/products/652/images/9892/sf025b__81788.1435258238.900.900.jpg

Re:Amazing!

The squad's current evolution:
https://ugc.kn3.net/i/origin/http://media.liveauctiongroup.net/i/7873/9703979_2.jpg

What they hope to achieve by this years training:
http://buzz-netnews.com/wp-content/uploads/2016/01/1-600x338.png

Re:Amazing!

But it was the Russians who wanted to clone the woolly mammoths, so this is clearly a case of espionage. Unless, unless, the Columbian mammoths are the target for the current administration. They are the highest, tallest, most reaching mammoths perfect for the president who appreciates the yuge (and bowling).

Re:Amazing!

All the better for our democracy, since they obviously can't be trusted to work within the confines of the law and they have even been caught lying to the courts/congress repeatedly.

Re: Amazing!

[Anonymous+Cow+Ward]

The KKK is experiencing record lows in membership; the SPLC and ADL say their membership is between 3,000 - 8,000 members, and their factions are divided. Their political influence is basically nil at the federal level, and very small even in state governments. If social progress is undone, it won't be the KKK doing it, although I'm sure they'd like to think they played a part.

Poor poor abused trust

[thegarbz]

For as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government

Sucks when it happens to you doesn't it government!

Re:Poor poor abused trust

For as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government

Sucks when it happens to you doesn't it government!

Actually, it happened to YOU... As I understand this, usually the release of this kind of information harms national security or at least puts it at risk, and by implication, harms you or puts you at risk.

Re:Poor poor abused trust

[thegarbz]

You're making a big assumption about which country I am in / a citizen of.

Nope, just the ka ching sound

Naw, realistically someone from another country offered the bloke cash for secrets, and he decided to follow suit and sell out his fellow countrymen. Wonder if the guy hopes he can get a free pass on treason because others have.

Re:Nope, just the ka ching sound

[D00MSlayer]

So far nothing has said that he has sold this information to 3rd parties. Lets hold off on assumptions until the details are provided, shall we?

And again the lemmings believe the media.

Sigh, if you believe this your all really broken.

Interesting quote...

"For as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government"

Kind of like how the Government has flagrantly abused the trust placed in them by the average citizen?

He didn't steal the data, they still have it

[edtice1559]

He just copied it.

Re:He didn't steal the data, they still have it

[Actually,+I+do+RTFA]

Well, they are secrets, which are only valuable if not shared. I mean, if I publish the information to drain your bank account (usernames, passwords, etc.) you still have them. But they are now devoid of value to you.

Re:He didn't steal the data, they still have it

One can make a similar argument about the commercial value of copyrighted material. But nobody here ever does, instead it's always "sometimes I've actually gotten interested in an artist because of that and went on to buy some of their stuff I wouldn't have known about" yadda yadda yadda. Sure.

Re:He didn't steal the data, they still have it

Yeah maybe somebody could get ahold of the OPs bank account information and drain it. Then they could become so interested in banking that they open a bank and make a fortune. They are so grateful that they donate it back to the OP. I think it's the same argument

Re:He didn't steal the data, they still have it

[mrchaotica]

Well, they are secrets, which are only valuable if not shared.

One can make a similar argument about the commercial value of copyrighted material.

On the contrary, one can make the opposite argument about copyrighted material: I say it becomes more valuable to society as a whole (as opposed to any particular entity in it) the more it gets shared.

Re:He didn't steal the data, they still have it

On the contrary, one can make the opposite argument about copyrighted material: I say it becomes more valuable to society as a whole (as opposed to any particular entity in it) the more it gets shared.

And Edward Snowden has been trying to make exactly the same argument about classified government data.

Re:He didn't steal the data, they still have it

[david_thornley]

Back in the early years of the century, Baen Books tried offering good electronic copies of a selection of their books free, with no restrictions on copying and redistribution. They found that was a great way to boost sales, both of the books distributed freely and the other books the author wrote.

Took?

[DarthVain]

That is assuming he did it uniformly over a 20 year period, which is possible, but unlikely.

You would think they would have not only network but physical safeguards in place to prevent this. I see this as more damning of the NSA security procedure than anything else. Regardless of how you slice it, it is a massive amount of data to be able to go "unnoticed" for 20 years!

"Unnamed U.S. officials told the Washington Post this week that Martin allegedly took more than 75 percent of the hacking tools belonging to the NSA's tailored access operations, the agency's elite hacking unit."

Took? They don't have it anymore? Unnamed US officials could have better used the term "copied" I think (though not totally wrong I suppose).

Somehow I finished that sentence with, When reached for comment Martin said "the other 25% of the hacking tools were rubbish!" :p

Re:Took?

[Ogive17]

You would think they would have not only network but physical safeguards in place to prevent this. I see this as more damning of the NSA security procedure than anything else. Regardless of how you slice it, it is a massive amount of data to be able to go "unnoticed" for 20 years!

Sometimes when someone has worked in a certain area for 20 years, they are given more responsibility. Maybe this guy was suppose to be the safeguard? Not saying that is right way to handle sensitive information but I don't have the details.

Took? They don't have it anymore? Unnamed US officials could have better used the term "copied" I think (though not totally wrong I suppose).

Took is a completely acceptable term. He took the data with him. It doesn't say "stole" which would really cause a pedantic shit storm here on /.

Re:Took?

[tsotha]

Sometimes when someone has worked in a certain area for 20 years, they are given more responsibility. Maybe this guy was suppose to be the safeguard?

Aldrich Ames and Robert Hanssen come to mind.

If it was truly flagrant...

[fallen1]

...then why wasn't he caught sooner? Especially with the amount of data he was absconding with?

Governmental bureaucracy in action, again, most likely.

Re:If it was truly flagrant...

[Whorhay]

Classified information isn't really all that well protected from insider threats. The security around it is largely based on trusting the people handling the data. That data is supposed to reside on an air gaped network but there are plenty of other ways for stuff to leak, such as printers, writable and removable media like CD's, DVD's, and usb sticks. Basically there is too much classified information and too many people who need access on a regular basis for it to be well and properly secured. No doubt we could engineer and enforce better protocols to increase security but the cost would be astronomical, and do you really want to spend more money increasing the size of the bureaucracy and it's ability to keep secrets. I think a better solution would be to just keep fewer secrets and realize that our national security isn't really threatened by what is regularly classified as secret.

Sounds like bad bosses.

[gurps_npc]

If he didn't give or sell the information away ('hoarded"), then it sounds to me like he was simply lazy about proper security procedures, rather than criminal. I know lots of people that take work home with them and it sounds like that is what he did.

Yes, it was a potential problem, yes it was a violation of the rules. But I bet his boss was simply more concerned with results than with security and created a culture of "get it done and don't talk to me about problems." The boss was probably too stupid to realize that 'problems' included national security leaks.

My money is on ...

[CaptainDork]

... backup tapes.

Those are so easy to walk off with.

I'm retired IT, and many times when I was assisting on another site, I saw backup tapes and EHD, some old, laying around in plain site, some in drawers where tools and connectors were stored, so yeah.

Re:My money is on ...

[Major+Blud]

My money is on.... ... backup tapes.

So you still backup all of your Bitcoins to tape? Dude, just put it in the cloud! ;-)

Re:My money is on ...

[ctilsie242]

The ironic thing is that anything LTO-4 and newer come with AES encryption built into the tape drive. Set a password, make sure it is kept by important people, and forget about it. That way, if tapes go missing or fall out of the Iron Mountain van, it isn't good, but it doesn't mean disaster.

Re:My money is on ...

[Khashishi]

You weren't IT for the NSA, were you? It should not be easy to walk off with classified backup tapes.

Re:My money is on ...

[dknj]

until AES can be broken and then I have access to a few TB of your critical data (PII rarely changes)

Re:My money is on ...

[CaptainDork]

I think it would be easy.

Manning went in with a Lady Gaga CD, erased the contents, copied shit on there and walked out. He had elevated privileges above his actual need.

Snowden got his hands on shit and went to Russia.

The gubmint is clueless and sloppy as fuck.

Re:My money is on ...

[CaptainDork]

... make sure it is kept by important people ...

Sounds like this person was "important enough."

Manning was "important enough," right?

Snowden was "important enough," amirite?

Re:My money is on ...

[CaptainDork]

Dropbox would be the best choice according to this anecdotal evidence provided by long-time /. reader, CaptainDork ( 3678879 ):

I was working on a manager's (boss's son) machine because he had lost a photo for a legal matter.

I searched for *.jpg on his hard drive and came up with lots of photos, including a Dropbox folder with iPhone pictures and videos of him and his wife doing the, you know, uh, you know ... ... fuck it we're all adults here so, I'll come right out and say they were "doing it," if you get my drift.

So, I followed the Technology Administration Policy (authored by me) and just put both hands in the air and told his paralegal to get me someone from HR.

When the suit got there, I told her, pointing to the computer, "This is in your wheelhouse. Let me know when you're through so I can find a lost photo."

That manager didn't know that by installing Dropbox on his work computer (in violation of my policy), he was synchronizing all his personal shit into a local folder.

Come to find out, there were photos and videos of him and his girlfriend, too.

Re:My money is on ...

[ctilsie242]

That's a HR/legal problem, not a tech problem. Securing tapes with encryption is IT's job. Which people are authorized tends to fall to management.

Re:My money is on ...

[CaptainDork]

Reread the trigger here:

Set a password, make sure it is kept by important people , and forget about it.

You're saying the issue is:

- HR problem
- Legal problem
- Not tech problem
- IT's job
- Falls to management

You can appreciate why I did not feel informed.

Please try again.

Re:Barbarism is the the genes

[nospam007]

"Genetically muslims are largely of Negro ancestry."

Science taught us, that _all_ humans are largely of Negro ancestry, including your racist ass.

Re:Gee, more NSA illegal activity documents found?

[Oswald+McWeany]

This would have been way worse than anything Snowden or Manning released. He discovered that they ordered anchovies for the pizza served at a staff party.

How dare he

How dare he compete with Hillary!

Secret U.S. government agencies are dishonest.

Your underlying point? Secret U.S. government agencies are dishonest. There is no good management; management errors are kept secret.

Re:Secret U.S. government agencies are dishonest.

Not just the secret ones. Many overt US law enforcement agencies are dishonest. Look at all the police abuse where the story ends with "we investigated ourselves and found no wrongdoing."

Please don't feed the trolls.

[mmell]

A/C has demonstrated a mastery of pseudoscience. If you continually insist on citing scientific facts, how can it ever succeed in its quest to transmute lead into gold?

For more than two decades

. "For more than two decades, the NSA has flagrantly abused the trust placed in them by the citizens on the United States

Yes...

[Bartles]

...but was the information marked classified?

clue

Snowden probably tipped them off.

Re:Barbarism is the the genes

[nasch]

Besides the glaring issue of Islam not being a race or ethnicity as has been pointed out, you have also failed to demonstrate the relevance of the "Negro ancestry", or show any connection between genetic defects arising from inbreeding and "barbarism" or terrorism.

Mammoth Truther

I read this as "NSA Contractor Indicted Over Theft of Classified Mammoth Data" and wondered what the Government knows about mammoths that they are hiding from us.

Let's review just what she told us ...

[Xenographic]

> More specifically, if you look back over the case law for this, people generally get prosecuted if:
> A) They get caught lying to the investigators

So what do you call this? Not to mention destroying items under subpoena. Here's the full hearing if you want more context.

> This is why Comey said what he did - cases like Clinton's result in administrative punishment at most, and the worst penalty was loss of clearance and thus job (which didn't apply anymore for her because she was no longer Secretary of State).

There's also the fact that Obama's AG, Loretta Lynch, would have had to prosecute a presidential candidate. It's not like this server was some accidental thing or that she was ignorant of the Presidential Records Act. Here's where I discuss her email with Colin Powell on how to cheat the oversight. The original email is here (click 'view original PDF'). And here's a transcription of it for anyone who hates PDFs. Some typos are in the original, but compare with the PDF if you want to be sure I didn't add any:

C06125520 UNCLASSIFIED U.S. Department of State Case No. F-2016-11013 Doc No. C06125520 Date: 09/08/2016

Re: Question
From: Colin Powell [redacted] [RELEASE IN PART B6]
To: Hillary Clinton hr15@att.blackberry.net B6
Subject: Re: Question

I didn't have a BlackBerry. What I did do was have a personal computer that was hooked up to a private phone line (sounds ancient.) So I could communicate with a wide range of friends directly without it going through the State Department servers. I even used it to do business with some foreign leaders and some of the senior folks in the Department on their personal email accounts. I did the same thing on the road in hotels.

Now, the real issue had to do with PDAs, as we called them a few years ago before BlackBerry became a noun. And the issue was DS would not allow them into the secure spaces, especially up your way. When I asked why not they gave me all kinds of nonsense about how they gave out signals that could be read by spies, etc. Same reason they tried to keep mobile phones out of the suite. I had numerous meetings with them. We even opened one up for them to try to explain to me why it was more dangerous than say, a remote control for one of the many tvs in the suite. Or something embedded in my shoe heel. They never satisfied me and NSA/CIA wouldn't back off. So, we just went about our business and stopped asking. I had an ancient version of a PDA and used it. In general, the suite was so sealed that it is hard to get signals in or out wirelessly.

However, there is a real danger. If it is public that you have a BlackBerry and it is governmend and your are using it, government or not, to do business, it may become an official record and subject to the law. Readingi about the President's BB rules this morning, it sounds like it won't be as useful as it used to be. Be very careful. I got around it all by not saaying much and not using systems that captured the data.

You will find DS driving you crazy if you let them. They had Maddy tied up in knots. I refused to let them live in my house or build a place on my property. They found an empty garage half a block away. On weekends, I drove my beloved cars around town without them following me. I promised I would have a phone and not be gone more than an hour or two at Tysons or the hardware store. They hated it and asked me to sign a letter relieving them of responsibility if I got whacked while doing that. I gladly did. Spontaneity was

He should charge them

[mr.witherspoone]

For off-site data backup storage.

Best network in the US?

That doesn't mean a whole lot for a country that isn't even in the top 20 connected countries.

The US: The best second world country! 'murica!!!!!

A Reminder

KKK has been founded by the democrats. Democrats have also taken unions in cahoots with the mafia.

Most of the people say that current day living is worse than two generations ago, so if there is any undoing, they are not exactly undoing the progress.

Re:A Reminder

[Rakarra]

KKK has been founded by the democrats.

That was a long time ago, and times and people change.

Most of the people say that current day living is worse than two generations ago, so if there is any undoing, they are not exactly undoing the progress.

Only in an overly-romanticized version of the 50s and 60s. If you were white (and the right type of white), Christian, and straight, then you were ok as long as you toed the line. If you were anything else, and there were quite a few of them, or a woman who sought something higher than being a bored housewife, life was substantially worse than it is today.

And we want it this way!

[rjh]

More to the point: refusing to prosecute unless A or B is met is genuinely good for national security. If people know their mistakes are forgivable they're going to be much more inclined to cooperate with investigators to help seal the breach. If people think they're looking at 10-to-20 for their carelessness, they're far more likely to lawyer up.

Looks like Rod Rosenstein is just jealous

The jew is jealous his precious secrets didn't go directly to israel instead

Offsite Backups

Obviously.

Something stinks

So he walked out of the office with insane amounts of data each year and subsequently did (apparently) nothing with it for 20 years? Something doesn't smell right here, that's a little like a jewel thief stealing some million dollar diamond and then throwing it on a shelf in his/her basement. I'm betting that this is yet another case of government officials putting insane amounts of time/effort/money in tracking down some "bad guy" and subsequently finding out it was some idiot with very poor judgement but no criminal intent but because they burnt so much resources building a case against this person they push for high level prosecution anyways because otherwise attention might turn to all the time and money they've wasted. Half of the "terrorism" prosecutions in the past decade have followed this trend.

Much more fun, same words.

[Ozmodium]

Awww, why couldn't that say NSA Contractor Indicted Over Theft of Classified Mammoth Data ?