Five Things We've Already Forgotten About Snowden's NSA Leaks
Ahead of Snowden's first US TV interview, we look back at the nefarious activities his leaks exposed.
Image: Wikimedia Commons
The Edward Snowden saga is coming to a close. As a final act, Glenn Greenwald, who's been working closely with the whistleblower to publish leaked information about the National Security Agency, has said he will reveal a list of Americans that have been targeted by the NSA. And tonight, Snowden will be giving his first American television interview to NBC.
It’s been a dizzying year of revelations about US government spying. Programs like PRISM—the ones capable of mass surveillance—have received the most media attention, and in some cases even become household names. But there are other things exposed in the string of leaks that have received relatively little media attention, despite presenting serious threats to privacy, freedom of speech, and the way we use the web.
Here’s a look back at some of those forgotten discoveries.
RELYING ON PRIVATE CONTRACTORS
Remember, Snowden wasn't actually working for the NSA. He was working as a private contractor, namely for Booz Allen Hamilton. This highlights the intimate relationship between government intelligence agencies and contractors—companies that aren't subject to the oversight given to public agencies.
Thomas Drake, a former NSA and BAH employee and fellow whistleblower, told me in a previous article for VICE that the intelligence agency depends on these companies to provide everything from infrastructure to surveillance operations.
“We're talking down to the desktop; we're talking the entire network," said Drake. With less oversight, you “end up with fraud, waste, and abuse."
SUBVERTING ONLINE ENCRYPTION
The web encryption essential for online banking, private emails and even medical records has been broken by the NSA, breaking any sort of guarantee made by service providers that this data is secure.
As a September 2013 Guardian report revealed, while some attempts to subvert encryption were made by 'brute force’—using a computer powerful enough to simply crack the code—other efforts involved undermining commercially available products by collaborating directly with the technology industry to insert back doors in consumer devices and software, allowing the government direct access.
Again, this affects every web user, not just those who pose a real threat to national security. According to Bruce Schneier, a enowned cryptography expert, this “undermines the fabric of the internet”.
TARGETING THE TOR NETWORK
In October, the Guardian reported that the NSA had tried to develop a number of ways to attack Tor, the anonymity network that hides your IP address to protect your identity. The agency's success was limited, but officials were able to infiltrate the network and identify individuals in a few cases.
Worse yet, using the Tor browser could actually increase your chances of being tracked by the government spies, because it suggests you may have something to hide.
If the NSA continues to research ways to compromise the anonymous network, it could eventually destabilise a tool that journalists, activists, and whisteblowers rely on.
MANIPULATING ONLINE DISCUSSION
We learned that Government Communications Headquarters, the United Kingdom's counterpart to the NSA, aggressively engages in disinformation campaigns online. According to a February story by Greenwald, the agency is “attempting to control, infiltrate, manipulate, and warp online discourse.”
The leaked slides detail how agents can influence the outcomes of discourse to get the results they want. As they phrase it in the documents, “Using online techniques to make something happen in the real or cyber world.”
It touches on various theories about how humans interact, and explicitly references hacktivism and Anonymous as targets.
This could have serious implications for freedom of speech. As Gabriella Coleman of McGill University told the Intercept, “targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs, resulting in the stifling of legitimate dissent.”
The Intercept reported in March that the NSA has developed an automatic system for breaking into computers and siphoning out data, and even taking over entire networks with little human involvement.
The programme, codenamed TURBINE, has been designed to infect millions of computers with malware. The system decides for itself what approach should be taken to rip data from the target, allowing hacking on an “industrial-scale.”
Once they're in, NSA plugins can then perform a variety of tasks. One, called CAPTIVATEDAUDIENCE, records conversations near the device via the microphone, while GUMFISH takes over the webcam, and GROK logs whatever is being typed on the keyboard.
Mikko Hypponen, a malware expert quoted in the Intercept, said that this approach can “potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”
It's coming up on a year since Snowden leaked details of the NSA's PRISM program and unleashed a global scandal, and even though the leaks keep coming, the shock and awe is wearing thin. With Snowden fatigue setting in, it's worth taking a look back at what his whistleblowing brought to light.