« Reading List: Public Loneliness | Main | Jean-Daniel Nicoud visits Fourmilab »
Monday, September 23, 2019
Reading List: Permanent Record
- Snowden, Edward. Permanent Record. New York: Metropolitan Books, 2019. ISBN 978-1-250-23723-1.
-
The revolution in communication and computing technologies
which has continually accelerated since the introduction of
integrated circuits in the 1960s and has since given
rise to the Internet, ubiquitous mobile telephony,
vast data centres with formidable processing and storage
capacity, and technologies such as natural language text processing,
voice recognition, and image analysis, has created the
potential, for the first time in human history, of
mass surveillance to a degree unimagined even in dystopian
fiction such as George Orwell's
1984 or attempted by
the secret police of totalitarian regimes like
the Soviet Union, Nazi Germany, or North Korea. But,
residents of enlightened developed countries
such as the United States thought, they were protected,
by legal safeguards such as the
Fourth
Amendment to the U.S. Constitution, from having their
government deploy such forbidding tools against its
own citizens. Certainly, there was awareness, from
disclosures such as those in James Bamford's 1982
book The Puzzle Palace,
that agencies such as the National Security Agency (NSA) were
employing advanced and highly secret technologies to spy
upon foreign governments and their agents who might attempt
to harm the United States and its citizens, but their
activities were circumscribed by a legal framework which
strictly limited the scope of their domestic activities.
Well, that's what most people believed until the courageous
acts by Edward Snowden, a senior technical contractor
working for the NSA, revealed, in 2013, multiple programs of
indiscriminate mass surveillance directed against, well,
everybody in the world, U.S. citizens most definitely
included. The NSA had developed and deployed a large array
of hardware and software tools whose mission was essentially
to capture all the communications and personal data of everybody
in the world, scan it for items of interest, and store it
forever where it could be accessed in future investigations.
Data were collected through a multitude of means:
monitoring traffic across the Internet, collecting mobile
phone call and location data (estimated at five billion
records per day in 2013), spidering data from Web sites,
breaking vulnerable encryption technologies, working
with “corporate partners” to snoop data passing
through their facilities, and fusing this vast and varied
data with query tools such as
XKEYSCORE,
which might be thought of as a Google search engine built
by people who from the outset proclaimed, “Heck yes,
we're evil!”
How did Edward Snowden, over his career a contractor
employee for companies including BAE Systems, Dell Computer,
and Booz Allen Hamilton, and a government employee of
the CIA, obtain access to such carefully guarded secrets?
What motivated him to disclose this information to the
media? How did he spirit the information out of the
famously security-obsessed NSA and get it into the
hands of the media? And what were the consequences of
his actions? All of these questions are answered in
this beautifully written, relentlessly candid,
passionately argued, and technologically insightful
book by the person who, more than anyone else, is
responsible for revealing the malignant ambition of
the government of the United States and its accomplices
in the Five Eyes (Australia, Canada, New Zealand,
and the United Kingdom) to implement and deploy a
global
panopticon
which would shrink the scope of privacy of individuals
to essentially zero—in the words of an NSA PowerPoint
(of course) presentation from 2011, “Sniff It All,
Know It All, Collect It All, Process It All, Exploit It
All, Partner It All”. They didn't mention
“Store It All Forever”, but with the construction
of the US$1.5 billion
Utah
Data Center which consumes 65 megawatts of electricity,
it's pretty clear that's what they're doing.
Edward Snowden was born in 1983 and grew up along with the
personal computer revolution. His first contact with
computers was when his father brought home a Commodore 64,
on which father and son would play many games. Later, just
seven years old, his father introduced him to programming
on a computer at the Coast Guard base where he worked, and,
a few years later, when the family had moved to the Maryland
suburbs of Washington DC after his father had been transferred
to Coast Guard Headquarters, the family got a Compaq 486
PC clone which opened the world of programming and exploration
of online groups and the nascent World Wide Web via the
narrow pipe of a dial-up connection to America Online. In
those golden days of the 1990s, the Internet was mostly
created by individuals for individuals, and you could have
any identity, or as many identities as you wished, inventing
and discarding them as you explored the world and yourself.
This was ideal for a youth who wasn't interested in
sports and tended to be reserved in the presence of others.
He explored the many corners of the Internet and, like
so many with the talent for understanding complex systems,
learned to deduce the rules governing systems and explore
ways of using them to his own ends. Bob Bickford defines
a hacker as “Any person who derives joy from discovering
ways to circumvent limitations.” Hacking is not criminal,
and it has nothing to do with computers. As his life
progressed, Snowden would learn how to hack school, the job
market, and eventually the oppressive surveillance state.
By September 2001, Snowden was working for an independent
Web site developer operating out of her house on the grounds
of Fort Meade, Maryland, the home of the NSA (for whom,
coincidentally, his mother worked in a support capacity).
After the attacks on the World Trade Center and Pentagon,
he decided, in his family's long tradition of service to
their country (his grandfather is a Rear Admiral in the
Coast Guard, and ancestors fought in the Revolution,
Civil War, and both world wars), that his talents would
be better put to use in the intelligence community. His
lack of a four year college degree would usually be a bar
to such employment, but the terrorist attacks changed all the rules,
and military veterans were being given a fast track into
such jobs, so, after exploring his options, Snowden
enlisted in the Army, under a special program called
18 X-Ray, which would send qualifying recruits
directly into Special Forces training after completing
their basic training.
His military career was to prove short. During a training
exercise, he took a fall in the forest which
fractured the tibia bone in both legs and was advised
he would never be able to qualify for Special Forces.
Given the option of serving out his time in a desk job or
taking immediate “administrative separation”
(in which he would waive the government's liability for
the injury), he opted for the latter. Finally, after a
circuitous process, he was hired by a government contractor
and received the exclusive Top Secret/Sensitive Compartmented
Information security clearance which qualified him to work
at the CIA.
A few words are in order about contractors at government
agencies. In some media accounts of the Snowden disclosures,
he has been dismissed as “just a contractor”, but
in the present-day U.S. government where nothing is as it
seems and much of everything is a scam, in fact many of the
people working in the most sensitive capacities in the
intelligence community are contractors supplied by the big
“beltway bandit” firms which have sprung up like
mushrooms around the federal swamp. You see, agencies operate
under strict limits on the number of pure government (civil
service) employees they can hire and, of course, government
employment is almost always forever. But, if they pay a
contractor to supply a body to do precisely the same job, on
site, they can pay the contractor from operating funds and
bypass the entire civil service mechanism and limits and,
further, they're free to cut jobs any time they wish and
to get rid of people and request a replacement from the
contractor without going through the arduous process of
laying off or
firing a “govvy”. In all of Snowden's jobs,
the blue badged civil servants worked alongside the
green badge contractors without distinction in job
function. Contractors would rarely ever visit the
premises of their nominal “employers” except
for formalities of hiring and employee benefits.
One of Snowden's co-workers said “contracting
was the third biggest scam in Washington after the
income tax and Congress.”
His work at the CIA was in system administration, and he
rapidly learned that regardless of classification levels,
compartmentalisation, and need to know, the person in
a modern organisation who knows everything, or at least
has the ability to find out if interested, is the
system administrator. In order to keep a system running,
ensure the integrity of the data stored on it, restore
backups when hardware, software, or user errors cause
things to be lost, and the myriad other tasks that
comprise the work of a “sysadmin”, you have
to have privileges to access pretty much everything in
the system. You might not be able to see things on
other systems, but the ones under your control are an
open book. The only safeguard employers have over
rogue administrators is monitoring of their actions, and
this is often laughably poor, especially as bosses
often lack the computer savvy of the administrators
who work for them.
After nine months on the job, an opening came up for a
CIA civil servant job in overseas technical support.
Attracted to travel and exotic postings abroad, Snowden
turned in his green badge for a blue one and after a
training program, was sent to exotic…Geneva as
computer security technician, under diplomatic cover.
As placid as it may seem, Geneva was on the cutting edge
of CIA spying technology, with the United Nations,
numerous international agencies, and private banks all
prime targets for snooping.
Two years later Snowden was a
contractor once again, this time with Dell Computer, who
placed him with the NSA, first in Japan, then back
in Maryland, and eventually in Hawaii as lead technologist
of the Office of Information Sharing, where he developed
a system called “Heartbeat” which allowed all
of NSA's sites around the world to share their local
information with others. It can be thought of as an
automated blog aggregator for Top Secret information.
This provided him personal access to just about everything
the NSA was up to, world-wide. And he found what he read
profoundly disturbing and dismaying.
Once he became aware of the scope of mass surveillance,
he transferred to another job in Hawaii which would allow
him to personally verify its power by gaining access to
XKEYSCORE. His worst fears were confirmed, and he began
to patiently, with great caution, and using all of his
insider's knowledge, prepare to bring the archives
he had spirited out from the Heartbeat system to the
attention of the public via respected media who would
understand the need to redact any material which might,
for example, put agents in the field at risk. He discusses
why, based upon his personal experience and that of others, he
decided the whistleblower approach within the chain of
command was not feasible: the unconstitutional surveillance
he had discovered had been approved at the highest levels
of government—there was nobody who could stop it who
had not already approved it.
The narrative then follows preparing for departure, securing the
data for travel, taking a leave of absence from work, travelling
to Hong Kong, and arranging to meet the journalists he had
chosen for the disclosure. There is a good deal of useful
tradecraft information in this narrative for anybody with
secrets to guard. Then, after the stories began to break
in June, 2013, the tale of his harrowing escape from the
long reach of Uncle Sam is recounted. Popular media accounts
of Snowden “defecting to Russia” are untrue. He
had planned to seek asylum in Ecuador, and had obtained a
laissez-passer from the
Ecuadoran consul and arranged to travel to Quito from Hong
Kong via Moscow, Havana, and Caracas, as that was the only
routing which did not pass through U.S. airspace or involve
stops in countries with extradition treaties with the U.S.
Upon arrival in Moscow, he discovered that his U.S. passport
had been revoked
while en route from Hong Kong, and without a valid passport
he could neither board an onward flight nor leave the
airport. He ended up trapped in the Moscow airport for
forty days while twenty-seven countries folded to U.S.
pressure and denied him political asylum. After spending
so long in the airport he even became tired of eating at
the Burger King there, on August 1st, 2013 Russia granted
him temporary asylum. At this writing, he is still in
Moscow, having been joined in 2017 by Lindsay Mills, the
love of his life he left behind in Hawaii in 2013, and who
is now his wife.
This is very much a personal narrative, and you will get an
excellent sense for who Edward Snowden is and why he chose to do
what he did. The first thing that struck me is that he
really knows his stuff. Some of the press coverage
presented him as a kind of low-level contractor systems nerd,
but he was principal architect of EPICSHELTER, NSA's
worldwide backup and archiving system, and sole developer of
the Heartbeat aggregation system for reports from sites around
the globe. At the time he left to make his disclosures, his
salary was US$120,000 per year, hardly the pay of a humble
programmer. His descriptions of technologies and systems in
the book are comprehensive and flawless. He comes across as
motivated entirely by outrage at the NSA's flouting of the
constitutional protections supposed to be afforded U.S.
citizens and its abuses in implementing mass surveillance,
sanctioned at the highest levels of government across two
administrations from different political parties. He did not
seek money for his disclosures, and did not offer them to
foreign governments. He took care to erase all media containing
the documents he removed from the NSA before embarking on his
trip from Hong Kong, and when approached upon landing in
Moscow by agents from the Russian FSB (intelligence service)
with what was obviously a recruitment pitch, he immediately
cut it off, saying,
Listen, I understand who you are, and what this is. Please let me be clear that I have no intention to cooperate with you. I'm not going to cooperate with any intelligence service. I mean no disrespect, but this isn't going to be that kind of meeting. If you want to search my bag, it's right here. But I promise you, there's nothing in it that can help you.
And that was that. Edward Snowden could have kept quiet, done his job, collected his handsome salary, continued to live in a Hawaiian paradise, and share his life with Lindsay, but he threw it all away on a matter of principle and duty to his fellow citizens and the Constitution he had sworn to defend when taking the oath upon joining the Army and the CIA. On the basis of the law, he is doubtless guilty of the three federal crimes with which he has been charged, sufficient to lock him up for as many as thirty years should the U.S. lay its hands on him. But he believes he did the correct thing in an attempt to right wrongs which were intolerable. I agree, and can only admire his courage. If anybody is deserving of a Presidential pardon, it is Edward Snowden. There is relatively little discussion here of the actual content of the documents which were disclosed and the surveillance programs they revealed. For full details, visit the Snowden Surveillance Archive, which has copies of all of the documents which have been disclosed by the media to date. U.S. government employees and contractors should read the warning on the site before viewing this material.
Posted at September 23, 2019 23:14