
Former NSA Contractor Sentenced to 9 Years for Heist of U.S. Secrets - hourislate
https://www.wsj.com/articles/former-nsa-contractor-sentenced-to-9-years-for-heist-of-u-s-secrets-11563565527?mod=rsswn
======
pizza
If Martin had released these files somehow, wouldn't there likely have been
stenographic measures in place to trace the source of the leak? Or like, _ANY_
corroborating accounting for the transfer of ~50 TB of data? I guess the
important lesson of the story is that NSA contractors can lose track of
terabytes of data being exfiltrated over the course of decades. /Decades/.

Who knows, maybe there are 10 more Martins out there who are just better at
covering up their tracks. Then again, maybe not. Maybe anything.

I guess there's always the "you can't stop someone from taking a photo of your
computer monitor" problem (forgetting the name rn), but even then you can use
little things like spacing words slightly differently per presentation of the
file, etc.

~~~
implying
There are definitely steganographic measures in place. Reality Winner is
currently imprisoned because The Intercept didn't properly remove yellow
tracking dots from a printed memo she leaked to them. Printed documents are
easily tracked this way, and I suspect minor variations and invisible unicode,
etc. is used for more widely desseminated digital material.

There is almost definitely 10 more martins out there... exfiltration is so
diverse of a problem that any system with strict auditing and controls will
still have side-channel attacks.

>I guess there's always the "you can't stop someone from taking a photo of
your computer monitor" problem (forgetting the name rn), but even then you can
use little things like spacing words slightly differently per presentation of
the file, etc.

See
[https://en.wikipedia.org/wiki/Analog_hole](https://en.wikipedia.org/wiki/Analog_hole)

------
baybal2
I see it kinda surprising to see that a lot of US spooks are private
contractors, and not people in uniform, or even full time employees.

Can anybody shed light on that?

When the NSA project codename list first leaked, I ran a linkedin search with
some of them, and I got over a hundred hits on some of them, with people
seemingly not concerned with naming them at all on their resumes.

~~~
rdtsc
The story I hear is that NSA doesn't pay enough. So one path for people is to
quit then work for one of the military contractors which then end up doing
contracts at the NSA but get paid a lot more.

But maybe that is unrelated since if he would still ex-filtrate data even if
he worked directly for NSA.

~~~
pm90
> But maybe that is unrelated since if he would still ex-filtrate data even if
> he worked directly for NSA.

This is something that's not really clear. There will always be leakers, but
being part of an organization becomes part of many people's identities. The
success of the organization then becomes a much more personal effort, which
would likely discourage people from taking actions that might hurt it.

My point being: contractors may not have the same sense of ownership or
belonging-ness that employees do. I will freely admit that this is an untested
hypothesis though.

~~~
rdtsc
> My point being: contractors may not have the same sense of ownership or
> belonging-ness that employees do

That's fair. I do see someone directly working for NSA maybe being more
devoted to their country. Though I imagine it must be hard when they know
their previous co-workers, who now moved to Booz Allen are making 2x working
on the same projects.

------
reneherse
The title is misleading, as it wasn't really a "heist", which implies armed
robbery. This guy stole information by taking it home from work over a period
of many years.

Seems like a fairly light sentence considering he had amassed _50 terabytes_
of data by the time he was caught. According to Wikipedia he was caught when
he contacted a Russian security firm, who in turn contacted the NSA (which is
interesting in itself). [0]

[0]
[https://en.wikipedia.org/wiki/Harold_T._Martin_III](https://en.wikipedia.org/wiki/Harold_T._Martin_III)

------
sneak
He accepted a plea bargain and still won’t be out for 9 years; had he gone to
trial he likely would have been in prison his entire life.

> _Mr. Martin was never charged with leaking information, only illegally
> retaining national defense information._

These sentences are insane.

They are building a culture of fear, from Manning to Assange to Winner to
Snowden: they want everyone to be so afraid of them that the concept of doing
the right thing seems equivalent to death.

~~~
adamson
In what sense was Martin "doing the right thing" by hoarding documents
seemingly for its own sake/to satisfy some tick? I don't think it's fair to
the others you listed to lump Martin in with them.

~~~
sneak
The specifics of his case are irrelevant; they are using any and all
opportunities to create an atmosphere of extreme fear.

Assange isn’t even subject to US law and doesn’t/didn’t have a clearance.
They’re going after him on whatever grounds they can scare up simply for
_publishing_.

It’s part of a wider plan, to shore up the fact that they are vulnerable,
which Snowden most effectively demonstrated.

