
Evidence points to another leaker at the NSA - mudil
http://www.reuters.com/article/us-intelligence-nsa-commentary-idUSKCN10X01P
======
silvestrov
Even if it's not Russia, the release of the hacking tools gives weight to the
argument that nsa/fbi should not be able to demand companies to create a back
door in their products.

> Apple: If we're forced to build a tool to hack iPhones, someone will steal
> it.

> FBI: Nonsense.

> Russia: We just published NSA's hacking tools

[https://twitter.com/csoghoian/status/765785340892372992](https://twitter.com/csoghoian/status/765785340892372992)

~~~
AceJohnny2
Except the FBI explicitly said Apple could work on and execute the backdoor
internally and destroy it after use. It would never need to come out of their
secure facilities.

So I don't think this was the strongest argument for Apple. A better one is
that once the US can compel Apple to do this, what's to stop Russia, China
from demanding the same thing?

~~~
silvestrov
When the back door is created, it cannot be destroyed. FBI had tons of other
phones they wanted to access [1]. Hacking one phone would set a precedent that
Apple would have to hack numerous other phones.

It is so simple to steal software, just like NSA's hacking tools were stolen.

If NSA cannot keep software safe, why can you think that Apple can? I think
it's unreasonable to require Apple to have a higher level of security than NSA
effectively has.

1: [http://www.sfgate.com/nation/article/Apple-FBI-face-off-
in-C...](http://www.sfgate.com/nation/article/Apple-FBI-face-off-in-Congress-
over-iPhone-data-6864178.php)

~~~
unfamiliar
> When the back door is created, it cannot be destroyed.

If the "backdoor" in question is a malicious signed OS update, then it can
absolutely be destroyed. There are plenty of reasons to avoid backdoors
without imbuing them with mystical qualities like the inability to delete
them.

~~~
charliedevolve
Signed updates aren't secure either. Ask Microsoft.

------
adamc
I don't think calling a thief putting up hacking tools for the highest bidder
"another Snowden" is particularly accurate. (I realize this was the article
title and am not complaining about the post here. I fault whomever crafted the
original title.)

~~~
tombert
I agree; Snowden, whether you agree or not, was doing something he thought was
right. He wasn't just trying to extort data and sell it.

~~~
jMyles
I assert that, whether someone agrees or not, Snowden was doing something that
was _actually_ right.

~~~
tombert
I don't disagree, but I know that the issue is divisive; my point is that his
_intentions_ were clearly pure regardless.

~~~
jomamaxx
"my point is that his intentions were clearly pure regardless."

I would tend to concur, but we don't know that.

Also - intentions are not that important. Manning's motivations I surmise were
probably innocent, but his incredible naivte of releasing gigabytes of
information of information when he didn't even know what the contents were ...
were seriously damaging. Tons of undredacted cables in there meaning a number
of Afghan and Iraqi citizens helping the US were needlessly put at risk, for
example.

~~~
jMyles
Listen, I don't mean to dismiss the kind of sober thinking you are putting
forward here. There is a reality to these sorts of actions that, for the
perhaps most optimistic or utopian among us, bears repeating mention of.

However, this:

> Tons of undredacted cables in there meaning a number of Afghan and Iraqi
> citizens helping the US were needlessly put at risk, for example.

...reads to me like a celebration of opposite day in the bizarro world.

Manning did _nothing_ to put these people at risk; _the state_ put them at
risk with its murderous and greedy tendencies and foreign policy errors.

Announcing someone's name and affiliations, in the case of a decent, non-
violent, dare I say "everyday" person does not in any way put them at risk.

It is only because these people are touched by the long finger of empire that
the appearance of their name in a text file is compiled into danger.

Manning's heroism tends toward ending that empire and making these people (and
those in a similar role in generations to come) safer and freer.

~~~
jomamaxx
"It is only because these people are touched by the long finger of empire that
the appearance of their name in a text file is compiled into danger. Manning's
heroism tends toward ending that empire and making these people (and those in
a similar role in generations to come) safer and freer."

This is ideolgically anarchist and ridiculous.

There is no 'Empire'. There is just 'stuff you, as a citizen vote for'.

Have you ever been outside the Western World + Japan? Do you know how crazy it
is out there?

Do you know how instantly things would collapse without the international
framework we have today?

Are you too young to remember the Cold War? Do you realize that it's still
going on, that Russians are grabbing territory and they still have 3 000
nuclear weapons pointed at us and, just a few months ago Putin bragged, over
dinner, that he could 'wipe out the USA' in 45 minutes?

This is not a video game.

US foreign services do _extremely_ important work in the world, and if you'd
read the cables that Manning released, you'd see how true that is, and also
how mundane most of it is relative to your anarchist hyperbole.

Manning swore an oath to serve the interests of his people selflessly,
instead, he naively, and _selfishly_ released information which caused a lot
of damage and could have caused a lot more damage.

It would be one thing if Manning were some intellectual, knew what he was
doing with conscience, but he was a very low level private - with severe
social and identity problems, thinking that somehow he had 'answers'. I think
that he thought he was doing the right thing, but he's severely deluded.

And by the way - I am not American.

Also - I should add - that the person who released the photographs from Abu
Gharib - and caused the big scandal/uproar was definitely in the category of
'whistle blower' and did the right thing.

~~~
jMyles
It's hard to know how to respond to your comment as whatever logic it may
contain is camouflaged by ad-hominem presumptions (if you'd read the cables
that Manning released, you'd see...) and impossible-to-take-seriously fear
mongering ("3 000 nuclear weapons pointed at us").

I remember the cold war. And I thought that the government did the best thing
it was able to do. Did the governments of both the USA and USSR behave
childishly? Yes. Were they operating in a short-term feedback loop? They sure
were. Did they, perhaps against the odds, avert a nuclear holocaust, at least
for 40 years? Yes in fact they did.

But that's really not the point.

As I've said elsewhere, my argument (and I think the argument you see coming
from much of the HN community) is _not_ that government has always been
unnecessary, but that it is being deprecated.

It doesn't matter that this one human leaked these troves of information; the
internet will always tend toward making them available regardless of which
individuals happen to be involved with the particulars.

Government secrets aren't merely immoral, they're increasingly impossible.

So all of your nostalgia about worldwide wars being "the international
framework we have today" is just completely irrelevant. The internet will not
abide government, and human evolution will continue to be the internet.

------
tptacek
Where by evidence for another NSA leaker, Bamford means _literally no
evidence_. The fulcrum of his op-ed rebuts an argument nobody is making ---
that Snowden himself disclosed this cache of exploit tools.

The prevailing narrative, one echoed by Snowden himself, was that this was
likely taken from a staging server: a machine somewhere out on the Internet
used as a pivot point for attacks. Snowden claims (I don't know with how much
authority) that a compromise of one of those staging servers is not without
precedent.

Nothing in this entire piece refutes or even engages with that narrative.

~~~
guelo
What doesn't make sense about the staging server idea, which seems to mean a
command and control server, is why there would be a bunch of different tools
for unrelated exploits on the same server.

~~~
etjossem
Snowden himself talks about this. His comments should be required reading for
anyone in this thread:

[https://twitter.com/Snowden/status/765514347196084224](https://twitter.com/Snowden/status/765514347196084224)

~~~
guelo
People get lazy and upload a bunch of highly prized top secret "keys to the
kingdom" at once. Seems like the opposite of "Tailored Access".

~~~
tptacek
What do you think "tailored access" is? Look at some of the better known
former NSA hacking-division people in industry: they were all at NSA in their
early 20s.

Then look at the unbelievably shoddy quality of these tools. Are you arguing
also that they might themselves not be part of NSA's repertoire? Because I
could make the same "opposite of tailored" argument about the tools
themselves.

~~~
guelo
I meant tailored access literally. I assume that the name "Tailored Access"
comes from the idea that access is tailored, i.e. custom fit for the specific
task at hand.

~~~
tptacek
It is, in the sense that it's not indiscriminately owning up every vulnerable
host on the Internet the way a botnet operator would.

------
John23832
> In addition, if Russia had stolen the hacking tools, it would be senseless
> to publicize the theft, let alone put them up for sale. It would be like a
> safecracker stealing the combination to a bank vault and putting it on
> Facebook. Once revealed, companies and governments would patch their
> firewalls, just as the bank would change its combination.

Why would this be bad for Russians (if this was indeed the Russians)? We
can/should assume that Russia has it's own methods of infiltrating systems.
The value of this data to them would be knowledge of how it's done, not
necessarily hoarding and replicating how the NSA does it. If anything, having
vendor's patch exploits that they're not using, but their enemy is, would be a
great chess move.

~~~
gremlinsinc
The longer the russian's know or have the exploits without the NSA knowing
they've been compromised, the longer they can hold it against them. -- Imagine
you've hacked a bank network vs robbing a single bank, and every week you take
1 penny from all users without anyone knowing, and do this for 3+ years...
you'd get a lot more than a one-off bank robbery... That's the long game that
Russia would play - milk it for every ounce of use, and keep it totally
secret.

They get nothing from exposing it, hacktivists on the other hand get a lot
more, and are more boastful about their exploits.

~~~
John23832
Hold what against them? The exploit? That makes no sense.

The Russians do not use the exact same set of tools that the NSA does. Sure,
they may have discovered some of the same exploits, but the two do not have
the same "toolbox" strictly speaking. Releasing a set of tools used by the NSA
doesn't mean that Russia loses access to the systems that they have
compromised...

Your bank heist analogy doesn't apply here.

------
advisedwang
It seems likely
([https://www.schneier.com/blog/archives/2015/04/counting_the_...](https://www.schneier.com/blog/archives/2015/04/counting_the_us.html))
that there are actually quite a few whistleblowers/leakers out there.

------
redwards510
Do people really think this "auction" is legit? That people can seriously bid
on these tools? The whole thing plainly sounds like a big joke for maximum
attention. There is no real intention to sell the tools, at least not this
way. The terms of the auction are ridiculous; no one with enough money to make
a serious bid would risk losing it all like that.

Perpetuating the meme that this is a serious auction is dangerous and faulty
journalism. It is a publicity stunt to embarrass the NSA. Let's not get
hysterical and pretend that some third world terrorist country could obtain
the NSA's cyber capability by bidding all of their petro-dollars in this
farce.

~~~
etjossem
Snowden has a theory that Russia had these tools for a long time, the auction
has nothing to do with it, and it's political signaling related to the DNC
hacks. Worth a read:

[https://twitter.com/Snowden/status/765515087062982656](https://twitter.com/Snowden/status/765515087062982656)

------
dredmorbius
It's inevitable that there are, or were, or will be, other Edward Snowdens
working at NSA. Persons who find that the Agency's mission no longer sits well
with them.

The question is: who are they working for?

Snowden was working for the American People, and upholding the US
Constitution.

To draw from some relevant if non-US history, Kim Philby's interests did _not_
lie with his nation's subjects, despite his aristocratic pedigree.

~~~
vocatus_gate
I worked for the NSA for four years and left last year because being there
bothered my conscience. Lots of smart and nice people, but I just didn't want
my life's work contributing to their mission. I left a secure position with
great benefits and went off to be a 1099 at one of the credit card companies.
Less job security but I no longer have the burden of knowing my work is
supporting something I'm strongly against.

~~~
philovivero
Thank you for your principled approach to life. I wish we had more of you on
our side!

(What is "our side?" I, similarly, have refused to work for defense industry,
TLA agencies, etc, because I see them as net negatives to our society - this
is the side I'm on)

------
okket
Edit: Apparently somebody agreed and removed the clickbaity 'Snowden' from the
title. Thanks.

~~~
DanHulton
Which is why I click through to the HN comments before the article about 9/10
times. Usually more interesting and informative than the article anyway.

~~~
tgcordell
I view your thought process as how 'group think' and 'reddit culture' starts
to permeate HN

~~~
mst
I think that would be 'instead' rather than 'before'.

------
lostlogin
The article sort of makes fun of the hackers writing, then immediately writes
"loosing" instead of "losing".

------
zmanian
Bamford's expertise in espionage is pretty similar.

There seem to be two plausible explanations for the Shadow Brokers release.

1\. The doctrine of the US govt in cyberwar is proportionate response. This is
either preemption or escalation on behalf of Russia. This assumes the
attribution of Russia for Democratic political hacks are accurate.

2\. This is further activity by whomever leaked the ANT catalog to Applebaum.

The Shadow Brokers are going to be difficult to attribute technically.
Attribution is based more on your theory about what's happening the Russian
covert escalation.

~~~
wstrange
Or a third possibility: This is a deliberate release for propaganda purposes
(more funding, dis-information, etc.)

------
grandalf
Once a useful zero-day has been discovered by an adversary, it may make sense
to give up using it so that one's own side's computers are not vulnerable.

My guess is that the NSA has excellent methods for detecting DNS exfiltration
and the recent tools are at least a decade old technology.

What's interesting is the disinformation value of intentionally releasing the
tools, but to understand that we'd have to know who the intended adversary
was.

------
bogomipz
"In addition, if Russia had stolen the hacking tools, it would be senseless to
publicize the theft, let alone put them up for sale."

No not all Russia was recently accused of hacking the DNC in the US, so it
would a perfectly logical for one state actor to say to another "you do it too
and here is evidence." Is that not so obvious?

------
PieterH
As soon as the author began referencing Applebaum seriously, the article lost
most of its credibility.

~~~
mst
I dunno, Applebaum might've been an epic plagiarist, but the work he was
trying to take credit for was often solid.

~~~
PieterH
I'm sure the work was solid, yet not his. To weave him into this story with
that stupid tagline "the most dangerous man on the Internet" with the
insinuation he was some kind of hacker... is garbage journalism.

------
justcommenting
Does anyone else recall Jacob Appelbaum referring to RC6 constants [0] in
public talks (e.g. 30c3) back in 2013?

I'm surprised Appelbaum hasn't been directly suggested as a potential
source[1,2].

[0] [https://securelist.com/blog/incidents/75812/the-equation-
giv...](https://securelist.com/blog/incidents/75812/the-equation-giveaway/)

[1] [http://crypto.stackexchange.com/questions/12661/what-
could-l...](http://crypto.stackexchange.com/questions/12661/what-could-look-
for-the-constants-that-you-might-find-in-rc6-mean)

[2] [http://www.nakedcapitalism.com/2014/01/jacob-
appelbaum-30c3-...](http://www.nakedcapitalism.com/2014/01/jacob-
appelbaum-30c3-protect-infect-militarization-internet-transcript.html)

------
atmosx
> _A more logical explanation could also be insider theft. If that’s the case,
> it’s one more reason to question the usefulness of an agency that secretly
> collects private information on millions of Americans but can’t keep its
> most valuable data from being stolen, or as it appears in this case, being
> used against us._

If there's anyone still questioning the results of Snowden's move, here you
have it. The Reuters opinion is stating that this data is _potentially being
using against us_. If the perception that the NSA doesn't collect for the
_public good_ becomes broadly accepted, change can be achieved at a political
level.

------
bronz
i dont understand why the highest bid in the shadow brokers auction is less
than a thousand dollars

~~~
wongarsu
To me it wasn't clear in the auction description if it's possible to increase
a previous bid.

\- If it's not possible, then the only strategy is to bid as late as possible:
Suppose Group A bids $1000, Group B bids $1001. To win the auction Group A
would have to transfer another $1002, making a total investement of $2003.
Group C on the other hand only has to commit a total investement of $1002 to
win at this point. Since the duration of the auction isn't known you would
wait for everyone else to make a bid first, since the person to bid last is in
the advantage. If everyone does that, this becomes the ultimate waiting game.

\- If on the other hand it is possible to increase one's bid by just
transfering the difference, then this is a tullock auction[1]: a classical
example from game theory where the only rational strategy is not to bid at all
(unless you are completely sure that nobody else will bid. As soon as you have
two bidders, both behaving rationally would lead to both committing an
infinite amount of money, one of them losing it all).

So just from a game theory standpoint nobody would actually bid in this
auction. Add to this the very likely possibility that the public leak contains
all data they have and that this auction is a scam, and this isn't attractive
at all.

[1]:
[https://en.wikipedia.org/wiki/Dollar_auction](https://en.wikipedia.org/wiki/Dollar_auction)
(Dollar auctions are a two-player example of Tullock auctions)

------
return0
Why don't we have widespread use of tools that spoof online activity ?

------
partycoder
Or probably it's information intoxication (leaking fake information)

------
Aelinsaar
...It's like they have no idea what "Evidence" actually means, or frankly what
the hell Snowden actually did; it wasn't selling hacking tools on the black
market!

------
sickbeard
Isn't this the reason why governments react harshly to people like Snowden and
Manning? To discourage even worse breaches?

~~~
matt_wulfeck
Clearly the harsh reaction to Snowden has done nothing in this case. I wonder
what the reaction would be if Snowden would have been treated like a
whistleblower and not a traitor?

~~~
sickbeard
Compared to past infractions Snowden has gotten off relatively easy

~~~
paulmd
Largely because Snowden is outside the political reach of the US for the
moment, and the USG realizes it would be counterproductive to throw a public
temper tantrum about it.

If he hadn't fled it's quite likely he would have faced the same kind of
treatment as Thomas Drake and William Binney, if not harsher.

~~~
dghughes
> Thomas Drake and William Binney

Someone should write a book or make a movie about those two men the modern
equivalent of All the President's Men.

------
nxzero
Anyone that expects anything related to "intelligence" to have logical
explanations might very easily find themselves chasing tails.

~~~
drvdevd
Good point. It's hard to take anything at face value in a situation like this
(other than the _working_ code itself that was released). In particular:
everything in the corresponding manifesto could be complete nonsense or
misdirection.

------
the_wumpus
One hundred Royal Zorkmids for the title author!

------
thomasrossi
"It’s one more reason why NSA may prove to be one of Washington’s greatest
liabilities rather than assets." WOW, never though I'd read that on something
like Reuters, he put his foot down.. :s

~~~
tptacek
It's an op-ed.

------
SixSigma
This is all smoke and mirrors.

The DNC is claiming a Russian Hack with wonderful support from the media.
Reuters, for instance, gave over $1m to the Clinton Foundation.

When the FBI accused the N. Koreans of the Sony hack, at least there was some
credible evidence conjoured up. Obama used an executive order to apply more
sanctions on NK even though there were voices saying it was still
inconclusive.

But now we are expected to believe the DNC has been hacked by the Russians in
partnership with Trump.

Seth Rich, supposed DNC leaker gets shot in the back.

And now this.

The DNC stabs Russia in the back - Bill was happy to accept $500,000 for a
speech in Moscow and the Clinton Foundation $millions just before Hillary
authorized a major Uranium deal.

I sound crazed writing this, like I'm something from InfoWars. This election
cycle is standing the world on its head. Be very careful who you believe.

~~~
mamon
It is "smoke and mirrors", but in completely different sense, which is clear
now:

Russians have been known for a long time (whole Cold War) for being able to
sacrifice one, less important spy to distract enemy's attention from more
valuable one.

Now think about Snowden in this context: few years ago NSA must had been
sniffing around, looking for a leak. Suddenly, one of their employes takes few
laptops with secret data and runs, ending up in Russia. NSA is furious, but on
the other hand their alertness goes down. Few years later it turns out that
there's still someone leaking their secrets.

~~~
orly_bookz
Doesn't that completely ignore the fact that Snowden got caught in Russia in
the first place because his passport got revoked?

