
NSA veterans speak out on whistle-blower [video] - cgshaw
http://www.usatoday.com/story/news/politics/2013/06/16/snowden-whistleblower-nsa-officials-roundtable/2428809/
======
miles
Somehow this quote from the interview by Thomas Drake, a former senior
executive of the NSA and a decorated Air Force and Navy veteran[1], carries a
bit more weight for me than the widely trumpeted blatherings of Dick
Cheney[2], winner of five draft deferments[3]:

 _I actually salute him. I will say it right here. I actually salute him,
given my experience over many, many years both inside and outside the system.
Remember, I saw what he saw. I want to re-emphasize that. What he did was a
magnificent act of civil disobedience. He 's exposing the inner workings of
the surveillance state. And it's in the public interest. It truly is._

[1]
[http://en.wikipedia.org/wiki/Thomas_Andrews_Drake](http://en.wikipedia.org/wiki/Thomas_Andrews_Drake)

[2] [http://www.csmonitor.com/USA/DC-Decoder/2013/0616/Dick-
Chene...](http://www.csmonitor.com/USA/DC-Decoder/2013/0616/Dick-Cheney-
Edward-Snowden-a-traitor-who-likely-spied-for-China-video)

[3]
[http://www.nytimes.com/2004/05/01/politics/campaign/01CHEN.h...](http://www.nytimes.com/2004/05/01/politics/campaign/01CHEN.html)

~~~
dfc
I agree with the overwhelming majority of your post but I have to say the
draft dodging/deferring comment was a little odd. I think its really tough for
us (people who have grown up under an all volunteer service) to pass judgement
on how a previous generation dealt with the draft, even more so if we pass
those judgements as civilians.

~~~
btilly
I have never served in the military. But I am old enough that my brother
fought in Vietnam (sort of not drafted, it is complicated) and my father was
drafted for WW II. I also have relatives serving in the armed forces.
(Including, at the moment, 2 nephews.)

I have observed what I've seen commented on elsewhere. There is a certain type
of person who managed to skip the draft for themselves, and then proceeded to
become overly supportive of the military and military aggression. Possibly as
a reaction to the guilt of having not served when given the chance. There is a
certain cowboy element to their approach. Prominent examples include Dick
Cheney and George Bush.

By contrast people who actually served often, like John McCain or Al Gore, are
strongly supportive of the military. But they tend to treat military service
and action as the serious matters that they are.

The phrase that sums this up best is "chickenhawk".

~~~
malkia
There was a democrat several years ago that wanted to put back the draft in
place - e.g. mandatory military service. The idea was that since lots of
republicans/democrats have kids and this would made them think again for going
to war.

~~~
dfc
You are probably thinking of Rangel. But he is not the first to bring it up
and hopefully he will not be the last. It really has nothing to do with
democrats or republicans, the distinction is socio-economic. I think the idea
is even better if you expand the definition of service to also include
"civilian service" e.g. teacher, social worker, etc.

------
nikcub
I feel bad for Drake, he was facing federal charges and nobody seemed to
notice. 89% of federal cases are plead before trial and of those that go to
trial 90%+ are found guilty, that is how much the odds were stacked against
him. He got nowhere near the attention that he deserves[1[]

William Binney is an absolute hero. I have absorbed everything this guy has
ever said or done[2]. He was not only employed at the NSA, but he was a
director who _designed_ the software that is being used right now to dragnet
all the communications. It is difficult for anybody - congressman, president,
republican voter, etc. - to argue that what the NSA is doing is fine when the
guy with all the technical details and design of the program says it isn't.
That he is against what is happening is a big deal and needs more attention.

This video is on the front page of USA Today, so these guys and the topic is
starting to get the recognition they deserve.

[1] The New Yorker did a great feature on him called 'The Secret Sharer' \-
good for background
[http://www.newyorker.com/reporting/2011/05/23/110523fa_fact_...](http://www.newyorker.com/reporting/2011/05/23/110523fa_fact_mayer?currentPage=all)

[2] Search YouTube for Binney - he was the keynote speaker at the 2600 HOPE
conference last year - a presentation that everybody must watch. Apparently
Snowden decided to go the route he did after watching Binney in Laura Poitras'
"The Program" for the NYTimes: [http://www.nytimes.com/2012/08/23/opinion/the-
national-secur...](http://www.nytimes.com/2012/08/23/opinion/the-national-
security-agencys-domestic-spying-program.html?_r=0) Potras is the same person
who was the first journalist Snowden contacted.

~~~
krek
Binney didn't design the system that's currently being used, and that's his
whole point. He designed a cheap way to do what the current program does but
that would protect people's privacy (in part by not storing all the data that
it filters). His point is that the NSA spent billions on a dragnet system that
violates privacy and isn't even able to catch terrorists as well as the
privacy-respecting system he designed internally for dirt cheap.

~~~
nikcub
In one of his interviews[1] he mentions that after he left and TrailBlazer was
abandoned the NSA took what he built in ThinThread but removed the privacy
shields he had in place that would encrypt US communications.

The rest of the platform is ThinThread (which was a lot cheaper than the
failed TrailBlazer project).

Also interesting that a lot of the NSA platform is open source. OpenCloud for
server management and Hadoop for distributed computing.

[1] I can't recall which one, in his keynote at HOPE he does make another
reference to the crypto privacy shield being removed

~~~
notdrunkatall
He mentions that here, I believe:
[http://www.nytimes.com/2012/08/23/opinion/the-national-
secur...](http://www.nytimes.com/2012/08/23/opinion/the-national-security-
agencys-domestic-spying-program.html?_r=0)

------
danso
> _Binney: Part of his job as the system administrator, he was to maintain the
> system. Keep the databases running. Keep the communications working. Keep
> the programs that were interrogating them operating. So that meant he was
> like a super-user. He could go on the network or go into any file or any
> system and change it or add to it or whatever, just to make sure — because
> he would be responsible to get it back up and running if, in fact, it
> failed._ > > _So that meant he had access to go in and put anything. That 's
> why he said, I think, "I can even target the president or a judge." If he
> knew their phone numbers or attributes, he could insert them into the target
> list which would be distributed worldwide. And then it would be collected,
> yeah, that's right. As a super-user, he could do that._

I have a feeling that the NSA deals with access control just like the rest of
us...very poorly. Even more egregious is that Snowden was a contractor...if
we're going to leave open the possibility of the NSA targeting us at their
whim, can't they at least do that in-house?

~~~
einhverfr
Securing data against a systems administrator however is difficult on the best
of days. I have done some of this for Efficito
([http://www.efficito.com](http://www.efficito.com)). Even with the best of
care there are ways an administrator can get the info no matter what you do.
All you really can do is restrict it to ensure that casual access is not an
issue.

For example, we store virtual machine root passwords in an encrypted database
for last resort purposes (so that someone can log in using virsh console as
root when nothing else is working). There are three layers of encryption and
as far as casual access goes (assuming nothing is reconfigured), mere root
access to the box is not enough to reveal the information. However if you can
change what is logged by PostgreSQL and reconfigure PostgreSQL's
authentication options you could grab enough information to effectively read
this data.

People with the sort of access required to make sure things are secure can
effectively get the data off the system that they want, and the alternative in
designing a system is to have one with no superusers and the possibility that
information is irrevokably lost when someone forgets a password. The most
secure systems end up somewhere between them.

~~~
hvidgaard
It comes down to physical access (in the sense as they can log into the box as
root) - if you value security someone (single or "multiple person user") must
be able to log in as root. Someone must be able to access the data hardware
that contains the data, otherwise you'll might as well not store it and save
the headache. Once you have admins with the ability to be root on the box,
they can get the data. There is no way around it. What you can (and should do)
is have access logs saved at least at one location where noone can delete
anything. I suppose you could encrypt the data and save the key on a dedicated
tamperproof box (are IBM still the main provider of these?), but someone must
manage this box. Trust is inevitable, at best you can divide it in such a way
that the combined entity is unlikely to go rogue.

~~~
einhverfr
It's actually more complex than that. One of the things that really gets in
the way of encrypted storage, when you think about it, is the reality that key
management involves tradeoffs too. For example, we _could_ divide things up
that you could get the encryption key only on a separate system and so only a
public key and the public key encrypted symmetric key are stored. In this
model you only get either symmetric key-encrypted data, or the public key-
encrypted symmetric key.

The problem though is that someone still has to have the right to rotate keys
and this process can be attacked too. For example, one could rotate keys to a
known value thus giving the attacker access to the plain text. Worse, the
person who can rotate the keys has to have the right to access both old and
new keys in an unencrypted state.

Now, given that reality, it isn't clear to me that the fact that someone could
set up the database to log all queries, and allowing passphrases for
encryption to be passed in in the query poses a real added danger.

Another option is just not to allow key rotation but that allows for attacks
on the key itself. You can get aroudn this by having a different key for each
piece of data and thus limit the utility of cracking each piece.

However if you go that route, then you have two computers to secure instead of
one, and it is vulnerable to more types of attacks than before since you are
now trusting the client.....

------
gruseom
I couldn't stop watching this video. It is the most riveting thing I've seen
since the Snowden interview itself. It's a pity they broke it up; you have to
scroll down the page to get all the pieces. But I highly recommend watching
the entire thing if you're interested in this story. It packs a wallop and
it's... pretty damn convincing. Every one of the four interviewees is deeply
impressive, each in a distinct way. It is hard to believe that they don't know
what they're talking about. More striking than that, though, is what good
people they all seem to be.

I'm surprised that USA Today put this out and I hope they do more like it. The
contrast with typical news pap could not be stronger.

------
rdl
Interesting that he now calls Snowden a traitor for the China-specific intel
turned over, while supporting him broadly otherwise. Pretty much the same line
I'd draw (although I think he should have gone to IG/Congress rather than the
media, but with the threat of going to media if no action taken. It's possible
he went to IG/Congress already, but I don't think so.)

~~~
cgshaw
Giving up British intelligence for the G20 surveillance is also probably
crossing the line.

If developed countries can't trust each other not to spy on their diplomats
where does that leave us?

I guess they should all assume they are being spied on at all times while on
foreign soil, but airing that in public is likely to worsen his chance of
avoiding jail time—or worse.

~~~
rdl
I have ~no problem with gov on gov spying. I actually have more problem with
China's spying on US companies for commercial reasons than China's spying on
the USG. USG spying on private individuals might be worse than China spying on
USG from an abstract moral perspective.

I'd argue that US v USSR spying during the Cold War, particularly PHOTOINT and
SIGINT and other forms of technical intelligence, largely averted a global
thermonuclear war. Gov v Gov spying is just another form of transparency.
(obviously as a US citizen I'd prefer the US to have an edge there, but
generally for something like Brazil v Argentina I don't particularly care)

~~~
saraid216
It's worth noting that, with "gov on gov spying", identifying enemy agents
isn't all that easy and effectively requires well... a surveillance state
spying on its own citizens.

~~~
pyre

      | requires
    

It doesn't _require_ anything. The government didn't need Big Brother powers
to play the spy game during the Cold War.

------
cgshaw
Most of us had heard about Binney before, but the other guys back up many of
the same claims.

Binney's take on what they'll do to Snowden.

"Binney: First tortured, then maybe even rendered and tortured and then
incarcerated and then tried and incarcerated or even executed."

------
der3k
"We were gathering bulk data from telecoms even before the Patriot Act"
Thought this was important to note.

~~~
cgshaw
Perhaps even more important to note "before 9/11."

So if mass surveillance didn't prevent 9/11, is the rationale to expand it to
TOTAL surveillance, if necessary?

~~~
pyre

      | Perhaps even more important to note
      | "before 9/11."
    

To me, at least, that's basically how I read "before the PATRIOT Act." I
looked it up and the PATRIOT Act was signed into law on 2001-10-26; for some
reason I thought that it was quickly pushed through a day or two after 9/11.

~~~
cgshaw
I read it similarly, but not everyone may recall the ins and outs of the
Patriot Act's passage—it was nearly a dozen years ago now. Many of the folks
on HN were in grade school.

I was trying to draw attention to the line that government keeps giving us
about how "they are trying to prevent another 9/11" with the secret laws and
secrets courts that enable warrantless wiretaps and constant surveillance.

------
lemming
_Sentenced to a year of probation and community service, Drake was stripped of
his security clearance. He now works at an Apple retail store._

I hope they have him employed as a Genius.

------
Zigurd
Hobbes would be saying "No, no, I meant about the size of a very large whale,.
Big enough to keep random individuals from running amok and spoiling things...
This is more like Cthulu."

------
laurentoget
off topic. who knew usa today has such a nice website?

~~~
jrockway
Agreed. I mostly consider USA Today as "that newspaper dumb people read" so
never checked out their website. The design is pleasing and the linked
roundtable discussion was quite good. No controversy, no professional talking
heads, just some folks having a chat on camera. I am impressed.

------
quattrofan
On topic, the best critique I have read of the failed hope that is Obama:
[http://www.guardian.co.uk/world/2013/jun/15/broken-
promise-b...](http://www.guardian.co.uk/world/2013/jun/15/broken-promise-
barack-obama)

------
jayferd
Warning: auto-playing video.

~~~
cgshaw
Apologies, I should have linked the print-friendly version.

I hate autoplays as well.

