
Bruce Schneier: China and Russia Almost Definitely Have the Snowden Docs - mndtzn
http://www.wired.com/2015/06/course-china-russia-snowden-documents
======
NateLawson
Bruce Schneier is falling into the trap of saying since computer security is
hard, the NSA has certainly been compromised and we can assume these docs have
been out there for a while.

Yes, securing the endpoint is hard, especially given the non-hardened OS and
applications we mostly use. However, you can't extrapolate from that to say
with certainty what has and hasn't been exposed via security flaws.

The USSR was much more successful at espionage than the US was, and they took
a low-tech approach to it. For decades, they developed contacts within the
govt, gave them money, and had documents handed to them by authorized
insiders.

Let's not assume computer exploitation is the only culprit. History has shown
a variety of techniques, even very low-tech ones, have been employed for
espionage and it's impossible as an outsider to determine how much has been
taken, by whom, and by what means.

~~~
kbenson
> > The vulnerability is not Snowden; it’s everyone who has access to the
> files.

> > First, the journalists working with the documents.

> Bruce Schneier is falling into the trap of saying since computer security is
> hard, the NSA has certainly been compromised and we can assume these docs
> have been out there for a while.

The NSA _has_ been compromised. By Snowden. There's no assumption there,
that's fact. Now, access to the documents not longer just means having NSA
access (or a complicit person with access) or hacking the NSA, it includes
access to any system or person who has access to all the files, which are no
longer restricted to NSA servers. It's no longer about what the NSA's security
practices are.

~~~
Sammi
Yeah but the point is that the NSA is most likely much easier to compromise
than the Snowden documents.

~~~
flyryan
Wait... you believe that the __NSA __is easier to compromise than the
computers of reporters from multiple international news agencies with various
levels of computer security policies and knowledge?

~~~
Sammi
I'll let Schneier answer that, in case you didn't read the article:

> The open question is which countries have sophisticated enough
> cyberespionage operations to mount a successful attack against one of the
> journalists or against the intelligence agencies themselves. And while I
> have my own mental list, the truth is that I don’t know. But certainly
> Russia and China are on the list, and it’s just as certain they didn’t have
> to wait for Snowden to get access to the files.

~~~
kbenson
That doesn't mean he thinks it's easier to hack the NSA, just that he thinks
it already was, so it doesn't matter.

------
efoto
Assuming this is true "we have now seen our agents and assets being targeted”,
there is another explanation why now - other than foreign agencies getting the
documents Snowden took.

The explanation is called protecting intelligence sources: Russia, China - or
whoever had their spies inside NSA long before, can now act on the
intelligence they got without triggering counterintelligence alarms.

~~~
vetinari
Even then, targeting spies is counterproductive.

The spy you know about is much less dangerous than spy that you don't know
about.

~~~
sangnoir
If they hacked the NSA, I'd suspect most spies are known rather than unknown.
There's a curious event where Russia expelled 30 UK diplomats from Moscow -
and none of them were intelligence operatives (and this was no coincidence as
1/3rd of the staff were intelligence operatives) - it was just to send a
message: "we know who your spies are"[1].

Edit: corrected number of diplomats & added citation

1\. [http://www.globalresearch.ca/five-reasons-the-mi6-story-
is-a...](http://www.globalresearch.ca/five-reasons-the-mi6-story-is-a-
lie/5455740)

~~~
superuser2
This is uninteresting. It is fully expected that foreign countries know about
(and extensively surveil) your "official cover" embassy staff intelligence
officers. We tailed everyone who stepped out of the Soviet embassy for most of
the Cold War.

Those people are administrators. Your actual covert operatives will _never_
interact with the embassy in a detectable/obvious way.

------
nabla9
NSA adopted two man rule for system administration only after Snowden leaks.
Before Snowden anyone with similar access as Snowden could have copied the
same data.

What is the probability that at least one guy with same access as Snowden
spied for China or Russia? I would say close to 1.0.

~~~
scoot
"%50 of former employees admit to stealing confidential company data" [1]

Even with oaths and allegiences, the probability that Snowden is the only one
to take advantage of the lax security in the NSA is 0.

[1]
[http://www.symantec.com/about/news/release/article.jsp?prid=...](http://www.symantec.com/about/news/release/article.jsp?prid=20130206_01)

~~~
decisiveness
The NSA is not a corporation. They put exponentially more care in vetting
before trusting with top secret intelligence access.

~~~
ehvatum
And much good it did for preventing the Snowden leak. The false sense of
security instilled by confidence like yours likely hindered implementation of
common-sense safeguards, such as the two man rule and more generally any
functional oversight of any kind.

In my experience, the NSA performs its own security clearance checking and
does not use the OPM for this function, but, in any case where OPM did perform
a background check, that background check provided China with far more
compromising information than China otherwise would have had.

That people place such faith in vetting in the first place is a huge problem.
Furthermore, background checking performed by most of the rest of the US
government has actually been a huge source of actionable intelligence for our
enemies.

In my opinion, it is not possible for an organization the size of the NSA to
keep its secrets. It's, what, 1000x larger than the Manhattan project? And,
would you say that James Clapper's intellect was in the same ballpark as those
of Leslie Groves and Robert Oppenheimer?

In fact, when confronted with opportunities to avoid mistakes, the US
government's reflexive response is compulsion toward secrecy so as to avoid
reform. IE, so much of this secrecy is motivated by desire to escape
oversight, rather than to provide our nation actual advantage over rivals. If
the latter were our goal, oversight and strictly limiting classification to
the most sensitive subset of weapons research and ongoing military operations
would be a road to it. Instead, such approaches are termed dangerous and even
intellectual property normalization treaty negotiations are treated as
military secrets in order to protect the power of entrenched political
influences.

When secrecy is so rampant that it makes it impossible for us to keep secrets,
you might ask why we have so much fucking secrecy.

~~~
decisiveness
Snowden was someone with access who acted on what he thought was in the best
interest of Americans. Whether it was or wasn't is debatable. But to assume
foreign spies exist in the NSA, and would risk treason for foreign interest
because NSA screening missed Snowden, is a big leap in logic.

Of course no one can say foreign spies inside the NSA or access to their top
secret files is impossible, I'm simply suggesting it's safer to assume this is
not likely, and comparing the NSA to civilian corporations in this regard is
unreasonable.

------
ahazred8ta
The original link may redirect, but a permanent copy of the article is now
available at [https://archive.is/zwPVW](https://archive.is/zwPVW) , also
cached at
[http://webcache.googleusercontent.com/search?q=cache:Sx7GYBF...](http://webcache.googleusercontent.com/search?q=cache:Sx7GYBFTCHAJ:www.wired.com/&strip=1&vwsrc=0)

His points are: * China and Russia probably ALREADY had access to that
material BEFORE Snowden, based on the NSA's poor internal security. * Now that
journalists have the remaining unpublished Snowden documents, any nation-state
can hack the journalists.

------
fleitz
Working link: [http://www.wired.com/2015/06/course-china-russia-snowden-
doc...](http://www.wired.com/2015/06/course-china-russia-snowden-documents)

~~~
dang
Ok, we changed to that from [https://www.wired.com/2015/06/course-china-
russia-snowden-do...](https://www.wired.com/2015/06/course-china-russia-
snowden-documents/).

------
CurtMonash
I once challenged Glenn Greenwald as to how he could be confident his copy of
the documents hadn't been hacked. His answer wasn't terribly convincing.

That said, it's also possible he got lucky. He lives in a fairly isolated
farmhouse with a lot of dogs, so maybe it really is hard to do a black bag
operation on him. And I'm not sure how even a nation state could do a purely
internet-based attack on an air-gapped computer.

That said, Laura Poitras in bustling Berlin or an entire major newspaper might
be an easier target ...

~~~
jefurii
> That said, Laura Poitras in bustling Berlin or an entire major newspaper
> might be an easier target ...

That incident where British government officials destroyed the laptop
containing The Guardian's copy of the documents makes more sense in light of
this.

------
hackuser
There's evidence that US government counter-intelligence and information
security are very poor: Snowden, Manning, the recent break-in at OPM, etc. In
past generations, nuclear plans were stolen, the heads of both FBI and CIA
counter-intelligence have been moles, a Navy sailor kept the Soviets updated
on the locations of US submarines, etc. Here's a list I came across recently:
[http://www.wearethemighty.com/american-spies-military-
secret...](http://www.wearethemighty.com/american-spies-military-
secrets-2015-06)

It's hard to know how bad or good the US's security is, because most
intelligence operations are secret and I don't know enough about the field to
have a standard by which to judge it. Maybe these things are the norm for most
governments.

I would not be surprised if other governments already knew much of what
Snowden made public. Some secrecy clearly is necessary for governments but how
often does "secret" merely mean "unknown to the public" (but already known to
enemies)?

~~~
walshemj
The heads of the FBI/CIA I know they both had senior officers go bad but do
you have any proof of this?

~~~
hackuser
Just to be clear, it wasn't the heads of the whole FBI and CIA; it was the
heads of their counterintelligence divisions (or maybe their Soviet
counterintelligence divisions - I don't know the org charts precisely),
Aldrich Ames (CIA) and Robert Hanssen (FBI). Just do a search; there were
arrests, trials, etc. - it is very well documented.

------
tehwalrus
(had to read this article via a proxy, because of a redirect loop - anyone
else seeing this? I'm in the UK.)

EDIT: and it was worth it, excellent article.

~~~
opcvx
I got a partially rendered page before, but it is not working anymore.

~~~
greenyoda
Same here. Here's the Google cache copy:

[http://webcache.googleusercontent.com/search?q=cache:Sx7GYBF...](http://webcache.googleusercontent.com/search?q=cache:Sx7GYBFTCHAJ:www.wired.com/2015/06/course-
china-russia-snowden-documents/+&cd=1&hl=en&ct=clnk&gl=us)

------
lvs
The objective content of this article is no better than the one it criticizes.
Its claims all boil down to speculation about events for which there is no
evidence of any kind.

------
csandreasen
I know I'm late to the conversation, but Bruce Schneier posted an update on
the Lawfare website: [http://www.lawfareblog.com/do-russians-and-chinese-have-
snow...](http://www.lawfareblog.com/do-russians-and-chinese-have-snowden-
documents)

------
decisiveness
To suggest all foreign superpowers have access to the NSA goods because
"security is hard", and "Snowden was able to wander through the NSA’s networks
with impunity", is a weak conjecture at best.

------
tekao
I think Snowden/Wikileaks/EFF/ioerror etc are probably much better at
endpoint(ie the computers used to access the documents) security than most
governments. AFAIK they are not using Windows, all the hacks the Schneier
mentions are on Windows systems, rather Tails Linux and other such tools.

There is alot of spin when it comes to security.

It's pure speculation from Schneier. Also Interesting that Schneier has not
mentioned this article on his twitter.

------
dharma1
would be interesting to hear Snowden's take on this

