Hacker News new | comments | show | ask | jobs | submit login
Snowden Interview with Jacob Applebaum (cryptome.org)
219 points by teawithcarl on July 7, 2013 | hide | past | web | favorite | 86 comments

I think Snowden et al made a mistake with the PR, with regard to what they released first.

The "PRISM" stuff, the stuff with specific internet app/service providers, is actually the _least_ troublesome. (And the closest to legal/constitutional, with FISA orders involved and all.)

MUCH more troublesome, but receiving MUCH less media attention (such that I don't even know the special program names, they are not 'prism'):

* They are recording everything that goes over the internet, by tapping in at major backbones, undersea cables, etc.

* They deploy RAT malware to take over and observe targetted person's computer. (Have we been given evidence by Snowden that they do this inside the US and/or to US citizens? I am not certain. Do they get FISA orders/warrants first? I am not sure. Have we gotten info released on the RAT stuff yet? This interview is the first I've heard of it, in fact.)

Both of these are WAY more alarming, more significant invasions of privacy, less likely to be legal/constitutional, than PRISM. But PRISM's getting all the attention.

I wonder if this was in fact part of NSA/government counter-PR, to make sure PRISM gets the attention and people get burnt out on the story before they get to the REALLY disturbing stuff.

I make the same observations, but I actually think that it's a brilliant move by Snowden et. al. The way they are releasing the information so far has been from less to more troublesome. It's hard to say yet, but I would imagine that the first leak is on the lower spectrum of importance. But it was a great starter because it appealed to a larger audience given that it had powerpoint with big name companies on it, rather than the technical details that would be required to demonstrate the two points you mention.

As the leaks have moved on, the information has become progressively more concerning. Anyone who has followed this issue should have at least a vague idea of the caliber of information that could be coming (your post as an example). So, rather than releasing the big ticket items first, and having the rest of the issues make no impact in comparison, they're allowing as much information as possible to have it's greatest individual impact before moving on (not to mention the now well-discussed benefit of authorities lying themselves into corners trying to cover up the smaller issues).

In this way, they're priming the public so that we've spent months digesting the impact, and understanding the issue so that when we get (say) screenshots proving everything going over telecommunications is recorded, the public is prepared to understand and digest that fact quickly, and can move to action quicker--or even at all.

The more I think about it, the more I earnestly believe that this technique is the most effective methodology available to them and may be our one and only shot to stop it (keep in mind that once a subgroup of society reaches enough power and intelligence over the rest, there is literally nothing the rest of humanity could do to overthrow them; we can't dump tea in the ocean and fire guns at them anymore if they have drones and know everything about everyone).

He doesn't have to convince HN readers that this is worth stopping our daily lives for to stand against, he has to convince the general public.

With that in mind, the best thing we can do right now, is help them to prime the pump. Bring it up to everyone that will listen. Make the electorate informed. Because when the news comes--the one that we will need to act on--the public needs to be ready to hear it and move on it.

> He doesn't have to convince HN readers that this is worth stopping our daily lives for to stand against, he has to convince the general public.

The opinion of the general public doesn't matter. It's been being effectively managed for years, and that won't change now. The proles will never revolt.

The fact is, these programs existing and being public knowledge to "foreign entities" (Obama's words), pose an existential threat to Google, Apple, Amazon, Microsoft, and any other US-based company that intends to make money handling the private data of those filthy foreigners (whom outnumber US citizens on the internet something like a dozen to one).

Sure, tell everyone who will listen. But you'll find that most people don't give a fuck, and wouldn't know what to do with the information even if they did.

This change, if it comes, will come from industry, as all major internal policy changes in US government have for decades.

What you say may be true. But history has shown that people can give a fuck and policy change can come from the people--even recently with ballot initiatives. Corporations didn't overturn Ohio's SB5. Corporations didn't legalize and regulate cannabis in Colorado and Washington. Corporations didn't pass the Dream Act in Maryland. Corporations didn't pass multi-state initiatives to legalize gay marriage. People did.

So independent of my opinion, there's demonstronably a non-trivial chance that you're wrong. And from chances like that, movements are born.

> Corporations didn't legalize and regulate cannabis in Colorado and Washington.

You're right: cannabis is still illegal in Colorado and Washington.

good points.

although I'm not sure I'm confident that there is a 'big one' coming 'the one that we will need to act on' (if what we've already gotten isn't it) -- we will see. I am curious to hear more about the RAT stuff.

We've known about your point A since the 641A information was leaked in 2006. Worse, both major party 2008 presidential candidates (Obama and McCain) voted in 2007 (as then Senators) for effective immunity for the telcoms for their participation in the helping of the government to spy on everyone. Snowden was wise to reveal new information to get people interested again.

Did we really know then that they were tapping into backbones and recording all the bits?

It's possible 'we' did, but I just didn't notice it because I wasn't paying attention and the media didn't make too much of it.

I did hear about the immunity thing, but figured that was for individual requests for particular information for particular investigations; it honestly didn't occur to me that they'd record the entire internet, I naively thought that would obviously be unconstitutional and thus not done.

If "we" did know that before, then I guess the Snowden leak has been great PR, because I didn't know about it until now!

For future references: http://en.wikipedia.org/wiki/Hepting_v._AT%26T is the lawsuit - it was pretty clear that they were wholesale tapping the backbones and recording everything. Even worse, The Supreme Court declined to review the case. All three branches of the federal government tried to sweep the gross abuse of power under the rug. They succeeded, at least for a while.

I wouldn't worry about it. Greenwald claims that the currently-released information is but a fraction of the total disclosures to come. I'm sure he and his editors meticulously played out every scenario of the different release order options.

I think the everyday average person (non engineer, non tech industry) would take interest in the subject much more with PRISM, which names companies and services that they interact with every day and they depend upon.

If you take the body of people who use Google/Yahoo!/Facebook and get the % of people who are aware of the existence and importance of internet infrastructure, you will find that the % is nowhere near 100%.

I think the order is okay, but the issue is that the media is making it a personality focus to make the story more sensationalist (do we sense a pattern here!?) and said average Joe is surely distracted.

I would be very curious to see how they might remotely deploy malware to US residential internet subscribers. It's probably unlikely that they would use client-side zerodays for such a task, since it would only take one of the targets to realize something happened and then analyze a packet capture to bust the whole thing.

If I were to guess, they probably only stick to ISP-level monitoring in most cases, and in other cases maybe they'll physically install malware on a system when they have to.

> * They are recording everything that goes over the internet, by tapping in at major backbones, undersea cables, etc.

This bit worries me less than PRISM or malware. We've already designed our networks to resist MITM where we believe security matters and there is a general push towards TLS for everything.

> Have we been given evidence by Snowden that they do this inside the US and/or to US citizens?

Im amazed why do you US citizens always derail the debate towards this question "us citizens or not"?

Are you guys more important than us? Dont you think US citizens are spied upon by UK, New Zeeland, Canada, Sweden, Germany etc and then exchange of information happens with those countries?

Does it matter that much how many laws NSA broke and how many lies they told you? Would you be fine with all of this if NSA had lobbied for a law, like FRA did in Sweden, to make all their activities, spying on US citizens included, perfectly legal? Just suck it up and accept "democracy" then?

Is this legal, who broke what law. What theyre doing is immoral no matter how they twist the law and how much they talk about what direct means in direct access.

Please, avoid discussing legality of minor details and focus on the implications for democracy, power and inequality. How do we fight back?

It is very self-centered, but there's a reason for it. It's easier to make a stink about something immoral if it is also illegal. And some Americans are pretty touchy about the Constitution so the more clearly an action violates the Constitution, the more likely it is to provoke a reaction.

It's certainly not the only debate worth having regarding the whole affair, but as far as things go in the US, it's significant.

How many times does the NSA or some other institution need to break laws to be held accountable? For some few people to do something other than talk about it?

He has a nice idea about a prospective path of resistance:

"The [telcom] companies should write enforceable clauses into their terms, guaranteeing their clients that they are not being spied on. And they should include technical guarantees. If you could move even a single company to do such a thing, it would improve the security of global communications. And when this appears to not be feasible, you should consider starting one such company yourself."

Google and Facebook don't seem to care, but the people here can create the kinds of companies that do. Let the PRISM collaborators starve of a talent storage.

Yes, this is what we should talk about.

How do we create, maintain and support companies that guarantee our privacy? What do we do when those companies and its employees receive threats, blackmails and various attacks by the feds? When they become infiltrated? When they buy them up like Skype and close its security down?

Facebook, Oracle, Google all seemed to crap their pants when PRISM came out, can we increase the heat on them to stop what theyre doing?

What methods do we have? What can we, the good hackers non-NSA-employed hackers, do?

We have various encryption technologies, mega made some fine client-side encryption kind of easy to use, what else?

Whatever we build will not be a perfect solution, it will require agreements and legal frameworks and support from a major group of people. Isnt this what GNU is about, the FSF and freedom box project?

EDIT: Its kind of tiresome that HN must always have a critical comment at the top, no matter the issue, someone always tries to tear any story up to pieces. Id like to remind you people of this awesome quote;

""It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better.

The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, who comes short again and again, because there is no effort without error and shortcoming; but who does actually strive to do the deeds; who knows great enthusiasms, the great devotions; who spends himself in a worthy cause; who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who neither know victory nor defeat. ""

More of this Hollywood movie plot version of network security:

> The analyst can then decide what he wants to do - the computer of the target person does not belong to them anymore, it then more or less belongs to the U.S. government.

This is kind of like when he said:

> You are not even aware of what is possible. The extent of their capabilities is horrifying. We can plant bugs in machines. Once you go on the network, I can identify your machine.

Software types reading this stuff know that this is not how computer networks generally work. Maybe it is a dumbed-down reference to some sort of government malware. If so I would like to see more technical precision from Snowden before I can say that he has any chance of knowing what he's talking about.

>Maybe it is a dumbed-down reference to some sort of government malware.

That's what I took it as. With government-level resources you can pretty easily throw a team at all the common web browsers and find exploitable 0-days and then MITM the next connection the target makes to any website to exploit it, and then find a local privilege escalation vulnerability if necessary. Once you have root (or equivalent) on any given machine you pretty much own it.

That sort of thing isn't necessarily in reach of your typical J. Random Hacker against a patched machine (may not have access to 0-day, can't easily MITM target's internet connection, etc.) but it's really not a stretch to imagine that the NSA can do it if they have no regard for the law.

> not a stretch to imagine that the NSA can do it

In what kind of numbers, though? I mean, from what I remember reading Stuxnet had this kind of crazy stuff in it (multiple zero-days if I recall), but also a clear target in Iran. Would they have the resources to do this to everybody? Is there any evidence of that? Certainly if there were it would be really fascinating to know more, but all we have is this movie plot scenario.

With what Snowden says it makes it sound like they do it to anyone out of sheer boredom. I think to understand the scope of this claim we need more details.

I didn't think it sounded like they did it 'out of sheer boredom', they do it to people they've targetted for investigation. In what numbers, whether targetting computers inside the US or not, etc. -- we do not know, Snowden has not yet released documents so far as I know.

The software to take over someone's computer like that exists, and can be used by script kiddies that don't even know what they're doing, to take over and 'own' many people's computers, complete control. Presumably the NSA knows about even more exploits than the easily available hacker-distributed software does.



It's possible and somewhat easy to pwn a system's bios and have it phone home unpon boot. This was demonstrated at Defcon 20.

Even this vague comment is more specific than what Snowden is offering. I'd imagine it also involves a non-zero amount of hurdles (physical access? kernel mode privileges so you can flash BIOS?) which can be mitigated against.

That's the weird thing about Snowden's claim. It makes them sound all-powerful. If it were really something concrete, there'd be more knowledge of scope, mitigations, etc. It's also hard to believe they are doing this on everyone, by default.

So this was just a pre-interview not originally meant for publication; I assume we will be getting evidence and details on these things with documents yet to be released. This is just like a summary preview.

But I didn't see any implication in this interview that they were doing it on everyone, universally, by default. Rather, Snowden specifically says this is what happens to a targetted person, he some of the ways you become targetted are "because of a Facebook profile or because of your emails", presumably certain keywords or profile or whatever. Then he says the 'monitoring' which completely takes over your computer is done to 'targetted' people.

I too am very curious to learn: How many such targetted people with malware-monitored computers there are, how often this is done; is it done to computers in the US and/or to US citizens; what sorts of suspicion lead to this targetting; what warrants or court orders or other judicial oversight there are on individual monitoring cases; among other things.

I am now eagerly awaiting release of documentation or evidence on these issues.

I'm guessing it's more along the lines of collaboration with major tech vendors to plant backdoors within commercial hardware and software, probably under the guise of "just once in a while, to catch the really bad guys".

I more or less suspect there are backdoors all over our machines these days. The printer or scanner you buy, the OS... "Secret Admin Backdoor Accounts Found in Samsung Printers" http://news.softpedia.com/news/Secret-Admin-Backdoor-Account...

This is a common issue with many hardware peripheral devices, but if your desktop computer contained some sort of hardware-level or OS-level backdoor, there would be a massive uproar.

I think either Snowden is incorrect in what he's talking about, or the NSA is doing something rather devious like hijacking the Windows update process or some other automated task to install malware, which they could only do with heavy cooperation from Microsoft. This would be rather risky though as it could certainly be detected.

Some of this seems odd to me. Snowden appears very intelligent and credible, but how would he have been in a position to know who wrote Stuxnet?

The New York Times put that fact on 1A a year ago. It's not shocking that someone who leaked a Top Secret FISA order (supposedly one only accessible by a handful of people) would also be able to confirm something that is widely known. I mean, there was even a very public book written about it. It would only be newsworthy if he said the NSA did not have a hand in it.


I knew that, but I also know that it's not been officially acknowledged. My reaction was just based on his apparent confirmation that this was true, as it seemed to be from a perspective of first hand knowledge.

Given everything surrounding Snowden, I am in no position to doubt anything this man says.

He is the most honest speaking government employee I have ever seen.

That sounds like dangerous intellectual territory.

I wish he would have remained anonymous the whole time, almost like a Banksy character through this all. I almost feel like we're seeing too much of his face and not enough (like the top comment suggests) about the actual problems with this all. The stories that need coverage are getting upvoted here but this site pales in comparison to the power of CNN on popular opinion. It's a reality show called "Find Snowden" now.

Nor has the US officially confirmed most of what Snowden has said. The government is prosecuting people regarding Stuxnet leaks which is as good as you'll going to get for an official confirmation.

> but how would he have been in a position to know who wrote Stuxnet?

I read that as it is commonly understood among my colleges at the NSA that America and Israel wrote Stuxnet and this understanding seems to be reputable rather then rumor.

To folks downvoting, stop. This is an interesting, on-topic, technical question. There's a reason we're given the ability to downvote only after reaching a karma threshold, because we're to do so judiciously.

Hacking infrastructure/cyber warfare has been part of the plan for over 30 years or since it was available. Even Reagan allowed it to help bring down the USSR (http://www.wired.com/culture/lifestyle/news/2004/03/62806).

Stuxnet is largely believed to be created by the US and Israel to cause problems to Iran's nuke programs (http://topics.nytimes.com/top/reference/timestopics/subjects...). Part of defense is offense against infrastructure that is a threat and will be as long as there are countries.

"largely believed" I agree with. That's not what the interview says. It states very matter-of-factly that we DID, which is different. My question is how we would have been in a position to know this for certain.

Agreed. Are we just believing everything Snowden says without proof here and are we believing that any site that posts a Snowden interview is actually posting a legit interview? That's not to say someone really believed they were talking to him but rather to ask how are we to know? Are there documents that prove the mass data collection is real, especially the British and other European programs. So far the only documents I've seen are related to PRISM. I'm hesitant to just take Snowden's word at face value. There are a few things about him and his behavior that make me question his reliability. I'm willing to believe a lot but not all of it yet.

How wouldn't he?

That's like asking how he would be in a position to get Top Secret documents.

> How wouldn't he?

Easy. Omniscience is not the default state of a human being. Perhaps he had access to information revealing this, and didn't find or read it. Perhaps he had no access to such a thing. I don't think we can safely assume he knows everything there is to know about anything the government (or even some small sector) is involved in. He's just one guy, after all.

I'll confess that I've followed this subject only partially, so I may be missing facts about what he had access to. Did he have complete access to everything at the NSA?

You should do yourself a favor and follow this stuff very diligently, we are seeing the documented proof of the end of the illusion of American democracy and global freedom. We live now in a verified global police state under the NSA with no recourse against any of their abilities and a US executive branch that vehemently attacks anyone exposing their hegemony.

It is a sad state, that the world the conspiracy theorists have been crying wolf about for so long is now verified fact.

Excuse me, other than chastise the guy for not being on top of the story, what can you offer in terms of how much access Snowden actually had? I've been reading reports on this stuff and nobody has ever said exactly what he did or didn't have access to with any kind of precision. I believe he had access to something. But everything? To the point where someone would say "how wouldn't he know?" without evoking laughter? However you feel about the guy, it is quite ridiculous to elevate Snowden to the point of omniscience.

I apologize if the written tone of that comment appeared chastising, I did not write it as such.

It was an honest recommendation that he follow this closely. There is history being revealed in this matter and everyone should be paying close attention.

At a minimum, everyone should be thinking critically about what it means to be an American and what one really stands for/believes in.

I think it is very interesting that so little attention is being called to what exactly his job was. It seems that the administration doesn't want to talk about it and greenwald isn't yet ready to drop that shoe.

Network penetration? If you can pick your enemies' locks, you can pick your employer's.


>You should break your pills in half.

That's a content free ad hominem.

What he said is more or less correct, depending on where you draw the line.

For a lot of people massive warrentless wiretapping, against the constitution and the law, is what they'd call a police state.

You might be more forgiving, if you want (some people can justify anything), but you don't have to be rude about it.

Especially with a surname as thus. I doubt the original Whitman was in favor of extended government power abuse and mass surveillance.

You should break your pills in half.

At his now famous video interview, he said that he had access to most things. He also said that he could even shut down most of NSA's monitoring system, if he wanted. Which strikes me as odd, that just a single analyst could have such power, but what do I know about spying agencies?

Here are a few things we know about the U.S. intelligence infrastructure:

* They couldn't find WMD in Iraq -- because they weren't there.

* They couldn't find bin Laden for 10 years.

* They thought Snowden was on a plane with Evo Morales -- and were wrong.

So, given these observations, I wouldn't be too surprised that one guy was able to get access. Like all big organizations, I'm sure the NSA & CIA have some amazing small groups capable to Bond-like performance.

But as a whole, they are probably a nightmare of incompetence. Therein lies the reason I'm not in favor of giving them Carte Blanche for domestic surveillance: they will fuck up on an epic scale with probability=1. It is only a matter of time until their infrastructure becomes a tool for some oppressive politician or bureaucrat. HUAAC 2.0.

> They couldn't find bin Laden for 10 years.

I realize this puts me in tinfoil-hat territory, but I'm not sure this wasn't intentional. He was of greater strategic value while still "alive", both to the U.S. and to the jihadists. Moreover, he had serious health problems for the last decade, and quite possibly has been dead for years of natural causes. The rapid and secret funeral at sea also seemed odd, as well as the timing, just before the election.

I have no evidence, so I can't square that circle. But given the record of shady behavior (competent and otherwise) by the three-letter agencies, neither would it surprise me.

I'm not a US citizen so I am not the one to judge its efficiency. Nevertheless I agree with the general idea of what you say. However it is highly peculiar if he legitimately had so much power. It doesn't matter if he is an uber-hacker or not, as some others point out. No government or agency would structure its hierarchy such that a simple cog in the machine could bring the whole thing tumbling down. Unless of course the high ranking officials are like the regular PHB's we know - clueless about technology issues.

> Unless of course the high ranking officials are like the regular PHB's we know - clueless about technology issues.


It's becoming apparent that describing Snowden's role at the NSA as a "regular/vanilla" analyst, or system administrator (media/government narrative) is an imprecise understatement.

There was a NYT story a couple of days ago which claimed that he was a NSA-trained 'hacker', he self-described as a 'infrastructure analyst', and a long time ago as a 'wizard.'



I know people who with just 'Analyst' as their titles have tech-PM'd MS Project implementations at large telco's, and others making stupid money in finance - it's also the title extraordinary spies are given in movies.

Much more plausible from a CI perspective is that he had fairly massive help on the inside, combined with known incompetence at designing and enforcing internal controls in Today's NSA (vs. the NSA of the 80s).

I imagine there were people with access and knowledge inside NSA who didn't want to risk becoming whistleblowers themselves, and pointed him in the right direction or outright gave him stuff.

There is also the theory he is a CIA plant being used to undermine the NSAs encroachment on their business...

Well to be honest, I don't think anyone needs an article to understand that an analyst/admin/whatever working at NSA, has knowledge of computer security. It's kinda mandatory for people in these positions, even if they work for a small company.

It's my understanding he was a systems and/or network administrator. We've always got the keys to the systems.

Nope, no you don't. Have you worked in a place with more than one sys/net admin?

Internal security is often an afterthought. Even a neophyte hacker could find purchase in such fertile ground.

Throughout this whole thing, that's struck me as odd as well. They seem so careful with everything (even going to the length of having separate computers for accessing the internet and accessing internal systems, at least at the CIA), so I don't understand why any one person would have the keys to the whole kingdom.

Well, I guess a government agency, even if it's a spying agency, it's still a government agency. I think that hollywood has made a great job all these years, by making us believe that the NSA is somehow super-efficient and infallible. Works for scaring the crap out of your enemies!

This reminds me of this:


The Kryptos sculpture has been there for all to see for many years, and the man who designed it thought it would be decrypted in months.. Yet it still hasn't been fully decoded, including by the NSA and CIA (part of it publicly was, so we know that if they did they would probably tell us).

This tells me that they're probably very good at some things, but that we also shouldn't overestimate them (the hollywood effect).

It's highly unlikely he had access to "everything" at NSA -- not even sure what that could mean. But he was apparently a higher-level employee than the simple sysadmin he's been portrayed as. There has been persistent speculation from the NY Times[1] and elsewhere about his job title of "infrastructure analyst", specifically that it would have given him access to a significant amount of highly-compartmentalized information.


I also have a government job and I can tell you that the job titles don't mean anything really. I'm an IT Technical Specialist 2, but if we're using words that mean something I create iOS applications.

> I'm an IT Technical Specialist 2, but if we're using words that mean something I create iOS applications

Ha! That's what they want you to think! In reality you're a sleeper agent/hacker.

Isn't the answer to who wrote it kind of a "you don't say" thing in the first place?

Perhaps he read about whatever futile investigation they felt like doing on Obama's staff who leaked it to the New York Times.

Question: What happens if the NSA has a user in its sights?

Snowden: The target person is completely monitored. An analyst will get a daily report about what has changed in the computer system of the targeted person. There will also be... packages with certain data which the automatic analysis systems have not understood, and so on. The analyst can then decide what he wants to do - the computer of the target person does not belong to them anymore, it then more or less belongs to the U.S. government.

I wonder if regularly wiping and reinstalling your operating system has any effect on the aforementioned computer compromising by government/criminal elements?

Obviously, an open source OS is a better choice than some closed, proprietary, OS, but I seem to remember some controversy about BSD developers being approached by government agents for the purpose of coding a backdoor into the systems which they were working on.

Just how secure is my unix-like OS?

This information is illuminating, albeit not too surprising. But with all these releases, Snowden's chance of securing whistleblower protection on constitutional grounds is completely shot. There could be a legitimate discussion about tapping US companies, or constitutionality of the information dragnet on Americans [1]. He could have had a fighting chance if the leak were confined to just those.

That's not going to happen anymore, because now everybody is distracted by sensational asides: we're hacking everybody, we're behind Stuxnet, we're in cahoots with the Europeans, etc etc etc. Snowden is allowing the spotlight to remain fixed on him; this whole thing is perfect fodder for the media -- an individual on the run, Hollywood-style hacking plots, and predictable Internet outrage. All while the constitutionality issue gets swept under the rug (see Congress). What's more, Snowden will probably lose the battle of public (and legal) opinion because these foreign operations are arguably justifiable [2], and the leaks weaken the US bargaining position with other countries.

I'm not sure what the goal of this leak is anymore. Snowden is completely fucking himself over while diverting public attention from issues that have the best odds of an immediate fix -- the surveillance of Americans. This whole thing is a bitter popcorn-fest.

William Binney said this during the USA Today interview [3] a few weeks ago:

I would tell him to steer away from anything that isn't a public service — like talking about the ability of the U.S. government to hack into other countries or other people is not a public service. So that's kind of compromising capabilities and sources and methods, basically. That's getting away from the public service that he did initially. And those would be the acts that people would charge him with as clearly treason.

[1] Sorry, non-Americans: the Constitution doesn't cover you guys. But we need to protect ourselves from our own laws first before we can help the rest of the world.

[2] If you think the US is the only one doing this, or if the world should just hold hands and sing Kumbaya: get a clue.

[3] http://www.usatoday.com/story/news/politics/2013/06/16/snowd...

> Sorry, non-Americans: the Constitution doesn't cover you guys. But we need to protect ourselves from our own laws first before we can help the rest of the world.

Protecting the US internet industry from these actions means not permanently undermining the credibility of every single US company when they say they're not spying on their international customers to further the government's (secret) national interests.

Americans are outnumbered more than a dozen-to-one on the Internet, you know. (And that ratio stands to get even more lopsided as the next 2 billion people get on the internet, too.)

I hate the "everyone is doing it" "get a clue" excuses. The U.S. government hacking into Hong Kong computers is wrong and disclosing it is a public service to the people of Hong Kong. If we don't demand moral just governments we will never get them.

>If we don't demand moral just governments we will never get them.

OK, here's a clue: truly moral governance is only sustainable if all governments follow the same moral behaviors. Unfortunately, that's not a stable equilibrium, because the world is not Kantian -- thinking otherwise is naive.

The US used to be a leader, forming the United Nations, ratifying the Geneva Conventions, promoting human rights, etc. Nowadays we have squandered our moral leadership by refusing to sign things like the ban against land mines or the international criminal court; as well as by leading immoral wars and torturing prisoners. As a superpower we have the power to make the world better for everyone but the empire has turned selfish, short-sighted and evil instead.

Rose-colored glasses, maybe? How about slavery, segregation, the treatment of Native Americans, Japanese internment, McCarthyism, etc. Find a country with a history of unblemished human rights -- it doesn't exist. Anyway this thread is getting off topic, I'll stop here.

> [2] If you think the US is the only one doing this, or if the world should just hold hands and sing Kumbaya: get a clue.

1) Governments spying on governments, sure. On foreign businesses even, sure, if they're big or important enough, I've heard that too. But does any other country do indiscriminate mass surveillance on the entire US population? Make no mistake, this is the informational equivalent of carpet bombing other countries. And not just your purported and declared "enemies" but even your friends and allies. You should not wonder if you end up having none.

2) "It's right because other people do it too / did it first." Hm, grow up?

3) "It's ok because it's always been done like that." Don't I love this time-based argument. So it was ok to have concentration camps in 1944 because they've been there in 1943? Or where is the line? And who determines it?

> 1

If they don't, it's probably because NSA is actively preventing it (albeit while doing it themselves). Anyway, we're not disagreeing here.

> 2

Like it or not, it's how the world works.

> 3

...and Godwinned. One would hope that it's conversations like these that allow us to call out the slippery slope between liberty and (overbearing) security.

Related to 1): If that's the American attitude, then Snowden is certainly a hero for all of us non-Americans.

I'm not sure what the goal of this leak is anymore. Snowden is completely fucking himself over while diverting public attention from issues that have the best odds of an immediate fix -- the surveillance of Americans.

I think he simply wants Americans, and the world, to know the truth about what their governments are doing, and doesn't believe that the best chance of that happening is staying within the bounds set by US law. He probably believes the best chances for pushback on privacy lie outside the five-eyes states, because those states have been co-opted so completely by their intelligence services. In the UK for example, every secret communication of every politician, judge and public servant is now available to those services.

Binney in his heart still believes the US government can be reasoned with and negotiated with and it seems you agree with him. It appears Snowden has decisively broken with that point of view and sees it at somewhat naive (probably after seeing what was done to Binney and Manning). As to treason (in a broad sense as betraying his country), I think that depends on whether you believe he's exposing wrongdoing or not. If he's found extensive wrongdoing, it's impossible to make that public without damaging the US in the short-term, but in the long-term, he may believe what he does is in the interests of the US. I certainly agree with him.

Sorry, non-Americans: the Constitution doesn't cover you guys. But we need to protect ourselves from our own laws first before we can help the rest of the world.

Personally I think we should try to move past this sort of parochial patriotism and look at this issue as one which affects the whole world. If you accept the argument that foreigners may be spied upon, and anyone having contact with foreigners, you're accepting that anyone who does business outside the US or has contacts outside the US is a potential surveillance target. That probably covers almost the entire cosmopolitan US population nowadays. So much for American privacy. You also accept that states like the UK and Canada will be allowed to take every bit of information that passes through them and pass it back to the NSA, because that data is now 'foreign'. By the same argument text messages in the UK are all swept up, because they pass over the border for technical reasons apparently.

Of course the only country and legal framework we can currently work within is our own, but it is inconsistent and ultimately futile to view this as a struggle for rights in only one country, because the network which we're objecting to is global in scope and global in ambition.

Perhaps more important than the difficulties of separating foreign from US data is the damage this attitude causes to the standing of the US in the world - if this deepens the perception that there is one law of US citizens and another for everyone else, why should other countries treat American data and persons with respect?

> believes the US government can be reasoned with and negotiated with

Whistle-blowing is an important exercise that keeps the system in check. And I do think this whole thing was an important wake-up call. But it really seems that Snowden has gone beyond any capacity for protection -- the leaks are so far-reaching that it will be easy to steamroll and discredit him. He doesn't deserve treason, but the politicians will be able to make a convincing argument of that (or at least espionage), given the scope of the leaks.

> this issue as one which affects the whole world

No doubt.

> Of course the only country and legal framework we can currently work within is our own

Exactly. This information is too much, too fast, and is overwhelming reasonable options for what can be done. Fix the first things first (surveillance, tapping US companies), and other things later (vacuuming up data globally).

Of course it's impossible to say how fixing the "other things later" should/would have worked -- it could've required another leak (or at least a less egocentric approach), or the process of fixing things in the US could have strengthened rights elsewhere. The way things are going now, I fear we may not even have chance to fix anything at all.

He doesn't deserve treason, but the politicians will be able to make a convincing argument of that (or at least espionage), given the scope of the leaks.

It doesn't convince me. YMMV.

The way things are going now, I fear we may not even have chance to fix anything at all.

Fixing things doesn't depend on what happens to Snowden, even the release of information doesn't rely on Snowden (he's already leaked it all). Fixing things depends on people being informed about the issues and implications, and taking action on it. I don't see why you'd want to be less informed or pretend that this does not require global solutions. One country alone cannot fix this, but we can start with our own countries, by expecting and demanding equal treatment under the law for all.

Personally I think there's plenty of chance to fix this - there is plenty wrong with our societies (UK or US), but also much to celebrate, and much opportunity to discuss what is wrong and put it right. That requires us not to fear failure before we even begin, but to discuss these issues at every opportunity in public forums (in the UK this is particularly important due to Section D notices limiting reporting). I'd like to see my politicians answer to the world as to why this information is collected on innocent citizens on the news rather than hide behind excuses of national security and terrorism.

> Snowden is allowing the spotlight to remain fixed on him;

Well, look who the interview is with.

[2] If you think the US is the only one doing this, or if the world should just hold hands and sing Kumbaya: get a clue.

If you think that's an argument, you should follow your own advice.

I'm still conflicted over these Snowden revelations. On the one hand, it is (of course) an egregious (and probably illegal) breach of privacy.

On the other hand, I think it's incredibly naive to believe that, once a technology exists, it won't be aggressively used to further the interests of nation-states and multinational corporations alike.

What makes you think for a second that China and Russia aren't using (or at least in the process of building) the same sorts of systems?

If the NSA saves all my stuff, then why do I need my own backups? Forget Dropbox, just give me access to my stuff at NSA. This is a service I'm already paying for.

He should start signing all his messages

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact