backtop


Print 25 comment(s) - last by Cypherdude1.. on Feb 15 at 12:45 AM

The Hawaii facility didn't have modern security updates to prevent this from happening

One would think that former NSA contractor Edward Snowden's attempt to access confidential agency files would not be easy, but it reportedly didn't take much. 
 
According to The New York Times, Snowden used a cheap Web crawler to delve deep into the NSA's classified files and take them.
 
A Web crawler is software used to index and back up websites. It can be programmed with various search phrases, and then jumps automatically from Web page to Web page by following links, traveling far and wide in search of relevant documents. 
 
Some examples of Web crawlers are Googlebot and wget.  
 
The Web crawler used by Snowden has not been named, but Snowden reportedly programmed his search to find certain subjects and see how deep the search would take him into the NSA’s internal networks.
 
This raises some major questions; such as why a simple Web crawler was able to return such information on supposedly tightly protected government networks. 
 
The answer lies in Snowden's location. Back when WikiLeaks incident occurred in 2010, government facilities were required to install updated anti-leak software. But a facility in Hawaii was unable to receive the update because the outpost's network didn't have enough power to run it.


Edward Snowden [SOURCE: Wired]

When Snowden downloaded the 1.7 million NSA files, he was working at that government facility in Hawaii. 
 
It's currently unclear if Snowden just happened to be placed at that facility or if he made a request, according to reports. 
 
Nevertheless, this is just one more example of how Snowden outwitted the NSA. During his time at the NSA regional operations center for a month in Hawaii last spring, Snowden conned between 20 to 25 NSA employees to give him their login credentials and passwords. Snowden reportedly told the NSA employees that he needed their passwords in order to do his job, and after downloading secret NSA documents, he leaked the information to the media.
 
Since the leaks, the floodgates have been opened. In August 2013, reports said that the NSA admitted to touching 1.6 percent of total globe Web traffic. Its technique was to filter data after harvesting it, which led to over-collection on a major scale.
 
Many top tech leaders, like Facebook CEO Mark Zuckerberg and Google Executive Chairman Eric Schmidt, have spoken out against the NSA's programs along with civil-liberties advocates, U.S. citizens and even other countries that had the NSA peeping in their window. 
 
A presidential review panel made 46 recommendations regarding greater restraint on the NSA's surveillance programs last month, which sought for an end to bulk collection of data among other suggestions.
 
Snowden's thoughts on his lead in the NSA revelations?
 
"Mission accomplished."

Source: The New York Times



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Can't protect against Snowdens of the word
By Chyort on 2/10/2014 4:34:23 PM , Rating: 2
Yes, because the world is one big happy family that never bothers to lock their doors...

There is no such things as spying by one government on another...

We have never had straight up traitors in our history that were happy to sell secrets to the highest bidder...

*Eyeroll*

Fact remains, you should always hope for the best, but plan for the worst.

Their planning failed.
Miserably.

In this particular case i am honestly glad it failed. But trying to say they aren't responsible for leaving the door wide open to anyone in a trusted position without any effective security is absurd.

And lets end with another good piece of advice...
Trust, but verify.
The people are now in a position to verify all those NSA/whatnot statements... Sad thing is all too many are turning out to be out right lies.


RE: Can't protect against Snowdens of the word
By Ammohunt on 2/10/14, Rating: -1
RE: Can't protect against Snowdens of the word
By ritualm on 2/10/2014 5:28:35 PM , Rating: 3
quote:
Spoken like someone that has never worked in a classified environment. Its not unreasonable to expect a bit of loyalty to ones country from those privileged to work on secure projects. Whether you agree with what Snowden did or not it doesn't change the fact that this is an outright betrayal of the very country and its people he claims to be helping. In order to believe him a hero or someone with intent to help society you must first ignore this base fact..sorry i can't go there. I will sooner believe Snowden was a patsy for the Russians. You cannot put a price tag on the political windfall of these spying revelations for our enemies.

1. Paragraphs. Use them.

2. Spoken like someone that doesn't give a damn what's truly at stake. How is it possible that a facility with lots of physical access restrictions can have a IT security setup weaker than open source forum software e.g. phpBB? All that taxpayer money going into installations where its security managers are too incompetent to block "cheap web crawlers" from mining its systems.

3. What "outright betrayal of the very country and its people" has Snowden ever done? Right, you can't name any. The Obama Administration (and previous Presidents before him), and the NSA subverted judicial due process to fight a phony war... against US citizens on its own soil , against everyone else on this planet, why is that not an outright betrayal?

4. Your government created this monstrosity, and you're scared that someone would put the kibosh on it and cause billions in damage? Puh-leeze.

5. "you can never be betrayed by someone you never trusted".


By Cypherdude1 on 2/15/2014 12:45:21 AM , Rating: 2
The dirt Snowden must have on everyone, including those outside the government who are illegally wiretapping phones must be incredible . LOL.

For example, and this has hardly been reported on any website:
CNN's Piers Morgan questioned over phone hacking (in UK by police "under caution")
http://www.bbc.co.uk/news/uk-26192373


By cfaalm on 2/10/2014 5:38:38 PM , Rating: 1
In the end it's all people working there. That however is a lame excuse for an organisation like the NSA. Snowden shouldn't have been able to get at that information. Now that he's done it, it proves two points: NSA's own security lacks sophistication and NSA was gathering more information than people were be comfortable with. They should thank him and get their shit together.
I have worked in a classified environment and most on the corporate ladder do to a certain degree. You NEVER give your password to anyone. Not the CEO, CFO, head IT, no one.


RE: Can't protect against Snowdens of the word
By Chyort on 2/10/2014 10:16:35 PM , Rating: 2
Spoken like someone trying to defend an undefendable position...

"Clearly you just don't understand what your talking about, because otherwise you would agree with me!"

*Even bigger Eyeroll*

Your comment hinting about alleged classified experience being completely ignored as BS...

1) i never said expecting a bit of loyalty from people was unreasonable... I said, "Trust, but verify." which goes for just about EVERYTHING, not just classified materials.
There should be periodic checks to see that they are still loyal. There should also be trip wires that flag a humans attention should they start going outside where they belong, or just acting oddly. Because who knows, it might just be a real hacker crawling around where they don't belong.

2) It could, and in fact is, being argued that everything the NSA has been doing is unconstitutional which means Snowden had an obligation to report it...
Which again slams your flawed logic about it being an "... outright betrayal of the very country and its people he claims to be helping."
So quit trying to point out your distorted version of the "Facts" as if they were cast in stone... Label them properly as your opinion next time.

3) What enemies are benefiting from this released info? The Hundreds of terrorist plots that have been averted because of the possibly unconstitutional spying? Oh wait, it was only 1 or 2... Possibly, but not even really confirmed.

As opposed to the hundreds/thousands of cases where it was abused for personal/whatever reasons, which has been confirmed...


RE: Can't protect against Snowdens of the word
By Ammohunt on 2/11/2014 8:46:45 PM , Rating: 1
quote:
Your comment hinting about alleged classified experience being completely ignored as BS...


You know me? yeah i don't think so.

quote:
As opposed to the hundreds/thousands of cases where it was abused for personal/whatever reasons, which has been confirmed...


So tell me sparky where in the courts is the NSA or individuals in the NSA being tried for violating the constitution? Where are the indictments? If such egregious crimes took place against American citizens domestically i would expect some legal proceedings somewhere. Hint: You wake up in a puddle after that dream.

quote:
Because who knows, it might just be a real hacker crawling around where they don't belong.


Don't know a thing about classified networks i see.

quote:
What enemies are benefiting from this released info? The Hundreds of terrorist plots that have been averted because of the possibly unconstitutional spying? Oh wait, it was only 1 or 2... Possibly, but not even really confirmed.


Don't know a damn thing about foreign policy either. You really need to get informed, you are giving fools a bad name.

quote:
So quit trying to point out your distorted version of the "Facts" as if they were cast in stone... Label them properly as your opinion next time.


Opinion: Its obvious by your postings that you are a clueless, self absorbed millenial whose version of the world was dictated to you by "reality" TV. I predict the world is going to chew you up and spit you out. You should consider not smoking so much dope its not doing you any favors.


By Chyort on 2/11/2014 9:53:12 PM , Rating: 2
quote:
You know me? yeah i don't think so.

How should i put this...
Tits or GTFO.

Claiming something on the internet is worthless, provide proof or quit hinting at crap to try and gain yourself authority on the subject.

quote:
So tell me sparky where in the courts is the NSA or individuals in the NSA being tried for violating the constitution? Where are the indictments? If such egregious crimes took place against American citizens domestically i would expect some legal proceedings somewhere. Hint: You wake up in a puddle after that dream.


Where to begin... Multiple sources say what the NSA is doing is unconstitutional/illegal. Multiple sources also say it is Legal, Or should be made legal... That is the whole point... It is up for debate.

It isn't a simple black and white tale as much as you would like to make it one.

My point however was, with all the spying they are doing, irregardless of legality one way or the other, very little is being accomplished. There are however, confirmed reports of the NSA employes abusing the info gathered for their own ends. Feel free to Google it.

quote:
Don't know a thing about classified networks i see.

As i said... Tits or GTFO...
I never claimed to have knowledge that i cant/wont prove... I did claim that expecting common sense isn't unreasonable.
Even air gapped network can be hacked, it requires an abuse of trust but it still can happen... And it should be prepared for.

quote:
Don't know a damn thing about foreign policy either. You really need to get informed, you are giving fools a bad name.

How Cute! Name calling! I guess i struck a nerve. Yay!

When i say enemy i mean someone actively trying to do us harm. I don't classify generals, or even a president, being made look bad to other nations as helping the enemies. I guess you do. *Shrugs*

quote:
Opinion: Its obvious by your postings that you are a clueless, self absorbed millenial whose version of the world was dictated to you by "reality" TV. I predict the world is going to chew you up and spit you out. You should consider not smoking so much dope its not doing you any favors.


Wewt! I managed to at least slightly teach you the difference between fact and opinion.
FYI though
1) I am not a millenial, and i fail to see the relevance to the topic at hand.
2) I actually hate most "Reality" TV because it has nothing to do with reality. Although i do admit to watching deadliest catch from time to time.
3) Predict what ever you want
4) I have actually never smoked dope... I also have never drunk alcohol, but that is getting into a long drawn out story about my alcoholic father that is again off topic.

Anyways! if you want to rant and rave and call me more names feel free to reply again. I enjoy knowing i have struck a nerve.


By rsmech on 2/10/2014 11:35:43 PM , Rating: 2
It should read:
This is an outright betrayal from our very country on the people it claims to be helping.

I didn't miss this base fact, I can't ignore it.

Was he right or wrong, looks like we see things differently.


RE: Can't protect against Snowdens of the word
By Spuke on 2/10/2014 7:06:55 PM , Rating: 2
quote:
Yes, because the world is one big happy family that never bothers to lock their doors...
Where did I say or imply this?

quote:
Fact remains, you should always hope for the best, but plan for the worst.
Yep, and they have this in place but it still depends on PEOPLE to follow rules (ie not giving up your account access). You can't bypass people without going totally automated and that STILL doesn't bypass people (because people create the automation). And, YES, there is a level of trust in these environments. You have to have it or nothing gets done.


By Spuke on 2/10/2014 7:08:53 PM , Rating: 2
quote:
In the end it's all people working there. That however is a lame excuse for an organisation like the NSA.
Explain to me how you can undo human characteristics and traits. I'm waiting.


By Chyort on 2/10/2014 10:25:23 PM , Rating: 2
quote:
Where did I say or imply this?


You didnt... Ammohunt, the guy that started this chain did...

quote:
And, YES, there is a level of trust in these environments. You have to have it or nothing gets done.


Thus... Trust, but verify.


"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki