claims, and the lining of the hotel room with pillows and the red hood indicate someone who seems very stressed.

He is being treated for epilepsy, apparently.

And he had the kind of access he is claiming???

No one can get that deep that fast NO ONE!

He's saying he had that at some point in the past at the NSA.

Intell doesn't work like that. Especially when it comes to US citizens or even individuals suspected of being US citizens. That includes here & abroad.

You can't even shut down a basic network with the flip of a switch, do you really think a mid-level (if that) employee would have access to shut the whole thing down?

The more this guy talks the less credible he sounds. All he has given so far is a slide that they give to all new recruits & a warrant. Nothing of which supports his big claim of terrible wrong doing by the big bad man.

Even an analyst would be monitored. They would know ever keystroke Edward made. He's full of shit.

The all-seeing all-knowing NSA can listen in on any conversation, anywhere, at any time.

Yet this freshman NSA computer analyst can steal a secret NSA doument and go undetected.

If they are focused on monitoring everyone else, it is entirely plausible a certain hubris overtook the organization, making them sloppy internally.

had access to so many different computers due to that. You can tell me if that seems right to you.

If they could do it, they could not use any evidence in a prosecution.

since EVERYTHING, apparently, is being recorded and warehoused.

As someone who makes their living in IT, I know this is true, especially for systems administrators... if you have root, you can access anything on the server.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

the Army's foremost Analytical system DCGS-A, the one Manning used, was running on Windows.......Most intel work done today is with off the shelf software and hardware, the differences are in the interfaces, that is what has to be learned.

is that he was placed in a position of trust, and decided to download and dump a bunch of classified material "illegally".

I'm a career military person, and there are ways that he could have brought these documents to light through the proper channels, but instead, he decided to just violate the security of the nation. A security he was bound by law and oath to protect.

Why some want to make this guy into a hero is beyond me.

It does not matter what you think of the individuals who revealed the wrong doing of our government, what matters is how we are to deal with this information now that we have it.

Where I work there is only one employee who knows the root password. A second employee knows the combination to the safe which houses a sealed envelope which contains the root password, to be used in the event the first employee isn't available and an emergency occurs.

I can't imagine the NSA having less security than the network where I work. Certainly there are networks out there where all sorts of people have root access, but they are not what I would call secure facilities.

sounds like you work for a very small outfit, especially when compared to the U.S. gov.

Inside a very large outfit. I'm pretty sure the government is going to use the same, if not much more rigid procedures, especially NSA. The biggest threat to computer systems comes from within.

i can tell just by that that it is relatively small, I didn't say anything about it's security.

the other thing is, in order for information to flow to as many people as it does globally in the U.S. gov you need a lot of systems, which require a lot of people to manage them, which also requires a lot of people with root.

ever wonder how a private like manning had access to so much classified info?

Manning was an intelligence analyst who worked in Iraq. He had access to exactly what he was supposed to have access which makes up for much of what he leaked. As far as the rest of it goes, that simply demonstrates how loose the military is with such things. I was in the military for 10 years. Anyone who thinks the military uses cutting edge equipment and techniques probably hasn't spent much time in the military. Most of what you see is outdated, and the same goes for their procedures.

Government agencies typically have multiple networks. They will have a less tightly controlled administrative network that ties all their employees together, and they will have smaller secure systems dedicated to specific tasks, tied together in varying degrees by secure networks. When you parcel secure systems out in the field, as the government often does, it becomes easier to narrow system admin access to very few, if not one person.

From the looks of what this guy revealed (a powerpoint presentation), my guess is that whatever he got, he obtained from their admin network and probably wouldn't have needed a very high clearance to get it.

It's not as easy as all that..

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

I think he's clarifying.

Then he's saying that all analysts can target anyone, but that they may not have access to everything. In other words, any analyst can target anyone, but they may be limited on what data they get. This is pretty much what the OP said.

but, frankly, I consider your question as much of a disingenuous distraction as your pathetic OP about a tiny campaign contribution.

The critical issue here, which you and others are desperately attempting to deflect, is the massive, unconscionable surveillance program targeted at American citizens by our own government.

Where is the evidence that Americans are being spied upon?

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

We certainly saw that Americans were being targeted with the Verizon leak.

Verizon included all their US customers.

The way I see it is like this. And I have no knowledge of computer systems in use at the NSA but I'll put this in a PC frame of reference.

Say Verizon keeps all its data on a detachable hard drive. The NSA wants to search for calling patterns. Verizon can't very well only pull the numbers from the hard drive that might fit the pattern because no one has examined the data yet.

So Verizon hands over the hard drive, NSA analyzes it and pulls out only those numbers that match the pattern they are looking for.

Yes, technically, 'innocent' numbers are on the hard drive but that's just a byproduct of the Information Age -everything is stored in one place and is easily transportable.

I see much of this controversy as stemming from how we are still finding ways to cope with the fact that so much data can be stored on very miniature disks.

Big Data in Small Places.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

This seems like the tip of the iceberg, especially judging by Obama's and others reactions.

The Atlantic: A privacy scholar explains the recent news about PRISM and government surveillance
http://www.theatlantic.com/national/archive/2013/06/prisms-legal-basis-how-we-got-here-and-what-we-can-do-to-get-back/276667/?google_editors_picks=true

The US government is collecting the phone records of millions of US customers of Verizon under a secret court order
http://www.guardian.co.uk/world/interactive/2013/jun/06/verizon-telephone-data-court-order

You cannot pull only the numbers you want because you don't know which numbers you want until you have run the matching program.

If what Verizon hands over is considered a 'black box', meaning only those numbers are pulled without anyone getting their hands on the data for any other purpose, then Americans are not targeted and 'spying' on Americans is not occurring.

Of course everyone could be lying to us. But you cannot search for call patterns without first having all the data available to run through the automated system.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

How pathetic and disgraceful this drumbeat of propaganda is.

That shows desperation.

Kind of like. Backscatter... "embellished"... "shows desperation."

The truth is buried in the ellipsis.

Your title and the article is dishonest.

At Sun Jun 9, 2013, 08:48 PM an alert was sent on the following post:

I guess, in some quarters. Half-assed is like a glass half full.
http://www.democraticunderground.com/?com=view_post&forum=1002&pid=2980163

REASON FOR ALERT:

This post is disruptive, hurtful, rude, insensitive, over-the-top, or otherwise inappropriate. (See <a href="http://www.democraticunderground.com/?com=aboutus#communitystandards" target="_blank">Community Standards</a>.)

ALERTER'S COMMENTS:

Name calling.

You served on a randomly-selected Jury of DU members which reviewed this post. The review was completed at Sun Jun 9, 2013, 08:53 PM, and the Jury voted 0-6 to LEAVE IT.

Juror #1 voted to LEAVE IT ALONE and said: Close but not over the line. If I had to deal with a poster refusing to admit their mistakes and even in some instances doubling down on those mistakes, I might also become frustrated. In this case the person alerting might want to look at facts based argumentative styles.
Juror #2 voted to LEAVE IT ALONE and said: Name-calling? Are you serious?
Juror #3 voted to LEAVE IT ALONE and said: No explanation given
Juror #4 voted to LEAVE IT ALONE and said: That's not name-calling. The post was characterized as half-assed, not the poster. Stop the incessant whining.
Juror #5 voted to LEAVE IT ALONE and said: No explanation given
Juror #6 voted to LEAVE IT ALONE and said: Mild name-calling at best.

Thank you very much for participating in our Jury system, and we hope you will be able to participate again in the future.

That would be beautiful. The guy gets a hold of something essentially meaningless but deeply sourced. 'My gosh! A real court order secret document and spy decoder ring from a real nerd!!" He hands it to Greenwald and Greenwald goes gaga. Then the guy tells Greenwald he wants to go public. Greenwald shits self. Guy proceeds to tell the world how he could have wiped out our pathetic attempts at self-defense with a stroke of his pinky, but he let us all keep living out of the goodness of his heart.

Would be so damned funny. Wonder how our DUer hero worshipers would climb down.

A libertarian determined to unmask our deteriorating freedoms seeks refuge in a Communist country. You can't make that shit up.

Yes, Hong Kong has a spirited democracy movement, but China runs the place and the region has yet to have an open election (that is supposed to happen in 2017).

As Josh Marshall put it, Iceland ain't happening and Snowden's best bet is that China will use him to stick it to the US:

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

I'll believe it when they build the worker housing they need.

Iceland! Wow, that's naive.

Manic Depressive or something like that .. borderline

address, even the presidents.

That's how deep the rabbit hole goes... and anyone with the appropriate access (Like him being a sysadmin) could read their emails.

FYI

since that is what the spy system does by DEFAULT, it collects ALL digital communications, both foreign AND domestic.

And that is why this is a BIG DEAL.

Got it?

and IF he had the President's personal email account, why wouldn't he have the capability?

IF the President used a Gmail or Yahoo account, it would be no more secure than any other U.S. citizen's.

Let's translate from NSA-speak to English.

All he needs to point the Stasi-style surveillance machine at you is permission from his authorities. In other words, he just needs to email his boss, who clicks a checkbox on his computer to put his worker on an access-control-list giving him the ability to use particular surveillance tools, and voila.

Yep, that's a real check-and-balance that the Founding Fathers would see and beam with pride! Nothing says accountability like having to get permission from a supervisor!

deciding to wiretap him?

Fucking Christ do you know anything about open source email programs?

...designed by the NSA.

How, for starters, are the connection logs allegedly getting from wherever they are to Ft. Meade in real time? That's not an amount of traffic you can hide.

n/t

and he, as a sysadmin, could access the data collected against that email address.

see video around 3:00...
http://www.guardian.co.uk/world/2013/jun/09/edward-snowden-nsa-whistleblower-surveillance

His point is that EVERYONES communications are ceing recorded, and stored for EASY to access, at anytime, by anyone with the appropriate access/authority.

If that was his only problem with the setup, then why does he 'report' it to the Guardian? He hasn't claimed he wasn't listened to, has he?

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

I keep nodding off! Can you tell me at what he point he says something about going to his supervisors? I'll try to watch the entire thing.

On edit: I'm sorry but I don't hear anything about his going to supervisors or doing anything other than 'reporting' to Glenn Greenwald.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

he mentions talking about it the problems internally (Starting at the 1:00 mark) and being dismissed.

Makes me question your judgment, and comprehension skills.

I guess that means he raised objections but I don't consider him very direct on that point.

He says it in a very casual way, almost glossing over it.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

into anyone's PERSONAL email account.

IF the President had a personal Gmail or Yahoo account, he'd be no more protected from data-collection than anyone of us.

I haven't heard anything on the video yet that says he tried to talk with anyone other than with Greenwald.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

If he saw a problem, why wouldn't he talk to his supervisor? He hasn't even claimed to have tried that, from what I can see. Or use the whistleblower channels.

I can be convinced otherwise but right now he just doesn't sound authentic to me. I think he's misguided.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

Which is why I think he's overstating things and exaggerating his importance. So I don't think NSA planned for everyone at the agency to have access to everyone's private information.

Still waiting to hear specifics, though.

[hr]
[font color="blue"][center]Stop looking for heroes. BE one.[/center][/font]
[hr]

And again, if he's the sysadmin, with the NSA's Linux contributions that doesn't give him access to data.

nor would the president

Why are you so inclined to believe whatever he says?

at a minimum he had a TS/SCI HCS clearance. Probably also had SI/TK caveats if he was working at the tunnel. If he had that, he had access to ALMOST everything in existence in the MI world. Not quite everything, but almost.

Also, no, not even close to everybody at BAH has HCS.

or Smith? Because I work at one of the two and it is required to work in our SCIF. We all had to sign our NDA's and watch the stupid video when we started work.

Sorry, I thought you were just saying if he worked for BAH in general. I've never dealt with that end of things; just NAVSEA.

I work in Hawaii, not the same field or company as Snowden, but here yeah most people have HCS to work where we work.

of his super powers.

You're arguing from the same mash-up of truth and fiction that's been appearing all over the internet ever since this story broke.

No one knows yet what the true facts are.

Twenty billion here, twenty billion there, before long, you're talking about real money.

They get dedicated buildings the size of stadiums designed to house computers, special secret rooms installed in the switching centers of Verizon, AT&T, etc.

I think they've got enough IT assets to cause any computer geek's jaw to drop.

How do you hide about 20% of the Internet's traffic going to you?

I've deal with routers in very high-traffic datacenters, including ones used by Facebook and Google. How did they get the data out without my or any of my colleagues' seeing the traffic?

641A was revealed precisely because you can't hide that level of data transfer from the techs.

The NSA certainly has the budget for them.

Now get it back to you without my noticing.

How do you propose doing that? I do actually watch what happens with my routers.

Routers talk to other routers on the Internet with a protocol called BGPv4. Routes are exchanged between different autonomous systems (companies, more or less). This often happens at a "carrier hotel" where different companies keep big routers and WAN switches and connect to one another. All of your company's traffic goes through this point (and maybe one or two more, where the NSA also shares a room...however many BGP peers you have is the number of possible physical paths--not very many). The NSA sets up a SPAN port at the carrier facility and collects every packet going into and out of your ASN, without your awareness that its happening. That's it.

I use BGP, so I know better. The frames have to get from point A to point B, and I can see what comes out of point A (I admined at a tier 1 for a few years). Are they teleporting?

Do you know what a SPAN port is? When you've looked it up, think of one sitting at the carrier facility. It gets a copy of EVERYTHING. It doesn't give a shit about BGP and route selection and exchange. BGP just happens to be the routing protocol being exchanged. BGP knows or cares nothing about a SPAN port on a switch. But the SPAN port will get a copy of EVERYTHING, and you won't know ANYTHING. Any more teleporting questions I can help you answer?

I was nice the first post. I responded with a little snark to your. Teleporting comment, since it was born of ignorance. Now I'm telling you, you have no idea what you're talking about. Your regurgitation of what I said showed you lack a basic understanding of what I'm talking about. It could be you haven't worked in the industry in a number of years, or you never had occasion to peer with someone else or whatever, but you're lacking basic understanding. In simplest terms, the NSA would get the data AT ANOTHER FACILITY OVER WHICH YOU HAVE NO CONTROL. A SPAN port is a port on a switch that listens to EVERYTHING coming out of another port...like the port going to your business.

If you have a PRIVATE point to point connection from one location to another, sorry, that's not the Internet. But the same thing can be easily done in a carrier facility.

Don't tell me that all my years of network engineering are a myth when you're demonstrably clueless and people pay me good money on a continuing basis to have expertise in this exact area.

Any amount you want. Come to me. I'll set up the lab and let you SSH into it for a minimum wager of $500.

My wager is you can't get data from my network to yours without

1) My being able to see it, or
2) A physical connection of your own

You're saying you can?

Consider also, from Snowden's claim, the quantity of data we're talking about. I leave that out of the wager, but mention it again as the truly improbable part here. A literal second Internet's worth of traffic.

I'll own the switch between you, playing the part of the circuit provider. You'll send data from a network behind Router A to a destination in a network between Router B. I'll capture traffic that you send while you look for some sign in your network that I'm getting a copy of your traffic--every packet between A and B. You can have CDP Information on the switch. ill let you see the config if you want, whatever. You'll pay me $500 when I send you the capture file showing every packet sent and received.

Even non-technical people reading this will easily deduce that if I have the machine between your two routers, I can pretty obviously get at the data.

I suggest snooper2 adjudicate this. He and I don't see eye to eye very often in the political arena, but I trust his truthfulness, and I know he's also a seasoned network engineer.

This is a very foolish bet for you to take, but I'll be glad to take the bet. I know of what I speak, and the setup is trivial.

If you're saying they have put a physical TAP (or, for that matter, even just a physical tap) between me and my peers, and handle all trafficking between those TAPs and their facilities, then yes, they could do that. Are you saying that's what the NSA has done? This is the sort of situation that you mostly just see in crypto textbooks as an absurd example (remember, they have to intercept TLS credentials to be able to read most of this stuff, too).

The PowerPoint slide the Guardian has talks about data coming from the servers themselves, remember.

Maybe I'm taking "anyone" and "anything" too literally here, but the amount of traffic that represents is mind-boggling, as well as the complexity, size, and power consumption of the private physical network NSA would have to have.

these taps will have to be between me and all of my peers, and you have to have one hell of a stitcher program to reassemble everything when my weights change and I start routing through a different peer in the middle of a TLS-protected stream.

Remember, he's claiming he can do this for any "private email address", in real time.

Fwiw, I think NSA can break SSL, but not in real-time. I'm assuming court orders come in handy in those cases.

What you're calling a tap takes the form of a switchport in today's infrastructure. No matter what kind of digital circuit you have, it's not at all difficult to logically associate another port with it, such that the second port can get a copy. This can be done on your point to point link, your MetroE link, serial links, frame relay, whatever. There do not exist any telco circuits that consist solely of a wire from one place to another. All circuits go through a variety of layer 2 and/or 3 devices, and where that happens, copies can be obtained, constrained only by the physical limitations of the router or switch. From that ointment, the NSA or whomever is vacuuming the data can just send it to storage, across the wire, locally, whatever. Presumably they also have advanced search, playback, and pattern matching software that makes the high volume of data more manageable.

As to the NSA's capacity, none of us knows. But we all do know about the mega data center in Utah. Someone will probably be able to extrapolate good guesses if they can figure out approximately how much power they're using. I do know that the NSA doesn't give a tinker's damn about how many 10GigE circuits they have to pay for on a monthly recurring basis. They've got tons of budget to work with. I don't know what capacity they're at now, but there's no real theoretical limit to how much capacity they can build.

Else 2-7 would be useless. The fiber is immaterial too. Now, you may have some campus environment with a trench between buildings, and in that case, you can exercise full control over it, but any circuit going anywhere else can be compromised without your knowledge.

Snowden is claiming that all traffic of the most popular protocols is actually being delivered, in real time, to Ft. Meade (or wherever the actual facilities are), with the full key management to decrypt it when necessary.

And this passes the smell test to you.

The telcos have people that know what happens on their routers, but the NSA has them sworn to secrecy.

There's not an "upstream" of me, just peers. How did petabytes of data get out of my datacenter without me or any of the dozens of other techs like me noticing. Who fixes them when they break? How did they do that without our noticing?

The WHOLE DAMNED SYSTEM HAS GONE AFOUL!

All of US...of all Stripes of Dems and if there are any "Rational Repugs" need to JOIN TOGETHER and FIX THIS!

It's OUTTA CONTROL! We saw that under Bush/Cheney/Rumsfeld and it GROWS WORSE.

COME TOGETHER ...We've got to fix this OUTTA CONTROLS...Corporate/Media Industrial Complex" before it does Us ALL IN...

being turned loose in the NSA's data center with the knowledge and authorizations I had the last time someone was so foolish as to give me free rein in their IT shop.
And he learned all of the in and outs in 3 months.

3 months. I'm impressed!

Booz Allen was his latest gig for the NSA.

Some functions are 'plug and play', even important functions. If you know what you're doing, have experience, it's all good.
That is not always the case.

Maybe I'm a slow learner. With this latest scandal I still have more questions than answers.
So much new information all at once, and when I query that straw pile of a database in my head I find I've known about parts of it for quite some time.

I'm not even ready to question why even the timing of this scandal makes me smell a rat.
Or is it a Rove.