Analytics

9/12/2016
12:10 PM
Sara Peters
Sara Peters
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Snowden May Help Explain Your Job To Your Family

Hacking Oliver Stone's new film about whistleblower Edward Snowden.

Snowden is not "Mr. Robot." The new Oliver Stone biopic about whistleblower Edward Snowden, which opens Friday, is not peppered with inside jokes and perfect technical accuracy that only hackers will get (although the terms "SQL injection" and "zero-day" are appropriately tossed off without explanation). Rather, it's the sort of movie infosec pros should bring their family, friends, and non-geek dates to -- all those people who don't understand what you do for a living.

The Snowden film showed to a packed room and an overflow room during a pre-screening Sunday at the Central Library in Brooklyn, just across the river from downtown Manhattan on the 15th anniversary of 9/11. The pre-screening was followed by a short Q&A with director Oliver Stone and Ben Wizner, Snowden's attorney and director of the ACLU's speech, privacy and technology project. 

The film also will hold interest for some people inside the industry. And for those who have been teetering on the fence for years about their feelings about Edward Snowden's actions, it may sway their opinions in his favor; he is very indelibly portrayed as the hero. It's also entertaining.

"I was worried the whole time that this thing was going to be a bore," said Stone during the Q&A. He noted that there are no car chases or shoot-outs in Snowden (although the beginning of the film does include some very Stonesque screaming drill sergeants and muddy soldiers straining over obstacles). 

Stone is clear that Snowden is neither a documentary nor a spy movie. "It's a drama," he said.

It's a character-driven piece. Joseph Gordon-Levitt in the title role admirably shows Snowden progress from someone who encourages his new girlfriend to question "the liberal media" and criticizes people peacefully protesting the government to someone holed up in a Hong Kong hotel room with reporters planning to reveal the information that would make him an enemy of the state.  

The film follows Snowden's progression up the ranks through the CIA, a shifting relationship with a CIA recruiter (hauntingly, subtly played by Rhys Ifans) who shifts from mentor to Big Brother, and a growing understanding of the extent of amount of data being collected. It shows how the stress put strain on his relationship with his girlfriend (Shailene Woodley) and contributed to him developing epilepsy. Stone said he believes that developing epilepsy may have played a role in Snowden's actions because it made him more aware of his mortality, even at a young age.   

Although Snowden isn't stuffed with lingo and inside jokes, infosec pros may find other things to identify with: the moment when Edward first decides to tape over his laptop webcam; and the struggle of trying to urge loved ones to improve their cybersecurity without being able to disclose all the confidential details of why.

For the infosec uninitiated, one of the most important and educational scenes is a sequence where Snowden explains work he was doing for the CIA in Japan. It explains how collecting surveillance targets' metadata can ultimately lead to collecting bartenders' conversations with their mothers. Snowden describes a system of US intelligence implanting malware on the critical infrastructure of its allies -- from Japan to Austria -- so that in case they are ever not allies, the US is prepared to shut them down at any time.

Stone said that of course this was the scene was was most urged to cut. However, he said that the scene shows the dangers the world is facing, and left it in.

Wizner asked the audience if it made them "connect with the subject matter more viscerally," to which many hearty "yesses" and nodding heads.

The performances are strong throughout, and while a cameo by Nicolas Cage is particularly humorous, the largest chuckle might have been after a clip of Director of National Intelligence James Clapper giving testimony that the NSA does not collect any type of data at all on millions or hundreds of millions of Americans.

This week alongside the release of the film, Wizner said there will be renewed efforts to secure a presidential pardon for Snowden. A petition is available at PardonSnowden.org. 

"I hope this film is going to do a lot of good for [Edward Snowden, too]," said Wizner. Snowden is currently residing in Moscow, and would be tried under the Espionage Act if he were to return to the US now. Wizner said that in his opinion when Snowden returns there should be "not a conversation about what his punishment should be, but a conversation about whether we've thanked him sufficiently." 

Related Content:

 

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/20/2016 | 11:58:14 AM
Re: Black tape.
@Whoopty: Precisely why so many security professionals are actively advising people now to write their passwords down...provided that:

1) They keep the password writings in a truly safe location (e.g., NOT on the computer monitor, NOT on their desk or in their top desk drawer, NOT in a notebook that's labelled "Password Minder" in big letters, etc.), and

2) They use long, truly entropy-filled (esp. computer-generated, for maximum randomization) passwords.

If your password is going to be "password123!" then there's little utility in writing it down (and if you make that your password and still can't remember, then maybe you should be grounded from using your devices).  But if writing your password down is what it's going to take to make you pick truly long and complex passwords that are full of entropy, then maybe that's what you should do.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
9/15/2016 | 7:42:16 AM
Re: Black tape.
Oh I know that headache. So often when I help fix someone's system it's because they did something dumb security wise. 

It's just not possible to take on everyone's security responsibilities though. I can't remember all of your passwords and mine!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/14/2016 | 1:26:02 PM
Re: Black tape.
I get poked fun at a lot for my secure approach to passwords.  (One person I know once changed a (low-risk/low-exposure, albeit) password of theirs to "QWERTY" for a time just to try to annoy me.)
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
9/13/2016 | 7:52:35 AM
Re: Black tape.
Totally agree. I have the same reaction with my giant passwords and consistent changing, their uniqueness. It's something most just don't put the effort into.

However I am interested to watch Snowden. I like Joseph Gordon Levitt a lot, so am interested to see how he plays the 'character.' 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/13/2016 | 5:08:17 AM
Black tape.
My own loved ones have called me crazy to tape over and block my webcams.  I've called them crazy not to.
CISOs' No. 1 Concern in 2018: The Talent Gap
Dawn Kawamoto, Associate Editor, Dark Reading,  1/10/2018
How to Attract More Women Into Cybersecurity - Now
Dawn Kawamoto, Associate Editor, Dark Reading,  1/12/2018
AI in Cybersecurity: Where We Stand & Where We Need to Go
Raffael Marty, VP Security Analytics, Sophos,  1/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.