Analytics

9/12/2016
12:10 PM
Sara Peters
Sara Peters
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Snowden May Help Explain Your Job To Your Family

Hacking Oliver Stone's new film about whistleblower Edward Snowden.

Snowden is not "Mr. Robot." The new Oliver Stone biopic about whistleblower Edward Snowden, which opens Friday, is not peppered with inside jokes and perfect technical accuracy that only hackers will get (although the terms "SQL injection" and "zero-day" are appropriately tossed off without explanation). Rather, it's the sort of movie infosec pros should bring their family, friends, and non-geek dates to -- all those people who don't understand what you do for a living.

The Snowden film showed to a packed room and an overflow room during a pre-screening Sunday at the Central Library in Brooklyn, just across the river from downtown Manhattan on the 15th anniversary of 9/11. The pre-screening was followed by a short Q&A with director Oliver Stone and Ben Wizner, Snowden's attorney and director of the ACLU's speech, privacy and technology project. 

The film also will hold interest for some people inside the industry. And for those who have been teetering on the fence for years about their feelings about Edward Snowden's actions, it may sway their opinions in his favor; he is very indelibly portrayed as the hero. It's also entertaining.

"I was worried the whole time that this thing was going to be a bore," said Stone during the Q&A. He noted that there are no car chases or shoot-outs in Snowden (although the beginning of the film does include some very Stonesque screaming drill sergeants and muddy soldiers straining over obstacles). 

Stone is clear that Snowden is neither a documentary nor a spy movie. "It's a drama," he said.

It's a character-driven piece. Joseph Gordon-Levitt in the title role admirably shows Snowden progress from someone who encourages his new girlfriend to question "the liberal media" and criticizes people peacefully protesting the government to someone holed up in a Hong Kong hotel room with reporters planning to reveal the information that would make him an enemy of the state.  

The film follows Snowden's progression up the ranks through the CIA, a shifting relationship with a CIA recruiter (hauntingly, subtly played by Rhys Ifans) who shifts from mentor to Big Brother, and a growing understanding of the extent of amount of data being collected. It shows how the stress put strain on his relationship with his girlfriend (Shailene Woodley) and contributed to him developing epilepsy. Stone said he believes that developing epilepsy may have played a role in Snowden's actions because it made him more aware of his mortality, even at a young age.   

Although Snowden isn't stuffed with lingo and inside jokes, infosec pros may find other things to identify with: the moment when Edward first decides to tape over his laptop webcam; and the struggle of trying to urge loved ones to improve their cybersecurity without being able to disclose all the confidential details of why.

For the infosec uninitiated, one of the most important and educational scenes is a sequence where Snowden explains work he was doing for the CIA in Japan. It explains how collecting surveillance targets' metadata can ultimately lead to collecting bartenders' conversations with their mothers. Snowden describes a system of US intelligence implanting malware on the critical infrastructure of its allies -- from Japan to Austria -- so that in case they are ever not allies, the US is prepared to shut them down at any time.

Stone said that of course this was the scene was was most urged to cut. However, he said that the scene shows the dangers the world is facing, and left it in.

Wizner asked the audience if it made them "connect with the subject matter more viscerally," to which many hearty "yesses" and nodding heads.

The performances are strong throughout, and while a cameo by Nicolas Cage is particularly humorous, the largest chuckle might have been after a clip of Director of National Intelligence James Clapper giving testimony that the NSA does not collect any type of data at all on millions or hundreds of millions of Americans.

This week alongside the release of the film, Wizner said there will be renewed efforts to secure a presidential pardon for Snowden. A petition is available at PardonSnowden.org. 

"I hope this film is going to do a lot of good for [Edward Snowden, too]," said Wizner. Snowden is currently residing in Moscow, and would be tried under the Espionage Act if he were to return to the US now. Wizner said that in his opinion when Snowden returns there should be "not a conversation about what his punishment should be, but a conversation about whether we've thanked him sufficiently." 

Related Content:

 

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/20/2016 | 11:58:14 AM
Re: Black tape.
@Whoopty: Precisely why so many security professionals are actively advising people now to write their passwords down...provided that:

1) They keep the password writings in a truly safe location (e.g., NOT on the computer monitor, NOT on their desk or in their top desk drawer, NOT in a notebook that's labelled "Password Minder" in big letters, etc.), and

2) They use long, truly entropy-filled (esp. computer-generated, for maximum randomization) passwords.

If your password is going to be "password123!" then there's little utility in writing it down (and if you make that your password and still can't remember, then maybe you should be grounded from using your devices).  But if writing your password down is what it's going to take to make you pick truly long and complex passwords that are full of entropy, then maybe that's what you should do.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
9/15/2016 | 7:42:16 AM
Re: Black tape.
Oh I know that headache. So often when I help fix someone's system it's because they did something dumb security wise. 

It's just not possible to take on everyone's security responsibilities though. I can't remember all of your passwords and mine!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/14/2016 | 1:26:02 PM
Re: Black tape.
I get poked fun at a lot for my secure approach to passwords.  (One person I know once changed a (low-risk/low-exposure, albeit) password of theirs to "QWERTY" for a time just to try to annoy me.)
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
9/13/2016 | 7:52:35 AM
Re: Black tape.
Totally agree. I have the same reaction with my giant passwords and consistent changing, their uniqueness. It's something most just don't put the effort into.

However I am interested to watch Snowden. I like Joseph Gordon Levitt a lot, so am interested to see how he plays the 'character.' 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/13/2016 | 5:08:17 AM
Black tape.
My own loved ones have called me crazy to tape over and block my webcams.  I've called them crazy not to.
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.