Vulnerabilities / Threats // Insider Threats
03:26 PM
Connect Directly

Snowden: I'd Do It Again

NSA whistleblower fields questions via live video feed at South by Southwest, calls encryption "defense against the dark arts."

In front of the backdrop of an enlarged copy of Article I of the U.S. Constitution, Edward Snowden via a Google Hangout video feed today said encryption works and represents "the defense against the dark arts in the digital realm," but that it needs improvement.

Snowden, the former National Security Agency contractor who accessed and leaked reams of classified documents detailing NSA surveillance programs, answered questions as part of a panel hosted by American Civil Liberties Union executives at the South by Southwest conference in Austin, Texas.

"Encryption does work. It's the defense against the dark arts in the digital realm," he said. He also noted that the federal government still does not know which NSA documents he took from the agency "because encryption works."

Snowden, who was connected to the panel digitally via multiple proxies to protect his whereabouts in Russia, also called for academia to come up with solutions to strengthen encryption now that random number generator algorithms are reportedly being compromised.

Ben Wizner, director of the ACLU's Speech, Privacy & Technology Project as well as Snowden's legal advisor, hosted the panel, which included Christopher Soghoian, principal technologist of the ACLU. In reference to allegations that the NSA had undue influences on an encryption algorithm standard, Soghoian said the news of the NSA allegedly subverting a random number generation algorithm has "radicalized" some members of the encryption community who "feel they were lied to" and can make changes to improve encryption.

Read the rest of this article on Dark Reading.

Kelly Jackson Higgins is Executive Editor at She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
3/27/2014 | 4:04:24 PM
Encryption takes effort
Encryption works, but unfortunately, is problematic but only because it takes effort from each side to implement.  That being said, I don't see the average American using it on a widespread basis.
Security Michelle
Security Michelle,
User Rank: Apprentice
3/19/2014 | 12:31:06 PM
Re: Yay encryption!
I agree. Encryption is key and making it an approachable subject for all internet users is key to its success. Education is needed to help bring it to the mainstream in an easy to understand manner and software & web developers need to make the usability seamless so that more consumers can be protected conveniently. SXSW was the perfect place to bring this conversation to the people who can make a change.
User Rank: Apprentice
3/18/2014 | 6:30:01 AM
Re: Hard to trace
SXSW conference discussion concerns were also centered on government insight into the privacy of their citizens, especially the internet users. Snowden also mentioned that tech companies were under no legal obligation to store user records or transactions. Snowden is blacklisted by NSA and after Snowden Leaks many of the internet people now concern about their online privacy..
User Rank: Ninja
3/12/2014 | 7:39:38 AM
Re: Snowden Impact
I agree. This case also shows the ineptidue and knee-jerk reactions of the US government. Instead of pinning the stiffest penalties on Snowden and chasing him out of the country into the arms of the Russian government, the NSA and the government should have made a big deal about what a great patriot he is for disclosing incorrect behavior and pointing to security loopholes. Talk is cheap and the damage of letting a thief run free would have paled compared to Snowden sharing all the documents he got with who knows whom.
User Rank: Apprentice
3/11/2014 | 10:22:01 AM
Snowden Impact
Snowden will be forever condemned for leaking classified NSA documents, but his actions have sparked a necessary dialogue on government surveillance. American Civil Liberties Union principal technologist Christopher Soghoian, in the Washingon Post today, said it well: "The goal here isn't to blind the NSA. It isn't to stop the government from going after legitimate targets. The goal here is to make it so they cannot spy on innocent people [just] because they can."
User Rank: Apprentice
3/11/2014 | 10:10:04 AM
Hard to trace
Interesting to note the steps Snowden took to avoid being traced by speaking to SXSW. According to a Washington Post report today, he used a Google Hangout videoconferencing program that ran through seven proxy servers to mask his location.  

User Rank: Ninja
3/11/2014 | 8:15:56 AM
Re: Yay encryption!
Snowden's taking of the documents was one of the most fascinating aspects of this whole revelation. If the NSA is so keen on hoarding data, it needs far better safeguards if some random contractor can gain access to not only all this information, but take it with them too. Clearly his security credentials were far more reaching than the NSA gave them credit for. 

The simple fact that so many documents were taken out of the agency at all shows how lapse its security was/is. 
User Rank: Apprentice
3/11/2014 | 5:33:47 AM
Yay encryption!
Encryption is important for everyone, although most people don't realize it yet. I hope to see encryption become as commonplace as firewalls and antivirus in upcoming years.

What I wanted to comment on was the quote that "the federal government still does not know which NSA documents he took from the agency 'because encryption works.'" This is true as far as it goes, but could create a misconception with the general public. Encryption cloaked Snowden's activities making it difficult to know exactly what documents he took, however encryption didn't give him superpowers to access documents outside of what his security credentials (or those he "borrowed") allowed.

I believe it is useful for articles like this to help demystify what encryption is so that it doesn't end up becoming stigmatized like the word "hacker" was for the past two decades.
Charlie Babcock
Charlie Babcock,
User Rank: Ninja
3/10/2014 | 9:46:10 PM
Continued insight into the precariousness of individual rights
Encryption works, that's the good news. But it may have been compromised in the way it works and has been implemented in the recent past. So we need to get to the forms that work and pay the price of using them. Edward Snowden is neither a patriot and or a traitor. He is a tech eccentric, who defies ideological categorization but has performed an indelible service by revealing NSA's scope and ambitions. As his country of refuge, Russia, proceeds to annex part of its neighbor, he will be in a unique position to continue to supply us with insights into the precariousness of individual rights. In the meantime, encrypt, encrypt and encrypt some more.
User Rank: Apprentice
3/10/2014 | 6:14:23 PM
The fact that the government still does not know what Snowden took means encryption is more powerful than most in the technical community realize. Many believe that since the government had a hand in its creation that it somehow has a back door. But that might not be true, according to this. 
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Why else would HR ask me if I have a handicap?"
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.