Risk
6/11/2013
11:31 AM
50%
50%

9 Facts About NSA Prism Whistleblower

Here's what we know about Edward J. Snowden, the NSA contractor last seen in Hong Kong -- and why the Bradley Manning case could affect Snowden's fate.

4. Snowden Carefully Selected Secrets.

Snowden told reporters that the information he leaked was designed to trigger a debate on the "scope of surveillance in America," but also to avoid the types of mistakes allegedly made by Pfc. Bradley Manning, who's accused of leaking documents that put the lives of confidential U.S. sources abroad at risk.

"I understand that I will be made to suffer for my actions," said Snowden. "I will be satisfied if the federation of secret law, unequal pardon and irresistible executive powers that rule the world that I love are revealed even for an instant."

5. Into Hiding In Hong Kong.

But Snowden didn't sit around waiting to be arrested. About three weeks ago, according to The Guardian, Snowden finished copying the last of the documents he planned to leak, then told his NSA supervisor that he required a two-week medical leave related to epilepsy, for which he was diagnosed last year. Then he flew to Hong Kong, registered at a nice hotel just down the street from the CIA station based in the local consulate, and rarely left, saying it was possible he would be rendered by U.S. agents, detained by Chinese officials, or extradited.

Snowden said he chose Hong Kong, a Chinese territory that enjoys its own economic and political system, for its "spirited commitment to free speech and the right of political dissent." In the short term, he hoped the government wouldn't deport him. Longer term, "my predisposition is to seek asylum in a country with shared values," he said. "The nation that most encompasses this is Iceland. They stood up for people over Internet freedom. I have no idea what my future is going to be."

6. Charges Filed Against Snowden.

Charges have now been filed against Snowden by the Department of Justice, The New York Times reported Tuesday. The charges pave the way for his extradition, since foreign courts typically require criminal charges to be filed before they'll hear an extradition request.

Multiple investigations are also underway into the leaks. The FBI's Washington field office will lead one investigation. The NSA, meanwhile, launched its own investigation following revelations first published Wednesday by The Guardian, and is trying to ascertain the full extent of the information that was taken and released by Snowden.

7. Hong Kong Extraditions Subject To Delays.

Could Snowden successfully avoid being extradited from Hong Kong? Regina Ip, a former secretary of security who serves in the Hong Kong legislature, said that the territory has a history of working with U.S. law enforcement officials. "He won't find Hong Kong a safe harbor," Ip told the Times.

But Hong Kong university professor Simon Young told The Guardian that China would likely leave it to the Hong Kong courts to decide whether Snowden would be extradited.

In fact, according to GlobalPost, Snowden's choice of Hong Kong looks astute, because the high court of Hong Kong government has charged the government with putting a new extradition system in place, which could take some time. Until it does so, Hong Kong's extradition process is stuck in legal limbo, and no cases will likely be decided, according to Nicholas Bequelin, a senior researcher for Human Rights Watch.

8. U.S. Government Treatment Of Manning Might Safeguard Snowden.

In December, furthermore, a Hong Kong court ruled that no one can be extradited to a country where they might face cruel or unusual punishment, Patricia Ho, a lawyer at Daly & Associates, told GlobalPost. "The reason I think this is relevant," Ho said, "is because if you look at the case of Bradley Manning, during his detention period, he was found to have suffered cruel and degrading treatment. It was found by the UN special rapporteur on torture."

"I would imagine given the similarity in the cases that Snowden could easily say, 'Well, I fear that the same would happen to me,' and use that as a basis to claim protection in Hong Kong," she said. "If he does that I would say his chances of protection would be fair."

9. Snowden Missing As Of Monday.

As of Monday, however, Snowden reportedly checked out of the Hong Kong hotel where he was staying -- perhaps after being located by multiple news outlets -- and his whereabouts were unknown. It's not clear if he'd been interviewed by American officials, as they were seeking to do, or if he might have been detained by Hong Kong authorities.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-4403
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.ph...

CVE-2012-2930
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an adduser action to admin/index.php or (2) conduct static PHP code injection attacks in .htusers...

CVE-2012-2932
Published: 2015-04-24
Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to inject arbitrary web script or HTML via the (1) selitems[] parameter in a copy, (2) chmod, or (3) arch action to admin/index.php or (4) searchitem parameter in a search action to admin/...

CVE-2012-5451
Published: 2015-04-24
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

CVE-2015-0297
Published: 2015-04-24
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methos via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.