Risk
6/12/2013
11:56 AM
Connect Directly
RSS
E-Mail
50%
50%

NSA Prism Whistleblower Snowden Deserves A Medal

Without Snowden's leaks, we wouldn't be pursuing rational, democratic debates on the government's post-Sept. 11 balance between security and civil liberties.

Is Edward Joseph Snowden an altruistic whistle-blower? A reckless criminal? An outright traitor? Or somewhere in between?

Those are frequently debated questions in the wake of Snowden's recent leaks of at least three National Security Agency (NSA) surveillance programs: Prism, which aims to intercept foreigners' audio, email and video from major Web services including Facebook, Gmail, Hotmail and Skype; Boundless Informant, a data mining tool that tracks where intelligence originates; and another program that analyzes millions of U.S. phone records, capturing metadata related to phone numbers called, call durations and the approximate geographical location of the caller.

Snowden, a contractor for Booz Allen working at an NSA satellite office in Hawaii -- and now believed to be in a safe house in Hong Kong -- gave up a well-paid job and stable life to bring to light a surveillance program that he has characterized as a threat to democracy. "Perhaps I am naive," Snowden told The Washington Post, "but I believe that at this point in history, the greatest danger to our freedom and way of life comes from the reasonable fear of omniscient state powers kept in check by nothing more than policy documents."

[ What lessons can CIOs learn from Prism? See NSA Dragnet Debacle: What It Means To IT. ]

Charges against Snowden have already been filed by the U.S. Department of Justice, and both the FBI and NSA have launched investigations. "If Edward Snowden did in fact leak the NSA data as he claims, the United States government must prosecute him to the fullest extent of the law and begin extradition proceedings at the earliest date," read a statement from Rep. Peter King (R-N.Y.), who chairs the Homeland Security Subcommittee on Counterintelligence and Terrorism.

"He's a traitor," House speaker John A. Boehner (R-Ohio) told ABC News Tuesday. "The disclosure of this information puts Americans at risk. It shows our adversaries what our capabilities are. And it's a giant violation of the law."

But others take a contrary view, as Snowden's leak has highlighted programs that appear to be operating outside the law. From a civil liberties standpoint, the phone record collection is "rampant abuse and it needs sunlight," said Guardian journalist Glenn Greenwald, who broke the leak story. "That's why this person came forward and that's why we published our stories."

The Obama administration's defense of the formerly secret -- and no doubt still operational -- surveillance programs is that they were authorized by Congress and overseen both by legislators and the judiciary, in the form of the Foreign Intelligence Surveillance Court.

"Everything that has been done and reported on in the last several days involves programs that have congressional oversight -- and regularized congressional oversight -- from the relevant committees," said White House spokesman Ben Rhodes in a Saturday press conference. "So the elected representatives of the American people do have eyes on these programs."

Or do they? James Clapper, the director of national intelligence, lied to a Senate committee in March, in response to a question from Sen. Ron Wyden (D-Ore.). "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" Wyden had asked. To which Clapper replied: "No, sir."

Called out on that denial in the wake of the phone-monitoring revelations, Clapper told NBC News: "I responded in what I thought was the most truthful, or least untruthful, manner by saying 'no.'" Clapper said he didn't view the captured and stored metadata records as a "collection" if they weren't looked at.

What oversight or accountability was served by Clapper's evasion? "Secrecy is necessary for national security programs, but so too is democratic accountability," said Jonathan Adler, a law professor at Case Western Reserve University, in a blog post.

President Obama has said that the programs are being run in a way that balances civil liberties concerns with security requirements. "If we did everything necessary for our security, we would sacrifice too much privacy and civil liberties, but if we did everything necessary to have 100% privacy and civil liberties protections, we wouldn't be taking common-sense steps to protect the American people," White House spokesman Rhodes said.

But that balance is now open for discussion. "We'll have that debate," Rhodes said. "We welcome congressional interest in these issues. We welcome the interest of the American people and of course the media in these issues."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
6/12/2013 | 10:33:04 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
I think Snowden did a brave thing. We need to have a public debate about the extent of data gathering and surveillance that's conducted in the name of security.
xBaja
50%
50%
xBaja,
User Rank: Apprentice
6/12/2013 | 11:39:04 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
This is nothing new and it didn't start with the Patriot Act. The FBI had the Carnivore sniffer platform during the Clinton years.
RonK476
50%
50%
RonK476,
User Rank: Apprentice
6/13/2013 | 12:52:02 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
Snowden has revealed no new facts regarding electronic data gathering. Carnivore has been around for decades plus he is obviously a fan of the Hollywood B movies "The Net" and "Enemy of the State".

I truly believe he's been co-opted by another agency to embarrass the NSA or more likely the Chicoms to embarrass the US.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Ninja
6/14/2013 | 4:56:11 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
He's a common criminal with delusions of grandeur.
Charles Leach
50%
50%
Charles Leach,
User Rank: Apprentice
6/15/2013 | 12:46:01 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
When will these people running 'National security' in ALL countries realise that in this modern internet time, there is no such thing as 'secret'. The USA NSA pursuit of Snowden seems just vindictive, and is similar to North Korea's imprisonment of 'dissenters'.
PS Will the NSA try to get me extradited to face 10 to 20 years in prison for not bowing down to their bully-boy tactics? .....Time will tell.
Truthsmith
50%
50%
Truthsmith,
User Rank: Apprentice
6/21/2013 | 5:45:09 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
Snowden did a hero thing, in view of what has happened to other whistleblowers, some of whom we no doubt haven't heard about. Like what happened to the retired military intelligence officer that was found professionally whacked in a garbage dump?

As recently as a year ago, this was the stuff that when we warned about it, people called "conspiracy theory" and paranoid.

NOW GET THIS: The Plutocracy Media is trying to divert attention to the reassurances from the government itself (No problem, nothing to see here...)

Oh, but now AP of the Rulers Media got hit too. That's a diversion too. We need respect for natural rights.
Truthsmith
50%
50%
Truthsmith,
User Rank: Apprentice
6/21/2013 | 5:55:28 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
AP isn't getting credibility with me in the protestations of its CEO on CSPAN as I write this. Their complicity with Hugo Chavez' attacks on the press in Venezuela and his actions in trying to subvert Honduras with puppet Zelaya.
lacertosus
50%
50%
lacertosus,
User Rank: Apprentice
6/21/2013 | 11:17:33 PM
re: NSA Prism Whistleblower Snowden Deserves A Medal
It's simple. Americans just simply don't care and that's why the majority of us are not moved by the story which is sad. In retrospect, J.E. Hoover is responsible for what can be categorized as the greatest spying violation on Americans privacy. Even then no one cared. We tend to brush off these types of violations as with the analogy of 'Well I have not thing to hide".

Perhaps there might have been a better route for Snowden to take than divulging state secrets on foreign land. Noot sure that that it though
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3409
Published: 2014-10-25
The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

CVE-2014-4620
Published: 2014-10-25
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.

CVE-2014-4623
Published: 2014-10-25
EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force a...

CVE-2014-4624
Published: 2014-10-25
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

CVE-2014-6151
Published: 2014-10-25
CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.