Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Ex-NSA Contractor Gets 9 Years for Retaining Defense Data
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
7/27/2019 | 5:00:27 PM
Re: Equity
I agree the only problem I have is the laws are not consistent across the board and people are often prosecuted unfairly because of the Judge's inherent bias. Yes this contractor should get time, but what about the law enforcement officials and government agencies that broke the law with the following:
  • StingRay - illegal remote cell phone tracking tool
  • Prism - dragnet government surveillance system, violates the laws across the globe
  • Pegasys - hacking software used to hack cell phones
  • Facia - cell phone triangulation tool
  • Optic Nerve - yahoo messenger used tool to capture video images
  • Boundless Informant - using tools to extract metadata from various devices
  • XkeyScore - interception data tool that queries information about user data (phone, email, texts, etc)

The problem I have with all of this is that people are constantly breaking the law and no one has been prosecuted, so how can an official be so hard on the public but they are constantly violating the rights of people across the globe, it is just amazing that these things go on and everybody turns a blind-eye.

I don't know anymore.

User Rank: Strategist
7/24/2019 | 10:41:24 AM
So there is little doubt of wrong doing here, but my quesiton is how this can be effectively prosecuted while other significantly more egregious harms (such as having a private vulnerable email server in a closet) are passed over. Crime is crime, and no one should be above the law, to borrow a phrase.
User Rank: Ninja
7/23/2019 | 9:05:10 AM
Re: Wow, so who prosecutes the Federal Government
Done - this is far off post subject not funny. 
User Rank: Ninja
7/22/2019 | 4:01:55 PM
Re: Wow, so who prosecutes the Federal Government

Let's back up for a minute, this person was a  NSA contractor who was prosecuted, clear and evident. But what happened to the other situations I named in the message before. For example, William "Bill" Binney (ThinThread), he worked for NSA for almost 30 years, he developed an application called ThinThread, they did not use the application during the 911 attacks. He informed them that of the controls they were taking off, this action of removing the controls would affect the lives of people everywhere in America and beyond. He informed his executive staff members, management, he followed proper protocol. Instead of the group, talking to him and giving him the respect he deserves, they put him in-front of a gun when he tried to tell them that the controls that were in place to protect the rights of American citizens (they continued to violate the law).

Now the other examples I used was basically saying how can this US Atty say something like this with a pompus attitude when they have been violating the rights of American Citizens even now (Illegal Drag Net Surveillance Programs like XKeyScore, Prism, etc.). Is he going to jail because he knows along with Congress that they have been violating the rights of American Citizens, yours and mine?

Don't get me wrong, when the person is wrong and they have violated the rights of Ameircan citizens, then yes, send them to jail. But the Feds are violating the rigths of US citizens right now using the Fisa courts to force companies like Quest, Microsoft, Google, Yahoo, AWS and others by issuing warrants (not one time have they not issued a warrant) under the auspices of National Security. So when are the Feds going to be accountable for their own actions, when are individuals from Congress going to be prosecuted (they were the one's who authorized its purchase and use). When are the deaths of innocent civilans going to be brought to court?

So who is prosecuting the people using mass surveillance to attack and thwart peaceful groups like "Black Lives Matter", "Indian Groups", "Unarmed Black People". When are they going to use the laws to prosecute the "KKK" and "Nazi followers" and the hate groups that are associated with millions of deaths.

So think about that and the other items I mentioned in the passage before. If you are going to do it to one person, then everyone needs to be accountable; if the balance of law is for all people then those same people should be prosecuted as well (General Alexander, Clapper, everyone involved and those who did not do anything about it, foreign and domestic).

User Rank: Ninja
7/22/2019 | 3:32:45 PM
Re: Wow, so who prosecutes the Federal Government
Are you saying he is innocent?  Or wrongly prosecuted?  Because theft of owned propietary data is still theft and there are laws against that - alot of them.  Break one and you have a problem.   This scum kept at it for years and 50 terabytes is huge.  He deserved jail time indeed.    AND this does not strike me as a human rights issue at all.  Not a political one.  Theft of data pure and simple.  High grade security data too.  
User Rank: Ninja
7/22/2019 | 1:44:27 PM
Wow, so who prosecutes the Federal Government

"This sentence, which is one of the longest ever imposed in this type of case, should serve as a warning that we will find and prosecute government employees and contractors who flagrantly violate their duty to protect classified materials," said US Attorney Robert K Hur in a statement.

Interesting that they say this with Prism, XKeyscore, Facia, Informant and other programs that are violating the rights of individuals all across the globe (congress approved this when the budget goes above 3 million dollars, so they knew about it). In America, the federal government has been violating the rights of American Citizens (1st - 5th Amendment rights) from the beginning of time,

I am not sure that I should be surprised but this is amazing he would say something like this. They are taking the lives of innocent personnel around the world when they go after terrorists; what happens to accountability and the value we put on human life. Look at what happened to William Binney (ThinThread), Thomas Drake (TrailBlazer), Kirk Wiebe (Trailblazer and Thinthread) and Edward Snowden (Prism, Xkeystore), they were indicted under the Espionage act and one they are still after (Mr. Snowden).

I have been saying this for years, when are we going to start looking at the injustices that have been going on for years and when is someone going to say, we have been violating human rights and citizens who have nothing to do with terrorist acts (I am not even going to mention what is going on in the US with Indians and African Americans). It is astounding that this continues to happen and we continue to show a blind eye, we see this in our own back yard.


I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file