Embed Size (px)
DESCRIPTION
Highlights from Making Sense of Snowden, Part II: What’s Significant in the NSA Revelations. Susan Landau IEEE Security & Privacy January/February 2014. IS 376 October 2, 2014. Snowden’s Arsenal: USB Flash Drive. Mass Storage Controller - PowerPoint PPT Presentation
Citation preview
Highlights from MakingSense of Snowden,Part II:What’s Significantin the NSA Revelations
Susan LandauIEEE Security & PrivacyJanuary/February 2014
IS 376October 2, 2014
Making Sense From Snowden IIIS 376October 2, 2014 Page 2
Snowden’s Arsenal: USB Flash Drive
USB ConnectorUniversal Serial Bus plug with two wires
for power and two for data
Mass Storage Controller
Communicates with host computer and retrieves data from
memory
Flash Memory Chip
1-256GB ofdata storage
Light Emitting Diode
Solid when on; flickering when accessing filesCrystal
OscillatorGenerates
12MHz clock signal
Making Sense From Snowden IIIS 376October 2, 2014 Page 3
National “Security?” Agency
“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”
Richard ClarkeWhite House Cybersecurity Adviser
The NSA used Microsoft SharePoint to share
information with other agencies, document
management software that is famous for its
ease-of-use as well as its lack of verification and security enforcement.
As a system administrator, Snowden
had passwords that allowed him to get
around what security measures the NSA had
in place.
Part of Snowden’s job was to transfer large amounts of classified
data between NSA computer systems,
which he easily copied onto a USB memory
stick and smuggled out of the NSA, with no passing through a
metal detector at the exit.
Making Sense From Snowden IIIS 376October 2, 2014 Page 4
Barack Obama On Edward SnowdenJanuary 17, 2014
“Our nation’s defense depends in part on the fidelity of those entrusted with our nation’s secrets. If any individual who objects to government policy can take it in their own hands to publicly disclose classified information, then we will not be able to keep our people safe, or conduct foreign policy.”
“The task before us now is greater than simply repairing the damage done to our operations; or preventing more disclosures from taking place in the future. Instead, we have to make some important decisions about how to protect ourselves and sustain our leadership in the world, while upholding the civil liberties and privacy protections that our ideals -- and our Constitution -- require.”
“Intelligence agencies cannot function without secrecy, which makes their work less subject to public debate. Yet there is an inevitable bias not only within the intelligence community, but among all who are responsible for national security, to collect more information about the world, not less. So in the absence of institutional requirements for regular debate -- and oversight that is public, as well as private -- the danger of government overreach becomes more acute.”
Making Sense From Snowden IIIS 376October 2, 2014 Page 5
Hillary Clinton’s TakeApril 25, 2014
“When he emerged and when he absconded with all that material, I was puzzled, because we have all these protections for whistleblowers. If he were concerned and wanted to be part of the American debate, he could have been. But it struck me as—I just have to be honest with you—as sort of odd that he would flee to China, because Hong Kong is controlled by China, and that he would then go to Russia, two countries with which we have very difficult cyber-relationships, to put it mildly.”
"I think turning over a lot of that material—intentionally or unintentionally, because of the way it can be drained—gave all kinds of information, not only to big countries, but to networks and terrorist groups and the like.”
“I have a hard time thinking that somebody who is a champion of privacy and liberty has taken refuge in Russia under Putin's authority.”
July 4, 2014
“If he wishes to return knowing he would be held accountable and also able to present a defense, that is his decision to make.”
“In any case that I'm aware of as a former lawyer, he has a right to mount a defense. And he certainly has a right to launch both a legal defense and a public defense, which can of course affect the legal defense.”
“Whether he chooses to return or not is up to him. He certainly can stay in Russia, apparently under Putin's protection, for the rest of his life if that's what he chooses. But if he is serious about engaging in the debate then he could take the opportunity to come back and have that debate. But that's his decision.”
August 29, 2014
“We need to make it clear to other countries that our technology companies are not part of our government.”
Making Sense From Snowden IIIS 376October 2, 2014 Page 6
Bill Clinton Weighs InApril 9, 2014
“Mr. Snowden has been sort of an imperfect messenger from my point of view for what we need to be talking about here, but the Snowden case has raised all of these questions about whether we can use technology to protect the national security without destroying the liberty, which includes the right to privacy, of basically innocent bystanders.”
“We cannot change the character of our country or compromise the future of our people by creating a national security state which takes away the liberty and privacy we propose to advance.”
“If what we need to know is patterns of communication between known terrorists in other parts of world with people in otherwise peaceful parts of the world including the United States, there has to be the way to design these systems and pay a little more money to do it so that we don't kill the goose that laid the golden egg.”
November 18, 2013
“The question is when, if ever, is the government justified in going beyond the patterns to listen to telephone calls, read emails, read text messages, and who’s supposed to decide that? Mr. Snowden obviously thought that it was excessive.”
“I think the US and China and everybody else, we’re going to have to be more upfront with each other and probably with our own people about what it is we’re looking for and listening to.”
Making Sense From Snowden IIIS 376October 2, 2014 Page 7
Vladimir Putin’s PerspectiveApril 9, 2014
“Well, you know, with regards to Mr. Snowden I said many times we do not have any direct relations to this problem. He turned up on our territory because of non-professional actions of the Americans themselves who tried to catch him.”
“You know I used to work in special services why should… why did they scare the entire world? They… downed the planes with Presidents onboard and the plane with Snowden onboard. They could down anywhere. So he arrives in our transit zone and then it turned out that nobody is going to accept him. That's the problem. If they didn't scare anyone, I mean the American special services, he would fly to some other country, he would be downed in some other countries. And he would be sitting in jail some place. But they scared everyone.”
“He stayed in our transit zone and what are we to do in that situation? Russia is not a country that is… ready to extradite fighters for human rights… Mr. Snowden considers that he is a champion of human rights. He built his life around it. He is a young man. I don't know how he is going to live further. I am not trying to joke. How is he going to live further? He is sitting in Russia now. But he has chosen his fate himself.”
“We given… we gave him a refugee. He is not our agent. He didn't give us any secrets. We gave him a refuge, but he didn't tell us anything. He tells us something when he wants to publish something – as far as … is concerned, this is of vital importance for us.”
Making Sense From Snowden IIIS 376October 2, 2014 Page 8
Public Opinion Polls: Partisanship
Making Sense From Snowden IIIS 376October 2, 2014 Page 9
Public Opinion Polls: Privacy
Making Sense From Snowden IIIS 376October 2, 2014 Page 10
Public Opinion Polls: Civil Liberties
Making Sense From Snowden IIIS 376October 2, 2014 Page 11
USA FREEDOM ActUniting and Strengthening America by Fulfilling Rights and Ending
Eavesdropping, Dragnet-Collection, and Online Monitoring Act
End Bulk Metadata Collection
Tighten the Patriot Act to place greater burden on
intelligence agencies to show a FISA court judge that their
target is thought to be an agent of a foreign power, is
engaged in activity that is the subject of an investigation, or is in contact with an agent of
a foreign power.Disclosure
Require the Attorney General to publicly disclose decisions by FISA courts that contain a significant interpretation of law in order to end “secret laws” being made behind closed doors by the FISA
courts and the intelligence community.
Greater TransparencyAllow Internet and
telephone companies that received FISA court
orders to report the number of FISA orders and national security letters complied with,
and the number of users on whom information
was demanded.Privacy Advocate
Create an office of special advocate within
the FISA court with standing to appear to
represent the public and privacy concerns, with the power to appeal FISA court decisions.
Foreign Loopholes
Amend the Foreign Intelligence
Surveillance Act to prevent intelligence
agencies from “reverse targeting”
that may allow them to intercept email and
Internet communications of
Americans.
Other LoopholesAmend FISA
provisions to make sure the government does not just rebuild its metadata dragnet
using different authorities.
The House of Representatives passed a watered-down version in May 2014.
