Едно интересно интервю (и неговата история) с Едуард Сноуден, малко преди да стане
известен в целия свят с разкритията си за действията на Националната Агенция за
сигурност (САЩ), свързани с наблюдението на Интернет и телефонните комуникации.
Към част от отговорите на Едуард Сноуден би трябвало (според
мен) да се отнасяме с известен резерв на доверие, отчитайки неговата месторабота
и функции.
Прилагам интервюто, така, както е публикувано на 08 юли, 2013
год.
8 July 2013
Shortly
before he became a household name around the world as a whistleblower, Edward
Snowden answered a comprehensive list of questions. They originated from Jacob
Appelbaum, 30, a developer of encryption and security software. Appelbaum
provides training to international human rights groups and journalists on how
to use the Internet anonymously.
Appelbaum
first became more broadly known to the public after he spoke on behalf of
WikiLeaks founder Julian Assange at a hacker conference in New York in 2010.
Together with Assange and other co-authors, Appelbaum recently released a
compilation of interviews in book form under the title "Cypherpunks:
Freedom and the Future of the Internet." [Link by Cryptome.]
Appelbaum
wound up on the radar of American authorities in the course of their
investigation into the WikiLeaks revelations. They have since served legal
orders to Twitter, Google and Sonic to hand over information about his
accounts. But Appelbaum describes his relationship with WikiLeaks as being
"ambiguous," and explains here how he was able to pose questions to
Snowden.
"In
mid-May, documentary filmmaker Laura Poitras contacted me," Appelbaum
said. "She told me she was in contact with a possible anonymous National
Security Agency (NSA) source who had agreed to be interviewed by her."
"She
was in the process of putting questions together and thought that asking some
specific technical questions was an important part of the source verification
process. One of the goals was to determine whether we were really dealing with
an NSA whistleblower. I had deep concerns of COINTELPRO-style entrapment. We
sent our securely encrypted questions to our source. I had no knowledge of
Edward Snowden's identity before he was revealed to the world in Hong Kong. He
also didn't know who I was. I expected that when the anonymity was removed, we
would find a man in his sixties."
"The
following questions are excerpted from a larger interview that covered numerous
topics, many of which are highly technical in nature. Some of the questions
have been reordered to provide the required context. The questions focus almost
entirely on the NSA's capabilities and activities. It is critical to understand
that these questions were not asked in a context that is reactive to this
week's or even this month's events. They were asked in a relatively quiet
period, when Snowden was likely enjoying his last moments in a Hawaiian
paradise -- a paradise he abandoned so that every person on the planet might
come to understand the current situation as he does."
"At a
later point, I also had direct contact with Edward Snowden in which I revealed
my own identity. At that time, he expressed his willingness to have his
feelings and observations on these topics published when I thought the time was
right."
Editor's note: The following
excerpts are taken from the original English-language version of the interview.
Potential differences in language between the German and English versions can
be explained by the fact that we have largely preserved the technical terms
used by Snowden in this transcript. Explanations for some of the terminology
used by Snowden as well as editor's notes are provided in the form of
footnotes.
Interviewer: What is the mission of America's National Security
Agency (NSA) -- and how is the job it does compatible with the rule of law?
Snowden: They're tasked to know everything of importance that
happens outside of the United States. That's a significant challenge. When it
is made to appear as though not knowing everything about everyone is an
existential crisis, then you feel that bending the rules is okay. Once people
hate you for bending those rules, breaking them becomes a matter of survival.
Interviewer: Are German authorities or German politicians involved in
the NSA surveillance system?
Snowden: Yes, of course. We're 1 in
bed together with the Germans the same as with most other Western countries.
For example, we 2 tip them off when someone we want
is flying through their airports (that we for example, have learned from the
cell phone of a suspected hacker's girlfriend in a totally unrelated third
country -- and they hand them over to us. They 3 don't
ask to justify how we know something, and vice versa, to insulate their
political leaders from the backlash of knowing how grievously they're violating
global privacy.
Interviewer: But if details about this system are now exposed, who
will be charged?
Snowden: In front of US courts? I'm not sure if you're serious.
An investigation found the specific people who authorized the warrantless
wiretapping of millions and millions of communications, which per count would
have resulted in the longest sentences in world history, and our highest
official simply demanded the investigation be halted. Who "can" be
brought up on charges is immaterial when the rule of law is not respected. Laws
are meant for you, not for them.
Interviewer: Does the NSA partner with other nations, like Israel?
Snowden: Yes. All the time. The NSA has a massive body
responsible for this: FAD, the Foreign Affairs Directorate.
Interviewer: Did the NSA help to create Stuxnet? (Stuxnet is the
computer worm that was deployed against the Iranian nuclear program.)
Snowden: NSA and Israel co-wrote it.
Interviewer: What are some of the big surveillance programs that are
active today and how do international partners aid the NSA?
Snowden: In some cases, the so-called Five Eye Partners 4 go
beyond what NSA itself does. For instance, the UK's General Communications
Headquarters (GCHQ) has a system called TEMPORA. TEMPORA is the signals
intelligence community's first "full-take" Internet buffer that
doesn't care about content type and pays only marginal attention to the Human
Rights Act. It snarfs everything, in a rolling buffer to allow retroactive
investigation without missing a single bit. Right now the buffer can hold three
days of traffic, but that's being improved. Three days may not sound like much,
but remember that that's not metadata. "Full-take" means it doesn't
miss anything, and ingests the entirety of each circuit's capacity. If you send
a single ICMP packet 5 and it routes through the
UK, we get it. If you download something and the CDN (Content Delivery Network)
happens to serve from the UK, we get it. If your sick daughter's medical
records get processed at a London call center … well, you get the idea.
Interviewer: Is there a way of circumventing that?
Snowden: As a general rule, so long as you have any choice at
all, you should never route through or peer with the UK under any
circumstances. Their fibers are radioactive, and even the Queen's selfies to
the pool boy get logged.
Interviewer: Do the NSA and its partners across the globe do full
dragnet data collection for telephone calls, text and data?
Snowden: Yes, but how much they get depends on the capabilities
of the individual collection sites -- i.e., some circuits have fat pipes but
tiny collection systems, so they have to be selective. This is more of a
problem for overseas collection sites than domestic 6 ones,
which is what makes domestic collection so terrifying. NSA isn't limited by
power, space and cooling PSC constraints.
Interviewer: The NSA is building a massive new data center in Utah.
What is its purpose?
Snowden: The massive data repositories.
Interviewer: How long is the collected data being stored for?
Snowden: As of right now, full-take collection ages off quickly (
a few days) due to its size unless an analyst has "tasked" 7 a
target or communication, in which the tasked communications get stored
"forever and ever," regardless of policy, because you can always get
a waiver. The metadata 8 also ages off, though less
quickly. The NSA wants to be at the point where at least all of the metadata is
permanently stored. In most cases, content isn't as valuable as metadata
because you can either re-fetch content based on the metadata or, if not,
simply task all future communications of interest for permanent collection
since the metadata tells you what out of their data stream you actually want.
Interviewer: Do private companies help the NSA?
Snowden: Yes. Definitive proof of this is the hard part because
the NSA considers the identities of telecom collaborators to be the jewels in
their crown of omniscience. As a general rule, US-based multinationals should
not be trusted until they prove otherwise. This is sad, because they have the
capability to provide the best and most trusted services in the world if they
actually desire to do so. To facilitate this, civil liberties organizations
should use this disclosure to push them to update their contracts to include
enforceable clauses indicating they aren't spying on you, and they need to
implement technical changes. If they can get even one company to play ball, it
will change the security of global communications forever. If they won't,
consider starting that company.
Interviewer: Are there companies that refuse to cooperate with the
NSA?
Snowden: Also yes, but I'm not aware of any list. This category
will get a lot larger if the collaborators are punished by consumers in the
market, which should be considered Priority One for anyone who believes in
freedom of thought.
Interviewer: What websites should a person avoid if they don't want
to get targeted by the NSA?
Snowden: Normally you'd be specifically selected for targeting
based on, for example, your Facebook or webmail content. The only one I
personally know of that might get you hit untargeted are jihadi forums.
Interviewer: What happens after the NSA targets a user?
Snowden: They're just owned. An analyst will get a daily (or
scheduled based on exfiltration summary) report on what changed on the system,
PCAPS 9 of leftover data that wasn't understood by
the automated dissectors, and so forth. It's up to the analyst to do whatever
they want at that point -- the target's machine doesn't belong to them anymore,
it belongs to the US government.
Footnotes:
1 "We're"
refers to the NSA.
2 "We"
refers to the US intelligence service apparatus
3 "They"
refers to the other authorities.
4 The "Five Eye Partners" is a reference to the
intelligence services of United States, Britain, Australia, New Zealand and
Canada.
5 "ICMP"
is a reference to Internet Control Message Protocol. The answer provided here
by Snowden was highly technical, but it was clear that he was referring to all
data packets sent to or from Britain.
6 "Domestic" is a reference to the United States.
7 In this
context, "tasked" refers to the full collection and storage of
metadata and content for any matched identifiers by the NSA or its partners.
8 "Metadata"
can include telephone numbers, IP addresses and connection times, among other
things. Wired Magazine offers a solid primer on metadata.
9
"PCAPS" is an abbreviation of the term "packet capture".