Hacker News new | ask | show | jobs
by nickpsecurity 3702 days ago
The spy agencies of foreign countries published all the details at http://are.youkidding.com. Go check it out for details.

Meanwhile, a rational perdon should assume that if (a) a major method/weakness for NSA surveillance is published then (b) defenders will start addressing that hole/weakness. Further, the proof of subversion for America, but not others doing espionage, means America took a huge financial hit as people boycotted its products.

The damage is real even if the spy agencies don't list each, classified example on their websites as you require. You can bet NSA is also adjusting tools and strategies to deal with it. Yet, they have to be feeling the pressure as encryption, air gaps, Tor, non-US software/hardware, FOSS vs their proprietary buddies, and so on across board in response to leaks. I mean, you cant simultaneously think the Snowden leaks are helping fight NSA surveillance while saying no surveillance losses resulted. That's hilarity of your position.
1 comments
mindcrime 3702 days ago
Right, so no evidence that Snowden's leaks hurt American ops. Sure, we can infer that the terrorists (or whoever) may have tweaked their opsec in response, but it's not like that will drive them to do anything that wasn't simply an opsec best practice all along. If the NSA was simply relying on people being sloppy (not using encryption, etc.) and that changed, well... that was inevitable over time anyway.

As for backdoors in routers, etc... again, it was always just a matter of time until that stuff got caught. And it's not like people haven't always suspected that they were doing that stuff.

And even if some small percentage of what Snowden leaked did harm US operations somehow... I'd argue that it was justified in light of the big picture, in regards to the illegal stuff. Finding out about mass surveillance of US citizens, etc., justifies any collateral damage the spook complex may have suffered, as far as I'm concerned.

link
nickpsecurity 3702 days ago
"Right, so no evidence that Snowden's leaks hurt American ops."

The ops are classified so it's a bogus point anyway. You're requiring them to commit a felony to prove specific damage. Further, you've already dismissed anything coming from spy agencies as a lie. You've set that line of questioning up to be a fail no matter what they show you. The only exception I'm seeing is a 3rd party or foreign nation detects their ops, then reports on it. Kaspersky already did with Equation Group plus used Snowden leaks to show it was probably NSA.

Anyway, we don't need them to publish anything. Just answer quick question: do you believe that the Snowden leaks improved people's ability to resist NSA surveillance and increase privacy through technological responses? Does that include foreign businesses or governments? If so, then you are already admitting that it reduced NSA surveillance and impacted their operations. One follows the other logically. Either Snowden leaks had no effect on NSA spying, making him a fail outside of legal reform, or they did negatively impact NSA by disrupting their operations.

"even if some small percentage of what Snowden leaked did harm US operations somehow... I'd argue that it was justified in light of the big picture,"

He wasn't justified because he didn't have to leak it. That simple. He could've just leaked the ones that targeted Americans or showed gross abuse rather than a lot of what we already, as Americans, allowed NSA to do. Instead, he turned over everything to many foreign media.

Btw, do you remember why he did that? Did you ever read the reason? He gave two actually. One sheds a lot of light on whether he had to do this and just how heroic he really is.

link
mindcrime 3702 days ago
Just answer quick question: do you believe that the Snowden leaks improved people's ability to resist NSA surveillance and increase privacy through technological responses?

Their ability? No, I don't. Did it promote people's inclination to resist the NSA. Certainly. But I would argue that those things would have happened over time anyway. So if Snowden caused any harm, I believe it was likely to be minor and of little consequence.

He wasn't justified because he didn't have to leak it. That simple. He could've just leaked the ones that targeted Americans or showed gross abuse rather than a lot of what we already, as Americans, allowed NSA to do.

Fair enough... But that'a assuming he had the time and means to carefully sift through it all and make those determinations. I believe his argument is that he turned the data over to credible journalists (as opposed to simply dropping it all over pastebins or uploading a torrent) exactly some somebody could go through it and determine which parts to actually publish, and which parts to withhold, so as to avoid serious harm to legitimate intelligence operations.

link
nickpsecurity 3702 days ago
"But I would argue that those things would have happened over time anyway. "

Why? I spent around a decade trying to convince American and foreign parties that their systems were being hit from hardware up to software. I tried to tell them about TEMPEST issues. I pointed out that the existing software was so insecure it could be hit without visible evidence at all. Past commercial & ITSEC best practices, nobody believed it or was willing to do anything. They were also gradually moving more private data into the hands of centralized parties in spying jurisdictions using HW/SW from spying jurisdictions.

So, why do you think it was inevitable when companies and consumers have resisted real security more every year for decades with only band-aids accepted? All evidence is to the contrary. That Snowden revealed how easily people are hit with subsequent awareness is one of the positives I count.

" But that'a assuming he had the time and means to carefully sift through it all"

He said he read every document. A spot judgement would've told him which were foreign or domestic. He worked with the stuff daily. In interviews, he recites it by heart without thought. He knew, he spent the time, and said so repeatedly. So, why do two of you ask why I expect him to do what he already said he did unless you just never saw his interviews?

It's as simple as having three folders: Good Leak; Who Knows; Definitely Don't Leak. Leak first for sure with careful thought on second and nothing in third. No evidence he even tried something like that. Why is that? Let's get to that.

" I believe his argument is that he turned the data over to credible journalists"

That was one. The other was that he wasn't comfortable holding onto it in order to do that. He didn't want to take the risk to himself. As in, he was a coward and risked burning all his fellow operators in that data dump to foreign intelligence agents just to save his own ass. Many options available to him. He did the safest one for him that did all the resulting damage. That simple.

Nothing heroic. Nothing abstract. He had a bag of stuff that could save America, stuff that could damage innocent Americans, and gave it all away to save his own ass. By his own admission. When we know he could've at least tried damage reduction as media did in Wikileaks time. Not even the smallest effort before he dumped it and went on the run. He surely had the time to make that effort, too, given he already read it. No question.

link