[georgemcbay]

Not a big fan of the reasons we are supposedly not supposed to trust Snowden specifically, but the question remains a powerful one in the sense that if you can't ensure that the data and systems you're using for something this powerful can remain secure from the actions of any single person, then you have a huge problem.

I've worked at companies where the secrets behind our app signing key are held to a higher standard than being entrusted to the care of any single entity. Even ignoring how you feel about whether the PRISM system is good or bad, shouldn't we expect the NSA to have better security policies, given the huge scope of abuse these systems could allow?

[mpyne]

I didn't get the impression that Snowden actually has access to PRISM itself. If all he's doing is IT support then it could be as simple as that he ran across the "management briefing" for it on the share drive without ever having access to the system itself. Certainly I would hope that NSA is not dumb enough to farm out credentialing for a system like PRISM to one of their contractors, but who knows?