2013年12月26日 星期四

2013的兩大教訓 ( 2 of 2)



2013的兩大教訓 ( 2 of 2)
史諾登給NSA的教訓:專訪史諾登

MOSCOW — The familiar voice on the hotel room phone did not waste words.
“What time does your clock say, exactly?” he asked.
He checked the reply against his watch and described a place to meet.
“I’ll see you there,” he said.
Edward Joseph Snowden emerged at the appointed hour, alone, blending into a light crowd of locals and tourists. He cocked his arm for a handshake, then turned his shoulder to indicate a path. Before long he had guided his visitor to a secure space out of public view.
During more than 14 hours of interviews, the first he has conducted in person since arriving here in June, Snowden did not part the curtains or step outside. Russia granted him temporary asylum on Aug. 1, but Snowden remains a target of surpassing interest to the intelligence services whose secrets he spilled on an epic scale.
Late this spring, Snowden supplied three journalists, including this one, with caches of top-secret documents from the National Security Agency, where he worked as a contractor. Dozens of revelations followed, and then hundreds, as news organizations around the world picked up the story. Congress pressed for explanations, new evidence revived old lawsuits and the Obama administration was obliged to declassify thousands of pages it had fought for years to conceal.
Taken together, the revelations have brought to light a global surveillance system that cast off many of its historic restraints after the attacks of Sept. 11, 2001. Secret legal authorities empowered the NSA to sweep in the telephone, Internet and location records of whole populations. One of the leaked presentation slides described the agency’s “collection philosophy” as “Order one of everything off the menu.”
Six months after the first revelations appeared in The Washington Post and the Guardian, Snowden agreed to reflect at length on the roots and repercussions of his choice. He was relaxed and animated over two days of nearly unbroken conversation, fueled by burgers, pasta, ice cream and Russian pastry.
Snowden offered vignettes from his intelligence career and from his recent life as “an indoor cat” in Russia. But he consistently steered the conversation back to surveillance, democracy and the meaning of the documents he exposed.
“For me, in terms of personal satisfaction, the mission’s already accomplished,” he said. “I already won. As soon as the journalists were able to work, everything that I had been trying to do was validated. Because, remember, I didn’t want to change society. I wanted to give society a chance to determine if it should change itself.”
“All I wanted was for the public to be able to have a say in how they are governed,” he said. “That is a milestone we left a long time ago. Right now, all we are looking at are stretch goals.”
‘Going in blind’
Snowden is an orderly thinker, with an engineer’s approach to problem-solving. He had come to believe a dangerous machine of mass surveillance was growing unchecked. Closed-door oversight in Congress and the Foreign Intelligence Surveillance Court was a “graveyard of judgment,” he said, manipulated by the agency it was supposed to supervise. Classification rules erected walls to prevent public debate.
Toppling those walls would be a spectacular act of transgression against the norms that prevailed inside them. Someone would have to bypass security, extract the secrets, make undetected contact with journalists and provide them with enough proof to tell the stories.
The NSA’s business is “information dominance,” the use of other people’s secrets to shape events. At 29, Snowden upended the agency on its own turf.
“You recognize that you’re going in blind, that there’s no model,” Snowden said, acknowledging that he had no way to know whether the public would share his views.
“But when you weigh that against the alternative, which is not to act,” he said, “you realize that some analysis is better than no analysis. Because even if your analysis proves to be wrong, the marketplace of ideas will bear that out. If you look at it from an engineering perspective, an iterative perspective, it’s clear that you have to try something rather than do nothing.”
By his own terms, Snowden succeeded beyond plausible ambition. Accustomed to watching without being watched, the NSA faces scrutiny it has not endured since the 1970s, or perhaps ever.
The cascading effects have made themselves felt in Congress, the courts, popular culture, Silicon Valley and world capitals. The basic structure of the Internet itself is now in question, as Brazil and members of the European Union consider measures to keep their data away from U.S. territory and U.S. technology giants including Google, Microsoft and Yahoo take extraordinary step to block the collection of data by their government.
For months, Obama administration officials attacked Snowden’s motives and said the work of the NSA was distorted by selective leaks and misinterpretations.
Last Monday, in a lawsuit that could not have gone forward without the disclosures made possible by Snowden, U.S. District Judge Richard J. Leon described the NSA’s capabilities as “almost Orwellian” and said its bulk collection of U.S. domestic telephone records was probably unconstitutional.
On Tuesday, in the Roosevelt Room, an unusual delegation of executives from old telephone companies and young Internet firms told President Obama that the NSA’s intrusion into their networks was a threat to the U.S. information economy. The following day, an advisory panel appointed by Obama recommended substantial new restrictions on the NSA, including an end to the domestic call-records program.
“This week is a turning point,” said Jesselyn Radack of the Government Accountability Project, who is one of Snowden’s legal advisers. “It has been just a cascade.”
‘They elected me’
On June 22, the Justice Department unsealed a criminal complaint charging Snowden with espionage and felony theft of government property. It was a dry enumeration of statutes, without a trace of the anger pulsing through Snowden’s former precincts.
In the intelligence and national security establishments, Snowden is widely viewed as a reckless saboteur, and journalists abetting him little less so.
At the Aspen Security Forum in July, a four-star military officer known for his even keel seethed through one meeting alongside a reporter he knew to be in contact with Snowden. Before walking away he turned and pointed a finger.
“We didn’t have another 9/11,” he said angrily, because intelligence enabled war fighters to find the enemy first. “Until you’ve got to pull the trigger, until you’ve had to bury your people, you don’t have a clue.”
It is commonly said of Snowden that he broke an oath of secrecy, a turn of phrase that captures a sense of betrayal. NSA Director Keith Alexander and Director of National Intelligence James R. Clapper Jr., among many others, have used that formula.
In his interview with The Post, Snowden noted matter-of-factly that Standard Form 312, the classified-information nondisclosure agreement, is a civil contract. He signed it, but he pledged his fealty elsewhere.
“The oath of allegiance is not an oath of secrecy,” he said. “That is an oath to the Constitution. That is the oath that I kept that Keith Alexander and James Clapper did not.”
People who accuse him of disloyalty, he said, mistake his purpose.
“I am not trying to bring down the NSA, I am working to improve the NSA,” he said. “I am still working for the NSA right now. They are the only ones who don’t realize it.”
What entitled Snowden, now 30, to take on that responsibility?
“That whole question — who elected you? — inverts the model,” he said. “They elected me. The overseers.”
He named the chairmen of the Senate and House intelligence committees.
Dianne Feinstein elected me when she asked softball questions” in committee hearings, he said. “Mike Rogers elected me when he kept these programs hidden. ... The FISA court elected me when they decided to legislate from the bench on things that were far beyond the mandate of what that court was ever intended to do. The system failed comprehensively, and each level of oversight, each level of responsibility that should have addressed this, abdicated their responsibility.”
“It wasn’t that they put it on me as an individual — that I’m uniquely qualified, an angel descending from the heavens — as that they put it on someone, somewhere,” he said. “You have the capability, and you realize every other [person] sitting around the table has the same capability but they don’t do it. So somebody has to be the first.”
‘Front-page test’
Snowden grants that NSA employees by and large believe in their mission and trust the agency to handle the secrets it takes from ordinary people — deliberately, in the case of bulk records collection, and “incidentally,” when the content of American phone calls and e-mails are swept into NSA systems along with foreign targets.
But Snowden also said he believed acceptance of the agency’s operations was not universal. He began to test that proposition more than a year ago, he said, in periodic conversations with co-workers and superiors that foreshadowed his emerging plan.
Beginning in October 2012, he said, he brought his misgivings to two superiors in the NSA’s Technology Directorate and two more in the NSA Threat Operations Center’s regional base in Hawaii. For each of them, and 15 other co-workers, Snowden said he opened a data query tool called BOUNDLESSINFORMANT, which used color-coded “heat maps” to depict the volume of data ingested by NSA taps.
His colleagues were often “astonished to learn we are collecting more in the United States on Americans then we are on Russians in Russia,” he said. Many of them were troubled, he said, and several said they did not want to know any more.
“I asked these people, ‘What do you think the public would do if this was on the front page?’” he said. He noted that critics have accused him of bypassing internal channels of dissent. “How is that not reporting it? How is that not raising it?” he said.
By last December, Snowden was contacting reporters, although he had not yet passed along any classified information. He continued to give his colleagues the “front-page test,” he said, until April.
Asked about those conversations, NSA spokeswoman Vanee Vines sent a prepared statement to The Post: “After extensive investigation, including interviews with his former NSA supervisors and co-workers, we have not found any evidence to support Mr. Snowden’s contention that he brought these matters to anyone’s attention.”
Snowden recounted another set of conversations that he said took place three years earlier, when he was sent by the NSA’s Technology Directorate to support operations at a listening post in Japan. As a system administrator, he had full access to security and auditing controls. He said he saw serious flaws with information security.
“I actually recommended they move to two-man control for administrative access back in 2009,” he said, first to his supervisor in Japan and then to the directorate’s chief of operations in the Pacific. “Sure, a whistleblower could use these things, but so could a spy.”
That precaution, which requires a second set of credentials to perform risky operations such as copying files onto a removable drive, has been among the principal security responses to the Snowden affair.
Vines, the NSA spokeswoman, said there was no record of those conversations, either.
U.S. ‘would cease to exist’
Just before releasing the documents this spring, Snowden made a final review of the risks. He had overcome what he described at the time as a “selfish fear” of the consequences for himself.
“I said to you the only fear [left] is apathy — that people won’t care, that they won’t want change,” he recalled this month.
The documents leaked by Snowden compelled attention because they revealed to Americans a history they did not know they had.
Internal briefing documents reveled in the “Golden Age of Electronic Surveillance.” Brawny cover names such as MUSCULAR, TUMULT and TURMOIL boasted of the agency’s prowess.
With assistance from private communications firms, the NSA had learned to capture enormous flows of data at the speed of light from fiber-optic cables that carried Internet and telephone traffic over continents and under seas. According to one document in Snowden’s cache, the agency’s Special Source Operations group, which as early as 2006 was said to be ingesting “one Library of Congress every 14.4 seconds,” had an official seal that might have been parody: an eagle with all the world’s cables in its grasp.
Each year, NSA systems collected hundreds of millions of e-mail address books, hundreds of billions of cellphone location records and trillions of domestic call logs.
Most of that data, by definition and intent, belonged to ordinary people suspected of nothing. But vast new storage capacity and processing tools enabled the NSA to use the information to map human relationships on a planetary scale. Only this way, its leadership believed, could the NSA reach beyond its universe of known intelligence targets.
In the view of the NSA, signals intelligence, or electronic eavesdropping, was a matter of life and death, “without which America would cease to exist as we know it,” according to an internal presentation in the first week of October 2001 as the agency ramped up its response to the al-Qaeda attacks on New York and Washington.
With stakes such as those, there was no capability the NSA believed it should leave on the table. The agency followed orders from President George W. Bush to begin domestic collection without authority from Congress and the courts. When the NSA won those authorities later, some of them under secret interpretations of laws passed by Congress between 2007 and 2012, the Obama administration went further still.
Using PRISM, the cover name for collection of user data from Google, Yahoo, Microsoft, Apple and five other U.S.-based companies, the NSA could obtain all communications to, from or “about” any specified target. The companies had no choice but to comply with the government's request for data.
But the NSA could not use PRISM, which was overseen once a year by the surveillance court, for the collection of virtually all data handled by those companies. To widen its access, it teamed up with its British counterpart, Government Communications Headquarters, or GCHQ, to break into the private fiber-optic links that connected Google and Yahoo data centers around the world.
That operation, which used the cover name MUSCULAR, tapped into U.S. company data from outside U.S. territory. The NSA therefore believed it did not need permission from Congress or judicial oversight. Data from hundreds of millions of U.S. accounts flowed over those Google and Yahoo links, but classified rules allowed the NSA to presume that data ingested overseas belonged to foreigners.
‘Persistent threat’
Disclosure of the MUSCULAR project enraged and galvanized U.S. technology executives. They believed the NSA had lawful access to their front doors — and had broken down the back doors anyway.
Microsoft general counsel Brad Smith took to his company’s blog and called the NSA an “advanced persistent threat” — the worst of all fighting words in U.S. cybersecurity circles, generally reserved for Chinese state-sponsored hackers and sophisticated criminal enterprises.
“For the industry as a whole, it caused everyone to ask whether we knew as much as we thought,” Smith recalled in an interview. “It underscored the fact that while people were confident that the U.S. government was complying with U.S. laws for activity within U.S. territory, perhaps there were things going on outside the United States ... that made this bigger and more complicated and more disconcerting than we knew.”
They wondered, he said, if the NSA was “collecting proprietary information from the companies themselves.”
Led by Google and then Yahoo, one company after another announced expensive plans to encrypt its data traffic over tens of thousands of miles of cable. It was a direct — in some cases, explicit — blow to NSA collection of user data in bulk. If the NSA wanted the information, it would have to request it or circumvent the encryption one target at a time.
As these projects are completed, the Internet will become a less friendly place for the NSA to work. The agency can still collect data from virtually any one, but collecting from everyone will be harder.
The industry’s response, Smith acknowledged, was driven by a business threat. U.S. companies could not afford to be seen as candy stores for U.S. intelligence. But the principle of the thing, Smith said, “is fundamentally about ensuring that customer data is turned over to governments pursuant to valid legal orders and in accordance with constitutional principles.”
‘Warheads on foreheads’
Snowden has focused on much the same point from the beginning: Individual targeting would cure most of what he believes is wrong with the NSA.
Six months ago, a reporter asked him by encrypted e-mail why Americans would want the NSA to give up bulk collection if that would limit a useful intelligence tool.
“I believe the cost of frank public debate about the powers of our government is less than the danger posed by allowing these powers to continue growing in secret,” he replied, calling them “a direct threat to democratic governance.”
In the Moscow interview, Snowden said, “What the government wants is something they never had before,” adding: “They want total awareness. The question is, is that something we should be allowing?”
Snowden likened the NSA’s powers to those used by British authorities in Colonial America, when “general warrants” allowed anyone to be searched. The FISA court, Snowden said, “is authorizing general warrants for the entire country’s metadata.”
“The last time that happened, we fought a war over it,” he said.
Technology, of course, has enabled a great deal of consumer surveillance by private companies, as well. The difference with the NSA’s possession of the data, Snowden said, is that government has the power to take away life or freedom.
At the NSA, he said, “there are people in the office who joke about, ‘We put warheads on foreheads.’ Twitter doesn’t put warheads on foreheads.”
Privacy, as Snowden sees it, is a universal right, applicable to American and foreign surveillance alike.
“I don’t care whether you’re the pope or Osama bin Laden,” he said. “As long as there’s an individualized, articulable, probable cause for targeting these people as legitimate foreign intelligence, that’s fine. I don’t think it’s imposing a ridiculous burden by asking for probable cause. Because, you have to understand, when you have access to the tools the NSA does, probable cause falls out of trees.”
‘Everybody knows’
On June 29, Gilles de Kerchove, the European Union’s counterterrorism coordinator, awoke to a report in Der Spiegel that U.S. intelligence had broken into E.U. offices, including his, to implant surveillance devices.
The 56-year-old Belgian, whose work is often classified, did not consider himself naive. But he took the news personally, and more so when he heard unofficial explanations from Washington.
‘Everybody knows. Everybody does’ — Keith Alexander said that,” de Kerchove said in an interview. “I don’t like the idea that the NSA will put bugs in my office. No. I don’t like it. No. Between allies? No. I’m surprised that people find that noble.”
Comparable reactions, expressed less politely in private, accompanied revelations that the NSA had tapped the cellphones of German Chancellor Angela Merkel and President Dilma Rousseff of Brazil. The blowback roiled relations with both allies, among others. Rousseff canceled a state dinner with Obama in September.
When it comes to spying on allies, by Snowden’s lights, the news is not always about the target.
“It’s the deception of the government that’s revealed,” Snowden said, noting that the Obama administration offered false public assurances following the initial reports about NSA surveillance in Germany “The U.S. government said: ‘We follow German laws in Germany. We never target German citizens.’ And then the story comes out and it’s: ‘What are you talking about? You’re spying on the chancellor.’ You just lied to the entire country, in front of Congress.”
In private, U.S. intelligence officials still maintain that spying among friends is routine for all concerned, but they are giving greater weight to the risk of getting caught.
“There are many things we do in intelligence that, if revealed, would have the potential for all kinds of blowback,” Clapper told a House panel in October.
‘They will make mistakes’
U.S. officials say it is obvious that Snowden’s disclosures will do grave harm to intelligence gathering, exposing methods that adversaries will learn to avoid.
“We’re seeing al-Qaeda and related groups start to look for ways to adjust how they communicate,” said Matthew Olsen, director of the National Counterterrorism Center and a former general counsel at the NSA.
Other officials, who declined to speak on the record about particulars, said they had watched some of their surveillance targets, in effect, changing channels. That evidence can be read another way, they acknowledged, given that the NSA managed to monitor the shift.
Clapper has said repeatedly in public that the leaks did great damage, but in private he has taken a more nuanced stance. A review of early damage assessments in previous espionage cases, he said in one closed-door briefing this fall, found that dire forecasts of harm were seldom borne out.
“People must communicate,” he said, according to one participant who described the confidential meeting on the condition of anonymity. “They will make mistakes and we will exploit them.”
According to senior intelligence officials, two uncertainties feed their greatest concerns. One is whether Russia or China managed to take the Snowden archive from his computer, a worst-case assumption for which three officials acknowledged there is no evidence.
In a previous assignment, Snowden taught U.S. intelligence personnel how to operate securely in a “high-threat digital environment,” using a training scenario in which China was the designated threat. He declined to discuss the whereabouts the files now, but he said he is confident he did not expose them to Chinese intelligence in Hong Kong and did not bring them to Russia at all.
“There’s nothing on it,” he said, turning his laptop screen toward his visitor. “My hard drive is completely blank.”
The other big question is how many documents Snowden took. The NSA’s incoming deputy director, Rick Ledgett, said on CBS’s “60 Minutes” recently that the number may approach 1.7 million, a huge and unexplained spike over previous estimates. Ledgett said he would favor trying to negotiate an amnesty with Snowden in exchange for “assurances that the remainder of the data could be secured.”
Obama's national security adviser, Susan E. Rice, later dismissed the possibility.
“The government knows where to find us if they want to have a productive conversation about resolutions that don’t involve Edward Snowden behind bars,” said Ben Wizner of the American Civil Liberties Union, the central figure on Snowden’s legal team.
Some news accounts have quoted U.S. government officials as saying Snowden has arranged for the automated release of sensitive documents if he is arrested or harmed. There are strong reasons to doubt that, beginning with Snowden’s insistence, to this reporter and others, that he does not want the documents published in bulk.
If Snowden were fool enough to rig a “dead man’s switch,” confidants said, he would be inviting anyone who wants the documents to kill him.
Asked about such a mechanism in the Moscow interview, Snowden made a face and declined to reply. Later, he sent an encrypted message. “That sounds more like a suicide switch,” he wrote. “It wouldn’t make sense.”
‘Let them say what they want’
By temperament and circumstance, Snowden is a reticent man, reluctant to discuss details about his personal life.
Over two days his guard never dropped, but he allowed a few fragments to emerge. He is an “ascetic,” he said. He lives off ramen noodles and chips. He has visitors, and many of them bring books. The books pile up, unread. The Internet is an endless library and a window on the progress of his cause.
“It has always been really difficult to get me to leave the house,” he said. “I just don’t have a lot of needs. ... Occasionally there’s things to go do, things to go see, people to meet, tasks to accomplish. But it’s really got to be goal-oriented, you know. Otherwise, as long as I can sit down and think and write and talk to somebody, that’s more meaningful to me than going out and looking at landmarks.”
In hope of keeping focus on the NSA, Snowden has ignored attacks on himself.
“Let them say what they want,” he said. “It’s not about me.”
Former NSA and CIA director Michael V. Hayden predicted that Snowden will waste away in Moscow as an alcoholic, like other “defectors.” To this, Snowden shrugged. He does not drink at all. Never has.
But Snowden knows his presence here is easy ammunition for critics. He did not choose refuge in Moscow as a final destination. He said that once the U.S. government voided his passport as he tried to change planes en route to Latin America, he had no other choice.
It would be odd if Russian authorities did not keep an eye on him, but no retinue accompanied Snowden and his visitor saw no one else nearby. Snowden neither tried to communicate furtively nor asked that a visitor do so. He has had continuous Internet access and talked to his lawyers and journalists daily, from his first day in the transit lounge at Sheremetyevo airport.
“There is no evidence at all for the claim that I have loyalties to Russia or China or any country other than the United States,” he said. “I have no relationship with the Russian government. I have not entered into any agreements with them.”
“If I defected at all,” Snowden said, “I defected from the government to the public.
Julie Tate contributed to this report.

返回:2013的兩大教訓 ( 1 of 2)

沒有留言:

張貼留言

發表意見者,請留稱呼。用匿名不留稱呼者,一律自動刪除。