As The Guardian has taken center stage in the Snowden drama, serving as the English-language conduit of choice for publishing classified information about the National Security Agency and its partners that was stolen by Edward Snowden, it’s taken heat from the British government about its possibly illegal activities.
As a dodge, Guardian editors have taken to throwing around the “no big deal” excuse because, they claim, 850,000 people in the US, UK, and partner governments had access to this stuff. It was simply Ed, one in an (almost) million, who did the dirty deed. For one of the many iterations of this nonsense see here.
Yet nonsense it is. It plays on the fact the US and Allied governments have given out a lot of high-level clearances in recent years. But it requires a bit of explanation to understand the details – and why The Guardian is lying.
Everybody at NSA – whether military, civilian, or contractor – holds an active TOP SECRET (TS) security clearance with Sensitive Compartmented Information (SCI) access. That’s what it takes to get in the door at NSA. This is granted after a Single Scope Background Investigation (SSBI) including a “full scope” polygraph (i.e. you’re asked lifestyle as well as counterintelligence questions while you’re strapped to “the box”). To maintain TS/SCI access, you’re reinvestigated, including polygraph, every five years. A basic run-down of the DoD/IC security clearance system can be found here. If you want to know how the many and varied levels of classification are used in day to day DoD/IC work, this is numbingly detailed and best taken with a stiff drink.
But TS/SCI is just the basic level of clearance at NSA and its partner and Allied agencies. Above that there exist many kinds of caveats and special programs that go (or have gone) by weird names such as GAMMA, VRK (Very Restricted Knowledge), and ECI (Exceptionally Controlled Information). Across DoD they have similar SAPs (Special Access Programs). The bottom line is that nobody at NSA sees “everything.” The entire system is in fact designed to prevent any one person from seeing everything.
Called “need to know” – or more formally compartmentization – this means that every person only gets access to what s/he needs to be “read on” for to do the job at hand. Strange as it sounds outside cryptologic channels, it’s perfectly normal not to exactly know what the guy down the hall, or even sitting in the next cubicle over, does all day; you may not have a confirmed need to know, so you don’t. Even spouses and partners who both work at NSA are expected to maintain to “need to know” in their pillow talk.
To get access to really juicy SAPs you may need to undergo special investigation, including additional polygraphs, and in every case you sign paperwork that’s basically another non-disclosure agreement on top of all the ones you’ve already signed to be “in access” at NSA. Security is taken pretty seriously, particularly when very sensitive cryptologic programs are involved.
The bottom line is that The Guardian and its defenders are simply lying when they assert that 850,000 people saw the stuff that Ed stole. No, they didn’t. Not once, ever. Even as an NSA counterintelligence officer with ridiculously high level clearances and accesses to do my job, I never saw “everything” – because that’s literally impossible in the system. Every person’s access is specifically tailored to what he or she needs to know to do the job, and nothing more.
Which is why Ed had to hack NSA systems for months and years, including stealing the log-ins and passwords of others, who presumably had better accesses than a mere system administrator would, to get a look at the TS/SCI+ information he wanted to steal and expose to the world, while making off to Moscow as a finishing touch.
Whether The Guardian broke British law is a matter I will defer to legal experts, but on the matter of who had access to the stolen information they are publishing for the world to see, they are simply telling one lie after another. It should stop at once.
UPDATE: I’ve been attacked by anti-NSA activist Marcy Wheeler for allegedly not providing “evidence” that The Guardian actually said what … they said. The Guardian has cited the “850,000 had access to this stuff” lie in many forms since the summer; mere Googling will reveal many of them, here’s another current example if you like that sort of thing. Marcy is probably the most informed literature Ph.D. without any intelligence experience regarding SIGINT within at ten or twelve miles from wherever you’re sitting at this moment. This one’s for you, Marcy!
The XX Committee 
“who presumably had better accesses than a mere system administrator would”
More access than a “mere system admin?” I don’t think you understand how this works. No one has more access than sys admins.
When were you an NSA sysadmin?
Reading down your stuff, just love it…
This notion (I will not dignify with the name ‘idea’) that a system administrator is GOD really gets under my skin.
Having once been a sysadmin in one box of my institution, it’s a running gag that I was GOD who peeked into any directory to find your kitty pictures – or letters connected to your ongoing nasty divorce – but anyone with an ounce of sense would understand that the privilege is limited to that one box. Any other box is no password, no entry just like everyone else.
The problem appears to be that this sophisticated security method can all too often be defeated simply by asking what the password might be. Even in places where you would think that people would know better, especially with all the training they get.
But I can not believe how many otherwise intelligent seeming (pretend expert again?) people are so gullible/ignorant/cultish as to fall for this Supergenius Snowden the Superspy folderol.
Amazing, no? Thanks for your comments!
commented before reading below, you may want to just delete it all at your discretion.
Thanks for this post. Sometimes I get totally lost with all the acronyms and abbreviations, so thanks from this noob.
You’re welcome!
Reblogged this on jennifer98g and commented:
The Guardian has made itself a laughingstock by repeating this as fact. Asking two or three people who once worked in military intelligence how the system works would have cleared this up in minutes. Apparently they’re either too lazy to do any real journalism or they’re happy with spreading the lies. The evidence is quickly piling up in favor of the latter.
you people are nitpicking here. Snowden makes NSA discussions possible and possible changes to the way the NSA operates are on the horizon. Thanks to Snowden, lots of US citizens are now realizing that they are not as free as they thought they were with their online communications. And they don’t like it. Sure, they don’t mind if google and the like have their data but they do mind the NSA getting the same data in stealth.
Personally, I would be more on the NSA side had they found needles such as the Ft Hood a-hole, the Times Square bomber, the Boston Marathon bomber.
Who is “you people”? How exactly has NSA impinged on YOUR personal liberties?
20,
The Colbert Report captured this exchange between Mike Rogers and Steve Vladeck at a hearing in Congress last month :
http://www.colbertnation.com/the-colbert-report-videos/430139/october-31-2013/the-word—see-no-evil
Do you agree with Mike Rogers’ logic ?
So how did Snowden manage to steal and hack for so long without any counterspy/security officer/IT administrator noticing?
That’s a great question I’d like to see answered properly.
You might be winning the battle of fact on this one issue here, and if so, well done. But you’re only losing the constitutional, ethical, and PR war. The NSA is out of control, and apparently you have some problems coming to grips with that. There is no moral, constitutional or national-security equivalence between what you claim the Guardian has done and what we now know the NSA has done. Sorry, after Iraq, “because terrorism” is no longer an acceptable excuse for the illegal and unethical. Deal.
Never lose your passion!
Deal indeed. Except for the fact that it was authorized by Congress, in accordance with law, and approved by the courts, meaning it was constitutional. So your “out of control” argument is, well, out of control. Immoral? Maybe, but still completely ethical…these programs are definitely covered by the IC’s Principles of Professional Ethics. You might want to read some of the laws, codes of ethics, etc., before just saying stuff is illegal or unethical.
Yes, the battle of fact has nothing to do with whether or not the accusations of it being out of control are, y’know…factual.
I have plenty of concerns about information gathering, but you have to stretch to make constitutional arguments, ethics…even if they do gather everything about everyone, there’ve been few, if any accusations of misconduct USING that information…but PR, yes, you’re right…but PR is what makes people think its a constitutional issue.
And sorry, Guardian, and their employees have repeatedly, and provably lied, exaggerated, mischaracterized and left things out. That’s not just what he’s “claimed” I mean, the Grauniad claimed the British government made them smash a computer, and then showed us pictures of the parts…EXCEPT THOSE PARTS CANNOT BE USED IN ONE COMPUTER.
And likewise, “because terrorism” is not an acceptable excuse for the unethical, “because spying” is also not acceptable for the unethical.
I’m curious how the NSA can control and sequester information when there are rogue system administrators around. In all of my experience as a sysadmin, I have never known an admin who did not have access to everything on their system. The idea that a sysadmin wouldn’t have access to something on his system is completely foreign to me. It is almost literally inconceivable — every time I try to think about it, the idea slips away and I’m left going “No, that’s just not possible.”
If the answer to this is not classified, can you explain how the NSA can have sysadmins that can do their job while also keeping information out of their grasp?
Short answer: even S/As are supposed to have some compartmentization, ie not all S/As can see everything. Here, the system failed, epically. Thanks for your interest, really hope another Snowden never happens.
I understand that they are supposed to be compartmentized, but given what I know about having root access on a server I don’t see how it’s possible for such compartmentalization to work. Typically if someone has root access to a server, there is nothing on the server that they cannot access. Obviously there is some system in place, and it failed horribly, but I just don’t understand what that system is supposed to be or how it’s supposed to work. Like I said, I understand if you can’t disclose technical details, but if anything about it is not classified I would be very interested to learn how it works. (I’m a computer programmer / sysadmin.)
I appreciate your interest but I really can’t shed light here on classified matters.
Oh, I understand. I didn’t know if it was classified or not! Cheers.
To quote a man with many more years of experience than myself: Only God knows all the compartments.
#WORD
Cui Bono? Who benefits by keeping from the public that which has been turned over to Russian Intelligence and God knows who else? What you playfully pass off as just a “counter intelligence fail” — as if NSA lost a game of checkers with the Russians, is only one of the many ways you attempt to deflect whom the American public and it’s elected representatives should investigate and hold accountable for the catastrophic damage done to America’s interests — by those entrusted with pursuing and protecting them. Our international reputation and national security, alas, barely scratch the surface.
Recent foreign policy losses to the Russians are directly attributable to them having the American national security establishment, and much of our political echelon, by the short-hairs due to the Snowden “fail.” It is nothing short of depressing to think of how much those in the upper echelons of the US government are willing to gift to the Russians, and other foreign entities, in return for keeping the fullness of their “fail” from the American people.
I previously pointed out your lame cribbing of Glasnost, as your expert solution to the NSA’s travails. It seems your admiration for former Soviet ways is showing again. This time in the form of suggesting that our national interests are served by keeping secrets from the public after foreign intelligence and other nefarious actors have full possession of them.
My short-hairs are trimmed, thanks.
Whatever contrived ruling or secret interpretation of law the Intelligence establishment wants to use to justify their actions, the simple fact of the matter is that the America I was born and raised has ceased to be in my mind. Courts bend to the will of the executive, and the legislative dances to their tune without missing a beat.
I don’t need a dissertation in levels of clearance nor do I give a damn if Snowden broke the law. He revealed that my government believes they have the authority to rewrite the social contract as the lay person understands it, and it’s for our own good. I’ll put up with it until I won’t.
I am honored to have someone born before 1917 on here!
The compartmentalization you speak of has another aspect, that is, that an employee of the government or it’s private contractors can say “Hey, I just collect the information. What the other gov agencies do with it is out of my compartment”. I just pull the trigger, the bullet does the killing so I’m not responsible and can go home tonite and sleep well.
I don’t buy into this type of thinking. We know that the information collected isn’t just used for anti-terrorism or counter-intelligence, and that other government departments use the gained data for their own non-intelligence purposes. Some is passed to corporations for use against non-profits holding them accountable, some goes to gov agencies for law enforcement actions against protestors or other dissidents. Perhaps the agency itself is being used for political purposes. I think individuals have a responsibility to act on these issues. This is called a whistle blower. Or not work there if they know it’s corrupt. The idea post-Snowden isn’t to get rid of counter-intelligence, that would be foolish. But it’s another thing to say don’t worry if you have nothing to hide and so on, we’re only interested in terrorists and so forth when everyone knows better. The political fallout at least in the United States from Snowden is around these other issues, other than the use of info for counter-intelligence.
For a good reason if one cares about our hard won liberties now being treated as if they don’t matter or at best are inconveniences to be worked around. Perhaps not by the NSA directly but the information they collect has power, so who do they give it to, the data and therefore the power that goes along with it. When McDonalds has access to the information to use against the protestors against their latest scheme, or when Dow Chemical can use the info against victims of it’s chemical disasters so they won’t have to pay out…….we have a bigger problem than the terrorists. In fact, they have already won if we give up one ounce of our liberties for counter-terrorism efforts. The baby has been tossed along with the bath water.
Your understanding of how NSA/IC information is used is totally wrong. Read more.
I think it’s trying to communicate!
So no one knows what the guy in the next cubicle does. They might be using the info to blackmail congressmen or just looking at porn. No one has a big picture. No one knows what anyone else is doing, but we’re all supposed to just trust you that no one goes rogue. Except Snowden went rogue and no one caught him. There are lots worse things people can do with all this info than tell people what’s going on.
Nice handle.
Does anyone on here realize the Kremlin was outed for having a direct line to Britain in the VENONA translations? Direct line TO Stalin from Britain? Taking orders from Britain.
FDR’s personal secretary as well as all around him were also outed as spies communicating with their soviet handlers. FDRs personal secretary helping Russians get into US through Mexico City and supplying identity and passport information.
Can you grasp the magnitude of this revelation? Stalin getting orders from London. FDR staff taking orders from the Kremlin.
“The Game” has been over since 1919 as “20committee” has so rudely pointed out.
The revelation “is” that a “group” has created a system to watch all of us, not just US.
The revelation “will be” that “their” information will be released by some of the 850,000 with top secret clearance next.
Ooops! I spilled the beans.