Donate for the Cryptome archive of files from June 1996 to the present

15 May 2014

Snowden's No Place to Hide Operation Success

Cryptome's response to a commentator on the Snowden operation as described by Greenwald's No Place to Hide and legions of newsies over a year.

No need to gloss this with comsec cosmetics.

As you know the most difficult problem of comsec is how to make first contact to set up a secure means between parties not yet able to trust each other. And it is when failure most often occurs. Even face to face suffers this almost insurmountable challenge whether in comsec or more generally spy sec.

Fairly common attack is to appear inexperienced and clueless to get the other party to drop guard and try to help the clueless. Snowden surely knows that he could not trust anybody he was contacting, that he would be played and drawn into disclosing himself, yet he did just that to several parties he approached.

Also fairly common to resist overtures by expressing doubt and demanding proof. Snowden knew that and had to accept the other parties conditions, all the other parties whipsawed him into compliance. Such as GG's laughable "pact" with Snowden to CYA the Guardian business interests, no different than what WaPo and NYT required.

There are enormous gaps, prevarications, illusions and delusions in published accounts of the unfolding Snowden operation, that too, is common comsec, infosec and opsec which Snowden was highly skilled at and faced the dilemma of advising other parties far less skilled technologically but legally and financially superior.

This is the Achilles Heel of the operation far from being healed. And spy agencies since day one have failed to avoid it.

For us buffs, and moreso for spy agency counterintel, forensic debris abounds from the preparation and execution Greenwald (and others) describes of initial efforts of Snowden outreach, back and forth among parties, exchanges among diversely skilled communicants and their crowds of advisors and helpmates (David Miranda a key advisor to GG, he claims). Greenwald with others exploiting the affair, including all of us consumers and credulous spy buffs, have crafted a satisfying story of this with sufficient slip-ups and fuck-ups to  to suspend disbelief to make it seem genuine, in particular by supplying us with "accidental" clues and inadvertent disclosures which have always seduced consumers of fiction, biblical, scientific and above all comsec comedy.

To your inquiry but with caution, all the JYA PKs are still valid and remain in use.  The JYA PK from 2007 is usable. However, as I previously wrote, we use numerous PKs, most for one time use, even for the same party -- a new key for each transaction. Persistent keys are vulnerable to tracking and metadating profiles of users.

Few of our keys are on key servers which cannot be trusted beyond casual purposes. But then comsec cannot be trusted, none of it, OTR, PGP, Tor, Anonymizers, face to face. Lack of trust is expected in comsec, and guarding against suspension of disbelief is obligatory.

The Hong Kong ploy for face to face assurance may be seen as a classic sting, first resisted then swallowed whole, or given that appearance in published accounts. The escape to Moscow another fabulosity from spy novel trade. For the spy promotional trade the seduction and entrapment of the Snowden journalist gangs is an amazing success generated the bowels of media-assistance teams of TLA funding boosters.

A parallel seduction of Omidyar for lifetime comfort for poor journalists is too, right up there with the fleecing Bezos. How the oligarchs do fall for stings of their own financial and legal rigging of bookmaking.