Just before Edward Snowden became a world famous whistleblower, he
answered an extensive catalog of questions. These came from, amongst
others, Jacob Appelbaum, 30, a developer of encryption and security
software. Appelbaum educates international human rights groups and
journalists on how to work with the Internet in safe and anonymous way.
He became more publicly know in 2010, when he represented WikiLeaks
founder Julian Assange speaking at a hacker conference in New York.
Along with Assange and other co-authors he has recently published the
interview recording "Cypher Punks: Our Freedom and the future of the
Internet."
In the course of investigations into the WikiLeaks disclosures,
Appelbaum came to the attention of American authorities, who demanded
companies such as Twitter and Google to divulge his accounts. He himself
describes his attitude to WikiLeaks as "ambivalent" - and describes
below how it came about that he was able to ask Snowden these questions.
In mid-May I was contacted by the documentary-maker Laura Poitras.
She told me, that at this time she was in contact with an anonymous NSA
source, which had consented to be interviewed by her.
She put together questions and asked me to contribute questions.
This was, among other reasons, to determine whether she was really
dealing with a NSA whistleblower. We sent our questions via encrypted
e-mails. I did not know that the interlocutor was Edward Snowden until
he revealed himself as such in public in Hong Kong. He did not know who I
was. I had expected that he was someone in their sixties.
The following is an excerpt from a extensive interview which dealt
with further points, many of them technical in nature. Some of the
questions now appear in a different order to understand the context.
The discussion focused almost exclusively on the activities of the
National Security Agency. It is important to know that these questions
were not asked as relating to the events of the past week or the last
month.
They were entirely asked without any unrest, since, at that point, Snowden was still in Hawaii.
At a later stage I was again in direct contact with Snowden, at
which time I also revealed my own my identity. He told me then that he
gave consent to publish his statements.
+++++
Question: What is the mission of the National Security Agency (NSA) - and how is their job in accordance with the law?
Snowden: It is the mission of the NSA, to be aware of anything of
importance going on outside of the United States. This is a considerable
task, and the people there are convinced that not knowing everything
about everyone could lead to some existential crisis. So, at some point,
you believe it's all right is to bend the rules a little. Then, if
people hate it that you can bend the rules, it suddenly becomes vital
even to to break them.
Question: Are German authorities or politicians involved in the monitoring system ?
Snowden: Yes of course. They (the NSA people -- ed.) are in cahoots
with the Germans, as well as with the most other Western countries. We
(in the U.S. intelligence apparatus -- ed.) warn the others, when
someone we want to catch, uses one of their airports - and they then
deliver them to us.
The information on this, we can for example pull off of the
monitored mobile phone of a suspected hacker’s girlfriend -- who used it
in an entirely different country which has nothing to do with the case.
The other authorities do not ask us where got the leads, and we do
not ask them anything either. That way, they can protect their political
staff from any backlash if it came out how massive the global violation
of people’s privacy is.
Question: But now as details of this system are revealed, who will be put before a court over this?
Snowden: Before U.S. courts? You're not serious, are you? When the
last large wiretapping scandal was investigated - the interception
without a court order, which concerned millions of communications - that
should really have led to the longest prison sentences in world
history. However, then our highest representatives simply stopped the
investigation. The question, who is to be accused, is theoretical, if
the laws themselves are not respected. Laws are meant for people like
you or me - but not for them.
Question: Does the NSA cooperate with other states like Israel?
Snowden: Yes, all the time. The NSA has a large section for that, called the FAD - Foreign Affairs Directorate.
Question: Did the NSA help to write the Stuxnet program? (the
malicious program used against the Iranian nuclear facilities -- ed.)
Snowden: The NSA and Israel wrote Stuxnet together.
Question: What are the major monitoring programs active today, and how do international partners help the NSA?
Snowden: The partners in the "Five Eyes" (behind which are hidden
the secret services of the Americans, the British, the Australians, New
Zealanders and Canadians -- ed.) sometimes go even further than the NSA
people themselves. Take the Tempora program of the British intelligence
GCHQ for instance. Tempora is the first "I save everything" approach
("Full take") in the intelligence world. It sucks in all data, no matter
what it is, and which rights are violated by it. This buffered storage
allows for subsequent monitoring; not a single bit escapes. Right now,
the system is capable of saving three days’ worth of traffic, but that
will be optimized. Three days may perhaps not sound like a lot, but it's
not just about connection metadata. "Full take" means that the system
saves everything. If you send a data packet and if makes its way through
the UK, we will get it. If you download anything, and the server is in
the UK, then we get it. And if the data about your sick daughter is
processed through a London call center, then ... Oh, I think you have
understood.
Question: Can anyone escape?
Snowden: Well, if you had the choice, you should never send
information over British lines or British servers. Send even the Queen’s
selfies with her lifeguards would be recorded, if they existed.
Question: Do the NSA and its partners apply some kind of wide dragnet method to intercept phone calls, texts and data?
Snowden: Yes, but how much they can record, depends on the
capabilities of the respective taps. Some data is held to be more
worthwhile, and can therefore be recorded more frequently. But all this
is rather a problem with foreign tapping nodes, less with those of the
U.S. This makes the monitoring in their own territory so terrifying. The
NSA’s options are practically limitless - in terms of computing power,
space or cooling capacity for the computers.
Question: The NSA is building a new data center in Utah. What is it for?
Snowden: These are the new mass data storage facilities.
Question: For how long will the information there be stored?
Snowden: Right now it is still so, that the full text of collected
material ages very quickly, within a few days, especially given its
enormous amount. Unless an analyst marked a target or a particular
communication. In that case the communication is saved for all eternity,
one always get an authorization for that anyway. The metadata ages less
quickly. The NSA at least wants all metadata to be stored forever.
Often the metadata is more valuable than the contents of the
communication, because in most cases, one can retrieve the content, if
there is metadata. And if not, you mark all future communications that
fits this metadata and is of interest, so that henceforth it will be
recorded completely. The metadata tells you what you actually want from
the broader stream.
Question: Do private companies help the NSA?
Snowden: Yes. But it's hard to prove that. The names of the
cooperating telecom companies are the crown jewels of the NSA...
Generally you can say that multinationals with headquarters in the USA
should not be trusted until they prove otherwise. This is unfortunate,
because these companies have the ability to deliver the world's best and
most reliable services - if they wanted to. To facilitate this, civil
rights movements should now use these revelations as a driving force.
The Companies should write enforceable clauses into their terms,
guaranteeing their clients that they are not being spied on. And they
should include technical guarantees. If you could move even a single
company to do such a thing, it would improve the security of global
communications. And when this appears to not be feasible, you should
consider starting one such company yourself.
Q: Are there companies that refuse to to cooperate with the NSA?
Snowden: Yes, but I know nothing of a corresponding list that would
meet this. However, there would surely be more companies of this type,
if the companies working with the NSA would be punished by the customer.
That should be the highest priority of all computer users who believe
in the freedom of thoughts.
Question: What are the sites you should beware, if you do not want to become targeted by the NSA?
Snowden: Normally one is marked as a target because of a Facebook
profile or because of your emails. The only place which I personally
know where you can become a target without this specific labeling, are
jihadist forums.
Question: What happens if the NSA has a user in its sights?
Snowden: The target person is completely monitored. An analyst will
get a daily report about what has changed in the computer system of the
targeted person. There will also be... packages with certain data which
the automatic analysis systems have not understood, and so on. The
analyst can then decide what he wants to do - the computer of the target
person does not belong to them anymore, it then more or less belongs to
the U.S. government.