Feeds

Snowden: You can't trust SPOOKS with your DATA

Well you should know, Edward

Beginner's guide to SSL certificates

Video: The US has the most to lose from mass snooping

When the bulk of the population is using proper encryption, the mass surveillance of law-abiding folk by intelligence agencies around the world will be severely curtailed, Snowden said. The US had to take a lead in this because it sets the standard for the rest of the world and because it has the most to lose, politically and commercially.

Snowden accused two former heads of the NSA, in power during the days after the September 11, 2001, of dropping the ball and focusing the agency too strongly on attacking intelligence sources rather than sticking to the original role of defending US networks.

"When you are the one country in the world that's sort of a vault, that's more full than anyone else's, it doesn’t make any sense for you to be attacking all day and never defending your home vault," Snowden said. "It makes even less sense that the standards for securing vaults worldwide should have a big back door that anybody can walk in through."

The knock-on effects of the NSA's activities also mean US companies are getting hurt, Snowden said. Almost all of Earth's data runs through US networks or software at some point, and if people around the world don't have confidence in the privacy of communications enabled by US firms then they will vote with their feet.

Snowden said he had no problem with commercial companies collecting personal data, since they had to publish legally enforceable terms and conditions on its use. But the US government is not controlled by any such sanction, and for that reason it has to be reined in.

Today's mass surveillance programs don’t even work: Snowden claimed two government reports have shown that the NSA's data collection system has only found one dodgy transaction – a $8,500 donation to Somalia from a US taxi driver.

All the data slurping in the world didn’t single out and flag up the alleged leader of the Boston bombers, despite Russian intelligence warning the US about him, and it also failed to pick up Umar Farouk Abdulmutallab (a man now forever doomed to bear the sobriquet "the failed underpants bomber") despite a warning to the CIA by the chap's own father.

Channel community shares the blame

Another big part of the problem is that the NSA isn't doing much of this stuff itself, Snowden said. The agency maintains a core staff but outsources to contractors who tout huge, costly surveillance systems to the agency.

This gives the contractors enormous influence within the NSA, Snowden said. Back when he was in such a role, Snowden was writing position papers and recommendations that were treated on the same level as those from NSA staffers, but there was no oversight on his actions.

"They are saying, 'we can do this and that,' but it doesn't serve the public interest. The government has changed its talking points on this away from the public interest to the national interest," he said.

"We should be concerned about that. When the national interest of the state becomes distinct form the public interest and what benefits the people then we really are at a point where we have to marry those up or it gets harder and harder to control within a representative democracy."

Youtube video of Snowden's appearance at SXSW

Snowden said that while at the CIA he had sworn an oath to defend the constitution of the US and had seen it "violated on a massive scale." He denied putting lives in danger or passing any intelligence information to foreign governments, and said no matter what happened to him he had no regrets.

"The interpretation of the constitution had been changed in secret from no unreasonable search and seizure to 'Hey, any seizure is fine, just don’t search it,' and that's something the public ought to know," he concluded, referring to the NSA's practice of storing a record of everyone's private lives on disk – just in case, like. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.