Google handed over years of e-mails belonging to WikiLeaks chatroom admin 
Google informed 2 men that a US court order mandated a secret search in 2011
 
by Cyrus Farivar 
Ars Technica
June 22, 2013

Two Icelandic activists with previous connections to WikiLeaks announced Friday that earlier in the week they had received newly unsealed court orders provided by Google. Those orders described that Google searched and seized data from their Gmail accounts, likely as a result of a grand jury investigation into the rogue whistleblower group.

Google was forbidden under American law from disclosing these orders to the men until the court lifted that restriction in early May 2013. (A Google spokesperson referred Ars to its Transparency Report for an explanation of its policies.)

On June 21, 2013, well-known Irish-Icelandic developer Smári McCarthy published his recently un-sealed court order dating back to July 14, 2011. Google had sent him the order, which required that the search giant hand over McCarthy's Gmail account metadata, the night before. The government cited the Stored Communications Act (SCA), specifically a 2703(d) order, as grounds to provide this order.

Meanwhile, Herbert Snorrason, received both a D-order dated in May 2011 for the metadata and a search warrant (citing 2703(f) of the SCA) for “the contents of all e-mails associated with the account, including stored or preserved copies of e-mails sent to and from the account, draft e-mails, deleted e-mails…the source and destination addresses associated with each e-mail, the date and time at which each e-mail was sent, and the size and length of each e-mail.”

Snorrason, according to Wired, helped “manage WikiLeaks’ secure chat room in 2010, but later left inprotest in September 2010." The northwestern Icelander confirmed to Ars that he served in this role for "approximately two months in 2010."

“Thankfully, neither of us use our Google accounts for anything remotely sensitive,” McCarthy wrote on his blog on Friday.

Under the federal statute that allows for the D-order, authorities can’t receive the contents of electronic communication, but can find out where and to whom it was said. In contemporary cases within the last decade, law enforcement and judges have increasingly used this reasoning to acquire all kinds of metadata on digital communications that previously would have required a much higher legal threshold—a probable cause-driven warrant.

“We know the government gets warrants for e-mail access pretty frequently and it’s a good thing that they’re getting warrants, and not [just] D-orders, which is something we wanted them to shift to for a long time,” said Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation, told Ars. “To me, without seeing the affidavit, it looks like they got all e-mails. That’s a pretty broad request, notwithstanding that they got a warrant.”

“Do I have no rights, not being a US citizen?”

Both men spoke out strongly against such judicial orders issued under seal.

“Really, I think the most important thing here is getting people to realise that this madness is going on,” Snorrason told Ars. “All my details, just because I talked to an 'undesirable'? Do I have no rights, not being a U.S. citizen?”

Snorrason also added in a blog post:

That’s rather a lot of information. Particularly in light of the fact that I’m not allowed to know why they’re asking for this information. I assume it’s because I had a conversation or a few with a white-haired australian guy, but there’s nothing in the documents to confirm this. Let’s reiterate this, because that’s the point I find the most remarkable in all of this: Because I talked to Julian Assange, all information held by Google relating to my user account with them can be handed over to U.S. prosecutors. Not just the contents of my conversations with Julian.

Source:
 http://arstechnica.com/tech-policy/2013/06/google-handed-over-years-of-e-mails-belonging-to-wikileaks-chatroom-admin/
______________________

Feds hunted for Snowden in days before NSA programs went public

By Mark Hosenball
Reuters
Jun 12, 2013

U.S. government investigators began an urgent search for Edward Snowden several days before the first media reports were published on the government's secret surveillance programs, people familiar with the matter said on Wednesday.

Snowden, who has admitted to providing details of the top-secret programs, had worked on assignment at a Hawaii facility run by the National Security Agency for about four weeks before he said he was ill and requested leave without pay, according to the sources who spoke on condition of anonymity.

When Snowden failed to return, that prompted a hunt for the contractor, first by his employer Booz Allen Hamilton and then by the U.S. government, they said.

Snowden, 29, was known among colleagues as a very gifted "geek," according to one of the sources, who added, "This guy's really good with his fingers on the keyboard. He's really good."

His job as a systems administrator would have afforded Snowden very wide access to servers containing classified information at the NSA, and possibly other U.S. intelligence agencies, the same source said, without giving specifics.

U.S. officials do not yet know the extent to which Snowden was able to access intelligence databases, nor have they identified all the secret material he might have downloaded before leaving for Hong Kong, according to three sources.

Several sources said that as a systems administrator, Snowden would have been unable to actively spy on people, even though he told the Guardian newspaper, "I, sitting at my desk, certainly had the authority to wiretap anyone, from you or your accountant, to a federal judge, to even the President."

Snowden already had a Top Secret clearance before he joined Booz Allen in April, two sources said, adding that he likely obtained that clearance - which involves passing a polygraph exam - when he previously worked for the Central Intelligence Agency.

For his first week or two with Booz Allen, Snowden attended training sessions near Fort Meade, the Maryland military installation where NSA headquarters is located and where numerous agency contractors have offices.

After that, Snowden moved to take up his assignment with a company team based at the NSA installation in Hawaii. He was only on the job for around four weeks when he told his employers he was ill and requested leave without pay, the sources said.

When Booz Allen checked in with him, Snowden said he was suffering from epilepsy and needed more time off. When he failed to return after a longer period, and the company could not find him, it notified intelligence officials because of Snowden's high-level security clearance, one of the sources said.

Government agents spent several days in the field trying to find Snowden, according to the source, but they were unable to do so before the first news story based on Snowden's revelations appeared in the Guardian and then in the Washington Post.

The government did not know Snowden was the source for the stories until he admitted it on Sunday, the sources said.

A spokesman for Booz Allen Hamilton said the company had no comment beyond its earlier statements. Booz had previously said it fired Snowden for violating its "code of ethics and firm policy."


Source:
http://www.reuters.com/article/2013/06/12/us-usa-security-snowden-hunt-idUSBRE95B1A220130612
______________________

An Open (Of Course) Letter to My Friend, the NSA
Sorry, But It’s Really Tough Nowadays To Hire a Non-Leaking Hacker

By Cyrus Nemati
Zocalo Public Square
June 12, 2013


Dear NSA,

We need to have a chat, so I trust you’re reading this.

Of course you are; good. Now, let’s see … how should I put this? Look, you’ve done a great job cultivating that whole “spook” image for the past 60 years. Really, you’ve just been terrifyingly adept at creating an environment of ironclad secrecy, even more so than the CIA, who’ve bungled too many overseas jobs to be the omnipotent, untouchable agency they’d like us to think they are.

Times are changing, though. For the past several generations, you’ve been the rulers of all information, with no one to challenge you. Americans just had to trust that the good quiet folk at the NSA were looking out for them, because no one else could handle data on such a large scale. It was a simpler time, back when the Internet was young and the Web was just a seed of an idea, and our idea of “big data” was the Yellow Pages.

There are new kids in town, though; kids who grew up on data. They were raised to dish out and take in as much data as possible, and they do it for fun. To you, Facebook, Twitter, Tumblr, and all the rest of it are the latest places from which to siphon information. To these new kids, it’s home. It’s where they grew up, which is why they’re much better at it, and why you hire so many of them.

Now, what happens when you raise a generation on a steady diet of data, and then try to keep naughty secrets? They’re going to ask questions. They grew up in a world where information was free, and they took advantage of that fact. They learned more about the world around them than could ever be learned in school, and they went online for the answers to the questions their parents and teachers wouldn’t answer. They grew up not just appreciating that information was free, but expecting information to be free.

It gets worse. Not only are you hiring millennials, for whom secrecy is anathema—you’re hiring millennial hackers. And hacking, as you well know, means finding ways of turning technology to serve a purpose other than its intended one. When information isn’t free, these people have the ability and the will to free it.

I know this because I’m one of them. I may not have top-secret clearance and make six figures working for one of your contractors, but Edward Snowden’s demographic profile still hits close to home. When I was a boy, I used to hack into my computer games to add fart sounds to them. I built my own computers. I made my sister’s Teddy Ruxpin say horrible, horrible things. When I get a new phone, its hackability is its number-one buying point.

When I get my hands on a new piece of technology, my first thought isn’t about what it can do—it’s about what it can’t do, and how can I force it to overcome its limitations to do what I want. I then wonder, “Why wasn’t I ‘allowed’ to do this in the first place?” See, we millennial hackers simply cannot take anything at face value. We’re a bit contrarian and stubborn by nature. It’s why we’re good at what we do. The more constraints you place on us (be they workplace, physical, technological, or copyright) the more we feel a need to disregard, challenge, or overcome those constraints.

To be a hacker is to be cynical about whatever “solid” information or limits you’re faced with, to remove layers of consumer sheen or government spin until raw components are laid bare to reconstruct at will. You reward people like me with fat salaries when we do this with technology, so there’s little sense in expecting us not do the same in the rest of our lives—with your policies, rules, information, even with our own personal lives. We tinker, probe, deconstruct, and reassemble for other purposes. One thing we don’t do is blindly put hand to heart and sing “God Bless, America” —unless we’re in a North Korean gulag and it’s a contrarian move.

Do you see the problem? You need my kind of people for our understanding of data, but we don’t necessarily want or need you. You are anathema to our values and expectations. Sure, you’ve got some very smart graybeards who can do some amazing things, but they’re not going to be the bulk of your army for long, if they even still are. You have no choice but to keep hiring these hackers who didn’t grow up having data hidden from them. It’s ironic that you’ve become so reliant on people who really have no business in a tight-lipped, hierarchical quasi-militarized institution. We are the ones you should be snooping on, if only you could snoop without us.

I feel your pain.

Edward Snowden smoked you, and it wasn’t even very hard for him. Now, I know what you’re going to say. “It won’t happen again! We’ll improve security!” Who is going to improve your security? Is it going to be the naval officers you used to hire, respectful of hierarchy and used to a military lifestyle? Or maybe, say, more young, technical lay-people—contractors with the information freedom ideals of the millennial hacker? Yeah, I thought so.

Let’s face it: This isn’t going to be the last time your secrets are aired to the public. It’s probably not even going to be the last time this year that your secrets are aired to the public by another Edward Snowden, because you’ve got countless Edward Snowdens on your payroll whose first—not last—instinct is to blow open your information infrastructure. I mean, you tried to recruit me years ago, for goodness sake. Those confidential recruitment materials that said “For Your Eyes Only” all over them? Yeah, I showed those to everyone I knew, mostly because you were so heavy-handed with all the confidential stuff.

The important thing now is not to panic. No tears. You’re a big, strong, spooky organization, right? You don’t have to clean out your desk. You’ve still got a big role to play in the cyber-warfare of the next several decades. You’re just learning a hard lesson here, and I realize you’re partly being demonized for implementing what the White House and Congress want. However, you have no choice but to keep hiring these young, entitled, informed, data-driven hackers, who pretty soon might not have any secrets to leak because the Snowdens in your midst will have forced you to turn into a fully transparent (but still efficient!) organization.

Now that I think of it, you really should have played up the six-figure salary and Hawaii angle in those recruiting materials you gave me. I would’ve kept your secrets. Really.

Cheers,
Cyrus

Cyrus Nemati is web production manager at the New America Foundation, and a voice actor (thecyrusvoice.com) in his spare time. 

Source:
http://www.zocalopublicsquare.org/2013/06/12/an-open-of-course-letter-to-my-friend-the-nsa/ideas/nexus/
________________________