More hilarity, embarrassing for the powers that be, a warning of sloppy contractors and what looks like casual commercial spying gone amok for all. Not only could Snowden access all the stuff he’s handed over so far, he was able to get into the UK spy network and turn over evidence the Brits were actively spying, spoofing, and hacking their own allies at the G20 summit in 2009:
WaPo — It wasn’t completely clear how Snowden would have had access to the British intelligence documents, although in one article the Guardian mentions that source material was drawn from a top-secret internal network shared by GCHQ and the NSA. Aldrich said he wouldn’t be surprised if the GCHQ material came from a shared network accessed by Snowden, explaining that the NSA and GCHQ collaborated so closely that in some areas the two agencies effectively operated as one.
One document cited by the Guardian — but not posted to its website — appeared to boast of GCHQ’s tapping into smartphones. The Guardian quoted the document as saying that “capabilities against BlackBerry provided advance copies of G20 briefings to ministers.” It went on to say that “Diplomatic targets from all nations have an MO (a habit) of using smartphones,” adding that spies “exploited this use at the G-20 meetings last year.”
Of course it’s not going to be clear to someone who barely squeaked out a D+ in his one required computer course, say Introduction to FORTRAN IV on punched cards while getting that Ivy League legacy MBA, how a junior snooper with a vastly superior analytical intellect and 21st century network skills did it. It won’t be clear to the dumb overpaid bosses even it’s been explained all night and day by the lesser paid brighter worker bees who did it. The dumb boys well then huddle up tonight, cobble up some mumbo-jumbo ready to swear on live TV by sunrise nothing like it could ever happen again to us or our allies here and now …
I suppose this should come as no surprise what with all the spying being turned over to private corporate contractors. Damn near every sizable company in the US is now chock-full of not-too-bright mid-level exces who lucked out into getting big bucks to send each other useless reports on lowly paid worker bees who can run rings around them. When it comes to the Intel-Industrial complex, it’s starting to look like a lack of oversight and suitcases full of untraceable hundred dollar bills courtesy of taxpayers allowed these particular management bozos to be even more useless and incompetent than normal. Right now they’ve about sunk to making Maxwell Smart look like James fucking Bond. They can’t even keep the most embarrassing of secret data, spying on their own allies at a good will meeting, in their own secured network and out of the global press.
Then again, when everything is a secret, who knows? Given corporate America’s thirst for profit, accelerating ethical lapses, our increasingly privatized espionage industry, and political enablers gleefully serving them in elected office, at this point it would come as little surprise if selling top secrets to the highest offshore private or government bidder was earmarked in Congress to be perfectly legal on an obscure secret bill no one can know exists, much less read before voting it into law.
Word is Snowden has more, lots more, embarrassing stuff to be published every week or two all summer long. Which means, by Wall Street banksta accountability traditions and standards, Booz Allen execs and their spooky pals deserve a big round of executive bonuses and pay raises by Halloween
Part of how he had access to all of this is likely due to the amount of security theatre people buy into. Some “highly secure” practices like forcing people to change their passwords regularly, are actively stupid and detrimental to security. That one for example just promotes making the simplest passwords possible.
I haven’t been following this too closely, but if no one is claiming he broke in or had unauthorized access then it’s likely he was actually using legitimate methods to accessing the information. As a system administrator he likely had root on a bunch of systems with information on them. Policy may be to not use it to do certain things. A non-government example would be the administrator of whatever system you have email on shouldn’t be reading your email. But it’s possible. The only things keeping them from doing that are disinterest and ethics. Obviously Mr. Snowden was interested and ethics were on the other side of this one. And note that this is just one possible route. It’s also entirely possible he had a login to use the program or website everyone else used. These are just the simplest ways of looking at it with no specific knowledge whatsoever.
As it happens, I was just reading that article at The Guardian.
Just like corporate america, the government organizations are more focused on checking the box around security with the security “experts” acting like movie critics. They can’t tell you how to secure anything, but they’ll be happy to tell you that such and such isn’t right. I’ve dealt with these yahoos, so I’m talking from experience. About 1/2 the people with security certifications know how to regurgitate policy and don’t have the foggiest clue how to actually secure anything.
I wouldn’t be surprised if the kid just did a network search and started perusing various network shares until he stumbled into it.