Comment by ckastner
8 years ago
> It says that once they saw it was printed
This was a significant clue that The Intercept did not have to give up. The warrant says they looked at all people who had accessed the report, and because the document appeared to have been printed, then at those 6 who printed it.
The yellow dots might have not been a factor, but it's nevertheless the same type of carelessness which might have exposed a whistleblower otherwise.
(But yes, this whistleblower would have been discovered by other means as well).
1. The actual reason she was arrested is because she admitted leaking it.
2. The story about only six printouts and e-mail correspondence is the official cover to draw public attention away from the yellow dots.
3. The yellow dots is how they actually found her and why she had no reasonable choice but to admit leaking, which allowed 1 to happen without drawing attention to the yellow dots.
> why she had no reasonable choice but to admit leaking
While I didn't make my first year of law school I feel like nearly every criminal defense attorney in this country would disagree with this statement.
I for one would like a class action lawsuits against printer companies and the government for wasting my money on yellow toner.
Maybe it's already been accounted for in the forced waste? My cartridges always say they're empty when there is clearly plenty usable ink left inside.
Do you have a reference for this claim?
It's merely speculation but I think it's plausible:
If some random journalist was able to decode the dots, the NSA probably decoded them too because why not.
The fact that they know how many people printed this document shows that they keep detailed printing logs so they shouldn't have trouble finding out who exactly used this specific printer at this specific time. And if you think about it, this is exactly what they should be doing instead of relying solely on weaker evidence.
Then they searched her work computer and got some more evidence (the e-mail contact, maybe more they aren't sharing).
They presented whatever evidence was sufficient to convince her and the public that they know it was her, she doesn't seem very tech-savvy, freaked out, told everything and now it's done.
this is an interesting angle, i assume because there are no references this is merely speculation?
actually, since the dots are not at all a secret, #3 cant be right. #2 is a bold claim, obviously pure speculation. So #1, is this true? please link source.
> The complaint says she admitted to printing out the document and mailing it to the news outlet.
http://www.cnbc.com/2017/06/05/feds-arrest-nsa-contractor-in...
I read another article that stated her admission came while the feds were raiding her home.
I don't know why everyone is blaming The Intercept for publishing a document leaked to them anonymously for that exact purpose. They always publish the source document. So does NYTimes and WaPo and other news orgs. It's common practice.
Assuming The Intercept detected the printer dot, how could they possibly know the printer dot wasn't some random one from a printer a library vs her work computer?
If I was The Intercept receiving a document from someone claiming to be an intelligence officer I would assume they used some very basic OPSEC - such as not printing the document out on a MONITORED WORK COMPUTER. This is basic stuff.
I don't see what more The Intercept could have done here to protect her.
She messed up, not them.
Whether she got caught because of her own mistakes is immaterial.
What matters is that if she had not made any mistakes the intercept made it trivially easy to reduce the pool of possible suspects. That´s fairly stupid if your whole reason for existence is to handle documents sent to you by vulnerable people.
If this is not the last article by the Intercept based on stuff leaked to them it would highly surprise me.
They totally messed this up.
Why did she even print it off in the first place? It seems like a unusual way to leak in 2017. Why not take a picture using a cellphone and send it digital to the encrypted dropbox on their website?
Still I don't see how the Intercept could have handled this better. Maybe they should have been looking for printer dots in documents received in the mail and then block it out when they digitize it. But is this really a common practice among news orgs handling leaked docs?
I see people on Reddit attacking The Intercept because, they say, the printer dot thing is 'common knowledge'. But to me this seems like an easy thing to overlook. Especially if most other leaks were digital. News organizations and leakers will certainly all be looking for this going forward (I hope).
As far as I'm concerned all the 'common knowledge' stuff that was overlooked was all via the leaker.
4 replies →
It's certainly not immaterial.
The Intercept did not encourage her to steal this information, nor did it give her any direction on how to do so. She chose her own method of exfiltrating the data, and in this case it turned out to be an quickly identifiable one. She knew this document was going to be published by the Intercept; that was the entire point of leaking it. Once published, regardless of form, you can bet that the FBI would have agents knocking on the Intercept's door asking to see the physical source material.
Furthermore, In order to prove the veracity of its published claims, the Intercept provides its source documents - if they do not, they simply open themselves up to accusations of fake news and falsified material. Any editing they do to the document will be ammunition for the FAKE NEWS crowd - so where is the compromise here?
4 replies →
oCR and reprint.
1 reply →
> She messed up, not them.
If only there were like.... some group of people who cared about the privacy of others.
The Intercept claims it's a safe place for people to leak to.
It isn't if they make blunders like this.
Are you sure this is something NYTimes/WaPo/WSJ/etc would have detected and removed? I'm not familiar with the established practices for news orgs handling leaked documents arriving the mail from intel officers. It seems a lot of people are, so I'm curious to hear more about it...
2 replies →
>This was a significant clue that The Intercept did not have to give up.
I have no idea why people are leaking to rinky-dink operations like the Intercept. If you want to leak, then leak to the Washington Post or New York Times. I can't imagine the Intercept having the expertise to handle such documents. This was a fairly obvious screw up.
I also question their methods of receiving and storing such documents and if they aren't compromised by one or more nation state intelligence services. Are these documents being stored through a third party email or web server? Is there end-to-end encryption?
The copier explanation may be a believable fiction as not to reveal other sources.
You know who the intercept is, right? It was started by Glenn Greenwald and Laura Poitras, specifically for safely handling, processing, and releasing the Snowden documents and others like it.
Personally I would trust them MUCH more than the New York Times. Well, unless the documents were specifically only damaging to Trump.
Here's how Greenwald initially handled Snowden's leak [1]:
Snowden anonymously sent him an e-mail saying he had documents he wanted to share, and followed that up with a step-by-step guide on how to encrypt communications, which Greenwald ignored. Snowden then sent a link to an encryption video, also to no avail.
“It’s really annoying and complicated, the encryption software,” Greenwald said as we sat on his porch during a tropical drizzle. “He kept harassing me, but at some point he just got frustrated, so he went to Laura.”
From another source [2] I cited in another comment:
"it took Greenwald several more months and help from experts before he could learn relatively basic tools like PGP encryption."
That's not exactly trust-inspiring, I'd say.
[1] http://www.nytimes.com/2013/08/18/magazine/laura-poitras-sno...
[2] https://www.dailydot.com/layer8/edward-snowden-gpg-for-journ...
10 replies →
Who started it has no weight, that is just an appeal to authority. What does matter is how they conduct themselves and they made enough mistakes here to avoid them like the plague if you have something important.
>Glenn Greenwald
Uh, I suggest you read about how poorly he handled the Snowden materials and how he's about as tech savvy as my grandpa. This fuck-up alone is inexcusable.
2 replies →
Notably, this article specifically points out a much more obvious NYT screwup - they released a Snowden doc using digital PDF 'black highlights' that didn't destroy the underlying data.
That's a mistake I think most security-conscious, tech-savvy non-professionals would avoid. The printer steganography here is a substantially more subtle error than the one we already say the NYT commit.
Even after this fuck up?
> Are these documents being stored through a third party email or web server? Is there end-to-end encryption?
This is something that can be learned with a few minutes research, so raising it as "questioning their methods" seems like FUD.
The answer is yes, there is end-to-end encryption handled via Tor. Using SecureDrop, the same tool as the Washington Post and New York Times. Treating that as some kind of distinction between these organizations is absurd.