classified Appendix G: The appendix is reproduced in its entirety at https://assets.documentcloud.org/documents/2934087/DIOG-Appendix-Media-NSLs.pdf. The accompanying story is Cora Currier, “The FBI’s Secret Rules,” Intercept, June 30, 2016, republished on January 31, 2017, at https://perma.cc/HRW5-ETNP.
his coming-out video: The Guardian posted the videotaped interview: Laura Poitras and Glenn Greenwald, “NSA Whistleblower Edward Snowden: ‘I Don’t Want to Live in a Society That Does These Sort of Things,’” Guardian, on June 9, 2013, www.theguardian.com/world/video/2013/jun/09/nsa-whistleblower-edward-snowden-interview-video.
Hong Kong–based reporter: Lana Lam, “EXCLUSIVE: Whistle-Blower Edward Snowden Talks to South China Morning Post,” South China Morning Post, June 12, 2013, at https://perma.cc/7BM6-7DBQ.
“Put the data you have uncovered”: Dafna tweeted a photo from the restaurant. “I just got @bartongellman’s fortune cookie,” she wrote on October 27, 2013, https://perma.cc/9KP2-RNPD.
“Girls Bar”: There were indeed young women, provocatively dressed, who made more eye contact than might be expected, but I did not take that personally. For photos, see www.korston.ru/en/moscow/restaurants/promenade_bar/.
“Snowden has enough information”: The Reuters news agency translated the interview. See “Glenn Greenwald: Snowden Documents Could Be ‘Worst Nightmare’ for U.S.,” Reuters, July 13, 2013. The original was in Alberto Armendáriz, “Glenn Greenwald: ‘Snowden tiene información para causar más daño,’” La Nación, July 13, 2013, at https://perma.cc/8R6R-PFG4.
without a private key: The PGP encryption software allows a user to encode a file to a “private key” without possessing the key itself. I would need the private key, which remained in New York, to decrypt my own recordings and notes. Doing it this way allowed me to travel without means of access to my confidential work. Likewise, I sent the encrypted files to online servers that were set to permit uploads but not downloads. In order to download the files at home, I would need an “SSH private key” that I did not bring on the trip.
Fourth Amendment does not apply: See “Notes: The Border Search Muddle,” Harvard Law Review 132, no. 8 (June 1, 2019): 2278–92, https://harvardlawreview.org/2019/06/the-border-search-muddle/.
“The damage is incalculable”: George Cotter, email to author, December 1, 2016.
Advocates for radical transparency: Julian Assange of WikiLeaks and John Young of the leak website Cryptome often criticized me, along with Glenn Greenwald and Laura Poitras, for holding back any documents at all. See, for example, “Snowden Long Drip Pie Charts,” March 14, 2014, at https://perma.cc/FZ9M-ZXPF.
trafficking in stolen goods: Publishing information obtained by theft is not trafficking in stolen goods in part because the Supreme Court interprets the National Stolen Property Act, 18 U.S.C. §§ 2314 and 2315, as limited to tangible “goods, wares, or merchandise.” See Dowling v. United States, 473 U.S. 207 (1985).
“national defense information”: See 18 U.S.C. § 794, “Gathering, transmitting or losing defense information.” The question is whether a news story may constitutionally be prosecuted as willful communication of national defense information to a person not entitled to receive it.
“to all the world”: Superseding indictment, United States v. Julian Paul Assange, May 23, 2019, Case 1:18-cr-00111-CMH, counts 15 through 17.
Assange a “journalist”: He has done many things that a traditional journalist would not do, but there is little room to doubt that he has functioned as the publisher of WikiLeaks.
twice taught a Princeton class: The course, WWS 384, was called “Secrecy, Accountability, and the National Security State.” See https://registrar.princeton.edu/course-offerings/course_details.xml?courseid=011833&term=1132.
called me a “traitor”: Levin’s comment came in the 2008 documentary film Secrecy, by directors Peter Galison and Robb Moss. The relevant excerpt is at www.youtube.com/watch?v=0p5AWEalj0k.
“It is desired that no document”: Memorandum from Colonel O. G. Haywood Jr., Army Corps of Engineers, for the Atomic Energy Commission, April 17, 1947, at https://perma.cc/6S6A-K9GN.
infected commercial sex workers: U.S. Department of Health and Human Services, “Fact Sheet on the 1946–1948 U.S. Public Health Service Sexually Transmitted Diseases (STD) Inoculation Study,” October 1, 2010, at https://perma.cc/D7V9-YCVF.
found “numerous incidents”: Major General Antonio M. Taguba, “Article 15-6 Investigation of the 800th Military Police Brigade,” at https://perma.cc/VZ5L-PJP4.
lied about intelligence: I use the word “lied” advisedly for a limited subset of the many incorrect claims by members of the Bush administration about Iraqi WMD. Some of the claims were merely exaggerated, and some were based on mistaken intelligence assessments made in good faith. On Iraq’s alleged—and nonexistent—nuclear weapons program, however, Vice President Dick Cheney and other top officials said things that they had good reason to believe were false. See, e.g., Gellman, Angler, 217, and Barton Gellman and Walter Pincus, “Depiction of Threat Outgrew Supporting Evidence,” Washington Post, August 10, 2003, at https://perma.cc/WER2-82ZR.
“Cold War secrecy”: Mary Graham, Presidents’ Secrets: The Use and Abuse of Hidden Power (New Haven, CT: Yale University Press, 2017), 4.
“is used too often”: Report of the Commission on Protecting and Reducing Government Secrecy, Senate Document 105-2, 1997, p. xxi.
“You have to start”: The occasion was a conference on surveillance at the Cato Institute in Washington. Andrea Peterson, “Obama Says NSA Has Plenty of Congressional Oversight. But One Congressman Says It’s a Farce,” Washington Post, October 9, 2013, https://wapo.st/2Wwg6ql.
laundry and dry cleaning manual: Naval Sea Systems Command, Naval Ships’ Technical Manual, chapter 655, “Laundry and Dry Cleaning,” S9086-V4-STM-010/CH-655. Steven Aftergood first brought this to my attention in a presentation called “Confronting Government Secrecy,” March 1, 2012.
“On 4 November 1979”: This Top Secret statement of a well-known public event came in “CRITIC Seminar 4,” a training course dated July 24, 2003, on file with author.
“exceptionally grave damage”: This is the standard set for Top Secret classification under Part 1, Sec. 1.2, Executive Order 13526 of December 29, 2009, “Classified National Security Information,” Federal Register—U.S. National Archives and Records Administration, vol. 75, no. 2, p. 707, at https://perma.cc/8PNY-NC5L.
“People must communicate”: I am indebted to Greg Miller for this reporting on Clapper’s congressional briefing, which took place on September 10, 2013.
a conflict of core values: I discussed these dilemmas at considerably greater length in a pair of lectures at Princeton, ten years before the Snowden story broke. See “Secrecy, Security and Self-Government: An Argument for Unauthorized Disclosures,” September 17, 2003, archived at https://perma.cc/RH4J-S55U; and “Secrecy, Security and Self-Government: How I Learn Secrets and Why I Print Them,” October 9, 2003, archived at https://perma.cc/6T9F-R2LG.
Shadow Brokers leak: See Bruce Schneier, “Who Are the Shadow Brokers?,” Atlantic, May 23, 2017, at https://perma.cc/4E4C-Q2SC.
“a change in the way”: Email from Shawn Turner to Caitlin Hayden, August 12, 2013, obtained in a FOIA lawsuit by author. In truth I had been asking for a secure channel since the first days of the story. I grew more insistent in the summer.
“We’re aware of your concern”: Vanee Vines, interview with author, February 27, 2014.
“How about ‘abc123’?”: Vanee Vines, telephone call with author, May 21, 2014, memorialized in an email by author the same day.
Daily Kos: The story was Frank Vyan Walton, “Operation FirstFruits: NSA Spied on Dissenters and Journalists?,” Daily Kos, January 19, 2006, at https://perma.cc/WJ7E-S2RD. The post bore this warning in parentheses: “This content is not subject to review by Daily Kos staff prior to p
ublication.”
Wayne Madsen: For example, see Wayne Madsen, “Hayden’s Heroes: A Tale of Incompetence and Politicization at America’s Super-Secret Intelligence Agency,” Wayne Madsen Report, May 8, 2005, reposted on Cryptome at https://perma.cc/WYF5-CRQG; and “NSA Spied On Own Employees, Journalists, Other Intel,” Wayne Madsen Report, December 29, 2005. Madsen’s blog is behind a paywall, but the second article may be found on sympathetic sites such as the anti-Semitic Rense News. For information on Rense, see Heidi Beirich, “Jeff Rense: In His Own Words,” Southern Poverty Law Center, April 27, 2015, at https://perma.cc/P6P8-HZV6.
“a paranoid conspiracy theorist”: Michael Moynihan, “NSA Nutjob: Anatomy of a Fake ‘Observer’ Story,” Daily Beast, July 1, 2013, at https://perma.cc/H9VE-NBDB.
“plugging any leaks”: Wayne Madsen, “NSA Security Running Amok to Plug Leaks About 9/11,” Wayne Madsen Report, July 7, 2009, republished at https://perma.cc/7J8C-HRPJ.
“listen to Osama bin Laden”: White House press secretary Ari Fleischer made the accusation soon after Brand’s report: “In 1998, for example, as a result of an inappropriate leak of NSA information, it was revealed about NSA being able to listen to Osama bin Laden on his satellite phone. As a result of the disclosure, he stopped using it.” The 9/11 Commission adopted this story in 2004: “Worst of all, al Qaeda’s senior leadership had stopped using a particular means of communication almost immediately after a leak to the Washington Times.” See the commission’s report at p. 127 at www.9-11commission.gov/report/. Bush adopted the narrative in 2005: “The fact that we were following Osama bin Laden because he was using a certain type of telephone made it into the press as the result of a leak. And guess what happened? Saddam—Osama bin Laden changed his behavior.” As recently as 2018, White House spokeswoman Sarah Sanders reprised the claim. See Glenn Kessler, “The Zombie Claim That Won’t Die: The Media Exposed bin Laden’s Phone,” Washington Post, August 2, 2018, https://wapo.st/2MtsC6t.
almost certainly untrue: I bring new evidence here, but my argument relies in part on Jack Shafer, “Don’t Blame the Washington Times for the Osama Bin Laden Satellite Phone ‘Leak,’” Slate, December 21, 2005, at https://perma.cc/W73Y-UMSR; and Glenn Kessler, “File the Bin Laden Phone Leak Under ‘Urban Myths,’” Washington Post, December 22, 2005, https://wapo.st/2Ij5WAs.
“He keeps in touch”: Martin sieff, “Terrorist Is Driven by Hatred for U.S., Israel,” Washington Times, August 21, 1998.
No story actually said that: The Washington Times story did not report that the U.S. government could eavesdrop on bin Laden’s phone. The first story to do so was Paul Richter, “Bin Laden May Use Stone Age Tactics to Elude High-Tech Hunt,” Los Angeles Times, September 7, 1998.
facility that bin Laden had recently visited: The CIA is said to have told President Clinton that it believed bin Laden departed the Zawhar Kili camp several hours before the missiles struck, but the agency could not be sure. Steve Coll, Ghost Wars: The Secret History of the CIA, Afghanistan, and bin Laden, from the Soviet Invasion to September 10, 2001 (New York: Penguin Press, 2004), 411.
“that the information is to be used”: Espionage Act, 18 U.S.C. § 793(a).
tried and convicted: Jeffrey A. Sterling, for example, was convicted of espionage for telling James Risen, then of the New York Times, about a botched CIA operation in Iran. See Matt Apuzzo, “C.I.A. Officer Is Found Guilty in Leak Tied to Times Reporter,” New York Times, January 26, 2015, at https://perma.cc/5DRT-973G.
Gellman v. DHS et al.: U.S. District Court for the District of Columbia, Case No. 1:16-cv-0635 (CRC).
Glomar response: The term has its origins in a FOIA lawsuit about the Glomar Explorer, a classified intelligence-gathering ship. Phillippi v. CIA, No. 76-1004, United States Court of Appeals for the District of Columbia Circuit, 178 U.S. App. D.C. 243, 546 F.2d 1009.
“The CIA can neither confirm”: Letter from CIA to author, January 28, 2015, on file with author.
every international flight I took: TECSII—Primary Query History, Passenger Activity, January 30, 2015, redacted copy obtained by FOIA, on file with author.
“copyrighted bulletins”: Government’s Motion for Summary Judgment, Gellman v. DHS, April 3, 2019.
“investigations of alleged”: Redacted declaration of David M. Hardy, Gellman v. DHS, April 3, 2019.
CHAPTER EIGHT: EXPLOITATION
The hand-drawn cartoon: The diagram appeared on a page titled “Current Efforts—Google” in a 2013 presentation called “SSO Collection Optimization” and classified TOP SECRET//SI/NOFORN, on file with author. I reproduced the diagram in Barton Gellman and Ashkan Soltani, “NSA Infiltrates Links to Yahoo, Google Data Centers Worldwide, Snowden Documents Say,” Washington Post, October 30, 2013, http://wapo.st/1UVKamr.
the core technology of encryption: “FAQ: What is SSL,” SSL.com, https://info.ssl.com/article.aspx?id=10241.
All your base: The phrase appeared in a poorly translated video game in 1991 and passed into the ranks of internet memes. It remains a staple of hackers and gamers when declaring victory. See “All Your Base Are Belong to Us,” Know Your Meme, https://knowyourmeme.com/memes/all-your-base-are-belong-to-us.
on four continents: See “Data center locations,” About Google, www.google.com/about/datacenters/inside/locations/index.html.
Executive Order 12333: “United States intelligence activities,” 46 FR 59941, 3 CFR, 1981 Comp., p. 200, www.archives.gov/federal-register/codification/executive-order/12333.html.
Google had built: For a video tour, see “Inside a Google Data Center,” YouTube, https://youtu.be/XZmGGAbHqa0.
“protocols and applications”: SSO Collection Optimization, on file with author.
“incidentally obtained information”: Executive Order 12333, section 2.3(i).
one billion at Google: By early 2016, Google surpassed the billion-user mark with seven separate services. Combined, they reached a billion accounts long before that. See Xavier Harding, “Google Has 7 Products with 1 Billion Users,” Popular Science, February 1, 2016, www.popsci.com/google-has-7-products-with-1-billion-users/.
“Wow! This is very exciting for me!”: Transcript of live chat on Jabber instant messaging service between Edward Snowden and Daniel Ellsberg, September 8, 2013, on file with author.
“that the so-called intelligence community”: Daniel Ellsberg, “Edward Snowden: Saving Us from the United Stasi of America,” Guardian, June 10, 2013, at https://perma.cc/F7RD-LK5V.
bore little resemblance: Some have seen these differences as essential to the legitimacy of their respective leaks, comparing Snowden unfavorably to Ellsberg. See Malcolm Gladwell, “Daniel Ellsberg, Edward Snowden, and the Modern Whistle-Blower,” New Yorker, December 19 and 26, 2016, at https://perma.cc/YU2E-EY8W.
then six hypotheses: Ashkan typed out a quick and dirty list:
1 brute forcing 1024 (or possibly longer) SSL certificates
2 flaw in SSL implementation (i.e linux flavor of openSSL)
3 obtaining companies’ SSL session tickets (for those use PFS)
4 obtaining companies’ SSL private cert (i.e hacking into the server)
5 getting a root/trusted CA that to sign a cert for them (or secretly being the trusted cert)
6 they have a master flaw in ALL SSL
more than six years: SSO Collection Optimization (“Midpoint_TLC_Optimization_w_Google_Exploitation.pptx”), slide 17, had a sample that was classified on January 8, 2007.
a photograph shot inside the premises: From a TOP SECRET//COMINT//NOFORN presentation titled “Special Source Operations: The Cryptologic Provider of Intelligence from Global High-Capacity Telecommunications Systems” (UODDS2Overview_v1_1.pptx), p. 14, on file with author.
“We have long been concerned”: Google statement on NSA infiltration of links between data centers, October 30, 2013, at https://perma.cc/8M7G-UVA7.
“contin
ued to extend encryption”: Craig Timberg, “Google Encrypts Data Amid Backlash Against NSA Spying,” Washington Post, September 6, 2013, at https://perma.cc/E55V-ELVZ.
“That’s never happened”: Barton Gellman, Ashkan Soltani, and Andrea Peterson, “How We Know the NSA Had Access to Internal Google and Yahoo Cloud Data,” Washington Post, November 4, 2013, at https://perma.cc/2F3P-6FUU.
“Bart Gellman, Washington Post”: Valerie Sayre email to Shawn Turner, Jeffrey Anchukaitis, and Robert Litt, October 28, 2013, obtained by author in a Freedom of Information lawsuit.
“everything that has been exposed”: Robert S. Litt, remarks at the American Bar Association, 23rd Annual Review of the Field of National Security Law, Washington, D.C., October 31, 2013, at https://perma.cc/CDR5-A4WH.
the scandal is what’s legal: Michael Kinsley, “The Conspiracy of Trivia,” Time, March 10, 1997, at www.cnn.com/ALLPOLITICS/1997/03/10/time/kinsley.html.
November 4, 1952: George F. Howe, The Early History of NSA, declassified on September 18, 2007, at https://perma.cc/N4PQ-X5NH.
“We were moving”: Michael V. Hayden, Playing to the Edge: American Intelligence in the Age of Terror (New York: Penguin Press, 2016), 134. Emphases in original.
“splitter cut-in and test procedure”: AT&T technical manual, provided to author by Mark Klein.
Klein found himself alone: Mark Klein, interview with author, February 18, 2015.
“New Collection Posture”: Presentation first made public in Glenn Greenwald, No Place to Hide. It is among those included at http://glenngreenwald.net/#BookDocuments.
was “going dark”: James B. Comey, November 3, 2014, video at “James Comey at Today’s Terrorism: Today’s Counterterrorism,” YouTube, www.youtube.com/watch?v=0LRVGdmr000.
The founders themselves had used codes: Rachel B. Doyle, “The Founding Fathers Encrypted Secret Messages, Too,” Atlantic, March 30, 2017, at https://perma.cc/AR3V-UZYH.
“Do you see any possibility”: Transcript of exchange with James B. Comey, November 3, 2014, courtesy of Karen Greenberg at the Center on National Security at Fordham Law School.
Dark Mirror Page 47