Saturday, August 31, 2013

I Wrote the Password for International Security Documents on a Piece of Paper

The public discussion of  Snowden's leak has been as naive as Greenwald's handling of his digital files. It's criminal.

The paper media companies are so far behind the digital curve, still. Will they ever catch up? Putting digital files on a password protected hard drive or usb drive is not the equivalent of putting paper files into a safe with an alarm.

Do *any* of the major media companies have digital security protocols in place for their journalists? For their organization? If not, then they can't protect their sources and they're putting them at extreme risk. If you're reading this and you're considering becoming a source, I'd think twice about your choice of journalist and media company.

Judging from Greenwald's and the Guardian's data security behavior, they not only can't protect their sources, they also can't be certain that they haven't transmitted a digital payload, in addition to documents, to unintended recipients...anywhere in the world. 

The media doesn't seem to see this potential, but governments (such as the one that recently trashed some unsecured hard drives) and criminal groups surely do.

So, let's add some nuance and consider another angle. (If you think my imagination is too wild, just pretend it's a screenplay.) 

A hostile nation or crime group easily liberates top secret information from a secure facility by using an upper level mole to cultivate a whistleblower and provide him/her access to info and digital payloads. The discontented whistleblower walks out the door with more than just documents on a company laptop. The mole is untraceable. A counterintelligence tool enters public knowledge, internationally. Methods are revealed. Using algorithms and potent hashtags gleaned from past social media viral events, a team simultaneously and strategically posts the seeds that grow into an unnuanced public frenzy over privacy and hostility to government surveillance, of any kind. The whistleblower is subsequently offered protection by two countries professing concern about human rights, one of which has longstanding government connections to organized crime at the highest levels, the other host to one of the most powerful crime groups in the world. The digital files sit in the possession of a journalist with no clue about data security, and on the unsecured, crackable hard drives of a major media company. Having engineered the transfer of documents from a secure facility to multiple unsecured locations, the files are easily accessed by...