All of the comments taking umbrage that the article isn't celebrating Snowden's character are missing the point. While it is entirely possible that he was qualified or even overqualified for the position he had at Booz Allen Hamilton, nothing in his resume suggests that which raises the question who else has access to sensitive data and secrets? The answer could be that Snowden was an exceptional individual and that's how he got to where he was, but it could also be that the government is terrible at hiring and granting security clearance and there are a lot of terrible individuals with access to secrets & sensitive data and Snowden just happened to be a standout.
The security clearance process basically looks for reasonable, honest Americans free of foreign influence.
If government actors are abusing their power to such an extent that reasonable, honest Americans free of foreign influence feel morally obligated to blow the whistle, then there are going to be more leaks.
It's not a flaw in the system; It's a safeguard against corruption and abuse of the system.
As I understand it security clearance screening is done by blacklisting, not whitelisting.
That's what would make sense for a nation with due process, but it does lead to increased risk of leaks from people with no obvious red flags that come up during the background check or in-person interviews.
I don't think Slate is trying to crucify Edward Snowden. I think it was more "If a high school dropout with basic computer skills can win this contract, imagine what a talented hacker with malicious intentions could do", and just happened to attack Snowden a bit too much.
The author is full of stupid snark. Clearly Snowden is an exceptional individual; learning that he used to be a janitor, or whatever, shouldn't cause us to throw away all the evidence we have about him and double-take "they promoted a janitor?".
Perhaps the quality of his work matched his obviously high character, regardless of his initial lack of formal credential. This is IT we're talking about - classes are a joke.
This was the revulsion I felt as I read this as well. I used to be a truck driver. I am no longer a truck driver. Absolutely nothing about where I was says anything about who I am, how qualified I am to be who I am, nor where I am going. Lets not forget a previous owner of Slate, MSN...founded by the richest college dropout in the world.
The janitor making good, solving the famous math conjecture on the blackboard, is a Hollywood trope. Not sure why Slate is so adamant that the guy's story is a disqualifier.
We don't know his story yet but this much is certain: he is by definition an exceptional individual.
Most Americans probably worked some minimum wage job at a food or retail establishment too as their first job too. I don't know where the shock comes from.
So now lack of a degree means you cannot be trusted with sensitive data - wtf?
I understand the guy is emphasizing these things to make his point but still, wtf.
What about his morals? What about his courage? I would most definitely trust my data to a guy that was and is prepared to go to jail for his beliefs that my data should be treated with respect and within the law.
I expect this from some news sources such as CNN, but not from Slate and definitely not from Farhad Manjoo.
Why can't we celebrate him for having the moral character to have done the right thing instead of assault his character.
A college dropout that did the right thing by whistleblowing is 1000x better to have in this World than an MIT, Stanford or Harvard graduate who is working at the NSA or CIA being enabling or at least complicit in programs.
I wouldn't be surprised if the #1 criteria for NSA grunt employees is patriotism. If he's prepared to sacrifice everything for his country than he seems to be the perfect candidate to me.
It is for CIA at least. Their tactic is that "we can teach you technical stuff in class after we hire you, we can't teach you patriotism if you already aren't". They like to hire ex-Marines. Someone was saying they also like to hire Mormons.
The kink is that many patriots do actually understand and love the Constitution and if forced to routinely go against it in their line of works, a few will pull a Manning. That is expected. They can't have it both ways.
Indeed.. and this guy will be crucified, for basically doing the right thing.
Such is the projection of American military power that his credit card and bank account will already be locked down, on grounds that he is a 'terrorist', regardless of which country he flees to.
It's perfectly possible for Snowden to have done what he did and still have negative qualities - for example, by going public he's making the entire conversation about him instead of the programs he leaked.
More security conscientious setups use things like automatic password vaults requiring multiple admins to access. Sysadmin also doesn't mean defacto data access without forcing them to patch the software maliciously (you don't want your admins accidentally or intentionally accessing data covered under HIPAA!)
Which isn't to say you're incorrect when you say how much damage a junior sysadmin could do in most places. It is to say that there are options that make this kind of thing a lot harder, to limit the scope and damage rogue admins can cause, and to raise the bar in terms of knowledge required. One would hope the NSA would be employing some of them.
It seems unlikely Snowden was in a high-paid and important position without having demonstrated some kind of aptitude. I have the impression he was highly skilled.
He comes off as a fairly intelligent person in the interview.
The tech community should be the most understanding when it comes to overlooked people who kick ass on the job. Too many tech companies today are focusing on university names, this isn't the way it always was.
Is being nice to Edward Snowden considered aiding a terrorist? The NSA probably just fired off a warrant for the rest of my communications.
Not a big fan of the reasons we are supposedly not supposed to trust Snowden specifically, but the question remains a powerful one in the sense that if you can't ensure that the data and systems you're using for something this powerful can remain secure from the actions of any single person, then you have a huge problem.
I've worked at companies where the secrets behind our app signing key are held to a higher standard than being entrusted to the care of any single entity. Even ignoring how you feel about whether the PRISM system is good or bad, shouldn't we expect the NSA to have better security policies, given the huge scope of abuse these systems could allow?
I didn't get the impression that Snowden actually has access to PRISM itself. If all he's doing is IT support then it could be as simple as that he ran across the "management briefing" for it on the share drive without ever having access to the system itself. Certainly I would hope that NSA is not dumb enough to farm out credentialing for a system like PRISM to one of their contractors, but who knows?
> He was accorded the NSA’s top security clearance, which allowed him to see and to download the agency’s most sensitive documents.
Document control works on two dimensions: clearance level and need to know. You need to both have the requisite clearance level and a need to know to be approved for access to a given document. Having a top clearance doesn't mean you get to freely look at whatever you want, although the press and general public seems to think it does.
There's a reason that over 900,000 security clearances are processed every year. The "defense" contracting industry is booming.
FYI, CISPA is specifically for an NSA program intended to expand collection and give immunity to everyone. The lobbying for it as well as the politicans who proposed it, are heavily funded by these defense contractors.
This is a big part of the problem, the massive .mil budgets go to commercial contractors, who in turn support party candidates by donation. Its an incestuous positive feedback loop.
employees of BAH and other companies like them run the day to day operations of a very significant portion of the government and have for quite some time.
But...but they're helping us secure our home networks!
"The Information Assurance Directorate (IAD) at NSA recently released a new technical guide entitled Best Practices for Securing a Home Network." - http://www.nsa.gov/ia/index.shtml
The very fact that Edward has the integrity to risk his life in the name of public interest means that he's exactly the kind of person the NSA should be trusting with our data. It's probably his combination of integrity and competence that let him get the access he did in the first place.
In my university, we had a computer security program where computer scientists were heavily recruited to work for the DoD for a few years in exchange for a scholarship. One of the students I knew who ended up at the NSA was a standout, but the many others I knew were of average intellect and in many cases were below average computer scientists. These are not the level of people you want involved in mass surveillance programs.
What matters most to the NSA is your ability to pass a polygraph - not your engineering skills.
[+] [-] ritchiea|12 years ago|reply
[+] [-] known_unknowns|12 years ago|reply
If government actors are abusing their power to such an extent that reasonable, honest Americans free of foreign influence feel morally obligated to blow the whistle, then there are going to be more leaks.
It's not a flaw in the system; It's a safeguard against corruption and abuse of the system.
[+] [-] mpyne|12 years ago|reply
That's what would make sense for a nation with due process, but it does lead to increased risk of leaks from people with no obvious red flags that come up during the background check or in-person interviews.
[+] [-] gkoberger|12 years ago|reply
[+] [-] obstacle1|12 years ago|reply
>Yes, he could be a computing savant anyway—many well-known techies dropped out of school
They're basically bemoaning his lack of official credentials.
[+] [-] jongraehl|12 years ago|reply
Perhaps the quality of his work matched his obviously high character, regardless of his initial lack of formal credential. This is IT we're talking about - classes are a joke.
[+] [-] saosebastiao|12 years ago|reply
[+] [-] Terretta|12 years ago|reply
We don't know his story yet but this much is certain: he is by definition an exceptional individual.
[+] [-] mahyarm|12 years ago|reply
[+] [-] krakensden|12 years ago|reply
[+] [-] SeanDav|12 years ago|reply
I understand the guy is emphasizing these things to make his point but still, wtf.
What about his morals? What about his courage? I would most definitely trust my data to a guy that was and is prepared to go to jail for his beliefs that my data should be treated with respect and within the law.
[+] [-] untog|12 years ago|reply
I don't think the NSA would be using the same words you are.
The more legitimate point is that he was a contractor- just how much clearance do contractors get? That seems like the bigger worry to me.
[+] [-] malandrew|12 years ago|reply
Why can't we celebrate him for having the moral character to have done the right thing instead of assault his character.
A college dropout that did the right thing by whistleblowing is 1000x better to have in this World than an MIT, Stanford or Harvard graduate who is working at the NSA or CIA being enabling or at least complicit in programs.
[+] [-] thret|12 years ago|reply
[+] [-] rdtsc|12 years ago|reply
The kink is that many patriots do actually understand and love the Constitution and if forced to routinely go against it in their line of works, a few will pull a Manning. That is expected. They can't have it both ways.
[+] [-] nijk|12 years ago|reply
[deleted]
[+] [-] adventured|12 years ago|reply
[+] [-] gridmaths|12 years ago|reply
Such is the projection of American military power that his credit card and bank account will already be locked down, on grounds that he is a 'terrorist', regardless of which country he flees to.
[+] [-] gyardley|12 years ago|reply
It's perfectly possible for Snowden to have done what he did and still have negative qualities - for example, by going public he's making the entire conversation about him instead of the programs he leaked.
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] mikejholly|12 years ago|reply
[+] [-] MaulingMonkey|12 years ago|reply
Which isn't to say you're incorrect when you say how much damage a junior sysadmin could do in most places. It is to say that there are options that make this kind of thing a lot harder, to limit the scope and damage rogue admins can cause, and to raise the bar in terms of knowledge required. One would hope the NSA would be employing some of them.
[+] [-] mtgx|12 years ago|reply
[+] [-] gridmaths|12 years ago|reply
If the Government trusted the NSA with our every phone call and email, why should we trust the Government?
[+] [-] freepipi|12 years ago|reply
[+] [-] Zak|12 years ago|reply
It seems unlikely Snowden was in a high-paid and important position without having demonstrated some kind of aptitude. I have the impression he was highly skilled.
[+] [-] randomfool|12 years ago|reply
The tech community should be the most understanding when it comes to overlooked people who kick ass on the job. Too many tech companies today are focusing on university names, this isn't the way it always was.
Is being nice to Edward Snowden considered aiding a terrorist? The NSA probably just fired off a warrant for the rest of my communications.
[+] [-] brady747|12 years ago|reply
//insert crappy article
I mean, why should we give interviews at all? Obviously someone's resume and a class they didn't complete is all we need to know about them.
[+] [-] georgemcbay|12 years ago|reply
I've worked at companies where the secrets behind our app signing key are held to a higher standard than being entrusted to the care of any single entity. Even ignoring how you feel about whether the PRISM system is good or bad, shouldn't we expect the NSA to have better security policies, given the huge scope of abuse these systems could allow?
[+] [-] mpyne|12 years ago|reply
[+] [-] tzs|12 years ago|reply
Document control works on two dimensions: clearance level and need to know. You need to both have the requisite clearance level and a need to know to be approved for access to a given document. Having a top clearance doesn't mean you get to freely look at whatever you want, although the press and general public seems to think it does.
[+] [-] dnautics|12 years ago|reply
Not just this guy, but a contracting firm (BAH) in general? How did they get that bid?
[+] [-] flyt|12 years ago|reply
i.e. http://en.wikipedia.org/wiki/Skunk_Works
[+] [-] lawnchair_larry|12 years ago|reply
FYI, CISPA is specifically for an NSA program intended to expand collection and give immunity to everyone. The lobbying for it as well as the politicans who proposed it, are heavily funded by these defense contractors.
[+] [-] gridmaths|12 years ago|reply
This is a big part of the problem, the massive .mil budgets go to commercial contractors, who in turn support party candidates by donation. Its an incestuous positive feedback loop.
see Lessigs video talk on "LesterLand".
[+] [-] dpeck|12 years ago|reply
[+] [-] mehmehshoe|12 years ago|reply
[+] [-] codex|12 years ago|reply
[+] [-] BCM43|12 years ago|reply
[+] [-] ccarter84|12 years ago|reply
"The Information Assurance Directorate (IAD) at NSA recently released a new technical guide entitled Best Practices for Securing a Home Network." - http://www.nsa.gov/ia/index.shtml
[+] [-] mehmehshoe|12 years ago|reply
[+] [-] soup10|12 years ago|reply
[+] [-] burnstek|12 years ago|reply
What matters most to the NSA is your ability to pass a polygraph - not your engineering skills.