NSA Worker's Identity Exposed in Poorly-Redacted Snowden Document

As soon as the article was posted, a popular cryptography website claims to have downloaded a pdf of the Snowden document from The New York Times and discovered that three of the redactions that were intended to obscure sensitive national security information were easily accessible by highlighting, copying and pasting the text.
Avatar:
Author:
Publish date:
Social count:
266
As soon as the article was posted, a popular cryptography website claims to have downloaded a pdf of the Snowden document from The New York Times and discovered that three of the redactions that were intended to obscure sensitive national security information were easily accessible by highlighting, copying and pasting the text.
nsa_redacted_slide

It's finally happened. The name of an NSA employee has been accidentally leaked to the public via an NSA document stolen by Edward Snowden.

On Monday, we covered one way in which the Snowden leaks have touched off observably negative international consequences. Specifically, we discussed how an article in The Guardian detailing how Australia spied on the president of Indonesia has exacerbated tensions between the two nations, potentially touching off a military conflict at sea. Hours later, another example of apparent irresponsible journalism came to light.

A pair of new Snowden revelations were published on Monday. First, an article was published by NBC News in association with Glenn Greenwald about an NSA operation codenamed "Squeaky Dolphin." A second revelation was posted by The Guardian in partnership with The New York Times and ProPublica, which covered an NSA document that revealed how the NSA and the British GCHQ are able to collect information on various targets via "leaky" smartphone apps like Angry Birds.

As soon as the article was posted, someone from or associated with a popular cryptography website claims to have downloaded a pdf of the Snowden document from The New York Times and discovered that three of the redactions that were intended to obscure sensitive national security information were easily accessible by highlighting, copying and pasting the text. The poorly-redacted file was subsequently posted to the cryptography website, then promoted via Twitter. (We're not going to post the name of the website that posted the file to protect the information contained within.)

Meanwhile, at some Monday afternoon, The New York Times appears to have discovered the problem and posted a new version of the file with fool-proof redactions.

The cryptography website posted the following tweets:

NSA and GCHQ docs today with inept redactons were posted by NY Times on DocumentCloud, grabbed by A. Later replaced with ept redactions.

Not clear who ineptly redacted the NSA and GCHQ files, NYT, Guardian or ProPublica, failed to verify, or told them at ~1:30PM today.

The exposed, poorly-redacted information included the following:

--A very specific and very dangerous group that's been targeted by NSA using a free application known as Visual Communicator.

--Detailed information about what specifically can be gathered about the location of targets.

--On the cover-page of the document, the full name of the NSA worker who evidently composed the document in May of 2010.

So, the identity of an NSA worker is out there in public view within the same document in which a target of this program is named. All of this is due to the incompetence of whoever failed to properly redact the pdf before publishing it for the world to see -- as well as for the aforementioned cryptography site to nab and republish it. (It's worth noting that the crypto-site is in favor of publishing all of Snowden's documents online without redactions, claiming the files are public property.)

nsa_redacted_slide2

It's unclear as of this writing whether ProPublica or The Guardian inadvertently posted the badly-redacted file, but The New York Times has yet to publish anything about the situation.

This was bound to happen at some point in this ongoing saga: the name of an American agent has been leaked to the public via a document stolen by Edward Snowden. To add to the irresponsibility of how Snowden went about this operation, he distributed untold thousands of documents to a gaggle of technological neophytes who barely understand how to use Adobe Acrobat, much less the phenomenally complicated details of top secret NSA operations.

The public relies upon these reporters to accurately translate the techno-heavy information in the Snowden documents for the benefit of the debate. How can we be sure that this sort of epic blunder won't happen again? Indeed, as more reporters gain access to Snowden's documents, the likelihood only increases.

As for Snowden, rather than choosing very specific files which he deemed to be in the public interest, then carefully vetting every detail, he chose to indiscriminately dump the documents into the world, trusting that reporters will figure it all out and do the right thing. While no one's perfect and we all make mistakes, this is high stakes material and there's simply no room for errors like this.

(Special thanks to authors Jeremy Duns and Louise Mensch, along with Ann MacGibbon.)