24 hours ago, the internet was ablaze with talk of a “second leaker” being identified by the FBI.
The second leaker, whom cryptographer Bruce Schneier actually deemed to be the third leaker (behind Edward Snowden and the person passing secrets about the Angela Merkel surveillance story, the TAO catalog and the X-KEYSCORE rules), was suggested at the end of the documentary Citizen Four in a conversation between Snowden and journalist Glenn Greenwald.
I attended a private screening of the documentary last week and, while the scene is rather intriguing, I wanted to know if the industry felt that this sort of thing was inevitable? After all, whether doing good or bad things, there is always the potential to inspire and in the case of Snowden’s actions of summer 2013, whole sections of the industry have backed and defended his actions.
“My guess is that this is either an NSA employee or contractor working in Germany, or someone from German intelligence who has access to NSA documents,” Schneier said. Regardless of where they are, whistle blowing can be done anywhere in the world with modern media, cloud storage and secure communications.
Back at this year’s Infosecurity Europe, F-Secure chief research officer, Mikko Hypponen, said that Chelsea Manning would have needed a truck to steal information, and “what made the change is moving data in massive quantities and that changed whistle-blowing”.
His colleague Sean Sullivan told me that he did not think that another “leaker” has appeared, and he would continue to doubt that until he saw some actual source documents. “The reporting of X-KEYSCORE rules never included full source materials,” he said. “It’s entirely likely that it was code captured via a TOR exit node or something else by an activist. Not a leaker.”
I asked Jeffrey Carr, CEO of Taia Global, if he felt that the appearance of a second leaker was inevitable. He said he was not at all surprised as even though the Obama Administration has been tough on leakers, that hasn’t solved their problem.
He said: “I wouldn’t say that the world is more dangerous for either leakers or whistleblowers, but I do believe that we’ll see more and more of them because in my opinion, millennials see the world much differently than baby boomers do (my age group).
“They see it as a place where information is meant to be shared, which seems perfectly normal considering that they share everything – all the time. My generation do not.”
Sullivan said that the US Government has created a “huge chilling effect” for legitimate whistleblowers to the detriment of the public, and said that it was very dangerous. He said: “Ther
e does appear to be an intelligence community ‘source’, but there have always been anonymous sources. That is a brave/dangerous thing to be at this point though,” he said. “It will be quite some time before we see something like this related to national/international security though.”
I contacted Mike Janke, CEO of privacy advocates and secure communications vendor Silent Circle, and he said that the problem with this story is it is “pure speculation at this point”.
He agreed that it is inevitable that there will be more leakers, especially as others have become conscious of surveillance, and looked at what was “bothering” them in their job. He said: “Now they see an example of someone who stood up. Yes, the stakes are now higher for a leaker. Internal systems are now beefed up to look from within.”
At the time of writing, it is tricky to determine the impact of this new leaker, as we have little information on who they are and what they have done, or were planning to do. Perhaps the intelligence agencies have sharpened their tools to spot such behaviour since last summer’s activities, and as a result more leakers have been stopped in their tracks before the media could get onto the story. Or maybe this person was just caught at the wrong time by a more alert FBI.
