Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Ex-NSA Contractor Gets 9 Years for Retaining Defense Data
Newest First  |  Oldest First  |  Threaded View
tdsan
50%
50%
tdsan,
User Rank: Ninja
7/27/2019 | 5:00:27 PM
Re: Equity
I agree the only problem I have is the laws are not consistent across the board and people are often prosecuted unfairly because of the Judge's inherent bias. Yes this contractor should get time, but what about the law enforcement officials and government agencies that broke the law with the following:
  • StingRay - illegal remote cell phone tracking tool
  • Prism - dragnet government surveillance system, violates the laws across the globe
  • Pegasys - hacking software used to hack cell phones
  • Facia - cell phone triangulation tool
  • Optic Nerve - yahoo messenger used tool to capture video images
  • Boundless Informant - using tools to extract metadata from various devices
  • XkeyScore - interception data tool that queries information about user data (phone, email, texts, etc)

The problem I have with all of this is that people are constantly breaking the law and no one has been prosecuted, so how can an official be so hard on the public but they are constantly violating the rights of people across the globe, it is just amazing that these things go on and everybody turns a blind-eye.

I don't know anymore.

T
rcash
50%
50%
rcash,
User Rank: Strategist
7/24/2019 | 10:41:24 AM
Equity
So there is little doubt of wrong doing here, but my quesiton is how this can be effectively prosecuted while other significantly more egregious harms (such as having a private vulnerable email server in a closet) are passed over. Crime is crime, and no one should be above the law, to borrow a phrase.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
7/23/2019 | 9:05:10 AM
Re: Wow, so who prosecutes the Federal Government
Done - this is far off post subject not funny. 
tdsan
50%
50%
tdsan,
User Rank: Ninja
7/22/2019 | 4:01:55 PM
Re: Wow, so who prosecutes the Federal Government

Let's back up for a minute, this person was a  NSA contractor who was prosecuted, clear and evident. But what happened to the other situations I named in the message before. For example, William "Bill" Binney (ThinThread), he worked for NSA for almost 30 years, he developed an application called ThinThread, they did not use the application during the 911 attacks. He informed them that of the controls they were taking off, this action of removing the controls would affect the lives of people everywhere in America and beyond. He informed his executive staff members, management, he followed proper protocol. Instead of the group, talking to him and giving him the respect he deserves, they put him in-front of a gun when he tried to tell them that the controls that were in place to protect the rights of American citizens (they continued to violate the law).

Now the other examples I used was basically saying how can this US Atty say something like this with a pompus attitude when they have been violating the rights of American Citizens even now (Illegal Drag Net Surveillance Programs like XKeyScore, Prism, etc.). Is he going to jail because he knows along with Congress that they have been violating the rights of American Citizens, yours and mine?

Don't get me wrong, when the person is wrong and they have violated the rights of Ameircan citizens, then yes, send them to jail. But the Feds are violating the rigths of US citizens right now using the Fisa courts to force companies like Quest, Microsoft, Google, Yahoo, AWS and others by issuing warrants (not one time have they not issued a warrant) under the auspices of National Security. So when are the Feds going to be accountable for their own actions, when are individuals from Congress going to be prosecuted (they were the one's who authorized its purchase and use). When are the deaths of innocent civilans going to be brought to court?

So who is prosecuting the people using mass surveillance to attack and thwart peaceful groups like "Black Lives Matter", "Indian Groups", "Unarmed Black People". When are they going to use the laws to prosecute the "KKK" and "Nazi followers" and the hate groups that are associated with millions of deaths.

So think about that and the other items I mentioned in the passage before. If you are going to do it to one person, then everyone needs to be accountable; if the balance of law is for all people then those same people should be prosecuted as well (General Alexander, Clapper, everyone involved and those who did not do anything about it, foreign and domestic).

T
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
7/22/2019 | 3:32:45 PM
Re: Wow, so who prosecutes the Federal Government
Are you saying he is innocent?  Or wrongly prosecuted?  Because theft of owned propietary data is still theft and there are laws against that - alot of them.  Break one and you have a problem.   This scum kept at it for years and 50 terabytes is huge.  He deserved jail time indeed.    AND this does not strike me as a human rights issue at all.  Not a political one.  Theft of data pure and simple.  High grade security data too.  
tdsan
50%
50%
tdsan,
User Rank: Ninja
7/22/2019 | 1:44:27 PM
Wow, so who prosecutes the Federal Government

"This sentence, which is one of the longest ever imposed in this type of case, should serve as a warning that we will find and prosecute government employees and contractors who flagrantly violate their duty to protect classified materials," said US Attorney Robert K Hur in a statement.

Interesting that they say this with Prism, XKeyscore, Facia, Informant and other programs that are violating the rights of individuals all across the globe (congress approved this when the budget goes above 3 million dollars, so they knew about it). In America, the federal government has been violating the rights of American Citizens (1st - 5th Amendment rights) from the beginning of time,

I am not sure that I should be surprised but this is amazing he would say something like this. They are taking the lives of innocent personnel around the world when they go after terrorists; what happens to accountability and the value we put on human life. Look at what happened to William Binney (ThinThread), Thomas Drake (TrailBlazer), Kirk Wiebe (Trailblazer and Thinthread) and Edward Snowden (Prism, Xkeystore), they were indicted under the Espionage act and one they are still after (Mr. Snowden).

I have been saying this for years, when are we going to start looking at the injustices that have been going on for years and when is someone going to say, we have been violating human rights and citizens who have nothing to do with terrorist acts (I am not even going to mention what is going on in the US with Indians and African Americans). It is astounding that this continues to happen and we continue to show a blind eye, we see this in our own back yard.

T


Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11931
PUBLISHED: 2019-11-14
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prio...
CVE-2019-18980
PUBLISHED: 2019-11-14
On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The o...
CVE-2019-17391
PUBLISHED: 2019-11-14
An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and sec...
CVE-2019-18651
PUBLISHED: 2019-11-14
A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document to a user that the website trusts. The user needs to have ...
CVE-2019-18978
PUBLISHED: 2019-11-14
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.