[Cryptography] Snowden "fabricated digital keys" to get access to NSA servers?
John Denker
jsd at av8n.com
Sat Jun 29 02:20:59 EDT 2013
On 06/28/2013 04:00 PM, John Gilmore wrote:
> Let's try some speculation about what this phrase,
> "fabricating digital keys", might mean.
Here's one hypothesis to consider.
a) The so-called "digital key" was not any sort of decryption key.
b) The files were available on the NSA machines in the clear.
c) The files were protected only by something like the Unix file
protection mechanism ... or the SELinux Mandatory Access Controls.
d) The "digital key" might have been not much more than a userID
and password, plus maybe a dongle, allowing him to log in as a
shadow member of some group that was supposed to have access to
the files.
===============
Crypto is great for protecting stuff while it is being transmitted
or being stored offline ... but when the stuff is in active use,
the temptation is to make a cleartext working copy. Then anybody
who can attach a thumb drive and can get past the access controls
can grab whatever he wants.
It is against NSA policy to attach a thumb drive. I betcha some
folks really want to know how he did that without getting caught.
More information about the cryptography
mailing list