Forgot your password?
typodupeerror
Encryption Government Security The Media United Kingdom United States News

Intelligence Officials Fear Snowden's 'Doomsday' Cache 381

Posted by Soulskill
from the all-the-juicy-stuff-is-on-the-shelf dept.
Dega704 writes with news that Edward Snowden is believed to have a collection of highly sensitive classified documents that will be released in the event he is detained, hurt, or killed. According to Reuters, "The data is protected with sophisticated encryption, and multiple passwords are needed to open it, said two of the sources, who like the others spoke on condition of anonymity to discuss intelligence matters. The passwords are in the possession of at least three different people and are valid for only a brief time window each day, they said. The identities of persons who might have the passwords are unknown." These details have caused several security experts to express skepticism, but multiple sources, including Glenn Greenwald, believe Snowden has not released all of the documents he appropriated. "U.S. officials and other sources said only a small proportion of the classified material Snowden downloaded during stints as a contract systems administrator for NSA has been made public. Some Obama Administration officials have said privately that Snowden downloaded enough material to fuel two more years of news stories." Whether or not it's true, U.S. and U.K. officials clearly believe it, which can only serve to protect Snowden.
This discussion has been archived. No new comments can be posted.

Intelligence Officials Fear Snowden's 'Doomsday' Cache

Comments Filter:
  • The real news (Score:5, Insightful)

    by Anonymous Coward on Tuesday November 26, 2013 @09:07PM (#45533663)

    There is years' worth of material that makes intelligence analysts nervous. Just how much dirt could the US possibly have that they don't want people to know?

    • by Jeremiah Cornelius (137) on Tuesday November 26, 2013 @09:17PM (#45533755) Homepage Journal

      Kennedy killed by Sturgis and Hunt in Poppy-managed operation.

      • Regarding the Kennedy, has anyone been into to that particular room on the sixth floor of the Book Depository in Dallas, Tx, USA, where they said Lee Harvey Oswald shot JFK ?

        I have.

        In normal time they blocked that room up with plexiglass barrier. Visitors could only see that room from the corridor outside.

        But I went inside.

        I went there during the time Oliver Stone was filming the movie "JFK". They removed the plexiglass barrier.

        I was able to stand in THAT VERY WINDOW, looked out of the window and surveyed t

        • by safetyinnumbers (1770570) on Tuesday November 26, 2013 @10:06PM (#45534113)
          Don't the trees block a lot more of the road than they did then?

          There's a webcam [earthcam.com] mounted inside the box near the window if anyone want's to check out the view (the pile of boxes placed there to represent the one's he's said to have placed there to rest the rifle on).
          • Re: (Score:3, Interesting)

            by Taco Cowboy (5327)

            Don't the trees block a lot more of the road than they did then?

            Sorry, I didn't know anything about the trees back then.

            See, I am not a born American. I am a naturalized American and I did not arrived at America until the early 1970's.

            Furthermore, I spent most of my stay in America in the Boston area (and later in the Silicon Valley). I only go to Dallas occasionally on business trips.

            Back when Oliver Stone was shooting his JFK movie (no pun intended) in Dallas I happened to be there for a conference, and both the Dallas local newspapers (Dallas Morning News as well a

            • by Anonymous Coward on Wednesday November 27, 2013 @02:31AM (#45535501)

              It was a damn good shot, I'll admit that. But I've seen plenty of people make tougher shots at faster moving targets from more restrictive positions while hunting wild game.
              He wouldn't have needed a spotter because he would have had plenty of audible cues for the approaching limo. Watching people in the crowd react would have served as all the warning he needed, as they pointed, stood up, jumped waved, shouted, cheered, and generally became exited as JFK came into their view.

              As for the angle, it's entirely possible that he shot the rifle left-handed which would have made it a lot easier to get that angle without leaning so far out. I myself am a right-handed person but I'm what is often called "left-eyed".. it's easier for me to shoot a rifle left-handed than right.

              As for knowing which head to shoot at, that's also pretty easy. It's the one right next to his wife. If I were in his shoes, I would've just looked for the woman with the fashion sense who stuck out like a sore thumb in a group of men in suits. She was always well-dressed and easy to spot in a crowd.

              I'm not saying I necessarily think Oswald did it alone, but all the things you've brought up I can quickly find reasonable explanations as to why they don't prove anything. And they were all already addressed many times in both official and unofficial examinations of the shooting. Keep in mind that Oswald was highly experienced and military trained, he wasn't just some random guy who picked up a rifle for the first time that day.

        • by Thruen (753567)
          I'm impressed, you've concluded beyond any doubt what experts apparently couldn't put together themselves no matter how much time they were allowed in that very same room. You should call the FBI and let them know they're not needed anymore, we can send you to crime scenes with your uncanny abilities and let you solve murder mysteries.

          Is this guy serious?
      • by PolygamousRanchKid (1290638) on Tuesday November 26, 2013 @11:42PM (#45534701)

        Kennedy killed

        Kennedy shot himself.

        And Snowden has the documents to prove it!

        But Jackie immediately jumped out of the car with Kennedy's DNA on her dress, so she could be quickly transported to Area 51, where Wernher von Braun (Eva's brother) was filming the trips to the moon with Stanley Kubrick, and other Operation Paperclip scientists, who combined JFK's DNA with Martin Luther King's DNA to create Barack Obama, so he really is American, even though he doesn't have a birth certificate, because both his fathers were American (Chew on that, Fox News!), and Stanley Kubrick was so impressed with what was going on in the German test tubes, that he filmed Obama's birth and used it in 2001 for that last scene in the film that nobody understands, but the CIA wanted to cover up his suicide, because they were afraid of looking weak to the Russians, so they pumped Hunter S. Thompson full of LSD, mushrooms, and gave him a case of Jack Daniel's to take the edge of a bit, and then he ranted and raged out loud, while the NSA wrote all the crazy conspiracy theories down, so they could leak them to the public over the years, so the public would be distracted from the NSA and CIA's really evil long term plans for subverting control of the government of the USA . . .

        . . . and it all would have worked, if it wasn't for that meddling Snowden!

        . . . Snowden, and the three secret holders of the secret decoder ring, who will reveal the secrets if Putin gets bored of Snowden, which he won't, because he likes sticking a weed up the US governments ass, and he is also afraid that Snowden's Secret Stash contains information about what (and who!) he was doing in East Berlin, while supposedly working for the KGB, but was really a tool of OPEC and de Beer's controlling the USSR's diamond and oil reserves, oh, and nickel, Russia has that, too, just like Canada, where aliens landed a spacecraft built of it in Sudbury, Ontario, just like the spaceship that crashed in Siberia, but was never found, because the Russians hid it to keep the nickel for themselves, and are currently testing the alien space technology on the International Space Station, where secret scientists are also working on . . .

    • Re:The real news (Score:5, Insightful)

      by bob_super (3391281) on Tuesday November 26, 2013 @09:18PM (#45533767)

      "If you don't have anything to hide, why would you worry?"

      • by Jeremiah Cornelius (137) on Tuesday November 26, 2013 @09:35PM (#45533895) Homepage Journal

        Join us in our traditional gathering around the samovar, for a Christmas presentation of what's surely to become an RT classic:

        "Snowed In with Snowden". Edward Snowden invites various RT holiday gusts, for the cheer of the season, in the shadow of St. Basil's. The laughs begin, as Max Kaiser drops by with a little flask of "holiday cheer" - and some very special "snow" of his own. Then, we solemnize with George Galloway and Ken Livingston, who join Ed for a haunting rendition (did we just use that word?) of "Rudolph, The Red Nosed Reindeer". But hang tight on the presents! Orthodox Chrismas in't til January, innit?

        Well, happy Feast of Epiphany, in any matter. Stay tuned!

      • Re:The real news (Score:4, Insightful)

        by dlt074 (548126) on Wednesday November 27, 2013 @11:26AM (#45538471)

        if the things that have already been revealed haven't caused any issues for this administration, what at this point possibly could?

        nothing sticks to these guys. they are above the law.

    • Let's see (Score:3, Insightful)

      by StevenMaurer (115071)
      • The names of informants in foreign governments - especially dictatorships like North Korea.
      • Specific individuals that we know are terrorists, and who the U.S. is tracking right now (hoping to catch bigger fish).
      • Technologies now considered "safe" for foreign spies, terrorists, and criminals to use - but have actually been hacked.
      • Profound vulnerabilities in our embassy/military-base defenses that penetration testing found but are too expensive to fix.
      • Anything that would otherwise cause people to die.

      There ar

      • Mod this up. The Snowden leaks have revealed some morally and legally questionable behavior by the US government, but there are some things that would be best to keep secret that actually are in the best interest of everyone in the world. For example, if the NSA knows how to cryptoanalyze AES or PGP, the methods used getting into the hands of criminals would be bad for everyone.
        • Re:Let's see (Score:5, Interesting)

          by vux984 (928602) on Tuesday November 26, 2013 @09:39PM (#45533919)

          For example, if the NSA knows how to cryptoanalyze AES or PGP, the methods used getting into the hands of criminals would be bad for everyone.

          Unless someone within the NSA realized there was a billion dollar payday if he sold those methods to certain criminals or countries.

          In which case the public isn't safe and doesn't know it.

          That's even worse.

          Some things should be secret from the public, nuclear launch codes, names of spies, etc... but interent security affects all of us, and its not making anybody safer to try and hide a vulnerability there.

          The NSA isn't magic. If the NSA can break AES, then anyone else might figure it out too.

          • Re:Let's see (Score:5, Insightful)

            by Shakrai (717556) * on Tuesday November 26, 2013 @10:13PM (#45534175) Journal

            If the NSA can break AES, then anyone else might figure it out too.

            One of the NSA's mandates is to secure American communications. They have certified AES as being sufficient for Federal agencies to use to secure classified information, and even Top Secret classified information with large enough (192 or 256 bit) keys. This suggests one of two things:

            1. They're smart enough to break AES, but stupid enough to think nobody else can.
            2. The best cryptographers in the United States of America believe AES to be secure.

            Common sense says it's #2. Could the best American cryptographers have it completely wrong, and we'll find out when the next Pearl Harbor happens? Certainly. Is it a conspiracy where they know it's weak and are keeping it so in order to read your e-mail? Not bloody likely.

            • Re:Let's see (Score:5, Insightful)

              by Serious Callers Only (1022605) on Wednesday November 27, 2013 @01:52AM (#45535333)

              The NSA subverted American communications deliberately, and have introduced vulnerabilities into encryption via NIST. AES may or may not have been broken or subverted, but yes they are that stupid:

              https://www.net-security.org/secworld.php?id=15531 [net-security.org]

              Given that one of their other mandates is not to lie to congress, to abide by the rulings of the FISA court, and not to spy on Americans (all of which they have breached), I think you can assume that they don't care what their legal restrictions are and do not respect them.

          • > That's even worse

            Yes... and no.

            If you're a government espionage agency or military and use AES believing it's ironclad & bulletproof... but it isn't... and your enemies know it... it's unfathomably bad.

            If you're a bank using AES to encrypt and sign financial transactions, it doesn't really MATTER whether or not AES has some horrible vulnerability that the CIA, NSA, and their counterparts in China and Russia have all completely pwn3d, as long as it remains effective against organized crime syndicate

            • by compro01 (777531)

              it doesn't really MATTER whether or not AES has some horrible vulnerability that the CIA, NSA, and their counterparts in China and Russia have all completely pwn3d, as long as it remains effective against organized crime syndicates

              Right. Because it's utterly unheard of for former intelligence agency personnel to go work for organized crime.

      • Re:Let's see (Score:5, Insightful)

        by jonwil (467024) on Tuesday November 26, 2013 @09:37PM (#45533907)

        As a geek, a software developer and a security guy with a library of Schneier books on his bookshelf, I personally think that a list of "Technologies now considered "safe" for foreign spies, terrorists, and criminals to use - but have actually been hacked" is EXACTLY the sort of thing someone like Snowden should be leaking.

        Deliberately making widely-used things less secure in order to catch bad guys (including withholding exploit information that could be used to make things more secure) is NOT something the good guys should be engaging in. (and yes I still consider the US, UK and Australia as "good guys")

        • by femtobyte (710429)

          Unfortunately, that type of useful info probably wouldn't be on the wider "track your ex-wife" computer network for casual mass privacy invasion that Snowden had access to. If the NSA has some serious "break GPG" level cracks, those are probably deeply buried in some vault for which Snowden would not be able to find the name of the person who knows the person who knows the person with the access code.

          The NSA was certainly sloppy with security on the info available on Snowden's network; however, remember thi

        • by jafac (1449)

          y'all know he means: 'Tor'.

      • by z0idberg (888892)

        They are good examples of material that the NSA would legitimately not want getting out into the wild. The release of that type of information would indeed be detrimental to the safety and security of the USA as a whole.

        But it is not the type of information that Snowden has released so far though. The releases so far have revealed the NSA to be up to some pretty nasty shit so I am not inclined to give them the benefit of the doubt that he only has information that would hurt the USA left. It will almost cer

        • by rtb61 (674572)

          It is well the NSA are really deeply into monitoring and decoding signals from unknown sources, now what could be more fun then 'Alien' sigint ;).

          As for bad secrets the obvious comes to mind, how closely where US Security Companies involved in enabling and keeping secret security breaches in other countries security networks. This would be really bad, as employees of the companies in other countries, especially senior management would become subject to prosecution and imprisonment for computer crimes, th

      • Specific individuals that we know are terrorists, and who the U.S. is tracking right now...

        The real scenario is much more juicier ...

        "Specific individuals that are influential in various terrorist organizations that are currently working for the US government and its allies (including Qatar/Saudis/Turkey), and are taking orders from the US government in launching various (minor) Jihadist strikes against the Western / Christian interests in far flung places to keep the FEAR FACTOR alive"

      • Re:Let's see (Score:4, Insightful)

        by ebno-10db (1459097) on Tuesday November 26, 2013 @10:14PM (#45534187)

        There are a lot of things, actually. None of them have to do with anyone's personal porn stash, or the fever-dreams of people who hate the U.S.

        In which case the NSA is grossly incompetent, or to use plainer language, stupid, for pissing on the 4th Amendment and monitoring every American. Maybe they should stick to the important stuff. If they hadn't been unconstitutionally monitoring every American, would Snowden have done what he did? Personally it doesn't bother me if the NSA looks up Merkel's ass every time she takes a dump. If they don't do that with Kim Jong-un, I'd like to know why. But monitoring every American? That's a whole 'nother story, and a good reason for what Snowden did. If they'd stuck to what's important, useful and Constitutional, they wouldn't have this problem. Snowden is a patriot, not a traitor.

      • by real gumby (11516)

        That's an interesting list, and it's my understanding that nothing he's released so far has included the names of double agents or others who could be killed, and little to none of the oner stuff on your list either.

        Which just further supports the argument that he's a good guy, as if anyone on /. didn't already believe that.

    • by gmuslera (3436)
      Probably could be read as "If you think all that was disclosed so far was bad, it was nothing compared withl the rest". To put it into the doomsday umbrella seem to give the hint that what remains is orders worse, something that could imply people finally doing something against the government in US, breaking of commercial treaties, penalties in international courts, attacks/closing embassies or even war. And if anything of this happens won't be Snowden fault, but US one.
  • Lovely (Score:4, Funny)

    by lesincompetent (2836253) on Tuesday November 26, 2013 @09:07PM (#45533667)
    Make them squirm.
    • Re: (Score:2, Insightful)

      by Shakrai (717556) *

      I have mixed feelings about Mr. Snowden..... his disclosures of NSA's domestic activities may have been legitimate, but I have yet to hear a good justification for his leaks about NSA's foreign operations. I know a lot of people are expressing shock about NSA's overseas SIGINT activities, but they aren't doing anything that every other country isn't trying to do to the United States, and none of their actions came as a surprise to any serious student of geopolitics. Every disclosure that he has made on th

      • Re:Lovely (Score:4, Insightful)

        by Jane Q. Public (1010737) on Tuesday November 26, 2013 @10:27PM (#45534261)

        "Every disclosure that he has made on this subject has inflicted serious blow-back to US foreign policy, and I don't recall him being one of the choices on 6 Nov 2012, when I had my say regarding the selection of the person that was to set American foreign policy for the next four years. "

        This is a disingenuous argument if I ever saw one. These were the policies of George H.W. Bush, and they have been made even more the policies of Barack Obama. You have absolutely no evidence that Romney would have changed these policies.

        I might buy this argument if you'd voted for a Libertarian candidate, but Paul was taken off the table, and though it's possible, it's not likely you voted for Johnson.

      • Re:Lovely (Score:5, Informative)

        by Uberbah (647458) on Tuesday November 26, 2013 @10:41PM (#45534337)

        but I have yet to hear a good justification for his leaks about NSA's foreign operations

        Do you have a justification for trying to spy on every person on the planet? Do you have a justification for a system that's more about corporate espionage than stopping terrorism? Do you have a justification for tut-tutting Snowden's revelations when the USG flippantly stated that it was listening in on Al Queda conference calls - about the most valuable counter-intelligence secret you could name?

        but they aren't doing anything that every other country isn't trying to do to the United States

        But this is a bullshit talking point, always has been always will be. It ignores the depth and pervasiveness of the NSA programs, the disparity in capability, and the geographical isolation of the U.S. from the rest of the world. You wouldn't say that Angola has a military, so it's equal in capability to the U.S. military, would you? Then why are you guys doing this with the NSA programs?

      • I know a lot of people are expressing shock about NSA's overseas SIGINT activities

        I'd only be shocked (and upset) if they weren't spying on foreign governments, etc. Germany? Why not. Spying on the average Joe (Fritz, whatever) is another story, though I'm less concerned about it than spying on US citizens, since the US government has much less ability to harm German citizens than US citizens.

        Every disclosure that he has made on this subject has inflicted serious blow-back to US foreign policy

        Every disclosure that he has made on this subject has resulted in serious kabuki. As you point out, you'd have to be naive to think this wasn't happening, so how much will it actually affect foreign

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Make them squirm.

      Does a possible BS or shear stupidity problem exists? The NSA has a dilemma: It doesn't want the important information known, but killing him activates this knowledge. However, now people against the NSA have an incentive to kill him, to find out what is so important. So, is the NSA's job now to stop these people to keep him alive?

  • by mariox19 (632969) on Tuesday November 26, 2013 @09:09PM (#45533687)

    Bruce Schneier commented on this a while back: [schneier.com]

    I'm not sure he's thought this through, though. I would be more worried that someone would kill me in order to get the documents released than I would be that someone would kill me to prevent the documents from being released. Any real-world situation involves multiple adversaries, and it's important to keep all of them in mind when designing a security system.

    I'm not sure what Snowden's alternative is, but a doomsday switch isn't exactly foolproof.

    • by Anonymous Coward on Tuesday November 26, 2013 @09:17PM (#45533753)
      Of course, the whole point of a Doomsday Machine is lost, if you *keep* it a *secret*! Why didn't you tell the world, EH?
      • It was to be announced at the Party Congress on Monday. As you know, Snowden loves surprises.
      • by quantaman (517394)

        That might actually be a good point.

        By having the secrets he's playing a very dangerous game, the safest course of action is to simply stop playing, release or destroy everything you have, tell everyone it's all gone, and now you're safely irrelevant.

        Of course this still leaves you vulnerable to an Litvinenko [wikipedia.org] style reprisal assassination.

        The other play might be to hint you have a Doomsday Machine, but not actually confirm it. Claim it exists, but then make weird statements like saying the passwords "are val

        • by mysidia (191772)

          And the people who do want it to go off, well you might be bluffing, and no one wants to get caught having assassinated someone over a bluff.

          There is another approach.... start detaining or "making disappear"; everyone Snowden had contact with; all his potential friends or accomplices / other people he is known to have dealt with --- and interrogate them all deeply, until someone reveals information about this doomesday system.

          If indeed the password is only valid during limited times each day --

          • by quantaman (517394)

            And the people who do want it to go off, well you might be bluffing, and no one wants to get caught having assassinated someone over a bluff.

            There is another approach.... start detaining or "making disappear"; everyone Snowden had contact with;
            all his potential friends or accomplices / other people he is known to have dealt with --- and interrogate them all deeply, until someone reveals information about this doomesday system.

            If indeed the password is only valid during limited times each day ---- that suggests some online computer systems to be taken down in a mysterious outage.

            If it was Soviet Russia sure, but the whole point of this is that governments were being embarrassed by having their dirty secrets exposed. Look at all the uproar over Glenn Greenwald's husband being detained at Heathrow. Can you imagine if Snowden's friends and associates started receiving threatening visits with government agents? If anyone is going to go after Snowden they're either going to be very very quiet, or very very anonymous.

            • by mysidia (191772)

              Can you imagine if Snowden's friends and associates started receiving threatening visits with government agents? If anyone is going to go after Snowden they're either going to be very very quiet, or very very anonymous.

              "Threatening visits" would indeed cause problems. By detain; I meant detain, as in "make quietly disappear", at least for a while.

              After some polygraphs, and a few interrogation sessions cleared them, they should be free to go, after swearing an oath, and signing a document, agreei

    • by sg_oneill (159032)

      Indeed, and personally I'd rather take my chances with the CIA than russia's CIS. Those polonium umbrellas ought give anyone pause.

    • Very interesting... so now U.S. is afraid to kill him, but Russia/China/Iran have something to gain by killing him.

      His only choice now is to put himself completely at Putin's mercy, give the Russians everything he's got that he hasn't released yet, seek KGB protection, and find a nice Russian gal to settle down with for the rest of his life. Oh and deactivate the doomsday switch so the Chinese don't have an incentive to kill him anymore.

  • I don't want Snowden captured, but I do want to see this cache very, very badly.
  • by Arancaytar (966377) <arancaytar.ilyaran@gmail.com> on Tuesday November 26, 2013 @09:15PM (#45533727) Homepage

    How would that even work? Is there a central server that keeps the data and decides what time it is? That sure sounds safe.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      There is likely a key on a tor server that can only be retrieved at certain times.

      More importantly, WTF is the insurance files I'm seeding? FFS.

      • Or a hash of the quantised TOD of the hosting system is factored into the key derivation function.

        Why would anyone possibly think of doing it any other way? Sheesh!

  • JFK? Gorbachev and Berlin wall? 9/11? Irak & MDW? ...
    • Let's say, for an extreme example, that it is indeed facts about cover-ups like 9/11 or JFK. If Snowden knows it, and keeps it a secret, isn't he doing the same thing that the NSA is doing? It seems like it's possible that the public is being used here, by both sides.
  • Brief time window? (Score:2, Interesting)

    by Adrian Lopez (2615)

    "The passwords ... are valid for only a brief time window each day, they said."

    How does that work?

    • Re: (Score:2, Funny)

      by Anonymous Coward

      #!/bin/bash

      nc -lp 31337 | while read key
      do
      if [ `date` 9am -or 9pm `date` ]
      then
      echo "skipping key read because the world is sleeping and no one would notice a massive release of information at this time..."
      else
      if [ "$key" == "zomgztheygotme!" ]
      then

    • by dnavid (2842431) on Tuesday November 26, 2013 @09:43PM (#45533937)

      "The passwords ... are valid for only a brief time window each day, they said."

      How does that work?

      There's no literal way for that to work, but there are ways to protect sensitive data in a way that could be described in that way.

      One way I can think of is to get someone I know to buy something like an Amazon instance in a way that isn't traceable to me. Then I upload my data in an encrypted fashion into the instance. Then I give a set of people different passwords to log into the virtual machine running in that instance. Then I set the instance to power on in a scheduled manner so that the instance is only accessible at certain moments in time known to the people I give the passwords to. At all other times the instance is powered off and the people with the passwords to it do not have any knowledge of how to manage the instance itself directly. Thus, the people I designate as trustees for the data only have access at certain times. On top of that, they could have different segments of a key-split so that to actually access the data requires at least two different people logging into the instance and providing their keys, or alternatively one person logging in and providing two different key segments.

      Why you might do something like this is to try to minimize the availability of the data from being discovered or cracked. Most of the time, the data isn't on a system that is in any real way accessible from the internet. Furthermore, it also makes it less expensive to create multiple data caches in the cloud because the cost of running the systems would be very low, since they would not be running most of the time.

      • by VortexCortex (1117377) <`VortexCortex' ` ... -retrograde.com'> on Wednesday November 27, 2013 @07:21AM (#45536549) Homepage

        There's no literal way for that to work,

        So, theres a server you input the password into. The login page or client connection port is only available at certain times. Once all the right passwords have been input by everyone it decrypts and displays the password to decrypt some torrent that's floating around the net -- Maybe posts it to facebook and twitter, pastebin, 4chan, et al.

        I can think of about 20 other ways to time limit a password, but this seems feasible. There's no way to know which server or wordpress blog has the additional capabilities added to it -- This would be important because you would want it to be an action the individuals usually make (login to their blog, etc) but this time using the special password. Break the 4096 bit key into multiple parts and give it to folks so the decryption key's not on the server.

        Why even time limit it though? A lot of people are wrongheadedly forgetting part of the equation that a good security researcher would not: The people part. The time limit isn't for security in the cryptographic sense. It's to synchronize the human input to the equation and reduce the window of time between when the first suspected keyholder performs their part in the unlock procedure and when the payload is deployed.

    • by c0lo (1497653)

      "The passwords ... are valid for only a brief time window each day, they said."

      How does that work?

      The archer casts his arrow at dawn [tvtropes.org] (or something on this line)

      (grin)

    • Everyone's daily schedules only align for a little while each day, in a reliable way?
    • by weilawei (897823) on Tuesday November 26, 2013 @10:49PM (#45534401) Homepage
      An alternative construction is possible. You construct a clueless agent [schneier.com]. It reads the current time, fills the MSBs and LSBs with 0s to select for time range, possibly with logical shift right, then performs: hash(hash(truncated_time)) XOR hash(hash(given_password)), checks against its internal value (same construct), and uses hash(truncated_time) XOR hash(given_password) as the actual decryption password. This sort of thing is trivial to implement (and has been implemented).

      From an attacker's point of view. Suppose you now slice the time of day up into a short list of fragments you can hash. Now you have a list of hash(hash(truncated_time)) and potentially hash(hash(truncated_time)) XOR hash(hash(given_password)). You XOR each of your truncated time constructions to yield a list of hash(hash(given_password)), and you're back at the original clueless agent problem.
  • by csumpi (2258986) on Tuesday November 26, 2013 @09:19PM (#45533777)
    What does that even mean? He re-encrypts it every 4 hours and emails out the passwords and the file? This is either super spy sheit, or just plain bull sheit.
    • by dmbasso (1052166)

      Perhaps the data are only accessible online, and the server expects a key formed by their secret hashed together with the period of the day... nothing too difficult to code, but doesn't sound very fault tolerant. Hopefully he made several servers available.

  • by femtobyte (710429) on Tuesday November 26, 2013 @09:25PM (#45533825)

    Why would the US government intentionally indicate that they believe such a thing? What this accomplishes is to encourage anyone who wants to hurt the US to kill Snowden (forcing the release of the supposed super-damaging materials). If that's the message the US propaganda spooks want everyone to hear, then you should be looking for ulterior motives. I'd guess there isn't anything so terribly damaging (that can't be whitewashed away as well as the rest of the stuff has been) that would really be "doomsday" for the US.

    Rather than having everything eventually trickle out over several years, well-times to keep the media pressure against the US surveillance state, I suspect it would be preferable to the NSA and friends if Snowden were forced to dump everything all at once (perhaps by being killed). Everything's going to come out eventually --- by having it all in one heap, the total impact on public perceptions (what really matters here) is reduced: one quick spike in media attention and outrage, then it's all "old news" and there's no time for serious public analysis of the implications of each individual revelation.

    Snowden and friends of democracy and freedom have an advantage by controlling the gradual release of information --- otherwise, they'd have dumped it all already. Forcing everything out at once (by encouraging every dumber enemy of the US to try assassinating Snowden) would help the PR effort to quickly wash this whole mess away from public attention. It would sure make it easier for the US officials to keep their lies straight, if everything they were lying to refute was already available.

  • by Nyder (754090) on Tuesday November 26, 2013 @09:30PM (#45533863) Journal

    if they are fearing what he hasn't released yet.

    They know what they did was wrong, and apparently have done even worse stuff.

    Time for a change in Government.

    • As long as it exposes who killed JFK, and exposes how to exploit the rigged forex market in order to make millions in a week, I'd be all for it.
      • As long as it exposes who killed JFK

        Terrible idea. There is an entire cottage industry devoted to arguing about that. Many books are sold. Considering how bad the economy still is, why would you want to destroy another part of it?

    • Time for a change in Government.

      If you mean changing what political party is in charge right now, that won't make any difference at all. Probably even changing the system of government wouldn't do it.

      The problem is the intelligence agencies. It would take completely disbanding them and seeing to it that none of the people currently involved can ever be part of the new ones or make any other kind of trouble.

    • if they are fearing what he hasn't released yet.

      They know what they did was wrong, and apparently have done even worse stuff.

      Time for a change in Government.

      What, and give up all this hope and change?

  • too bad. (Score:5, Insightful)

    by larry bagina (561269) on Tuesday November 26, 2013 @09:48PM (#45533975) Journal

    They should fear the Constitution and not do this shit in the first place.

    Didn't they say you only need privacy if you've got something to hide?

  • by fuzzyfuzzyfungus (1223518) on Tuesday November 26, 2013 @10:00PM (#45534065) Journal
    So, either Irresponsible Terrorist Ruskie Collaborator Snowden is (in fact) concealing numerous US secrets that aren't directly related to what he was planning to blow the whistle on, or the feds are freaking out over nothing. Well, what's it going to be? (Perhaps more realistically: If you were some sort of undercover fed, whose continued freedom and/or life depended on the silence of the feds, would you be comfortable now? Mr. Snowden, to his credit, appears to be trying to minimize the casualties associated with his whistle-blowing; but will you be so lucky next time? A single screwdriver-monkey contractor, not even a full NSA agent, punked the shit out of the agency. Do you think that some poor sucker with nothing but patriotism motivating him is the only clandestine operative in the agency? That there isn't a single other leaker in the, apparently porous, organization? Nobody infiltrating with an actual payoff awaiting him? You sure about that?)

    Have a nice day.
  • by AndyCanfield (700565) <andycanfield@@@yandex...com> on Tuesday November 26, 2013 @10:35PM (#45534301) Homepage

    I've also heard, don't remember where, that it is one big file and there are copies all over the world transported via Bit Torrent and the like. You know were and anyone can grab a copy of the encrypted archive.

    I've also heard that the documents in that archive are originals, not redacted. The original would say something like "CIA Agent John Belushi did such-and-such." The redacted version, when released by Edward Snowden, reads "CIA Agent (name removed) did such and such." If they kill Snowden, the archive opens everywhere. Not only are secrets revealed, but names of agents are revealed, so those spies will be killed, perhaps by terrorists, perhaps by outraged neighbors.

    A spy with any brains wants that archive to remain encrypted, so he wants Edward Snowden to live in peace in Moscow.

  • by PPH (736903) on Tuesday November 26, 2013 @11:16PM (#45534545)

    Why?

    The NSA already knows what is in these documents. The documents are theirs. Who would Snowden be hiding them from and why the sophistication?

    Hide them just out of plain sight, so to speak. And when some accident should befall Snowden, the cron job times out and an e-mail with location and simple decryption instructions goes out to the world. Or the simple key is split between a large group of people in such a way that a small subset of them is all that's needed to open the vault, so to speak.

    Snowden isn't hiding anything from the NSA that they don't already know. All he needs to do is to keep one of his aids from 'turning the nuclear key' on his own.

  • Sure (Score:5, Interesting)

    by argStyopa (232550) on Tuesday November 26, 2013 @11:45PM (#45534727) Journal

    That is why I've said from the beginning that, if only for PR purposes, the US is most likely working the hardest to KEEP HIM ALIVE.

    Because Mahmoud Ahmadinejad HIMSELF could walk up and knife Snowden, and it would be blamed entirely on the US.

  • by 3seas (184403) on Wednesday November 27, 2013 @03:59AM (#45535839) Journal

    ..... the ironic war.

Help me, I'm a prisoner in a Fortune cookie file!

Working...