Review: No place to hide – Edward Snowden, the NSA, and the US surveillance state

Glenn Greenwald is the reporter who, along with Laura Poitras, broke Edward Snowden’s leaks about the NSA’s mass-surveillance program in 2013. In “No place to hide” Greenwald tells the story of how the leak happened, from the first contacts with Snowden to the aftermath in the next year. Greenwald also devotes a chapter to explaining why the ordinary person should care about mass government surveillance.

The big story is about the content of Snowden’s leaks, but the reader also gets to understand and appreciate Edward Snowden. Snowden’s motivations for putting his entire future at risk is probably the significant reveal of the book. Snowden has no significant character flaws that suggest that he might want to bring down the establishment. He is a person who might be considered to have a “decent middle-class” upbringing and was working highly-paid jobs when he stole the classified documents. He even created a manifesto that includes “While I pray that public awareness and debate will lead to reform, bear in mind that the policies of men change in time, and even the Constitution is subverted when the appetites of power demand it. In words from history: Let us speak no more of faith in man, but bind him down from mischief by the chains of cryptography.” – paraphrasing Thomas Jefferson who said “In questions of power then, let no more be heard of confidence in man, but bind him down from mischief by the chains of the Constitution.”

Many pages of the book are spent on the details, the illegality, the implications and the lack of necessity of the bulk data collection of the NSA. This data is collected from and shared with the partners in the five eyes: UK, Australia, New Zealand and Canada. Greenwald argues that targeted data collection of specific individuals is adequate and effective and that bulk data collection has been useless in preventing terrorist attacks. Also, despite the stated goal being terrorism prevention, surveillance has been put to use for economic and diplomatic advantage of the United States. This is precisely what the US has hypocritically asked China to stop doing. And “who watches the watchers?” The FISA court, created to oversee covert operations, is nothing more than a rubber stamp that has not denied a single surveillance request.

Most people who are habituated to living in the society where they think allowing the government to read their emails (or pancake recipes) is harmless. “I am too boring to be worth surveillance.” Greenwald has a reply to people holding these attitudes. He explains that most people who would do nothing to challenge the establishment would not feel threatened, but when something that the establishment prefers to keep hidden is in one’s possession, one becomes a target. This has nothing to do with threats to national security; just having opinions or publishing facts that disagree with the establishment can cause a person under such a government much difficulty. In a democracy the ability to criticise the establishment is a freedom that we have that is being eroded by having your privacy taken away from us. A response for the “boring” people who will never criticise the establishment: they will be impelled to change their normal behaviour if they felt that they were being watched. Our conversations and whom we talk to are being recorded. Does that not affect what we write about? Also: one closes one’s doors before having sex. This has nothing to do with sex being illegal or immoral and everything to do with humans needing privacy for some activities. We should expect privacy in what we write about in private communications.

The book’s last chapter describes how the American news media have become pliant – willing allies serving the needs of the political establishment instead of the public’s. It is a fascinating read and enlightens the reader to be more politically aware and aware of how precious one’s privacy is.

This book informs us that we need to take conscious political choices in order to protect personal privacy as a fundamental right. Snowden and other whistleblowers before and after him have faced prosecution from the “liberal” administration of Obama. The choice is between a world where no one has privacy and one where the NSA can abuse their surveillance powers at will. It is a must-read to understand the political and technological abuses of power that go on in our modern world and why conscious usage of technology such as encryption can be a political statement and not just a privacy tool.

On weakening encryption

It’s history time! While we are discussing Apple vs FBI and the ongoing legal battles over encryption, let’s consider how American politics have already prevented technology from being as good as it could be. Just a few decades ago, the internet came along and started improving the lives of a lot of people – mostly rich people in developed countries at first. Smart people were developing the technologies serving the internet as they went along. Encryption was among them. How could a person ensure that a communication over the internet would be accessible only to the intended recipient? Encryption was the answer. How could a person ensure that his credit card details transferred over the internet for a payment would not be stolen by someone? Encryption!

This is all very nice, but both the internet and encryption have strong links to the military. The precursor to the internet was ARPANET, a project by the US department of defense. Encryption was big during World War 2. Mathematicians worked in the United States and UK to break the code used in the German Enigma machines. This gave the Allies the ability to intercept German communications and it was essential in their establishment of military superiority leading to their victory in the war.

Perhaps due to its background, encryption was treated as a “munition” and the export of strong encryption from the US was severely restricted until the 1990s. This made it difficult for companies to provide secure services over the internet and – let us have no doubts about it – ordinary consumers failed to get the benefits of these protections until these restrictions were slowly eased during the nineties.

Lessons learned? Not yet. Politicians in the United States and UK, among others, continue to ask to make encryption and similar consumer protections weaker in order to carry out “law enforcement” and “anti-terrorism” activities. How far are they willing to harm their constituents in order to achieve the aim of law enforcement?

Here is one answer: A vulnerability called “DROWN” was discovered last week that makes it possible to intercept supposedly secure communications between your computer and 25% of servers (25% of HTTPS servers, to be precise.). That’s your credit card information, your personal details, your income tax information and your children’s birthdays that are being made available to criminals to exploit. As I type this, millions of IT departments will be working on patching and otherwise changing their systems to protect their companies and clients from the risk posed by this vulnerability. That will be millions of man-hours of work lost fixing a problem that should never have existed. Why did this happen? The researchers who discovered this vulnerability explicitly blame US government policies of the nineties for allowing this to happen.

“In the most general variant of DROWN, the attack exploits a fundamental weakness in the SSLv2 protocol that relates to export-grade cryptography that was introduced to comply with 1990s-era U.S. government restrictions.”

XKCD comic on encryption

Better cryptography was available at the time SSLv2 was invented. The US just refused to let people outside their country have it. Major US tech companies made unsecure products and distributed them everywhere (including in the USA). It is bizarre that this is putting people’s information at risk even today, in 2016. Now you know why (among other reasons) people in technology and security are backing Apple in the Apple vs. FBI case.