When former NSA contractor Edward Snowden was looking to communicate with people to help expose what he saw as inappropriate online surveillance by the U.S. intelligence community, he knew regular email wasn’t a safe vehicle.
How he safely hooked up with columnist Glenn Greenwald, who broke the story in the Guardian is itself a fascinating story which has been described by Micah Lee, at the time a staff technologist for the Electronic Frontier Foundation and chief technology officer of the Freedom of the Press Foundation, who acted as a middleman getting them both acquainted with the latest in privacy technology.
It’s a story that CSOs can use to learn about how attackers communicate as well as crusaders.
Lee and Greenwald are now colleagues at The Intercept, a Web site which is dedicated to news about surveillance and privacy. But in this lengthy piece Lee describes how a request from an unknown person (Snowden) for the public email encryption key of a documentary filmmaker who knew Greenwald so he could message the journalist led to him playing a small but important role in the expose.
It involves GPG, PGP, OTR, anonymous email accounts, Twitter, Tails and a USB key sent in the mail.
“The Internet is enjoying a renaissance of security research to try to fix the major technical holes spy agencies have been exploiting for over a decade, and companies are demanding the right to protect the privacy of their users and to challenge gag orders,” writes Lee. Lawsuits against NSA are finally moving through the courts, when before they were stalled.”
His part in that makes a good read.