Print Awardee Byline with airSlate SignNow

Print awardee byline

this is twist let's get to it started on Monday online magazine the intercepts posted a scoop about a cyber attack by Russian military intelligence on the our systems are the makers of electronic voting services and equipment whose products are used in eight states the report was based on a highly classified intelligence reports report that anonymous an anonymous source sent to the intercept however the intercept inadvertently outed its source joining us to talk about what went wrong is Patrick Tucker technology editor for defense one a site dedicated to news an analysis of US Defense welcome back to the show Patrick hey thanks for having me so how much do we know about how the intercepts source was outed well we don't know what ton most of the clues actually come in the form of the affidavit that Special Agent Justin Garrick filed the arrest warrant request basically for the defendant in this case who has this incredible name winning of reality winning it says you can make it up and but somebody did and they named that person net which is also sort of awesome in a way winner excuse me reality winner so in the in the affidavit which is importantly dated before the actual article shows up online on the intercept it's dated June 3rd the intercept talks a little bit about what they did when they receive this anonymous dump they wanted to verify it and so it looks like happened is one of the reporters whose byline is exist on the actual article since that to the NSA the NSA according to their intercepts reporting as for some redaction so they went to blot some stuff out they also asked them not to publish the entire thing and when the Internet intercept said that they're going to publish it then the NSA asked for some reductions they block some things out probably not as much as the image they wanted a block out a little bit more than the intercept one of the block out but in sharing that information the actual scale and of the leaked information with the NSA the belief by many right now is that that's what actually tipped them off as to the actual copier that produced the documents in question and the printer so that's that's one theory another one is is just that the right now the intelligence community and anybody that does any contracting work with the intelligence community is constantly subject to what's called continuous evaluation so that's a part of an executive order that obama president obama signed in 2011 long before Edward Snowden it was actually kind of in response to Ben Bradley now Chelsea Manning's leak so it's executive order 13502 Evan and it mandates that the entire intelligence community set up a big insider threat task force and as one of the steps that the test course had to undertake was rolling out first within the intelligence community and then within the Defense Department as a whole and then pretty much anybody that does any contracting with them a way to continuously evaluate anybody that has access to top-secret information to see if they're emerging as an insider threat the bottom line is there's lots of different ways that the NSA or the FBI could have deduced that this is the person that leaked this stuff to the intercept but if you look at the actual affidavit what Garrick makes clear is that he called winter after she had given this stuff to the intercept but before the intercept published it and they had a conversation where according to Garrick she basically confesses everything and so I'm not sure how the intercept wouldn't have known that but again it was a kind of anonymous leak that was given to them either way it looks like that by giving that information to the NSA to bet that it was accurate to bet that the NSA had actually lost something of value they inadvertently either informed the authorities that winner had used a very particular printer or just added one extra clue that they needed to really develop a full picture of what she had done but the how they go about figuring out the actual printer on the basis of scanned pages that's what's really fascinating too if that's in fact what happened and we're not entirely sure but that's what a lot of folks are talking about today so is anyone faulting the intercept for sending it for vetting it with the NSA isn't that something that as a journalist you would need to do to confirm its accuracy yeah well you would want things you you would clearly want before a major outlet publishes an article saying this stuff was stolen from the NSA and here's what it says you would want them to verify to some extent that or at least reach out to the NSA for comment the question is whether or not the intercept as the kind of Cardinal online outlet of leaked information should have known that the material that they had in the way that they gave it to the NSA to verify rather than just the content actually showing them scanned pages that that posed a security risk for the leaker and whether or not that was the method that the FBI used to actually track down this winter the fact that they posted online by Tuesday morning everybody in his uncle had taken a look at the actual scanned pages and reached the same conclusion there's this process called steganography which is a term that refers to the hiding of pictures within pictures it's Greek it means covered stegun O's so stegosaurus is the dinosaur covered in plates steganography is to cover a picture with a picture so common types of modern laser printers in this in this case they think it was probably a Xerox what they do is if it's a color print out there's these little invisible to the naked eye dots occur in a matrix and that matrix depending on where those dots are it's kind of like old how would you put it like like those old plug in punch cards that people used to use as like data storage before they were actual like you know random access memory little punch card things and sort of looks like that you can with that know the actual serial number the actual time that a document was printed and that's all available in this particular document at Bayley's the one that the intercept actually published online so by the time you know Monday at 7 o'clock happened they have posted a series of documents that the entire world is looking at and buried in those documents is the model number number 54 the serial number which is a wrong seven digit serial number and the actual time of printing which was May 9 2017 6:20 p.m. all of that is available and that's pretty easy too it's pretty easy to take that information and then connect that to a particular person at a particular place using a particular printer to do something that they wouldn't normally do but also this isn't the sort of thing that the FBI or any insider threat detection task force would rely on solely there's also a lot of behavioral things you might look at there's also a lot of like personal life things you might look at insider threat detection is actually based around this idea of getting a really full view of someone's life and using that to anticipate behavior like the one like the behavior that you saw where they stole information and then they published it to the intercept which the NSA and the FBI argues a really hurt national security that's a little bit more debatable but you know we'll have that debate going forward yeah and it sounds like there were there were obviously multiple indicators also just the fact that the you know as as you said the dots in combination with the information that the NSA has on their end as far as who prints out what who has access to what document at what time at what point in a timeline did anyone print these documents they had a very small election from what I read of people who ever actually printed it out and only one person that actually had the intercept in their email role and that was of course of course the person who they arrested here their win yeah the winner the winner yeah for John although I'm pretty sure she would not consider herself a winner but they don't want to win what you win but yeah there were about six people that printed it out but the thing was that she did not have a need-to-know basis for printing out that document too so that's something that's actually in the affidavit is that she's a sort of unusual person to want to print that and that's one of the key insider threat indicators is attempting to access information that you wouldn't use as part of your job but something that now across the intelligence community and contractors they monitor really closely so the printer dots yeah is that all of our are we all being tracked by our printer dots because it's on a photo printer like my little printer at home or is this just NSA printers no it's a pretty common to modern printers this particular printer is not an unusual printer the Electronic Frontier Foundation has a running list of printers that they say don't have this feature and having said that the different deals that the National Security Agency reaches with different vendors are going to be kind of beyond the clear scope of all of us for a little while so that list might be not entirely correct either if you are worried about this if you're worried about what sort of weird little bits of metadata you're leaking through by posting colored printer pages online you can scan something in black and white or better yet just transfer the content manually by you know read creating the actual characters and type sheets somewhere else and so it doesn't look like the original document but all the original content is there and kind of ask everybody hey you have to trust me here I'm not going to go ahead and and we create this document even if I have scanned it in black and white even if I have printed it on a black and white printer to don't color print anything because that's going to be that's if you're using a laser color printer then it very well could have some steganographic content in it that you wouldn't be aware of and that you would never use it's also pretty common in money in actual currency and this is something that the one blog post that actually discovered this in early on that they are their connection that they made to John McAfee the sort of crazy cybersecurity researcher behind McAfee software and some of the kids strange adventures he was using bills that had these little tiny sort of almost invisible numbers in them that we now pranked into currency so that you can trace money which is also kind of weird when you think about it but you really have to commend the folks that that actually figured all of this out it's a great blog at a Radisson II run by two fellows Robert Graham and David Manor so you can you can check out what they discovered and put up kind of before a lot of other people did but you can also just check out the weird documents that the intercept posted and you can find the strange yellow dots in them if you look if you if you know how to look at them and at the errata blog they give you a little manual on how to do that you can go ahead and start printing stuff out on your own and see what your own dot matrix printer sells the world without you which is kind of a weird fun thing to do if you if you've got the time for it but it really just goes to this problem that's a very modern problem that's not going away and as we create little bits of information all the time in all of our interactions with little devices and we have only the vaguest sense of what they are but this is part of our communication with the world's just the aspect of it that we're unaware of and of course the intercept were was the same online magazine that contacted that got contacted by Edward Snowden and posted for all of his leaks but there wasn't I mean they did everything right on their side during those leaks or was it that he was more careful well it was it wasn't the intercept with him intercept wasn't founded yet but the founder of the intercept was Glenn Greenwald and green Greenwald was the guy that Edward Snowden contacted so the intercept was what when Greenwald did with all of his fame after he was Edward Snowden's guy and the entire premise the entire basis of the site and no folks that work there's some very good reporters some less good reporters but also some very good reporters that work there the entire premise of the site is we're the site you go to to leak your stuff we are the intercept so you know information that is passing from one place to another about the entire world that's a public value we are the place where that information gets intercepted so it is actually kind of mystifying bordering on inexcusable that they wouldn't know that this information is meta information we existed in the documents that they were throwing up online because regardless of what role that information played it in the actual arrest warrant it certainly did out this printer they certainly did give away a lot of information about their source that they didn't intend to is kind of a bush-league error and I don't know a lot of folks are sort of scratching their heads going come on intercept I mean how do you get this big scoop and blow it like this it's kind of nut so they might be the fall guy for this like you said she may have been arrested or you know caught before but they did do wrong as well yeah no this was an error this is a bush-league era twee but we have we're not going to be sure what role that actually played until there's some sort of trial and it becomes part of a public record because this is you know potentially sources and methods and the very least the FBI who are great at not talking is this isn't the sort of thing that they would necessarily reveal to the public how they went about deducing that this was the the person at some point when there is an actual trial or legal processes get underway beyond just the arrest warrants and then that stuff might come out and they might be a little bit more forthcoming with it now instead of the actual content of the dump is fascinating all of this information about how the Kremlin backpackers were targeting very specific vendors in very specific States the same spearfishing activity that you know we've been seeing in the United States aimed at the DNC also France also Montenegro Germany like this is this is a classic kind of Kremlin play and a lot of people were alarmed and very worried about the prospect that the Kremlin was going to attempt to change information contained in voter rolls not just steal information publish it online but manipulate it in a way that would undermine the voting process and there's some indication that events that were attempting to do that in this case and the arrest warrant makes clear that it's legitimate you know like this is a legitimate bunch of information that was taken from the NSA and given freely to the world and so it's probably accurate that's pretty jarring well Patrick thank you so much for explaining all of this it's fascinating and I hope it doesn't get buried under what you just mentioned the leak itself and what we can learn from that right about our election patrick tucker is the technology editor at defense one you can find his work at defense 1.com thanks so much for joining us thank you Patrick you