There’s a somewhat famous saying in tech support: “Your problem is in between the computer and the chair.”
There’s a similar problem in security, and it’s one that can confound even the most secure of systems deployments. You can spend millions on your systems deployment, and then be defeated by one guy not following policy.
The unclassified memo, which was sent to both the congressional intelligence and judiciary committees on February 10, states that Snowden once asked the person to log into their account on Snowden’s computer.
‘Unbeknownst to the civilian, Mr Snowden was able to capture the password, allowing him even greater access to classified information,’ the memo states according to NBC.This new report comes in contrast to what Snowden and some of his other former colleagues have described.
Snowden, whose days are numbered under his temporary asylum status in Russia, previously claimed that he never deceived colleagues or used their passwords without them knowing.
Most people couldn’t tell you the ins and outs of their company’s security policy. I’m sure the NSA’s is a bit more rigid than others. But really, these types of policies exist precisely to stop internal espionage. I can understand why the person above had his security clearance revoked (and subsequently resigned).
Mr. Snowden has severely damaged our US cyber security and cyber warfare capability. It seems to me the equivalent of grounding half of the US Air Force and expecting the force to continue its mission unabated. It mostly appears that the damage was self-inflicted, though… like convincing the Air Force to switch to unleaded.