Snowden taught others to use encryption while preparing to disclose NSA secrets


Edward Snowden spoke via videoconference to the SXSW Music, Film + Interactive Festival at the Austin (Texas) Convention Center in March. (Michael Buckner/Getty Images for SXSW)

Since leaking details of National Security Agency spying programs, Edward Snowden has become a big proponent of using technology to keep prying eyes away from sensitive online interactions.

In January, Snowden joined the board of the Freedom of the Press Foundation, which is raising funds for the development and support of encryption tools for journalists. He told attendees of the SXSW Interactive Festival in Austin in March that there should be a technical response to government spying programs.  "It is the development community that can really craft the solutions and make sure we are safe," he said.

But Snowden's interest in preserving online privacy appears to predate his disclosure of NSA spying activities. Less than two years ago he helped organize an event to teach encryption best practices in Hawaii at about the same time as he was reaching out to journalists with information about NSA programs, according to another presenter at the event, Runa Sandvik.  The Hawaii event was first confirmed by Kevin Poulsen at Wired, who serves on the technical advisory board of the Freedom of the Press Foundation with Sandvik. 

Sandvik, who was then working on the Tor Project supporting its anonymous browsing tool, says she presented at a CryptoParty organized by Snowden in December 2012. (CryptoParties are social gatherings dedicated to sharing techniques and tools for preserving online privacy. They originated in 2011 by a Melbourne-based activist who goes by the name Asher Wolf; since then, more than 1,000 such events have been held.)

The Hawaii event came about when Snowden e-mailed Sandvik that November asking if she could send him some Tor stickers, said Sandvik, who is now a technologist with the Center for Democracy and Technology. When she realized the stickers were for an event being organized in Hawaii, Sandvik said, she told Snowden she would be visiting the island for vacation and offered to do a presentation.

Snowden handled the logistics for the Dec. 11, 2012, event, including booking time at a local hacker space called HI Capacity, Sandvik said. She said that she and Snowden were the only presenters and that Snowden's girlfriend took video of the event but that the video does not appear to have been posted online.

If it had been posted, the video would have shown about 20 attendees learning how to use the Tor browser bundle and how to protect their e-mail with encryption.

"He was clearly very skilled," Sandvik said of Snowden's presentations, noting that he was familiar with the tools and very "interested in helping people in his local community understand the importance of using them." But she said it was unclear how involved Snowden was in the local hacker community.

"I'm not sure how well he knew everyone else, or if it was the first time he met them just because I was in town and wanted to give a talk."

Attempts to reach Snowden, who is living under temporary asylum in Russia, through his legal team for comment were unsuccessful.

But there is a trail of digital evidence that backs up Sandvik's tale -- starting with the e-mail Sandvik said Snowden used to contact her: "cincinnatus@lavabit.com."  In his recent memoir, journalist Glenn Greenwald said Snowden used that e-mail address to contact him. He wrote that the first e-mail from Snowden as Cincinnatus was sent on Dec. 1, 2012. Other reports link Snowden to Lavabit, an anonymous e-mail service whose founder shut down the company shortly after the Snowden leaks last year in response to a government data request that the firm said effectively forced it to turn over the private data of all its users.

The cincinnatus@lavabit.com e-mail also shows up in connection with an archived listing for the CryptoParty, with Cincinnatus listed as helping with training for the Tor anonymous browsing tool and setting up public key encryption.

Greenwald did not respond to a request for comment.

While he was concerned with security, Snowden himself appeared certain that his own identity would be discovered once the information he shared became public. "You can’t protect the source,” he wrote The Washington Post's Barton Gellman in the weeks leading up to the publication of the first news story related to his documents. Later  he said, "There’s no saving me."

In a later interview with Greenwald, Snowden said he felt an obligation to go public with his identity after the leaks. "I think that the public is owed an explanation of the motivations behind the people who make these disclosures that are outside of the democratic model," Snowden said. "When you are subverting the power of government, that's a fundamentally dangerous thing to democracy and if you do that in secret consistently as the government does when it wants to benefit from a secret action that it took. "

Kevin Gallagher, a Massachussetts activist and the director of Free Barrett Brown as well as a system administrator and Web developer for the Freedom of the Press Foundation, first wrote about the apparent connection between Snowden and the CryptoParty on his personal Web site last week. Gallagher was a presenter at a Boston CryptoParty over the weekend.

"I've been involved with CryptoParty pretty much since it started here in Massachussetts," he told The Post. "The problem is that these tools are not usable for the average person, so we need technical people who can teach those who actually need them -- like journalists, activists and lawyers."

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government.
Comments
Show Comments
Most Read Business
Next Story
Andrea Peterson · May 21