Permanent Record(77)
As I narrowed down my list of potential partners, I realized I’d been going about this all wrong, or just wastefully. Instead of trying to select the journalists on my own, I should have been letting the system that I was trying to expose select them for me. My best partners, I decided, would be journalists whom the national security state had already targeted.
Laura Poitras I knew as a documentarian, primarily concerned with America’s post-9/11 foreign policy. Her film My Country, My Country depicted the 2005 Iraqi national elections that were conducted under (and frustrated by) the US occupation. She had also made The Program, about the NSA cryptanalyst William Binney—who had raised objections through proper channels about TRAILBLAZER, the predecessor of STELLARWIND, only to be accused of leaking classified information, subjected to repeated harassment, and arrested at gunpoint in his home, though never charged. Laura herself had been frequently harassed by the government because of her work, repeatedly detained and interrogated by border agents whenever she traveled in or out of the country.
Glenn Greenwald I knew as a civil liberties lawyer turned columnist, initially for Salon—where he was one of the few who wrote about the unclassified version of the NSA IG’s Report back in 2009—and later for the US edition of the Guardian. I liked him because he was skeptical and argumentative, the kind of man who’d fight with the devil, and when the devil wasn’t around fight with himself. Though Ewen MacAskill, of the British edition of the Guardian, and Bart Gellman of the Washington Post would later prove stalwart partners (and patient guides to the journalistic wilderness), I found my earliest affinity with Laura and Glenn, perhaps because they weren’t merely interested in reporting on the IC but had personal stakes in understanding the institution.
The only hitch was getting in touch.
Unable to reveal my true name, I contacted the journalists under a variety of identities, disposable masks worn for a time and then discarded. The first of these was “Cincinnatus,” after the legendary farmer who became a Roman consul and then voluntarily relinquished his power. That was followed by “Citizenfour,” a handle that some journalists took to mean that I considered myself the fourth dissident-employee in the NSA’s recent history, after Binney and his fellow TRAILBLAZER whistleblowers J. Kirk Wiebe and Ed Loomis—though the triumvirate I actually had in mind consisted of Thomas Drake, who disclosed the existence of TRAILBLAZER to journalists, and Daniel Ellsberg and Anthony Russo, whose disclosure of The Pentagon Papers helped expose the deceptions of the Vietnam War and bring it to an end. The final name I chose for my correspondence was “Verax,” Latin for “speaker of truth,” in the hopes of proposing an alternative to the model of a hacker called “Mendax” (“speaker of lies”)—the pseudonym of the young man who’d grow up to become WikiLeaks’ Julian Assange.
You can’t really appreciate how hard it is to stay anonymous online until you’ve tried to operate as if your life depended on it. Most of the communications systems set up in the IC have a single basic aim: the observer of a communication must not be able to discern the identities of those involved, or in any way attribute them to an agency. This is why the IC calls these exchanges “non-attributable.” The pre-Internet spycraft of anonymity is famous, mostly from TV and the movies: a safe-house address coded in bathroom-stall graffiti, for instance, or scrambled into the abbreviations of a classified ad. Or think of the Cold War’s “dead drops,” the chalk marks on mailboxes signaling that a secret package was waiting inside a particular hollowed-out tree in a public park. The modern version might be fake profiles trading fake chats on a dating site, or, more commonly, just a superficially innocuous app that leaves superficially innocuous messages on a superficially innocuous Amazon server secretly controlled by the CIA. What I wanted, however, was something even better than that—something that required none of that exposure, and none of that budget.
I decided to use somebody else’s Internet connection. I wish that were simply a matter of going to a McDonald’s or Starbucks and signing on to their Wi-Fi. But those places have CCTV, and receipts, and other people—memories with legs. Moreover, every wireless device, from a phone to a laptop, has a globally unique identifier called a MAC (Machine Address Code), which it leaves on record with every access point it connects to—a forensic marker of its user’s movements.
So I didn’t go to McDonald’s or Starbucks—I went driving. Specifically, I went war-driving, which is when you convert your car into a roving Wi-Fi sensor. For this you need a laptop, a high-powered antenna, and a magnetic GPS sensor, which can be slapped atop the roof. Power is provided by the car or by a portable battery, or else by the laptop itself. Everything you need can fit into a backpack.
I took along a cheap laptop running TAILS, which is a Linux-based “amnesiac” operating system—meaning it forgets everything when you turn it off, and starts fresh when you boot it up again, with no logs or memory traces of anything ever done on it. TAILS allowed me to easily “spoof,” or disguise, the laptop’s MAC: whenever it connected to a network it left behind the record of some other machine, in no way associable with mine. Usefully enough, TAILS also had built-in support for connecting to the anonymizing Tor network.
At nights and on weekends, I drove around what seemed like the entire island of Oahu, letting my antenna pick up the pulses of each Wi-Fi network. My GPS sensor tagged each access point with the location at which it was noticed, thanks to a mapping program I used called Kismet. What resulted was a map of the invisible networks we pass by every day without even noticing, a scandalously high percentage of which had either no security at all or security I could trivially bypass. Some of the networks required more sophisticated hacking. I’d briefly jam a network, causing its legitimate users to be booted off-line; in their attempt to reconnect, they’d automatically rebroadcast their “authentication packets,” which I could intercept and effectively decipher into passwords that would let me log on just like any other “authorized” user.