Edward Snowden at SXSW: The NSA is setting fire to the future of the Internet

Edward Snowden has a piece of advice for you, the average American Internet user: Employ whatever encryption tools you have at your disposal to make the National Security Agency's job a little bit harder.

Snowden doesn't often speak to the public, given his status as an American refugee in Russia, but he appeared at South By Southwest Monday via Google Hangouts--and seven proxies--to encourage the people who create devices and software to make user security a priority.

"There's a policy response that needs to occur but there's also a technical response that needs to occur," Snowden said. "It's the makers, thinkers, and the development community that can help make sure we're safe."

The NSA's surveillance powers seem so far-reaching that fighting against them may well be an exercise in futility. Spies can track your phone calls, read your text messages, view your bank transactions and your e-mails, see your Web-browsing history, collect screenshots of your Yahoo webcam chats, and even eavesdrop on German Chancellor Angela Merkel's cellphone calls. The list goes on and on. And on and on.

If you're an NSA target, there is very little you can do to keep the agency out of your computer. But the majority of the data that spy agencies are collecting is completely innocuous, and there's no rhyme or reason as to why the intelligence community needs to collect or store that information. So how do regular folks avoid getting caught in the net? Encryption is the key, Snowden said.

Tools you can use

Full-disk encryption and network encryption, like SSL, are good places to start, but there are also tools like no-tracking browser plug-ins and Tor's anonymity software. Documents leaked by Snowden show that the NSA has attempted to breach Tor but has largely been unable to de-anonymize the network's users.

"We need to think about encryption not as this arcane black art but as a basic protection, the defense against the black arts in the digital realm," Snowden said.

There are more advanced encryption tools available, but they're built by geeks for geeks. The average consumer tends to use software that's familiar or comes preinstalled on the devices they buy.

"Most people aren't going to go out and download an obscure encryption [tool]," said Chris Soghoian, the American Civil Liberties Union's principal technologist, who spoke with Snowden at SXSW. "They're going to use the tools they already have: Facebook, Google, Skype. When Google turned on [SSL for Gmail], they made passive surveillance of users' communications more difficult for agencies. We need services to be building security in. That doesn't mean that small developers can't play a role. What I want is for the next WhatsApp or Twitter to use encrypted end-to-end communications."

Snowden and Soghoian agreed that companies like Google and Facebook prioritize data collection for ad-selling purposes over data protection for users. End-to-end encryption gets in the way of what those companies can see and use for their own purposes.

"The irony that we're using Google Hangouts to talk to Ed Snowden is not lost on me, or on anyone here," Soghoian said.

A serious shift for SXSW

Some officials weren't happy that Snowden appeared at SXSW in any form. Congressman Mike Pompeo, a Republican from Kansas, urged festival organizers to rescind Snowden's invitation and claimed that Snowden's leaks have put U.S. intelligence efforts at risk. Obviously organizers disagreed.

"I appreciate his interest in SXSW, but I've never uninvited a speaker, and so we wouldn't do this with Snowden," SXSW Interactive director Hugh Forrest told Forbes. "Our goal here is to be an open platform. I'd love to have the NSA giving a lecture. I hope it goes off flawlessly because I think it's the biggest thing we've ever done, in terms of political and cultural relevance. It's a big deal."

Snowden's appearance at South By Southwest, in addition to festival interviews with WikiLeaks founder Julian Assange and security journalist Glenn Greenwald, signal a more serious future for the festival that moves beyond app announcements and the social scene.

After coming forward to claim credit for the NSA leaks, Snowden confessed his biggest concern was that people wouldn't care. Clearly that's not the case.

"When I came out with this, it wasn't so I could single-handedly change the government," Snowden said. "I took an oath to protect and defend the Constitution, and I saw that Constitution being violated on a massive scale."

Privacy, big data, and online surveillance have become a few of the most pressing issues of our time. If SXSW had ignored those topics in favor of flavor-of-the-month apps, it would have lost all relevance.

Join the CSO newsletter!

Error: Please check your email address.

Tags National Security AgencySXSWGooglesecuritynsaprivacy

More about FacebookGoogleInteractiveNational Security AgencyNSASkypeYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Caitlin McGarry

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts