Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Thursday June 04 2015, @11:53PM   Printer-friendly

THE NATIONAL SECURITY Agency knows Edward Snowden disclosed many of its innermost secrets when he revealed how aggressive its surveillance tactics are. What it doesn't know is just how much information the whistle-blower took with him when he left.

For all of its ability to track our telecommunications, the NSA seemingly has little clue exactly what documents, or even how many documents, Snowden gave to the media. Like most large organizations, the NSA had tools in place to track who accessed what data and when. But Snowden, a system administrator, apparently was able to cover his tracks by deleting or modifying the log files that tracked that access.

An Estonian company called Guardtime says it has a solution to that: using the same ideas that underpin the digital currency Bitcoin, the company says it can ensure no one can alter digital files, not even an organization's most senior executives or IT managers. The idea is to stop the next Snowden in his tracks by making it impossible to tamper with data, such as the NSA log files, in secret.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Friday June 05 2015, @07:40PM

    by Anonymous Coward on Friday June 05 2015, @07:40PM (#192650)

    you realize how much bandwidth a bitlog system would waste, and consider this on a high demand, high reliability network like is being discussed. All you need to do to slow this down is get a few key systems spamming out log entries and the entire network would grind to a halt. And if it DIDN'T it would give you time to alter the logs before they were resubmitted to the network. It might not be 100 percent foolproof, but it certainly could be within the realm of acceptable odds for corporate/government espionage agencies.

    And that is assuming the malicious actor doesn't have either legitimate or illegitimate access to enough nodes to forge log entries, as mentioned elsewhere in this thread. Which could make it very easy to take out one's enemies by claiming the unbreakable (but broken) logfiling system irrefutably proved that a particular person had done illegal accesses, when an entirely different person had done so to get rid of them.