Excerpts from Dark Mirror


Soundcloud — listen to selections from the Preface, narrated by Barton Gellman

The Atlantic, June 2020

I wiped off the television makeup, unclipped my lapel microphone, and emerged into a pleasant pre-summer Sunday outside the CBS News studio in the Georgetown neighborhood of Washington, D.C. In the back of a cab I pulled out my iPad. The display powered on, then dissolved into static and guttered out. Huh? A few seconds passed and the screen lit up again. White text began to scroll across an all-black background. The text moved too fast for me to take it all in, but I caught a few fragments.

# root:xnu …

# dumping kernel …

# patching file system …

Wait, what? It looked like a Unix terminal window. The word root and the hashtag symbol meant that somehow the device had been placed in super-user mode. Someone had taken control of my iPad, blasting through Apple’s security restrictions and acquiring the power to rewrite anything that the operating system could touch. I dropped the tablet on the seat next to me as if it were contagious.

Washington Post Magazine, May 17, 2020

In the Saturday night email, Snowden spelled it out. He had chosen to risk his freedom, he wrote, but he was not resigned to life in prison or worse. He wanted to show other whistleblowers that there could be a happy ending.

To effect this, I intend to apply for asylum (preferably somewhere with strong Internet and press freedoms, e.g. Iceland, though the strength of the reaction will determine how choosy I can be). Given how tightly the U.S. surveils diplomatic outposts …, I cannot risk this until you have already gone to press, as it would immediately tip our hand. It would also be futile without proof of my claims — they’d have me committed — and I have no desire to provide raw source material to a foreign government. Post publication, the source document and cryptographic signature will allow me to immediately substantiate both the truth of my claim and the danger I am in without having to give anything up. …

Alarm gave way to vertigo. I forced myself to reread the passage slowly. Snowden planned to seek the protection of a foreign government. He would canvass diplomatic posts on an island under Chinese sovereign control. He might not have very good choices. The cryptographic signature’s purpose, its only purpose, was to help him through the gates. With it he could prove that he was my source.

I had agreed to protect Snowden’s identity in order to report a story to the public. He wanted me to help him disclose it, in private, as a credential to present to foreign governments. That was something altogether different. If we published the signature file, The Post would be a knowing instrument of his flight from American law. I might wish him luck. I did. But it was not my role to help.

WIRED, May 24, 2020

Contact chaining on a scale as grand as a whole nation’s phone records was a prodigious computational task, even for Mainway. It called for mapping dots and clusters of calls as dense as a star field, each linked to others by webs of intricate lines. Mainway’s analytic engine traced hidden paths across the map, looking for relationships that human analysts could not detect. Mainway had to produce that map on demand, under pressure of time, whenever its operators asked for a new contact chain. No one could predict the name or telephone number of the next [Boston bomber]. From a data scientist’s point of view, the logical remedy was clear. If anyone could become an intelligence target, Mainway should try to get a head start on everyone….

As I parsed the documents and interviewed sources in the fall of 2013, the implications finally sank in. The NSA had built a live, ever-updating social graph of the US.

Our phone records were not in cold storage. They did not sit untouched. They were arranged in a one-hop contact chain of each to all. All kinds of secrets—social, medical, political, professional—were precomputed, 24/7. [NSA Deputy Director Rick] Ledgett told me he saw no cause for concern because “the links are unassembled until you launch a query.” I saw a database that was preconfigured to map anyone’s life at the touch of a button.