Feedback
Tech

It’s ‘Easy’ for Snowden to Mask His Location During Online Chats

Image: A protester holds an image of NSA leaker Edwards Snowden.

Is Snowden Violating His Russian Asylum Conditions? Text by Kommersant - MOSCOW - The U.S. government is convinced that Edward Snowden is violating Vladimir Putin's ''ultimatum.'' The Russian president had said in July that the National Security Agency (NSA) whistleblower could stay in Russia only if he ''stopped his work that was meant to cause damage to our American partners.'' In August, Snowden was granted asylum in Russia for one year. .Washington is equally convinced that the Western press, which has continued publishing classified materials from Snowden's archive, is communicating with Snowden. His willingness to help German security forces investigate the monitoring of Chancellor Angela Merkel's cell phone has also provoked anger in Washington. ''Snowden's actions in Moscow obviously damage the national interests of the United States,'' one high-level White House source said recently. The Kremlin does not agree. ''These materials [published by the German media] were not distributed from Russia,'' said Putin's press secretary Dmitrii Peskov. Snowden himself has said several times that he gave his entire archive to Western journalists while he was in Hong Kong, and that he no longer has access to the documents. ''No one will allow him to break the condition of not damaging the United States,'' Peskov said. ''But he has received temporary asylum in Russia through legal means, and is free to meet with whomever he wants. We can not prevent him from doing so.'' .European media recently revealed that the NSA's surveillance reach included both European citizens and heads of state. Journalists based their revelations on documents provided by Snowden. Among the revelations was that the NSA had spied on Merkel's private cell phone. And although the White House has assured Merkel that she is no longer being monitored, German security forces have been working to verify those assurances. .Welcome in Germany? The German parliament hopes that Snowden will be a key witness i David Von Blohn / Zuma Press

Edward Snowden answered questions via an online chat on Thursday, in a move that may seem like risky exposure given that the fugitive leaker of National Security Agency documents is living on the lam in Russia.

But Snowden, who publicized the NSA’s "Prism" spying program, knows better than most about governments’ ability to track online activity — and it’s simple for him to mask his location online.

"It sounds complicated, but in truth, it’s relatively easy," said Christopher Hadnagy, the "chief human hacker" at security firm Social-Engineer, Inc. "[Snowden] could make it very difficult, next to impossible, to find him."

Snowden is likely using two methods to make it tough to track him down, Hadnagy said.

First: Devices that connect to the Internet are each assigned a unique Internet Protocol (IP) address: a series of numbers that, among other things, serves as a form of identification for the device. That identification information includes the location of the device — something that Snowden wouldn’t want to share.

But it’s easy to route a computer’s traffic through another IP address in an entirely different location, through what is called a "proxy server." Simply Google that phrase and you’ll find a list of IP addresses tied to countries across the globe, which you can pop into your Web browser’s settings.

As Hadnagy put it: "I can use a computer in the U.S. and run it through a proxy server in China, and there it is: It looks like my traffic is coming from China."

Snowden likely ran his connection through a daisy chain of several proxy servers across the globe, Hadnagy said, distancing himself even more.

Secondly: Beyond the proxy servers, Hadnagy said Snowden likely also used a virtual private network (VPN), which "takes all of a computer’s traffic and shoves it through a secure tunnel, then routes it through a private network" that could be located anywhere across the globe. Plus, many VPNs don’t keep logs of users’ activity.

That patchwork of proxy servers and VPNs would make Snowden’s location extremely tough to track.

"You effectively have some intermediary computer connecting to a network that doesn’t keep traffic logs," Hadnagy said. "Good luck trying to figure that one out."

Even if someone were able to trace that twisted trail to Snowden, Hadnagy said, the whistleblower would have likely conducted the chat at a semi-public place where he feels safe – not at wherever he is living — and leave that area quickly.

What’s more, no one knows whether Snowden was actually the person physically typing in the responses.

"If it was me I’d say to a trusted friend, I’ll call you from an anonymous phone and you type in my answers," Hadnagy said. "I’m sure he’s got many levels of protection figured out. He’s not going to make a dumb mistake now and get himself caught."

During the discussion on Thursday, Snowden focused on his call for the U.S. to end what he called "indiscriminate mass surveillance" — but, he said, "not all spying is bad." The former NSA contractor also denied a report that he used colleagues’ login credentials.

The site that hosted the chat, Free Snowden, is run by a trust called The Courage Foundation that is soliciting donations for Snowden. The domain name is registered to WikiLeaks founder Julian Assange — as well as accountant Derek Rothera, whose firm audits The Courage Foundation — and is hosted on Wikileaks servers, according to WHOIS, a Verisign service that provides information about domain ownership. WikiLeaks has worked closely with Snowden to provide him with aid since he left the United States.