My first question would be: Was the system really offline?
Was he using a computer with a wi-fi network adapter (pretty much any laptop made in the last decade)? If yes, then it’s probably safe to assume that he wasn’t actually offline. Whatever rootkit was running on the system could simply turn on the wi-fi radio and make it connect to the spook’s wi-fi access point conveniently installed within range of the computer.
If the computer had no wi-fi or ethernet interfaces, or if it had just ethernet but wasn’t plugged into the network, that’s potentially a much weirder situation.
As for TrueCrypt, that’s not going to do anything against an attacker who has rooted the computer. Once you type your passphrase on a compromised machine, 1) all the data is decrypted and accessible to the attacker during the session and 2) the attacker, who is no doubt logging keystrokes, has your passphrase to use at more convenient times, like when you’re not sitting in front of the computer.
Such moments may, of course, have an innocent explanation. Still, back at my home in Hertfordshire I took a few precautions. I worked offline. I stored each draft chapter in a TrueCrypt folder, a virtual encrypted disk accessible only via a long, complicated password. When I conducted interviews I left my mobile behind. Having seen Snowden’s documents, I knew something of the NSA’s and GCHQ’s extraordinary capabilities. As of April 2013, the US spy agency had 117,675 active surveillance targets. Was I perhaps now one of them?
By September the book was going well – 30,000 words done. A Christmas deadline loomed. I was writing a chapter on the NSA’s close, and largely hidden, relationship with Silicon Valley. I wrote that Snowden’s revelations had damaged US tech companies and their bottom line. Something odd happened. The paragraph I had just written began to self-delete. The cursor moved rapidly from the left, gobbling text. I watched my words vanish. When I tried to close my OpenOffice file the keyboard began flashing and bleeping.
Over the next few weeks these incidents of remote deletion happened several times. There was no fixed pattern but it tended to occur when I wrote disparagingly of the NSA. All authors expect criticism. But criticism before publication by an anonymous, divine third party is something novel. I began to leave notes for my secret reader. I tried to be polite, but irritation crept in. Once I wrote: “Good morning. I don’t mind you reading my manuscript – you’re doing so already – but I’d be grateful if you don’t delete it. Thank you.” There was no reply.
A month later the mysterious reader – him, her, they? – abruptly disappeared. At a literary event in Berlin my Guardian colleague David Leigh told a journalist about my unusual computer experiences; he led with the anecdote in a piece for the leftwing daily Taz. After that, nothing. I finished The Snowden Files: The Inside Story of the World’s Most Wanted Man in December.
In idle moments I wonder who might have been my surreptitious editor. An aggrieved analyst at the NSA’s Fort Meade spy city? GCHQ? A Russian hacker? Someone else intent on mischief? Whoever you are, what did you think of my book? I’d genuinely like to know.
Research Credit: P7y845W4
2 Responses to “Reporter Claims Computer Self Deleted Text While He Tried to Write Book About Snowden”
Leave a Reply
You must be logged in to post a comment.