SXSW panels rarely make front page news, but when the panel is hosted by an exiled NSA whistleblower wanted by the US government for treason, it grabs attention.
Speaking via Google Hangouts on a connection routed through seven proxy servers to mask his location, on Monday Edward Snowden appeared before a green screen of the US Constitution. His message to the technologists in the room was not subtle.
The NSA is "setting fire to the future of the Internet," Snowden charged. "The people who are in this room right now, you guys are all the fire fighters and we need you to help us fix this."
Although he has given a handful of interviews, this was his first public appearance since going public with classified NSA documents last year. Although many of the details he discussed have already made the front page, here are the key takeaways from the event.
1. Bulk data collection doesn't work
Putting aside the issues about whether the NSA should monitor every communication on the planet, Snowden says it doesn't work. In the year since the leaks, the US government has yet to identify specific threats that have been avoided. Snowden also pointed at the missed warnings about Tamerlan Tsarnaev, one of the brothers accused in the Boston Marathon bombings, and Umar Farouk Abdulmutallab, who tried to smuggle an explosive device onto a plane in his underwear.
"We didn't actually investigate this guy," Snowden said of Abdulmutallab. "We spent all of this time hacking into Google and Facebook's back ends. What did we get? We got nothing."
2. There isn't much consumers can do to avoid it
Snowden tried to tell users what they can do to protect their privacy, but the options aren't great. If the NSA really wants to target you, they can probably get at all of your communications. That said, Snowden explained there are steps you can take to prevent your communication from being rolled up on bulk collection, including full disk encryption and TOR. "Encrypt you hardware, encrypt you network communications, and you will be far more protected than the average user," Snowden said.
It doesn't help that the security tools that are available tend to be arcane and designed for geeks. "When there is a question about protecting average users and the answer is TOR, we have failed," said Ben Wizner, director of the ACLU Speech, Privacy & Technology Project, and the event's moderator.
3. The most dangerous men in America are…
Snowden asserted that two officials "have harmed our security more than any others,” namely Michael Hayden and Keith Alexander. General Keith Alexander currently serves as director of the National Security Agency, while Michael Hayden was his predecessor. Snowden claims these men shifted the NSA's mandate in a way that ultimately weakened the security of the entire telecommunications system. "They elevated an offensive operation ... over the defence of our communication networks," Snowden said.
By undermining network security, the NSA puts US commercial, privacy, and even security interests at risk because the nation is so reliant on networked technologies. "It is a problem because America has more to lose than anyone else," Snowden said.
4. The US government still doesn't know what Snowden has
The US government says it doesn't know how many files Snowden took, and there is reason to believe it. "The United States government has assembled a massive investigation team into me personally and they still have no idea what I have or what documents were provided to the journalists," Snowden said. The lesson there is that encryption works, even if it is isn't exactly consumer friendly. If the keys aren't visible, the encryption can't be broken.
5. The tech industry is angry
Perhaps most importantly, the Snowden documents highlight a tech industry that has been much too casual in its approach to security. Yahoo, for example, was unknowingly exposing more than 100,000 user accounts every day because it wasn't using SSL encryption.
"The security people I know are all really pissed and those people can make a difference," said the ACLU's Chris Soghoian, who also appeared on the Snowden panel. "Remember normal people don't pick their encryption algorithms. They don't pick key lengths. The tools that come out in six months or a year will be much better than they are now."
Soghoian said that the entire industry operates differently now and that security is being taken more seriously. Google, Facebook, Microsoft, and Yahoo all rushed to encrypt all of their communications. "Without Ed's disclosures there would not have been as much pressure to encrypt their traffic," Soghoian said.
6. Snowden has no regrets
"Regardless of what happens to me, this was something that we needed to know," Snowden explained. "I took an oath to protect the Constitution and I saw the constitution was being violated on a massive scale."
"We can't consent if we are not informed," Snowden concluded.
Snowden's speech followed Julian Assange's SXSW interview, which you can read on up here: An in-depth look at Julian Assange's discussion of the global information order.