In an interview with the NYT's James Risen, Edward Snowden explains what was really going on back in his CIA days, when he was allegedly reprimanded for accessing systems he wasn't supposed to see. It turns out Snowden had found a security vulnerability in their sensitive systems, which he reported through channels, got blown off for, and then kept pushing. In the end, the manager who had tried to cover up the vulnerability took revenge on Snowden by putting a black mark on his record.
Mr. Snowden said that in 2008 and 2009, he was working in Geneva as a telecommunications information systems officer, handling everything from information technology and computer networks to maintenance of the heating and air-conditioning systems. He began pushing for a promotion, but got into what he termed a “petty e-mail spat” in which he questioned a senior manager’s judgment.
Several months later, Mr. Snowden said, he was writing his annual self-evaluation when he discovered flaws in the software of the C.I.A.’s personnel Web applications that would make them vulnerable to hacking. He warned his supervisor, he said, but his boss advised him to drop the matter and not rock the boat. After a technical team also brushed him off, he said, his boss finally agreed to allow him to test the system to prove that it was flawed.
He did so by adding some code and text “in a nonmalicious manner” to his evaluation document that showed that the vulnerability existed, he said. His immediate supervisor signed off on it and sent it through the system, but a more senior manager — the man Mr. Snowden had challenged earlier — was furious and filed a critical comment in Mr. Snowden’s personnel file, he said.
Snowden Says He Took No Secret Files to Russia [James Risen/NYT]
(via Techdirt)