On June 9, 2013, the world learned the identity of an NSA whistleblower who had secretly met with journalists Laura Poitras, Glenn Greenwald and Ewen MacAskill in Hong Kong and given them thousands of documents about the spy agency’s mass surveillance programs. The extent to which this young sysadmin would expose the previously secrecy-shrouded NSA was shocking to the general public. Even more shocking to me when I saw someone tweet a photo of this “Edward Snowden” sitting at a laptop with EFF and Tor stickers was that I recognized him. I had thrown a CryptoParty with him in Honolulu, Hawaii six months earlier, though I had no idea at the time that he was working for the NSA or that this polite and confident man I knew as “Ed” would soon become the source of the most significant leak of classified material in U.S. history.
We met because of Reddit. Snowden sent me an encrypted email after reading a Reddit thread about my role as a core member of The Tor Project. He first contacted me on November 27, 2012, using firstname.lastname@example.org as his email address – the same account he would use in his first approach to Glenn Greenwald just four days later. It began as an exchange of emails about Tor stickers and t-shirts.
“I’ll be there on vacation in a couple of weeks and would be happy to give a Tor talk,” I wrote.
“I don’t think Hawaii has had a successful crypto party yet,” he replied, “so that could be a really good opportunity to get the community going.”
Ever since I became involved with The Tor Project in 2009, I have made it a point to present about Tor — which disguises who is visiting which websites by sending traffic through a series of servers operated by volunteers — at a local event whenever I visit a new city; Snowden was enthusiastic about the idea and offered to help organize a Honolulu CryptoParty for the occasion. I never imagined that the innocuous emails we exchanged might one day be of interest to the U.S. Government – though no one from the Government has been in touch with me so far.
The grassroots CryptoParty movement began in late August 2012 as a way to introduce the basics of practical cryptography – Tor, full disk encryption and OTR/off the record messaging – to the general public. Snowden used the handle “Cincinnatus” to organize the event, which he announced on the CryptoParty wiki — a website for all events with the name being organized all over the world — and to the HiCapacity hackerspace, which hosted the gathering.
The wiki page listed 11 potential workshops, but only two names: “Cincinnatus” and “Runa S. from the Tor team”.
The event was scheduled for December 11, 2012, the second to last day of my vacation. HiCapacity was located in the back of the Fishcake furniture store. I arrived just before 6pm. Snowden greeted me and simply introduced himself as “Ed”. He gave me a tour of the place and the room that we would present in. He also introduced me to his then-girlfriend, Lindsay Mills, saying she would film the event.
Standing next to Lindsay in the back of the tiny room, I asked Snowden what he did for a living. He hemmed and hawed a little and told me he worked for Dell. I got the sense that this was not a topic he wanted to say much about – though it was not something I found odd or unusual. Little did I know his work was under an NSA contract and that he had already downloaded the material that he would leak.
As the attendees arrived, we quickly discussed how the event would run: Snowden would welcome everyone and kick things off with a short introduction, and I would follow with a presentation about Tor. He stood in the back of the room with a laptop and a projector, his girlfriend controlling the camera a few feet away. Having arrived without a laptop or slides, I decided to use the whiteboard.
I began by explaining that Tor is a tool that anyone can use to browse the Internet anonymously. I talked about how people normally browse the web and how communications can be intercepted as it travels from one computer to the next. I discussed the characteristics that distinguish Tor from other solutions and what the tool can and cannot do.
The audience were interested in how The Tor Project is funded, how safe the tool is to use, and how one can use anonymously set up a website using Tor hidden services. At one point, Snowden himself asked me to explain something called “pluggable transports”, a Tor component that helps people in countries such as China and Iran connect to the Tor network, even though the majority of the servers in the network are blocked.
After wrapping up my presentation, Snowden connected his laptop to the projector and began talking about using the TrueCrypt software for encrypting hard drives and USB sticks on Macs, Linux and Windows. He pointed out that while the only known name associated with TrueCrypt is someone in the Czech Republic, TrueCrypt is one of the best open-source solutions available.
Snowden continued with TrueCrypt’s “hidden volumes”, a feature that divides your encrypted storage into separate “volumes” with separate passwords. If you are coerced by authorities into revealing the password for your “encrypted storage” you need only reveal the password for the volume with the least incriminating content – one containing pictures of cats, maybe?
We ended with an impromptu joint session on how to set up and run a Tor exit relay. Having already set up exit relays himself, Snowden was extremely familiar with the configuration file and the various options that are available. At the end of the night, I said goodbye and headed out to Zippy’s for a late snack.
The Honolulu CryptoParty was the first and last time I met Edward Snowden. In a follow-up post on the wiki page, he pronounced the event a “huge success” and said “more people attended than expected, and we had a solid mix of age groups and genders.”
Sadly, the video of the event was never posted online.
I continued my work with The Tor Project and gave presentations at other CryptoParties and events around the world. On June 9, 2013, when Snowden revealed himself as the source of the NSA leaks, I was on a bus from New York City to Washington, D.C.; my Twitter stream flooded with people talking about “Edward Snowden”, his interview with the Guardian and the photo of him with EFF and Tor stickers on his laptop.
I remember thinking “Wow, he looks really familiar.”
As Kevin Poulsen wrote in WIRED last week, the fact that “Snowden organized such an event himself while still an NSA contract worker speaks volumes about his motives.” Here is someone who, while preparing to take on an incredible sacrifice, took the time to teach a group of locals how they could use different security tools to better protect themselves from spies and the growing surveillance state. I am glad he did. I am proud to have been a small part of it.
(Disclosure: I’m on the Freedom of the Press Foundation’s Technical Advisory Board, and both Snowden, Poitras and Greenwald sit on the foundation’s board of directors.)