There are no secrets: Edward Snowden's big revelations

In the year since Edward Snowden exposed details of the NSA's spying activities, there've been plenty of fallout and lessons learned.

Full disclosure: Edward Snowden's major security reveals
Credit: The Guardian
Full disclosure: Edward Snowden's major security reveals

Ex-NSA employee Edward Snowden has shined light on a lot of dark corners of the NSA. Here's what we've learned over the past year.

Snowden blew the whistle on U.S. spying
Credit: NBC News
Snowden blew the whistle on U.S. spying

A year ago, then-NSA contractor Edward Snowden provided shocking revelations about the depth and scope of NSA electronic spying on citizens and noncitizens alike. Those revelations split the country between those who saw him as a heroic whistleblower and those who saw him as abetting America's enemies. In an NBC interview, Snowden made a compelling case for his actions.

Those revelations have caused many to rethink how their trust in online services, changed the business climate for U.S. tech companies, and moved the U.S. government to rein in some of the NSA's practices. And only some of the documents Snowden took and gave to journalists have been revealed.

Also on InfoWorld: ‪Edward Snowden has stripped us of all illusion about our digital world

The U.S. and U.K. track phone calls and Internet usage extensively
Credit: Comstock/Thinkstock
The U.S. and U.K. track phone calls and Internet usage extensively

The first revelation from the Snowden files came on June 5, 2013, courtesy of the Guardian newspaper. That initial story revealed how extensively the NSA tracked phone calls, even of U.S. citizens -- contradicting the NSA's earlier statements to Congress that only noncitizens were targeted. Later, it was revealed that the NSA relied on spy agencies such as Britain's GCHQ to spy on Americans on its behalf where the law prevented the NSA from doing so directly.

Several federal judges called the NSA program unconstitutional, President Barack Obama ultimately called for its scope to be reduced, and the U.S. House of Representative passed a bill limiting NSA phone tracking, though the Senate has not yet acted.

At the Guardian: The NSA files

Backlash against U.S. tech industry begins
Backlash against U.S. tech industry begins

Snowden-based revelations in late July that the NSA had backdoor access to popular services like Google and Facebook caused the rest of the world to distrust the security of data stored by U.S. Web companies, leading to lost sales.

U.S. providers denied they were cooperating with the NSA, and several tried to release a record of the requests, despite federal gag orders. But they also had to cooperate with any "lawful" requests, which are kept secret.

After a few months, U.S. cloud providers seemed to recover. But new revelations in December that RSA was paid to open NSA backdoors in its security products and that hardware from Cisco, Apple, and Dell were compromised by the NSA further damaged the U.S. tech industry.

The spying covers nearly everything we do online
The spying covers nearly everything we do online

Revelations in August showed that the NSA and GCHQ collect much more information on people via Internet spying beyond where they visit and whom they call, including social media and other services.

The initial NSA claims that only metadata on calls -- such as the numbers, dates, and times involved -- were open for question, though the agency continues to deny it monitors the contents of the tracked conversations.

Perhaps most shocking to U.S. businesses was the degree to which the NSA was spying on their internal networks. Suddenly, companies long fearful of Chinese spying attacks saw their own government doing the same to them.

Also on InfoWorld: The cyber war is real and our defenses are weak

Encryption is rigged
Credit: Shockbyte
Encryption is rigged

Next up: Revelations in September that the NSA and GCHG have backdoors into the global encryption standards, rendering encrypted data vulnerable to government snooping. The groups also reportedly cracked the BlackBerry encryption relied on by spy agencies and world leaders for secure communication.

Since then, the federal standards body NIST got permission to move forward on new standards without NSA involvement, and many companies are promising new encryption methods they say will keep the spy agencies out, which of course also protects evildoers. That tech is neither proven nor disproven, but it's clear an encryption arms race has begun.

We spied on our friends, too
Credit: AFP Photo/Christopher Furlong
We spied on our friends, too

In mid-October, revelations showed that the U.S. spied on 35 world leaders, including allies like German Chancellor Angela Merkel and the E.U. government. The NSA's response: Everyone does that, so what's the big deal? Europeans remain angry and are rethinking cooperation with the United States on several fronts -- and perhaps are turning more attention to spying on us now.

Suddenly, the notion of spies out of control was being taken seriously across political lines. Ironically, countries that have long spied on others, such as China, used the U.S. revelations to deflect concerns about their own notorious efforts.

Malware as a spymaster weapon
Malware as a spymaster weapon

In late October came news that the NSA created malware to infect computers broadly for spying purposes, essentially using the same methods to infect people's computers as the criminal hacking organizations do.

The technique had worked well before, in the form of the U.S.-Israeli Flame virus to infect Iranian nuclear-centrifuge controllers to disable them. Perhaps it should surprise no one that the NSA and its partner spy agencies are using the technique to spy on the populace at large.

Who knows what else will be revealed this year? Journalists at several major newspapers still have thousands of pages of documents Snowden gave them to pore through.