Discussion in 'News and Current Events' started by The Wrong Guy, Feb 21, 2015.
"The Wrong Guy and DeathHamster implicated in cyber hijinks" | Ars Technica with The Guardian
Glenn Greenwald @ggreenwald · 2 hours ago
Here's the 1-hour TV discussion on journalism I had in Sweden last week w/Carl Bernstein: From Watergate to Snowden.
There's a related thread here:
Wikimedia vs. NSA lawsuit challenges mass surveillance under the FISA Amendments Act
The CIA Campaign to Steal Apple's Secrets | The Intercept
By Jeremy Scahill and Josh Begley
Researchers working with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.
By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
Glenn Greenwald @ggreenwald · 16 minutes ago
CIA source admits truth of @the_intercept story on hacking Apple: "it is what it is"
New Zealand Targets Trade Partners, Hacks Computers in Spy Operations | The Intercept
New Zealand is conducting covert surveillance operations against some of its strongest trading partners and has obtained sophisticated malware to infect targeted computers and steal data, newly released documents reveal.
The country’s eavesdropping agency, Government Communications Security Bureau, or GCSB, is carrying out the surveillance across the Asia-Pacific region and beyond as part of its membership in the Five Eyes, a spying alliance that includes New Zealand as well as the United States, the United Kingdom, Canada, and Australia.
The documents, revealed on Tuesday by the New Zealand Herald in collaboration with The Intercept, expose more details about the scope of New Zealand’s involvement in the Five Eyes, and show that the agency’s reach extends far beyond its previously reported eavesdropping on at least ten small South Pacific nations and territories.
According to secret files from the National Security Agency, obtained by The Intercept from whistleblower Edward Snowden, GCSB is targeting about 20 different nations and territories in total and sharing the intercepted data with the NSA. A top-secret document dated from April 2013 notes that the New Zealand agency “provides [the NSA with] collection on China, Japanese/North Korean/Vietnamese/South American diplomatic communications, South Pacific Island nations, Pakistan, India, Iran, and Antarctica.”
Aside from eavesdropping on communications through traditional interception methods, such as by capturing signals as they are passing between satellites or phone cables, the New Zealand agency has also become directly involved in more aggressive methods of spying and cyberwar.
jeremy scahill @jeremyscahill · 24 minutes ago
Ex NSA Gen. Counsel defends Apple hacks, says US shouldn't tell Apple when they target it, implies Tim Cook is threat.
jeremy scahill @jeremyscahill · 18 minutes ago
Watch @matthew_d_green make good points re Apple hacks. Most developers were US citizens when CIA "whacked" Xcode.
jeremy scahill @jeremyscahill · 17 minutes ago
What the TS docs show is *systematic intent* to target security of *all* of our iPhones & other devices. This is not about old hacks.
jeremy scahill @jeremyscahill · 14 minutes ago
The black budget doc we published showed US is spending $35 million just to develop capabilities to target consumer encryption systems.
jeremy scahill @jeremyscahill · 14 minutes ago
The line that "oh, they will just target bad guys" is so naive. Once they hack Apple devices, the cat is out of the bag. It's game on.
eremy scahill @jeremyscahill · 11 minutes ago
If CIA /NSA find exploits to Apple's security and don't tell Apple, they endanger all our security. You don't think China/Russia found it too?
jeremy scahill @jeremyscahill · 9 minutes ago
Think about this: Say CIA used "whacked" Xcode to put malware on widely used iPhone apps, but claim only to target "bad guys." Trust em?
eremy scahill @jeremyscahill · 7 minutes ago
What CIA was doing at Jamboree was just *theoretical*. False. They claimed success in whacking Xcode, success in exploiting BitLocker.
jeremy scahill @jeremyscahill · 3 minutes ago
These agencies tortured people, lied to Congress, ran black sites. But, yes, they will follow the law about surveilling our iPhones.
jeremy scahill @jeremyscahill · 50 seconds ago
Dirty tech ops CIA/NSA use abroad come home. They give the tools to "law enforcement." But, yeah, just think it's about targeting terrorists
The Orwellian Re-Branding of "Mass Surveillance" as Merely "Bulk Collection"
By Glenn Greenwald, The Intercept
Just as the Bush administration and the U.S. media re-labelled “torture” with the Orwellian euphemism “enhanced interrogation techniques” to make it more palatable, the governments and media of the Five Eyes surveillance alliance are now attempting to re-brand “mass surveillance” as “bulk collection” in order to make it less menacing (and less illegal). In the past several weeks, this is the clearly coordinated theme that has arisen in the U.S., UK, Canada, Australia and New Zealand as the last defense against the Snowden revelations, as those governments seek to further enhance their surveillance and detention powers under the guise of terrorism.
Most Americans Aren't Protecting Themselves Against Surveillance
By Adam Clark Estes, Gizmodo
Australian Federal police confirm they have accessed journalists' metadata | The Guardian
AFP reject comments by media union on scale of access, saying requests were ‘rare’, as debate over data retention bill intensifies
What happened to our 4th amendment? It's maddening that our own government will look past our Constitution just to spy on all of us. God dammit!!
US Threatened Germany Over Snowden, Vice Chancellor Says | The Intercept
By Glenn Greenwald
German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. “They told us they would stop notifying us of plots and other intelligence matters,” Gabriel said.
The vice chancellor delivered a speech in which he praised the journalists who worked on the Snowden archive, and then lamented the fact that Snowden was forced to seek refuge in “Vladimir Putin’s autocratic Russia” because no other nation was willing and able to protect him from threats of imprisonment by the U.S. government (I was present at the event to receive an award). That prompted an audience member to interrupt his speech and yell out: “Why don’t you bring him to Germany, then?”
There has been a sustained debate in Germany over whether to grant asylum to Snowden, and a major controversy arose last year when a Parliamentary Committee investigating NSA spying divided as to whether to bring Snowden to testify in person, and then narrowly refused at the behest of the Merkel government. In response to the audience interruption, Gabriel claimed that Germany would be legally obligated to extradite Snowden to the U.S. if he were on German soil.
Afterward, however, when I pressed the vice chancellor (who is also head of the Social Democratic Party, as well as the country’s economy and energy minister) as to why the German government could not and would not offer Snowden asylum — which, under international law, negates the asylee’s status as a fugitive — he told me that the U.S. government had aggressively threatened the Germans that if they did so, they would be “cut off” from all intelligence sharing. That would mean, if the threat were carried out, that the Americans would literally allow the German population to remain vulnerable to a brewing attack discovered by the Americans by withholding that information from their government.
Cisco posts kit to empty houses to dodge NSA chop shops | The Register
Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says. The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers.
The interception campaign was revealed last May. Speaking at a Cisco Live press panel in Melbourne today, Stewart says the Borg will ship to fake identities for its most sensitive customers, in the hope that the NSA's interceptions are targeted.
"We ship [boxes] to an address that's has nothing to do with the customer, and then you have no idea who ultimately it is going to," Stewart says. "When customers are truly worried ... it causes other issues to make [interception] more difficult in that [agencies] don't quite know where that router is going so its very hard to target - you'd have to target all of them. There is always going to be inherent risk."
Stewart says some customers drive up to a distributor and pick up hardware at the door. He says nothing could guarantee protection against the NSA, however. "If you had a machine in an airtight area ... I stop the controls by which I mitigate risk when I ship it," he says, adding that hardware technologies can make malicious tampering "incredibly hard".
Cisco's Going to Ship Its Equipment to Empty Houses to Dodge the NSA | Gizmodo
The NSA is willing to go frighteningly far for your secrets, but at least one hardware manufacturer is willing to go further. A Cisco executive just said his company will ship its networking equipment to vacant addresses to avoid NSA interception. Clever idea.
A Clever Way to Tell Which of Your Emails Are Being Tracked | WIRED
Last four paragraphs:
Using Ugly Mail is as simple as the service is effective. Once you’ve installed it, the code identifies emails that include tracking pixels from any of the three services mentioned above. Those messages will appear in your inbox with an eye icon next to the subject heading, letting you know that once clicked, it will alert the sender. Tulyaganov also confirmed to WIRED that Ugly Mail also doesn’t store, save, or transmit any data from your Gmail account or computer; everything takes place on the user’s end.
Ugly Mail appears to work as advertised in our test, but it has its limitations. It’s only built for Gmail (sorry… Outlookers?) and is only available for Chrome, although Tulyaganov says that Firefox and Safari versions are in the works. And while it’s effective against Yeswear, Bananatag, and Streak, those are just three pixel-tracking providers in a sea of sneaking marketers. Tulyaganov has indicated that Ugly Mail will continue to add more tracking services to its list, but it’s not clear yet how long that might take. The onrush of users after receiving top billing on Product Hunt may help speed up the process.
If you’d like take take the extra step of just blocking pixel tracking altogether, another Chrome extension called PixelBlock — also referenced on Product Hunt — automatically prevents all attempts, instead of Ugly Mail’s more passive strategy of simply informing you that they’re happening.
Pixel tracking isn’t going away any time soon, and Ugly Mail is an imperfect way to prevent it. But it still offers a valuable glimpse at the marketing machinations we’re all exposed to every day, whether we’re aware of them or not.
Top-secret documents obtained by the CBC show Canada's electronic spy agency has developed a vast arsenal of cyberwarfare tools alongside its U.S. and British counterparts to hack into computers and phones in many parts of the world, including in friendly trade countries like Mexico and hotspots like the Middle East.
The little known Communications Security Establishment wanted to become more aggressive by 2015, the documents also said.
White House Confirms: If Section 215 Expires, So Does Bulk Phone Records Collection
By Nadia Kayyali, Electronic Frontier Foundation
There’s some good news coming from the White House today that deserves repeating. Reuters is reporting that Ned Price, a spokesman from the President’s National Security Council, has unequivocally stated:
"If Section 215 sunsets, we will not continue the bulk telephony metadata program."
215 of the Patriot Act is the authority that the NSA, with the FBI’s help, has interpreted to allow the U.S. government to vacuum up the call records of millions of innocent people. It expires on June 1.
Some journalists and privacy advocates have speculated that, even if Section 215 were to expire in the absence of other legislation, bulk collection could continue under Section 102(b) of Public Law 109-177, which some have said would allow investigations that began before the expiration of Section 215 to continue. In November, Charlie Savage at the New York Times reported that the provision could mean that:
"as long as there was an older counterterrorism investigation still open, the court could keep issuing Section 215 orders to phone companies indefinitely for that investigation."
We agree with ACLU deputy legal director Jameel Jafeer that “it would be ‘perverse’ to interpret the exception as permitting the government to ‘bootstrap itself into permanent Section 215 authority.’” But we do think that looking for loopholes in the language that governs surveillance makes perfect sense — after all, the government’s twisted interpretation of words related to surveillance is well-documented.
That’s why we’re pleased to see this announcement. If the importance of the June 1 expiration of Section 215 wasn’t already apparent, it’s clear now. With the clock ticking, Congress is running out of time to pass legislation that will reform bulk surveillance.
In fact, despite the Administration’s push for reform legislation, it looks increasingly likely that the next vote Congress will face on NSA spying is the June 1 sunset. That’s why contacting Congress about the vote is so important — lawmakers should understand that their vote is a statement about where they stand on the Constitution.
Unless the Administration is playing the same kind of word games with “critical” and “essential” as it has with other words, it's pretty clear that if Section 215 isn’t even essential, it’s hardly critical. Other analyses of Section 215, both from the government and from outside researchers, have come to the same conclusion.
If you agree that it’s time to end mass surveillance, contact Congress and tell them what you expect to see: a no vote on reauthorization of Section 215 on June 1, along with some real comprehensive reform to NSA spying.
Committee to Protect Journalists joins call for meaningful reform of US surveillance
Mass surveillance and the bulk collection of metadata by the U.S. government pose serious threats to journalists in the U.S. and around the world, which is why the Committee to Protect Journalists today joined a wide coalition of privacy, human rights, technology, and trade groups calling on Congress and the Obama Administration to include certain elements in U.S. surveillance reform.
Open Technology Institute Joins With Major Internet Companies and Privacy Advocates to Demand Surveillance Reform
New America’s Open Technology Institute, on behalf of a broad coalition of Internet companies, trade associations, and advocates for privacy and human rights, today released an open letter pressing Congress to pass legislation that would end the National Security Agency’s bulk collection of Americans’ communications records.
As the Snowden leaks began, there was "fear and panic" in Congress
By Zack Whittaker for Zero Day
It was late evening on June 5 two years ago in a muggy Washington D.C., when almost every phone belonging to a member of Congress began to ring.
News broke on the wire that the elusive National Security Agency was forcing Verizon, one of the nation's largest phone companies, to hand over on a rolling basis the phone records of its entire customer base.
Dozens of US lawmakers were finding out for the first time of this potentially massive domestic surveillance program, as were the American people who were reportedly ensnared by it.
But a handful of privy lawmakers in Congress were not surprised at all. One of those was Sen. Ron Wyden (D-OR), who along with his colleagues on the Senate Intelligence Committee had been secretly briefed on the program years prior to the program's leaking.
About fifteen minutes after the story broke, Wyden received another call on his cell phone.
"I can't tell you what you want me to tell you!," he told the caller. It was Wyden's former communications director Jennifer Hoelzer, who had spent more than half a decade by the senator's side. It wasn't news to her that her former boss had known about the secret program, but she was surprised that he was still barred from confirming or denying its existence.
By the end of the first hour -- approaching midnight -- press officers for the members on the Senate Intelligence Committee were unable to comment to journalists on the record about a program that they, as non-clearance holding staffers, weren't even aware of themselves.
"There was an incredible amount of fear and panic, because nobody knew what else was coming," said a senior congressional official with direct knowledge of the events on that and subsequent days, who declined to be named for this story.
"Nobody knew how sensitive these leaks were, and whether or not this was the sort of thing that would put individuals at risk," the person said. There was a strong suspicion that the leaker was someone within the intelligence community -- perhaps someone high up in the chain of command with access to internal intelligence documents. There was a scramble among those with security clearance to find out what had been leaked, and who might have leaked it.
Passphrases That You Can Memorize — But That Even the NSA Can't Guess | The Intercept
By Micah Lee
It’s getting easier to secure your digital privacy. iPhones now encrypt a great deal of personal information; hard drives on Mac and Windows 8.1 computers are now automatically locked down; even Facebook, which made a fortune on open sharing, is providing end-to-end encryption in the chat tool WhatsApp. But none of this technology offers as much protection as you may think if you don’t know how to come up with a good passphrase.
A passphrase is like a password, but longer and more secure. In essence, it’s an encryption key that you memorize. Once you start caring more deeply about your privacy and improving your computer security habits, one of the first roadblocks you’ll run into is having to create a passphrase. You can’t secure much without one.
For example, when you encrypt your hard drive, a USB stick, or a document on your computer, the disk encryption is often only as strong as your passphrase. If you use a password database, or the password-saving feature in your web browser, you’ll want to set a strong master passphrase to protect them. If you want to encrypt your email with PGP, you protect your private key with a passphrase. In his first email to Laura Poitras, Edward Snowden wrote, “Please confirm that no one has ever had a copy of your private key and that it uses a strong passphrase. Assume your adversary is capable of one trillion guesses per second.”
In this post, I outline a simple way to come up with easy-to-memorize but very secure passphrases. It’s the latest entry in an ongoing series of stories offering solutions — partial and imperfect but useful solutions — to the many surveillance-related problems we aggressively report about here at The Intercept.
Inquiry Launched into New Zealand Mass Surveillance | The Intercept
New Zealand’s spy agency watchdog is launching an investigation into the scope of the country’s secret surveillance operations following a series of reports from The Intercept and its partners.
On Thursday, Cheryl Gwyn, New Zealand’s inspector-general of intelligence and security, announced that she would be opening an inquiry after receiving complaints about spying being conducted in the South Pacific by eavesdropping agency Government Communications Security Bureau, or GCSB.
In a press release, Gwyn’s office said: “The complaints follow recent public allegations about GCSB activities. The complaints, and these public allegations, raise wider questions regarding the collection, retention and sharing of communications data.”
This certainly does not surprise me.
And now, a brief message from the spiritual leader of Anonymous, El Ron Swanson.
The Australian government can't safeguard Putin's data. That means yours isn't safe, either | The Guardian
As the G20 data leak shows, storing data creates the potential for it to be compromised. Brace yourself for more breaches.
After Snowden, The NSA Faces Recruitment Challenge | NPR
Article and six-minute audio clip:
Last Week Tonight with John Oliver: Government Surveillance
And thanks to John Oliver, Edward Snowden is now a trending topic on Twitter.
Artists secretly install Edward Snowden statue in Brooklyn park
Meet the privacy activists who spy on the surveillance industry
The NYC parks department covering the Edward Snowden sculpture in Fort Green Park
w/ 3-D printers, let's make Gnome-like Edward Snowden statutes in the style of (http://en.wikipedia.org/wiki/Travelling_gnome_prank …) & put them everywhere
Why John Oliver Can't Find Americans Who Know Edward Snowden's Name (It's Not About Snowden)
By Glenn Greenwald, The Intercept
Human Rights Watch Sues Over Surveillance | Human Rights Watch
Seeks to Ensure End to DEA Mass Surveillance Program
Human Rights Watch filed suit on April 7, 2015, against the US Drug Enforcement Administration (DEA) for illegally collecting records of the organization’s telephone calls to foreign countries.
The DEA disclosed the existence of its mass surveillance program in January 2015, after a federal judge ordered the government to disclose more information about the program. The agency made the disclosure in a criminal case against a man accused of violating export restrictions on goods to Iran.
“At Human Rights Watch we work with people who are sometimes in life or death situations, where speaking out can make them a target,” said Dinah PoKempner, general counsel at Human Rights Watch. “Whom we communicate with and when is often extraordinarily sensitive – and it’s information that we wouldn’t turn over to the government lightly.”
Human Rights Watch is represented by the Electronic Frontier Foundation (EFF), which has filed a series of legal challenges against unconstitutional government surveillance.
Choose a color via Color picker or click the predefined style names!