Showing posts with label Espionage. Show all posts
Showing posts with label Espionage. Show all posts

September 6, 2013

Snowden Circumvented The Most Secret and Widely Used Security Protocols


nsa

NSA / Reuters
The National Security Agency headquarters building in Fort Meade, Md.
The document dump unveils some of the U.S. and its allies’ most closely guarded state secrets—whereas highly classified information is often disseminated on a “need to know” basis, “there will be NO ‘need to know,’” with respect to the highly-classied program known as Bullrun, according to one document quoted by the Times.
A new round of disclosures from the former National Security Agency contractor Edward Snowden has revealed the intelligence agency’s ultimate goal: undo Internet privacy as we know it. According to some 50,000 leaked documents provided to the GuardianProPublica, and The New York Times, the NSA has circumvented or cracked some of the most widely used encryption software in its effort to monitor global communications. Still, documents reveal, some encryption systems continue to stymie the agency, and the NSA, according to the Times, is working toward a future in which it can “decode, in real time, all of the information flying over the world’s fiber optic cables and through its Internet hubs.”
“This is the golden age of spying,” one former NSA analyst told the Times.  Here are five things you need to know about Snowden’s latest leak.
  1. Often the NSA circumvents encryption by simply collaborating with cooperative technology companies (which are unidentified in the documents). At other times, it seems, the NSA has acquired encryption keys by hacking into a company’s servers. The documents indicate that the NSA is careful to reveal decrypted messages to other agencies only when such communications could plausibly have been acquired legally.
  2. By 2006, according to The New York Times, the NSA had cracked the communications of three foreign airlines, one travel reservation system, one foreign government’s nuclear department and a different foreign government’s Internet service. By 2010, the British GCHQ (the UK’s counterpart to the NSA) was reportedly deciphering encrypted VPN communications “for 30 targets and had set a goal of an additional 300.” According to the leaked documents, by 2012 the GCHQ had  acquired “new access opportunities” into Google’s systems.
  3. The full extent of the NSA’s highly classified encryption cracking program Bullrun is only known by top officials in the NSA and its counterpart agencies in Britain, Canada, Australia and New Zealand. Bullrun has successfully foiled several of the world’s standard encryption methods, including SSL (Secure Sockets Layer), VPN (virtual private networks), and the encryption on 4G (fourth generation) smartphones.
  4. Strong, non-commercial encryption systems still seem to thwart the NSA’s efforts. The PGP (short for Pretty Good Privacy) encryption protocol, for instance, has been a cause for NSA anxiety for decades. When PGP-inventor Phil Zimmerman announced the Zfone telephone encryption technology, NSA analysts reportedly received the news in an email titled “This can’t be good.”
  5. The NSA requested that The New York Times not publish its article describing the agency’s effectiveness in thwarting encryption methods, arguing that its success relies entirely on its ability to operate stealthily. Language in the documents themselves seems to echo this position. “These capabilities are among the Sigint [Signals Intelligence] community’s most fragile,” reads one document, according to the Times, “and the inadvertent disclosure of the simple ‘fact of’ could alert the adversary and result in immediate loss of the capability.” Some experts argue, however, that the NSA’s effort to monitor communications by cracking encryption methods may be undermining its other primary purpose: protecting the security of American communications. Many of the protocols it has cracked are the very things Americans use every day for activities like online banking and sending private emails under the assumption that the encryption is secure. “Those back doors could work against U.S. communications, too,” one academic told The New York Times 

August 6, 2013

Members of Congress Denied Access to NSA Information


Capitol Hill

Members of Congress are increasingly frustrated at their inability to obtain even basic information about the NSA and FISA court. Photograph: Alex Wong/Getty Images
Members of Congress have been repeatedly thwarted when attempting to learn basic information about the National Security Agency (NSA) and the secret FISA court which authorizes its activities, documents provided by two House members demonstrate.
From the beginning of the NSA controversy, the agency's defenders have insisted that Congress is aware of the disclosed programs and exercises robust supervision over them. "These programs are subject to congressional oversight and congressional reauthorization and congressional debate," President Obama said the day after the first story on NSA bulk collection of phone records was published in this space. "And if there are members of Congress who feel differently, then they should speak up."
But members of Congress, including those in Obama's party, have flatly denied knowing about them. On MSNBC on Wednesday night, Sen. Richard Blumenthal (D-Ct) was asked by host Chris Hayes: "How much are you learning about what the government that you are charged with overseeing and holding accountable is doing from the newspaper and how much of this do you know?" The Senator's reply:
The revelations about the magnitude, the scope and scale of these surveillances, the metadata and the invasive actions surveillance of social media Web sites were indeed revelations to me."

But it is not merely that members of Congress are unaware of the very existence of these programs, let alone their capabilities. Beyond that, members who seek out basic information - including about NSA programs they are required to vote on and FISA court (FISC) rulings on the legality of those programs - find that they are unable to obtain it.
Two House members, GOP Rep. Morgan Griffith of Virginia andDemocratic Rep. Alan Grayson of Florida, have provided the Guardian with numerous letters and emails documenting their persistent, and unsuccessful, efforts to learn about NSA programs and relevant FISA court rulings.
"If I can't get basic information about these programs, then I'm not able to do my job", Rep. Griffith told me. A practicing lawyer before being elected to Congress, he said that his job includes "making decisions about whether these programs should be funded, but also an oath to safeguard the Constitution and the Bill of Rights, which includes the Fourth Amendment."
Rep. Griffith requested information about the NSA from the House Intelligence Committee six weeks ago, on June 25. He asked for "access to the classified FISA court order(s) referenced on Meet the Press this past weekend": a reference to my raising with host David Gregory thestill-secret 2011 86-page ruling from the FISA court that found substantial parts of NSA domestic spying to be in violation of the Fourth Amendment as well as governing surveillance statutes.
In that same June 25 letter, Rep. Griffith also requested the semi-annual FISC "reviews and critiques" of the NSA. He stated the rationale for his request: "I took an oath to uphold the United States Constitution, and I intend to do so."
Almost three weeks later, on July 12, Rep. Griffith requested additional information from the Intelligence Committee based on press accounts he had read about Yahoo's unsuccessful efforts in court to resist joining the NSA's PRISM program. He specifically wanted to review the arguments made by Yahoo and the DOJ, as well as the FISC's ruling requiring Yahoo to participate in PRISM.
On July 22, he wrote another letter to the Committee seeking information. This time, it was prompted by press reports that that the FISA court had renewed its order compelling Verizon to turn over all phone records to the NSA. Rep. Griffith requested access to that court ruling.
The Congressman received no response to any of his requests. With a House vote looming on whether to defund the NSA's bulk collection program - it was scheduled for July 25 - he felt he needed the information more urgently than ever. He recounted his thinking to me: "How can I responsibly vote on a program I know very little about?"
On July 23, he wrote another letter to the Committee, noting that it had been four weeks since his original request, and several weeks since his subsequent ones. To date, six weeks since he first asked, he still has received no response to any of his requests (the letters sent by Rep. Griffith can be seen here).
"I know many of my constituents will ask about this when I go home," he said, referring to the August recess when many members of Congress meet with those they represent. "Now that I won't get anything until at least September, what am I supposed to tell them? How can I talk about NSA actions I can't learn anything about except from press accounts?"
Congressman Grayson has had very similar experiences, except that he sometimes did receive responses to his requests: negative ones.
On June 19, Grayson wrote to the House Intelligence Committee requesting several documents relating to media accounts about the NSA. Included among them were FISA court opinions directing the collection of telephone records for Americans, as well as documents relating to the PRISM program.
But just over four weeks later, the Chairman of the Committee, GOP Rep. Mike Rogers, wrote to Grayson informing him that his requests had been denied by a Committee "voice vote".
In a follow-up email exchange, a staff member for Grayson wrote to the Chairman, advising him that Congressman Grayson had "discussed the committee's decision with Ranking Member [Dutch] Ruppersberger on the floor last night, and he told the Congressman that he was unaware of any committee action on this matter." Grayson wanted to know how a voice vote denying him access to these documents could have taken place without the knowledge of the ranking member on the Committee, and asked: "can you please share with us the recorded vote, Member-by-Member?" The reply from this Committee was as follows:

Thanks for your inquiry. The full Committee attends Business Meetings. At our July 18, 2013 Business Meeting, there were seven Democrat Members and nine Republican Members in attendance. The transcript is classified."
To date, neither Griffith nor Grayson has received any of the documents they requested. Correspondence between Grayson and the Committee - with names of staff members and email addresses redacted - can be read here.
Denial of access for members of Congress to basic information about the NSA and the FISC appears to be common. Justin Amash, the GOP representative who, along with Democratic Rep. John Conyers, co-sponsored the amendment to ban the NSA's bulk collection of Americans' phone records, told CNN on July 31: "I, as a member of Congress, can't get access to the court opinions. I have to beg for access, and I'm denied it if I - if I make that request."
It is the Intelligence Committees of both the House and Senate that exercise primary oversight over the NSA. But as I noted last week, both Committees are, with the exception of a handful of members, notoriously beholden to the NSA and the intelligence community generally.
Its members typically receive much larger contributions from the defense and surveillance industries than non-Committee members. And the two Committee Chairs - Democrat Dianne Feinstein in the Senate and Republican Mike Rogers in the House - are two of the most steadfast NSA loyalists in Congress. The senior Democrat on the House Committee is ardent NSA defender Dutch Ruppersberger, whose district not only includes NSA headquarters in Fort Meade, but who is also himself the second-largest recipient of defense/intelligence industry cash.
Moreover, even when members of the Intelligence Committee learn of what they believe to be serious abuses by the NSA, they are barred by law from informing the public. Two Democratic Committee members in the Senate, Ron Wyden and Mark Udall, spent years warning Americansthat they would be "stunned to learn" of the radical interpretations of secret law the Obama administration had adopted in the secret FISA court to vest themselves with extremist surveillance powers.
Yet the two Senators, prohibited by law from talking about it, concealed what they had discovered. It took Edward Snowden's whistleblowing for Americans to learn what those two Intelligence Committee members were so dramatically warning them about.
Finally, all members of Congress - not just those on the Intelligence Committees - are responsible for making choices about the NSA and for protecting the privacy rights and other Constitutional guarantees of Americans. "I did not take an oath to defer to the Intelligence Committee," Rep. Griffith told me. "My oath is to make informed decisions, and I can't do my job when I can't get even the most basic information about these programs."
In early July, Grayson had staffers distribute to House members several slides published by the Guardian about NSA programs as part of Grayson's efforts to trigger debate in Congress. But, according to one staff member, Grayson's office was quickly told by the House Intelligence Committee that those slides were still classified, despite having been published and discussed in the media, and directed Grayson to cease distribution or discussion of those materials in the House, warning that he could face sanctions if he continued.
It has been widely noted that the supremely rubber-stamping FISA court constitutes NSA "oversight" in name only, and that the Intelligence Committees are captured by the agency and constrained to act even if they were inclined to. Whatever else is true, members of Congress in general clearly know next to nothing about the NSA and the FISA court beyond what they read in the media, and those who try to rectify that are being actively blocked from finding out.
theguardian.com/commentisfree

August 5, 2013

Someone Turn off the Switch to Russia

Today there is no readership from Russia. They have been no. 2 after United states with thousands of hits a month to
http://adamfoxie.blogspot.com/ ] The real sad part is that I don’t know if it’s our government doing it or the Russians. Sad when you can trust your government as much as you trust the Russians. We’ll see how long it goes on. 


One thing for sure, it is no glitch. I complaint to Google and ask for information as to where the switch was turned off, however I will be surprise If I were to get any explanations.  It’s sad how things work now and at least thanks to Snowden we know that the government has the capability to shut anybody off with very little or no excuse. I feel Now Like I live in another Country since these facts have come out of the conduct of the government and how it can control any company to limit or stop information to the american people. 

Once the government has this type of power which it secretly(from the american people) obtained there is no way to control it. We have lost the power to control and oversee our own government. If the american people don’t get together and make these abuse of power stop through legislation and the courts then it will be too late for complaints. WE get the government we deserve because we give it the power.
Adam
                                                                          

                                                                         

August 2, 2013

You Are No Longer Free to Communicate in Private

                                                                       

In this piece from TIME you have a balance account of what happened with the woman searching for Pressure Cooker. But what most intrigue me was a commercial made in 2002 not long after 09/11.

Michele Catalano brings us a frightening story of how a series of Google searches led to a visit by
the FBI local authorities (see update below):
It was a confluence of magnificent proportions that led six agents from the joint terrorism task force to knock on my door Wednesday morning. Little did we know our seemingly innocent, if curious to a fault, Googling of certain things was creating a perfect storm of terrorism profiling. Because somewhere out there, someone was watching. Someone whose job it is to piece together the things people do on the internet raised the red flag when they saw our search history.
I don’t have much to add right now, though my sense is this is going to become a much bigger story. Or at least it should. Catalano has been published in BoingBoing, The Magazine and elsewhere, and is a former writer for Forbes, so her credibility isn’t in doubt.
UPDATE: Catalano clarified that the task force agents were not FBI. Kashmir Hill cites the FBI as saying they were not involved, and the visit was a “local police matter.”
UPDATE 2: More from The Guardian, citing an FBI spokeswoman as saying that Nassau County and Suffolk County police were both involved. Nassau County police denied involvement, however. Suffolk County police referred questions back to the FBI.
UPDATE 3: There’s more to the story than Catalano let on. According to the Suffolk County police department (via TechCrunch), the suspicious Google searches were reported by an employer, and the searches were performed on the workplace computer of a “recently released employee.” (It’s not clear from the police’s statement who the employee was.) So while the terms “pressure cooker bomb” and “backpack” were indeed flagged as suspicious, this was a case of a company monitoring its employee’s web searches, not secret monitoring of things you search for in the privacy of your home. It’s an interesting story either way–something to think about if you’re Googling at work–but I do regret jumping on it before all the facts were in order. The rest of the original story continues below.
For all we’ve heard about PRISM over the last couple of months, what we haven’t seen are clear examples of innocent people–those who say they have nothing to hide–having federal agents enter their homes on the basis of some Google searches. The agents in this story said they perform about 100 of these visits every week.
By 
Do me a favor, though, and watch this Ad Council commercial from 2002, put together in response to 9/11, and tell me this isn’t exactly what we were afraid of back then:
 

March 1, 2013

Is The US Hacking China Back


 
Analysts take part in a Homeland Security Department cybersecurity exercise at Idaho National Laboratory in 2011. (AP Photo/Mark J. Terrill)      Nationaljournal.com

Americans have been bombarded for weeks by reports that the United States is engaged in a shadowy cyberwar against Chinese hackers. This has included warnings that Chinese digital spies have thoroughly infiltrated U.S. networks and that a national shortage of cyberprofessionals has put the country at a strategic disadvantage. All of that is true. But that doesn’t necessarily mean Washington isn’t snooping back. What can we learn about American intrusions into Chinese networks?
The Pentagon doesn’t talk much about its cyberoffense. To do so would risk giving away tactical knowledge — however insignificant — that foreign defenders might find useful. Still, as NPR’s Tom Gjelten reported last month, commanders have spoken publicly on occasion about their offensive activities. Stuxnet, the worm that sabotaged Iran’s nuclear centrifuges, is widely believed to be a U.S. cyberweapon. Now China says it has come under attack from American hackers.
According to China’s defense ministry, its website and China Military Online suffered as many as 144,000 “hacking attacks” from outside the country each month last year. Geng Yansheng, a ministry spokesperson, claimed that 62.9 percent of those attacks came from American IP addresses — the unique set of numbers that identify your computer to the Internet.
It’s obviously impossible to know whether Beijing is being honest about those figures. But if this is their way of accusing the United States of doing the same thing that they are — and that everyone should quit complaining — it’s a pretty weak defense. Even if we take their figures at face value (more on that next), there’s a big difference between knocking a website offline and penetrating a corporate network undetected so that you can steal trade secrets. The former involves very low stakes; anyone can do it, and the payoff is insignificant. Espionage and intelligence-gathering is all about the latter. 
Sixty-three percent of China’s website hacks were traced back to the United States. But, just as it’s very difficult to prove with 100 percent certainty that recent cyberspying on American firms was the work of Chinese hackers and not, say, Russian or North Korean hackers routing their work through China, it’s equally hard to prove that the American government was responsible for the hacks going in the other direction. This is what’s called the attribution problem: All the circumstantial evidence points you to one culprit, but you can never know if you’ve fingered the right actor for sure. If the United States is retaliating against China with hacks of its own, website vandalism should be the least of Beijing's complaints.

November 29, 2012

CIA Recruiting Gay Spies at Miami’s South Beach

  BY MATTHEW JENKIN     
The day we see a gay James Bond or Jason Bourne may not be as far off as we thought after the CIA announced it is actively recruiting LGBT spies in Miami, Florida.
America's secret service has teamed up with theMiami-Dade Gay and Lesbian Chamber of Commerce to sponsor a networking event at theLGBT Visitor Center in South Beach tonight (28 November).
The agency will use the evening to promote careers in the CIA and 'debunk myths' about the clandestine organization which in 1989 was found to deny security clearances to gay people.
Michael Barber, the CIA’s LGBT Community Outreach and Liaison program manager told the Miami Herald that the event is the first of its kind.
Technical Information Officer Tracey Ballard, who will also speak tonight, said: 'There was a history of discrimination against LGBT persons in the federal government.
'The process was extremely difficult for LGBT people to get security clearance prior to 1995.'
The rules on gay employees were relaxed after President Bill Clinton signed an anti-discrimination order banning the government to refuse lesbian, gay, bisexual and transgender staff access to classified information.
Ballard adds that the new rule meant LGBT employees felt more comfortable to come out at work.
She said: 'It allowed conversations among our peers. True conversations. We didn't’ have to hide anymore. That's a cultural shift, to allow our peers to be seen as equal, based upon the work they do.’

Featured Posts

Human Rights Campaign Testifies Against Judge Neil Gorsuch

LGBTQ groups have come out in strong opposition to the nomination of Neil Gorsuch as U.S. Supreme Court Justice, ar...