Jump to content

Search the Community

Showing results for tags 'NSA'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 88 results

  1. Beware of find-my-phone, Wi-Fi, and Bluetooth, NSA tells mobile users And don't forget to limit ad tracking. Advisory contains a host of recommendations. Enlarge Christine Wang / Flickr 81 with 61 posters participating The National Security Agency is recommending that some government workers and people generally concerned about privacy turn off find-my-phone, Wi-Fi, and Bluetooth whenever those services are not needed, as well as limit location data usage by apps. “Location data can be extremely valuable and must be protected,” an advisory published on Tuesday stated. “It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations.” NSA officials acknowledged that geolocation functions are enabled by design and are essential to mobile communications. The officials also admit that the recommended safeguards are impractical for most users. Mapping, location tracking of lost or stolen phones, automatically connecting to Wi-Fi networks, and fitness trackers and apps are just a few of the things that require fine-grained locations to work at all. The cost of convenience But these features come at a cost. Adversaries may be able to tap into location data that app developers, advertising services, and other third parties receive from apps and then store in massive databases. Adversaries may also subscribe to services such as those offered by Securus and LocationSmart, two services that The New York Times and KrebsOnSecurity documented, respectively. Both companies either tracked or sold locations of customers collected by the cell towers of major cellular carriers. Not only did LocationSmart leak this data to anyone who knew a simple trick for exploiting a common class of website bug, but a Vice reporter was able to obtain the real-time location of a phone by paying $300 to a different service. The New York Times also published this sobering feature outlining services that use mobile location data to track the histories of millions of people over extended periods. The advisory also warns that tracking often happens even when cellular service is turned off, since both Wi-Fi and Bluetooth can also track locations and beam them to third parties connected to the Internet or with a sensor that’s within radio range. To prevent these types of privacy invasions, the NSA recommends the following: Disable location services settings on the device. Disable radios when they are not actively in use: disable BT and turn off Wi-Fi if these capabilities are not needed. Use Airplane Mode when the device is not in use. Ensure BT and Wi-Fi are disabled when Airplane Mode is engaged. Apps should be given as few permissions as possible: Set privacy settings to ensure apps are not using or sharing location data. Avoid using apps related to location if possible, since these apps inherently expose user location data. If used, location privacy/permission settings for such apps should be set to either not allow location data usage or, at most, allow location data usage only while using the app. Examples of apps that relate to location are maps, compasses, traffic apps, fitness apps, apps for finding local restaurants, and shopping apps. Disable advertising permissions to the greatest extent possible: Set privacy settings to limit ad tracking, noting that these restrictions are at the vendor’s discretion. Reset the advertising ID for the device on a regular basis. At a minimum, this should be on a weekly basis. Turn off settings (typically known as FindMy or Find My Device settings) that allow a lost, stolen, or misplaced device to be tracked. Minimize Web browsing on the device as much as possible, and set browser privacy/permission location settings to not allow location data usage. Use an anonymizing Virtual Private Network (VPN) to help obscure location. Minimize the amount of data with location information that is stored in the cloud, if possible. If it is critical that location is not revealed for a particular mission, consider the following recommendations: Determine a non-sensitive location where devices with wireless capabilities can be secured prior to the start of any activities. Ensure that the mission site cannot be predicted from this location. Leave all devices with any wireless capabilities (including personal devices) at this non-sensitive location. Turning off the device may not be sufficient if a device has been compromised. For mission transportation, use vehicles without built-in wireless communication capabilities, or turn off the capabilities, if possible. Mobile phone use means being tracked Patrick Wardle, a macOS and iOS security expert and a former hacker for the NSA, said the recommendations are a “great start” but that people who follow the recommendations shouldn’t consider them anything close to absolute protection. “As long as your phone is connecting to cell towers, which it has to in order to use the cell network... AFAIK that’s going to reveal your location,” Wardle, who is a security researcher at the macOS and iOS enterprise management firm Jamf, told me. “It, as always, is a tradeoff between functionality/usability and security, but basically if you use a phone, assume that you can be tracked.” He said that recent versions of iOS make it easy to follow many of the recommendations. The first time users open an app, they get a prompt asking if they want the app to receive location data. If the user says yes, the access can only happen when the app is open. That prevents apps from collecting data in the background over extended periods of time. iOS also does a good job of randomizing MAC addresses that, when static, provide a unique identifier for each device. More recent versions of Android also allow the same location permissions and, when running on specific hardware (which usually come at a premium cost), also randomize MAC addresses. Both OSes require users to manually turn off ad personalization and reset advertising IDs. In iOS, people can do this in Settings > Privacy > Advertising. The slider for Limit Ad Tracking should be turned on. Just below the slider is the Reset Advertising Identifier. Press it and choose Reset Identifier. While in the Privacy section, users should review which apps have access to location data. Make sure as few apps as possible have access. Change some settings In Android 10, users can limit ad tracking and reset advertising IDs by going to Settings > Privacy and clicking Ads. Both the Reset Advertising ID and Opt Out of Ads personalization are there. To review which apps have access to location data, go to Settings > Apps & notifications > Advanced > Permission Manager > Location. Android allows apps to collect data continuously or only when in use. Allow only apps that truly require location data to have access, and then try to limit that access to only when in use. Tuesday’s advisory also recommends people limit sharing location information in social media and remote metadata showing sensitive locations before posting pictures. The NSA also warns about location data being leaked by car navigation systems, wearable devices such as fitness devices, and Internet-of-things devices. The advice is aimed primarily at military personnel and contractors whose location data may compromise operations or put them at personal risk. But the information can be useful to others, as long as they consider their threat model and weigh the acceptable risks versus the benefits of various settings. Beware of find-my-phone, Wi-Fi, and Bluetooth, NSA tells mobile users
  2. Inside the NSA’s Secret Tool for Mapping Your Social Network Edward Snowden revealed the agency’s phone-record tracking program. But thanks to “precomputed contact chaining,” that database was much more powerful than anyone knew. Illustration: Elena Lacey; Baikal/Alamy In the summer of 2013, I spent my days sifting through the most extensive archive of top-secret files that had ever reached the hands of an American journalist. In a spectacular act of transgression against the National Security Agency, where he worked as a contractor, Edward Snowden had transmitted tens of thousands of classified documents to me, the columnist Glenn Greenwald, and the documentary filmmaker Laura Poitras. One of those documents, the first to be made public in June 2013, revealed that the NSA was tracking billions of telephone calls made by Americans inside the US. The program became notorious, but its full story has not been told. The first accounts revealed only bare bones. If you placed a call, whether local or international, the NSA stored the number you dialed, as well as the date, time and duration of the call. It was domestic surveillance, plain and simple. When the story broke, the NSA discounted the intrusion on privacy. The agency collected “only metadata,” it said, not the content of telephone calls. Only on rare occasions, it said, did it search the records for links among terrorists. I decided to delve more deeply. The public debate was missing important information. It occurred to me that I did not even know what the records looked like. At first I imagined them in the form of a simple, if gargantuan, list. I assumed that the NSA cleaned up the list—date goes here, call duration there—and converted it to the agency’s preferred “atomic sigint data format.” Otherwise I thought of the records as inert. During a conversation at the Aspen Security Forum that July, six weeks after Snowden’s first disclosure and three months after the Boston Marathon bombing, Admiral Dennis Blair, the former director of national intelligence, assured me that the records were “stored,” untouched, until the next Boston bomber came along. Even by that account, the scale of collection brought to mind an evocative phrase from legal scholar Paul Ohm. Any information in sufficient volume, he wrote, amounted to a “database of ruin.” It held personal secrets that “if revealed, would cause more than embarrassment or shame; it would lead to serious, concrete, devastating harm.” Nearly anyone in the developed world, he wrote, “can be linked to at least one fact in a computer database that an adversary could use for blackmail, discrimination, harassment, or financial or identity theft.” Revelations of “past conduct, health, or family shame,” for example, could cost a person their marriage, career, legal residence, or physical safety. Mere creation of such a database, especially in secret, profoundly changed the balance of power between government and governed. This was the Dark Mirror embodied, one side of the glass transparent and the other blacked out. If the power implications do not seem convincing, try inverting the relationship in your mind: What if a small group of citizens had secret access to the telephone logs and social networks of government officials? How might that privileged knowledge affect their power to shape events? How might their interactions change if they possessed the means to humiliate and destroy the careers of the persons in power? Capability matters, always, regardless of whether it is used. An unfired gun is no less lethal before it is drawn. And in fact, in history, capabilities do not go unused in the long term. Chekhov’s famous admonition to playwrights is apt not only in drama, but in the lived experience of humankind. The gun on display in the first act—nuclear warheads, weaponized disease, Orwellian cameras tracking faces on every street—must be fired in the last. The latent power of new inventions, no matter how repellent at first, does not lie forever dormant in government armories. These could be cast as abstract concerns, but I thought them quite real. By September of that year, it dawned on me that there were also concrete questions that I had not sufficiently explored. Where in the innards of the NSA did the phone records live? What happened to them there? The Snowden archive did not answer those questions directly, but there were clues. I stumbled across the first clue later that month. I had become interested in the NSA’s internal conversation about “bulk collection,” the acquisition of high-volume data sets in their entirety. Phone records were one of several kinds. The agency had grown more and more adept, brilliantly creative in fact, at finding and swallowing other people’s information whole. Lately the NSA had begun to see that it consumed too much to digest. Midlevel managers and engineers sounded notes of alarm in briefings prepared for their chains of command. The cover page of one presentation asked “Is It the End of the SIGINT World as We Have Come to Know It?” The authors tried for a jaunty tone but had no sure answer. The surveillance infrastructure was laboring under serious strain. One name caught my eye on a chart that listed systems at highest risk: Mainway. I knew that one. NSA engineers had built Mainway in urgent haste after September 11, 2001. Vice President Dick Cheney’s office had drafted orders, signed by President George W. Bush, to do something the NSA had never done before. The assignment, forbidden by statute, was to track telephone calls made and received by Americans on American soil. The resulting operation was the lawless precursor of the broader one that I was looking at now. Mainway came to life alongside Stellarwind, the domestic surveillance program created by Cheney in the first frantic weeks after al Qaeda flew passenger airplanes into the Pentagon and World Trade Center. Stellarwind defined the operation; Mainway was a tool to carry it out. At the time, the NSA knew how to do this sort of thing with foreign telephone calls, but it did not have the machinery to do it at home. When NSA director Mike Hayden received the execution order on October 4, 2001 for “the vice president’s special program,” NSA engineers assembled a system from bare metal and borrowed code within a matter of days, a stupendous achievement under pressure. They commandeered 50 state-of-the-art computer servers from Dell, which was about to ship them to another customer, and lashed them into a quick and dirty but powerful cluster. Hayden cleared out space in a specially restricted wing of OPS 2B, an inner sanctum of the gleaming, mirrored headquarters complex at Fort Meade, Maryland. When the cluster expanded, incorporating some 200 machines, Mainway spilled into an annex in the Tordella Supercomputer Facility nearby. Trusted lieutenants began calling in a small group of analysts, programmers, and mathematicians on October 6 and 7. On Columbus Day, October 8, Hayden briefed them on their new jobs in a specially compartmented new operation. That day he called it Starburst. The Stellarwind cryptonym replaced it soon afterward. During the same holiday weekend, Hayden dispatched personnel from Special Source Operations to negotiate the secret purchase of telephone data in bulk from companies including AT&T and Verizon. The price would surpass $102 million in the coming five years. It was impossible to hide the hubbub from other NSA personnel, who saw new equipment arriving under armed escort at a furious pace, but even among top clearance holders hardly anyone knew what was going on. Stellarwind was designated as ECI, “exceptionally controlled information,” the most closely held classification of all. From his West Wing office, Cheney ordered that Stellarwind be concealed from the judges of the FISA Court and from members of the intelligence committees in Congress. According to my sources and the documents I worked through in the fall of 2013, Mainway soon became the NSA’s most important tool for mapping social networks—an anchor of what the agency called Large Access Exploitation. “Large” is not an adjective in casual use at Fort Meade. Mainway was built for operations at stupendous scale. Other systems parsed the contents of intercepted communications: voice, video, email and chat text, attachments, pager messages, and so on. Mainway was queen of metadata, foreign and domestic, designed to find patterns that content did not reveal. Beyond that, Mainway was a prototype for still more ambitious plans. Next-generation systems, their planners wrote, could amplify the power of surveillance by moving “from the more traditional analysis of what is collected to the analysis of what to collect.” Patterns gleaned from call records would identify targets in email or location databases, and vice versa. Metadata was the key to the NSA’s plan to “identify, track, store, manipulate and update relationships” across all forms of intercepted content. An integrated map, presented graphically, would eventually allow the NSA to display nearly anyone’s movements and communications on a global scale. In their first mission statement, planners gave the project the unironic name “the Big Awesome Graph.” Inevitably it acquired a breezy acronym, “the BAG.” The crucial discovery on this subject turned up at the bottom right corner of a large network diagram prepared in 2012. A little box in that corner, reproduced below, finally answered my question about where the NSA stashed the telephone records that Blair and I talked about. The records lived in Mainway. The implications were startling. The diagram as a whole, too large to display in full, traced a “metadata flow sourced from billing records” at AT&T as they wended through a maze of intermediate stops along the way to Fort Meade. Mailorder, the next to last stop, was an electronic traffic cop, a file sorting and forwarding system. The ultimate destination was Mainway. The “BRF Partitions” in the network diagram were named for Business Records FISA orders, among them a dozen signed in 2009 that poured the logs of hundreds of billions of phone calls into Mainway. To a first-time reader of network maps, Mainway’s cylindrical icon might suggest a storage tank. It is not. The cylinder is a standard symbol for a database, an analytic service that runs on the hardware. Mainway was not a container for data at rest. The NSA has names for those. They are called data marts and data warehouses. If the agency merely stored the US telephone records, it would have left them in a system called Fascia II, the “call detail record warehouse” that feeds Mainway. Mainway’s mission, laid out in its first fiscal year, was to “enable NSA ... to dominate the global communications infrastructure, and the targets that currently operate anonymously within it.” The way the system accomplished that task had huge implications for American privacy. For reasons that will become apparent soon, I want to reproduce the entry for Mainway in the SSO Dictionary, a classified NSA reference document: There were three noteworthy terms in that short passage: volume problem, contact chaining, and precomputed. The last two, in combination, turned my understanding of the call records program upside down. Before we get to them, a note on the volume problem. The NSA has many volume problems, actually. Too much information moving too fast across global networks. Too much to ingest, too much to store, too much to retrieve through available pipes from distant collection points. Too much noise drowning too little signal. In the passage I just quoted, however, the volume problem referred to something else—something deeper inside the guts of the surveillance machine. It was the strain of an unbounded appetite on the NSA’s digestive tract. Collection systems were closing their jaws on more data than they could chew. Processing, not storage, was the problem. For a long time, intelligence officials explained away the call records database by quoting a remark from President Bush. “It seems like to me that if somebody is talking to al Qaeda, we want to know why,” he had said. In fact, that was not at all the way the NSA used the call records. The program was designed to find out whether, not why, US callers had some tie to a terrorist conspiracy—and to do so, it searched us all. Working through the FBI, the NSA assembled a five-year inventory of phone calls from every account it could touch. Trillions of calls. Nothing like that was needed to find the numbers on a bad guy’s telephone bill. This is where contact chaining came in. The phrase is used to describe a sophisticated form of analysis that looks for hidden, indirect relationships in very large data sets. Contact chaining began with a target telephone number, such as Boston bomber Dzhokhar Tsarnaev’s, and progressively widened the lens to ask whom Tsarnaev’s contacts were talking to, and whom those people were talking to, and so on. Software tools mapped the call records as “nodes” and “edges” on a grid so large that the human mind, unaided, could not encompass it. Nodes were dots on the map, each representing a telephone number. Edges were lines drawn between the nodes, each representing a call. A related tool called MapReduce condensed the trillions of data points into summary form that a human analyst could grasp. Network theory called this map a social graph. It modeled the relationships and groups that defined each person’s interaction with the world. The size of the graph grew exponentially as contact chaining progressed. The whole point of chaining was to push outward from a target’s immediate contacts to the contacts of contacts, then contacts of contacts of contacts. Each step in that process was called a hop. Double a penny once a day and you reach $1 million in less than a month. That is what exponential growth looks like with a base of two. As contact chaining steps through its hops, the social graph grows much faster. If the average person calls or is called by 10 other people a year, then each hop produces a tenfold increase in the population of the NSA’s contact map. Most of us talk on the phone with a lot more than 10 others. Whatever that number, dozens or hundreds, you multiply it by itself to measure the growth at each hop. Former NSA deputy director John C. Inglis testified to Congress in 2013 that NSA analysts typically “go out two or three hops” when they chain through the call database. For context, data scientists estimated decades ago that it would take no more than six hops to trace a path between any two people on Earth. Their finding made its way into popular culture in Six Degrees of Separation, the play by John Guare (which subsequently was adapted into a film). Three students at Albright College refashioned the film as a parlor game, “Six Degrees of Kevin Bacon.” The game then inspired a website, The Oracle of Bacon, that calculates the shortest path from the Footloose star to any of his Hollywood peers. The site is still live as I write this, and it makes for an entertaining guide on hops and where they can take you. Bacon shared screen credits with a long list of actors. Those were his direct links, one hop from Bacon himself. Actors who never worked alongside him, but appeared in a film with someone who had, were two hops away from Bacon. Scarlett Johansson never worked with Bacon, but each of them had starred alongside Mickey Rourke: Bacon in Diner, Johannson in Iron Man 2. Two hops, through Rourke, connected them. If you kept on playing you discovered that Bacon was seldom more than two hops away from any actor, however removed in time and movie style. In a single-industry town like Hollywood, links like these might make intuitive sense. More surprising, if you did not spend much time around logarithms, was the distance traveled by one or two hops through the vastly larger NSA data set. Academic research suggested that an average of three hops—the same number Inglis mentioned—could trace a path between any two Americans. Contact chaining on a scale as grand as a whole nation’s phone records was a prodigious computational task, even for Mainway. It called for mapping dots and clusters of calls as dense as a star field, each linked to others by webs of intricate lines. Mainway’s analytic engine traced hidden paths across the map, looking for relationships that human analysts could not detect. Mainway had to produce that map on demand, under pressure of time, whenever its operators asked for a new contact chain. No one could predict the name or telephone number of the next Tsarnaev. From a data scientist’s point of view, the logical remedy was clear. If anyone could become an intelligence target, Mainway should try to get a head start on everyone. “You have to establish all those relationships, tag them, so that when you do launch the query you can quickly get them,” Rick Ledgett, the former NSA deputy director, told me years later. “Otherwise you’re taking like a month to scan through a gazillion-line phone bill.” And that, right there, was where precomputation came in. Mainway chained through its database continuously—“operating on a 7x24 basis,” according to the classified project summary. You might compare its work, on the most basic level, to indexing a book—albeit a book with hundreds of millions of topics (phone numbers) and trillions of entries (phone calls). One flaw in this comparison is that it sounds like a job that will be finished eventually. Mainway’s job never ended. It was trying to index a book in progress, forever incomplete. The FBI brought the NSA more than a billion new records a day from the telephone companies. Mainway had to purge another billion a day to comply with the FISA Court’s five-year limit on retention. Every change cascaded through the social graph, redrawing the map and obliging Mainway to update ceaselessly. Mainway’s purpose, in other words, was neither storage nor preparation of a simple list. Constant, complex, and demanding operations fed another database called the Graph-in-Memory. When the Boston marathon bombs exploded in April 2013, the Graph-in-Memory was ready. Absent unlucky data gaps, it already held a summary map of the contacts revealed by the Tsarnaev brothers’ calls. The underlying details—dates, times, durations, busy signals, missed calls, and “call waiting events”—were easily retrieved on demand. Mainway had already processed them. With the first hop precomputed, the Graph-in-Memory could make much quicker work of the second and the third. To keep a Tsarnaev graph at the ready, Mainway also had to precompute a graph for everyone else. And if Mainway had your phone records, it also held a rough and ready diagram of your business and personal life. As I parsed the documents and interviewed sources in the fall of 2013, the implications finally sank in. The NSA had built a live, ever-updating social graph of the US. Our phone records were not in cold storage. They did not sit untouched. They were arranged in a one-hop contact chain of each to all. All kinds of secrets—social, medical, political, professional—were precomputed, 24/7. Ledgett told me he saw no cause for concern because “the links are unassembled until you launch a query.” I saw a database that was preconfigured to map anyone’s life at the touch of a button. I am well aware that a person could take this line of thinking too far. Maybe I have. The US is not East Germany. As I pieced this picture together, I had no reason to believe the NSA made corrupt use of its real-time map of American life. The rules imposed some restrictions on use of US telephone records, even after Bush’s attorney general, Michael Mukasey, blew a hole in them. Only 22 top officials, according to the Privacy and Civil Liberties Oversight Board, had authority to order a contact chain to be built from data in Mainway’s FISA partitions. But history has not been kind to the belief that government conduct always follows rules or that the rules will never change in dangerous ways. Rules can be bypassed or rewritten—with or without notice, with or without malignant intent, by a few degrees at a time or more than a few. Government might decide one day to look in Mainway or a comparable system for evidence of a violent crime, or any crime, or any suspicion. Governments have slid down that slope before. Within living memory, Richard Nixon had ordered wiretaps of his political enemies. The FBI, judging Martin Luther King Jr. a “dangerous and effective Negro,” used secret surveillance to record his sexual liaisons. A top lieutenant of J. Edgar Hoover invited King to kill himself or face exposure. Meaningful abuse of surveillance had come much more recently. The FBI illegally planted hundreds of GPS tracking devices without warrants. New York police spied systemically on mosques. Governments at all levels used the power of the state most heavy-handedly, sometimes illegally, to monitor communities disadvantaged by poverty, race, religion, ethnicity, and immigration status. As a presidential candidate, Donald Trump threatened explicitly to put his opposing candidate in jail. Once in office, he asserted the absolute right to control any government agency. He placed intense pressure on the Justice Department, publicly and privately, to launch criminal investigations of his critics. The Graph-in-Memory knew nothing of such things. It had no awareness of law or norms or the nature of abuse. It computed the chains and made diagrams of our hidden relationships on a vast, ever-updating map. It obeyed its instructions, embedded in code, whatever those instructions said or might ever say. Adapted from Dark Mirror: Edward Snowden and the American Surveillance State by Barton Gellman. Copyright © 2020 by Barton Gellman. Published by arrangement with Penguin Press, an imprint of Penguin Publishing Group, a division of Penguin Random House LLC. Source: Inside the NSA’s Secret Tool for Mapping Your Social Network (Wired)
  3. Momentum is growing in Congress to reject the Trump administration’s request to reauthorize a controversial surveillance program. Lawmakers have until March 15 to reauthorize expiring provisions under the USA Freedom Act, including a controversial phone records program known as Section 215. The program, initially made public through leaks by former government contractor Edward Snowden, allows the National Security Agency (NSA) to collect metadata on incoming and outgoing calls from a specific number, though it does not allow the NSA to look at the content of the calls. Attorney General William Barr met with Senate Republicans on Tuesday to discuss the law and make the case for a blanket extension. But key chairmen in the House and Senate do not support reauthorizing the call records program, arguing it has been subsequently been made inoperable. “That would be a tough sell if you don’t use it,” said Senate Judiciary Committee Chairman Lindsey Graham (R-S.C.). The New York Times reported on Tuesday that Section 215 had cost $100 million between 2015 and 2019 but only in two instances provided information the FBI didn’t already have. That resulted in one investigation. This raises the odds that Congress could formally revoke authorization for the call records program while greenlighting an extension of other parts of the surveillance law set to expire. Sen. John Cornyn (Texas), a member of GOP leadership and the Senate Intelligence Committee, noted that the “experts” within the intelligence community support ending the call records program. “I don’t believe that the experts find that call record reauthorization particularly helpful. So I could support reauthorizing the other parts … and not reauthorize that,” he said. Cornyn added that he understands Barr and other administration officials want to keep the authority for the program but “I think they can come back to Congress when and if they come up with a better technology solution, and we could consider reauthorizing it then, not now.” Sens. Richard Burr (R-N.C.) and Mark Warner (D-Va.) — the chairman and vice chairman of the Intelligence Committee, respectively — have filed legislation that would formally end the call records program while providing an eight-year extension for its other provisions. Meanwhile, House Democrats on the Intelligence and Judiciary committees unveiled legislation this week that would repeal the NSA’s authority to run the program. That bill is scheduled to get a vote in the Judiciary Committee on Wednesday. The NSA shuttered the program, arguing that the changes made by the USA Freedom Act, which Congress passed in 2015, made the call records program unworkable. The law changed the bulk collection of metadata by requiring the government to specify an individual or account, a step that narrows the swath of data collected. Despite this, then-acting Director of National Intelligence Dan Coats last year formally asked Congress to reauthorize Section 215, along with the other provisions, arguing that the intelligence community should retain the authority to restart the program down the road. Barr, according to GOP senators, urged lawmakers during the private meeting on Tuesday to pass a “clean” reauthorization of all three provisions. Sen. Mike Lee (R-Utah) said in a tweet that he “made a long case against a simple reauthorization” during the closed-door lunch. But Barr appears to have the backing of Senate Majority Leader Mitch McConnell (R-Ky.), who told reporters on Tuesday that he supports extending the surveillance powers. “They’re still relevant to our effort to go after terrorists today. ... These tools have been overwhelmingly useful according to our intelligence advisors, and I hope that when the Senate deals with these expiring provisions in a couple of weeks we’ll be able to continue to have them in law,” McConnell told reporters. McConnell’s support for extending all three parts of the law, however, does not mean the Senate will do so. The GOP leader did not support the USA Freedom Act in 2015, instead trying to get the Senate to make a blanket reauthorization of the post-9/11 Patriot Act language. But the GOP leader ran into a roadblock as libertarian-minded senators, including Sen. Rand Paul (R-Ky.), blocked McConnell’s efforts to force through a short-term extension of the Patriot Act provisions. In the end, the surveillance reform bill passed the Senate with nearly 20 Republican senators supporting it. Senators stressed that the path forward on the surveillance reauthorization is fluid. Graham has not said if he will give the Burr-Warner bill a vote in committee before the March 15 deadline, saying he needs to discuss the path forward with McConnell. “We’ve got about 63.7 moving parts and they will eventually come together,” said Sen. John Kennedy (R-La.) “But there’s no way to predict what’s going to happen.” Lawmakers have 14 working days to get a reauthorization through a divided government, raising the prospect that Congress could need to pass a blanket short-term extension of the surveillance programs, delaying the ending of the call records program until later this year. “Clock’s ticking,” Warner said, asked if there was enough time to get it done by the March 15 deadline. “I would like to get this in the rearview mirror. ... My hope is it will be sooner than later.” Some House Republicans, angered over the use of warrants to surveil a former Trump campaign associate, have discussed trying to include changes to the Foreign Intelligence Surveillance Act (FISA) court warrant application process as part of the surveillance debate. Justice Department inspector general Michael Horowitz found 17 “significant inaccuracies and omissions” in the applications to monitor Trump campaign associate Carter Page, taking particular issue with applications to renew the FISA warrant and chastising the FBI for a lack of satisfactory explanations for those mistakes. Sen. Ron Johnson (R-Wis.) noted that Horowitz’s report had raised skepticism for him about the larger FISA process, and floated a short-term extension of the surveillance powers so that Congress could fold in a deal on broader FISA changes into the USA Freedom reauthorization. “Maybe what we need to do is a short-term reauthorization while we kind of think this whole process through,” Johnson said. “Somebody who has been very supportive of these authorities. When I’m questioning it, that kind of says something.” Barr told Republicans during the closed-door caucus lunch that he was planning to use his regulatory powers to make changes to the FISA process, potentially alleviating the need to inject the fight over the Page warrant application into the legislation on the surveillance programs. “My view of that would be there’s nothing wrong with the law if people tell the truth as it relates to Carter Page,” said Sen. Roy Blunt (R-Mo.), a member of the Intelligence Committee. The Senate Judiciary Committee is gearing up for an in-depth probe into the FISA warrant application process and the investigation into 2016 Russian election meddling and the Trump campaign. “Sen. Graham has a very careful schedule laid out,” Cornyn said. “We shouldn’t try to do that by March the 15th.” Source
  4. A National Security Agency (NSA) surveillance program that accessed American citizens’ domestic phone calls and text messages resulted in only one investigation between 2015 and 2019 despite costing $100 million, a newly declassified study found. The report, which was produced by the Privacy and Civil Liberties Oversight Board and briefed to Congress on Tuesday, also found that the program only yielded information the FBI did not already have on two occasions during that four-year period. “Based on one report, F.B.I. vetted an individual, but, after vetting, determined that no further action was warranted,” the report said, according to The New York Times. “The second report provided unique information about a telephone number, previously known to U.S. authorities, which led to the opening of a foreign intelligence investigation.” The report contains no further details of the investigation in question or its outcome. The USA Freedom Act of 2015, the law that authorized the program, is set to expire March 15, but the Trump administration has asked Congress to extend it. The House Judiciary Committee is set to consider a bill that would end the program’s authorization on Wednesday. The NSA’s decision last year to suspend the program “shows a lot of judgment to acknowledge that something that consumed a lot of resources and time did not yield the value anticipated,” Adam I. Klein, chairman of the board, which was established on the recommendation of the 9/11 Commission, told the Times. “We want agencies to be able to reflect on their collection capabilities and wind them down where appropriate. That’s the best way to ensure civil liberties and privacy are balanced with operational needs,” he added. Source
  5. Python Programming Language: Now you can take NSA's free course for Beginners NSA releases Python course after receiving a Freedom of information Act (FOIA) request for its training materials. Developers already have numerous options from the likes of Microsoft and Google for learning how to code in the popular Python programming language. But now budding Python developers can read up on the National Security Agency's own Python training materials. Software engineer Chris Swenson filed a Freedom of information Act (FOIA) request with the NSA for access to its Python training materials and received a lightly redacted 400-page printout of the agency's COMP 3321 Python training course. Swenson has since scanned the documents, ran OCR on the text to make it searchable, and hosted it on Digital Oceans Spaces. The material has also been uploaded to the Internet Archive. There doesn't look to be anything controversial in the documents, which contains course material sessions that would take between 45 and 90 minutes to complete in a class setting. The COMP 3321 course can be completed over a "full-time, two-week block" with 10 modules covered per week. The NSA also suggests that the material could be taught at a more "leisurely pace, for instance during a weekly brown bag lunch" over several months or even over a three-day workshop. The course offers a quick introduction to Python, its creator Guido van Rossum, and what the language is suitable for, such as automating tasks, creating a web application or doing advanced mathematical research. It also explains why Python has become so popular among beginning developers and data scientists. "If you don't know any programming languages yet, Python is a good place to start. If you already know a different language, it's easy to pick Python on the side. Python isn't entirely free of frustration and confusion, but hopefully you can avoid those parts until long after you get some good use out of Python," writes the NSA. Students use version 4.4.0 of the Anaconda3 Python distribution and can run Python in the command line or through a Jupyter notebook from the browser. Python developer Kushal Das has pulled out some interesting details from the material. He found that the NSA has an internal Python package index, that its GitLab instance is gitlab.coi.nsa.ic.gov, and that it has a Jupyter gallery that runs over HTTPS. NSA also offers git installation instructions for CentOS, Red Hat Enterprise Linux, Ubuntu, and Windows, but not Debian.
  6. Intelligence agencies stopped the practice last year American intelligence agencies quietly stopped the warrantless collection of US phone location data last year, according to a letter from the Office of the Director of National Intelligence released today. Last year, in a landmark decision, the Supreme Court ruled against authorities looking to search through electronic location data without a warrant. Citing the ruling, Sen. Ron Wyden (D-OR), a privacy hawk in Congress, wrote a letter to then-Director of National Intelligence Dan Coats asking how agencies like the National Security Agency would apply the court’s decision. In a response to Wyden released today, a representative for the office said intelligence agencies have already stopped the practice of collecting US location data without a warrant. Previously, agencies collected that information through surveillance powers granted under the Patriot Act. But since the Supreme Court’s decision, the agencies have stopped the practice, and they now back up those searches through a warrant, under the legal standard of probable cause. In the letter to Wyden, the intelligence community official writes that the Supreme Court’s decision presented “significant constitutional and statutory issues,” but would not explicitly rule out using the tools in the future. The letter says that “neither the Department of Justice nor the Intelligence Community has reached a legal conclusion” on the matter. Next month, provisions of the Patriot Act — specifically, Section 215 — are set to expire, raising questions about potential reforms. “Now that Congress is considering reauthorizing Section 215, it needs to write a prohibition on warrantless geolocation collection into black-letter law,” Wyden said in a statement. “As the past year has shown, Americans don’t need to choose between liberty and security — Congress should reform Section 215 to ensure we have both.” Source: The NSA has stopped collecting location data from US cellphones without a warrant (via The Verge)
  7. The NSA surveillance whistleblower issued a scathing review of tech in his upcoming interview with Recode’s Kara Swisher. Former CIA employee and whistleblower Edward Snowden talked to Kara Swisher in an upcoming edition of the Recode Decode podcast. American whistleblower Edward Snowden is living a life of exile in Russia because he shared thousands of top-secret government documents with journalists. But six years after he exposed how the US government surveils the digital lives of everyday Americans, Snowden is not just worried about the powers of government agencies like the National Security Agency (NSA), he’s concerned about big technology companies, too. In an upcoming interview with Recode’s Kara Swisher on the Recode Decode podcast, Snowden said he thinks it’s a “mistake” to see the NSA as a bigger threat to privacy than tech companies. “Facebook’s internal purpose, whether they state it publicly or not, is to compile perfect records of private lives to the maximum extent of their capability, and then exploit that for their own corporate enrichment. And damn the consequences,” Snowden told Swisher. “This is actually precisely the same as what the NSA does. Google ... has a very similar model. They go, ‘Oh, we’re connecting people.’ They go, ‘Oh, we’re organizing data.’” Although, Snowden said, these companies still don’t know as much as the government, which can gather information from all of the many tech platforms. Snowden was talking to Swisher about the publication of his new book, Permanent Record, in which he details his journey from an idealistic young national security contractor, eager to help protect the US from foreign threats in the aftermath of 9/11, to a disillusioned whistleblower. The massive government surveillance effort he revealed in 2013 wouldn’t be possible without the data-gathering that tech companies do in the first place, Snowden said. “The more Google knows about you, the more Facebook knows about you, the more they are able ... to create permanent records of private lives, the more influence and power they have over us,” Snowden told Swisher. “There is no good reason why Google should be able to read your email. There is no good reason why Google should know the messages that you’re sending to your friend. Facebook shouldn’t be able to see what you’re saying when you’re writing to your mother.” Snowden also pointed out that the Fourth Amendment — which protects citizens from searches unless law enforcement has a warrant or probable cause — only applies to government, not to companies. So while the FBI might need a warrant to probe your inbox, there’s no constitutional barrier to a company like Facebook searching and retrieving people’s private information without a judge’s approval. The former NSA systems engineer said to better protect people from being exploited by the data collection of major tech companies, the US should have software liability laws. These would be similar to consumer product liability regulations that can hold companies and executives responsible for selling physical goods that harm people. “We have serious liability laws in every other sector,” said Snowden. “If you produce medicine and put it on the shelves and your baby aspirin kills babies, you get sued. You go to jail, right? If you build a car and it catches on fire and kills people, you get sued, your company might get shut down, you might go to jail. We have no software liability laws in the United States.” Recently, companies such as Facebook, Google, and Amazon have come under fire by regulators for their perceived negative effects on society — from alleged monopolistic practices to data breaches. “When you look at technologists as a class, we’re at a fork in the road,” said Snowden. “There is a class led by Mark Zuckerberg that is moving toward the maximization of technological power and influence that can be applied to society because they believe they can profit by it or, rightly or wrongly, they can better use the influence that their systems provide to direct the world into a better direction. ... And then you have this other fork in the road where there are people ... [who] go, ‘The advance of technology is inevitable and technology can do very good things for the world, but we need to understand that there must be limits on how that technological power and influence can be applied.’” Snowden also pushed back on the idea that people don’t care about their data privacy because they still use services like Facebook that have notoriously failed to steward user data. “People actually care. They care very much. But they feel powerless to change it,” said Snowden, “so they adopt a position of laissez-faire, ‘I don’t care,’ as a psychological coping mechanism, because otherwise you are being victimized, and that’s a difficult thing to deal with.” Source
  8. The National Security Agency (NSA) improperly collected records on American phone calls and texts last year, according to new documents obtained and released by the American Civil Liberties Union (ACLU). The error occurred between Oct. 3 and Oct. 12, the documents show, and had not been previously disclosed. The documents were obtained by the ACLU through a Freedom of Information Act request. The incident occurred four months after the NSA said it had deleted scores U.S. records that were collected since 2015 due to a separate error. The records contained details on the duration of U.S. phone calls but not the content of them. The ACLU records show the agency also used improperly obtained information in February 2018, which likely led to the NSA's decision to purge millions of records a few months later in June. The agency allegedly used some of that improperly collected data to seek approval to spy on some targets, but the records do not indicate whether that information was ultimately used for those purposes. The new disclosures come as part of the ACLU's ongoing lawsuit against the NSA over the call records program, which gathers metadata on domestic text messages and phone calls. "The technical irregularities that led NSA to delete data last summer were identified and addressed," an NSA spokesman told The Hill in a statement Wednesday. "Since that time, NSA identified additional data integrity and compliance concerns caused by the unique complexities of using company-generated business records for intelligence purposes. Those data integrity and compliance concerns have also been addressed and reported to NSA’s overseers, including the congressional oversight committees and the Foreign Intelligence Surveillance Court." The spokesman said the agency cannot comment further "on these concerns because they involve operational details of the program that remain classified." The ACLU is using the new documents to underscore its argument that the call records program should not be allowed to exist. "These documents further confirm that this surveillance program is beyond redemption and a privacy and civil liberties disaster," Patrick Toomey, staff attorney with the ACLU's National Security Project, said in a statement. "The NSA's collection of Americans' call records is too sweeping, the compliance problems too many, and the evidence of the program's value all but nonexistence. There is no justification for leaving this surveillance power in the NSA's hands." The ACLU, responding to the records, sent a letter to the House Judiciary Committee on Wednesday calling for an end to the authority that enables the call records program, referred to as Section 215. Privacy activists have long argued that elements of the USA Freedom Act — which enables the call detail records program — should not be reauthorized, including the Section 215 authorities. They say the program has not effectively stopped any terrorist attacks and encroaches on the personal lives of Americans. The USA Freedom Act, a pared-down version of the 2001 Patriot Act, is up for reauthorization at the end of this year. Civil liberties activists have been fighting for Congress to let the Section 215 authorities to expire. But some lawmakers have said they need to hear from the NSA and the White House before making a final decision. As far as the status of the program, the NSA spokesperson said in Wednesday's statement, "This is a deliberative interagency process that will be decided by the Administration." A top national security aide to House Minority Leader Kevin McCarthy (R-Calif.) in a podcast earlier this year revealed that, for the past six months, the NSA hasn't used the program and predicted that the Trump administration would not ask to renew it. A group of bipartisan lawmakers last month introduced a bill that would end the program take away the NSA's authority to restart it. Source
  9. The Chinese are making doubly sure public displays of displeasure with their totalitarian regime such as occurred in Tiananmen Square in 1989 will never be repeated. They are instituting a technological surveillance program so pervasive that when completed -- quite soon, it seems -- it will enforce conformity throughout their giant country on a scale that would stupefy Orwell and Huxley. China’s plan to judge each of its 1.3 billion people based on their social behavior is moving a step closer to reality, with Beijing set to adopt a lifelong points program by 2021 that assigns personalized ratings for each resident. The capital city will pool data from several departments to reward and punish some 22 million citizens based on their actions and reputations by the end of 2020, according to a plan posted on the Beijing municipal government’s website on Monday. Those with better so-called social credit will get “green channel” benefits while those who violate laws will find life more difficult. The Beijing project will improve blacklist systems so that those deemed untrustworthy will be “unable to move even a single step,” according to the government’s plan. Bloomberg has more to say about this incipient "brave new world." The final version of China’s national social credit system remains uncertain. But as rules forcing social networks and internet providers to remove anonymity get increasingly enforced and facial recognition systems become more popular with policing bodies, authorities are likely to find everyone from internet dissenters to train-fare skippers easier to catch -- and punish -- than ever before. Bad news for Winston Smith. Or is it Winston Chang? Thank God, it's China! Or is it? Perhaps the Chinese are only being public, and therefore somewhat more honest and transparent, about their plans and the world in which we all already live. After all, when it comes to technological surveillance, they are merely playing catch-up to our NSA, which has been monitoring us all for decades with only sporadic protest. Does the NSA have their own form of a rating system? We don't know, but they surely have some way -- various algorithms, one assumes -- for deciding who deserves more attention. Meanwhile, Google -- lord on high of the internet -- works with the NSA through the PRISM program and with the Chinese on a new China-only search engine that will be subject to Communist Party regulation, an equal opportunity silicon behemoth. Google's experience with NSA makes this outreach to the Chinese almost seamless. When you think about it, the similarity of approach and method is blood-curdling. It wouldn't be surprising if important components of the new surveillance technology for this latest Chinese initiative to control the behavior of their entire population were "borrowed" in part from Google. What does this all mean to us -- the common man and woman of the USA (and elsewhere really)? Whether we choose to think about it or not, almost all of us realize we have no private life any more, no secrets the government couldn't easily ascertain should it be the slightest bit interested. Even a presidential candidate was not exempt from such surveillance. What possibility do we have? This has already been factored into our personalities and behaviors, at the very least unconsciously, in ways we can only begin to guess as it is now such a mundane occurrence. I would imagine many phenomena such as political correctness and its attendant virtue signaling are amplified by the knowledge that we are constantly observed. It also contributes to the extraordinary uniformity and group think pervading our educational system and media. The employees of Google themselves behave much like a cult, eager to drum out the mildest of apostates. The self-styled social justice warriors on our campuses act similarly, ever searching for the most "victimized" person as the eye in the sky watches and, hopefully, approves. All the to-ing and fro-ing on our supposedly contentious social media are just fodder for the homogenization to come. It's all very Chinese, if you think not very far back to the Cultural Revolution. But Mao and Jiang Qing didn't have the technological weapons available today and were beaten back, temporarily anyway. Now the battle for freedom is global. Source
  10. from the ALL-WHISTLES-MUST-BE-BLOWN-INSIDE-THE-HOUSE----The-management dept The NSA is promising to be kinder to whistleblowers. This is important, at least to the NSA, because its most famous whistleblowers have eventually gone outside the system to deliver news of systemic surveillance program abuse to the masses. I don't think NSA officials necessarily want to handle internal complaints and scale back abusive collection programs. I think they just want to make sure no one outside of the NSA and its direct oversight hear about it. That being said, the NSA definitely needs to work on its interpersonal relationships with disgruntled employees. People yelling about Snowden not going through the proper channels didn't have much to say about his proper channel being on the chopping block for retaliating against a whistleblower. And protections for contractors are still weaker than those offered to federal employees, which means the NSA can keep complainers quieter by continuing to rely on outsiders to handle the dirty work of analyzing incoming intel. To be fair, this effort to protect whistleblowers seems a lot more earnest than past efforts. At least in this case, the NSA consulted with outside groups for input on anti-retaliation policies. Even so, whistleblower protections work better in theory than in practice. The NSA is the government's most secretive agency and has a long history of abusing its surveillance authorities. It's been resistant to internal change for much of its lifespan and change is something nearly every whistleblower is seeking. If it can keep whistleblowers from becoming leakers, it can better hide its misdeeds from the public. And that's something we need to be wary of anytime the NSA starts talking about protecting employees who aren't happy with its programs, policies, or practices. Source
  11. from the violating-the-law-on-the-regular dept More evidence of the NSA's abuse of its surveillance powers has surfaced, thanks to a FOIA lawsuit by the EFF. To date, the EFF has secured 73 FISC opinions as the result of this lawsuit and is still fighting for the release of six opinions the government has chosen to withhold entirely. One of the opinions released to the EFF shows the NSA's frequent assertions about proper minimization, careful deployment of surveillance techniques, and supposedly robust oversight are mostly false. The NSA abuses its powers and withholds evidence of its abuses from the FISA court, undermining the system of checks and balances meant to keep the agency in line. The opinion [PDF] embedded below is just one of several recently acquired by the EFF, but it still shows plenty of surveillance power abuse by the agency. Aaron Mackey of the EFF summarizes the contents of the order: Much of the opinion is redacted, leaving only sentence fragments for readers to parse. But even these fragments manage to produce a decent depiction of apparently long-running program abuses by the NSA. What the court called "unauthorized electronic surveillance," the government claimed was only a violation of minimization procedures. Even if the court was willing to cede this argument to the government (and it wasn't), the court goes on to point out that the NSA had done nothing to address this violation of minimization procedures. A little further on, the court makes it clear repairing minimization procedures does not excuse prior unauthorized collections, nor would it make similar collections legal in the future. And it appears the NSA again withheld info from the court, preventing it from doing its job properly. This is only one of several FISA court documents discussing unauthorized collections. The stockpile of FOIAed documents indicates the government has rarely used its collections programs correctly. The history of the NSA's interactions with the FISA court is littered with references to over-collection and agency obfuscation. This is more of the same from an agency that claims to be precisely and thoroughly controlled by external and internal oversight. The FISA court documents don't align with the NSA's narrative. Instead, they show an agency willing to ignore the law and mislead the court to engage in surveillance its oversight has never authorized. Source
  12. Supreme Court nominee discussed notable surveillance cases during Friday testimony. On Friday, during the final day of hearings before the Senate Judiciary Committee, Sen. Patrick Leahy (D-Vt.) had an interesting exchange over recent privacy cases with the Supreme Court judicial nominee, Judge Brett Kavanaugh. "I've talked repeatedly in this hearing about how technology will be one of the huge issues with the Fourth Amendment going forward," said Kavanaugh, who serves on the United States Court of Appeals for the District of Columbia Circuit. Opening their six-minute tête-à-tête, Leahy began by asking the appellate court judge about what Kavanaugh wrote in November 2015 in a case known as Klayman v. Obama. In that case, a well-known conservative activist attorney, Larry Klayman, sued the then-president on June 7, 2013—the day after the Snowden revelations became public. The complaint argued that the National Security Agency's telephone metadata program ("Section 215"), which gathered records of all incoming and outgoing calls for years on end, was unconstitutional. US District Judge Richard Leon ruled in favor of plaintiff and attorney Larry Klayman in December 2013 and ordered that the NSA's program be immediately halted. But he stayed his order pending the government appeal, which reversed Judge Leon in August 2015. Klayman asked the appeals court to re-hear the case with all of the District of Columbia appellate judges, in what’s known as an en banc appeal. This was denied, and Kavanaugh separately agreed with that decision in a November 2015 concurrence. "I do so because, in my view, the Government's metadata collection program is entirely consistent with the Fourth Amendment," Kavanaugh wrote. "Therefore, plaintiffs cannot show a likelihood of success on the merits of their claim, and this Court was right to stay the District Court's injunction against the Government’s program. The Government’s collection of telephony metadata from a third party such as a telecommunications service provider is not considered a search under the Fourth Amendment, at least under the Supreme Court's decision in Smith v. Maryland, 442 U.S. 735 (1979). That precedent remains binding on lower courts in our hierarchical system of absolute vertical stare decisis." Kavanaugh went further, saying that even if the Section 215 metadata program was a search, it should be considered "reasonable" in the name of national security. "The Fourth Amendment allows governmental searches and seizures without individualized suspicion when the Government demonstrates a sufficient 'special need'—that is, a need beyond the normal need for law enforcement—that outweighs the intrusion on individual liberty," he wrote. "Examples include drug testing of students, roadblocks to detect drunk drivers, border checkpoints, and security screening at airports." USA Freedom Act So Sen. Leahy wanted to know why Kavanaugh went out of his way to say this months after Leahy himself had authored a revision in the law, known as the USA Freedom Act, and when two government watchdogs had called for Section 215 to end. (An outside analysis also found in January 2014 that Section 215 was ineffective.) "I was trying to articulate what I thought based on precedent at the time, when your information went to a third party and when the government went to a third party, the existing privacy Supreme Court precedent was that your privacy interest was essentially zero," Kavanaugh said Friday. "The opinion by Chief Justice Roberts this past spring in the Carpenter case is a game changer." Carpenter v. United States involved a suspect, Timothy Carpenter, who was accused of leading an armed robbery gang that hit Radio Shack and other cell phone stores in Michigan and Ohio in 2010 and 2011. The government was able to warrantlessly obtain 127 days' worth of his CSLI from his mobile provider, which detailed precisely where Carpenter had been during that time. The Supreme Court ultimately ruled earlier this year that, when the government seeks to obtain such a large volume of intimate information, it needs to get a warrant first in most cases. The impact of Carpenter is starting to be felt in cases around the country. "Do you think if Carpenter had been decided you would have written the concurrence you did in Klayman?" Leahy asked. "I don't see how I could have," Kavanaugh said. "Thank you, I agree with that," the Vermont senator replied. More than the sum of its parts Sen. Leahy then moved on to a 2012 Supreme Court case, United States v. Jones, which in retrospect has become one of a string of three major pro-privacy decisions that the high court has made within the last decade. That case began in federal court in Washington, DC, and moved on to the appellate court on which Kavanaugh now sits, the United States Court of Appeals for the District of Columbia Circuit. Before the Supreme Court agreed to hear Jones, the government, which lost at the appellate level, asked the DC Circuit to reconsider en banc. It declined to do so, but Kavanaugh wrote a dissent in November 2010 even though he was not on the original panel of three appellate judges. Kavanaugh and three other Circuit judges wrote that Jones, which involved the warrantless placement of a GPS tracker on a suspected drug dealer's car, was very similar to a 1983 decision known as United States v. Knotts. In that case, the Supreme Court found that there was no "reasonable expectation of privacy" when traveling on a public road. Therefore, a majority concluded, it was OK for the police to put a short-range FM transmitter on a drug suspect's car as it drove 100 miles from Minnesota to Wisconsin. "The reasonable expectation of privacy as to a person's movements on the highway is, as concluded in Knotts, zero," Kavanaugh wrote in 2010. "The sum of an infinite number of zero-value parts is also zero." Quoting from this very line during the Friday hearing, Leahy compared Kavanaugh's analysis to a statement as being closer to "the Chinese government than what we'd get from James Madison, had he known about what we can do." Then, he brought his question home to the present day: "So, because of Carpenter, do you believe there comes a point at which collection of data about a person becomes so pervasive that a warrant would be required even if one collection of one bit of the data would not?" Mosaic theory While he didn't come right out and say it, Leahy seemed to be probing whether Kavanaugh ascribes to what many legal scholars call the "mosaic theory." This is the notion that, while a series of discrete surveillance or near-surveillance actions in and of themselves may be legal, there comes a point when those are aggregated over a long enough period of time that they become an unreasonable search in violation of the Fourth Amendment. Both men undoubtedly knew that the DC appeals court ultimately ruled in favor of the mosaic theory in August 2010 when it handed an intermediate win to Antoine Jones and his co-defendant, Lawrence Maynard. Kavanaugh reminded the hearing that, in this same dissent, he pointed out that there was a Fourth Amendment violation in the physical attachment of the GPS on Jones' Jeep Grand Cherokee. (This line of reasoning was what was ultimately seized upon by Justice Antonin Scalia and the conservative wing of the Supreme Court.) But when Kavanaugh addressed whether or not he agreed with the mosaic theory, he was measured in his answer. Kavanaugh seemed to suggest that he disagreed with his DC appeals court colleagues on this point. "I think the Supreme Court case law in the Riley case, written by Chief Justice Roberts, and the Carpenter case, written by Chief Justice Roberts—both majority opinions—show his and the court's recognition of the issue that you're describing in that technology," Kavanaugh said. "It's made things different, and we need to understand those differences for purposes of applying Fourth Amendment law now, and I do think those two decisions are quite important. Someone sitting in this chair 10 years from now—the question of technology on Fourth Amendment, First Amendment, [and] War Powers [are] going to be of central importance. I appreciate your question, but I think the Supreme Court case law is developing in a way consistent with your concern." "Do you think it's consistent with the fact that there will be areas so pervasive that you will need warrants?" Leahy asked. "The Supreme Court case law is certainly suggesting as much in the Riley and Carpenter case and the Jones GPS case, which I had written the opinion in." In short, Kavanaugh, in deferring to the government, seemed to acknowledge that he may be in the minority on this point. The Senate Judiciary Committee is expected to vote on his nomination on September 17, with a full floor vote set to come at the end of the month. With no substantive objection from the Republican majority, Kavanaugh is all but set to be confirmed, in which case he will replace retired Justice Anthony Kennedy, for whom he clerked. Source
  13. The National Security Agency (NSA) is purging what appears to be hundreds of millions of phone records collected by U.S. telecom companies that the agency had acquired since 2015. National Security Agency headquarters in Fort Meade, Maryland The National Security Agency (NSA) is purging what appears to be hundreds of millions of phone records collected by U.S. telecom companies that the agency had acquired since 2015. The agency released a statement on Thursday saying it began deleting records in May after "analysts noted technical irregularities in some data received from telecommunications service providers." The records date back to 2015 and were obtained under the Foreign Intelligence Surveillance Act. The statement added that "the root cause of the problem has since been addressed" for future call record collecting. In a written follow-up statement to the Associated Press, the NSA said it is "following a specific court-authorized process," but technical irregularities resulted in the production of some call records that the NSA "was not authorized to receive." The NSA faced a legal battle surrounding its Internet surveillance data collection program in 2017, when the 4th U.S. Circuit Court of Appeals ruled that a challenge brought by the American Civil Liberties Union could move forward. David Kris, a member of the Justice Department during the Obama administration, told the New York Times that the agency's announcement represents a "failure" of the Obama administration to properly implement the Freedom Act, a surveillance law passed in 2015 after the controversial Patriot Act expired. Others placed the blame elsewhere. “Telecom companies hold vast amounts of private data on Americans,” Sen. Ron Wyden, D-Ore., told the Times. “This incident shows these companies acted with unacceptable carelessness, and failed to comply with the law when they shared customers’ sensitive data with the government." The Associated Press contributed to this report. Source
  14. Here are eight AT&T-owned locations, buildings that are reportedly central to the NSA's internet spying purposes. Have you ever wondered what locations on American soil serve as backbone or “peering” facilities that the NSA might secretly be using for eavesdropping purposes? The Intercept revealed eight such AT&T-owned locations: two in California, one in Washington, another in Washington, D.C., one in New York, one in Texas, one in Illinois, and one in Georgia. You might pass by these AT&T buildings having no idea that they are “central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.” While neither AT&T nor NSA spokespeople would confirm that the NSA has tapped into data at these eight locations that normally route telecom companies’ data traffic, former AT&T employees did confirm the locations of the “backbone node with peering” facilities. AT&T refers to the peering sites as “Service Node Routing Complexes.” The Intercept explained various code-named NSA surveillance programs, previously made public thanks to Edward Snowden, which seem to have taken place at these eight AT&T facilities. In addition, the Intercept article cites “a top-secret NSA memo” that “has not been disclosed before;” the memo “explained that the agency was collecting people’s messages en masse if a single one were found to contain a ‘selector’ – like an email address or phone number – that featured on a target list.” The NSA's past activity There’s a bit of a history lesson included in the article, going over how the NSA was hoovering emails if they mentioned information about surveillance targets, including domestic communications that violated citizens’ Fourth Amendment right to be protected against unreasonable searches and seizures. The NSA moved to using a cautionary banner that warned analysts not to read the communication unless it had been lawfully obtained. The NSA acknowledged the violations in April 2017. The messages had reportedly been part of upstream surveillance allowed under Executive Order 12333. After receiving a NSA memo via Freedom Of Information Act (FOIA) request, the ACLU previously warned that NSA analysts might even be “laughing at your sex tape” thanks to surveillance under EO 12333. At any rate, according to The Intercept, the eight AT&T buildings that have secretly served as NSA spying hubs for monitoring “billions of emails, phone calls, and online chats” – codenamed FAIRVIEW for NSA surveillance – are located at: 30 E Street Southwest in Washington, D.C. 1122 3rd Avenue in Seattle, Washington 611 Folsom Street in San Francisco, California 811 10th Avenue in New York City 420 South Grand Avenue in Los Angeles, California 4211 Bryan Street in Dallas, Texas 10 South Canal Street in Chicago, Illinois 51 Peachtree Center Avenue in Atlanta, Georgia Source
  15. POSTER NOTE: This is important because it ties in the military combat capabilities (special ops) with the NSA. Gen. Paul Nakasone assumed the directorship of the National Security Agency and Cyber Command, now officially a unified combatant command, from Adm. Michael Rogers in a ceremony May 4. In doing so, Nakasone became “the primary guardian of our nation’s cyber domain, said Patrick Shanahan, deputy secretary of defense. The ceremony, held at the newly unveiled Integrated Cyber Center and Joint Operations Center, marked the elevation of Cyber Command to the 10th combatant command and the first new combatant command since Africa Command came online in 2007. A wide range of high profile guests including Sen. Ben Cardin, D-Maryland, Rob Joyce, special assistant to president and cybersecurity coordinator on the national security staff, Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff, Joseph Kernan, undersecretary of defense for intelligence, Gen. John Hyten, commander of Strategic Command, Gen. Mark Milley, Army chief of staff and Essye Miller, acting DoD CIO, were in attendance. Shanahan, who presided over the event along with Director of National Intelligence Dan Coats, told Nakasone that “Adm. Rogers has built capability and integration. Your challenge is to build scale and to strengthen our arsenal of cyberweapons, cyber shield, cyber warriors.” Rogers explained during the ceremony that four years ago the organization he took command of was given a structure and a plan. “Our job,” he said, “was to take that structure and that plan, build it out, create a vision, operationalize this idea and ensure that it was integrated with a broader set of activities executed by the Department of Defense.” Nakasone called the elevation “a day of new beginnings, of renewed partnerships and of our enduring commitment of the defense of our nation.” “Today we start writing the opening chapter for U.S. Cyber Command as our nation’s newest unified combatant command,” he said. “From defensive operations protecting our networks to offensive operations against ISIS and other adversaries, CYBERCOM has matured rapidly.” He added: “Our team now has both the challenge and more importantly the opportunity to build a combatant command from the ground up. The elevation today marks a proud day for CYBERCOM and the nation and I am fortunate to be here to lead you into this next chapter of our great history.” Source
  16. The agency collected a staggering 534 million domestic phone records last year, up threefold on the year earlier. New figures reveal a sharp increase in the number of searches of Americans' calls and messages by the intelligence community during the Trump administration's first year in office. The figures, published Friday by the Office of the Director of National Intelligence (ODNI), show a rise in targeted surveillance and searches of people's data. It's the latest annual report from the government's chief spy, which has faced calls to be more transparent in the wake of the Edward Snowden disclosures into its surveillance programs. According to the figures, 7,512 searches of Americans' calls and messages without a warrant, up by 42 percent on the year prior. The government gets these search powers under the controversial section 702 authority, which allows the National Security Agency (NSA) to gather intelligence on foreigners overseas by collecting data from choke points where fiber optic cables owned by telecom giants enter the US. The powers also authorize the collection of data from internet giants and tech companies. But data collected under section 702 is near indiscriminate, and it also sweeps up large amounts of data on Americans, who are constitutionally protected from warrantless surveillance. The actual number of searches on Americans is likely significantly higher, because the reported figures don't account for searches by other civilian agencies, like the FBI or the Drug Enforcement Administration -- which also don't require a warrant to search the database. "We're almost certainly talking about tens of thousands of Americans being queried by FBI but have no clear info on that or the number of Americans whose data is collected," said Jake Laperruque, senior counsel at the Project On Government Oversight. Congress has long asked the government to reveal how many Americans have their data inadvertently collected by the NSA. Both the Obama and Trump administrations refused to disclose how many Americans are caught up in the dragnet. "Overall the numbers show that the scale of warrantless surveillance is growing at a significant rate, but ODNI still won't tell Americans how much it affects them," said Laperruque. It's not the only figure in the report to see a massive increase. The NSA targeted 129,080 foreign individuals or groups, representing a rise of 20 percent in the number of targets on the year earlier. Patrick Toomey, staff attorney at the ACLU's National Security Project, tweeted that the figure was the "biggest jump on record." The report also shows a massive spike in the number of collected phone records last year. The details of who calls who and when, collected under the NSA's phone metadata collection programs, was later curtailed when the Freedom Act was ratified in 2015. Last year, a staggering 534 million call detail records were collected, up from 151 million -- more than a three-fold increase on the year earlier. The figures don't represent the number of Americans whose phone records were collected, and likely includes duplicates, the report said. The number of orders to collect phone records, however, remained the same on the previous year. Robyn Greene, policy counsel and government affairs lead at New America's Open Technology Institute, said the intelligence community may have changed interpretations of their legal authorities. "The report raises some serious questions if the intelligence community, and the courts may be interpreting their authorities in an overbroad manner to permit too much collection," said Greene. "It's hard to imagine how you get the same number of targets yet over three-times as many records collected unless you've reinterpreted what constitutes a call detail record," Greene added. The report also showed a similar pattern with national security letters, a subpoena-like power that can compel tech and phone companies to turn over data on grounds of national security. Although the number of letters increased marginally by 5 percent to 12,762 last year, the number of requests for information more than tripled, indicating that the FBI sought more data per letter than in previous years. These letters are particularly controversial because they require no court approval and almost always include a gag order, which prevents the subject of the letter from being informed. In recent years, several companies including Apple, Facebook, Microsoft, Twitter, and Yahoo have fought to have details of the secretive letters publicly revealed. In 2008, a US court found the National Security Letter statute, amended by the Patriot Act in 2001, was unconstitutional. A separate case in 2013 found that the gag order provision was found to be in breach of the First Amendment, though the government appealed the ruling. Source
  17. Internet paranoiacs drawn to bitcoin have long indulged fantasies of American spies subverting the booming, controversial digital currency. Increasingly popular among get-rich-quick speculators, bitcoin started out as a high-minded project to make financial transactions public and mathematically verifiable — while also offering discretion. Governments, with a vested interest in controlling how money moves, would, some of bitcoin’s fierce advocates believed, naturally try and thwart the coming techno-libertarian financial order. It turns out the conspiracy theorists were onto something. Classified documents provided by whistleblower Edward Snowden show that the National Security Agency indeed worked urgently to target bitcoin users around the world — and wielded at least one mysterious source of information to “help track down senders and receivers of Bitcoins,” according to a top-secret passage in an internal NSA report dating to March 2013. The data source appears to have leveraged the NSA’s ability to harvest and analyze raw, global internet traffic while also exploiting an unnamed software program that purported to offer anonymity to users, according to other documents. Although the agency was interested in surveilling some competing cryptocurrencies, “Bitcoin is #1 priority,” a March 15, 2013 internal NSA report stated. The documents indicate that “tracking down” bitcoin users went well beyond closely examining bitcoin’s public transaction ledger, known as the Blockchain, where users are typically referred to through anonymous identifiers; the tracking may also have involved gathering intimate details of these users’ computers. The NSA collected some bitcoin users’ password information, internet activity, and a type of unique device identification number known as a MAC address, a March 29, 2013 NSA memo suggested. In the same document, analysts also discussed tracking internet users’ internet addresses, network ports, and timestamps to identify “BITCOIN Targets.” The agency appears to have wanted even more data: The March 29 memo raised the question of whether the data source validated its users, and suggested that the agency retained bitcoin information in a file named “Provider user full.csv.” It also suggested powerful search capabilities against bitcoin targets, hinting that the NSA may have been using its XKeyScore searching system, where the bitcoin information and wide range of other NSA data was cataloged, to enhance its information on bitcoin users. An NSA reference document indicated that the data source provided “user data such as billing information and Internet Protocol addresses.” With this sort of information in hand, putting a name to a given bitcoin user would be easy. Error retrieving document: Error: Request has been terminated Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc. The NSA’s budding bitcoin spy operation looks to have been enabled by its unparalleled ability to siphon traffic from the physical cable connections that form the internet and ferry its traffic around the planet. As of 2013, the NSA’s bitcoin tracking was achieved through program code-named OAKSTAR, a collection of covert corporate partnerships enabling the agency to monitor communications, including by harvesting internet data as it traveled along fiber optic cables that undergird the internet. Specifically, the NSA targeted bitcoin through MONKEYROCKET, a sub-program of OAKSTAR, which tapped network equipment to gather data from the Middle East, Europe, South America, and Asia, according to classified descriptions. As of spring 2013, MONKEYROCKET was “the sole source of SIGDEV for the BITCOIN Targets,” the March 29, 2013 NSA report stated, using the term for signals intelligence development, “SIGDEV,” to indicate the agency had no other way to surveil bitcoin users. The data obtained through MONKEYROCKET is described in the documents as “full take” surveillance, meaning the entirety of data passing through a network was examined and at least some entire data sessions were stored for later analysis. At the same time, MONKEYROCKET is also described in the documents as a “non-Western Internet anonymization service” with a “significant user base” in Iran and China, with the program brought online in summer 2012. It is unclear what exactly this product was, but it would appear that it was promoted on the internet under false pretenses: The NSA notes that part of its “long-term strategy” for MONKEYROCKET was to “attract targets engaged in terrorism, [including] Al Qaida” toward using this “browsing product,” which “the NSA can then exploit.” The scope of the targeting would then expand beyond terrorists. Whatever this piece of software was, it functioned a privacy bait and switch, tricking bitcoin users into using a tool they thought would provide anonymity online but was actually funneling data directly to the NSA. The hypothesis that the NSA would “launch an entire operation overseas under false pretenses” just to track targets is “pernicious,” said Matthew Green, assistant professor at the Johns Hopkins University Information Security Institute. Such a practice could spread distrust of privacy software in general, particularly in areas like Iran where such tools are desperately needed by dissidents. This “feeds a narrative that the U.S. is untrustworthy,” said Green. “That worries me.” The NSA declined to comment for this article. The Bitcoin Foundation, a nonprofit advocacy organization, could not immediately comment. Although it offers many practical benefits and advantages over traditional currency, a crucial part of bitcoin’s promise is its decentralization. There is no Bank of Bitcoin, no single entity that keeps track of the currency or its spenders. Bitcoin is often misunderstood as being completely anonymous; in fact, each transaction is tied to publicly accessible ID codes included in the Blockchain, and bitcoin “exchange” companies typically require banking or credit card information to convert Bitcoin to dollars or euros. But bitcoin does offer far greater privacy than traditional payment methods, which require personal information up to and including a Social Security number, or must be linked to a payment method that does require such information. Furthermore, it is possible to conduct private bitcoin transactions that do not require exchange brokers or personal information. As explained in the 2009 white paper launching bitcoin, “the public can see that someone is sending an amount to someone else, but without information linking the transaction to anyone.” For bitcoin adherents around the world, this ability to transact secretly is part of what makes the currency so special, and such a threat to the global financial status quo. But the relative privacy of bitcoin transactions has naturally frustrated governments around the world and law enforcement in particular — it’s hard to “follow the money” to criminals when the money is designed to be more difficult to follow. In a November 2013 letter to Congress, one Homeland Security official wrote that “with the advent of virtual currencies and the ease with which financial transactions can be exploited by criminal organizations, DHS has recognized the need for an aggressive posture toward this evolving trend.” Green told The Intercept he believes the “browsing product” component of MONKEYROCKET sounds a lot like a virtual private network, or VPN. VPNs encrypt and reroute your internet traffic to mask what you’re doing on the internet. But there’s a catch: You have to trust the company that provides you a VPN, because they provide both software and an ongoing networking service that potentially allows them to see where you’re going online and even intercept some of your traffic. An unscrupulous VPN would have complete access to everything you do online. Emin Gun Sirer, associate professor and co-director of the Initiative for Cryptocurrencies and Contracts at Cornell University, told The Intercept that financial privacy “is something that matters incredibly” to the bitcoin community, and expects that “people who are privacy conscious will switch to privacy-oriented coins” after learning of the NSA’s work here. Despite bitcoin’s reputation for privacy, Sirer added, “when the adversary model involves the NSA, the pseudonymity disappears. … You should really lower your expectations of privacy on this network.” Green, who co-founded and currently advises a privacy-focused bitcoin competitor named Zcash, echoed those sentiments, saying that the NSA’s techniques make privacy features in any digital currencies like Ethereum or Ripple “totally worthless” for those targeted. The NSA’s interest in cryptocurrency is “bad news for privacy, because it means that in addition to the really hard problem of making the actual transactions private … you also have to make sure all the network connections [are secure],” Green added. Green said he is “pretty skeptical” that using Tor, the popular anonymizing browser, could thwart the NSA in the long term. In other words, even if you trust bitcoin’s underlying tech (or that of another coin), you’ll still need to be able to trust your connection to the internet — and if you’re being targeted by the NSA, that’s going to be a problem. NSA documents note that although MONKEYROCKET works by tapping an unspecified “foreign” fiber cable site, and that data is then forwarded to the agency’s European Technical Center in Wiesbaden, Germany, meetings with the corporate partner that made MONKEYROCKET possible sometimes took place in Virginia. Northern Virginia has for decades been a boomtown for both the expansive national security state and American internet behemoths — telecoms, internet companies, and spy agencies call the area’s suburbs and office parks home. Liberty Reserve website name seizure notice. Bitcoin may have been the NSA’s top cryptocurrency target, but it wasn’t the only one. The March 15, 2013 NSA report detailed progress on MONKEYROCKET’s bitcoin surveillance and noted that American spies were also working to crack Liberty Reserve, a far seedier predecessor. Unlike bitcoin, for which facilitating drug deals and money laundering was incidental to bigger goals, Liberty Reserve was more or less designed with criminality in mind. Despite being headquartered in Costa Rica, the site was charged with running a $6 billion “laundering scheme” and triple-teamed by the U.S. Department of Justice, Homeland Security, and the IRS, resulting in a 20-year conviction for its Ukrainian founder. As of March 2013 — just two months before the Liberty Reserve takedown and indictment — the NSA considered the currency exchange its No. 2 target, second only to bitcoin. The indictment and prosecution of Liberty Reserve and its staff made no mention of help from the NSA. Just five months after Liberty Reserve was shuttered, the feds turned their attention to Ross Ulbricht, who would go on to be convicted as the mastermind behind notorious darkweb narcotics market Silk Road, where transactions were conducted in bitcoin, with a cut going to the site’s owner. Ulbricht reportedly held bitcoins worth $28.5 million at the time of his arrest. Part of his unsuccessful defense was the insistence that the FBI’s story of how it found him did not add up, and that the government may have discovered and penetrated the Silk Road’s servers with the help of the NSA — possibly illegally. The prosecution dismissed this theory in no uncertain terms: Though the documents leaked by Snowden do not address whether the NSA aided the FBI’s Silk Road investigation, they show the agency working to unmask bitcoin users about six months before Ulbricht was arrested, and that it had worked to monitor Liberty Reserve around the same time. The source of the bitcoin and Liberty Reserve monitoring, MONKEYROCKET, is governed by an overseas surveillance authority known as Executive Order 12333, the language of which is believed to give U.S. law enforcement agencies wide latitude to use the intelligence when investigating U.S. citizens. Civil libertarians and security researchers have long been concerned that otherwise inadmissible intelligence from the agency is used to build cases against Americans though a process known as “parallel construction”: building a criminal case using admissible evidence obtained by first consulting other evidence, which is kept secret, out of courtrooms and the public eye. An earlier investigation by The Intercept, drawing on court records and documents from Snowden, found evidence the NSA’s most controversial forms of surveillance, which involve warrantless bulk monitoring of emails and fiber optic cables, may have been used in court via parallel construction. Patrick Toomey, an attorney with the ACLU’s National Security Project, said the NSA bitcoin documents, although circumstantial, underscore a serious and ongoing question in American law enforcement: Although an NSA document about MONKEYROCKET stated the program’s “initial” concern was counterterrorism, it also said that “other targeted users will include those sought by NSA offices such as Int’l Crime & Narcotics, Follow-The-Money and Iran.” A March 8, 2013 NSA memo said agency staff were “hoping to use [MONKEYROCKET] for their mission of looking at organized crime and cyber targets that utilize online e-currency services to move and launder money.” There’s no elaboration on who is considered a “cyber target.” Documents published with this story: Pages From OAKSTAR Weekly 2013-03-08 Pages From OAKSTAR Weekly 2013-03-15 Pages From OAKSTAR Weekly 2013-03-22 Pages From OAKSTAR Weekly 2013-03-29 Pages From OAKSTAR Weekly 2013-04-05 Pages From SECOND LOOK SSO20Mar2012 wStormbrewMap Entry From SSO News Entries From Sample SSO Accesses Entry From SSODictionary v1.0 Pages From OAKSTARSiteBook v1.0 Source
  18. A new generation of crypto-jacking attacks is making the rounds, significantly improving on the unsophisticated campaigns that have characterized such attacks so far. According to Imperva, the campaigns, one of which the firm dubbed RedisWannaMine, is aimed at both database servers and application servers. And where the first generation of crypto-jacking was limited in complexity and capability (the attacks contained malicious code that downloaded a crypto-miner executable file and ran it with a basic evasion technique or none at all), the new wave of threats are something else altogether. RedisWannaMine demonstrates a worm-like behavior, combined with advanced exploits to increase the attackers’ infection rate. Crypto-jacking, in which a victim’s computer is infected with a coin-mining malware that surreptitiously steals compute power to mind for cryptocurrencies like Bitcoin and Monero, has spread significantly in the last few months as the value of virtual currencies continues to skyrocket. Imperva researchers have concluded that these attacks now account for roughly 90% of all remote code execution attacks in web applications. In this case, the attackers are using a two-pronged infection campaign. First, it runs code to discover and infect publicly available Redis servers. It does so by creating a large list of IPs, internal and external and scanning port 6379, which is the default listening port of Redis. Secondly, it uses a script to scan for the same server message block vulnerability that was used by the NSA to create the infamous Eternal Blue exploit – the root vector behind WannaCry. When the script finds a vulnerable server, it launches the infection process for the crypto-miner malware. Between the two prongs, RedisWannaMine is taking aim the attack surface from both the database and application sides.“In a nutshell, crypto-jacking attackers have upped their game and they are getting crazier by the minute,” researchers said in an analysis. Source: https://www.infosecurity-magazine.com/news/rediswannamine-uses-nsa-exploit/
  19. Your PC might be making some criminal sweet, sweet cash, according to the findings of a cybersecurity firm. You might remember the chaos caused by the WannaCry cybersecurity crisis last year, where a security exploit developed by the National Security Agency in the US was used to create a devestating ransomware attack on an international scale that affected over 230,000 computers in over 150 countries. Well, out of the fire of that nightmare has come a new exploit called WannaMine, with a completely different goal in mind; to covertly use infected computers and networks to mine cryptocurrency. Cybersecurity firm Panda Security from Spain discovered WannaMine in October, and according to cybersecurity firm CrowdStrike, it has grown significantly since; potentially infecting tens of thousands of computers. Furthermore, it poses additional risks due to how it gains access to victim compuerts; it uses a two pronged approach, stealing stolen logins to try and break in to a victim's computer via a tool called Mimicatz before resorting to the EternalBlue method of breaking into the victim's computer. According to CrowdStrike, WannaMine can infect a computer in an array of ways, ranging from a user clicking on a malicious link in an email or webpage to targeted remote access attack by a hacker. Once the WannaMine script has infected a computer, it uses two normal Windows applications—PowerShell and Windows Management Instrumentation—to do its dirty work. This has disastrous implications as antivirus software on the average user's computer will be unable to detect the malware due to it not leaving any files as a trace. While it's well noted by mining aficionados that CPU mining has notoriously weak yields and is usually wort little, doing so on the scale of tens of thousands of infected computers and large mainframe networks can be much more profitable; and much more dangerous. Furthermore, WannaMine manages to bypass this obstacle by mining a cryptocurrency called Monero, which is popular with malware miners because it can be generated with consumer hardware like CPU's rather than expensive GPU's. While this may not have drastic implications for the average consumer aside from a noticeably slower PC, this exploit has proven disastrous for businesses and mainframes. The malware has led to multiple companies' computer and network infrastructure completely shutting down, leading to several days of downtime and lost work. As cryptocurrency malware gets more efficient and harder to detect, it's likely that this will not be the last time we hear about criminals profiting significantly off of the suffering of the average, computer-illiterate user. While WannaMine can be removed on an individual system level, as of today no complete system patch for it exists, leaving millions of systems potentially vulnerable to being tuned into nonconsensual mining rigs. Modmy.com
  20. Russian government-backed hackers stole highly classified U.S. cyber secrets in 2015 from the National Security Agency after a contractor put information on his home computer, two newspapers reported on Thursday. As reported first by The Wall Street Journal, citing unidentified sources, the theft included information on penetrating foreign computer networks and protecting against cyber attacks and is likely to be viewed as one of the most significant security breaches to date. In a later story, The Washington Post said the employee had worked at the NSA’s Tailored Access Operations unit for elite hackers before he was fired in 2015. The NSA declined to comment, citing agency policy “never to comment on our affiliates or personnel issues.” Reuters was not able to independently verify the reports. If confirmed, the hack would mark the latest in a series of breaches of classified data from the secretive intelligence agency, including the 2013 leaks of data on classified U.S. surveillance programs by contractor Edward Snowden. Another contractor, Harold Martin, is awaiting trial on charges that he took classified NSA material home. The Washington Post reported that Martin was not involved in the newly disclosed case. Republican U.S. Senator Ben Sasse, a member of the Senate Armed Services Committee, said in a statement responding to the Journal report that, if true, the details were alarming. ”The NSA needs to get its head out of the sand and solve its contractor problem,“ Sasse said. ”Russia is a clear adversary in cyberspace and we can’t afford these self-inflicted injuries.” Tensions are already high in Washington over U.S. allegations of a surge in hacking of American targets by Russians, including the targeting of state election agencies and the hacking of Democratic Party computers in a bid to sway the outcome of the 2016 presidential election in favor of Republican Donald Trump. Citing unidentified sources, both the Journal and the Post also reported that the contractor used antivirus software from Moscow-based Kaspersky Lab, the company whose products were banned from U.S. government networks last month because of suspicions they help the Kremlin conduct espionage. Kaspersky Lab has strongly denied those allegations. Russian government officials could have used flaws in Kaspersky software to hack into the machine in question, security experts told Reuters. They could also have intercepted traffic from the machine to Kaspersky computers. Kaspersky said in a statement on Thursday that it found itself caught in the middle of a geopolitical fight. “Kaspersky Lab has not been provided any evidence substantiating the company’s involvement in the alleged incident reported by the Wall Street Journal,” it said. “It is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company.” The Department of Homeland Security on Sept. 13 banned Kaspersky products in federal networks, and the U.S. Senate approved a bill to ban them from use by the federal government, citing concerns the company may be a pawn of the Kremlin and poses a national security risk. James Lewis, a cyber expert with the Washington-based Center for Strategic and International Studies, said the report of the breach sounded credible, though he did not have firsthand information on what had transpired. “The baffling parts are that he was able to get stuff out of the building and that he was using Kaspersky, despite where he worked,” Lewis said. He said that intelligence agencies have considered Kaspersky products to be a source of risk for years. Democratic Senator Jeanne Shaheen, who led calls in Congress to purge Kaspersky Lab products from government networks, on Thursday called on the Trump administration to declassify information about threats posed by Kaspersky Lab. “It’s a disservice to the public and our national security to continue withholding this information,” Shaheen said in a statement. https://venturebeat.com/2017/10/05/russian-hackers-reportedly-stole-nsa-data-in-2015-likely-via-kaspersky-software/
  21. The move to elevate Cyber Command to a full unified combatant command and split it off from the National Security Agency shows that cyber intelligence collection and information war are rapidly diverging fields. The future leadership of both entities is now in question, but the Pentagon has set out a conditions-based approach to the breakup. That represents a partial victory for the man who directs both Cyber Command and the NSA. The move would mean that the head of Cyber Command would answer directly to the Defense Secretary and the National Security Agency would get its own head. It’s a move that many have said is long overdue, and its exact timing remains unknown. So what does the split mean for the Pentagon, for Cyber Command, and for the future of U.S. cyber security? The split will give the commander of Cyber Command central authority over resource allocation, training, operational planning and mission execution. The commander will answer to the Defense Secretary directly, not the head of Strategic Command. “The decision means that Cyber Command will play an even more strategic role in synchronizing cyber forces and training, conducting and coordinating military cyberforce operations and advocating for and prioritizing cyber investments within the department,” said Kenneth Rapuano, assistant defense secretary for Homeland Defense and Global Security. The Start of a Process The move announced on Friday fulfills a mandate in the National Defense Authorization Act of 2017. Former Defense Secretary Ash Carter hinted at the split back in May 2016. But it won’t happen immediately. Instead, Defense Secretary James Mattis and Joint Chiefs Chairman Gen. Joe Dunford will nominate a flag officer to take over the new Cyber Command as well as the NSA. That person could be Adm. Michael Rogers, who currently heads both, or someone else. Trump has reportedly asked Mattis to give him the name of a nominee. Speculation has focused on Army Lt. Gen. William Mayville as the nominee to head Cyber Command. Once that new person is nominated and confirmed and once Mattis and Dunford are satisfied that splitting the two entities will not hamper the ability of either Cyber Command or the NSA to conduct their missions independently, only then will Cyber Command and the NSA actually split. What Does it Mean for Leadership? Read one way, the announcement means Rogers will lose power. Even were he to become the nominee to the new elevated Cyber Command, he would still wind up losing the NSA eventually. If he were to stay on as head of NSA after the confirmation of a new Cyber Command head, as expected, he would briefly serve under Mayville until the formal split. Read another way, the lack of a concrete timetable for the split, despite such a requirement in the authorization bill, represents a partial win for Rogers. Rogers took over the NSA and Cyber Command in the spring of 2014. He has been resistant to the idea of a split, telling lawmakers in September that U.S. national security benefitted from the dual-hat arrangement. This view was not shared by then-Director of National Intelligence James Clapper nor then-Defense Secretary Ash Carter. Rogers’ resistance was one of many issues that rubbed them the wrong way. It got so bad that in November, unnamed sources told The Washington Post that Clapper and Carter were urging President Barack Obama to fire Rogers. The truth is a bit more nuanced. Clapper’s goal was “to split the NSA from CYBERCOM. He was not a strong advocate of removal, but was willing to defer to [the Secretary of Defense] if Carter felt strongly about selecting new leadership at Cyber Command,” a source inside the intelligence community said. “There were other concerns unrelated to the potential split.” Rogers outlasted both Clapper, who had long planned to retire at the end of the Obama administration; and Carter, a political appointee. Rogers’ attitude toward an NSA-Cyber Command split evolved. In May, he testified that he would support a split was done in a way that did not hamper either the NSA or Cyber Command. The manner in which the split was announced is in keeping with what Rogers has said he wanted. The move toward a conditions-based split also met with the approval of Sen. John McCain, R-Ariz, a longtime Rogers ally. “I appreciate the administration’s commitment today to ensuring that a future separation of the so-called ‘dual hat’ relationship between Cyber Command and the National Security Agency will be based on conditions, rather than arbitrary political timelines,” McCain said in a statement. “While Cyber Command and the National Security Agency should eventually be able to operate independent of one another, the administration must work closely with the Congress to take the necessary steps that will make this separation of responsibilities successful, and to ensure that each agency will emerge more effective and more capable as a result.” What It Means for Cyber Command, the NSA, and Cyber Operations The elevation of Cyber Command represents a big step forward for the military’s cyber ability, but it has yet to catch up to the NSA in terms of collecting signals intelligence or creating network accesses, according to Bill Leigher, who as a rear admiral helped stand up Navy Fleet Cyber Command. Leigher, who now directs government cyber solutions for Raytheon, applauds the split because the NSA, which collects foreign intelligence, and Cyber Command, a warfighting outfit, have fundamentally different missions.This caused tension between the two organizations under one roof. Information collected for intelligence gathering may be useful in a way that’s fundamentally different from intelligence for military purposes, he says. “If you collecting intelligence, it’s foreign espionage. You don’t want to get caught. The measure of success is: ‘collect intelligence and don’t get caught.’ If you’re going to war, I would argue that the measure of performance is’ what we do has to have the characteristics of a legal weapon in the context of war and the commander has to know what he or she uses it.” This puts the agencies in disagreement about how to use intel and tools that they share. “From an NSA perspective, cyber really is about gaining access to networks. From a Cyber Command point of view, I would argue, it’s about every piece of software on the battlefield and having the means to prevent that software from working the way it was intended to work [for the adversary],” he said. The split will allow the agencies to pursue the very different tools, operations, and rules each of their missions requires, he said. Expect NSA to intensify its focus on developing access for intelligence, and Cyber Command to prepare to rapidly deploy massive cyber effects at scale during military operations and shut down the enemy. Both of this will likely leverage next-generation artificial intelligence but in very different ways said Leigher. article Wired article
  22. Edward Snowden has revealed that he witnessed “numerous instances” of National Security Agency (NSA) employees passing around nude photos that were intercepted “in the course of their daily work.” In a 17-minute interview with The Guardian filmed at a Moscow hotel and published on Thursday, the NSA whistleblower addressed numerous points, noting that he could “live with” being sent to the US prison facility at Guantanamo Bay, Cuba. He also again dismissed any notion that he was a Russian spy or agent—calling those allegations “bullshit.” If Snowden’s allegations of sexual photo distribution are true, they would be consistent with what the NSA has already reported. In September 2013, in a letter from the NSA’s Inspector General Dr. George Ellard to Sen. Chuck Grassley (R-IA), the agency outlined a handful of instances during which NSA agents admitted that they had spied on their former love interests. This even spawned a nickname within the agency, LOVEINT—a riff on HUMINT (human intelligence) or SIGINT (signals intelligence). “You've got young enlisted guys, 18 to 22 years old,” Snowden said. “They've suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records. In the course of their daily work they stumble across something that is completely unrelated to their work in any sort of necessary sense. For example, an intimate nude photo of someone in a sexually compromising position. But they're extremely attractive. “So what do they do? They turn around in their chair and show their co-worker. The co-worker says: ‘Hey that's great. Send that to Bill down the way.’ And then Bill sends it to George and George sends it to Tom. And sooner or later this person's whole life has been seen by all of these other people. It's never reported. Nobody ever knows about it because the auditing of these systems is incredibly weak. The fact that your private images, records of your private lives, records of your intimate moments have been taken from your private communications stream from the intended recipient and given to the government without any specific authorization without any specific need is itself a violation of your rights. Why is that in a government database?” Then Alan Rusbridger, The Guardian’s editor-in-chief, asked: “You saw instances of that happening?” “Yeah,” Snowden responded. “Numerous?” “It's routine enough, depending on the company that you keep, it could be more or less frequent. These are seen as the fringe benefits of surveillance positions." Update 5:27pm CT: In an e-mail sent to Ars, NSA spokeswoman Vanee Vines wrote: "NSA is a professional foreign-intelligence organization with a highly trained workforce, including brave and dedicated men and women from our armed forces. As we have said before, the agency has zero tolerance for willful violations of the agency’s authorities or professional standards, and would respond as appropriate to any credible allegations of misconduct." However, she declined to respond to direct questions as to the veracity of Snowden's allegations or if anyone at NSA had ever been terminated or otherwise punished for engaging in such behavior. Source
  23. The U.S. National Security Agency has been allowed to continue to collect phone records in bulk of people in the country, while lawmakers consider new legislation that would block the agency from collecting the data. The government's application for reauthorization of the program for a period of 90 days was approved by the Foreign Intelligence Surveillance Court (FISC), according to a joint statement Friday by the Department of Justice and Office of the Director of National Intelligence. The government argued that it was seeking the extension as the relevant legislation has not been enacted yet. The bulk collection of phone metadata in the U.S. by the NSA was first disclosed in June last year by former agency contractor, Edward Snowden, through news outlets. In the wake of criticism of the surveillance program, President Barack Obama proposed in January changes in the program, including requiring that the government should not collect or hold the data in bulk, and deciding that, except in an emergency situation, the FISC will have to approve any queries to the phone records database. Obama also decided that the government should pursue phone calls that are two-steps removed from a number associated with a terrorist group, instead of the three hops previously authorized. In March, Obama said that the data should remain with the telephone companies, but said that Congress would have to pass the appropriate legislation. The U.S. Freedom Act, which was passed in May by the U.S. House of Representatives, addresses issues relating to access to phone records by the NSA. It now awaits consideration by the Senate. The version of the bill that was passed by the House has loopholes that could end with the NSA having the authority to continue to access phone data in bulk, according to civil rights groups. Groups like the Electronic Frontier Foundation are, for example, concerned about the new definition of "specific selection term," which describes and limits who or what the NSA is allowed to monitor. (Originally defined in the legislation as "a term used to uniquely describe a person, entity, or account," the expression is now defined as referring to "a discrete term, such as a term specifically identifying a person, entity, account, address, or device." The broader definition could allow for the use of broad selection terms such as a "zip code, an area code, the physical address of a particular email provider or financial institution, or the IP address of a web hosting service that hosts thousands of web sites," Kevin Bankston, policy director of the New America Foundation's Open Technology Institute, wrote in May. The Obama administration had backed the passing of the bill by the House in its diluted form, though some tech companies said they could not support the legislation as it had loopholes. The groups are now hoping that the Senate will restore the legislation to its previous form, particularly on the selection term for searches. The joint statement by the DOJ and ODNI urged the Senate to swiftly consider the legislation, adding that the administration remains ready to work with Congress to clarify that the bill prohibits bulk collection. The new reauthorization of bulk collection under Section 215 of the Patriot Act expires on Sept. 12. The court has previously reauthorized the program and its decisions were declassified and made public since the Snowden revelations. Source
  24. The House of Representatives last night overwhelmingly passed an amendment to the Department of Defense Appropriations Act that would cut funding for two programs that grant intelligence agencies access to the private data and communications of U.S. citizens. The amendment shows that Congress is willing to adjust and follow a different tactic to rein in government surveillance powers after a more straightforward legislative approach failed last month. Privacy and civil rights advocates heralded that first effort, known as the USA FREEDOM Act, as a promising step toward controlling government spying powers when it came out of its committee. However, once it hit the House floor for debate, the broader Congress summarily crippled the committee’s efforts by vaguely defining key terms in the FREEDOM Act. The new bill was sponsored by U.S. Reps. Jim Sensenbrenner (R-Wis.), Zoe Lofgren (D-Calif.), Thomas Massie (R-Ky.) and a bipartisan group of lawmakers. In a 293 (ayes) to 139 (noes) to 1 (present) vote, the Massie-Lofgren Amendment passed. Lawmakers say it will close off two so-called backdoors. According to the amendment’s sponsors, one would be shut by prohibiting the search of government databases for information pertaining to U.S. citizens without a warrant, and the other would prohibit the National Security Agency and Central Intelligence Agency from requiring actual technological backdoors into products. In the Electronic Frontier Foundation’s (EFF) words, the amendment would block the NSA from using any of its funding from this Defense Appropriations Bill to conduct such warrantless searches. In addition, the amendment would prohibit the NSA from using its budget to mandate or request that private companies and organizations add backdoors to the encryption standards that are meant to keep you safe on the web. “This amendment will reinstate an important provision that was stripped from the original USA FREEDOM Act to further protect the Constitutional rights of American citizens,” the Sensenbrenner, Lofgren, and Massie said. “Congress has an ongoing obligation to conduct oversight of the intelligence community and its surveillance authorities.” Congressional officials claim the bill is supported by both major parties. In addition to that, the bill is reportedly supported by tech firms, civil rights groups, and political action committees, including the American Civil Liberties Union, the Liberty Coalition, the EFF, Google, FreedomWorks, Campaign for Liberty, Demand Progress, and the Center for Democracy and Technology. In a statement, the EFF described the move as important first step in reining in the NSA and applauded the House for its efforts. Like the passage of a stand-alone bill, in order to become law, the amendment must be passed by the Senate and signed by the president. The amendment’s additional sponsors included Reps. John Conyers (D-Mich.), Ted Poe (R-Texas), Tulsi Gabbard (D-Hawaii), Jim Jordan (R-Ohio), Robert O’Rourke (D-Texas), Justin Amash (R-Mich.), Rush Holt (D-N.J.), Jerrold Nadler (D-N.Y.) and Tom Petri (R-Wis.). Source
  • Create New...