Jump to content

Search the Community

Showing results for tags 'gchq'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 7 results

  1. Government Communications Headquarters (GCHQ), the UK’s counterpart to the National Security Agency (NSA), has fired the latest shot in the crypto wars. In a post to Lawfare titled Principles for a More Informed Exceptional Access Debate, two of Britain’s top spooks introduced what they’re framing as a kinder, gentler approach to compromising the encryption that keeps us safe online. This new proposal from GCHQ—which we’ve heard rumors of for nearly a year—eschews one discredited method for breaking encryption (key escrow) and instead adopts a novel approach referred to as the “ghost.” But let’s be clear: regardless of what they’re calling it, GCHQ’s “ghost” is still a mandated encryption backdoor with all the security and privacy risks that come with it. Backdoors have a (well-deserved) horrible reputation in the security community. But that hasn’t dissuaded law enforcement officials around the world from demanding them for more than two decades. And while the Internet has become a more dangerous place for average users, making encryption more important than ever, this rhetoric has hardly changed. What has changed is the legal landscape governing encryption and law enforcement, at least in the UK. 2016 saw the passage of the Investigatory Powers Act, which gives the UK the legal ability to order a company like Apple or Facebook to tamper with security features in their products—while simultaneously being prohibited from telling the public about it. As far as is publicly known, the UK has not attempted to employ the provisions of the Investigatory Powers Act to compromise the security of the products we use. Yet. But GCHQ’s Lawfare piece previews the course that the agency is likely to take. The authors lay out six “principles” for an informed debate, and they sound pretty noncontroversial. Privacy and security protections are critical to public confidence. Therefore, we will only seek exceptional access to data where there’s a legitimate need, that access is the least intrusive way of proceeding and there is appropriate legal authorisation. Investigative tradecraft has to evolve with technology. Even when we have a legitimate need, we can’t expect 100 percent access 100 percent of the time. Targeted exceptional access capabilities should not give governments unfettered access to user data. Any exceptional access solution should not fundamentally change the trust relationship between a service provider and its users. Transparency is essential. So far so good. I absolutely agree that law enforcement should only act where there’s a legitimate need and only when authorized by a court, in a way that evolves with the tech, that doesn’t have unrealistic expectations, that doesn’t enable mass surveillance, that doesn’t undermine the public trust, and that is transparent. But unfortunately, the authors fail to apply the principles so carefully laid out to the problem at hand. Instead, they’re proposing a way of undermining end-to-end encryption using a technique that the community has started calling the “ghost.” Here’s how the post describes it: Applying this idea to WhatsApp, it would mean that—upon receiving a court order—the company would be required to convert a 1-on-1 conversation into a group chat, with the government as the third member of the chat. But that’s not all. In WhatsApp’s UX, users can verify the security of a conversation by comparing “security codes” within the app. So for the ghost to work, there would have to be a way of forcing both users’ clients to lie to them by showing a falsified security code, as well as suppress any notification that the conversation’s keys had changed. Put differently, if GCHQ’s proposal went into effect, consumers could never again trust the claims that our software makes about what it’s doing to protect us. The authors of the Lawfare piece go out of their way to claim that they are “not talking about weakening encryption or defeating the end-to-end nature of the service.” Hogwash. They’re talking about adding a “feature” that would require the user’s device to selectively lie about whether it’s even employing end-to-end encryption, or whether it’s leaking the conversation content to a third (secret) party. Is the security code displayed by your device a mathematical representation of the two keys involved, or is it a straight-up lie? Furthermore, what’s to guarantee that the method used by governments to insert the “ghost” key into a conversation without alerting the users won’t be exploited by bad actors? Despite the GCHQ authors’ claim, the ghost will require vendors to disable the very features that give our communications systems their security guarantees in a way that fundamentally changes the trust relationship between a service provider and its users. Software and hardware companies will never be able to convincingly claim that they are being honest about what their applications and tools are doing, and users will have no good reason to believe them if they try. And, as we’ve seen already seen, GCHQ will not be the only agency in the world demanding such extraordinary access to billions of users’ software. Australia was quick to follow the UK’s lead, and we can expect to see similar demands, from Brazil and the European Union to Russia and China. (Note that this proposal would be unconstitutional were it proposed in the United States, which has strong protections against governments forcing actors to speak or lie on its behalf.) The “ghost” proposal violates the six “principles” in other ways, too. Instead of asking investigative tradecraft to evolve with technology, it’s asking technology to build investigative tradecraft in from the ground floor. Instead of targeted exceptional access, it’s asking companies to put a dormant wiretap in every single user’s pocket, just waiting to be activated. We must reject GCHQ’s newest “ghost” proposal for what it is: a mandated encryption backdoor that weakens the security properties of encrypted messaging systems and fundamentally compromises user trust. GCHQ needs to give up the ghost. It’s just another word for an encryption backdoor. Source : The EFF
  2. Nobody wants to be a third wheel. Unless you’re a British spy. Two of the most senior officials at British eavesdropping agency GCHQ say one way that law enforcement could access encrypted messages is to simply add themselves to your conversations. “It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call,” said Ian Levy, technical director of the U.K.’s National Cyber Security Center, and Crispin Robinson, cryptanalysis director at GCHQ, in an op-ed for Lawfare. “The service provider usually controls the identity system and so really decides who’s who and which devices are involved — they’re usually involved in introducing the parties to a chat or call,” they said. “You end up with everything still being end-to-end encrypted, but there’s an extra ‘end’ on this particular communication.” Law enforcement and intelligence agencies have long wanted access to encrypted communications, but have faced strong opposition to breaking the encryption for fears that it would put everyone’s communications at risk, rather than the terror suspects or criminals that the police primarily want to target. In this case, two people using an end-to-end encrypted messaging app would be joined by a third, invisible person — the government — which could listen in at will. This solution, Levy and Robinson say, would be “no more intrusive than the virtual crocodile clips” that lawmakers have already authorized police to use to wiretap communications. Presumably that would require compelled assistance from the tech companies that built the encrypted messaging apps in the first place, like Apple, Facebook’s WhatsApp, Signal, Wire and Wickr. That poses not only an ethical problem for the companies, which developed their own end-to-end encrypted services so that even they can’t access people’s communications, but also a technical one, which would require the government to ask a court to compel the companies to rework their own technologies to allow government spies in. It wouldn’t be the first time the government’s pushed for compelled assistance. Only recently that the U.S. government lost its bid to force Facebook to re-architect its Messenger app to allow the government to listen in on suspected gang members. And not just the U.S. or the U.K.. Russia, the west’s favorite frenemy, forced Telegram, another encrypted messaging app, to turn over its private keys in an effort to allow its intelligence agencies to snoop in on possible kompromat. Suffice to say, the U.K.’s plan has drawn strong criticism. And NSA whistleblower Edward Snowden, an outspoken commentator and critic of global surveillance, branded the move “absolute madness.” Source
  3. GCHQ has demanded that directors start taking charge of cyber security, warning that they are “devolving responsibility” for protecting businesses from hackers. Ciaran Martin, the head of the agency’s National Cyber Security Centre (NCSC), said it is unacceptable for boards to plead ignorance about the threat from cyber attacks. It comes after this month’s debilitating “WannaCry” ransomware outbreak, which caused chaos in the NHS and brought operations at factories and train stations to a halt. “Our business leaders need to stop saying that cyber security is too complicated – and stop devolving responsibility,” Mr Martin said at The Telegraph Cyber Security conference. “Boards must start to treat cyber threats with the same level of critical importance as they do financial or legal issues. It needs to be unthinkable that a board member would say that cyber issues are too complex for them to make judgements about.” The NCSC was set up last year to help businesses and public organisations counter hackers, and faced its first major test two weeks ago when the ransomware outbreak infected hundreds of thousands of Windows PCs. Security experts have linked the attack to North Korea, although Pyongyang has denied any involvement. As well as forcing the NHS to cancel operations and shut some services, production at Renault and Nissan factories was stopped, computer systems at O2’s owner Telefonica were hit and FedEx’s logistics operations were affected. Mr Martin said the NSC’s investigation into who was responsible were ongoing and warned businesses to “expect further significant incidents”. Security analysts have criticised large companies for a lack of boardroom responsibility for IT safeguards, claiming this makes the type of attacks that have hit TalkTalk and Tesco Bank more likely. Many corporate computer systems continue to run outdated software without the latest security updates, making them vulnerable to hackers. Source
  4. Four in Five Britons Fearful Trump Will Abuse their Data More than three-quarters of Britons believe incoming US President Donald Trump will use his surveillance powers for personal gain, and a similar number want reassurances from the government that data collected by GCHQ will be safeguarded against such misuse. These are the headline findings from a new Privacy International poll of over 1600 Brits on the day Trump is inaugurated as the 45th President of the most powerful nation on earth. With that role comes sweeping surveillance powers – the extent of which was only revealed after NSA whistleblower Edward Snowden went public in 2013. There are many now concerned that Trump, an eccentric reality TV star and gregarious property mogul, could abuse such powers for personal gain. That’s what 78% of UK adults polled by Privacy International believe, and 54% said they had no trust that Trump would use surveillance for legitimate purposes. Perhaps more important for those living in the United Kingdom is the extent of the information sharing partnership between the US and the UK. Some 73% of respondents said they wanted the government to explain what safeguards exist to ensure any data swept up by their domestic secret services doesn’t end up being abused by the new US administration. That fear has become even more marked since the passage of the Investigatory Powers Act or 'Snoopers’ Charter', which granted the British authorities unprecedented mass surveillance and hacking powers, as well as forcing ISPs to retain all web records for up to 12 months. Privacy International claimed that although it has privately been presented with documents detailing the info sharing partnership between the two nations, Downing Street has so far refused to make the information public. The rights group and nine others are currently appealing to the European Court of Human Rights to overturn a decision by the Investigatory Powers Tribunal (IPT) not to release information about the rules governing the US-UK agreement. “UK and the US spies have enjoyed a cosy secret relationship for a long time, sharing sensitive intelligence data with each other, without parliament knowing anything about it, and without any public consent. Slowly, we’re learning more about the staggering scale of this cooperation and a dangerous lack of sufficient oversight,” argued Privacy International research officer, Edin Omanovic. “Today, a new President will take charge of US intelligence agencies – a President whose appetite for surveillance powers and how they’re used put him at odds with British values, security, and its people… Given that our intelligence agencies are giving him unfettered access to massive troves of personal data, including potentially about British people, it is essential that the details behind all this are taken out of the shadows.” Source
  5. Snowden Leaks Reveal NSA Snooped On In-Flight Mobile Calls NSA, GCHQ intercepted signals as they were sent from satellites to ground stations. GCHQ and the NSA have spied on air passengers using in-flight GSM mobile services for years, newly-published documents originally obtained by Edward Snowden reveal. Technology from UK company AeroMobile and SitaOnAir is used by dozens of airlines to provide in-flight connectivity, including by British Airways, Virgin Atlantic, Lufthansa, and many Arab and Asian companies. Passengers connect to on-board GSM servers, which then communicate with satellites operated by British firm Inmarsat. "The use of GSM in-flight analysis can help identify the travel of a target—not to mention the other mobile devices (and potentially individuals) onboard the same plane with them," says a 2010 NSA newsletter. A presentation, made available by the Intercept, contains details of GCHQ's so-called "Thieving Magpie" programme. GCHQ and the NSA intercepted the signals as they were sent from the satellites to the ground stations that hooked into the terrestrial GSM network. Initially, coverage was restricted to flights in Europe, the Middle East, and Africa, but the surveillance programme was expected to go global at the time the presentation was made. GCHQ's Thieving Magpie presentation explains how in-flight mobile works. Ars has asked these three companies to comment on the extent to which they were aware of the spying, and whether they are able to improve security for their users to mitigate its effects, but was yet to receive replies from Inmarsat or AeroMobile at time of publication. A SitaOnAir spokesperson told Ars in an e-mail: The Thieving Magpie presentation explains that it is not necessary for calls to be made, or data to be sent, for surveillance to take place. If the phone is switched on, and registers with the in-flight GSM service, it can be tracked provided the plane is flying high enough that ground stations are out of reach. The data, we're told, was collected in "near real time," thus enabling "surveillance or arrest teams to be put in place in advance" to meet the plane when it lands. Using this system, aircraft can be tracked every two minutes while in flight. If data is sent via the GSM network, GCHQ's presentation says that e-mail addresses, Facebook IDs, and Skype addresses can all be gathered. Online services observed by GCHQ using its airborne surveillance include Twitter, Google Maps, VoIP, and BitTorrent. Meanwhile, Le Monde reported that "GCHQ could even, remotely, interfere with the working of the phone; as a result the user was forced to redial using his or her access codes." No source is given for that information, which presumably is found in other Snowden documents, not yet published. As the French newspaper also points out, judging by the information provided by Snowden, the NSA seemed to have something of a fixation with Air France flights. Apparently that was because "the CIA considered that Air France and Air Mexico flights were potential targets for terrorists." GCHQ shared that focus: the Thieving Magpie presentation uses aircraft bearing Air France livery to illustrate how in-flight GSM services work. Ars asked the UK's spies to comment on the latest revelations, and received the usual boilerplate response from a GCHQ spokesperson: It is longstanding policy that we do not comment on intelligence matters. So that's OK, then. Source
  6. Just as civil liberties groups challenge the legality of the UK intelligence agency’s mass surveillance programs, a catalog of exploit tools for monitoring and manipulation is leaked online. The Joint Threat Research Intelligence Group (JTRIG), a department within the Government Communications Headquarters (GCHQ), “develops the majority of effects capabilities” for UK’s NSA-flavored intelligence agency. First Look Media first published the Snowden-leaked Wikipedia-like document full of covert tools used by GCHQ for surveillance and propaganda. JTRIG tools and techniques help British spies “seed the internet with false information, including the ability to manipulate the results of online polls,” monitor social media posts, and launch attacks ranging from denial of service, to call bombing phones, to disabling users' accounts on PCs. Devil’s Handshake, Dirty Devil, Reaper and Poison Arrow are but a few vicious-sounding JTRIG system tools, but the naming convention for others are just inane like Bumblebee Dance, Techno Viking and Jazz Fusion. Perhaps the British spies were hungry when coming up with Fruit Bowl, Spice Island, Nut Allergy, and Berry Twister? Most of the tools are "fully operational, tested and reliable,” according to the 2012 JTRIG Manual, but "Don't treat this like a catalog. If you don't see it here, it doesn't mean we can't build it." Like the previously leaked TAO exploits, it’s an eye-opener as to exploits that GCHQ can deploy. Some of the especially invasive tools that are “either ready to fire or very close to being ready” include: Angry Pirate can “permanently disable a target’s account on their computer.” Stealth Moose can “disrupt” a target’s “Windows machine. Logs of how long and when the effect is active.” Sunblock can “deny functionality to send/receive email or view material online.” Swamp Donkey “silently” finds and encrypts all predefined types of files on a target’s machine. Tracer Fire is an “Office document that grabs the targets machine info, files, logs, etc and posts it back to GCHQ.” Gurkhas Sword is a tool for “beaconed Microsoft Office documents to elicit a targets IP address.” Tornado Alley is a delivery system aimed at Microsoft Excel "to silently extract and run an executable on a target's machine." Changeling provides UK spies with the “ability to spoof any email address and send email under that identity.” Glassback gets a target’s IP by “pretending to be a spammer and ringing them. Target does not need to answer.”Denial of Service: Rolling Thunder uses P2P for distributed denial of service. Predators Face is used for “targeted denial of service against web servers.” Silent Movie provides “targeted denial of service against SSH services.”Other JTRIG exploits include Screaming Eagle, “a tool that processes Kismetdata into geolocation information” and Chinese Firecracker for “overt brute login attempts against online forums.” Hacienda is a “port scanning tool designed to scan an entire country or city” before identifying IP locations and adding them to an “Earthling database.” Messing with cellphones: Burlesque can “send spoofed SMS text messages.” Cannonball can “send repeated text messages to a single target.” Concrete Donkey can “scatter an audio message to a large number of telephones, or repeatedly bomb a target number with the same message.” Deer Stalker provides a way to silently call a satellite and GSM phone “to aid geolocation.” Imperial Barge can connect two target phones together in a call. Mustang “provides covert access to the locations of GSM cell towers.” Scarlet emperor is used for denial of service against targets’ phones via call bombing. Scrapheap Challenge provides “perfect spoofing of emails from BlackBerry targets.” Top Hat is “a version of Mustang and Dancing Bear techniques that allows us to pull back cell tower and Wi-Fi locations targeted against particular areas.” Vipers Tongue is another denial of service tool but it’s aimed at satellite or GSM phone calls. Manipulation and propaganda Bomb Bay can “increase website hits/rankings.” Gateway can “artificially increase traffic to a website;” Slipstream can “inflate page views on websites.” Underpass “can change the outcome of online polls.” Badger can mass deliver email messages “to support an Information Operations campaign.” Gestator can amplify a “given message, normally video, on popular multimedia websites” like YouTube. The “production and dissemination of multimedia via the web in the course of information operations” can be accomplished with Skyscraper. There are also various tools to censor or report “extremist” content. Online surveillance of social networks Godfather collects public data from Facebook. While Spring Bishop finds private photos of targets on Facebook, Reservoir allows the collection of various Facebook information. Clean Sweep can “masquerade Facebook wall posts for individuals or entire countries.” Birdstrike monitors and collects Twitter profiles. Dragon’s Snout collects Paltalk group chats. Airwolf collects YouTube videos, comments and profiles. Bugsy collects users’ info off Google+. Fatyak is about collecting data from LinkedIn. Goodfella is a “generic framework to collect public data from online social networks.” Elate monitors a target's use of UK's eBay. Mouth finds, collects and downloads a user’s files from achive.org. Photon Torpedo can “actively grab the IP address of an MSN messenger user.” Pitbull is aimed at large scale delivery of tailored messages to IM services. Miniature Hero is about exploiting Skype. The description states, “Active Skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists.” If that’s not enough mass-scale surveillance and manipulation to irk you, there are more weaponized tricks and techniques in the JTRIG Manual. Source
  7. Britain's electronic eavesdropping center GCHQ faces legal action from seven internet service providers who accuse it of illegally accessing "potentially millions of people's private communications," campaigners said Wednesday. The claim threatens fresh embarrassment for the British authorities after leaks by fugitive NSA worker Edward Snowden showed GCHQ was a key player in covert US surveillance operations globally. The complaint has been filed at a London court by ISPs Riseup and May First/People Link of the US, GreenNet of Britain, Greenhost of the Netherlands, Mango of Zimbabwe, Jinbonet of South Korea and the Chaos Computer Club of Germany, plus campaigners Privacy International. They claim that GCHQ carried out "targeted operations against internet service providers to conduct mass and intrusive surveillance." The move follows a series of reports by German magazine Der Spiegel which claimed to detail GCHQ's illicit activities. These reportedly included targeting a Belgian telecommunications company, Belgacom, where staff computers were infected with malware in a "quantum insert" attack to secure access to customers. The legal complaint says this was "not an isolated attack" and alleges violations of Britain's Human Rights Act and the European Convention of Human Rights. "These widespread attacks on providers and collectives undermine the trust we all place on the internet and greatly endangers the world's most powerful tool for democracy and free expression," said Eric King, Privacy International's deputy director. Britain's Foreign Office did not immediately comment. GCHQ, which stands for Government Communications Headquarters, employs around 5,500 people and is housed in a giant doughnut-shaped building in the sleepy town of Cheltenham, southwest England. Snowden's leaks claimed that the NSA had been secretly funding GCHQ to the tune of £100 million ($160 million, 120 million euros) over the last three years. Source
×
×
  • Create New...