NSA- FBI tapping directly into the central servers extracting audio, video chats, photographs, e-mai

J. Abizeid

J. Abizeid

Well-Known Member
Apple and Google Just Attended a Confidential Spy Summit in a Remote English Mansion - The Intercept


Apple and Google Just Attended a Confidential Spy Summit in a Remote English Mansion




At an 18th-century mansion in England’s countryside last week, current and former spy chiefs from seven countries faced off with representatives from tech giants Apple and Google to discuss government surveillance in the aftermath of Edward Snowden’s leaks.

The three-day conference, which took place behind closed doors and under strict rules about confidentiality, was aimed at debating the line between privacy and security.

Among an extraordinary list of attendees were a host of current or former heads from spy agencies such as the CIA and British electronic surveillance agency Government Communications Headquarters, or GCHQ. Other current or former top spooks from Australia, Canada, France, Germany and Sweden were also in attendance. Google, Apple, and telecommunications company Vodafone sent some of their senior policy and legal staff to the discussions. And a handful of academics and journalists were also present.

According to an event program obtained by The Intercept, questions on the agenda included: “Are we being misled by the term ‘mass surveillance’?” “Is spying on allies/friends/potential adversaries inevitable if there is a perceived national security interest?” “Who should authorize intrusive intelligence operations such as interception?” “What should be the nature of the security relationship between intelligence agencies and private sector providers, especially when they may in any case be cooperating against cyber threats in general?” And, “How much should the press disclose about intelligence activity?”

The list of participants included:

From companies:
Richard Salgado, Google’s legal director for law enforcement and information security; Verity Harding, Google’s U.K. public policy manager and head of security and privacy policy; Jane Horvath, Apple’s senior director of global privacy; Erik Neuenschwander, Apple’s product security and privacy manager; Matthew Kirk, Vodafone Group’s external affairs director; and Phillipa McCrostie, global vice chair of transaction advisory services, Ernst & Young.

From the U.S.:
John McLaughlin, the CIA’s former acting director and deputy director; Jami Miscik, the CIA’s former director of intelligence; Mona Sutphen, member of President Obama’s Intelligence Advisory Board and former White House deputy chief of staff; Rachel Brand, member of the Privacy and Civil Liberties Oversight Board; George Newcombe, board of visitors, Columbia Law School; David Ignatius, Washington Post columnist and associate editor; and Sue Halpern, New York Review of Books contributor.

From the U.K.:
Robert Hannigan, current chief of British surveillance agency GCHQ; Sir David Omand, former GCHQ chief; Sir Malcolm Rifkind, former head of the British parliament’s Intelligence and Security Committee; Lord Butler of Brockwell, member of the Intelligence and Security Committee; Dr. Jamie Saunders, director of the National Cybercrime Unit at the National Crime Agency; Sir Mark Waller, Intelligence Services Commissioner; Peter Clarke, former head of Counter Terrorism Command at London’s Metropolitan Police; Baroness Neville-Jones, House of Lords special representative to business on cyber security and member of the joint parliamentary committee on national security strategy; John Spellar, member of parliament; Duncan Campbell, investigative journalist; Gordon Corera, BBC security correspondent; and Professor Timothy Garton Ash, historian and author.

From Europe:
Ernst Uhrlau, former head of the German federal intelligence service, the BND; Christophe Bigot, director of strategy for French surveillance agency Directorate General for External Security; Ingvar Akesson, former director general of Sweden’s surveillance agency, the FRA; Gilles de Kerchove, the European Union’s counterterrorism coordinator; Isabelle Falque-Pierrotin, chair of the EU’s Article 29 Working Party, which deals with data protection issues; Dr Giuseppe Busia, secretary general of the Italian data protection authority; and Jacob Kohnstamm, chairman of the Dutch data protection authority.

From Australia and Canada:
David Irvine, former chief of the Australian Security Intelligence Organisation; Richard Fadden, Canadian government national security adviser and deputy minister at the Department of National Defense, former director of the Canadian Security Intelligence Service; Kent Roach, professor of law at the University of Toronto; and Jacques Fremont, president, Quebec Human Rights and Youth Rights Commission.

The event was chaired by the former British MI6 spy chief Sir John Scarlett and organized by the Ditchley Foundation, which holds several behind-closed-doors conferences every year at its mansion in Oxfordshire (pictured above) in an effort to address “complex issues of international concern.” The discussions are held under what is called the Chatham House Rule, meaning what is said by each attendee during the meetings cannot be publicly revealed, a setup intended to encourage open and frank discussion. The program outlining the conference on surveillance told participants they could “draw afterwards on the substance of what has been said” but warned them “not under any circumstances to reveal to any person not present at the conference” details exposing what particular named individuals talked about.

Investigative reporter Duncan Campbell, who attended the event, told The Intercept that it was a “remarkable” gathering that “would have been inconceivable without Snowden,” the National Security Agency whistleblower.

“Away from the fetid heat of political posturing and populist headlines, I heard some unexpected and surprising comments from senior intelligence voices, including that ‘cold winds of transparency’ had arrived and were here to stay,” said Campbell, who has been reporting on British spy agencies over a career spanning four decades.

He added: “Perhaps to many participants’ surprise, there was general agreement across broad divides of opinion that Snowden – love him or hate him – had changed the landscape; and that change towards transparency, or at least ‘translucency’ and providing more information about intelligence activities affecting privacy, was both overdue and necessary.”

One particularly notable attendee was GCHQ chief Hannigan, who stayed only for the first day of the discussions. Hannigan recently took over the top British eavesdropping job, and one of the first things he did in the post was to publicly accuse U.S. tech companies of being “command-and-control networks of choice for terrorists and criminals,” which is not likely to have gone down well with the likes of Google and Apple. (Neither Google nor Apple had responded to requests for comment on this story at time of publication.)

Hannigan may have viewed the event as an opportunity to rein in his rhetoric and attempt to gain the trust of the tech giants. The British spy chief has said U.S. tech companies should provide “greater support” to surveillance agencies and that he wants to see “better arrangements for facilitating lawful investigation by security and law enforcement agencies than we have now.” In the U.S., similar pressure has been exerted on the companies, with federal agencies pushing for greater cooperation on surveillance amid an increased adoption of encryption technology that protects the privacy of communications.

In the aftermath of Snowden revelations showing extensive Internet surveillance perpetrated by British and American spies and their allies, Google and other companies have reportedly become more resistant to government data requests. Google engineers were outraged by some of the disclosures and openly sent a “**** you” to the surveillance agencies while hardening Google’s security. Meanwhile, Apple has expanded the range of data that’s encrypted by default on iPhones, iPads, and Mac computers, and CEO Tim Cook has vowed never to give the government access to Apple servers, stating “we all have a right to privacy.” But the Ditchley event is a sign that, behind the scenes at least, a dialogue is beginning to open up between the tech giants and the spy agencies post-Snowden, and relations may be thawing.
 
  • Advertisement
  • Indie

    Indie

    Legendary Member
    Orange Room Supporter
    Pranksters publish secretly-recorded public conversations to make point about NSA

    'Freelance' NSA spies say they've installed audio recorders in cafes, bars, restaurants and gyms around NYC

    By Lauren O'Neil

    If you'll be hanging around New York City at all in the near future, you may want to hold off on the gossip — at least while you're in public.

    A group of anonymous anti-NSA activists claim to have placed hidden recording devices in restaurants, bars, gyms and cafes all around the city to eavesdrop on citizens' private conversations.

    While, as some have pointed out, this claim cannot be verified, a series of recordings uploaded to the group's Soundcloud page and website last week have got many people talking.

    WeAreAlwaysListening.com started blowing up on the viral web over the weekend after being spotlighted by a few high-profile Twitter accounts (like the ACLU's) and publications (like WIRED.)

    Presented as the homepage for an actual U.S. National Security initiative, the "about" section of the site reads:

    "Eavesdropping on the population has revealed many saying 'I'm not doing anything wrong so who cares if the NSA tracks what I say and do?' Citizens don't seem to mind this monitoring, so we're hiding recorders in public places in hopes of gathering information to help win the war on terror."

    The site also explains that excepts from some recordings will be published in the interest of "greater transparency."

    So far, six secretly-recorded conversations have been featured by the group, their contents running the gamut from inane to insane (or, rather, insanely embarrassing.)

    In one audio clip taken from a Brooklyn restaurant, "a fetish-fueled hookup reveals perversions which shall be kept on file," according to its description.

    Another, recorded at a Cafe in the East Village, is simply the audio from a rather boring job interview.

    The latest clip's accompanying text indicates that it may be the most privately-intended conversation published by the group to date: "We're listening as you cut up friends behind their backs... Asians belittling other Asians for sounding too Asian."

    When asked about the legality of their project by the Guardian late last week, members (who spoke under the condition of anonymity) said that they had been careful not to release "anybody's first and last names" with the recordings — though, as the Guardian notes, two names were heard in one of the tracks on the site last Friday.

    "If it turns out that it's illegal, we'll put a full stop to it," said a group spokesperson. "We'll continue to keep the country safe from terror until then."

    The refusal to break NSA-agent character appears to be standard for the group, which makes its actual views on the U.S. phone records program leaked by Edward Snowden in 2013 clear with a prominent link to an ACLU petition about letting Section 215 of the Patriot Act expire on its website.

    As for the veracity of their recordings, the project creators are adamant that they're 100 per cent real.

    "We can attest to the fact all people recorded are NOT actors and are not knowingly involved in the project in any way," a spokesperson told WIRED in an encrypted email.

    WIRED soon-after received an envelope containing one of the group's tape recorders (the cheap kind you can buy "for a few dollars at Best Buy," according to the Guardian) and a USB stick containing the following video, which shows a recorder being planted beneath a restaurant table:

    Pranksters publish secretly-recorded public conversations to make point about NSA - Trending - CBC News
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    New Snowden Documents Reveal Secret Memos Expanding Spying

    New Snowden Documents Reveal Secret Memos Expanding Spying


    Posted: 06/04/2015

    Without public notice or debate, the Obama administration has expanded the National Security Agency's warrantless surveillance of Americans' international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.

    In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad -- including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

    The Justice Department allowed the agency to monitor only addresses and "cybersignatures" -- patterns associated with computer intrusions -- that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.

    The disclosures, based on documents provided by Edward J. Snowden, the former NSA contractor, and shared with the New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance.

    While the Senate passed legislation this week limiting some of the NSA's authority, it involved provisions in the U.S.A. Patriot Act and did not apply to the warrantless wiretapping program.

    Government officials defended the NSA's monitoring of suspected hackers as necessary to shield Americans from the increasingly aggressive activities of foreign governments. But critics say it raises difficult trade-offs that should be subject to public debate.

    The NSA's activities run "smack into law enforcement land," said Jonathan Mayer, a cybersecurity scholar at Stanford Law School who has researched privacy issues and who reviewed several of the documents. "That's a major policy decision about how to structure cybersecurity in the U.S. and not a conversation that has been had in public."

    It is not clear what standards the agency is using to select targets. It can be hard to know for sure who is behind a particular intrusion -- a foreign government or a criminal gang -- and the NSA is supposed to focus on foreign intelligence, not law enforcement.

    The government can also gather significant volumes of Americans' information -- anything from private emails to trade secrets and business dealings -- through Internet surveillance because monitoring the data flowing to a hacker involves copying that information as the hacker steals it.

    One internal NSA document notes that agency surveillance activities through "hacker signatures pull in a lot." Brian Hale, the spokesman for the Office of the Director of National Intelligence, said, "It should come as no surprise that the U.S. government gathers intelligence on foreign powers that attempt to penetrate U.S. networks and steal the private information of U.S. citizens and companies." He added that "targeting overseas individuals engaging in hostile cyberactivities on behalf of a foreign power is a lawful foreign intelligence purpose."

    The effort is the latest known expansion of the NSA's warrantless surveillance program, which allows the government to intercept Americans' cross-border communications if the target is a foreigner abroad. While the NSA has long searched for specific email addresses and phone numbers of foreign intelligence targets, the Obama administration three years ago started allowing the agency to search its communications streams for less-identifying Internet protocol addresses or strings of harmful computer code.

    The surveillance activity traces to changes that began after the Sept. 11 terrorist attacks. The government tore down a so-called wall that prevented intelligence and criminal investigators from sharing information about suspected spies and terrorists. The barrier had been erected to protect Americans' rights because intelligence investigations use lower legal standards than criminal inquiries, but policy makers decided it was too much of an obstacle to terrorism investigations.

    The NSA also started the warrantless wiretapping program, which caused an outcry when it was disclosed in 2005. In 2008, under the FISA Amendments Act, Congress legalized the surveillance program so long as the agency targeted only noncitizens abroad. A year later, the new Obama administration began crafting a new cybersecurity policy -- including weighing whether the Internet had made the distinction between a spy and a criminal obsolete.

    "Reliance on legal authorities that make theoretical distinctions between armed attacks, terrorism and criminal activity may prove impractical," the White House National Security Council wrote in a classified annex to a policy report in May 2009, which was included in the NSA's internal files.

    About that time, the documents show, the NSA -- whose mission includes protecting military and intelligence networks against intruders -- proposed using the warrantless surveillance program for cybersecurity purposes. The agency received "guidance on targeting using the signatures" from the Foreign Intelligence Surveillance Court, according to an internal newsletter.

    In May and July 2012, according to an internal timeline, the Justice Department granted its secret approval for the searches of cybersignatures and Internet addresses. The Justice Department tied that authority to a pre-existing approval by the secret surveillance court permitting the government to use the program to monitor foreign governments.

    That limit meant the NSA had to have some evidence for believing that the hackers were working for a specific foreign power. That rule, the NSA soon complained, left a "huge collection gap against cyberthreats to the nation" because it is often hard to know exactly who is behind an intrusion, according to an agency newsletter. Different computer intruders can use the same piece of malware, take steps to hide their location or pretend to be someone else.

    So the NSA, in 2012, began pressing to go back to the surveillance court and seek permission to use the program explicitly for cybersecurity purposes. That way, it could monitor international communications for any "malicious cyberactivity," even if it did not yet know who was behind the attack.

    The newsletter described the further expansion as one of "highest priorities" of the NSA director, Gen. Keith B. Alexander. However, a former senior intelligence official said that the government never asked the court to grant that authority.

    Meanwhile, the F.B.I. in 2011 had obtained a new kind of wiretap order from the secret surveillance court for cybersecurity investigations, permitting it to target Internet data flowing to or from specific Internet addresses linked to certain governments.

    To carry out the orders, the F.B.I. negotiated in 2012 to use the NSA's system for monitoring Internet traffic crossing "chokepoints operated by U.S. providers through which international communications enter and leave the United States," according to a 2012 NSA document. The NSA would send the intercepted traffic to the bureau's "cyberdata repository" in Quantico, Virginia.

    The disclosure that the NSA and the F.B.I. have expanded their cybersurveillance adds a dimension to a recurring debate over the post-Sept. 11 expansion of government spying powers: Information about Americans sometimes gets swept up incidentally when foreigners are targeted, and prosecutors can use that information in criminal cases.

    Citing the potential for a copy of data "exfiltrated" by a hacker to contain "so much" information about Americans, one NSA lawyer suggested keeping the stolen data out of the agency's regular repository for information collected by surveillance so that analysts working on unrelated issues could not query it, a 2010 training document showed. But it is not clear whether the agency or the F.B.I. has imposed any additional limits on the data of hacking victims.

    In a response to questions for this article, the F.B.I. pointed to its existing procedures for protecting victims' data acquired during investigations, but also said it continually reviewed its policies "to adapt to these changing threats while protecting civil liberties and the interests of victims of cybercrimes."

    None of these actions or proposals had been disclosed to the public. As recently as February, when President Obama spoke about cybersecurity at an event at Stanford University, he lauded the importance of transparency but did not mention this change.

    "The technology so often outstrips whatever rules and structures and standards have been put in place, which means that government has to be constantly self-critical and we have to be able to have an open debate about it," Obama said.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member

    New Snowden Documents Reveal Secret Memos Expanding Spying
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Edward Snowden celebrates victory on surveillance in NYT op-ed - The Washington Post

    Edward Snowden celebrates victory on surveillance in NYT op-ed

    Edward Snowden, on the run for two years after leaking classified National Security Agency documents to the press, has penned an opinion piece claiming a victory in his battle against unlimited government surveillance.

    In a piece called “The World Says No to Surveillance” published in the New York Times, Snowden celebrated the decision of the U.S. Congress to turn away from post-9/11 law and change the way the nation weighs liberty against security in the 21st century.

    “Privately, there were moments when I worried that we might have put our privileged lives at risk for nothing — that the public would react with indifference, or practiced cynicism, to the revelations,” Snowden wrote. “Never have I been so grateful to have been so wrong.”

    While Snowden said the right to privacy in America “remains under threat,” he noted — and, implicitly, took credit — for the emergence of “a post-terror generation, one that rejects a worldview defined by a singular tragedy.”

    “This is the power of an informed public,” he wrote.

    Earlier this week, Congress passed the USA Freedom Act, which curtailed the government’s ability to snoop on its citizens. The Washington Post’s Ellen Nakashima called the law, which “ends the bulk collection of data and increases the transparency of secret courts,” a “milestone in the post-9/11 world.”

    “The USA Freedom Act, passed by Congress and signed into law by President Obama on Tuesday, marks the first piece of legislation to rein in surveillance powers in the wake of disclosures two years ago by former intelligence contractor Edward Snowden and the national debate he catalyzed,” Nakashima wrote. “It comes as Obama is winding down the nation’s wars overseas and as fears of another terrorist attack on the scale of Sept. 11, 2001, no longer galvanize and unify lawmakers in the same way they once did.”

    Some, however, say the government is more able to continue the surveillance Snowden criticizes than this narrative might suggest.

    “Although the law does prohibit the bulk collection of the metadata linked to all American telephone communications, it arguably will expand the government’s ability to analyze the data it does collect,” political scientist H.L. Pohlman wrote in The Post hosted blog, the Monkey Cage, saying the legislation “seems to permit the government to analyze the data not just for specific cases of counterterrorism, but for the purpose of conducting US foreign policy — a much broader category.”

    Snowden’s victory lap comes not long after some wondered whether his efforts had amounted to anything at all. Not only had many called the 31-year-old former NSA contractor a traitor, but the complicated surveillance schemes he first laid out for The Post and the Guardian in 2013 drew only mixed reactions and considerable support from Americans in polls.

    In a recent interview, HBO’s John Oliver — a quite unlikely interlocutor — showed Snowden “man on the street” interviews in which average Joes were hard-pressed to explain what Snowden, exiled to Russia, had done.

    “You might be able to go home,” Oliver said, “because it seems like no one knows who the f— you are and what the f— you did.”

    [John Oliver’s hilarious interview with Edward Snowden]

    Snowden, who is playing a long game with additional leaks of classified material to different news organizations over time, wasn’t worried.

    “With each court victory, with every change in the law, we demonstrate facts are more convincing than fear,” he wrote in the Times. “As a society, we rediscover that the value of a right is not in what it hides, but in what it protects.”
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    http://www.ft.com/cms/s/0/8fec9956-0ad9-11e5-98d3-00144feabdc0.html#axzz3cCfTnoeu

    June 5, 2015
    Edward Snowden is a patriot and deserves freedom

    Their implicit position is he did America a service and should pay for it, writes Jacob Weisberg



    Revelations by Edward Snowden, a former US National Security Agency contractor, raised awareness

    What is the responsibility of public servants who believe that the government is abusing its authority? In most cases, US law encourages them to expose wrongdoing. The Whistleblower Protection Act passed in 1989 protects “any disclosure” that an employee reasonably believes indicates the violation of laws or rules, “gross mismanagement, a gross waste of funds, and abuse of authority, or a substantial and specific danger to public health or safety”.

    Edward Snowden’s revelation of mass surveillance by the National Security Agency, including the bulk collection of phone records, would seem to conform to all of the criteria for whistleblowing.
    Did he expose violations of law? Check. Last month, a federal appeals court held that the phone records collection programme was illegal. Did he reveal abuses of authority? Check. The NSA’s inspector general has acknowledged dozens of incidents in which employees tracked phone calls and emails of former girlfriends, objects of romantic interest, or in one case an “unfaithful husband”. Did he point out gross mismanagement? Check. The mere fact that Mr Snowden was able to walk out with a treasure trove of top-secret information more or less proves the point. Did Mr Snowden bring to light the waste of public funds? Quite possibly, check again. The government has provided no evidence that the costly programme has prevented a single terrorist attack.

    Unfortunately for Mr Snowden, the Whistleblower Protection Act contains a major exception: it does not apply to people who work for intelligence agencies, including the NSA. The US justice department maintains that Mr Snowden’s actions fall under a very different kind of law, the draconian and anachronistic Espionage Act of 1917. The Whistleblower Protection Act protects you as long as you believe you are doing right in leaking information about government wrongdoing to the press — even if you are wrong. The Espionage Act treats you as a traitor even if you acted with patriotic intent, as Mr Snowden convincingly claims to have done — and even if you are right.

    The chasm between the government’s encouragement of some whistleblowing and its severe punishment of other whistleblowing constitutes the limbo in which Mr Snowden finds himself.

    This week, he and his allies claimed moral vindication, as Congress voted to prohibit the most notorious practice he brought to light. Following recommendations made by President Barack Obama in the wake of Mr Snowden’s revelations, a coalition of Democrats and libertarian-minded Republicans that included Rand Paul, senator of Kentucky, declined to renew Section 215 of the USA Patriot Act. A court’s secret interpretation of that provision was what allowed the government to collect bulk phone records for more than a decade. In its stead, Congress passed the equally Orwellian-sounding USA Freedom Act, which ends that practice.
    Opinions differ about how significant the changes under the new legislation really are. Mr Snowden, writing from his Russian exile, calls it a “historic victory”. Others argue that it merely shifts the burden of data collection to the telecoms companies, a mostly symbolic change. Many other surveillance programmes that threaten privacy and civil liberties were not addressed by this week’s action and remain in place.

    But henceforth, NSA policies face limits set by elected representatives of an informed public. Thanks to Mr Snowden, Americans know that the government is monitoring their electronic communications.

    Civil libertarians can object to the new policy, but they can no longer claim that it operates without the consent of the governed. Mr Obama’s legacy now includes the repudiation of the most abhorrent and illiberal policies adopted by his predecessor in the wake of the September 11 2001 attacks: torture and the mass surveillance of phone records.

    What this week’s debate did not come any closer to resolving is the status of Mr Snowden. The justice department demands that he return to face criminal charges. The implicit position of the Obama administration, as well as most members of Congress, is that Mr Snowden did the country an important service and that he should pay for it by going to prison for the rest of his life.

    Mr Snowden quite reasonably refuses to return on these terms. He says he is willing to stand trial and face the consequences, but wants to be able to present a public interest defence — impossible under an Espionage Act prosecution.

    Rather than leaving Mr Snowden’s status as a problem for his successor, Mr Obama should make resolving his case part of his presidential legacy as well. His justice department could offer Mr Snowden a plea bargain, under which he would not serve prison time in exchange for his co-operation. Or the government could charge Mr Snowden under the standard laws covering disclosures of classified information by government officials. This would allow him to return from his Moscow purgatory and make his whistleblower defence.

    Mr Snowden clearly broke the law in revealing government secrets. But he did so for valid reasons and with an outcome that now has the endorsement of both the legislative and executive branches. That is reason enough for Mr Obama to show him mercy.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member

    Freedom Act: Edward Snowden speaks out on surveillance reform
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Did Max Boot and Commentary Magazine Lie About Edward Snowden? You Decide. - The Intercept

    Did Max Boot and Commentary Magazine Lie About Edward Snowden? You Decide.




    In the neocon journal Commentary, Max Boot today complains that the New York Times published an op-ed by Edward Snowden. Boot’s objection rests on his accusation that the NSA whistleblower is actually a “traitor.” In objecting, Boot made these claims:

    Oddly enough nowhere in his article — which is datelined Moscow — does he mention the surveillance apparatus of his host, Vladimir Putin, which far exceeds in scope anything created by any Western country. . . .That would be the same FSB that has taken Snowden into its bosom as it has previously done (in its earlier incarnation as the KGB) with previous turncoats such as Kim Philby. . . .

    But of course Ed Snowden is not courageous enough, or stupid enough, to criticize the dictatorship that he has defected to. It’s much easier and safer to criticize the country he betrayed from behind the protection provided by the FSB’s thugs. The only mystery is why the Times is giving this traitor a platform.

    It is literally the supreme act of projection for Max Boot to accuse anyone of lacking courage, as this particular think tank warmonger is the living, breathing personification of the unique strain of American neocon cowardice. Unlike Snowden — who sacrificed his liberty and unraveled his life in pursuit of his beliefs — the 45-year-old Boot has spent most of his adult life advocating for one war after the next, but always wanting to send his fellow citizens of his generation to die in them, while he hides in the comfort of Washington think tanks, never fighting them himself.

    All of that is just garden-variety neocon cowardice, and it’s of course grotesque to watch someone like this call someone else a coward. But it’s so much worse if he lies when doing so. Did he do so here? You decide. From Snowden’s NYT op-ed today:

    Basic technical safeguards such as encryption — once considered esoteric and unnecessary — are now enabled by default in the products of pioneering companies like Apple, ensuring that even if your phone is stolen, your private life remains private. Such structural technological changes can ensure access to basic privacies beyond borders, insulating ordinary citizens from the arbitrary passage of anti privacy laws, such as those now descending upon Russia.

    The meaning of that passage — criticisms of Russia’s attack on privacy — is so clear and glaring that it caused even Time magazine to publish this today:



    The first sentence of Time’s article: “Former CIA officer and NSA contractor Ed Snowden has taken a surprising swing at his new home, accusing Russia of ‘arbitrarily passing’ new anti-privacy laws.” In other words, in the very op-ed to which Boot objects, Snowden did exactly that which Boot accused him of lacking the courage to do: “criticize” the country that has given him asylum.

    This is far from the first time Snowden has done exactly that which the Tough and Swaggering Think Tank Warrior proclaimed Snowden would never do. In April, 2014, Snowden wrote an op-ed in The Guardian under this headline:



    With Max Boot’s above-printed accusations in mind, just re-read that. Did Boot lie? To pose the question is to answer it. Here’s part of what Snowden wrote in that op-ed:

    On Thursday, I questioned Russia’s involvement in mass surveillance on live television. . . . I went on to challenge whether, even if such a mass surveillance program were effective and technically legal, it could ever be morally justified. . . . In his response, Putin denied the first part of the question and dodged on the latter. There are serious inconsistencies in his denial.

    In countless speeches, Snowden has said much the same thing: that Russian spying is a serious problem that needs investigation and reform, and that Putin’s denials are not credible. Boot simply lied about Snowden.

    It’s not surprising that someone whose entire adult life is shaped by extreme cowardice would want to accuse others of lacking courage, as it distracts attention away from oneself and provides the comfort of company. Nor is it surprising that government-loyal journalists spew outright falsehoods to smear whistleblowers. But even neocon rags like Commentary shouldn’t be able to get away with this level of blatant lying.

    UPDATE: In typical neocon fashion, Boot first replies by minimizing his own error to a mere innocent oversight, and implying that only hysteria could cause anyone to find what he did to be problematic. Even then, the facts negate his self-justification. But then he says he was actually right all along and his “point stands”:
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Report: NSA Sifts Americans’ International Internet Traffic to Hunt Hackers - The Intercept

    Report: NSA Sifts Americans’ International Internet Traffic to Hunt Hackers




    The National Security Agency’s ability to warrantlessly sift through Americans’ international Internet traffic has been secretly expanded as part of efforts to identify malicious hackers.

    The increased surveillance, sanctioned by the Obama administration in 2012, has allowed the NSA to monitor U.S. Internet networks for information about hacks originating abroad, the New York Times and ProPublica reported Thursday, citing documents from NSA whistleblower Edward Snowden.

    According to the Times:

    The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the N.S.A. sought to target hackers even when it could not establish any links to foreign powers. […]

    It is not clear what standards the agency is using to select targets. It can be hard to know for sure who is behind a particular intrusion — a foreign government or a criminal gang — and the N.S.A. is supposed to focus on foreign intelligence, not law enforcement.

    The government can also gather significant volumes of Americans’ information – anything from private emails to trade secrets and business dealings — through Internet surveillance because monitoring the data flowing to a hacker involves copying that information as the hacker steals it.

    One internal N.S.A. document notes that agency surveillance activities through “hacker signatures pull in a lot.”

    The revelation calls into question previous statements made by senior U.S. officials about a claimed lack of ability to detect cyberattacks within the United States. During his time as director of the NSA, for instance, Keith Alexander (pictured above) continually lobbied for more cybersecurity powers, but did not mention the scope of those already obtained by the agency. In March 2014, the then-NSA director told a cybersecurity conference at Georgetown University: “An attack on Wall Street or an exploit going against Wall Street — NSA and Cyber Command would probably not see that. We have no capability there. Against everything that’s been said, the fact is we don’t have the ability to see it.”

    The Times report, an embargoed copy of which was shared with The Intercept because co-founder Laura Poitras contributed to it, also reveals that the FBI negotiated in 2012 to use the NSA’s surveillance capabilities to monitor Internet traffic passing over “chokepoints operated by U.S. providers through which international communications enter and leave the United States.” The NSA would reportedly send the intercepted traffic to a “cyberdata repository” maintained by the bureau in Quantico, Virginia.

    Brian Hale, spokesman for the Director of National Intelligence’s office, said in a statement: “It should come as no surprise that the U.S. government gathers intelligence on foreign powers that attempt to penetrate U.S. networks and steal the private information of U.S. citizens and companies.” He added: “targeting overseas individuals engaging in hostile cyberactivities on behalf of a foreign power is a lawful foreign intelligence purpose.”

    However, Jonathan Mayer, a cybersecurity scholar at Stanford Law School, told the Times the NSA’s activities revealed in the documents run “smack into law enforcement land.”

    “That’s a major policy decision about how to structure cybersecurity in the U.S. and not a conversation that has been had in public,” Mayer said.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Sunday Times Snowden Story is Journalism at its Worst

    The Sunday Times’ Snowden Story is Journalism at its Worst — and Filled with Falsehoods




    Western journalists claim that the big lesson they learned from their key role in selling the Iraq War to the public is that it’s hideous, corrupt and often dangerous journalism to give anonymity to government officials to let them propagandize the public, then uncritically accept those anonymously voiced claims as Truth. But they’ve learned no such lesson. That tactic continues to be the staple of how major US and British media outlets “report,” especially in the national security area. And journalists who read such reports continue to treat self-serving decrees by unnamed, unseen officials – laundered through their media – as gospel, no matter how dubious are the claims or factually false is the reporting.


    We now have one of the purest examples of this dynamic. Last night, the Murdoch-owned Sunday Times published their lead front-page Sunday article, headlined “British Spies Betrayed to Russians and Chinese.” Just as the conventional media narrative was shifting to pro-Snowden sentiment in the wake of a key court ruling and a new surveillance law, the article (behind a paywall: full text here) claims in the first paragraph that these two adversaries “have cracked the top-secret cache of files stolen by the fugitive US whistleblower Edward Snowden, forcing MI6 to pull agents out of live operations in hostile countries, according to senior officials in Downing Street, the Home Office and the security services.” It continues:


    Western intelligence agencies say they have been forced into the rescue operations after Moscow gained access to more than 1m classified files held by the former American security contractor, who fled to seek protection from Vladimir Putin, the Russian president, after mounting one of the largest leaks in US history.

    Senior government sources confirmed that China had also cracked the encrypted documents, which contain details of secret intelligence techniques and information that could allow British and American spies to be identified.

    One senior Home Office official accused Snowden of having “blood on his hands”, although Downing Street said there was “no evidence of anyone being harmed”.

    Aside from the serious retraction-worthy fabrications on which this article depends – more on those in a minute – the entire report is a self-negating joke. It reads like a parody I might quickly whip up in order to illustrate the core sickness of western journalism.

    Unless he cooked an extra-juicy steak, how does Snowden “have blood on his hands” if there is “no evidence of anyone being harmed?” As one observer put it last night in describing the government instructions these Sunday Times journalists appear to have obeyed: “There’s no evidence anyone’s been harmed but we’d like the phrase ‘blood on his hands’ somewhere in the piece.”

    The whole article does literally nothing other than quote anonymous British officials. It gives voice to banal but inflammatory accusations that are made about every whistleblower from Daniel Ellsberg to Chelsea Manning. It offers zero evidence or confirmation for any of its claims. The “journalists” who wrote it neither questioned any of the official assertions nor even quoted anyone who denies them. It’s pure stenography of the worst kind: some government officials whispered these inflammatory claims in our ears and told us to print them, but not reveal who they are, and we’re obeying. Breaking!

    Stephen Colbert captured this exact pathology with untoppable precision in his 2006 White House Correspondents speech, when he mocked American journalism to the faces of those who practice it:

    But, listen, let’s review the rules. Here’s how it works.The President makes decisions. He’s the decider. The press secretary announces those decisions, and you people of the press type those decisions down. Make, announce, type. Just put ’em through a spell check and go home. Get to know your family again. Make love to your wife. Write that novel you got kicking around in your head. You know, the one about the intrepid Washington reporter with the courage to stand up to the administration? You know, fiction!

    The Sunday Times article is even worse because it protects the officials they’re serving with anonymity. The beauty of this tactic is that the accusations can’t be challenged. The official accusers are being hidden by the journalists so nobody can confront them or hold them accountable when it turns out to be false. The evidence can’t be analyzed or dissected because there literally is none: they just make the accusation and, because they’re state officials, their media-servants will publish it with no evidence needed. And as is always true, there is no way to prove the negative. It’s like being smeared by a ghost with a substance that you can’t touch.

    This is the very opposite of journalism. Ponder how dumb someone has to be at this point to read an anonymous government accusation, made with zero evidence, and accept it as true.

    But it works. Other news agencies mindlessly repeated the Sunday Times claims far and wide. I watched last night as American and British journalists of all kinds reacted to the report on Twitter: by questioning none of it. They did the opposite: they immediately assumed it to be true, then spent hours engaged in somber, self-serious discussions with one another over what the geopolitical implications are, how the breach happened, what it means for Snowden, etc. This is the formula that shapes their brains: anonymous self-serving government assertions = Truth.

    By definition, authoritarians reflexively believe official claims – no matter how dubious or obviously self-serving, even when made while hiding behind anonymity – because that’s how their submission functions. Journalists who practice this sort of primitive reporting – I uncritically print what government officials tell me, and give them anonymity so they have no accountability for any it – do so out of a similar authoritarianism, or uber-nationalism, or laziness, or careerism. Whatever the motives, the results are the same: government officials know they can propagandize the public at any time because subservient journalists will give them anonymity to do so and will uncritically disseminate and accept their claims.

    At this point, it’s hard to avoid the conclusion that journalists want it this way. It’s impossible that they don’t know better. The exact kinds of accusations laundered in the Sunday Times today are made – and then disproven – in every case where someone leaks unflattering information about government officials.


    In the early 1970s, Nixon officials such as John Ehrlichman and Henry Kissinger planted accusations in the U.S. media that Daniel Ellsberg had secretly given the Pentagon Papers and other key documents to the Soviet Union; everyone now knows this was a lie, but at the time, American journalists repeated it constantly, helping to smear Ellsberg. That’s why Ellsberg has constantly defended Snowden and Chelsea Manning from the start: because the same tactics were used to smear him.



    The same thing happened with Chelsea Manning. When WikiLeaks first began publishing the Afghan War logs, U.S. officials screamed that they – all together now – had “blood on their hands.” But when some journalists decided to scrutinize rather than mindlessly repeat the official accusation (i.e., some decided to do journalism), they found it was a fabrication.



    Writing under the headline “US officials privately say WikiLeaks damage limited,” Reuters’ Mark Hosenball reported that “internal U.S. government reviews have determined that a mass leak of diplomatic cables caused only limited damage to U.S. interests abroad, despite the Obama administration’s public statements to the contrary.”


    An AP report was headlined “AP review finds no WikiLeaks sources threatened,” and explained that “an Associated Press review of those sources raises doubts about the scope of the danger posed by WikiLeaks’ disclosures and the Obama administration’s angry claims, going back more than a year, that the revelations are life-threatening.” Months earlier, McClatchy’s Nancy Youssef wrote an article headlined “Officials may be overstating the dangers from WikiLeaks,” and she noted that “despite similar warnings ahead of the previous two massive releases of classified U.S. intelligence reports by the website, U.S. officials concede that they have no evidence to date that the documents led to anyone’s death.”


    Now we have exactly the same thing here. There’s an anonymously made claim that Russia and China “cracked the top-secret cache of files” from Snowden’s, but there is literally zero evidence for that claim. These hidden officials also claim that American and British agents were unmasked and had to be rescued, but not a single one is identified. There is speculation that Russia and China learned things from obtaining the Snowden files, but how could these officials possibly know that, particularly since other government officials are constantly accusing both countries of successfully hacking sensitive government databases?

    What kind of person would read evidence-free accusations of this sort from anonymous government officials – designed to smear a whistleblower they hate – and believe them? That’s a particularly compelling question given that Vice’s Jason Leopold just last week obtained and published previously secret documents revealing a coordinated smear campaign in Washington to malign Snowden. Describing those documents, he reported: “A bipartisan group of Washington lawmakers solicited details from Pentagon officials that they could use to ‘damage’ former NSA contractor Edward Snowden’s ‘credibility in the press and the court of public opinion.'”

    Manifestly then, the “journalism” in this Sunday Times articles is as shoddy and unreliable as it gets. Worse, its key accusations depend on retraction-level lies.

    The government accusers behind this story have a big obstacle to overcome: namely, Snowden has said unequivocally that when he left Hong Kong, he took no files with him, having given them to the journalists with whom he worked, and then destroying his copy precisely so that it wouldn’t be vulnerable as he traveled. How, then, could Russia have obtained Snowden’s files as the story claims – “his documents were encrypted but they weren’t completely secure ” – if he did not even have physical possession of them?

    The only way this smear works is if they claim Snowden lied, and that he did in fact have files with him after he left Hong Kong. The Sunday Times journalists thus include a paragraph that is designed to prove Snowden lied about this, that he did possess these files while living in Moscow:

    It is not clear whether Russia and China stole Snowden’s data, or whether he voluntarily handed over his secret documents in order to remain at liberty in Hong Kong and Moscow.

    David Miranda, the boyfriend of the Guardian journalist Glenn Greenwald, was seized at Heathrow in 2013 in possession of 58,000 “highly classified” intelligence documents after visiting Snowden in Moscow.

    What’s the problem with that Sunday Times passage? It’s an utter lie. David did not visit Snowden in Moscow before being detained. As of the time he was detained in Heathrow, David had never been to Moscow and had never met Snowden. The only city David visited on that trip before being detained was Berlin, where he stayed in the apartment of Laura Poitras.

    The Sunday Times “journalists” printed an outright fabrication in order to support their key point: that Snowden had files with him in Moscow. This is the only “fact” included in their story that suggests Snowden had files with him when he left Hong Kong, and it’s completely, demonstrably false (and just by the way: it’s 2015, not 1971, so referring to gay men in a 10-year spousal relationship with the belittling term “boyfriends” is just gross).

    Then there’s the Sunday Times claim that “Snowden, a former contractor at the CIA and National Security Agency (NSA), downloaded 1.7m secret documents from western intelligence agencies in 2013.” Even the NSA admits this claim is a lie. The NSA has repeatedly said that it has no idea how many documents Snowden downloaded and has no way to find out. As the NSA itself admits, the 1.7 million number is not the number the NSA claims Snowden downloaded – they admit they don’t and can’t know that number – but merely the amount of documents he interacted with in his years of working at NSA. Here’s then-NSA chief Keith Alexander explaining exactly that in a 2014 interview with the Australian Financial Review:

    AFR: Can you now quantify the number of documents [Snowden] stole?

    Gen. Alexander: Well, I don’t think anybody really knows what he actually took with him, because the way he did it, we don’t have an accurate way of counting. What we do have an accurate way of counting is what he touched, what he may have downloaded, and that was more than a million documents.

    Let’s repeat that: “I don’t think anybody really knows what he actually took with him, because the way he did it, we don’t have an accurate way of counting.” Yet someone whispered to the Sunday Times reporters that Snowden downloaded 1.7 million documents, so like the liars and propagandists that they are, they mindlessly printed it as fact. That’s what this whole article is.

    Then there’s the claim that the Russian and Chinese governments learned the names of covert agents by cracking the Snowden file, “forcing MI6 to pull agents out of live operations in hostile countries.” This appears quite clearly to be a fabrication by the Sunday Times for purposes of sensationalism, because if you read the actual anonymous quotes they include, not even the anonymous officials claim that Russia and China hacked the entire archive, instead offering only vague assertions that Russian and China “have information.”

    Beyond that, how could these hidden British officials possibly know that China and Russia learned things from the Snowden files as opposed to all the other hacking and spying those countries do? Moreover, as pointed out last night by my colleague Ryan Gallagher – who has worked for well over a year with the full Snowden archive – “I’ve reviewed the Snowden documents and I’ve never seen anything in there naming active MI6 agents.” He also said: “I’ve seen nothing in the region of 1m documents in the Snowden archive, so I don’t know where that number has come from.”

    Finally, none of what’s in the Sunday Times is remotely new. US and UK government officials and their favorite journalists have tried for two years to smear Snowden with these same claims. In June, 2013, the New York Times gave anonymity to “two Western intelligence experts, who worked for major government spy agencies” who “said they believed that the Chinese government had managed to drain the contents of the four laptops that Mr. Snowden said he brought to Hong Kong.” The NYT‘s Public Editor chided the paper for printing that garbage, and as I reported in my book, then-editor-in-chief Jill Abramson told the Guardian‘s Janine Gibson that they should not have printed that, calling it “irresponsible.” (And that’s to say nothing of the woefully ignorant notion that Snowden – or anyone else these days – stores massive amounts of data on “four laptops” as opposed to tiny thumb drives).

    The GOP’s right-wing extremist Congressman Mike Rogers constantly did the same thing. He once announced with no evidence that “Snowden is working with Russia” – a claim even former CIA Deputy Director Michael Morell denies – and also argued that Snowden should “be charged with murder” for causing unknown deaths. My personal favorite example of this genre of reckless, desperate smears is the Op-Ed which the Wall Street Journal published in May, 2014, by neocon Edward Jay Epstein, which had this still-hilarious paragraph:

    A former member of President Obama’s cabinet went even further, suggesting to me off the record in March this year that there are only three possible explanations for the Snowden heist: 1) It was a Russian espionage operation; 2) It was a Chinese espionage operation, or 3) It was a joint Sino-Russian operation.

    It must be one of those, an anonymous official told me! It must be! Either Russia did it. Or China did it. Or they did it together! That is American journalism.

    The Sunday Times today merely recycled the same evidence-free smears that have been used by government officials for years – not only against Snowden, but all whistleblowers – and added a dose of sensationalism and then baked it with demonstrable lies. That’s just how western journalism works, and it’s the opposite of surprising. But what is surprising, and grotesque, is how many people (including other journalists) continue to be so plagued by some combination of stupidity and gullibility, so that no matter how many times this trick is revealed, they keep falling for it. If some anonymous government officials said it, and journalists repeat it while hiding who they are, I guess it must be true.



    UPDATE: The Sunday Times has now quietly deleted one of the central, glaring lies in its story: that David Miranda had just met with Snowden in Moscow when he was detained at Heathrow carrying classified documents. By “quietly deleted,” I mean just that: they just removed it from their story without any indication or note to their readers that they’ve done so (though it remains in the print edition and thus requires a retraction). That’s indicative of the standard of “journalism” for the article itself. Multiple other falsehoods, and all sorts of shoddy journalistic practices, remain thus far unchanged.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member

    Snowden's Lawyer Jesselyn Radack: “Snowden is safest in Russia”
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Popular Security Software Came Under Relentless NSA and GCHQ Attacks - The Intercept

    Popular Security Software Came Under Relentless NSA and GCHQ Attacks




    The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden.

    The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the U.K., claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products.

    British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The U.S. spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.

    The efforts to compromise security software were of particular importance because such software is relied upon to defend against an array of digital threats and is typically more trusted by the operating system than other applications, running with elevated privileges that allow more vectors for surveillance and attack. Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the U.S. and U.K. have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware.

    Anti-virus software is an ideal target for a would-be attacker, according to Joxean Koret, a researcher with Coseinc, a Singapore-based information security consultancy. “If you write an exploit for an anti-virus product you’re likely going to get the highest privileges (root, system or even kernel) with just one shot,” Koret told The Intercept in an email. “Anti-virus products, with only a few exceptions, are years behind security-conscious client-side applications like browsers or document readers. It means that Acrobat Reader, Microsoft Word or Google Chrome are harder to exploit than 90 percent of the anti-virus products out there.”

    (Disclosure: One of the authors of this report, Morgan Marquis-Boire, spoke at a Kaspersky Lab event in Puerto Rico in 2013 and at another in London in 2014. He was not paid for either event, but the cost of his travel and accommodation were covered by the company.)

    Reverse engineering Kaspersky software


    Eugene Kaspersky, chairman, CEO and founder of Kaspersky Lab. (Bloomberg/Getty)

    Bloomberg/Getty Images

    According to a top-secret GCHQ warrant renewal request written in 2008 and published today by The Intercept, the British spy agency viewed Kaspersky software as an obstruction to its hacking operations and needed to reverse engineer it to find ways to neutralize the problem. Doing so required obtaining a warrant.


    “Personal security products such as the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ’s CNE [Computer Network Exploitation] capability and SRE is essential in order to be able to exploit such software and to prevent detection of our activities,” the warrant renewal request said. “Examination of Kaspersky and other such products continues.” The warrant renewal request also states that GCHQ reverse engineers anti-virus programs to assess their fitness for use by government agencies.

    The requested warrant, provided under Section 5 of the U.K.’s 1994 Intelligence Services Act, must be renewed by a government minister every six months. The document published today is a renewal request for a warrant valid from July 7, 2008 until January 7, 2009. The request seeks authorization for GCHQ activities that “involve modifying commercially available software to enable interception, decryption and other related tasks, or ‘reverse engineering’ software.”

    Software reverse engineering, or “reversing,” is a collection of techniques for deciphering and analyzing how a program operates. The process can be as simple as observing the flow of data into and out of the program, or as complex as analyzing the machine code — 1s and 0s — to look into the software’s inner workings, including portions of the code that are not explained in the manual or other program documentation. Put simply, it often means taking thousands of commands that instruct the computer exactly what to do and working backwards to translate them into a format that’s more intelligible to a human being.

    Reversing is a common, often benign practice among software developers that can be used to enable software from different companies to interoperate or to identify security vulnerabilities before they can be exploited by third parties. Software makers, fearing piracy, hacking and intellectual property theft, often forbid the practice in licensing agreements and sometimes protect the most sensitive inner workings of their software with encryption. Governments have passed laws, with digital media in mind, that strictly circumscribe tampering with this encryption. Software companies have also sued to block reverse engineering as copyright infringement, arguing that it is illegal to make a copy of a program in violation of their restrictions on such copying.

    GCHQ felt it needed legal cover to conduct reverse engineering, writing in the warrant renewal application that the practice could otherwise be “unlawful” and amount to “a copyright infringement or breach of contract.” As we explore in a related story today, the warrant is legally questionable on several grounds, in that it applies ISA section 5 to intellectual property for the first time, and GCHQ may be applying ISA section 5 to certain categories of domestic policing.

    It is unclear what GCHQ accomplished in its analysis of Kaspersky software, but GCHQ has repeatedly reverse engineered software to discover vulnerabilities. Rather than report the vulnerabilities to the companies, spy agencies have quietly stockpiled numerous exploits for a wide range of commercial hardware and software, using them to hack adversaries.

    Collecting leaky data
    The NSA, like GCHQ, has studied Kaspersky Lab’s software for weaknesses. In 2008, an NSA research team discovered that Kaspersky software was transmitting sensitive user information back to the company’s servers, which could easily be intercepted and employed to track users, according to a draft of a top-secret report.

    The information was embedded in “User-Agent” strings included in the headers of Hypertext Transfer Protocol, or HTTP, requests. Such headers are typically sent at the beginning of a web request to identify the type of software and computer issuing the request.







    According to the draft report, NSA researchers found that the strings could be used to uniquely identify the computing devices belonging to Kaspersky customers. They determined that “Kaspersky User-Agent strings contain encoded versions of the Kaspersky serial numbers and that part of the User-Agent string can be used as a machine identifier.” They also noted that the “User-Agent” strings may contain “information about services contracted for or configurations.” Such data could be used to passively track a computer to determine if a target is running Kaspersky software and thus potentially susceptible to a particular attack without risking detection.

    In a statement emailed to The Intercept, Kaspersky Lab denied that its “User-Agent” strings could be used against its customers. “The information is depersonalized and cannot be attributed to a specific user or company,” the statement read. “We take all possible measures to protect this data from being compromised, for example through strong encryption.”

    But Kaspersky’s measures sometimes appear to fall short. In 2012, Twitter user @cryptoOCDrob posted a screenshot of Kaspersky software leaking unencrypted data while checking website reputation. Two years later, another Twitter user, Christopher Lowson, claimed that his email address, license key and other details were being sent by Kaspersky without encryption.

    Testing performed by The Intercept last month on a trial copy of “Kaspersky Small Business Security 4” determined that, while some traffic was indeed encrypted, a detailed report of the host’s hardware configuration and installed software was relayed back to Kaspersky entirely unencrypted. By the time of publication, Kaspersky told The Intercept via email, it was unable to reproduce these results.

    Screenshot of unencrypted communication between Kaspersky’s anti-virus software and remote Kaspersky servers


    Email surveillance
    Another way the NSA targets foreign anti-virus companies appears to be to monitor their email traffic for reports of new vulnerabilities and malware. A 2010 presentation on “Project CAMBERDADA” shows the content of an email flagging a malware file, which was sent to various anti-virus companies by François Picard of the Montréal-based consulting and web hosting company NewRoma. The presentation of the email suggests that the NSA is reading such messages to discover new flaws in anti-virus software.

    Picard, contacted by The Intercept, was unaware his email had fallen into the hands of the NSA. He said that he regularly sends out notification of new viruses and malware to anti-virus companies, and that he likely sent the email in question to at least two dozen such outfits. He also said he never sends such notifications to government agencies. “It is strange the NSA would show an email like mine in a presentation,” he added.

    The NSA presentation goes on to state that its signals intelligence yields about 10 new “potentially malicious files per day for malware triage.” This is a tiny fraction of the hostile software that is processed. Kaspersky says it detects 325,000 new malicious files every day, and an internal GCHQ document indicates that its own system “collect around 100,000,000 malware events per day.”

    After obtaining the files, the NSA analysts “[c]heck Kaspersky AV to see if they continue to let any of these virus files through their Anti-Virus product.” The NSA’s Tailored Access Operations unit “can repurpose the malware,” presumably before the anti-virus software has been updated to defend against the threat.







    The Project CAMBERDADA presentation lists 23 additional AV companies from all over the world under “More Targets!” Those companies include Check Point software, a pioneering maker of corporate firewalls based Israel, whose government is a U.S. ally. Notably omitted are the American anti-virus brands McAfee and Symantec and the British company Sophos.







    There is a certain logic to monitoring reports flowing into anti-virus companies. Such reports include new malware, which can potentially be re-purposed, and intelligence about hostile actors. What’s more, information about security vulnerabilities in the AV software itself can be harvested. Anti-virus companies commonly, though not always, respond slowly to such reports, leaving a window in which spy agencies can potentially exploit these flaws. A 2012 report from Google security engineer Tavis Ormandy documented how, after alerting Sophos to multiple security vulnerabilities in its anti-virus software, the firm estimated it would require six months to patch all of the bugs. That estimate was later revised down 60 days for the entire set of fixes, according to Ormandy.

    It’s not clear exactly how many reports like Ormandy’s have been piling up at anti-virus companies. But Koret, the security researcher, suggests that most AV companies have serious problems in this area. “During a period of ~1 year I researched more or less 17 AV engines,” he wrote in an email. “I found vulnerabilities in 14 AV engines.”

    Anti-virus firms vs. intelligence agencies
    As government spies have sought to evade anti-virus software, the anti-virus firms themselves have exposed malware created by government spies. Among them, Kaspersky appears to be the sharpest thorn in the side of government hackers. In the past few years, the company has proven to be a prolific hunter of state-sponsored malware, playing a role in the discovery and/or analysis of various pieces of malware reportedly linked to government hackers, including the superviruses Flame, which Kaspersky flagged in 2012; Gauss, also detected in 2012; Stuxnet, discovered by another company in 2010; and Regin, revealed by Symantec. In February, the Russian firm announced its biggest find yet: the “Equation Group,” an organization that has deployed espionage tools widely believed to have been created by the NSA and hidden on hard drives from leading brands, according to Kaspersky. In a report, the company called it “the most advanced threat actor we have seen” and “probably one of the most sophisticated cyber attack groups in the world.”

    Hacks deployed by the Equation Group operated undetected for as long as 14 to 19 years, burrowing into the hard drive firmware of sensitive computer systems around the world, according to Kaspersky. Governments, militaries, technology companies, nuclear research centers, media outlets and financial institutions in 30 countries were among those reportedly infected. Kaspersky estimates that the Equation Group could have implants in tens of thousands of computers, but documents published last year by The Intercept suggest the NSA was scaling up their implant capabilities to potentially infect millions of computers with malware.

    Kaspersky’s adversarial relationship with Western intelligence services is sometimes framed in more sinister terms; the firm has been accused of working too closely with the Russian intelligence service FSB. That accusation is partly due to the company’s apparent success in uncovering NSA malware, and partly due to the fact that its founder, Eugene Kaspersky, was educated by a KGB-backed school in the 1980s before working for the Russian military.

    Kaspersky has repeatedly denied the insinuations and accusations. In a recent blog post, responding to a Bloomberg article, he complained that his company was being subjected to “sensationalist … conspiracy theories,” sarcastically noting that “for some reason they forgot our reports” on an array of malware that trace back to Russian developers.

    He continued, “It’s very hard for a company with Russian roots to become successful in the U.S., European and other markets. Nobody trusts us — by default.”

    Kaspersky Lab openly cooperates with multiple international law enforcement agencies on cybercrime cases, but no inappropriate links to the FSB have ever been proven. Meanwhile, cozy relationships with intelligence agencies are not uncommon among Western technology companies. The CIA-backed venture capital firm In-Q-Tel has helped build over 200 tech start-ups, including cybersecurity firms FireEye and ReversingLabs and big data intelligence firms Palantir and Recorded Future. Previous reporting from the Snowden archive has shown that Microsoft, Google, Yahoo, Facebook, Apple, AOL and PalTalk all actively participated in the NSA’s PRISM surveillance program.

    No stranger to targeted cyberattacks, Kaspersky Lab announced earlier this month that it had been the victim of a sophisticated intrusion. In an email, Kaspersky Lab told The Intercept, ”It is extremely worrying that government organizations would be targeting us instead of focusing resources against legitimate adversaries, and working to subvert security software that is designed to keep us all safe. However, this doesn’t come as a surprise. We have worked hard to protect our end users from all types of adversaries. This includes both common cyber-criminals or nation state-sponsored cyber-espionage operations.”

    When asked for comment, the NSA and GCHQ declined to respond on the record to the specifics of this story.
     
    SeaAb

    SeaAb

    Legendary Member
    Staff member
    Super Penguin
    Documentary Film - Edward Snowden Documentary New

    Thanks for sharing @J. Abizeid

    What a powerful and chilling documentary! It's a shame that the leaks are still not getting the appropriate coverage. Regrettably, the public outcry has been miniscule IMO compared to the gravity of the situation we are all in right now. And to think that some people are labelling Snowden as a 'traitor' is mind-boggling...

    ***Since Lavabit has already shut down, what's the best encrypted email service available at the moment?
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    US 'spied on French presidents' - Wikileaks - BBC News

    US 'spied on French presidents' - Wikileaks



    The US National Security Agency (NSA) spied on French Presidents Jacques Chirac, Nicolas Sarkozy and Francois Hollande in 2006-12, WikiLeaks says.

    The whistleblower website cites "top secret intelligence reports and technical documents" from the NSA.

    US state department spokesman John Kirby said: "We do not comment on the veracity or content of leaked documents." France has made no comment.

    The NSA was earlier accused of spying on German Chancellor Angela Merkel.

    That allegation arose from documents leaked by former NSA contractor Edward Snowden about large-scale US surveillance in 2013.


    However, earlier this month Germany dropped its investigation, saying the NSA had failed to provide enough evidence to justify legal action.

    On Tuesday, Wikileaks said it began publishing the files under the heading "Espionnage Elysee" - a reference to the French presidential palace.

    It said the secret files "derive from directly targeted NSA surveillance of the communications" of the three French presidents as well as French ministers and the ambassador to the US.

    One of the files, dated 2012, is about Mr Hollande discussing Greece's possible exit from the eurozone.

    It is unclear whether the material comes from the data stolen by Edward Snowden, the BBC's security correspondent Gordon Corera says.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    WikiLeaks files reveal US wiretapped French presidents Hollande, Sarkozy and Chirac - ABC News (Australian Broadcasting Corporation)

    WikiLeaks files reveal US wiretapped French presidents Hollande, Sarkozy and Chirac



    The United States wiretapped France's current president Francois Hollande, as well as former presidents Jacques Chirac and Nicolas Sarkozy, according to WikiLeaks.

    The revelations were first reported in French daily Liberation and on news website Mediapart, which said the National Security Agency spied on the presidents during a period between at least 2006 until May 2012, the month Mr Hollande took over from Mr Sarkozy.

    WikiLeaks said the documents derived from directly targeted NSA surveillance of the communications of Mr Hollande (2012-present), Mr Sarkozy (2007-2012) and Mr Chirac (1995-2007), as well as French cabinet ministers and the French ambassador to the US.

    The documents also contained the mobile phone numbers of numerous officials in the Elysee presidential palace, including the number of the president, WikiLeaks said.

    They included summaries of conversations between French government officials on the global financial crisis, the Greek debt crisis, and the relationship between the Hollande administration and the German government of Angela Merkel.

    Former NSA employee Edward Snowden created an uproar in Germany after he revealed that Washington had carried out large-scale electronic espionage in Germany and claimed the NSA had bugged Ms Merkel's phone.

    "While the German disclosures focused on the isolated fact that senior officials were targeted by US intelligence, WikiLeaks' publication today provides much greater insight into US spying on its allies," WikiLeaks said.

    This includes "the actual content of intelligence products deriving from the intercepts, showing how the US spies on the phone calls of French leaders and ministers for political, economic and diplomatic intelligence".

    WikiLeaks foreshadows further revelations
    The most recent document was dated May 22, 2012, just days before Mr Hollande took office, and revealed the French leader "approved holding secret meetings in Paris to discuss the eurozone crisis, particularly the consequences of a Greek exit from the eurozone".

    Another document dated 2008 was titled "Sarkozy sees himself as only one who can resolve world financial crisis".

    Neither Mr Hollande's office nor Washington would comment on the information.

    When contacted on Tuesday, Mr Hollande's aide said: "We will see what it is about".

    "We do not comment on the veracity or content of leaked documents," US State Department spokesman John Kirby said.

    WikiLeaks said French readers could "expect more timely and important revelations in the near future".

    Last week, WikiLeaks published more than 60,000 diplomatic cables from Saudi Arabia and said on its website it would release half a million more in the coming weeks.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Honor among thieves.....


    ‘Espionnage Élysée’: Wikileaks says NSA spied on last 3 French presidents
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    France holds emergency talks after allegations U.S. spied on 3 presidents | CTV News

    France holds emergency talks after allegations U.S. spied on 3 presidents


    French President Francois Hollande speaks during a media conference at an EU summit in Brussels on June 22, 2015. (AP / Michel Euler)

    PARIS - French President Francois Hollande is holding an emergency meeting with the country's top security officials to respond to WikiLeaks documents saying that the U.S. National Security Agency eavesdropped on the last three French presidents.

    A French presidential aide said Wednesday's meeting was convened to evaluate the information released and draw relevant conclusions. The aide was not authorized to be publicly named.

    The documents published in French daily newspaper Liberation and investigative website Mediapart late Tuesday include material that appeared to capture officials in Paris talking candidly about Greece's economy and relations with Germany.

    Ironically, they also include discussions about American espionage of its allies.

    There was no instant confirmation of the accuracy of the documents, though WikiLeaks has a track record of publishing intelligence and diplomatic material.

    WikiLeaks spokesman Kristinn Hrafnsson told The Associated Press he was confident the documents were authentic, noting that WikiLeaks' previous mass disclosures - including a large cache of Saudi diplomatic memos released last week - have proven to be accurate.

    The release appeared to be timed to coincide with a vote in the French Parliament on a bill allowing broad new surveillance powers, in particular to counter terrorist threats. The Senate approved it Tuesday and the lower house of parliament is expected to give it final approval Wednesday.

    The release prompted uproar among French politicians, although it didn't reveal any huge surprises or secrets. France is among several U.S. allies that rely heavily on American spying powers when trying to prevent terrorist and other threats.

    Hollande's office didn't comment beyond announcing Wednesday's security meeting, though his Socialist Party issued an angry statement saying the reports suggest "a truly stupefying state paranoia." Even if the government was aware of such intercepts, the party said, that doesn't mean "that this massive, systematic, uncontrolled eavesdropping is tolerable."

    An aide to Hollande's predecessor Nicolas Sarkozy told The AP that the former president considers these methods unacceptable, especially from an ally. The aide was not authorized to be publicly named.

    There was no immediate comment from former President Jacques Chirac, also reportedly targeted by the eavesdropping.

    U.S. National Security Council spokesman Ned Price released a statement Tuesday evening saying the U.S. is "not targeting and will not target the communications of President Hollande."

    "We do not conduct any foreign intelligence surveillance activities unless there is a specific and validated national security purpose," Price added. "This applies to ordinary citizens and world leaders alike. We work closely with France on all matters of international concern, and the French are indispensable partners."

    Price did not address claims that the U.S. had previously eavesdropped on Hollande or his predecessors.

    Ever since documents leaked by former NSA contractor Edward Snowden showed in 2013 that the NSA had been eavesdropping on the cellphone of German Chancellor Angela Merkel, it had been understood that the U.S. had been using the digital spying agency to intercept the conversations of allied politicians.
     
    J. Abizeid

    J. Abizeid

    Well-Known Member
    Espionnage Élysée

    Press Release Top French NSA Targets Top French NSA Intercepts
    English | French

    Today, 23 June 2015, WikiLeaks began publishing "Espionnage Élysée", a collection of TOP SECRET intelligence reports and technical documents from the US National Security Agency (NSA) concerning targeting and signals intelligence intercepts of the communications of high-level officials from successive French governments over the last ten years.

    The top secret documents derive from directly targeted NSA surveillance of the communications of French Presidents Francois Hollande (2012–present), Nicolas Sarkozy (2007–2012), and Jacques Chirac (1995–2007), as well as French cabinet ministers and the French Ambassador to the United States. The documents also contain the "selectors" from the target list, detailing the cell phone numbers of numerous officials in the Elysee up to and including the direct cell phone of the President.

    Prominent within the top secret cache of documents are intelligence summaries of conversations between French government officials concerning some of the most pressing issues facing France and the international community, including the global financial crisis, the Greek debt crisis, the leadership and future of the European Union, the relationship between the Hollande administration and the German government of Angela Merkel, French efforts to determine the make-up of the executive staff of the United Nations, French involvement in the conflict in Palestine and a dispute between the French and US governments over US spying on France.

    A founding member state of the European Union and one of the five permanent members of the UN Security Council, France is formally a close ally of the United States, and plays a key role in a number of US-associated international institutions, including the Group of 7 (G7), the North Atlantic Treaty Organization (NATO) and the World Trade Organization (WTO).

    The revelation of the extent of US spying against French leaders and diplomats echoes a previous disclosure in the German press concerning US spying on the communications of German Chancellor Angela Merkel and other German officials. That disclosure provoked a political scandal in Germany, eventuating in an official inquiry into German intelligence co-operation with the United States, which is still ongoing.

    While the German disclosures focused on the isolated fact that senior officials were targeted by US intelligence, WikiLeaks' publication today provides much greater insight into US spying on its allies, including the actual content of intelligence products deriving from the intercepts, showing how the US spies on the phone calls of French leaders and ministers for political, economic and diplomatic intelligence.

    WikiLeaks founder Julian Assange said: "The French people have a right to know that their elected government is subject to hostile surveillance from a supposed ally. We are proud of our work with leading French publishers Liberation and Mediapart to bring this story to light. French readers can expect more timely and important revelations in the near future."
     
    Top