GCHQ Could Be Fined For Latest Series Of Job Adverts

GCHQ are known for their presence within the UK as the cyber spies, the first and last defence against digital threats within the UK. In recent years though they have not had the best image, with incidents like being given permission to spy on politicians, recommending users store their passwords in software and do away with remembering them and breaching human rights with their internet surveillance. Their latest issue may be something a little more low-tech, with their latest job adverts possibly resulting in them being fined.

Hackney council has stated that they will fine and ask that GCHQ clean up their advertisements as they didn’t have permission to create the advert in Shoreditch.

https://twitter.com/JamesLiamCook/status/664064611642163200/photo/1

Featuring a pun on their name, combined with a web address, the adverts were created by using a technique called reverse graffiti. This means that instead of applying paint or another material atop the surface, you use a stencil and a power washer to remove and clean off the top layer of dirt, resulting in a white depiction of your stencil.

The adverts have also been spotted in Manchester, Birmingham, Wolverhampton and Leeds.  GCHQ claim that they were led to believe that Hackney Borough Council had an issue with clean graffiti on street furniture, not pavements.

If only they had a copy of the email that people sent with this information…

No Encryption-Backdoor For Obama Administration

More and more we are being informed about digital security issues that affect us. From leaders like David Cameron stating he would remove encryption within the UK and even the head of MI5 joining Camerons crusade to remove end-to-end encryption within the UK. Recently we even learnt (courtesy of Edward Snowden yet again) that Microsoft may have even actively helped governments bypass encryption. With all this scary news, it’s about time we had some positive news regarding encryption right? Que FBI director James Comey.

At a congressional panel, James Comey stepped forward and stated that the Obama administration would not ask congress for legislation requiring a backdoor into encryption protected systems. Starting from the beginning, what is an ‘encryption backdoor’?.

Earlier this year it was suggested by several government officials and even company leaders, that in order to avoid practices such as illegally intercepting and gaining access to systems to read your private and confidential details they could instead be given a key. This would give them legal access to the systems, and discussions about this led to the idea of a split key. A key where no one company or government agency would have access to the whole key, therefore requiring the permissions of all the government groups in order to use it.

This is the first time a public spokesmen has come out with any official line going against the idea of encryption backdoors. The question now is will companies and agencies stop asking for them?

Thank you Ars Technica for the information.

Retweeting ISIS Could Land You In Jail In The US

This story is compelling for a number of reasons which include the potential ramifications, the FBI considers retweets as endorsements with the emphases squarely pointed at those containing IS statements. This theory has been proven again by the arrest of an individual by the name of Ali Saleh who is a 22-year-old Queens resident. His detainment followed an FBI investigation into his attempts to join ISIS; the reported mentioned evidence included the tracking of Twitter related activity by Saleh.

According to information contained and submitted within the complaint to the Federal Court in Brooklyn. FBI special agent Bret Luhmann stated that Saleh had attempted on a number of occasions to travel to Syria with the aim of joining the terrorist group. Among the social media activity which has been collected for evidence purposes from this individual includes the sentence “I’m ready to die (for ISIS) Prison is nothing” Saleh proclaimed while retweeting a message which was posted by another user.

On the face of it Saleh has been arrested for more than numerous incendiary retweets after being placed under the microscope by law enforcement, this includes alleged active attempts to travel to Yemen and Istanbul by booking a seat for a flight which he later decided to miss. The problem lays with the FBI and its interpretation, many users tweet hashtags and statements which are connected to terrorist acts for a variety of legitimate reasons, these could include informing followers of brutal acts which have been covered by many news outlets or other user experiences, to protest against such behaviour or simply to parody the situation.

Take the aftermath of the arrest of convicted Boston Bomber Dzhokhar Tsarnaev, a substantial amount of people retweeted the social media account of said person in a kind of expose to highlight the individual behind such tragic actions. To further convey the ambiguity, a 17-year-old Virginia resident was arrested this summer of 2015, after frequently retweeting flattering statements about ISIS leader Abu Bakr al-Baghdadi.

Now, let’s take an extreme situation, how would the FBI or any other agency react to a user who felt seriously depressed and conveyed suicidal thoughts through tweets and phrase retweets, would they be considered ISIS sympathisers or in imminent danger or going on a shooting spree, if their intentions were considered to be terrorist related? This is the ambiguity, there needs to be more evidence which is garnered before a person is suspected of malicious intentions.

Logically, and I know governments struggle with this concept, you would only be arrested after a build up of various intelligence actions from a person who was under suspicion, otherwise, there is going to be a hell of a lot of people arrested if it is based on certain tweets, which no agency in the world has the resources to deal with on a continuous basis.

Thank you nydailynews and scribd or providing us with this information.

Image courtesy of atuffcartoons

Here’s How a Hack Took Down Other ‘Legitimate’ Hackers

Before we continue, you might be wondering how could there be ‘legitimate’ hackers. Well, companies such as the one that got hacked, by the name of Hacking Team, exist out there. They usually sell their hacks and services to governments or secret agencies, which make them a key ally and are allowed to continue their work. However, the latest hack proved that even they can be taken down.

Hacking Team is known for selling its services to agencies such as the FBI, DEA, Australian police, or even countries such as Bahrain, Ethiopia, and Sudan. However, the latter could not be proven since they could easily pin everything on their contractors and we all know how good governments and agencies are at denying allegations. Also, they had the ability to keep their code as well as other exploits they used in software products secure, so targeted individuals, companies or even other governments could not do anything about it.

But their operation came to and end, having their systems compromised by a hack that took over 400 GB of data, including their own source codes used for creating the spyware. This means that other developers can now use the data and patch or protect their systems in the future. Hacking Team is said to have been forced to close their company down until further notice, but it’s highly likely they will be operational again in the near future.

There is no official confirmation about who hacked the spyware company, but it is said that Wikileaks focused on latter companies in the past, so nobody can rule out their implications in this. However, sources say that the hack was performed by an independent freelance hacker, so this makes it even harder to pinpoint the attacker.

Thank you The Verge for providing us with this information

The NSA Has Its Own Special Room for Watching Hardcore Porn

The news may seem a bit awkward, but US forces have found a large stash of adult entertainment content after raiding Osama bin Laden’s compound in Pakistan.

This proves two things, one being that terrorists are perverts and the other may indicate that there are hidden messages in some of the pornographic material. NSA analysts were then tasked to visit the websites frequented by jihadists in search of encrypted messages in the digital porn clips and photos.

“We have terabytes of this stuff,” an US intelligence analyst told The Daily Beast.”It isn’t possible that they are encrypting messages in all of this stuff. Some of these guys are just perverts.”

Watching porn all day long and getting paid for it may seem a great job, but the reality of it is that the content may be disturbing at some point. It is said that not all clips and photos are similar to what you know from PornHub related sites, having some of it including pornographic images of children.

This is why the intelligence agency has a squad of psychiatrists and therapists to help employees tasked with the job of watching these pornographic material cope with what they see.

“They’re being exposed to material that, day in and day out, we’re not exposed to broadly in America,” a senior physician with the CIA’s Office of Medical told Daily Beast.”That has its own sort of impact and own sort of, for lack of a better term, shock value.”

“Typically, for operators working in support of military operations, they’re told, ‘You’re going to see images that might disturb you. Just prepare yourself and realise there are counselling resources available to you,'” an ex-chief of the NSA’s elite Tailored Access Operations group added.

Employees who work with this type of material are not uncommon to go through regular depressions and grief, in addition to feelings of anger and a sense of urgency to track down those responsible.

Thank you News.com.au for providing us with this information

Thanks to Recent Hacks, US Lauching New Cyber Warfare Agency

Meet the Cyber Threat Intelligence Integration Center, or CTIIC for short, the US’ newest department on the cyber warfare front. Being announced later today by the president’s counter terrorism chief. This new department is a direct result of the recent hacks that fell upon Sony and JPMorgan, which caused President Obama to pledge a beefed up digital security for America.

Washing Post originally reported that one of the main purposes of the new CTIIC will be to sit between all the major agencies, to help aid in the shared data between them, hopefully preventing further attacks of similar nature.

After the Sony hack, the FBI, NSA, and CIA all had come to different conclusions, rather than agreeing on a single cohesive response.  This essentially was the final straw, prompting this change, allowing for a more unified analysis. The CTIIC will have rather small intial staff of only about 50, but a nice budget of $35 million a year. Its main focus will keep it from conducting any surveillance work on its own.

Face Recognition Technology Currently Being Tested by the FBI

Face recognition technology is nothing new, having agencies such as the National Security Agency denying the use of such technology on people, images and most likely anything that has a human face on it. However, the FBI looks like they are not trying to hide the technology or its use at all.

The Federal Bureau of Investigation has stated that it is in the process of building a database called the “Next Generation Identification database” by feeding portraits from local law enforcement agencies into the system.

It is said that the software is being built by MorphoTrust, a company which has been stated to have helped the State Department create its own face recognitions database. However, MorphoTrust and the State Department cannot currently join databases.

However, FBI Director James Comey appears not to rule out the possibility of eventually merging both databases in the near future. An estimated 52 million images have been said to be imported in the database by next year, having the Electronic Frontier Foundation already alarmed by the gigantic figure.

The EFF states that there is a strong possibility of many innocent people slipping into the pool. Despite the EFF warning, Director Comey apparently was unable to deny or at least assure people who will not be the case and that their driving license photos will be ‘safe’. Furthermore, the FBI director has also stated that he is not even sure if the EFF’s claims are accurate.

Having been asked specifically about the driving licenses, Director Comey related to possible circumstances in which pictures of people who are being granted special driving licenses to transport children or explosive material are being sent by state departments, thus having a high chance of eventually ending up in the database as well.

Thank you Endgadget for providing us with this information
Image courtesy of Endgadget

Angry Birds Maker Rovio Denies Allowing NSA To Spy On Its Users

Reports from Edward Snowden about alleged NSA spying techniques and ‘how deep the rabbit hole goes’ information have been rolling in since last year. The latest being a highly classified documentation relating to the collaboration between the NSA and GCHQ on collecting private user data for popular mobile applications such as Angry Birds. Following the accusations, Rovio released a press statement in which they denied having collaborating with either party to allow collection of private user data from their application

Rovio has clearly underlined the reports about their popular game as purely “speculations”, and if the reports about the agencies’ techniques in collecting the data are true, no device that “visits ad-enabled websites or uses ad-enabled applications is immune to such surveillance.”. However, the statement does not mention anything about the Angry Birds application might have failed at protecting its user database full of personal information.

Both agencies, as stated in the report, are able to collect data such as call logs, text messages, emails and more by simply exploiting popular mobile applications, but there was nothing in the documents which could hint at the companies which develop the applications could have directly collaborated with the NSA.

Thank you Ubergizmo for providing us with this information