With the amount of sensitive information stored on their servers, cloud providers take security very seriously. However, many cloud services actually use third-party servers like Amazon Web Services or Microsoft Azure to run their platform. Even for those with their own servers, the hardware is made by and supplied by third-parties. In light of security concerns, Apple is taking it to the next level and designing their own servers.
Right now, Apple uses Amazon, Microsoft and Google servers to help run iCloud in addition to their own hardware. While it might seem prudent to do everything in-house to keep things secure, Apple wants their servers to be designed themselves. As we know from Edward Snowden’s revelations, the NSA, and probably other spy agencies are prone to intercepting hardware mid-shipment and tampering with the hardware. Cisco for instance, has been one own past target and with Apple’s legal fight against the FBI, they may have been moved up the list.
By designing their own hardware, Apple will be able to make sure that everything is where it is supposed to be and no hardware has been added to it. With the massive scale of iCloud, Apple will be able to easily have whole manufacturing runs dedicated to them. Still, with their massive user base, running that many servers will be will a challenge for Apple. Nonetheless, Apple may soon get the total hardware control truly needed for true security.
In its recent arguments against the FBI, Apple has found companies rallying behind its arguments that you can’t force a company to break its own protection without risking others. Even Microsoft have come out saying that forcing Apple to do so would set a dangerous precedent for technology companies everywhere. Their latest support is a little bit different, with the former heads of the NSA and Homeland supporting encryption in this case.
Michael Chertoff was the head of Homeland Security and is one of the people who helped author the Patriot Act. Mike McConnell is the former head of the NSA and both of these people, former professionals within governments security sector, have come forward expressing support for encryption technologies.
In a panel, Chertoff stated that “if we [the people and governments] ask private sector to be in control of security, then we have to allow them to have tools to carry out that mission”. Chertoff then continued to say that trust is the fundamental basis of the “internet economic engine” and that “if we don’t come to an agreement with the majority of the world [around privacy] we could end up with multiple internets and lose the value of an interconnected world”.
McConnell on the other hand, suggested that a reasonable method to address the problem wouldn’t be the public flinging match that the FBI are keen to use to their advantage but instead to form “a legislatively direction commission of leading experts to have an informed dialog with all clearances to make reasonable recommendations”. He suggests that the public and even Congress don’t have the knowledge regarding cyber security matters to make an informed decision and that public opinions and fear could lead to decisions which will do nothing but harm companies government and people alike.
Encryption is currently under threat, somecountries already requiring backdoors and other compromising measures to be put in place. The debate on the effects of allowing encryption rages on in many nations, with institutions such as the FBI insisting on the ability to crack it even as tech industry giants warn them against it. An organization often thought to threaten cyber privacy, the NSA have staked out a pro-encryption stance.
The maelstrom of debate surrounding the crippling of encryption has centered on the idea that encryption would allow criminals and terrorists to hide more easily from police and governments. Allowing state powers access to all encrypted devices and transmissions has the key flaw that it could allow illicit groups access to any person’s data should the backdoor be leaked or cracked.
“Encryption is foundational to the future,” was what NSA Director Adm. Mike Rogers reported to the Atlantic Council, a Washington, D.C. think tank. He believes that the cybersecurity battles that could be in the near future would hinge on more widespread encryption, with massive hacks on government and corporate systems potentially leaking vital data only becoming more likely with worsened encryption. Compared to other figures like FBI Director James Comey, a crusader for encryption backdoors, Rogers doesn’t think that “security is the imperative and that ought to drive everything.” Instead, proper and widespread encryption should be an accepted thing and instead, intelligence organizations should work out the best way to deal with it. Rogers is not the first NSA director to support encryption either, with former NSA boss Mike McConnell and Michael Hayden, the NSA Director before him taking the same position.
“Spending time arguing about ‘hey, encryption is bad and we ought to do away with it’ … that’s a waste of time to me.” – Mike Rogers
The NSA defending encryption and privacy is certainly a good thing, but when you consider the information on them leaked by whistleblowers like Edward Snowdon, is there more to it than this? It is clear that the NSA have very advanced hacking and spying tactics, so maybe they don’t believe that encryption would impair them from getting the data they need. Rogers spoke nothing on the matter, so any discussion is idle speculation.
So far, the US Federal government has no intention of pursuing legislation against encryption, despite a small number of states already proposing bills that could compromise it. Maybe the NSA speaking out on the topic could cause a rethink on the matter and deter the US and other nations from ruining this key technology through law out of fear.
The former Technical Director of the NSA has warned that should the UK Investigatory Powers Bill – nicknamed the Snooper’s Charter – pass into law that it will result in the deaths of innocent people. Bill Binney says that the sheer quantity of information that GCHQ analysts will be forced to sift through will actually distract them from protecting citizens, leaving the country more vulnerable to attack.
“It is 99 per cent useless,” Binney said in a letter to MPs leaked by human rights group Liberty (via InfoSecurity). “Who wants to know everyone who has ever looked at Google or the BBC? We have known for decades that that swamps analysts,” adding that mass surveillance “costs lives, and has cost lives in Britain because it inundates analysts with too much data.”
While mass surveillance data has proved useful in the aftermath of, say, the World Trade Center attacks, to provide further background on the perpetrators, Binney argues that the act of collecting that data makes such an attack more likely to slip through the net.
“The net effect of the current approach is that people die first, even if historic records sometimes can provide additional information about the killers (who may be deceased by that time),” Binney wrote. “The alternative approach based on experience is to use social networks as defined by metadata relationships and some additional rules to smartly select data from the tens of terabytes flowing by. This focused data collected around known targets plus potential developmental targets and represented a much smaller set of content for analysts to look through.”
Binney, who left the NSA in 2011 in protest at its mass surveillance program and became a whistleblower, will be speaking to MPs at the Joint Committee today (6th January) about the ineffectiveness of GCHQ’s BLACK HOLE data collection system which will support the IP Bill.
Spies from the UK intelligence services worked with the US National Security Agency to hack firewalls developed by top internet security firm Juniper Networks, according to documents leaked by NSA whistleblower Edward Snowden. GCHQ, wanting to crack Juniper’s encryption, specifically sought help from the NSA for that task, Russia Today reports. A series of secret documents, dating back to 2011, show that the pair were complicit in targeting Juniper – an industry leader in firewall technology in certain parts of the world – to compromise its systems.
The first document, entitled “Assessment of Intelligence Opportunity – Juniper”, outlines how GCHQ and NSA targeted Juniper in order to maintain its mass surveillance programs without being impeded.
“The threat comes from Juniper’s investment and emphasis on being a security leader,” the document reads. “If the SIGINT community falls behind, it might take years to regain a Juniper firewall or router access capability if Juniper continues to rapidly increase their security.”
The documents also shed light on why Juniper specifically was chosen as GCHQ’s prey: its firewalls are popular in countries Pakistan, Yemen, and China, all of which are of great interest to US and UK intelligence.
Snowden himself commented on the story, tweeting that the story had seemingly been suppressed by US news outlets.
In recent years, we have had several revelations in regards to how and what our governments and our agencies do in order to “protect us”, this has at times included activities which go against the very laws and principles that the countries they swore to protect were founded on. One such group was the NSA, who as revealed by Edward Snowden, were mass recording and tracking their own citizens phones and emails, all without government or legal process followed; this is set to change.
As of 0459 GMT November 29th 2015, the NSA will be required to request records from telephone companies, rather than being able to directly record or access them via wire or in the middle. The records they can request will only contain who called who and when, they will not include recordings of the calls contents.
This change is a result of the USA Freedom Act that will allow the NSA to continue using Americans phone calls, but with limitations. Court orders must be gathered before accessing the metadata (the information about the calls) and must be related to a specific case, unlike before where the NSA was gathering every piece of information regarding your phone activity (and others) just “in case”.
With changes like this, the rights to privacy and security against misuse of the system are being built up more and more as we live in a world where no data is safe, be it held by a company or a government.
Following the massive leak of surveillance data by whistleblower Edward Snowden in 2013, it was revealed that the US National Security Agency (NSA – its headquarters pictured above) had been collecting e-mail metadata as part of a program it claimed ended in 2011. However, a lawsuit filed by the New York Times has revealed that the NSA effectively continued the program from 2011 onwards, just under a different rules, and under less scrutiny from the Foreign Intelligence Surveillance Court (FISC) than the previous iteration.
The New York Times filed a Freedom of Information Act lawsuit against the NSA – the newspaper is one of the greatest proponents of the FOIA, and has used it to investigate the treatment of Guantanamo Bay detainees and the secret interpretation of the Patriot Act – through which it obtained records that the NSA ended its e-mail records program, which was authorised under the Pen Register and Trap and Trace (PRTT) provision, as “other authorities can satisfy certain foreign intelligence requirements” that its own system “had been designed to meet.”
“The databases could be queried using an identifier such as an email address only when an analyst had a reasonable and articulable suspicion that the email address was associated with certain specified foreign terrorist organizations that were the subject of FBI counterterrorism investigations. The basis for that suspicion had to be documented in writing and approved by a limited number of designated approving officials identified in the Court’s Order. Moreover, if an identifier was reasonably believed to be used by a United States person, NSA’s Office of General Counsel would also review the determination to ensure that the suspected association was not based solely on First Amendment-protected activities.”
The two new methods that the NSA exploited to continue collecting e-mail metadata without the above oversight were:
Obtaining data collected by foreign intelligence agencies, such as the UK’s GCHQ, and;
Using the Foreign Intelligence Surveillance Act Amendments of 2008 to collect the metadata of non-citizens of home soil without a warrant, which included e-mails sent to and from US citizens.
The NSA and Office of the Director of National Intelligence did not respond to the New York Times’ request for comment on these revelations.
In the wake of the tragic and devastating attacks in Paris last week, many questioned why the authorities were unable to predict and stop the attacks. In fact, despite the wide-ranging and intrusive surveillance systems in place, the only whiff of intelligence was about a generalized threat against France. Now many officials are coming out across the spectrum and blaming Edward Snowden and his leaks for allowing the terrorists to go undetected.
Former director of the CIA James Woolsey has been among the most forceful, claiming Snowden “has blood on his hands” while current CIA director John Brennan blames the unauthorised disclosures as well. London Mayor Boris Johnson has also blamed Snowden for teaching the terrorists “how to avoid being caught”.
Encryption and methods of avoiding electronic detection, however, have not been new to the terrorist toolkit. Since before the 9/11 attacks and in the many that followed it, terrorists have used encryption and other methods of secure communication to co-ordinate. Those attacks all happened before Snowden even revealed the surveillance systems in place, revelations which only confirmed what many already believed the government was already doing. This is especially true of terrorists who knew they would be monitored and generally used methods to conceal themselves already, with Bin Laden famously using couriers only to communicate.
With the focus in recent days on backdoors, it would not be surprising to see pressure placed on Sony to allow monitoring of the PSN and PS4 given its use by the terrorists. Even if governments end up creating backdoors in many popular products, there will still be nothing to stop peer-to-peer encryption and other forms of encrypted communications from being used.
In a development that is likely to place more pressure on the technology sector, reports are coming out that the perpetrators of the recent Paris attacks used Sony PS4s to communicate and coordinate their attack. This comes after authorities have taken away the PS4s from the attackers homes and Belgian home affairs minister has said that the PS4 was chosen due to its difficulty to track.
Games and consoles have always been on the radar for authorities in monitoring suspects. After all, Edward Snowden revealed that the NSA and GCHQ had agents embedded into MMORPG World of Warcraft and Second Life in order to monitor suspects. XBox Live was monitored and part of the reason many were hesitant about the always on functions of the new consoles and the once mandatory Kinect.
At that time, PSN, the Sony’s Playstation Network was not mentioned as a target for monitoring. If it turns out the PS4 was used, authorities will likely start looking into PSN communications as well. Given the myriad number of ways players can communicate with each other in game, the large volume of communications and the importance of context, whether or not extra monitoring would help remains to be seen.
Edward Snowden, the whistleblower-turned-press freedom advocate exiled in Russia after leaking NSA documents that demonstrated the terrifying scope of its mass surveillance program, has publicly endorsed ad-blocking software and has encouraged every internet user to employ it.
“Because if the service provider is not working to protect the sanctity of the relationship between reader and publisher,” he added. “you have not just a right but a duty to take every effort to protect yourself in response.”
While there are ethical arguments against the use of ad-blockers – mainly that users of ad-blocking software are depriving site owners of revenue – it makes sense, purely from a security perspective, for Snowden to recommend ad-blocking for all: anything that could potentially provide a backdoor into your computer is a threat, much like the recent worrying revelation that advertisers are tracking users over multiple devices via inaudible sounds.
Tor was seriously compromised during the Summer of 2014 by unknown assailants, but now the Tor Project has revealed that it thinks it has determined the culprit: the FBI. According to the Tor Project, the FBI paid researchers from Carnegie Mellon University $1 million to crack Tor’s encryption.
“On July 4 2014 we found a group of relays that we assume were trying to deanonymize users,” the Tor Project wrote on its blog at the time. “They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks.”
In a follow-up post yesterday (11th November), the team writes, “The Tor Project has learned more about last year’s attack by Carnegie Mellon researchers on the hidden service subsystem. Apparently these researchers were paid by the FBI to attack hidden services users in a broad sweep, and then sift through their data to find people whom they could accuse of crimes.”
“There is no indication yet that they had a warrant or any institutional oversight by Carnegie Mellon’s Institutional Review Board,” the post adds. “We think it’s unlikely they could have gotten a valid warrant for CMU’s attack as conducted, since it was not narrowly tailored to target criminals or criminal activity, but instead appears to have indiscriminately targeted many users at once.”
The Tor Project brands the alleged actions of the FBI as an attack on “civil liberties” and “a violation of our trust and basic guidelines for ethical research.”
After the mess the European Union made of its net neutrality laws, it’s heartening to see them doing something positive. Earlier today (29th October), the European Parliament voted in favour of protecting NSA whistleblower Edward Snowden from prosecution and extradition to the US, as well as dropping any charges against him within EU member states. The resolution was voted in by 285 votes to 281, and grants protection to Snowden as a “human rights defender”.
Rumours of the vote hit Twitter shortly before the official announcement, with Snowden himself commenting:
Hearing reports EU just voted 285-281, overcoming huge pressure, to cancel all charges against me and prevent extradition. Game-changer.
“Too little has been done to safeguard citizens’ fundamental rights following revelations of electronic mass surveillance, say MEPs in a resolution voted on Thursday. They urge the EU Commission to ensure that all data transfers to the US are subject to an “effective level of protection” and ask EU member states to grant protection to Edward Snowden, as a “human rights defender”. Parliament also raises concerns about surveillance laws in several EU countries.”
How this affects Snowden’s asylum in Russia is yet to be determined. It would be interesting to know how the European Parliament would vote for a similar resolution in regards to Julian Assange, currently exiled in London’s Ecuadorian Embassy.
“You can’t have a back door in the software because you can’t have a back door that’s only for the good guys,” Cook told the events audience.
Cook’s speech occurred shortly after NSA Director Admiral Michael Rogers took to the stage to talk about encryption. Rogers, responding to a question regarding his previous statement – “strong encryption is in our nation’s best interest” – as to whether he supported impenetrable encryption, said “That’s not what I said, strong encryption is in our nation’s best interests,” adding, “Security, encryption: good. The ability to generate insights as to criminal behavior and threats to our nation’s security, also good.”
But Cook disputed the idea that privacy and national security were mutually exclusive, saying, “Nobody should have to decide privacy and security. We should be smart enough to do both,” branding any compromise of user privacy as a “cop-out.”
“Both of these things were essential parts of our Constitution. It didn’t say prioritize this one above all of these,” he said. “I mean, these guys were really smart folks and they held all of these things and said all of these are what it means to be an American,” Cook added. “It will become increasingly more important to more and more people over time as they realize that intimate parts of their lives are in the open and being used for all sorts of things.”
Facebook has revealed a new feature that will notify users if it suspects their account has been hacked by parties “working on behalf of a nation-state,” including the US. If your account has potentially been compromised, a message reading “Please Secure Your Accounts Now. [User], we believe your Facebook account and other online accounts may be the target of attacks from state-sponsored actors,” will be displayed the next time you log in. Seeing such a message means that your account specifically has been compromised, rather than Facebook itself.
“While we have always taken steps to secure accounts that we believe to have been compromised,” writes Alex Stamos, Facebook’s Chief Security Officer, “we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”
“It’s important to understand that this warning is not related to any compromise of Facebook’s platform or systems,” he adds, “and that having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware. Ideally, people who see this message should take care to rebuild or replace these systems if possible.”
While Stamos says that Facebook cannot reveal the methods it uses to detect such attacks to maintain their integrity, he assures users that they will never appear frivolously. If you see such a message, take it seriously and change your password. Using log-in verification is also advised. Stamos adds that Facebook “will continue to improve our ability to prevent and detect attacks of all kinds against people on Facebook.”
The UKs National Crime Agency have urged the people of Britain to ensure they take adequate measures of online security after a significant strain of malicious software allowed criminal hackers to steal an estimated £20 million from UK bank accounts.
The highly skilled malware developers are thought to be based in Eastern Europe. The details that are collected are then exploited to steal money from individuals and businesses globally. The NSA has reported one significant arrest in relation to the multi-million pound scam. However, only after thousands of computers had already been infected by the Dridex malware known as Bugat and Cridex, with the majority of computers being Windows based machines.
Computers can become infected with the virus when users open documents in emails they believe to be legitimate. I myself have recently received emails proclaiming to be from PayPal stating: “Your PayPal account has been limited! Take a few moments to confirm your information. After you do, you can shop online and send money using your account.” After checking PayPal directly (not through the given link) I establish that there was no such limitation on my account.
To avoid becoming an unwilling victim of the costly Dridex malware the National Crime Agency is encouraging all internet users to ensure they have up to date operating systems and anti-virus software installed on their machines, to protect themselves from further cybercrime attacks. The NSA also urged users to visit the CyberStreetWise and GetSafeOnline websites where they state there is a number of anti-virus tools are available to download to help clean up infected machines; these sites also are a great way to gain further advice on how to protect yourself in the future.
Mike Hulett, Head of Operations at the National Crime Agency’s National Cyber Crime Unit said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to be made.”
What measures do you take to ensure your online security? Let us know down in the comments below.
Privacy, spying, hacking, monitoring, tracking, just some of the words that people around the world have become frighteningly familiar with over the last few years. Edward Snowden uncovered many details of how our governments treat our data and he’s showing no sign of slowing down. His latest revelation reveals how Microsoft worked closely with the US Government, namely the NSA, to bypass encryption mechanisms that are intended to protect the privacy and data of the millions of users of Microsoft software such as Windows.
According to his article in The Guardian, NSA memos show that Microsoft helped the find a way to decrypt messages sent over various platforms, including Outlook, Hotmail and Skype, effectively handing them a backdoor into the data we entrusted them with.
While it’s no secret (anymore) that big tech companies were under pressure from various agencies to provide them with data on users, both with and without a warrant or similar legal document to back up their demands. However, the new leaks suggest Microsoft actively went out of their way to assist federal investigators, such as helping to circumvent encrypted chat messages via Outlook.com, prior to the product being launched to the public!
How Microsoft will react from this, especially given the privacy concerns of many in regards to Windows 10, remains to be seen.
Thank you RT for providing us with this information.
We’re but four months away from the much-hyped The X-Files revival, which reunites David Duchovny and Gillian Anderson as the iconic Mulder and Scully to investigate the paranormal and government conspiracies, but it seems we might have a real-world scandal to thank for inspiring the show’s return. The X-Files creator Chris Carter admits that the show’s new episodes owe a great debt to the revelations related to the mass surveillance program conducted by the NSA, as revealed by whistleblower Edward Snowden.
“It’s a perfect time to come back with The X-Files considering global politics,” Carter said during the premiere screening of the first new X-Files episode at the MIPCOM TV trade fair in Cannes this week, which earned rave reviews. “We’re trying to be honest with the changes dealing with digital technology: the capability of spying. Clearly we’re being spied on in the US – or at least spying on you – and there seems to be no shame in it.”
Despite the show being off the air for over 13 years, with just a single film in the interim – 2008’s The X-Files: I want to Believe – Carter says that he’s still been writing the show in his head all that time. “Every day I look at the newspaper and I see a possible X-Files episode,” he said. “I did it for a long time and you never quite lose the eye for what would be good X-Files storytelling.”
The six-episode The X-Files miniseries airs on FOX on 26th January, 2016.
Thank you The Guardian for providing us with this information.
Wikipedia founder Jimmy Wales, a major proponent of both freedom and privacy online, as evidenced by him filing a lawsuit against the NSA following the reveal of its mass surveillance program by whistleblower Edward Snowden, has declared that there is “no excuse” for not using internet encryption, whether that is providers arguing that it is cost-prohibitive, or UK Prime Minister David Cameron moaning that it makes spying on people harder.
During his keynote speech at the 2015 IP Expo Europe IT conference, Wales said, “There’s really no excuse to have any major web property that’s not secure.”
“There is a massive trend on the internet towards SSL—secure connections,” citing figures from Sandvine that show nearly 30% of internet traffic was encrypted as of April 2015, which is expected to jump to 65% by 2016. “My expectation is that this is going to narrow; over the next couple of years, [unencrypted traffic] is going to end up being a five or six percent slice,” he said, adding, “All major traffic is going to be encrypted very, very soon.”
“It is not feasible in any sense of the word for the UK to ban end-to-end encryption,” Wales added, in a swipe against David Cameron. “Not only is it not feasible, it’s a completely moronic stupid thing to do.”
Thank you Vice for providing us with this information.
NSA whistleblower and US exile Edward Snowden recently joined Twitter – his first act as a new member was to establish himself as the greatest troll of the 21st Century – and within three days he has already accrued a whopping 1.26 million followers, and a very warm welcome from the likes of Neil deGrasse Tyson, WikiLeaks, and Anonymous. His first message – “Can you hear me now?” – was, at the time of writing, retweeted 119,761 times and favourited 114,661 times.
Impressive work, and Snowden was sure to have been basking in his instant Twitter popularity… had he not neglected to stop e-mail notifications.
I forgot to turn off notifications. Twitter sent me an email for each:
For every follow, favourite, and retweet, Snowden received an e-mail – and the guy even accepts direct messages from everyone, so imagine how many people have tried to contact him privately – likely close to 2 million’s worth, filling up his inbox to the tune of 47GB.
Snowden, a former CIA employee and National Security Agency contractor has been exiled to Russia since 2013, when he leaked classified information revealing the scope of the NSA’s mass surveillance program. He is now director of the Freedom of the Press Foundation, a non-profit organisation which aims to protect the rights of journalists.
“Can you hear me now?” The stark words of Edward Snowdens first tweet as he joins social media platform Twitter. The account went live recently, gaining 160,000 followers in less than an hour, a number that has skyrocketed to almost 900,000 in less than a day and continues to grow exponentially.
The simple message was retweeted 93,928 times, so it’s obviously something that resonates with his followers. He’s since been a little more vocal too, and given his nature of challenging the order of things, you can bet he’s not going to be a passive user of the platform.
And, Ed @Snowden, glad to see the long exile hasn't affected your sense of humor. Staying busy?
Even better, Neil deGrasse Tyson, Anonymous, WikiLeaks and more have started tweeting at him, sparking a few conversations that have sent Twitter into overload, making Edward Snowden one of the most interesting people to follow on the social media platform right now.
Well, it’s taken a bit longer than expected, but Edward Snowden has finally lost his sanity in Russia, this is rather a joke considering the headline sounds quite bizarre, but the cogent statement which Mr Snowden conveyed is, as expected a lot more sensible than that.
Snowden appeared on the astrophysicist and science communicator Neil deGrasse Tyson’s StarTalk Podcast from Moscow via a robot video link called a “beam remote presence system”. Basically this gadget is a virtual presence device which has been conveyed within the medical profession with the aim of allowing doctors to see patients without seeing them in person. The wide-ranging interview included the assertion by Edward Snowdon that “It took a very long time for me to develop any kind of scepticism at all even to the most over-extended claims of the extension of programs or policies [by the US security services],” he said.
This may sound slightly naïve, but when an individual is in an environment as in these case, scenarios and policies become normal, why you would question the day-to-day reality with which you have been accustomed to. Now for the alien bit, according to Snowden, “encrypted communication, if they are properly encrypted, there is no real way to tell that they are encrypted, “You can’t distinguish a properly encrypted communication from random behaviour.”
What Edward Snowdon was surmising is that if a life form on a distant planet was attempting to identify new signs of life, or vice versa, it would be impossible to decipher where those signals were emanating from if communications were encrypted. Theoretically therefore, if both sides used encrypted communications, it would make it impossible to read them or even recognise them.
This view of a new civilisations communications skills are as good a one as the next person, considering there haven’t been any recent sightings of aliens, or at least proven beyond all doubt 100% bona fide beings and not a 1990s video camera with a blurry shot .
A former employee of Australia’s Department of Defense, who held fellow countryman Julian Assange up as an idol, posted sensitive materials he stole from the workplace to 4chan, where no one took him seriously (and called him “newf*g”, presumably). 21-year-old Michael Scerba uploaded documents related to the Five Eyes spying program – which is an initiative that combines the surveillance powers of the NSA (US), GCHQ (UK), CSEC (Canada), ASD (Australia), and GCSB (New Zealand) and has existed since the end of the Second World War – to 4chan in October 2012. The post had only 14 replies, described by Scerba as “a bunch of ‘fake and gay’ remarks”. Classy guy, sounds like he would have fit in well there.
At the time, Scerba said of his leak, “I release(sic) what I feel should be in the media: bombings, civilian deaths, actions of the ‘terrorists’ that just aren’t reported in the media.” As his 4chan post didn’t hit in quite the way Scerba has hoped, it was unlucky for him that one of the few people to see it was an employee of Australia’s intelligence service, who then alerted authorities.
Scerba’s materials were genuine, though, and the now 25-year-old is facing a Supreme Court trial in Australia for accessing and leaking confidential information. Since the trial will feature confidential information as evidence, making at least some of the process private, with documents related to the case to be destroyed 28 days after the end of the hearing, which has stirred civil rights activists into quite the frenzy.
Thank you Engadget for providing us with this information.
NSA operations have been going on a long, long, long, long time, that is according to the latest revelations by both Edward Snowdon and also by a report from The Intercept, NSA/GCHQ’s top secret surveillance program “Project Echelon” has been spying on the US allies, enemies, and its citizens for last 50 years. It’s being called the first-ever automated global mass surveillance system.
A British investigative journalist by the name of Duncan Campbell wrote a magazine article in 1988 about the existence a surveillance program by the name of Echelon, which is essentially a giant and automated surveillance dragnet that indiscriminately intercepted phone and Internet data from communications satellites. This technique was a precursor to today’s tapping of undersea fibre optic cables by survey non-military targets; these include governments, organizations and businesses in virtually every corner of the world.
In 2000, the European Parliament appointed a committee to investigate the program which lead to the outcome of the same old “The NSA played by the rules” mantra. How do you sum these latest revelations up? A foreign affairs directorate special adviser managed it perfectly by concluding the following,
In the final analysis, the “pig rule” applied when dealing with this tacky matter: “Don’t wrestle in the mud with the pigs. They like it, and you both get dirty.”
If anyone attempts to challenge these practises then both parties will be slandered into oblivion, the only difference is, the good guy always looks worst. I am not surprised by these revelations because frankly, who the hell can be after so much has been leaked out. I also think there is now more than surveillance at stake, but the underpinning of democracy which is looking weaker by the day.
This is also where GCHQ and the NSA look stupid, if they are able to track everyone all of the time, how come the likes of Osama Bin Laden managed to hide for so long? How come there are many criminals, illegal activities and an escalation in gun violence in the US within a world which is perceived to be more under surveillance? After all, the perpetrator of the Charleston church shootings wrote a manifesto which was easily accessible online, if the words “It was obvious that George Zimmerman was in the right” does not look slightly psychopathic, then nothing will.
Do you remember when 167,000 people signed a petition calling for Edward Snowdon to be pardoned? Not even Pepperidge Farms recalls this considering this was two years ago. The US government is known for hanging many decisions out, but I will give them credit for finally responding to this petition.
Once a petition reaches 100,000 signatures via the government’s official platform, under their rules they are duty bound to respond to it, which they have, eventually. So will Edward Snowdon receive a pardon? No, no he won’t according to Homeland Security advisor Lisa Monaco who accuses Snowdon of “running away from the consequences of his actions.”
A shortened redacted version of this statement is below, at least I have summarised the point unlike many US documents which have one word visible.
“Instead of constructively addressing these issues, Mr. Snowden’s dangerous decision to steal and disclose classified information had severe consequences for the security of our country and the people who work day in and day out to protect it.
If he felt his actions were consistent with civil disobedience, then he should do what those who have taken issue with their own government do: Challenge it, speak out, engage in a constructive act of protest, and — importantly — accept the consequences of his actions. He should come home to the United States, and be judged by a jury of his peers — not hide behind the cover of an authoritarian regime. Right now, he’s running away from the consequences of his actions”.
This is the cliché catch 22 situation, if Edward Snowdon had of spoken out and challenged the status quo, this would have been quickly and silently shot down. One has to remember when scandals are broken; they are not publicized by establishment officials but journalists and external investigators, how do you challenge behaviour in-house?
I do feel that Edward Snowdon has placed a target with which to discredit via his asylum in Russia. It’s a bit of an irony to live in a country for speaking out against violations of democracy, when said new residence has the uncanny habit of hunting down perceived dissenters. I also don’t believe Snowdon will receive a fair trial at all in the US, one thing to consider concerning this aspect is this, during the somewhat recent trial of Boston bomber Dzhokhar Tsarnaev, the jury was made up of individuals which favoured the death penalty. Lawyers had the ability and are allowed to dismiss any juror who is opposed to the death penalty, thus in a roundabout way influencing the nature of the sentence.
The above example is just that, an example to show how the word “fair” could be slightly deviated for a desired outcome.
The hack of Hacking team was hilarious but serious at the same time, to contemplate a freelance company hell-bent on hacking any target for a variety of employers seemed, well not surprising, but certainly a disappointing period for the ideological view of democracy. But at least the Italian surveillance team only hacked computers, I mean it’s not like they were developing any weaponry… oh my god they planned a Drone!
According to the released emails which became public thanks to Wikileaks, the firm have been planning for just over a year to develop a drone by the name of ‘Snoopy” which was capable of intercepting data from users smartphones through spoofed wireless networks. The emails also reveal that both Boeing and Hacking Team want unmanned aerial vehicles (UAVS) with the aim to carry out attacks which inject spyware into target computers or mobile phones via Wi-Fi.
The plans also reveal that public Wi-Fi networks would also be used to intercept targets internet traffic before injecting malicious code into said machine, with the aim of installing spyware which was developed by Hacking team. This news is also accompanied by techniques which makes use of “man in the middle attacks” and exploits to fish for information.
Well, I am not sure I particularly want surveillance drones which have the ability to spy on computers belonging to anyone. This news also highlights the line which blurs the view of good and evil, if governments were contemplating this concept, how does this make them any better than criminals? Yes, it’s technically for a noble cause by catching alleged targets, but who are the targets? This also goes back to the same question of transparently, governments quite happily inform us that money is tight for essential facilities for example hospitals, yet could well have been planning to purchase eyes in the sky which intercepts data at taxpayers expense.
Ever since the NSA clothed assassin Edward Snowden released a cache of documents, (I am not an all government sympathizer and I admire the steps which Mr Snowden took to place this information into the public domain) there has been a greater emphasis on how companies handle your private data. Tech companies are brilliant at telling you how your data is “important to them” and how they safeguard a user’s digital life, but how do we know this? After all, you won’t be receiving a phone call from Tim Cook to offer any assurances anytime soon.
Here’s where a non-profit organisation by the name of the Electronic Frontier Foundation swings into the picture, as you may know, every year this organization publishes an annual report which details how tech companies handle your data or who they may hand it to. The 2015 report has been submitted and is split into the following five categories
Follows Industry accepted best practice
Tells users about government data demands
Discloses policies on data retention
Discloses government content removal requests
Pro-user public policy opposes backdoors
As you can see, each category is defined with the aim of requesting transparency from each of the 24 individual tech companies who were analysed. The aim of this study is to detail how each company deals with requests from government sources for your data.
So who has kept their word? Well, Tim Cook, you have seemingly kept yours as Apple earned itself a score of 5/5, there were other companies who also earned top marks, I know! These were as follows;
A question mark may arise over Dropbox with the controversial appointment of Condoleezza Rice to the board in April 2014. There is no evidence of a policy shift between Dropbox and the US government after Mrs Rice’s appointment, but never the less, its noteworthy.
Now for the worst, open golden envelope, drum roll please, ok metaphorical drum roll, the three worst companies are… I mean I really should win an award for suspense, Get on with it! ok, goes to;
AT&T and Verizon failed in every category except “Follows Industry accepted best practice” Although which industry of what universe is anyone’s guess, with WhatsApp failing in every category except “opposes backdoors” But then again, who needs a backdoor when you place all your users details into a post stamped addressed envelope to any government who asks for it. Maybe an exaggeration, but if WhatsApp won’t tell you who demands a section of data, then it’s anyone’s guess..
These reports are well worth reading as it gives you a snapshot of how transparent tech companies are willing to be, after all, we as a society should demand information into what exactly is happening with our data.
Snowden’s latest leaked documents point to government agencies such as the NSA and GCHQ taking an interest in tracking user activity and spying on networks. However, to do that, they have to get one piece of software out-of-the-way; the anti-virus. This also seems to link with an earlier incident at Kaspersky Lab, where their headquarters was hacked by an unknown and well-equipped group.
The government agencies are said to be using a process named Software Reverse Engineering to gain access to vulnerabilities still present in current anti-virus products. One of the latest warrants GCHQ wants to approve, according to The Intercept, even states that Kaspersky poses a threat to its SRE program.
Other methods of intercepting and gaining access to anti-virus software databases consist of finding and exploiting employee emails that work in anti-virus companies. In addition, user PCs are targeted for HTTP requests sent to anti-virus headquarters, containing relevant security vulnerabilities found by their anti-virus suites.
To support the above claim, The Intercept also came across a GCHQ presentation where it shows that around 100 million malware events are flagged daily by the government agencies. The same approach might be found in every government agency, so at least we get another peek at what’s going on and how ’secure’ we are.
In the end, is targeting and ‘cracking open’ anti-virus software really a good solution? From my point of view, the GCHQ should hire Kaspersky Lab to design their network security if they are as good as they say they are. What do you think?