Tor/Tails Linux Users and Linux Journal Readers Tagged as “Extremists” by NSA

Tor and Tails Linux Users, as well as Linux Journal readers have been apparently tagged as ‘extremists’ by the National Security Agency, having leaked documents reveal that the XKeyscore snooping program is apparently targeting anyone who is interested in online privacy and use the latter software.

For those who do not know, XKeyscore is a piece of software which was among a number of surveillance programs revealed by Edward Snowden last year. Having said that, sources say that a number of Tor project members and security specialists from NDR and WDR in Germany have analyzed the source code and identified two German Tor Directory Authority servers as being under surveillance by the NSA, having other specific IP addresses cited.

However, the code appears not to keep every country in ‘lockdown’. Canada, UK, New Zealand, Australia and the US have apparently been given a free pass from the NSA’s surveillance program. For those who are not, the program is stated to mark and track IP addresses of users who search for keywords such as ‘tails’ or ‘Amnesiac Incognito Live System’, along with ‘Linux’, ‘ USB ‘,’ CD ‘, ‘secure desktop’, ‘ IRC’, ‘truecrypt’ or ‘ tor’, having also referring to the Tails Linux distribution as “a comsec mechanism advocated by extremists on extremist forums”.

The report also states that, aside from Linux Journal, other websites such as privacy.li, FreeProxies.org, HotSpotShield, MegaProxy, FreeNet, Centurian, and an anonymous email service called MixMinion are on the surveillance list. Aside from the surveillance details, nobody knows who leaked source code in question. While the obvious ‘target’ would be Snowden himself, other security specialists point to a ‘second leaker out there’.

Following the leaked information, the NSA has apparently released an official statement (available here), stating that the agency only collects data relevant for them and authorized by law, pointing out that tools such as the XKeyscore have different layers of searches and data gathering, relevant to and in accordance with every nation’s laws.

Thank you Tech Spot for providing us with this information

Anonymous Targets New Zealand’s GCSB in #OpKiwiFreedom

Anonymous are continuing their campaign against the New Zealand government. The new campaign #OpKiwiFreedom is fighting against the recently passed GCSB bill which essentially authorises the government to spy on its citizens, more so than it had done previously. As part of this campaign Anonymous have targeted the New Zealand’s GCSB with DDoS attacks and have successfully managed to take site down on numerous occassions leading to what the GCSB called temporary service interruptions, according to the New Zealand Herald.

[youtube]http://www.youtube.com/watch?v=_eyde9kgtdk[/youtube]

The message from the campaign is pretty clear and isn’t that different to what civil activists are lobbying for in the USA right now. That is; they want the mass surveillance to stop, they want transparency and they want the New Zealand government to be accountable to the people and to be controlled by the people – not the other way round. The New Zealand government has refused to comment if it is involved with the NSA’s PRISM and Xkeyscore programs. Despite their denial there has been sufficient evidence from the Snowden leaks to implicate the New Zealand government at the heart of the Xkeyscore program.

The Anonymous campaign was finished with the traditional message;

Operation Kiwi Freedom initiated.

WE ARE ANONYMOUS.
WE ARE LEGION.
WE DO NOT FORGIVE.
WE DO NOT FORGET.
NEW ZEALAND GOVERNMENT.
YOU SHOULD HAVE EXPECTED US.

Image courtesy of New Zealand Government Communications Security Bureau

Wikipedia Pushing Ahead With Encryption To Lock NSA Out

Wikipedia is taking steps to ensure that the NSA cannot spy on it or its users by adding encryption to the website wherever possible according to RT. Users that login will now have to use secure encryption when on the site and visitors to the website will use the HTTPS security protocol as a further defence mechanism.

“[Wikipedia] believes strongly in protecting the privacy of its readers and editors. Recent leaks of the NSA’s XKeyscore program have prompted our community members to push for the use of HTTPS by default for the Wikimedia projects,” said the statement published on the organization’s website.

Wikipedia had already been taking efforts to transfer to the HTTPS security protocol but since recent leaks about the XKeyscore have implicated Wikipedia they are taking steps to fast track encryption and HTTPS with all resources available. Wikipedia founder Jimmy Wales also stated that he believes encryption is an issue of Human Right’s and that all companies should start using it.

Image courtesy of Wikipedia

NSA Says XKeyscore Media Reports Are Misleading

The recent leaks from the Guardian that revealed an NSA program called “XKeyscore” have sparked a critical response from the NSA. The leaks suggested that the NSA has indexed data about every user on the internet which includes associated phone numbers, email addresses, IP addresses, search history, log ins, session information and other user activity data. The service is reportedly updated in real time and NSA agents can access information on any person straight away simply by filling a basic form that does not need to be approved by a supervisor, scanned in by the system or supported by a (U.S or other) legal warrant – providing the person was a non-U.S citizen.

The NSA responded saying that:

“NSA’s activities are focused and specifically deployed against – and only against – legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interests”

Furthermore they stated that:

“Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to the XKEYSCORE, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks…Not every analyst can perform every function and no analyst can operate freely. Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law”

To read more details on the XKeyscore leak see the original report here. To read the NSA’s response to the leak, see here.

It is clear from the NSA responses that the NSA have no intentions of denying such reports of an “XKeyscore” program but the extent to which the Guardian report is factually accurate is being called into question by them.

What are your thoughts on all this?

Image courtesy of The Guardian