A short educational video on the impacts of mass surveillance on the average John Doe.
This is the instructional video tutorial Edward Snowden created for Glenn Greenwald on how to protect online communications using PGP (Pretty Good Privacy) encryption prior to his leaking thousands of classified documents to Greenwald in early 2013.
Tim Berners-Lee, the inventor of the web 25 years ago and director of the World Wide Web Consortium, spoke at the Web We Want Festival last Saturday whereby he, according to The Guardian, also called on Saturday for a bill of rights that would guarantee the independence of the internet and ensure users’ privacy.
“If a company can control your access to the internet, if they can control which websites they go to, then they have tremendous control over your life,” the British computer scientist said. “If a government can block you going to, for example, the opposition’s political pages, then they can give you a blinkered view of reality to keep themselves in power.
“Suddenly the power to abuse the open internet has become so tempting both for government and big companies.”
Below is Tim Berners-Lee at a TED Talk earlier this year.
This may as well be the best ever advertisement any company would die for…
FBI director James Comey criticized on Thursday that the encryption in the latest operating systems of Apple and Google phones were so secure that law enforcement officials would have no access to information stored on those devices even with valid warrants and asked why companies would “market something expressly to allow people to place themselves beyond the law”.
“There will come a day when it will matter a great deal to the lives of people … that we will be able to gain access,” Mr Comey reportedly told the media.
“I want to have that conversation [with companies responsible] before that day comes.”
Law enforcement agencies place premiums on their forensic abilities to search sensitive data like photos, messages and web histories on smartphones – and also on old plain vanilla cellular phones to some extent – to solve some serious crimes: mobile phones increasingly perform and even replace what we used to do with our computers but thanks to the convergence of technologies, law enforcement and investigators are now able to use mobile phone forensic, much like computer forensic techniques, to retrieve data, including deleted data, from the phones as they did on computers.
The comments from Comey came hot on the heels of news last week that Apple’s latest mobile operating system, iOS 8, is so well encrypted that even Apple Inc. cannot unlock their mobile devices. Google meanwhile is also adopting its latest encryption format for its new (to be released) Android operating system that the company would be unable to unlock.
Question: Has Comey approached the NSA for help?
The former NSA contractor Edward Snowden has received Wednesday the Right Livelihood Honorary Award – also known as the “Alternative Nobel Prize” – from the Stockholm-based Right Livelihood Award Foundation for his work on press freedom and “for his courage and skill in revealing the unprecedented extent of state surveillance violating basic democratic processes and constitutional rights.”
Alan Rusbridger, editor-in-chief of the British newspaper The Guardian with whom Snowden collaborated to publish what became known today as the Snowden revelations, also won the award for “responsible journalism in the public interest.
Both Snowden and Rusbridger are honorary winners, meaning they will not receive the award’s customary 500,000 kronor (54,500 euros) but the foundation said it would fund legal support for Snowden, who has been nominated for the Nobel Peace Prize to be announced later this year.
The Swiss attorney general has reportedly said earlier this month that Snowden could receive Swiss asylum if he opts to travel to Switzerland to testify against the National Security Agency.
The Right Livelihood Award was created in 1980 by German-Swedish philanthropist Jakob von Uexkull to “honour and support those offering practical and exemplary answers to the most urgent challenges facing us today”.
Three other prize winners, named to receive the monetary award, are Pakistani human rights lawyer Asma Jahanger, Sri Lankan rights activist Basil Fernando and US environmentalist Bill McKibbben.
WikiLeaks founder Julian Assange equated Google with the US National Security Agency and its British counterparts GCHQ, saying in an interview with BBC and Sky News last week the tech giant has become “a privatized version of the NSA”.
See another related video below.
How do NSA staffer feel about being filmed, even it’s just only in the public? Strangely, irate and very uncomfortable as 2 students found out Wednesday at the University of New Mexico’s Engineering and Science Career Fair where the NSA has set up a booth to recruit computer geeks (yes, hackers).
Source: The Intercept
New Zealand Prime Minister John Key appeared before the press in Dunedin Tuesday and said he would not rule out the possibility that the American intelligence agency NSA is conducting mass surveillance on New Zealanders but rejected claims that Kiwi spies have access to such information.
Key also shot down claims made by both Edward Snowden and Glenn Greenwald Monday that the NSA had sites operating in the country but he declined to answer questions about the data collection programme X-Keyscore, citing national security concerns.
Intelligence agencies around the world have been spying on journalists, activists and political dissidents using a surveillance malware produced by FinFisher, a German company specializing in computer intrusion systems, the exploitation of software and remote monitoring systems capable of intercepting communications and data from various devices, according to WikiLeaks which revealed Monday the latest published batch of secret documents.
The whistleblower website also released a list of FinFisher customers, which includes “Slovakia, Mongolia, Qatar State Security, South Africa, Bahrain, Pakistan, Estonia, Vietnam, Australia NSW Police, Belgium, Nigeria, Netherlands KLPD, PCS Security in Singapore, Bangladesh, Secret Services of Hungary, Italy and Bosnia & Herzegovina Intelligence”.
The FinFisher’s spyware is able to intercept communications and data from computers installed with the Mac OS X, Windows and Linux operating systems, as well as Android, iOS, BlackBerry, Symbian and Windows Mobile portable devices.
“FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers,” said WikiLeaks founder Julian Assange.
But what makes the latest WikiLeaks release really stands out this time is that it did not simply release documents but posted the actual software for anyone to download- YES, the actual zip files containing the malware on its site but with this warning:
“In order to prevent any accidental execution and infection, the following files have been renamed and compressed in password protected archives (the password is “infected”). They are weaponised malware, so handle carefully.”
Amidst widespread reports early this week that Comcast Corporation has been discouraging customers from using the Tor Browser, the anonymous browser favored by people like Snowden and hackers alike, Comcast – the largest broadcasting and cable company in the world by revenue – has clarified that the reports were not true and the company has not asked customers to stop using Tor or any other browser.
“We have no policy against Tor, or any other browser or software. Customers are free to use their Xfinity Internet service to visit any website, use any app, and so forth.”
See Comcast’s clarification here.
Credit: Chokepoint from The Intercept (http://vimeo.com/106026217 )
The US government once threatened to fine internet giant Yahoo with fines of US$250,000 a day in 2008 for every day it failed and balked at demand for user data to support government mass surveillance programs that the company believed was unconstitutional, according to numerous media reports citing court documents unsealed Thursday, adding further concrete insights into how the federal authorities forced American tech companies to take part in the controversial NSA’s PRISM program as revealed by the Snowden revelations last year which were initially denied by those companies and the American government.
The 1500-pages of documents reportedly revealed how Yahoo waged and eventually lost a secretive legal battle as government attorneys held firm that Yahoo holds no legal standing on users’ privacy issues – and also warned the company not to inform users the government snoops on their communications metadata.
Yahoo challenged and lost its case – first at the Foreign Intelligence Surveillance Court and subsequently at an appeals court, the Foreign Intelligence Court of Review – and finally complied with the government demands, which were later extended to other major players in the US tech industry, including Google, Apple and Facebook – see photo below (Credit: Picture taken from the book “No Place to Hide” by Glenn Greenwald).
According to Greenwald in his recent book:
“The court [Foreign Intelligence Surveillance Act court] is one of the most secretive institutions in the government. All of its rulings are automatically designated top secret, and only a small handful of people are authorized to access its decisions.”
And according to one of the documents Greenwald received from NSA whistle-blower Edward Snowden:
“It ordered Verizon Business to turn over to the NSA “all call detail records” for “communications (i) between the United States and abroad; and (ii) wholly within the United States, including local telephone calls.”
“Moreover, the court order specified that the bulk collection of American telephone records was authorized by Section 215 of the Patriot Act. Almost more than the ruling itself, this radical interpretation of the Patriot Act was especially shocking.”
It remains to be seen if similar court documents relating to other US tech companies would soon emerge.
Ever Thought of More Catastrophic Consequences?
The sensational invasion last week by hackers into dozens of pictures of nude Hollywood celebrities was a wardrobe malfunction on major scale, but it is time to take a more serious look beyond the alluring pictures. The world is heading for more catastrophic consequences in the cloud.
The leaks of the celebrities’ photos went viral online after hackers used new “brute force” attacks to break into the victims’ online accounts, casting the spotlight on the security of cloud computing.
But the disturbing and often overlooked question is, why are so many companies still blindly and trustingly moving ever more data into the cloud, where online access to highly confidential information related to clients, customers, employees, deals, business plans and performances and worst of all, our personal details, is left seemingly and increasingly more vulnerable?
Please refer to my entire column here.
The recently released book No Place to Hide by Glenn Greenwald is a page-turning thriller and I find this portion (below) really stands out:
One can’t help but wonder if this “secret technology” is beyond what’s already been known, ie. the NSA’s ability to penetrate into “air gapped” computers.
Air gapped (or air-gapped) computers are also known as “clean machines” because they are not and would never be connected to the internet – and they have to be brand new and not used computers, preferably paid by cash.
No doubt a computer that cannot be connected to the internet is pretty limited in what it can do but it is deemed absolutely safe.
These machines are usually used by the military and intelligence agencies dealing with highly sensitive or classified information.
Edward Snowden, and Wikileaks’ Julian Assange, are known to carry 3 to 4 laptops with them and it is no surprise one of these has been air gapped.
Snowden has even advised Greenwald on how to set up such a machine before the latter left New York to meet him in Hong Kong in the days building up to the Snowden revelations last year, as Greenwald wrote in his book.
But setting up and maintaining such a machine is more complex than one would initially think. Here’s a guide on the 10 rules to follow if you are still keen to have a clean machine.
Tor shields identity but it can still be compromised. Multiple layers of security recommended. Find out more from this video clip.
It was often widely believed the massive NSA snooping as revealed by the Snowden revelations was triggered by the aftermath of 9/11 during the Bush era but it now emerged that it’s the Executive Order 12333 issued and signed by then US President Ronald Reagan in 1981 that paved the leeway to intelligence agencies sweeping up vast quantities of Americans’ data.
This “twelve triple three”, as it’s known within the government circles, offers the underlying framework for the vast collection of metadata – including email contents, social network chats and messaging details to anything that surfs past the Internet on an incidental basis – even when Americans are not specifically targeted as it would be otherwise forbidden under the Foreign Intelligence Surveillance Act (FISA) of 1978
In a May 2014 interview with NBC, former NSA contractor Edward Snowden said that he specifically asked his colleagues at the NSA whether an executive order could override existing statutes. (They said it could not.) Snowden’s lawyer, Jesselyn Radack, said her client was specifically “referring to EO 12333”, according to a report by Ars Technica.
“President Ronald Reagan signed EO 12333 within his first year in office, 1981, largely as a response to the perceived weakening of the American intelligence apparatus by his two immediate predecessors, Presidents Gerald Ford and Jimmy Carter. Later, EO 12333 was amended three times by President George W. Bush between 2003 and 2008,” according to the report.
“Bush’s reasons for strengthening EO 12333 were similar. After the United States faced another existential threat in the immediate aftermath of the September 11 attacks, Bush—and later President Barack Obama—used EO 12333 to expand American surveillance power.”
And the rest was history.
But let’s not forget Glenn Greenwald said in this recent book No Place To Hide that the personal motto of former NSA chief Keith Alexander was “Collect it all”. Period?
As if the Snowden revelations on NSA snoops are not enough to amplify the Orwellian state in the US, it now emerged that the American federal government has once again stepped beyond what the US Constitution permits with their sponsored “Truthy” program, through a National Science Foundation grant to Indiana University, to create a Twitter-like “web service that will monitor ‘suspicious memes’ and what it considers to be ‘false and misleading ideas,’ with a major focus on political activity online,” according to a report by The Washington Free Beacon.
According to the report, Truthy is designed to collect and analyze tweets in real time using a combination of “data mining, social network analysis, and complex networks models,” all boosted by crowd sourcing with the objective to “detect political smears, astroturfing, misinformation, and other social pollution” that might harm the general public in political discussions online.
“For the federal government to be tracking so-called hate speech or subversive propaganda is not only Orwellian but violates the very fundamental rights to free speech and privacy guaranteed to us by the Constitution,” according to Rutherford Institute president John Whitehead in a WND report.
The WND has pointed out recently that the Justice Department would submit a report related to “hate crimes” and “hate speech” with actions recommended against any Internet sites, broadcast, cable television or radio shows determined to be advocating or encouraging “violent acts.”
It said “once the report is compiled, the bill calls for “any recommendations” for action “consistent with the First Amendment to the Constitution of the United States” that is determined to be an “appropriate and necessary” way to address the purported encouragement of violent acts.”
So now it seems one can be punished simply for what one thinks, feels and believes… Yes, Tweet that and be punished.
The NSA has a “Google-like” search engine called ICREACH for domestic and international agencies to access information of phone calls, texts and instant messages sent by millions of people, according to classified NSA documents obtained and reported by The Intercept (Source of featured picture above: The Intercept).
According to the report:
ICREACH does not appear to have a direct relationship to the large NSA database, previously reported by The Guardian, that stores information on millions of ordinary Americans’ phone calls under Section 215 of the Patriot Act. Unlike the 215 database, which is accessible to a small number of NSA employees and can be searched only in terrorism-related investigations, ICREACH grants access to a vast pool of data that can be mined by analysts from across the intelligence community for “foreign intelligence”—a vague term that is far broader than counterterrorism.
Glenn Greenwald, a founding editor of The Intercept, has previously mentioned ICREACH in his recent book No Place to Hide which highlighted some of the metadata types that were accessible through ICREACH.
This surveillance search engine, launched in 2007 with already 850 billion pieces of metadata then, allows more than 20 US agencies to quickly sift through the communications metadata of both foreigners and citizens on US soil.
Just how much is 850 billion pieces of metadata (and goodness how many trillions by now?)? See the chart above (Source: The Intercept).
A new homegrown Chinese operating system aimed to sweep aside foreign rivals like Microsoft, Google and Apple could be expected this coming October, according to a Xinhua news report Sunday.
The new OS would first target desktops with smartphones and other mobile devices to follow, according to Ni Guangnan who heads the development launched in March.
Now, it’s not that China has not attempted to create its very own OS. There was a Chinese Linux OS launched some years ago for mobile devices, dubbed the China Operating System (COS). It was developed as a joint effort by a company ‘Shanghai Liantong’, ISCAS (Institute of Software at the Chinese Academy of Sciences) and the Chinese Government. But it failed to take off and was later discontinued.
But the Chinese determination to have its very own system has risen a few bars recently, not least further sparked by the Snowden revelations that the American NSA planted “backdoor” surveillance tools on US-made hardware. Similarly the US have long been suspicious of China-made devices – Hmmm, is it still possible to get laptops with NO parts made in China? Check out my earlier column here if you are keen.
More recently, after the US made poster-boys of 5 Chinese military officers they accused of cyber-espionage in May, China swiftly banned government use of Windows 8. Just last month, it was also reported that as many as 10 Apple products were pulled out of a government procurement list as the spate of mistrusts continued.
China also lamented early last year that Google had too much control over its smartphone industry via its Android mobile operating system and has discriminated against some local firms.
Any bets on a fake Chinese OS any time soon – and sooner than October?
The BBC reported over the weekend that some NSA and GCHQ sleuths have been covertly tipping off developers of the Tor network as they were tasked to crack the code and find vulnerabilities in the cyber-tool most hated by the US and UK intelligence agencies, following a BBC interview with Andrew Lewman from the Tor Project.
“There are plenty of people in both organizations who can anonymously leak data to us to say – maybe you should look here, maybe you should look at this to fix this,” he said. “And they have.”
The Tor network has been favored by those who sought internet privacy and animosity. The free software conceals the location and usage of its users from anyone conducting network surveillance and traffic analysis. In other words, Tor shields one’s identity: It is difficult if not impossible to trace the internet activity of any Tor users. No wonder Tor is championed by the military, political activists, law enforcements, whistleblowers and of course, Edward Snowden.
Unfortunately, given what Tor is, it is also known as the gateway to the “dark web” as criminals and terrorists love it as well.
So it was no surprise when the Snowden revelations revealed both the NSA and GCHQ have been trying to crack Tor.
In fact, the NSA hates Tor so much it was also reported that the agency was not only targeting and cracking the Tor network but it had been taking digital fingerprints of anyone who are even remotely interested in privacy – including fans of the Linux Journal web site and anyone visiting the homepage of the Tor-powered Linux operating system Tails.
So what motivated those NSA and GCHQ spies to secretly contact the Tor developers? Lewman had an explanation:
“It’s sort of funny because it also came out that GCHQ heavily relies on Tor working to be able to do a lot of their operations.
“So you can imagine one part of GCHQ is trying to break Tor, the other part is trying to make sure it’s not broken because they’re relying on it to do their work.
Find out more about using Tor from my earlier column.
Photo above: The first US patent granted to Samuel Hopkins on July 31, 1790 (Source: http://explorepahistory.com/displayimage.php?imgId=1-2-988 ).
The Foreign Policy magazine recently published an interesting piece on the number of patents the US National Security Agency has been granted by the American government since 1979.
These patents are behind the more than 270 spying devices, methods and designs used by the NSA’s “tens of thousands of cryptologists, mathematicians, and computer scientists who routinely come up with novel ways to protect — and steal — electronic data”, according to Foreign Policy.
Interestingly, as the chart above from the magazine shows, the NSA obtained 127 patents since 2005 – almost as many patents as it did in the previous 25 years – the year the former NSA director Keith Alexander came onboard.
Alexander retired from the NSA in March and announced last month he will seek as many as nine new patents for a computer security system he’s building at the private security firm he has co-founded, IronNet Cybersecurity, Inc.
His announcement has raised eyebrows (like the photo above) and when asked whether he was cashing in on classified information he has learned at the NSA, Alexander said he didn’t develop the idea while working at the agency.
“If I retired from the Army as a brain surgeon, wouldn’t it be OK for me to go into private practice and make money doing brain surgery?” he said.
“I’m a cyber guy. Can’t I go to work and do cyber stuff?”
Check out the Foreign Policy link to the list of NSA Patents.