Category Archives: Security – computer and devices

CanadaUSborder

Shhh… US-Canada Border – Secret Deal Between Canada’s Spies and Border Guards

Check out this article from The Star:

Secret deal between Canada’s spies and border guards raises concerns

A memorandum of understanding between the two agencies allowed info sharing, joint operations without political oversight.

By: Alex Boutilier Ottawa Bureau Reporter, Published on Thu Jul 02 2015

OTTAWA—A secret deal between Canada’s spies and border guards proposed more information sharing and joint operations without the need for political sign-off, the Star has learned.

A 2014 deal between the Canadian Security Intelligence Service and the Canada Border Services Agency proposed the two agencies be allowed to share information and resources without the prior approval of their political masters.

“The Framework (Memorandum of Understanding) will also authorize (CSIS) to enter into more specific arrangements with CBSA, as required, without the necessity to seek your approval each time,” wrote CSIS director Michel Coulombe in a memo explaining the deal to Public Safety Minister Steven Blaney.

Blaney’s office won’t say whether or not the deal has been approved.

The deal, obtained under access to information law, would permit the two agencies to share “investigative techniques, the provision of equipment, the sharing of information, resources or personnel” to assist one another to meet shared objectives.

CSIS is allowed to enter into agreements with other departments and agencies, including foreign partners, and routinely does. But the rules governing the spy agency state that CSIS needs the express permission from the public safety minister to do so.

But Coulombe explicitly stated that, under the new deal, Blaney’s approval would not be required for further co-operation between the two agencies. Both would otherwise have to follow their respective mandates, the deal states.

The Star requested an interview with Blaney, and provided a detailed list of questions. That interview request was denied. Blaney’s office would not say if the minister approved the deal, and did not respond to the Star’s questions.

Jeremy Laurin, a spokesperson for the minister, instead provided a written statement referencing the threat of “jihadi terrorists” and the necessity for national security agencies to work together.

“In today’s global threat environment, national security is a team effort — which means that CSIS works with many domestic partners,” Laurin wrote. “CBSA is one of those partners.”

It’s not clear when the deal itself was drafted — the documents themselves are undated, but were released in a batch of briefing notes written last summer. That means the proposal would have crossed Blaney’s desk well before the Conservatives introduced controversial new terror laws that drastically expanded the agency’s mandate.

Bill C-51 allows CSIS to “disrupt” real or perceived threats to national security, rather than passing the intelligence they gather to an enforcement agency. The legislation, which recently became law, also greatly expands government agencies’ ability to share information deemed relevant to national security.

While the scope of the information sharing provisions alarmed security researchers and privacy experts, the majority Conservatives said they were necessary to ensure Canadians were kept safe. But The Canadian Press reported Wednesday that CSIS had told senior bureaucrats that improvements to their access to information could be achieved within the existing law.

Wesley Wark, a security researcher at the University of Ottawa, said it’s not uncommon for agencies to have formal agreements governing joint operations. But this deal in particular, Wark said, appears to diminish political accountability.

“It also shows a tendency on (the) part of the Harper government to allow for an erosion of ministerial accountability,” Wark wrote after reviewing the documents. “And it reminds us of one of the big holes in the fabric of accountability for security and intelligence — namely the absence of independent, external review of CBSA.”

Craig Forcese, also a University of Ottawa professor and vocal critic of Bill C-51, said the “stovepipe” nature of Canada’s intelligence review bodies is a major concern with these type of agreements.

The Security Intelligence Review Committee, for instance, can review actions taken by CSIS after the fact. But the committee has no ability to “follow the thread” of an operation when CSIS partners with another agency like CBSA, the RCMP, or Canada’s electronic spying agency, the Communications Security Establishment.

“If I had set out to intentionally design a system of accountability likely to break, it would look a lot like our current system of stovepiped review,” Forcese said.

“Add to that CBSA has no review body of its own — and, as best I know, is the only agency with a law enforcement or intelligence mandate in the country without some form of external, independent review or oversight.”

The Star requested the text of CSIS’s memorandums of understanding with other agencies. The agency declined to provide them, or to list which agencies it co-operates with, saying that the agency operates within its mandate, ministerial direction, and internal policy.

Before:

CSIS is permitted to enter into partnerships, both domestic and international, under Section 17 of the CSIS Act. The act requires the agency to get the go-ahead from the public safety minister beforehand.

After:

If the CSIS-CBSA deal was accepted, the two agencies could co-operate without bothering to get approval from politicians.

Under C-51:

The Conservatives’ controversial terror law allows for the free flow of information between 17 domestic law enforcement agencies and departments. Canada’s privacy commissioner has called the provision excessive.

AshleyMadison

Shhh… Impact Team: Cheating Spouses Panic As Adultery Site Ashley Madison Hacked

Check out this Daily Mail article for more details.

Hacked-Tiversa

Shhh… Hacked By Your Cyber-security Firm?

(Above) Photo credit: Hacked.com

Do you still have faith in cyber-security firms – recall the recent story about the Hacking Team?

Consider this: A Cyber-security firm known as Tiversa scams potential and ex-clients into memberships by hacking into their servers as a scare tactic to increase profits for Tiversa. Tiversa was brought before the Washington D.C. courthouse in May to explain their scam.

spam_keyboard

Shhh… Email Spams Dip First Time in Twelve Years

Check out the VentureBeat article below:

Symantec: Spam falls below 50% of all email for the first time since 2003

July 17, 2015 8:20 AM
Emil Protalinski

Good news for all of us who still have to use email: spam rates are dropping! In fact, junk messages now account for just 49.7 percent of all emails.

The latest figure comes from security firm Symantec’s June 2015 Intelligence Report, which notes this is the first time in over a decade that the rate has fallen below 50 percent. The last time the company recorded a similar spam rate was back in September 2003, or almost 12 years ago.

More specifically, Symantec saw 704 billion email messages sent in June, of which 353 billion were classified as spam. At one of the peaks of the spam epidemic, in June 2009, 5.7 trillion of the 6.3 trillion messages sent were spam, according to past data from Symantec.

Symantec

The report uses Symantec clients to extrapolate the figure, so the actual rate could be a bit higher or lower. That said, the spam rate appears to be dropping: Symantec’s spam number was 52.1 percent in April and 51.5 percent in May.

The decline of spam is usually attributed to legal prosecution against botnets (including by major tech companies like Microsoft), faster reaction times by network providers, improved blocking, and better filtering. The main goal is to make the business less lucrative: If you can slash profit margins for a spammer, you can slash spam itself.

This is great news for not just email users but companies that are dedicated to fighting spam. Their business isn’t going away anytime soon, but they are making progress.

Other findings in the report, which talks about not just spam but security overall, include:

– 57.6 million new malware variants were created in June, up from 44.5 million pieces of malware created in May and 29.2 million in April.

– Ransomware attack has increased for the second month in a row and crypto-ransomware has reached its highest levels since December 2014.

You can read Symantec’s full 19-page report here.

Minds

Shhh… Minds.com: A Social Media Network to Stop NSA Surveillance?

Tisa-Wiki

Shhh… WikiLeaks: TISA Corporate Takeover Plot

(Above) Photo credit: WikiLeaks

See WikiLeaks for more details and related media coverage.

USgovtHacked

Shhh… US Government Hacks at OPM Exposed More Than 21Million People

It was much worse than previously reported: more than 21 million people were “swept up in a colossal breach of government computer systems that was far more damaging than initially thought”. Find out more from the New York Times.

Moscow2

Shhh… Russian Parliament Paved Way for “Right to be Forgotten”

Check out the Reuters article below:

Russian parliament approves Internet privacy bill

Technology | Fri Jul 3, 2015 11:04am EDT
Reuters/Mal Langsdon

Russia’s parliament gave its final approval on Friday to a law that would require Internet search engines to remove users’ personal information from their results.

The bill, passed by the State Duma lower house in its third reading, seeks to emulate European Union rules on the “right to be forgotten”, under which search engines must take down certain results that appear under a search of a person’s name.

Under the new Russian legislation, Internet users will have the right to request the removal of information that is incorrect or “no longer relevant because of subsequent events or actions”, TASS news agency reported.

The regulation, which now needs to be signed into law by President Vladimir Putin, has been criticized by Russian web companies who are concerned about balancing rights to personal privacy against the freedom of information.

“We believe that control over dissemination of information should not restrict free access to public data. It should not upset the balance of personal and public interests,” said Russia’s biggest search engine Yandex.

After discussing the draft with search engine providers, the Duma approved some minor changes to the bill, Yandex added.

Users will now need to provide specific references to the web pages they wanted deleting and web companies will have 10 days to comply with the request.

TASS reported that search engines would also not be required to remove information about an applicant’s criminal record.

“Yandex and other Internet companies have criticized this legislation from the moment we heard about,” Yandex said in a statement. “Unfortunately, many important changes, from our point of view, have not been implemented.”

Google in Russia was not immediately available for comment.

(Reporting by Jack Stubbs and Maria Kiselyova; Editing by Alison Williams)

XKEYSCORE-NSA

Shhh… XKEYSCORE – The NSA Insight Into Everything We Do Online

Glenn Greenwald and his colleagues at The Intercept has just released an extensive report on the NSA use of XKEYSCORE. And here’s a video on the same topic:

ChinaNPC

Shhh… China Passes New National Security Law

See the related Guardian article for more details.

Hollande-Obama

Shhh… WikiLeaks: US Also Had a Decade-long Policy of Economic Espionage Against French Companies

(Above) photo credit: Focus

Assume this is no surprise to many? Following the recent WikiLeaks’ Espionnage Élysée exposé about the NSA spying on 3 French presidents, new WikiLeaks documents revealed how “the US has had a decade- long policy of economic espionage against France, including the interception of all French corporate contracts and negotiations valued at more than $200 million”.

“That covers not only all of France’s major companies, from BNP Paribas, AXA and Credit Agricole to Peugeot and Renault, Total and Orange, but it also affects the major French farming associations,” according to WikiLeaks founder Julian Assange.

“Central within the cache of documents are two long-term spying orders (“collection requirements”) which define the kinds of intelligence the NSA is tasked with collecting in its surveillance operations against France. The documents make clear that the NSA has been tasked with obtaining intelligence on all aspects of the French economy, from government policy, diplomacy, banking and participation in international bodies to infrastructural development, business practices and trade activities,” according to WikiLeaks.

Here’s a related story from Techcrunch:

New WikiLeaks Documents Reveal NSA Spied On Top French Companies

by Romain Dillet (@romaindillet)

Following last week’s eavesdropping reports, WikiLeaks shared new documents with Libération and Mediapart. This time, the new documents reveal that the NSA was spying on France’s best performing companies for economic intelligence purposes.

In addition to eavesdropping French Economy Ministers François Baroin and Pierre Moscovici between 2004 and 2012, the NSA gathered as much data as possible on big French companies. In particular, the agency wanted to know more about the companies that signed expensive export contracts for industrial goods, such as nuclear power plants, planes, high speed trains, etc.

According to an economic espionage order, the NSA intercepted all French corporate contracts and negotiations valued at more than $200 million in many different industries, such as telecommunications, electrical generation, gas, oil, nuclear and renewable energy, and environmental and healthcare technologies.

A second economic espionage order called “France: Economic Developments” shows that information was then shared with other U.S. agencies and secretaries, including the Secretary of Energy, the Secretary of Commerce, the Federal Reserve and the Secretary of Treasury. Eventually, this data could have been used to help sign export deals.

According to France’s IT security agency Anssi, the NSA could have spied on at least a hundred French companies, including most public CAC40 companies. Airbus filed a complaint for intelligence gathering earlier today.

The second document also states that the NSA could share this information with its closest allies — the U.K., Canada, New Zealand and Australia. It’s unclear whether the NSA is still actively spying on French companies. Today’s news is particularly interesting as it proves that the NSA is not only a geopolitical intelligence agency. It also plays an important role when it comes to economic intelligence.

Hollande

Shhh… French Asylum Offer to Snowden & Assange as Ultimate US Contempt

(Above) Photo credit: The Intercept

No surprise, that’s the ultimate official French reaction to the WikiLeaks’ Espionnage Élysée exposé on the NSA “unspeakable practice” earlier this week – check out The Intercept article below.

French Justice Minister Says Snowden and Assange Could Be Offered Asylum

By Jenna McLaughlin @JennaMC_Laugh

French Justice Minister Christiane Taubira thinks National Security Agency whistleblower Edward Snowden and WikiLeaks founder Julian Assange might be allowed to settle in France.

If France decides to offer them asylum, she would “absolutely not be surprised,” she told French news channel BFMTV on Thursday (translated from the French). She said it would be a “symbolic gesture.”

Taubira was asked about the NSA’s sweeping surveillance of three French presidents, disclosed by WikiLeaks this week, and called it an “unspeakable practice.”

Her comments echoed those in an editorial in France’s leftist newspaper Libération Thursday morning, which said giving Snowden asylum would be a “single gesture” that would send “a clear and useful message to Washington,” in response to the “contempt” the U.S. showed by spying on France’s president.

Snowden, who faces criminal espionage charges in the U.S., has found himself stranded in Moscow with temporary asylum as he awaits responses from two dozen countries where he’d like to live; and Assange is trapped inside the Ecuadorian Embassy in London to avoid extradition to Sweden. (See correction below.)

Taubira, the chief of France’s Ministry of Justice, holds the equivalent position of the attorney general in the United States. She has been described in the press as a “maverick,” targeting issues such as poverty and same-sex marriage, often inspiring anger among French right-wingers.

Taubira doesn’t actually have the power to offer asylum herself, however. She said in the interview that such a decision would be up to the French president, prime minister and foreign minister. And Taubira just last week threatened to quit her job unless French President François Hollande implemented her juvenile justice reforms.

Correction: Due to an editing error, an earlier version of this article improperly described the state of Assange’s case in Sweden and his reason for avoiding extradition. He has refused to go to Sweden, where he faces accusations of sexual assault, because he fears he could then be extradited to the United States.

(This post is from our blog: Unofficial Sources.)

NSA3FrenchPresidents-RolandDumas

Shhh… French Former Foreign Minister Roland Dumas: Shocked But Not Surprised With NSA Eavesdrops on French Presidents

NSAspyFrenchPresidents

Shhh… WikiLeaks’ “Espionnage Élysée” – François Hollande on Emergency Meeting Following Claims US Spied on 3 French Presidents

NSA-FrenchTargets
NSA-FrenchTargets2

Source for picture (above): WikiLeaks

Please refer to WikiLeaks for more details.

GoogleEarth-10HiddenSites

Shhh… Top 10 Sites Hidden by Google Earth