Category Archives: Security

CancerFundUS

Shhh… Fraudulent Practices at Fake Cancer Charities

This is really sick…


Fake Cancer Charities Gave Sick Kids Expired Meds and Little Debbie Cakes

Michael Daly
Only in America05.19.159:39 PM ET

The family behind four so-called cancer charities enriched themselves on donations while giving junk food and bad drugs to sufferers, the feds say—but they’re not facing jail time.

If you think the worst of us are behind bars, consider what you can be accused of doing and not face so much as a minute in jail:

You and your family can run four cancer charities that raise $187 million on false pretenses in the name of kids with cancer and women with breast cancer and the terminally ill of all ages—but spend less than 3 percent of that money on cancer victims.

Meanwhile, you can pay yourself and your relatives big salaries and over-generous bonuses while using donated funds to pay for cars, Disney World trips, jet ski outings, luxury travel, and college tuitions.

And you can use company credit cards for personal expenses, including meals at Hooters, gas, car washes, cellphone apps and games, iTunes songs, and dating website subscriptions, as well as ticket to concerts, sporting events, and movies.

CancerFundUS2

“This is as about as bad as it can get: taking money away from cancer victims,” Jessica Rich, chief of the Federal Trade Commission Bureau of Consumer Protection, told reporters as her agency and the attorneys general of all 50 states brought a complaint against Cancer Fund of America, Cancer Support Services, the Breast Cancer Society, and the Children’s Cancer Fund of America.

To make matters even worse, one of the charities allegedly used some of what little it did spend on cancer victims to furnish sick kids with expired antibiotics that are in fact contraindicated for children.

Another of the charities provided breast cancer victims with drugs that, in the words of a federal complaint, “are not typically used for the treatment of breast cancer and, in some instances, are not recommended for use by persons who have had cancer.”

“Some have even been associated with an increased risk of cancer,” notes the complaint filed this week by the Federal Trade Commission.

The charities are said to have passed along as “direct patient aid” such donated items as adult diapers, sample-size toiletries, and Little Debbie snack cakes.

“They make people happy,” James Reynolds Sr., patriarch of the extended Tennessee family that runs the four charities, is quoted as saying by the complaint.

Reynolds then switched to Moon Pies.

“They make you happier,” Reynolds supposedly said.

And, even though the clan managed to get the Little Debbie snack cakes, the Moon Pies, the adult diapers, and the rest for next to nothing, the charities are said to have claimed the retail amount in financial filings. The idea, apparently, was to make it look like they devoted more of the donations to cancer patients than what little they did.

All the while, the charities are said to have raised ever more money with false and misleading claims, passing themselves off as being “on the forefront for the fight against cancer” and “on the forefront of actually helping needy children with cancer.”

In an alleged effort to squeeze more money out of unsuspecting donors, the charities scripted such telemarketing pitches as, “I understand [your hesitation to give]; however, we never want to have to tell a family that is stretching their finances to the breaking point that, ‘We’re sorry, but the CANCER FUND has fallen short of its fundraising goal, so we won’t be able to provide you with a wig for your child to cover the hair loss due to chemotherapy.’”

Never mind that these charities did not have a program to provide wigs to sick children.

The charities also claimed: “We help cancer patients anywhere in the United States. Men, women, and children with over 240 types of cancer.”

And although they seem not to provide hospice care of any kind, they still claimed: “We also do the hospice care for the terminally ill…We’re the ones that do the hospice care for the cancer patients afflicted with cancer from infants to adults…One hundred percent of our proceeds go to hospice care.”

The complaint notes that in fact “100% of the donations do not go to hospice care.”

On top of all this, the companies allegedly claimed millions of dollars in tax deductions for items delivered to cancer patients—even though the charities purchased nothing but rather served only as a conduit, if the goods existed at all.

And James Reynolds Sr. awarded plum jobs not only to his son, wife, sister-in-law, and mother-in-law, but also to his ex-wife, his stepson, and even a step-nephew.

One of the supposed charities, the Breast Cancer Society, was run by Reynolds’s son, James Jr.; the Children’s Cancer Fund of America was run by Reynolds’s ex-wife, Rose Perkins. Both have agreed not to contest the complaint and to shut those two charities down.

Under the deal they cut with the feds, the son officially faces a judgment of $65 million, but that will be suspended after he pays just $75,000. Perkins is hit with a $30 million judgment, but that will be suspended without her paying a penny due to her supposed lack of funds.

In the meantime, the son is insisting on the Breast Cancer Society’s website that he has not admitted guilt to anything:

“While the organization, its officers and directors have not been found guilty of any allegations of wrongdoing, and the government has not proven otherwise, our Board of Directors has decided that it does not help those who we seek to serve, and those who remain in need, for us to engage in a highly publicized, expensive, and distracting legal battle around our fundraising practices.”

And the patriarch, James Reynolds Sr., is promising to fight the allegations against himself and the other two charities, Cancer Fund of America and Cancer Support Services.

The feds and the combined attorneys general are resolved to press their civil case against him.

But the most Reynolds Sr. presently risks is a monetary judgment that he may escape paying the way his son and his ex-wife did.

He faces not a minute behind bars, where the very worst of us supposedly reside.

One should never wish anybody to fall terminally ill, but if Reynolds Sr. does, let him eat Little Debbie snack cakes.

Or, better yet, Moon Pies.

ChineseEspionage

Shhh… US Charges 6 Chinese Nationals for Industrial Espionage

(Above) photo credit: Jeff Nenarella/The Epoch Times

See also other related reports.

BrettKing

Shhh… Brett King on FinTech & the Death of the Retail Banking Branches

I have had the privilege to listen live in Hong Kong recently on technology futurist Brett King’s talk about a hot topic, FinTech – a contraction and combination of the words Financial and Technology, a ubiquitous term for any technology applied to financial services.

In sum, King’s argument is that with the way the millennials (those born at and after the turn of this century) get information and change the way they interact with the rest of the world, the financial services industry have to think seriously about FinTech because technology is re-defining the way we think about financial services. Put candidly, King ponders why are retail banks becoming more and more like Apple stores?

Here’s my original audio recording. Enjoy!

JackBarsky2

Shhh… Jack Barsky – The Spy Among US

(Above) Photo credit: CBS 60 Minutes

JeffreyASterling

Shhh… Former CIA Officer Sentenced for Leaks to NYT Reporter

(Above) photo credit: RT (Image from twitter.com @Manuel_Rapalo)

No matter what the judge thinks, one can’t help feeling sorry for Jeffrey Sterling (see the New York Times story below) considering how David Petraeus got away so lightly.

Ex-C.I.A. Officer Sentenced in Leak Case Tied to Times Reporter

By MATT APUZZOMAY 11, 2015

LEXANDRIA, Va. — A former Central Intelligence Agency officer on Monday was sentenced to three and a half years in prison on espionage charges for telling a journalist for The New York Times about a secret operation to disrupt Iran’s nuclear program. The sentence was far less than the Justice Department had wanted.

The former officer, Jeffrey A. Sterling, argued that the Espionage Act, which was passed during World War I, was intended to prosecute spies, not officials who talked to journalists. He asked for the kind of leniency that prosecutors showed to David H. Petraeus, the retired general who last month received probation for providing his highly classified journals to his biographer.

The case revolves around an operation in which a former Russian scientist provided Iran with intentionally flawed nuclear component schematics. Mr. Sterling was convicted in January of disclosing the operation to James Risen, a reporter for The Times, who had revealed it in his 2006 book, “State of War.” Mr. Risen described it as a botched mission that may have inadvertently advanced Iran’s nuclear program.

The Justice Department said that Mr. Sterling’s disclosures compromised an important C.I.A. operation and jeopardized the life of a spy. Under federal sentencing guidelines, he faced more than 20 years in prison, a calculation with which the Justice Department agreed. Prosecutors sought a “severe” sentence in that range.

Prosecutors maintain that the program was successful, and said Mr. Sterling’s disclosure “was borne not of patriotism but of pure spite.” The Justice Department argued that Mr. Sterling, who is black, had a vendetta against the C.I.A., which he had sued for racial discrimination.

Judge Leonie M. Brinkema gave no indication that she was swayed by the government’s argument that the book had disrupted a crucial operation, or harmed national security. She said she was most bothered that the information revealed in “State of War” had jeopardized the safety of the Russian scientist, who was a C.I.A. informant. Of all the types of secrets kept by American intelligence officers, she said, “This is the most critical secret.”

She said Mr. Sterling had to be punished to send a message to other officials. “If you knowingly reveal these secrets, there’s going to be a price to be paid,” she said.

Mr. Sterling, 47, spoke only briefly to thank the judge and court staff for treating him kindly as the case dragged on for years. Barry J. Pollack, a lawyer for Mr. Sterling, said jurors got the verdict wrong when they voted to convict. “That said, the judge today got it right,” he said.

Under federal rules, Mr. Sterling will be eligible for release from prison in just under three years.

The sentence caps a leak investigation that began under President George W. Bush and became a defining case in the Obama administration’s crackdown on government leaks. Under Attorney General Eric H. Holder Jr., the Justice Department prosecuted more people for having unauthorized discussions with reporters than all prior administrations combined.

For years, Mr. Sterling’s case was known most for the Justice Department’s efforts to force Mr. Risen to reveal his source. At the last minute, under pressure from journalist groups and liberal advocates, Mr. Holder relented and did not force Mr. Risen to choose between revealing his source or going to jail. Prosecutors won the case without Mr. Risen’s testimony.

Since the conviction, the case has been notable because of the stark differences in sentences handed down to leakers. Midlevel people like Mr. Sterling have been charged most aggressively. John C. Kiriakou, a former C.I.A. officer, served about two years in prison. Two former government contractors, Donald J. Sachtleben and Stephen J. Kim, are serving prison time. Thomas A. Drake, a former National Security Agency official, faced the prospect of years in prison but received a plea deal on a minor charge and avoided serving time after his lawyers won critical rulings before the trial.

By comparison, the F.B.I. investigated a decorated military leader, retired Gen. James E. Cartwright, after public reports described a highly classified wave of American cyberattacks against Iran. But that investigation has stalled because investigators considered the operation too sensitive to discuss at a public trial.

Mr. Petraeus, meanwhile, retains his status as an adviser to the Obama administration despite giving Paula Broadwell, his biographer, who was also his lover, notebooks containing handwritten classified notes about official meetings, war strategy, intelligence capabilities and the names of covert officers. Ms. Broadwell had a security clearance but was not authorized to receive the information.

Mr. Petraeus also admitted lying to the F.B.I., and the leniency of his plea deal infuriated many prosecutors and agents.

In court documents filed in Mr. Sterling’s case, the Justice Department argued that Mr. Petraeus’s crimes were not comparable. “None of this classified information was included in his biography, made public in any other way, or disclosed by his biographer to any third parties.”

SouthKorea2spies

Shhh… North Korea Exposes Two South Korean Spies

(Above) photo credit: CNN

The North Korean authorities hang out two allegedly South Korean spies to dry via this CNN exclusive:

MichaelVickers3

Shhh… Profile: Michael G. Vickers, the Retiring Under Secretary of Defense for Intelligence

(Above) photo credit: US Department of Defense

Here’s an insightful piece from the New York Times (below) on a key man in the Pentagon previously featured in the Hollywood movies “Charlie Wilson’s War” and “Zero Dark Thirty”:

A Secret Warrior Leaves the Pentagon as Quietly as He Entered

MAY 1, 2015
The Saturday Profile
By THOM SHANKER

WASHINGTON — ASKED what he is looking forward to, Michael G. Vickers, who retired this week as under secretary of defense for intelligence, answered without hesitation: “Sleeping.”

Having participated in virtually every significant global crisis of the past four decades, either as a supporting player or just as often cast in a starring, if uncredited, role, he has missed a lot of that. “I get kept awake by near-term things and long-term things,” he says.

Most Americans do not even know the job Mr. Vickers is leaving, just days after his 62nd birthday, even though the Pentagon commands the intelligence community’s largest share of the vast federal budget for spying, about $80 billion, and manages the most intelligence employees, about 180,000 people.

For a man who once practiced infiltrating Soviet lines with a backpack-size nuclear weapon, Mr. Vickers has a mellow, professorial demeanor. In addition to Army Special Forces training, he has studied Spanish, Czech and Russian and holds a doctorate in strategy from Johns Hopkins University. (Of his 1,000-page dissertation, he says, “It’s a good doorstop.”) His answers to policy questions are disciplined, cautious and usually organized in two parts, or three, or more.

So ask: What exactly kept you awake? First, as the military would say, are the crocodiles closest to the canoe.

“Our immediate threats are terrorism, particularly from global jihadist groups that want to attack the United States. It is a constant danger,” Mr. Vickers said. “And cyber is now in that category.”

Add the rising Russian challenge to the European order, which Mr. Vickers categorizes as “a fairly near-term problem,” along with “the things that could happen on the Korean Peninsula.”

And the over-the-horizon threats?

“When you step back a bit and look at enduring strategic problems,” he said, “then you look at the Middle East, where you have terrorism and proxy wars and the danger of religious wars and dangers of sectarian conflict.” He warns that religious and sectarian wars tend to be viciously heartfelt, and therefore bloody and protracted.

Attention must be paid to what, he predicts, will be this century’s most dynamic region: “East Asia and the rise of China — how to engage and manage that relationship and that with our allies, and keep the peace in that region.”

Each of those regions poses a difficult challenge for American policy makers, but Mr. Vickers warned of the prospect of more than one exploding simultaneously, with individual risks turning into a cascade of crises from, say, Mali to Pakistan or across East Asia.

“The challenge in the current world is that, for the first time since early in the Cold War, you have more of a risk of crises in multiple regions turning into broader conflict,” he said.

DURING the Cold War, Mr. Vickers was a member of the Green Berets assigned to infiltrate Warsaw Pact borders should World War III break out. His mission: Detonate a portable nuclear bomb to blunt an attack by the overwhelming numbers of Soviet tanks.
Continue reading the main story

He was sent to Central America and the Caribbean during the era of small anticommunist wars, helping to end an airline hijacking and a hostage case involving Honduran government officials. He was also assigned to what a military biography euphemistically calls “contingency operations against the Sandinista regime in Nicaragua.”

Leaving the Army for the Central Intelligence Agency, he joined the invasion of Grenada. And after the Marine barracks in Beirut were bombed in 1983, killing 241 United States servicemen, he was given sensitive counterterrorism work in Lebanon.

As a rising C.I.A. officer, Mr. Vickers was the chief strategist for the largest covert action in American history, smuggling arms and money to Afghan mujahedeen battling Soviet invaders in Afghanistan.

After the collapse of communism in Europe, Mr. Vickers took a break in the policy world, writing white papers on budgets and strategy and how to restructure the military — until he was summoned to the Pentagon not long after the terrorist attacks on Sept. 11, 2001.

The grim connection was not lost on Mr. Vickers.

Al Qaeda blossomed among those same anti-Soviet “freedom fighters” in the years when Afghanistan, which had received billions of dollars in covert American assistance during the Soviet occupation, was paid scant attention by Washington after Moscow’s army marched home in disgrace.

“We made a mistake at the end of the Cold War by disengaging from that region,” Mr. Vickers said, “and I don’t think we want to do that again.”

FOR the past eight years at the Pentagon, he first managed Special Operations policy and then intelligence programs. He was former Defense Secretary Robert M. Gates’s handpicked liaison to the C.I.A. for the SEAL Team 6 mission that killed Osama bin Laden.

Mr. Vickers’s efforts contributed to the accelerated expansion of Special Operations forces — doubling personnel numbers, tripling their budget and quadrupling the pace of deployments.

But there is another military truism — if your favorite tool is a hammer, then every problem looks like a nail — and Mr. Vickers is aware of the dangers for the Special Operations forces.

“For all of the capabilities that S.O.F. has as a force-multiplier, as a small-footprint, big-impact force, it is not a panacea for all of your strategic problems,” he said.

Mr. Vickers’s Pentagon tour also witnessed growth in another signature weapon of the post-9/11 period: unmanned aerial vehicles for surveillance and attack. Early in the counterterrorism wars, the Pentagon could barely keep half a dozen drones airborne at one time; the ceiling now is 65.

“The combination of ‘armed,’ ‘precision,’ ‘reconnaissance’ has been one of the most dramatic innovations,” he said. “It has been a critical operational instrument in the successes we have had against core Al Qaeda, in particular.”

Yet the drone program has come under harsh public scrutiny, especially since President Obama revealed that a January strike by a C.I.A. drone on a Qaeda target in Pakistan killed two Western hostages, one of them an American. Mr. Vickers demurred when asked whether that portion of the lethal drone program now operated covertly by the C.I.A. should fold under the Pentagon.

But he addressed the broader issue of whether the benefits of killing terrorists with remotely piloted, pinpoint strikes by drones outweighs the risks of alienating the public.

“As precise as this instrument is, as important as this instrument is, it is one tool and it is not enough to bring stability to an area,” he said. Landing Hellfire missiles on terrorists does not end terrorism; policy has to address the underlying local grievances that lead to radicalism, he added.

To strategically defeat adversaries, he said, “you have to change the postwar governance to make the victory stick.”

With a résumé that reads like an action-movie character’s biography, Mr. Vickers has been depicted in one film, “Charlie Wilson’s War,” and drawn into controversy over another, “Zero Dark Thirty.” He was absolved after a two-year inquiry into whether classified information was leaked to the filmmakers behind “Zero Dark Thirty.” Critics had argued that administration officials hoped the movie could burnish the president’s commander-in-chief credibility.

Near the conclusion of his retirement ceremony on Thursday, Mr. Vickers said he already had a glimpse of his new, quieter life.

He said that when a Pentagon work crew removed a special telephone installed in his home for after-hours secure communications, he found that his cable connection was accidentally cut at the same time — and he had lost all access to the outside world via Internet and TV.

A version of this article appears in print on May 2, 2015, on page A5 of the New York edition with the headline: Action Role of a Lifetime, Often Uncredited.

Airbus

Shhh… AirBus Plans Legal Actions Against NSA/BND Spying Claims – NSA Involved in Industrial Espionage

(Above) Photo Credit: APA/EPA/GUILLAUME HORCAJUELO

It shouldn’t be any surprise if one has been following related news, including an earlier post this week on how the German foreign intelligence agency BND has been supporting NSA spying activities in Europe via a former US espionage base in Bad Aibling. Expect other similar actions against the NSA following the lead by Airbus (see video clip below).

And expect not just a tirade of questions on the German authorities but also the NSA and Obama administration. The NSA massive eavesdropping program was designed solely to protect America against terrorist threats? And nothing to do with industrial corporate espionage? Look who’s talking…

NSAdatacenter

Shhh… NSA Too Late With “Snowden-Proof” Cloud Storage

Or better late than never? Check out the article below:

Too little too late? NSA starting to implement ‘Snowden-proof’ cloud storage

Published time: April 14, 2015 10:28
Edited time: April 14, 2015 18:04

The NSA is implementing a huge migration to custom-designed cloud architecture it says will revolutionize internal security and protect against further leaks by data analysts with unfettered access to classified information.

Put simply, the NSA hopes to keep future Edward Snowdens out by employing a cloud file storage system it built from scratch. A major part of the system is that all the data an analyst will have access to will be tagged with new bits of information, including that relating to who can see it. Data won’t even show up on an analyst’s screen if they aren’t authorized to access it, NSA Chief Information Officer Lonny Anderson told NextGov.

The process has been slowly taking place over the last two years following the Snowden leaks. This means any information stored after the fact now comes meta-tagged with the new security privileges, among other things.

The agency has Snowden to thank for expediting a process that was actually started in the aftermath of the September 11 attacks in 2001. The idea for storing all information on cloud servers had been in the making, but hadn’t come to fruition until it was too late.

Now it’s moving at an expanded pace to implement something called GovCloud, which is a scaled version of the NSA’s entire universe of mined data. It is set to become pre-installed on the computers of all 16 US intelligence agencies, a move that started with the NSA.

At first glance, the idea appears counter-intuitive. Edward Snowden pretty much used the fact that all the information was in one place to find what he needed and access it.

However, as Anderson explains, “While putting data to the cloud environment potentially gives insiders the opportunity to steal more, by focusing on securing data down at cell level and tagging all the data and the individual, we can actually see what data an individual accesses, what they do with it, and we can see that in real time.”

The agency’s cloud strategist Dave Hurry explained the strategy further: “We don’t let people just see everything; they’re only seeing the data they are authorized to see.”

And if a situation arises where an employee needs access to information that’s off-limits, the program tells them who to ask to get it sorted out.

A further advantage to this is accelerating the analysis of the log data generated when an analyst wants to access particular information. Edward Snowden’s computer history, for some reason, did not set off any alarms until it was too late. That’s because the security logs had to be manually reviewed at a later time, NSA officials told NextGov.

They say this could have been averted with GovCloud, which would immediately raise a red flag if an analyst attempted to “exceed limits of authority.” The agency would have the former analyst in handcuffs before he managed to pack his bags for the airport.

GovCloud isn’t marketing itself as just a security feature that rescues the intelligence agencies from outdated practices and hardware. It is also touted as the answer to privacy advocates, who had a field day with the NSA when it turned out it was indiscriminately mining citizens’ communications.

“We think from a compliance standpoint, moving from a whole mess of stovepipes into a central cloud that has a lot more functionality gives us more capability,” Tom Ardisana, technology directorate compliance officer at NSA, said.

It’s not clear whether the general public will know if the NSA is ‘complying’, but its officials claim that GovCloud is a step in the right direction. Outdated hardware and an over-reliance on data centers built before the shifts in privacy and security policies meant the process of compliance had to be manual and tedious.

“Whenever you bolt on compliance to address a particular issue, there is always a second- and third-order effect for doing that,” Anderson continued. “It’s an extremely manual process. There is risk built in all over that we try to address. The cloud architecture allows us to build those issues in right from the start and in automated fashion address them,” he explained.

In broader terms, the new trend toward automation will also ensure analysts can drastically cut the time they spend on doing a whole plethora of tasks like cross-checking information between databases manually.

“It’s a huge step forward,” Anderson believes, adding how entire agencies – starting with the NSA and the Defense Department – were being transitioned into the new operating environment starting three weeks ago, meaning all their work tools and applications will now also have to be accessed from there.

Other agencies will follow, but for now it’s all about trial periods and seeing how smoothly the system works.

The agency hopes the move toward cloud computing will herald the end of data centers, although whether the system is hacker-proof remains to be seen.

Assange2

Shhh… Julian Assange: Snowden Better Off in Russia Than Iceland

Despite recent reports that Snowden is edging closer to securing Icelandic citizenship, his pal Julian Assange argues that the former NSA contractor is better off staying put in Russia:

Obama-Laptop

Shhh… Obama Now Understands (Loss of) Privacy Pains?

Check out the original New York Times story.

BadAibling-Reuters

Shhh… Mangfall Kaserne in Bad Aibling – Surveillance-Proof Site for German Intelligence BND to Cooperate with the NSA

(Above) Photo credit: Reuters.

The former US espionage base, Bad Aibling, was supposedly returned to the German foreign intelligence agency BND back in 2004. But that’s what “happened” only on surface. Check out the Spiegel special report below:

Spying Close to Home: German Intelligence Under Fire for NSA Cooperation

US intelligence spent years spying on European targets from a secretive base. Now, it seems that German intelligence was aware of the espionage — and did nothing to stop it.

April 24, 2015 – 07:20 PM

It was obvious from its construction speed just how important the new site in Bavaria was to the Americans. Only four-and-a-half months after it was begun, the new, surveillance-proof building at the Mangfall Kaserne in Bad Aibling was finished. The structure had a metal exterior and no windows, which led to its derogatory nickname among members of the Bundesnachrichtendienst (BND), the German foreign intelligence agency: The “tin can.”

The construction project was an expression of an especially close and trusting cooperation between the American National Security Agency (NSA) and the BND. Bad Aibling had formerly been a base for US espionage before it was officially turned over to the BND in 2004. But the “tin can” was built after the handover took place.

The heads of the two intelligence agencies had agreed to continue cooperating there in secret. Together, they established joint working groups, one for the acquisition of data, called Joint Sigint Activity, and one for the analysis of that data, known as the Joint Analysis Center.

But the Germans were apparently not supposed to know everything their partners in the “tin can” were doing. The Americans weren’t just interested in terrorism; they also used their technical abilities to spy on companies and agencies in Western Europe. They didn’t even shy away from pursuing German targets.

The Germans noticed — in 2008, if not sooner. But nothing was done about it until 2013, when an analysis triggered by whistleblower Edward Snowden’s leaks showed that the US was using the facility to spy on German and Western European targets.

On Thursday, though, SPIEGEL ONLINE revealed that the US spying was vastly more extensive than first thought. The revelations have been met with extreme concern in the German capital — partly because they mark the return of a scandal that two successive Merkel administrations have never truly sought to clear up.

It remains unclear how much the BND knew, and to what extent German intelligence was involved, either intentionally or not. More crucially, it demonstrates the gap in trust that exists between two close allies.

Humiliating Efforts

The German government will have to quickly come up with answers. It will also have to decide how it will confront Washington about these new accusations. In the past two years, Berlin has made little to no progress in its largely humiliating efforts to get information from Washington.

The issue that could have been cleared up, at least internally, shortly after the NSA scandal began in the summer of 2013. But BND decision-makers chose not to go public with what they knew.

When media reports began emerging that the NSA had scooped up massive amounts of data in Germany and Europe, and that this data surveillance was not being performed exclusively for the global fight against terrorism, BND agents became suspicious. In previous years, BND agents had noticed on several occasions that the so-called “Selector Lists,” that the Germans received from their American partners and which were regularly updated, contained some oddities.

Selectors are targets like IP addresses, mobile phone numbers or email accounts. The BND surveillance system contains hundreds of thousands, possibly more than a million, such targets. Analysts are automatically notified of hits.

In 2008, at the latest, it became apparent that NSA selectors were not only limited to terrorist and weapons smugglers. Their searches also included the European defense company EADS, the helicopter manufacturer Eurocopter and French agencies. But it was only after the revelations made by whistleblower Edward Snowden that the BND decided to investigate the issue. In October 2013, an investigation came to the conclusion that at least 2,000 of these selectors were aimed at Western European or even German interests.

That would have been a clear violation of the Memorandum of Agreement that the US and Germany signed in 2002 in the wake of the Sept. 11, 2001 terror attacks. The agreement pertained to joint, global surveillance operations undertaken from Bad Aibling.

Cease and Desist

Washington and Berlin agreed at the time that neither Germans nor Americans — neither people nor companies or organizations — would be among the surveillance targets. But in October 2013, not even the BND leadership was apparently informed of the violations that had been made. The Chancellery, which is charged with monitoring the BND, was also left in the dark. Instead, the agents turned to the Americans and asked them to cease and desist.

In spring 2014, the NSA investigative committee in German parliament, the Bundestag, began its work. When reports emerged that EADS and Eurocopter had been surveillance targets, the Left Party and the Greens filed an official request to obtain evidence of the violations.

At the BND, the project group charged with supporting the parliamentary investigative committee once again looked at the NSA selectors. In the end, they discovered fully 40,000 suspicious search parameters, including espionage targets in Western European governments and numerous companies. It was this number that SPIEGEL ONLINE reported on Thursday. The BND project group was also able to confirm suspicions that the NSA had systematically violated German interests. They concluded that the Americans could have perpetrated economic espionage directly under the Germans’ noses.

Only on March 12 of this year did the information end up in the Chancellery. Merkel administration officials immediately recognized its political explosiveness and decided to go on the offensive. On Wednesday, the Parliamentary Control Panel met, a body that is in charge of monitoring Germany’s three intelligence agencies. The heads of the agencies normally deliver their reports in the surveillance-proof meeting room U1.214.

Panel members suspected something was different at this week’s meeting when Chancellery head Peter Altmaier, a cabinet-level position in Germany, indicated that he would be attending. The heads of the parliamentary NSA investigative committee were also invited to attend. BND President Gerhard Schindler, however, was asked to stay away. The day after the meeting, the government announced bluntly that Schindler’s office had displayed “technical and organizational deficits.”

Recast in a Different Light

With that, Germany’s foreign intelligence agency has some explaining to do. The BND, after all, doesn’t just report to the Chancellery. It has also provided testimony on its activities at Bad Aibling several times to the Parliamentary Control Panel and to the NSA investigative committee. That testimony now appears in a different light.

According to a classified memo, the agency told parliamentarians in 2013 that the cooperation with the US in Bad Aibling was consistent with the law and with the strict guidelines that had been established.

The memo notes: “The value for the BND (lies) in know-how benefits and in a closer partnership with the NSA relative to other partners.” The data provided by the US, the memo continued, “is checked for its conformance with the agreed guidelines before it is inputted” into the BND system.

Now, we know better. It remains to be determined whether the BND really was unaware at the time, or whether it simply did not want to be aware.

The NSA investigative committee has also questioned former and active BND agents regarding “selectors” and “search criteria” on several occasions. Prior to the beginning of each session, the agents were informed that providing false testimony to the body was unlawful. The BND agents repeatedly insisted that the selectors provided by the US were precisely checked.

A senior analyst from the department responsible, known as “Signals Intelligence,” testified in March that BND lawyers would check “each individual search term” and “each individual selector” to ensure that it conformed with the Memorandum of Agreement. That didn’t just apply to government officials and German companies, he said, but to Europeans more broadly.

‘Prosecutors Must Investigate’

“Sneaking in” such search terms would “become apparent” in such a long-term operation, the witness said. “To try, over all these years, to sneak selectors by us to perpetrate economic espionage, I don’t think that is possible,” the witness said. He added: “We never noticed such a thing.”

Members of the NSA investigative committee now feel that they have been lied to, and the reactions have been harsh. “At least since the Snowden revelations in 2013, all those involved at all levels, including the Chancellery, should have been suspicious of the cooperation with the NSA,” says Konstantin von Notz, the senior Green Party member on the investigative committee.

“The spying scandal shows that the intelligence agencies have a life of their own and are uncontrollable,” says the senior Left Party representative Martina Renner. “There have to be personnel consequences and German public prosecutors must investigate.”

But as of late Thursday, the German government hadn’t even informed the public prosecutor’s office of the incident.

By Maik Baumgärtner, Nikolaus Blome, Hubert Gude, Marcel Rosenbach, Jörg Schindler and Fidelius Schmid

Anonymous

Shhh… Anonymous: CyberSecurity Bill’s a Scam

The article below sums it up nicely: the Protecting Cyber Networks Act passed by the Congress this week was a surveillance bill in disguise.

Check out this video by the Anonymous:

House of Representatives Passes Cybersecurity Bills Without Fixing Core Problems

April 22, 2015 | By Mark Jaycox

The House passed two cybersecurity “information sharing” bills today: the House Permanent Select Committee on Intelligence’s Protecting Cyber Networks Act, and the House Homeland Security Committee’s National Cybersecurity Protection Advancement Act. Both bills will be “conferenced” to create one bill and then sent to the Senate for advancement. EFF opposed both bills and has been urging users to tell Congress to vote against them.

The bills are not cybersecurity “information sharing” bills, but surveillance bills in disguise. Like other bills we’ve opposed during the last five years, they authorize more private sector spying under new legal immunity provisions and use vague definitions that aren’t carefully limited to protect privacy. The bills further facilitate companies’ sharing even more of our personal information with the NSA and some even allow companies to “hack back” against potentially innocent users.

As we’ve noted before, information sharing is not a silver bullet to stopping security failures. Companies can already share the necessary technical information to stop threats via Information Sharing and Analysis Centers (ISACs), public reports, private communications, and the DHS’s Enhanced Cybersecurity Services.

While we are disappointed in the House, we look forward to the fight in the Senate where equally dangerous bills, like the Senate Select Committee on Intelligence’s Cybersecurity Information Sharing Act, have failed to pass every year since 2010.

Contact your Senator now to oppose the Senate bills.

Congress

Shhh… The Protecting Cyber Networks Act Gets Greenlight from Congress

Time to brace up for further loss of privacy as the PCNA would amount to voluntary wholesale transfer of data to the NSA (see story below).

And the Congress actually believe it’s in the name of stopping hackers and cyber attacks?

House Passes Cybersecurity Bill Despite Privacy Protests

Andy Greenberg
04.22.15

Congress is hellbent on passing a cybersecurity bill that can stop the wave of hacker breaches hitting American corporations. And they’re not letting the protests of a few dozen privacy and civil liberties organizations get in their way.

On Wednesday the House of Representatives voted 307-116 to pass the Protecting Cyber Networks Act, a bill designed to allow more fluid sharing of cybersecurity threat data between corporations and government agencies. That new system for sharing information is designed to act as a real-time immune system against hacker attacks, allowing companies to warn one another via government intermediaries about the tools and techniques of advanced hackers. But privacy critics say it also threatens to open up a new backchannel for surveillance of American citizens, in some cases granting the same companies legal immunity to share their users’ private data with government agencies that include the NSA.

“PCNA would significantly increase the National Security Agency’s (NSA’s) access to personal information, and authorize the federal government to use that information for a myriad of purposes unrelated to cybersecurity,” reads a letter signed earlier this week by 55 civil liberties groups and security experts that includes the American Civil Liberties Union, the Electronic Frontier Foundation, the Freedom of the Press Foundation, Human Rights Watch and many others.

“The revelations of the past two years concerning the intelligence community’s abuses of surveillance authorities and the scope of its collection and use of individuals’ information demonstrates the potential for government overreach, particularly when statutory language is broad or ambiguous,” the letter continues. “[PCNA] fails to provide strong privacy protections or adequate clarity about what actions can be taken, what information can be shared, and how that information may be used by the government.”

Specifically, PCNA’s data-sharing privileges let companies give data to government agencies—including the NSA—that might otherwise have violated the Electronic Communications Privacy Act or the Wiretap Act, both of which restrict the sharing of users’ private data with the government. And PCNA doesn’t even restrict the use of that shared information to cybersecurity purposes; its text also allows the information to be used for investigating any potential threat of “bodily harm or death,” opening its application to the surveillance of run-of-the-mill violent crimes like robbery and carjacking.

Congressman Adam Schiff, who led the advocacy for the bill on the House floor, argued in a statement to reporters that PCNA in fact supports privacy by protecting Americans from future hacker breaches. “We do this while recognizing the huge and growing threat cyber hacking and cyber espionage poses to our privacy, as well as to our financial wellbeing and our jobs,” he writes.

“In the process of drafting this bill, protecting privacy was at the forefront throughout, and we consulted extensively with privacy and civil liberties groups, incorporating their suggestions in many cases. This is a strong bill that protects privacy, and one that I expect will get even better as the process goes forward—we expect to see large bipartisan support on the Floor.”

Here’s a video [above] of Schiff’s statement on the House floor.

PCNA does include some significant privacy safeguards, such as a requirement that companies scrub “unrelated” data of personally identifying information before sending it to the government, and that the government agencies pass it through another filter to delete such data after receiving it.

But those protections still don’t go far enough, says Robyn Greene, policy counsel for the Open Technology Institute. Any information considered a “threat indicator” could still legally be sent to the government—even, for instance, IP address innocent victims of botnets used in distributed denial of service attacks against corporate websites. No further amendments that might have added new privacy restrictions to the bill were considered before the House’s vote Wednesday. “I’m very disappointed that the house has passed an information sharing bill that does so much to threaten Americans’ privacy and civil liberties, and no real effort was made to address the problems the bill still had,” says Greene. “The rules committee has excluded amendments that would have resolved privacy concerns…This is little more than a backdoor for general purpose surveillance.”

In a surprise move yesterday, the White House also publicly backed PCNA and its Senate counterpart, the Cybersecurity Information Sharing Act in a statement to press. That’s a reversal of its threat to veto a similar Cybersecurity Information Sharing and Protection Ac in 2013 over privacy concerns, a decision that all but killed the earlier attempt at cybersecurity data sharing legislation. Since then, however, a string of high-profile breaches seems to have swayed President Obama’s thinking, from the cybercriminal breaches of Target and health insurer Anthem that spilled millions of users’ data, to the devastating hack of Sony Pictures Entertainment, which the FBI has claimed was perpetrated as an intimidation tactic by the North Korean government to prevent the release of its Kim Jong-un assassination comedy the Interview.

If the White House’s support stands, it now leaves only an upcoming Senate vote sometime later this month on the Senate’s CISA as the deciding factor as to whether it and PCNA are combined to become law.

But privacy advocates haven’t given up on a presidential veto. A new website called StopCyberspying.com launched by the internet freedom group Access, along with the EFF, the ACLU and others, includes a petition to the President to reconsider a veto for PCNA, CISA and any other bill that threatens to widen internet surveillance.

OTI’s Greene says she’s still banking on a change of heart from Obama, too. “We’re hopeful that the administration would veto any bill that doesn’t address these issues,” she says. “To sign a bill that resembles CISA or PCNA would represent the administration doing a complete 180 on its commitment to protect Americans’ privacy.”

News-Media-Sites.jpg

Shhh… The Perils of Popular News Sites

This story (below) gives a whole new meaning to the phrase No News is Good News:

The most popular news sites can be used to spy on you, research shows

Cale Guthrie Weissman

Over a year ago it was discovered that government surveillance programs can use digital ad tracking software to keep tabs on Internet users. Now it appears more widespread than most thought.

In fact, 100 popular news sites were found to be susceptible to security issues that could help spies learn about what websites you browse and the data you share.

The fact that the government uses ad tracking software to surveil citizens isn’t necessarily new, but recently published research shows just how widespread the issue is.

This is in the wake of the one the top ad organisations publically saying that the majority of its ad tracking programs are safe and secure. The truth is that almost half of the software used by the most popular global news websites are unsecure and provide an easy way for governments to snoop, according to the new research.

A Toronto-based researcher named Andrew Hilts performed his own audit of the 100 top media sites to see how secure data exchange really was. Hilt is a fellow at the University of Toronto’s Citizen Lab, as well as the executive director of the nonprofit Open Effect.

Hilt decided to check out if ad trackers — third-party ad software that sends and receives data — were encrypted. If the trackers were found to be unencrypted, it meant that personal data was in plain sight and easy to hack. (In essence, ad trackers leave cookies on users’ browsers, which are used to remember information such as personal preferences and previous logins. If this data is not protected it’s ripe for the taking.)

Of the pages Hilt loaded, he discovered 47 different third parties that were transmitting data to and from the sites. Of those third parties, 19 of them left what’s called a “unique identifier.” Hilt explained to me that unique identifiers are basically used to compile “a profile of who you are and what you’re interested in.”

Now this is the important, albeit slightly complicated, part of Hilt’s analysis:

An average of 53% of the third party hosts transmitting data on top news websites support HTTPS. News websites, on average, initiated communications with 10 different third parties that led to transmissions of uniquely identifying cookies that could not be secured with HTTPS. An average of 9 unique ID transmissions were to servers that support HTTPS. In other words, network snoops can take advantage of many insecurely-transmitted unique identifiers to help them identify just who is reading what news.

In laymen terms this means that on average nearly half of all third-party data transfers happening on the most popular news websites are unencrypted. Hilt explained to me the ramifications: “If an ad tracking system is being done unencrypted, other actors like your ISP or the NSA can collected this data,” he said.

News-MediaTracker

Looking at the analysis, you can see that websites like the New York Post and the Economist transmit myriad data through third parties. Both of which, according to his chart, transmit well over 20 unencrypted identifiers that could be used by hackers.

The discoveries began in 2013. One of the many Snowden documents described a program that “piggybacked” on internet advertising technologies, using ad tracking technology to keep tabs on people of interest. The NSA discovered a handy loophole; many trackers are unencrypted. Thus, the NSA could easily tap into a website’s data exchange and also collect the traffic data of users.

More than a year after this initial revelation the Internet Advertising Bureau wrote a blog post calling for more widespread ad tracker encryption. This organisation called for all ad companies to support the encrypted HTTPS protocol — even the ad trackers. A website that uses the HTTPS protocol communicates encrypted data, which makes external snooping much harder to do.

The problem is that all parts of the website need to use HTTPS, not just the website itself. So if a news organisation uses third-party ad software that doesn’t use HTTPS, the website could very easily be tapped by spies. That’s why the IAB called for more data security.

“Once a website decides to support HTTPS,” the IAB wrote, “they need to make sure that their primary ad server supports encryption.” This way a user can be sure that all information exchanged on the page is secure and invisible to any unwanted eyes. The IAB added in its post that “nearly 80% of [its] members ad delivery systems supported HTTPS.”

Hilt’s findings show that this may not be the case.

Privacy advocates freaked out yesterday over Hilt’s findings. “A dubious congratulations to the St Louis Post-Dispatch, topping the news charts with 168 tracking URLs per page load,” tweeted Electronic Frontier Foundation activist Parker Higgins.

While the IAB’s message to advertisers is a step in the right direction, the fact that it doesn’t seem aware of how prevalent unencrypted tracking is means there’s a huge problem. In order for a website to truly ensure that its users aren’t being tracked by unknown third parties, it must ensure that both it and all of its third parties are communicating using HTTPS.

Hilt said the he’s happy the IAB is working to correct this issue, but it also needs to be aware of the work that needs to be done.

“The findings show they still have a ways to go,” he said.

Google-GerhardEschelbeck5

Shhh… New Google Security Chief – In Search of Balance with Privacy

Here’s an insight to one man at Google to keep tab on – see the article below.

New Google security chief looks for balance with privacy
By GLENN CHAPMAN, AFP April 19, 2015 4:55am

MOUNTAIN VIEW, United States – Google has a new sheriff keeping watch over the wilds of the Internet.

Austrian-born Gerhard Eschelbeck has ranged the British city of Oxford; cavorted at notorious Def Con hacker conclaves, wrangled a herd of startups, and camped out in Silicon Valley.

He now holds the reins of security and privacy for all-things Google.

In an exclusive interview with AFP, Eschelbeck spoke of using Google’s massive scope to protect users from cyber villains such as spammers and state-sponsored spies.

“The size of our computing infrastructure allows us to process, analyze, and research the changing threat landscape and look ahead to predict what is coming,” Eschelbeck said during his first one-on-one press interview in his new post.

“Security is obviously a constant race; the key is how far can you look ahead.”

Eschelbeck took charge of Google’s 500-strong security and privacy team early this year, returning to Silicon Valley after running engineering for a computer security company in Oxford for two years.

“It was a very natural move for me to join Google,” Eschelbeck said. “What really excited me was doing security at large scale.”

Google’s range of global services and products means there are many fronts for a security expert to defend. Google’s size also means there are arsenals of powerful computer servers for defenders to employ and large-scale data from which to discern cyber dangers.

Eschelbeck’s career in security stretches back two decades to a startup he built while a university student in Austria that was acquired by security company McAfee.

What started out as a six-month work stint in California where McAfee is based turned into a 15-year stay by Eschelbeck.

He created and advised an array of computer security startups before heading off to Oxford. Eschelbeck, has worked at computer technology titans such as Sophos and Qualys, and holds patents for network security technologies.

Constant attack

He was confident his team was up to the challenge of fending off cyber attacks, even from onslaughts of sophisticated operations run by the likes of the US National Security Agency or the Chinese military.

Eschelbeck vowed that he would “absolutely” find any hacker that came after his network.

“As a security guy, I am never comfortable,” he said. “But, I do have a very strong team…I have confidence we have the right reactive and proactive defense mechanisms as well.”

State-sponsored cyber attacks making news in the past year come on top of well-known trends of hacking expressly for fun or profit.

The sheer numbers of attack “vectors” has rocketed exponentially over time, with weapons targeting smartphones, applications, datacenters, operating systems and more.

“You can safely assume that every property on the Internet is continuously under attack,” Eschelbeck said.

“I feel really strong about our ability to identify them before they become a threat and the ability to block and prevent them from entering our environment.”

Scrambling data

Eschelbeck is a backer of encrypting data, whether it be an email to a friend or photos stored in the cloud.

“I hope for a time when all the traffic on the Internet is encrypted,” he said.

“You’re not sending a letter to your friend in a transparent envelop, and that is why encryption in transport is so critical.”

He believes that within five years, accessing accounts with no more than passwords will be a thing of the past.

Google lets people require code numbers sent to phones be used along with passwords to access accounts in what is referred to as “two-factor” authentication.

The Internet titan also provides “safe browsing” technology that warns people when they are heading to websites rigged to attack visitors.

Google identifies about 50,000 malicious websites monthly, and another 90,000 phishing websites designed to trick people into giving up their passwords or other valuable personal information, Eschelbeck said.

“We have some really great visibility into the Web, as you can imagine,” he said.

“The time for us to recognize a bad site is incredibly short.”

Doubling-down on privacy

Eschelbeck saw the world of online security as fairly black and white, while the privacy side of his job required subjective interpretations.

Google works closely with data protection authorities in Europe and elsewhere to try and harmonize privacy protections with the standards in various countries.

“I really believe that with security and privacy, there is more overlap than there are differences,” he said.

“We have made a tremendous effort to focus and double-down on privacy issues.”

As have other large Internet companies, Google has routinely made public requests by government agencies for information about users.

Requests are carefully reviewed, and only about 65 percent of them satisfied, according to Google.

“Privacy, to me, is protecting and securing my activities; that they are personal to myself and not visible to the whole wide world,” Eschelbeck said. — Agence France-Presse

NewZealand-China10

Shhh… New Zealand & US Plotted to Spy on China

The Intercept has revealed how New Zealand has teamed up with the NSA to eavesdrop on China, its largest trading partner (see article below).

This is not the first time New Zealand has been pulled into the equation about mass surveillance and the NSA. Just a month ago, New Zealand was also accused of spying on its neighbors in the Pacific islands (see video below).


New Zealand Plotted Hack on China With NSA

By Ryan Gallagher and Nicky Hager

New Zealand spies teamed with National Security Agency hackers to break into a data link in the country’s largest city, Auckland, as part of a secret plan to eavesdrop on Chinese diplomats, documents reveal.

The covert operation, reported Saturday by New Zealand’s Herald on Sunday in collaboration with The Intercept, highlights the contrast between New Zealand’s public and secret approaches to its relationship with China, its largest and most important trading partner.

The hacking project suggests that New Zealand’s electronic surveillance agency, Government Communications Security Bureau, or GCSB, may have violated international treaties that prohibit the interception of diplomatic communications.

New Zealand has signed both the 1961 Vienna Convention on Diplomatic Relations and the 1963 Vienna Convention on Consular Relations, international treaties that protect the “inviolability” of diplomatic correspondance. The country’s prime minister, John Key, said in a recent speech on security that New Zealand had an obligation to support the rule of law internationally, and was “known for its integrity, reliability and independence.”

Last year, Key said that New Zealand’s relationship with China, worth an estimated $15 billion in annual two-way trade, had “never been stronger.” The relationship was not just about “purely trading,” he said, “it is so much broader and much deeper than that.”

In 2013, Key described a meeting with top Chinese officials in Beijing as “extremely warm” and told of how he was viewed as a “real friend” by the country’s premier, Li Keqiang.

At the same time, as minister in charge of the GCSB, Key was overseeing spying against China – which included the top-secret planned operation in Auckland, aimed at the Chinese consulate.

The hacking project is outlined in documents obtained by The Intercept from NSA whistleblower Edward Snowden.

A secret report called “NSA activities in progress 2013,” includes an item titled “New Zealand: Joint effort to exploit Chinese MFA [Ministry of Foreign Affairs] link.” The operation, according to another NSA document, had “identified an MFA data link between the Chinese consulate and Chinese Visa Office in Auckland,” two buildings about a five-minute walk apart on the city’s busy Great South Road.

The document added that the New Zealand agency was “providing additional technical data” on the data link to the NSA’s Tailored Access Operations, a powerful unit that hacks into computer systems and networks to intercept communications. The agencies had “verbally agreed to move forward with a cooperative passive and active effort against this link,” it said.

Passive surveillance refers to a method of eavesdropping on communications that intercepts them as they are flowing over Internet cables, between satellites, or across phone networks. Active surveillance is a more aggressive tactic that involves hacking into computers; in the case of the Auckland operation, active surveillance could have involved planting spyware in the Chinese government computers or routers connected via the consulate data link.

The documents do not reveal whether the operation was successfully completed, due to the timeframe that the records cover. In May 2013, Snowden left his Hawaii-based intelligence job and flew to Hong Kong carrying the cache of secret files. In April 2013, shortly before Snowden’s departure, “formal coordination” on the hacking plan had begun between the NSA and its New Zealand counterpart, according to the documents.

More New Zealand operations targeting China appear to have been ongoing at that time. In another April 2013 NSA document describing the agency’s relationship with New Zealand spies, under the heading “What partner provides to NSA,” the first item on the list is “collection on China.” New Zealand’s GCSB surveillance agency “continues to be especially helpful in its ability to provide NSA ready access to areas and countries that are difficult for the United States to access,” the report said.

China intelligence is handled inside the New Zealand agency by a special section that focuses on economic analysis. According to sources with knowledge of the agency’s operations, its economic section, known as the “IBE,” specialised in Japanese diplomatic communications from 1981 until the late 2000s. In recent years its focus has shifted to intercepted Chinese communications, the sources say.

In response to the revelations, a spokesman for the Chinese Embassy in New Zealand told the Herald on Sunday that the country was “concerned” about the spying. “We attach great importance to the cyber security issue,” the spokesman said, adding that “China proposes to settle disputes through dialogue and formulate codes to regulate cyber space behaviors that are acceptable to all sides.”

China itself is known to be a major perpetrator of espionage on the global stage, and it has been repeatedly accused by the U.S. government of hacking into American computer networks. Last year, China was linked to an apparent intelligence-gathering hack on a powerful New Zealand supercomputer used to conduct weather and climate research.

But the Snowden documents have shown that countries in the so-called “Five Eyes” surveillance alliance – which includes New Zealand, the United States, the United Kingdom, Canada, and Australia – are also heavily involved in conducting aggressive spying and hacking operations across the world.

Previous revelations have detailed how agencies in the alliance have hacked law-abiding companies, foreign government computers, and designed technology to attack and destroy infrastructure using cyberwar techniques. Last year, The Intercept revealed how the NSA had developed the capability to deploy millions of malware “implants” to infect computers and steal data on a large scale.

The NSA, the GCSB and the New Zealand prime minister’s office each declined to answer questions about this story.

GCSB’s acting director, Una Jagose, said in an emailed statement that the agency “exists to protect New Zealand and New Zealanders.” She added: “We have a foreign intelligence mandate. We don’t comment on speculation about matters that may or may not be operational. Everything we do is explicitly authorised and subject to independent oversight.”

Wikileaks-Sony

Shhh… WikiLeaks’ Latest Stunt: The Sony Archives

Has Julian Assange gone overboard with the latest WikiLeaks‘ dump of over 200,000 Sony documents and emails on its website this week?

“This archive shows the inner workings of an influential multinational corporation. It is newsworthy and at the centre of a geo-political conflict. It belongs in the public domain. WikiLeaks will ensure it stays there,” Assange explains in his press statement.

Sony’s lawyer David Boies was certainly not impressed and he has sent letters to media outlets urging them not to make use of the data, according to a Bloomberg report.

Facebook-bug

Shhh… FaceBook Blames “Bug”

The question is, would you buy it? See Facebook’s response here and below.