Skip to main content

Home/ Future of the Web/ Group items tagged tools

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Gary Edwards

Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA | Ent... - 0 views

www.wired.com/tails

TAILS Edward-Snowden Linux

shared by Gary Edwards on 16 Apr 14 - No Cached
  • Gary Edwards on 16 Apr 14
     
    TAILS anonymous Operating System- excerpt: "When NSA whistle-blower Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA's prying eyes. It's called Tails. And naturally, nobody knows exactly who created it. Tails is a kind of computer-in-a-box. You install it on a DVD or USB drive, boot up the computer from the drive and, voila, you're pretty close to anonymous on the internet. At its heart, Tails is a version of the Linux operating system optimized for anonymity. It comes with several privacy and encryption tools, most notably Tor, an application that anonymizes a user's internet traffic by routing it through a network of computers run by volunteers around the world. Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally. This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources. "The installation and verification has a learning curve to make sure it is installed correctly," Poitras told WIRED by e-mail. "But once the set up is done, I think it is very easy to use." An Operating System for Anonymity Originally developed as a research project by the U.S. Naval Research Laboratory, Tor has been used by a wide range of people who care about online anonymity: everyone from Silk Road drug dealers, to activists, whistleblowers, stalking victims and people who simply like their online privacy. Tails makes it much easier to use Tor and other privacy tools. Once you boot into Tails - which requires no special setup - Tor runs automatically. When you're done using it, you can boot back into your PC's normal operating
Gonzalo San Gil, PhD.

The state of open education data | Opensource.com - 0 views

opensource.com/...big-data-open-education

opensource education data state of the art

shared by Gonzalo San Gil, PhD. on 15 Sep 14 - No Cached
  • Gonzalo San Gil, PhD. on 15 Sep 14
     
    "At the Open Education Working Group we are interested in all aspects of open education, from Open Education Resources (OERs) and new learning and teaching practices, to open source tools and open licenses."
  • Gonzalo San Gil, PhD. on 15 Sep 14
     
    "At the Open Education Working Group we are interested in all aspects of open education, from Open Education Resources (OERs) and new learning and teaching practices, to open source tools and open licenses."
  • Gonzalo San Gil, PhD. on 15 Sep 14
     
    "At the Open Education Working Group we are interested in all aspects of open education, from Open Education Resources (OERs) and new learning and teaching practices, to open source tools and open licenses."
Gonzalo San Gil, PhD.

Startup Crunches 100 Terabytes of Data in a Record 23 Minutes | WIRED - 0 views

www.wired.com/...rabytes-data-record-23-minutes

startup data record transfer Terabytes minutes Big Data

shared by Gonzalo San Gil, PhD. on 14 Oct 14 - No Cached
  • Gonzalo San Gil, PhD. on 14 Oct 14
     
    "There's a new record holder in the world of "big data." On Friday, Databricks-a startup spun out of the University California, Berkeley-announced that it has sorted 100 terabytes of data in a record 23 minutes using a number-crunching tool called Spark, eclipsing the previous record held by Yahoo and the popular big-data tool Hadoop."
Gonzalo San Gil, PhD.

scancode-toolkit · GitHub - 0 views

github.com/...scancode-toolkit

nexB scancode toolkit analysis copyright licenses codegithub

shared by Gonzalo San Gil, PhD. on 21 Jul 15 - No Cached
  • Gonzalo San Gil, PhD. on 21 Jul 15
     
    "ScanCode is a tool to scan code and detect licenses, copyrights and more. This open source code scanning tool helps you find and discover open source and third-party components in your code. "
Gary Edwards

Is SproutCore worth the Flash and Java iPhone snub? | Tim Andersen: The Register - 0 views

www.theregister.co.uk/...inside_sproutcore

ria sproutcore webkit

shared by Gary Edwards on 16 Jul 08 - Cached
  • Gary Edwards on 16 Jul 08
     
    Excellent intro to the WebKit - SproutCore release
  • Gary Edwards on 16 Jul 08
     
    It turns out that SproutCore is not just a JavaScript framework. It is also a set of development tools, written in Ruby, that generate HTML and JavaScript from templates. The project also includes a test framework and a build tool that generates optimized code ready for upload to a web server. A SproutCore application is deployed as static files; Ruby is not used at runtime.
  • anonymous on 02 Oct 13
     
    Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com
Gary Edwards

The NeuroCommons Project: Open RDF Ontologies for Scientific Reseach - 0 views

neurocommons.org/Main_Page

msoffice creative-commons neurocommons open-web rdf semantic-web

shared by Gary Edwards on 14 Mar 09 - Cached
  • Gary Edwards on 14 Mar 09
     
    The NeuroCommons project seeks to make all scientific research materials - research articles, annotations, data, physical materials - as available and as useable as they can be. This is done by fostering practices that render information in a form that promotes uniform access by computational agents - sometimes called "interoperability". Semantic Web practices based on RDF will enable knowledge sources to combine meaningfully, semantically precise queries that span multiple information sources.

    Working with the Creative Commons group that sponsors "Neurocommons", Microsoft has developed and released an open source "ontology" add-on for Microsoft Word. The add-on makes use of MSOffice XML panel, Open XML formats, and proprietary "Smart Tags". Microsoft is also making the source code for both the Ontology Add-in for Office Word 2007 and the Creative Commons Add-in for Office Word 2007 tool available under the Open Source Initiative (OSI)-approved Microsoft Public License (Ms-PL) at http://ucsdbiolit.codeplex.com and http://ccaddin2007.codeplex.com,respectively.

    No doubt it will take some digging to figure out what is going on here. Microsoft WPF technologies include Smart Tags and LINQ. The Creative Commons "Neurocommons" ontology work is based on W3C RDF and SPARQL. How these opposing technologies interoperate with legacy MSOffice 2003 and 2007 desktops is an interesting question. One that may hold the answer to the larger problem of re-purposing MSOffice for the Open Web?

    We know Microsoft is re-purposing MSOffice for the MS Web. Perhaps this work with Creative Commons will help to open up the Microsoft desktop productivity environment to the Open Web? One can always hope :)

    Dr Dobbs has the Microsoft - Creative Commons announcement; Microsoft Releases Open Tools for Scientific Research ...... Joins Creative Commons in releasing the Ontology Add-in
Alessandro P

LearningReviews.com - Software and Webware - 4 views

learningreviews.com/...limit-50.html

gratis sito web sviluppo

shared by Alessandro P on 31 Jan 10 - Cached
  • Web 2.0 in Education
    • Alessandro P
      Alessandro P on 31 Jan 10
       
      Una wiki ben strutturata. Possibile riferimento.
  • Websites: Freewebs
    • Alessandro P
      Alessandro P on 31 Jan 10
       
      Sito e dominio gratis. Da vedre il link
  • Websites: Weebly
    • Alessandro P
      Alessandro P on 31 Jan 10
       
      Per creare un sito da se. Da vedre!
  • Alessandro P on 31 Jan 10
     
    Software and Webware What FREE software and webware packages are most helpful to kids and teachers?
Gonzalo San Gil, PhD.

Democracy.OS - 0 views

democracyos.org

tecnología democracy participation open source tool

shared by Gonzalo San Gil, PhD. on 26 Aug 14 - No Cached
  • Gonzalo San Gil, PhD. on 26 Aug 14
     
    "We are working on a user-friendly, open-source, vote and debate tool, crafted for parliaments, parties and decision-making institutions that will allow citizens to get informed, join the conversation and vote on topics, just how they want their representatives to vote."
  • Gonzalo San Gil, PhD. on 26 Aug 14
     
    "We are working on a user-friendly, open-source, vote and debate tool, crafted for parliaments, parties and decision-making institutions that will allow citizens to get informed, join the conversation and vote on topics, just how they want their representatives to vote."
Gary Edwards

The must-have iPad office apps, round 9 | Network World - 0 views

www.networkworld.com/...-ipad-office-apps-round-9.html

wordSDK Office-365

shared by Gary Edwards on 03 Sep 14 - No Cached
  • Google's newly completed Apps suite just can't beat Apple's iWork or Microsoft Office
  • InfoWorld scorecards: The major native office apps In the past year, iPad users gained three major editing suites vying for their adoption: Microsoft Office for iPad and Google Apps for iOS both debuted to compete with Apple's powerful iWork suite. At the app level, both Apple and Microsoft released major updates to their presentation, spreadsheet, and word-processing offerings.
    • Gary Edwards
      Gary Edwards on 03 Sep 14
       
      I hope Diigo can post this!!  The Diigo default for comments is private :(
  • All support the native Office file formats, with iWork and Apps exporting to them as well.There are still a few office suites from smaller providers (scored on the next slide), but for most people, the focus is on these three.
  • Gary Edwards on 03 Sep 14
     
    "The on-the-go business app toolkit for the iPad Of the tens of thousands of apps available for the iPad, only a relative few are must-have tools for business use. In the last year, the landscape for iPad office apps has changed dramatically, with updates to iWork, the introduction of Microsoft Office, and Google's elimination of the beloved Quickoffice with its own Apps suite. Read on for our picks of the best native office editors, cloud office editors, and native companion productivity tools for the iPad. (Most work on the iPhone, too!)"
Gonzalo San Gil, PhD.

Surveillance Self-Defense | Tips, Tools and How-tos for Safer Online Communications - 0 views

ssd.eff.org/en

EFF surveillance privacy security self-defense howto

shared by Gonzalo San Gil, PhD. on 01 Feb 15 - No Cached
  • Gonzalo San Gil, PhD. on 01 Feb 15
     
    "Tips, Tools and How-tos for Safer Online Communications"
  • Gonzalo San Gil, PhD. on 01 Feb 15
     
    "Tips, Tools and How-tos for Safer Online Communications"
Gonzalo San Gil, PhD.

Sony Movies Leak Online After Hack Attack | TorrentFreak - 1 views

torrentfreak.com/nline-after-hack-attack-141129

Sony movie leak hack attack excuse new promo promotion tools grants culture control VALUES

shared by Gonzalo San Gil, PhD. on 30 Nov 14 - No Cached
    • Gonzalo San Gil, PhD.
      Gonzalo San Gil, PhD. on 30 Nov 14
       
      # ! #Leaks are the New #Promo #Tools
  • Gonzalo San Gil, PhD. on 30 Nov 14
     
    # ! #Leaks are # ! ... the New #Promo #Tools: # ! #Free #worldwide #Advertising, #later #government #grants & # ! #pressure for #Internet #control/#censorship... # ! A #Perfect #Gamble... # ! \(°0°)/ Stop The #Swindle.
Paul Merrell

Edward Snowden Explains How To Reclaim Your Privacy - 0 views

theintercept.com/...ns-how-to-reclaim-your-privacy

surveillance state Snowden operational-security advice must-read

shared by Paul Merrell on 16 Nov 15 - No Cached
  • Micah Lee: What are some operational security practices you think everyone should adopt? Just useful stuff for average people. Edward Snowden: [Opsec] is important even if you’re not worried about the NSA. Because when you think about who the victims of surveillance are, on a day-to-day basis, you’re thinking about people who are in abusive spousal relationships, you’re thinking about people who are concerned about stalkers, you’re thinking about children who are concerned about their parents overhearing things. It’s to reclaim a level of privacy. The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.] You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.] Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]
  • The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that. [If you enable two-factor authentication, an attacker needs both your password as the first factor and a physical device, like your phone, as your second factor, to login to your account. Gmail, Facebook, Twitter, Dropbox, GitHub, Battle.net, and tons of other services all support two-factor authentication.]
  • We should armor ourselves using systems we can rely on every day. This doesn’t need to be an extraordinary lifestyle change. It doesn’t have to be something that is disruptive. It should be invisible, it should be atmospheric, it should be something that happens painlessly, effortlessly. This is why I like apps like Signal, because they’re low friction. It doesn’t require you to re-order your life. It doesn’t require you to change your method of communications. You can use it right now to talk to your friends.
  • ...4 more annotations...
  • Lee: What do you think about Tor? Do you think that everyone should be familiar with it, or do you think that it’s only a use-it-if-you-need-it thing? Snowden: I think Tor is the most important privacy-enhancing technology project being used today. I use Tor personally all the time. We know it works from at least one anecdotal case that’s fairly familiar to most people at this point. That’s not to say that Tor is bulletproof. What Tor does is it provides a measure of security and allows you to disassociate your physical location. … But the basic idea, the concept of Tor that is so valuable, is that it’s run by volunteers. Anyone can create a new node on the network, whether it’s an entry node, a middle router, or an exit point, on the basis of their willingness to accept some risk. The voluntary nature of this network means that it is survivable, it’s resistant, it’s flexible. [Tor Browser is a great way to selectively use Tor to look something up and not leave a trace that you did it. It can also help bypass censorship when you’re on a network where certain sites are blocked. If you want to get more involved, you can volunteer to run your own Tor node, as I do, and support the diversity of the Tor network.]
  • Lee: So that is all stuff that everybody should be doing. What about people who have exceptional threat models, like future intelligence-community whistleblowers, and other people who have nation-state adversaries? Maybe journalists, in some cases, or activists, or people like that? Snowden: So the first answer is that you can’t learn this from a single article. The needs of every individual in a high-risk environment are different. And the capabilities of the adversary are constantly improving. The tooling changes as well. What really matters is to be conscious of the principles of compromise. How can the adversary, in general, gain access to information that is sensitive to you? What kinds of things do you need to protect? Because of course you don’t need to hide everything from the adversary. You don’t need to live a paranoid life, off the grid, in hiding, in the woods in Montana. What we do need to protect are the facts of our activities, our beliefs, and our lives that could be used against us in manners that are contrary to our interests. So when we think about this for whistleblowers, for example, if you witnessed some kind of wrongdoing and you need to reveal this information, and you believe there are people that want to interfere with that, you need to think about how to compartmentalize that.
  • Tell no one who doesn’t need to know. [Lindsay Mills, Snowden’s girlfriend of several years, didn’t know that he had been collecting documents to leak to journalists until she heard about it on the news, like everyone else.] When we talk about whistleblowers and what to do, you want to think about tools for protecting your identity, protecting the existence of the relationship from any type of conventional communication system. You want to use something like SecureDrop, over the Tor network, so there is no connection between the computer that you are using at the time — preferably with a non-persistent operating system like Tails, so you’ve left no forensic trace on the machine you’re using, which hopefully is a disposable machine that you can get rid of afterward, that can’t be found in a raid, that can’t be analyzed or anything like that — so that the only outcome of your operational activities are the stories reported by the journalists. [SecureDrop is a whistleblower submission system. Here is a guide to using The Intercept’s SecureDrop server as safely as possible.]
  • And this is to be sure that whoever has been engaging in this wrongdoing cannot distract from the controversy by pointing to your physical identity. Instead they have to deal with the facts of the controversy rather than the actors that are involved in it. Lee: What about for people who are, like, in a repressive regime and are trying to … Snowden: Use Tor. Lee: Use Tor? Snowden: If you’re not using Tor you’re doing it wrong. Now, there is a counterpoint here where the use of privacy-enhancing technologies in certain areas can actually single you out for additional surveillance through the exercise of repressive measures. This is why it’s so critical for developers who are working on security-enhancing tools to not make their protocols stand out.
  • Paul Merrell on 16 Nov 15
     
    Lots more in the interview that I didn't highlight. This is a must-read.
Gonzalo San Gil, PhD.

How to Access Linux Server Terminal in Web Browser Using 'Wetty (Web + tty)' Tool - 0 views

www.tecmint.com/nal-in-web-browser-using-wetty

how to access linux server terminal web browser using Wetty tool free software ope soure

shared by Gonzalo San Gil, PhD. on 19 Feb 16 - No Cached
  • Gonzalo San Gil, PhD. on 19 Feb 16
     
    "Wouldn't it be fantastic if there was a way to access a remote Linux server directly from the web browser? Luckily for us all, there is a tool called Wetty (Web + tty) that allows us to do just that - without the need to switch programs and all from the same web browser window."
Gonzalo San Gil, PhD.

Startup Leverages DMCA Notices As Artist Marketing Tool - TorrentFreak [# ! Note] - 0 views

torrentfreak.com/s-artist-marketing-too-160106l

startup use DMCA DMCA notices marketing artists tool piracy as promotion politics against because freedom ideas speech

shared by Gonzalo San Gil, PhD. on 07 Jan 16 - No Cached
  • Gonzalo San Gil, PhD. on 07 Jan 16
     
    " Ernesto on January 6, 2016 C: 39 Breaking Every day millions of pirates are being tracked by companies working for the entertainment industries. This data is often used to warn or even sue alleged offenders, but a new startup is taking a different route. Instead of punishing pirates they treat them as fans, allowing artists to use DMCA notices as a marketing tool."
Gonzalo San Gil, PhD.

Open source programs to write screenplays | Opensource.com - 0 views

opensource.com/...en-art-screenplay-design-video

open source tools wrte screenplays scripts information fiction movies making

shared by Gonzalo San Gil, PhD. on 21 Mar 16 - No Cached
  • Gonzalo San Gil, PhD. on 21 Mar 16
     
    "While I was putting together slides for my lightning talk at Great Wide Open (happening March 16-17), Not that Weird: Open Source Tools for Creatives, I remembered that in the last half of 2015 we had a bit of a loss from our open source creative toolbox. I think I was little"
  • Gonzalo San Gil, PhD. on 21 Mar 16
     
    "While I was putting together slides for my lightning talk at Great Wide Open (happening March 16-17), Not that Weird: Open Source Tools for Creatives, I remembered that in the last half of 2015 we had a bit of a loss from our open source creative toolbox. I think I was little"
Paul Merrell

Microsoft Pitches Technology That Can Read Facial Expressions at Political Rallies - 1 views

theintercept.com/...pressions-at-political-rallies

facial-recognition emotion-recognition cloud computing Microsoft

shared by Paul Merrell on 07 Aug 16 - No Cached
  • On the 21st floor of a high-rise hotel in Cleveland, in a room full of political operatives, Microsoft’s Research Division was advertising a technology that could read each facial expression in a massive crowd, analyze the emotions, and report back in real time. “You could use this at a Trump rally,” a sales representative told me. At both the Republican and Democratic conventions, Microsoft sponsored event spaces for the news outlet Politico. Politico, in turn, hosted a series of Microsoft-sponsored discussions about the use of data technology in political campaigns. And throughout Politico’s spaces in both Philadelphia and Cleveland, Microsoft advertised an array of products from “Microsoft Cognitive Services,” its artificial intelligence and cloud computing division. At one exhibit, titled “Realtime Crowd Insights,” a small camera scanned the room, while a monitor displayed the captured image. Every five seconds, a new image would appear with data annotated for each face — an assigned serial number, gender, estimated age, and any emotions detected in the facial expression. When I approached, the machine labeled me “b2ff” and correctly identified me as a 23-year-old male.
  • “Realtime Crowd Insights” is an Application Programming Interface (API), or a software tool that connects web applications to Microsoft’s cloud computing services. Through Microsoft’s emotional analysis API — a component of Realtime Crowd Insights — applications send an image to Microsoft’s servers. Microsoft’s servers then analyze the faces and return emotional profiles for each one. In a November blog post, Microsoft said that the emotional analysis could detect “anger, contempt, fear, disgust, happiness, neutral, sadness or surprise.” Microsoft’s sales representatives told me that political campaigns could use the technology to measure the emotional impact of different talking points — and political scientists could use it to study crowd response at rallies.
  • Facial recognition technology — the identification of faces by name — is already widely used in secret by law enforcement, sports stadiums, retail stores, and even churches, despite being of questionable legality. As early as 2002, facial recognition technology was used at the Super Bowl to cross-reference the 100,000 attendees to a database of the faces of known criminals. The technology is controversial enough that in 2013, Google tried to ban the use of facial recognition apps in its Google glass system. But “Realtime Crowd Insights” is not true facial recognition — it could not identify me by name, only as “b2ff.” It did, however, store enough data on each face that it could continuously identify it with the same serial number, even hours later. The display demonstrated that capability by distinguishing between the number of total faces it had seen, and the number of unique serial numbers. Photo: Alex Emmons
  • ...2 more annotations...
  • Instead, “Realtime Crowd Insights” is an example of facial characterization technology — where computers analyze faces without necessarily identifying them. Facial characterization has many positive applications — it has been tested in the classroom, as a tool for spotting struggling students, and Microsoft has boasted that the tool will even help blind people read the faces around them. But facial characterization can also be used to assemble and store large profiles of information on individuals, even anonymously.
  • Alvaro Bedoya, a professor at Georgetown Law School and expert on privacy and facial recognition, has hailed that code of conduct as evidence that Microsoft is trying to do the right thing. But he pointed out that it leaves a number of questions unanswered — as illustrated in Cleveland and Philadelphia. “It’s interesting that the app being shown at the convention ‘remembered’ the faces of the people who walked by. That would seem to suggest that their faces were being stored and processed without the consent that Microsoft’s policy requires,” Bedoya said. “You have to wonder: What happened to the face templates of the people who walked by that booth? Were they deleted? Or are they still in the system?” Microsoft officials declined to comment on exactly what information is collected on each face and what data is retained or stored, instead referring me to their privacy policy, which does not address the question. Bedoya also pointed out that Microsoft’s marketing did not seem to match the consent policy. “It’s difficult to envision how companies will obtain consent from people in large crowds or rallies.”
  • Paul Merrell on 07 Aug 16
     
    But nobody is saying that the output of this technology can't be combined with the output of facial recognition technology to let them monitor you individually AND track your emotions. Fortunately, others are fighting back with knowledge and tech to block facial recognition. http://goo.gl/JMQM2W
Paul Merrell

From Radio to Porn, British Spies Track Web Users' Online Identities - 1 views

theintercept.com/...ck-web-users-online-identities

surveillance state GCHQ Black-Hole

shared by Paul Merrell on 27 Sep 15 - No Cached
  • HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.
  • Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.
  • The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant
  • ...17 more annotations...
  • A huge volume of the Internet data GCHQ collects flows directly into a massive repository named Black Hole, which is at the core of the agency’s online spying operations, storing raw logs of intercepted material before it has been subject to analysis. Black Hole contains data collected by GCHQ as part of bulk “unselected” surveillance, meaning it is not focused on particular “selected” targets and instead includes troves of data indiscriminately swept up about ordinary people’s online activities. Between August 2007 and March 2009, GCHQ documents say that Black Hole was used to store more than 1.1 trillion “events” — a term the agency uses to refer to metadata records — with about 10 billion new entries added every day. As of March 2009, the largest slice of data Black Hole held — 41 percent — was about people’s Internet browsing histories. The rest included a combination of email and instant messenger records, details about search engine queries, information about social media activity, logs related to hacking operations, and data on people’s use of tools to browse the Internet anonymously.
  • Throughout this period, as smartphone sales started to boom, the frequency of people’s Internet use was steadily increasing. In tandem, British spies were working frantically to bolster their spying capabilities, with plans afoot to expand the size of Black Hole and other repositories to handle an avalanche of new data. By 2010, according to the documents, GCHQ was logging 30 billion metadata records per day. By 2012, collection had increased to 50 billion per day, and work was underway to double capacity to 100 billion. The agency was developing “unprecedented” techniques to perform what it called “population-scale” data mining, monitoring all communications across entire countries in an effort to detect patterns or behaviors deemed suspicious. It was creating what it said would be, by 2013, “the world’s biggest” surveillance engine “to run cyber operations and to access better, more valued data for customers to make a real world difference.”
  • A document from the GCHQ target analysis center (GTAC) shows the Black Hole repository’s structure.
  • The data is searched by GCHQ analysts in a hunt for behavior online that could be connected to terrorism or other criminal activity. But it has also served a broader and more controversial purpose — helping the agency hack into European companies’ computer networks. In the lead up to its secret mission targeting Netherlands-based Gemalto, the largest SIM card manufacturer in the world, GCHQ used MUTANT BROTH in an effort to identify the company’s employees so it could hack into their computers. The system helped the agency analyze intercepted Facebook cookies it believed were associated with Gemalto staff located at offices in France and Poland. GCHQ later successfully infiltrated Gemalto’s internal networks, stealing encryption keys produced by the company that protect the privacy of cell phone communications.
  • Similarly, MUTANT BROTH proved integral to GCHQ’s hack of Belgian telecommunications provider Belgacom. The agency entered IP addresses associated with Belgacom into MUTANT BROTH to uncover information about the company’s employees. Cookies associated with the IPs revealed the Google, Yahoo, and LinkedIn accounts of three Belgacom engineers, whose computers were then targeted by the agency and infected with malware. The hacking operation resulted in GCHQ gaining deep access into the most sensitive parts of Belgacom’s internal systems, granting British spies the ability to intercept communications passing through the company’s networks.
  • In March, a U.K. parliamentary committee published the findings of an 18-month review of GCHQ’s operations and called for an overhaul of the laws that regulate the spying. The committee raised concerns about the agency gathering what it described as “bulk personal datasets” being held about “a wide range of people.” However, it censored the section of the report describing what these “datasets” contained, despite acknowledging that they “may be highly intrusive.” The Snowden documents shine light on some of the core GCHQ bulk data-gathering programs that the committee was likely referring to — pulling back the veil of secrecy that has shielded some of the agency’s most controversial surveillance operations from public scrutiny. KARMA POLICE and MUTANT BROTH are among the key bulk collection systems. But they do not operate in isolation — and the scope of GCHQ’s spying extends far beyond them.
  • The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: SOCIAL ANTHROPOID, which is used to analyze metadata on emails, instant messenger chats, social media connections and conversations, plus “telephony” metadata about phone calls, cell phone locations, text and multimedia messages; MEMORY HOLE, which logs queries entered into search engines and associates each search with an IP address; MARBLED GECKO, which sifts through details about searches people have entered into Google Maps and Google Earth; and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums. GCHQ has other programs that it uses to analyze the content of intercepted communications, such as the full written body of emails and the audio of phone calls. One of the most important content collection capabilities is TEMPORA, which mines vast amounts of emails, instant messages, voice calls and other communications and makes them accessible through a Google-style search tool named XKEYSCORE.
  • As of September 2012, TEMPORA was collecting “more than 40 billion pieces of content a day” and it was being used to spy on people across Europe, the Middle East, and North Africa, according to a top-secret memo outlining the scope of the program. The existence of TEMPORA was first revealed by The Guardian in June 2013. To analyze all of the communications it intercepts and to build a profile of the individuals it is monitoring, GCHQ uses a variety of different tools that can pull together all of the relevant information and make it accessible through a single interface. SAMUEL PEPYS is one such tool, built by the British spies to analyze both the content and metadata of emails, browsing sessions, and instant messages as they are being intercepted in real time. One screenshot of SAMUEL PEPYS in action shows the agency using it to monitor an individual in Sweden who visited a page about GCHQ on the U.S.-based anti-secrecy website Cryptome.
  • Partly due to the U.K.’s geographic location — situated between the United States and the western edge of continental Europe — a large amount of the world’s Internet traffic passes through its territory across international data cables. In 2010, GCHQ noted that what amounted to “25 percent of all Internet traffic” was transiting the U.K. through some 1,600 different cables. The agency said that it could “survey the majority of the 1,600” and “select the most valuable to switch into our processing systems.”
  • According to Joss Wright, a research fellow at the University of Oxford’s Internet Institute, tapping into the cables allows GCHQ to monitor a large portion of foreign communications. But the cables also transport masses of wholly domestic British emails and online chats, because when anyone in the U.K. sends an email or visits a website, their computer will routinely send and receive data from servers that are located overseas. “I could send a message from my computer here [in England] to my wife’s computer in the next room and on its way it could go through the U.S., France, and other countries,” Wright says. “That’s just the way the Internet is designed.” In other words, Wright adds, that means “a lot” of British data and communications transit across international cables daily, and are liable to be swept into GCHQ’s databases.
  • A map from a classified GCHQ presentation about intercepting communications from undersea cables. GCHQ is authorized to conduct dragnet surveillance of the international data cables through so-called external warrants that are signed off by a government minister. The external warrants permit the agency to monitor communications in foreign countries as well as British citizens’ international calls and emails — for example, a call from Islamabad to London. They prohibit GCHQ from reading or listening to the content of “internal” U.K. to U.K. emails and phone calls, which are supposed to be filtered out from GCHQ’s systems if they are inadvertently intercepted unless additional authorization is granted to scrutinize them. However, the same rules do not apply to metadata. A little-known loophole in the law allows GCHQ to use external warrants to collect and analyze bulk metadata about the emails, phone calls, and Internet browsing activities of British people, citizens of closely allied countries, and others, regardless of whether the data is derived from domestic U.K. to U.K. communications and browsing sessions or otherwise. In March, the existence of this loophole was quietly acknowledged by the U.K. parliamentary committee’s surveillance review, which stated in a section of its report that “special protection and additional safeguards” did not apply to metadata swept up using external warrants and that domestic British metadata could therefore be lawfully “returned as a result of searches” conducted by GCHQ.
  • Perhaps unsurprisingly, GCHQ appears to have readily exploited this obscure legal technicality. Secret policy guidance papers issued to the agency’s analysts instruct them that they can sift through huge troves of indiscriminately collected metadata records to spy on anyone regardless of their nationality. The guidance makes clear that there is no exemption or extra privacy protection for British people or citizens from countries that are members of the Five Eyes, a surveillance alliance that the U.K. is part of alongside the U.S., Canada, Australia, and New Zealand. “If you are searching a purely Events only database such as MUTANT BROTH, the issue of location does not occur,” states one internal GCHQ policy document, which is marked with a “last modified” date of July 2012. The document adds that analysts are free to search the databases for British metadata “without further authorization” by inputing a U.K. “selector,” meaning a unique identifier such as a person’s email or IP address, username, or phone number. Authorization is “not needed for individuals in the U.K.,” another GCHQ document explains, because metadata has been judged “less intrusive than communications content.” All the spies are required to do to mine the metadata troves is write a short “justification” or “reason” for each search they conduct and then click a button on their computer screen.
  • Intelligence GCHQ collects on British persons of interest is shared with domestic security agency MI5, which usually takes the lead on spying operations within the U.K. MI5 conducts its own extensive domestic surveillance as part of a program called DIGINT (digital intelligence).
  • GCHQ’s documents suggest that it typically retains metadata for periods of between 30 days to six months. It stores the content of communications for a shorter period of time, varying between three to 30 days. The retention periods can be extended if deemed necessary for “cyber defense.” One secret policy paper dated from January 2010 lists the wide range of information the agency classes as metadata — including location data that could be used to track your movements, your email, instant messenger, and social networking “buddy lists,” logs showing who you have communicated with by phone or email, the passwords you use to access “communications services” (such as an email account), and information about websites you have viewed.
  • Records showing the full website addresses you have visited — for instance, www.gchq.gov.uk/what_we_do — are treated as content. But the first part of an address you have visited — for instance, www.gchq.gov.uk — is treated as metadata. In isolation, a single metadata record of a phone call, email, or website visit may not reveal much about a person’s private life, according to Ethan Zuckerman, director of Massachusetts Institute of Technology’s Center for Civic Media. But if accumulated and analyzed over a period of weeks or months, these details would be “extremely personal,” he told The Intercept, because they could reveal a person’s movements, habits, religious beliefs, political views, relationships, and even sexual preferences. For Zuckerman, who has studied the social and political ramifications of surveillance, the most concerning aspect of large-scale government data collection is that it can be “corrosive towards democracy” — leading to a chilling effect on freedom of expression and communication. “Once we know there’s a reasonable chance that we are being watched in one fashion or another it’s hard for that not to have a ‘panopticon effect,’” he said, “where we think and behave differently based on the assumption that people may be watching and paying attention to what we are doing.”
  • When compared to surveillance rules in place in the U.S., GCHQ notes in one document that the U.K. has “a light oversight regime.” The more lax British spying regulations are reflected in secret internal rules that highlight greater restrictions on how NSA databases can be accessed. The NSA’s troves can be searched for data on British citizens, one document states, but they cannot be mined for information about Americans or other citizens from countries in the Five Eyes alliance. No such constraints are placed on GCHQ’s own databases, which can be sifted for records on the phone calls, emails, and Internet usage of Brits, Americans, and citizens from any other country. The scope of GCHQ’s surveillance powers explain in part why Snowden told The Guardian in June 2013 that U.K. surveillance is “worse than the U.S.” In an interview with Der Spiegel in July 2013, Snowden added that British Internet cables were “radioactive” and joked: “Even the Queen’s selfies to the pool boy get logged.”
  • In recent years, the biggest barrier to GCHQ’s mass collection of data does not appear to have come in the form of legal or policy restrictions. Rather, it is the increased use of encryption technology that protects the privacy of communications that has posed the biggest potential hindrance to the agency’s activities. “The spread of encryption … threatens our ability to do effective target discovery/development,” says a top-secret report co-authored by an official from the British agency and an NSA employee in 2011. “Pertinent metadata events will be locked within the encrypted channels and difficult, if not impossible, to prise out,” the report says, adding that the agencies were working on a plan that would “(hopefully) allow our Internet Exploitation strategy to prevail.”
Paul Merrell

WikiLeaks just dropped the CIA's secret how-to for infecting Windows | Ars Technica - 0 views

arstechnica.com/...t-how-to-for-infecting-windows

surveillance state CIA hacking-tools Windows Wikileaks Vault7

shared by Paul Merrell on 17 Apr 17 - No Cached
  • WikiLeaks has published what it says is another batch of secret hacking manuals belonging to the US Central Intelligence Agency as part of its Vault7 series of leaks. The site is billing Vault7 as the largest publication of intelligence documents ever. Friday's installment includes 27 documents related to "Grasshopper," the codename for a set of software tools used to build customized malware for Windows-based computers. The Grasshopper framework provides building blocks that can be combined in unique ways to suit the requirements of a given surveillance or intelligence operation. The documents are likely to be of interest to potential CIA targets looking for signatures and other signs indicating their Windows systems were hacked. The leak will also prove useful to competing malware developers who want to learn new techniques and best practices. "Grasshopper is a software tool used to build custom installers for target computers running Microsoft Windows operating system," one user guide explained. "An operator uses the Grasshopper builder to construct a custom installation executable."
Gonzalo San Gil, PhD.

Secret Sqrrl: NSA "spin-off" company releases data mining tool | Ars Technica - 1 views

arstechnica.com/...pany-releases-data-mining-tool

secret nsa data mining spin-off tool every@ne for know their strategies

shared by Gonzalo San Gil, PhD. on 20 Jun 13 - No Cached
  • Gonzalo San Gil, PhD. on 20 Jun 13
     
    "Recent revelations of the National Security Agency's (NSA) data mining capabilities have come to the forefront recently, making "big data" a new subject of interest and concern for many people."
Gonzalo San Gil, PhD.

3 file conversion tools for the Linux command line | Opensource.com - 1 views

opensource.com/...rsion-tools-linux-command-line

file conversion tools linux command line

shared by Gonzalo San Gil, PhD. on 02 Nov 16 - No Cached
  • Gonzalo San Gil, PhD. on 02 Nov 16
     
    "Recently, a friend innocently asked me how many file formats there are. My semi-serious response was, "Think of a soup bowl filled with beach sand.""
  • Gonzalo San Gil, PhD. on 02 Nov 16
     
    "Recently, a friend innocently asked me how many file formats there are. My semi-serious response was, "Think of a soup bowl filled with beach sand.""
« First ‹ Previous 41 - 60 of 316 Next › Last »
Showing 20 items per page