Group items tagged

the malware was more advanced than the malicious programs developed by the NSA-tied Equation Group that Kaspersky just exposed. More intriguing still, Kaspersky antivirus products showed the same malware has infected one or more venues that hosted recent diplomatic negotiations the US and five other countries have convened with Iran over its nuclear program.

According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO's area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO's disposal have become -- and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks. The unit is "akin to the wunderkind of the US intelligence community," says Matthew Aid, a historian who specializes in the history of the NSA. "Getting the ungettable" is the NSA's own description of its duties. "It is not about the quantity produced but the quality of intelligence that is important," one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed "some of the most significant intelligence our country has ever seen." The unit, it goes on, has "access to our very hardest targets."

t's a messaging app for iOS.

based on peer-to-peer “mesh networking” and connects to nearby phones using Bluetooth and WiFi, with connectivity increasing as more people use it in an area.

A ruling handed down yesterday by Germany's highest court represents a blow to rightsholders in their quest to clamp down on illicit file-sharing. The court ruled that the parents of a teenager who had made available more than 1,100 songs on file-sharing networks can not be held responsible for their son's infringements, nor be required to monitor or hinder his online activities.

The Court ruled that the parents had met their parental obligations when they informed their child of "basic do's and don'ts" including that file-sharing copyrighted content online is illegal. Furthermore, the Court ruled that the parents were not required to monitor their child's online activities nor install special software to restrict his online behavior. This would only be required should the parents have "reasonable grounds" to presume that their child would engage in infringing activities online.

Jammie Thomas-Rasset

the first US file-sharer to take her RIAA-initiated lawsuit all the way to a trial and a verdict back in 2007. Five years, three trials, and one appeal later, she owes $222,000 to the recording industry for sharing songs on the Kazaa file-sharing network, but she doesn't plan to quit fighting.

Thomas-Rasset will follow Joel Tenenbaum, the second US resident to take his file-sharing case that far. Tenenbaum—who reached the Supreme Court first because he had only one jury trial instead of three—tried to convince the justices that they should take his case to stop the music label plan to create, in his lawyer's words, "an urban legend so frightening to children using the Internet, and so frightening for parents and teachers of students using the Internet, that they will somehow reverse the tide of the digital future." The Supremes showed no interest, denying Tenenbaum's petition back in May.

Portugese prosecutors have declined to press charges against individuals accused of file sharing

Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.

only a handful of groups out there that have the technical ability or incentive

First, it assumes that Snowden’s master file includes data from every network he ever scanned. Second, it assumes that this file is already in or will end up in the hands of America’s adversaries. If these assumptions turn out to be true, then the alarm raised in the last week will be warranted. The key word here is “if.”

Britain's surveillance agency GCHQ, with aid from the US National Security Agency, intercepted and stored the webcam images of millions of internet users not suspected of wrongdoing, secret documents reveal.

between 2008 and 2010

“The Art of Deception: Training for Online Covert Operations.”

Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: “false flag operations” (posting material to the internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting “negative information” on various forums. 

Critically, the “targets” for this deceit and reputation-destruction extend far beyond the customary roster of normal spycraft: hostile nations and their leaders, military agencies, and intelligence services. In fact, the discussion of many of these techniques occurs in the context of using them in lieu of “traditional law enforcement” against people suspected (but not charged or convicted) of ordinary crimes or, more broadly still, “hacktivism”, meaning those who use online protest activity for political ends. The title page of one of these documents reflects the agency’s own awareness that it is “pushing the boundaries” by using “cyber offensive” techniques against people who have nothing to do with terrorism or national security threats, and indeed, centrally involves law enforcement agents who investigate ordinary crimes:

According to a new report from Der Spiegel based on internal NSA documents, the signals intelligence agency's elite hacking unit (TAO) is able to conduct sophisticated wiretaps in ways that make Hollywood fantasy look more like reality. The report indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access. While the report does not indicate the scope of the program, or who the NSA is targeting with such wiretaps, it's a unique look at the agency's collaborative efforts with the broader intelligence community to gain hard access to communications equipment. One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it's a USB "hardware implant" that secretly provides the NSA with remote access to the compromised machine.

A code injection vulnerability in the Bourne again shell (Bash) has been disclosed on the internet. If exploited then arbitrary commands can be executed, and where Bash is used in relation to a network service, for example in CGI scripts on a web server, then the vulnerability will allow remote code execution.

Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (Bash), dubbed "Shellshock" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well.