Skip to main content

Home/ Indie Nation/ Group items matching "NSA" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
John Lemke

Leaked Snowden documents detail NSA's plans for 'millions' of malware attacks | The Verge - 0 views

www.theverge.com/...or-millions-of-malware-attacks

2014 leaked documents nsa malware attacks security privacy yourroights surveillance spying indienationnews law legal

shared by John Lemke on 12 Mar 14 - No Cached
  • A program known as TURBINE, first revealed last year, is meant to dramatically speed the process: one document says it will "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."
  • The scaling process, according to Greenwald, started in 2004, when the NSA operated only 100 to 150 software implants. The number of implants used in the years between 2010 to 2012, by contrast, is described as numbering in the tens of thousands.
John Lemke

Some NSA Officials Favor Giving Snowden Limited Amnesty For All The Wrong Reasons | Techdirt - 0 views

www.techdirt.com/...mnesty-all-wrong-reasons.shtml

2013 amnesty nsa snowden security surveillance yourrights spying

shared by John Lemke on 14 Dec 13 - No Cached
  • JOHN MILLER: He's already said, "If I got amnesty, I would come back." Given the potential damage to national security, what would your thought on making a deal be? RICK LEDGETT: So, my personal view is, yes, it's worth having a conversation about. I would need assurances that the remainder of the data could be secured, and my bar for those assurances would be very high. It would be more than just an assertion on his part.
  • those documents have been spread out to a number of third parties already.
  • The reason for granting amnesty is as a recognition that Snowden was, in fact, a whistleblower
John Lemke

In News That Will Surprise No One, NSA Has Cracked Mobile Phone Encryption To Listen In On Calls | Techdirt - 0 views

www.techdirt.com/...cryption-to-listen-calls.shtml

2013 news nsa mobile phone encryption spying yourrights surveillance

shared by John Lemke on 16 Dec 13 - No Cached
  • John Lemke on 16 Dec 13
     
    Just in case you have spent the past few presidencies in a closet.
John Lemke

NSA's bulk phone data collection ruled unconstitutional, 'almost Orwellian,' by federal judge - Boing Boing - 0 views

boingboing.net/...s-bulk-phone-data-collect.html

2013 law legal Court+Rulings NSA spying yourrights litigation constitutional

shared by John Lemke on 16 Dec 13 - No Cached
  • “The government does not cite a single case in which analysis of the NSA’s bulk metadata collection actually stopped an imminent terrorist attack,” the judge wrote.
  • “Given the limited record before me at this point in the litigation – most notably, the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics – I have serious doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism.”
  • “I acted on my belief that the NSA's mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts,” Snowden wrote. “Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.”
John Lemke

Spy court renews NSA metadata program | TheHill - 0 views

thehill.com/...8-spy-court-renews-nsa-program

2014 spy nsa metadata law legal indienationnews tech technology

shared by John Lemke on 14 Sep 14 - No Cached
  • With a surveillance reform bill stuck in the Senate, the federal court overseeing spy agencies on Friday reauthorized the National Security Agency’s controversial bulk collection of Americans' phone records.
  • Given that legislation has not yet been enacted, and given the importance of maintaining the capabilities of the Section 215 telephony metadata program, the government has sought a 90-day reauthorization of the existing program,” the Justice Department and Office of the Director of National Intelligence said in a joint statement, referring to the section of the Patriot Act that authorizes the program.
  • The NSA’s phone records program needs to be reauthorized by the FISC every 90 days. The current authority expires on Dec. 5.
John Lemke

NSA reportedly targeted as many as 122 world leaders for surveillance | The Verge - 0 views

www.theverge.com/...world-leaders-for-surveillance

2014 indienationnews law technology legal surveillance nsa spying privacy

shared by John Lemke on 30 Mar 14 - No Cached
  • The documents, leaked to the publications by Edward Snowden, contain a list of 11 world leaders that have been targeted by a system known as Nymrod — however the document implies the actual number targeted was 122. Nymrod is reportedly a system designed to automatically extract citations ("cites") out of a multiplicity of sources, including voice and computer communications. German Chancellor Angela Merkel is listed by name, as are more obvious targets like Syrian president Bashar Asad and former Ukranian prime minister Yulia Tymoshenko. Various leaders apparently have "cites" automatically added to to a "Target Knowledge Database."
John Lemke

Snowden Leak: NSA Flagged Israel as Leading Espionage Threat - 0 views

www.ethicsintech.com/srael-leading-espionage-threat

2014 nsa israel indienationnews government surveillance spying

shared by John Lemke on 02 Nov 14 - No Cached
  • The National Security Agency listed Israel among a handful of nations considered to pose the “greatest threat” to American government, military and industrial secrets, classified documents leaked by whistleblower Edward Snowden reveal.
John Lemke

Former Microsoft Privacy Chief Says He No Longer Trusts The Company - HotHardware - 0 views

hothardware.com/...e-No-Longer-Trusts-The-Company

2013 indienationnews security privacy microsoft prism spying yourrights nsa

shared by John Lemke on 01 Oct 13 - No Cached
  • This is a fundamental problem for nations that aren't interested in exposing their traffic to American observation, whether they're engaged in nefarious activities or not. Long term, the problem could lead to the construction of digital firewalls, in which the United States is effectively isolated behind protective nodes built by local governments to scrub and redirect traffic away from potential capture points. This is directly in opposition to the central concept of the Internet, which is a dynamic structure capable of responding to outages or damage by routing around the problem.
John Lemke

The White House Big Data Report: The Good, The Bad, and The Missing | Electronic Frontier Foundation - 0 views

www.eff.org/...ta-report-good-bad-and-missing

2014 EFF mass data indienationnews law technology legal White House report review privacy yourrights notice and consent

shared by John Lemke on 05 May 14 - No Cached
  • the report recognized that email privacy is critical
  • one issue was left conspicuously unaddressed in the report. The Securities and Exchange Commission, the civil agency in charge of protecting investors and ensuring orderly markets, has been advocating for a special exception to the warrant requirement. No agency can or should have a get-out-of-jail-free card for bypassing the Fourth Amendment.
  • the algorithm is only as fair as the data fed into it.
  • ...22 more annotations...
  • the danger of discrimination remains due to the very digital nature of big data
  • especially the elderly, minorities, and the poor
  • an example of this in Boston, which had a pilot program to allow residents to report potholes through a mobile app but soon recognized that the program was inherently flawed because “wealthy people were far more likely to own smart phones and to use the Street Bump app. Where they drove, potholes were found; where they didn’t travel, potholes went unnoted.”
  • The authors of the report agree, recommending that the Privacy Act be extended to all people, not just US persons.
  • metadata (the details associated with your communications, content, or actions, like who you called, or what a file you uploaded file is named, or where you were when you visited a particular website) can expose just as much information about you as the “regular” data it is associated with, so it deserves the same sort of privacy protections as “regular” data.
    • John Lemke
      John Lemke on 05 May 14
       
      What is Metadate... then discuss
  • The report merely recommended that the government look into the issue.
    • John Lemke
      John Lemke on 05 May 14
       
      Did the report give a strong enough recommendation? "looking into" and doing are much different
  • several other government reports have taken a much stronger stance and explicitly stated that metadata deserves the same level of privacy protections as “regular” data.
  • We think the report should have followed the lead of the PCAST report and acknowledged that the distinction between data and metadata is an artificial one, and recommended the appropriate reforms.
    • John Lemke
      John Lemke on 05 May 14
       
      I very strongly agree.  The report failed in this area.
  • the White House suggested advancing the Consumer Privacy Bill of Rights, which includes the idea that “consumers have a right to exercise control over what personal data companies collect from them and how they use it,” as well as “a right to access and correct personal data.”
  • Consumers have a right to know when their data is exposed, whether through corporate misconduct, malicious hackers, or under other circumstances. Recognizing this important consumer safeguard, the report recommends that Congress “should pass legislation that provides a single national data breach standard along the lines of the Administration's May 2011 Cybersecurity legislative proposal.”
  • While at first blush this may seem like a powerful consumer protection, we don’t think that proposal is as strong as existing California law. The proposed federal data breach notification scheme would preempt state notification laws, removing the strong California standard and replacing it with a weaker standard.
    • John Lemke
      John Lemke on 05 May 14
       
      In other words, it failed at what can be done and it would actually lower standards when compared to what California has in place currently.
  • We were particularly disconcerted
  • the Fort Hood shooting by Major Nidal Hasan
    • John Lemke
      John Lemke on 05 May 14
       
      WTF? how did he get in this group?
  • two big concerns
  • First, whistleblowers are simply not comparable to an Army officer who massacres his fellow soldiers
  • Secondly, the real big-data issue at play here is overclassification of enormous quantities of data.
  • Over 1.4 million people hold top-secret security clearances. In 2012, the government classified 95 million documents. And by some estimates, the government controls more classified information than there is in the entire Library of Congress.
    • John Lemke
      John Lemke on 05 May 14
       
      Don't leave this stat out.  More classified documents than LOC documents.  WTF? A "democracy" with more secret documents than public?
  • The report argues that in today’s connected world it’s impossible for consumers to keep up with all the data streams they generate (intentionally or not), so the existing “notice and consent” framework (in which companies must notify and get a user’s consent before collecting data) is obsolete. Instead, they suggest that more attention should be paid to how data is used, rather than how it is collected.
    • John Lemke
      John Lemke on 05 May 14
       
      This is the most troubling part perhaps,  isn't the collection without consent where the breech of privacy begins?
    • John Lemke
      John Lemke on 05 May 14
       
      "notice and consent"
  • An unfortunate premise of this argument is that automatic collection of data is a given
  • While we agree that putting more emphasis on responsible use of big data is important, doing so should not completely replace the notice and consent framework.
  • Despite being a fairly thorough analysis of the privacy implications of big data, there is one topic that it glaringly omits: the NSA’s use of big data to spy on innocent Americans.
    • John Lemke
      John Lemke on 05 May 14
       
      If we ignore it, it will go away?  Did they not just mostly ignore it and accept it as a given for corporations and completely ignore it regarding the government? Pretty gangster move isn't it?
  • Even though the review that led to this report was announced during President Obama’s speech on NSA reform, and even though respondents to the White House’s Big Data Survey “were most wary of how intelligence and law enforcement agencies are collecting and using data about them,” the report itself is surprisingly silent on the issue.2 This is especially confusing given how much the report talks about the need for more transparency in the private sector when it comes to big data. Given that this same logic could well be applied to intelligence big data programs, we don’t understand why the report did not address this vital issue.
John Lemke

Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks | Ars Technica - 0 views

arstechnica.com/...-months-tapped-iran-nuke-talks

2015 kaspersky iran ars stuxnet malware cyber warfare espionage blackhat attack virus zero-day

shared by John Lemke on 10 Jun 15 - No Cached
  • Since some time in the second half of 2014, a different state-sponsored group had been casing their corporate network using malware derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.
  • the malware was more advanced than the malicious programs developed by the NSA-tied Equation Group that Kaspersky just exposed. More intriguing still, Kaspersky antivirus products showed the same malware has infected one or more venues that hosted recent diplomatic negotiations the US and five other countries have convened with Iran over its nuclear program.
  • We see this battle or arms race emerging and now it involves some kind of confrontation between the security industry and nation-state sponsored spies
  • ...3 more annotations...
  • Kaspersky officials first became suspicious their network might be infected in the weeks following February's Security Analyst Summit, where company researchers exposed a state-sponsored hacking operation that had ties to some of the developers of Stuxnet. Kaspersky dubbed the highly sophisticated group behind the 14-year campaign Equation Group. Now back in Moscow, a company engineer was testing a software prototype for detecting so-called advanced persistent threats (APTs), the type of well-organized and highly sophisticated attack campaigns launched by well-funded hacking groups. Strangely enough, the developer's computer itself was having unusual interactions with the Kaspersky network. The new APT technology under development, it seemed, was one of several things of interest to the Duqu attackers penetrating the Kaspersky fortress. "For the developer it was important to find out why" his PC was acting oddly, Kamluk said. "Of course, he did not consider that machine could be infected by real malware. We eventually found an alien module that should not be there that tried to mask behind legitimate looking modules from Microsoft. That was the point of discovery."
  • What they found was a vastly overhauled malware operation that made huge leaps in stealth, operational security, and software design. The Duqu actors also grew much more ambitious, infecting an estimated 100 or so targets, about twice as many as were hit by the 2011 version.
  • So the Duqu 2.0 attackers pulled an audacious feat that Kaspersky researchers had never seen before. Virtually all of the malware resided solely in the memory of the compromised computers or servers. When one of them was restarted, the infection would be purged, but as the rebooted machine reconnected to the network, it would be infected all over again by another compromised computer in the corporate network. The secret lynchpin making this untraceable reinfection scheme possible was the Windows vulnerability Microsoft patched only Tuesday, which has been designated
‹ Previous 21 - 31 of 31
Showing 20 items per page