Group items tagged

It's 2016 going on 1984. The UK has just passed a massive expansion in surveillance powers, which critics have called "terrifying" and "dangerous".

The new law, dubbed the "snoopers' charter", was introduced by then-home secretary Theresa May in 2012, and took two attempts to get passed into law following breakdowns in the previous coalition government. Four years and a general election later -- May is now prime minister -- the bill was finalized and passed on Wednesday by both parliamentary houses. But civil liberties groups have long criticized the bill, with some arguing that the law will let the UK government "document everything we do online". It's no wonder, because it basically does. The law will force internet providers to record every internet customer's top-level web history in real-time for up to a year, which can be accessed by numerous government departments; force companies to decrypt data on demand -- though the government has never been that clear on exactly how it forces foreign firms to do that that; and even disclose any new security features in products before they launch.

Not only that, the law also gives the intelligence agencies the power to hack into computers and devices of citizens (known as equipment interference), although some protected professions -- such as journalists and medical staff -- are layered with marginally better protections. In other words, it's the "most extreme surveillance law ever passed in a democracy," according to Jim Killock, director of the Open Rights Group. The bill was opposed by representatives of the United Nations, all major UK and many leading global privacy and rights groups, and a host of Silicon Valley tech companies alike. Even the parliamentary committee tasked with scrutinizing the bill called some of its provisions "vague".

ysteria reigns supreme at the dawn of the Trump era, with the President rebranded across the whole ideological spectrum as an American Mao or even an American Hitler. Let’s step away from this “American [media] carnage” to examine a few facts concerning the unofficial G2: US-China relations. A case can be made that Beijing has already landed a 1-2-3 punch, pre-empting the possibility of a US-initiated trade war.

It started with Jack Ma’s by now notorious visit to Trump Tower, when he developed his idea of helping small American businesses sell their products in China and across Asia through Alibaba’s network, thus creating at least “1 million jobs” (Ma’s number) in the US. Then came President Xi Jinping’s masterclass at Davos, where he positioned himself as Ronald Xi Reagan selling “inclusive” globalization to the stalwarts of international turbo-capitalism. Finally Ma again, also at Davos, came up with a crystal clear, cause-and-effect formulation on globalization and US economic distress.

Ma said, “In the past 30 years, companies like IBM, Cisco and Microsoft made tons of money.” The problem was how the US spent the wealth: “In the past 30 years, America has had 13 wars at a cost of US$14.2 trillion.” So what if the US “had spent part of that money on building up their infrastructure, helping white-collar and blue-collar workers? You’re supposed to spend money on your own people. It’s not that other countries steal American jobs. It is your strategy – that you did not distribute the money in a proper way.” In the meantime, something quite extraordinary happened at the Asian Financial Forum in Hong Kong, one day before Xi’s Davos speech. China Investment Corporation (CIC) chairman Ding Xuedong, referring to Trump’s much-vaunted US$1 trillion infrastructure building plan, said that created fabulous investment opportunities for China and his US$800 billion sovereign fund. According to Ding, Washington will need at least an astonishing US$8 trillion to fund the infrastructure spectacular. Federal government and US private investors are not enough: “They have to rely on foreign investors.” And CIC is ready for it – focusing already on “alternative investments in the US”.

Google, which briefly considered moving all of its computer servers out of the United States last year after learning how they had been penetrated by the National Security Agency, was looking for a public assurance from President Obama that the government would no longer secretly suck data from the company’s corner of the Internet cloud.Microsoft was listening to see if Mr. Obama would adopt a recommendation from his advisers that the government stop routinely stockpiling flaws in its Windows operating system, then using them to penetrate some foreign computer systems and, in rare cases, launch cyberattacks.

Intel and computer security companies were eager to hear Mr. Obama embrace a commitment that the United States would never knowingly move to weaken encryption systems. They got none of that.

Perhaps the most striking element of Mr. Obama’s speech on Friday was what it omitted: While he bolstered some protections for citizens who fear the N.S.A. is downloading their every dial, tweet and text message, he did nothing, at least yet, to loosen the agency’s grip on the world’s digital pipelines. White House officials said that Mr. Obama was committed to studying the complaints by American industry that the revelations were costing them billions of dollars in business overseas, by giving everyone from the Germans to the Brazilians to the Chinese an excuse to avoid American hardware and cloud services. “The most interesting part of this speech was not how the president weighed individual privacy against the N.S.A.,” said Fred H. Cate, the director of the Center of Applied Cybersecurity Research at Indiana University, “but that he said little about what to do about the agency’s practice of vacuuming up everything it can get its hands on.”

The Obama administration has reached a deal with a number of technology giants, allowing the companies to disclose more information on customer data they are compelled to share with the government.Announced on Monday, the transparency arrangement ends months of legal wrangling between the companies and US intelligence agencies before a secret surveillance court, to compel the disclosures.The disclosures are to be nonspecific, listed by the thousand and subject in some cases to a six-month delay – speaking to the large quantities of data that the government still plans on collecting from its technology partners. In order to be more specific about the amount of data turned over, the companies must be less specific about the type of data it is.The deal also explicitly points to a delay of up to two years on revealing information on data collected under surveillance programs the National Security Agency may yet develop.

But the deal also purports to shed far more light than ever on a question the intelligence agencies have been extremely reluctant to address – the number of people affected by NSA surveillance.The Justice Department said the transparency deal also applies to phone companies that turn over, on a daily basis, the records of every phone call made in the US. The phone companies have not exhibited the same agitation for transparency in the wake of the Edward Snowden revelations as have tech firms.

The new arrangement addresses a major grievance held by Google, Yahoo, Microsoft, Facebook and LinkedIn, which all joined a coalition called Reform Government Surveillance in order to pressure the administration into reassuring their customers about the propriety and legality of giving vast amounts of data to the NSA, FBI and other government agencies. It does not curtail the amount of data demanded, which is another demand of the coalition. 

The US National Security Agency may have accessed computers within the Indian embassy in Washington and mission at the United Nations in New York as part of a huge clandestine effort to mine electronic data held by its south Asian ally.Documents released by the US whistleblower Edward Snowden also reveal the extent and aggressive nature of other NSA datamining exercises targeting India as recently as March of this year.The latest revelations – published in the Hindu newspaper – came as Manmohan Singh, the Indian prime minister, flew to Europe on his way to the US, where he will meet President Barack Obama.The NSA operation targeting India used two datamining tools, Boundless Informant and Prism, a system allowing the agency easy access to the personal information of non-US nationals from the databases of some of the world's biggest tech companies, including Apple, Google, Microsoft and Yahoo.

The largest amount of intelligence was gathered from Iran, with more than 14bn reports in that period, followed by 13.5bn from Pakistan. Jordan, one of America's closest Arab allies, came third with 12.7bn, Egypt fourth with 7.6bn and India fifth with 6.3bn.

According to one document obtained by the Hindu, the US agency used the Prism programme to gather information on India's domestic politics and the country's strategic and commercial interests, specifically categories designated as nuclear, space and politics.

Germany will send its top intelligence chiefs to Washington next week to seek answers from the White House on allegations that U.S. security officials tapped the mobile phone of Chancellor Angela Merkel.

Berlin will dispatch the heads of its foreign intelligence agency BND and of its domestic counterpart, the BfV. Merkel's chief of staff Ronald Pofalla, who is responsible for the intelligence services, may also join them.

German Chancellor Angela Merkel demanded on Thursday that the United States strike a "no-spying" agreement with Berlin and Paris by the end of the year, saying alleged espionage against two of Washington's closest EU allies had to be stopped. Speaking after talks with EU leaders that were dominated by allegations that the U.S. National Security Agency had accessed tens of thousands of French phone records and monitored Merkel's private mobile phone, the chancellor said she wanted action from President Barack Obama, not just apologetic words. Germany and France would seek a "mutual understanding" with the United States on cooperation between their intelligence agencies, and other EU member states could eventually take part. "That means a framework for cooperation between the relevant (intelligence) services. Germany and France have taken the initiative and other member states will join," she said.

Secret documents reveal more than 1,000 targets of American and British surveillance in recent years, including the office of an Israeli prime minister, heads of international aid organizations, foreign energy companies and a European Union official involved in antitrust battles with American technology businesses.

While the names of some political and diplomatic leaders have previously emerged as targets, the newly disclosed intelligence documents provide a much fuller portrait of the spies’ sweeping interests in more than 60 countries. Britain’s Government Communications Headquarters, working closely with the National Security Agency, monitored the communications of senior European Union officials, foreign leaders including African heads of state and sometimes their family members, directors of United Nations and other relief programs, and officials overseeing oil and finance ministries, according to the documents. In addition to Israel, some targets involved close allies like France and Germany, where tensions have already erupted over recent revelations about spying by the N.S.A.

Details of the surveillance are described in documents from the N.S.A. and Britain’s eavesdropping agency, known as GCHQ, dating from 2008 to 2011. The target lists appear in a set of GCHQ reports that sometimes identify which agency requested the surveillance, but more often do not. The documents were leaked by the former N.S.A. contractor Edward J. Snowden and shared by The New York Times, The Guardian and Der Spiegel. The reports are spare, technical bulletins produced as the spies, typically working out of British intelligence sites, systematically tapped one international communications link after another, focusing especially on satellite transmissions. The value of each link is gauged, in part, by the number of surveillance targets found to be using it for emails, text messages or phone calls. More than 1,000 targets, which also include people suspected of being terrorists or militants, are in the reports. It is unclear what the eavesdroppers gleaned. The documents include a few fragmentary transcripts of conversations and messages, but otherwise contain only hints that further information was available elsewhere, possibly in a larger database.

In 2011 Barack Obama led an allied military intervention in Libya without consulting the US Congress. Last August, after the sarin attack on the Damascus suburb of Ghouta, he was ready to launch an allied air strike, this time to punish the Syrian government for allegedly crossing the ‘red line’ he had set in 2012 on the use of chemical weapons.[*]​＊ Then with less than two days to go before the planned strike, he announced that he would seek congressional approval for the intervention. The strike was postponed as Congress prepared for hearings, and subsequently cancelled when Obama accepted Assad’s offer to relinquish his chemical arsenal in a deal brokered by Russia. Why did Obama delay and then relent on Syria when he was not shy about rushing into Libya? The answer lies in a clash between those in the administration who were committed to enforcing the red line, and military leaders who thought that going to war was both unjustified and potentially disastrous.

Hunter Biden will head  legal unit and will provide support for the Company among international organizations.

Russian media is fanning this story and calling it a deal between Kiev leadership to US to please people in power in Congress. It may be mentioned that US Vice President visited Kiev on April 21-22 and commented that new leadership of Ukraine should look grave affairs and stressed the need for the new authorities to tackle corruption, adding: “The opportunity to generate a united Ukraine, getting it right is within your grasp.”

R. Hunter Biden is a counsel to Boies, Schiller & Flexner LLP, a national law firm based in New York, USA, which served in cases including “Bush vs. Gore”, and “U.S. vs. Microsoft”. Biden has experience in public service and foreign policy. He is a director for the U.S. Global Leadership Coalition, The Center for National Policy, and the Chairman’s Advisory Board for the National Democratic Institute. Having served as a Senior Vice President at MBNA bank, former U.S. President Bill Clinton appointed him an Executive Director of E-Commerce Policy Coordination under Secretary of Commerce William Daley. Mr. Biden served as Honorary Co-Chair of the 2008 Obama-Biden Inaugural Committee

The secretive British spy agency GCHQ has developed covert tools to seed the internet with false information, including the ability to manipulate the results of online polls, artificially inflate pageview counts on web sites, “amplif[y]” sanctioned messages on YouTube, and censor video content judged to be “extremist.” The capabilities, detailed in documents provided by NSA whistleblower Edward Snowden, even include an old standby for pre-adolescent prank callers everywhere: A way to connect two unsuspecting phone users together in a call.

he “tools” have been assigned boastful code names. They include invasive methods for online surveillance, as well as some of the very techniques that the U.S. and U.K. have harshly prosecuted young online activists for employing, including “distributed denial of service” attacks and “call bombing.” But they also describe previously unknown tactics for manipulating and distorting online political discourse and disseminating state propaganda, as well as the apparent ability to actively monitor Skype users in real-time—raising further questions about the extent of Microsoft’s cooperation with spy agencies or potential vulnerabilities in its Skype’s encryption. Here’s a list of how JTRIG describes its capabilities: • “Change outcome of online polls” (UNDERPASS) • “Mass delivery of email messaging to support an Information Operations campaign” (BADGER) and “mass delivery of SMS messages to support an Information Operations campaign” (WARPARTH) • “Disruption of video-based websites hosting extremist content through concerted target discovery and content removal.” (SILVERLORD)

• “Active skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists.” (MINIATURE HERO) • “Find private photographs of targets on Facebook” (SPRING BISHOP) • “A tool that will permanently disable a target’s account on their computer” (ANGRY PIRATE) • “Ability to artificially increase traffic to a website” (GATEWAY) and “ability to inflate page views on websites” (SLIPSTREAM) • “Amplification of a given message, normally video, on popular multimedia websites (Youtube)” (GESTATOR) • “Targeted Denial Of Service against Web Servers” (PREDATORS FACE) and “Distributed denial of service using P2P. Built by ICTR, deployed by JTRIG” (ROLLING THUNDER)

A concerted U.S.’ effort to censor, target independent media economically, withdraw their reader base, and falsify history. Let us sum up some of the main issues. The incestuous relationship between the NSA and major corporations like Google, Apple, Facebook and Microsoft is a well-documented fact. Many of the smaller companies, including web-hosting companies, Internet security providers, and advertising companies are either in part owned by one of these major corporations ore they are heavily dependent on cooperation and partnerships with them for their economic survival. nsnbc has already experienced being closed down and have its only source of income withdrawn from one day to the other. Others, including Voltairenet have regularly been flagged as containing malware. Media like New Eastern Outlook, IMEMC, and others risk being targeted in similar manner. Others whom Google and a U.S. Senate Hearing falsely accused of containing malware are The Drudge Report and Infowars. One can only guess how many of the smaller blogs, who are too small to raise alarm bells have been targeted. The conclusion is that the United States is engaged in an aggressive campaign that targets independent media and falsifies history. The question is, whether independent media have the political will to stand united in addressing the problem and in using the fact that they serve a growing part of , for example, the advertising market as leverage.

As Washington weighs new cybersecurity steps amid a public backlash over mass surveillance, U.S. tech companies warned President Barack Obama not to weaken increasingly sophisticated encryption systems designed to protect consumers' privacy.In a strongly worded letter to Obama on Monday, two industry associations for major software and hardware companies said, "We are opposed to any policy actions or measures that would undermine encryption as an available and effective tool."The Information Technology Industry Council and the Software and Information Industry Association, representing tech giants, including Apple Inc, Google Inc, Facebook Inc, IBM and Microsoft Corp, fired the latest salvo in what is shaping up to be a long fight over government access into smart phones and other digital devices.

On March 12, 2004, acting attorney general James B. Comey and the Justice Department’s top leadership reached the brink of resignation over electronic surveillance orders that they believed to be illegal. President George W. Bush backed down, halting secret foreign-intelligence-gathering operations that had crossed into domestic terrain. That morning marked the beginning of the end of STELLARWIND, the cover name for a set of four surveillance programs that brought Americans and American territory within the domain of the National Security Agency for the first time in decades. It was also a prelude to new legal structures that allowed Bush and then President Obama to reproduce each of those programs and expand their reach.What exactly STELLARWIND did has never been disclosed in an unclassified form. Which parts of it did Comey approve? Which did he shut down? What became of the programs when the crisis passed and Comey, now Obama’s expected nominee for FBI director, returned to private life?Authoritative new answers to those questions, drawing upon a classified NSA history of STELLARWIND and interviews with high-ranking intelligence officials, offer the clearest map yet of the Bush-era programs and the NSA’s contemporary U.S. operations.STELLARWIND was succeeded by four major lines of intelligence collection in the territorial United States, together capable of spanning the full range of modern telecommunications, according to the interviews and documents.

Two of the four collection programs, one each for telephony and the Internet, process trillions of “metadata” records for storage and analysis in systems called MAINWAY and MARINA, respectively. Metadata includes highly revealing information about the times, places, devices and participants in electronic communication, but not its contents. The bulk collection of telephone call records from Verizon Business Services, disclosed this month by the British newspaper the Guardian, is one source of raw intelligence for MAINWAY.The other two types of collection, which operate on a much smaller scale, are aimed at content. One of them intercepts telephone calls and routes the spoken words to a system called ­NUCLEON.For Internet content, the most important source collection is the PRISM project reported on June 6 by The Washington Post and the Guardian. It draws from data held by Google, Yahoo, Microsoft and other Silicon Valley giants, collectively the richest depositories of personal information in history.

The debate has focused on two of the four U.S.-based collection programs: PRISM, for Internet content, and the comprehensive collection of telephone call records, foreign and domestic, that the Guardian revealed by posting a classified order from the Foreign Intelligence Surveillance Court to Verizon Business Services.The Post has learned that similar orders have been renewed every three months for other large U.S. phone companies, including Bell South and AT&T, since May 24, 2006. On that day, the surveillance court made a fundamental shift in its approach to Section 215 of the Patriot Act, which permits the FBI to compel production of “business records” that are relevant to a particular terrorism investigation and to share those in some circumstances with the NSA. Henceforth, the court ruled, it would define the relevant business records as the entirety of a telephone company’s call database.The Bush administration, by then, had been taking “bulk metadata” from the phone companies under voluntary agreements for more than four years. The volume of information overwhelmed the MAINWAY database, according to a classified report from the NSA inspector general in 2009. The agency spent $146 million in supplemental counterterrorism funds to buy new hardware and contract support — and to make unspecified payments to the phone companies for “collaborative partnerships.”When the New York Times revealed the warrantless surveillance of voice calls, in December 2005, the telephone companies got nervous. One of them, unnamed in the report, approached the NSA with a request. Rather than volunteer the data, at a price, the “provider preferred to be compelled to do so by a court order,” the report said. Other companies followed suit. The surveillance court order that recast the meaning of business records “essentially gave NSA the same authority to collect bulk telephony metadata from business records that it had” under Bush’s asserted authority alone.

The Irish High Court has ordered a review of the decision by the Office of the Data Protection Commissioner (ODPC) not to investigate Facebook’s links To PRISM and the US National Security Agency (NSA), after it was contested by a group of law students from Austria. The group calling itself ‘Europe-v-Facebook’ had previously demanded a full investigation into the relationship between Internet companies and the US intelligence agency as it accuses Facebook of breaking the law in supplying NSA with personal information about its European users.

The Irish High Court has ordered a review of the decision by the Office of the Data Protection Commissioner (ODPC) not to investigate Facebook’s links To PRISM and the US National Security Agency (NSA), after it was contested by a group of law students from Austria. The group calling itself ‘Europe-v-Facebook’ had previously demanded a full investigation into the relationship between Internet companies and the US intelligence agency as it accuses Facebook of breaking the law in supplying NSA with personal information about its European users.

The Irish High Court has ordered a review of the decision by the Office of the Data Protection Commissioner (ODPC) not to investigate Facebook’s links To PRISM and the US National Security Agency (NSA), after it was contested by a group of law students from Austria. The group calling itself ‘Europe-v-Facebook’ had previously demanded a full investigation into the relationship between Internet companies and the US intelligence agency as it accuses Facebook of breaking the law in supplying NSA with personal information about its European users.

Behind the public admonishment of the National Security Agency’s spying techniques, Germany has been secretly in cahoots with the intelligence agency. The country’s national intelligence agency, Office for the Protection of the Constitution, arranged to share surveillance data with the NSA in exchange for high-powered spyware that excavated citizens’ chat and browser histories, and webcam photos, according to a German media report. Some German officials have claimed ignorance of the arrangement. Former data protection commissioner Peter Schaar told Die Zeit, the German newspaper that broke the story, he “knew nothing about such an exchange deal” during his 10-year tenure heading the agency — a deal that gave the spy agencies the ability to siphon data on every move a user makes online.

The Court of Justice of the European Union heard arguments in March for a case against Apple, Facebook, Microsoft, and Yahoo, which accused the companies of violating Europeans privacy by sending private data to the NSA. The case could determine whether and under what conditions American tech companies can operate overseas — by adhering to strict privacy laws, which companies such as Facebook previously indicated as an untenable option. The court admitted in opening arguments that current law regarding transatlantic data transfers didn’t protect citizens from foreign spying. In response, the European Commission’s lead attorney Bernhard Schima said, “You might consider closing your Facebook account if you have one.”

An elite group of security technologists has concluded that the American and British governments cannot demand special access to encrypted communications without putting the world’s most confidential data and critical infrastructure in danger.A new paper from the group, made up of 14 of the world’s pre-eminent cryptographers and computer scientists, is a formidable salvo in a skirmish between intelligence and law enforcement leaders, and technologists and privacy advocates. After Edward J. Snowden’s revelations — with security breaches and awareness of nation-state surveillance at a record high and data moving online at breakneck speeds — encryption has emerged as a major issue in the debate over privacy rights.

That has put Silicon Valley at the center of a tug of war. Technology companies including Apple, Microsoft and Google have been moving to encrypt more of their corporate and customer data after learning that the National Security Agency and its counterparts were siphoning off digital communications and hacking into corporate data centers.

Yet law enforcement and intelligence agency leaders argue that such efforts thwart their ability to monitor kidnappers, terrorists and other adversaries. In Britain, Prime Minister David Cameron threatened to ban encrypted messages altogether. In the United States, Michael S. Rogers, the director of the N.S.A., proposed that technology companies be required to create a digital key to unlock encrypted data, but to divide the key into pieces and secure it so that no one person or government agency could use it alone.The encryption debate has left both sides bitterly divided and in fighting mode. The group of cryptographers deliberately issued its report a day before James B. Comey Jr., the director of the Federal Bureau of Investigation, and Sally Quillian Yates, the deputy attorney general at the Justice Department, are scheduled to testify before the Senate Judiciary Committee on the concerns that they and other government agencies have that encryption technologies will prevent them from effectively doing their jobs.

All attempts to reform mass incarceration through the traditional mechanisms of electoral politics, the courts and state and federal legislatures are useless. Corporations, which have turned mass incarceration into a huge revenue stream and which have unchecked political and economic power, have no intention of diminishing their profits. And in a system where money has replaced the vote, where corporate lobbyists write legislation and the laws, where chronic unemployment and underemployment, along with inadequate public transportation, sever people in marginal communities from jobs, and where the courts are a wholly owned subsidiary of the corporate state, this demands a sustained, nationwide revolt. “Organizing boycotts, work stoppages inside prisons and the refusal by prisoners and their families to pay into the accounts of phone companies and commissary companies is the only weapon we have left,” said Amos Caley, who runs the Interfaith Prison Coalition, a group formed by prisoners, the formerly incarcerated, their families and religious leaders.

These boycotts, they said, will be directed against the private phone, money transfer and commissary companies, and against the dozens of corporations that exploit prison labor. The boycotts will target food and merchandise vendors, construction companies, laundry services, uniforms companies, prison equipment vendors, cafeteria services, manufacturers of pepper spray, body armor and the array of medieval instruments used for the physical control of prisoners, and a host of other contractors that profit from mass incarceration. The movement will also call on institutions, especially churches and universities, to divest from corporations that use prison labor. The campaign, led by the Interfaith Prison Coalition, will include a call to pay all prisoners at least the prevailing minimum wage of the state in which they are held. (New Jersey’s minimum wage is $8.38 an hour.) Wages inside prisons have remained stagnant and in real terms have declined over the past three decades. A prisoner in New Jersey makes, on average, $1.20 for eight hours of work, or about $28 a month. Those incarcerated in for-profit prisons earn as little as 17 cents an hour. Over a similar period, phone and commissary corporations have increased fees and charges often by more than 100 percent. There are nearly 40 states that allow private corporations to exploit prison labor. And prison administrators throughout the country are lobbying corporations that have sweatshops overseas, trying to lure them into the prisons with guarantees of even cheaper labor and a total absence of organizing or coordinated protest.

Corporations currently exploiting prison labor include Abbott Laboratories, AT&T, AutoZone, Bank of America, Bayer, Berkshire Hathaway, Cargill, Caterpillar, Chevron, the former Chrysler Group, Costco Wholesale, John Deere, Eddie Bauer, Eli Lilly, ExxonMobil, Fruit of the Loom, GEICO, GlaxoSmithKline, Glaxo Wellcome, Hoffmann-La Roche, International Paper, JanSport, Johnson & Johnson, Kmart, Koch Industries, Mary Kay, McDonald’s, Merck, Microsoft, Motorola, Nintendo, Pfizer, Procter & Gamble, Quaker Oats, Sarah Lee, Sears, Shell, Sprint, Starbucks, State Farm Insurance, United Airlines, UPS, Verizon, Victoria’s Secret, Wal-Mart and Wendy’s.

The latest revelation regarding the National Security Agency doesn't come courtesy of Edward Snowden. A Freedom of Information Act request has confirmed the NSA contracted a French company that makes its money by hacking into computers. It's no secret that the United States government relies on an arsenal of tactics to gather intelligence and wage operations against its adversaries, but a FOIA request filed by Muckrock's Heather Akers-Healy has confirmed that the list of Uncle Sam's business partners include Vupen, a French-based security company that specializes in selling secret codes used to crack into computers. Documents responsive to my request to #NSA for contracts with VUPEN, include 12/month exploit subscription https://t.co/x3qJbqSUpa — Heather Akers-Healy (@abbynormative) September 16, 2013 Muckrock published on Monday a copy of a contract between the NSA and Vupen in which the US government is shown to have ordered a one-year subscription to the firm's “binary analysis and exploits service” last September.

That service, according to the Vupen website, is sold only to government entities, law enforcement agencies and computer response teams in select countries, and provides clients with access to so-called zero-day exploits: newly-discovered security vulnerabilities that the products' manufacturers have yet to discover and, therefore, have had zero days to patch-up. “Major software vendors such as Microsoft and Adobe usually take 6 to 9 months to release a security patch for a critical vulnerability affecting their products, and this long delay between the discovery of a vulnerability and the release of a patch creates a window of exposure during which criminals can rediscover a previously reported but unpatched vulnerability, and target any organization running the vulnerable software,” Vupen says elsewhere on their website. Last year, Vupen researchers successfully cracked Google's Chrome browser, but declined to show developers how they did so — even for an impressive cash bounty. “We wouldn’t share this with Google for even $1 million,” Vupen CEO Chaouki Bekrar told Forbes' Andy Greenberg of the Chrome hack in 2012. “We don’t want to give them any knowledge that can help them in fixing this exploit or other similar exploits. We want to keep this for our customers.”

And why the NSA and other clients may benefit from being privy to these vulnerabilities, knowing how to exploit security holes in adversarial systems is a crucial component to any government's offensive cyber-operations. Last month, the Washington Post published excerpts from the previously secretive “black budget,” a closely guarded ledger listing the funding requests made by America's intelligence community provided by NSA leaker Edward Snowden. According to that document, a substantial goal of the US in fiscal year 2013 was to use a portion of $52.6 billion in secretive funding towards improving offensive cyber-operations.

Ahead of Thursday’s US House vote on a bill sold as reform of a major US government spying program, top technology firms like Google have joined civil liberties and privacy groups in calling the legislation inadequate in fighting mass surveillance. The Reform Government Surveillance coalition – AOL, Apple, Dropbox, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo – offered a statement on Wednesday denouncing the USA Freedom Act as a weak attempt at ending the government’s bulk storage of domestic phone metadata.

The USA Freedom Act would take the mass storage of phone records away from the government. Instead, telecommunications companies would be required to store the data. The bill would require the National Security Agency to get approval to search the telecoms’ cache of records from the often-compliant Foreign Intelligence Surveillance Court. Last-minute changes to the bill rankled privacy groups on Tuesday, leading many of them to decry the backdoor dealings as responsible for a “weakened,” “watered down” bill compared to what had previously passed the House Judiciary and Intelligence Committees earlier this month. On Wednesday, the tech coalition echoed these concerns, calling the amended legislation a move “in the wrong direction” of needed reform regarding mass surveillance. "The latest draft opens up an unacceptable loophole that could enable the bulk collection of Internet users' data," the coalition said. "While it makes important progress, we cannot support this bill as currently drafted and urge Congress to close this loophole to ensure meaningful reform." The loophole referred to by the coalition pertains to the USA Freedom Act’s definition for how and when government officials can search collected phone metadata records.

The new language – approved by House leaders and the Obama administration in recent days – modifies the prohibitions on bulk collection of domestic data to allow government officials to search for Americans’ phone records using a “a discrete term, such as a term specifically identifying a person, entity, account, address, or device, used by the Government to limit the scope of the information or tangible things sought.” This revised standard for the USA Freedom Act’s reform of surveillance is too broad and leaves privacy protections at risk, civil liberties groups said on Tuesday. In addition, the legislation’s new language also weakens the bill’s transparency provisions which outlined how much technology companies can disclose to customers about the extent of government requests of user data.