Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged NSA-budget

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

How the NSA Plans to Infect 'Millions' of Computers with Malware - The Intercept - 0 views

firstlook.org/...ect-millions-computers-malware

surveillance state NSA GCHQ NSA-methods malware

shared by Paul Merrell on 13 Mar 14 - No Cached
  • Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process. The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks. The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.
  • The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to secret internal records, the agency was managing a small network of only 100 to 150 implants. But over the next six to eight years, as an elite unit called Tailored Access Operations (TAO) recruited new hackers and developed new malware tools, the number of implants soared to tens of thousands. To penetrate foreign computer networks and monitor communications that it did not have access to through other means, the NSA wanted to go beyond the limits of traditional signals intelligence, or SIGINT, the agency’s term for the interception of electronic communications. Instead, it sought to broaden “active” surveillance methods – tactics designed to directly infiltrate a target’s computers or network devices. In the documents, the agency describes such techniques as “a more aggressive approach to SIGINT” and says that the TAO unit’s mission is to “aggressively scale” these operations. But the NSA recognized that managing a massive network of implants is too big a job for humans alone.
  • “One of the greatest challenges for active SIGINT/attack is scale,” explains the top-secret presentation from 2009. “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).” The agency’s solution was TURBINE. Developed as part of TAO unit, it is described in the leaked documents as an “intelligent command and control capability” that enables “industrial-scale exploitation.”
  • ...10 more annotations...
  • TURBINE was designed to make deploying malware much easier for the NSA’s hackers by reducing their role in overseeing its functions. The system would “relieve the user from needing to know/care about the details,” the NSA’s Technology Directorate notes in one secret document from 2009. “For example, a user should be able to ask for ‘all details about application X’ and not need to know how and where the application keeps files, registry entries, user application data, etc.” In practice, this meant that TURBINE would automate crucial processes that previously had to be performed manually – including the configuration of the implants as well as surveillance collection, or “tasking,” of data from infected systems. But automating these processes was about much more than a simple technicality. The move represented a major tactical shift within the NSA that was expected to have a profound impact – allowing the agency to push forward into a new frontier of surveillance operations. The ramifications are starkly illustrated in one undated top-secret NSA document, which describes how the agency planned for TURBINE to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.” (CNE mines intelligence from computers and networks; CNA seeks to disrupt, damage or destroy them.)
  • But not all of the NSA’s implants are used to gather intelligence, the secret files show. Sometimes, the agency’s aim is disruption rather than surveillance. QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target’s file downloads. These two “attack” techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for “defensive” purposes – to protect U.S. government networks against intrusions.
  • The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes. One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer. An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer. The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That’s because the NSA’s malware gives the agency unfettered access to a target’s computer before the user protects their communications with encryption. It is unclear how many of the implants are being deployed on an annual basis or which variants of them are currently active in computer systems across the world.
  • Infiltrating cellphone networks, however, is not all that the malware can be used to accomplish. The NSA has specifically tailored some of its implants to infect large-scale network routers used by Internet service providers in foreign countries. By compromising routers – the devices that connect computer networks and transport data packets across the Internet – the agency can gain covert access to monitor Internet traffic, record the browsing sessions of users, and intercept communications. Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform “exploitation attacks” against data that is sent through a Virtual Private Network, a tool that uses encrypted “tunnels” to enhance the security and privacy of an Internet session.
  • Eventually, the secret files indicate, the NSA’s plans for TURBINE came to fruition. The system has been operational in some capacity since at least July 2010, and its role has become increasingly central to NSA hacking operations. Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers. The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.” The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”
  • Before it can extract data from an implant or use it to attack a system, the NSA must first install the malware on a targeted computer or network. According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a “back-door implant” infects their computers within eight seconds. There’s only one problem with this tactic, codenamed WILLOWVIXEN: According to the documents, the spam method has become less successful in recent years, as Internet users have become wary of unsolicited emails and less likely to click on anything that looks suspicious. Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.
  • To perform a man-on-the-side attack, the NSA observes a target’s Internet traffic using its global network of covert “accesses” to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency’s surveillance sensors alert the TURBINE system, which then “shoots” data packets at the targeted computer’s IP address within a fraction of a second. In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.
  • The TURBINE implants system does not operate in isolation. It is linked to, and relies upon, a large network of clandestine surveillance “sensors” that the agency has installed at locations across the world.
  • The NSA’s headquarters in Maryland are part of this network, as are eavesdropping bases used by the agency in Misawa, Japan and Menwith Hill, England. The sensors, codenamed TURMOIL, operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet. When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack. The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter. Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.
  • Documents published with this article: Menwith Hill Station Leverages XKeyscore for Quantum Against Yahoo and Hotmail Five Eyes Hacking Large Routers NSA Technology Directorate Analysis of Converged Data Selector Types There Is More Than One Way to Quantum NSA Phishing Tactics and Man in the Middle Attacks Quantum Insert Diagrams The NSA and GCHQ’s QUANTUMTHEORY Hacking Tactics TURBINE and TURMOIL VPN and VOIP Exploitation With HAMMERCHANT and HAMMERSTEIN Industrial-Scale Exploitation Thousands of Implants
  • Paul Merrell on 13 Mar 14
     
    *Very* long article. Only small portions quoted.
Paul Merrell

New Snowden Docs Indicate Scope of NSA Preparations for Cyber Battle - SPIEGEL ONLINE - 0 views

www.spiegel.de/...or-cyber-battle-a-1013409.html

surveillance state war & peace cyberwar Snowden NSA-docs

shared by Paul Merrell on 20 Jan 15 - No Cached
  • The NSA's mass surveillance is just the beginning. Documents from Edward Snowden show that the intelligence agency is arming America for future digital wars -- a struggle for control of the Internet that is already well underway.
  • The Birth of D Weapons According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money.
  • NSA Docs on Network Attacks and ExploitationExcerpt from the secret NSA budget on computer network operations / Code word GENIE Document about the expansion of the Remote Operations Center (ROC) on endpoint operations Document explaining the role of the Remote Operations Center (ROC) Interview with an employee of NSA's department for Tailored Access Operations about his field of work Supply-chain interdiction / Stealthy techniques can crack some of SIGINT's hardest targets Classification guide for computer network exploitation (CNE) NSA training course material on computer network operations Overview of methods for NSA integrated cyber operations NSA project description to recognize and process data that comes from third party attacks on computers Exploring and exploiting leaky mobile apps with BADASS Overview of projects of the TAO/ATO department such as the remote destruction of network cards iPhone target analysis and exploitation with Apple's unique device identifiers (UDID) Report of an NSA Employee about a Backdoor in the OpenSSH Daemon NSA document on QUANTUMSHOOTER, an implant to remote-control computers with good network connections from unknown third parties
  • ...5 more annotations...
  • From a military perspective, surveillance of the Internet is merely "Phase 0" in the US digital war strategy. Internal NSA documents indicate that it is the prerequisite for everything that follows. They show that the aim of the surveillance is to detect vulnerabilities in enemy systems. Once "stealthy implants" have been placed to infiltrate enemy systems, thus allowing "permanent accesses," then Phase Three has been achieved -- a phase headed by the word "dominate" in the documents. This enables them to "control/destroy critical systems & networks at will through pre-positioned accesses (laid in Phase 0)." Critical infrastructure is considered by the agency to be anything that is important in keeping a society running: energy, communications and transportation. The internal documents state that the ultimate goal is "real time controlled escalation". One NSA presentation proclaims that "the next major conflict will start in cyberspace." To that end, the US government is currently undertaking a massive effort to digitally arm itself for network warfare. For the 2013 secret intelligence budget, the NSA projected it would need around $1 billion in order to increase the strength of its computer network attack operations. The budget included an increase of some $32 million for "unconventional solutions" alone.
  • Part 2: How the NSA Reads Over Shoulders of Other Spies
  • NSA Docs on ExfiltrationExplanation of the APEX method of combining passive with active methods to exfiltrate data from networks attacked Explanation of APEX shaping to put exfiltrating network traffic into patterns that allow plausible deniability Presentation on the FASHIONCLEFT protocol that the NSA uses to exfiltrate data from trojans and implants to the NSA Methods to exfiltrate data even from devices which are supposed to be offline Document detailing SPINALTAP, an NSA project to combine data from active operations and passive signals intelligence Technical description of the FASHIONCLEFT protocol the NSA uses to exfiltrate data from Trojans and implants to the NSA
  • NSA Docs on Malware and ImplantsCSEC document about the recognition of trojans and other "network based anomaly" The formalized process through which analysts choose their data requirement and then get to know the tools that can do the job QUANTUMTHEORY is a set of technologies allowing man-on-the-side interference attacks on TCP/IP connections (includes STRAIGHTBIZARRE and DAREDEVIL) Sample code of a malware program from the Five Eyes alliance
  • According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money. During the 20th century, scientists developed so-called ABC weapons -- atomic, biological and chemical. It took decades before their deployment could be regulated and, at least partly, outlawed. New digital weapons have now been developed for the war on the Internet. But there are almost no international conventions or supervisory authorities for these D weapons, and the only law that applies is the survival of the fittest. Canadian media theorist Marshall McLuhan foresaw these developments decades ago. In 1970, he wrote, "World War III is a guerrilla information war with no division between military and civilian participation." That's precisely the reality that spies are preparing for today.
  • Paul Merrell on 20 Jan 15
     
    Major dump of new Snowden NSA docs by Der Spiegel, with an article by a large team of reporters and computer security experts. Topic: Cyberwar capabilities, now and in the near future. 
Gary Edwards

» 21 Facts About NSA Snooping That Every American Should Know Alex Jones' Inf... - 0 views

www.infowars.com/hat-every-american-should-know

NSA-Patriot-Act-NDAA NSA-Whistleblower PRISM Echelon-SIGINT

shared by Gary Edwards on 18 Jun 13 - No Cached
  • Gary Edwards on 18 Jun 13
     
    NSA-PRISM-Echelon in a nutshell.  The list below is a short sample.  Each fact is documented, and well worth the time reading. "The following are 21 facts about NSA snooping that every American should know…" #1 According to CNET, the NSA told Congress during a recent classified briefing that it does not need court authorization to listen to domestic phone calls… #2 According to U.S. Representative Loretta Sanchez, members of Congress learned "significantly more than what is out in the media today" about NSA snooping during that classified briefing. #3 The content of all of our phone calls is being recorded and stored.  The following is a from a transcript of an exchange between Erin Burnett of CNN and former FBI counterterrorism agent Tim Clemente which took place just last month… #4 The chief technology officer at the CIA, Gus Hunt, made the following statement back in March… "We fundamentally try to collect everything and hang onto it forever." #5 During a Senate Judiciary Oversight Committee hearing in March 2011, FBI Director Robert Mueller admitted that the intelligence community has the ability to access emails "as they come in"… #6 Back in 2007, Director of National Intelligence Michael McConnell told Congress that the president has the "constitutional authority" to authorize domestic spying without warrants no matter when the law says. #7 The Director Of National Intelligence James Clapper recently told Congress that the NSA was not collecting any information about American citizens.  When the media confronted him about his lie, he explained that he "responded in what I thought was the most truthful, or least untruthful manner". #8 The Washington Post is reporting that the NSA has four primary data collection systems… MAINWAY, MARINA, METADATA, PRISM #9 The NSA knows pretty much everything that you are doing on the Internet.  The following is a short excerpt from a recent Yahoo article… #10 The NSA is suppose
Paul Merrell

Tomgram: Alfred McCoy, It's About Blackmail, Not National Security | TomDispatch - 0 views

www.tomdispatch.com/...kmail%2C_not_national_security

surveillance state blackmail power-projection empire Obama BushII

shared by Paul Merrell on 29 Jan 14 - No Cached
  • For more than six months, Edward Snowden’s revelations about the National Security Agency (NSA) have been pouring out from the Washington Post, the New York Times, the Guardian, Germany’s Der Spiegel, and Brazil’s O Globo, among other places.  Yet no one has pointed out the combination of factors that made the NSA’s expanding programs to monitor the world seem like such a slam-dunk development in Washington.  The answer is remarkably simple.  For an imperial power losing its economic grip on the planet and heading into more austere times, the NSA’s latest technological breakthroughs look like a bargain basement deal when it comes to projecting power and keeping subordinate allies in line -- like, in fact, the steal of the century.  Even when disaster turned out to be attached to them, the NSA’s surveillance programs have come with such a discounted price tag that no Washington elite was going to reject them.
  • What exactly was the aim of such an unprecedented program of massive domestic and planetary spying, which clearly carried the risk of controversy at home and abroad? Here, an awareness of the more than century-long history of U.S. surveillance can guide us through the billions of bytes swept up by the NSA to the strategic significance of such a program for the planet’s last superpower. What the past reveals is a long-term relationship between American state surveillance and political scandal that helps illuminate the unacknowledged reason why the NSA monitors America’s closest allies. Not only does such surveillance help gain intelligence advantageous to U.S. diplomacy, trade relations, and war-making, but it also scoops up intimate information that can provide leverage -- akin to blackmail -- in sensitive global dealings and negotiations of every sort. The NSA’s global panopticon thus fulfills an ancient dream of empire. With a few computer key strokes, the agency has solved the problem that has bedeviled world powers since at least the time of Caesar Augustus: how to control unruly local leaders, who are the foundation for imperial rule, by ferreting out crucial, often scurrilous, information to make them more malleable.
  • Once upon a time, such surveillance was both expensive and labor intensive. Today, however, unlike the U.S. Army’s shoe-leather surveillance during World War I or the FBI’s break-ins and phone bugs in the Cold War years, the NSA can monitor the entire world and its leaders with only 100-plus probes into the Internet’s fiber optic cables. This new technology is both omniscient and omnipresent beyond anything those lacking top-secret clearance could have imagined before the Edward Snowden revelations began.  Not only is it unimaginably pervasive, but NSA surveillance is also a particularly cost-effective strategy compared to just about any other form of global power projection. And better yet, it fulfills the greatest imperial dream of all: to be omniscient not just for a few islands, as in the Philippines a century ago, or a couple of countries, as in the Cold War era, but on a truly global scale. In a time of increasing imperial austerity and exceptional technological capability, everything about the NSA’s surveillance told Washington to just “go for it.”  This cut-rate mechanism for both projecting force and preserving U.S. global power surely looked like a no-brainer, a must-have bargain for any American president in the twenty-first century -- before new NSA documents started hitting front pages weekly, thanks to Snowden, and the whole world began returning the favor.
  • ...12 more annotations...
  • As the gap has grown between Washington’s global reach and its shrinking mailed fist, as it struggles to maintain 40% of world armaments (the 2012 figure) with only 23% of global gross economic output, the U.S. will need to find new ways to exercise its power far more economically. As the Cold War took off, a heavy-metal U.S. military -- with 500 bases worldwide circa 1950 -- was sustainable because the country controlled some 50% of the global gross product. But as its share of world output falls -- to an estimated 17% by 2016 -- and its social welfare costs climb relentlessly from 4% of gross domestic product in 2010 to a projected 18% by 2050, cost-cutting becomes imperative if Washington is to survive as anything like the planet’s “sole superpower.” Compared to the $3 trillion cost of the U.S. invasion and occupation of Iraq, the NSA’s 2012 budget of just $11 billion for worldwide surveillance and cyberwarfare looks like cost saving the Pentagon can ill-afford to forego. Yet this seeming “bargain” comes at what turns out to be an almost incalculable cost. The sheer scale of such surveillance leaves it open to countless points of penetration, whether by a handful of anti-war activists breaking into an FBI field office in Media, Pennsylvania, back in 1971 or Edward Snowden downloading NSA documents at a Hawaiian outpost in 2012.
  • In October 2001, not satisfied with the sweeping and extraordinary powers of the newly passed Patriot Act, President Bush ordered the National Security Agency to commence covert monitoring of private communications through the nation's telephone companies without the requisite FISA warrants. Somewhat later, the agency began sweeping the Internet for emails, financial data, and voice messaging on the tenuous theory that such “metadata” was “not constitutionally protected.” In effect, by penetrating the Internet for text and the parallel Public Switched Telephone Network (PSTN) for voice, the NSA had gained access to much of the world’s telecommunications. By the end of Bush’s term in 2008, Congress had enacted laws that not only retrospectively legalized these illegal programs, but also prepared the way for NSA surveillance to grow unchecked. Rather than restrain the agency, President Obama oversaw the expansion of its operations in ways remarkable for both the sheer scale of the billions of messages collected globally and for the selective monitoring of world leaders.
  • By 2012, the centralization via digitization of all voice, video, textual, and financial communications into a worldwide network of fiber optic cables allowed the NSA to monitor the globe by penetrating just 190 data hubs -- an extraordinary economy of force for both political surveillance and cyberwarfare.
  • With a few hundred cable probes and computerized decryption, the NSA can now capture the kind of gritty details of private life that J. Edgar Hoover so treasured and provide the sort of comprehensive coverage of populations once epitomized by secret police like East Germany’s Stasi. And yet, such comparisons only go so far. After all, once FBI agents had tapped thousands of phones, stenographers had typed up countless transcripts, and clerks had stored this salacious paper harvest in floor-to-ceiling filing cabinets, J. Edgar Hoover still only knew about the inner-workings of the elite in one city: Washington, D.C.  To gain the same intimate detail for an entire country, the Stasi had to employ one police informer for every six East Germans -- an unsustainable allocation of human resources. By contrast, the marriage of the NSA’s technology to the Internet’s data hubs now allows the agency’s 37,000 employees a similarly close coverage of the entire globe with just one operative for every 200,000 people on the planet
  • Through the expenditure of $250 million annually under its Sigint Enabling Project, the NSA has stealthily penetrated all encryption designed to protect privacy. “In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs,” reads a 2007 NSA document. “It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.” By collecting knowledge -- routine, intimate, or scandalous -- about foreign leaders, imperial proconsuls from ancient Rome to modern America have gained both the intelligence and aura of authority necessary for dominion over alien societies. The importance, and challenge, of controlling these local elites cannot be overstated. During its pacification of the Philippines after 1898, for instance, the U.S. colonial regime subdued contentious Filipino leaders via pervasive policing that swept up both political intelligence and personal scandal. And that, of course, was just what J. Edgar Hoover was doing in Washington during the 1950s and 1960s.
  • Indeed, the mighty British Empire, like all empires, was a global tapestry woven out of political ties to local leaders or “subordinate elites” -- from Malay sultans and Indian maharajas to Gulf sheiks and West African tribal chiefs. As historian Ronald Robinson once observed, the British Empire spread around the globe for two centuries through the collaboration of these local leaders and then unraveled, in just two decades, when that collaboration turned to “non-cooperation.” After rapid decolonization during the 1960s transformed half-a-dozen European empires into 100 new nations, their national leaders soon found themselves the subordinate elites of a spreading American global imperium. Washington suddenly needed the sort of private information that could keep such figures in line. Surveillance of foreign leaders provides world powers -- Britain then, America now -- with critical information for the exercise of global hegemony. Such spying gave special penetrating power to the imperial gaze, to that sense of superiority necessary for dominion over others.  It also provided operational information on dissidents who might need to be countered with covert action or military force; political and economic intelligence so useful for getting the jump on allies in negotiations of all sorts; and, perhaps most important of all, scurrilous information about the derelictions of leaders useful in coercing their compliance.
  • In late 2013, the New York Times reported that, when it came to spying on global elites, there were “more than 1,000 targets of American and British surveillance in recent years,” reaching down to mid-level political actors in the international arena. Revelations from Edward Snowden’s cache of leaked documents indicate that the NSA has monitored leaders in some 35 nations worldwide -- including Brazilian president Dilma Rousseff, Mexican presidents Felipe Calderón and Enrique Peña Nieto, German Chancellor Angela Merkel, and Indonesia’s president Susilo Bambang Yudhoyono.  Count in as well, among so many other operations, the monitoring of “French diplomatic interests” during the June 2010 U.N. vote on Iran sanctions and “widespread surveillance” of world leaders during the Group 20 summit meeting at Ottawa in June 2010. Apparently, only members of the historic “Five Eyes” signals-intelligence alliance (Australia, Canada, New Zealand, and Great Britain) remain exempt -- at least theoretically -- from NSA surveillance. Such secret intelligence about allies can obviously give Washington a significant diplomatic advantage. During U.N. wrangling over the U.S. invasion of Iraq in 2002-2003, for example, the NSA intercepted Secretary-General Kofi Anan’s conversations and monitored the “Middle Six” -- Third World nations on the Security Council -- offering what were, in essence, well-timed bribes to win votes. The NSA’s deputy chief for regional targets sent a memo to the agency’s Five Eyes allies asking “for insights as to how membership is reacting to on-going debate regarding Iraq, plans to vote on any related resolutions [..., and] the whole gamut of information that could give U.S. policymakers an edge in obtaining results favorable to U.S. goals.”
  • Indicating Washington’s need for incriminating information in bilateral negotiations, the State Department pressed its Bahrain embassy in 2009 for details, damaging in an Islamic society, on the crown princes, asking: “Is there any derogatory information on either prince? Does either prince drink alcohol? Does either one use drugs?” Indeed, in October 2012, an NSA official identified as “DIRNSA,” or Director General Keith Alexander, proposed the following for countering Muslim radicals: “[Their] vulnerabilities, if exposed, would likely call into question a radicalizer’s devotion to the jihadist cause, leading to the degradation or loss of his authority.” The agency suggested that such vulnerabilities could include “viewing sexually explicit material online” or “using a portion of the donations they are receiving… to defray personal expenses.” The NSA document identified one potential target as a “respected academic” whose “vulnerabilities” are “online promiscuity.”
  • Just as the Internet has centralized communications, so it has moved most commercial sex into cyberspace. With an estimated 25 million salacious sites worldwide and a combined 10.6 billion page views per month in 2013 at the five top sex sites, online pornography has become a global business; by 2006, in fact, it generated $97 billion in revenue. With countless Internet viewers visiting porn sites and almost nobody admitting it, the NSA has easy access to the embarrassing habits of targets worldwide, whether Muslim militants or European leaders. According to James Bamford, author of two authoritative books on the agency, “The NSA's operation is eerily similar to the FBI's operations under J. Edgar Hoover in the 1960s where the bureau used wiretapping to discover vulnerabilities, such as sexual activity, to ‘neutralize’ their targets.”
  • Indeed, whistleblower Edward Snowden has accused the NSA of actually conducting such surveillance.  In a December 2013 letter to the Brazilian people, he wrote, “They even keep track of who is having an affair or looking at pornography, in case they need to damage their target's reputation.” If Snowden is right, then one key goal of NSA surveillance of world leaders is not U.S. national security but political blackmail -- as it has been since 1898. Such digital surveillance has tremendous potential for scandal, as anyone who remembers New York Governor Eliot Spitzer’s forced resignation in 2008 after routine phone taps revealed his use of escort services; or, to take another obvious example, the ouster of France’s budget minister Jérôme Cahuzac in 2013 following wire taps that exposed his secret Swiss bank account. As always, the source of political scandal remains sex or money, both of which the NSA can track with remarkable ease.
  • By starting a swelling river of NSA documents flowing into public view, Edward Snowden has given us a glimpse of the changing architecture of U.S. global power. At the broadest level, Obama’s digital “pivot” complements his overall defense strategy, announced in 2012, of reducing conventional forces while expanding into the new, cost-effective domains of space and cyberspace. While cutting back modestly on costly armaments and the size of the military, President Obama has invested billions in the building of a new architecture for global information control. If we add the $791 billion expended to build the Department of Homeland Security bureaucracy to the $500 billion spent on an increasingly para-militarized version of global intelligence in the dozen years since 9/11, then Washington has made a $1.2 trillion investment in a new apparatus of world power.
  • So formidable is this security bureaucracy that Obama’s recent executive review recommended the regularization, not reform, of current NSA practices, allowing the agency to continue collecting American phone calls and monitoring foreign leaders into the foreseeable future. Cyberspace offers Washington an austerity-linked arena for the exercise of global power, albeit at the cost of trust by its closest allies -- a contradiction that will bedevil America’s global leadership for years to come. To update Henry Stimson: in the age of the Internet, gentlemen don't just read each other’s mail, they watch each other’s porn. Even if we think we have nothing to hide, all of us, whether world leaders or ordinary citizens, have good reason to be concerned.
Paul Merrell

Snowden document shows Canada set up spy posts for NSA - Politics - CBC News - 0 views

www.cbc.ca/...up-spy-posts-for-nsa-1.2456886

surveillance state Canada CSEC NSA Privacy-Act

shared by Paul Merrell on 11 Dec 13 - No Cached
  • A top secret document retrieved by American whistleblower Edward Snowden reveals Canada has set up covert spying posts around the world and conducted espionage against trading partners at the request of the U.S. National Security Agency. The leaked NSA document being reported exclusively by CBC News reveals Canada is involved with the huge American intelligence agency in clandestine surveillance activities in “approximately 20 high-priority countries."
  • Sections of the document with the highest classification make it clear in some instances why American spymasters are particularly keen about enlisting their Canadian counterparts, the Communications Security Establishment Canada. "CSEC shares with the NSA their unique geographic access to areas unavailable to the U.S," the document says. The briefing paper describes a "close co-operative relationship" between the NSA and its Canadian counterpart, the Communications Security Establishment Canada, or CSEC — a relationship "both sides would like to see expanded and strengthened. "The intelligence exchange with CSEC covers worldwide national and transnational targets."
  • The briefing notes make it clear that Canada plays a very robust role in intelligence-gathering around the world in a way that has won respect from its American equivalents.
  • ...5 more annotations...
  • The intimate Canada-U.S. electronic intelligence relationship dates back more than 60 years. Most recently, another Snowden document reported by CBC News showed the two agencies co-operated to allow the NSA to spy on the G20 summit of international leaders in Toronto in 2010. But what the latest secret document reveals for the first time is just how expansive Canada's international espionage activities have become.
  • The NSA document depicts CSEC as a sophisticated, capable and highly respected intelligence partner involved in all manner of joint spying missions, including setting up listening posts at the request of the Americans. "CSEC offers resources for advanced collection, processing and analysis, and has opened covert sites at the request of NSA," the document states.
  • Aside from compromising the actual intelligence operation, Wark says, an exposed spy mission can imperil Canada's other diplomatic operations — "the political contacts, the trade contacts, the generation of goodwill between the countries and any sense of co-operation." Wark says if a country feels targeted by a Canadian embassy, it can put everyone working there under a cloud of suspicion: “Are they really diplomats or are they spies?” As a result of those risks, Wark says, approval for CSEC to establish a covert spying post at the request of the NSA would have to come from the ministerial level of the Canadian government — or even from the prime minister himself.
  • Canada and the U.S. have long shared security intelligence with sister agencies in the U.K., Australia and New Zealand – the so-called "Five Eyes" partnership. But the latest secret Snowden missive shows CSEC and the NSA becoming physically intertwined. "Co-operative efforts include the exchange of liaison officers and integrees," the document reveals, a reference to CSEC operatives working inside the NSA, and vice-versa. It notes the NSA also supplies much of the computer hardware and software CSEC uses for encryption, decoding and other state-of-the-art essentials of electronic spying needed for "collection, processing and analytic efforts."
  • CSEC employs about 2,000 people, has an annual budget of roughly $450 million and will soon move into an architecturally spectacular new Ottawa headquarters costing Canadian taxpayers almost $1.2 billion. By comparison, the NSA employs an estimated 40,000 people plus thousands of private contractors, and spends over $40 billion a year NSA whistleblower Drake says the problem is that both CSEC and the NSA lack proper oversight, and without it, they have morphed into runaway surveillance. "There is a clear and compelling danger to democracy in Canada by virtue of how far these secret surveillance operations have gone."
  • Paul Merrell on 11 Dec 13
     
    "'Co-operative efforts include the exchange of liaison officers and integrees,'the document reveals, a reference to CSEC operatives working inside the NSA, and vice-versa." And that fact raises potential U.S. Privacy Act issues. Under the Privacy Act, all U.S. agencies are prohibited from sharing information containing personal identifiers of U.S. citizens with any foreign government and requires that agencies make full disclosure to all persons  whose rights are thus violated. The Act also creates a cause of action for redress by the federal courts, with a minimum $1,500 damages plus attorney's fees and litigation expenses. Note that the other NSA documents show that NSA is sharing U.S. citizens' information that includes personal identifiers with Israeli intelligence. The NSA has been by another statute excused from compliance with some portions of the Privacy Act but not those discussed above.
Paul Merrell

The ultimate goal of the NSA is total population control | Antony Loewenstein | Comment... - 0 views

www.theguardian.com/...sa-is-total-population-control

surveillance state NSA NSA-targets phone-audio Binney

shared by Paul Merrell on 11 Jul 14 - No Cached
  • William Binney is one of the highest-level whistleblowers to ever emerge from the NSA. He was a leading code-breaker against the Soviet Union during the Cold War but resigned soon after September 11, disgusted by Washington’s move towards mass surveillance.On 5 July he spoke at a conference in London organised by the Centre for Investigative Journalism and revealed the extent of the surveillance programs unleashed by the Bush and Obama administrations.
  • “At least 80% of fibre-optic cables globally go via the US”, Binney said. “This is no accident and allows the US to view all communication coming in. At least 80% of all audio calls, not just metadata, are recorded and stored in the US. The NSA lies about what it stores.”The NSA will soon be able to collect 966 exabytes a year, the total of internet traffic annually. Former Google head Eric Schmidt once argued that the entire amount of knowledge from the beginning of humankind until 2003 amount to only five exabytes.Binney, who featured in a 2012 short film by Oscar-nominated US film-maker Laura Poitras, described a future where surveillance is ubiquitous and government intrusion unlimited.“The ultimate goal of the NSA is total population control”, Binney said, “but I’m a little optimistic with some recent Supreme Court decisions, such as law enforcement mostly now needing a warrant before searching a smartphone.”
  • It shows that the NSA is not just pursuing terrorism, as it claims, but ordinary citizens going about their daily communications. “The NSA is mass-collecting on everyone”, Binney said, “and it’s said to be about terrorism but inside the US it has stopped zero attacks.”The lack of official oversight is one of Binney’s key concerns, particularly of the secret Foreign Intelligence Surveillance Court (Fisa), which is held out by NSA defenders as a sign of the surveillance scheme's constitutionality.“The Fisa court has only the government’s point of view”, he argued. “There are no other views for the judges to consider. There have been at least 15-20 trillion constitutional violations for US domestic audiences and you can double that globally.”
  • ...4 more annotations...
  • He praised the revelations and bravery of former NSA contractor Edward Snowden and told me that he had indirect contact with a number of other NSA employees who felt disgusted with the agency’s work. They’re keen to speak out but fear retribution and exile, not unlike Snowden himself, who is likely to remain there for some time.
  • Binney recently told the German NSA inquiry committee that his former employer had a “totalitarian mentality” that was the "greatest threat" to US society since that country’s US Civil War in the 19th century. Despite this remarkable power, Binney still mocked the NSA’s failures, including missing this year’s Russian intervention in Ukraine and the Islamic State’s take-over of Iraq.The era of mass surveillance has gone from the fringes of public debate to the mainstream, where it belongs. The Pew Research Centre released a report this month, Digital Life in 2025, that predicted worsening state control and censorship, reduced public trust, and increased commercialisation of every aspect of web culture.It’s not just internet experts warning about the internet’s colonisation by state and corporate power. One of Europe’s leading web creators, Lena Thiele, presented her stunning series Netwars in London on the threat of cyber warfare. She showed how easy it is for governments and corporations to capture our personal information without us even realising.Thiele said that the US budget for cyber security was US$67 billion in 2013 and will double by 2016. Much of this money is wasted and doesn't protect online infrastructure. This fact doesn’t worry the multinationals making a killing from the gross exaggeration of fear that permeates the public domain.
  • Wikileaks understands this reality better than most. Founder Julian Assange and investigative editor Sarah Harrison both remain in legal limbo. I spent time with Assange in his current home at the Ecuadorian embassy in London last week, where he continues to work, release leaks, and fight various legal battles. He hopes to resolve his predicament soon.At the Centre for Investigative Journalism conference, Harrison stressed the importance of journalists who work with technologists to best report the NSA stories. “It’s no accident”, she said, “that some of the best stories on the NSA are in Germany, where there’s technical assistance from people like Jacob Appelbaum.” A core Wikileaks belief, she stressed, is releasing all documents in their entirety, something the group criticised the news site The Intercept for not doing on a recent story. “The full archive should always be published”, Harrison said.
  • With 8m documents on its website after years of leaking, the importance of publishing and maintaining source documents for the media, general public and court cases can’t be under-estimated. “I see Wikileaks as a library”, Assange said. “We’re the librarians who can’t say no.”With evidence that there could be a second NSA leaker, the time for more aggressive reporting is now. As Binney said: “I call people who are covering up NSA crimes traitors”.
Paul Merrell

The Latest Rules on How Long NSA Can Keep Americans' Encrypted Data Look Too Familiar |... - 0 views

justsecurity.org/...s-hold-encrypted-data-familiar

surveillance state NSA IAA-2015 Sect-309 legislation

shared by Paul Merrell on 26 Jan 15 - No Cached
  • Does the National Security Agency (NSA) have the authority to collect and keep all encrypted Internet traffic for as long as is necessary to decrypt that traffic? That was a question first raised in June 2013, after the minimization procedures governing telephone and Internet records collected under Section 702 of the Foreign Intelligence Surveillance Act were disclosed by Edward Snowden. The issue quickly receded into the background, however, as the world struggled to keep up with the deluge of surveillance disclosures. The Intelligence Authorization Act of 2015, which passed Congress this last December, should bring the question back to the fore. It established retention guidelines for communications collected under Executive Order 12333 and included an exception that allows NSA to keep ‘incidentally’ collected encrypted communications for an indefinite period of time. This creates a massive loophole in the guidelines. NSA’s retention of encrypted communications deserves further consideration today, now that these retention guidelines have been written into law. It has become increasingly clear over the last year that surveillance reform will be driven by technological change—specifically by the growing use of encryption technologies. Therefore, any legislation touching on encryption should receive close scrutiny.
  • Section 309 of the intel authorization bill describes “procedures for the retention of incidentally acquired communications.” It establishes retention guidelines for surveillance programs that are “reasonably anticipated to result in the acquisition of [telephone or electronic communications] to or from a United States person.” Communications to or from a United States person are ‘incidentally’ collected because the U.S. person is not the actual target of the collection. Section 309 states that these incidentally collected communications must be deleted after five years unless they meet a number of exceptions. One of these exceptions is that “the communication is enciphered or reasonably believed to have a secret meaning.” This exception appears to be directly lifted from NSA’s minimization procedures for data collected under Section 702 of FISA, which were declassified in 2013. 
  • While Section 309 specifically applies to collection taking place under E.O. 12333, not FISA, several of the exceptions described in Section 309 closely match exceptions in the FISA minimization procedures. That includes the exception for “enciphered” communications. Those minimization procedures almost certainly served as a model for these retention guidelines and will likely shape how this new language is interpreted by the Executive Branch. Section 309 also asks the heads of each relevant member of the intelligence community to develop procedures to ensure compliance with new retention requirements. I expect those procedures to look a lot like the FISA minimization guidelines.
  • ...6 more annotations...
  • This language is broad, circular, and technically incoherent, so it takes some effort to parse appropriately. When the minimization procedures were disclosed in 2013, this language was interpreted by outside commentators to mean that NSA may keep all encrypted data that has been incidentally collected under Section 702 for at least as long as is necessary to decrypt that data. Is this the correct interpretation? I think so. It is important to realize that the language above isn’t just broad. It seems purposefully broad. The part regarding relevance seems to mirror the rationale NSA has used to justify its bulk phone records collection program. Under that program, all phone records were relevant because some of those records could be valuable to terrorism investigations and (allegedly) it isn’t possible to collect only those valuable records. This is the “to find a needle a haystack, you first have to have the haystack” argument. The same argument could be applied to encrypted data and might be at play here.
  • This exception doesn’t just apply to encrypted data that might be relevant to a current foreign intelligence investigation. It also applies to cases in which the encrypted data is likely to become relevant to a future intelligence requirement. This is some remarkably generous language. It seems one could justify keeping any type of encrypted data under this exception. Upon close reading, it is difficult to avoid the conclusion that these procedures were written carefully to allow NSA to collect and keep a broad category of encrypted data under the rationale that this data might contain the communications of NSA targets and that it might be decrypted in the future. If NSA isn’t doing this today, then whoever wrote these minimization procedures wanted to at least ensure that NSA has the authority to do this tomorrow.
  • There are a few additional observations that are worth making regarding these nominally new retention guidelines and Section 702 collection. First, the concept of incidental collection as it has typically been used makes very little sense when applied to encrypted data. The way that NSA’s Section 702 upstream “about” collection is understood to work is that technology installed on the network does some sort of pattern match on Internet traffic; say that an NSA target uses example@gmail.com to communicate. NSA would then search content of emails for references to example@gmail.com. This could notionally result in a lot of incidental collection of U.S. persons’ communications whenever the email that references example@gmail.com is somehow mixed together with emails that have nothing to do with the target. This type of incidental collection isn’t possible when the data is encrypted because it won’t be possible to search and find example@gmail.com in the body of an email. Instead, example@gmail.com will have been turned into some alternative, indecipherable string of bits on the network. Incidental collection shouldn’t occur because the pattern match can’t occur in the first place. This demonstrates that, when communications are encrypted, it will be much harder for NSA to search Internet traffic for a unique ID associated with a specific target.
  • This lends further credence to the conclusion above: rather than doing targeted collection against specific individuals, NSA is collecting, or plans to collect, a broad class of data that is encrypted. For example, NSA might collect all PGP encrypted emails or all Tor traffic. In those cases, NSA could search Internet traffic for patterns associated with specific types of communications, rather than specific individuals’ communications. This would technically meet the definition of incidental collection because such activity would result in the collection of communications of U.S. persons who aren’t the actual targets of surveillance. Collection of all Tor traffic would entail a lot of this “incidental” collection because the communications of NSA targets would be mixed with the communications of a large number of non-target U.S. persons. However, this “incidental” collection is inconsistent with how the term is typically used, which is to refer to over-collection resulting from targeted surveillance programs. If NSA were collecting all Tor traffic, that activity wouldn’t actually be targeted, and so any resulting over-collection wouldn’t actually be incidental. Moreover, greater use of encryption by the general public would result in an ever-growing amount of this type of incidental collection.
  • This type of collection would also be inconsistent with representations of Section 702 upstream collection that have been made to the public and to Congress. Intelligence officials have repeatedly suggested that search terms used as part of this program have a high degree of specificity. They have also argued that the program is an example of targeted rather than bulk collection. ODNI General Counsel Robert Litt, in a March 2014 meeting before the Privacy and Civil Liberties Oversight Board, stated that “there is either a misconception or a mischaracterization commonly repeated that Section 702 is a form of bulk collection. It is not bulk collection. It is targeted collection based on selectors such as telephone numbers or email addresses where there’s reason to believe that the selector is relevant to a foreign intelligence purpose.” The collection of Internet traffic based on patterns associated with types of communications would be bulk collection; more akin to NSA’s collection of phone records en mass than it is to targeted collection focused on specific individuals. Moreover, this type of collection would certainly fall within the definition of bulk collection provided just last week by the National Academy of Sciences: “collection in which a significant portion of the retained data pertains to identifiers that are not targets at the time of collection.”
  • The Section 702 minimization procedures, which will serve as a template for any new retention guidelines established for E.O. 12333 collection, create a large loophole for encrypted communications. With everything from email to Internet browsing to real-time communications moving to encrypted formats, an ever-growing amount of Internet traffic will fall within this loophole.
  • Paul Merrell on 26 Jan 15
     
    Tucked into a budget authorization act in December without press notice. Section 309 (the Act is linked from the article) appears to be very broad authority for the NSA to intercept any form of telephone or other electronic information in bulk. There are far more exceptions from the five-year retention limitation than the encrypted information exception. When reading this, keep in mind that the U.S. intelligence community plays semantic games to obfuscate what it does. One of its word plays is that communications are not "collected" until an analyst looks at or listens to partiuclar data, even though the data will be searched to find information countless times before it becomes "collected." That searching was the major basis for a decision by the U.S. District Court in Washington, D.C. that bulk collection of telephone communications was unconstitutional: Under the Fourth Amendment, a "search" or "seizure" requiring a judicial warrant occurs no later than when the information is intercepted. That case is on appeal, has been briefed and argued, and a decision could come any time now. Similar cases are pending in two other courts of appeals. Also, an important definition from the new Intelligence Authorization Act: "(a) DEFINITIONS.-In this section: (1) COVERED COMMUNICATION.-The term ''covered communication'' means any nonpublic telephone or electronic communication acquired without the consent of a person who is a party to the communication, including communications in electronic storage."       
Paul Merrell

How the NSA Converts Spoken Words Into Searchable Text - The Intercept - 0 views

firstlook.org/...nition-snowden-searchable-text

surveillance state NSA voice-to-text search

shared by Paul Merrell on 07 May 15 - No Cached
  • Most people realize that emails and other digital communications they once considered private can now become part of their permanent record. But even as they increasingly use apps that understand what they say, most people don’t realize that the words they speak are not so private anymore, either. Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored. The documents show NSA analysts celebrating the development of what they called “Google for Voice” nearly a decade ago.
  • Most people realize that emails and other digital communications they once considered private can now become part of their permanent record. But even as they increasingly use apps that understand what they say, most people don’t realize that the words they speak are not so private anymore, either. Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored. The documents show NSA analysts celebrating the development of what they called “Google for Voice” nearly a decade ago.
  • Though perfect transcription of natural conversation apparently remains the Intelligence Community’s “holy grail,” the Snowden documents describe extensive use of keyword searching as well as computer programs designed to analyze and “extract” the content of voice conversations, and even use sophisticated algorithms to flag conversations of interest. The documents include vivid examples of the use of speech recognition in war zones like Iraq and Afghanistan, as well as in Latin America. But they leave unclear exactly how widely the spy agency uses this ability, particularly in programs that pick up considerable amounts of conversations that include people who live in or are citizens of the United States.
  • ...9 more annotations...
  • The Defense Department, through its Defense Advanced Research Projects Agency (DARPA), started funding academic and commercial research into speech recognition in the early 1970s. What emerged were several systems to turn speech into text, all of which slowly but gradually improved as they were able to work with more data and at faster speeds. In a brief interview, Dan Kaufman, director of DARPA’s Information Innovation Office, indicated that the government’s ability to automate transcription is still limited. Kaufman says that automated transcription of phone conversation is “super hard,” because “there’s a lot of noise on the signal” and “it’s informal as hell.”
  • A 2008 document from the Snowden archive shows that  transcribing news broadcasts was already working well seven years ago, using a program called Enhanced Video Text and Audio Processing: (U//FOUO) EViTAP is a fully-automated news monitoring tool. The key feature of this Intelink-SBU-hosted tool is that it analyzes news in six languages, including Arabic, Mandarin Chinese, Russian, Spanish, English, and Farsi/Persian. “How does it work?” you may ask. It integrates Automatic Speech Recognition (ASR) which provides transcripts of the spoken audio. Next, machine translation of the ASR transcript translates the native language transcript to English. Voila! Technology is amazing. A version of the system the NSA uses is now even available commercially.
  • But even then, a newer, more sophisticated product was already being rolled out by the NSA’s Human Language Technology (HLT) program office. The new system, called VoiceRT, was first introduced in Baghdad, and “designed to index and tag 1 million cuts per day.” The goal, according to another 2006 memo, was to use voice processing technology to be able “index, tag and graph,” all intercepted communications. “Using HLT services, a single analyst will be able to sort through millions of cuts per day and focus on only the small percentage that is relevant,” the memo states. A 2009 memo from the NSA’s British partner, GCHQ, describes how “NSA have had the BBN speech-to-text system Byblos running at Fort Meade for at least 10 years. (Initially they also had Dragon.) During this period they have invested heavily in producing their own corpora of transcribed Sigint in both American English and an increasing range of other languages.” (GCHQ also noted that it had its own small corpora of transcribed voice communications, most of which happened to be “Northern Irish accented speech.”)
  • According to a 2011 memo, “How is Human Language Technology (HLT) Progressing?“, NSA that year deployed “HLT Labs” to Afghanistan, NSA facilities in Texas and Georgia, and listening posts in Latin America run by the Special Collection Service, a joint NSA/CIA unit that operates out of embassies and other locations. “Spanish is the most mature of our speech-to-text analytics,” the memo says, noting that the NSA and its Special Collections Service sites in Latin America, have had “great success searching for Spanish keywords.”
  • The Snowden archive, as searched and analyzed by The Intercept, documents extensive use of speech-to-text by the NSA to search through international voice intercepts — particularly in Iraq and Afghanistan, as well as Mexico and Latin America. For example, speech-to-text was a key but previously unheralded element of the sophisticated analytical program known as the Real Time Regional Gateway (RTRG), which started in 2005 when newly appointed NSA chief Keith B. Alexander, according to the Washington Post, “wanted everything: Every Iraqi text message, phone call and e-mail that could be vacuumed up by the agency’s powerful computers.” The Real Time Regional Gateway was credited with playing a role in “breaking up Iraqi insurgent networks and significantly reducing the monthly death toll from improvised explosive devices.” The indexing and searching of “voice cuts” was deployed to Iraq in 2006. By 2008, RTRG was operational in Afghanistan as well.
  • VoiceRT, in turn, was surpassed a few years after its launch. According to the intelligence community’s “Black Budget” for fiscal year 2013, VoiceRT was decommissioned and replaced in 2011 and 2012, so that by 2013, NSA could operationalize a new system. This system, apparently called SPIRITFIRE, could handle more data, faster. SPIRITFIRE would be “a more robust voice processing capability based on speech-to-text keyword search and paired dialogue transcription.”
  • What’s less clear from the archive is how extensively this capability is used to transcribe or otherwise index and search voice conversations that primarily involve what the NSA terms “U.S. persons.” The NSA did not answer a series of detailed questions about automated speech recognition, even though an NSA “classification guide” that is part of the Snowden archive explicitly states that “The fact that NSA/CSS has created HLT models” for speech-to-text processing as well as gender, language and voice recognition, is “UNCLASSIFIED.”
  • Also unclassified: The fact that the processing can sort and prioritize audio files for human linguists, and that the statistical models are regularly being improved and updated based on actual intercepts. By contrast, because they’ve been tuned using actual intercepts, the specific parameters of the systems are highly classified.
  • The presidentially appointed but independent Privacy and Civil Liberties Oversight Board (PCLOB) didn’t mention speech-to-text technology in its public reports. “I’m not going to get into whether any program does or does not have that capability,” PCLOB chairman David Medine told The Intercept. His board’s reports, he said, contained only information that the intelligence community agreed could be declassified.
Paul Merrell

How Secret Partners Expand NSA's Surveillance Dragnet - The Intercept - 0 views

firstlook.org/...le-partners-revealed-rampart-a

surveillance state NSA NSA-partners fiber-optic

shared by Paul Merrell on 20 Jun 14 - No Cached
  • Huge volumes of private emails, phone calls, and internet chats are being intercepted by the National Security Agency with the secret cooperation of more foreign governments than previously known, according to newly disclosed documents from whistleblower Edward Snowden. The classified files, revealed today by the Danish newspaper Dagbladet Information in a reporting collaboration with The Intercept, shed light on how the NSA’s surveillance of global communications has expanded under a clandestine program, known as RAMPART-A, that depends on the participation of a growing network of intelligence agencies.
  • It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as “third-party partners,” are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables. The NSA documents state that under RAMPART-A, foreign partners “provide access to cables and host U.S. equipment.” This allows the agency to covertly tap into “congestion points around the world” where it says it can intercept the content of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and calls made using Voice over IP software like Skype.
  • The secret documents reveal that the NSA has set up at least 13 RAMPART-A sites, nine of which were active in 2013. Three of the largest – codenamed AZUREPHOENIX, SPINNERET and MOONLIGHTPATH – mine data from some 70 different cables or networks. The precise geographic locations of the sites and the countries cooperating with the program are among the most carefully guarded of the NSA’s secrets, and these details are not contained in the Snowden files. However, the documents point towards some of the countries involved – Denmark and Germany among them. An NSA memo prepared for a 2012 meeting between the then-NSA director, Gen. Keith Alexander, and his Danish counterpart noted that the NSA had a longstanding partnership with the country’s intelligence service on a special “cable access” program. Another document, dated from 2013 and first published by Der Spiegel on Wednesday, describes a German cable access point under a program that was operated by the NSA, the German intelligence service BND, and an unnamed third partner.
  • ...2 more annotations...
  • The program, which the secret files show cost U.S. taxpayers about $170 million between 2011 and 2013, sweeps up a vast amount of communications at lightning speed. According to the intelligence community’s classified “Black Budget” for 2013, RAMPART-A enables the NSA to tap into three terabits of data every second as the data flows across the compromised cables – the equivalent of being able to download about 5,400 uncompressed high-definition movies every minute. In an emailed statement, the NSA declined to comment on the RAMPART-A program. “The fact that the U.S. government works with other nations, under specific and regulated conditions, mutually strengthens the security of all,” said NSA spokeswoman Vanee’ Vines. “NSA’s efforts are focused on ensuring the protection of the national security of the United States, its citizens, and our allies through the pursuit of valid foreign intelligence targets only.”
  • The Danish and German operations appear to be associated with RAMPART-A because it is the only NSA cable-access initiative that depends on the cooperation of third-party partners. Other NSA operations tap cables without the consent or knowledge of the countries that host the cables, or are operated from within the United States with the assistance of American telecommunications companies that have international links. One secret NSA document notes that most of the RAMPART-A projects are operated by the partners “under the cover of an overt comsat effort,” suggesting that the tapping of the fiber-optic cables takes place at Cold War-era eavesdropping stations in the host countries, usually identifiable by their large white satellite dishes and radomes. A shortlist of other countries potentially involved in the RAMPART-A operation is contained in the Snowden archive. A classified presentation dated 2013, published recently in Intercept editor Glenn Greenwald’s book No Place To Hide, revealed that the NSA had top-secret spying agreements with 33 third-party countries, including Denmark, Germany, and 15 other European Union member states:
  • Paul Merrell on 20 Jun 14
     
    Don't miss the slide with the names of the NSA-partner nations. Lots of E.U. member nations.
Paul Merrell

Speech Recognition is NSA's Best-Kept Open Secret - The Intercept - 0 views

firstlook.org/...cognition-nsa-best-kept-secret

surveillance state NSA voice-to-text

shared by Paul Merrell on 13 May 15 - No Cached
  • Siri can understand what you say. Google can take dictation. Even your new smart TV is taking verbal orders. So is there any doubt the National Security Agency has the ability to translate spoken words into text? But precisely when the NSA does it, with which calls, and how often, is a well-guarded secret. It’s not surprising that the NSA isn’t talking about it. But oddly enough, neither is anyone else: Over the years, there’s been almost no public discussion of the NSA’s use of automated speech recognition.
  • Siri can understand what you say. Google can take dictation. Even your new smart TV is taking verbal orders. So is there any doubt the National Security Agency has the ability to translate spoken words into text? But precisely when the NSA does it, with which calls, and how often, is a well-guarded secret. It’s not surprising that the NSA isn’t talking about it. But oddly enough, neither is anyone else: Over the years, there’s been almost no public discussion of the NSA’s use of automated speech recognition. One minor exception was in 1999, when a young Australian cryptographer named Julian Assange stumbled across an NSA patent that mentioned “machine transcribed speech.”
  • One minor exception was in 1999, when a young Australian cryptographer named Julian Assange stumbled across an NSA patent that mentioned “machine transcribed speech.” Assange, who went on to found WikiLeaks, said at the time: “This patent should worry people. Everyone’s overseas phone calls are or may soon be tapped, transcribed and archived in the bowels of an unaccountable foreign spy agency.” The most comprehensive post-Snowden descriptions of NSA’s surveillance programs are strangely silent when it comes to speech recognition. The report from the President’s Review Group on Intelligence and Communications Technologies doesn’t mention it, and neither does the October 2011 FISA Court ruling, or the detailed reports from the Privacy and Civil Liberties Oversight Board.
  • ...3 more annotations...
  • There is some mention of speech recognition in the “Black Budget” submitted to Congress each year. But there’s no clear sign that anybody on the Hill has ever really noticed. As The Intercept reported on Tuesday, items from the Snowden archive document the widespread use of automated speech recognition by the NSA. The strategic advantage, invasive potential and policy implications of being able to turn spoken words into text are not trivial: Suddenly, voice conversations, historically considered ephemeral and unsearchable, can be scanned, catalogued and archived — not perfectly, but well enough to dramatically increase the effective scope of eavesdropping. Former senior NSA executive turned whistleblower Thomas Drake, who’s seen NSA’s automated speech recognition at work, says the silence is telling.
  • “You’re seeing a black hole,” Drake told The Intercept. “That means there’s something there that’s really significant. You’re seeing some of the fuzzy contours of this whole other program.”
  • Senator Ron Wyden, D-Ore., arguably the foremost congressional critic of NSA overreach, wouldn’t comment directly on the question of speech recognition. But, he said through a spokesperson: “After 14 years on the Intelligence Committee, I’ve learned that senators must be constantly on the lookout for secret interpretations of the law and advances in surveillance that Congress isn’t aware of.” He added: “For centuries, individual privacy was protected in part by the limited resources of governments. It simply wasn’t possible for governments to secretly collect information on every single citizen without investing in massive networks of spies and informants. But in the 21st century mass surveillance is no longer difficult and expensive — it’s increasingly cheap and easy. The only privacy protections that will matter in the future are the ones that are written into law and defended by public demand for freedom and openness.”
  • Paul Merrell on 13 May 15
     
    A "black hole" at the NSA? Voice-to-text is indeed an ultra-powerful intelligence tool, but only if you are gathering verbal conversations. As content, verbal conversations should be off-limits without a court order. But is NSA honoring that limitation? And is the FISA Court enforcing it?
Paul Merrell

NSA infected 50,000 computer networks with malicious software - nrc.nl - 0 views

www.nrc.nl/...tworks-with-malicious-software

surveillance state NSA NSA-targets malware

shared by Paul Merrell on 25 Nov 13 - No Cached
  • The American intelligence service - NSA - infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive information. Documents provided by former NSA-employee Edward Snowden and seen by this newspaper, prove this. A management presentation dating from 2012 explains how the NSA collects information worldwide. In addition, the presentation shows that the intelligence service uses ‘Computer Network Exploitation’ (CNE) in more than 50,000 locations. CNE is the secret infiltration of computer systems achieved by installing malware, malicious software. One example of this type of hacking was discovered in September 2013 at the Belgium telecom provider Belgacom. For a number of years the British intelligence service - GCHQ – has been installing this malicious software in the Belgacom network in order to tap their customers’ telephone and data traffic. The Belgacom network was infiltrated by GCHQ through a process of luring employees to a false Linkedin page.
  • The NSA computer attacks are performed by a special department called TAO (Tailored Access Operations). Public sources show that this department employs more than a thousand hackers. As recently as August 2013, the Washington Post published articles about these NSA-TAO cyber operations. In these articles The Washington Post reported that the NSA installed an estimated 20,000 ‘implants’ as early as 2008. These articles were based on a secret budget report of the American intelligence services. By mid-2012 this number had more than doubled to 50,000, as is shown in the presentation NRC Handelsblad laid eyes on.
  • Cyber operations are increasingly important for the NSA. Computer hacks are relatively inexpensive and provide the NSA with opportunities to obtain information that they otherwise would not have access to. The NSA-presentation shows their CNE-operations in countries such as Venezuela and Brazil. The malware installed in these countries can remain active for years without being detected.
  • ...1 more annotation...
  • The malware can be controlled remotely and be turned on and off at will. The ‘implants’ act as digital ‘sleeper cells’ that can be activated with a single push of a button. According to the Washington Post, the NSA has been carrying out this type of cyber operation since 1998.
  • Paul Merrell on 25 Nov 13
     
    Nice interactive graphic too. 
Paul Merrell

Testosterone Pit - Home - NSA Revelations Kill IBM Hardware Sales in China - 0 views

www.testosteronepit.com/...m-hardware-sales-in-china.html

surveillance state NSA IBM NSA-blowback NSA-targets hardware hardware-backdoors

shared by Paul Merrell on 18 Oct 13 - No Cached
  • The first shot was fired on Monday. Teradata, which sells analytics tools for Big Data, warned that quarterly revenues plunged 21% in Asia and 19% in the Middle East and Africa. Wednesday evening, it was IBM’s turn to confess that its hardware sales in China had simply collapsed. Every word was colored by Edward Snowden’s revelations about the NSA’s hand-in-glove collaboration with American tech companies, from startups to mastodons like IBM.
  • The explanation is more obvious. In mid-August, an anonymous source told the Shanghai Securities News, a branch of the state-owned Xinhua News Agency, which reports directly to the Propaganda and Public Information Departments of the Communist Party, that IBM, along with Oracle and EMC, have become targets of the Ministry of Public Security and the cabinet-level Development Research Centre due to the Snowden revelations. “At present, thanks to their technological superiority, many of our core information technology systems are basically dominated by foreign hardware and software firms, but the Prism scandal implies security problems,” the source said, according to Reuters. So the government would launch an investigation into these security problems, the source said. Absolute stonewalling ensued. IBM told Reuters that it was unable to comment. Oracle and EMC weren’t available for comment. The Ministry of Public Security refused to comment. The Development Research Centre knew nothing of any such investigation. The Ministry of Industry and Information Technology “could not confirm anything because of the matter’s sensitivity.”
  • I’d warned about its impact at the time [read.... US Tech Companies Raked Over The Coals In China]. Snowden’s revelations started hitting in May. Not much later, the Chinese security apparatus must have alerted IT buyers in government agencies, state-owned enterprises, and major independent corporations to turn off the order pipeline for sensitive products until this is sorted out. As Mr. Loughridge’s efforts have shown, it’s hard to explain any other way that hardware sales suddenly collapsed by “40%, 50%” in China, where they’d boomed until then. This is the first quantitative indication of the price Corporate America has to pay for gorging at the big trough of the US Intelligence Community, and particularly the NSA with its endlessly ballooning budget. For once, there is a price to be paid, if only temporarily, for helping build a perfect, seamless, borderless surveillance society. The companies will deny it. At the same time, they’ll be looking for solutions. China, Russia, and Brazil are too important to just get kicked out of – and other countries might follow suit. In September, IBM announced that it would throw another billion at Linux, the open-source operating system, to run its Power System servers – the same that China had stopped buying. It seems IBM was trying to make hay of the NSA revelations that had tangled up American operating system makers. Linux, free of NSA influence, would be a huge competitive advantage for IBM. Or so it would seem. Read.... The Other Reason Why IBM Throws A Billion At Linux (With NSA- Designed Backdoor)
  • ...1 more annotation...
  • The first shot was fired on Monday. Teradata, which sells analytics tools for Big Data, warned that quarterly revenues plunged 21% in Asia and 19% in the Middle East and Africa. Wednesday evening, it was IBM’s turn to confess that its hardware sales in China had simply collapsed. Every word was colored by Edward Snowden’s revelations about the NSA’s hand-in-glove collaboration with American tech companies, from startups to mastodons like IBM.
  • Paul Merrell on 18 Oct 13
     
    It's starting to look as though the price of NSA collaboration is bankruptcy. Look for Big Blue to attempt to recover the loss from the U.S. government via some juicy deal.
Paul Merrell

Testosterone Pit - Home - The Other Reason Why IBM Throws A Billion At Linux ... - 0 views

www.testosteronepit.com/...billion-at-linux-with-nsa.html

surveillance state NSA Linux Linux-backdoor Solaris FreeBSD Darwin

shared by Paul Merrell on 18 Oct 13 - No Cached
  • IBM announced today that it would throw another billion at Linux, the open-source operating system, to run its Power System servers. The first time it had thrown a billion at Linux was in 2001, when Linux was a crazy, untested, even ludicrous proposition for the corporate world. So the moolah back then didn’t go to Linux itself, which was free, but to related technologies across hardware, software, and service, including things like sales and advertising – and into IBM’s partnership with Red Hat which was developing its enterprise operating system, Red Hat Enterprise Linux. “It helped start a flurry of innovation that has never slowed,” said Jim Zemlin, executive director of the Linux Foundation. IBM claims that the investment would “help clients capitalize on big data and cloud computing with modern systems built to handle the new wave of applications coming to the data center in the post-PC era.” Some of the moolah will be plowed into the Power Systems Linux Center in Montpellier, France, which opened today. IBM’s first Power Systems Linux Center opened in Beijing in May. IBM may be trying to make hay of the ongoing revelations that have shown that the NSA and other intelligence organizations in the US and elsewhere have roped in American tech companies of all stripes with huge contracts to perfect a seamless spy network. They even include physical aspects of surveillance, such as license plate scanners and cameras, which are everywhere [read.... Surveillance Society: If You Drive, You Get Tracked].
  • Then another boon for IBM. Experts at the German Federal Office for Security in Information Technology (BIS) determined that Windows 8 is dangerous for data security. It allows Microsoft to control the computer remotely through a “special surveillance chip,” the wonderfully named Trusted Platform Module (TPM), and a backdoor in the software – with keys likely accessible to the NSA and possibly other third parties, such as the Chinese. Risks: “Loss of control over the operating system and the hardware” [read.... LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA.
  • It would be an enormous competitive advantage for an IBM salesperson to walk into a government or corporate IT department and sell Big Data servers that don’t run on Windows, but on Linux. With the Windows 8 debacle now in public view, IBM salespeople don’t even have to mention it. In the hope of stemming the pernicious revenue decline their employer has been suffering from, they can politely and professionally hype the security benefits of IBM’s systems and mention in passing the comforting fact that some of it would be developed in the Power Systems Linux Centers in Montpellier and Beijing. Alas, Linux too is tarnished. The backdoors are there, though the code can be inspected, unlike Windows code. And then there is Security-Enhanced Linux (SELinux), which was integrated into the Linux kernel in 2003. It provides a mechanism for supporting “access control” (a backdoor) and “security policies.” Who developed SELinux? Um, the NSA – which helpfully discloses some details on its own website (emphasis mine): The results of several previous research projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. A reference implementation of this architecture was first integrated into a security-enhanced Linux® prototype system in order to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.
  • ...1 more annotation...
  • Among a slew of American companies who contributed to the NSA’s “mainstreaming” efforts: Red Hat. And IBM? Like just about all of our American tech heroes, it looks at the NSA and other agencies in the Intelligence Community as “the Customer” with deep pockets, ever increasing budgets, and a thirst for technology and data. Which brings us back to Windows 8 and TPM. A decade ago, a group was established to develop and promote Trusted Computing that governs how operating systems and the “special surveillance chip” TPM work together. And it too has been cooperating with the NSA. The founding members of this Trusted Computing Group, as it’s called facetiously: AMD, Cisco, Hewlett-Packard, Intel, Microsoft, and Wave Systems. Oh, I almost forgot ... and IBM. And so IBM might not escape, despite its protestations and slick sales presentations, the suspicion by foreign companies and governments alike that its Linux servers too have been compromised – like the cloud products of other American tech companies. And now, they’re going to pay a steep price for their cooperation with the NSA. Read...  NSA Pricked The “Cloud” Bubble For US Tech Companies
Paul Merrell

NSA contracted French cyber-firm for hacking help - RT USA - 0 views

rt.com/...nsa-vupen-exploit-hack-978

surveillance state NSA NSA-methods exploit-purchases

shared by Paul Merrell on 28 Mar 14 - No Cached
  • The latest revelation regarding the National Security Agency doesn't come courtesy of Edward Snowden. A Freedom of Information Act request has confirmed the NSA contracted a French company that makes its money by hacking into computers. It's no secret that the United States government relies on an arsenal of tactics to gather intelligence and wage operations against its adversaries, but a FOIA request filed by Muckrock's Heather Akers-Healy has confirmed that the list of Uncle Sam's business partners include Vupen, a French-based security company that specializes in selling secret codes used to crack into computers. Documents responsive to my request to #NSA for contracts with VUPEN, include 12/month exploit subscription https://t.co/x3qJbqSUpa — Heather Akers-Healy (@abbynormative) September 16, 2013 Muckrock published on Monday a copy of a contract between the NSA and Vupen in which the US government is shown to have ordered a one-year subscription to the firm's “binary analysis and exploits service” last September.
  • That service, according to the Vupen website, is sold only to government entities, law enforcement agencies and computer response teams in select countries, and provides clients with access to so-called zero-day exploits: newly-discovered security vulnerabilities that the products' manufacturers have yet to discover and, therefore, have had zero days to patch-up. “Major software vendors such as Microsoft and Adobe usually take 6 to 9 months to release a security patch for a critical vulnerability affecting their products, and this long delay between the discovery of a vulnerability and the release of a patch creates a window of exposure during which criminals can rediscover a previously reported but unpatched vulnerability, and target any organization running the vulnerable software,” Vupen says elsewhere on their website. Last year, Vupen researchers successfully cracked Google's Chrome browser, but declined to show developers how they did so — even for an impressive cash bounty. “We wouldn’t share this with Google for even $1 million,” Vupen CEO Chaouki Bekrar told Forbes' Andy Greenberg of the Chrome hack in 2012. “We don’t want to give them any knowledge that can help them in fixing this exploit or other similar exploits. We want to keep this for our customers.”
  • And why the NSA and other clients may benefit from being privy to these vulnerabilities, knowing how to exploit security holes in adversarial systems is a crucial component to any government's offensive cyber-operations. Last month, the Washington Post published excerpts from the previously secretive “black budget,” a closely guarded ledger listing the funding requests made by America's intelligence community provided by NSA leaker Edward Snowden. According to that document, a substantial goal of the US in fiscal year 2013 was to use a portion of $52.6 billion in secretive funding towards improving offensive cyber-operations.
  • ...1 more annotation...
  • The portion of the contract obtained by Muckrock where the cost of the subscription is listed has been redacted, but a Vupen hacker who spoke to Greenberg last year said deals in the five-figures wasn't uncommon. "People seem surprised to discover that major government agencies are acquiring Vupen's vulnerability intelligence," Bekrar wrote in an email to Information Week's Matthew Schwartz after the NSA contract with his signature was published. "There is no news here, governments need to leverage the most detailed and advanced vulnerability research to protect their infrastructures and citizens against adversaries." Critics of Vupen and its competitors see government-waged cyber-operations in a different light, however. Christopher Soghoian of the American Civil Liberties Union's Speech, Privacy and Technology Project has spoken outright against companies that sell exploits and have equated the computer codes being sold for big money as a new sort of underground arms trade fueling an international, online battle. To Greenberg last year, Soghoian described Vupen as  a “modern-day merchant of death” selling “the bullets for cyberwar," and upon publishing of the NSA contract called the company a “cyber weapon merchant.” The NSA is a customer of French 0-day cyber weapon merchant VUPEN, FOIA docs reveal: (via @ramdac & @MuckRockNews) https://t.co/OPJ82miK3c — Christopher Soghoian (@csoghoian) September 16, 2013
Paul Merrell

ICREACH: How the NSA Built Its Own Secret Google -The Intercept - 0 views

firstlook.org/...ecret-google-crisscross-proton

surveillance state NSA ICREACH mustread

shared by Paul Merrell on 26 Aug 14 - No Cached
  • The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by The Intercept. The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants. ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden. Earlier revelations sourced to the Snowden documents have exposed a multitude of NSA programs for collecting large volumes of communications. The NSA has acknowledged that it shares some of its collected data with domestic agencies like the FBI, but details about the method and scope of its sharing have remained shrouded in secrecy.
  • ICREACH has been accessible to more than 1,000 analysts at 23 U.S. government agencies that perform intelligence work, according to a 2010 memo. A planning document from 2007 lists the DEA, FBI, Central Intelligence Agency, and the Defense Intelligence Agency as core members. Information shared through ICREACH can be used to track people’s movements, map out their networks of associates, help predict future actions, and potentially reveal religious affiliations or political beliefs. The creation of ICREACH represented a landmark moment in the history of classified U.S. government surveillance, according to the NSA documents.
  • Documents published with this article: CIA Colleagues Enthusiastically Welcome NSA Training Sharing Communications Metadata Across the U.S. Intelligence Community CRISSCROSS/PROTON Point Paper Decision Memorandum for the DNI on ICREACH Metadata Sharing Memorandum Sharing SIGINT metadata on ICREACH Metadata Policy Conference ICREACH Wholesale Sharing Black Budget Extracts
  • Paul Merrell on 26 Aug 14
     
     The most important Snowden disclosure yet. It's a long, detailed article, but it's a must read. I couldn't highlight any more without highlighting the entire article. Read the whole thing soon or you're going to be late for the mob with pitchforks.  This is beyond outrageous. The integrity of our entire system of government is now at issue. 
Paul Merrell

NSA Spying Relies on AT&T's 'Extreme Willingness to Help' - ProPublica - 0 views

www.propublica.org/...ts-extreme-willingness-to-help

surveillance state NSA AT&T

shared by Paul Merrell on 17 Aug 15 - No Cached
  • he National Security Agency’s ability to spy on vast quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership with a single company: the telecom giant AT&T. While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed NSA documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”
  • AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the NSA access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T. The NSA’s top-secret budget in 2013 for the AT&T partnership was more than twice that of the next-largest such program, according to the documents. The company installed surveillance equipment in at least 17 of its Internet hubs on American soil, far more than its similarly sized competitor, Verizon. And its engineers were the first to try out new surveillance technologies invented by the eavesdropping agency. One document reminds NSA officials to be polite when visiting AT&T facilities, noting: “This is a partnership, not a contractual relationship.” The documents, provided by the former agency contractor Edward Snowden, were jointly reviewed by The New York Times and ProPublica.
  • It is not clear if the programs still operate in the same way today. Since the Snowden revelations set off a global debate over surveillance two years ago, some Silicon Valley technology companies have expressed anger at what they characterize as NSA intrusions and have rolled out new encryption to thwart them. The telecommunications companies have been quieter, though Verizon unsuccessfully challenged a court order for bulk phone records in 2014. At the same time, the government has been fighting in court to keep the identities of its telecom partners hidden. In a recent case, a group of AT&T customers claimed that the NSA’s tapping of the Internet violated the Fourth Amendment protection against unreasonable searches. This year, a federal judge dismissed key portions of the lawsuit after the Obama administration argued that public discussion of its telecom surveillance efforts would reveal state secrets, damaging national security.
Gary Edwards

NSA After 9/11 - 0 views

www.barthworks.com/...nsaafter911.htm

NSA NSA-Patriot-Act-NDAA NSA-Whistleblower FiSA 4th-Amendment

shared by Gary Edwards on 21 Jul 13 - No Cached
  • Gary Edwards on 21 Jul 13
     
    "by David Barth, written 24 June 2009 This incredible compilation of facts truly is "Source Material", and is presented as such. The material comes from the following sources, and it will blow you away: ..... The Shadow Factory The Ultra-Secret NSA from 9/11 to the Eavesdropping on America by James Bamford, 2008 ..... The Puzzle Palace Inside the National Security Agency, America's Most Secret Intelligence Organization by James Bamford, 1983 .... Intelligence and the Communications Industry National Security Agency (NSA) Predecessors ..... Various issues of Wired magazine" Once I started reading this I couldn't stop. Incredible stuff, it reads like a disjointed timeline detailing the convergence of technology, government agencies, co-opted companies and, both the terrorist and false flag operations that escalated budgets, changes in the law and political authorizations needed to create the current NSA worldwide police state. Buckle up patriots. We are in for one very wild ride. Thanks Marbux!
Paul Merrell

The NSA's Rent Is Too Damn High | Cato @ Liberty - 0 views

www.cato.org/...nsas-rent-too-damn-high

surveillance state NSA NSA-budget

shared by Paul Merrell on 01 Nov 13 - No Cached
  • For months, the American public has received a steady stream of new information detailing the massive scale and scope of the United States’ spying activities. Of course, maintaining a surveillance state powerful enough to reach into the inboxes of world leaders, friend and foe, is not cheap. Indeed, as the Washington Post revealed when it released portions of the so-called Black Budget, this year’s price tag on America’s spook infrastructure comes out to a whopping $52.6 billion. This is, of course, a tremendous sum – more than double the size of the Department of Agriculture, more than triple the size of NASA; the list goes on… But, what really puts this number into perspective is its average cost to each American taxpayer, or what I would call the NSA and associated agencies’ “rent.” Yes, the NSA’s rent, charged to every taxpayer living under its web of surveillance, comes out to an exorbitant $574 per year. If this is the price the federal government is charging American taxpayers to have their own privacy invaded, then I say the NSA’s rent is too damn high. Normally, at the end of one of these blogs, I would ask a rhetorical question like: “Washington, are you listening?” But, in this case, we know Washington is listening, and now we know how much we’re being charged for it.
Paul Merrell

EFF Statement on Passage of Massie-Lofgren Amendment Regarding NSA Backdoors | Electron... - 0 views

www.eff.org/...ofgren-amendment-passing-house

surveillance state NSA-reform legislation Defense-spending

shared by Paul Merrell on 20 Jun 14 - No Cached
  • Today, the US House of Representatives passed an amendment to the Defense Appropriations bill designed to cut funding for NSA backdoors. The amendment passed overwhelmingly with strong bipartisan support: 293 ayes, 123 nays, and 1 present. Currently, the NSA collects emails, browsing and chat history under Section 702 of the FISA Amendments Act, and searches this information without a warrant for the communications of Americans—a practice known as "backdoor searches." The amendment would block the NSA from using any of its funding from this Defense Appropriations Bill to conduct such warrantless searches. In addition, the amendment would prohibit the NSA from using its budget to mandate or request that private companies and organizations add backdoors to the encryption standards that are meant to keep you safe on the web. Mark Rumold, staff attorney for the Electronic Frontier Foundation, stated:
  • Tonight, the House of Representatives took an important first step in reining in the NSA. The House voted overwhelmingly to cut funding for two of the NSA's invasive surveillance practices: the warrantless searching of Americans' international communications, and the practice of requiring companies to install vulnerabilities in communications products or services. We applaud the House for taking this important first step, and we look forward to other elected officials standing up for our right to privacy. Digital rights organizations, including EFF, strongly supported the amendment. We and other organizations—including Free Press, Fight for the Future, Demand Progress, and Taskforce.is—helped to organize a grassroots campaign to promote the amendment. The day before the vote, we urged friends and members to call their members of Congress through the website ShuttheBackDoor.net. Thousands responded to the call to action. We extend our heartfelt thanks to everyone who spoke out on this issue. This is a great day in the fight to rein in NSA surveillance abuses, and we hope Congress will work to ensure this amendment is in the final version of the appropriations bill that is enacted.
  • Paul Merrell on 20 Jun 14
     
    Big majority in the House and it's in the Defense Spending act. That puts a lot of pressure on the Senate and if sustained in the Senate, makes it all but veto-proof.  
Paul Merrell

Edward Snowden doesn't deserve clemency: The NSA leaker hasn't proved he is a whistlebl... - 0 views

www.slate.com/...r_hasn_t_proved_he.single.html

surveillance state NSA Snowden amnesty

shared by Paul Merrell on 06 Jan 14 - No Cached
  • And yet I firmly disagree with the New York Times’ Jan. 1 editorial (“Edward Snowden, Whistle-Blower”), calling on President Obama to grant Snowden “some form of clemency” for the “great service” he has done for his country.
  • If that were all that Snowden had done, if his stolen trove of beyond-top-secret documents had dealt only with the NSA’s domestic surveillance, then some form of leniency might be worth discussing. But Snowden did much more than that. The documents that he gave the Washington Post’s Barton Gellman and the Guardian’s Glenn Greenwald have, so far, furnished stories about the NSA’s interception of email traffic, mobile phone calls, and radio transmissions of Taliban fighters in Pakistan’s northwest territories; about an operation to gauge the loyalties of CIA recruits in Pakistan; about NSA email intercepts to assist intelligence assessments of what’s going on inside Iran; about NSA surveillance of cellphone calls “worldwide,” an effort that (in the Post’s words) “allows it to look for unknown associates of known intelligence targets by tracking people whose movements intersect.” In his first interview with the South China Morning Post, Snowden revealed that the NSA routinely hacks into hundreds of computers in China and Hong Kong. These operations have nothing to do with domestic surveillance or even spying on allies. They are not illegal, improper, or (in the context of 21st-century international politics) immoral. Exposing such operations has nothing to do with “whistle-blowing.”
  • Paul Merrell on 06 Jan 14
     
    Another "kill the messenger" piece on Edward Snowden, this one by a Council on Foreign Relations analyst. 
1 - 20 of 39 Next ›
Showing 20 items per page