Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged NSA-methods

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

NSA surveillance program reaches 'into the past' to retrieve, replay phone calls - The ... - 0 views

www.washingtonpost.com/...3-a49e-76adc9210f19_story.html

surveillance state NSA NSA-methods phone-content

shared by Paul Merrell on 20 Mar 14 - No Cached
  • The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden. A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.
  • The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere. In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary. The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage.At the request of U.S. officials, The Washington Post is withholding details that could be used to identify the country where the system is being employed or other countries where its use was envisioned.
  • Paul Merrell on 20 Mar 14
     
    Let's also recall that former FBI counter-terrorism specialist Tim Clemente told CNN in the wake of the Boston bombing that all telephone calls in the U.S. are recorded and that "intelligence" people would be able to retrieve the call between Tamerlan Tsarnaev and his wife after the bombing. http://transcripts.cnn.com/TRANSCRIPTS/1305/01/ebo.01.html So is the mysterious nation whose calls are all being recorded the U.S.?
Paul Merrell

NSA monitors WiFi on US planes 'in violation' of privacy laws - RT USA - 0 views

rt.com/...nflight-wfi-nsa-monitoring-548

surveillance state NSA law-enforcement NSA-methods in-flight-wireless

shared by Paul Merrell on 11 Apr 14 - No Cached
  • Companies that provide WiFi on US domestic flights are handing over their data to the NSA, adapting their technology to allow security services new powers to spy on passengers. In doing so, they may be in violation of privacy laws. In a letter leaked to Wired, Gogo, the leading provider of inflight WiFi in the US, admitted to violating the requirements of the Communications Assistance for Law Enforcement Act (CALEA). The act is part of a wiretapping law passed in 1994 that requires telecoms carriers to provide law enforcement with a backdoor in their systems to monitor telephone and broadband communications. Gogo states in the letter to the Federal Communications Commission that it added new capabilities to its service that go beyond CALEA, at the behest of law enforcement agencies.
  • “In designing its existing network, Gogo worked closely with law enforcement to incorporate functionalities and protections that would serve public safety and national security interests,” Gogo attorney Karis Hastings wrote in the leaked letter, which dates from 2012. He did not elaborate as to the nature of the changes, but said Gogo “worked with federal agencies to reach agreement regarding a set of additional capabilities to accommodate law enforcement interests.” Gogo, which provides WiFi services to the biggest US airlines, are not the only ones to adapt their services to enable spying. Panasonic Avionics also added “additional functionality” to their services as per an agreement with US law enforcement, according to a report published in December. The deals with security services have civil liberties organizations up in arms. They have condemned the WiFi providers’ deals with authorities as scandalous.
Paul Merrell

First direct evidence of illegal surveillance found by the FISA court - The Washington ... - 0 views

apps.washingtonpost.com/...393

surveillance state NSA Snowden privacy-violations lies

shared by Paul Merrell on 02 Apr 14 - No Cached
  • The document below is the full text of a brief article from the Oct. 12, 2011 edition of the Top Secret “SSO News,” an NSA electronic newsletter. It includes the first confirmation – and the only known details – of an Oct. 3, 2011 ruling in which the Foreign Intelligence Surveillance Court held that the NSA was using illegal methods to collect and handle the emails and other internet communications of American citizens and green card holders. Much remains unknown about the case and its resolution, which is the subject of a Freedom of Information Act lawsuit by the Electronic Frontier Foundation. The intended audience would be familiar with the NSA's internal jargon and acronyms. Here is a brief glossary of terms. The article's author has been redacted by The Washington Post. NSA broke privacy rules thousands of times per year, audit finds
Paul Merrell

US Government Labeled Al Jazeera Journalist as Al Qaeda - 0 views

firstlook.org/...al-qaeda-member-put-watch-list

surveillance state NSA Al-Jazeera metadata phone-metadata

shared by Paul Merrell on 09 May 15 - No Cached
  • The U.S. government labeled a prominent journalist as a member of Al Qaeda and placed him on a watch list of suspected terrorists, according to a top-secret document that details U.S. intelligence efforts to track Al Qaeda couriers by analyzing metadata. The briefing singles out Ahmad Muaffaq Zaidan, Al Jazeera’s longtime Islamabad bureau chief, as a member of the terrorist group. A Syrian national, Zaidan has focused his reporting throughout his career on the Taliban and Al Qaeda, and has conducted several high-profile interviews with senior Al Qaeda leaders, including Osama bin Laden.
  • The document cites Zaidan as an example to demonstrate the powers of SKYNET, a program that analyzes location and communication data (or “metadata”) from bulk call records in order to detect suspicious patterns. In the Terminator movies, SKYNET is a self-aware military computer system that launches a nuclear war to exterminate the human race, and then systematically kills the survivors. According to the presentation, the NSA uses its version of SKYNET to identify people that it believes move like couriers used by Al Qaeda’s senior leadership. The program assessed Zaidan as a likely match, which raises troubling questions about the U.S. government’s method of identifying terrorist targets based on metadata. It appears, however, that Zaidan had already been identified as an Al Qaeda member before he showed up on SKYNET’s radar. That he was already assigned a watch list number would seem to indicate that the government had a prior intelligence file on him. The Terrorist Identities Datamart Environment, or TIDE, is a U.S. government database of over one million names suspected of a connection to terrorism, which is shared across the U.S. intelligence community.
  • Peter Bergen, CNN’s national security analyst and author of several books on Al Qaeda and Osama bin Laden, told The Intercept, “I’ve known [Zaidan] for well over a decade, and he’s a first class journalist.” “He has the contacts and the access that of course no Western journalist has,” said Bergen. “But by that standard any journalist who spent time with Al Qaeda would be suspect.” Bergen himself interviewed bin Laden in 1997.
  • ...6 more annotations...
  • According to another 2012 presentation describing SKYNET, the program looks for terrorist connections based on questions such as “who has traveled from Peshawar to Faisalabad or Lahore (and back) in the past month? Who does the traveler call when he arrives?” and behaviors such as “excessive SIM or handset swapping,” “incoming calls only,” “visits to airports,” and “overnight trips.”
  • That presentation states that the call data is acquired from major Pakistani telecom providers, though it does not specify the technical means by which the data is obtained. The June 2012 document poses the question: “Given a handful of courier selectors, can we find others that ‘behave similarly’” by analyzing cell phone metadata? “We are looking for different people using phones in similar ways,” the presentation continues, and measuring “pattern of life, social network, and travel behavior.” For the experiment, the analysts fed 55 million cell phone records from Pakistan into the system, the document states. The results identified someone who is “PROB” — which appears to mean probably — Zaidan as the “highest scoring selector” traveling between Peshawar and Lahore.
  • The following slide appears to show other top hits, noting that 21 of the top 500 were previously tasked for surveillance, indicating that the program is “on the right track” to finding people of interest. A portion of that list visible on the slide includes individuals supposedly affiliated with Al Qaeda and the Taliban, as well as members of Pakistan’s spy agency, Inter-Services Intelligence. But sometimes the descriptions are vague. One selector is identified simply as “Sikh Extremist.” As other documents from Snowden revealed, drone targets are often identified in part based on metadata analysis and cell phone tracking. Former NSA director Michael Hayden famously put it more bluntly in May 2014, when he said, “we kill people based on metadata.” Metadata also played a key role in locating and killing Osama bin Laden. The CIA used cell phone calling patterns to track an Al Qaeda courier and identify bin Laden’s hiding place in Pakistan.
  • A History of Targeting Al Jazeera  The U.S. government’s surveillance of Zaidan is not the first time that it has linked Al Jazeera or its personnel to Al Qaeda. During the invasion of Afghanistan, in November 2001, the United States bombed the network’s Kabul offices. The Pentagon claimed that it was “a known al-Qaeda facility.” That was just the beginning. Sami al-Hajj, an Al Jazeera cameraman, was imprisoned by the U.S. government at Guantanamo for six years before being released in 2008 without ever being charged. He has said he was repeatedly interrogated about Al Jazeera. In 2003, Al Jazeera’s financial reporters were barred from the trading floor of the New York Stock Exchange for “security reasons.” Nasdaq soon followed suit.
  • During the invasion of Iraq, U.S. forces bombed Al Jazeera’s Baghdad offices, killing correspondent Tariq Ayoub. The U.S. insisted it was unintentional, though Al Jazeera had given the Pentagon the coordinates of the building. When American forces laid siege to Fallujah, and Al Jazeera was one of the few news organizations broadcasting from within the city, Bush administration officials accused it of airing propaganda and lies. Al Jazeera’s Fallujah correspondent, Ahmed Mansour, reported that his crew had been targeted with tanks, and the house they had stayed in had been bombed by fighter jets. So great was the suspicion of Al Jazeera’s ties to terrorism that Dennis Montgomery, a contractor who had previously tried peddling cheat-detector software to Las Vegas casinos, managed to convince the CIA that he could decode secret Al Qaeda messages from Al Jazeera broadcasts. Those “codes” reportedly caused Bush to ground a number of commercial transatlantic flights in December 2003. But the U.S. government appeared to have somewhat softened its view of the network in the last several years. The Obama administration has criticized Egypt for holding three of Al Jazeera’s journalists on charges of aiding the Muslim Brotherhood. During the height of the 2011 Arab Spring, then-Secretary of State Hillary Clinton praised the network’s coverage, saying, “Viewership of Al Jazeera is going up in the United States because it’s real news.”
  • Zaidan is still Al Jazeera’s Islamabad bureau chief, and has also reported from Syria and Yemen in recent years. Al Jazeera vigorously defended his reporting. “Our commitment to our audiences is to gain access to authentic, raw, unfiltered information from key sources and present it in an honest and responsible way.” They added that, “our journalists continue to be targeted and stigmatized by governments,” even though “Al Jazeera is not the first channel that has met with controversial figures such as bin Laden and others — prominent western media outlets were among the first to do so.”
  • Paul Merrell on 09 May 15
     
    It was crazy. I was at home in Idaho sitting there watching TV and chatting with my internet buddy in Croatia. Then the black helicopters came for me ... 
Gary Edwards

GAP Statement on Edward Snowden & NSA Domestic Surveillance - Government Accountability... - 0 views

www.whistleblower.org/...en-a-nsa-domestic-surveillance

GAP William-Binney Edward-Snowden NSA-Patriot-Act-NDAA NSA-Whistleblower

shared by Gary Edwards on 02 Aug 13 - No Cached
  • Gary Edwards on 02 Aug 13
     
    The Government Accountability Project has provided a very clear statement of the laws and methods our government is now using in the "War on Whistleblowers". GAP also explains why it is so important that we the people put an end to this war on patriots willing to risk everything to defend and uphold the Constitution.
Paul Merrell

How Israel helps eavesdrop on US citizens | The Electronic Intifada - 0 views

electronicintifada.net/...7788

surveillance state NSA Israel Unit 8200 Narus Verint

shared by Paul Merrell on 15 Jun 13 - No Cached
  • It is well-known that the two largest American telecom companies AT&T and Verizon collaborated with the US government to allow illegal eavesdropping on their customers. The known uses to which information obtained this way has been put include building the government’s massive secret “watch lists,” and “no-fly lists” and even, Bamford suggests, to deny Small Business Administration loans to citizens or reject their children’s applications to military colleges. What is less well-known is that AT&T and Verizon handed “the bugging of their entire networks — carrying billions of American communications every day” to two companies founded in Israel. Verint and Narus, as they are called, are “superintrusive — conducting mass surveillance on both international and domestic communications 24/7,” and sifting traffic at “key Internet gateways” around the US.
  • Virtually all US voice and data communications and much from the rest of the world can be remotely accessed by these companies in Israel, which Bamford describes as “the eavesdropping capital of the world.” Although there is no way to prove cooperation, Bamford writes that “the greatest potential beneficiaries of this marriage between the Israeli eavesdroppers and America’s increasingly centralized telecom grid are Israel’s intelligence agencies.” Israel’s spy agencies have long had a revolving-door relationship with Verint and Narus and other Israeli military-security firms. The relationship is particularly close between the firms and Israel’s own version of the NSA, called “Unit 8200.”
  • Israeli companies seeking a share of massively expanded US intelligence budgets formed similarly incestuous relationships with some in the American intelligence establishment: Ken Minihan, a former director of the NSA, served on Verint’s “security committee” and the former Federal Bureau of Investigation (FBI) official responsible for liaison with the telecom industry became head of the Verint unit that sold eavesdropping equipment to the FBI and NSA.
  • ...4 more annotations...
  • FISA — the Foreign Intelligence Surveillance Act of 1978 — required the government to seek court warrants for wiretaps where at least one target was in the US. In 2005, it was revealed that the Bush administration had been flagrantly violating this law. Last July, Congress passed a bill legalizing this activity and giving retroactive immunity to the telecom companies that had assisted.
  • Israel has a well-established record of compromising American national security. The most notorious case was that of convicted spy Jonathan Pollard. Although the full details of his crimes are still secret, he is thought to have passed critical information about US intelligence-gathering methods to Israel, which then traded those secrets to US adversaries. In 2005, Larry Franklin, a Defense Department analyst, pleaded guilty to spying for Israel. Most recently, Ben-Ami Kadish, a retired US army engineer, was indicted in April for allegedly passing classified documents about US nuclear weapons to Israel from 1979 to 1985. Two former officials of AIPAC, the pro-Israel lobbying group, are still awaiting trial on charges that they passed classified information between Franklin and the Israeli government.
  • Nor have particular Israeli firms established a record of trustworthiness that would justify such complacency. Jacob “Kobi” Alexander, the former Israeli intelligence officer who founded Verint, fled the US to Israel in 2006 just before he and other top executives of a subsidiary were indicted for fraud that allegedly cost US taxpayers and company shareholders $138 million. Alexander eventually adopted a fake identity and hid in the southern African country of Namibia where he is now fighting extradition
  • Israeli companies do not assist the US only to spy on its own citizens, of course. Another Israeli firm, Natural Speech Communication (NSC), among whose directors is former Mossad chief Shabtai Shavit, makes software that the US uses to electronically analyze and key-word search recorded conversations in “Levantine Arabic,” the dialects “spoken by Israeli Arabs, Jordanians, Lebanese and Palestinians.” Mexico and Australia are among other countries known to use Israeli technologies and firms to eavesdrop on their citizens.
Paul Merrell

Wyden Statement at Senate Intelligence Committee's Open Hearing | Press Releases | U.S.... - 0 views

www.wyden.senate.gov/...igence-committees-open-hearing

surveillance state Senate-investigation Wyden Clapper Comey Brennan lies NSA CIA FBI must-read

shared by Paul Merrell on 31 Jan 14 - No Cached
  • U.S. Senator Ron Wyden (D-Ore.) delivered the following statement prior to questioning senior Intelligence Community officials during the Senate Intelligence Committee’s open hearing. Wyden is a senior member of the Intelligence committee. “The men and women of America’s intelligence agencies are overwhelmingly dedicated professionals and they deserve to have leadership that is trusted by the American people. Unfortunately, that trust has been seriously undermined by senior officials’ reckless reliance on secret interpretations of the law and battered by years of misleading and deceptive statements that senior officials made to the American people. These statements did not protect sources and methods that were useful in fighting terror. Instead they hid bad policy choices and violations of the liberties of the American people. For example, the director of the NSA said publicly that the NSA doesn’t hold data on U.S. citizens. That was obviously untrue.  Justice Department officials testified that section 215 of the Patriot Act is analogous to grand jury subpoena authority. And that deceptive statement was made on multiple occasions. Officials also suggested that the NSA doesn’t have the authority to read Americans’ emails without a warrant but the FISA court opinions declassified last August showed that wasn’t true either.
  • The statement and subsequent questions may be viewed below or here:
  • Paul Merrell on 31 Jan 14
     
    Ron Wyden comes out swinging at a Senate hearing, giving 3 examples of lies about digital surveillance told to Congress by intelligence officials and DoJ. Then he presses DNI Clapper, CIA head Brennan, and FBI head Comey to provide by dates certain written public answers to a series of questions that he had previously asked in writing but never received answers on. All three said they would provide the answers, Clapper within 30 days and the other two within 7 days.  The questions themselves are extremely important, about the government's interpretation of legal authorities to conduct warrantless searches and in the case of the CIA, whether it is subject to the Computer Fraud and Abuse Act. That Act provides for criminal penalties and civil damages for accessing a "protected computer" (essentially any computer connected to the internet, whether in the U.S. or abroad) or activating any command or installing any malware on a protected computer. See generally, http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act That question suggests that Wyden and his staff are boring into issues involving the government breaking into computers to access private data. Another question asked whether the government claimed the authority to access private data stored in the cloud without a warrant.  This is a short video well worth the watching time.
Paul Merrell

N.S.A. Report Outlined Goals for More Power - NYTimes.com - 0 views

www.nytimes.com/...ined-goals-for-more-power.html

surveillance state NSA NSA-ambitions

shared by Paul Merrell on 25 Nov 13 - No Cached
  • Officials at the National Security Agency, intent on maintaining its dominance in intelligence collection, pledged last year to push to expand its surveillance powers, according to a top-secret strategy document.
  • In a February 2012 paper laying out the four-year strategy for the N.S.A.’s signals intelligence operations, which include the agency’s eavesdropping and communications data collection around the world, agency officials set an objective to “aggressively pursue legal authorities and a policy framework mapped more fully to the information age.” Written as an agency mission statement with broad goals, the five-page document said that existing American laws were not adequate to meet the needs of the N.S.A. to conduct broad surveillance in what it cited as “the golden age of Sigint,” or signals intelligence. “The interpretation and guidelines for applying our authorities, and in some cases the authorities themselves, have not kept pace with the complexity of the technology and target environments, or the operational expectations levied on N.S.A.’s mission,” the document concluded. Using sweeping language, the paper also outlined some of the agency’s other ambitions. They included defeating the cybersecurity practices of adversaries in order to acquire the data the agency needs from “anyone, anytime, anywhere.” The agency also said it would try to decrypt or bypass codes that keep communications secret by influencing “the global commercial encryption market through commercial relationships,” human spies and intelligence partners in other countries. It also talked of the need to “revolutionize” analysis of its vast collections of data to “radically increase operational impact.”
  • The N.S.A. document, titled “Sigint Strategy 2012-2016,” does not make clear what legal or policy changes the agency might seek. The N.S.A.’s powers are determined variously by Congress, executive orders and the nation’s secret intelligence court, and its operations are governed by layers of regulations. While asserting that the agency’s “culture of compliance” would not be compromised, N.S.A. officials argued that they needed more flexibility, according to the paper. Senior intelligence officials, responding to questions about the document, said that the N.S.A. believed that legal impediments limited its ability to conduct surveillance of terrorism suspects inside the United States. Despite an overhaul of national security law in 2008, the officials said, if a terrorism suspect who is under surveillance overseas enters the United States, the agency has to stop monitoring him until it obtains a warrant from the Foreign Intelligence Surveillance Court. “N.S.A.’s Sigint strategy is designed to guide investments in future capabilities and close gaps in current capabilities,” the agency said in a statement. “In an ever-changing technology and telecommunications environment, N.S.A. tries to get in front of issues to better fulfill the foreign-intelligence requirements of the U.S. government.”
  • ...4 more annotations...
  • Critics, including some congressional leaders, say that the role of N.S.A. surveillance in thwarting terrorist attacks — often cited by the agency to justify expanded powers — has been exaggerated. In response to the controversy about its activities after Mr. Snowden’s disclosures, agency officials claimed that the N.S.A.’s sweeping domestic surveillance programs had helped in 54 “terrorist-related activities.” But under growing scrutiny, congressional staff members and other critics say that the use of such figures by defenders of the agency has drastically overstated the value of the domestic surveillance programs in counterterrorism. Agency leaders believe that the N.S.A. has never enjoyed such a target-rich environment as it does now because of the global explosion of digital information — and they want to make certain that they can dominate “the Sigint battle space” in the future, the document said. To be “optimally effective,” the paper said, “legal, policy and process authorities must be as adaptive and dynamic as the technological and operational advances we seek to exploit.” Intent on unlocking the secrets of adversaries, the paper underscores the agency’s long-term goal of being able to collect virtually everything available in the digital world. To achieve that objective, the paper suggests that the N.S.A. plans to gain greater access, in a variety of ways, to the infrastructure of the world’s telecommunications networks.
  • Yet the paper also shows how the agency believes it can influence and shape trends in high-tech industries in other ways to suit its needs. One of the agency’s goals is to “continue to invest in the industrial base and drive the state of the art for high performance computing to maintain pre-eminent cryptanalytic capability for the nation.” The paper added that the N.S.A. must seek to “identify new access, collection and exploitation methods by leveraging global business trends in data and communications services.” And it wants to find ways to combine all of its technical tools to enhance its surveillance powers. The N.S.A. will seek to integrate its “capabilities to reach previously inaccessible targets in support of exploitation, cyberdefense and cyberoperations,” the paper stated. The agency also intends to improve its access to encrypted communications used by individuals, businesses and foreign governments, the strategy document said. The N.S.A. has already had some success in defeating encryption, The New York Times has reported, but the document makes it clear that countering “ubiquitous, strong, commercial network encryption” is a top priority. The agency plans to fight back against the rise of encryption through relationships with companies that develop encryption tools and through espionage operations. In other countries, the document said, the N.S.A. must also “counter indigenous cryptographic programs by targeting their industrial bases with all available Sigint and Humint” — human intelligence, meaning spies.
  • Above all, the strategy paper suggests the N.S.A.’s vast view of its mission: nothing less than to “dramatically increase mastery of the global network.” Other N.S.A. documents offer hints of how the agency is trying to do just that. One program, code-named Treasure Map, provides what a secret N.S.A. PowerPoint presentation describes as “a near real-time, interactive map of the global Internet.” According to the undated PowerPoint presentation, disclosed by Mr. Snowden, Treasure Map gives the N.S.A. “a 300,000 foot view of the Internet.”  Relying on Internet routing data, commercial and Sigint information, Treasure Map is a sophisticated tool, one that the PowerPoint presentation describes as a “massive Internet mapping, analysis and exploration engine.” It collects Wi-Fi network and geolocation data, and between 30 million and 50 million unique Internet provider addresses — code that can reveal the location and owner of a computer, mobile device or router — are represented each day on Treasure Map, according to the document. It boasts that the program can map “any device, anywhere, all the time.”  The documents include addresses labeled as based in the “U.S.,” and because so much Internet traffic flows through the United States, it would be difficult to map much of the world without capturing such addresses.
  • The program takes advantage of the capabilities of other secret N.S.A. programs. To support Treasure Map, for example, the document states that another program, called Packaged Goods, tracks the “traceroutes” through which data flows around the Internet. Through Packaged Goods, the N.S.A. has gained access to “13 covered servers in unwitting data centers around the globe,” according to the PowerPoint. The document identifies a list of countries where the data centers are located, including Germany, Poland, Denmark, South Africa and Taiwan as well as Russia, China and Singapore.
Paul Merrell

The Daily Dot - Study suggests NSA can legally access majority of American phone data - 0 views

www.dailydot.com/...nsa-three-hop-phone-data

surveillance state NSA 3-hop-standard FISA FISA-Court

shared by Paul Merrell on 12 Dec 13 - No Cached
  • A new study published by the Center for Internet and Society (CIS) at Stanford Law School suggests that the methods the NSA uses to determine reasonable and articulable suspicion (RAS) of terrorist activity may authorize the agency to examine the call records of more American citizens than previously believed.
Paul Merrell

New IETF Group to Tackle TLS Implementation in Applications | Threatpost | The First St... - 0 views

threatpost.com/...103183

surveillance state NSA NSA-blowback IETF encryption

shared by Paul Merrell on 16 Dec 13 - No Cached
  • The NSA surveillance scandal has created ripples all across the Internet, and the latest one is a new effort from the IETF to change the way that encryption is used in a variety of critical application protocols, including HTTP and SMTP. The new TLS application working group was formed to help developers and the people who deploy their applications incorporate the encryption protocol correctly. TLS is the successor to SSL and is used to encrypt information in a variety of applications, but is most often encountered by users in their Web browsers. Sites use it to secure their communications with users, and in the wake of the revelations about the ways that the NSA is eavesdropping on email and Web traffic its use has become much more important. The IETF is trying to help ensure that it’s deployed properly, reducing the errors that could make surveillance and other attacks easier.
  • “There is a renewed and urgent interest in the IETF to increase the security of transmissions over the Internet. Many application protocols have defined methods for using TLS to authenticate the server (and sometimes the client), and to encrypt the connection between the client and server. However, there is a diversity of definitions and requirements, and that diversity has caused confusion for application developers and also has led to lack of interoperability or lack of deployment. Implementers and deployers are faced with multiple security issues in real-world usage of TLS, which currently does not preclude insecure ciphers and modes of operation,” the description in the working group’s charter says.
Paul Merrell

The "Cuban Twitter" Scam Is a Drop in the Internet Propaganda Bucket - The Intercept - 0 views

firstlook.org/...minating-government-propaganda

surveillance state propaganda psywar USAID State-Dept. Obama

shared by Paul Merrell on 06 Apr 14 - No Cached
  • This week, the Associated Press exposed a secret program run by the U.S. Agency for International Development to create “a Twitter-like Cuban communications network” run through “secret shell companies” in order to create the false appearance of being a privately owned operation. Unbeknownst to the service’s Cuban users was the fact that “American contractors were gathering their private data in the hope that it might be used for political purposes”–specifically, to manipulate those users in order to foment dissent in Cuba and subvert its government. According to top-secret documents published today by The Intercept, this sort of operation is frequently discussed at western intelligence agencies, which have plotted ways to covertly use social media for ”propaganda,” “deception,” “mass messaging,” and “pushing stories.” These ideas–discussions of how to exploit the internet, specifically social media, to surreptitiously disseminate viewpoints friendly to western interests and spread false or damaging information about targets–appear repeatedly throughout the archive of materials provided by NSA whistleblower Edward Snowden. Documents prepared by NSA and its British counterpart GCHQ–and previously published by The Intercept as well as some by NBC News–detailed several of those programs, including a unit devoted in part to “discrediting” the agency’s enemies with false information spread online.
  • he documents in the archive show that the British are particularly aggressive and eager in this regard, and formally shared their methods with their U.S. counterparts. One previously undisclosed top-secret document–prepared by GCHQ for the 2010 annual “SIGDEV” gathering of the “Five Eyes” surveillance alliance comprising the UK, Canada, New Zealand, Australia, and the U.S.–explicitly discusses ways to exploit Twitter, Facebook, YouTube, and other social media as secret platforms for propaganda.
  • The document was presented by GCHQ’s Joint Threat Research Intelligence Group (JTRIG). The unit’s self-described purpose is “using online techniques to make something happen in the real or cyber world,” including “information ops (influence or disruption).” The British agency describes its JTRIG and Computer Network Exploitation operations as a “major part of business” at GCHQ, conducting “5% of Operations.” The annual SIGDEV conference, according to one NSA document published today by The Intercept, “enables unprecedented visibility of SIGINT Development activities from across the Extended Enterprise, Second Party and US Intelligence communities.” The 2009 Conference, held at Fort Meade, included “eighty-six representatives from the wider US Intelligence Community, covering agencies as diverse as CIA (a record 50 participants), the Air Force Research Laboratory and the National Air and Space Intelligence Center.” Defenders of surveillance agencies have often insinuated that such proposals are nothing more than pipe dreams and wishful thinking on the part of intelligence agents. But these documents are not merely proposals or hypothetical scenarios. As described by the NSA document published today, the purpose of SIGDEV presentations is “to synchronize discovery efforts, share breakthroughs, and swap knowledge on the art of analysis.”
  • ...5 more annotations...
  • (The GCHQ document also describes a practice called “credential harvesting,” which NBC described as an effort to “select journalists who could be used to spread information” that the government wants distributed. According to the NBC report, GCHQ agents would employ “electronic snooping to identify non-British journalists who would then be manipulated to feed information to the target of a covert campaign.” Then, “the journalist’s job would provide access to the targeted individual, perhaps for an interview.” Anonymous sources that NBC didn’t characterize claimed at the time that GCHQ had not employed the technique.) Whether governments should be in the business of publicly disseminating political propaganda at all is itself a controversial question. Such activities are restricted by law in many countries, including the U.S. In 2008, The New York Times’ David Barstow won a Pulitzer Prize for exposing a domestic effort coordinated by the Pentagon whereby retired U.S. generals posed as “independent analysts” employed by American television networks and cable news outlets as they secretly coordinated their messaging with the Pentagon.
  • The GCHQ document we are publishing today expressly contemplates exploiting social media venues such as Twitter, as well as other communications venues including email, to seed state propaganda–GHCQ’s word, not mine–across the internet:
  • For instance: One of the programs described by the newly released GCHQ document is dubbed “Royal Concierge,” under which the British agency intercepts email confirmations of hotel reservations to enable it to subject hotel guests to electronic monitoring. It also contemplates how to “influence the hotel choice” of travelers and to determine whether they stay at “SIGINT friendly” hotels. The document asks: “Can we influence the hotel choice? Can we cancel their visit?” Previously, der Spiegel and NBC News both independently confirmed that the “Royal Concierge” program has been implemented and extensively used. The German magazine reported that “for more than three years, GCHQ has had a system to automatically monitor hotel bookings of at least 350 upscale hotels around the world in order to target, search, and analyze reservations to detect diplomats and government officials.” NBC reported that “the intelligence agency uses the information to spy on human targets through ‘close access technical operations,’ which can include listening in on telephone calls and tapping hotel computers as well as sending intelligence officers to observe the targets in person at the hotels.”
  • Because American law bars the government from employing political propaganda domestically, that program was likely illegal, though no legal accountability was ever brought to bear (despite all sorts of calls for formal investigations). Barack Obama, a presidential candidate at the time, pronounced himself in a campaign press release “deeply disturbed” by the Pentagon program, which he said “sought to manipulate the public’s trust.” Propagandizing foreign populations has generally been more legally acceptable. But it is difficult to see how government propaganda can be segregated from domestic consumption in the digital age. If American intelligence agencies are adopting the GCHQ’s tactics of “crafting messaging campaigns to go ‘viral’,” the legal issue is clear: A “viral” online propaganda campaign, by definition, is almost certain to influence its own citizens as well as those of other countries.
  • But these documents, along with the AP’s exposure of the sham “Cuban Twitter” program, underscore how aggressively western governments are seeking to exploit the internet as a means to manipulate political activity and shape political discourse. Those programs, carried out in secrecy and with little accountability (it seems nobody in Congress knew of the “Cuban Twitter” program in any detail) threaten the integrity of the internet itself, as state-disseminated propaganda masquerades as free online speech and organizing. There is thus little or no ability for an internet user to know when they are being covertly propagandized by their government, which is precisely what makes it so appealing to intelligence agencies, so powerful, and so dangerous.
  • Paul Merrell on 06 Apr 14
     
    Glenn Greenwald drops a choice few new documents. Well worth viewing. 
Paul Merrell

Documents Reveal Canada's Secret Hacking Tactics - The Intercept - 0 views

firstlook.org/...acking-cyberwar-secret-arsenal

surveillance state CSE NSA false-flag social media

shared by Paul Merrell on 24 Mar 15 - No Cached
  • Canada’s electronic surveillance agency has secretly developed an arsenal of cyberweapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents. Communications Security Establishment, or CSE, has also covertly hacked into computers across the world to gather intelligence, breaking into networks in Europe, Mexico, the Middle East and North Africa, the documents show. The revelations, reported Monday by CBC News in collaboration with The Intercept, shine a light for the first time on how Canada has adopted aggressive tactics to attack, sabotage and infiltrate targeted computer systems. The latest disclosures come as the Canadian government debates whether to hand over more powers to its spies to disrupt threats as part of the controversial anti-terrorism law, Bill C-51.
  • Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?” According to documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden, CSE has a wide range of powerful tools to perform “computer network exploitation” and “computer network attack” operations. These involve hacking into networks to either gather intelligence or to damage adversaries’ infrastructure, potentially including electricity, transportation or banking systems. The most well-known example of a state-sponsored “attack” operation involved the use of Stuxnet, a computer worm that was reportedly developed by the United States and Israel to sabotage Iranian nuclear facilities. One document from CSE, dated from 2011, outlines the range of methods the Canadian agency has at its disposal as part of a “cyber activity spectrum” to both defend against hacking attacks and to perpetrate them. CSE says in the document that it can “disable adversary infrastructure,” “control adversary infrastructure,” or “destroy adversary infrastructure” using the attack techniques. It can also insert malware “implants” on computers to steal data.
  • According to one top-secret NSA briefing paper, dated from 2013, Canada is considered an important player in global hacking operations. Under the heading “NSA and CSEC cooperate closely in the following areas,” the paper notes that the agencies work together on “active computer network access and exploitation on a variety of foreign intelligence targets, including CT [counter terrorism], Middle East, North Africa, Europe, and Mexico.” (The NSA had not responded to a request for comment at time of publication. The agency has previously told The Intercept that it “works with foreign partners to address a wide array of serious threats, including terrorist plots, the proliferation of weapons of mass destruction, and foreign aggression.”) Notably, CSE has gone beyond just adopting a range of tools to hack computers. According to the Snowden documents, it has a range of “deception techniques” in its toolbox. These include “false flag” operations to “create unrest,” and using so-called “effects” operations to “alter adversary perception.” A false-flag operation usually means carrying out an attack, but making it look like it was performed by another group — in this case, likely another government or hacker. Effects operations can involve sending out propaganda across social media or disrupting communications services. The newly revealed documents also reveal that CSE says it can plant a “honeypot” as part of its deception tactics, possibly a reference to some sort of bait posted online that lures in targets so that they can be hacked or monitored.
  • ...1 more annotation...
  • The apparent involvement of CSE in using the deception tactics suggests it is operating in the same area as a secretive British unit known as JTRIG, a division of the country’s eavesdropping agency, Government Communications Headquarters, or GCHQ. Last year, The Intercept published documents from Snowden showing that the JTRIG unit uses a range of effects operations to manipulate information online, such as by rigging the outcome of online polls, sending out fake messages on Facebook across entire countries, and posting negative information about targets online to damage their reputations.
Paul Merrell

How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputatio... - 0 views

firstlook.org/...jtrig-manipulation

surveillance state NSA GCHQ 1st Amendment NSA-methods destroying-reputations

shared by Paul Merrell on 25 Feb 14 - No Cached
  • One of the many pressing stories that remains to be told from the Snowden archive is how western intelligence agencies are attempting to manipulate and control online discourse with extreme tactics of deception and reputation-destruction. It’s time to tell a chunk of that story, complete with the relevant documents. Over the last several weeks, I worked with NBC News to publish a series of articles about “dirty trick” tactics used by GCHQ’s previously secret unit, JTRIG (Joint Threat Research Intelligence Group). These were based on four classified GCHQ documents presented to the NSA and the other three partners in the English-speaking “Five Eyes” alliance. Today, we at the Intercept are publishing another new JTRIG document, in full, entitled “The Art of Deception: Training for Online Covert Operations.” By publishing these stories one by one, our NBC reporting highlighted some of the key, discrete revelations: the monitoring of YouTube and Blogger, the targeting of Anonymous with the very same DDoS attacks they accuse “hacktivists” of using, the use of “honey traps” (luring people into compromising situations using sex) and destructive viruses. But, here, I want to focus and elaborate on the overarching point revealed by all of these documents: namely, that these agencies are attempting to control, infiltrate, manipulate, and warp online discourse, and in doing so, are compromising the integrity of the internet itself.
  • Paul Merrell on 25 Feb 14
     
    Government retaliation for exercise of First Amendment rights by covert destruction of reputations.  
Paul Merrell

In rare loss, FISA court rejects Justice Dept request to retain data - RT USA - 0 views

rt.com/...isa-rejects-justice-retain-574

surveillance state NSA DoJ FISA-Court ACLU litigation

shared by Paul Merrell on 12 Mar 14 - No Cached
  • The federal surveillance court that has approved all but a fraction of the NSA's intelligence requests nonetheless rejected a petition by the government to retain phone records for longer than five years, as is currently allowed.
  • The US Foreign Intelligence Surveillance Court (also known as the FISA Court) was established in 1978 as a gatekeeper that would approve or deny surveillance warrants against suspect foreign enemies living inside the United States. Since that date, the court has denied 11 of the nearly 34,000 surveillance requests by the government. While judges on the court have said that they force the government to make changes to approximately one-quarter of those requests, the .03 percent decline rate has been startling to civil liberties advocates. Judge Reggie Walton acted as a rare bump in that road this week when he denied the US Department of Justice’s request to keep the telephone metadata collected by the NSA past the five-year deadline. The Obama administration had asked the FISA Court to bend the rules so that the Justice Department could adequately defend itself from a series of lawsuits filed by various groups, the American Civil Liberties Union (ACLU) and Electronic Frontier Foundation (EFF) chief among them. US attorneys argued in a court filing last month that when “preservation of information is required, the duty to preserve supersedes statutory or regulatory requirements or records-management policies that would otherwise result in the destruction of the information.”
  • Authorities proposed that the information be retained, although they sought to make it illegal for any NSA analyst to examine the data as they would information that is not five years old. That is not enough of an excuse, Walton ruled, saying that he found that rationale to be “simply unresponsive” and that the groups that have filed suit are hoping for “the destruction of the [telephone] metadata, not its retention.” The judge concluded that any reason to keep the telephone records is outweighed by the damage that such a decision would do to privacy. Justice Department attorneys may have expected such a decision from Walton who, even as chief judge of the FISA Court, has admitted skepticism with the program since the government’s methods were first revealed. Judge Walton told The Washington Post in August that the court, which is supposed to act as the final barometer, is unable to verify the very information provided by law enforcement. “The FISC is forced to rely upon the accuracy of the information that is provided to the court,” he wrote. “The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders.”
Paul Merrell

Exclusive: U.S. directs agents to cover up program used to investigate Americans - chic... - 0 views

www.chicagotribune.com/...-20130805,0,2087915,full.story

security state NSA DEA lies

shared by Paul Merrell on 06 Aug 13 - No Cached
  • WASHINGTON (Reuters) - A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans. Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges. The undated documents show that federal agents are trained to "recreate" the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant's Constitutional right to a fair trial. If defendants don't know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence - information that could reveal entrapment, mistakes or biased witnesses.
  • The unit of the DEA that distributes the information is called the Special Operations Division, or SOD. Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security. It was created in 1994 to combat Latin American drug cartels and has grown from several dozen employees to several hundred. Today, much of the SOD's work is classified, and officials asked that its precise location in Virginia not be revealed. The documents reviewed by Reuters are marked "Law Enforcement Sensitive," a government categorization that is meant to keep them confidential. "Remember that the utilization of SOD cannot be revealed or discussed in any investigative function," a document presented to agents reads. The document specifically directs agents to omit the SOD's involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use "normal investigative techniques to recreate the information provided by SOD."
  • A spokesman with the Department of Justice, which oversees the DEA, declined to comment. But two senior DEA officials defended the program, and said trying to "recreate" an investigative trail is not only legal but a technique that is used almost daily.
  • ...2 more annotations...
  • A former federal agent in the northeastern United States who received such tips from SOD described the process. "You'd be told only, ‘Be at a certain truck stop at a certain time and look for a certain vehicle.' And so we'd alert the state police to find an excuse to stop that vehicle, and then have a drug dog search it," the agent said. "PARALLEL CONSTRUCTION" After an arrest was made, agents then pretended that their investigation began with the traffic stop, not with the SOD tip, the former agent said. The training document reviewed by Reuters refers to this process as "parallel construction." The two senior DEA officials, who spoke on behalf of the agency but only on condition of anonymity, said the process is kept secret to protect sources and investigative methods. "Parallel construction is a law enforcement technique we use every day," one official said. "It's decades old, a bedrock concept." A dozen current or former federal agents interviewed by Reuters confirmed they had used parallel construction during their careers. Most defended the practice; some said they understood why those outside law enforcement might be concerned.
  • Today, the SOD offers at least three services to federal, state and local law enforcement agents: coordinating international investigations such as the Bout case; distributing tips from overseas NSA intercepts, informants, foreign law enforcement partners and domestic wiretaps; and circulating tips from a massive database known as DICE. The DICE database contains about 1 billion records, the senior DEA officials said. The majority of the records consist of phone log and Internet data gathered legally by the DEA through subpoenas, arrests and search warrants nationwide. Records are kept for about a year and then purged, the DEA officials said. About 10,000 federal, state and local law enforcement agents have access to the DICE database, records show. They can query it to try to link otherwise disparate clues. Recently, one of the DEA officials said, DICE linked a man who tried to smuggle $100,000 over the U.S. southwest border to a major drug case on the East Coast.
Paul Merrell

Tap on Merkel Provides Peek at Vast Spy Net - NYTimes.com - 0 views

www.nytimes.com/...ides-peek-at-vast-spy-net.html

surveillance state NSA NSA-targets NSA-methods

shared by Paul Merrell on 02 Nov 13 - No Cached
  • In testimony to Congress on Tuesday, the director of national intelligence, James R. Clapper Jr., gave only the roughest sketch of the size of the N.S.A.’s surveillance program, but suggested that the leader of the United States’ most powerful European ally was a single fish in a very big sea. “We’re talking about a huge enterprise here with thousands and thousands of individual requirements,” he said, using a phrase that appeared to mean individual surveillance targets. Mr. Clapper said that the United States spies on foreign leaders and other officials to see “if what they’re saying gels with what’s actually going on,” and how the policies of other countries “impact us across a whole range of issues.”
  • The N.S.A. tries to gather cellular and landline phone numbers — often obtained from American diplomats — for as many foreign officials as possible. The contents of the phone calls are stored in computer databases that can regularly be searched using keywords. “They suck up every phone number they can in Germany,” said one former intelligence official. The databases are different from those housing telephone “metadata” — information about phone numbers on each end of a call and the call’s length — to find links between terrorism suspects. “Metadata is only valuable if you are trying to track the activities of a terrorist or a spy,” said the former American intelligence official. By comparison, allied leaders are low-level priorities. In the “National Intelligence Priorities Framework,” a matrix approved by the president and updated regularly, information on members of Al Qaeda and other terrorist groups, the whereabouts of nuclear weapons in Pakistan or North Korea, or the conversations of nuclear scientists in Iran are all front-burner intelligence issues. Ranked just below them are questions about the leadership of adversaries, like Russia, China or Iran, or the state of their economies.
  • Paul Merrell on 02 Nov 13
     
    "Mr. Clapper said that the United States spies on foreign leaders and other officials to see 'if what they're saying gels with what's actually going on,' and how the policies of other countries 'impact us across a whole range of issues.'" Note that none of the above has anything to do with Terrorism and very little if anything to do with national security.  Also noteworthy later in the article, "'Metadata is [sic] only valuable if you are trying to track the activities of a terrorist or a spy,' said the former American intelligence official."
Paul Merrell

The Only Thing We Have to Fear Is -- The CIA | War Is A Crime .org - 0 views

warisacrime.org/...only-thing-we-have-fear-cia

conspiracies JFK Obama CIA Senate-Intelligence_Committee-Report CIA-stonewalling

shared by Paul Merrell on 24 Dec 13 - No Cached
  • Fifty years ago, exactly one month after John Kennedy was killed, the Washington Post published an op-ed titled “Limit CIA Role to Intelligence.” The first sentence of that op-ed on Dec. 22, 1963, read, “I think it has become necessary to take another look at the purpose and operations of our Central Intelligence Agency.” It sounded like the intro to a bleat from some liberal professor or journalist. Not so. The writer was former President Harry S. Truman, who spearheaded the establishment of the CIA 66 years ago, right after World War II, to better coordinate U.S. intelligence gathering. But the spy agency had lurched off in what Truman thought were troubling directions.
  • Is this why the President feels he cannot fire his clumsily devious Director of National Intelligence James Clapper, who had to apologize to Congress for giving “clearly erroneous” testimony in March? Is this why he allows National Security Agency Director Keith Alexander and counterparts in the FBI to continue to mislead the American people, even though the intermittent snow showers from Snowden show our senior national security officials to have lied — and to have been out of control? This may be small solace to President Obama, but there is no sign that the NSA documents that Snowden’s has released include the Senate Intelligence Committee’s 6,300-page report on CIA torture. Rather, that report, at least, seems sure to be under Obama’s and Senate Intelligence Committee chair Dianne Feinstein’s tight control.
  • But Kennedy stuck to his guns, so to speak. He fired Dulles and his co-conspirators a few months after the abortive invasion, and told a friend that he wanted to “splinter the CIA into a thousand pieces and scatter it into the winds.” The outrage was very obviously mutual.
  • ...11 more annotations...
  • Truman concluded the op-ed with an admonition that was as clear as the syntax was clumsy: “I would like to see the CIA restored to its original assignment as the intelligence arm of the President, and that whatever else it can properly perform in that special field – and that its operational duties be terminated or properly used elsewhere.” The importance and prescient nature of that admonition are even clearer today, a half-century later.
  • After Kennedy was murdered in Dallas, the patrician, well-connected Dulles got himself appointed to the Warren Commission and took the lead in shaping the investigation of JFK’s assassination. Documents in the Truman Library show that Dulles also mounted a small domestic covert action of his own to neutralize any future airing of Truman’s and Souers’s warnings about covert action.
  • As the de facto head of the Warren Commission, Dulles was perfectly positioned to protect himself and his associates, were any commissioners or investigators — or journalists — tempted to question whether Dulles and the CIA played a role in killing Kennedy. And so, the question: Did Allen Dulles and other “cloak-and-dagger” CIA operatives have a hand in John Kennedy’s assassination and in then covering it up? In my view, the best dissection of the evidence pertaining to the murder appeared in James Douglass’s 2008 book, JFK and the Unspeakable. After updating and arraying the abundant evidence, and conducting still more interviews, Douglass concludes that the answer is Yes.
  • The mainstream media had an allergic reaction to Douglass’s book and gave it almost no reviews. It is, nevertheless, still selling well. And, more important, it seems a safe bet that President Barack Obama knows what it says and maybe has even read it. This may go some way toward explaining why Obama has been so deferential to the CIA, NSA, FBI and the Pentagon. Could this be at least part of the reason he felt he had to leave the Cheney/Bush-anointed torturers, kidnappers and black-prison wardens in place, instructing his first CIA chief Leon Panetta to become, in effect, the agency’s lawyer rather than leader.
  • Sadly, those concerns that Truman expressed in that op-ed — that he had inadvertently helped create a Frankenstein monster — are as valid today as they were 50 years ago, if not more so.
  • But the timorous President has a big problem. He is acutely aware that, if released, the Senate committee report would create a firestorm – almost certainly implicating Obama’s CIA Director John Brennan and many other heavy-hitters of whom he appears to be afraid. And so Obama has allowed Brennan to play bureaucratic games, delaying release of the report for more than a year, even though its conclusions are said to closely resemble earlier findings of the CIA’s own Inspector General and the Constitution Project (see below).
  • Hat tip to the New Yorker’s Jane Mayer, who took the trouble to read the play-by-play of testimony to the Senate Intelligence Committee by former CIA General Counsel (2009-2013) Stephen W. Preston, nominated (and now confirmed) to be general counsel at the Department of Defense. Under questioning by Sen. Mark Udall, D-Colorado, Preston admitted outright that, contrary to the CIA’s insistence that it did not actively impede congressional oversight of its detention and interrogation program, “briefings to the committee included inaccurate information related to aspects of the program of express interest to Members.”
  • That “inaccurate information” apparently is thoroughly documented in the Senate Intelligence Committee report which, largely because of the CIA’s imaginative foot-dragging, cost taxpayers $40 million. Udall has revealed that the report (which includes 35,000 footnotes) contains a very long section titled “C.I.A. Representations on the C.I.A. Interrogation Program and the Effectiveness of the C.I.A.’s Enhanced Interrogation Techniques to Congress.” Preston also acknowledged that the CIA inadequately informed the Justice Department on interrogation and detention. He said, “CIA’s efforts fell well short of our current practices when it comes to providing information relevant to [the Office of Legal Counsel]’s legal analysis.”
  • As Katherine Hawkins, the senior investigator for last April’s bipartisan, independent report by the Constitution Project’s Task Force on Detainee Treatment, noted in an Oct. 18, 2013 posting, the memos from acting OLC chief, Steven Bradbury, relied very heavily on now-discredited CIA claims that “enhanced interrogation” saved lives, and that the sessions were carefully monitored by medical and psychological personnel to ensure that detainees’ suffering would not rise to the level of torture. According to Hawkins, Udall complained – and Preston admitted – that, in providing the materials requested by the committee, “the CIA removed several thousand CIA documents that the agency thought could be subjected to executive privilege claims by the President, without any decision by Obama to invoke the privilege.”
  • Worse still for the CIA, the Senate Intelligence Committee report apparently destroys the agency’s argument justifying torture on the grounds that there was no other way to acquire the needed information save through brutalization. In his answers to Udall, Preston concedes that, contrary to what the agency has argued, it can and has been established that legal methods of interrogation would have yielded the same intelligence. Is anyone still wondering why our timid President is likely to sit on the Senate Intelligence Committee report for as long as he can? Or why he will let John Brennan redact it to a fare-thee-well, if he is eventually forced to release some of it by pressure from folks who care about things like torture?
  • It does appear that the newly taciturn CIA Director Brennan has inordinate influence over the President in such matters – not unlike the influence that both DNI Clapper and NSA Director Alexander seem able to exert. In this respect, Brennan joins the dubious company of the majority of his predecessor CIA directors, as they made abundantly clear when they went to inordinate lengths to prevent their torturer colleagues from being held accountable. (Also, see “CIA Torturers Running Scared,” Sept. 20, 2009; or “Are Presidents Afraid of the CIA?” Dec. 29, 2009)
Paul Merrell

Operation Socialist: How GCHQ Spies Hacked Belgium's Largest Telco - 0 views

firstlook.org/...elgacom-hack-gchq-inside-story

surveillance state GCHQ NSA Regin-malware Belgacom

shared by Paul Merrell on 15 Dec 14 - No Cached
  • When the incoming emails stopped arriving, it seemed innocuous at first. But it would eventually become clear that this was no routine technical problem. Inside a row of gray office buildings in Brussels, a major hacking attack was in progress. And the perpetrators were British government spies. It was in the summer of 2012 that the anomalies were initially detected by employees at Belgium’s largest telecommunications provider, Belgacom. But it wasn’t until a year later, in June 2013, that the company’s security experts were able to figure out what was going on. The computer systems of Belgacom had been infected with a highly sophisticated malware, and it was disguising itself as legitimate Microsoft software while quietly stealing data. Last year, documents from National Security Agency whistleblower Edward Snowden confirmed that British surveillance agency Government Communications Headquarters was behind the attack, codenamed Operation Socialist. And in November, The Intercept revealed that the malware found on Belgacom’s systems was one of the most advanced spy tools ever identified by security researchers, who named it “Regin.”
  • The full story about GCHQ’s infiltration of Belgacom, however, has never been told. Key details about the attack have remained shrouded in mystery—and the scope of the attack unclear. Now, in partnership with Dutch and Belgian newspapers NRC Handelsblad and De Standaard, The Intercept has pieced together the first full reconstruction of events that took place before, during, and after the secret GCHQ hacking operation. Based on new documents from the Snowden archive and interviews with sources familiar with the malware investigation at Belgacom, The Intercept and its partners have established that the attack on Belgacom was more aggressive and far-reaching than previously thought. It occurred in stages between 2010 and 2011, each time penetrating deeper into Belgacom’s systems, eventually compromising the very core of the company’s networks.
  • When the incoming emails stopped arriving, it seemed innocuous at first. But it would eventually become clear that this was no routine technical problem. Inside a row of gray office buildings in Brussels, a major hacking attack was in progress. And the perpetrators were British government spies. It was in the summer of 2012 that the anomalies were initially detected by employees at Belgium’s largest telecommunications provider, Belgacom. But it wasn’t until a year later, in June 2013, that the company’s security experts were able to figure out what was going on. The computer systems of Belgacom had been infected with a highly sophisticated malware, and it was disguising itself as legitimate Microsoft software while quietly stealing data. Last year, documents from National Security Agency whistleblower Edward Snowden confirmed that British surveillance agency Government Communications Headquarters was behind the attack, codenamed Operation Socialist. And in November, The Intercept revealed that the malware found on Belgacom’s systems was one of the most advanced spy tools ever identified by security researchers, who named it “Regin.”
  • ...7 more annotations...
  • Snowden told The Intercept that the latest revelations amounted to unprecedented “smoking-gun attribution for a governmental cyber attack against critical infrastructure.” The Belgacom hack, he said, is the “first documented example to show one EU member state mounting a cyber attack on another…a breathtaking example of the scale of the state-sponsored hacking problem.”
  • Publicly, Belgacom has played down the extent of the compromise, insisting that only its internal systems were breached and that customers’ data was never found to have been at risk. But secret GCHQ documents show the agency gained access far beyond Belgacom’s internal employee computers and was able to grab encrypted and unencrypted streams of private communications handled by the company. Belgacom invested several million dollars in its efforts to clean-up its systems and beef-up its security after the attack. However, The Intercept has learned that sources familiar with the malware investigation at the company are uncomfortable with how the clean-up operation was handled—and they believe parts of the GCHQ malware were never fully removed.
  • The revelations about the scope of the hacking operation will likely alarm Belgacom’s customers across the world. The company operates a large number of data links internationally (see interactive map below), and it serves millions of people across Europe as well as officials from top institutions including the European Commission, the European Parliament, and the European Council. The new details will also be closely scrutinized by a federal prosecutor in Belgium, who is currently carrying out a criminal investigation into the attack on the company. Sophia in ’t Veld, a Dutch politician who chaired the European Parliament’s recent inquiry into mass surveillance exposed by Snowden, told The Intercept that she believes the British government should face sanctions if the latest disclosures are proven.
  • What sets the secret British infiltration of Belgacom apart is that it was perpetrated against a close ally—and is backed up by a series of top-secret documents, which The Intercept is now publishing.
  • Between 2009 and 2011, GCHQ worked with its allies to develop sophisticated new tools and technologies it could use to scan global networks for weaknesses and then penetrate them. According to top-secret GCHQ documents, the agency wanted to adopt the aggressive new methods in part to counter the use of privacy-protecting encryption—what it described as the “encryption problem.” When communications are sent across networks in encrypted format, it makes it much harder for the spies to intercept and make sense of emails, phone calls, text messages, internet chats, and browsing sessions. For GCHQ, there was a simple solution. The agency decided that, where possible, it would find ways to hack into communication networks to grab traffic before it’s encrypted.
  • The Snowden documents show that GCHQ wanted to gain access to Belgacom so that it could spy on phones used by surveillance targets travelling in Europe. But the agency also had an ulterior motive. Once it had hacked into Belgacom’s systems, GCHQ planned to break into data links connecting Belgacom and its international partners, monitoring communications transmitted between Europe and the rest of the world. A map in the GCHQ documents, named “Belgacom_connections,” highlights the company’s reach across Europe, the Middle East, and North Africa, illustrating why British spies deemed it of such high value.
  • Documents published with this article: Automated NOC detection Mobile Networks in My NOC World Making network sense of the encryption problem Stargate CNE requirements NAC review – October to December 2011 GCHQ NAC review – January to March 2011 GCHQ NAC review – April to June 2011 GCHQ NAC review – July to September 2011 GCHQ NAC review – January to March 2012 GCHQ Hopscotch Belgacom connections
Paul Merrell

Government Assessment of the Syrian Government's Use of Chemical Weapons on August 21, ... - 0 views

www.whitehouse.gov/...use-chemical-weapons-august-21

war & peace Syria WMD Obama intelligence-summary must-read

shared by Paul Merrell on 30 Aug 13 - No Cached
  • The United States Government assesses with high confidence that the Syrian government carried out a chemical weapons attack in the Damascus suburbs on August 21, 2013. We further assess that the regime used a nerve agent in the attack. These all-source assessments are based on human, signals, and geospatial intelligence as well as a significant body of open source reporting.Our classified assessments have been shared with the U.S. Congress and key international partners. To protect sources and methods, we cannot publicly release all available intelligence – but what follows is an unclassified summary of the U.S. Intelligence Community’s analysis of what took place.
  • We assess with high confidence that the Syrian government carried out the chemical weapons attack against opposition elements in the Damascus suburbs on August 21. We assess that the scenario in which the opposition executed the attack on August 21 is highly unlikely. The body of information used to make this assessment includes intelligence pertaining to the regime’s preparations for this attack and its means of delivery, multiple streams of intelligence about the attack itself and its effect, our post-attack observations, and the differences between the capabilities of the regime and the opposition. Our high confidence assessment is the strongest position that the U.S. Intelligence Community can take short of confirmation. We will continue to seek additional information to close gaps in our understanding of what took place.
  • We assess with high confidence that the Syrian regime has used chemical weapons on a small scale against the opposition multiple times in the last year, including in the Damascus suburbs. This assessment is based on multiple streams of information including reporting of Syrian officials planning and executing chemical weapons attacks and laboratory analysis of physiological samples obtained from a number of individuals, which revealed exposure to sarin. We assess that the opposition has not used chemical weapons.
  • ...6 more annotations...
  • The Syrian regime has initiated an effort to rid the Damascus suburbs of opposition forces using the area as a base to stage attacks against regime targets in the capital. The regime has failed to clear dozens of Damascus neighborhoods of opposition elements, including neighborhoods targeted on August 21, despite employing nearly all of its conventional weapons systems. We assess that the regime’s frustration with its inability to secure large portions of Damascus may have contributed to its decision to use chemical weapons on August 21
  • On August 21, a Syrian regime element prepared for a chemical weapons attack in the Damascus area, including through the utilization of gas masks. Our intelligence sources in the Damascus area did not detect any indications in the days prior to the attack that opposition affiliates were planning to use chemical weapons.
  • Multiple streams of intelligence indicate that the regime executed a rocket and artillery attack against the Damascus suburbs in the early hours of August 21. Satellite detections corroborate that attacks from a regime-controlled area struck neighborhoods where the chemical attacks reportedly occurred – including Kafr Batna, Jawbar, ‘Ayn Tarma, Darayya, and Mu’addamiyah. This includes the detection of rocket launches from regime controlled territory early in the morning, approximately 90 minutes before the first report of a chemical attack appeared in social media. The lack of flight activity or missile launches also leads us to conclude that the regime used rockets in the attack.
  • Three hospitals in the Damascus area received approximately 3,600 patients displaying symptoms consistent with nerve agent exposure in less than three hours on the morning of August 21, according to a highly credible international humanitarian organization. The reported symptoms, and the epidemiological pattern of events – characterized by the massive influx of patients in a short period of time, the origin of the patients, and the contamination of medical and first aid workers – were consistent with mass exposure to a nerve agent. We also received reports from international and Syrian medical personnel on the ground.
  • We have identified one hundred videos attributed to the attack, many of which show large numbers of bodies exhibiting physical signs consistent with, but not unique to, nerve agent exposure. The reported symptoms of victims included unconsciousness, foaming from the nose and mouth, constricted pupils, rapid heartbeat, and difficulty breathing. Several of the videos show what appear to be numerous fatalities with no visible injuries, which is consistent with death from chemical weapons, and inconsistent with death from small-arms, high-explosive munitions or blister agents. At least 12 locations are portrayed in the publicly available videos, and a sampling of those videos confirmed that some were shot at the general times and locations described in the footage. We assess the Syrian opposition does not have the capability to fabricate all of the videos, physical symptoms verified by medical personnel and NGOs, and other information associated with this chemical attack. We have a body of information, including past Syrian practice, that leads us to conclude that regime officials were witting of and directed the attack on August 21. We intercepted communications involving a senior official intimately familiar with the offensive who confirmed that chemical weapons were used by the regime on August 21 and was concerned with the U.N. inspectors obtaining evidence. On the afternoon of August 21, we have intelligence that Syrian chemical weapons personnel were directed to cease operations.
  • To conclude, there is a substantial body of information that implicates the Syrian government’s responsibility in the chemical weapons attack that took place on August 21.As indicated, there is additional intelligence that remains classified because of sources and methods concerns that is being provided to Congress and international partners. Syria: Damascus Areas of Influence and Areas Reportedly Affected by 21 August Chemical Attack
  • Paul Merrell on 30 Aug 13
     
    Well, here's what the public gets told, from a President and his intelligence community that have been caught in lie after lie in the NSA scandal this summer. And of course, to "protect sources and methods, we cannot publicly release all available intelligence." One thing is certain: The "high confidence" of the summary does not acknowledge the doubt about that confidence expressed by government officials speaking anonymously to the Associated Press before the report was released. http://bigstory.ap.org/article/ap-sources-intelligence-weapons-no-slam-dunk   I'll have more later. 
Paul Merrell

ExposeFacts - For Whistleblowers, Journalism and Democracy - 0 views

exposefacts.org

transparency whistle-blowers resources Wikileaks Tail

shared by Paul Merrell on 06 Jun 14 - No Cached
  • Launched by the Institute for Public Accuracy in June 2014, ExposeFacts.org represents a new approach for encouraging whistleblowers to disclose information that citizens need to make truly informed decisions in a democracy. From the outset, our message is clear: “Whistleblowers Welcome at ExposeFacts.org.” ExposeFacts aims to shed light on concealed activities that are relevant to human rights, corporate malfeasance, the environment, civil liberties and war. At a time when key provisions of the First, Fourth and Fifth Amendments are under assault, we are standing up for a free press, privacy, transparency and due process as we seek to reveal official information—whether governmental or corporate—that the public has a right to know. While no software can provide an ironclad guarantee of confidentiality, ExposeFacts—assisted by the Freedom of the Press Foundation and its “SecureDrop” whistleblower submission system—is utilizing the latest technology on behalf of anonymity for anyone submitting materials via the ExposeFacts.org website. As journalists we are committed to the goal of protecting the identity of every source who wishes to remain anonymous.
  • The seasoned editorial board of ExposeFacts will be assessing all the submitted material and, when deemed appropriate, will arrange for journalistic release of information. In exercising its judgment, the editorial board is able to call on the expertise of the ExposeFacts advisory board, which includes more than 40 journalists, whistleblowers, former U.S. government officials and others with wide-ranging expertise. We are proud that Pentagon Papers whistleblower Daniel Ellsberg was the first person to become a member of the ExposeFacts advisory board. The icon below links to a SecureDrop implementation for ExposeFacts overseen by the Freedom of the Press Foundation and is only accessible using the Tor browser. As the Freedom of the Press Foundation notes, no one can guarantee 100 percent security, but this provides a “significantly more secure environment for sources to get information than exists through normal digital channels, but there are always risks.” ExposeFacts follows all guidelines as recommended by Freedom of the Press Foundation, and whistleblowers should too; the SecureDrop onion URL should only be accessed with the Tor browser — and, for added security, be running the Tails operating system. Whistleblowers should not log-in to SecureDrop from a home or office Internet connection, but rather from public wifi, preferably one you do not frequent. Whistleblowers should keep to a minimum interacting with whistleblowing-related websites unless they are using such secure software.
    • Gary Edwards
      Gary Edwards on 07 Jun 14
       
      Thanks Paul! Great article and I agree with you about switching. Rather than a USB, I would rather look into a SSD and try to isolate performance to an ISP bandwidth issue. FYI, I read your Diigo posts daily at this Web site: https://groups.diigo.com/group/socialism-and-the-end-of-the-american-dream/content/user/marbux Seems to be the best visual presentation of your research. I do however think Diigo could improve their hosting of this research by enabling more extensive comments. Notice that your comments are often clipped :( Still, I really do appreciate your sharing both your research and your commentary. Priceless stuff! Many thanks! ~ge~
  • Paul Merrell on 06 Jun 14
     
    A new resource site for whistle-blowers. somewhat in the tradition of Wikileaks, but designed for encrypted communications between whistleblowers and journalists.  This one has an impressive board of advisors that includes several names I know and tend to trust, among them former whistle-blowers Daniel Ellsberg, Ray McGovern, Thomas Drake, William Binney, and Ann Wright. Leaked records can only be dropped from a web browser running the Tor anonymizer software and uses the SecureDrop system originally developed by Aaron Schwartz. They strongly recommend using the Tails secure operating system that can be installed to a thumb drive and leaves no tracks on the host machine. https://tails.boum.org/index.en.html Curious, I downloaded Tails and installed it to a virtual machine. It's a heavily customized version of Debian. It has a very nice Gnome desktop and blocks any attempt to connect to an external network by means other than installed software that demands encrypted communications. For example, web sites can only be viewed via the Tor anonymizing proxy network. It does take longer for web pages to load because they are moving over a chain of proxies, but even so it's faster than pages loaded in the dial-up modem days, even for web pages that are loaded with graphics, javascript, and other cruft. E.g., about 2 seconds for New York Times pages. All cookies are treated by default as session cookies so disappear when you close the page or the browser. I love my Linux Mint desktop, but I am thinking hard about switching that box to Tails. I've been looking for methods to send a lot more encrypted stuff down the pipe for NSA to store. Tails looks to make that not only easy, but unavoidable. From what I've gathered so far, if you want to install more software on Tails, it takes about an hour to create a customized version and then update your Tails installation from a new ISO file. Tails has a wonderful odor of having been designed for secure computing. Current
« First ‹ Previous 41 - 60 of 81 Next › Last »
Showing 20 items per page