Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged NSA-paranoia

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Your Computer May Already be Hacked - NSA Inside? | Steve Blank - 1 views

steveblank.com/...y-already-be-hacked-nsa-inside

surveillance state NSA NSA-targets NSA-backdoors CPU-backdoors

shared by Paul Merrell on 22 Dec 13 - No Cached
  • But while the interviewer focused on the Skype revelation, I thought the most interesting part was the other claim, “that the National Security Agency already had pre-encryption stage access to email on Outlook.”  Say what??  They can see the plaintext on my computer before I encrypt it? That defeats any/all encryption methods. How could they do that? Bypass Encryption While most outside observers think the NSA’s job is cracking encrypted messages, as the Prism disclosures have shown, the actual mission is simply to read all communications. Cracking codes is a last resort.
  • The NSA has a history of figuring out how to get to messages before or after they are encrypted. Whether it was by putting keyloggers on keyboards and recording the keystrokes or detecting the images of the characters as they were being drawn on a CRT. Today every desktop and laptop computer has another way for the NSA to get inside. Intel Inside It’s inevitable that complex microprocessors have bugs in them when they ship. When the first microprocessors shipped the only thing you could hope is that the bug didn’t crash your computer. The only way the chip vendor could fix the problem was to physically revise the chip and put out a new version. But computer manufacturers and users were stuck if you had an old chip. After a particularly embarrassing math bug in 1994 that cost Intel $475 million, the company decided to fix the problem by allowing it’s microprocessors to load fixes automatically when your computer starts.
  • Starting in 1996 with the Intel P6 (Pentium Pro) to today’s P7 chips (Core i7) these processors contain instructions that are reprogrammable in what is called microcode. Intel can fix bugs on the chips by reprogramming a microprocessors microcode with a patch. This patch, called a microcode update, can be loaded into a processor by using special CPU instructions reserved for this purpose. These updates are not permanent, which means each time you turn the computer on, its microprocessor is reset to its built-in microcode, and the update needs to be applied again (through a computer’s BIOS.). Since 2000, Intel has put out 29 microcode updates to their processors. The microcode is distributed by 1) Intel or by 2) Microsoft integrated into a BIOS or 3) as part of a Windows update. Unfortunately, the microcode update format is undocumented and the code is encrypted. This allows Intel to make sure that 3rd parties can’t make unauthorized add-ons to their chips. But it also means that no one can look inside to understand the microcode, which makes it is impossible to know whether anyone is loading a backdoor into your computer.
  • ...3 more annotations...
  • Or perhaps the NSA, working with Intel and/or Microsoft, have wittingly have put backdoors in the microcode updates. A backdoor is is a way of gaining illegal remote access to a computer by getting around the normal security built-in to the computer. Typically someone trying to sneak malicious software on to a computer would try to install a rootkit (software that tries to conceal the malicious code.) A rootkit tries to hide itself and its code, but security conscious sites can discover rootkits by tools that check kernel code and data for changes. But what if you could use the configuration and state of microprocessor hardware in order to hide? You’d be invisible to all rootkit detection techniques that checks the operating system. Or what if you can make the microprocessor random number generator (the basis of encryption) not so random for a particular machine? (The NSA’s biggest coup was inserting backdoors in crypto equipment the Swiss sold to other countries.) Rather than risk getting caught messing with everyone’s updates, my bet is that the NSA has compromised the microcode update signing keys  giving the NSA the ability to selectively target specific computers. (Your operating system ensures security of updates by checking downloaded update packages against the signing key.) The NSA then can send out backdoors disguised as a Windows update for “security.” (Ironic but possible.) That means you don’t need backdoors baked in the hardware, don’t need Intel’s buy-in, don’t have discoverable rootkits, and you can target specific systems without impacting the public at large.
  • A few months ago these kind of discussions would have been theory at best, if not paranoia.
  • The Prism disclosures prove otherwise – the National Security Agency has decided it needs the ability to capture all communications in all forms. Getting inside of a target computer and weakening its encryption or having access to the plaintext of encrypted communication seems likely. Given the technical sophistication of the other parts of their surveillance net, the surprise would be if they haven’t implemented a microcode backdoor. The downside is that 1) backdoors can be hijacked by others with even worse intent. So if NSA has a microcode backdoor – who else is using it? and 2) What other pieces of our infrastructure, (routers, smartphones, military computers, satellites, etc) use processors with uploadable microcode? —— And that may be why the Russian president is now using a typewriter rather than a personal computer.
Paul Merrell

Spies worry over doomsday cache stashed by ex-NSA contractor Snowden | Reuters - 0 views

www.reuters.com/...doomsday-idUSBRE9AO0Y120131125

surveillance state NSA NSA-paranoia Snowden

shared by Paul Merrell on 27 Nov 13 - No Cached
  • (Reuters) - British and U.S. intelligence officials say they are worried about a "doomsday" cache of highly classified, heavily encrypted material they believe former National Security Agency contractor Edward Snowden has stored on a data cloud. The cache contains documents generated by the NSA and other agencies and includes names of U.S. and allied intelligence personnel, seven current and former U.S. officials and other sources briefed on the matter said.The data is protected with sophisticated encryption, and multiple passwords are needed to open it, said two of the sources, who like the others spoke on condition of anonymity to discuss intelligence matters.The passwords are in the possession of at least three different people and are valid for only a brief time window each day, they said. The identities of persons who might have the passwords are unknown.
  • One source described the cache of still unpublished material as Snowden's "insurance policy" against arrest or physical harm.U.S. officials and other sources said only a small proportion of the classified material Snowden downloaded during stints as a contract systems administrator for NSA has been made public. Some Obama Administration officials have said privately that Snowden downloaded enough material to fuel two more years of news stories."The worst is yet to come," said one former U.S. official who follows the investigation closely.Snowden, who is believed to have downloaded between 50,000 and 200,000 classified NSA and British government documents, is living in Russia under temporary asylum, where he fled after traveling to Hong Kong. He has been charged in the United States under the Espionage Act.Cryptome, a website which started publishing leaked secret documents years before the group WikiLeaks or Snowden surfaced, estimated that the total number of Snowden documents made public so far is over 500.
  • Snowden's revelations of government secrets have brought to light extensive and previously unknown surveillance of phone, email and social media communications by the NSA and allied agencies. That has sparked several diplomatic rows between Washington and its allies, along with civil liberties debates in Europe, the United States and elsewhere.Among the material which Snowden acquired from classified government computer servers, but which has not been published by media outlets known to have had access to it, are documents containing names and resumes of employees working for NSA's British counterpart, the Government Communications Headquarters (GCHQ), sources familiar with the matter said.The sources said Snowden started downloading some of it from a classified GCHQ website, known as GC-Wiki, when he was employed by Dell and assigned to NSA in 2012.
  • ...2 more annotations...
  • Glenn Greenwald, who met with Snowden in Hong Kong and was among the first to report on the leaked documents for the Guardian newspaper, said the former NSA contractor had "taken extreme precautions to make sure many different people around the world have these archives to insure the stories will inevitably be published.""If anything happens at all to Edward Snowden, he has arranged for them to get access to the full archives," Greenwald said in a June interview with the Daily Beast website. He added: "I don't know for sure whether has more documents than the ones he has given me... I believe he does."In an email exchange with Reuters, Greenwald, who has said he remains in contact with Snowden, affirmed his statements about Snowden's "precautions" but said he had nothing to add.Officials believe that the "doomsday" cache is stored and encrypted separately from any material that Snowden has provided to media outlets.
  • Sources familiar with unpublished material Snowden downloaded said it also contains information about the CIA - possibly including personnel names - as well as other U.S. spy agencies such as the National Reconnaissance Office and National Geospatial-Intelligence Agency, which operate U.S. image-producing satellites and analyze their data.U.S. security officials have indicated in briefings they do not know what, if any, of the material is still in Snowden's personal possession. Snowden himself has been quoted as saying he took no such materials with him to Russia.
Paul Merrell

OpEdNews - Article: Our Man In Moscow - 0 views

www.opednews.com/...y-Pepe-Escobar-130802-867.html

security state NSA Snowden asylum extradition

shared by Paul Merrell on 06 Aug 13 - No Cached
  • Barack Obama virtually screamed his lungs out telling Russian President Vladimir Putin he had to hand him Snowden "under international law." Putin repeatedly said this was not going to happen.  Obama even phoned Putin. Nothing. Washington even forced European poodles to down Bolivian President Evo Morales' plane. Worse. Moscow kept following the letter of Russian law and eventually granted temporary asylum to Snowden.  The Edward Snowden saga has turned the Pentagon's Full Spectrum Dominance doctrine on its Hydra-head. Not only because of the humbling of the whole US security state apparatus, but also for exploding the myth of Full Spectrum Dominance by POTUS.  Obama revealed himself once again as a mediocre politician and an incompetent negotiator. Putin devoured him as a succulent serving of eggs benedict. Glenn Greenwald will be inflicting death by a thousand leaks -- because he is in charge of Snowden's digital treasure chest. And Snowden took a taxi and left the airport -- on his own terms.  Layers and layers of nuances have been captured in this fascinating discussion at Yves Smith's blog -- something impossible to find across Western corporate media. For POTUS, all that's left is to probably boycott a bilateral meeting with Putin next month, on the sidelines of the G20 summit in St Petersburg. Pathetic does not even begin to explain it. 
  • There's got to be a serious glitch with the collective IQ of these people. The Obama administration as well as the Orwellian/Panopticon complex are in shock because they simply cannot stop death by a thousand leaks. The Roving Eye is among those who suspect the NSA has no clue about what Snowden, as a systems administrator, was able to download (especially because someone with his skills can easily delete traces of access). Even the top NSA robot -- General Keith Alexander -- admitted on the record the "no such agency" does not know how Snowden pulled it off. He could have left a bug, or infected the system with a virus. The fun may have not even started. 
  • This Big Brother obsession with watching, tracking, monitoring, controlling, decoding virtually everything we do digitally is leading to monumental stupidities like Google searches attracting armed US government's agents to one's house, as is pricelessly detailed here. And still Paranoia Paradise has not isolated Washington from a major ass-kicking in Afghanistan and Iraq, or has foreseen the 2008 financial crisis; but then again it probably did, and the elites who arbitraged all that massive inside information royally profited from it.  For the moment, what we have is an Orwellian/Panopticon complex that will persist with its unchecked powers; an aphasic populace; a quiet, invisible man in a Moscow multitude; and a POTUS consumed with boundless rage. Watch out. He may be tempted to wag the (war) dog. 
  • Paul Merrell on 06 Aug 13
     
    Pepe Escobar's take on the Obama Administration and Edward Snowden's leaked documents, and on the forthcoming Balkanization of the Internet. Will Obama be remembered most for destroying the Global Internet? 
Gary Edwards

Mice and Men: The Failures of Closing our MidEast Embassies | We Meant Well - Peter Van... - 0 views

wemeantwell.com/blog

Peter-Van-Buren Islamic-Wars post-Constitutional-America Embassy-Closures

shared by Gary Edwards on 11 Aug 13 - No Cached
  • What do you call it when you follow the same strategy for twelve years not only without success, but with negative results? What if time shows that that strategy actually helps the enemy you seek to defeat? Failure.
  • Failing to Learn America’s global war of terror can this week be declared officially a failure, total and complete. After twelve years of invasions, drones, torture, spying and gulags, the U.S. closed its embassies and consulates across (only) the Muslim world. Not for a day, but in most cases heading toward a week, with terror warnings on file lasting through the month. The U.S. evacuated all non-essential diplomatic and military personnel from Yemen; dependents are already gone from most other MidEast posts. Only our fortress embassies in Kabul and Baghdad ironically were considered safe enough to reopen a day or two ago. The cause of all this? Apparently a message from al Qaeda leader Ayman al Zawahiri to his second in command in Yemen telling him to “do something.”
  • Failure to Understand All this might be read in one of three ways: – The simplest explanation is that the threat is indeed real. Twelves years of war has simply pushed the terror threat around, spilled mercury-like, from country to country. A Whack-a-Mole war. – U.S. officials, perhaps still reeling from Edward Snowden’s NSA disclosures, chose to exaggerate a threat, in essence creating a strawman that could then be defeated. In favor of this argument are the many “leaks” noted above, essentially disclosing raw intel, specific conversations that would clearly reveal to the al Qaeda people concerned how and when they were monitored. Usually try to avoid that in the spy biz. The Frankenbomber stuff is pure 2001 scare tactic recycled. The idea that al Qaeda sought to seize infrastructure is a certain falsehood , as the whole point of guerrilla war is never to seize things, which would create a concentrated, open, stationary target that plays right into the Big Hardware advantage the U.S. holds. Just does not make sense, and supports the idea that this is all made-up for some U.S. domestic purpose. – However, the third way of looking at this is that the U.S. has failed to walk away from the climate of fear and paranoia that has distorted foreign and domestic policy since 9/12, Chicken Littles if you will. What if the U.S. really believed that al Qaeda was planning to take over Yemen this week in spite of the odd inconsistencies? What if “chatter” was enough to provoke the last Superpower into a super-sized public cower?
  • ...7 more annotations...
  • Failure to Not Act The why in this case may not matter, when the what is so controlling.
  • That sadly predictable resort to violence by the U.S. shows that we have fundamentally failed to understand that in a guerrilla war one cannot shoot one’s way out.
  • You win by offering a better idea to people than the other side, while at the same time luring the other side into acts of violence and political repression that make them lose the support of those same people.
  • This is asymmetrical warfare 101 stuff.
  • –In the populations al Qaeda seeks to influence, claiming they “humbled and scared” the US twelve years after 9/11 simply by ramping up their chatter seems an effective al Qaeda strategy.
  • As with the British thrashing about as their empire collapsed, the world’s greatest military defeated by natives with old rifles, so now goes the U.S., by its own hand.
  • “We continue to pay in blood because we can’t learn how to do something besides fight.”
1 - 4 of 4
Showing 20 items per page