Group items tagged

When it comes to modern firewalls for corporate computer networks, the world's second largest network equipment manufacturer doesn't skimp on praising its own work. According to Juniper Networks' online PR copy, the company's products are "ideal" for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company's special computers is "unmatched" and their firewalls are the "best-in-class." Despite these assurances, though, there is one attacker none of these products can fend off -- the United States' National Security Agency.

Specialists at the intelligence organization succeeded years ago in penetrating the company's digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.

The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet. Some of the equipment available is quite inexpensive. A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an "active GSM base station" -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.

You are here: WorldLII >> About WorldLII   What is WorldLII? The World Legal Information Institute (WorldLII) is a free, independent and non-profit global legal research facility developed collaboratively by the following Legal Information Institutes and other organisations. Australasian Legal Information Institute (AustLII) British and Irish Legal Information Institute (BAILII) Canadian Legal Information Institute (CanLII) Hong Kong Legal Information Institute (HKLII) Legal Information Institute (Cornell) (LII (Cornell)) Pacific Islands Legal Information Institute (PacLII) Wits University School of Law (Wits Law School) For further details, see the WorldLII brochure. The LIIs, meeting in Montreal in October 2002, adopted the Montreal Declaration on public access to law. WorldLII comprises three main facilities: Databases, Catalog and Websearch.

WorldLII Databases WorldLII provides a single search facility for databases located on the following Legal Information Institutes: AustLII; BAILII; CanLII; HKLII; LII (Cornell); and PacLII. WorldLII also includes as part of this searchable collection its own databases not found on other LIIs. These include databases of decisions of international Courts and Tribunals, databases from a number of Asian countries, and databases from South Africa (provided by Wits Law School). Over 270 databases from 48 jurisdictions in 20 countries are included in the initial release of WorldLII. Databases of case-law, legislation, treaties, law reform reports, law journals, and other materials are included. WorldLII welcomes enquiries concerning the possible inclusion of other databases on WorldLII or on one of its collaborating LIIs. WorldLII Catalog and Websearch The WorldLII Catalog provides links to over 15,000 law-related web sites in every country in the world. WorldLII's Websearch makes searchable the full text of as many of these sites as WorldLII's web-spider can reach. WorldLII welcomes enquiries from law librarians and other legal experts who are interested to become Contributing Editors to the WorldLII Catalog.

Operation of WorldLII The provision of the WorldLII service is coordinated by the Australasian Legal Information Institute (AustLII), which maintains WorldLII's user interface, the WorldLII Catalog and Websearch, and the databases located only on WorldLII. Technical enhancements to WorldLII are being developed jointly by the cooperating Legal Information Institutes. Contacting WorldLII General contact: feedback@worldlii.org AustLII/WorldLII Co-Directors: Professor Andrew Mowbray, UTS <andrew@austlii.edu.au> Professor Graham Greenleaf, UNSW <graham@austlii.edu.au> Philip Chung, AustLII Executive Director <philip@austlii.edu.au> Mail: WorldLII, c/- AustLII, UTS Faculty of Law, PO Box 123 Broadway NSW 2007 Australia Telephone: +61 2 9514 4921 Fax: +61 2 9514 4908 We hope that you enjoy using WorldLII and find it to be a useful service. Feedback (particularly words of encouragement or constructive criticism) are welcome and may be sent to feedback@worldlii.org. WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback URL: http://www.worldlii.org/worldlii/

The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. and the Pentagon’s Cyber Command have implanted nearly 100,000 “computer network exploits” around the world, but the hardest problem is getting inside machines isolated from outside communications.

The Clipper chip was not embraced by consumers or manufacturers and the chip itself was no longer relevant by 1996. The U.S. government continued to press for key escrow by offering incentives to manufacturers, allowing more relaxed export controls if key escrow were part of cryptographic software that was exported. These attempts were largely made moot by the widespread use of strong cryptographic technologies, such as PGP, which were not under the control of the U.S. government.

Russian Foreign Ministry Spokesperson Maria Zakharova said following independent reports in support of Moscow's intel and evidence on the Turkish scandal of oil trade with the ISIL Takfiri terrorist groups, it's now President Erdogan's turn to act on his words and resign.Addressing a weekly press briefing in Moscow on Thursday, Russian Foreign Ministry Spokeswoman Maria Zakharova said that her country's information about smuggling of ISIL oil in Turkey has been confirmed by other sources now. "For instance, Danish newspaper Klassenkampen has published report on Turkish participation in oil smuggling, which has been prepared by consulting company Rystad Energy," she said. The Spokesperson stressed that Turkish president Recep Tayyip Erdogan had stated earlier that he would step down if ISIL oil smuggling would be confirmed, but Russia has presented evidence on Turkish partnership in the smuggling, implying that it's now Erdogan's turn. "I would like to remind you that not too long ago, Turkish President announced his readiness to resign if it is proven that oil deliveries by Ankara or with the help of the government of Ankara from the terrorist group [are taking place], that ‘if this fact is proven, I’ll leave this chair,’ Erdogan told journalists on the sidelines of the climate summit in Paris. I’d like to understand: What’s up with that chair?" the Russian FM spokeswoman underlined.

"Russia is implementing all measures in countering oil smuggling by the ISIL and hopes that other countries will join in cooperating with Moscow," Zakharova said. "As you know, and we’ve said this constantly, Russia is implementing measures in order to stop and close the paths of oil deliveries by terrorists. We hope for active actual cooperation with other countries towards goals," she added. Earlier, the Russian defense ministry announced that Erdogan and his family members are directly involved in illegal oil deliveries from ISIL oil fields in Syria. Turkey’s leadership, including president Erdogan and his family, is involved in illegal oil trade with ISIL militants, the Russian Defense Ministry had said, stressing that Turkey is the final destination for oil smuggled from Syria and Iraq. Satellite and drone images showed hundreds and hundreds of oil trucks moving from ISIL-held territory to Turkey to reach their destination at Turkish refineries and ports controlled by Turkish president's family.

      A lawsuit filed Monday in the D.C. federal district court challenges U.S. foreign aid to Israel. 

The U.S. is finalizing a ten-year memorandum of understanding which will reportedly boost aid to $4-5 billion per year. Grant F. Smith, Director of the Institute for Research: Middle Eastern Policy (IRmep), in the suit challenges the authority of the president and U.S. federal agencies to deliver such foreign aid to Israel. Such aid violates longstanding bans on aid to non-signatories to the Nuclear Non-proliferation Treaty (NPT) with nuclear weapons programs. Since the bans went into effect, U.S. foreign aid to Israel is estimated to be $234 billion.

The lawsuit reveals how in the mid-1970s during investigations into the illegal diversion of weapons-grade uranium from U.S. contractor NUMEC to Israel, Senators Stuart Symington and John Glenn amended the 1961 Foreign Assistance Act to ban any aid to clandestine nuclear powers that were not NPT signatories. Symington clarified the legislative intent of the amendments: “…if you wish to take the dangerous and costly steps necessary to achieve a nuclear weapons option, you cannot expect the United States to help underwrite that effort indirectly or directly.” The Obama administration follows precedents established since the Ford administration by ignoring internal agency and public domain information that should trigger Symington & Glenn cutoffs and waiver provisions governing foreign aid. The administration has gone further in criminalizing the flow of such information from the federal government to the public. In 2012 the Department of Energy under U.S. State Department authority passed a secret gag law called “Guidance on Release of Information relating to the Potential for an Israeli Nuclear Capability.” The gag law and related measures promote a “nuclear ambiguity” policy toward Israel. The primary purpose of the gag law is to unlawfully subvert Symington & Glenn arms export controls, the suit alleges.

The insert method and other variants of QUANTUM are closely linked to a shadow network operated by the NSA alongside the Internet, with its own, well-hidden infrastructure comprised of "covert" routers and servers. It appears the NSA also incorporates routers and servers from non-NSA networks into its covert network by infecting these networks with "implants" that then allow the government hackers to control the computers remotely. (Click here to read a related article on the NSA's "implants".) In this way, the intelligence service seeks to identify and track its targets based on their digital footprints. These identifiers could include certain email addresses or website cookies set on a person's computer. Of course, a cookie doesn't automatically identify a person, but it can if it includes additional information like an email address. In that case, a cookie becomes something like the web equivalent of a fingerprint.

Once TAO teams have gathered sufficient data on their targets' habits, they can shift into attack mode, programming the QUANTUM systems to perform this work in a largely automated way. If a data packet featuring the email address or cookie of a target passes through a cable or router monitored by the NSA, the system sounds the alarm. It determines what website the target person is trying to access and then activates one of the intelligence service's covert servers, known by the codename FOXACID. This NSA server coerces the user into connecting to NSA covert systems rather than the intended sites. In the case of Belgacom engineers, instead of reaching the LinkedIn page they were actually trying to visit, they were also directed to FOXACID servers housed on NSA networks. Undetected by the user, the manipulated page transferred malware already custom tailored to match security holes on the target person's computer. The technique can literally be a race between servers, one that is described in internal intelligence agency jargon with phrases like: "Wait for client to initiate new connection," "Shoot!" and "Hope to beat server-to-client response." Like any competition, at times the covert network's surveillance tools are "too slow to win the race." Often enough, though, they are effective. Implants with QUANTUMINSERT, especially when used in conjunction with LinkedIn, now have a success rate of over 50 percent, according to one internal document.

At the same time, it is in no way true to say that the NSA has its sights set exclusively on select individuals. Of even greater interest are entire networks and network providers, such as the fiber optic cables that direct a large share of global Internet traffic along the world's ocean floors. One document labeled "top secret" and "not for foreigners" describes the NSA's success in spying on the "SEA-ME-WE-4" cable system. This massive underwater cable bundle connects Europe with North Africa and the Gulf states and then continues on through Pakistan and India, all the way to Malaysia and Thailand. The cable system originates in southern France, near Marseille. Among the companies that hold ownership stakes in it are France Telecom, now known as Orange and still partly government-owned, and Telecom Italia Sparkle. The document proudly announces that, on Feb. 13, 2013, TAO "successfully collected network management information for the SEA-Me-We Undersea Cable Systems (SMW-4)." With the help of a "website masquerade operation," the agency was able to "gain access to the consortium's management website and collected Layer 2 network information that shows the circuit mapping for significant portions of the network."

The story of Fukushima should be on the front pages of every newspaper. Instead, it is rarely mentioned. The problems at Fukushima are unprecedented in human experience and involve a high risk of radiation events larger than any that the global community has ever experienced. It is going to take the best engineering minds in the world to solve these problems and to diminish their global impact. When we researched the realities of Fukushima in preparation for this article, words like apocalyptic, cataclysmic and Earth-threatening came to mind. But, when we say such things, people react as if we were the little red hen screaming "the sky is falling" and the reports are ignored. So, we’re going to present what is known in this article and you can decide whether we are facing a potentially cataclysmic event.

There are three major problems at Fukushima: (1) Three reactor cores are missing; (2) Radiated water has been leaking from the plant in mass quantities for 2.5 years; and (3) Eleven thousand spent nuclear fuel rods, perhaps the most dangerous things ever created by humans, are stored at the plant and need to be removed, 1,533 of those are in a very precarious and dangerous position. Each of these three could result in dramatic radiation events, unlike any radiation exposure humans have ever experienced.  We’ll discuss them in order, saving the most dangerous for last.

Missing reactor cores:  Since the accident at Fukushima on March 11, 2011, three reactor cores have gone missing.  There was an unprecedented three reactor ‘melt-down.’ These melted cores, called corium lavas, are thought to have passed through the basements of reactor buildings 1, 2 and 3, and to be somewhere in the ground underneath.  Harvey Wasserman, who has been working on nuclear energy issues for over 40 years, tells us that during those four decades no one ever talked about the possibility of a multiple meltdown, but that is what occurred at Fukushima.  It is an unprecedented situation to not know where these cores are. TEPCO is pouring water where they think the cores are, but they are not sure. There are occasional steam eruptions coming from the grounds of the reactors, so the cores are thought to still be hot. The concern is that the corium lavas will enter or may have already entered the aquifer below the plant. That would contaminate a much larger area with radioactive elements. Some suggest that it would require the area surrounding Tokyo, 40 million people, to be evacuated. Another concern is that if the corium lavas enter the aquifer, they could create a "super-heated pressurized steam reaction beneath a layer of caprock causing a major 'hydrovolcanic' explosion." A further concern is that a large reserve of groundwater which is coming in contact with the corium lavas is migrating towards the ocean at the rate of four meters per month. This could release greater amounts of radiation than were released in the early days of the disaster.

One system builds profiles showing people’s web browsing histories. Another analyzes instant messenger communications, emails, Skype calls, text messages, cell phone locations, and social media interactions. Separate programs were built to keep tabs on “suspicious” Google searches and usage of Google Maps. The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens  all without a court order or judicial warrant.

The power of KARMA POLICE was illustrated in 2009, when GCHQ launched a top-secret operation to collect intelligence about people using the Internet to listen to radio shows. The agency used a sample of nearly 7 million metadata records, gathered over a period of three months, to observe the listening habits of more than 200,000 people across 185 countries, including the U.S., the U.K., Ireland, Canada, Mexico, Spain, the Netherlands, France, and Germany.

GCHQ’s documents indicate that the plans for KARMA POLICE were drawn up between 2007 and 2008. The system was designed to provide the agency with “either (a) a web browsing profile for every visible user on the Internet, or (b) a user profile for every visible website on the Internet.” The origin of the surveillance system’s name is not discussed in the documents. But KARMA POLICE is also the name of a popular song released in 1997 by the Grammy Award-winning British band Radiohead, suggesting the spies may have been fans. A verse repeated throughout the hit song includes the lyric, “This is what you’ll get, when you mess with us.”

HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.

Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.

The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant

In the richest country in the world, there is no right to any vacation time

In most other wealthy nations, there are between 20-35 vacation days per year (4-7 weeks).

1 in 4 private-sector workers in the US do not receive any paid vacation or paid holidays

The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies, including everyone from U.S. mainstays Cisco and Juniper to Chinese giant Huawei. But beneath this bombshell of a story from Der Spiegel, you’ll find a rather healthy bit of irony. After all, the United States government has spent years complaining that Chinese intelligence operations could find ways of poking holes in Huawei networking gear, urging both American businesses and foreign allies to sidestep the company’s hardware. The complaints grew so loud that, at one point, Huawei indicated it may abandon the U.S. networking market all together. And, yet, Der Speigel now tells us that U.S. intelligence operations have been poking holes in Huawei networking gear — not to mention hardware sold by countless other vendors in both the States and abroad. “We read the media reports, and we’ve noted the references to Huawei and our peers,” says William Plummer, a Huawei vice president and the company’s point person in Washington, D.C. “As we have said, over and over again — and as now seems to be validated — threats to networks and data integrity can come from any and many sources.”

Plummer and Huawei have long complained that when the U.S. House Intelligence Committee released a report in October 2012 condemning the use of Huawei gear in telephone and data networks, it failed to provide any evidence that the Chinese government had compromised the company’s hardware. Adam Segal, a senior fellow for China Studies at the Center for Foreign Relations, makes the same point. And now we have evidence — Der Spiegel cites leaked NSA documents — that the U.S. government has compromised gear on a massive scale. “Do I see the irony? Certainly the Chinese will,” Segal says, noting that the Chinese government and the Chinese press have complained of U.S hypocrisy ever since former government contractor Edward Snowden first started to reveal NSA surveillance practices last summer. “The Chinese government has been hammering home what they call the U.S.’s ulterior motives for criticizing China, and there’s been a steady drumbeat of stories in the Chinese press about backdoors in the products of U.S. companies. They’ve been going after Cisco in particular.”

To be sure, the exploits discussed by Der Spiegel are a little different from the sort of attacks Congress envisioned during its long campaign against Huawei and ZTE, another Chinese manufacturer. As Segal and others note, Congress mostly complained that the Chinese government could collaborate with people inside the two companies to plant backdoors in their gear, with lawmakers pointing out that Huawei’s CEO was once an officer in China’s People’s Liberation Army, or PLA, the military arm of the country’s Communist party. Der Spiegel, by contrast, says the NSA is exploiting hardware without help from anyone inside the Ciscos and the Huaweis, focusing instead on compromising network gear with clever hacks or intercepting the hardware as it’s shipped to customers. “For the most part, the article discusses typical malware exploits used by hackers everywhere,” says JR Rivers, an engineer who has built networking hardware for Cisco as well as Google and now runs the networking startup Cumulus Networks. “It’s just pointing out that the NSA is engaged in the practice and has resources that are not available to most people.” But in the end, the two types of attack have the same result: Networking gear controlled by government spies. And over the last six months, Snowden’s revelations have indicated that the NSA is not only hacking into networks but also collaborating with large American companies in its hunt for data.

When Apple and Google unveiled new encryption schemes last month, law enforcement officials complained that they wouldn’t be able to unlock evidence on criminals’ digital devices. What they didn’t say is that there are already methods to bypass encryption, thanks to off-the-shelf digital implants readily available to the smallest national agencies and the largest city police forces — easy-to-use software that takes over and monitors digital devices in real time, according to documents obtained by The Intercept. We’re publishing in full, for the first time, manuals explaining the prominent commercial implant software “Remote Control System,” manufactured by the Italian company Hacking Team. Despite FBI director James Comey’s dire warnings about the impact of widespread data scrambling — “criminals and terrorists would like nothing more,” he declared — Hacking Team explicitly promises on its website that its software can “defeat encryption.”

The manuals describe Hacking Team’s software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices. They also catalog a range of pre-bottled techniques for infecting those devices using wifi networks, USB sticks, streaming video, and email attachments to deliver viral installers. With a few clicks of a mouse, even a lightly trained technician can build a software agent that can infect and monitor a device, then upload captured data at unobtrusive times using a stealthy network of proxy servers, all without leaving a trace. That, at least, is what Hacking Team’s manuals claim as the company tries to distinguish its offerings in the global marketplace for government hacking software. Hacking Team’s efforts include a visible push into the U.S. Though Remote Control System is sold around the world — suspected clients include small governments in dozens of countries, from Ethiopia to Kazakhstan to Saudi Arabia to Mexico to Oman — the company keeps one of its three listed worldwide offices in Annapolis, Maryland, on the edge of the federal intelligence and law-enforcement cluster around the nation’s capital; has sent representatives to American homeland security trade shows and conferences, where it has led training seminars like “Cyber Intelligence Solutions to Data Encryption” for police; and has even taken an investment from a firm headed by America’s former ambassador to Italy. The United States is also, according to two separate research teams, far and away Hacking Team’s top nexus for servers, hosting upwards of 100 such systems, roughly a fifth of all its servers globally.

Why Washington’s War on Terror Failed The Underrated Saudi Connection By Patrick Cockburn [This essay is excerpted from the first chapter of Patrick Cockburn’s new book, The Jihadis Return: ISIS and the New Sunni Uprising, with special thanks to his publisher, OR Books.  The first section is a new introduction written for TomDispatch.] There are extraordinary elements in the present U.S. policy in Iraq and Syria that are attracting surprisingly little attention. In Iraq, the U.S. is carrying out air strikes and sending in advisers and trainers to help beat back the advance of the Islamic State of Iraq and the Levant (better known as ISIS) on the Kurdish capital, Erbil. The U.S. would presumably do the same if ISIS surrounds or attacks Baghdad. But in Syria, Washington’s policy is the exact opposite: there the main opponent of ISIS is the Syrian government and the Syrian Kurds in their northern enclaves. Both are under attack from ISIS, which has taken about a third of the country, including most of its oil and gas production facilities.

But U.S., Western European, Saudi, and Arab Gulf policy is to overthrow President Bashar al-Assad, which happens to be the policy of ISIS and other jihadis in Syria. If Assad goes, then ISIS will be the beneficiary, since it is either defeating or absorbing the rest of the Syrian armed opposition. There is a pretense in Washington and elsewhere that there exists a “moderate” Syrian opposition being helped by the U.S., Qatar, Turkey, and the Saudis.  It is, however, weak and getting more so by the day. Soon the new caliphate may stretch from the Iranian border to the Mediterranean and the only force that can possibly stop this from happening is the Syrian army. The reality of U.S. policy is to support the government of Iraq, but not Syria, against ISIS. But one reason that group has been able to grow so strong in Iraq is that it can draw on its resources and fighters in Syria. Not everything that went wrong in Iraq was the fault of Prime Minister Nouri al-Maliki, as has now become the political and media consensus in the West. Iraqi politicians have been telling me for the last two years that foreign backing for the Sunni revolt in Syria would inevitably destabilize their country as well.  This has now happened.

By continuing these contradictory policies in two countries, the U.S. has ensured that ISIS can reinforce its fighters in Iraq from Syria and vice versa. So far, Washington has been successful in escaping blame for the rise of ISIS by putting all the blame on the Iraqi government. In fact, it has created a situation in which ISIS can survive and may well flourish.

As US aircraft continued to pound the Islamist militants in northern Iraq, the Obama administration was studying a range of options for pressuring Isis in Syria, primarily through training "moderate" Syrian rebels as a proxy force, with air strikes as a possible backup.

The favoured option, according to two administration officials, is to press forward with a training mission, led by elite special operations forces, aimed at making non-jihadist Syrians an effective proxy force. But the rebels are outgunned and outnumbered by Isis and the administration still has not received $500m from Congress for its rebel training plans. Pentagon officials said they had yet to work out what the training program would actually look like, where it will be hosted, or if air strikes on Isis targets in Syria will support it. For all the internal administration focus on propping up moderate Syrian rebels, the US military would not be able to begin training them until October, the earliest that Congressional approval could be obtained for the required funding and authorisation. Kirby said he was unaware of any "plan to accelerate it". Nor have critical details for the training program been worked out, despite it being effectively the lynchpin of what the administration considers a long-term plan to defeat Isis. "I can't tell you where it would take place, or how many people would be trained, and there's still a vetting process that needs to be fully developed here," Kirby conceded.

the White House went further than before in its condemnation of Isis, describing the killing of Foley as an act of terrorism. "When we see somebody killed in such a horrific way, that represents a terrorist attack against our country and against an American citizen, Rhodes said, saying the US would do whatever necessary to protect Americans in future."We are actively considering what is necessary to deal with that threat and we are not going to be restricted by borders," said Rhodes, briefing reporters at Martha's Vineyard, where the president is on vacation.

James Carden and Jacob Heilbrunn provided in the current issue of The National Interest an extensively documented review of how the ever-more-neocon editorial page of the Washington Post “responds to dangerous and complex problems with simplistic prescriptions.” The Post‘s most recent editorial about the nuclear negotiations with Iran is firmly in that same simplistic, destructive tradition. It is hard to know where to begin in pointing out the deficiencies in this effort by the Post‘s editorialists, but noting some of them can illustrate how the tendencies that Carden and Heilbrunn cataloged constitute, as the abstract for their article puts it, a crusade for doctrines “that have brought Washington to grief in the past.”

Alleged leaked documents about the NSA's XKeyscore snooping software appear to show the paranoid agency is targeting Tor and Tails users, Linux Journal readers – and anyone else interested in online privacy.Apparently, this configuration file for XKeyscore is in the divulged data, which was obtained and studied by members of the Tor project and security specialists for German broadcasters NDR and WDR. <a href="http://pubads.g.doubleclick.net/gampad/jump?iu=/6978/reg_security/front&sz=300x250%7C300x600&tile=3&c=33U7ZK6qwQrMkAACSrTugAAAP1&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0" target="_blank"> <img src="http://pubads.g.doubleclick.net/gampad/ad?iu=/6978/reg_security/front&sz=300x250%7C300x600&tile=3&c=33U7ZK6qwQrMkAACSrTugAAAP1&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0" alt=""></a> In their analysis of the alleged top-secret documents, they claim the NSA is, among other things:Specifically targeting Tor directory servers Reading email contents for mentions of Tor bridges Logging IP addresses used to search for privacy-focused websites and software And possibly breaking international law in doing so. We already know from leaked Snowden documents that Western intelligence agents hate Tor for its anonymizing abilities. But what the aforementioned leaked source code, written in a rather strange custom language, shows is that not only is the NSA targeting the anonymizing network Tor specifically, it is also taking digital fingerprints of any netizens who are remotely interested in privacy.

These include readers of the Linux Journal site, anyone visiting the website for the Tor-powered Linux operating system Tails – described by the NSA as "a comsec mechanism advocated by extremists on extremist forums" – and anyone looking into combining Tails with the encryption tool Truecrypt.If something as innocuous as Linux Journal is on the NSA's hit list, it's a distinct possibility that El Reg is too, particularly in light of our recent exclusive report on GCHQ – which led to a Ministry of Defence advisor coming round our London office for a chat.

If you take even the slightest interest in online privacy or have Googled a Linux Journal article about a broken package, you are earmarked in an NSA database for further surveillance, according to these latest leaks.This is assuming the leaked file is genuine, of course.Other monitored sites, we're told, include HotSpotShield, FreeNet, Centurian, FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion. The IP address of computer users even looking at these sites is recorded and stored on the NSA's servers for further analysis, and it's up to the agency how long it keeps that data.The XKeyscore code, we're told, includes microplugins that target Tor servers in Germany, at MIT in the United States, in Sweden, in Austria, and in the Netherlands. In doing so it may not only fall foul of German law but also the US's Fourth Amendment.

Top experts say there could be a new person leaking details about the National Security Agency, in addition to former contractor Edward Snowden.Glenn Greenwald, the journalist most closely associated to Snowden, said he suspects someone else has been involved in leaking out new documents, and other experts have backed up the claim.ADVERTISEMENTThe existence of a second leaker “seems clear at this point,” Greenwald wrote on Twitter over the weekend. “The lack of sourcing to Snowden on this & that last [Der Spiegel] article seems petty telling,” he added, after German broadcasters reported that the NSA was tracking people searching for details about privacy software. 

Neither the Der Spiegel article from December nor last week’s story, both of which were partly written by privacy advocate and security researcher Jacob Appelbaum, specifically mentioned that the information emanated from leaks by Snowden.“That's particularly notable given that virtually every other article using Snowden documents - including der Spiegel - specifically identified him as the source,” Greenwald said in an email to The Hill on Monday.Other people who have seen Snowden’s trove of documents have agreed that the documents revealed by German outlets seem to indicate a second source.

Bruce Schneier, a cryptologist and cybersecurity expert who has helped the Guardian review Snowden’s disclosures, said he did “not believe that this came from the Snowden documents.”“I think there’s a second leaker out there,” he wrote in a blog post last week. If true, it could add another headache for the NSA, which has struggled for more than a year to contain the fallout from Snowden’s revelations. Defenders of the NSA say that the disclosures have hurt U.S. security and empowered terrorists and other enemies abroad.Among other internal reforms, the spy agency has beefed up its clearance procedures to prevent another employee from passing along secret documents to journalists or governments in Beijing and Moscow.

Faced with mounting international pressure over the Falkland Islands territorial dispute, the British government enlisted its spy service, including a highly secretive unit known for using “dirty tricks,” to covertly launch offensive cyberoperations to prevent Argentina from taking the islands. A shadowy unit of the British spy agency Government Communications Headquarters (GCHQ) had been preparing a bold, covert plan called “Operation QUITO” since at least 2009. Documents provided to The Intercept by National Security Agency whistleblower Edward Snowden, published in partnership with Argentine news site Todo Notícias, refer to the mission as a “long-running, large scale, pioneering effects operation.” At the heart of this operation was the Joint Threat Research and Intelligence Group, known by the acronym JTRIG, a secretive unit that has been involved in spreading misinformation.

The British government, which has continuously administered the Falkland Islands — also known as the Malvinas — since 1833, has rejected Argentine and international calls to open negotiations on territorial sovereignty. Worried that Argentina, emboldened by international opinion, may attempt to retake the islands diplomatically or militarily, JTRIG and other GCHQ divisions were tasked “to support FCO’s [Foreign and Commonwealth Office’s] goals relating to Argentina and the Falkland Islands.” A subsequent document suggests the main FCO goal was to “[prevent] Argentina from taking over the Falkland Islands” and that new offensive cyberoperations were underway in 2011 to further that end. Tensions between the two nations, which fought a war over the small archipelago in the South Atlantic Ocean in 1982, reached a boil in 2010 with the British discovery of large, offshore oil and gas reserves potentially worth billions of dollars.

While the full extent of JTRIG’s tactics used in the Falklands mission is unclear, the scope of JTRIG’s approved capabilities offers an idea of what may have been done. The group, first revealed last year by NBC News and The Intercept, has developed various techniques — including “false flag” operations, sexual “honey traps,” and implanting computer viruses — to collect intelligence, plant propaganda and diminish or discredit opponents. As reported in The Intercept last year, JTRIG “has developed covert tools to seed the internet with false information, including the ability to manipulate the results of online polls, artificially inflate pageview counts on web sites, ‘amplif[y]’ sanctioned messages on YouTube,” and plant false Facebook wall posts for “entire countries.” According to a study of the group by the U.K.’s Defence Science and Technology Laboratory (DSTL), “the language of JTRIG’s operations is characterized by terms such as ‘discredit,’ promote ‘distrust,’ ‘dissuade,’ ‘deceive,’ ‘disrupt,’ ‘delay,’ ‘deny,’ ‘denigrate/degrade,’ and ‘deter.’” The unit’s activities generally break down into two symbiotic categories: online Human Intelligence, or HUMINT, and “effects operations.” Online HUMINT is the collection of information on human targets through passive tracking or overt interaction with a target through an alias. These operations may sometimes be in support of, or in conjunction with, covert MI-6 agents on the ground.

A year after his 700-page opus "Capital in the Twenty-First Century" stormed to the top of America's best-seller lists, Thomas Piketty is out with a new argument about income inequality. It may prove more controversial than his book, which continues to generate debate in political and economic circles. The new argument, which Piketty spelled out recently in the French newspaper Le Monde, is this: Inequality is a major driver of Middle Eastern terrorism, including the Islamic State attacks on Paris earlier this month — and Western nations have themselves largely to blame for that inequality. Piketty writes that the Middle East's political and social system has been made fragile by the high concentration of oil wealth into a few countries with relatively little population. If you look at the region between Egypt and Iran — which includes Syria — you find several oil monarchies controlling between 60 and 70 percent of wealth, while housing just a bit more than 10 percent of the 300 million people living in that area. (Piketty does not specify which countries he's talking about, but judging from a study he co-authored last year on Middle East inequality, it appears he means Qatar, the United Arab Emirates, Kuwait, Saudia Arabia, Bahrain and Oman. By his numbers, they accounted for 16 percent of the region's population in 2012 and almost 60 percent of its gross domestic product.)

This concentration of so much wealth in countries with so small a share of the population, he says, makes the region "the most unequal on the planet." Within those monarchies, he continues, a small slice of people controls most of the wealth, while a large — including women and refugees — are kept in a state of "semi-slavery." Those economic conditions, he says, have become justifications for jihadists, along with the casualties of a series of wars in the region perpetuated by Western powers. His list starts with the first Gulf War, which he says resulted in allied forces returning oil "to the emirs." Though he does not spend much space connecting those ideas, the clear implication is that economic deprivation and the horrors of wars that benefited only a select few of the region's residents have, mixed together, become what he calls a "powder keg" for terrorism across the region.

Piketty is particularly scathing when he blames the inequality of the region, and the persistence of oil monarchies that perpetuate it, on the West: "These are the regimes that are militarily and politically supported by Western powers, all too happy to get some crumbs to fund their [soccer] clubs or sell some weapons. No wonder our lessons in social justice and democracy find little welcome among Middle Eastern youth." Terrorism that is rooted in inequality, Piketty continues, is best combated economically. To gain credibility with those who do not share in the region's wealth, Western countries should demonstrate that they are more concerned with the social development of the region than they are with their own financial interests and relationships with ruling families. The way to do this, he says, is to ensure that Middle eastern oil money funds "regional development," including far more education.