Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged espionage-threat

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

FBI Abruptly Walks Out On Senate Briefing After Being Asked How 'Insider Threat' Progra... - 0 views

www.techdirt.com/...am-avoids-whistleblowers.shtml

surveillance state whistleblower-protection Obama Insider-Threat-Program FBI

shared by Paul Merrell on 16 Apr 14 - No Cached
  • While we've been disappointed that Senator Chuck Grassley appears to have a bit of a double standard with his staunch support for whistleblowers when it comes to Ed Snowden, it is true that he has fought for real whistleblower protections for quite some time. Lately, he's been quite concerned that the White House's "Insider Threat Program" (ITP) is really just a cover to crack down on whistleblowers. As we've noted, despite early promises from the Obama administration to support and protect whistleblowers, the administration has led the largest crackdown against whistleblowers, and the ITP suggests that the attack on whistleblowers is a calculated response. The program documentation argues that any leak can be seen as "aiding the enemy" and encourages government employees to snitch on each other if they appear too concerned about government wrong-doing. Despite all his high minded talk of supporting whistleblowers, President Obama has used the Espionage Act against whistleblowers twice as many times as all other Presidents combined. Also, he has never -- not once -- praised someone for blowing the whistle in the federal government.
  • Given all of that, Senator Grassley expressed some concern about this Insider Threat Program and how it distinguished whistleblowers from actual threats. He asked the FBI for copies of its training manual on the program, which it refused to give him. Instead, it said it could better answer any questions at a hearing. However, as Grassley explains, when questioned about this just 10 minutes into the hearing, the FBI abruptly got up and left: Meanwhile, the FBI fiercely resists any efforts at Congressional oversight, especially on whistleblower matters. For example, four months ago I sent a letter to the FBI requesting its training materials on the Insider Threat Program. This program was announced by the Obama Administration in October 2011. It was intended to train federal employees to watch out for insider threats among their colleagues. Public news reports indicated that this program might not do enough to distinguish between true insider threats and legitimate whistleblowers. I relayed these concerns in my letter. I also asked for copies of the training materials. I said I wanted to examine whether they adequately distinguished between insider threats and whistleblowers.
  • In response, an FBI legislative affairs official told my staff that a briefing might be the best way to answer my questions. It was scheduled for last week. Staff for both Chairman Leahy and I attended, and the FBI brought the head of their Insider Threat Program. Yet the FBI didn’t bring the Insider Threat training materials as we had requested. However, the head of the Insider Threat Program told the staff that there was no need to worry about whistleblower communications. He said whistleblowers had to register in order to be protected, and the Insider Threat Program would know to just avoid those people. Now I have never heard of whistleblowers being required to “register” in order to be protected. The idea of such a requirement should be pretty alarming to all Americans. Sometimes confidentiality is the best protection a whistleblower has. Unfortunately, neither my staff nor Chairman Leahy’s staff was able to learn more, because only about ten minutes into the briefing, the FBI abruptly walked out. FBI officials simply refused to discuss any whistleblower implications in its Insider Threat Program and left the room. These are clearly not the actions of an agency that is genuinely open to whistleblowers or whistleblower protection.
  • ...2 more annotations...
  • And yes, it's equally troubling that the FBI insists that as long as someone "registers" as a whistleblower, the FBI will suddenly, magically agree to stop investigating them as a "threat." We already know that's almost certainly bullshit. The stories of Thomas Drake and John Kiriakou are both clear examples of whistleblowers, who then had the DOJ search through basically everything they'd ever done to try to concoct some sort of Espionage Act case against them. In both cases, the eventual charges were totally ridiculous and unrelated to the whistleblowing they had done, but clearly the only reason they had been investigated was because of their status as whistleblowers. Drake was charged with having a classified document, which was just a meeting agenda and was both improperly classified and then declassified soon after. Kiriakou was charged with revealing the name of a CIA operative to a reporter, where the person in question was already widely known to journalists as working for the CIA. Meanwhile, while Grassley still hasn't come out in support of Snowden as a whistleblower, he does seem reasonably concerned that James Clapper's plans to stop the next Snowden will have severe consequences for whistleblowers:
  • Director of National Intelligence James Clapper seems to have talked about such procedures when he appeared before the Senate Armed Services Committee on February 11, 2014. In his testimony, he said: We are going to proliferate deployment of auditing and monitoring capabilities to enhance our insider threat detection. We’re going to need to change our security clearance process to a system of continuous evaluation. . . . What we need is . . . a system of continuous evaluation, where . . . we have a way of monitoring their behavior, both their electronic behavior on the job as well as off the job, to see if there is a potential clearance issue. . . . Director Clapper’s testimony gives me major pause. It sounds as though this type of monitoring would likely capture the activity of whistleblowers communicating with Congress. As Marcy Wheeler notes in her post (linked above, which called my attention to all this), by declaring war on whistleblowers, the administration is almost guaranteeing that many fewer will use "official channels" to blow the whistle. That just makes them targets with the likelihood of getting no results. Instead, all this does is incentivize people to go the Chelsea Manning/Ed Snowden route of going directly to journalists to make sure the stories get out.
Paul Merrell

Israel Flagged as Top Spy Threat to U.S. in New Snowden/NSA Document - 0 views

www.newsweek.com/new-snowdennsa-document-262991

surveillance state Israel espionage-threat WMD bank-threat

shared by Paul Merrell on 07 Aug 14 - No Cached
  • Israel was singled out in 2007 as a top espionage threat against the U.S. government, including its intelligence services, in a newly published National Security Agency (NSA) document obtained by fugitive leaker Edward Snowden, according to a news report Monday. The document also identified Israel, along with North Korea, Cuba and India, as a “leading threat” to the infrastructure of U.S. financial and banking institutions. The threats were listed in the NSA’s 2007 Strategic Mission List, according to the document obtained by journalist/activist Glenn Greenwald, a founding editor of The Intercept, an online magazine that has a close relationship with Snowden, a former NSA and CIA contractor who fled the U.S. with thousands of top-secret documents last year.
  • In this new document, Israel was identified by the NSA as a security threat in several areas, including “the threat of development of weapons of mass destruction” and “delivery methods (particularly ballistic and nuclear-capable cruise missiles).” The NSA also flagged Israel’s “WMD and missile proliferation activities” and “cruise missiles” as threats. In a section of the document headed “Foreign Intelligence, Counterintelligence; Denial & Deception Activities: Countering Foreign Intelligence Threats,” Israel was listed as a leading perpetrator of “espionage/intelligence collection operations and manipulation/influence operations…against U.S. government, military, science & technology and Intelligence Community” organs. The term “manipulation/influence operations” refers to covert attempts by Israel to sway U.S. public opinion in its favor. In this, Israel has dubious company, according to the NSA: Other leading threats were listed as China, Russia, Cuba, Iran, Pakistan, North Korea, France, Venezuela and South Korea.
  • Israel has similar company in threats against U.S. infrastructure, according to the NSA document. Under a section headed “Mastering Cyberspace and Preventing an Attack on U.S. Critical Information Systems,” Israel, India, North Korea and Cuba are identified as “FIS [financial/banking system] threats.” Israel also appears on the list of countries believed by the NSA to be “enabling” electronic warfare “producers/proliferators.” The new document again underscores the schizoid relationship between the U.S. and Israel, which cooperate closely in military and intelligence operations but also aggressively spy on each other. A previously released Snowden document said that “one of NSA’s biggest threats is actually from friendly intelligence services, like Israel.” Another revealed that a U.S. National Intelligence Estimate ranked Israel as “the third most aggressive intelligence service against the U.S.,” behind only China and Russia.
  • ...1 more annotation...
  • Related Articles Israel Eavesdropped on President Clinton’s Diplomatic Phone Calls
Paul Merrell

The U.S. Government's Secret Plans to Spy for American Corporations - The Intercept - 0 views

firstlook.org/...-benefit-american-corporations

surveillance-state DNI economic-espionage technology Clapper lies

shared by Paul Merrell on 08 Sep 14 - No Cached
  • Throughout the last year, the U.S. government has repeatedly insisted that it does not engage in economic and industrial espionage, in an effort to distinguish its own spying from China’s infiltrations of Google, Nortel, and other corporate targets. So critical is this denial to the U.S. government that last August, an NSA spokesperson emailed The Washington Post to say (emphasis in original): “The department does ***not*** engage in economic espionage in any domain, including cyber.” After that categorical statement to the Post, the NSA was caught spying on plainly financial targets such as the Brazilian oil giant Petrobras; economic summits; international credit card and banking systems; the EU antitrust commissioner investigating Google, Microsoft, and Intel; and the International Monetary Fund and World Bank. In response, the U.S. modified its denial to acknowledge that it does engage in economic spying, but unlike China, the spying is never done to benefit American corporations.
  • In a graphic describing an “illustrative example,” the report heralds “technology acquisition by all means.” Some of the planning relates to foreign superiority in surveillance technology, but other parts are explicitly concerned with using cyber-espionage to bolster the competitive advantage of U.S. corporations. The report thus envisions a scenario in which companies from India and Russia work together to develop technological innovation, and the U.S. intelligence community then “conducts cyber operations” against “research facilities” in those countries, acquires their proprietary data, and then “assesses whether and how its findings would be useful to U.S. industry” (click on image to enlarge):
  • One of the principal threats raised in the report is a scenario “in which the United States’ technological and innovative edge slips”— in particular, “that the technological capacity of foreign multinational corporations could outstrip that of U.S. corporations.” Such a development, the report says “could put the United States at a growing—and potentially permanent—disadvantage in crucial areas such as energy, nanotechnology, medicine, and information technology.” How could U.S. intelligence agencies solve that problem? The report recommends “a multi-pronged, systematic effort to gather open source and proprietary information through overt means, clandestine penetration (through physical and cyber means), and counterintelligence” (emphasis added). In particular, the DNI’s report envisions “cyber operations” to penetrate “covert centers of innovation” such as R&D facilities.
  • ...3 more annotations...
  • Director of National Intelligence James Clapper, for instance, responded to the Petrobras revelations by claiming: “It is not a secret that the Intelligence Community collects information about economic and financial matters…. What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of—or give intelligence we collect to—U.S. companies to enhance their international competitiveness or increase their bottom line.” But a secret 2009 report issued by Clapper’s own office explicitly contemplates doing exactly that. The document, the 2009 Quadrennial Intelligence Community Review—provided by NSA whistleblower Edward Snowden—is a fascinating window into the mindset of America’s spies as they identify future threats to the U.S. and lay out the actions the U.S. intelligence community should take in response. It anticipates a series of potential scenarios the U.S. may face in 2025, from a “China/Russia/India/Iran centered bloc [that] challenges U.S. supremacy” to a world in which “identity-based groups supplant nation-states,” and games out how the U.S. intelligence community should operate in those alternative futures—the idea being to assess “the most challenging issues [the U.S.] could face beyond the standard planning cycle.”
  • he report describes itself as “an essential long-term piece, looking out between 10 and 20 years” designed to enable ”the IC [to] best posture itself to meet the range of challenges it may face.” Whatever else is true, one thing is unmistakable: the report blithely acknowledges that stealing secrets to help American corporations secure competitive advantage is an acceptable future role for U.S. intelligence agencies. In May, the U.S. Justice Department indicted five Chinese government employees on charges that they spied on U.S. companies. At the time, Attorney General Eric Holder said the spying took place “for no reason other than to advantage state-owned companies and other interests in China,” and “this is a tactic that the U.S. government categorically denounces.” But the following day, The New York Times detailed numerous episodes of American economic spying that seemed quite similar. Harvard Law School professor and former Bush Justice Department official Jack Goldsmith wrote that the accusations in the indictment sound “a lot like the kind of cyber-snooping on firms that the United States does.” But U.S. officials continued to insist that using surveillance capabilities to bestow economic advantage for the benefit of a country’s corporations is wrong, immoral, and illegal.
  • Yet this 2009 report advocates doing exactly that in the event that ”that the technological capacity of foreign multinational corporations outstrip[s] that of U.S. corporations.” Using covert cyber operations to pilfer “proprietary information” and then determining how it ”would be useful to U.S. industry” is precisely what the U.S. government has been vehemently insisting it does not do, even though for years it has officially prepared to do precisely that.
  • Paul Merrell on 08 Sep 14
     
    DNI James Clapper caught telling another whopper. 
Paul Merrell

Obama's crackdown views leaks as aiding enemies of U.S. | McClatchy - 0 views

www.mcclatchydc.com/...-crackdown-views-leaks-as.html

government secrecy Obama

shared by Paul Merrell on 25 Jun 13 - No Cached
  • Even before a former U.S. intelligence contractor exposed the secret collection of Americans’ phone records, the Obama administration was pressing a government-wide crackdown on security threats that requires federal employees to keep closer tabs on their co-workers and exhorts managers to punish those who fail to report their suspicions. President Barack Obama’s unprecedented initiative, known as the Insider Threat Program, is sweeping in its reach. It has received scant public attention even though it extends beyond the U.S. national security bureaucracies to most federal departments and agencies nationwide, including the Peace Corps, the Social Security Administration and the Education and Agriculture departments. It emphasizes leaks of classified material, but catchall definitions of “insider threat” give agencies latitude to pursue and penalize a range of other conduct.
  • Government documents reviewed by McClatchy illustrate how some agencies are using that latitude to pursue unauthorized disclosures of any information, not just classified material. They also show how millions of federal employees and contractors must watch for “high-risk persons or behaviors” among co-workers and could face penalties, including criminal charges, for failing to report them. Leaks to the media are equated with espionage.
  • Employees must turn themselves and others in for failing to report breaches. “Penalize clearly identifiable failures to report security infractions and violations, including any lack of self-reporting,” the strategic plan says.The Obama administration already was pursuing an unprecedented number of leak prosecutions, and some in Congress – long one of the most prolific spillers of secrets – favor tightening restrictions on reporters’ access to federal agencies, making many U.S. officials reluctant to even disclose unclassified matters to the public. The policy, which partly relies on behavior profiles, also could discourage creative thinking and fuel conformist “group think” of the kind that was blamed for the CIA’s erroneous assessment that Iraq was hiding weapons of mass destruction, a judgment that underpinned the 2003 U.S. invasion. “The real danger is that you get a bland common denominator working in the government,” warned Ilana Greenstein, a former CIA case officer who says she quit the agency after being falsely accused of being a security risk. “You don’t get people speaking up when there’s wrongdoing. You don’t get people who look at things in a different way and who are willing to stand up for things. What you get are people who toe the party line, and that’s really dangerous for national security.”
  • ...3 more annotations...
  • The program could make it easier for the government to stifle the flow of unclassified and potentially vital information to the public, while creating toxic work environments poisoned by unfounded suspicions and spurious investigations of loyal Americans, according to these current and former officials and experts. Some non-intelligence agencies already are urging employees to watch their co-workers for “indicators” that include stress, divorce and financial problems.
  • The program, however, gives agencies such wide latitude in crafting their responses to insider threats that someone deemed a risk in one agency could be characterized as harmless in another. Even inside an agency, one manager’s disgruntled employee might become another’s threat to national security. Obama in November approved “minimum standards” giving departments and agencies considerable leeway in developing their insider threat programs, leading to a potential hodgepodge of interpretations. He instructed them to not only root out leakers but people who might be prone to “violent acts against the government or the nation” and “potential espionage.”
  • The Department of Education, meanwhile, informs employees that co-workers going through “certain life experiences . . . might turn a trusted user into an insider threat.” Those experiences, the department says in a computer training manual, include “stress, divorce, financial problems” or “frustrations with co-workers or the organization.”An online tutorial titled “Treason 101” teaches Department of Agriculture and National Oceanic and Atmospheric Administration employees to recognize the psychological profile of spies.
Paul Merrell

U.S. to China: We Hacked Your Internet Gear We Told You Not to Hack | Wired Enterprise ... - 0 views

www.wired.com/...nsa-cisco-huawei-china

surveillance state U.S. China NSA-backdoors

shared by Paul Merrell on 01 Jan 14 - No Cached
  • The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies, including everyone from U.S. mainstays Cisco and Juniper to Chinese giant Huawei. But beneath this bombshell of a story from Der Spiegel, you’ll find a rather healthy bit of irony. After all, the United States government has spent years complaining that Chinese intelligence operations could find ways of poking holes in Huawei networking gear, urging both American businesses and foreign allies to sidestep the company’s hardware. The complaints grew so loud that, at one point, Huawei indicated it may abandon the U.S. networking market all together. And, yet, Der Speigel now tells us that U.S. intelligence operations have been poking holes in Huawei networking gear — not to mention hardware sold by countless other vendors in both the States and abroad. “We read the media reports, and we’ve noted the references to Huawei and our peers,” says William Plummer, a Huawei vice president and the company’s point person in Washington, D.C. “As we have said, over and over again — and as now seems to be validated — threats to networks and data integrity can come from any and many sources.”
  • Plummer and Huawei have long complained that when the U.S. House Intelligence Committee released a report in October 2012 condemning the use of Huawei gear in telephone and data networks, it failed to provide any evidence that the Chinese government had compromised the company’s hardware. Adam Segal, a senior fellow for China Studies at the Center for Foreign Relations, makes the same point. And now we have evidence — Der Spiegel cites leaked NSA documents — that the U.S. government has compromised gear on a massive scale. “Do I see the irony? Certainly the Chinese will,” Segal says, noting that the Chinese government and the Chinese press have complained of U.S hypocrisy ever since former government contractor Edward Snowden first started to reveal NSA surveillance practices last summer. “The Chinese government has been hammering home what they call the U.S.’s ulterior motives for criticizing China, and there’s been a steady drumbeat of stories in the Chinese press about backdoors in the products of U.S. companies. They’ve been going after Cisco in particular.”
  • To be sure, the exploits discussed by Der Spiegel are a little different from the sort of attacks Congress envisioned during its long campaign against Huawei and ZTE, another Chinese manufacturer. As Segal and others note, Congress mostly complained that the Chinese government could collaborate with people inside the two companies to plant backdoors in their gear, with lawmakers pointing out that Huawei’s CEO was once an officer in China’s People’s Liberation Army, or PLA, the military arm of the country’s Communist party. Der Spiegel, by contrast, says the NSA is exploiting hardware without help from anyone inside the Ciscos and the Huaweis, focusing instead on compromising network gear with clever hacks or intercepting the hardware as it’s shipped to customers. “For the most part, the article discusses typical malware exploits used by hackers everywhere,” says JR Rivers, an engineer who has built networking hardware for Cisco as well as Google and now runs the networking startup Cumulus Networks. “It’s just pointing out that the NSA is engaged in the practice and has resources that are not available to most people.” But in the end, the two types of attack have the same result: Networking gear controlled by government spies. And over the last six months, Snowden’s revelations have indicated that the NSA is not only hacking into networks but also collaborating with large American companies in its hunt for data.
  • ...2 more annotations...
  • Jim Lewis, a director and senior fellow with the Center for Strategic and International Studies, adds that the Chinese view state-sponsored espionage a little differently than the U.S. does. Both countries believe in espionage for national security purposes, but the Chinese argue that such spying might include the theft of commercial secrets. “The Chinese will tell you that stealing technology and business secrets is a way of building their economy, and that this is important for national security,” says Lewis, who has helped oversee meetings between the U.S. and the Chinese, including officers in the PLA. “I’ve been in the room when they’ve said that. The last time was when a PLA colonel said: ‘In the U.S., military espionage is heroic and economic espionage is a crime. In China, the line is not that clear.’” But here in the United States, we now know, the NSA may blur other lines in the name of national security. Segal says that although he, as an American, believes the U.S. government is on stronger ethical ground than the Chinese, other nations are beginning to question its motives. “The U.S has to convince other countries that our type of intelligence gathering is different,” he says. “I don’t think that the Brazils and the Indias and the Indonesias and the South Africas are convinced. That’s a big problem for us.”
  • The thing to realize, as the revelations of NSA snooping continue to pour out, is that everyone deserves scrutiny — the U.S government and its allies, as well as the Chinese and others you may be more likely to view with skepticism. “All big countries,” Lewis says, “are going to try and do this.”
  • Paul Merrell on 01 Jan 14
     
    Of course, we now know that the U.S. conducts electronic surveillance for a multitude of purposes, including economic. Check this group's notes tagged "NSA-targets" and/or "NSA-goals".
Paul Merrell

Israel Won't Stop Spying on the U.S. - 0 views

www.newsweek.com/ael-wont-stop-spying-us-249757

war & peace espionage Israel visa-waiver

shared by Paul Merrell on 07 May 14 - No Cached
  • Whatever happened to honor among thieves? When the National Security Agency was caught eavesdropping on German Chancellor Angela Merkel’s cell phone, it was considered a rude way to treat a friend. Now U.S. intelligence officials are saying—albeit very quietly, behind closed doors on Capitol Hill—that our Israeli “friends” have gone too far with their spying operations here. According to classified briefings on legislation that would lower visa restrictions on Israeli citizens, Jerusalem’s efforts to steal U.S. secrets under the cover of trade missions and joint defense technology contracts have “crossed red lines.”  Israel’s espionage activities in America are unrivaled and unseemly, counterspies have told members of the House Judiciary and Foreign Affairs committees, going far beyond activities by other close allies, such as Germany, France, the U.K. and Japan. A congressional staffer familiar with a briefing last January called the testimony “very sobering…alarming…even terrifying.” Another staffer called it “damaging.”  The Jewish state’s primary target: America’s industrial and technical secrets. 
  • “No other country close to the United States continues to cross the line on espionage like the Israelis do,” said a former congressional staffer who attended another classified briefing in late 2013, one of several in recent months given by officials from the Department of Homeland Security (DHS), the State Department, the FBI and the National Counterintelligence Directorate. 
  • “I don’t think anyone was surprised by these revelations,” the former aide said. “But when you step back and hear…that there are no other countries taking advantage of our security relationship the way the Israelis are for espionage purposes, it is quite shocking. I mean, it shouldn’t be lost on anyone that after all the hand-wringing over [Jonathan] Pollard, it’s still going on.” Israel and pro-Israel groups in America have long lobbied U.S. administrations to free Pollard, a former U.S. naval intelligence analyst serving a life sentence since 1987 for stealing tens of thousands of secrets for Israel. (U.S. counterintelligence officials suspect that Israel traded some of the Cold War-era information to Moscow in exchange for the emigration of Russian Jews.) After denying for over a decade that Pollard was its paid agent, Israel apologized and promised not to spy on U.S. soil again. Since then, more Israeli spies have been arrested and convicted by U.S. courts. 
  • ...4 more annotations...
  • I.C. Smith, a former top FBI counterintelligence specialist during the Pollard affair, tells Newsweek, “In the early 1980s, dealing with the Israelis was, for those assigned that area, extremely frustrating. The Israelis were supremely confident that they had the clout, especially on the Hill, to basically get [away] with just about anything. This was the time of the Criteria Country List—later changed to the National Security Threat List—and I found it incredible that Taiwan and Vietnam, for instance, were on [it], when neither country had conducted activities that remotely approached the Pollard case, and neither had a history of, or a comparable capability to conduct, such activities.” While all this was going on, Israel was lobbying hard to be put on the short list of countries (38 today) whose citizens don’t need visas to visit here.  Until recently, the major sticking point was the Jewish state’s discriminatory and sometimes harsh treatment of Arab-Americans and U.S. Palestinians seeking to enter Israel. It has also failed to meet other requirements for the program, such as promptly and regularly reporting lost and stolen passports, officials say—a problem all the more pressing since Iranians were found to have boarded the missing Malaysia Airlines flight with stolen passports. 
  • “But this is the first time congressional aides have indicated that intelligence and national security concerns also are considerations in weighing Israel’s admission into the visa waiver program,” Jonathan Broder, the foreign and defense editor for CQ Roll Call, a Capitol Hill news site, wrote last month. He quoted a senior House aide as saying, “The U.S. intelligence community is concerned that adding Israel to the visa waiver program would make it easier for Israeli spies to enter the country.” The Israelis “thought they could just snap their fingers” and get friends in Congress to legislate visa changes, a Hill aide said, instead of going through the required hoops with DHS.
  • Congressional aides snorted at the announcement. “The Israelis haven’t done s**t to get themselves into the visa waiver program,” the former congressional aide said, echoing the views of two other House staffers working on the issue. “I mean, if the Israelis got themselves into this visa waiver program and if we were able to address this [intelligence community] concern—great, they’re a close ally, there are strong economic and cultural links between the two countries, it would be wonderful if more Israelis could come over here without visas. I’m sure it would spur investment and tourist dollars in our economy and so on and so forth. But what I find really funny is they haven’t done s**t to get into the program. They think that their friends in Congress can get them in, and that’s not the case. Congress can lower one or two of the barriers, but they can’t just legislate the Israelis in.” The path to visa waivers runs through DHS and can take years to navigate.
  • Israel is not even close to meeting those standards, a congressional aide said. “You’ve got to have machine-readable passports in place—the e-passports with a data chip in them. The Israelis have only just started to issue them to diplomats and senior officials and so forth, and that probably won’t be rolled out to the rest of their population for another 10 years.” But U.S. counterspies will get the final word. And since Israel is as likely to stop spying here as it is to give up matzo for Passover, the visa barriers are likely to stay up. As Paul Pillar, the CIA’s former national intelligence officer for the Near East and South Asia, told Newsweek, old habits are hard to break: Zionists were dispatching spies to America before there even was an Israel, to gather money and materials for the cause and later the fledgling state. Key components for Israel’s nuclear bombs were clandestinely obtained here. “They’ve found creative and inventive ways,” Pillar said, to get what they want. “If we give them free rein to send people over here, how are we going to stop that?” the former congressional aide asked. “They’re incredibly aggressive. They’re aggressive in all aspects of their relationship with the United States. Why would their intelligence relationship with us be any different?”
Paul Merrell

New Snowden docs show U.S. spied during G20 in Toronto - Politics - CBC News - 0 views

www.cbc.ca/...uring-g20-in-toronto-1.2442448

surveillance state NSA Canada CSEC G8 G20

shared by Paul Merrell on 29 Nov 13 - No Cached
  • Top secret documents retrieved by U.S. whistleblower Edward Snowden show that Prime Minister Stephen Harper's government allowed the largest American spy agency to conduct widespread surveillance in Canada during the 2010 G8 and G20 summits.
  • The briefing notes, stamped "Top Secret," show the U.S. turned its Ottawa embassy into a security command post during a six-day spying operation by the National Security Agency while U.S. President Barack Obama and 25 other foreign heads of government were on Canadian soil in June of 2010. The covert U.S. operation was no secret to Canadian authorities.
  • Notably, the secret NSA briefing document describes part of the U.S. eavesdropping agency's mandate at the Toronto summit as "providing support to policymakers." Documents previously released by Snowden, a former NSA contractor who has sought and received asylum in Russia, suggested that support at other international gatherings included spying on the foreign delegations to get an unfair advantage in any negotiations or policy debates at the summit. It was those documents that first exposed the spying on world leaders at the London summit. More recently, Snowden's trove of classified information revealed Canada's eavesdropping agency had hacked into phones and computers in the Brazilian government's department of mines, a story that touched off a political firestorm both in that country and in Ottawa.
  • ...5 more annotations...
  • The secret documents do not reveal the precise targets of so much espionage by the NSA — and possibly its Canadian partner — during the Toronto summit. But both the U.S. and Canadian intelligence agencies have been implicated with their British counterpart in hacking the phone calls and emails of foreign politicians and diplomats attending the G20 summit in London in 2009 — a scant few months before the Toronto gathering of the same world leaders.
  • The spying at the Toronto summit in 2010 fits a pattern of economic and political espionage by the powerful U.S. intelligence agency and its partners such as Canada. That espionage was conducted to secure meeting sites and protect leaders against terrorist threats posed by al-Qaeda but also to forward the policy goals of the United States and Canada. The G20 summit in Toronto had a lot on its agenda that would have been of acute interest to the NSA and Canada.
  • The world was still struggling to climb out of the great recession of 2008. Leaders were debating a wide array of possible measures including a global tax on banks, an idea strongly opposed by both the U.S. and Canadian governments. That notion was eventually scotched. The secret NSA documents list all the main agenda items for the G20 in Toronto — international development, banking reform, countering trade protectionism, and so on — with the U.S. snooping agency promising to support "U.S. policy goals." Whatever the intelligence goals of the NSA during the Toronto summit, international security experts question whether the NSA spying operation at the G20 in Toronto was even legal.
  • "If CSEC tasked NSA to conduct spying activities on Canadians within Canada that CSEC itself was not authorized to take, then I am comfortable saying that would be an unlawful undertaking by CSEC," says Craig Forcese, an expert in national security at University of Ottawa's faculty of law. By law, CSEC cannot target anyone in Canada without a warrant, including world leaders and foreign diplomats at a G20 summit. But, the Canadian eavesdropping agency is also prohibited by international agreement from getting the NSA to do the spying or anything that would be illegal for CSEC.
  • The NSA warns the more likely security threat would come from "issue-based extremists" conducting acts of vandalism. They got that right. Protest marches by about 10,000 turned the Toronto G20 into an historic melee of arrests by more than 20,000 police in what would become one of the largest and most expensive security operations in Canadian history. By the time the tear gas had cleared and the investigations were complete, law enforcement agencies stood accused of mass-violations of civil rights. Add to that dubious legacy illegal spying by an American intelligence agency with the blessing of the Canadian government.
Paul Merrell

Beware the Dangers of Congress' Latest Cybersecurity Bill | American Civil Liberties Union - 0 views

www.aclu.org/...ress-latest-cybersecurity-bill

surveillance state legislation ACLU cybersecurity

shared by Paul Merrell on 01 Jul 14 - No Cached
  • A new cybersecurity bill poses serious threats to our privacy, gives the government extraordinary powers to silence potential whistleblowers, and exempts these dangerous new powers from transparency laws. The Cybersecurity Information Sharing Act of 2014 ("CISA") was scheduled to be marked up by the Senate Intelligence Committee yesterday but has been delayed until after next week's congressional recess. The response to the proposed legislation from the privacy, civil liberties, tech, and open government communities was quick and unequivocal – this bill must not go through. The bill would create a massive loophole in our existing privacy laws by allowing the government to ask companies for "voluntary" cooperation in sharing information, including the content of our communications, for cybersecurity purposes. But the definition they are using for the so-called "cybersecurity information" is so broad it could sweep up huge amounts of innocent Americans' personal data. The Fourth Amendment protects Americans' personal data and communications from undue government access and monitoring without suspicion of criminal activity. The point of a warrant is to guard that protection. CISA would circumvent the warrant requirement by allowing the government to approach companies directly to collect personal information, including telephonic or internet communications, based on the new broadly drawn definition of "cybersecurity information."
  • While we hope many companies would jealously guard their customers' information, there is a provision in the bill that would excuse sharers from any liability if they act in "good faith" that the sharing was lawful. Collected information could then be used in criminal proceedings, creating a dangerous end-run around laws like the Electronic Communications Privacy Act, which contain warrant requirements. In addition to the threats to every American's privacy, the bill clearly targets potential government whistleblowers. Instead of limiting the use of data collection to protect against actual cybersecurity threats, the bill allows the government to use the data in the investigation and prosecution of people for economic espionage and trade secret violations, and under various provisions of the Espionage Act. It's clear that the law is an attempt to give the government more power to crack down on whistleblowers, or "insider threats," in popular bureaucratic parlance. The Obama Administration has brought more "leaks" prosecutions against government whistleblowers and members of the press than all previous administrations combined. If misused by this or future administrations, CISA could eliminate due process protections for such investigations, which already favor the prosecution.
  • While actively stripping Americans' privacy protections, the bill also cloaks "cybersecurity"-sharing in secrecy by exempting it from critical government transparency protections. It unnecessarily and dangerously provides exemptions from state and local sunshine laws as well as the federal Freedom of Information Act. These are both powerful tools that allow citizens to check government activities and guard against abuse. Edward Snowden's revelations from the past year, of invasive spying programs like PRSIM and Stellar Wind, have left Americans shocked and demanding more transparency by government agencies. CISA, however, flies in the face of what the public clearly wants. (Two coalition letters, here and here, sent to key members of the Senate yesterday detail the concerns of a broad coalition of organizations, including the ACLU.)
  • Paul Merrell on 01 Jul 14
     
    Text of the bill is on Sen. Diane Feinstein's site, http://goo.gl/2cdsSA It is truly a bummer.
Paul Merrell

The Stunning Hypocrisy of the U.S. Government | Washington's Blog - 0 views

www.washingtonsblog.com/...-hypocrisy-versus-honesty.html

surveillance state NSA hypocricy

shared by Paul Merrell on 25 Jun 13 - No Cached
  • Congress has exempted itself from the prohibition against trading on inside information … the law that got Martha Stewart and many other people thrown in jail. There are many other ways in which the hypocrisy of the politicians in D.C. is hurting our country. Washington politicians say we have to slash basic services, and yet waste hundreds of billions of dollars on counter-productive boondoggles. If the politicos just stopped throwing money at corporate welfare queens, military and security boondoggles and pork, harmful quantitative easing, unnecessary nuclear subsidies, the failed war on drugs, and other wasted and counter-productive expenses, we wouldn’t need to impose austerity on the people. The D.C. politicians said that the giant failed banks couldn’t be nationalized, because that would be socialism. Instead of temporarily nationalizing them and then spinning them off to the private sector – or breaking them up – the politicians have bailed them out to the tune of many tens of billions of dollars each year, and created a system where all of the profits are privatized, and all of the losses socialized. Obama and Congress promised help for struggling homeowners, and passed numerous bills that they claimed would rescue the little guy. But every single one of these bills actually bails out the banks … and doesn’t really help the homeowner.
  • The Federal Reserve promises to do everything possible to reduce unemployment. But its policies are actually destroying jobs. Many D.C. politicians pay lip service to helping the little guy … while pushing policies which have driven inequality to levels surpassing slave-owning societies. The D.C. regulators pretend that they are being tough on the big banks, but are actually doing everything they can to help cover up their sins. Many have pointed out Obama’s hypocrisy in slamming Bush’s spying programs … and then expanding them (millions more). And in slamming China’s cyber-warfare … while doing the same thing. And – while the Obama administration is spying on everyone in the country – it is at the same time the most secretive administration ever (background). That’s despite Obama saying he’s running the most transparent administration ever.
  • Glenn Greenwald – the Guardian reporter who broke the NSA spying revelations – has documented for many years the hypocritical use of leaks by the government to make itself look good … while throwing the book at anyone who leaks information embarrassing to the government. Greenwald notes today: Prior to Barack Obama’s inauguration, there were a grand total of three prosecutions of leakers under the Espionage Act (including the prosecution of Dan Ellsberg by the Nixon DOJ). That’s because the statute is so broad that even the US government has largely refrained from using it. But during the Obama presidency, there are now seven such prosecutions: more than double the number under all prior US presidents combined.
  • ...3 more annotations...
  • The irony is obvious: the same people who are building a ubiquitous surveillance system to spy on everyone in the world, including their own citizens, are now accusing the person who exposed it of “espionage”. It seems clear that the people who are actually bringing “injury to the United States” are those who are waging war on basic tenets of transparency and secretly constructing a mass and often illegal and unconstitutional surveillance apparatus aimed at American citizens – and those who are lying to the American people and its Congress about what they’re doing – rather than those who are devoted to informing the American people that this is being done.
  • Similarly, journalists who act as mere stenographers for the government who never criticize in more than a superficial fashion are protected and rewarded … but reporters who actually report on government misdeeds are prosecuted and harassed. Further, the biggest terrorism fearmongers themselves actually support terrorism. And see this. In the name of fighting terrorism, the U.S. has been directly supporting Al Qaeda and other terrorists and providing them arms, money and logistical support in Syria, Libya, Mali, Bosnia, Chechnya, Iran, and many other countries … both before and after 9/11. And see this. The American government has long labeled foreigners as terrorists for doing what America does. Moreover, government officials may brand Americans as potential terrorists if they peacefully protest, complain about the taste of their water, or do any number of other normal, all-American things.
  • This is especially hypocritical given that liberals like Noam Chomsky and conservatives like the director of the National Security Agency under Ronald Reagan (Lt. General William Odom) all say that the American government is the world’s largest purveyor of terrorism. As General Odom noted: Because the United States itself has a long record of supporting terrorists and using terrorist tactics, the slogans of today’s war on terrorism merely makes the United States look hypocritical to the rest of the world. These are just a couple of ways in which the D.C. politicians are hypocrites.
Gary Edwards

Welcome to Post-Constitution America - Peter Van Buren - 0 views

www.filmsforaction.org/...me_to_postconstitution_america

NSA-Patriot-Act-NDAA NSA-Whistleblower post-Constitutional-America Peter-Van-Buren

shared by Gary Edwards on 11 Aug 13 - No Cached
  • On July 30, 1778, the Continental Congress created the first whistleblower protection law, stating “that it is the duty of all persons in the service of the United States to give the earliest information to Congress or other proper authority of any misconduct, frauds, or misdemeanors committed by any officers or persons in the service of these states.”
  • Two hundred thirty-five years later, on July 30, 2013, Bradley Manning was found guilty on 20 of the 22 charges for which he was prosecuted, specifically for “espionage” and for videos of war atrocities he released, but not for “aiding the enemy.”
  • Days after the verdict, with sentencing hearings in which Manning could receive 136 years of prison time ongoing, the pundits have had their say. The problem is that they missed the most chilling aspect of the Manning case: the way it ushered us, almost unnoticed, into post-Constitutional America.
  • ...22 more annotations...
  • As at Guantanamo, rules of evidence reaching back to early
  • During the months of the trial, the U.S. military refused to release official transcripts of the proceedings. Even a private courtroom sketch artist was barred from the room. Independent journalist and activist Alexa O’Brien then took it upon herself to attend the trial daily, defy the Army, and make an unofficial record of the proceedings by hand. Later in the trial, armed military police were stationed behind reporters listening to testimony. Above all, the feeling that Manning’s fate was predetermined could hardly be avoided. After all, President Obama, the former Constitutional law professor, essentially proclaimed him guilty back in 2011 and the Department of Defense didn’t hesitate to state more generally that “leaking is tantamount to aiding the enemies of the United States.”
  • And so to Bradley Manning. As the weaponry and technology of war came home, so did a new, increasingly Guantanamo-ized definition of justice. This is one thing the Manning case has made clear. As a start, Manning was treated no differently than America’s war-on-terror prisoners at Guantanamo and the black sites that the Bush administration set up around the world. Picked up on the “battlefield,” Manning was first kept incommunicado in a cage in Kuwait for two months with no access to a lawyer. Then, despite being an active duty member of the Army, he was handed over to the Marines, who also guard Guantanamo, to be held in a military prison in Quantico, Virginia. What followed were three years of cruel detainment, where, as might well have happened at Gitmo, Manning, kept in isolation, was deprived of clothing, communications, legal advice, and sleep. The sleep deprivation regime imposed on him certainly met any standard, other than Washington’s and possibly Pyongyang’s, for torture. In return for such abuse, even after a judge had formally ruled that he was subjected to excessively harsh treatment, Manning will only get a 112-day reduction in his eventual sentence. Eventually the Obama administration decided Manning was to be tried as a soldier before a military court. In the courtroom, itself inside a military facility that also houses NSA headquarters, there was a strikingly gulag-like atmosphere.  His trial was built around secret witnesses and secret evidence; severe restrictions were put on the press -- the Army denied press passes to 270 of the 350 media organizations that applied; and there was a clear appearance of injustice. Among other things, the judge ruled against nearly every defense motion.
  • “What constitutes due process in this case is a due process in war.”
  • Given all this, it is small comfort to know that Manning, nailed on the Espionage Act after multiple failures in other cases by the Obama administration, was not convicted of the extreme charge of “aiding the enemy.”
  • Obama administration lawyers went on to claim the legal right to execute U.S. citizens without trial or due process and have admitted to killing four Americans. Attorney General Eric Holder declared that “United States citizenship alone does not make such individuals immune from being targeted.”
  • As if competing for an Orwellian prize, an unnamed Obama administration official told the Washington Post,
  • English common law were turned upside down. In Manning’s case, he was convicted of espionage, even though the prosecution did not have to prove either his intent to help another government or that harm was caused; a civilian court had already paved the way for such a ruling in another whistleblower case. In addition, the government was allowed to label Manning a “traitor” and an “anarchist” in open court, though he was on trial for neither treason nor anarchy.
  • Similarly, full-spectrum spying is not considered to violate the Fourth Amendment and does not even require probable cause.
  • Justice can be twisted and tangled into an almost unrecognizable form and then used to send a young man to prison for decades.
  • Government officials concerned over possible wrongdoing in their departments or agencies who “go through proper channels” are fired or prosecuted.
  • Government whistleblowers are commanded to return to face justice, while law-breakers in the service of the government are allowed to flee justice. CIA officers who destroy evidence of torture go free, while a CIA agent who blew the whistle on torture is locked up.
  • Thanks to the PATRIOT Act, citizens, even librarians, can be served by the FBI with a National Security Letter (not requiring a court order) demanding records and other information, and gagging them from revealing to anyone that such information has been demanded or such a letter delivered.
  • Citizens may be held without trial, and denied their Constitutional rights as soon as they are designated “terrorists.” Lawyers and habeas corpus are available only when the government allows.
  • The war on whistleblowers is metastasizing into a war on the First Amendment.
  • People may now be convicted based on secret testimony by unnamed persons.
  • Military courts and jails can replace civilian ones.
  • An Obama administration Insider Threat Program requires federal employees (including the Peace Corps) to report on the suspicious behavior of coworkers.
  • Claiming its actions lawful while shielding the “legal” opinions cited, often even from Congress, the government can send its drones to assassinate its own citizens.
  • One by one, the tools and attitudes of the war on terror, of a world in which the “gloves” are eternally off, have come home.
  • The comic strip character Pogo’s classic warning -- “We have met the enemy and he is us” -- seems ever less like a metaphor.
  • According to the government, increasingly we are now indeed their enemy.
  • Gary Edwards on 11 Aug 13
     
    Well written and researched article describing what it means to live in a post-Constitutional America.  Chilling facts with a cold but obvious conclusion.
Paul Merrell

Popular Security Software Came Under Relentless NSA and GCHQ Attacks - The Intercept - 0 views

firstlook.org/...nsa-gchq-targeted-kaspersky

surveillance state NSA GCHQ anti-virus-software

shared by Paul Merrell on 23 Jun 15 - No Cached
  • The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden. The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the U.K., claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products. British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The U.S. spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.
  • The efforts to compromise security software were of particular importance because such software is relied upon to defend against an array of digital threats and is typically more trusted by the operating system than other applications, running with elevated privileges that allow more vectors for surveillance and attack. Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the U.S. and U.K. have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware.
  • The requested warrant, provided under Section 5 of the U.K.’s 1994 Intelligence Services Act, must be renewed by a government minister every six months. The document published today is a renewal request for a warrant valid from July 7, 2008 until January 7, 2009. The request seeks authorization for GCHQ activities that “involve modifying commercially available software to enable interception, decryption and other related tasks, or ‘reverse engineering’ software.”
  • ...9 more annotations...
  • The NSA, like GCHQ, has studied Kaspersky Lab’s software for weaknesses. In 2008, an NSA research team discovered that Kaspersky software was transmitting sensitive user information back to the company’s servers, which could easily be intercepted and employed to track users, according to a draft of a top-secret report. The information was embedded in “User-Agent” strings included in the headers of Hypertext Transfer Protocol, or HTTP, requests. Such headers are typically sent at the beginning of a web request to identify the type of software and computer issuing the request.
  • According to the draft report, NSA researchers found that the strings could be used to uniquely identify the computing devices belonging to Kaspersky customers. They determined that “Kaspersky User-Agent strings contain encoded versions of the Kaspersky serial numbers and that part of the User-Agent string can be used as a machine identifier.” They also noted that the “User-Agent” strings may contain “information about services contracted for or configurations.” Such data could be used to passively track a computer to determine if a target is running Kaspersky software and thus potentially susceptible to a particular attack without risking detection.
  • Another way the NSA targets foreign anti-virus companies appears to be to monitor their email traffic for reports of new vulnerabilities and malware. A 2010 presentation on “Project CAMBERDADA” shows the content of an email flagging a malware file, which was sent to various anti-virus companies by François Picard of the Montréal-based consulting and web hosting company NewRoma. The presentation of the email suggests that the NSA is reading such messages to discover new flaws in anti-virus software. Picard, contacted by The Intercept, was unaware his email had fallen into the hands of the NSA. He said that he regularly sends out notification of new viruses and malware to anti-virus companies, and that he likely sent the email in question to at least two dozen such outfits. He also said he never sends such notifications to government agencies. “It is strange the NSA would show an email like mine in a presentation,” he added.
  • The NSA presentation goes on to state that its signals intelligence yields about 10 new “potentially malicious files per day for malware triage.” This is a tiny fraction of the hostile software that is processed. Kaspersky says it detects 325,000 new malicious files every day, and an internal GCHQ document indicates that its own system “collect[s] around 100,000,000 malware events per day.” After obtaining the files, the NSA analysts “[c]heck Kaspersky AV to see if they continue to let any of these virus files through their Anti-Virus product.” The NSA’s Tailored Access Operations unit “can repurpose the malware,” presumably before the anti-virus software has been updated to defend against the threat.
  • The Project CAMBERDADA presentation lists 23 additional AV companies from all over the world under “More Targets!” Those companies include Check Point software, a pioneering maker of corporate firewalls based Israel, whose government is a U.S. ally. Notably omitted are the American anti-virus brands McAfee and Symantec and the British company Sophos.
  • As government spies have sought to evade anti-virus software, the anti-virus firms themselves have exposed malware created by government spies. Among them, Kaspersky appears to be the sharpest thorn in the side of government hackers. In the past few years, the company has proven to be a prolific hunter of state-sponsored malware, playing a role in the discovery and/or analysis of various pieces of malware reportedly linked to government hackers, including the superviruses Flame, which Kaspersky flagged in 2012; Gauss, also detected in 2012; Stuxnet, discovered by another company in 2010; and Regin, revealed by Symantec. In February, the Russian firm announced its biggest find yet: the “Equation Group,” an organization that has deployed espionage tools widely believed to have been created by the NSA and hidden on hard drives from leading brands, according to Kaspersky. In a report, the company called it “the most advanced threat actor we have seen” and “probably one of the most sophisticated cyber attack groups in the world.”
  • Hacks deployed by the Equation Group operated undetected for as long as 14 to 19 years, burrowing into the hard drive firmware of sensitive computer systems around the world, according to Kaspersky. Governments, militaries, technology companies, nuclear research centers, media outlets and financial institutions in 30 countries were among those reportedly infected. Kaspersky estimates that the Equation Group could have implants in tens of thousands of computers, but documents published last year by The Intercept suggest the NSA was scaling up their implant capabilities to potentially infect millions of computers with malware. Kaspersky’s adversarial relationship with Western intelligence services is sometimes framed in more sinister terms; the firm has been accused of working too closely with the Russian intelligence service FSB. That accusation is partly due to the company’s apparent success in uncovering NSA malware, and partly due to the fact that its founder, Eugene Kaspersky, was educated by a KGB-backed school in the 1980s before working for the Russian military.
  • Kaspersky has repeatedly denied the insinuations and accusations. In a recent blog post, responding to a Bloomberg article, he complained that his company was being subjected to “sensationalist … conspiracy theories,” sarcastically noting that “for some reason they forgot our reports” on an array of malware that trace back to Russian developers. He continued, “It’s very hard for a company with Russian roots to become successful in the U.S., European and other markets. Nobody trusts us — by default.”
  • Documents published with this article: Kaspersky User-Agent Strings — NSA Project CAMBERDADA — NSA NDIST — GCHQ’s Developing Cyber Defence Mission GCHQ Application for Renewal of Warrant GPW/1160 Software Reverse Engineering — GCHQ Reverse Engineering — GCHQ Wiki Malware Analysis & Reverse Engineering — ACNO Skill Levels — GCHQ
Paul Merrell

CISA Cybersecurity Bill Advances Despite Privacy Concerns | WIRED - 0 views

www.wired.com/...nces-despite-privacy-critiques

surveillance state NSA cybersecurity legislation CISA privacy-loophole

shared by Paul Merrell on 13 Mar 15 - No Cached
  • For months, privacy advocates have been pointing to flaws in CISA, the new reincarnation of the cybersecurity bill known as CISPA that Congress has been kicking around since 2013. But today that zombie bill lurched one step closer to becoming law. The Senate Intelligence Committee passed the Cybersecurity Information Sharing Act, or CISA, by a vote of 14 to one Thursday afternoon. The bill, like the failed Cybersecurity Information Sharing and Protection Act that proceeded it, is designed to encourage the sharing of data between private companies and the government to prevent and respond to cybersecurity threats. But privacy critics have protested that CISA would create a legal framework for companies to more closely monitor internet users and share that data with government agencies.
  • After Thursday’s vote, Senator Ron Wyden—the only member of the Senate’s intelligence committee to vote against the bill—repeated those privacy concerns in a public statement. “If information-sharing legislation does not include adequate privacy protections then that’s not a cybersecurity bill—it’s a surveillance bill by another name,” he wrote. “It makes sense to encourage private firms to share information about cybersecurity threats. But this information sharing is only acceptable if there are strong protections for the privacy rights of law-abiding American citizens.”
  • Looking at the most recently revealed public version of CISA, privacy advocates have pointed out that it would allow sharing of personal data that goes beyond cybersecurity threats. It also allows the sharing of private sector data with the government that could prevent “terrorism” or an “imminent threat of death or serious bodily harm.” That language, Open Technology Institute privacy counsel Robyn Greene has argued, means CISA might “facilitate investigations into garden-variety violent crimes that have nothing to do with cyber threats.” “If that weren’t worrisome enough, the bill would also let law enforcement and other government agencies use information it receives to investigate, without a requirement for imminence or any connection to computer crime, even more crimes like carjacking, robbery, possession or use of firearms, ID fraud, and espionage,” Greene wrote in February. “While some of these are terrible crimes, and law enforcement should take reasonable steps to investigate them, they should not do so with information that was shared under the guise of enhancing cybersecurity.”
Paul Merrell

A Zombie Bill Comes Back to Life: A Look at The Senate's Cybersecurity Information Shar... - 0 views

www.eff.org/...y-information-sharing-act-2014

surveillance state NSA legislation Cybersecurity Bill Feinstein

shared by Paul Merrell on 12 Jul 14 - No Cached
  • The Senate Intelligence Committee recently introduced the Cybersecurity Information Sharing Act of 2014. It’s the fourth time in four years that Congress has tried to pass "cybersecurity" legislation. Unfortunately, the newest Senate bill is one of the worst yet. Cybersecurity bills aim to facilitate information sharing between companies and the government, but they always seem to come with broad immunity clauses for companies, vague definitions, and aggressive spying powers. Given such calculated violence to users' privacy rights, it’s no surprise that these bills fail every year. What is a surprise is that the bills keep coming back from the dead. Last year, President Obama signed Executive Order 13636 (EO 13636) directing the Department of Homeland Security (DHS) to expand current information sharing programs that are far more privacy protective than anything seen in recent cybersecurity bills. Despite this, members of Congress like Rep. Mike Rogers and Senator Dianne Feinstein keep on introducing bills that would destroy these privacy protections and grant new spying powers to companies.
  • Aside from its redundancy, the Senate's bill grants two new authorities to companies. First, the bill authorizes companies to launch countermeasures for a "cybersecurity purpose" against a "cybersecurity threat." "Cybersecurity purpose" is so broadly defined that it means almost anything related to protecting (including physically protecting) an information system, which can be a computer or software. The same goes for a "cybersecurity threat," which includes anything that "may result" in an unauthorized effort to impact the availability of the information system. Combined, the two definitions could be read by companies to permit attacks on machines that unwittingly contribute to network congestion. The countermeasures clause will increasingly militarize the Internet—a prospect that may appeal to some "active defense" (aka offensive) cybersecurity companies, but does not favor the everyday user. Second, the bill adds a new authority for companies to monitor information systems to protect an entity's rights or property. Here again, the broad definitions could be used in conjunction with the monitoring clause to spy on users engaged in potentially innocuous activity. Once collected, companies can then share the information, which is also called “cyber threat indicators,” freely with government agencies like the NSA.
  • Such sharing will occur because under this bill, DHS would no longer be the lead agency making decisions about the cybersecurity information received, retained, or shared to companies or within the government. Its new role in the bill mandates DHS send information to agencies like the NSA—"in real-time and simultaneous[ly]." DHS is even barred from "delay[ing]" or "interfer[ing]" with the information, which ensures that DHS's current privacy protections won’t be applied to the information. The provision is ripe for improper and over-expansive information sharing. This leads to a question: What stops your sensitive personal information from being shared by companies to the government? Almost nothing. Companies must only remove personally identifiable information if the information is known to be US person information and not directly related to the threat. Such a willful blindness approach is inappropriate. Further, the bill does not even impose this weak minimization requirement on information shared by, and within, the government (including federal, state, local, and tribal governments) thereby allowing the government to share information containing personally identifiable information. The bill should require deletion of all information not directly related to a threat.
  • ...2 more annotations...
  • Once the information is sent to a government agency, it can use the information for reasons other than for cybersecurity purposes. One clause even allows the information to be used to prosecute violations of the Espionage Act—a World War I era law that was meant to prosecute spies but has been used in recent years primarily to go after journalists’ sources. The provisions grant the government far too much leeway in how to use the information for non-cybersecurity purposes. The public won’t even know what information is being collected, shared, or used because the bill will exempt all of it from disclosure under the Freedom of Information Act.
  • The bill also retains near-blanket immunity for companies to monitor information systems, to share information, and to use countermeasures. The high bar immunizes an incredible amount of activity, including negligent damage to property and may deprive private entities of legal recourse if a computer security contractor is at fault for destruction of property. Existing private rights of action for violations of the Wiretap Act, Stored Communications Act, and the Computer Fraud and Abuse Act would be precluded or at least sharply restricted by the clause. It remains to be seen why such immunity is needed when just a few months ago, the FTC and DOJ noted they would not prosecute companies for sharing such information. It's also unclear because we continue to see companies freely share information among each other and with the government both publicly via published reports and privately.
Paul Merrell

Regional Leaders Back Venezuela at Panama Summit as US Blocks Final Declaration | venez... - 0 views

venezuelanalysis.com/11334

war & peace Summit-of-the-Americas Venezuela Obama Maduro

shared by Paul Merrell on 14 Apr 15 - No Cached
  • Regional leaders flocked to Panama City this past weekend for the VII Summit of the Americas, which has been widely hailed as a victory for left-leaning and progressive forces in the region, particularly Venezuela and Cuba.  The summit was marked by the historic presence of Cuba whose president Raul Castro addressed his counterparts and held face to face talks with Barack Obama, the first Cuban leader to do so since the socialist nation's US-imposed expulsion from the Organization of American States in 1962.
  • However, the much anticipated rapprochement between the two nations was largely upstaged by regional leaders' near uniform rejection of President Obama's March 9 Executive Order labeling Venezuela a "national security threat", which has been condemned by all 33 nations of the CELAC  (Community of Latin American and Caribbean States) and other regional bodies.  While positively noting the steps taken by Obama to reestablish bilateral ties with Cuba, Castro nonetheless criticized the US president for his aggressive measures against Venezuela. 
  • During his speech before the summit, Bolivian president Evo Morales slammed US imperial intervention in the region. "We don't want more Monroes in our continent, nor more Truman doctrine, nor more Reagan doctrine, nor more Bush doctrine. We don't want any more presidential decrees nor more executive orders declaring us threats to their country." 
  • ...6 more annotations...
  • "One point was important: health as a human right, and the U.S. government did not accept that health should be considered a human right [...] President Obama did not accept the document,” explained Bolivia's first indigenous president.  The previous Summit of the Americas held in Colombia in 2012 likewise failed to issue a final document due to US rejection of language opposing its blockade against Cuba. 
  • Towards the close of the summit, the US and Canada blocked the approval of a final declaration backed by the 33 other nations of the region, which was the result of four months of prior negotiations. The final declaration requires approval by consensus and the two North American nations opposed several points in the draft document, including health as a human right, technology transfers to developing countries, an end to electronic espionage, and the repeal of Obama's Executive Order.  The US-Canadian veto was criticized by Bolivian President Evo Morales. 
  • The Venezuelan head of state also named several key issues he called on Obama to address in the context of bilateral talks, including US refusal to "recognize our Revolution", the White House's Executive Decree, the US embassy's role in destabilization efforts, as well as US support for anti-government groups operating from US soil. 
  • Despite repeated calls throughout the summit for President Obama to repeal his Executive Order targeting Venezuela, the US administration has dug in its heels, refusing to repeal the decree.  Assistant Secretary of State for Western Hemisphere Affairs Roberta Jacobson stated on Saturday that although her government did not consider Venezuela a "threat", the Executive Order would not be repealed given that "it's something that's already been implemented."  The comments follow similar contradictory remarks by Barack Obama on Thursday who also denied that Venezuela posed a threat to the United States, an admission which has been hailed as a victory by President Nicolas Maduro, who initiated a petition campaign that has collected 13 million signatures against the Executive Order.
  • "We do not believe that Venezuela poses a threat to the United States, nor does the United States threaten the Venezuelan government," clarified Obama in an interview with EFE.  Nonetheless, the US leader indicated no intention of repealing the Executive Order, going on to justify the sanctions imposed on Venezuela, which are allegedly aimed at "discouraging human rights violations and corruption.”
  • The White House's Executive Order has over the past month ignited a global backlash against US aggression, a reaction which has been lamented by Jacobson.   “I am disappointed that there were not more countries to defend [the sanctions]. They were not made to harm Venezuelans or the Venezuelan government,” noted the Assistant Secretary of State.
Gary Edwards

New Snowden Statement: 'The Obama Administration Is Afraid of You' - 0 views

pjmedia.com/...dministration-is-afraid-of-you

Edward-Snowden NSA-Patriot-Act-NDAA freedom-liberty American-Revolution

shared by Gary Edwards on 03 Jul 13 - No Cached
  • Gary Edwards on 03 Jul 13
     
    "This just released by WikiLeaks: July 1st Statement from Super Patriot & NSA Whistleblower extraordinaire, Edward Snowden .......... One week ago I left Hong Kong after it became clear that my freedom and safety were under threat from my government for revealing the truth. My continued liberty has been owed to the efforts of friends new and old, family, and others who I have never met and probably never will. I trusted them with my life and they returned that trust with a faith in me for which I will always be thankful. On Thursday, President Obama declared before the world that he would not permit any diplomatic "wheeling and dealing" over my case. Yet now it is being reported that after promising not to do so, the President ordered his Vice President to pressure the leaders of nations from which I have requested protection to deny my asylum petitions. This kind of deception from a world leader is not justice, and neither is the extralegal penalty of exile. These are the old, bad tools of political aggression. Their purpose is to frighten, not me, but those who would come after me. For decades the United States of America have been one of the strongest defenders of the human right to seek asylum. Sadly, this right, laid out and voted for by the U.S. in Article 14 of the Universal Declaration of Human Rights, is now being rejected by the current government of my country. The Obama administration has now adopted the strategy of using citizenship as a weapon. Although I am convicted of nothing, it has unilaterally revoked my passport, leaving me a stateless person. Without any judicial order, the administration now seeks to stop me exercising a basic right. A right that belongs to everybody. The right to seek asylum. In the end the Obama administration is not afraid of whistleblowers like me, Bradley Manning or Thomas Drake. We are stateless, imprisoned, or powerless. No, the Obama administration is afraid of you. It is afraid of an informed, angry public de
Paul Merrell

Angela Merkel under pressure to reveal all about US spying agreement | World news | The... - 0 views

www.theguardian.com/...reveal-us-spying-agreement-nsa

surveillance state NSA Germany BND Merkel scandal

shared by Paul Merrell on 09 May 15 - No Cached
  • Angela Merkel’s reputation as an unassailable chancellor is under threat amid mounting pressure for her to reveal how much she knew about a German-supported US spying operation on European companies and officials. The onus on her government to deliver answers over the spying scandal has only increased with the Austrian government’s announcement that it has filed a legal complaint against an unnamed party over “covert intelligence to the detriment of Austria”. EADS, now Airbus, one of the companies known to have been spied on by the BND – Germany’s foreign intelligence agency – is also taking legal action, saying it will file a complaint with prosecutors in Germany. The BND stands accused of spying on behalf of America’s NSA on European companies such as EADS, as well as the French presidency and the EU commission. There are also suspicions that German government workers and journalists were spied on.
  • The scandal has already strained relations within Merkel’s grand coalition, with many observers commenting that Gabriel was seeing the affair as a chance to make political gains. Political observers were lining up to remark that the crisis is the single most critical of Merkel’s decade in government and could even lead to her and her government’s downfall.
  • While Merkel appeared to have remained relatively unscathed by the scandal until now, an opinion poll showed that most Germans believed the trustworthiness of the three-times chancellor was now seriously at stake. 62% of Germans said her credibility was in doubt, according to the poll, carried out by the Insa institute, while 18% said it was not. Merkel told Radio Bremen in an interview that she was prepared to speak out over the allegations to a parliamentary committee. “I will testify there and justify myself to them where it is required,” she told the broadcaster.
  • ...5 more annotations...
  • Sigmar Gabriel, the deputy chancellor and economy minister, who is also the leader of the SPD, upped the ante still further by relaying a conversation he had with Merkel in which he asked her twice if the government had evidence of economic espionage, and she said no. He added that if it emerged Germany had been involved in helping the NSA spy on companies, it would greatly strain relations between business and the government and “put a large burden on the trust the economy has in government behaviour”.
  • The Social Democrats (SPD), Merkel’s government partners, along with Germany’s federal public prosecutor, Harald Range, are demanding the release of a list of “selectors” – 40,000 search terms used in the spying operations – the results of which were passed on to the NSA. “The list must be published and only then is clarification possible,” said Christine Lambrecht, parliamentary head of the SPD faction. Merkel has so far refused to allow its release. Her spokesman, Steffen Seibert, said she would make a decision on whether or not to do so only “once consultations with the American partners are completed”. Thomas de Maizière, the interior minister and a close Merkel confidante, is under even more pressure than the chancellor over allegations he lied about what he knew of BND/NSA cooperation. On Wednesday he answered questions on the affair to a parliamentary committee investigating the row, but only in camera and in a bug-proof room. Among other alleged shortcomings over the affair, he stands accused of failing to act when the BND informed him of the espionage activities in 2008 when he was Merkel’s chief of staff. He has repeatedly been portrayed in the tabloid media with a Pinocchio nose.
  • But the scandal has its roots much further back than Merkel’s own government, harking to a time when Europe was gripped by the cold war. Both the US and the UK, as victors of the second world war who had Germany under close supervision, ran spying networks from Germany, most notably from Bad Aibling in Bavaria, the biggest listening station outside the US and Britain. Officially, the US withdrew its operations in 2004. But unofficially it stayed there under an agreement in which Germany agreed to hand over its intelligence findings in return for the highly sophisticated technology the US was able to provide. The events of 9/11 and the revelations that three of the pilots had lived in Germany undetected only served to increase the pressure the US was able to put on Germany that its presence was necessary. Bad Aibling, officially now solely a BND listening facility, was the post used by the NSA in the current scandal.
  • The affair has underlined just how dependent Germany still is on the US and to a lesser extent the UK, on issues of intelligence and defence. Their desire for still-closer cooperation culminated in Operation Monkey Shoulder (named after a blend of three different types of malt whiskys) involving the BND, NSA and MI6, Spiegel recently revealed. With such a background, the German government has to appear to be criticising the US at the same time as underlining the importance of cooperation. Merkel, who appeared to be hugely at odds with the US government when it was revealed in 2013 that the NSA’s mass intelligence operation included tapping her mobile phone, has so far responded in a characteristically vague and flat manner. While acknowledging that allies should not spy on each other, she has stressed that spying’s most important role is to prevent terrorist attacks. “The government will do everything to guarantee the ability of the intelligence services,” she said on Monday. “Taking terrorist threats into account, that ability is only possible in cooperation with other agencies. That very much includes the NSA, as well as others.”
  • Commenting on the crisis, Spiegel magazine called it the “biggest challenge that the ‘Merkel Regime’ has had to face”, and potentially the “turning point of her chancellorship”. “She enjoys such trust because many Germans feel she looks after the country’s needs and their own very well. But the scandal … could cause the foundations of her power to crumble,” the magazine said.
Paul Merrell

Documents: FBI Spyware Has Been Snaring Extortionists, Hackers for Years | Threat Level... - 0 views

www.wired.com/...fbi-spyware-pro

FBI Tor NSA surveillance state anonymizers

shared by Paul Merrell on 05 Oct 13 - No Cached
  • A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, newly declassified documents show. As first reported by Wired.com, the software, called a "computer and internet protocol address verifier," or CIPAV, is designed to infiltrate a target’s computer and gather a wide range of information, which it secretly sends to an FBI server in eastern Virginia. The FBI’s use of the spyware surfaced in 2007 when the bureau used it to track e-mailed bomb threats against a Washington state high school to a 15-year-old student. But the documents released Thursday under the Freedom of Information Act show the FBI has quietly obtained court authorization to deploy the CIPAV in a wide variety of cases, ranging from major hacker investigations, to someone posing as an FBI agent online. Shortly after its launch, the program became so popular with federal law enforcement that Justice Department lawyers in Washington warned that overuse of the novel technique could result in its electronic evidence being thrown out of court in some cases. "While the technique is of indisputable value in certain kinds of cases, we are seeing indications that it is being used needlessly by some agencies, unnecessarily raising difficult legal questions (and a risk of suppression) without any countervailing benefit," reads a formerly-classified March 7, 2002 memo from the Justice Department’s Computer Crime and Intellectual Property Section.
  • The documents, which are heavily redacted, do not detail the CIPAV’s capabilities, but an FBI affidavit in the 2007 case indicate it gathers and reports a computer’s IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer’s registered owner and registered company name; the current logged-in user name and the last-visited URL. After sending the information to the FBI, the CIPAV settles into a silent "pen register" mode, in which it lurks on the target computer and monitors its internet use, logging the IP address of every server to which the machine connects. The documents shed some light on how the FBI sneaks the CIPAV onto a target’s machine, hinting that the bureau may be using one or more web browser vulnerabilities. In several of the cases outlined, the FBI hosted the CIPAV on a website, and tricked the target into clicking on a link. That’s what happened in the Washington case, according to a formerly-secret planning document for the 2007 operation. "The CIPAV will be deployed via a Uniform Resource Locator (URL) address posted to the subject’s private chat room on MySpace.com."
  • The software’s primary utility appears to be in tracking down suspects that use proxy servers or anonymizing websites to cover their tracks.
  • ...1 more annotation...
  • The documents appear to settle one of the questions the FBI declined to answer in 2007: whether the bureau obtains search warrants before using the CIPAV, or if it sometimes relies on weaker "pen register" orders that don’t require a showing of probable cause that a crime has been committed. In all the criminal cases described in the documents, the FBI sought search warrants. The records also indicate that the FBI obtained court orders from the Foreign Intelligence Surveillance Court, which covers foreign espionage and terrorism investigations, but the details are redacted. The FBI released 152 heavily-redacted pages in response to Threat Level’s FOIA request, and withheld another 623.
  • Paul Merrell on 05 Oct 13
     
    The article summarizes many cases in which the CIPAV exploit was used by the FBI. But the article's closing observation that the released documents "whether the bureau obtains search warrants before using the CIPAV" stretches the evidence a bit too far, methinks. If they exist, the FBI very likely would not have produced records of incidents in which it used CIPAV without court authorization. 
Paul Merrell

Cy Vance's Proposal to Backdoor Encrypted Devices Is Riddled With Vulnerabilities | Jus... - 0 views

www.justsecurity.org/...evices-riddled-vulnerabilities

surveillance state encryption-backdoors Vance tyranny right-to-whisper

shared by Paul Merrell on 11 Dec 15 - No Cached
  • Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.
  • Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.
  • Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.
  • ...8 more annotations...
  • Vance attempts to downplay this serious risk by asserting that anyone can use the “Find My Phone” or Android Device Manager services that allow owners to delete the data on their phones if stolen. However, this does not stand up to scrutiny. These services are effective only when an owner realizes their phone is missing and can take swift action on another computer or device. This delay ensures some period of vulnerability. Encryption, on the other hand, protects everyone immediately and always. Additionally, Vance argues that it is safer to build backdoors into encrypted devices than it is to do so for encrypted communications in transit. It is true that there is a difference in the threats posed by the two types of encryption backdoors that are being debated. However, some manner of widespread vulnerability will inevitably result from a backdoor to encrypted devices. Indeed, the NSA and GCHQ reportedly hacked into a database to obtain cell phone SIM card encryption keys in order defeat the security protecting users’ communications and activities and to conduct surveillance. Clearly, the reality is that the threat of such a breach, whether from a hacker or a nation state actor, is very real. Even if companies go the extra mile and create a different means of access for every phone, such as a separate access key for each phone, significant vulnerabilities will be created. It would still be possible for a malicious actor to gain access to the database containing those keys, which would enable them to defeat the encryption on any smartphone they took possession of. Additionally, the cost of implementation and maintenance of such a complex system could be high.
  • Privacy is another concern that Vance dismisses too easily. Despite Vance’s arguments otherwise, building backdoors into device encryption undermines privacy. Our government does not impose a similar requirement in any other context. Police can enter homes with warrants, but there is no requirement that people record their conversations and interactions just in case they someday become useful in an investigation. The conversations that we once had through disposable letters and in-person conversations now happen over the Internet and on phones. Just because the medium has changed does not mean our right to privacy has.
  • In addition to his weak reasoning for why it would be feasible to create backdoors to encrypted devices without creating undue security risks or harming privacy, Vance makes several flawed policy-based arguments in favor of his proposal. He argues that criminals benefit from devices that are protected by strong encryption. That may be true, but strong encryption is also a critical tool used by billions of average people around the world every day to protect their transactions, communications, and private information. Lawyers, doctors, and journalists rely on encryption to protect their clients, patients, and sources. Government officials, from the President to the directors of the NSA and FBI, and members of Congress, depend on strong encryption for cybersecurity and data security. There are far more innocent Americans who benefit from strong encryption than there are criminals who exploit it. Encryption is also essential to our economy. Device manufacturers could suffer major economic losses if they are prohibited from competing with foreign manufacturers who offer more secure devices. Encryption also protects major companies from corporate and nation-state espionage. As more daily business activities are done on smartphones and other devices, they may now hold highly proprietary or sensitive information. Those devices could be targeted even more than they are now if all that has to be done to access that information is to steal an employee’s smartphone and exploit a vulnerability the manufacturer was required to create.
  • Vance also suggests that the US would be justified in creating such a requirement since other Western nations are contemplating requiring encryption backdoors as well. Regardless of whether other countries are debating similar proposals, we cannot afford a race to the bottom on cybersecurity. Heads of the intelligence community regularly warn that cybersecurity is the top threat to our national security. Strong encryption is our best defense against cyber threats, and following in the footsteps of other countries by weakening that critical tool would do incalculable harm. Furthermore, even if the US or other countries did implement such a proposal, criminals could gain access to devices with strong encryption through the black market. Thus, only innocent people would be negatively affected, and some of those innocent people might even become criminals simply by trying to protect their privacy by securing their data and devices. Finally, Vance argues that David Kaye, UN Special Rapporteur for Freedom of Expression and Opinion, supported the idea that court-ordered decryption doesn’t violate human rights, provided certain criteria are met, in his report on the topic. However, in the context of Vance’s proposal, this seems to conflate the concepts of court-ordered decryption and of government-mandated encryption backdoors. The Kaye report was unequivocal about the importance of encryption for free speech and human rights. The report concluded that:
  • States should promote strong encryption and anonymity. National laws should recognize that individuals are free to protect the privacy of their digital communications by using encryption technology and tools that allow anonymity online. … States should not restrict encryption and anonymity, which facilitate and often enable the rights to freedom of opinion and expression. Blanket prohibitions fail to be necessary and proportionate. States should avoid all measures that weaken the security that individuals may enjoy online, such as backdoors, weak encryption standards and key escrows. Additionally, the group of intelligence experts that was hand-picked by the President to issue a report and recommendations on surveillance and technology, concluded that: [R]egarding encryption, the U.S. Government should: (1) fully support and not undermine efforts to create encryption standards; (2) not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software; and (3) increase the use of encryption and urge US companies to do so, in order to better protect data in transit, at rest, in the cloud, and in other storage.
  • The clear consensus among human rights experts and several high-ranking intelligence experts, including the former directors of the NSA, Office of the Director of National Intelligence, and DHS, is that mandating encryption backdoors is dangerous. Unaddressed Concerns: Preventing Encrypted Devices from Entering the US and the Slippery Slope In addition to the significant faults in Vance’s arguments in favor of his proposal, he fails to address the question of how such a restriction would be effectively implemented. There is no effective mechanism for preventing code from becoming available for download online, even if it is illegal. One critical issue the Vance proposal fails to address is how the government would prevent, or even identify, encrypted smartphones when individuals bring them into the United States. DHS would have to train customs agents to search the contents of every person’s phone in order to identify whether it is encrypted, and then confiscate the phones that are. Legal and policy considerations aside, this kind of policy is, at the very least, impractical. Preventing strong encryption from entering the US is not like preventing guns or drugs from entering the country — encrypted phones aren’t immediately obvious as is contraband. Millions of people use encrypted devices, and tens of millions more devices are shipped to and sold in the US each year.
  • Finally, there is a real concern that if Vance’s proposal were accepted, it would be the first step down a slippery slope. Right now, his proposal only calls for access to smartphones and devices running mobile operating systems. While this policy in and of itself would cover a number of commonplace devices, it may eventually be expanded to cover laptop and desktop computers, as well as communications in transit. The expansion of this kind of policy is even more worrisome when taking into account the speed at which technology evolves and becomes widely adopted. Ten years ago, the iPhone did not even exist. Who is to say what technology will be commonplace in 10 or 20 years that is not even around today. There is a very real question about how far law enforcement will go to gain access to information. Things that once seemed like merely science fiction, such as wearable technology and artificial intelligence that could be implanted in and work with the human nervous system, are now available. If and when there comes a time when our “smart phone” is not really a device at all, but is rather an implant, surely we would not grant law enforcement access to our minds.
  • Policymakers should dismiss Vance’s proposal to prohibit the use of strong encryption to protect our smartphones and devices in order to ensure law enforcement access. Undermining encryption, regardless of whether it is protecting data in transit or at rest, would take us down a dangerous and harmful path. Instead, law enforcement and the intelligence community should be working to alter their skills and tactics in a fast-evolving technological world so that they are not so dependent on information that will increasingly be protected by encryption.
Paul Merrell

Fearing 'enemies,' Turkey blocks YouTube | Europe | DW.DE | 28.03.2014 - 0 views

www.dw.de/...a-17527006

war & peace Syria Turkey false-flag NATO YouTube Twitter

shared by Paul Merrell on 11 Apr 14 - No Cached
  • First Twitter, now YouTube. The Turkish telecoms authority TIB said the move to was an "administrative measure." But only a few hours before the measure came into force, a rather provocative recording was posted on the site. According to the official view, the audio clip is one of the most flagrant among the many that anonymous opponents of the government have been leaking online over the last few months. It exposes the Islamic-conservative government led by Prime Minister Recep Tayyip Erdogan just before the municipal elections scheduled to take place on March 30. The conversation that was leaked this time is between Foreign Minister Ahmet Davutoglu and several heads of the intelligence service and the military. Participants of the conversation were apparently looking for a reason to go to war with Syria.
  • According to reports from the Turkish newspaper Hürriyet, the Turkish foreign ministry has confirmed the authenticity of the recording and has explained that the conversation took place in the foreign ministry. The ministry also emphasized, however, that the contents of the recording were distorted. In a statement issued by the Ministry of Foreign Affairs this explanation was given: "Monitoring such a meeting of a highly confidential nature which was held at a location such as the office of the foreign minister, where the most sensitive security issues of the state are discussed; and releasing these conversations to the public are a despicable attack, an act of espionage and a very serious crime against the national security of Turkey. This incident reveals the extent the threats of cyber and electronic attacks that Turkey encounters." The statement called the perpetrators "enemies of our state" and said they would be identified and severely punished as soon as possible.
  • But according to the legal expert, another aspect of the problem is at stake here. "This is a case of espionage. The alleged conversation took place in a secure location and it is on a very sensitive topic - the question of whether there should or should not be a war with Syria," he says. Tokuzlu added that the content of the conversation was clearly supposed to be released to the public in order to influence the results of this Sunday's (30.03.2014) local elections. But blocking the whole YouTube site was never an appropriate solution, Tokuzlu maintains. "There is no reason to block entire sites. You could block individual accounts or videos; that would be legitimate in this sort of a case," he said. Tokuzlu also explained that blocking YouTube could not be compared with the move to block Twitter: "The Security Council in Turkey held an emergency meeting. Right after, YouTube was blocked. That shows how important this case is."
  • ...2 more annotations...
  • The Turkish radio and television supervisory board RTÜK banned several Turkish media outlets from spreading the video or communicating its contents. According to the newspaper Hürriyet, the Turkish federal prosecutor's office has already initiated investigations against those responsible for the video. Measures taken too far According to legal expert Bertan Tokuzlu, the recording gives the impression that the government wanted to make trouble internationally, in order to distract the public from internal problems. "If the government wanted to create a reason for war, that is absolutely not in keeping with international legal standards," says Tokuzlu.
  • The recording also mentions Turkish arms deliveries to Syrian opposition groups. "If that is the case and we have a war crime to deal with, then the public has a right to know this information, according to the European Court of Human Rights," Tokuzlu stressed, adding that the Turkish government's reaction to the publication of the conversation was very thin-skinned. "If the recording provides evidence of a war crime, then that might mean the government will be brought before a war crimes tribunal in the near future. That is a delicate subject."
  • Paul Merrell on 11 Apr 14
     
    This article is from 28 March 2014. The Turkish government a few days ago restored access to YouTube and Twitter, after reports that more than 300,000 Turks had thwarted the ban by learning to use Tor and VPN tunneling, posing a long-term obstacle to Turkish intelligence service surveillance. The Foreign Ministry recording was of the Foreign Minister and other high Turkish officials discussing plans for a false flag attack on Turkey to justify Turkey launching its own direct military attacks on Syria. Because Turkey is a member of NATO, an attack on Turkey triggers the obligations of other NATO member nations to join Turkey's "defense." 
Paul Merrell

Israel Spied on Iran Nuclear Talks With U.S. - WSJ - 0 views

www.wsj.com/...spied-on-iran-talks-1427164201

war & peace surveillance state Israel spying Iran-negotiations leaks-to-Congress

shared by Paul Merrell on 24 Mar 15 - No Cached
  • Soon after the U.S. and other major powers entered negotiations last year to curtail Iran’s nuclear program, senior White House officials learned Israel was spying on the closed-door talks. The spying operation was part of a broader campaign by Israeli Prime Minister Benjamin Netanyahu’s government to penetrate the negotiations and then help build a case against the emerging terms of the deal, current and former U.S. officials said. In addition to eavesdropping, Israel acquired information from confidential U.S. briefings, informants and diplomatic contacts in Europe, the officials said.
  • The espionage didn’t upset the White House as much as Israel’s sharing of inside information with U.S. lawmakers and others to drain support from a high-stakes deal intended to limit Iran’s nuclear program, current and former officials said. “It is one thing for the U.S. and Israel to spy on each other. It is another thing for Israel to steal U.S. secrets and play them back to U.S. legislators to undermine U.S. diplomacy,” said a senior U.S. official briefed on the matter.
  • The U.S. and Israel, longtime allies who routinely swap information on security threats, sometimes operate behind the scenes like spy-versus-spy rivals. The White House has largely tolerated Israeli snooping on U.S. policy makers—a posture Israel takes when the tables are turned. The White House discovered the operation, in fact, when U.S. intelligence agencies spying on Israel intercepted communications among Israeli officials that carried details the U.S. believed could have come only from access to the confidential talks, officials briefed on the matter said. Israeli officials denied spying directly on U.S. negotiators and said they received their information through other means, including close surveillance of Iranian leaders receiving the latest U.S. and European offers. European officials, particularly the French, also have been more transparent with Israel about the closed-door discussions than the Americans, Israeli and U.S. officials said.
  • ...11 more annotations...
  • Mr. Netanyahu and Israeli Ambassador Ron Dermer early this year saw a rapidly closing window to increase pressure on Mr. Obama before a key deadline at the end of March, Israeli officials said. Using levers of political influence unique to Israel, Messrs. Netanyahu and Dermer calculated that a lobbying campaign in Congress before an announcement was made would improve the chances of killing or reshaping any deal. They knew the intervention would damage relations with the White House, Israeli officials said, but decided that was an acceptable cost. The campaign may not have worked as well as hoped, Israeli officials now say, because it ended up alienating many congressional Democrats whose support Israel was counting on to block a deal. Obama administration officials, departing from their usual description of the unbreakable bond between the U.S. and Israel, have voiced sharp criticism of Messrs. Netanyahu and Dermer to describe how the relationship has changed.
  • “People feel personally sold out,” a senior administration official said. “That’s where the Israelis really better be careful because a lot of these people will not only be around for this administration but possibly the next one as well.” This account of the Israeli campaign is based on interviews with more than a dozen current and former U.S. and Israeli diplomats, intelligence officials, policy makers and lawmakers. Weakened ties Distrust between Mr. Netanyahu and Mr. Obama had been growing for years but worsened when Mr. Obama launched secret talks with Iran in 2012. The president didn’t tell Mr. Netanyahu because of concerns about leaks, helping set the stage for the current standoff, according to current and former U.S. and Israeli officials. U.S. officials said Israel has long topped the list of countries that aggressively spy on the U.S., along with China, Russia and France. The U.S. expends more counterintelligence resources fending off Israeli spy operations than any other close ally, U.S. officials said.
  • A senior official in the prime minister’s office said Monday: “These allegations are utterly false. The state of Israel does not conduct espionage against the United States or Israel’s other allies. The false allegations are clearly intended to undermine the strong ties between the United States and Israel and the security and intelligence relationship we share.” Current and former Israeli officials said their intelligence agencies scaled back their targeting of U.S. officials after the jailing nearly 30 years ago of American Jonathan Pollard for passing secrets to Israel. While U.S. officials may not be direct targets, current and former officials said, Israeli intelligence agencies sweep up communications between U.S. officials and parties targeted by the Israelis, including Iran. Americans shouldn’t be surprised, said a person familiar with the Israeli practice, since U.S. intelligence agencies helped the Israelis build a system to listen in on high-level Iranian communications.
  • As secret talks with Iran progressed into 2013, U.S. intelligence agencies monitored Israel’s communications to see if the country knew of the negotiations. Mr. Obama didn’t tell Mr. Netanyahu until September 2013. Israeli officials, who said they had already learned about the talks through their own channels, told their U.S. counterparts they were upset about being excluded. “ ‘Did the administration really believe we wouldn’t find out?’ ” Israeli officials said, according to a former U.S. official.
  • The episode cemented Mr. Netanyahu’s concern that Mr. Obama was bent on clinching a deal with Iran whether or not it served Israel’s best interests, Israeli officials said. Obama administration officials said the president was committed to preventing Iran from developing nuclear weapons. Mr. Dermer started lobbying U.S. lawmakers just before the U.S. and other powers signed an interim agreement with Iran in November 2013. Mr. Netanyahu and Mr. Dermer went to Congress after seeing they had little influence on the White House. Before the interim deal was made public, Mr. Dermer gave lawmakers Israel’s analysis: The U.S. offer would dramatically undermine economic sanctions on Iran, according to congressional officials who took part. After learning about the briefings, the White House dispatched senior officials to counter Mr. Dermer. The officials told lawmakers that Israel’s analysis exaggerated the sanctions relief by as much as 10 times, meeting participants said.
  • When the next round of negotiations with Iran started in Switzerland last year, U.S. counterintelligence agents told members of the U.S. negotiating team that Israel would likely try to penetrate their communications, a senior Obama administration official said. The U.S. routinely shares information with its European counterparts and others to coordinate negotiating positions. While U.S. intelligence officials believe secured U.S. communications are relatively safe from the Israelis, they say European communications are vulnerable. Mr. Netanyahu and his top advisers received confidential updates on the Geneva talks from Undersecretary of State for Political Affairs Wendy Sherman and other U.S. officials, who knew at the time that Israeli intelligence was working to fill in any gaps. The White House eventually curtailed the briefings, U.S. officials said, withholding sensitive information for fear of leaks. Current and former Israeli officials said their intelligence agencies can get much of the information they seek by targeting Iranians and others in the region who are communicating with countries in the talks. In November, the Israelis learned the contents of a proposed deal offered by the U.S. but ultimately rejected by Iran, U.S. and Israeli officials said. Israeli officials told their U.S. counterparts the terms offered insufficient protections.
  • U.S. officials urged the Israelis to give the negotiations a chance. But Mr. Netanyahu’s top advisers concluded the emerging deal was unacceptable. The White House was making too many concessions, Israeli officials said, while the Iranians were holding firm. Obama administration officials reject that view, saying Israel was making impossible demands that Iran would never accept. “The president has made clear time and again that no deal is better than a bad deal,” a senior administration official said. In January, Mr. Netanyahu told the White House his government intended to oppose the Iran deal but didn’t explain how, U.S. and Israeli officials said. On Jan. 21, House Speaker John Boehner (R., Ohio) announced Mr. Netanyahu would address a joint meeting of Congress. That same day, Mr. Dermer and other Israeli officials visited Capitol Hill to brief lawmakers and aides, seeking a bipartisan coalition large enough to block or amend any deal. Most Republicans were already prepared to challenge the White House on the negotiations, so Mr. Dermer focused on Democrats. “This deal is bad,” he said in one briefing, according to participants.
  • A spokesman for the Israeli embassy in Washington, Aaron Sagui, said Mr. Dermer didn’t launch a special campaign on Jan 21. Mr. Dermer, the spokesperson said, has “consistently briefed both Republican and Democrats, senators and congressmen, on Israel’s concerns regarding the Iran negotiations for over a year.” Mr. Dermer and other Israeli officials over the following weeks gave lawmakers and their aides information the White House was trying to keep secret, including how the emerging deal could allow Iran to operate around 6,500 centrifuges, devices used to process nuclear material, said congressional officials who attended the briefings. The Israeli officials told lawmakers that Iran would also be permitted to deploy advanced IR-4 centrifuges that could process fuel on a larger scale, meeting participants and administration officials said. Israeli officials said such fuel, which under the emerging deal would be intended for energy plants, could be used to one day build nuclear bombs. The information in the briefings, Israeli officials said, was widely known among the countries participating in the negotiations. When asked in February during one briefing where Israel got its inside information, the Israeli officials said their sources included the French and British governments, as well as their own intelligence, according to people there.
  • “Ambassador Dermer never shared confidential intelligence information with members of Congress,” Mr. Sagui said. “His briefings did not include specific details from the negotiations, including the length of the agreement or the number of centrifuges Iran would be able to keep.” Current and former U.S. officials confirmed that the number and type of centrifuges cited in the briefings were part of the discussions. But they said the briefings were misleading because Israeli officials didn’t disclose concessions asked of Iran. Those included giving up stockpiles of nuclear material, as well as modifying the advanced centrifuges to slow output, these officials said. The administration didn’t brief lawmakers on the centrifuge numbers and other details at the time because the information was classified and the details were still in flux, current and former U.S. officials said. Unexpected reaction The congressional briefings and Mr. Netanyahu’s decision to address a joint meeting of Congress on the emerging deal sparked a backlash among many Democratic lawmakers, congressional aides said.
  • On Feb. 3, Mr. Dermer huddled with Sen. Joe Manchin, a West Virginia Democrat, who said he told Mr. Dermer it was a breach of protocol for Mr. Netanyahu to accept an invitation from Mr. Boehner without going through the White House. Mr. Manchin said he told Mr. Dermer he would attend the prime minister’s speech to Congress, but he was noncommittal about supporting any move by Congress to block a deal. Mr. Dermer spent the following day doing damage control with Sen. Kirsten Gillibrand, a New York Democrat, congressional aides said. Two days later, Mr. Dermer met with Sen. Dianne Feinstein of California, the top Democrat on the SenateIntelligence Committee, at her Washington, D.C., home. He pressed for her support because he knew that she, too, was angry about Mr. Netanyahu’s planned appearance. Ms. Feinstein said afterward she would oppose legislation allowing Congress to vote down an agreement.
  • Congressional aides and Israeli officials now say Israel’s coalition in Congress is short the votes needed to pass legislation that could overcome a presidential veto, although that could change. In response, Israeli officials said, Mr. Netanyahu was pursuing other ways to pressure the White House. This week, Mr. Netanyahu sent a delegation to France, which has been more closely aligned with Israel on the nuclear talks and which could throw obstacles in Mr. Obama’s way before a deal is signed. The Obama administration, meanwhile, is stepping up its outreach to Paris to blunt the Israeli push. “If you’re wondering whether something serious has shifted here, the answer is yes,” a senior U.S. official said. “These things leave scars.”
  • Paul Merrell on 24 Mar 15
     
    Obama is moving preemptively to blunt Israel's influence in Congress on the Iran negotiation.
1 - 20 of 31 Next ›
Showing 20 items per page