Group items tagged

(Reuters) - The National Security Agency, hit by disclosures of classified data by former contractor Edward Snowden, said Thursday it intends to eliminate about 90 percent of its system administrators to reduce the number of people with access to secret information. Keith Alexander, the director of the NSA, the U.S. spy agency charged with monitoring foreign electronic communications, told a cybersecurity conference in New York City that automating much of the work would improve security."What we're in the process of doing - not fast enough - is reducing our system administrators by about 90 percent," he said.

The Guardian has released new documents from Edward Snowden showing how the U.S. National Security Agency targets internet anonymity tool Tor to gather intelligence. One of the documents, a presentation titled "Tor Stinks," bluntly acknowledges how effective the tool is: "We will never be able to de-anonymize all Tor users all the time. With manual analysis we can de-anonymize a very small fraction of Tor users, however, no success de-anonymizing a user in response to a TOPI request/on demand." (Other documents: presentation 1, presentation 2.) The NSA is able to extract information sometimes, though, and Bruce Schneier details what we know of that process in an article of his own. "The NSA creates 'fingerprints' that detect http requests from the Tor network to particular servers. These fingerprints are loaded into NSA database systems like XKeyscore, a bespoke collection and analysis tool which NSA boasts allows its analysts to see "almost everything" a target does on the internet. ... After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems." Schneier explains in a related article why it's important that we figure out exactly what the NSA is doing. "Given how inept the NSA was at protecting its own secrets, it's extremely unlikely that Edward Snowden was the first sysadmin contractor to walk out the door with a boatload of them. And the previous leakers could have easily been working for a foreign government."

The Guardian has released new documents from Edward Snowden showing how the U.S. National Security Agency targets internet anonymity tool Tor to gather intelligence. One of the documents, a presentation titled "Tor Stinks," bluntly acknowledges how effective the tool is: "We will never be able to de-anonymize all Tor users all the time. With manual analysis we can de-anonymize a very small fraction of Tor users, however, no success de-anonymizing a user in response to a TOPI request/on demand." (Other documents: presentation 1, presentation 2.) The NSA is able to extract information sometimes, though, and Bruce Schneier details what we know of that process in an article of his own. "The NSA creates 'fingerprints' that detect http requests from the Tor network to particular servers. These fingerprints are loaded into NSA database systems like XKeyscore, a bespoke collection and analysis tool which NSA boasts allows its analysts to see "almost everything" a target does on the internet. ... After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems." Schneier explains in a related article why it's important that we figure out exactly what the NSA is doing. "Given how inept the NSA was at protecting its own secrets, it's extremely unlikely that Edward Snowden was the first sysadmin contractor to walk out the door with a boatload of them. And the previous leakers could have easily been working for a foreign government."

Exclusive Above-top-secret details of Britain’s covert surveillance programme - including the location of a clandestine British base tapping undersea cables in the Middle East - have so far remained secret, despite being leaked by fugitive NSA sysadmin Edward Snowden. Government pressure has meant that some media organisations, despite being in possession of these facts, have declined to reveal them. Today, however, the Register publishes them in full.The secret British spy base is part of a programme codenamed “CIRCUIT” and also referred to as Overseas Processing Centre 1 (OPC-1). It is located at Seeb, on the northern coast of Oman, where it taps in to various undersea cables passing through the Strait of Hormuz into the Persian/Arabian Gulf. Seeb is one of a three site GCHQ network in Oman, at locations codenamed “TIMPANI”, “GUITAR” and “CLARINET”. TIMPANI, near the Strait of Hormuz, can monitor Iraqi communications. CLARINET, in the south of Oman, is strategically close to Yemen. British national telco BT, referred to within GCHQ and the American NSA under the ultra-classified codename “REMEDY”, and Vodafone Cable (which owns the former Cable & Wireless company, aka “GERONTIC”) are the two top earners of secret GCHQ payments running into tens of millions of pounds annually.

The actual locations of such codenamed “access points” into the worldwide cable backbone are classified 3 levels above Top Secret and labelled “Strap 3”. The true identities of the companies hidden behind codenames such as “REMEDY”, “GERONTIC”, “STREETCAR” or “PINNAGE” are classified one level below this, at “Strap 2”.After these details were withheld, the government opted not to move against the Guardian newspaper last year for publishing above-top-secret information at the lower level designated “Strap 1”. This included details of the billion-pound interception storage system, Project TEMPORA, which were revealed in 2013 and which have triggered Parliamentary enquiries in Britain and Europe, and cases at the European Court of Human Rights. The Guardian was forced to destroy hard drives of leaked information to prevent political embarrassment over extensive commercial arrangements with these and other telecommunications companies who have secretly agreed to tap their own and their customers’ or partners’ overseas cables for the intelligence agency GCHQ. Intelligence chiefs also wished to conceal the identities of countries helping GCHQ and its US partner the NSA by sharing information or providing facilities

According to documents revealed by Edward Snowden to journalists including Glenn Greenwald among others, the intelligence agency annually pays selected companies tens of millions of pounds to run secret teams which install hidden connections which copy customers' data and messages to the spooks’ processing centres. The GCHQ-contracted companies also install optical fibre taps or “probes” into equipment belonging to other companies without their knowledge or consent. Within GCHQ, each company has a special section called a “Sensitive Relationship Team” or SRT.BT and Vodafone/C&W also operate extensive long distance optical fibre communications networks throughout the UK, installed and paid for by GCHQ, NSA, or by a third and little known UK intelligence support organization called the National Technical Assistance Centre (NTAC).

On Tuesday, news site The Register published a story containing explosive "above top secret" information about Britain's surveillance programs, including details of a "clandestine British base tapping undersea cables in the Middle East." Reporter Duncan Campbell, who wrote the story, said it was based on documents "leaked by fugitive NSA sysadmin Edward Snowden" that other news outlets had declined to publish.  However, it's not necessarily clear how Campbell got his hands on Snowden's document stash.  Glenn Greenwald, who published the first stories based on Snowden's documents in The Guardian, told Business Insider on Tuesday that Snowden has "no source relationship" with Campbell. "Snowden has no source relationship with Duncan (who is a great journalist), and never provided documents to him directly or indirectly, as Snowden has made clear," Greenwald said in an email. "I can engage in informed speculation about how Duncan got this document — it's certainly a document that several people in the Guardian UK possessed — but how he got it is something only he can answer."

For his part, Campbell is not interested in discussing how he got the documents used for his story. "Journalists in the UK — just as in the US — do not reveal their sources, or respond to questions as to confidential sources. We protect them. That is our obligation and our duty," Campbell wrote in an email to Business Insider. This isn't the first story Campbell has published allegedly based on Snowden documents. Last August, Campbell wrote a piece for The Independent about the secret British surveillance base. In that article, Campbell suggested The Guardian "agreed to the Government’s request not to publish any material contained in the Snowden documents that could damage national security," including the existence of the surveillance base.

Greenwald responded with a column that included a statement from Snowden saying he had not worked with Campbell and speculating the documents were actually by the British government as part of an attempt to make the case his leaks were "harmful." In addition to Snowden's theory that Campbell may have obtained documents from a government source, it also seems possible he was leaked information by a Guardian staffer with access to the documents. Business Insider asked Guardian editor Alan Rusbridger about this possibility on Tuesday and received a response from a representative for the paper who said they have no idea how Campbell obtained any of Snowden's documents.  "We don't know who Mr Campbell's source is. We have always been open and transparent about all of our reporting partners," the representative  said.