Skip to main content

Home/ Socialism and the End of the American Dream/ Group items matching "NSA-targets-Americans" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
3More

Code words used in intercepted al Qaeda messages, US source says - 0 views

www.abc15.com/...-qaeda-messages-us-source-says surveillance state embassy-closures NSA lies
shared by Paul Merrell on 17 Aug 13 - No Cached
  • The intercepted al Qaeda communications that sparked the closure of U.S. embassies in the Middle East and North Africa contained specific words that American intelligence interpreted as a coded message for what they believed signaled a potentially imminent attack, CNN has learned.
  • A U.S. official declined to discuss specific code words on the intercepts but told CNN "there was a sense of imminence, a sense of the overall area at risk and the known actors. There was great concern." Members of Congress have indicated that National Security Agency surveillance programs played a role in intercepting and monitoring recent al Qaeda communications. The programs were defended by Secretary of State John Kerry on Tuesday. "A number of groups in the world have individually targeted not just American interests but free interests in the world," Kerry said during press conference in Brasilia, Brazil. "There have been bombings in many places in the world. Innocent people have lost their lives. And what the United States has been trying to do is prevent these things from happening beforehand by knowing what others might be plotting."
  • Paul Merrell on 17 Aug 13
     
    Kerry's quote is significant because it links the State Dept. embassy closures in Arab nations to Obama Administration advocacy for NSA surveillance programs. 
9More

Senate Investigation of Bush-Era Torture Erupts Into Constitutional Crisis | The Nation - 0 views

www.thenation.com/...e-erupts-constitutional-crisis surveillance state CIA Feinstein Senate-Intelligence-Committee
shared by Paul Merrell on 12 Mar 14 - No Cached
  • Here’s what Feinstein described Tuesday morning: At some time after the committee staff identified and reviewed the Internal Panetta Review documents, access to the vast majority of them was removed by the CIA. We believe this happened in 2010 but we have no way of knowing the specifics. Nor do we know why the documents were removed. The staff was focused on reviewing the tens of thousands of new documents that continued to arrive on a regular basis. […] Shortly [after Udall’s comments], on January 15, 2014, CIA Director Brennan requested an emergency meeting to inform me and Vice Chairman Chambliss that without prior notification or approval, CIA personnel had conducted a “search”—that was John Brennan’s word—of the committee computers at the offsite facility. This search involved not only a search of documents provided to the committee by the CIA, but also a search of the ”stand alone” and “walled-off” committee network drive containing the committee’s own internal work product and communications. According to Brennan, the computer search was conducted in response to indications that some members of the committee staff might already have had access to the Internal Panetta Review. The CIA did not ask the committee or its staff if the committee had access to the Internal Review, or how we obtained it. Instead, the CIA just went and searched the committee’s computers.
  • If what Feinstein alleges is true, it essentially amounts to a constitutional crisis. And she said as much during her speech, describing “a defining moment for the oversight of our intelligence community.” “I have grave concerns that the CIA’s search may well have violated the separation of powers principles embodied in the United States Constitution, including the Speech and Debate clause. It may have undermined the constitutional framework essential to effective congressional oversight of intelligence activities or any other government function,” Feinstein said. “Besides the constitutional implications, the CIA’s search may also have violated the Fourth Amendment, the Computer Fraud and Abuse Act, as well as Executive Order 12333, which prohibits the CIA from conducting domestic searches or surveillance.”
  • There’s also the issue of intimidation. The media reports that have been bubbling up recently around this issue have suggested that Senate investigators illegally obtained the Panetta review—some even raised the specter of hacking by the Senate investigators. The CIA went so far as to file a crime report with the Department of Justice, accusing Senate staffers of illegally obtaining the Panetta review. Tuesday morning, Feinstein strenuously denied the review was illegally obtained, and asserted it was included in the 6.2 million files turned over by the CIA and describing at length why Senate lawyers felt it was a lawful document for the committee to possess. And, in a remarkable statement, Feinstein accused the CIA of intimidation by filing the crime report. “[T]here is no legitimate reason to allege to the Justice Department that Senate staff may have committed a crime. I view the acting general counsel’s referral [to DoJ] as a potential effort to intimidate this staff—and I am not taking it lightly.” Feinstein went on to note one fairly amazing fact. The (acting) general counsel she referred to, who filed the complaint with DoJ, was a lawyer in the CIA’s counterterrorism center beginning in 2004. That means he was directly involved in legal justifications for the torture program. “And now this individual is sending a crimes report to the Department of Justice on the actions of congressional staff,” she noted gravely. “The same congressional staff who researched and drafted a report that details how CIA officers—including the acting general counsel himself—provided inaccurate information to the Department of Justice about the program.”
  • ...5 more annotations...
  • Feinstein included an interesting aside in her speech. “Let me note: because the CIA has refused to answer the questions in my January 23 letter, and the CIA inspector general review is ongoing, I have limited information about exactly what the CIA did in conducting its search.”
  • Also: remember that earlier this year, in response to a question from Senator Bernie Sanders, the National Security Agency did not expressly deny spying on Congress. The NSA may just have been being careful with its language, reasoning that since bulk data collection exists, perhaps members of Congress were caught up in it. But the question remains: if the CIA felt justified spying on Senate computers, may it have listened in on phone calls as well?
  • Feinstein’s grave concerns were echoed Tuesday morning by Senator Patrick Leahy, chair of the Senate Judiciary Committee. “This is not just about getting to the truth of the CIA’s shameful use of torture. This is also about the core founding principle of the separation of powers, and the future of this institution and its oversight role,” Leahy said in a statement. “The Senate is bigger than any one Senator. Senators come and go, but the Senate endures. The members of the Senate must stand up in defense of this institution, the Constitution, and the values upon which this nation was founded.”
  • Underlying this constitutional crisis is a desire by many at the CIA to sweep the Bush-era torture abuses under the rug. That logically would be the clear motivating factor in seizing the Panetta review from Senate investigators. And Brennan wasn’t afraid to keep pushing that approach—even during the same Tuesday interview with NBC’s Mitchell in which he denied “spying” on the Senate. Brennan also said that the CIA’s history of detention and interrogation should be “put behind us.” (It should be noted, of course, that there is strong circumstantial evidence that Brennan himself was complicit in the illegal torture program when he served in the Bush administration.) In the wake of her revelations on Tuesday, Feinstein renewed her desire to declassify the Senate report. “We’re not going to stop. I intend to move to have the findings, conclusions and the executive summary of the report sent to the president for declassification and release to the American people,” she said, and suggested the findings will shock the public. “If the Senate can declassify this report, we will be able to ensure that an un-American, brutal program of detention and interrogation will never again be considered or permitted.”
  • Obama has long said he supports declassification, and it seems it will happen soon. Tuesday, Feinstein was already moving to hold a committee vote on declassification. Committee Republicans will likely oppose it, but independent Senator Angus King, the swing vote, told reporters he is inclined to vote for declassification.
  • Paul Merrell on 12 Mar 14
     
    Note the error in the last quoted paragraph: Obama has said he supports declassification of the Senate report's *findings," not the entire report. That's likely over a 6,000-page difference.
17More

The Ruling Class Consensus On Domestic Spying | Online Library of Law and Liberty - 0 views

www.libertylawsite.org/...s-consensus-on-domestic-spying Angelo-Codevilla ruling-class-elites
shared by Gary Edwards on 25 Jun 13 - No Cached
  • This means that the US government’s vast apparatus is almost completely useless against serious terrorists or criminals, and useful primarily to do whatever the government might choose to innocent persons.
    • Gary Edwards
      Gary Edwards on 25 Jun 13
       
      Bold statement, but then how did the Fort Hood massacre and Boston Marathon massacre occur?  Plenty of email and phone call evidence in both cases.  Yet the government was caught totally unaware.  I guess it really depends on who the watchers are watching.  Proof is slowly being gathered that the watchers are watching those whom the government elites seek to destroy through blackmail, intimidation (IRS anyone?), and breach of Constitutional rights (take your pick of any three letter government agency acronym you like).
  • Ever since the 1970s, the art of code-making has surpassed the art of code-breaking – period.
  • Hence, on the high end, anyone can purchase voice and internet communications software that are beyond the capacity of anyone to access without an electronic key.
  • ...13 more annotations...
  • If collection is universal, the collectors don’t have to explain to others (or even to themselves) why they are targeting this person or group and not another. Possessing the data in secret, they can then decide in secret who they are really interested in.
  • That flight from responsibility is also why, in 1978, the intelligence agencies pressed Congress to pass the Foreign Intelligence Surveillance Act (FISA), under which the agencies submit their requests for detailed targeting, in secret, to a court that decides ex parte and in secret.
  • the FISA court. But that court acts not just in secret, but ex parte – hearing only one side.
  • The relevant question about the uses of the NSA programs, then, is simply “against whom, in the broad American public, is the US government likely to turn its animus?
  • Alas, the ruling class has shown itself all too able to treat domestic opponents as public enemies. But that is another story.
  • Another, PRISM, gives access to all records of email, chat, photos, videos and file transfers from the servers of leading US internet companies.
  • From Barack Obama to Karl Rove, the ruling class is in unison: The NSA’s collection of data on virtually all Americans is essential to preventing you from “being blown to smithereens on your morning commute”
  • Project Constant Informant, which tracks essentially all American phone calls, allows matching the account holder’s identity with each call’s precise location in time and place.
  • Here are the facts.
  • These programs stand between Americans and terrorists. Worries that they will be misused are misplaced or downright kooky.
  • In the words of General Keith Alexander, director of NSA, this surveillance has “helped to prevent” “dozens of terrorist events.”
  • anyone who has followed telecommunication technology and intelligence during the past three decades can only scoff at the claim that universal collection of telephone externals and access to internet traffic can thwart serious criminals or terrorists.
  • In fact, the expansion of the US government’s capacity to intrude on innocent communications happened just as technology enabled competent persons who intend to hide their communications to do so without fail.
1More

The End Of The Obama World Order - 0 views

www.blacklistednews.com/...M.html Obama
shared by Gary Edwards on 19 Jan 17 - No Cached
  • Gary Edwards on 19 Jan 17
     
    "For the past eight years, Barack Obama has been using the power of the U.S. presidency to impose his vision of a progressive world order on the entire globe.  As a result, much of the planet will greatly celebrate once the Obama era officially ends on Friday.  The Obama years brought us the Arab Spring, Benghazi, ISIS, civil war in Syria, civil war in Ukraine and the Iran nuclear deal.  On the home front, we have had to deal with Obamacare, "Fast and Furious", IRS targeting of conservative groups, Solyndra, the VA scandal, NSA spying and the worst "economic recovery" since the end of World War II.  And right at the end of his presidency, Barack Obama has committed the greatest betrayal of Israel in U.S. history and has brought us dangerously close to war with Russia. So is the end of the Obama world order worth celebrating? You better believe it is. Of course Obama and his minions are in a great deal of distress that much of their hard work over the past eight years is about to be undone by Donald Trump.  On Wednesday, Vice President Joe Biden warned the elitists gathered at the World Economic Forum in Davos that their "liberal world order" is in danger of collapsing…     Vice President Joe Biden delivered an epic final speech Wednesday to the elites at the World Economic Forum in Davos, Switzerland.   The gist of his speech was simple: At a time of "uncertainty" we must double down on the values that made Western democracies great, and not allow the "liberal world order" to be torn apart by destructive forces. And without a doubt, we definitely want it to collapse. During his time in the White House, Barack Obama has used the full diplomatic power of the government to promote "abortion rights", "gay rights" and other "liberal values" to the farthest corners of the globe.  Here at home, the appointment of two new Supreme Court justices under Obama paved the way for the Supreme Court decision that forced all 50 state
1More

Pandora Internet Radio - Listen to Free Music You'll Love - 0 views

www.pandora.com/...1484167889615808438 Edward-Snowden Lavabit
shared by Gary Edwards on 10 Aug 13 - No Cached
  • Gary Edwards on 10 Aug 13
     
    Bye bye encryption :( It's incredible to think this could happen in America. Marbux and I recently signed up for lavabit accounts, hoping to use the PGP encryption. And we knew uber patriot Edward Snowden had used Lavabit. Yet, it didn't occur to us that the Feds would shut demand their information and shut them down. We are fools. We take our freedom for granted and expect the Constitution to be upheld and adhered to. It's the law of the land, and no entity, public or private, can trump the law of the land. Yet, here we are. Totally trumped. No longer free. I feel like someone so used to the passing of night into day and back again, my freedom so caught up within the rhythms of the seasons and the passing of time that I am unable to see that it's become night time and darkness everywhere. There will be no return to sunlight unless we make it so. And the Guardian has it right: Cloud Computing will grind to a halt in the USSA. excerpt: "On Thursday afternoon, Ladar Levison, the owner and operator of Lavabit, an email service that prides itself on privacy and security, abruptly closed his website, posting a short message to his former users. "I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly 10 years of hard work by shutting down Lavabit," he wrote. "After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot." Levison might be gagged by the law, but it's not hard to guess at least part of the reason why his site is having legal troubles. In early July, journalists and human rights activists received an email from edsnowden@lavabit.com, inviting them to a press conference in Moscow's Sheremetyevo airport. Given the NSA leaker's understandable desire for security, it is not surprising that Edward Snowden would use a service designed for keeping messages out of prying hand
2More

N.S.A. Breached Chinese Servers Seen as Security Threat - NYTimes.com - 0 views

www.nytimes.com/...servers-seen-as-spy-peril.html surveillance state NSA NSA-targets China Huawei
shared by Paul Merrell on 24 Mar 14 - No Cached
  • American officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets.But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors — directly into Huawei’s networks.
  • Paul Merrell on 24 Mar 14
     
    New York TImes version of same story published yesterday by Der Spiegel, with much more detail in this version. 
5More

A Zombie Bill Comes Back to Life: A Look at The Senate's Cybersecurity Information Shar... - 0 views

www.eff.org/...y-information-sharing-act-2014 surveillance state NSA legislation Cybersecurity Bill Feinstein
shared by Paul Merrell on 12 Jul 14 - No Cached
  • The Senate Intelligence Committee recently introduced the Cybersecurity Information Sharing Act of 2014. It’s the fourth time in four years that Congress has tried to pass "cybersecurity" legislation. Unfortunately, the newest Senate bill is one of the worst yet. Cybersecurity bills aim to facilitate information sharing between companies and the government, but they always seem to come with broad immunity clauses for companies, vague definitions, and aggressive spying powers. Given such calculated violence to users' privacy rights, it’s no surprise that these bills fail every year. What is a surprise is that the bills keep coming back from the dead. Last year, President Obama signed Executive Order 13636 (EO 13636) directing the Department of Homeland Security (DHS) to expand current information sharing programs that are far more privacy protective than anything seen in recent cybersecurity bills. Despite this, members of Congress like Rep. Mike Rogers and Senator Dianne Feinstein keep on introducing bills that would destroy these privacy protections and grant new spying powers to companies.
  • Aside from its redundancy, the Senate's bill grants two new authorities to companies. First, the bill authorizes companies to launch countermeasures for a "cybersecurity purpose" against a "cybersecurity threat." "Cybersecurity purpose" is so broadly defined that it means almost anything related to protecting (including physically protecting) an information system, which can be a computer or software. The same goes for a "cybersecurity threat," which includes anything that "may result" in an unauthorized effort to impact the availability of the information system. Combined, the two definitions could be read by companies to permit attacks on machines that unwittingly contribute to network congestion. The countermeasures clause will increasingly militarize the Internet—a prospect that may appeal to some "active defense" (aka offensive) cybersecurity companies, but does not favor the everyday user. Second, the bill adds a new authority for companies to monitor information systems to protect an entity's rights or property. Here again, the broad definitions could be used in conjunction with the monitoring clause to spy on users engaged in potentially innocuous activity. Once collected, companies can then share the information, which is also called “cyber threat indicators,” freely with government agencies like the NSA.
  • Such sharing will occur because under this bill, DHS would no longer be the lead agency making decisions about the cybersecurity information received, retained, or shared to companies or within the government. Its new role in the bill mandates DHS send information to agencies like the NSA—"in real-time and simultaneous[ly]." DHS is even barred from "delay[ing]" or "interfer[ing]" with the information, which ensures that DHS's current privacy protections won’t be applied to the information. The provision is ripe for improper and over-expansive information sharing. This leads to a question: What stops your sensitive personal information from being shared by companies to the government? Almost nothing. Companies must only remove personally identifiable information if the information is known to be US person information and not directly related to the threat. Such a willful blindness approach is inappropriate. Further, the bill does not even impose this weak minimization requirement on information shared by, and within, the government (including federal, state, local, and tribal governments) thereby allowing the government to share information containing personally identifiable information. The bill should require deletion of all information not directly related to a threat.
  • ...2 more annotations...
  • Once the information is sent to a government agency, it can use the information for reasons other than for cybersecurity purposes. One clause even allows the information to be used to prosecute violations of the Espionage Act—a World War I era law that was meant to prosecute spies but has been used in recent years primarily to go after journalists’ sources. The provisions grant the government far too much leeway in how to use the information for non-cybersecurity purposes. The public won’t even know what information is being collected, shared, or used because the bill will exempt all of it from disclosure under the Freedom of Information Act.
  • The bill also retains near-blanket immunity for companies to monitor information systems, to share information, and to use countermeasures. The high bar immunizes an incredible amount of activity, including negligent damage to property and may deprive private entities of legal recourse if a computer security contractor is at fault for destruction of property. Existing private rights of action for violations of the Wiretap Act, Stored Communications Act, and the Computer Fraud and Abuse Act would be precluded or at least sharply restricted by the clause. It remains to be seen why such immunity is needed when just a few months ago, the FTC and DOJ noted they would not prosecute companies for sharing such information. It's also unclear because we continue to see companies freely share information among each other and with the government both publicly via published reports and privately.
11More

Cy Vance's Proposal to Backdoor Encrypted Devices Is Riddled With Vulnerabilities | Jus... - 0 views

www.justsecurity.org/...evices-riddled-vulnerabilities surveillance state encryption-backdoors Vance tyranny right-to-whisper
shared by Paul Merrell on 11 Dec 15 - No Cached
  • Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.
  • Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.
  • Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.
  • ...8 more annotations...
  • In addition to his weak reasoning for why it would be feasible to create backdoors to encrypted devices without creating undue security risks or harming privacy, Vance makes several flawed policy-based arguments in favor of his proposal. He argues that criminals benefit from devices that are protected by strong encryption. That may be true, but strong encryption is also a critical tool used by billions of average people around the world every day to protect their transactions, communications, and private information. Lawyers, doctors, and journalists rely on encryption to protect their clients, patients, and sources. Government officials, from the President to the directors of the NSA and FBI, and members of Congress, depend on strong encryption for cybersecurity and data security. There are far more innocent Americans who benefit from strong encryption than there are criminals who exploit it. Encryption is also essential to our economy. Device manufacturers could suffer major economic losses if they are prohibited from competing with foreign manufacturers who offer more secure devices. Encryption also protects major companies from corporate and nation-state espionage. As more daily business activities are done on smartphones and other devices, they may now hold highly proprietary or sensitive information. Those devices could be targeted even more than they are now if all that has to be done to access that information is to steal an employee’s smartphone and exploit a vulnerability the manufacturer was required to create.
  • Privacy is another concern that Vance dismisses too easily. Despite Vance’s arguments otherwise, building backdoors into device encryption undermines privacy. Our government does not impose a similar requirement in any other context. Police can enter homes with warrants, but there is no requirement that people record their conversations and interactions just in case they someday become useful in an investigation. The conversations that we once had through disposable letters and in-person conversations now happen over the Internet and on phones. Just because the medium has changed does not mean our right to privacy has.
  • Vance attempts to downplay this serious risk by asserting that anyone can use the “Find My Phone” or Android Device Manager services that allow owners to delete the data on their phones if stolen. However, this does not stand up to scrutiny. These services are effective only when an owner realizes their phone is missing and can take swift action on another computer or device. This delay ensures some period of vulnerability. Encryption, on the other hand, protects everyone immediately and always. Additionally, Vance argues that it is safer to build backdoors into encrypted devices than it is to do so for encrypted communications in transit. It is true that there is a difference in the threats posed by the two types of encryption backdoors that are being debated. However, some manner of widespread vulnerability will inevitably result from a backdoor to encrypted devices. Indeed, the NSA and GCHQ reportedly hacked into a database to obtain cell phone SIM card encryption keys in order defeat the security protecting users’ communications and activities and to conduct surveillance. Clearly, the reality is that the threat of such a breach, whether from a hacker or a nation state actor, is very real. Even if companies go the extra mile and create a different means of access for every phone, such as a separate access key for each phone, significant vulnerabilities will be created. It would still be possible for a malicious actor to gain access to the database containing those keys, which would enable them to defeat the encryption on any smartphone they took possession of. Additionally, the cost of implementation and maintenance of such a complex system could be high.
  • Vance also suggests that the US would be justified in creating such a requirement since other Western nations are contemplating requiring encryption backdoors as well. Regardless of whether other countries are debating similar proposals, we cannot afford a race to the bottom on cybersecurity. Heads of the intelligence community regularly warn that cybersecurity is the top threat to our national security. Strong encryption is our best defense against cyber threats, and following in the footsteps of other countries by weakening that critical tool would do incalculable harm. Furthermore, even if the US or other countries did implement such a proposal, criminals could gain access to devices with strong encryption through the black market. Thus, only innocent people would be negatively affected, and some of those innocent people might even become criminals simply by trying to protect their privacy by securing their data and devices. Finally, Vance argues that David Kaye, UN Special Rapporteur for Freedom of Expression and Opinion, supported the idea that court-ordered decryption doesn’t violate human rights, provided certain criteria are met, in his report on the topic. However, in the context of Vance’s proposal, this seems to conflate the concepts of court-ordered decryption and of government-mandated encryption backdoors. The Kaye report was unequivocal about the importance of encryption for free speech and human rights. The report concluded that:
  • States should promote strong encryption and anonymity. National laws should recognize that individuals are free to protect the privacy of their digital communications by using encryption technology and tools that allow anonymity online. … States should not restrict encryption and anonymity, which facilitate and often enable the rights to freedom of opinion and expression. Blanket prohibitions fail to be necessary and proportionate. States should avoid all measures that weaken the security that individuals may enjoy online, such as backdoors, weak encryption standards and key escrows. Additionally, the group of intelligence experts that was hand-picked by the President to issue a report and recommendations on surveillance and technology, concluded that: [R]egarding encryption, the U.S. Government should: (1) fully support and not undermine efforts to create encryption standards; (2) not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software; and (3) increase the use of encryption and urge US companies to do so, in order to better protect data in transit, at rest, in the cloud, and in other storage.
  • The clear consensus among human rights experts and several high-ranking intelligence experts, including the former directors of the NSA, Office of the Director of National Intelligence, and DHS, is that mandating encryption backdoors is dangerous. Unaddressed Concerns: Preventing Encrypted Devices from Entering the US and the Slippery Slope In addition to the significant faults in Vance’s arguments in favor of his proposal, he fails to address the question of how such a restriction would be effectively implemented. There is no effective mechanism for preventing code from becoming available for download online, even if it is illegal. One critical issue the Vance proposal fails to address is how the government would prevent, or even identify, encrypted smartphones when individuals bring them into the United States. DHS would have to train customs agents to search the contents of every person’s phone in order to identify whether it is encrypted, and then confiscate the phones that are. Legal and policy considerations aside, this kind of policy is, at the very least, impractical. Preventing strong encryption from entering the US is not like preventing guns or drugs from entering the country — encrypted phones aren’t immediately obvious as is contraband. Millions of people use encrypted devices, and tens of millions more devices are shipped to and sold in the US each year.
  • Finally, there is a real concern that if Vance’s proposal were accepted, it would be the first step down a slippery slope. Right now, his proposal only calls for access to smartphones and devices running mobile operating systems. While this policy in and of itself would cover a number of commonplace devices, it may eventually be expanded to cover laptop and desktop computers, as well as communications in transit. The expansion of this kind of policy is even more worrisome when taking into account the speed at which technology evolves and becomes widely adopted. Ten years ago, the iPhone did not even exist. Who is to say what technology will be commonplace in 10 or 20 years that is not even around today. There is a very real question about how far law enforcement will go to gain access to information. Things that once seemed like merely science fiction, such as wearable technology and artificial intelligence that could be implanted in and work with the human nervous system, are now available. If and when there comes a time when our “smart phone” is not really a device at all, but is rather an implant, surely we would not grant law enforcement access to our minds.
  • Policymakers should dismiss Vance’s proposal to prohibit the use of strong encryption to protect our smartphones and devices in order to ensure law enforcement access. Undermining encryption, regardless of whether it is protecting data in transit or at rest, would take us down a dangerous and harmful path. Instead, law enforcement and the intelligence community should be working to alter their skills and tactics in a fast-evolving technological world so that they are not so dependent on information that will increasingly be protected by encryption.
2More

Redaction error reveals FBI did target Lavabit to spy on Edward Snowden | Technology | ... - 0 views

www.theguardian.com/...dar-lavabit-spy-edward-snowden surveillance state NSA Lavabit Snowden litigation
shared by Paul Merrell on 21 Mar 16 - No Cached
  • A redaction oversight by the US government has finally confirmed that the Federal Bureau of Investigation’s targeting of secure email service Lavabit was used specifically to spy on Edward Snowden. Ladar Levison, creator of the email service, which was founded on a basis of private communications secured by encryption and had 410,000 users, was served a sealed order in 2013 forcing him to aid the FBI in its surveillance of Snowden. Levison was ordered to install a surveillance package on his company’s servers and later to turn over Lavabit’s encryption keys so that it would give the FBI the ability to read the most secure messages that the company offered. He was also ordered not to disclose the fact to third-parties. After 38 days of legal fighting, a court appearance, subpoena, appeals and being found in contempt of court, Levison abruptly shuttered Lavabit citing government interference and stating that he would not become “complicit in crimes against the American people”.
  • We now know that reports of Snowden’s use of Lavabit for his secure communications were true and that, as most presumed, the reason the FBI drove Lavabit into closure was to surveil the leaker of the NSA files. Documents obtained from the federal court were published by transparency organisation Cryptome, as noted by Wired’s Kim Zetter, revealing that “Ed_Snowden@lavabit.com” was the intended target of the action against Lavabit. The documents were released after legal action from Levison, who has been fighting in an attempt to lift himself from his order of silence and reveal what really happened. A motion filed in December prompted the court to order the release of files within the case, specifically with the identity of the subscriber redacted. As the documents show, that didn’t happen. Snowden’s email address was left unredacted, and while Levison is still under order not to reveal who the FBI was after, the redaction error has confirmed Snowden as the target.
4More

Dutch intelligence agency AIVD hacks internet forums - nrc.nl - 0 views

www.nrc.nl/...gency-aivd-hacks-internet-fora surveillance state Dutch social media web-databases
shared by Paul Merrell on 01 Dec 13 - No Cached
  • The Dutch intelligence service - AIVD - hacks internet web forums to collect the data of all users. The majority of these people are unknown to the intelligence services and are not specified as targets when the hacking and data-collection process starts. A secret document of former NSA-contractor Edward Snowden shows that the AIVD use a technology called Computer Network Exploitation – CNE – to hack the web forums and collect the data.
  • Nico van Eijk, a Dutch professor in Information Law, is of the opinion that the Dutch intelligence service has crossed the boundaries of Dutch legislation. “They use sweeps to collect data from all users of web forums. The use of these techniques could easily lead to mass surveillance by the government.” IT specialist Matthijs Koot says that the exploitation of this technology can lead to a blurring of the lines between normal citizens and legitimate targets of the intelligence services. The document summarizes a meeting held on February 14, 2013 between officials of the NSA and the Dutch intelligence services - AIVD and MIVD. During this meeting Dutch officials briefed their American counterparts on the way they target web forums with the CNE technique. “They acquire MySQL databases via CNE access”, the document reads. MySQL is free open source software used to build databases for web forums. These databases contain all the posts of all the users of the forum and their personal data. During the meeting Dutch intelligence officers explained how they use the information in the database. In order to identify targets. According to the document the Dutch “are looking at marrying the forum data with other social network info, and trying to figure out good ways to mine the data that they have.”
  • A group of Dutch members of parliament have called for a parliamentary inquiry into the way the secret services are collecting and using data. The Dutch intelligence services have been previously criticised by an oversight committee for the way in which they have used legally intercepted data. According to this committee the search queries the intelligence services used to filter the data, were not specific enough. The use of generic queries, the committee concluded, was “not in accordance with Dutch law”. A spokesperson for the Dutch government refused to comment on the use of data from web forums by the AIVD, but stated that the intelligence services are allowed to hack computers. A spokesperson for the American government stated that the publication of classified information is a threat to US national security.
  • Paul Merrell on 01 Dec 13
     
    Oooh ... Entire social media SQL databases. Content, user security stuff, the works. Big, big, big haystacks.
6More

1975 Video: CIA Admits to Congress the Agency Uses Mainstream Media to Distribute Disin... - 0 views

truthstreammedia.com/am-media-to-distribute-disinfo war & peace CIA disinformation propaganda
shared by Paul Merrell on 16 Jan 15 - No Cached
  • It has been verified by a source who claims she was there that then-CIA Director William Casey did in fact say the controversial and often-disputed line “We’ll know our disinformation program is complete when everything the American public believes is false,” reportedly in 1981. Despite Casey being under investigation by Congress for being involved in a major disinformation plot involving the overthrow of Libya’s Qaddafi in 1981, and despite Casey arguing on the record that the CIA should have a legal right to spread disinformation via the mainstream news that same year, this quote continues to be argued by people who weren’t there and apparently cannot believe a CIA Director would ever say such a thing. But spreading disinfo is precisely what the CIA would — and did — do. This 1975 clip of testimony given during a House Intelligence Committee hearing has the agency admitting on record that the CIA creates and uses disinformation against the American people.
  • Question: “Do you have any people being paid by the CIA who are contributing to a major circulation — American journal?” Answer: “We do have people who submit pieces to American journals.” Question: “Do you have any people paid by the CIA who are working for television networks?” Answer: “This I think gets into the kind of uh, getting into the details Mr. Chairman that I’d like to get into in executive session.” (later) Question: “Do you have any people being paid by the CIA who are contributing to the national news services — AP and UPI?” Answer: “Well again, I think we’re getting into the kind of detail Mr. Chairman that I’d prefer to handle at executive session.”
  • It’s easy enough to read between the lines on the stuff that was saved for the executive session. Then-CBS President Sig Mickelson goes on to say that the relationships at CBS with the CIA were long established before he ever became president — and that’s just one example. Considering 90% of our media today has been consolidated into six major corporations over the past decade, it’s not hard to see that you shouldn’t readily believe everything you see, hear or read in the “news.” “I thought that it was a matter of real concern that planted stories intended to serve a national purpose abroad came home and were circulated here and believed here because this would mean that the CIA could manipulate the news in the United States by channeling it through some foreign country,” Democratic Idaho Senator Frank Church said at a press conference surrounding the hearing. Church chaired the Church Committee, a precursor to the Senate Intelligence Committee, which was responsible for investigating illegal intelligence gathering by the NSA, CIA and FBI. This exact tactic — planting disinformation in foreign media outlets so the disinfo would knowingly surface in the United States as a way of circumventing the rules on domestic operations — was specifically argued for as being legal simply because it did not originate on U.S. soil by none other than CIA Director William Casey in 1981.
  • ...2 more annotations...
  • Former President Harry S. Truman, who oversaw the creation of the CIA in 1947 when he signed the National Security Act, later wrote that he never intended the CIA for more than intelligence gathering. “I never had any thought that when I set up the CIA that it would be injected into peacetime cloak and dagger operations,” Truman penned in 1963 a year after the disastrous CIA Bay of Pigs operation.
  • Again, please keep this in mind when you watch the mainstream “news” in this country… “In their propaganda today’s dictators rely for the most part on repetition, supression and rationalization – the repetition of catchwords which they wish to be accepted as true, the supression of facts which they wish to be ignored, the arousal and rationalization of passions which may be used in the interests of the Party or the State. As the art and science of manipulation come to be better understood, the dictators of the future will doubtless learn to combine these techniques with the non-stop distractions which, in the West, are now threatening to drown in a sea of irrelevance the rational propaganda essential to the maintenance of individual liberty and the survival of democratic institutions.” Aldous Huxley, “Propaganda in a Democratic Society” Brave New World Revisited
  • Paul Merrell on 16 Jan 15
     
    It says something about how lawless the federal government has become that CIA still has no Congressional authority to do anything other than gather intelligence. No legal authority for overthrowing foreign governments, waging proxy wars, inflicting drone strikes, for none of its cloak-and-dagger operations. 
5More

How Congress unknowingly legalized PRISM in 2007 - 0 views

www.washingtonpost.com/...wingly-legalized-prism-in-2007 surveillance state NSA social media congress prism
shared by Paul Merrell on 08 Jun 13 - No Cached
  • On Sept. 11, 2007, the National Security Agency signed up Microsoft as its first partner for PRISM, a massive domestic surveillance program whose existence was reported by the Washington Post today. That’s barely a month after Congress passed, and President George W. Bush signed, the Protect America Act.
  • The Bush Administration portrayed the PAA as a technical fix designed to close a gap in America’s surveillance capabilities that had been opened by a then-recent ruling of the secretive Foreign Intelligence Surveillance Court (FISC). It proved to be much more than that. While the details are still classified, reports suggested that the FISC had ruled that it was illegal for the government to intercept communications between two foreign endpoints if the communications happened to pass through the United States. Warning that the U.S. would suddenly lose the ability to continue its surveillance of terrorists, the administration pushed the PAA through Congress in a matter of days.
  • In reality, the PAA represented a sweeping change to American surveillance law. Before conducting surveillance, the PAA only required executive branch officials to “certify” that there were “reasonable procedures” in place for ensuring that surveillance “concerns” persons located outside the United States and that the foreign intelligence is a “significant purpose” of the program. A single certification could cover a broad program intercepting the communications of numerous individuals. And there was no requirement for judicial review of individual surveillance targets within a “certified” program.
  • ...2 more annotations...
  • Today’s report suggests that the moment the PAA was the law of the land, the NSA started using it to obtain unfettered access to the servers of the nation’s leading online services. To comply with the requirement that the government not target Americans, PRISM searches are reportedly “designed to produce at least 51 percent confidence in a target’s ‘foreignness’” — the lowest conceivable standard. PRISM training materials reportedly instruct users that if searches happen to turn up the private information of Americans, “it’s nothing to worry about.”
  • Retroactive immunity for telecom companies dominated the 2008 debate, overshadowing the more important issue of the sweeping new powers that Congress had just granted to the executive branch. When Congress finally passed the FISA Amendments Act in July 2008, it included both immunity and a four-year extension of the government’s warrantless spying powers. But few members of Congress realized the breadth of the surveillance powers they were effectively approving.
3More

Facebook, Apple, Microsoft, Skype & Yahoo Hit With Prism Data Protection Complaints In ... - 0 views

techcrunch.com/...europe-v-prism surveillance state NSA EU PRISM investigation Facebook Apple Microsoft Skype Yahoo!
shared by Paul Merrell on 26 Jun 13 - No Cached
  • The European data protection activists behind the Europe v Facebook (evf) campaign group, that has long been a thorn in Facebook’s side in Europe, have filed new complaints under regional data protection law targeting Facebook, Apple, Microsoft, Skype and Yahoo for their alleged collaboration with the NSA’s Prism data collection program. The student activist organisation is targeting the European subsidiaries of these five U.S. companies, arguing that their corporate structure means they fall fully under European privacy laws despite being U.S. headquartered companies. And yet, being as they are U.S. companies, they are required to comply with U.S. surveillance laws — putting them in the “tricky” situation of having to comply with potentially conflicting legal requirements. It’s that legal conflict evf is now probing.
  • Evf takes the view that the law needs clarifying — and it using these new data protection complaints as the vehicle to obtain clarification from the various regional data protection agencies. Facebook and Apple; Microsoft and Skype; and Yahoo have subsidiaries in Ireland, Luxembourg and Germany respectively. ”We want a clear statement by the authorities if a European company may simply give foreign intelligence agencies access to its customer data. If this turns out to be legal, then we might have to change the laws,” noted evf speaker, Max Schrems, in a statement. The key question, as evf sees it, is whether “mass transfer” of personal data from to a foreign intelligence agency is legal under European law.  ”Many journalists have asked us in recent weeks if PRISM is legal from a EU perspective. We have looked at that a little closer. The result was – after consulting with legal experts – that it is very likely illegal under EU data protection laws, because of the corporate structure of the companies,” added Schrems. Google and YouTube have not been included in this first round of evf complaints being as they have a different corporate structure that does not include European subsidiaries. However it notes they do have datacenters in European countries, which will give evf a route to filing Prism-related data protection complaints against both at a later date.
  • Writing in a press notice announcing its new action, evf added: If a European subsidiary sends user data to the American parent company, this is considered an “export” of personal data. Under EU law, an export of data is only allowed if the European subsidiary can ensure an “adequate level or protection” in the foreign country. After the recent disclosures on the “PRISM” program such trust in an “adequate level of protection” by the involved companies can hardly be upheld. There can in no way be an adequate level of protection if they cooperate with the NSA on the other end of the line. Right now an export of data to the US must be seen as illegal if the involved companies cannot disprove the reports on the PRISM program. According to evf, the subsidiaries being targeted by these complaints have “the burden of proof” — to either “credibly assure” that the Prism program is a hoax, or “explain how mass access by a foreign intelligence agency interplays with EU data protection laws”. Evf cites a 2006 case precedent involving payment processor SWIFT which had forwarded transaction details to U.S. authorities. In that case it says a group of EU data protection authorities decided that such a mass data transfer is illegal under EU law, leading to SWIFT to move European data to a server in Switzerland. The case also led to an agreement between the U.S. and the EU on the use of payment data to combat crime.
3More

ACLU Demands Secret Court Hand Over Crucial Rulings On Surveillance Law - 0 views

www.mintpressnews.com/...221667 surveillance state FISA-Court opinions disclosure litigation ACLU
shared by Paul Merrell on 24 Oct 16 - No Cached
  • The American Civil Liberties Union (ACLU) has filed a motion to reveal the secret court opinions with “novel or significant interpretations” of surveillance law, in a renewed push for government transparency. The motion, filed Wednesday by the ACLU and Yale Law School’s Media Freedom and Information Access Clinic, asks the Foreign Intelligence Surveillance Act (FISA) Court, which rules on intelligence gathering activities in secret, to release 23 classified decisions it made between 9/11 and the passage of the USA Freedom Act in June 2015. As ACLU National Security Project staff attorney Patrick Toomey explains, the opinions are part of a “much larger collection of hidden rulings on all sorts of government surveillance activities that affect the privacy rights of Americans.” Among them is the court order that the government used to direct Yahoo to secretly scanits users’ emails for “a specific set of characters.” Toomey writes: These court rulings are essential for the public to understand how federal laws are being construed and implemented. They also show how constitutional protections for personal privacy and expressive activities are being enforced by the courts. In other words, access to these opinions is necessary for the public to properly oversee their government.
  • Although the USA Freedom Act requires the release of novel FISA court opinions on surveillance law, the government maintains that the rule does not apply retroactively—thereby protecting the panel from publishing many of its post-9/11 opinions, which helped create an “unprecedented buildup” of secret surveillance laws. Even after National Security Agency (NSA) whistleblower Edward Snowden revealed the scope of mass surveillance in 2013, sparking widespread outcry, dozens of rulings on spying operations remain hidden from the public eye, which stymies efforts to keep the government accountable, civil liberties advocates say. “These rulings are necessary to inform the public about the scope of the government’s surveillance powers today,” the ACLU’s motion states.
  • Toomey writes that the rulings helped influence a number of novel spying activities, including: The government’s use of malware, which it calls “Network Investigative Techniques” The government’s efforts to compel technology companies to weaken or circumvent their own encryption protocols The government’s efforts to compel technology companies to disclose their source code so that it can identify vulnerabilities The government’s use of “cybersignatures” to search through internet communications for evidence of computer intrusions The government’s use of stingray cell-phone tracking devices under the Foreign Intelligence Surveillance Act (FISA) The government’s warrantless surveillance of Americans under FISA Section 702—a controversial authority scheduled to expire in December 2017 The bulk collection of financial records by the CIA and FBI under Section 215 of the Patriot Act Without these rulings being made public, “it simply isn’t possible to understand the government’s claimed authority to conduct surveillance,” Toomey writes. As he told The Intercept on Wednesday, “The people of this country can’t hold the government accountable for its surveillance activities unless they know what our laws allow. These secret court opinions define the limits of the government’s spying powers. Their disclosure is essential for meaningful public oversight in our democracy.”
4More

Espionage Act Case Was "Overcharged," Defense Says | Federation Of American Scientists - 0 views

fas.org/...esp-act-overcharged war & peace Espionage-Act over-charging
shared by Paul Merrell on 30 Jun 14 - No Cached
  • In 2012, former Navy linguist James F. Hitselberger was indicted on two felony counts under the Espionage Act statutes after several classified documents were found in his possession. In 2013, a superseding indictment charged him with another four felony counts. But in the end, Mr. Hitselberger pleaded guilty this year to a single misdemeanor charge of removing classified documents without authorization. Now both the defense and the prosecution are endorsing Hitselberger’s request that any jail penalty be limited to the time he has already served, including two months in DC jail and eight months of home confinement. The sentencing hearing is scheduled for July 17. Despite the stark disparity between the multiple felony counts with which Hitselberger was charged, and the single misdemeanor of which he was convicted, the prosecution said that it had no second thoughts about the way the matter was handled.
  • “It is important to note that the government’s case against Mr. Hitselberger did not collapse,” prosecutors said in a June 27 sentencing memorandum. To the contrary, prosecutors wrote, “in several ways, the government’s case became stronger than what it had been when the charges were first obtained.” Defense attorneys disputed that assertion and said the government had overreached. “At a minimum, the evidence demonstrates that the government significantly overcharged the case, and the guilty plea to a misdemeanor not only was the appropriate result, but also demonstrates how the offense should have been charged from the beginning,” the defense wrote in a June 27 reply. The mountain of Espionage Act charges that yielded a molehill of a misdemeanor in this case recalls a similar progression in the prosecution of former NSA official Thomas Drake, where ten felony counts gave way to a technical misdemeanor. This recurring pattern may indicate that overcharging is a standard prosecutorial approach to such cases, or that the judicial process is effectively winnowing out excessive felony charges, or perhaps both.
  • A June 26 sentencing memorandum submitted by the defense presented its own account of the facts of the case, along with several moving testimonials from Hitselberger’s friends and relatives as to his character. In another pending Espionage Act case, the Obama Administration must decide if it will pursue a subpoena against New York Times reporter James Risen. For a current update, see Reporter’s Case Poses Dilemma for Justice Dept. by Jonathan Mahler, New York Times, June 27.
  • Paul Merrell on 30 Jun 14
     
    Charged with 6 Espionage Act felonies, plea-bargained down to a single misdemeanor and recommended sentence of time served. Reading the linked court documents, it was a case that should have resulted in a verbal reprimand by the military commander. 
2More

Who are ISIS' American recruits? - CNN.com - 0 views

edition.cnn.com/...index.html surveillance state Patriot-Act sunset ISIL propaganda
shared by Paul Merrell on 09 May 15 - No Cached
  • (CNN)Elton Simpson -- one of the gunmen who opened fire Sunday at an event in Garland, Texas, that was celebrating cartoonists who had drawn pictures of the Prophet Mohammed -- appears to have declared his allegiance to ISIS in a tweet before the attack. Simpson also apparently had online ties to a British ISIS recruit believed to be in Syria. Simpson, who was shot to death by police, is far from the only American who who has been drawn to the black flags of ISIS as well as to the al Qaeda affiliate in Syria known as the Nusra Front.There are 62 individuals in the United States that New America has identified in public records or news accounts who have tried to join militant groups in Syria such as ISIS or Nusra, or have succeeded in joining such groups, or have helped others to join such groups.
  • Paul Merrell on 09 May 15
     
    The tube has been full of this kind of stuff today, plus the U.S. military has raised its alert status in the U.S. A lot of politics of fear stuff. Undoubtedly, it's because a few sections of the Patriot Act are to sunset on June 1 and the NSA bootlickers are having trouble getting those sections renewed by Congress. So a big dose of fear to ease the legislative path. 
5More

U.S. "Humanitarian" Bombing of Iraq: A Redundant Presidential Ritual - The Intercept - 0 views

firstlook.org/...-redundant-presidential-ritual war & peace Iraq U.S.-foreign-policy Obama Big-Energy humanitarian-wars
shared by Paul Merrell on 11 Aug 14 - No Cached
  • There are several brief points worth noting about all of this: (1) For those who ask “what should be done?,” has the hideous aftermath of the NATO intervention in Libya – hailed as a grand success for “humanitarian interventions” – not taught the crucial lessons that (a) bombing for ostensibly “humanitarian” ends virtually never fulfills the claimed goals but rather almost always makes the situation worse; (b) the U.S. military is not designed, and is not deployed, for “humanitarian” purposes?; and (c) the U.S. military is not always capable of “doing something” positive about every humanitarian crisis even if that were really the goal of U.S. officials? The suffering in Iraq is real, as is the brutality of ISIS, and the desire to fix it is understandable. There may be some ideal world in which a superpower is both able and eager to bomb for humanitarian purposes. But that is not this world. Just note how completely the welfare of Libya was ignored by most intervention advocates the minute the fun, glorious, exciting part – “We came, we saw, he died,” chuckled Hillary Clinton – was over.
  • (2) It is simply mystifying how anyone can look at U.S. actions in the Middle East and still believe that the goal of its military deployments is humanitarianism. The U.S. government does not oppose tyranny and violent oppression in the Middle East. To the contrary, it is and long has been American policy to do everything possible to subjugate the populations of that region with brutal force – as conclusively demonstrated by stalwart U.S. support for the region’s worst oppressors. Or, as Hillary Clinton so memorably put it in 2009: “I really consider President and Mrs. Mubarak to be friends of my family.” How can anyone believe that a government whose overt, explicit policy is “regime continuity” for Saudi Arabia, and who continues to lend all sorts of support to the military dictators of Egypt, is simultaneously driven by humanitarian missions in the region? (3) “Humanitarianism” is the pretty packaging in which all wars – even the most blatantly aggressive ones – are wrapped, but it is almost never the actual purpose. There are often numerous steps the U.S. could take to advance actually humanitarian goals, but those take persistence and resources, and entail little means of control, and are thus usually ignored in favor of blowing things and people up with Freedom Bombs.
  • (4) Note how even the pretenses of constitutional democracy are now dispensed with: there is a reasonable legal debate over legality, but in essence: the President has the power to order bombing of Iraq because he decides it should happen. (5) Perhaps having Israel and the U.S. simultaneously bombing Arabs in different countries – yet again – will create some extremely negative consequences?
  • ...2 more annotations...
  • (6) This above-documented parade of “Saddam-is-worse-than-Hitler” campaigns was surrounded by stints of U.S. arming and funding of the very same Saddam (the same, of course, was true of the Taliban precursors, Gadhaffi, Iran, Manuel Noriega, and virtually every other Latest Villain who needed to be bombed; the US was roughly allied with ISIS allies in Syria and American allies fund ISIS itself). The propaganda has gone from “pulling babies from incubators: as bad as Hitler” to “rape rooms: worse than Hitler” to the new slogan: “worse than al-Qaeda!” What’s left? For quite some time, it was Mahmoud Ahmadinejad – the democratically elected president of Iran who left office peacefully at the end of his term and who never actually invaded anybody – who was The New Hitler. As all of this demonstrates, there certainly are some heinous, violent people in the world: often including America’s closest allies and the ones who unleash the violence documented here, as well as those at whom that violence is directed. But perhaps some perspective and serious skepticism is warranted the next time we’re relentlessly bombarded with messaging about The New Greatest Villainous Threat in History – and especially manipulative accusations that opposition to U.S. military attack is indicative of support for those New Villains – as a means to secure acquiescence to the next bombing campaign.
  • (7) Maybe this and this, rather than humanitarianism, is a more significant influence in this new bombing campaign? Targeted strikes against ISIS is obviously not remotely the same as a full-scale invasion of Iraq, but whatever else is true, and whatever one’s opinions are on this latest bombing, it is self-evidently significant that, as the NYT’s Peter Baker wrote today, “Mr. Obama became the fourth president in a row to order military action in that graveyard of American ambition” known as Iraq.
13More

Federal Chief Information Officers (CIO) Council Wins Rosemary Award - 0 views

www2.gwu.edu/...20150318 Hillary Auction 2016 email-scandal State-Dept. gov't.-CIOs
shared by Paul Merrell on 19 Mar 15 - No Cached
  • Hillary Clinton E-Mail Controversy Illuminates Government-Wide Failure National Security Archive Lawsuit Established E-Mails as Records in 1993 CIO Council Repeats as Rosemary "Winner" for Doubling Down On "Lifetime Failure" Only White House Saves Its E-Mail Electronically, Agencies No Deadline Until 2016
  • The Federal Chief Information Officers (CIO) Council has won the infamous Rosemary Award for worst open government performance of 2014, according to the citation published today by the National Security Archive at www.nsarchive.org. The National Security Archive had hoped that awarding the 2010 Rosemary Award to the Federal Chief Information Officers Council for never addressing the government's "lifetime failure" of saving its e-mail electronically would serve as a government-wide wakeup call that saving e-mails was a priority. Fallout from the Hillary Clinton e-mail debacle shows, however, that rather than "waking up," the top officials have opted to hit the "snooze" button. The Archive established the not-so-coveted Rosemary Award in 2005, named after President Nixon's secretary, Rose Mary Woods, who testified she had erased 18-and-a-half minutes of a crucial Watergate tape — stretching, as she showed photographers, to answer the phone with her foot still on the transcription pedal. Bestowed annually to highlight the lowlights of government secrecy, the Rosemary Award has recognized a rogue's gallery of open government scofflaws, including the CIA, the Treasury Department, the Air Force, the FBI, the Justice Department, and Director of National Intelligence James Clapper.
  • Chief Information Officer of the United States Tony Scott was appointed to lead the Federal CIO Council on February 5, 2015, and his brief tenure has already seen more references in the news media to the importance of maintaining electronic government records, including e-mail, and the requirements of the Federal Records Act, than the past five years. Hopefully Mr. Scott, along with Office of Management & Budget Deputy Director for Management Ms. Beth Cobert will embrace the challenge of their Council being named a repeat Rosemary Award winner and use it as a baton to spur change rather than a cross to bear.
  • ...9 more annotations...
  • Many on the Federal CIO Council could use some motivation, including the beleaguered State Department CIO, Steven Taylor. In office since April 3, 2013, Mr. Taylor is in charge of the Department's information resources and IT initiatives and services. He "is directly responsible for the Information Resource Management (IRM) Bureau's budget of $750 million, and oversees State's total IT/ knowledge management budget of approximately one billion dollars." Prior to his current position, Taylor served as Acting CIO from August 1, 2012, as the Department's Deputy Chief Information Officer (DCIO) and Chief Technology Officer of Operations from June 2011, and was the Program Director for the State Messaging and Archival Retrieval Toolset (SMART). While Hillary Clinton repeatedly claimed that because she sent her official e-mail to "government officials on their State or other .gov accounts ... the emails were immediately captured and preserved," a recent State Department Office of Inspector General report contradicts claims that DOS' e-mail archiving system, ironically named SMART, did so.
  • The report found that State Department "employees have not received adequate training or guidance on their responsibilities for using those systems to preserve 'record emails.'" In 2011, while Taylor was State's Chief Technology Officer of Operations, State Department employees only created 61,156 record e-mails out of more than a billion e-mails sent. In other words, roughly .006% of DOS e-mails were captured electronically. And in 2013, while Taylor was State's CIO, a paltry seven e-mails were preserved from the Office of the Secretary, compared to the 4,922 preserved by the Lagos Consulate in Nigeria. Even though the report notes that its assessments "do not apply to the system used by the Department's high-level principals, the Secretary, the Deputy Secretaries, the Under Secretaries, and their immediate staffs, which maintain separate systems," the State Department has not provided any estimation of the number of Clinton's e-mails that were preserved by recipients through the Department's anachronistic "print and file" system, or any other procedure.
  • The unfortunate silver lining of Hillary Clinton inappropriately appropriating public records as her own is that she likely preserved her records much more comprehensively than her State Department colleagues, most of whose e-mails have probably been lost under Taylor's IT leadership. 2008 reports by CREW, right, and the GAO, left, highlighted problems preserving e-mails. Click to enlarge. The bigger issue is that Federal IT gurus have known about this problem for years, and the State Department is not alone in not having done anything to fix it. A 2008 survey by Citizens for Responsibility and Ethics in Washington (CREW) and OpenTheGovernment.org did not find a single federal agency policy that mandates an electronic record keeping system agency-wide. Congressional testimony in 2008 by the Government Accountability Office indicted the standard "print and file" approach by pointing out:
  • 2011- the Justice Department (for doing more than any other agency to eviscerate President Obama's Day One transparency pledge through pit-bull whistleblower prosecutions, recycled secrecy arguments in court cases, retrograde FOIA regulations, and mixed FOIA responsiveness) 2010 - the Federal Chief Information Officers' Council (for "lifetime failure" to address the crisis in government e-mail preservation) 2009 - the FBI (for having a record-setting rate of "no records" responses to FOIA requests) 2008 - the Treasury Department (for shredding FOIA requests and delaying responses for decades) 2007 - the Air Force (for disappearing its FOIA requests and having "failed miserably" to meet its FOIA obligations, according to a federal court ruling) 2006 - the Central Intelligence Agency (for the biggest one-year drop-off in responsiveness to FOIA requests yet recorded).
  • Troublingly, current Office of Management and Budget guidance does not require federal agencies to manage "all email records in an electronic format" until December 31, 2016. The only part of the federal government that seems to be facing up to the e-mail preservation challenge with any kind of "best practice" is the White House, where the Obama administration installed on day one an e-mail archiving system that preserves and manages even the President's own Blackberry messages. The National Security Archive brought the original White House e-mail lawsuit against President Reagan in early 1989, and continued the litigation against Presidents George H.W. Bush and Bill Clinton, until court orders compelled the White House to install the "ARMS" system to archive e-mail. The Archive sued the George W. Bush administration in 2007 after discovering that the Bush White House had junked the Clinton system without replacing its systematic archiving functions. CREW subsequently joined this suit and with the Archive negotiated a settlement with the Obama administration that included the recovery of as many as 22 million e-mails that were previously missing or misfiled.
  • s a result of two decades of the Archive's White House e-mail litigation, several hundred thousand e-mails survive from the Reagan White House, nearly a half million from the George H.W. Bush White House, 32 million from the Clinton White House, and an estimated 220 million from the George W. Bush White House. Previous recipients of the Rosemary Award include: 2013 - Director of National Intelligence James Clapper (for his "No, sir" lie to Senator Ron Wyden's question: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?") 2012 - the Justice Department (in a repeat performance, for failing to update FOIA regulations to comply with the law, undermining congressional intent, and hyping its open government statistics)
  • Rogue Band of Federal E-mail Users and Abusers Compounds Systemic Problems Former Secretary of State Hillary Clinton and other federal officials who skirt or even violate federal laws designed to preserve electronic federal records compound e-mail management problems. Top government officials who use personal e-mail for official business include: Clinton; former U.S. Ambassador to Kenya Scott Gration; chairman of the U.S. Chemical Safety Board Rafael Moure-Eraso; and former Secretary of State Colin Powell, who told ABC's This Week "I don't have any to turn over. I did not keep a cache of them. I did not print them off. I do not have thousands of pages somewhere in my personal files." Others who did not properly save electronic federal records include Environmental Protection Agency former administrator Lisa Jackson who used the pseudonym Richard Windsor to receive email; current EPA administrator Gina McCarthy, who improperly deleted thousands of text messages (which also are federal records) from her official agency cell phone; and former Internal Revenue Service official Lois Lerner, whose emails regarding Obama's political opponents "went missing or became destroyed."
  • "agencies recognize that devoting significant resources to creating paper records from electronic sources is not a viable long-term strategy;" yet GAO concluded even the "print and file" system was failing to capture historic records "for about half of the senior officials."
  • The destruction of other federal records was even more blatant. Jose Rodriguez, the former CIA official in charge of the agency's defunct torture program ordered the destruction of key videos documenting it in 2005, claiming that "the heat from destroying [the torture videos] is nothing compared to what it would be if the tapes ever got into the public domain;" Admiral William McRaven, ordered the immediate destruction of any emails about Operation Neptune Spear, including any photos of the death of Osama bin Laden ("destroy them immediately"), telling subordinates that any photos should have already been turned over to the CIA — presumably so they could be placed in operational files out of reach of the FOIA. These rogues make it harder — if not impossible — for agencies to streamline their records management, and for FOIA requesters and others to obtain official records, especially those not exchanged with other government employees. The US National Archives currently trusts agencies to determine and preserve e-mails which agencies have "deemed appropriate for preservation" on their own, often by employing a "print and file" physical archiving process for digital records. Any future reforms to e-mail management must address the problems of outdated preservation technology, Federal Records Act violators, and the scary fact that only one per cent of government e-mail addresses are saved digitally by the National Archive's recently-initiated "Capstone" program.
  • Paul Merrell on 19 Mar 15
     
    Complete with photos, names, titles, of the 41 federal department and independent agency CIOs. The March 2015 Insopector General report linked from the article belies Hillary Clinton's claim that all emails she sent to State Department staff had been preserved by the Department.   
5More

U.S. War Against Russia Is Now Against Hungary Too Washington's Blog - 0 views

www.washingtonsblog.com/...-s-war-russia-now-hungary.html war & peace U.S. Russia Hungary NATO
shared by Paul Merrell on 29 Dec 14 - No Cached
  • Hungary has decided to align itself with Russia against the United States. The Western Alliance is starting to fray, over the insistence by Barack Obama and the U.S. Congress to go to war against Russia.
  • But, within the European Union, and especially among its former member-states of the Soviet Union, this is, as of yet, still only a cold war, which is in the process of heating up toward perhaps the super-hot temperature of a nuclear conflict between Russia and NATO (the latter organization consisting of the United States and its vassal nations against Russia). And America is already investing heavily in it. According to German Economic News (GEN), on December 25th, “Hungary Will Not Take Part in the Cold War Against Russia.” They report that, “Hungary’s Prime Minister Viktor Orban takes his distance from the EU, and accuses the US government of trying to instigate a new Cold War against Russia. Hungary will not participate.” GEN also links to an earlier, October 19th, GEN article, which had reported that, “After Russia, Hungary is now apparently also being targeted by Americans: the United States is hitting senior Hungarian government officials and businessmen with entry bans. The Americans throw corruption-charges against the Hungarians.”
  • On Tuesday, December 23rd, Reuters headlined, “Hungary PM Orban: U.S. uses corruption charges to gain influence,” and reported that, “The United States is using corruption allegations against some Hungarian public officials as a ‘cover story’ to boost its influence in central Europe amid the Russia-Ukraine conflict, Prime Minister Viktor Orban said on Tuesday. Orban’s comments come amid a wider souring of relations between Hungary, a NATO ally, and the United States over what America perceives as Orban’s increasingly authoritarian rule and Budapest’s warm relations with Russia.”
  • ...1 more annotation...
  • America’s pervasive NSA snooping, militarizing of local police-forces, and invasions of Iraq, Syria, Libya, and other countries that never threatened the United States, are not considered (by the British Reuters) ‘authoritarian,’ but somehow Hungary now is ‘authoritarian.’ Suddenly (though the U.S. didn’t say this when Hungary was trying to meet the demands of the American aristocracy), Hungary is ‘authoritarian,’ and is ‘too’ corrupt to do business with.
  • Paul Merrell on 29 Dec 14
     
    A NATO member, Hungary, just bowed out of U.S. sanctions on Russia. Turkey looks to be doing the same. Is this the beginning of NATO coming undone? 
6More

FBI Admits It Controlled Tor Servers Behind Mass Malware Attack | Threat Level | Wired.com - 0 views

www.wired.com/...freedom-hosting-fbi surveillance state FBI Tor NSA
shared by Paul Merrell on 05 Oct 13 - No Cached
  • It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Freedom Hosting’s operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It’s not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control. The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale. He was denied bail today for the second time since his arrest in July. Freedom Hosting was a provider of turnkey “Tor hidden service” sites — special sites, with addresses ending in .onion, that hide their geographic location behind layers of routing, and can be reached only over the Tor anonymity network. Tor hidden services are used by sites that need to evade surveillance or protect users’ privacy to an extraordinary degree – including human rights groups and journalists. But they also appeal to serious criminal elements, child-pornography traders among them.
  • On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn’t respond to inquiries from WIRED today. But FBI Supervisory Special Agent J. Brooke Donahue was more forthcoming when he appeared in the Irish court yesterday to bolster the case for keeping Marques behind bars, according to local press reports. Among the many arguments Donahue and an Irish police inspector offered was that Marques might reestablish contact with co-conspirators, and further complicate the FBI probe. In addition to the wrestling match over Freedom Hosting’s servers, Marques allegedly dove for his laptop when the police raided him, in an effort to shut it down.
  • The apparent FBI-malware attack was first noticed on August 4, when all of the hidden service sites hosted by Freedom Hosting began displaying a “Down for Maintenance” message. That included at least some lawful websites, such as the secure email provider TorMail. Some visitors looking at the source code of the maintenance page realized that it included a hidden iframe tag that loaded a mysterious clump of Javascript code from a Verizon Business internet address. By midday, the code was being circulated and dissected all over the net. Mozilla confirmed the code exploited a critical memory management vulnerability in Firefox that was publicly reported on June 25, and is fixed in the latest version of the browser. Though many older revisions of Firefox were vulnerable to that bug, the malware only targeted Firefox 17 ESR, the version of Firefox that forms the basis of the Tor Browser Bundle – the easiest, most user-friendly package for using the Tor anonymity network. That made it clear early on that the attack was focused specifically on de-anonymizing Tor users. Tor Browser Bundle users who installed or manually updated after June 26 were safe from the exploit, according to the Tor Project’s security advisory on the hack.
  • ...2 more annotations...
  • Perhaps the strongest evidence that the attack was a law enforcement or intelligence operation was the limited functionality of the malware. The heart of the malicious Javascript was a tiny Windows executable hidden in a variable named “Magneto.” A traditional virus would use that executable to download and install a full-featured backdoor, so the hacker could come in later and steal passwords, enlist the computer in a DDoS botnet, and generally do all the other nasty things that happen to a hacked Windows box. But the Magneto code didn’t download anything. It looked up the victim’s MAC address — a unique hardware identifier for the computer’s network or Wi-Fi card — and the victim’s Windows hostname. Then it sent it to a server in Northern Virginia server, bypassing Tor, to expose the user’s real IP address, coding the transmission as a standard HTTP web request.
  • The official IP allocation records maintained by the American Registry for Internet Numbers show the two Magneto-related IP addresses were part of a ghost block of eight addresses that have no organization listed. Those addresses trace no further than the Verizon Business data center in Ashburn, Virginia, 20 miles northwest of the Capital Beltway. The code’s behavior, and the command-and-control server’s Virginia placement, is also consistent with what’s known about the FBI’s “computer and internet protocol address verifier,” or CIPAV, the law enforcement spyware first reported by WIRED in 2007. Court documents and FBI files released under the FOIA have described the CIPAV as software the FBI can deliver through a browser exploit to gather information from the target’s machine and send it to an FBI server in Virginia. The FBI has been using the CIPAV since 2002 against hackers, online sexual predators, extortionists, and others, primarily to identify suspects who are disguising their location using proxy servers or anonymity services, like Tor. Prior to the Freedom Hosting attack, the code had been used sparingly, which kept it from leaking out and being analyzed.
  • Paul Merrell on 05 Oct 13
     
    Taking down the entire Freedom Hosting service because some content was kiddie porn is reminiscent of the U.S. government's proxy take-down of Mega-Upload in New Zealand. Such actions that disable legitimate users or deny access to their data are in my opinion violative of the 1st and 4th Amendments.  It suppresses the Freedom of Speech and seizes more than the 4th Amendment allows.  That our own government would use malware for surveillance purposes under any circumstance is just plain chilling.
« First ‹ Previous 201 - 220 of 246 Next › Last »
Showing 20 items per page