Group items matching

in title, tags, annotations or url

An unclassified table accompanying the report states that encryption is the “[b]est defense to protect data”, especially if made particularly strong through “multi-factor authentication” – similar to two-step verification used by Google and others for email – or biometrics. These measures remain all but impossible to crack, even for GCHQ and the NSA. The report warned: “Almost all current and potential adversaries – nations, criminal groups, terrorists, and individual hackers – now have the capability to exploit, and in some cases attack, unclassified access-controlled US and allied information systems.” It further noted that the “scale of detected compromises indicates organisations should assume that any controlled but unclassified networks of intelligence, operational or commercial value directly accessible from the internet are already potentially compromised by foreign adversaries”.

The report had some cause for optimism, especially in the light of Google and other US tech giants having in the months prior greatly increased their use of encryption efforts. “We assess with high confidence that security best practices applied to target networks would prevent the vast majority of intrusions,” it concluded. Official UK government security advice still recommends encryption among a range of other tools for effective network and information defence. However, end-to-end encryption – which means only the two people communicating with each other, and not the company carrying the message, can decode it – is problematic for intelligence agencies as it makes even warranted collection much more difficult.

The previous week, a day after the attack on the Charlie Hebdo office in Paris, the MI5 chief, Andrew Parker, called for new powers and warned that new technologies were making it harder to track extremists. In November, the head of GCHQ, Robert Hannigan, said US social media giants had become the “networks of choice” for terrorists. Chris Soghoian, principal senior policy analyst at the American Civil Liberties Union, said attempts by the British government to force US companies to weaken encryption faced many hurdles.

The Guardian, New York Times and ProPublica have previously reported the intelligence agencies’ broad efforts to undermine encryption and exploit rather than reveal vulnerabilities. This prompted Obama’s NSA review panel to warn that the agency’s conflicting missions caused problems, and so recommend that its cyber-security responsibilities be removed to prevent future issues.

The memo requested a renewal of the legal warrant allowing GCHQ to “modify” commercial software in violation of licensing agreements. The document cites examples of software the agency had hacked, including commonly used software to run web forums, and website administration tools. Such software are widely used by companies and individuals around the world. The document also said the agency had developed “capability against Cisco routers”, which would “allow us to re-route selected traffic across international links towards GCHQ’s passive collection systems”. GCHQ had also been working to “exploit” the anti-virus software Kaspersky, the document said. The report contained no information on the nature of the vulnerabilities found by the agency.

Michael Beckerman, president and CEO of the Internet Association, a lobby group that represents Facebook, Google, Reddit, Twitter, Yahoo and other tech companies, said: “Just as governments have a duty to protect to the public from threats, internet services have a duty to our users to ensure the security and privacy of their data. That’s why internet services have been increasing encryption security.”

ronically, Jordan has provided one of the main staging theaters for “Al-Qaeda” and Muslim Brotherhood linked, foreign funded and armed mercenary brigades since the onset of the war on Syria.

Especially the region around the town of al-Mafraq and the Ramtha Air Base in Jordan are notorious for their function as training and staging facilities for terrorist brigades, as well as for the presence of Saudi, Turkish, NATO and U.S. intelligence services, special forces, as well as liaisons between the terrorist brigades on the ground and civilian as well as military intelligence services.

Both the city of Al-Mafraq and the Ramtha Air Base have been used as staging theater for the 2012 invasion of Syria by the about 20,000 strong, so-called, Libyan Brigade. The brigade had been assembled by the so-called Libyan Islamic Fighting Group, whose leader, Abdelhakim Belhadj was promoted to become the head of the Tripoli Military Council after the US/Turkish/Qatari/Saudi/Israeli/NATO supported ousting of the Libyan government in 2011.

The Libyan Brigade was led by the Irish-Libyan national Mahdi Al-Harati, the Libyan Islamic Fighting Group’s second in command. Both Abdelhakim Belhadj and Mahdi al-Harati have been implicated in cooperation with British, U.S. and NATO intelligence. ISIS, for its part, has its origin in the so-called Al-Qaedea in Iraq. The organization has had ties to Saudi Arabian and western intelligence services since it’s origin. A person from within the inner circle around former Lebanese PM Saad Hariri held a personal meeting with nsnbc editor-in-chief Christof Lehmann and disclosed that the final decision to invade Iraq with “ISIS” was made on the sidelines of the Atlantic Council’s Energy Summit in Turkey, in November 2013, and that the U.S. Embassy functions as coordination and command post for the war on the, depending on utility, friend or foe known as ISIS.

Next, our small non-profit news outfit, WhoWhatWhy, which covers primarily international and national investigative stories, took the reporting to another level. Our story established that the owner of the house, Esam Ghazzawi, was a direct lieutenant to a powerful member of the Saudi royal family who’d learned to fly in Florida years earlier. Ghazzawi was director of the UK division of EIRAD Trading and Contracting Co. Ltd., which among other things, holds the Saudi franchise for many multinational brands including UPS. Ghazzawi’s boss, the chairman of EIRAD Holding Co. Ltd., is Prince Sultan bin Salman bin Abdul Aziz Al-Saud.

A fighter pilot who also flew on a Space Shuttle mission, Prince Sultan is the son of the new Saudi king, Salman. WhoWhatWhy’s reporting raised serious questions about whether high-ranking Saudis were directly involved with the 9/11 operation, and whether the U.S. government covered up what it knew. WhoWhatWhy paid a major news distribution outfit to send our story to thousands of news outlets, major and minor, in the United States. Again, the silence was deafening. *** The debate about Moussaoui’s newly released testimony centers on whether he can be trusted. But there is no debate about the Sarasota evidence we uncovered. We’re still waiting for the Times, along with the rest of the mainstream media, to acknowledge that material. Whatever happened in Florida, whatever the veracity of Moussaoui’s claims, anyone with an open mind will smell enough smoke to wonder whose interests are being served by pretending there’s no fire in the Saudi-9/11 connection.

For more on the Bush family’s relationship to the Saudi royal family, see Russ Baker’s book, Family of Secrets.

In a section summing up Britons’ attitudes to nations outside Europe, the authors noted that “North Korea is viewed most unfavorably (47%), followed by Israel (35%). The number of those viewing Israel unfavorably has increased by 18 points since 2012, presumably in response to the controversial military campaign in Gaza and the civilian casualties it caused, which were prominent in the news at the time the survey was conducted. Iran (33%) is the third most unfavorably viewed country, though its rating is down by 12 points compared with 2012. Pakistan (28%) and Nigeria (21%) complete the top five. The Chatham House study — entitled “Internationalism or Isolationism? British Attitudes Towards the UK’s International Priorities” – was based on a YouGov poll in August which questioned a representative sample of 2,059 adults.

Regin has been used to spy on telecom providers, financial institutions, energy companies, airlines, research institutes and the hospitality industry, and on European Union officials. The 14 countries found to have been penetrated include Russia, Malaysia, Afghanistan, and Fiji. Even though the trail is hot now, security experts say that Regin is still out there committing wholesale espionage. That’s because parts of it like QWERTY help mask other components. Like any good spy, it’s constantly changing disguises.

The official results of Obama’s call for surveillance reform also appear to have failed to address encryption. The FBI director, James Comey, and other officials have been highly critical of the use of encryption by tech companies such as Apple to protect their users’ information. Comey has argued that stronger encryption, baked in to some technology after the Snowden revelations, will aid criminals and terrorists and shut out law enforcement.

Other measures outlined in the new report include steps to clarify the protection given to whistleblowers if they follow internal rules and a requirement that “any significant compliance incident involving personal information, regardless of the person’s nationality” be reported to Clapper.

The intelligence report itself acknowledges that further reforms called for by the president, such as ending the collection of bulk data by the government, have not been implemented, possibly due to stalled legislative efforts in Congress.

Granted, there's no avoiding a significant drop in Russians' living standards because of accelerating inflation. The economics ministry in Moscow predicts real wages will fall by 9 percent this year -- which, Aslund wrote, means that "for the first time after 15 years in power," Russian President Vladimir Putin "will have to face a majority of the Russian people experiencing a sharply declining standard of living." So far, though, Russians have taken the initial shock of devaluation and accompanying inflation largely in stride. The latest poll from the independent Levada Center, conducted between Feb. 20 and Feb. 23, actually shows an uptick in Putin's approval rating -- to 86 percent from 85 percent in January.  It's time to bury the expectation that Russia will fall apart economically under pressure from falling oil prices and economic sanctions, and that Russians, angered by a drop in their living standards, will rise up and sweep Putin out of office. Western powers face a tough choice: Settle for a lengthy siege and ratchet up the sanctions despite the progress in Ukraine, or start looking for ways to restart dialogue with Russia, a country that just won't go away.

An onslaught by al Qaeda's Syria wing, the Nusra Front, last week forced Hazzm into dissolution, its members swallowed by Jabhat al-Shamiyya, a mainly Islamist alliance. It was the second time in four months that Nusra had crushed a Western-backed rebel group.Nusra is now considering cutting its ties with al Qaeda in a rebranding exercise backed by Qatar and some other Gulf states that will bring in more funds, sources say.On Tuesday, Nusra followers published photographs on Twitter of what they said were U.S. weapons, including anti-tank missiles, seized in battles with opposition brigades.

State Department spokeswoman Marie Harf said Hazzm had received non-lethal U.S. assistance. Washington has never acknowledged the CIA program.The group's demise "will have an impact on the moderate opposition's capabilities in the north," Harf said.The group had shrunk to about 400 fighters last month after killings, desertions and arrests, the Observatory's Abdulrahman said. "They are now finished, like sugar in tea."

"The presumption of openness requires the presumption of posting," said Archive director Tom Blanton. "For the new generation, if it's not online, it does not exist." The National Security Archive has conducted fourteen FOIA Audits since 2002. Modeled after the California Sunshine Survey and subsequent state "FOI Audits," the Archive's FOIA Audits use open-government laws to test whether or not agencies are obeying those same laws. Recommendations from previous Archive FOIA Audits have led directly to laws and executive orders which have: set explicit customer service guidelines, mandated FOIA backlog reduction, assigned individualized FOIA tracking numbers, forced agencies to report the average number of days needed to process requests, and revealed the (often embarrassing) ages of the oldest pending FOIA requests. The surveys include:

The federal government has made some progress moving into the digital era. The National Security Archive's last E-FOIA Audit in 2007, " File Not Found," reported that only one in five federal agencies had put online all of the specific requirements mentioned in the E-FOIA amendments, such as guidance on making requests, contact information, and processing regulations. The new E-FOIA Audit finds the number of agencies that have checked those boxes is now much higher — 100 out of 165 — though many (66 in 165) have posted just the bare minimum, especially when posting FOIA responses. An additional 33 agencies even now do not post these types of records at all, clearly thwarting the law's intent.

The FOIAonline Members (Department of Commerce, Environmental Protection Agency, Federal Labor Relations Authority, Merit Systems Protection Board, National Archives and Records Administration, Pension Benefit Guaranty Corporation, Department of the Navy, General Services Administration, Small Business Administration, U.S. Citizenship and Immigration Services, and Federal Communications Commission) won their "E-Star" by making past requests and releases searchable via FOIAonline. FOIAonline also allows users to submit their FOIA requests digitally.

THE E-DELINQUENTS: WORST OVERALL AGENCIES In alphabetical order

Key Findings

Excuses Agencies Give for Poor E-Performance

Justice Department guidance undermines the statute. Currently, the FOIA stipulates that documents "likely to become the subject of subsequent requests" must be posted by agencies somewhere in their electronic reading rooms. The Department of Justice's Office of Information Policy defines these records as "frequently requested records… or those which have been released three or more times to FOIA requesters." Of course, it is time-consuming for agencies to develop a system that keeps track of how often a record has been released, which is in part why agencies rarely do so and are often in breach of the law. Troublingly, both the current House and Senate FOIA bills include language that codifies the instructions from the Department of Justice. The National Security Archive believes the addition of this "three or more times" language actually harms the intent of the Freedom of Information Act as it will give agencies an easy excuse ("not requested three times yet!") not to proactively post documents that agency FOIA offices have already spent time, money, and energy processing. We have formally suggested alternate language requiring that agencies generally post "all records, regardless of form or format that have been released in response to a FOIA request."

Disabilities Compliance. Despite the E-FOIA Act, many government agencies do not embrace the idea of posting their FOIA responses online. The most common reason agencies give is that it is difficult to post documents in a format that complies with the Americans with Disabilities Act, also referred to as being "508 compliant," and the 1998 Amendments to the Rehabilitation Act that require federal agencies "to make their electronic and information technology (EIT) accessible to people with disabilities." E-Star agencies, however, have proven that 508 compliance is no barrier when the agency has a will to post. All documents posted on FOIAonline are 508 compliant, as are the documents posted by the Department of Defense and the Department of State. In fact, every document created electronically by the US government after 1998 should already be 508 compliant. Even old paper records that are scanned to be processed through FOIA can be made 508 compliant with just a few clicks in Adobe Acrobat, according to this Department of Homeland Security guide (essentially OCRing the text, and including information about where non-textual fields appear). Even if agencies are insistent it is too difficult to OCR older documents that were scanned from paper, they cannot use that excuse with digital records.

Privacy. Another commonly articulated concern about posting FOIA releases online is that doing so could inadvertently disclose private information from "first person" FOIA requests. This is a valid concern, and this subset of FOIA requests should not be posted online. (The Justice Department identified "first party" requester rights in 1989. Essentially agencies cannot use the b(6) privacy exemption to redact information if a person requests it for him or herself. An example of a "first person" FOIA would be a person's request for his own immigration file.) Cost and Waste of Resources. There is also a belief that there is little public interest in the majority of FOIA requests processed, and hence it is a waste of resources to post them. This thinking runs counter to the governing principle of the Freedom of Information Act: that government information belongs to US citizens, not US agencies. As such, the reason that a person requests information is immaterial as the agency processes the request; the "interest factor" of a document should also be immaterial when an agency is required to post it online. Some think that posting FOIA releases online is not cost effective. In fact, the opposite is true. It's not cost effective to spend tens (or hundreds) of person hours to search for, review, and redact FOIA requests only to mail it to the requester and have them slip it into their desk drawer and forget about it. That is a waste of resources. The released document should be posted online for any interested party to utilize. This will only become easier as FOIA processing systems evolve to automatically post the documents they track. The State Department earned its "E-Star" status demonstrating this very principle, and spent no new funds and did not hire contractors to build its Electronic Reading Room, instead it built a self-sustaining platform that will save the agency time and money going forward.

But virtually ignored by the American mainstream media was a bombshell allegation by Estonian Foreign Minister Urmas Paet. On Feb. 26, 2014, Paet—no friend of Russia’s—said in an intercepted and later authenticated phone call: “There is now stronger and stronger understanding that behind [the] snipers, it was not Yanukovych, but it was somebody from the new coalition.” What Paet called “the new coalition” is essentially the West-leaning Ukrainian government that succeeded Yanukovych. (Please see the full transcript of the conversation here, the most relevant 48 seconds here, and audio of the entire conversation here.) Getting It Right In such conflicts, the truth is one of the first casualties.

For an American media outlet willing to tackle this issue, one has to turn to The National Interest, a specialized journal on international relations. Although its parent, The Center for the National Interest, was originally called The Nixon Center—hardly a left-wing group—it recently published “Ukraine Exposed: Kiev’s Authoritarianism” by James Carden, who served as an advisor to the U.S.-Russia Bilateral Presidential Commission at the State Department from 2011 to 2012. Questioning U.S. policy in Ukraine, Carden wrote: From the very start of the Ukraine crisis, Washington’s neoconservative lobby has sought to downplay the less appealing aspects of the government that came to power in Kiev in February. … But examples of the new authoritarianism gripping Kiev have become tougher to miss in recent months … Carden goes on to highlight a case in point. In October, Poroshenko signed a decree establishing October 14 as an official “Day of Ukrainian Defenders” to commemorate the founding of the Ukrainian Insurrectionist Army, known as the UPA, during World War II. Carden then notes:

As the historian Halik Kochanski has noted, the UPA worked hand in hand with Poland’s Nazi occupiers, killing, to take but one example, nearly 10,000 Poles over the night of July 11-12, 1943. “A feature of the UPA action,” according to Kochanski, “was its sheer barbarity. They were not content merely to shoot their victims but often tortured them first or desecrated their bodies afterwards.” … Don’t let anyone tell you Russia has a monopoly on “disinformation.” Thus, in its zeal to legitimize Poroshenko’s anti-Russian government in Kiev, the mainstream American media managed to ignore his commemoration of former Ukrainian atrocities. Under the Nuclear Cloud

The Risks of Ignorance

Many on the Federal CIO Council could use some motivation, including the beleaguered State Department CIO, Steven Taylor. In office since April 3, 2013, Mr. Taylor is in charge of the Department's information resources and IT initiatives and services. He "is directly responsible for the Information Resource Management (IRM) Bureau's budget of $750 million, and oversees State's total IT/ knowledge management budget of approximately one billion dollars." Prior to his current position, Taylor served as Acting CIO from August 1, 2012, as the Department's Deputy Chief Information Officer (DCIO) and Chief Technology Officer of Operations from June 2011, and was the Program Director for the State Messaging and Archival Retrieval Toolset (SMART). While Hillary Clinton repeatedly claimed that because she sent her official e-mail to "government officials on their State or other .gov accounts ... the emails were immediately captured and preserved," a recent State Department Office of Inspector General report contradicts claims that DOS' e-mail archiving system, ironically named SMART, did so.

The report found that State Department "employees have not received adequate training or guidance on their responsibilities for using those systems to preserve 'record emails.'" In 2011, while Taylor was State's Chief Technology Officer of Operations, State Department employees only created 61,156 record e-mails out of more than a billion e-mails sent. In other words, roughly .006% of DOS e-mails were captured electronically. And in 2013, while Taylor was State's CIO, a paltry seven e-mails were preserved from the Office of the Secretary, compared to the 4,922 preserved by the Lagos Consulate in Nigeria. Even though the report notes that its assessments "do not apply to the system used by the Department's high-level principals, the Secretary, the Deputy Secretaries, the Under Secretaries, and their immediate staffs, which maintain separate systems," the State Department has not provided any estimation of the number of Clinton's e-mails that were preserved by recipients through the Department's anachronistic "print and file" system, or any other procedure.

The unfortunate silver lining of Hillary Clinton inappropriately appropriating public records as her own is that she likely preserved her records much more comprehensively than her State Department colleagues, most of whose e-mails have probably been lost under Taylor's IT leadership. 2008 reports by CREW, right, and the GAO, left, highlighted problems preserving e-mails. Click to enlarge. The bigger issue is that Federal IT gurus have known about this problem for years, and the State Department is not alone in not having done anything to fix it. A 2008 survey by Citizens for Responsibility and Ethics in Washington (CREW) and OpenTheGovernment.org did not find a single federal agency policy that mandates an electronic record keeping system agency-wide. Congressional testimony in 2008 by the Government Accountability Office indicted the standard "print and file" approach by pointing out:

2011- the Justice Department (for doing more than any other agency to eviscerate President Obama's Day One transparency pledge through pit-bull whistleblower prosecutions, recycled secrecy arguments in court cases, retrograde FOIA regulations, and mixed FOIA responsiveness) 2010 - the Federal Chief Information Officers' Council (for "lifetime failure" to address the crisis in government e-mail preservation) 2009 - the FBI (for having a record-setting rate of "no records" responses to FOIA requests) 2008 - the Treasury Department (for shredding FOIA requests and delaying responses for decades) 2007 - the Air Force (for disappearing its FOIA requests and having "failed miserably" to meet its FOIA obligations, according to a federal court ruling) 2006 - the Central Intelligence Agency (for the biggest one-year drop-off in responsiveness to FOIA requests yet recorded).

Troublingly, current Office of Management and Budget guidance does not require federal agencies to manage "all email records in an electronic format" until December 31, 2016. The only part of the federal government that seems to be facing up to the e-mail preservation challenge with any kind of "best practice" is the White House, where the Obama administration installed on day one an e-mail archiving system that preserves and manages even the President's own Blackberry messages. The National Security Archive brought the original White House e-mail lawsuit against President Reagan in early 1989, and continued the litigation against Presidents George H.W. Bush and Bill Clinton, until court orders compelled the White House to install the "ARMS" system to archive e-mail. The Archive sued the George W. Bush administration in 2007 after discovering that the Bush White House had junked the Clinton system without replacing its systematic archiving functions. CREW subsequently joined this suit and with the Archive negotiated a settlement with the Obama administration that included the recovery of as many as 22 million e-mails that were previously missing or misfiled.

s a result of two decades of the Archive's White House e-mail litigation, several hundred thousand e-mails survive from the Reagan White House, nearly a half million from the George H.W. Bush White House, 32 million from the Clinton White House, and an estimated 220 million from the George W. Bush White House. Previous recipients of the Rosemary Award include: 2013 - Director of National Intelligence James Clapper (for his "No, sir" lie to Senator Ron Wyden's question: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?") 2012 - the Justice Department (in a repeat performance, for failing to update FOIA regulations to comply with the law, undermining congressional intent, and hyping its open government statistics)

Rogue Band of Federal E-mail Users and Abusers Compounds Systemic Problems Former Secretary of State Hillary Clinton and other federal officials who skirt or even violate federal laws designed to preserve electronic federal records compound e-mail management problems. Top government officials who use personal e-mail for official business include: Clinton; former U.S. Ambassador to Kenya Scott Gration; chairman of the U.S. Chemical Safety Board Rafael Moure-Eraso; and former Secretary of State Colin Powell, who told ABC's This Week "I don't have any to turn over. I did not keep a cache of them. I did not print them off. I do not have thousands of pages somewhere in my personal files." Others who did not properly save electronic federal records include Environmental Protection Agency former administrator Lisa Jackson who used the pseudonym Richard Windsor to receive email; current EPA administrator Gina McCarthy, who improperly deleted thousands of text messages (which also are federal records) from her official agency cell phone; and former Internal Revenue Service official Lois Lerner, whose emails regarding Obama's political opponents "went missing or became destroyed."

"agencies recognize that devoting significant resources to creating paper records from electronic sources is not a viable long-term strategy;" yet GAO concluded even the "print and file" system was failing to capture historic records "for about half of the senior officials."

The destruction of other federal records was even more blatant. Jose Rodriguez, the former CIA official in charge of the agency's defunct torture program ordered the destruction of key videos documenting it in 2005, claiming that "the heat from destroying [the torture videos] is nothing compared to what it would be if the tapes ever got into the public domain;" Admiral William McRaven, ordered the immediate destruction of any emails about Operation Neptune Spear, including any photos of the death of Osama bin Laden ("destroy them immediately"), telling subordinates that any photos should have already been turned over to the CIA — presumably so they could be placed in operational files out of reach of the FOIA. These rogues make it harder — if not impossible — for agencies to streamline their records management, and for FOIA requesters and others to obtain official records, especially those not exchanged with other government employees. The US National Archives currently trusts agencies to determine and preserve e-mails which agencies have "deemed appropriate for preservation" on their own, often by employing a "print and file" physical archiving process for digital records. Any future reforms to e-mail management must address the problems of outdated preservation technology, Federal Records Act violators, and the scary fact that only one per cent of government e-mail addresses are saved digitally by the National Archive's recently-initiated "Capstone" program.

According to a footnote within the memo, released June 24 of this year due to a Freedom of Information Act lawsuit, “lethal activities conducted in accordance with the laws of war, and undertaken in the course of lawfully authorized hostilities, do not violate the laws of war by virtue of the fact that they are carried out in part by government actors who are not entitled to the combatant’s privilege.” "That completely blows away one of the major prongs of the government's theory in all these Guantanamo cases," Sam Morison, Khadr's Pentagon-based lawyer, told The Canadian Press during an interview on Wednesday this week. Although Khadr was charged with violating the “US common law of war” that dates back centuries, his attorneys say the memo concerning CIA drone strikes suggest such legislation simply doesn’t exist.

Should Khadr’s attorneys succeed, then a number of cases pertaining to current or former Guantanamo detainees accused of war crimes could be called into question. According to Human Rights Watch, however, only six of the 149 detainees at Gitmo face any formal charges — fewer than the number of prisoners who have died while held there in military custody.