background preloader

Revealed: how US and UK spy agencies defeat internet privacy and security

Revealed: how US and UK spy agencies defeat internet privacy and security
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments. The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – "the use of ubiquitous encryption across the internet". But security experts accused them of attacking the internet itself and the privacy of all users.

Skype with care – Microsoft is reading everything you write The H May 15, 2013 Anyone who uses Skype has consented to the company reading everything they write. The H‘s associates in Germany at heise Security have now discovered that the Microsoft subsidiary does in fact make use of this privilege in practice. Shortly after sending HTTPS URLs over the instant messaging service, those URLs receive an unannounced visit from Microsoft HQ in Redmond. A reader informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. 65.52.100.214 - - [30/Apr/2013:19:28:32 +0200] "HEAD /... The access is coming from systems which clearly belong to Microsoft. In response to an enquiry from heise Security, Skype referred them to a passage from its data protection policy: “Skype may use automated scanning within Instant Messages and SMS to (a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links.” Print this page. The NSA Rigs The System!

Joe Biden in 2012: If Romney wins, we will go to war with Syria Documents Reveal N.S.A. Campaign Against Encryption - Document When British analysts were cleared for the Bullrun program, they were given this briefing sheet outlining the sensitivities of the program, including the N.S.A.'s specific capabilities against widely used Internet encryption technologies. BULLRUN CoI – Briefing Sheet Introduction 1. The ability to exploit targets’ encrypted communications is extremely fragile and is often enabled through sensitive ECI programmes. 2. 3. 4. Control Authority 5. BULLRUN Sensitivity and Coverage 6. 7. 8. Access and Security 9. 10. 11. Handling Procedures 12. 13. 14. 15. Protective Marking Guidance The following offers some guidance on Protective Markings (PM) for BULLRUN material. At SECRET STRAP1 COMINT AUSCANZUKUS EYES : The fact that GCHQ has unspecified capabilities against network security technologies eg TLS/SSL, HTTPS, SSH, VPNs, IPSec. At TOP SECRET STRAP1 COMINT AUSCANZUKUS EYES : At TOP SECRET STRAP2 COMINT BULLRUN AUSCANZUKUS EYES : (U) SSH – Secure Shell. (U) SSL – Secure Sockets Layer.

The US government has betrayed the internet. We need to take it back | Bruce Schneier Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards. This is not the internet the world needs, or the internet its creators envisioned. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do. One, we should expose. We need to know how exactly how the NSA and other agencies are subverting routers, switches, the internet backbone, encryption technologies and cloud systems. Two, we can design.

Your Interest in Privacy Will Ensure You're Targeted By The NSA Have you ever wondered if you’re on an NSA observation list? Turns out that if you’ve even thought about it (or online privacy in general), you’re probably more likely to be on one. A few concerning news updates regarding mass surveillance by the NSA within the past week, including revelations from an analysis of the XKeyscore data collection system, have given us an idea of who might be among the NSA’s “targeted” individuals. Are You on the List? In previous documents, interviews, and other now-public materials, the NSA has stated that, while they can collect data from nearly anyone, they only target a small number of people who could be engaged in suspicious activity. Turns out that a lot of things can get you on the list, including visiting a number of privacy-related websites, or even running searching for privacy-related tools. Unsurprisingly, searches for Tor also land people on the targeted surveillance list. How Do We Know About XKeyscore? What Does This Mean For You?

MUSLIM BROTHERHOOD CLERIC QARADHAWI ON US STRIKE IN SYRIA: IF ONLY WE COULD BE THE ONES TO RETALIATE AGAINST THOSE PEOPLE [THE SYRIAN REGIME] The Sunni’s are behind the “intelligence” and propaganda against Assad. This is the brain child of the Saudi’s along with the endless trouble maker Qatar, the closet dictator of Turkey Erdogan, and Jordan. They want the Shia presence removed from the region and have been plotting and planning for it for more than three years, trying to get the U.S. and EU to do their work for them. Therefore they have offered to pick up the entire bill and pay for military strike against Syria. ‘Leading Sunni Scholar Qaradhawi in Favor of U.S. Following are excerpts from a Friday sermon delivered by leading Sunni scholar Sheik Yousuf Al-Qaradhawi, which aired on Qatar TV on September 6, 2013:Sheik Yousuf Al-Qaradhawi: If only we could be the ones to retaliate against those people [the Syrian regime]. We do not have such power, however, so if they are punished by others, it is better than nothing. Like this: Like Loading... About chainsoff Intelligence Analyst @TheIntelligenceCommunity

On the NSA Let me tell you the story of my tiny brush with the biggest crypto story of the year. A few weeks ago I received a call from a reporter at ProPublica, asking me background questions about encryption. Right off the bat I knew this was going to be an odd conversation, since this gentleman seemed convinced that the NSA had vast capabilities to defeat encryption. And not in a 'hey, d'ya think the NSA has vast capabilities to defeat encryption?' kind of way. Oddness aside it was a fun (if brief) set of conversations, mostly involving hypotheticals. All of this is a long way of saying that I was totally unprepared for today's bombshell revelations describing the NSA's efforts to defeat encryption. And since I never got a chance to see the documents that sourced the NYT/ProPublica story -- and I would give my right arm to see them -- I'm determined to make up for this deficit with sheer speculation. 'Bullrun' and 'Cheesy Name' How to break a cryptographic system Which standards? Which people?

Why Mozilla Was Right: GCHQ & NSA Track Cookies Subscribe to this blog About Author Glyn Moody's look at all levels of the enterprise open source stack. Contact Author Email Glyn Twitter Profile Linked-in Profile During 2013, I've written a few articles about Mozilla's attempt to give users greater control over the cookies placed on their systems, and how the European arm of the Interactive Advertising Bureau (IAB) tried to paint this as Mozilla "undermining the openness", or "hijacking" the Internet because it dared to stand up for us in this way. The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using "cookies" and location data to pinpoint targets for government hacking and to bolster surveillance. The agency's internal presentation slides, provided by former NSA contractor Edward Snowden, show that when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government.

Newly Revealed NSA Program Allows Online Global Internet Mapping MOSCOW, September 15 (RIA Novosti), Ekaterina Blinova - The NSA's "Treasure Map" project is aimed at conducting global cyber attacks and mapping the Internet in its entirety to include end users' devices, Der Spiegel has revealed. "The breathtaking mission is described in a Treasure Map presentation from the documents of the former intelligence service employee Edward Snowden... It instructs analysts to 'map the entire Internet – Any device, anywhere, all the time." the media outlet reports.The report claims thatthe NSA's program allows the creation of an "interactive map of the global Internet" available to the US surveillance agency. "One can imagine it as a kind of Google Earth for global data traffic, a bird's eye view of the planet's digital arteries". An examination of classified documents has indicated that the US surveillance service is keeping at least two German telecom providers, Deutsche Telekom AG and Netcologne, under close observation.

John McCain Formally Accused of Accepting Bribes From The Rothschilds | WASHINGTON, DC – SEPTEMBER 04: U.S. Sen. John McCain (R-AZ) (L) talks with Chairman Robert Menendez (D-NJ) before the Senate Foreign Relations Committee vote on a resolution on Syria on Capitol Hill September 4, 2013 in Washington, DC. The Senate Foreign Relations Committee voted to authorize U.S. It has long been known by many in the alternative research community that pretty much every politician in the western world is basically an employee of the ruling class, which is made up of a handful of traditionally powerful families including the Rothschilds and Rockefellers. Recently John McCain came under suspicion of “accepting improper contributions” from the Rothschild family during a recent trip to London. The Guardian reported that the situation in question involves a fundraising luncheon held in March at London’s Spencer House, during McCain’s visit to the United Kingdom this March. Read more at Intellihub Like this: Like Loading...

Crypto prof asked to remove NSA-related blog post Matthew Green is a well-known cryptography professor, currently teaching in the computer science department of Johns Hopkins University in Baltimore. Last week, Green authored a long and interesting blog post about the recent revelations that the National Security Agency (NSA) has, among much else, subverted crypto standards. In his words, "The TL;DR ['too long; didn't read' version] is that the NSA has been doing some very bad things." Today, Green's academic dean contacted him to ask that "all copies" of the blog post be removed from university servers. I was totally unprepared for today's bombshell revelations describing the NSA's efforts to defeat encryption. Was basic academic freedom on the line? I asked John Hopkins, and spokesman Dennis O'Shea responded with the school's side of the story: The university received information this morning that Matthew Green’s blog contained a link or links to classified material and also used the NSA logo.

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data. The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. In all, Gemalto produces some 2 billion SIM cards a year. “It’s unbelievable. GCHQ slide.

Related: