Topic: SECURITY - on September 14, 2013 at 4:31:00 PM CEST
FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors.
Freedom Hosting’s operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It’s not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 12, 2013 at 3:52:00 PM CEST
Former NSA Officer: Wikileaks Is A Front For Russian Intelligence And Snowden's (Probably) A Spy
I used to think that those on the inside -- those actually running the shadowy agencies of the world -- were immune to conspiracy theories. After all, their hidden actions were usually the ignition point for conspiracy theories. Every tiny revelation gets exaggerated exponentially until someone from a Zionist cabal has used Barak Obama's fake birth certificate to obtain a pilot's license and fly a weather-controlling airliner onto the front lawn of the Pentagon in order to trigger a pre-wired explosion that takes down a chunk of the building from the inside.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 12, 2013 at 1:46:00 PM CEST
Did the FBI Lean On Microsoft for Access to Its Encryption Software?
The NSA is reportedly not the only government agency asking tech companies for help in cracking technology to access user data. Sources say the FBI has a history of requesting digital backdoors, which are generally understood as a hidden vulnerability in a program that would, in theory, let the agency peek into suspects' computers and communications.
In 2005, when Microsoft was about to launch BitLocker, its Windows software to encrypt and lock hard drives, the company approached the NSA, its British counterpart the GCHQ and the FBI, among other government and law-enforcement agencies. Microsoft's goal was twofold: get feedback from the agencies, and sell BitLocker to them.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 12, 2013 at 1:44:00 PM CEST
Yahoo CEO Mayer: we faced jail if we revealed NSA surveillance secrets
Marissa Mayer, the CEO of Yahoo, and Mark Zuckerberg of Facebook struck back on Wednesday at critics who have charged tech companies with doing too little to fight off NSA surveillance. Mayer said executives faced jail if they revealed government secrets.
Yahoo and Facebook, along with other tech firms, are pushing for the right to be allowed to publish the number of requests they receive from the spy agency. Companies are forbidden by law to disclose how much data they provide.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 5:28:00 PM CEST
NSA shares raw intelligence including Americans' data with Israel
The National Security Agency routinely shares raw intelligence data with Israel without first sifting it to remove information about US citizens, a top-secret document provided to the Guardian by whistleblower Edward Snowden reveals.
Details of the intelligence-sharing agreement are laid out in a memorandum of understanding between the NSA and its Israeli counterpart that shows the US government handed over intercepted communications likely to contain phone calls and emails of American citizens. The agreement places no legally binding limits on the use of the data by the Israelis.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 4:32:00 PM CEST
Brazilian TV show accuses NSA of spying on oil firm based on leaked docs
Brazilian President Dilma Rousseff has said that if leaked NSA documents showing the US spied on her country's state-run oil firm Petrobras are "confirmed", then it must have done so for “economic and strategic” reasons rather than for "national security".
The leaked "intelligence documents" appear to run counter to US claims it isn't involved in industrial espionage.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 3:16:00 PM CEST
NSA violations led judge to consider viability of surveillance program
A judge on the secret surveillance court was so disturbed by the National Security Agency's repeated violations of privacy restrictions that he questioned the viability of its bulk collection of Americans' phone records, according to newly declassified surveillance documents.
Judge Reggie Walton, now the presiding judge on the Foreign Intelligence Surveillance (Fisa) court, imposed a significant and previously undisclosed restriction on the NSA's ability to access its bulk databases of phone records after finding that the agency repeatedly violated privacy protections.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 3:15:00 PM CEST
Offengelegte Dokumente: NSA verletzte massiv Privatsphäre von Bürgern
Die NSA hat nach einer Klage von Bürgerrechtlern Dokumente freigeben müssen. Die belegen, dass der Geheimdienst massiv die Privatsphäre von US-Bürgern verletzte. Von 17.800 überwachten Telefonanschlüssen war offenbar nur eine geringe Anzahl von Interesse im Kampf gegen den Terror.
Washington - Der US-Geheimdienst NSA hat nach jetzt freigegebenen Dokumenten massiv die Privatsphäre von US-Bürgern verletzt. Eine Bürgerrechtsgruppe hatte auf die Offenlegung der Informationen geklagt. Die am Dienstagabend (Ortszeit) veröffentlichten Dokumente beziehen sich auf das Sammeln der Metadaten von Telefonaten in den USA zwischen 2006 und 2009, für das es oftmals keine juristische Grundlage gab. Sie zeigen, dass die NSA fast 17.800 US-Telefonanschlüsse überwachte - nur etwa 1800 seien aber im Anti-Terror-Kampf möglicherweise von Interesse gewesen, sagte ein ranghoher Geheimdienstvertreter.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 3:14:00 PM CEST
FLYING PIG: The NSA Is Running Man In The Middle Attacks Imitating Google's Servers
Glyn mentioned this in his post yesterday about the NSA leaks showing direct economic espionage, but with so many other important points in that story, it got a little buried. One of the key revelations was about a program called "FLYING PIG" which is the first time I can recall it being clearly stated that the NSA has been running man-in-the-middle attacks on internet services like Google. This slide makes it quite clear that the NSA impersonates Google servers: There have been rumors of the NSA and others using those kinds of MITM attacks, but to have it confirmed that they're doing them against the likes of Google, Yahoo and Microsoft is a big deal -- and something I would imagine does not make any of those three companies particularly happy.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 3:12:00 PM CEST
Manipulierter Sicherheitsstandard: US-Behörde sucht Spuren der NSA-Saboteure
Die US-Behörde Nist beschließt Standards, unter anderem Grundlagen für Verschlüsselung. Nun warnt sie vor dem Einsatz eines seit Jahren etablierten Verfahrens: Es gibt Hinweise auf eine schwere Sicherheitslücke, eingebaut von der NSA.
Das US-Normungsinstitut Nist (National Institute of Standards and Technology) warnt vor einem eigenen Standard. In einer öffentlichen Erklärung raten die Experten dringen davon ab, ein 2006 genormtes Verfahren für einen Zufallszahlengenerator zu nutzen. Die Methode wird vor allem bei Verschlüsselungsverfahren genutzt.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 11, 2013 at 3:11:00 PM CEST
Government Announces Steps to Restore Confidence on Encryption Standards
The federal agency charged with recommending cybersecurity standards said Tuesday that it would reopen the public vetting process for an encryption standard, after reports that the National Security Agency had written the standard and could break it.
“We want to assure the I.T. cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place,” The National Institute of Standards and Technology said in a public statement. “N.I.S.T. would not deliberately weaken a cryptographic standard.”
... Link (0 comments) ... Comment
Topic: SECURITY - on September 10, 2013 at 2:36:00 PM CEST
Yahoo files lawsuit against NSA over user data requests
Yahoo on Monday joined other US technology giants in launching legal action against the federal government over the NSA surveillance revealed by whistleblower Edward Snowden.
Yahoo filed a suit in the foreign intelligence surveillance (Fisa) court, which provides the legal framework for NSA surveillance, to allow the company to make public the number of data requests it receives per year from the spy agency.
... Link (0 comments) ... Comment
