Topic: SECURITY - on September 4, 2013 at 3:06:00 PM CEST
Informationen aus dem Kanzleramt: Bundesnachrichtendienst übermittelt NSA noch mehr Daten als bisher bekannt
Der Bundesnachrichtendienst übermittelt der amerikanischen NSA jeden Monat drei Millionen Telekommunikations-Verkehrsdaten. Das geht aus Informationen des Bundeskanzleramts hervor, die netzpolitik.org über Umwege erfahren hat. Die enge Zusammenarbeit der Auslandsgeheimdienste ist nicht nur in Afghanistan ausgeprägt, in Bad Aibling nutzt der BND sogar Suchbegriffe der NSA.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 4, 2013 at 2:43:00 PM CEST
NSA Laughs at PCs, Prefers Hacking Routers and Switches
The NSA runs a massive, full-time hacking operation targeting foreign systems, the latest leaks from Edward Snowden show. But unlike conventional cybercriminals, the agency is less interested in hacking PCs and Macs. Instead, America’s spooks have their eyes on the internet routers and switches that form the basic infrastructure of the net, and are largely overlooked as security vulnerabilities.
Under a $652-million program codenamed “Genie,” U.S. intel agencies have hacked into foreign computers and networks to monitor communications crossing them and to establish control over them, according to a secret black budget document leaked to the Washington Post. U.S. intelligence agencies conducted 231 offensive cyber operations in 2011 to penetrate the computer networks of targets abroad.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 3, 2013 at 4:46:00 PM CEST
USB-Tastatur kapert Linux-Kern
ChromeOS-Entwickler Kees Cook hat beim Experimentieren mit USB-Endgeräten zwölf Schwachstellen im Code des Linux Kernels entdeckt, der für die Interaktion mit HIDs (Human Interface Devices) zuständig ist. Der gravierendste Fehler kann dabei eine Speicherverletzung auslösen, wenn das USB-Gerät mehr "Report ID" Felder generiert, als der Kernel erwartet. Einen entsprechenden Patch, der das Problem behebt, hat Cook ebenfalls vorgelegt
... Link (0 comments) ... Comment
Topic: SECURITY - on September 2, 2013 at 2:00:00 PM CEST
'Anonymous' to Reg hack: We know SEA leaders' names
Following the Syrian Electronic Army's (SEA's) attack on a Melbourne IT reseller which resulted in the temporary compromise of domain name records for targets as diverse as The New York Times and Twitter, a group claiming association with Anonymous now says it has compromised SEA databases and servers.
As first reported here (in French with NSFW images) and here by Brian Krebs, the attackers say they have compromised SEA servers, obtained members' names along with user IDs and passwords, and have copied gigabytes of SEA data.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 2, 2013 at 1:58:00 PM CEST
Stork detained in Egypt on suspicion of spying
The bird was put behind bars after a man fishing in the Nile in Qena, some 280 miles south-east of Cairo, spotted an electronic device attached to its feathers.
Thinking it was an undercover agent, he captured the stork and took it to a police station near his home, said Mohammed Kamal, head of security in the Qena region.
Puzzled officers examined the bird, fearing the gadget was a bomb or spying equipment, and then called in veterinary experts.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 2, 2013 at 1:57:00 PM CEST
Snowden-Dokumente: Extremisten wollten US-Geheimdienste unterwandern
Wer sich bei der CIA bewirbt, wird durchleuchtet. Bei diesen Hintergrundchecks tauchen laut "Washington Post" immer wieder Verbindungen zu Terroristen und feindlichen Geheimdiensten auf. Wie Papiere des Whistleblowers Snowden belegen, hat jeder fünfte suspekte Bewerber solche Kontakte.
Washington - Nur zu gern wüssten Terrorgruppen und feindliche Geheimdienste, was in den US-Spionagezentralen vor sich geht. Dazu versuchen diese offenbar regelmäßig, eigene Leute bei CIA, NSA und Co. einzuschleusen. Die "Washington Post" liefert nun eine grobe Einschätzung der Dimension dieser Infiltrierungsversuche.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 2, 2013 at 1:52:00 PM CEST
"Hemisphere Project": US-Drogenbehörde nutzt größere Telefondatenbank als NSA
Die US amerikanische Drug Enforcement Agency (DEA) und das Office of National Drug Control Policy (ONDCP) haben 2007 Hemisphere ins Leben gerufen. In Zusammenarbeit mit dem US amerikanischen Provider AT&T erlaubt das Programm den Mitarbeitern der DEA und anderen Behörden auf alle Verbindungsdaten von Telefongesprächen zurückzugreifen, die über AT&T Switches liefen. So zeigen Präsentationsfolien, die der New York Times durch Friedensaktivisten Drew Hendricks zur Verfügung gestellt wurden, dass AT&T seit 1987 alle Verbindungsdaten aus den eigenen Netzen vorhält und täglich etwa 4 Milliarden Datensätze dazukommen.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 2, 2013 at 1:50:00 PM CEST
We interviewed the guy who prank-called the NSA
The NSA is in dire need of customer service training — at least in the case of Bahram Sadeghi, a Dutch-Iranian filmmaker who decided to call the surveillance agency for “help” after one of his e-mails was accidentally deleted. In a three-minute exchange with NSA spokespeople, Sadeghi manages to confound one with his request (you can almost hear the relief in her voice when Sadeghi asks to speak to someone else) and gets a curt reply from another.
... Link (0 comments) ... Comment
Topic: SECURITY - on September 1, 2013 at 1:55:00 PM CEST
Hallo NSA, können Sie meine E-Mail wiederherstellen?
Sie haben eine wichtige E-Mail unwiederbringlich gelöscht? Da könnten doch US-Geheimdienste helfen. Ein niederländischer Journalist ruft einfach die NSA-Zentrale an, bittet um ein Backup - und bekommt Tipps von erstaunlich hilfsbereiten Menschen.
Die NSA ist leicht zu erreichen: Die Telefonnummer der Zentrale für Öffentlichkeitsarbeit steht im Netz. Als der niederländische Journalist Bahram Sadeghi anruft, dabei gefilmt von seiner Freundin, nimmt in der NSA-Zentrale in Fort Meade auch gleich jemand ab.
... Link (0 comments) ... Comment
Topic: SECURITY - on August 31, 2013 at 4:24:00 PM CEST
David Miranda was carrying password for secret files on piece of paper
In a written statement handed to the High Court in London, a senior Cabinet Office security adviser said it showed “very poor judgment” by David Miranda and other people associated with him.
Senior judges agreed to issue a court order which allows Scotland Yard to continue to examine data from nine electronic devices seized from Mr Miranda on August 18.
... Link (0 comments) ... Comment
Topic: SECURITY - on August 31, 2013 at 4:23:00 PM CEST
UK Asked New York Times To Destroy Edward Snowden Documents; NY Times Ignored Request
There's been some back and forth concerning the David Miranda legal fight today and it's getting fairly ridiculous. The UK government is making some extraordinary claims about Miranda and the encrypted information he was carrying. They claim that some of the information was potentially incredibly damaging to UK national security interests (the same rhetoric we always hear, but is rarely shown to be true) and they also claim that they found a piece of paper on Miranda that allowed them to "decrypt one file on his seized hard drive." Furthermore, they claim that Miranda (and Greenwald and Poitras) "demonstrated very poor judgment in their security arrangements with respect to the material," in order to suggest that it might easily fall into dangerous hands.
... Link (0 comments) ... Comment
Topic: SECURITY - on August 30, 2013 at 1:27:00 PM CEST
Snowden Spoofed Top Officials' Identity To Mine NSA Secrets
As government investigators continue to try to figure out just how much data whistleblower Edward Snowden had access to, MSNBC is reporting that Snowden used his sysadmin privileges to assume the user profiles of top NSA officials in order to gain access to the most sensitive files. His sysadmin privileges also enabled him to do something other NSA users can't — download classified files from NSAnet onto a thumb drive. 'Every day, they are learning how brilliant [Snowden] was,' said a former U.S. official with knowledge of the case. 'This is why you don't hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble.
... Link (0 comments) ... Comment
