ON THE MORNING of June 11, 2009, James Rosen stepped inside the State Department, scanned his building badge and made his way to the Fox News office in the busy press room on the second floor. It was going to be a hectic day. Like other reporters working the phones that morning, Rosen was looking for fresh news about the latest crisis with North Korea.
Two weeks earlier, North Korea had conducted a nuclear detonation that showed the rest of the world it possessed a functioning bomb. The United Nations was on the verge of a formal condemnation, but no one at the U.N. or inside the U.S. government knew how North Korea’s unpredictable regime would respond and whether things might escalate toward war.
Rosen called Stephen Kim, a State Department expert on rogue nations and weapons of mass destruction. Kim, a U.S. citizen who was born in South Korea, spoke fluent Korean and had worked at one of America’s nuclear-weapons labs. He probably knew more about what was going on in Pyongyang than almost anyone else in the building.
The call, according to metadata collected by the FBI, lasted just half a minute, but soon afterward Kim called Rosen and they talked for nearly a dozen minutes. After that conversation, they left the building at roughly the same time, then spoke once more on the phone after they both returned.
A classified report on North Korea had just begun circulating, and Kim was among the restricted number of officials with clearance to read it. He logged onto a secure computer, called up the report at 11:27 a.m., and phoned Rosen 10 minutes later. A few minutes past noon, he left the building again, and a minute later Rosen followed. The destruction of Kim’s life would center on the question of what the two men discussed during that brief encounter outside the State Department.
Category: Spying
Russia Reaches The Censorship Endgame: Banning VPNs, Tor And Web Proxies
Speaking at Infoforum-2015, Russian MP Leonid Levin, who is deputy head of the Duma Committee on information politics, indicated that access to anonymization and circumvention tools such as TOR, VPNs and even web proxies, needs to be restricted.
Samsung’s spying smart TVs don’t encrypt voice recordings sent over the internet
The telly only records what’s said in front of it after the wake-up command, such as “Hi TV”, is spoken – so it’s not recording all the time. This could change in a future firmware update, Lodge points out, but for now this is reassuring.
However, recorded voice commands are sometimes sent as encoded audio to an outside organization for processing – this applies to any commands more complex than, say, changing the volume. For example, spoken web search requests are piped to a company called Nuance to analyze and turn into query results sent back to the TVs.
A specific server receives data from the televisions in plaintext, and replies with unencrypted responses; for those itching to firewall off access, it is:
av.nvc.enGB.nuancemobility.net 208.94.122.45
The information is sent over port 443, normally used for TLS-secured HTTPS connections and typically not firewalled off. The stream is not encrypted, Lodge said. This allows a man-in-the-middle in the network to eavesdrop on the data and tamper with it.
GCHQ Will Have To Start Letting Everyone Know Whether Or Not They’ve Been Illegally Spied On
Last December, the IPT (Investigatory Powers Tribunal) ruled that GCHQ’s surveillance programs didn’t violate human rights, despite being broad and untargeted dragnets. This ruling — in response to several legal challenges brought in the wake of the Snowden leaks — was unsurprising. The IPT has overwhelmingly supported GCHQ’s spying efforts in the past, having only sided against it in one-half of one percent of the challenges brought against it.
The IPT’s ongoing support of the UK’s intelligence community is unsurprising. To declare any of its programs as illegal or in violation of citizens’ rights would be to implicate itself for its near-constant approval of surveillance programs. That makes its February decision a bit of an aberration. In response to Privacy International’s legal challenge, it changed course slightly, declaring certain elements of the GCHQ’s spying efforts “illegal” — specifically, information sharing with the NSA. But this was only a partial capitulation. The IPT went on to say that this was once illegal but now was not, thanks to its December 2014 ruling. In some bizarre way, the legal complaints brought against the GCHQ managed to legalize its once-illegal partnership with the NSA.
However, its February decision makes it clear that operations prior to December 2014 were illegal, and provides an opening for UK citizens to force a bit more transparency on their intelligence community.
Because the IPT found the intelligence sharing to be illegal, anyone, inside or outside the UK, can file a complaint to the IPT and ask if their communications were part of that illegal sharing, and be legally entitled to an answer. [Privacy International’s Eric] King explained, “If they don’t find anything, it’s likely they respond ‘no determination’. If they do find something, the IPT is obliged to give a declaration to the individual that their communications were illegally interfered with.”
This is far more transparency than has been granted by the NSA, which still responds to similar inquiries about files on citizens (from those citizens themselves) with its omnipresent Glomar declaration, neither confirming nor denying the collected results of its domestic surveillance programs.
Researchers Find ‘Astonishing’ Malware Linked to NSA Spying
Security researchers have uncovered highly sophisticated malware that is linked to a secret National Security Agency hacking operation exposed by The Intercept last year.
Russian security firm Kaspersky published a report Monday documenting the malware, which it said had been used to infect thousands of computer systems and steal data in 30 countries around the world. Among the targets were a series of unnamed governments, telecom, energy, and aerospace companies, as well as Islamic scholars, and media organizations.
Kaspersky did not name the NSA as the author of the malware. However, Reuters reported later on Monday that the agency had created the technology, citing anonymous former U.S. intelligence officials.
Kaspersky’s researchers noted that the newly found malware is similar to Stuxnet, a covert tool reportedly created by the U.S. government to sabotage Iranian nuclear systems. The researchers also identified a series of codenames that they found contained within the samples of malware, including STRAIGHTACID, STRAITSHOOTER, and GROK.
Notably, GROK, which Kaspersky said is a piece of malware used to secretly log keystrokes, is tied to secret NSA hacking tactics described in documents from whistleblower Edward Snowden. Last year, The Intercept revealed that the NSA was using a tool called GROK to log keystrokes as part of a toolkit it uses to hack computers and collect data.
The other codenames identified by Kaspersky on Tuesday—such as STRAIGHTACID, STRAITSHOOTER—are strikingly similar to known NSA hacking operations. Leaked NSA documents have revealed that the agency uses hacking tools known as STRAIGHTBIZARRE and FOXACID to break into computers and grab data.
According to Kaspersky, the malware found in the latest discovery is the most advanced ever found and represents an “astonishing technical accomplishment.” It hides deep within an infected computer and can stay on the machine even after attempts to wipe or reformat the hard drive. The security firm has dubbed different variants of the malware EquationLaser, EquationDrug and GrayFish, and they are calling its creators the “Equation Group,” because of the way the spy technology attempts to hide itself in an infected computer using complex encryption.
Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner
In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.
In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes, Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to “collect it all” — including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA’s efforts to buy up zero day vulnerabilities before companies can find out and patch them:
“What has struck me is the enormous degree of hostility between Silicon Valley and the government,” said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. “The relationship has been poisoned, and it’s not going to recover anytime soon.”
U.S. Drops to 49th in World Press Freedom Rankings, Worst Since Obama Became President
Each year, Reporters Without Borders issues a worldwide ranking of nations based on the extent to which they protect or abridge press freedom. The group’s 2015 ranking was released this morning, and the United States is ranked 49th.
That is the lowest ranking ever during the Obama presidency, and the second-lowest ranking for the U.S. since the rankings began in 2002 (in 2006, under Bush, the U.S. was ranked 53rd). The countries immediately ahead of the U.S. are Malta, Niger, Burkino Faso, El Salvador, Tonga, Chile and Botswana.
Some of the U.S.’s closest allies fared even worse, including Saudi Arabia (164), Bahrain (163), Egypt (158), the UAE (120), and Israel (101: “In the West Bank, the Israeli security forces deliberately fired rubber bullets and teargas at Palestinian journalists”; 15 journalists were killed during Israeli attack on Gaza; and “the authorities also stepped up control of programme content on their own TV stations during the offensive, banning a spot made by the Israeli NGO B’Tselem that cited the names of 150 children who had been killed in the Gaza Strip”).
To explain the latest drop for the U.S., the press group cited the U.S. government’s persecution of New York Times reporter Jim Risen, as well as the fact that the U.S. “continues its war on information in others, such as WikiLeaks.” Also cited were the numerous arrests of journalists covering the police protests in Ferguson, Missouri (which included The Intercept’s Ryan Devereaux, who was tear-gassed and shot with a rubber bullet prior to his arrest).
Obama To Germans Worried About NSA Surveillance: ‘Hey, Trust Us!’
It’s often been said that trust is something that you earn — or that you completely destroy in irredeemable ways. So it’s a little bizarre to see President Obama trying to restore German trust in the US (and specifically over NSA surveillance) with a bogus “hey, trust us” line, when his own government has spent the past few years doing everything possible to undermine any residual trust. Yet here he is, in a joint appearance with German Chancellor Angela Merkel, asking for “the benefit of the doubt.”
There are going to still be areas where we’ve got to work through these issues. We have to internally work through some of these issues, because they’re complicated, they’re difficult. If we are trying to track a network that is planning to carry out attacks in New York or Berlin or Paris, and they are communicating primarily in cyberspace, and we have the capacity to stop an attack like that, but that requires us then being able to operate within that cyberspace, how do we make sure that we’re able to do that, carry out those functions, while still meeting our core principles of respecting the privacy of all our people?
And given Germany’s history, I recognize the sensitivities around this issue. What I would ask would be that the German people recognize that the United States has always been on the forefront of trying to promote civil liberties, that we have traditions of due process that we respect, that we have been a consistent partner of yours in the course of the last 70 years, and certainly the last 25 years, in reinforcing the values that we share. And so occasionally I would like the German people to give us the benefit of the doubt, given our history, as opposed to assuming the worst — assuming that we have been consistently your strong partners and that we share a common set of values.
And if we have that fundamental, underlying trust, there are going to be times where there are disagreements, and both sides may make mistakes, and there are going to be irritants like there are between friends, but the underlying foundation for the relationship remains sound.
Magistrate Judge Shoots Down Government’s Attempt To Gag Yahoo Indefinitely Over Grand Jury Subpoenas
California judge Paul Grewal continues to hold up his end of the “Magistrates’ Revolt.” Grewal was the magistrate who shot down the government’s open-ended request to grab every email in a person’s Gmail account and sort through them at its leisure. He was actually the second magistrate to shoot down this request. The government went “judge shopping” after Judge John Facciola told it the scope of the request needed to be narrowed considerably before he would even think about granting it. The government decided it still wanted all the email and traveled across the country to see Judge Grewal… who told them to GTFO without even giving the feds the option to rewrite the request.
Grewal is once again siding with the public and acting as a check against government overreach.
Law enforcement cannot indefinitely forbid Yahoo Inc from revealing a grand jury subpoena that seeks subscriber account information, a U.S. judge ruled, because doing so would violate the company’s free speech rights.
U.S. Magistrate Judge Paul Grewal in San Jose, California on Thursday wrote that the government’s request would prohibit Yahoo from disclosing the subpoena, even years after the grand jury concluded its probe. The court order does not disclose the target of the federal investigation.
“In an era of increasing public demand for transparency about the extent of government demands for data from providers like Yahoo!, this cannot stand,” Grewal wrote.
CIA Wanted To Throw The CFAA At Senate Staffers For Unauthorized Googling
Marcy Wheeler has picked up on an interesting claim made in the CIA’s “We Did Nothing Wrong” report. This report — an in-house investigation of the CIA’s snooping on/hacking Senate staffers during the compilation of the Torture Report — tossed out the Inspector General’s findings and cleared the agency of any misconduct. It then went on to disingenuously claim that it was the Senate, not the CIA, that broke the rules.
According to the CIA’s investigators, Senate staffers accessed documents they weren’t supposed to see, apparently by “abusing” the shared network set up explicitly for the Torture Report compilation. What Wheeler spotted — in a very thorough fisking of the CIA investigative report by Katherine Hawkins of Just Security — is the attempted criminalization of Google searches.