company:n.s.a.

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc
▻https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.’s own backyard.

#boomerang

How Classical Cryptography Will Survive Quantum Computers - Facts So Romantic
▻http://nautil.us/blog/-how-classical-cryptography-will-survive-quantum-computers

http://static.nautil.us/13978_129e4760599f99cd2841b7a19d03e07e.jpg

Quantum Lab: Scientists are fabricating quantum photonic circuits—consisting of waveguides and other elements—to manipulate single photons for future quantum communications and processing.Oak Ridge National Laboratory / FlickrJustin Trudeau, the Canadian prime minister, certainly raised the profile of quantum computing a few notches last year, when he gamely—if vaguely1—described it for a press conference. But we’ve heard a lot about quantum computers in the past few years, as Google, I.B.M., and N.A.S.A., as well as many, many universities, have all been working on, or putting money into, quantum computers for various ends. The N.S.A., for instance, as the Snowden documents revealed, wants to build one for codebreaking, and it seems to be a common belief that if a full-scale, practical (...)

How Classical Cryptography Will Survive Quantum Computers - Facts So Romantic
▻http://nautil.us/blog/how-classical-cryptography-will-survive-quantum-computers

http://static.nautil.us/11762_360c19682e81f21d55846685c1701179.jpg

Quantum Lab: Scientists are fabricating quantum photonic circuits—consisting of waveguides and other elements—to manipulate single photons for future quantum communications and processing.Oak Ridge National Laboratory / FlickrJustin Trudeau, the Canadian prime minister, certainly raised the profile of quantum computing a few notches last year, when he gamely—if vaguely1—described it for a press conference. But we’ve heard a lot about quantum computers in the past few years, as Google, I.B.M., and N.A.S.A., as well as many, many universities, have all been working on, or putting money into, quantum computers for various ends. The N.S.A., for instance, as the Snowden documents revealed, wants to build one for codebreaking, and it seems to be a common belief that if a full-scale, practical (...)

Edward Snowden’s Long, Strange Journey to Hollywood
(Irina Alexander, August 2016)

A long but interesting read about how Oliver Stone’s “Snowden” came to be.

Oliver Stone, director
Moritz Borman, the producer
Anatoly Kucherena, Snowden’s Russian lawyer
Ben Wizner, Snowden’s lawyer at the American Civil Liberties Union (ACLU)

▻https://www.nytimes.com/2016/09/04/magazine/edward-snowdens-long-strange-journey-to-hollywood.html

https://static01.nyt.com/images/2016/09/04/magazine/04snowden8-cover/04snowden8-cover-superJumbo-v2.gif

On “Snowden,” he and Borman became so preoccupied with American government surveillance that they had their Los Angeles offices swept for bugs more than once.

...

[Wizner said] that Snowden wasn’t profiting from Stone’s film in any way. “One hard-and-fast rule Ed always had was, I’m not selling my life rights,” Wizner said. Snowden’s participation in a Hollywood movie would only fuel the claims of his critics — that he was a narcissist eager to cash in. That said, Stone’s film would be seen by millions of people, which meant it could sway public opinion. “We were choosing between two bad options,” Wizner said.

...

Wizner had negotiated veto control over any footage featuring Snowden in the film. After we spoke, the lawyer says he asked Borman to put that in writing. He also reiterated that if Stone took a reporter along, Snowden would not participate. Stone and I eventually reached a compromise: I wouldn’t observe the shoot, but I could still come and meet Kucherena.

...

Anticipating a homesick Snowden, [Stone’s co-writer] hauled over a duffel bag packed with the stuff of Americana dreams: Kraft macaroni and cheese, Jell-O cups, Oreos, Pepperidge Farm cookies, Twizzlers, peanut butter, Spam, an Orioles baseball cap and a pair of Converse sneakers. “It was like delivering a care package to a kid at summer camp,” [he said.] He also slipped in a copy of “The Odyssey” translated by his grandfather “I thought it was appropriate, since Ed was on his own kind of odyssey trying to get home.”

...

Wizner, who is 45, has been at the A.C.L.U. since 2001. Before Snowden, he tried to bring several suits to increase oversight over the intelligence community. Wizner likes to say that he spent a decade banging his head against a wall, and then Snowden came along and brought that wall down. Snowden had not only revealed the scope of the surveillance apparatus, but also that top government officials routinely misled the public about it. Since becoming Snowden’s advocate, Wizner has become a figure of not insignificant geopolitical importance. Those revelations have since formed a critical backdrop for legislative reforms, and there are few things that irritate Wizner more than claims that threaten to tarnish Snowden’s character and their common cause.

It would not be a stretch to say that for Wizner, Kucherena has become a bit of a liability. Since 2013, the Russian lawyer has announced that Snowden landed a job at a major Russian website — news that turned out to not be true — and has supplied the news media with photos of his client enjoying his new life in Russia, attending an opera at the Bolshoi Theater and cheerfully hugging a dog named Rick. (Rick later turned out to be the dog of one of Kucherena’s friends). Now Kucherena had sold a novel to Stone, making it seem as if the director had to pay a Russian fixer to have access to Snowden — or worse, that Snowden was somehow under the lock and key of the Russian authorities, lent to Stone for a Hollywood movie.

...

According to Wizner, [Snowden] leads a free existence in Russia, making appearances via live video and publishing op-eds against Russia’s human rights violations. “I think people are inclined to believe that Russia would never let him stay there unless he was paying for it in some way,” Wizner said. “But it’s just not true. Not only is he not cooperating, but he’s actually being critical.”

...

Oliver Stone, Edward Snowden, Anatoly Kucherena and Kieran Fitzgerald in Kucherena’s office in Moscow.

https://static01.nyt.com/images/2016/09/04/magazine/04snowden5/04mag-04snowden-t_CA0-master675.jpg

The shoot took place at Kucherena’s dacha. The day went long. Stone’s idea was to interview Snowden and capture an affecting moment that would give the film its dramatic ending. But the first takes were stiff. “Ed is used to answering questions on a level of intelligence,” Stone said. “But I was interested in the emotional, which is difficult for him.”

...

“Suddenly this little creature comes teetering in — so fragile, so lovely, such a charming, well-­behaved, beautiful little man,” the cinematographer, Anthony Dod Mantle, told me. “He’s like an old soul in a very young body. He’s got fingers like violins.” Filming Snowden reminded Mantle of shooting other men with outsize reputations and slight builds. “It’s like Bono or Al Pacino,” he added. “Those guys are teeny-­weenies. But if you isolate him into a frame, he can be as big as anybody else.”

...

Convinced that making the film on American soil would be too risky, Stone decided to film in Germany, where Borman was able to score some tax subsidies. With roughly 140 script pages to shoot in 54 days, the crew sprinted from Munich to Washington, to Hawaii, to Hong Kong, and then back to Munich. Often, Mantle wouldn’t get to see locations before he had to film in them. To cut costs, the suburbs of Munich had to stand in for rural Maryland and Virginia, with German extras cast as Americans. “Thank God the Germans act like Americans,” Stone said.

The production itself resembled a covert operation, with a code name (“Sasha” had stuck) and elaborate security protocols. Worried that “Sasha” would be of interest to the N.S.A., Borman and Stone avoided discussing production details by phone or email — “It was all handwritten notes and long walks in the park,” Borman said — and kept the script on air-­gapped computers, ones that have never been connected to the internet. If it had to be mailed, Borman would mix up the pages into four packages, which he would send with four different couriers to four different addresses. “Maybe nobody gave a [expletive],” Borman told me. “Or maybe the N.S.A. is laughing at us like, ‘Look at those idiots — of course we copied everything that came through DHL and FedEx!”

...

In the spring of 2014, Stone flew to Berlin and met with Poitras. The meeting did not go well. According to Poitras, Stone proposed that she delay the release of “Citizenfour,” which she was then in the middle of editing, to time up with his film. “Because his film would be the real movie — because it’s a Hollywood movie,” Poitras told me. “Obviously I wasn’t interested in doing that. To have another filmmaker ask me to delay the release of my film was — well, it was somewhat insulting.”

...

If Poitras had a strong reaction to Stone’s proposal, it was because she had already been hounded by Sony. After the studio optioned Greenwald’s book, Poitras says Sony asked to buy her life rights — an offer she declined. Sony suggested that she come on as a consultant, but when the contract arrived, it stipulated that the studio would have access to Poitras’s tapes and notebooks. “So I’d already gone through that when Oliver came in trying to position himself,” she said.

...

Stone was right about Gordon-­Levitt. His performance is not an interpretation so much as a direct replica of the whistle-­blower’s even demeanor and intonation. Quinto plays Greenwald with such intensity that he appears perpetually enraged. Melissa Leo’s Poitras is in turn warm and protective, almost maternal.

...

Snowden’s N.S.A. boss is unsubtly named Corbin O’Brian, after the antagonist in Orwell’s “1984.” “Most Americans don’t want freedom,” O’Brian tells Snowden. “They want security.”

...

Snowden’s many storytellers all tell a similar hero narrative. But if Greenwald’s account is about journalism, Poitras’s is a subtle and artful character study and Kucherena’s is an attempt at the Russian novel — a man alone in a room, wrestling with his conscience — Stone’s is the explicit blockbuster version, told in high gloss with big, emotional music and digestible plot points that will appeal to mass audiences. As Wizner wisely anticipated, it is the narrative most likely to cement Snowden’s story in Americans’ minds.

...

Snowden declined to comment for this article, but Stone told me he had seen the film and liked it. At a screening at Comic-­Con a few months later, Snowden would beam in via satellite to give his somewhat wary approval. “It was something that made me really nervous,” he said of Stone’s film. “But I think he made it work.”

...

Gordon-­Levitt was so moved by Snowden’s story that he donated most of his salary from the film to the A.C.L.U. and used the rest to collaborate with Wizner on a series of videos about democracy.

Snowden avant la lettre:
Burglars of Media, Pennsylvania FBI building in 1971, reveal themselves after 42 years
(Jan 2014)
►https://www.nytimes.com/2014/01/07/us/burglars-who-took-on-fbi-abandon-shadows.html

They can no longer be prosecuted for what happened, and a book came out describing the whole story. The book is written by Betty Medsger, one of the first journalists to have received the stolen documents. The documents contained hard evidence on the FBI’s spying on political groups.

They were never caught, and the stolen documents that they mailed anonymously to newspaper reporters were the first trickle of what would become a flood of revelations about extensive spying and dirty-tricks operations by the F.B.I. against dissident groups.

[...]

The burglars had, until now, maintained a vow of silence about their roles in the operation. They were content in knowing that their actions had dealt the first significant blow to [the FBI].

[...]

Unlike Mr. Snowden, who downloaded hundreds of thousands of digital N.S.A. files onto computer hard drives, the Media burglars did their work the 20th-century way: they cased the F.B.I. office for months, wore gloves as they packed the papers into suitcases, and loaded the suitcases into getaway cars. When the operation was over, they dispersed. Some remained committed to antiwar causes, while others, like John and Bonnie Raines, decided that the risky burglary would be their final act of protest against the Vietnam War and other government actions before they moved on with their lives.

(Keith Forsyth, John Raines, Bonnie Raines, William C. Davidon)

The book:

https://images-na.ssl-images-amazon.com/images/I/51CXoDJ2OoL._SY344_BO1,204,203,200_.jpg

In late 1970, a mild-mannered Haverford College physics professor privately asked a few people this question: “What do you think of burglarizing an FBI office?” In remarkable detail and with astonishing depth of research, Betty Medsger reveals the never-before-told full story of the history-changing break-in at the Media, Pennsylvania, FBI offices. Through their exploits, a group of unlikely activists exposed the shocking truth that J. Edgar Hoover was operating a shadow Bureau engaged in illegal surveillance and harassment of the American people.

The Burglary brings the activists, who have kept their secret for forty-three years, into the public eye for the first time—including, new to this edition, the recent discovery of the eighth and final member of the team. The burglars’ story of personal sacrifice and civil disobedience is a vital episode in the American whistle-blower tradition that includes the Pentagon Papers, Watergate’s Deep Throat, and, most recently, Edward Snowden and the NSA.

#FBI
#whistleblower #whistleblowing
#book

N.S.A. Gets More Latitude to Share Intercepted Communications - The New York Times
▻https://www.nytimes.com/2017/01/12/us/politics/nsa-gets-more-latitude-to-share-intercepted-communications.html

The change means that far more officials will be searching through raw data. Essentially, the government is reducing the risk that the N.S.A. will fail to recognize that a piece of information would be valuable to another agency, but increasing the risk that officials will see private information about innocent people.

#legs #Obama #surveillance #vie_privée

Mass Surveillance Isn’t the Answer to Fighting Terrorism

►http://www.nytimes.com/2015/11/18/opinion/mass-surveillance-isnt-the-answer-to-fighting-terrorism.html

It happens after ever terrorist attack: authorities & intelligence agencies complain about surveillance and encrypted communication. But,

indiscriminate bulk data sweeps have not been useful. In the more than two years since the N.S.A.’s data collection programs became known to the public, the intelligence community has failed to show that the phone program has thwarted a terrorist attack. Yet for years intelligence officials and members of Congress repeatedly misled the public by claiming that it was effective.

Often, the problem is not lack of information but means to act upon that information:

Most of the men who carried out the Paris attacks were already on the radar of intelligence officials in France and Belgium, where several of the attackers lived only hundreds of yards from the main police station, in a neighborhood known as a haven for extremists.

What’s more:

“Every time there is an attack, we discover that the perpetrators were known to the authorities,” said François Heisbourg[1], a [French] counterterrorism expert and former defense official. “What this shows is that our intelligence is actually pretty good, but our ability to act on it is limited by the sheer numbers.”

We all agree that

There is no dispute that law enforcement agencies should have the necessary powers to detect and stop attacks before they happen. But that does not mean unquestioning acceptance of ineffective and very likely unconstitutional tactics that reduce civil liberties without making the public safer.

#terrorism
#surveillance #mass_surveillance
_____
[1] ▻https://fr.wikipedia.org/wiki/Fran%C3%A7ois_Heisbourg

AT&T Helped NSA spy on Internet on a Vast Scale

The New York Times has investigated some document submitted to them by Edward Snowden. These documents describe AT&T’s relationship with the NSA. It seems no other telecom provider has worked so closely together with the NSA as did AT&T.

▻http://www.nytimes.com/2015/08/16/us/politics/att-helped-nsa-spy-on-an-array-of-internet-traffic.html?_r=0

AT&T has given the N.S.A. access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.

One document reminds N.S.A. officials to be polite when visiting AT&T facilities, noting, “This is a partnership, not a contractual relationship.”

[...]

Because domestic wiretapping laws do not cover foreign-to-foreign emails, the companies have provided them voluntarily, not in response to court orders, intelligence officials said. But it is not clear whether that remains the case after the post-Snowden upheavals.

#surveillance
#privacy
#NSA

Israel’s N.S.A. Scandal
▻http://www.nytimes.com/2014/09/17/opinion/israels-nsa-scandal.html

L’unité 8200 d’#Israël ►http://seenthis.net/messages/293043 peut faire chanter des Palestiniens innocents grâce à la #NSA des #Etats-Unis,

Among his most shocking discoveries, [#Snowden] told me, was the fact that the N.S.A. was routinely passing along the private communications of Americans to a large and very secretive Israeli military organization known as Unit 8200. This transfer of intercepts, he said, included the contents of the communications as well as metadata such as who was calling whom.

Typically, when such sensitive information is transferred to another country, it would first be “minimized,” meaning that names and other personally identifiable information would be removed. But when sharing with Israel, the N.S.A. evidently did not ensure that the data was modified in this way.

Mr. Snowden stressed that the transfer of intercepts to #Israel contained the communications — email as well as phone calls — of countless Arab- and Palestinian-Americans whose relatives in Israel and the Palestinian territories could become targets based on the communications. “I think that’s amazing,” he told me. “It’s one of the biggest abuses we’ve seen.”

It appears that Mr. Snowden’s fears were warranted. Last week, 43 veterans of Unit 8200 — many still serving in the reserves — accused the organization of startling abuses. In a letter to their commanders, to Prime Minister Benjamin Netanyahu and to the head of the Israeli army, they charged that Israel used information collected against innocent Palestinians for “political persecution.” In testimonies and interviews given to the media, they specified that data were gathered on Palestinians’ sexual orientations, infidelities, money problems, family medical conditions and other private matters that could be used to coerce Palestinians into becoming collaborators or create divisions in their society.

The veterans of Unit 8200 declared that they had a “moral duty” to no longer “take part in the state’s actions against Palestinians.” An Israeli military spokesman disputed the letter’s overall drift but said the charges would be examined.

It should trouble the American public that some or much of the information in question — intended not for national security purposes but simply to pursue political agendas — may have come directly from the N.S.A.’s domestic dragnet. According to documents leaked by Mr. Snowden and reported by the British newspaper The Guardian, the N.S.A. has been sending intelligence to Israel since at least March 2009.

Au rayon rachat de conscience :

Internet Giants Erect Barriers to Spy Agencies (mouais)
NYTimes, 6 June 2014 by DAVID E. SANGER and NICOLE PERLROTH
▻http://www.nytimes.com/2014/06/07/technology/internet-giants-erect-barriers-to-spy-agencies.html

Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.

One of the biggest indirect consequences from the #Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously. Now they want the same.

At Facebook, Joe Sullivan, the company’s chief security officer, said it had been fending off those demands and heightened expectations.

Until last year, technology companies were forbidden from acknowledging demands from the United States government under the Foreign Intelligence Surveillance Act. But in January, Google, Facebook, Yahoo and Microsoft brokered a deal with the Obama administration to disclose the number of such orders they receive in increments of 1,000.

As part of the agreement, the companies agreed to dismiss their lawsuits before the Foreign Intelligence Surveillance Court.

“We’re not running and hiding,” Mr. Sullivan said. “We think it should be a transparent process so that people can judge the appropriate ways to handle these kinds of things.”

The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool. The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.
Cf. ▻http://seenthis.net/messages/263784
▻http://www.wired.com/2014/06/end-to-end

But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.’s smiley-face slide. The code included the phrase: “ssl-added-and-removed-here-; - )”

#surveillance #cybersécurité #tech_companies

In Surveillance Debate, White House Turns Its Focus to Silicon Valley - NYTimes.com
▻http://www.nytimes.com/2014/05/03/us/politics/white-house-shifts-surveillance-debate-to-private-sector.html

Now, by expanding the debate to what America’s digital titans collect, Mr. Obama gains a few political advantages. He is hoping to reinvigorate legislative proposals that went nowhere in his first term. And now that the revelations about the N.S.A. have tapered off, at least for a while, his aides seem to sense that Americans are at least as concerned about the information they entrust to Google and Yahoo.

In Silicon Valley, there is a suspicion that the report issued on Thursday by John D. Podesta, a presidential adviser, is an effort to change the subject from government surveillance. Mr. Podesta insists it is about expanding the discussion about how information is used.

(…)
The question is whether restrictions placed on the N.S.A. — and public resistance — will spill over to regulation of the private sector, and conversely whether new norms of what companies can collect will begin to affect the intelligence world.

At the N.S.A., there is grumbling about the continuing disclosures of material stolen by Mr. Snowden, but comparatively little complaint on the new limits Mr. Obama has proposed. In some cases, the N.S.A. gained some access to data even as it lost some autonomy. For example, its program to collect metadata missed a large percentage of cellphone calls. Under Mr. Obama’s plan, if it becomes law, the N.S.A. would have to leave that data in private hands, but when the N.S.A. does get it, under court order, the agency should have access to a lot more than it does today.

“It’s a pretty good trade,” said one senior intelligence official who has been working on the issue. “All told, if you are an N.S.A. analyst, you will probably get more of what you wanted to see, even it’s more cumbersome.”

#Snowden Used Low-Cost Tool to Best #N.S.A.
▻http://www.nytimes.com/2014/02/09/us/snowden-used-low-cost-tool-to-best-nsa.html

Using “web crawler” software designed to search, index and back up a website, Mr. Snowden “scraped data out of our systems” while he went about his day job, according to a senior intelligence official. “We do not believe this was an individual sitting at a machine and downloading this much material in sequence,” the official said. The process, he added, was “quite automated.”

(...)

.... from his first days working as a contractor inside the N.S.A.’s aging underground Oahu facility for Dell, the computer maker, and then at a modern office building on the island for Booz Allen Hamilton, the technology consulting firm that sells and operates computer security services used by the government, Mr. Snowden learned something critical about the N.S.A.’s culture: While the organization built enormously high electronic barriers to keep out foreign invaders, it had rudimentary protections against insiders.

(...)

Investigators have yet to answer the question of whether Mr. Snowden happened into an ill-defended outpost of the N.S.A. or sought a job there because he knew it had yet to install the security upgrades that might have stopped him.

N.S.A. Devises Radio Pathway Into Computers
▻http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html?_r=0

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the #Internet, according to #N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and #USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

N.S.A. Devises Radio Pathway Into Computers - NYTimes.com
►http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html?smid=tw-nyti
#internet_des_objets

One, called Cottonmouth I, looks like a normal USB plug but has a tiny transceiver buried in it. According to the catalog, it transmits information swept from the computer “through a covert channel” that allows “data infiltration and exfiltration.” Another variant of the technology involves tiny circuit boards that can be inserted in a laptop computer — either in the field or when they are shipped from manufacturers — so that the computer is broadcasting to the N.S.A. even while the computer’s user enjoys the false confidence that being walled off from the Internet constitutes real protection.

N.S.A. Devises Radio Pathway Into Computers - NYTimes.com
►http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html?smid=tw-nyti
#surveillance

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

Spies’ Dragnet Reaches a Playing Field of Elves and Trolls
▻http://www.nytimes.com/2013/12/10/world/spies-dragnet-reaches-a-playing-field-of-elves-and-trolls.html

Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents.

(...)

Online games might seem innocuous, a top-secret 2008 N.S.A. document warned, but they had the potential to be a “target-rich communication network” allowing intelligence suspects “a way to hide in plain sight.” Virtual games “are an opportunity!” another 2008 N.S.A. document declared.

But for all their enthusiasm — so many C.I.A., F.B.I. and Pentagon spies were hunting around in Second Life, the document noted, that a “deconfliction” group was needed to avoid collisions — the intelligence agencies may have inflated the threat.

The documents do not cite any counterterrorism successes from the effort, and former American intelligence officials, current and former gaming company employees and outside experts said in interviews that they knew of little evidence that terrorist groups viewed the games as havens to communicate and plot operations.

Games “are built and operated by companies looking to make money, so the players’ identity and activity is tracked,” said Peter W. Singer of the Brookings Institution, an author of “Cybersecurity and Cyberwar: What Everyone Needs to Know.” “For terror groups looking to keep their communications secret, there are far more effective and easier ways to do so than putting on a troll avatar.”

The surveillance, which also included Microsoft’s Xbox Live, could raise privacy concerns. It is not clear exactly how the agencies got access to gamers’ data or communications, how many players may have been monitored or whether Americans’ communications or activities were captured.

N.S.A. May Have Penetrated Internet Cable Links - NYTimes.com
▻http://www.nytimes.com/2013/11/26/technology/a-peephole-for-the-nsa.html?ref=technology

Although the Internet is designed to be a highly decentralized system, in practice a small group of backbone providers carry almost all of the network’s data.

Security experts say that regardless of whether Level 3’s participation is voluntary or not, recent N.S.A. disclosures make clear that even when Internet giants like Google and Yahoo do not hand over data, the N.S.A. and its intelligence partners can simply gather their data downstream.

That much was true last summer when United States authorities first began tracking Mr. Snowden’s movements after he left Hawaii for Hong Kong with thousands of classified documents. In May, authorities contacted Ladar Levison, who ran Lavabit, Mr. Snowden’s email provider, to install a tap on Mr. Snowden’s email account. When Mr. Levison did not move quickly enough to facilitate the tap on Lavabit’s network, the Federal Bureau of Investigation did so without him.

Mr. Levison said it was unclear how that tap was installed, whether through Level 3, which sold bandwidth to Lavabit, or at the Dallas facility where his servers and networking equipment are stored. When Mr. Levison asked the facility’s manager about the tap, he was told the manager could not speak with him. A spokesman for TierPoint, which owns the Dallas facility, did not return a call seeking a comment.

Verizon has said that it and other carriers are forced to comply with government requests in every country in which they operate, and are limited in what they can say about their arrangements.

“At the end of the day, if the Justice Department shows up at your door, you have to comply,” Lowell C. McAdam, Verizon’s chief executive, said in an interview in September. “We have gag orders on what we can say and can’t defend ourselves, but we were told they do this with every carrier.”

#nsa #masssurveillance #prism #bullrun #snowden #level3 #google #yahoo #lavabit #datacenter #backbone

#NSA Report Outlined Goals for More Power - NYTimes.com
By JAMES RISEN and LAURA POITRAS, November 22, 2013
▻http://www.nytimes.com/2013/11/23/us/politics/nsa-report-outlined-goals-for-more-power.html?pagewanted=all

(U) SIGINT Strategy 2012-2016 (23 février 2012)
▻http://www.nytimes.com/interactive/2013/11/23/us/politics/23nsa-sigint-strategy-document.html

In response to the controversy about its activities after Mr. #Snowden’s disclosures, agency officials claimed that the N.S.A.’s sweeping domestic surveillance programs had helped in 54 “terrorist-related activities.” But under growing scrutiny, congressional staff members and other critics say that the use of such figures by defenders of the agency has drastically overstated the value of the domestic surveillance programs in counterterrorism.

#terrorisme

Relying on Internet routing data, commercial and Sigint information, Treasure Map (...) collects Wi-Fi network and geolocation data, and between 30 million and 50 million unique Internet provider addresses (...) It boasts that the program can map “any device, anywhere, all the time.”

(...) The program is not used for surveillance, they said, but to understand computer networks.

The program takes advantage of the capabilities of other secret N.S.A. programs. To support Treasure Map, for example, the document states that another program, called Packaged Goods, tracks the “traceroutes” through which data flows around the Internet. Through Packaged Goods, the N.S.A. has gained access to “13 covered servers in unwitting data centers around the globe,” according to the PowerPoint. The document identifies a list of countries where the data centers are located, including Germany, Poland, Denmark, South Africa and Taiwan as well as Russia, China and Singapore.

Despite the document’s reference to “unwitting #data_centers,” government officials said that the agency does not hack into those centers. Instead, the officials said, the intelligence community secretly uses front companies to lease space on the servers.

#infrastructure

Au passage je découvre la page SIGINT sur Wikipedia, où il est question d’interception sur #câbles_sous-marins :
▻https://fr.wikipedia.org/wiki/Renseignement_d'origine_%C3%A9lectromagn%C3%A9tique#Interception_des_c

British Press Freedom Under Threat
▻http://www.nytimes.com/2013/11/15/opinion/british-press-freedom-under-threat.html

British parliamentarians have largely ducked their duty to ask tough questions of British intelligence agencies, which closely collaborate with the N.S.A., and have gone after The Guardian instead.

#Snowden Says He Took No Secret Files to Russia - NYTimes.com
▻http://www.nytimes.com/2013/10/18/world/snowden-says-he-took-no-secret-files-to-russia.html?pagewanted=all

He argued that he had helped American national security by prompting a badly needed public debate about the scope of the intelligence effort. “The #secret continuance of these programs represents a far greater danger than their disclosure,” Mr. Snowden said. He added that he had been more concerned that Americans had not been told about the N.S.A.’s reach than he was about any specific #surveillance operation.

“So long as there’s broad support amongst a people, it can be argued there’s a level of legitimacy even to the most invasive and morally wrong program, as it was an informed and willing decision,” he said. “However, programs that are implemented in secret, out of public oversight, lack that legitimacy, and that’s a problem. It also represents a dangerous normalization of ‘governing in the dark,’ where decisions with enormous public impact occur without any public input.”

Mr. Snowden said that in 2008 and 2009, he was working in Geneva as a telecommunications information systems officer, handling everything from information technology and computer networks to maintenance of the heating and air-conditioning systems. He began pushing for a promotion, but got into what he termed a “petty e-mail spat” in which he questioned a senior manager’s judgment.

The Declassification Engine: Reading Between the Black Bars : The New Yorker
▻http://www.newyorker.com/online/blogs/elements/2013/10/the-declassification-engine-reading-between-the-black-bars.html

the Declassification Engine (...) has “gotten to the point where we can see it might be possible to predict content of redacted text.

▻http://www.newyorker.com/online/blogs/elements/nsa-docs-580.jpeg

#censure #secret #lol

N.S.A. Gathers Data on Social Connections of U.S. Citizens - NYTimes.com
▻http://www.nytimes.com/2013/09/29/us/nsa-examines-social-networks-of-us-citizens.html?emc=edit_na_20130928&_r=0&

A new policy that year, detailed in “Defense Supplemental Procedures Governing Communications Metadata Analysis,” authorized by Defense Secretary Robert M. Gates and Attorney General Michael B. Mukasey, said that since the Supreme Court had ruled that metadata was not constitutionally protected, N.S.A. analysts could use such information “without regard to the nationality or location of the communicants,” according to an internal N.S.A. description of the policy.

The documents show that significant amounts of information from the United States go into Mainway. An internal N.S.A. bulletin, for example, noted that in 2011 Mainway was taking in 700 million phone records per day. In August 2011, it began receiving an additional 1.1 billion cellphone records daily from an unnamed American service provider under Section 702 of the 2008 FISA Amendments Act, which allows for the collection of the data of Americans if at least one end of the communication is believed to be foreign.

The overall volume of metadata collected by the N.S.A. is reflected in the agency’s secret 2013 budget request to Congress. The budget document, disclosed by Mr. Snowden, shows that the agency is pouring money and manpower into creating a metadata repository capable of taking in 20 billion “record events” daily and making them available to N.S.A. analysts within 60 minutes.

N.S.A. Gathers Data on Social Connections of U.S. Citizens
By JAMES RISEN and LAURA POITRAS
▻http://www.nytimes.com/2013/09/29/us/nsa-examines-social-networks-of-us-citizens.html

The concerns in the United States since Mr. Snowden’s revelations have largely focused on the scope of the agency’s collection of the private data of Americans and the potential for abuse. But the new documents provide a rare window into what the N.S.A. actually does with the information it gathers.

A series of agency PowerPoint presentations and memos describe how the N.S.A. has been able to develop software and other tools — one document cited a new generation of programs that “revolutionize” data collection and analysis — to unlock as many secrets about individuals as possible.

Unlocking Private Communications - Graphic - NYTimes.com

▻http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html?nl=todaysheadlines&emc=edit_th_201309

Unlocking Private Communications

Below are encryption tools the N.S.A. has had some success in cracking, according to documents provided by Edward J. Snowden describing the agency’s code-breaking capabilities.

https://dl.dropbox.com/s/v5em5wwxwg761uo/cryptage.png

N.S.A. Foils Much Internet Encryption - NYTimes.com
▻http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all

#NSA documents show that the agency maintains an internal database of #encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.

How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. “Approval to release to non-Sigint agencies,” a GCHQ document says, “will depend on there being a proven non-Sigint method of acquiring keys.”

Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency’s 2013 budget request was to “influence policies, standards and specifications for commercial public key technologies,” the most common encryption method.

Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of #Standards and Technology, the United States’ encryption standards body, and later by the International Organization for Standardization, which has 163 countries as members.

Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort “a challenge in finesse.”