We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
Advocatus Diaboli sends word of a new release of documents made available by Edward Snowden. The documents show British intelligence agency GCHQ had a deep partnership with telecommunications company Cable & Wireless (acquired later by Vodafone). The company allowed GCHQ to tap submarine cables around the world, and was paid millions of British pounds as compensation. The relationship was so extensive that a GCHQ employee was assigned to work full time at Cable & Wireless (referred to by the code name “Gerontic” in NSA documents) to manage cable-tap projects in February of 2009. By July of 2009, Cable & Wireless provided access to 29 out of the 63 cables on the list, accounting for nearly 70 percent of the data capacity available to surveillance programs. ... As of July of 2009, relationships with three telecom companies provided access to 592 10-gigabit-per-second pipes on the cables collectively and 69 10-gbps “egress” pipes through which data could be pulled back. The July 2009 documents included a shopping list for additional cable access—GCHQ sought to more than triple its reach, upping access to 1,693 10-gigabit connections and increasing egress capacity to 390. The documents revealed a much shorter list of "cables we do not currently have good access [to]."
89 comments | 2 days ago
Advocatus Diaboli writes The Regin malware, whose existence was first reported by the security firm Symantec on Sunday, is among the most sophisticated ever discovered by researchers. Symantec compared Regin to Stuxnet, a state-sponsored malware program developed by the U.S. and Israel to sabotage computers at an Iranian nuclear facility. Sources familiar with internal investigations at Belgacom and the European Union have confirmed to The Intercept that the Regin malware was found on their systems after they were compromised, linking the spy tool to the secret GCHQ and NSA operations.
129 comments | 3 days ago
An anonymous reader sends this report from the Associated Press:
"Dissenters within the National Security Agency, led by a senior agency executive, warned in 2009 that the program to secretly collect American phone records wasn't providing enough intelligence to justify the backlash it would cause if revealed, current and former intelligence officials say.
The NSA took the concerns seriously, and many senior officials shared them. But after an internal debate that has not been previously reported, NSA leaders, White House officials and key lawmakers opted to continue the collection and storage of American calling records, a domestic surveillance program without parallel in the agency's recent history.
110 comments | about a week ago
Robotron23 writes: The latest attempt at NSA reform has been prevented from passage in the Senate by a margin of 58 to 42. Introduced as a means to stop the NSA collecting bulk phone and e-mail records on a daily basis, the USA Freedom Act has been considered a practical route to curtailment of perceived overreach by security services, 18 months since Edward Snowden went public. Opponents to the bill said it was needless, as Wall Street Journal raised the possibility of terrorists such as ISIS running amok on U.S. soil. Supporting the bill meanwhile were the technology giants Google and Microsoft. Prior to this vote, the bill had already been stripped of privacy protections in aid of gaining White House support. A provision to extend the controversial USA Patriot Act to 2017 was also appended by the House of Representatives.
441 comments | about a week ago
apexcp writes Senate Majority Leader (for now) Harry Reid announced he will be taking the USA FREEDOM Act to a floor vote in the Senate as early as next week. While the bill, if passed, would be the first significant legislative reform of the NSA since 9/11, many of the act's initial supporters have since disavowed it, claiming that changes to its language mean it won't do enough to curb the abuses of the American surveillance state
127 comments | about two weeks ago
samzenpus writes Andrew Lewman wears many hats: biologist, advocate against domestic violence, programmer, Executive Director of the Tor project and a member of the board of directors. He works to preserve the right to speak and read freely online by fighting laws and technology that threaten anonymity. Just how hard that has become is much clearer now that the NSA's interest in Tor has become public. Andrew has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one per post.
61 comments | about two weeks ago
An anonymous reader writes with this story about how Berlin has become a haven for Laura Poitras and other journalists who want to limit the amount of NSA disruption in their lives. "It's the not knowing that's the hardest thing, Laura Poitras tells me. 'Not knowing whether I'm in a private place or not.' Not knowing if someone's watching or not. Though she's under surveillance, she knows that. It makes working as a journalist 'hard but not impossible'. It's on a personal level that it's harder to process. 'I try not to let it get inside my head, but I still am not sure that my home is private. And if I really want to make sure I'm having a private conversation or something, I'll go outside.'
.....We're having this conversation in Berlin, her adopted city, where she'd moved to make a film about surveillance before she'd ever even made contact with Snowden. Because, in 2006, after making two films about the US war on terror, she found herself on a 'watch list'. Every time she entered the US – 'and I travel a lot' – she would be questioned. 'It got to the point where my plane would land and they would do what's called a hard stand, where they dispatch agents to the plane and make everyone show their passport and then I would be escorted to a room where they would question me and oftentimes take all my electronics, my notes, my credit cards, my computer, my camera, all that stuff.' She needed somewhere else to go, somewhere she hoped would be a safe haven. And that somewhere was Berlin."
231 comments | about three weeks ago
Trailrunner7 writes: When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it's typically deployed, before deciding whether to share the new bug. The agency shares most of the bugs it finds, NSA Director Mike Rogers said, but not all of them.
Speaking at an event at Stanford University, Rogers said that the NSA has been told by President Barack Obama that the default decision should be to share information on new vulnerabilities "The president has been very specific to us in saying, look, the balance I want you to strike will be largely focused on when you find vulnerabilities, we're going to share them. By orders of magnitude, when we find new vulnerabilities, we share them," Rogers said.
170 comments | about three weeks ago
hazeii writes Though legal proceedings following the Snowden revelations, Liberty UK have succeeded in forcing GCHQ to reveal secret internal policies allowing Britain's intelligence services to receive unlimited bulk intelligence from the NSA and other foreign agencies and to keep this data on a massive searchable databases, all without a warrant. Apparently, British intelligence agencies can "trawl through foreign intelligence material without meaningful restrictions", and can keep copies of both content and metadata for up to two years. There is also mention of data obtained "through US corporate partnerships". According to Liberty, this raises serious doubts about oversight of the UK Intelligence and Security Committee and their reassurances that in every case where GCHQ sought information from the US, a warrant for interception signed by a minister was in place.
Eric King, Deputy Director of Privacy international, said: "We now know that data from any call, internet search, or website you visited over the past two years could be stored in GCHQ's database and analyzed at will, all without a warrant to collect it in the first place. It is outrageous that the Government thinks mass surveillance, justified by secret 'arrangements' that allow for vast and unrestrained receipt and analysis of foreign intelligence material is lawful. This is completely unacceptable, and makes clear how little transparency and accountability exists within the British intelligence community."
95 comments | about a month ago
reifman writes The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website. What the agency actually did is more of an example of smart, precise law enforcement tactics. Is the outrage online an indictment of Twitter's tendency towards uninformed, knee-jerk reactions? In this age of unwarranted, unconstitutional blanket data collection by the NSA, the FBI's tactics from 2007 seem refreshing for their precision.
206 comments | about a month ago
TheRealHocusLocus writes: We are witness to a historic first: an individual charged with espionage and actively sought by the United States government has been (virtually) invited to speak at Harvard Law School, with applause. [Note: all of the following links go to different parts of a long YouTube video.] HLS Professor Lawrence Lessig conducted the hour-long interview last Monday with a list of questions by himself and his students.
Some interesting segments from the interview include: Snowden's assertion that mass domestic intercept is an "unreasonable seizure" under the 4th Amendment; that it also violates "natural rights" that cannot be voted away even by the majority; a claim that broad surveillance detracts from the ability to monitor specific targets such as the Boston Marathon bombers; him calling out Congress for not holding Clapper accountable for misstatements; and his lament that contractors are exempt from whistleblower protection though they do swear an oath to defend the Constitution from enemies both foreign and domestic.
These points have been brought up before. But what may be most interesting to these students is Snowden's suggestion that a defendant under the Espionage Act should be permitted to present an argument before a jury that the act was committed "in the public interest." Could this help ensure a fair trial for whistleblowers whose testimony reveals Constitutional violation?
221 comments | about a month ago
An anonymous reader writes T-Mobile, a major wireless carrier in the U.S. and subsidiary of German Deutsche Telecom, is hardening the encryption on its 2G cellular network in the U.S., reports the Washington Post. According to Cisco, 2G cellular calls still account for 13% of calls in the US and 68% of wireless calls worldwide. T-Mobile's upgrades will bring the encryption of older and inexpensive 2G GSM phone signals in the US up to par with that of more expensive 3G and 4G handsets. Parent company Deutsche Telecom had announced a similar upgrade of its German 2G network after last year's revelations of NSA surveillance. 2G is still important not only for that 13 percent of calls, but because lots of connected devices rely on it, or will, even while the 2G clock is ticking. The "internet of things" focuses on cheap and ubiquitous, and in the U.S. that still means 2G, but lots of things that might be connected that way are ones you'd like to be encrypted.
27 comments | about a month ago
First time accepted submitter un1nsp1red (2503532) writes Current NSA CTO Patrick Dowd has taken a part-time position with former-NSA director Keith Alexander's security firm IronNet Cybersecurity — while retaining his position as chief technology officer for the NSA. The Guardian states that 'Patrick Dowd continues to work as a senior NSA official while also working part time for Alexander's IronNet Cybersecurity, a firm reported to charge up to $1m a month for advising banks on protecting their data from hackers. It is exceedingly rare for a US official to be allowed to work for a private, for-profit company in a field intimately related to his or her public function.' Some may give Alexander a pass on the possible conflict of interests as he's now retired, but what about a current NSA official moonlighting for a private security firm?
83 comments | about a month ago
While urging policy reform as more important than per-person safeguards, Edward Snowden had a few pieces of advice on maintaining online privacy for attendees at Saturday's New Yorker Festival. As reported by TechCrunch, Snowden's ideas for avoiding online intrusions (delivered via video link) sound simple enough, but may not be easy for anyone who relies on Google, Facebook, or Dropbox, since those are three companies he names as ones to drop. A small slice: He also suggested that while Facebook and Google have improved their security, they remain “dangerous services” that people should avoid. (Somewhat amusingly, anyone watching the interview via Google Hangout or YouTube saw a Google logo above Snowden’s face as he said this.) His final piece of advice on this front: Don’t send unencrypted text messages, but instead use services like RedPhone and Silent Circle. Earlier in the interview, Snowden dismissed claims that increased encryption on iOS will hurt crime-fighting efforts. Even with that encryption, he said law enforcement officials can still ask for warrants that will give them complete access to a suspect’s phone, which will include the key to the encrypted data. Plus, companies like Apple, AT&T, and Verizon can be subpoenaed for their data.
210 comments | about a month and a half ago
Presto Vivace (882157) writes "No conflicts appear to exist" among Keith Alexander's investments, the NSA said. "New financial disclosure documents released this month by the National Security Agency (NSA) show that Keith Alexander, who served as its director from August 2005 until March 2014, had thousands of dollars of investments during his tenure in a handful of technology firms." Don't worry, the NSA assures us that there was no conflict of interest.
59 comments | about a month and a half ago
Advocatus Diaboli writes with this snippet from The Intercept: The National Security Agency has had agents in China, Germany, and South Korea working on programs that use "physical subversion" to infiltrate and compromise networks and devices, according to documents obtained by The Intercept. The documents, leaked by NSA whistleblower Edward Snowden, also indicate that the agency has used under cover operatives to gain access to sensitive data and systems in the global communications industry, and that these secret agents may have even dealt with American firms. The documents describe a range of clandestine field activities that are among the agency's "core secrets" when it comes to computer network attacks, details of which are apparently shared with only a small number of officials outside the NSA.
228 comments | about a month and a half ago
MojoKid writes One of the downsides to the news cycle is that no matter how big or hot a story is, something else inevitably comes along. The advent of ISIS and Ebola, combined with the passing of time, have pushed national security concerns out of the limelight — until, that is, someone at the NSA helps out by reminding us that yes, the agency still exists and yes, it still has some insane policies and restrictions. Earlier this year, the Federation of American Scientists filed a Freedom of Information Act request with the NSA. The group was seeking information it thought would be relatively low-key — what authorized information had been leaked to the media over the past 12 months? The NSA's response reads as follows: "The document responsive to your request has been reviewed by this Agency as required by the FOIA and has been found to be currently and properly classified in accordance with Executive Order 13526. The document is classified because its disclosure could reasonably be expected to cause exceptionally grave damage to the national security." The NSA is insisting that it has the right to keep its lawful compliance and public disclosures secret not because the NSA is made of evil people but because the NSA has a knee-jerk preference and demand for secrecy. In a spy organization, that's understandable and admirable but it's precisely the opposite of what's needed to rebuild American's faith in the institution and its judgment.
106 comments | about a month and a half ago
jfruh writes Oregon Senator Ron Wyden gathered a group of tech luminaries to discuss the implications of U.S. surveillance programs, and Google Chairman Eric Schmidt didn't mince words. He said that worries over U.S. surveillance would result in servers with different sets of data for users from different countries multiplying across the world. "The simplest outcome is that we're going to end up breaking the Internet."
179 comments | about a month and a half ago
maynard writes: Investigative Journalist James Bamford knows a thing or two more than most about the National Security Agency. Across his more than three-decade long career digging muck out of exactly those places U.S. government intelligence agencies preferred he wouldn't tread, he's published five books and over eighty press reports. At times, this made for some tense confrontations with intelligence officials from an organization once so secret even few members of Congress knew of its existence.
For the last several years public focus on the NSA has been on Bush and Obama era reports of illicit domestic spying. From allegations of warrantless wiretapping reported by James Risen in 2005 to secret documents released to journalists at The Guardian by Edward Snowden a year ago. And smack in the middle, Bamford's 2012 revelation of the existence of a huge, exabyte-capable data storage facility then under construction in Bluffdale, Utah.
Given all this attention on recent events, it might come as a surprise to some that almost forty years ago Senator Frank Church convened a congressional committee to investigate reports of unlawful activities by U.S. intelligence agencies, including illegal domestic wiretapping by the NSA. At the time, Church brought an oversight magnifying glass over what was then half-jokingly referred to as "No Such Agency." And then, like today, James Bamford was in the thick of it, with a Snowden-like cloak-and-dagger game of spy-vs-journalist. It all began by giving testimony before the Church Committee. Writing yesterday in The Intercept, Bamford tells his firsthand historical account of what led him to testify as a direct witness to NSA's wiretapping of domestic communications decades ago and then details the events that led to the publication of his first book The Puzzle Palace back in 1982. Read on for more.
54 comments | about 2 months ago
An anonymous reader writes Now the NSA isn't the only one who can hack your USB firmware: "In a talk at the Derbycon hacker conference in Louisville, Kentucky last week, researchers Adam Caudill and Brandon Wilson showed that they've reverse engineered the same USB firmware as Nohl's SR Labs, reproducing some of Nohl's BadUSB tricks. And unlike Nohl, the hacker pair has also published the code for those attacks on Github, raising the stakes for USB makers to either fix the problem or leave hundreds of millions of users vulnerable." Personally, I always thought it was insane that USB drives don't come with physical write-protect switches to keep them from being infected by malware. (More on BadUSB here.)
97 comments | about 2 months ago