We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.
181 comments | 2 days ago
An anonymous reader sends this quote from TechDirt:
As a string of whistle blowers like former AT&T employee Mark Klein have made clear abundantly clear, the line purportedly separating intelligence operations from the nation's incumbent phone companies was all-but obliterated long ago. As such, it's relatively amusing to see Verizon announce this week that the company is offering up a new encrypted wireless voice service named Voice Cypher. Voice Cypher, Verizon states, offers "end-to-end" encryption for voice calls on iOS, Android, or BlackBerry devices equipped with a special app made by Cellcrypt.
Verizon says it's initially pitching the $45 per phone service to government agencies and corporations, but would ultimately love to offer it to consumers as a line item on your bill. Of course by "end-to-end encryption," Verizon means that the new $45 per phone service includes an embedded NSA backdoor free of charge. Apparently, in Verizon-land, "end-to-end encryption" means something entirely different than it does in the real world.
166 comments | 3 days ago
Lucas123 writes: A new international survey of internet users from 24 countries has found that more than 39% of them have taken steps to protect their data since Edward Snowden leaked the NSA's spying practices. The survey, conducted by the Center for International Governance Innovation, found that 43% of Internet users now avoid certain websites and applications and 39% change their passwords regularly. Security expert Bruce Schneier chastised the media for trying to downplay the numbers by saying "only" 39%" have taken action and "only 60%" have heard of Snowden. The news articles, "are completely misunderstanding the data," Schneier said, pointing out that by combining data on Internet penetration with data from the international survey, it works out to 706 million people who are now taking steps to protect their online data. Additionally, two-thirds (64%) of users indicated they are more concerned today about online privacy than they were a year ago. Another notable finding: 83% of users believe that affordable access to the Internet should be a basic human right.
53 comments | 4 days ago
jfruh writes Google Chairman Eric Schmidt told a conference on surveillance at the Cato Institute that Edward Snowden's revelations on NSA spying shocked the company's engineers — who then immediately started working on making the company's servers and services more secure. Now, after a year and a half of work, Schmidt says that Google's services are the safest place to store your sensitive data.
281 comments | 5 days ago
Trailrunner7 notes that the bulk telephone collection program was just extended another 90 days. "The secret Foreign Intelligence Surveillance Court has authorized a 90-day extension to the Section 215 bulk telephone collection program used by the National Security Agency, giving the agency through the end of February to run the program in the absence of legislation establishing a new authority.
On Monday, the Office of the Director of National Intelligence revealed that the administration had applied for a 90-day extension to the existing Section 215 authority, and that the FISC had approved the request, extending the authority through Feb. 27.
'The Administration welcomes the opportunity to work with the new Congress to implement the changes the President has called for. Given that legislation has not yet been enacted, and given the importance of maintaining the capabilities of the telephony metadata program, the government has sought a 90-day reauthorization of the existing program, as modified by the changes the President directed in January,' a statement from the Office of the DNI and the Office of the Attorney General said."
82 comments | about two weeks ago
The Intercept has published today a story detailing documents that "reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into—a controversial tactic that security experts say could be exposing the general population to criminal hackers." The documents also describe a years-long effort, aimed at hostile and friendly regimes, from the point of view of the U.S. government, to break the security of various countries' communications networks. "Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks."
148 comments | about two weeks ago
cold fjord writes The Local (DE) reports, "The Bundesnachrichtendienst (BND), Germany's foreign intelligence service, spied on some citizens living abroad, a former lawyer for the spies told MPs on Thursday. Dr Stefan Burbaum ... said that some Germans were targeted as "office holders," a legal loophole the spies used to circumvent the law that protects Germans citizens from being spied on by its own intelligence agency. ... the German spies argue that a citizen working for a foreign company abroad is only protected in his private life, not in his professional communications ... "The office holder is the legal person," Burbaum said. ... "This construct of an office holder is just as absurd in practice as it appears in the law," Konstantin von Notz of the Green party said. Further, foreigners' communications conducted abroad are not protected, even if they are in contact with German people or work for a German company. MPs ... criticized the BND's ability to operate in a "lawless zone" when it came to spying on foreigners. ... the BND regularly retains traffic which it had not received specific permission to investigate which it collects during such trawls. In this way, access acquired under the "G10 law" becomes a "foot in the door" to otherwise closed-off sources of data, Burbaum said." The parliamentary investigation was initiated by reports that Chancellor Merkel's phone was being tapped by NSA, but later it was found that at least five countries were tapping Merkel's phone.
83 comments | about three weeks ago
Advocatus Diaboli sends word of a new release of documents made available by Edward Snowden. The documents show British intelligence agency GCHQ had a deep partnership with telecommunications company Cable & Wireless (acquired later by Vodafone). The company allowed GCHQ to tap submarine cables around the world, and was paid millions of British pounds as compensation. The relationship was so extensive that a GCHQ employee was assigned to work full time at Cable & Wireless (referred to by the code name “Gerontic” in NSA documents) to manage cable-tap projects in February of 2009. By July of 2009, Cable & Wireless provided access to 29 out of the 63 cables on the list, accounting for nearly 70 percent of the data capacity available to surveillance programs. ... As of July of 2009, relationships with three telecom companies provided access to 592 10-gigabit-per-second pipes on the cables collectively and 69 10-gbps “egress” pipes through which data could be pulled back. The July 2009 documents included a shopping list for additional cable access—GCHQ sought to more than triple its reach, upping access to 1,693 10-gigabit connections and increasing egress capacity to 390. The documents revealed a much shorter list of "cables we do not currently have good access [to]."
90 comments | about three weeks ago
Advocatus Diaboli writes The Regin malware, whose existence was first reported by the security firm Symantec on Sunday, is among the most sophisticated ever discovered by researchers. Symantec compared Regin to Stuxnet, a state-sponsored malware program developed by the U.S. and Israel to sabotage computers at an Iranian nuclear facility. Sources familiar with internal investigations at Belgacom and the European Union have confirmed to The Intercept that the Regin malware was found on their systems after they were compromised, linking the spy tool to the secret GCHQ and NSA operations.
131 comments | about three weeks ago
An anonymous reader sends this report from the Associated Press:
"Dissenters within the National Security Agency, led by a senior agency executive, warned in 2009 that the program to secretly collect American phone records wasn't providing enough intelligence to justify the backlash it would cause if revealed, current and former intelligence officials say.
The NSA took the concerns seriously, and many senior officials shared them. But after an internal debate that has not been previously reported, NSA leaders, White House officials and key lawmakers opted to continue the collection and storage of American calling records, a domestic surveillance program without parallel in the agency's recent history.
110 comments | about a month ago
Robotron23 writes: The latest attempt at NSA reform has been prevented from passage in the Senate by a margin of 58 to 42. Introduced as a means to stop the NSA collecting bulk phone and e-mail records on a daily basis, the USA Freedom Act has been considered a practical route to curtailment of perceived overreach by security services, 18 months since Edward Snowden went public. Opponents to the bill said it was needless, as Wall Street Journal raised the possibility of terrorists such as ISIS running amok on U.S. soil. Supporting the bill meanwhile were the technology giants Google and Microsoft. Prior to this vote, the bill had already been stripped of privacy protections in aid of gaining White House support. A provision to extend the controversial USA Patriot Act to 2017 was also appended by the House of Representatives.
445 comments | about a month ago
apexcp writes Senate Majority Leader (for now) Harry Reid announced he will be taking the USA FREEDOM Act to a floor vote in the Senate as early as next week. While the bill, if passed, would be the first significant legislative reform of the NSA since 9/11, many of the act's initial supporters have since disavowed it, claiming that changes to its language mean it won't do enough to curb the abuses of the American surveillance state
127 comments | about a month ago
samzenpus writes Andrew Lewman wears many hats: biologist, advocate against domestic violence, programmer, Executive Director of the Tor project and a member of the board of directors. He works to preserve the right to speak and read freely online by fighting laws and technology that threaten anonymity. Just how hard that has become is much clearer now that the NSA's interest in Tor has become public. Andrew has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one per post.
61 comments | about a month ago
An anonymous reader writes with this story about how Berlin has become a haven for Laura Poitras and other journalists who want to limit the amount of NSA disruption in their lives. "It's the not knowing that's the hardest thing, Laura Poitras tells me. 'Not knowing whether I'm in a private place or not.' Not knowing if someone's watching or not. Though she's under surveillance, she knows that. It makes working as a journalist 'hard but not impossible'. It's on a personal level that it's harder to process. 'I try not to let it get inside my head, but I still am not sure that my home is private. And if I really want to make sure I'm having a private conversation or something, I'll go outside.'
.....We're having this conversation in Berlin, her adopted city, where she'd moved to make a film about surveillance before she'd ever even made contact with Snowden. Because, in 2006, after making two films about the US war on terror, she found herself on a 'watch list'. Every time she entered the US – 'and I travel a lot' – she would be questioned. 'It got to the point where my plane would land and they would do what's called a hard stand, where they dispatch agents to the plane and make everyone show their passport and then I would be escorted to a room where they would question me and oftentimes take all my electronics, my notes, my credit cards, my computer, my camera, all that stuff.' She needed somewhere else to go, somewhere she hoped would be a safe haven. And that somewhere was Berlin."
231 comments | about a month ago
Trailrunner7 writes: When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it's typically deployed, before deciding whether to share the new bug. The agency shares most of the bugs it finds, NSA Director Mike Rogers said, but not all of them.
Speaking at an event at Stanford University, Rogers said that the NSA has been told by President Barack Obama that the default decision should be to share information on new vulnerabilities "The president has been very specific to us in saying, look, the balance I want you to strike will be largely focused on when you find vulnerabilities, we're going to share them. By orders of magnitude, when we find new vulnerabilities, we share them," Rogers said.
170 comments | about a month and a half ago
hazeii writes Though legal proceedings following the Snowden revelations, Liberty UK have succeeded in forcing GCHQ to reveal secret internal policies allowing Britain's intelligence services to receive unlimited bulk intelligence from the NSA and other foreign agencies and to keep this data on a massive searchable databases, all without a warrant. Apparently, British intelligence agencies can "trawl through foreign intelligence material without meaningful restrictions", and can keep copies of both content and metadata for up to two years. There is also mention of data obtained "through US corporate partnerships". According to Liberty, this raises serious doubts about oversight of the UK Intelligence and Security Committee and their reassurances that in every case where GCHQ sought information from the US, a warrant for interception signed by a minister was in place.
Eric King, Deputy Director of Privacy international, said: "We now know that data from any call, internet search, or website you visited over the past two years could be stored in GCHQ's database and analyzed at will, all without a warrant to collect it in the first place. It is outrageous that the Government thinks mass surveillance, justified by secret 'arrangements' that allow for vast and unrestrained receipt and analysis of foreign intelligence material is lawful. This is completely unacceptable, and makes clear how little transparency and accountability exists within the British intelligence community."
95 comments | about 1 month ago
reifman writes The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website. What the agency actually did is more of an example of smart, precise law enforcement tactics. Is the outrage online an indictment of Twitter's tendency towards uninformed, knee-jerk reactions? In this age of unwarranted, unconstitutional blanket data collection by the NSA, the FBI's tactics from 2007 seem refreshing for their precision.
206 comments | about 1 month ago
TheRealHocusLocus writes: We are witness to a historic first: an individual charged with espionage and actively sought by the United States government has been (virtually) invited to speak at Harvard Law School, with applause. [Note: all of the following links go to different parts of a long YouTube video.] HLS Professor Lawrence Lessig conducted the hour-long interview last Monday with a list of questions by himself and his students.
Some interesting segments from the interview include: Snowden's assertion that mass domestic intercept is an "unreasonable seizure" under the 4th Amendment; that it also violates "natural rights" that cannot be voted away even by the majority; a claim that broad surveillance detracts from the ability to monitor specific targets such as the Boston Marathon bombers; him calling out Congress for not holding Clapper accountable for misstatements; and his lament that contractors are exempt from whistleblower protection though they do swear an oath to defend the Constitution from enemies both foreign and domestic.
These points have been brought up before. But what may be most interesting to these students is Snowden's suggestion that a defendant under the Espionage Act should be permitted to present an argument before a jury that the act was committed "in the public interest." Could this help ensure a fair trial for whistleblowers whose testimony reveals Constitutional violation?
221 comments | about 2 months ago
An anonymous reader writes T-Mobile, a major wireless carrier in the U.S. and subsidiary of German Deutsche Telecom, is hardening the encryption on its 2G cellular network in the U.S., reports the Washington Post. According to Cisco, 2G cellular calls still account for 13% of calls in the US and 68% of wireless calls worldwide. T-Mobile's upgrades will bring the encryption of older and inexpensive 2G GSM phone signals in the US up to par with that of more expensive 3G and 4G handsets. Parent company Deutsche Telecom had announced a similar upgrade of its German 2G network after last year's revelations of NSA surveillance. 2G is still important not only for that 13 percent of calls, but because lots of connected devices rely on it, or will, even while the 2G clock is ticking. The "internet of things" focuses on cheap and ubiquitous, and in the U.S. that still means 2G, but lots of things that might be connected that way are ones you'd like to be encrypted.
27 comments | about 2 months ago
First time accepted submitter un1nsp1red (2503532) writes Current NSA CTO Patrick Dowd has taken a part-time position with former-NSA director Keith Alexander's security firm IronNet Cybersecurity — while retaining his position as chief technology officer for the NSA. The Guardian states that 'Patrick Dowd continues to work as a senior NSA official while also working part time for Alexander's IronNet Cybersecurity, a firm reported to charge up to $1m a month for advising banks on protecting their data from hackers. It is exceedingly rare for a US official to be allowed to work for a private, for-profit company in a field intimately related to his or her public function.' Some may give Alexander a pass on the possible conflict of interests as he's now retired, but what about a current NSA official moonlighting for a private security firm?
83 comments | about 2 months ago