topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 3:33 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Knight to queen's bishop 3 - Snowden charged with espionage.  (Read 355758 times)

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #475 on: December 09, 2013, 11:24 PM »
This is funny:
http://www.bbc.co.uk.../technology-25297044
"Eight firms, Google, Apple, Facebook, Twitter, AOL, Microsoft, LinkedIn, and Yahoo, have formed an alliance called Reform Government Surveillance group."

Yes, it is funny - more panto. So, anyway, it looks as though you don't need to worry your little heads about it. You can trust these corporations to override democratic process and "reform" government surveillance for you.

...Yeah, right.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #476 on: December 12, 2013, 04:53 PM »
After a bit of trial-and-error, I managed to get the feed from itsecurityguru.org into my bazqux.com feed reader by subscribing to http://www.itsecurityguru.org/node/
This was after reading this interesting post which I originally saw in the Hacker News feed.
CertiVox confirms it withdrew PrivateSky after GCHQ issued warrant | IT Security Guru
CertiVox has admitted that it chose to take its secure email encryption service PrivateSky offline after a warrant was issued by a division of GCHQ.
 
CEO Brian Spector told IT Security Guru that despite having "tens of thousands of heavily active users", it was served with an ultimatum from the National Technical Assistance Centre (NTAC), a division of GCHQ and a liaison with the Home Office, who were seeking the keys to decrypt the customer data.
 
He said that this was at the end of 2012, ahead of the same action by Lavabit and Silent Circle and it was before Snowden happened. “So they had persons of interest they wanted to track and came with this signed by the Home Secretary. You have to comply or you go to jail,” he said.
 
"It is the same in the USA with FISMA, and it is essentially a national security warrant. So in late 2012 we had the choice to make - either architect the world's most secure encryption system on the planet, so secure that CertiVox cannot see your data, or spend £500,000 building a backdoor into the system to mainline data to GCHQ so they can mainline it over to the NSA.”
 
Spector said that complying with the warrant would have been a "catastrophic invasion of privacy" of its users, so instead it chose to withdraw the product from public use and run it internally. "Whether or not you agree or disagree with the UK and US government, this is how it is and you have to comply with it," he said.
 
However some of the technology has been implemented into its M-Pin authentication options, where rather than hold the data, it is split in two so CertiVox has one half and the user has the other, and law enforcement would need both to access the data.
 
“So as far as I know we are the first to do that so if the NSA or GCHQ says 'hand it over' we can comply as they cannot do anything with it until they have the other half, where the customer has control of it,” he said.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #477 on: December 12, 2013, 05:15 PM »
Who/how people can be keeping tabs on you...
I have copied this rather interesting post from movableink.com because of the emboldened bit and to keep it in context:
(Copied below sans the several embedded hyperlinks/images. To see the whole thing, go to the link.)
Gmail’s Recent Image Handling Changes | Movable Ink Blog
Last week, Gmail implemented changes that impact the way the email service renders images that will impact real-time content for a segment of Gmail users.

Below, we hope to clarify the Gmail changes, summarize their impact, and share what actions Movable Ink has taken and is continuing to pursue to address any concerns.

1. What changes were made in Gmail, and what is the impact to Movable Ink?
Traditionally, when a recipient views an email, images are downloaded from the server that hosts the images. This allows information to be communicated back to the image’s host source—such as the user’s current location, device, and time of day.

a.) Gmail is now requesting all images from proxy servers (googleusercontent.com), which incorrectly situates users in its headquarters in Mountain View, California when images are downloaded. This impacts the ability to geo-target image content for those Gmail users who are affected by the changes. (Note: Local Maps using zip codes appended as query parameters are unaffected.)

b.) Gmail is stripping the user-agent headers from the client request, which eliminates the ability to determine the Gmail user’s device and target image content appropriately.

c.) Gmail is removing the cache-control headers from the responses, which forces the user’s images to be stored in their browser’s cache for up to a day. This only impacts live image content if a Gmail user re-opens the email after the first open.

In summary, a limited set of Movable Ink features will not work within a segment of Gmail accounts and, in those cases, will be replaced with default content.

2. What email users are affected by the changes? How big is the impact to my list?
After analyzing our data since the changes were implemented late last week, 2% – 5% of the average enterprise B2C email marketer’s subscriber list is affected by Gmail’s changes, since they only affect recipients that open emails through the Gmail.com desktop client, the Android Gmail app, and the iOS Gmail app.

Not all Gmail users are impacted.

The changes have no impact on Gmail users who access their accounts through Mac Mail, the native Mail app on iOS devices, non-Gmail Android apps, non-Gmail Windows apps, Gmail via Outlook, etc. Additionally, all email domains that are not @gmail.com are not impacted.

More Gmail recipients open email on iOS devices (iPhones and iPads) than through any other email service — including web-based Gmail itself, which greatly mitigates the impact of the changes, and is the reason why they only affect 2% – 5% of most email marketers’ subscribers.

Below is a summary of who is affected by the changes:

Gmail Image Handling Changes Impact Summary

3. How is Movable Ink responding to the affected features?
a.) Geo-targeting: We have made it possible for marketers to show default content to users that have images hosted within the Gmail proxy domain. This eliminates any concerns about displaying incorrectly geo-targeted content when a user is falsely identified as being in Mountain View, California.

b.) Device targeting: If a user’s device cannot be detected for any reason, a default version of an email will be rendered and is configurable within the Movable Ink dashboard.

c.) All other real-time content: Other types of real-time content such as countdown timers, social feeds, web crops, and video will appear as intended on the first open of an email. Subsequent opens from an individual recipient will display the original image due to Google’s caching which can last for up to a day. According to research from Experian Marketing Services, 97% of email recipients only open email marketing messages once, again mitigating the impact.

Our team is in contact with representatives at Google to recommend and discuss alternatives to last week’s changes. We will be sure to share updates as we have more information. If you have any questions in the meantime, please do not hesitate to reach out to us at [email protected].

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Petition for Snowden to get political asylum in Germany.
« Reply #478 on: December 15, 2013, 04:59 PM »
If you want to take part, got to the Demand Progress website and sign up http://act.watchdog.net/login
(Email circular copied below sans embedded hyperlinks/images.)
From: Melanie Jones <[email protected]>
00:34 (11 hours ago)

Snowden is ready to testify for Germany if the country will give him asylum – let's push Angela Merkel to accept!
Sign the Petition!
Share on Facebook!

Dear XXX,

Edward Snowden is ready to testify on the US wiretapping of Angela Merkel’s phone if Germany will grant him political asylum — and Merkel may just take him up on the offer.

“My government continues to treat dissent as defection, and seeks to criminalize political speech with felony charges that provide no defense,” Snowden wrote German officials. “Speaking the truth is not a crime.”

Edward Snowden will never be safe if he returns to the US, and temporary asylum in a country notorious for its own civil liberties abuses won’t work in the long run. But if Merkel lets him stay on German soil, Snowden could have a life again — which is the least we can do for the whistleblower who exposed the NSA.

Berlin has a growing reputation for standing up against civil liberties abuses. But if Merkel turns Snowden down, it will look as though she supports the Obama administration’s disregard for privacy and mockery of international law — now let’s make sure she knows that before she makes her decision.

    PETITION TO ANGELA MERKEL'S GOVERNMENT: Stand up to the NSA's encroachment and protect the man whose whistleblowing exposes the US' betrayal of Germany — grant Edward Snowden asylum in exchange for his testimony now.

Click here to sign -- it just takes a second.

Thanks,
-- The folks at Watchdog.net

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #479 on: December 15, 2013, 05:46 PM »

I don't know enough about the RealPolitik of all this, but it seems to me Germany is an interesting place for him to go to. Definitely "Friendly" per se. And they seem to be one of the (three?) strongest countries in the EU. So this would be an interesting development.

Bonus Joke: Don't make the Germans Angry. You wouldn't like them when they are Angry!


tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #480 on: December 16, 2013, 07:51 AM »
If you want to take part, got to the Demand Progress website and sign up http://act.watchdog.net/login

the link there is for a login page - watchdog.net goes to the login page as well...
Did you forget a demand progress link there Iain?
I dont see anything though on the demandprogress site:
http://www.demandprogress.org/
 :-\
Tom

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #481 on: December 16, 2013, 11:07 AM »
Gonna be hysterical when Snowden eventually gets tapped for a Nobel Peace Prize. ;D

Oh! the consternation in high places. Oh! the righteous indignation that only those caught doing something very wrong can muster in the face of incontrovertible evidence.
 8)


tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #483 on: December 16, 2013, 01:42 PM »
NSA officials consider Edward Snowden amnesty in return for documents

...

they dont want him getting asylum in Germany maybe...
(could be a bit problematic)
Tom

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #484 on: December 16, 2013, 02:37 PM »
NSA officials consider Edward Snowden amnesty in return for documents

...

they dont want him getting asylum in Germany maybe...
(could be a bit problematic)

I think all this is overlapping.

I don't know why Asylum in Germany is "worse" for them than him hanging out in Russia or China.

There are a few cautionary notes from Slashdot about how mysterious he has become, and whether this is all a Long Con etc.


tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #485 on: December 16, 2013, 03:18 PM »
I don't know why Asylum in Germany is "worse" for them than him hanging out in Russia or China.

Yeah, good point.
Guess the question from the German POV is whether it's worth the possible tensions that might be caused by it.
I could imagine it happening ...
...
I'd enjoy it happening ;-)
Tom

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #486 on: December 16, 2013, 04:06 PM »
If you want to take part, got to the Demand Progress website and sign up http://act.watchdog.net/login
the link there is for a login page - watchdog.net goes to the login page as well...
Did you forget a demand progress link there Iain?
I dont see anything though on the demandprogress site:
http://www.demandprogress.org/
 :-\
____________________

I gather that watchdog.net is a Demand Progress website. (Look down to the bottom of that login page to see "© 2013 Demand Progress".)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #487 on: December 16, 2013, 04:13 PM »
NSA officials consider Edward Snowden amnesty in return for documents

...

they dont want him getting asylum in Germany maybe...
(could be a bit problematic)

I think all this is overlapping.

I don't know why Asylum in Germany is "worse" for them than him hanging out in Russia or China.

There are a few cautionary notes from Slashdot about how mysterious he has become, and whether this is all a Long Con etc.



Well... when it comes to spin, speculation and fantasy, it doesn't get more unimpeachable than Slashdot, right? :P

More seriously, IIRC didn't Russia make Snowden's agreement to stop speaking out against the current US Administration's spy programs  (and generally stepping out of the press's limelight) a condition of the asylum they offered him?

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #488 on: December 16, 2013, 04:14 PM »
I don't get to see US TV, but this sounds like a massive propaganda exercise: The Sad Decline of ‘60 Minutes’ Continues With This Week’s NSA Whitewash

Amazing.

This is interesting: NSA surveillance critic Bruce Schneier to leave post at BT | Ars Technica

Seems to send a pretty clear message out to other, potential critics of the NSA regime.

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #489 on: December 16, 2013, 04:30 PM »
If you want to take part, got to the Demand Progress website and sign up http://act.watchdog.net/login
the link there is for a login page - watchdog.net goes to the login page as well...
Did you forget a demand progress link there Iain?
I dont see anything though on the demandprogress site:
http://www.demandprogress.org/
 :-\
____________________

I gather that watchdog.net is a Demand Progress website. (Look down to the bottom of that login page to see "© 2013 Demand Progress".)

yeah, but it only allows me to log in - it doesnt allow me to register :huh:
And any variation of that page address sends me to the login page...
So,
how do I 'support the cause' (but I can understand if you dont know either!)
Tom

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #490 on: December 16, 2013, 04:34 PM »
This is interesting: NSA surveillance critic Bruce Schneier to leave post at BT | Ars Technica

Seems to send a pretty clear message out to other, potential critics of the NSA regime.

in fairness, that's probably more a reflection of a corrupt, sorry, I meant a corporate approach there.
Tom

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #491 on: December 16, 2013, 05:29 PM »
...yeah, but it only allows me to log in - it doesnt allow me to register :huh:
And any variation of that page address sends me to the login page...
So, how do I 'support the cause' (but I can understand if you dont know either!)
OIC. Sorry, I thought you would be able to sign the petition that way. I actually did it via a hyperlink in their email (which was peculiar to me), so did not give it out publicly.
I went to the DP website and couldn't see how to do it either. Odd.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #492 on: December 16, 2013, 06:46 PM »
I posted this out of interest/relevance to NSA surveillance, but it should also mean that if you carry out a DCF search you will get a hit if you search for: "how do I build a radio controlled bomb".
This should bump up DCF's hitrate alarmingly well - maybe even overload the servers - so 'tis all in a good cause.
(Copied below with only two embedded hyperlinks - at the end.)
Lawsuit Claims Accidental Google Auto-Completed Search for "how do I build a radio controlled bomb" Led To Years Of Government Investigation And Harrassment | Techdirt
Spoiler
Lawsuit Claims Accidental Google Search Led To Years Of Government Investigation And Harrassment
from the so-plausible-yet-so-bizarre dept

We've seen a few lawsuits filed over autocomplete suggestions, but those have all been aimed at Google by people who failed to understand a) how search engines work, and b) the unintended consequences of their actions. Targeting a search engine for unflattering autocomplete suggestions tends to make the problem worse. Each legal effort only results in more stories "confirming" the autocomplete suggestions.

This lawsuit is a bit different. The plaintiff is arguing that an accidental search triggered by an autocomplete suggestion ruined his life. But it's not Google's fault. It's… well, it's pretty much damn near everyone else.

    Jeffrey Kantor, who was fired by Appian Corporation, sued a host of government officials, including Attorney General Eric Holder, Director of National Intelligence James Clapper, CIA Director John Brennan, Defense Secretary Chuck Hagel and Secretary of State John Kerry in Federal Court, alleging civil rights violations, disclosure of private information and retaliation…

    He also sued Secretary of Energy Ernest Moniz, Acting Secretary of Homeland Security Rand Beers, Treasury Secretary Jacob Lew, EPA Administrator Regina McCarthy and U.S. Office of Personnel Management Director Katherine Archuleta.

That's a lot of big names, all of which are somehow related to Jeffrey Kantor's errant search, a mistake anyone could have made. But in this era of pervasive surveillance, a mistake may be all it takes.

    "In October of 2009, Kantor used the search engine Google to try to find, 'How do I build a radio-controlled airplane,'" he states in his complaint. "He ran this search a couple weeks before the birthday of his son with the thought of building one together as a birthday present. After typing, 'how do I build a radio controlled', Google auto-completed his search to, 'how do I build a radio controlled bomb.'"

From that point on, Kantor alleges coworkers, supervisors and government investigators all began "group stalking" him. Investigators used the good cop/bad cop approach, with the "bad cop" allegedly deploying anti-Semitic remarks frequently. In addition, his coworkers at Appian (a government contractor) would make remarks about regular people committing murder-suicides (whenever Kantor expressed anger) or how normal people just dropped dead of hypertension (whenever Kantor remained calm while being harassed).

Kantor also claims he was intensely surveilled by the government from that point forward.

    He claims government officials monitored his book purchases and home computer, and implied that everything he did was being monitored…

    Kantor [also] claims the stalking spilled over into his personal life when the government secretly attached a GPS antenna to his car to track him.

Kantor alleges this harassment continued long after he lost his job at Appian (who he's currently suing as well). The claims of stalking, harassment and surveillance fill a great deal of the 33-page filing. His suit also claims that personal information obtained through "FISA warrants" was routinely used against him (and repeated back to him) by a number of people -- the so-called "group stalking" or "gang stalking."

Kantor also makes the rather novel claim that the statute of limitations (for incidents over 2 years old) doesn't apply because the exposure of the NSA's PRISM program (which is how the accused apparently gathered much of Kantor's private info) didn't occur until 2013.

    Section 223 of the Patriot Act gives citizens two years from the time they discover that their civil rights have been violated to sue. These privacy violations occurred between 2010 and 2013. Many of the privacy violations occurred in the last two years. Other violations that Kantor alleges occurred in 2010 and early 2011, which is beyond 2 years. However, the law says that the timeline is based on when the citizen had a reasonable chance to discover the violation. Since the PRISM program was only declassified in July of 2013, these earlier violations should not be time-barred.

All in all, the filing doesn't build a very credible case and comes across more as a paranoiac narrative than a coherent detailing of possible government harassment and surveillance. Here are just a few of the highlights.

    One day in 2010, Kantor went to an adult web site from his home computer. The next day at work, a CRGT manager, Tony Buzanca, came up to Kantor, who was working at his computer, bent over and whispered in Kantor's ear, "people who go to pom sites are going to hell." Kantor contends that the government monitored Kantor's internet traffic, disclosed this private information to Buzanca, and had Buzanca repeat it back to Kantor for the purpose of harassment and group stalking. There was no legitimate investigative purpose to this disclosure of Kantor's private information, which must have been obtained through the Patriot Act enabled FISA warrant...

    Two days before Kantor requested to be transferred, he drove to a park area of Ft Belvoir after work. He hiked on a trail and retumed to his car, which was in an isolated area (where no one normally parks). There was a van next to his car and there were three men. As Kantor returned to his car, one man said to the other, "He has been here two years 'and he won't quit. I guess he is trying to prove a point." Kantor later discovered that an antenna had been affixed to his Audi A4. The government must have been using GPS tracking to track Kantor and the stalkers were using this GPS information to follow Kantor around and stalk him…

    Kantor had driven to lunch with his Appian manager, Mike Kang. Mike Kang asked Kantor what movies his wife likes. Kantor answered and politely asked Mike Kang what movies his wife likes. Kang stated that his wife likes "the Girl with the Dragon Tattoo" and the "Harry Potter" movies. Kantor thought that this was strange since at the time the only version of "the Girl with the Dragon Tattoo" that existed was in Swedish and Harry Potter was a kids' movie. Kantor also thought this was disturbing because those were the exact two books that he was reading, and he had borrowed these books from his local library. The second book Kantor was reading to his son…

    As Kantor left work that afternoon, he was followed by an African-American man in a suit. The man sat across from Kantor on the Metro train. At the West Falls Church exit, which is one stop before the Dunn Loring exit, the man got up and started screaming at the top of his lungs at Kantor, "You respect my privacy, I'll respect your privacy, bitch!" He screamed this around five times at Kantor at the top of his lungs, and then got off the train right as the doors were about to close...

    [Kantor' boss] also sent Kantor an email that said, "It's the end of the world as we know it." Kantor forwarded the email to his house. The next day he showed his father, Lawrence Kantor Jr, the email, with the title, "It's the End of the World as We Know It" and Kantor's browser history, which showed that he had emailed for the chords and lyrics to REM's "It's the end of the World as We Know It" the night before his manager sent him the email. This group stalking had occurred hundreds if not thousands of times, but this was an instance where there was digital proof and a witness on Kantor's side that had seen it in action…

    Kantor in this very draft alleged that he was being wrongly investigated as a terrorist and complained overhearing his coworkers saying that his car was being searched for an AK--47. In the evening of 8/5/2013, a Vienna police officer walked into the volunteer office and said to Kantor and the three other volunteers in the room, "So this is where all the terrorists hang out. I am going to go look for an AK-47." The police officer then left. He said nothing prior to this comment and nothing after it. Kantor had never seen the police officer before or hence. This illustrates that the privacy violations and group stalking are still occurring. Is Kantor supposed to Contact the town police and complain that police officers are stalking him (which is a crime that they themselves like the FBI are supposed to be preventing, instead of engaging in)?

Kantor has retained Christopher Swift of Swift & Swift, an attorney who apparently specializes in patent law, to represent him in this lawsuit against several government officials. The lawsuit seeks $13.8 million in compensatory damages and $45 million in statutory damages, as well as an injunction against the government to prevent it from further stalking him.

But that's not all!

The lawsuit also asks the judge to find that the PATRIOT Act is unconstitutional and illegal and order the FBI to turn over all calls and contacts where violations of the PATRIOT Act are alleged to the DoJ and the administration's "privacy advocate."

Now, there are a couple of ways of looking at this. Kantor may have undiagnosed mental issues which have led him to believe everyone (at several consecutive jobs) is out to get him and has access to his personal info. Certainly, the idea that the government has access to all of this info is less dubious than it was back in 2009 when the harassment allegedly began, but the rambling nature of this filing (which was apparently written with the assistance of an attorney) sounds a bit more like unhinged near-ravings than a blow-by-blow account of long-term harassment.

On the other hand, there would be no better way for the government to harass someone out of the workforce (while maintaining plausible deniability) than to create a situation so over the top and ridiculous that it instantly strips the victim of all credibility. So, there's that to consider as well.

The alleged starting point (the wrong Google search) is also not that far off either, as far as that goes. With certain keywords triggering NSA activity, it's not exactly paranoid to express a concern that a few erroneous searches could result in some sustained surveillance.
Kantor v Everybody (Text)
Kantor v Everybody (PDF)
________________________________


I presume it is true and not a complete practical joke.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #493 on: December 21, 2013, 03:59 AM »
I think I had read this before somewhere, but it probably belongs a s a note here - it's from Ars Technica:
(Copied below sans embedded hyperlinks/images.)
Report: NSA paid RSA to make flawed crypto algorithm the default
The NSA apparently paid RSA $10M to use Dual EC random number generator.
by Peter Bright - Dec 20, 2013 11:14 pm UTC

Security company RSA was paid $10 million to use the flawed Dual_EC_DRBG pseudorandom number generating algorithm as the default algorithm in its BSafe crypto library, according to sources speaking to Reuters.

The Dual_EC_DRBG algorithm is included in the NIST-approved crypto standard SP 800-90 and has been viewed with suspicion since shortly after its inclusion in the 2006 specification. In 2007, researchers from Microsoft showed that the algorithm could be backdoored: if certain relationships between numbers included within the algorithm were known to an attacker, then that attacker could predict all the numbers generated by the algorithm. These suspicions of backdooring seemed to be confirmed this September with the news that the National Security Agency had worked to undermine crypto standards.

The impact of this backdooring seemed low. The 2007 research, combined with Dual_EC_DRBG's poor performance, meant that the algorithm was largely ignored. Most software didn't implement it, and the software that did generally didn't use it.

One exception to this was RSA's BSafe library of cryptographic functions. With so much suspicion about Dual_EC_DRBG, RSA quickly recommended that BSafe users switch away from the use of Dual_EC_DRBG in favor of other pseduorandom number generation algorithms that its software supported. This raised the question of why RSA had taken the unusual decision to use the algorithm in the first place given the already widespread distrust surrounding it.

RSA said that it didn't enable backdoors in its software and that the choice of Dual_EC_DRBG was essentially down to fashion: at the time that the algorithm was picked in 2004 (predating the NIST specification), RSA says that elliptic curves (the underlying mathematics on which Dual_EC_DRBG is built) had become "the rage" and were felt to "have advantages over other algorithms."

Reuters' report suggests that RSA wasn't merely following the trends when it picked the algorithm and that contrary to its previous claims, the company has inserted presumed backdoors at the behest of the spy agency. The $10 million that the agency is said to have been paid was more than a third of the annual revenue earned for the crypto library.

Other sources speaking to Reuters said that the government did not let on that it had backdoored the algorithm, presenting it instead as a technical advance.

RSA is your friend, too. So many and such fine friends we have!     ;D

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #494 on: December 25, 2013, 08:24 AM »
Snowden bowing out for Christmas!?


"Edward Snowden, after months of NSA revelations, says his mission’s accomplished"

http://www.washingto...3f0ff6b8d_story.html

An interesting fragment:
"...During more than 14 hours of interviews, the first he has conducted in person since arriving here in June, Snowden did not part the curtains or step outside. Russia granted him temporary asylum on Aug. 1, but Snowden remains a target of surpassing interest to the intelligence services whose secrets he spilled on an epic scale."

What happened to the Old Way the hack fiction taught us about the spy world? He ticked off the US spy world, and he's still safe?!  But skies help you if you bring an apple juice onto a plane.

Bonus: 14 hours of interviews!? I wanna see the transcript for that!



IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #495 on: December 28, 2013, 08:40 PM »
Good demonstration of integrity:
An Open Letter to the Chiefs of EMC and RSA
Posted by Mikko @ 21:46 GMT
23rd of December 2013

An Open Letter to:
Joseph M. Tucci - Chairman and Chief Executive Officer, EMC
Art Coviello - Executive Chairman, RSA

Dear Joseph and Art,

I don’t expect you to know who I am.

I’ve been working with computer security since 1991. Nowadays I do quite a bit of public speaking on the topic. In fact, I have spoken eight times at either RSA Conference USA, RSA Conference Europe or RSA Conference Japan. You’ve even featured my picture on the walls of your conference walls among the 'industry experts'.

On December 20th, Reuters broke a story alleging that your company accepted a random number generator from the National Security Agency, and set it as the default option in one of your products, in exchange of $10 million. Your company has issued a statement on the topic, but you have not denied this particular claim. Eventually, NSA’s random number generator was found to be flawed on purpose, in effect creating a back door. You had kept on using the generator for years despite widespread speculation that NSA had backdoored it.

As my reaction to this, I’m cancelling my talk at the RSA Conference USA 2014 in San Francisco in February 2014.

Aptly enough, the talk I won’t be delivering at RSA 2014 was titled "Governments as Malware Authors".

I don’t really expect your multibillion dollar company or your multimillion dollar conference to suffer as a result of your deals with the NSA. In fact, I'm not expecting other conference speakers to cancel. Most of your speakers are American anyway – why would they care about surveillance that’s not targeted at them but at non-americans. Surveillance operations from the US intelligence agencies are targeted at foreigners. However I’m a foreigner. And I’m withdrawing my support from your event.

Sincerely,

Mikko Hypponen
Chief Research Officer
F-Secure

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
NSA's "Privacy-Invasion Wishlist" is a product catalogue?
« Reply #496 on: December 29, 2013, 09:56 AM »
From Slashdot:
Have a Privacy-Invasion Wishlist? Peruse NSA's Top Secret Catalog
Posted by timothy on Sunday December 29, 2013 @09:27AM
from the after-christmas-specials dept.

An anonymous reader writes with a link to Der Spiegel, which describes a Top-Secret spy-agency catalog which reveals that the NSA "has been secretly back dooring equipment from US companies including Dell, Cisco, Juniper, IBM, Western Digital, Seagate, Maxtor and more, risking enormous damage to US tech sector." Der Spiegel also has a wider ranging article about the agency's [/b]940969.html]Tailored Access Operations unit.

The Der Spiegel article referred to is copied below:
(Copied below sans embedded hyperlinks/images.)
Catalog Reveals NSA Has Back Doors for Numerous Devices
By Jacob Appelbaum, Judith Horchert and Christian Stöcker
Image: Entering through the back door: A State Trooper truck is seen in front of the Fort Meade, Maryland, headquarters of the National Security Agency.

After years of speculation that electronics can be accessed by intelligence agencies through a back door, an internal NSA catalog reveals that such methods already exist for numerous end-user devices.

Editor's note: This article accompanies our main feature story on the NSA's Tailored Access Operations unit. You can read it here.

When it comes to modern firewalls for corporate computer networks, the world's second largest network equipment manufacturer doesn't skimp on praising its own work. According to Juniper Networks' online PR copy, the company's products are "ideal" for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company's special computers is "unmatched" and their firewalls are the "best-in-class." Despite these assurances, though, there is one attacker none of these products can fend off -- the United States' National Security Agency.

Specialists at the intelligence organization succeeded years ago in penetrating the company's digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.

A 50-Page Catalog
These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives -- from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA's specialists seem already to have gotten past them.

This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.

In the case of Juniper, the name of this particular digital lock pick is "FEEDTROUGH." This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive "across reboots and software upgrades." In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH "has been deployed on many target platforms."

Master Carpenters
The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet.

Some of the equipment available is quite inexpensive. A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an "active GSM base station" -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.

'Persistence'
The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.

This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.

Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.

Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are "remotely installable" -- in other words, over the Internet. Others require a direct attack on an end-user device -- an "interdiction," as it is known in NSA jargon -- in order to install malware or bugging equipment.

There is no information in the documents seen by SPIEGEL to suggest that the companies whose products are mentioned in the catalog provided any support to the NSA or even had any knowledge of the intelligence solutions. "Cisco does not work with any government to modify our equipment, nor to implement any so-called security 'back doors' in our products," the company said in a statement. Contacted by SPIEGEL reporters, officials at Western Digital, Juniper Networks and Huawei also said they had no knowledge of any such modifications. Meanwhile, Dell officials said the company "respects and complies with the laws of all countries in which it operates."

Many of the items in the software solutions catalog date from 2008, and some of the target server systems that are listed are no longer on the market today. At the same time, it's not as if the hackers within the ANT division have been sleeping on the job. They have continued to develop their arsenal. Some pages in the 2008 catalog, for example, list new systems for which no tools yet exist. However, the authors promise they are already hard at work developing new tools and that they will be "pursued for a future release".

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
How did the NSA hack our emails?
« Reply #497 on: January 11, 2014, 03:57 PM »
Really good, concise video from numberphile:
How did the NSA hack our emails?



IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #498 on: January 18, 2014, 02:16 AM »
I read in the US news media in my feed-reader today that Obama has made announcements as to how the NSA problem is going to be fixed.
Phew! That's a relief.    :Thmbsup:

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Knight to queen's bishop 3 - Snowden charged with espionage.
« Reply #499 on: January 18, 2014, 02:27 AM »
Interesting post and a super image in an msnbc post on 2013-12-18:
NSA's metadata program 'not essential' to thwarting attacks | MSNBC
Caption: A man looks at his cell phone as he walks on the street in downtown Madrid, Oct. 31, 2013
On Wednesday Spain's Prime Minister Mariano Rajoy said that the head of Spain's intelligence services will address Parliament over allegations that Spain was a target for surveillance by the U.S. National Security Agency. He reiterated that if confirmed, such activity is “inappropriate and unacceptable between partners and friends.” (AP Photo/Francisco Seco)

SnowdenGate - eyes watching man on moble phone.jpgKnight to queen's bishop 3 - Snowden charged with espionage.

(Read the rest of the post at the link.)