Difference between revisions of "Timeline masters of the internet"
From Gender and Tech Resources
m |
|||
(22 intermediate revisions by one other user not shown) | |||
Line 2: | Line 2: | ||
This timeline serves awareness of the power of storytelling, retrospective exercises (''connecting dots''), further research and investigation, propaganda exercises (''detecting and shredding fallacious arguments''), threat modeling (''"quick and dirty" requires knowledge ready at hand''), finding moves aiding survival of the greatest scope of life to a greater degree than any associated destruction, and other weird stuff like that, so if you add a story, we love it! | This timeline serves awareness of the power of storytelling, retrospective exercises (''connecting dots''), further research and investigation, propaganda exercises (''detecting and shredding fallacious arguments''), threat modeling (''"quick and dirty" requires knowledge ready at hand''), finding moves aiding survival of the greatest scope of life to a greater degree than any associated destruction, and other weird stuff like that, so if you add a story, we love it! | ||
+ | |||
+ | [[File:Spy_vs_spy_by_xxweareanonymousxx-d6b9mkt.jpg|484px|thumb|right|http://xxweareanonymousxx.deviantart.com/art/Spy-Vs-Spy-381721997]] | ||
== Masters of the internet == | == Masters of the internet == | ||
Line 11: | Line 13: | ||
== Interception capabilities 2000 == | == Interception capabilities 2000 == | ||
− | Interception Capabilities 2000: | + | Interception Capabilities 2000: Report to the Director General for Research of the European Parliament (Scientific and Technical Options Assessment programme office) on the development of surveillance technology and risk of abuse of economic information. This study considers the state of the art in Communications intelligence (Comint) of automated processing for intelligence purposes of intercepted broadband multi-language leased or common carrier systems, and its applicability to Comint targeting and selection, including speech recognition. <ref>Interception Capabilities 2000 http://fas.org/irp/eprint/ic2000/ic2000.htm</ref> |
− | == Glimpses of planned information operations == | + | == Cryptome tempest FOIA == |
+ | |||
+ | January 1, 2001: John Young received eight tempest-related documents from his October 1999 NSA FOIA appeal <ref>Cryptome: NSA FOIA appeal http://cryptome.org/nsa-foia-app2.htm</ref>. The printing in the documents is in pretty poor shape, so text is being hand-typed. <ref>Cryptome: NSTISSAM TEMPEST/2-95, 12 December 1995 - "Red/Black Installation Guidance" http://cryptome.org/tempest-2-95.htm</ref><ref>Cryptome: Specification NSA No. 94-106, 24 October 1994 - Specification for Shielded Enclosures http://cryptome.org/nsa-94-106.htm</ref><ref>Cryptome: NACSIM 5000, 1 February 1982 - TEMPEST Fundamentals http://cryptome.org/nacsim-5000.htm</ref><ref>Cryptome: NSTISSI 7000, 29 November 1993 - "TEMPEST Countermeasures for Facilities." http://cryptome.org/nstissi-7000.htm</ref>. The last document reveals the US Government keeping a list of countries it views as having the ability and motivation to conduct tempest attacks on U.S. interests. Censors did a bad job of blacking out the text in this 1995 document, and 12 of the 25 countries are identifiable, including: Singapore, Norway, Hungary, Netherlands, Taiwan and some big industrial states that are known to dabble in economic espionage. | ||
+ | |||
+ | January 14, 2001: John Young released a FOIA version of NACSEM 5112, NONSTOP Evaluation Techniques. This is the first public document to come to light on NONSTOP surveillance techniques. <ref>Cryptome: NACSEM 5112, NONSTOP Evaluation Techniques http://cryptome.org/nacsem-5112.htm</ref>. | ||
+ | |||
+ | == Body of secrets == | ||
+ | |||
+ | April 25, 2001: The author of a pioneering work on the NSA delivers a new book of revelations about the mysterious agency's coverups, eavesdropping and secret missions. | ||
+ | |||
+ | In 1982, James Bamford published “The Puzzle Palace,” his first exposé on the National Security Agency. His new exposé on the NSA is called "Body of Secrets." Twenty years makes a lot of difference in the intelligence biz. During those 20 years, the Reagan military buildup came and went, the Soviet Union fell and the Cold War ended, and a bevy of new military enemies emerged. Electronic communications exploded through faxes, cellphones, the Internet, etc. Cryptography came out of the shadows to become an essential technology of the networked world. And computing power increased ten thousand-fold. | ||
+ | |||
+ | Also during those 20 years, the NSA gradually opened its doors to the outside world. Its mission — to eavesdrop on all foreign communications of interest to the United States — remained constant throughout, but the agency that used to call itself “No Such Agency” and “Never Say Anything” started appearing in public, talking to the press and making itself known. And probably more than anyone else, James Bamford helped pry those doors open. <ref>Salon: “Body of Secrets” by James Bamford http://www.salon.com/2001/04/25/nsa_3/</ref> | ||
+ | |||
+ | == Optical tempest == | ||
+ | |||
+ | 2002: A previously unknown form of compromising emanations has been discovered. LED status indicators on data communication equipment, under certain conditions, are shown to carry a modulated optical signal that is significantly correlated with information being processed by the device. Physical access is not required; the attacker gains access to all data going through the device, including plaintext in the case of data encryption systems. Experiments show that it is possible to intercept data under realistic conditions at a considerable distance. Many different sorts of devices, including modems and Internet Protocol routers, were found to be vulnerable. A taxonomy of compromising optical emanations is developed, and design changes are described that will successfully block this kind of "Optical TEMPEST" attack <ref>Information Leakage from Optical Emanations http://applied-math.org/optical_tempest.pdf</ref> | ||
+ | |||
+ | == Glimpses of newly planned information operations == | ||
=== Propaganda for the middle east === | === Propaganda for the middle east === | ||
Line 38: | Line 58: | ||
More alarming seems to be the article from the Register on wargame simulations: Sentient world: war games on the grandest scale informing us that the US DOD is developing a parallel to Planet Earth, with billions of individual "nodes" to reflect every man, woman, and child this side of the dividing line between reality and artificial reality to see how long you can go without food or water, or how you will respond to televised propaganda <ref>Sentient world: war games on the grandest scale http://www.theregister.co.uk/2007/06/23/sentient_worlds/ | More alarming seems to be the article from the Register on wargame simulations: Sentient world: war games on the grandest scale informing us that the US DOD is developing a parallel to Planet Earth, with billions of individual "nodes" to reflect every man, woman, and child this side of the dividing line between reality and artificial reality to see how long you can go without food or water, or how you will respond to televised propaganda <ref>Sentient world: war games on the grandest scale http://www.theregister.co.uk/2007/06/23/sentient_worlds/ | ||
</ref>. | </ref>. | ||
+ | |||
+ | == Hackers find a new place to hide rootkits == | ||
+ | |||
+ | May 9, 2008: Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products. Called an SSM (System Management Mode) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system but which can give attackers a picture of what's happening in a computer's memory. <ref>InfoWorld: Hackers find a new place to hide rootkits http://www.infoworld.com/article/2653209/security/hackers-find-a-new-place-to-hide-rootkits.html</ref> | ||
+ | |||
+ | November 4, 2008: Phrack: System Management Mode Hack: Using SMM for "Other Purposes" <ref>Phrack: System Management Mode Hack: Using SMM for "Other Purposes" http://phrack.org/issues/65/7.html</ref> | ||
== Law enforcement technical forum == | == Law enforcement technical forum == | ||
Line 58: | Line 84: | ||
The directive also contemplates the possible use of cyber actions inside the US, though it specifies that no such domestic operations can be conducted without the prior order of the president, except in cases of emergency. <ref>Guardian: Obama orders US to draw up overseas target list for cyber-attacks http://www.theguardian.com/world/2013/jun/07/obama-china-targets-cyber-overseas</ref> | The directive also contemplates the possible use of cyber actions inside the US, though it specifies that no such domestic operations can be conducted without the prior order of the president, except in cases of emergency. <ref>Guardian: Obama orders US to draw up overseas target list for cyber-attacks http://www.theguardian.com/world/2013/jun/07/obama-china-targets-cyber-overseas</ref> | ||
− | === Boundless | + | === Boundless informant === |
June 8, 2013: Apparently the NSA has a tool that records and analyzes all the flow of data that the spy agency collects around the world, a global data-mining software that details exactly how much intelligence, and of what type, has been collected from every country in the world. That is "Boundless Informant." The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country, according to an NSA factsheet on the program. <ref> Boundless Informant: NSA explainer – full document text http://www.theguardian.com/world/interactive/2013/jun/08/boundless-informant-nsa-full-text</ref> | June 8, 2013: Apparently the NSA has a tool that records and analyzes all the flow of data that the spy agency collects around the world, a global data-mining software that details exactly how much intelligence, and of what type, has been collected from every country in the world. That is "Boundless Informant." The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country, according to an NSA factsheet on the program. <ref> Boundless Informant: NSA explainer – full document text http://www.theguardian.com/world/interactive/2013/jun/08/boundless-informant-nsa-full-text</ref> | ||
Top Level Communications notes that Screenshots from BOUNDLESSINFORMANT can be misleading. <ref>Top Level Communications: Screenshots from BOUNDLESSINFORMANT can be misleading http://electrospaces.blogspot.nl/2013/11/screenshots-from-boundlessinformant-can.html</ref> | Top Level Communications notes that Screenshots from BOUNDLESSINFORMANT can be misleading. <ref>Top Level Communications: Screenshots from BOUNDLESSINFORMANT can be misleading http://electrospaces.blogspot.nl/2013/11/screenshots-from-boundlessinformant-can.html</ref> | ||
− | === US spies on | + | === US spies on hong kong and chinese citizens === |
June 14, 2013: Edward Snowden: US government has been hacking Hong Kong and China for years. <ref>South China Morning Post: Edward Snowden: US government has been hacking Hong Kong and China for years http://www.scmp.com/news/hong-kong/article/1259508/edward-snowden-us-government-has-been-hacking-hong-kong-and-china</ref> | June 14, 2013: Edward Snowden: US government has been hacking Hong Kong and China for years. <ref>South China Morning Post: Edward Snowden: US government has been hacking Hong Kong and China for years http://www.scmp.com/news/hong-kong/article/1259508/edward-snowden-us-government-has-been-hacking-hong-kong-and-china</ref> | ||
Line 73: | Line 99: | ||
== Snowden leaks == | == Snowden leaks == | ||
− | === | + | === United states and united kingdom monitor foreign diplomats === |
June 16, 2013: GCHQ intercepted foreign politicians' communications at G20 summits: Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. Some delegates were tricked into using internet cafes which had been set up by British intelligence agencies to read their email traffic. <ref>Guardian: GCHQ intercepted foreign politicians' communications at G20 summits http://www.theguardian.com/uk/2013/jun/16/gchq-intercepted-communications-g20-summits</ref> | June 16, 2013: GCHQ intercepted foreign politicians' communications at G20 summits: Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. Some delegates were tricked into using internet cafes which had been set up by British intelligence agencies to read their email traffic. <ref>Guardian: GCHQ intercepted foreign politicians' communications at G20 summits http://www.theguardian.com/uk/2013/jun/16/gchq-intercepted-communications-g20-summits</ref> | ||
Line 128: | Line 154: | ||
== The CIA’s new black bag is digital == | == The CIA’s new black bag is digital == | ||
− | The CIA’s clandestine service is now conducting these sorts of black bag operations on behalf of the NSA, but at a tempo not seen since the height of the Cold War. Moreover, these missions, as well as a series of parallel signals intelligence (SIGINT) collection operations conducted by the CIA’s Office of Technical Collection, have proven to be instrumental in facilitating and improving the NSA’s SIGINT collection efforts in the years since the 9/11 terrorist attacks. | + | July 17, 2013: The CIA’s clandestine service is now conducting these sorts of black bag operations on behalf of the NSA, but at a tempo not seen since the height of the Cold War. Moreover, these missions, as well as a series of parallel signals intelligence (SIGINT) collection operations conducted by the CIA’s Office of Technical Collection, have proven to be instrumental in facilitating and improving the NSA’s SIGINT collection efforts in the years since the 9/11 terrorist attacks. |
Over the past decade specially-trained CIA clandestine operators have mounted over one hundred extremely sensitive black bag jobs designed to penetrate foreign government and military communications and computer systems, as well as the computer systems of some of the world’s largest foreign multinational corporations. Spyware software has been secretly planted in computer servers; secure telephone lines have been bugged; fiber optic cables, data switching centers and telephone exchanges have been tapped; and computer backup tapes and disks have been stolen or surreptitiously copied in these operations. <nowiki> </nowiki>In other words, the CIA has become instrumental in setting up the shadowy surveillance dragnet that has now been thrown into public view. Sources within the U.S. intelligence community confirm that since 9/11, CIA clandestine operations have given the NSA access to a number of new and critically important targets around the world, especially in China and elsewhere in East Asia, as well as the Middle East, the Near East, and South Asia. (I’m not aware of any such operations here on U.S. soil.) <ref>Foreign policy: The CIA’s New Black Bag Is Digital http://foreignpolicy.com/2013/07/17/the-cias-new-black-bag-is-digital/ | Over the past decade specially-trained CIA clandestine operators have mounted over one hundred extremely sensitive black bag jobs designed to penetrate foreign government and military communications and computer systems, as well as the computer systems of some of the world’s largest foreign multinational corporations. Spyware software has been secretly planted in computer servers; secure telephone lines have been bugged; fiber optic cables, data switching centers and telephone exchanges have been tapped; and computer backup tapes and disks have been stolen or surreptitiously copied in these operations. <nowiki> </nowiki>In other words, the CIA has become instrumental in setting up the shadowy surveillance dragnet that has now been thrown into public view. Sources within the U.S. intelligence community confirm that since 9/11, CIA clandestine operations have given the NSA access to a number of new and critically important targets around the world, especially in China and elsewhere in East Asia, as well as the Middle East, the Near East, and South Asia. (I’m not aware of any such operations here on U.S. soil.) <ref>Foreign policy: The CIA’s New Black Bag Is Digital http://foreignpolicy.com/2013/07/17/the-cias-new-black-bag-is-digital/ | ||
Line 164: | Line 190: | ||
August 15, 2013: The US National Security Agency violated privacy laws and operated outside its legal authority thousands of times each year after Congress expanded the reach of the agency's power in 2008, according an internal audit acquired by The Washington Post. An NSA audit dated May 2012 that was provided to the newspaper by former NSA contractor Edward Snowden earlier this summer detailed 2,776 incidents during the previous year in which the agency had unlawfully collected, accessed or distributed legally protected communications, the Post reported Thursday. <ref>Al Jazeera: Audit finds NSA repeatedly broke privacy law http://america.aljazeera.com/articles/2013/8/15/nsa-broke-privacylawthousandsoftimesaccordingtointernalaudit.html</ref>. | August 15, 2013: The US National Security Agency violated privacy laws and operated outside its legal authority thousands of times each year after Congress expanded the reach of the agency's power in 2008, according an internal audit acquired by The Washington Post. An NSA audit dated May 2012 that was provided to the newspaper by former NSA contractor Edward Snowden earlier this summer detailed 2,776 incidents during the previous year in which the agency had unlawfully collected, accessed or distributed legally protected communications, the Post reported Thursday. <ref>Al Jazeera: Audit finds NSA repeatedly broke privacy law http://america.aljazeera.com/articles/2013/8/15/nsa-broke-privacylawthousandsoftimesaccordingtointernalaudit.html</ref>. | ||
− | === NSA illegally collected thousands of | + | === NSA illegally collected thousands of us emails annually === |
August 21, 2013: The National Security Agency (NSA) declassified three secret court opinions Wednesday showing how in one of its surveillance programs it scooped up as many as 56,000 emails and other communications by Americans not connected to terrorism annually over three years. This latest revelation comes amid growing criticism from members of Congress and privacy rights groups about the far-reaching U.S. intelligence apparatus. | August 21, 2013: The National Security Agency (NSA) declassified three secret court opinions Wednesday showing how in one of its surveillance programs it scooped up as many as 56,000 emails and other communications by Americans not connected to terrorism annually over three years. This latest revelation comes amid growing criticism from members of Congress and privacy rights groups about the far-reaching U.S. intelligence apparatus. | ||
Line 176: | Line 202: | ||
== Snowden leaks == | == Snowden leaks == | ||
− | === | + | === The Internet as a theater of spying, sabotage and war === |
August 29, 2013: Former National Security Agency contractor Edward Snowden leaked the United States intelligence budget for the 2013 fiscal year to The Washington Post Thursday, revealing that U.S. spy agencies are unable to uncover what The Post calls "blind spots," where information on questions of national security remains sparse. | August 29, 2013: Former National Security Agency contractor Edward Snowden leaked the United States intelligence budget for the 2013 fiscal year to The Washington Post Thursday, revealing that U.S. spy agencies are unable to uncover what The Post calls "blind spots," where information on questions of national security remains sparse. | ||
Line 186: | Line 212: | ||
That disclosure, in a classified intelligence budget provided by NSA leaker Edward Snowden, provides new evidence that the Obama administration’s growing ranks of cyberwarriors infiltrate and disrupt foreign computer networks. <ref>Washington Post: U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show http://www.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html</ref> | That disclosure, in a classified intelligence budget provided by NSA leaker Edward Snowden, provides new evidence that the Obama administration’s growing ranks of cyberwarriors infiltrate and disrupt foreign computer networks. <ref>Washington Post: U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show http://www.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html</ref> | ||
− | === NSA | + | === NSA spied on al jazeera communications === |
− | + | ||
− | + | ||
− | + | August 31, 2013: [...] In addition to cracking the airline reservation services for Russian airline Aeroflot, accessing "Al Jazeera broadcasting internal communication" was listed as a "notable success," the document shows. The NSA said these selected targets had "high potential as sources of intelligence." | |
− | + | ||
− | + | The encrypted information was forwarded to the responsible NSA departments for further analysis, according to the document, which did not reveal to what extent the intelligence agency spied on journalists or managers of the media company, or whether the surveillance is ongoing. | |
− | + | ||
− | + | Previous documents have not specified that the media were spied on by the NSA. But as more information emerges, the massive scope of the organization's international surveillance of telephone and Internet communication continues to grow.<ref>Der Spiegel: NSA Spied On Al Jazeera Communications http://www.spiegel.de/international/world/nsa-spied-on-al-jazeera-communications-snowden-document-a-919681.html</ref> | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
=== Cover up program used to investigate americans === | === Cover up program used to investigate americans === | ||
Line 211: | Line 228: | ||
</ref> | </ref> | ||
− | === | + | === Pakistan as target === |
− | September 2013: There have been rumors of the NSA and others using those kinds of MITM attacks, but to have it confirmed that they're doing them against the likes of Google, Yahoo and Microsoft is a big deal -- and something I would imagine does not make any of those three companies particularly happy. As Ryan Gallagher notes: ''in some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route—on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates. One document published by Fantastico, apparently taken from an NSA presentation that also contains some GCHQ slides, describes “how the attack was done” to apparently snoop on SSL traffic. The document illustrates with a diagram how one of the agencies appears to have hacked into a target’s Internet router and covertly redirected targeted Google traffic using a fake security certificate so it could intercept the information in unencrypted format.'' <ref>Techdirt Flying Pig: The NSA Is Running Man In The Middle Attacks Imitating Google's Servers https://www.techdirt.com/articles/20130910/10470024468/flying-pig-nsa-is-running-man-middle-attacks-imitating-googles-servers.shtml</ref> | + | |
+ | September 1, 2013: The $52.6 billion U.S. intelligence arsenal is aimed mainly at unambiguous adversaries, including al-Qaeda, North Korea and Iran. But top-secret budget documents reveal an equally intense focus on one purported ally: Pakistan. | ||
+ | |||
+ | No other nation draws as much scrutiny across so many categories of national security concern. | ||
+ | |||
+ | A 178-page summary of the U.S. intelligence community’s “black budget” shows that the United States has ramped up its surveillance of Pakistan’s nuclear arms, cites previously undisclosed concerns about biological and chemical sites there, and details efforts to assess the loyalties of counterterrorism sources recruited by the CIA. <ref>September 2, 2013: Washington Post: Top-secret U.S. intelligence files show new levels of distrust of Pakistan http://www.washingtonpost.com/world/national-security/top-secret-us-intelligence-files-show-new-levels-of-distrust-of-pakistan/2013/09/02/e19d03c2-11bf-11e3-b630-36617ca6640f_story.html</ref> | ||
+ | |||
+ | === Brazil and mexico === | ||
+ | |||
+ | September 1, 2013: The NSA spied on Brazilian president Dilma Rousseff and Mexican president Peña Nieto (then a candidate). The agency pulled the leader's communications from its massive, full-take databases using the Mainway, Association and Dishfire programs. <ref>O Globo:Documentos revelam esquema de agência dos EUA para espionar Dilma http://g1.globo.com/fantastico/noticia/2013/09/documentos-revelam-esquema-de-agencia-dos-eua-para-espionar-dilma-rousseff.html</ref> <ref>Veja os documentos ultrassecretos que comprovam espionagem a Dilma http://g1.globo.com/fantastico/noticia/2013/09/veja-os-documentos-ultrassecretos-que-comprovam-espionagem-dilma.html</ref> | ||
+ | |||
+ | September 2, 2013: One of the prime targets of American spies in Brazil is far away from the center of power – out at sea, deep beneath the waves. Brazilian oil. The internal computer network of Petrobras, the Brazilian oil giant partly owned by the state, has been under surveillance by the NSA, the National Security Agency of the United States. [...] '''These new disclosures contradict statements by the NSA denying espionage for economic purposes'''.<ref>NSA Documents Show United States Spied Brazilian Oil Giant http://g1.globo.com/fantastico/noticia/2013/09/nsa-documents-show-united-states-spied-brazilian-oil-giant.html</ref> | ||
+ | |||
+ | === Fighting back against drones === | ||
+ | September 3, 2013: Al-Qaeda commanders are hoping a technological breakthrough can curb the U.S. drone campaign, which has killed an estimated 3,000 people over the past decade. The airstrikes have forced al-Qaeda operatives and other militants to take extreme measures to limit their movements in Pakistan, Afghanistan, Yemen, Somalia and other places. But the drone attacks have also taken a heavy toll on civilians, generating a bitter popular backlash against U.S. policies toward those countries. [...] In July 2010, a U.S. spy agency intercepted electronic communications indicating that senior al-Qaeda leaders had distributed a "strategy guide" to operatives around the world advising them how "to anticipate and defeat" unmanned aircraft. The Defense Intelligence Agency (DIA) reported that al-Qaeda was sponsoring simultaneous research projects to develop jammers to interfere with GPS signals and infrared tags that drone operators rely on to pinpoint missile targets. [...] The technological vulnerabilities of drones are no secret. The U.S. Air Force Scientific Advisory Board issued an unclassified report two years ago warning that “increasingly capable adversaries” in countries such as Afghanistan could threaten drone operations by inventing inexpensive countermeasures. <ref>Washington Post: U.S. documents detail al-Qaeda’s efforts to fight back against drones http://www.washingtonpost.com/world/national-security/us-documents-detail-al-qaedas-efforts-to-fight-back-against-drones/2013/09/03/b83e7654-11c0-11e3-b630-36617ca6640f_story.html</ref> | ||
+ | |||
+ | === Undermining encryption on the internet === | ||
+ | September 5, 2013: The NSA has cracked methods of encryption used by millions of people ever day for secure email, e-commerce, financial transactions and more. The NSA maintains a database of common decryption keys - some possibly stolen from private companies and collaborates with the tech industry to implant security back doors into consumer products; the U.S. works to weaken international encryption standards; and the British spy agency GCHQ implanted covert agents in technology companies. <ref>The Guardian: http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security</ref> <ref>The Guardian: http://www.theguardian.com/world/interactive/2013/sep/05/nsa-classification-guide-cryptanalysis</ref> <ref>The Guardian: http://www.theguardian.com/world/interactive/2013/sep/05/nsa-project-bullrun-classification-guide</ref> <ref>The Guardian: http://www.theguardian.com/world/interactive/2013/sep/05/sigint-nsa-collaborates-technology-companies</ref> <ref>NY Times: http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html</ref> <ref>NY Times: http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html</ref> <ref>Pro Publica: http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption</ref> | ||
+ | |||
+ | === NSA spying on smartphones === | ||
+ | |||
+ | September 7, 2013: The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. NSA documents note that the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google's Android mobile operating system. The documents state the NSA can tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been. The documents also indicate that the NSA has set up specific working groups to deal with each operating system, with the goal of gaining secret access to the data held on the phones. <ref>Der Spiegel: Privacy scandal: NSA can spy on smart phone data http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html</ref> <ref>Der Spiegel: iSpy: How the NSA accesses smartphone data http://www.spiegel.de/international/world/how-the-nsa-spies-on-smartphones-including-the-blackberry-a-921161.html</ref> | ||
+ | |||
+ | == Flying pig == | ||
+ | September 10, 2013: There have been rumors of the NSA and others using those kinds of MITM attacks, but to have it confirmed that they're doing them against the likes of Google, Yahoo and Microsoft is a big deal -- and something I would imagine does not make any of those three companies particularly happy. As Ryan Gallagher notes: ''in some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route—on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates. One document published by Fantastico, apparently taken from an NSA presentation that also contains some GCHQ slides, describes “how the attack was done” to apparently snoop on SSL traffic. The document illustrates with a diagram how one of the agencies appears to have hacked into a target’s Internet router and covertly redirected targeted Google traffic using a fake security certificate so it could intercept the information in unencrypted format.'' <ref>Techdirt Flying Pig: The NSA Is Running Man In The Middle Attacks Imitating Google's Servers https://www.techdirt.com/articles/20130910/10470024468/flying-pig-nsa-is-running-man-middle-attacks-imitating-googles-servers.shtml</ref> | ||
Mike Masnick: Schneier also notes that this is basically the same technique the Chinese have used for their Great Firewall. In other words, the complicit nature of the telcos in basically giving the NSA and GCHQ incredibly privileged access to the backbone is part of what allows them to conduct those kinds of man-in-the-middle attacks. It still amazes me that there isn't more outrage over the role of the major telcos in all of this. <ref>How The NSA Pulls Off Man-In-The-Middle Attacks: With Help From The Telcos https://www.techdirt.com/articles/20131004/10522324753/how-nsa-pulls-off-man-in-the-middle-attacks-with-help-telcos.shtml | Mike Masnick: Schneier also notes that this is basically the same technique the Chinese have used for their Great Firewall. In other words, the complicit nature of the telcos in basically giving the NSA and GCHQ incredibly privileged access to the backbone is part of what allows them to conduct those kinds of man-in-the-middle attacks. It still amazes me that there isn't more outrage over the role of the major telcos in all of this. <ref>How The NSA Pulls Off Man-In-The-Middle Attacks: With Help From The Telcos https://www.techdirt.com/articles/20131004/10522324753/how-nsa-pulls-off-man-in-the-middle-attacks-with-help-telcos.shtml | ||
</ref> | </ref> | ||
− | == NSA attacking | + | == Snowden leaks == |
− | October 2013: The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world. | + | |
+ | === NSA sharing data with israel === | ||
+ | September 11, 2013: document shows how intelligence being shared with Israel would not be filtered in advance by NSA analysts to remove US communications <ref>The Guardian: NSA and Israeli intelligence: memorandum of understanding – full document http://www.theguardian.com/world/interactive/2013/sep/11/nsa-israel-intelligence-memorandum-understanding-document | ||
+ | </ref>. | ||
+ | |||
+ | === Documents reveal NSA’s extensive involvement in targeted killing program === | ||
+ | October 16, 2013: The U.S. government has never publicly acknowledged killing Ghul. But documents provided to The Washington Post by former NSA contractor Edward Snowden confirm his demise in October 2012 and reveal the agency’s extensive involvement in the targeted killing program that has served as a centerpiece of President Obama’s counterterrorism strategy. | ||
+ | |||
+ | An al-Qaeda operative who had a knack for surfacing at dramatic moments in the post-Sept. 11 story line, Ghul was an emissary to Iraq for the terrorist group at the height of that war. He was captured in 2004 and helped expose bin Laden’s courier network before spending two years at a secret CIA prison. Then, in 2006, the United States delivered him to his native Pakistan, where he was released and returned to the al-Qaeda fold. | ||
+ | |||
+ | But beyond filling in gaps about Ghul, the documents provide the most detailed account of the intricate collaboration between the CIA and the NSA in the drone campaign. <ref>Documents reveal NSA’s extensive involvement in targeted killing program http://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_story.html</ref> | ||
+ | |||
+ | === NSA monitors financial world === | ||
+ | September 16, 2013: "Money is the root of all evil," joke the intelligence agents. According to the classified documents, the spies' activities primarily focus on regions like Africa and the Middle East -- and their efforts often focus on targets that fall within their legal intelligence-gathering mandate. However, in the financial sector, just as in other areas, the NSA also relies on maximum data collection -- an approach that apparently leads to conflicts with national laws and international agreements. | ||
+ | |||
+ | Some members of the intelligence community even view spying in the global financial system with a certain amount of concern, as revealed by a document from the NSA's British counterpart -- the Government Communications Headquarters (GCHQ) -- that deals with "financial data" from a legal perspective and examines the organization's own collaboration with the NSA. According to the document, the collection, storage and sharing of "politically sensitive" data is a highly invasive measure since it includes "bulk data -- rich personal information. A lot of it is not about our targets." | ||
+ | |||
+ | Indeed, secret documents reveal that the main NSA financial database Tracfin, which collects the "Follow the Money" surveillance results on bank transfers, credit card transactions and money transfers, already had 180 million datasets by 2011. The corresponding figure in 2008 was merely 20 million. According to these documents, most Tracfin data is stored for five years <ref>Der Spiegel: 'Follow the Money': NSA Monitors Financial World http://www.spiegel.de/international/world/how-the-nsa-spies-on-international-bank-transactions-a-922430.html</ref>. | ||
+ | |||
+ | === GCHQ hacking belgacom === | ||
+ | |||
+ | September 20, 2013: The presentation is undated, but another document indicates that access has been possible since 2010. The document shows that the Belgacom subsidiary Bics, a joint venture between Swisscom and South Africa's MTN, was on the radar of the British spies. | ||
+ | |||
+ | Belgacom, whose major customers include institutions like the European Commission, the European Council and the European Parliament, ordered an internal investigation following the recent revelations about spying by the United States' National Security Agency (NSA) and determined it had been the subject of an attack. The company then referred the incident to Belgian prosecutors. Last week, Belgian Prime Minister Elio di Rupo spoke of a "violation of the public firm's integrity." | ||
+ | |||
+ | When news first emerged of the cyber attack, suspicions in Belgium were initially directed at the NSA. But the presentation suggests that it was Belgium's own European Union partner Britain that is behind "Operation Socialist," even though the presentation indicates that the British used spying technology for the operation that the NSA had developed. | ||
+ | |||
+ | According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI").<ref>Der Spiegel: Belgacom Attack: Britain's GCHQ Hacked Belgian Telecoms Firm http://www.spiegel.de/international/europe/british-spy-agency-gchq-hacked-belgian-telecoms-firm-a-923406.html</ref> | ||
+ | |||
+ | === Spying on indian leaders === | ||
+ | |||
+ | September 23, 2013: Among the BRICS group of emerging nations, which featured quite high on the list of countries targeted by the secret surveillance programs of the U.S. National Security Agency (NSA) for collecting telephone data and internet records, India was the number one target of snooping by the American agency. [...] According to documents provided to The Hindu by NSA whistleblower Edward Snowden, the American agency carried out intelligence gathering activities in India using at least two major programs: the first one is Boundless Informant, a data-mining system which keeps track of how many calls and emails are collected by the security agency; and the second one is PRISM, a program which intercepts and collects actual content from the networks. While Boundless Informant was used for monitoring telephone calls and access to the internet in India, PRISM collected information about certain specific issues — not related to terrorism — through Google, Microsoft, Facebook, Yahoo, Apple, YouTube and several other web-based services. <ref>The Hindu: India among top targets of spying by NSA http://www.thehindu.com/news/national/india-among-top-targets-of-spying-by-nsa/article5157526.ece</ref> | ||
+ | |||
+ | === NSA drone document === | ||
+ | September 25, 2013: NSA drone document – selected excerpts is released. <ref>The Guardian: NSA drone document – selected excerpts http://www.theguardian.com/world/interactive/2013/sep/25/nsa-documents-top-secret-excerpts</ref> Viewing anti-drone activism as indicative of a terrorism threat is noxious. As Reprieve's Cory Crider put it yesterday, "if there were any doubt the UK was abusing its counter-terrorism powers to silence critics, this ends it." <ref> | ||
+ | UK detention of Reprieve activist consistent with NSA's view of drone opponents as 'threats' and 'adversaries' http://www.theguardian.com/commentisfree/2013/sep/25/nsa-uk-drone-opponents-threats | ||
+ | </ref> | ||
+ | |||
+ | == Minaret == | ||
+ | |||
+ | September 25, 2013: For years the names of the surveillance targets were kept secret. But after a decision by the Interagency Security Classification Appeals Panel, in response to an appeal by the National Security Archive at George Washington University, the NSA has declassified them for the first time. The names of the NSA’s targets are eye-popping. Civil rights leaders Martin Luther King and Whitney Young were on the watch list, as were the boxer Muhammad Ali, New York Times journalist Tom Wicker, and veteran Washington Post humor columnist Art Buchwald. But perhaps the most startling fact in the declassified document is that the NSA was tasked with monitoring the overseas telephone calls and cable traffic of two prominent members of Congress, Sen. Frank Church (D-Idaho) and Sen. Howard Baker (R-Tenn.). As shocking as the recent revelations about the NSA’s domestic eavesdropping have been, there has been no evidence so far of today’s signal intelligence corps taking a step like this, to monitor the White House’s political enemies. | ||
+ | |||
+ | As the Vietnam War escalated during Lyndon B. Johnson’s presidency, domestic criticism and protest movements abounded. Protesters surrounded the Pentagon in the fall of 1967 and two years later organized demonstrations and the Moratorium to End the War in Vietnam. The scale of the dissent angered Johnson as well as his successor, Richard Nixon. As fervent anti-communists, they wondered whether domestic protests were linked to hostile foreign powers, and they wanted answers from the intelligence community. The CIA responded with Operation Chaos, while the NSA worked with other intelligence agencies to compile watch lists of prominent anti-war critics in order to monitor their overseas communications. By 1969, this program became formally known as "Minaret." <ref>Foreign Policy Investigation: Secret Cold War Documents Reveal NSA Spied on Senators http://foreignpolicy.com/2013/09/25/secret-cold-war-documents-reveal-nsa-spied-on-senators/</ref> | ||
+ | |||
+ | == Snowden leaks == | ||
+ | |||
+ | === NSA diagramming social networks of united states citizens === | ||
+ | September 28, 2013: Domint Documents on N.S.A. Efforts to Diagram Social Networks of U.S. Citizens released <ref>NY Times: Documents on N.S.A. Efforts to Diagram Social Networks of U.S. Citizens http://www.nytimes.com/interactive/2013/09/29/us/documents-on-nsa-efforts-to-diagram-social-networks-of-us-citizens.html</ref>: Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials. | ||
+ | |||
+ | The spy agency began allowing the analysis of phone call and e-mail logs in November 2010 to examine Americans’ networks of associations for foreign intelligence purposes after N.S.A. officials lifted restrictions on the practice, according to documents provided by Edward J. Snowden, the former N.S.A. contractor. <ref>NY Times: N.S.A. Gathers Data on Social Connections of U.S. Citizens http://www.nytimes.com/2013/09/29/us/nsa-examines-social-networks-of-us-citizens.html</ref> | ||
+ | |||
+ | === Storage of metadata === | ||
+ | September 30, 2013: NSA stores metadata of millions of web users for up to a year, secret files show. The National Security Agency is storing the online metadata of millions of internet users for up to a year, regardless of whether or not they are persons of interest to the agency, documents reveal. Metadata provides a record of almost anything a user does online, from browsing history – such as map searches and websites visited – to account details, email activity, and even some account passwords. This can be used to build a detailed picture of an individual's life. | ||
+ | |||
+ | The Obama administration has repeatedly stated that the NSA keeps only the content of messages and communications of people it is intentionally targeting – but internal documents reveal the agency retains vast amounts of metadata. <ref>The Guardian: NSA stores metadata of millions of web users for up to a year, secret files show http://www.theguardian.com/world/2013/sep/30/nsa-americans-metadata-year-documents</ref> | ||
+ | |||
+ | == NSA attacking tor == | ||
+ | October 4, 2013: The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world. | ||
According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser. The NSA refers to these capabilities as CNE, or computer network exploitation. <ref>Attacking Tor: how the NSA targets users' online anonymity http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity</ref> | According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser. The NSA refers to these capabilities as CNE, or computer network exploitation. <ref>Attacking Tor: how the NSA targets users' online anonymity http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity</ref> | ||
== Snowden leaks == | == Snowden leaks == | ||
+ | |||
+ | === Canadian CSEC spying on brazil's ministry of mines and energy === | ||
+ | October 6, 2013: Documentos vazados pelo americano Edward Snowden mostram que dessa vez o alvo é o Ministério de Minas e Energia. E não são só os Estados Unidos que estão envolvidos. As comunicações de computadores, telefones fixos e celulares do ministério foram mapeadas pela agência de espionagem do Canadá <ref>O Globo: Ministério de Minas e Energia está na mira de espiões americanos e canadenses http://g1.globo.com/fantastico/noticia/2013/10/ministerio-das-minas-e-energia-esta-na-mira-de-espioes-americanos-e-canadenses.html</ref>. | ||
+ | |||
+ | === NSA information overload === | ||
+ | |||
+ | [[File:Government-liking-statuses.jpg|480px|thumb|right]] | ||
+ | |||
+ | October 14, 2013: The NSA collects over 250 million email inbox views and contact lists per year from services like Yahoo, Gmail and Facebook. It collects the data in bulk from the fiber optic cables carrying phone and Internet traffic. The collection points are outside of the united states, so the NSA is not a legally required to filter out data of americans, but according to a spokesperson it does have a policy to "minimize the acquisition, use and dissemination" of Americans' data. <ref>The Washington Post: NSA collects millions of e-mail address books globally http://www.washingtonpost.com/world/national-security/nsa-collects-millions-of-e-mail-address-books-globally/2013/10/14/8e58b5be-34f9-11e3-80c6-7e6dd8d22d8f_story.html</ref><ref>Apps Washington Post: The NSA's problem? Too much data. http://apps.washingtonpost.com/g/page/world/the-nsas-overcollection-problem/517/</ref><ref>Apps Washington Post: SCISSORS: How the NSA collects less data http://apps.washingtonpost.com/g/page/world/how-the-nsa-tried-to-collect-less/518/</ref><ref>Apps Washington Post: An excerpt from the NSA's Wikipedia http://apps.washingtonpost.com/g/page/world/an-excerpt-from-intellipedia/519/ | ||
+ | </ref> | ||
=== Meet the spies doing the NSA’s dirty work === | === Meet the spies doing the NSA’s dirty work === | ||
Line 229: | Line 337: | ||
=== NSA tracking cellphone locations worldwide === | === NSA tracking cellphone locations worldwide === | ||
− | The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable. <ref>NSA tracking cellphone locations worldwide, Snowden documents show http://www.washingtonpost.com/world/national-security/nsa-tracking-cellphone-locations-worldwide-snowden-documents-show/2013/12/04/5492873a-5cf2-11e3-bc56-c6ca94801fac_story.html | + | December 4, 2013: The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable. <ref>NSA tracking cellphone locations worldwide, Snowden documents show http://www.washingtonpost.com/world/national-security/nsa-tracking-cellphone-locations-worldwide-snowden-documents-show/2013/12/04/5492873a-5cf2-11e3-bc56-c6ca94801fac_story.html |
</ref> | </ref> | ||
The ACLU created ''Meet Jack. Or, What The Government Could Do With All That Location Data''. <ref>Meet Jack. Or, What The Government Could Do With All That Location Data https://www.aclu.org/feature/meet-jack?redirect=meet-jack-or-what-government-could-do-all-location-data</ref> | The ACLU created ''Meet Jack. Or, What The Government Could Do With All That Location Data''. <ref>Meet Jack. Or, What The Government Could Do With All That Location Data https://www.aclu.org/feature/meet-jack?redirect=meet-jack-or-what-government-could-do-all-location-data</ref> | ||
+ | |||
+ | == The death of irony == | ||
+ | December 4, 2013: University of Penn’s Secret Meetings on Secret Surveillance Law: [...] She soon passes me off to another attendee: the ACLU’s Alex Abdo. | ||
+ | |||
+ | "There’s a non-attribution agreement that applies, a 'Chatham House Rule' <ref>Chatham House Rule http://www.chathamhouse.org/about/chatham-house-rule | ||
+ | </ref> that people here are talking about," Alex Abdo tells me. Finally, we’re getting somewhere. | ||
+ | |||
+ | Abdo is an ACLU staff attorney and participant in that organization’s National Security Project. He arrived here this morning after doing battle with the National Security Agency in U.S. District Court in Lower Manhattan the day before. Abdo is also a conference participant. At moments during our conversation, he seems embarrassed when I press him on the absurdly-ironic secrecy cloaking a conference whose very theme ostensibly seeks to take a critical look at Intelligence Community obfuscation. Hell, even several participants (including Dr. Hans Blix) during a 2006 UK conference on freedom of information and the Iraq War scoffed at invoking the Chatham House rule. <ref>The Death of Irony: University of Penn’s Secret Meetings on Secret Surveillance Law http://mediaroots.org/the-death-of-irony-or-university-of-penns-secret-meetings-on-secret-surveillance-law/</ref> | ||
+ | |||
+ | == The epochal batch of leaks == | ||
+ | ''Many stories from Der Spiegel over the last eight months; all talkie talk, minimal docs. Suddenly the epochal batch we're looking at now. Pointedly not attributed to Snowden. Following hard upon the German delegation getting the middle finger from Ft. Meade when they asked for Five Eyes no-spy status. Der Spiegel is, shall we say, close to the German government. So blowback maybe happening, but back channel, not how we might think.'' | ||
+ | |||
+ | === NSA's TAO Unit === | ||
+ | December 29, 2013: The NSA's TAO hacking unit is considered to be the intelligence agency’s top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting. <ref>NSA’s "Tailored Access Operations" Elite Hacking Unit Revealed http://leaksource.info/2013/12/30/nsas-tailored-access-operations-elite-hacking-unit-revealed/ | ||
+ | </ref> | ||
+ | |||
+ | === ANT division catalog of exploits for nearly every major software/hardware/firmware === | ||
+ | December 30, 2013: After years of speculation that electronics can be accessed by intelligence agencies through a back door, an internal NSA catalog reveals that such methods already exist for numerous end-user devices. <ref>Leaksource: NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware http://leaksource.info/2013/12/30/nsas-ant-division-catalog-of-exploits-for-nearly-every-major-software-hardware-firmware/</ref> | ||
+ | |||
+ | == Organised crime infiltrated and compromised uk establishment == | ||
+ | January 11, 2014: The thing that corruption stories -- even astounding ones like this -- teach us is that our systems need to account for the possibility that the authorities are corrupt, or sloppy, or duped. Creating laws that give police and magistrates the power to declare anything anyone does illegal, storing massive DNA databases, allowing for secret courts and warrantless surveillance, creating unaccountable systems of censorship, and letting spies run wild are all '''examples of systems designed on the presumption that the establishment is both uncorrupted and perpetually uncorrectable'''. <ref>BoinBoing Total corruption: Organised crime infiltrated and compromised UK courts, police, HMRC, Crown Prosecution Service, prisons, and juries http://boingboing.net/2014/01/11/total-corruption-organised-cr.html</ref> | ||
== Multistakeholder global (internet) governance? == | == Multistakeholder global (internet) governance? == | ||
Line 260: | Line 389: | ||
The FBI took advantage of the NSA’s PRISM program http://pando.com/2015/01/12/the-fbi-took-advantage-of-the-nsas-prism-program/ | The FBI took advantage of the NSA’s PRISM program http://pando.com/2015/01/12/the-fbi-took-advantage-of-the-nsas-prism-program/ | ||
</ref> | </ref> | ||
+ | |||
+ | == David Cameron's plan to ban encryption in the uk == | ||
+ | Januari 13, 2015: David Cameron says there should be no "means of communication" which "we cannot read" -- and no doubt many in his party will agree with him, politically. But if they understood the technology, they would be shocked to their boots. What David Cameron just proposed would endanger every Briton and destroy the IT industry <ref>BoingBoing: What David Cameron just proposed would endanger every Briton and destroy the IT industry http://boingboing.net/2015/01/13/what-david-cameron-just-propos.html</ref> | ||
== Hackers create spy plug inspired by the NSA's surveillance kit == | == Hackers create spy plug inspired by the NSA's surveillance kit == | ||
Line 279: | Line 411: | ||
</ref> | </ref> | ||
− | == Documents reveal secret memos expanding spying == | + | == Documents reveal secret memos expanding spying in 2012 == |
June 4, 2015: Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents. | June 4, 2015: Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents. | ||
Line 285: | Line 417: | ||
The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought permission to target hackers even when it could not establish any links to foreign powers. <ref>ProPublica: New Snowden Documents Reveal Secret Memos Expanding Spying https://www.propublica.org/article/new-snowden-documents-reveal-secret-memos-expanding-spying</ref> | The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought permission to target hackers even when it could not establish any links to foreign powers. <ref>ProPublica: New Snowden Documents Reveal Secret Memos Expanding Spying https://www.propublica.org/article/new-snowden-documents-reveal-secret-memos-expanding-spying</ref> | ||
+ | |||
+ | == Edward Snowden: The world says no to surveillance == | ||
+ | For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason. With each court victory, with every change in the law, we demonstrate facts are more convincing than fear. As a society, we rediscover that the value of a right is not in what it hides, but in what it protects. <ref>Edward Snowden: The World Says No to Surveillance http://www.nytimes.com/2015/06/05/opinion/edward-snowden-the-world-says-no-to-surveillance.html</ref>. | ||
== Related == | == Related == | ||
Line 294: | Line 429: | ||
* [[Surveillance]] | * [[Surveillance]] | ||
* [[Biometrics]] | * [[Biometrics]] | ||
− | |||
== References == | == References == | ||
+ | |||
+ | [[Category:How_To]] |
Latest revision as of 08:29, 11 September 2015
This page contains links gathered and shared by anonymii over four years (crowdsourced as it were) on "things": told and leaked stories and whistle spit. People and communities use stories to understand the world and our place in it. These stories are embedded with power - the power to explain and justify the status quo as well as the power to make change imaginable and urgent. A narrative analysis of power encourages us to ask: Which stories define cultural norms? Where did these stories come from? Whose stories were ignored or erased to create these norms? And, most urgently, what new stories can we tell to help create the world we desire?
This timeline serves awareness of the power of storytelling, retrospective exercises (connecting dots), further research and investigation, propaganda exercises (detecting and shredding fallacious arguments), threat modeling ("quick and dirty" requires knowledge ready at hand), finding moves aiding survival of the greatest scope of life to a greater degree than any associated destruction, and other weird stuff like that, so if you add a story, we love it!
Contents
- 1 Masters of the internet
- 2 The making of the US surveillance state, 1898-2020
- 3 Interception capabilities 2000
- 4 Cryptome tempest FOIA
- 5 Body of secrets
- 6 Optical tempest
- 7 Glimpses of newly planned information operations
- 8 Hackers find a new place to hide rootkits
- 9 Law enforcement technical forum
- 10 The secret eu surveillance plan that wasn't
- 11 Snowden leaks
- 12 There is a NSA/CIA hybrid agency?
- 13 Snowden leaks
- 13.1 United states and united kingdom monitor foreign diplomats
- 13.2 Top secret rules
- 13.3 GCHQ taps fibre-optic cables
- 13.4 Stellar wind
- 13.5 Spying on europeans
- 13.6 Big brother in france
- 13.7 Big brother in australia
- 13.8 Big brother in latin america
- 13.9 Explaining the PRISM data-collection program
- 14 The CIA’s new black bag is digital
- 15 Snowden leaks
- 16 Lavabit and Silent Circle shut down
- 17 Snowden leaks
- 18 Attempt at discrediting Snowden
- 19 Snowden leaks
- 19.1 The Internet as a theater of spying, sabotage and war
- 19.2 NSA spied on al jazeera communications
- 19.3 Cover up program used to investigate americans
- 19.4 Pakistan as target
- 19.5 Brazil and mexico
- 19.6 Fighting back against drones
- 19.7 Undermining encryption on the internet
- 19.8 NSA spying on smartphones
- 20 Flying pig
- 21 Snowden leaks
- 22 Minaret
- 23 Snowden leaks
- 24 NSA attacking tor
- 25 Snowden leaks
- 26 The death of irony
- 27 The epochal batch of leaks
- 28 Organised crime infiltrated and compromised uk establishment
- 29 Multistakeholder global (internet) governance?
- 30 Surveillance is about control, not security
- 31 Snowden leaks
- 32 FBI and PRISM
- 33 David Cameron's plan to ban encryption in the uk
- 34 Hackers create spy plug inspired by the NSA's surveillance kit
- 35 DEA operations exposed
- 36 It's politics!
- 37 Documents reveal secret memos expanding spying in 2012
- 38 Edward Snowden: The world says no to surveillance
- 39 Related
- 40 References
Masters of the internet
Even during the 1970s, the rhetoric of “free flow of information” had long functioned as a central tenet of US foreign policy. During the era of decolonisation and cold war the doctrine purported to be a shining beacon, lighting the world’s way to emancipation from imperialism and state repression. Today it continues to paint deep-seated economic and strategic interests in an appealing language of universal human rights. “Internet freedom”, “freedom to connect”, “net freedom” — terms circulated by Secretary of State Hillary Clinton and Google executives together in the run-up to the WCIT — are today’s version of the longstanding “free flow” precept. But just as before, “Internet freedom” is a red herring (see Logical fallacies in Propaganda). Calculatingly manipulative, it tells us to entrust a fundamental human right to a pair of powerfully self-interested social actors: corporations and states. [1]
The making of the US surveillance state, 1898-2020
The Making of the U.S. Surveillance State, 1898-2020: The American surveillance state is now an omnipresent reality, but its deep history is little known and its future little grasped. Edward Snowden’s leaked documents reveal that, in a post-9/11 state of war, the National Security Agency (NSA) was able to create a surveillance system that could secretly monitor the private communications of almost every American in the name of fighting foreign terrorists. The technology used is state of the art; the impulse, it turns out, is nothing new. For well over a century, what might be called “surveillance blowback” from America’s wars has ensured the creation of an ever more massive and omnipresent internal security and surveillance apparatus. Its future (though not ours) looks bright indeed. [2]
Interception capabilities 2000
Interception Capabilities 2000: Report to the Director General for Research of the European Parliament (Scientific and Technical Options Assessment programme office) on the development of surveillance technology and risk of abuse of economic information. This study considers the state of the art in Communications intelligence (Comint) of automated processing for intelligence purposes of intercepted broadband multi-language leased or common carrier systems, and its applicability to Comint targeting and selection, including speech recognition. [3]
Cryptome tempest FOIA
January 1, 2001: John Young received eight tempest-related documents from his October 1999 NSA FOIA appeal [4]. The printing in the documents is in pretty poor shape, so text is being hand-typed. [5][6][7][8]. The last document reveals the US Government keeping a list of countries it views as having the ability and motivation to conduct tempest attacks on U.S. interests. Censors did a bad job of blacking out the text in this 1995 document, and 12 of the 25 countries are identifiable, including: Singapore, Norway, Hungary, Netherlands, Taiwan and some big industrial states that are known to dabble in economic espionage.
January 14, 2001: John Young released a FOIA version of NACSEM 5112, NONSTOP Evaluation Techniques. This is the first public document to come to light on NONSTOP surveillance techniques. [9].
Body of secrets
April 25, 2001: The author of a pioneering work on the NSA delivers a new book of revelations about the mysterious agency's coverups, eavesdropping and secret missions.
In 1982, James Bamford published “The Puzzle Palace,” his first exposé on the National Security Agency. His new exposé on the NSA is called "Body of Secrets." Twenty years makes a lot of difference in the intelligence biz. During those 20 years, the Reagan military buildup came and went, the Soviet Union fell and the Cold War ended, and a bevy of new military enemies emerged. Electronic communications exploded through faxes, cellphones, the Internet, etc. Cryptography came out of the shadows to become an essential technology of the networked world. And computing power increased ten thousand-fold.
Also during those 20 years, the NSA gradually opened its doors to the outside world. Its mission — to eavesdrop on all foreign communications of interest to the United States — remained constant throughout, but the agency that used to call itself “No Such Agency” and “Never Say Anything” started appearing in public, talking to the press and making itself known. And probably more than anyone else, James Bamford helped pry those doors open. [10]
Optical tempest
2002: A previously unknown form of compromising emanations has been discovered. LED status indicators on data communication equipment, under certain conditions, are shown to carry a modulated optical signal that is significantly correlated with information being processed by the device. Physical access is not required; the attacker gains access to all data going through the device, including plaintext in the case of data encryption systems. Experiments show that it is possible to intercept data under realistic conditions at a considerable distance. Many different sorts of devices, including modems and Internet Protocol routers, were found to be vulnerable. A taxonomy of compromising optical emanations is developed, and design changes are described that will successfully block this kind of "Optical TEMPEST" attack [11]
Glimpses of newly planned information operations
Propaganda for the middle east
In 2005 the BBC reports that the US military is planning to win the hearts of young people in the Middle East by publishing a new comic in order to "achieve long-term peace and stability in the Middle East" [12] .
Fight the net
In 2006 the BBC reveals US plans to 'fight the net': A newly declassified document gives a fascinating glimpse into the US military's plans for "information operations" - from psychological operations, to attacks on hostile computer networks [13].
The FBI wiretap net
August 2007: The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act. The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.
It's a "comprehensive wiretap system that intercepts wire-line phones, cellular phones, SMS and push-to-talk systems," says Steven Bellovin, a Columbia University computer science professor and longtime surveillance expert. [14]
Bloggers on guard
The Raw Story reports in 2007 that CENTCOM sent emails to "bloggers who are posting inaccurate or untrue information, as well as bloggers who are posting incomplete information" [15].
In 2009 the US Air Force releases ‘Counter-Blog’ marching orders to its airmen as part of an Air Force push to "counter the people out there in the blogosphere who have negative opinions about the U.S. government and the Air Force" [16]
Wargame simulations
More alarming seems to be the article from the Register on wargame simulations: Sentient world: war games on the grandest scale informing us that the US DOD is developing a parallel to Planet Earth, with billions of individual "nodes" to reflect every man, woman, and child this side of the dividing line between reality and artificial reality to see how long you can go without food or water, or how you will respond to televised propaganda [17].
Hackers find a new place to hide rootkits
May 9, 2008: Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products. Called an SSM (System Management Mode) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system but which can give attackers a picture of what's happening in a computer's memory. [18]
November 4, 2008: Phrack: System Management Mode Hack: Using SMM for "Other Purposes" [19]
Law enforcement technical forum
Packeteer is a tool to decode captured data from any data network (e.g. e-mails, webpages, images, audio files, etc.) plus an XML file describing all the data. Coolminer is an internally developed software interface that configures and displays processed data in intelligible form. [...] Over the course of the last two years, DITU centralized two processing centers that load balance the work. A third processing center is coming online soon. [...] State and local law enforcement remains responsible for original evidence storage. The FBI will pull copied collected data to the processor. And more such enlightening delicious little tidbits. [20]
The secret eu surveillance plan that wasn't
CLEAN IT: the secret EU surveillance plan that wasn't: There are elements in Europe who would dearly like to see the CLEAN IT wish list put into practice, but we must distinguish between transnational talking shops, EU working groups and draft EU policy. [21]
Snowden leaks
PRISM
June 6, 2013: First Snowden leak containing the PRISM slides. All known slides are shown in an article by Top Level Communications on what is known about NSA's PRISM program. If new slides of this PRISM presentation become available, they will be added. [22]. PRISM is not for mass surveillance but for collecting communications of specifically identified targets. NSA also has no "direct access" to the servers of companies like Microsoft, Facebook and Google. A unit of the FBI picks up the data and the NSA does the analysis.
Overseas target list
June 7, 2013: Second Snowden leak on Obama ordering his senior national security and intelligence officials to draw up an overseas target list for cyber-attacks. The 18-page Presidential Policy Directive 20, issued in October last year but never published, states that what it calls Offensive Cyber Effects Operations (OCEO) "can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging".
It says the government will "identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power".
The directive also contemplates the possible use of cyber actions inside the US, though it specifies that no such domestic operations can be conducted without the prior order of the president, except in cases of emergency. [23]
Boundless informant
June 8, 2013: Apparently the NSA has a tool that records and analyzes all the flow of data that the spy agency collects around the world, a global data-mining software that details exactly how much intelligence, and of what type, has been collected from every country in the world. That is "Boundless Informant." The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country, according to an NSA factsheet on the program. [24]
Top Level Communications notes that Screenshots from BOUNDLESSINFORMANT can be misleading. [25]
US spies on hong kong and chinese citizens
June 14, 2013: Edward Snowden: US government has been hacking Hong Kong and China for years. [26]
There is a NSA/CIA hybrid agency?
The media is quoting a number of intelligence “insiders” who are questioning NSA whistleblower Edward Snowden’s involvement in National Security Agency (NSA) signals intelligence and meta-data mining programs like PRISM and CIA human intelligence (HUMINT) operations.
However, the U.S. intelligence “insiders” may be trying their best to cover up the operations of a little-known hybrid NSA-CIA organizations known as the Special Collection Service (SCS), known internally at NSA as “F6,” and which is headquartered in Beltsville, Maryland in what appears to be a normal office building with a sign bearing the letters “CSSG” at its front driveway off of Springfield Road. Adjacent to the CSSG building is the State Department’s Beltsville Communications Annex, known internally at the State Department as SA-26 and part of the Diplomatic Telecommunications Service, which also handles encrypted communications to CIA stations around the world. [27]
Snowden leaks
United states and united kingdom monitor foreign diplomats
June 16, 2013: GCHQ intercepted foreign politicians' communications at G20 summits: Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. Some delegates were tricked into using internet cafes which had been set up by British intelligence agencies to read their email traffic. [28]
June 17, 2013: G20 summit: NSA targeted Russian president Medvedev in London: American spies based in the UK intercepted the top-secret communications of the then Russian president, Dmitry Medvedev, during his visit to Britain for the G20 summit in London, leaked documents reveal. [29]
June 16, 2013: Read extracts from the leaked documents describing the agency's 'recent successes'. [30]
Top secret rules
June 20, 2013: The top secret rules that allow NSA to use US data without a warrant: Top secret documents submitted to the court that oversees surveillance by US intelligence agencies show the judges have signed off on broad orders which allow the NSA to make use of information "inadvertently" collected from domestic US communications without a warrant. The documents show that even under authorities governing the collection of foreign intelligence from foreign targets, US communications can still be collected, retained and used. [31]
GCHQ taps fibre-optic cables
June 21, 2013: GCHQ taps fibre-optic cables for secret access to world's communications: Britain's spy agency GCHQ has secretly gained access to the network of cables which carry the world's phone calls and internet traffic and has started to process vast streams of sensitive personal information which it is sharing with its American partner, the National Security Agency (NSA).
The sheer scale of the agency's ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate. One key innovation has been GCHQ's ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months. [32]
Stellar wind
June 27, 2013 Guardian: NSA inspector general report on email and internet data collection under Stellar Wind: Top-secret draft report from 2009 by the NSA's inspector general shows development of 'collection of bulk internet metadata' under program launched under Bush. [33]
Spying on europeans
June 29, 2013 Der Spiegel: Information shows that America's National Security Agency (NSA) not only conducted online surveillance of European citizens, but also appears to have specifically targeted buildings housing European Union institutions. A "top secret" 2010 document describes how the secret service attacked the EU's diplomatic representation in Washington.
The document suggests that in addition to installing bugs in the building in downtown Washington, DC, the European Union representation's computer network was also infiltrated. In this way, the Americans were able to access discussions in EU rooms as well as emails and internal documents on computers. [34]
June 30, 2013 Der Spiegel: Internal NSA statistics indicate that the agency stores data from around half a billion communications connections in Germany each month. This data includes telephone calls, emails, mobile-phone text messages and chat transcripts. The metadata -- or information about which call or data connections were made and when -- is then stored at the NSA's headquarters in Fort Meade, near Washington, DC. [35]
Big brother in france
July 4, 2013: Le Monde: Si les révélations sur le programme d'espionnage américain Prism ont provoqué un concert d'indignation en Europe, la France, elle, n'a que faiblement protesté. Pour deux excellentes raisons : Paris était déjà au courant. Et fait la même chose.
Le Monde est en mesure de révéler que la Direction générale de la sécurité extérieure (DGSE, les services spéciaux) collecte systématiquement les signaux électromagnétiques émis par les ordinateurs ou les téléphones en France, tout comme les flux entre les Français et l'étranger : la totalité de nos communications sont espionnées. L'ensemble des mails, des SMS, des relevés d'appels téléphoniques, des accès à Facebook, Twitter, sont ensuite stockés pendant des années. [36]
Big brother in australia
July 6, 2013: Classified US National Security Agency maps leaked by Mr Snowden and published by US journalist Glenn Greenwald in the Brazilian O Globo newspaper reveal the locations of dozens of US and allied signals intelligence collection sites that contribute to interception of telecommunications and internet traffic worldwide. [37]
The US Australian Joint Defence Facility at Pine Gap near Alice Springs and three Australian Signals Directorate facilities: the Shoal Bay Receiving Station near Darwin, the Australian Defence Satellite Communications Facility at Geraldton and the naval communications station HMAS Harman outside Canberra are among contributors to the NSA's collection program codenamed X-Keyscore. [38]
Big brother in latin america
July 6, 2013, O Globo: Os documentos da NSA são eloquentes. O Brasil, com extensas redes públicas e privadas digitalizadas, operadas por grandes companhias de telecomunicações e de internet, aparece destacado em mapas da agência americana como alvo prioritário no tráfego de telefonia e dados (origem e destino), ao lado de nações como China, Rússia, Irã e Paquistão. É incerto o número de pessoas e empresas espionadas no Brasil. Mas há evidências de que o volume de dados capturados pelo sistema de filtragem nas redes locais de telefonia e internet é constante e em grande escala.
Criada há 61 anos, na Guerra Fria, a NSA tem como tarefa espionar comunicações de outros países, decifrando códigos governamentais. Dedica-se, também, a desenvolver sistemas de criptografia para o governo. [39]
July 6, 2013, O Globo: Os Estados Unidos têm programas de espionagem e rastreamento funcionando em vários outros países da América Latina, além do Brasil. Documentos sigilosos da Agência de Segurança Nacional (NSA, na sigla em inglês) aos quais o GLOBO teve acesso mostram que situações similares ocorrem no México, Venezuela, Argentina, Colômbia e Equador, entre outros.
Um dos aspectos que se destaca nos documentos é que, de acordo com eles, os Estados Unidos parecem não estar interessados apenas em assuntos militares, mas também em segredos comerciais -“petróleo” na Venezuela e “energia” no México, segundo uma listagem produzida pela NSA no primeiro semestre deste ano (veja acima). [40]
Explaining the PRISM data-collection program
July 10, 2013: The top-secret PRISM program allows the U.S. intelligence community to gain access from nine Internet companies to a wide range of digital information, including e-mails and stored data, on foreign targets operating outside the United States. The program is court-approved but does not require individual warrants. Instead, it operates under a broader authorization from federal judges who oversee the use of the Foreign Intelligence Surveillance Act (FISA). Some documents describing the program were among the first documents Snowden leaked. The newly released documents give additional details about how the program operates, including the levels of review and supervisory control at the NSA and FBI. The documents also show how the program interacts with the Internet companies. [41]
The CIA’s new black bag is digital
July 17, 2013: The CIA’s clandestine service is now conducting these sorts of black bag operations on behalf of the NSA, but at a tempo not seen since the height of the Cold War. Moreover, these missions, as well as a series of parallel signals intelligence (SIGINT) collection operations conducted by the CIA’s Office of Technical Collection, have proven to be instrumental in facilitating and improving the NSA’s SIGINT collection efforts in the years since the 9/11 terrorist attacks.
Over the past decade specially-trained CIA clandestine operators have mounted over one hundred extremely sensitive black bag jobs designed to penetrate foreign government and military communications and computer systems, as well as the computer systems of some of the world’s largest foreign multinational corporations. Spyware software has been secretly planted in computer servers; secure telephone lines have been bugged; fiber optic cables, data switching centers and telephone exchanges have been tapped; and computer backup tapes and disks have been stolen or surreptitiously copied in these operations. In other words, the CIA has become instrumental in setting up the shadowy surveillance dragnet that has now been thrown into public view. Sources within the U.S. intelligence community confirm that since 9/11, CIA clandestine operations have given the NSA access to a number of new and critically important targets around the world, especially in China and elsewhere in East Asia, as well as the Middle East, the Near East, and South Asia. (I’m not aware of any such operations here on U.S. soil.) [42]
Snowden leaks
German intelligence used NSA spy program
July 20, 2013, Der Spiegel: Germany's foreign intelligence service, the BND, and its domestic intelligence agency, the Federal Office for the Protection of the Constitution (BfV), used a spying program of the American National Security Agency (NSA). The documents show that the Office for the Protection of the Constitution was equipped with a program called XKeyScore intended to "expand their ability to support NSA as we jointly prosecute CT (counterterrorism) targets." The BND is tasked with instructing the domestic intelligence agency on how to use the program, the documents say.
According to an internal NSA presentation from 2008, the program is a productive espionage tool. Starting with the metadata -- or information about which data connections were made and when -- it is able, for instance, to retroactively reveal any terms the target person has typed into a search engine, the documents show. In addition, the system is able to receive a "full take" of all unfiltered data over a period of several days -- including, at least in part, the content of communications.
This is relevant from a German perspective, because the documents show that of the up to 500 million data connections from Germany accessed monthly by the NSA, a major part is collected with XKeyScore (for instance, around 180 million in December 2012). The BND and BfV, when contacted by Spiegel, would not discuss the espionage tool. The NSA, as well, declined to comment, referring instead to the words of US President Barack Obama during his visit to Berlin and saying there was nothing to add. [43] [44]
XKeyscore
July 31, 2013, Der Spiegel: A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet. [45]
NSA funding GCHQ
August 1, 2013, The Guardian: The US government has paid at least £100m to the UK spy agency GCHQ over the last three years to secure access to and influence over Britain's intelligence gathering programmes. The top secret payments are set out in documents which make clear that the Americans expect a return on the investment, and that GCHQ has to work hard to meet their demands. "GCHQ must pull its weight and be seen to pull its weight," a GCHQ strategy briefing said.
The funding underlines the closeness of the relationship between GCHQ and its US equivalent, the National Security Agency. But it will raise fears about the hold Washington has over the UK's biggest and most important intelligence agency, and whether Britain's dependency on the NSA has become too great. [46]
Lavabit and Silent Circle shut down
August 8, 2013: Edward Snowden, the whistleblower who leaked details of the NSA's controversial PRISM surveillance program, reportedly used a secure email service called Lavabit to send messages from Russia. Now, Lavabit has abruptly shut down, in what its owner says was a difficult decision. Ladar Levison says he's shutting down the service to avoid becoming "complicit in crimes against the American people." [47]
August 8, 2013: “We knew USG would come after us”. That’s why Silent Circle CEO Michael Janke tells TechCrunch his company shut down its Silent Mail encrypted email service. It hadn’t been told to provide data to the government, but after Lavabit shut down today rather than be “complicit” with NSA spying, Silent Circle told customers it has killed off Silent Mail rather than risk their privacy.
The Silent Circle blog posts explains “We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now.” It’s especially damning considering Silent Circle’s co-founder and president is Phil Zimmermann, the inventor of widely-used email encryption program Pretty Good Privacy.[48]
Snowden leaks
Audit finds NSA repeatedly broke privacy law
August 15, 2013: The US National Security Agency violated privacy laws and operated outside its legal authority thousands of times each year after Congress expanded the reach of the agency's power in 2008, according an internal audit acquired by The Washington Post. An NSA audit dated May 2012 that was provided to the newspaper by former NSA contractor Edward Snowden earlier this summer detailed 2,776 incidents during the previous year in which the agency had unlawfully collected, accessed or distributed legally protected communications, the Post reported Thursday. [49].
NSA illegally collected thousands of us emails annually
August 21, 2013: The National Security Agency (NSA) declassified three secret court opinions Wednesday showing how in one of its surveillance programs it scooped up as many as 56,000 emails and other communications by Americans not connected to terrorism annually over three years. This latest revelation comes amid growing criticism from members of Congress and privacy rights groups about the far-reaching U.S. intelligence apparatus.
The opinions, which were authorized to be released by Director of National Intelligence James Clapper, showed that when the NSA reported its inadvertent gathering of American-based Internet traffic to the court in 2011, the Foreign Intelligence Surveillance Court ordered the agency to find ways to limit what it collects and how long it keeps it. [50]
Attempt at discrediting Snowden
August 23, 2013: The Independent understands that The Guardian agreed to the Government’s request not to publish any material contained in the Snowden documents that could damage national security. [...] But there are fears in Government that Mr Greenwald – who still has access to the files – could attempt to release damaging information. [51]
Mr. Greenwald replies via the Guardian: The NSA whistleblower says: 'I have never spoken with, worked with, or provided any journalistic materials to the Independent' [52]
Snowden leaks
The Internet as a theater of spying, sabotage and war
August 29, 2013: Former National Security Agency contractor Edward Snowden leaked the United States intelligence budget for the 2013 fiscal year to The Washington Post Thursday, revealing that U.S. spy agencies are unable to uncover what The Post calls "blind spots," where information on questions of national security remains sparse.
Despite massive spending and a broad network of surveillance and international espionage facilities, the budget reportedly explains that many key national security questions continue to elude the U.S. intelligence community. Intel on biological and chemical weapons is thin, more than a week after an alleged chemical weapons attack in Damascus may have killed as many as 1,300 people.[53]
August 30, 2013: U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents obtained by The Washington Post.
That disclosure, in a classified intelligence budget provided by NSA leaker Edward Snowden, provides new evidence that the Obama administration’s growing ranks of cyberwarriors infiltrate and disrupt foreign computer networks. [54]
NSA spied on al jazeera communications
August 31, 2013: [...] In addition to cracking the airline reservation services for Russian airline Aeroflot, accessing "Al Jazeera broadcasting internal communication" was listed as a "notable success," the document shows. The NSA said these selected targets had "high potential as sources of intelligence."
The encrypted information was forwarded to the responsible NSA departments for further analysis, according to the document, which did not reveal to what extent the intelligence agency spied on journalists or managers of the media company, or whether the surveillance is ongoing.
Previous documents have not specified that the media were spied on by the NSA. But as more information emerges, the massive scope of the organization's international surveillance of telephone and Internet communication continues to grow.[55]
Cover up program used to investigate americans
August 2013: A secretive U.S. Drug Enforcement Administration (DEA) unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.
Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges.
The undated documents show that federal agents are trained to "recreate" the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant's Constitutional right to a fair trial. If defendants don't know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence - information that could reveal entrapment, mistakes or biased witnesses. [56]
Pakistan as target
September 1, 2013: The $52.6 billion U.S. intelligence arsenal is aimed mainly at unambiguous adversaries, including al-Qaeda, North Korea and Iran. But top-secret budget documents reveal an equally intense focus on one purported ally: Pakistan.
No other nation draws as much scrutiny across so many categories of national security concern.
A 178-page summary of the U.S. intelligence community’s “black budget” shows that the United States has ramped up its surveillance of Pakistan’s nuclear arms, cites previously undisclosed concerns about biological and chemical sites there, and details efforts to assess the loyalties of counterterrorism sources recruited by the CIA. [57]
Brazil and mexico
September 1, 2013: The NSA spied on Brazilian president Dilma Rousseff and Mexican president Peña Nieto (then a candidate). The agency pulled the leader's communications from its massive, full-take databases using the Mainway, Association and Dishfire programs. [58] [59]
September 2, 2013: One of the prime targets of American spies in Brazil is far away from the center of power – out at sea, deep beneath the waves. Brazilian oil. The internal computer network of Petrobras, the Brazilian oil giant partly owned by the state, has been under surveillance by the NSA, the National Security Agency of the United States. [...] These new disclosures contradict statements by the NSA denying espionage for economic purposes.[60]
Fighting back against drones
September 3, 2013: Al-Qaeda commanders are hoping a technological breakthrough can curb the U.S. drone campaign, which has killed an estimated 3,000 people over the past decade. The airstrikes have forced al-Qaeda operatives and other militants to take extreme measures to limit their movements in Pakistan, Afghanistan, Yemen, Somalia and other places. But the drone attacks have also taken a heavy toll on civilians, generating a bitter popular backlash against U.S. policies toward those countries. [...] In July 2010, a U.S. spy agency intercepted electronic communications indicating that senior al-Qaeda leaders had distributed a "strategy guide" to operatives around the world advising them how "to anticipate and defeat" unmanned aircraft. The Defense Intelligence Agency (DIA) reported that al-Qaeda was sponsoring simultaneous research projects to develop jammers to interfere with GPS signals and infrared tags that drone operators rely on to pinpoint missile targets. [...] The technological vulnerabilities of drones are no secret. The U.S. Air Force Scientific Advisory Board issued an unclassified report two years ago warning that “increasingly capable adversaries” in countries such as Afghanistan could threaten drone operations by inventing inexpensive countermeasures. [61]
Undermining encryption on the internet
September 5, 2013: The NSA has cracked methods of encryption used by millions of people ever day for secure email, e-commerce, financial transactions and more. The NSA maintains a database of common decryption keys - some possibly stolen from private companies and collaborates with the tech industry to implant security back doors into consumer products; the U.S. works to weaken international encryption standards; and the British spy agency GCHQ implanted covert agents in technology companies. [62] [63] [64] [65] [66] [67] [68]
NSA spying on smartphones
September 7, 2013: The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. NSA documents note that the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google's Android mobile operating system. The documents state the NSA can tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been. The documents also indicate that the NSA has set up specific working groups to deal with each operating system, with the goal of gaining secret access to the data held on the phones. [69] [70]
Flying pig
September 10, 2013: There have been rumors of the NSA and others using those kinds of MITM attacks, but to have it confirmed that they're doing them against the likes of Google, Yahoo and Microsoft is a big deal -- and something I would imagine does not make any of those three companies particularly happy. As Ryan Gallagher notes: in some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route—on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates. One document published by Fantastico, apparently taken from an NSA presentation that also contains some GCHQ slides, describes “how the attack was done” to apparently snoop on SSL traffic. The document illustrates with a diagram how one of the agencies appears to have hacked into a target’s Internet router and covertly redirected targeted Google traffic using a fake security certificate so it could intercept the information in unencrypted format. [71]
Mike Masnick: Schneier also notes that this is basically the same technique the Chinese have used for their Great Firewall. In other words, the complicit nature of the telcos in basically giving the NSA and GCHQ incredibly privileged access to the backbone is part of what allows them to conduct those kinds of man-in-the-middle attacks. It still amazes me that there isn't more outrage over the role of the major telcos in all of this. [72]
Snowden leaks
NSA sharing data with israel
September 11, 2013: document shows how intelligence being shared with Israel would not be filtered in advance by NSA analysts to remove US communications [73].
Documents reveal NSA’s extensive involvement in targeted killing program
October 16, 2013: The U.S. government has never publicly acknowledged killing Ghul. But documents provided to The Washington Post by former NSA contractor Edward Snowden confirm his demise in October 2012 and reveal the agency’s extensive involvement in the targeted killing program that has served as a centerpiece of President Obama’s counterterrorism strategy.
An al-Qaeda operative who had a knack for surfacing at dramatic moments in the post-Sept. 11 story line, Ghul was an emissary to Iraq for the terrorist group at the height of that war. He was captured in 2004 and helped expose bin Laden’s courier network before spending two years at a secret CIA prison. Then, in 2006, the United States delivered him to his native Pakistan, where he was released and returned to the al-Qaeda fold.
But beyond filling in gaps about Ghul, the documents provide the most detailed account of the intricate collaboration between the CIA and the NSA in the drone campaign. [74]
NSA monitors financial world
September 16, 2013: "Money is the root of all evil," joke the intelligence agents. According to the classified documents, the spies' activities primarily focus on regions like Africa and the Middle East -- and their efforts often focus on targets that fall within their legal intelligence-gathering mandate. However, in the financial sector, just as in other areas, the NSA also relies on maximum data collection -- an approach that apparently leads to conflicts with national laws and international agreements.
Some members of the intelligence community even view spying in the global financial system with a certain amount of concern, as revealed by a document from the NSA's British counterpart -- the Government Communications Headquarters (GCHQ) -- that deals with "financial data" from a legal perspective and examines the organization's own collaboration with the NSA. According to the document, the collection, storage and sharing of "politically sensitive" data is a highly invasive measure since it includes "bulk data -- rich personal information. A lot of it is not about our targets."
Indeed, secret documents reveal that the main NSA financial database Tracfin, which collects the "Follow the Money" surveillance results on bank transfers, credit card transactions and money transfers, already had 180 million datasets by 2011. The corresponding figure in 2008 was merely 20 million. According to these documents, most Tracfin data is stored for five years [75].
GCHQ hacking belgacom
September 20, 2013: The presentation is undated, but another document indicates that access has been possible since 2010. The document shows that the Belgacom subsidiary Bics, a joint venture between Swisscom and South Africa's MTN, was on the radar of the British spies.
Belgacom, whose major customers include institutions like the European Commission, the European Council and the European Parliament, ordered an internal investigation following the recent revelations about spying by the United States' National Security Agency (NSA) and determined it had been the subject of an attack. The company then referred the incident to Belgian prosecutors. Last week, Belgian Prime Minister Elio di Rupo spoke of a "violation of the public firm's integrity."
When news first emerged of the cyber attack, suspicions in Belgium were initially directed at the NSA. But the presentation suggests that it was Belgium's own European Union partner Britain that is behind "Operation Socialist," even though the presentation indicates that the British used spying technology for the operation that the NSA had developed.
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI").[76]
Spying on indian leaders
September 23, 2013: Among the BRICS group of emerging nations, which featured quite high on the list of countries targeted by the secret surveillance programs of the U.S. National Security Agency (NSA) for collecting telephone data and internet records, India was the number one target of snooping by the American agency. [...] According to documents provided to The Hindu by NSA whistleblower Edward Snowden, the American agency carried out intelligence gathering activities in India using at least two major programs: the first one is Boundless Informant, a data-mining system which keeps track of how many calls and emails are collected by the security agency; and the second one is PRISM, a program which intercepts and collects actual content from the networks. While Boundless Informant was used for monitoring telephone calls and access to the internet in India, PRISM collected information about certain specific issues — not related to terrorism — through Google, Microsoft, Facebook, Yahoo, Apple, YouTube and several other web-based services. [77]
NSA drone document
September 25, 2013: NSA drone document – selected excerpts is released. [78] Viewing anti-drone activism as indicative of a terrorism threat is noxious. As Reprieve's Cory Crider put it yesterday, "if there were any doubt the UK was abusing its counter-terrorism powers to silence critics, this ends it." [79]
Minaret
September 25, 2013: For years the names of the surveillance targets were kept secret. But after a decision by the Interagency Security Classification Appeals Panel, in response to an appeal by the National Security Archive at George Washington University, the NSA has declassified them for the first time. The names of the NSA’s targets are eye-popping. Civil rights leaders Martin Luther King and Whitney Young were on the watch list, as were the boxer Muhammad Ali, New York Times journalist Tom Wicker, and veteran Washington Post humor columnist Art Buchwald. But perhaps the most startling fact in the declassified document is that the NSA was tasked with monitoring the overseas telephone calls and cable traffic of two prominent members of Congress, Sen. Frank Church (D-Idaho) and Sen. Howard Baker (R-Tenn.). As shocking as the recent revelations about the NSA’s domestic eavesdropping have been, there has been no evidence so far of today’s signal intelligence corps taking a step like this, to monitor the White House’s political enemies.
As the Vietnam War escalated during Lyndon B. Johnson’s presidency, domestic criticism and protest movements abounded. Protesters surrounded the Pentagon in the fall of 1967 and two years later organized demonstrations and the Moratorium to End the War in Vietnam. The scale of the dissent angered Johnson as well as his successor, Richard Nixon. As fervent anti-communists, they wondered whether domestic protests were linked to hostile foreign powers, and they wanted answers from the intelligence community. The CIA responded with Operation Chaos, while the NSA worked with other intelligence agencies to compile watch lists of prominent anti-war critics in order to monitor their overseas communications. By 1969, this program became formally known as "Minaret." [80]
Snowden leaks
NSA diagramming social networks of united states citizens
September 28, 2013: Domint Documents on N.S.A. Efforts to Diagram Social Networks of U.S. Citizens released [81]: Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.
The spy agency began allowing the analysis of phone call and e-mail logs in November 2010 to examine Americans’ networks of associations for foreign intelligence purposes after N.S.A. officials lifted restrictions on the practice, according to documents provided by Edward J. Snowden, the former N.S.A. contractor. [82]
Storage of metadata
September 30, 2013: NSA stores metadata of millions of web users for up to a year, secret files show. The National Security Agency is storing the online metadata of millions of internet users for up to a year, regardless of whether or not they are persons of interest to the agency, documents reveal. Metadata provides a record of almost anything a user does online, from browsing history – such as map searches and websites visited – to account details, email activity, and even some account passwords. This can be used to build a detailed picture of an individual's life.
The Obama administration has repeatedly stated that the NSA keeps only the content of messages and communications of people it is intentionally targeting – but internal documents reveal the agency retains vast amounts of metadata. [83]
NSA attacking tor
October 4, 2013: The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.
According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser. The NSA refers to these capabilities as CNE, or computer network exploitation. [84]
Snowden leaks
Canadian CSEC spying on brazil's ministry of mines and energy
October 6, 2013: Documentos vazados pelo americano Edward Snowden mostram que dessa vez o alvo é o Ministério de Minas e Energia. E não são só os Estados Unidos que estão envolvidos. As comunicações de computadores, telefones fixos e celulares do ministério foram mapeadas pela agência de espionagem do Canadá [85].
NSA information overload
October 14, 2013: The NSA collects over 250 million email inbox views and contact lists per year from services like Yahoo, Gmail and Facebook. It collects the data in bulk from the fiber optic cables carrying phone and Internet traffic. The collection points are outside of the united states, so the NSA is not a legally required to filter out data of americans, but according to a spokesperson it does have a policy to "minimize the acquisition, use and dissemination" of Americans' data. [86][87][88][89]
Meet the spies doing the NSA’s dirty work
November 2013: With every fresh leak, the world learns more about the U.S. National Security Agency’s massive and controversial surveillance apparatus. Lost in the commotion has been the story of the NSA’s indispensable partner in its global spying operations: an obscure, clandestine unit of the Federal Bureau of Investigation that, even for a surveillance agency, keeps a low profile. [90] [...] But the FBI is no mere errand boy for the United States’ biggest intelligence agency. It carries out its own signals intelligence operations and is trying to collect huge amounts of email and Internet data from U.S. companies — an operation that the NSA once conducted, was reprimanded for, and says it abandoned. [91] The heart of the FBI’s signals intelligence activities is an obscure organization called the Data Intercept Technology Unit, or DITU (pronounced DEE-too). The handful of news articles that mentioned it prior to revelations of NSA surveillance this summer did so mostly in passing. It has barely been discussed in congressional testimony. An NSA PowerPoint presentation given to journalists by former NSA contractor Edward Snowden hints at DITU’s pivotal role in the NSA’s Prism system — it appears as a nondescript box on a flowchart showing how the NSA "task[s]" information to be collected, which is then gathered and delivered by the DITU.
NSA tracking cellphone locations worldwide
December 4, 2013: The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable. [92]
The ACLU created Meet Jack. Or, What The Government Could Do With All That Location Data. [93]
The death of irony
December 4, 2013: University of Penn’s Secret Meetings on Secret Surveillance Law: [...] She soon passes me off to another attendee: the ACLU’s Alex Abdo.
"There’s a non-attribution agreement that applies, a 'Chatham House Rule' [94] that people here are talking about," Alex Abdo tells me. Finally, we’re getting somewhere.
Abdo is an ACLU staff attorney and participant in that organization’s National Security Project. He arrived here this morning after doing battle with the National Security Agency in U.S. District Court in Lower Manhattan the day before. Abdo is also a conference participant. At moments during our conversation, he seems embarrassed when I press him on the absurdly-ironic secrecy cloaking a conference whose very theme ostensibly seeks to take a critical look at Intelligence Community obfuscation. Hell, even several participants (including Dr. Hans Blix) during a 2006 UK conference on freedom of information and the Iraq War scoffed at invoking the Chatham House rule. [95]
The epochal batch of leaks
Many stories from Der Spiegel over the last eight months; all talkie talk, minimal docs. Suddenly the epochal batch we're looking at now. Pointedly not attributed to Snowden. Following hard upon the German delegation getting the middle finger from Ft. Meade when they asked for Five Eyes no-spy status. Der Spiegel is, shall we say, close to the German government. So blowback maybe happening, but back channel, not how we might think.
NSA's TAO Unit
December 29, 2013: The NSA's TAO hacking unit is considered to be the intelligence agency’s top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting. [96]
ANT division catalog of exploits for nearly every major software/hardware/firmware
December 30, 2013: After years of speculation that electronics can be accessed by intelligence agencies through a back door, an internal NSA catalog reveals that such methods already exist for numerous end-user devices. [97]
Organised crime infiltrated and compromised uk establishment
January 11, 2014: The thing that corruption stories -- even astounding ones like this -- teach us is that our systems need to account for the possibility that the authorities are corrupt, or sloppy, or duped. Creating laws that give police and magistrates the power to declare anything anyone does illegal, storing massive DNA databases, allowing for secret courts and warrantless surveillance, creating unaccountable systems of censorship, and letting spies run wild are all examples of systems designed on the presumption that the establishment is both uncorrupted and perpetually uncorrectable. [98]
Multistakeholder global (internet) governance?
The multistakeholder model, neo-liberalism and global (internet) governance
Gurstein writes in March 2014: What is new and somewhat startling is the full court press by the US government (USG) and its allies and acolytes among the corporate, technical and civil society participants in Internet Governance discussions to extend the use of the highly locally adapted versions of the MS model. The intent is to move the use of the MS model from the quite narrow and technical areas where it has achieved a considerable degree of success towards becoming the fundamental and effectively, only, basis on which such Internet Governance discussions are to be allowed to go forward (as per the USG’s statement concerning the transfer of the DNS management function). Notably as well "multistakeholderism" seems to have replaced "Internet Freedom" as the mobilizing Internet meme of choice ("Internet Freedom" having been somewhat discredited by post-Snowden associations of the "Internet Freedom" meme with the freedom of the USG –to "surveille", "sabotage", and "subvert" at will via the Internet). [99]
Domain name expansion signals political shift of the internet
More than 1,000 new generic top-level domain names – the part of an internet address that comes after the “dot” – are being rolled out by the International Corporation for Assigned Names and Numbers. It’s a move that will change how the internet as we know it looks and feels and has significant political implications to boot. [100]
Surveillance is about control, not security
2014, NSA Surveillance is about Control & Leverage, not Security: For more than six months, Edward Snowden’s revelations about the National Security Agency (NSA) have been pouring out from the Washington Post, the New York Times, the Guardian, Germany’s Der Spiegel, and Brazil’s O Globo, among other places. Yet no one has pointed out the combination of factors that made the NSA’s expanding programs to monitor the world seem like such a slam-dunk development in Washington. The answer is remarkably simple. For an imperial power losing its economic grip on the planet and heading into more austere times, the NSA’s latest technological breakthroughs look like a bargain basement deal when it comes to projecting power and keeping subordinate allies in line — like, in fact, the steal of the century. Even when disaster turned out to be attached to them, the NSA’s surveillance programs have come with such a discounted price tag that no Washington elite was going to reject them.
For well over a century, from the pacification of the Philippines in 1898 to trade negotiations with the European Union today, surveillance and its kissing cousins, scandal and scurrilous information, have been key weapons in Washington’s search for global dominion. Not surprisingly, in a post-9/11 bipartisan exercise of executive power, George W. Bush and Barack Obama have presided over building the NSA step by secret step into a digital panopticon designed to monitor the communications of every American and foreign leaders worldwide. [101]
Snowden leaks
Meet the muslim-american leaders the FBI have been spying on
The National Security Agency and FBI have covertly monitored the emails of prominent Muslim-Americans—including a political candidate and several civil rights activists, academics, and lawyers—under secretive procedures intended to target terrorists and foreign spies. [102]
Top Level Communications notes that the document that was published contains no evidence of any involvement of the NSA in this particular case: Everything indicates that it was actually an FBI operation, so it seems not justified to have NSA mentioned in the article. [103]
FBI and PRISM
January 2015: The National Security Agency isn’t the only government organization involved with the controversial PRISM program revealed by whistleblower Edward Snowden in June 2013. A newly declassified report reveals that the FBI has also gradually increased its involvement with the search, chat, and email collection program. The report, which still features many redactions, was released by the Justice Department as the result of a Freedom of Information Act lawsuit brought against it by the Times. It details the FBI’s increasing interest in PRISM, expanding the Bureau’s initial role as a watchdog meant to ensure Americans’ accounts weren’t scooped up, to an active participant in the program. [104]
David Cameron's plan to ban encryption in the uk
Januari 13, 2015: David Cameron says there should be no "means of communication" which "we cannot read" -- and no doubt many in his party will agree with him, politically. But if they understood the technology, they would be shocked to their boots. What David Cameron just proposed would endanger every Briton and destroy the IT industry [105]
Hackers create spy plug inspired by the NSA's surveillance kit
Leaked documents from the NSA recently revealed a covert USB stick that could be used to target secure, offline networks. But the device costs a staggering $20,000 (£13,200). Now, a team of hackers has created its own version of the surveillance kit using a cheap circuit board and other parts that total just $20 (£13).[106]
DEA operations exposed
April 8, 2015: Rights group sues DEA over bulk collection of phone records: Opening another front in the legal challenges to U.S. government surveillance, a human rights group has sued the Drug Enforcement Administration for collecting bulk records of Americans' telephone calls to some foreign countries.
Lawyers for Human Rights Watch filed the lawsuit on Tuesday in U.S. District Court in Los Angeles. The lawsuit asks a judge to declare unlawful the DEA program, which ended in September 2013 after about 15 years, and to bar the DEA from collecting call records in bulk again. [107]
April 9, 2015: DEA Global Surveillance Dragnet Exposed; Access to Data Likely Continues: The vast program reported on by USA Today shares some of the same hallmarks of Project Crisscross: it began in the early 1990s, was ostensibly aimed at gathering intelligence about drug trafficking, and targeted countries worldwide, with focus on Central and South America.
It is also reminiscent of the so-called Hemisphere Project, a DEA operation revealed in September 2013 by The New York Times, which dated as far back as 1987, and used subpoenas to collect vast amounts of international call records every day. [108]
It's politics!
June 4, 2015: A bipartisan group of Washington lawmakers solicited details from Pentagon officials that they could use to "damage" former NSA contractor Edward Snowden's "credibility in the press and the court of public opinion."
That's according to declassified government documents obtained by VICE News in response to a long-running Freedom of Information Act (FOIA) lawsuit. The lawmakers' requests for information were made in December 2013 and again in February 2014, following classified briefings top officials at the Defense Intelligence Agency (DIA) held for oversight committees in the House and Senate about a DIA assessment of the alleged damage to national security caused by Snowden's leak of top-secret documents to journalists Glenn Greenwald, Barton Gellman, and Laura Poitras. [109]
Documents reveal secret memos expanding spying in 2012
June 4, 2015: Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.
In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.
The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought permission to target hackers even when it could not establish any links to foreign powers. [110]
Edward Snowden: The world says no to surveillance
For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason. With each court victory, with every change in the law, we demonstrate facts are more convincing than fear. As a society, we rediscover that the value of a right is not in what it hides, but in what it protects. [111].
Related
- Timeline merchants of death
- Petty tyrants
- Covert operations
- Psychological warfare
- Propaganda
- Surveillance
- Biometrics
References
- ↑ Monde Diplo: Masters of the Internet http://mondediplo.com/2013/02/15internet
- ↑ Surveillance Blowback: The Making of the U.S. Surveillance State, 1898-2020 http://www.tomdispatch.com/blog/175724/alfred_mccoy_surveillance_blowback
- ↑ Interception Capabilities 2000 http://fas.org/irp/eprint/ic2000/ic2000.htm
- ↑ Cryptome: NSA FOIA appeal http://cryptome.org/nsa-foia-app2.htm
- ↑ Cryptome: NSTISSAM TEMPEST/2-95, 12 December 1995 - "Red/Black Installation Guidance" http://cryptome.org/tempest-2-95.htm
- ↑ Cryptome: Specification NSA No. 94-106, 24 October 1994 - Specification for Shielded Enclosures http://cryptome.org/nsa-94-106.htm
- ↑ Cryptome: NACSIM 5000, 1 February 1982 - TEMPEST Fundamentals http://cryptome.org/nacsim-5000.htm
- ↑ Cryptome: NSTISSI 7000, 29 November 1993 - "TEMPEST Countermeasures for Facilities." http://cryptome.org/nstissi-7000.htm
- ↑ Cryptome: NACSEM 5112, NONSTOP Evaluation Techniques http://cryptome.org/nacsem-5112.htm
- ↑ Salon: “Body of Secrets” by James Bamford http://www.salon.com/2001/04/25/nsa_3/
- ↑ Information Leakage from Optical Emanations http://applied-math.org/optical_tempest.pdf
- ↑ US army to produce Mid-East comic http://news.bbc.co.uk/2/hi/middle_east/4396351.stm
- ↑ US plans to 'fight the net' revealed http://news.bbc.co.uk/2/hi/americas/4655196.stm
- ↑ Wired: Point, Click ... Eavesdrop: How the FBI Wiretap Net Operates http://archive.wired.com/politics/security/news/2007/08/wiretap?currentPage=all
- ↑ Raw obtains CENTCOM email to bloggers http://www.rawstory.com/news/2006/Raw_obtains_CENTCOM_email_to_bloggers_1016.html
- ↑ Air Force Releases ‘Counter-Blog’ Marching Orders http://www.wired.com/2009/01/usaf-blog-respo/
- ↑ Sentient world: war games on the grandest scale http://www.theregister.co.uk/2007/06/23/sentient_worlds/
- ↑ InfoWorld: Hackers find a new place to hide rootkits http://www.infoworld.com/article/2653209/security/hackers-find-a-new-place-to-hide-rootkits.html
- ↑ Phrack: System Management Mode Hack: Using SMM for "Other Purposes" http://phrack.org/issues/65/7.html
- ↑ Cryptome: LETF 2010 http://cryptome.org/2012/08/fbi-spy-letf.pdf
- ↑ Transnational CLEAN IT: the secret EU surveillance plan that wasn't, October 2012 http://www.tni.org/article/clean-it-secret-eu-surveillance-plan-wasnt
- ↑ What is known about NSA's PRISM program http://electrospaces.blogspot.nl/2014/04/what-is-known-about-nsas-prism-program.html
- ↑ Guardian: Obama orders US to draw up overseas target list for cyber-attacks http://www.theguardian.com/world/2013/jun/07/obama-china-targets-cyber-overseas
- ↑ Boundless Informant: NSA explainer – full document text http://www.theguardian.com/world/interactive/2013/jun/08/boundless-informant-nsa-full-text
- ↑ Top Level Communications: Screenshots from BOUNDLESSINFORMANT can be misleading http://electrospaces.blogspot.nl/2013/11/screenshots-from-boundlessinformant-can.html
- ↑ South China Morning Post: Edward Snowden: US government has been hacking Hong Kong and China for years http://www.scmp.com/news/hong-kong/article/1259508/edward-snowden-us-government-has-been-hacking-hong-kong-and-china
- ↑ There is an NSA/CIA hybrid agency That May Explain Snowden’s Involvement in SIGINT and HUMINT http://leaksource.info/2013/06/14/there-is-an-nsacia-hybrid-agency-that-may-explain-snowdens-involvement-in-sigint-and-humint/
- ↑ Guardian: GCHQ intercepted foreign politicians' communications at G20 summits http://www.theguardian.com/uk/2013/jun/16/gchq-intercepted-communications-g20-summits
- ↑ G20 summit: NSA targeted Russian president Medvedev in London http://www.theguardian.com/world/2013/jun/16/nsa-dmitry-medvedev-g20-summit
- ↑ GCHQ surveillance – the documents http://www.theguardian.com/uk/interactive/2013/jun/16/gchq-surveillance-the-documents
- ↑ The top secret rules that allow NSA to use US data without a warrant http://www.theguardian.com/world/2013/jun/20/fisa-court-nsa-without-warrant
- ↑ GCHQ taps fibre-optic cables for secret access to world's communications http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa
- ↑ NSA inspector general report on email and internet data collection under Stellar Wind – full document http://www.theguardian.com/world/interactive/2013/jun/27/nsa-inspector-general-report-document-data-collection
- ↑ Der Spiegel: Attacks from America: NSA Spied on European Union Offices http://www.spiegel.de/international/europe/nsa-spied-on-european-union-offices-a-908590.html
- ↑ Der Spiegel: NSA Snoops on 500 Million German Data Connections http://www.spiegel.de/international/germany/nsa-spies-on-500-million-german-data-connections-a-908648.html
- ↑ Le Monde: Révélations sur le Big Brother français http://www.lemonde.fr/societe/article/2013/07/04/revelations-sur-le-big-brother-francais_3441973_3224.html
- ↑ EUA expandem o aparato de vigilância continuamente http://oglobo.globo.com/mundo/eua-expandem-aparato-de-vigilancia-continuamente-8941149
- ↑ The Sydney Morning Herald: Australia aids in covert data collection http://www.smh.com.au/world/snowden-reveals-australias-links-to-us-spy-web-20130708-2plyg.html
- ↑ O Globo: EUA espionaram milhões de e-mails e ligações de brasileiros http://oglobo.globo.com/mundo/eua-espionaram-milhoes-de-mails-ligacoes-de-brasileiros-8940934
- ↑ O Globo: Espionagem dos EUA se espalhou pela América Latina http://oglobo.globo.com/mundo/espionagem-dos-eua-se-espalhou-pela-america-latina-8966619
- ↑ Washington Post: NSA slides explain the PRISM data-collection program http://www.washingtonpost.com/wp-srv/special/politics/prism-collection-documents/
- ↑ Foreign policy: The CIA’s New Black Bag Is Digital http://foreignpolicy.com/2013/07/17/the-cias-new-black-bag-is-digital/
- ↑ Der Spiegel: German Intelligence Used NSA Spy Program http://www.spiegel.de/international/germany/german-intelligence-agencies-used-nsa-spying-program-a-912173.html
- ↑ Obama Visit Highlights 'Genuine Trans-Atlantic Dissonance' http://www.spiegel.de/international/world/german-press-reactions-to-us-president-obama-berlin-visit-a-906894.html
- ↑ XKeyscore: NSA tool collects 'nearly everything a user does on the internet' http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data
- ↑ The Guardian: NSA pays £100m in secret funding for GCHQ http://www.theguardian.com/uk-news/2013/aug/01/nsa-paid-gchq-spying-edward-snowden
- ↑ The Verge: Email service used by Edward Snowden abruptly shuts down, to avoid 'crimes against the American people' http://www.theverge.com/2013/8/8/4602966/email-service-used-by-edward-snowden-abruptly-shuts-down-to-avoid
- ↑ Silent Circle Preemptively Shuts Down Encrypted Email Service To Prevent NSA Spying http://techcrunch.com/2013/08/08/silent-circle-preemptively-shuts-down-encrypted-email-service-to-prevent-nsa-spying/
- ↑ Al Jazeera: Audit finds NSA repeatedly broke privacy law http://america.aljazeera.com/articles/2013/8/15/nsa-broke-privacylawthousandsoftimesaccordingtointernalaudit.html
- ↑ Al Jazeera: NSA illegally collected thousands of US emails annually http://america.aljazeera.com/articles/2013/8/21/nsa-collected-tensofthousandsofuscommunications.html
- ↑ The Independent: UK’s secret Mid-East internet surveillance base is revealed in Edward Snowden leaks http://www.independent.co.uk/news/uk/politics/exclusive-uks-secret-mideast-internet-surveillance-base-is-revealed-in-edward-snowden-leaks-8781082.html
- ↑ Snowden: UK government now leaking documents about itself http://www.theguardian.com/commentisfree/2013/aug/23/uk-government-independent-military-base
- ↑ Al Jazeera: Snowden leaks intelligence 'black budget' to Washington Post http://america.aljazeera.com/articles/2013/8/29/nsa-snowden-leaksblackbudgettowashingtonpost.html
- ↑ Washington Post: U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show http://www.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html
- ↑ Der Spiegel: NSA Spied On Al Jazeera Communications http://www.spiegel.de/international/world/nsa-spied-on-al-jazeera-communications-snowden-document-a-919681.html
- ↑ U.S. directs agents to cover up program used to investigate Americans http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE97409R20130805
- ↑ September 2, 2013: Washington Post: Top-secret U.S. intelligence files show new levels of distrust of Pakistan http://www.washingtonpost.com/world/national-security/top-secret-us-intelligence-files-show-new-levels-of-distrust-of-pakistan/2013/09/02/e19d03c2-11bf-11e3-b630-36617ca6640f_story.html
- ↑ O Globo:Documentos revelam esquema de agência dos EUA para espionar Dilma http://g1.globo.com/fantastico/noticia/2013/09/documentos-revelam-esquema-de-agencia-dos-eua-para-espionar-dilma-rousseff.html
- ↑ Veja os documentos ultrassecretos que comprovam espionagem a Dilma http://g1.globo.com/fantastico/noticia/2013/09/veja-os-documentos-ultrassecretos-que-comprovam-espionagem-dilma.html
- ↑ NSA Documents Show United States Spied Brazilian Oil Giant http://g1.globo.com/fantastico/noticia/2013/09/nsa-documents-show-united-states-spied-brazilian-oil-giant.html
- ↑ Washington Post: U.S. documents detail al-Qaeda’s efforts to fight back against drones http://www.washingtonpost.com/world/national-security/us-documents-detail-al-qaedas-efforts-to-fight-back-against-drones/2013/09/03/b83e7654-11c0-11e3-b630-36617ca6640f_story.html
- ↑ The Guardian: http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
- ↑ The Guardian: http://www.theguardian.com/world/interactive/2013/sep/05/nsa-classification-guide-cryptanalysis
- ↑ The Guardian: http://www.theguardian.com/world/interactive/2013/sep/05/nsa-project-bullrun-classification-guide
- ↑ The Guardian: http://www.theguardian.com/world/interactive/2013/sep/05/sigint-nsa-collaborates-technology-companies
- ↑ NY Times: http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html
- ↑ NY Times: http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html
- ↑ Pro Publica: http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption
- ↑ Der Spiegel: Privacy scandal: NSA can spy on smart phone data http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html
- ↑ Der Spiegel: iSpy: How the NSA accesses smartphone data http://www.spiegel.de/international/world/how-the-nsa-spies-on-smartphones-including-the-blackberry-a-921161.html
- ↑ Techdirt Flying Pig: The NSA Is Running Man In The Middle Attacks Imitating Google's Servers https://www.techdirt.com/articles/20130910/10470024468/flying-pig-nsa-is-running-man-middle-attacks-imitating-googles-servers.shtml
- ↑ How The NSA Pulls Off Man-In-The-Middle Attacks: With Help From The Telcos https://www.techdirt.com/articles/20131004/10522324753/how-nsa-pulls-off-man-in-the-middle-attacks-with-help-telcos.shtml
- ↑ The Guardian: NSA and Israeli intelligence: memorandum of understanding – full document http://www.theguardian.com/world/interactive/2013/sep/11/nsa-israel-intelligence-memorandum-understanding-document
- ↑ Documents reveal NSA’s extensive involvement in targeted killing program http://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_story.html
- ↑ Der Spiegel: 'Follow the Money': NSA Monitors Financial World http://www.spiegel.de/international/world/how-the-nsa-spies-on-international-bank-transactions-a-922430.html
- ↑ Der Spiegel: Belgacom Attack: Britain's GCHQ Hacked Belgian Telecoms Firm http://www.spiegel.de/international/europe/british-spy-agency-gchq-hacked-belgian-telecoms-firm-a-923406.html
- ↑ The Hindu: India among top targets of spying by NSA http://www.thehindu.com/news/national/india-among-top-targets-of-spying-by-nsa/article5157526.ece
- ↑ The Guardian: NSA drone document – selected excerpts http://www.theguardian.com/world/interactive/2013/sep/25/nsa-documents-top-secret-excerpts
- ↑ UK detention of Reprieve activist consistent with NSA's view of drone opponents as 'threats' and 'adversaries' http://www.theguardian.com/commentisfree/2013/sep/25/nsa-uk-drone-opponents-threats
- ↑ Foreign Policy Investigation: Secret Cold War Documents Reveal NSA Spied on Senators http://foreignpolicy.com/2013/09/25/secret-cold-war-documents-reveal-nsa-spied-on-senators/
- ↑ NY Times: Documents on N.S.A. Efforts to Diagram Social Networks of U.S. Citizens http://www.nytimes.com/interactive/2013/09/29/us/documents-on-nsa-efforts-to-diagram-social-networks-of-us-citizens.html
- ↑ NY Times: N.S.A. Gathers Data on Social Connections of U.S. Citizens http://www.nytimes.com/2013/09/29/us/nsa-examines-social-networks-of-us-citizens.html
- ↑ The Guardian: NSA stores metadata of millions of web users for up to a year, secret files show http://www.theguardian.com/world/2013/sep/30/nsa-americans-metadata-year-documents
- ↑ Attacking Tor: how the NSA targets users' online anonymity http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity
- ↑ O Globo: Ministério de Minas e Energia está na mira de espiões americanos e canadenses http://g1.globo.com/fantastico/noticia/2013/10/ministerio-das-minas-e-energia-esta-na-mira-de-espioes-americanos-e-canadenses.html
- ↑ The Washington Post: NSA collects millions of e-mail address books globally http://www.washingtonpost.com/world/national-security/nsa-collects-millions-of-e-mail-address-books-globally/2013/10/14/8e58b5be-34f9-11e3-80c6-7e6dd8d22d8f_story.html
- ↑ Apps Washington Post: The NSA's problem? Too much data. http://apps.washingtonpost.com/g/page/world/the-nsas-overcollection-problem/517/
- ↑ Apps Washington Post: SCISSORS: How the NSA collects less data http://apps.washingtonpost.com/g/page/world/how-the-nsa-tried-to-collect-less/518/
- ↑ Apps Washington Post: An excerpt from the NSA's Wikipedia http://apps.washingtonpost.com/g/page/world/an-excerpt-from-intellipedia/519/
- ↑ Meet the Spies Doing the NSA’s Dirty Work http://foreignpolicy.com/2013/11/21/meet-the-spies-doing-the-nsas-dirty-work/
- ↑ Spy Copters, Lasers, and Break-In Teams How the FBI keeps watch on foreign diplomats http://foreignpolicy.com/2013/11/19/spy-copters-lasers-and-break-in-teams/
- ↑ NSA tracking cellphone locations worldwide, Snowden documents show http://www.washingtonpost.com/world/national-security/nsa-tracking-cellphone-locations-worldwide-snowden-documents-show/2013/12/04/5492873a-5cf2-11e3-bc56-c6ca94801fac_story.html
- ↑ Meet Jack. Or, What The Government Could Do With All That Location Data https://www.aclu.org/feature/meet-jack?redirect=meet-jack-or-what-government-could-do-all-location-data
- ↑ Chatham House Rule http://www.chathamhouse.org/about/chatham-house-rule
- ↑ The Death of Irony: University of Penn’s Secret Meetings on Secret Surveillance Law http://mediaroots.org/the-death-of-irony-or-university-of-penns-secret-meetings-on-secret-surveillance-law/
- ↑ NSA’s "Tailored Access Operations" Elite Hacking Unit Revealed http://leaksource.info/2013/12/30/nsas-tailored-access-operations-elite-hacking-unit-revealed/
- ↑ Leaksource: NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware http://leaksource.info/2013/12/30/nsas-ant-division-catalog-of-exploits-for-nearly-every-major-software-hardware-firmware/
- ↑ BoinBoing Total corruption: Organised crime infiltrated and compromised UK courts, police, HMRC, Crown Prosecution Service, prisons, and juries http://boingboing.net/2014/01/11/total-corruption-organised-cr.html
- ↑ The Multistakeholder Model, Neo-liberalism and Global (Internet) Governance https://gurstein.wordpress.com/2014/03/26/the-multistakeholder-model-neo-liberalism-and-global-internet-governance/
- ↑ Domain name expansion signals political shift of the internet https://theconversation.com/domain-name-expansion-signals-political-shift-of-the-internet-22865
- ↑ NSA Surveillance is about Control & Leverage, not Security http://www.juancole.com/2014/01/surveillance-leverage-security.html
- ↑ The Intercept: Meet the Muslim-American Leaders the FBI and NSA Have Been Spying On https://firstlook.org/theintercept/2014/07/09/under-surveillance/
- ↑ Top Level Communications: Document shows that it was not NSA, but FBI that monitored 5 Americans http://electrospaces.blogspot.nl/2014/07/document-shows-that-it-was-not-nsa-but.html#uds-search-results
- ↑ The FBI took advantage of the NSA’s PRISM program http://pando.com/2015/01/12/the-fbi-took-advantage-of-the-nsas-prism-program/
- ↑ BoingBoing: What David Cameron just proposed would endanger every Briton and destroy the IT industry http://boingboing.net/2015/01/13/what-david-cameron-just-propos.html
- ↑ When USBs attack: Hackers create spy plug inspired by the NSA's surveillance kit - and it costs just £13 to make http://www.dailymail.co.uk/sciencetech/article-2920419/When-USBs-attack-Hackers-create-covert-spy-plug-inspired-NSA-s-Cottonmouth-surveillance-kit.html
- ↑ Reuters: Rights group sues DEA over bulk collection of phone records http://www.reuters.com/article/2015/04/08/us-usa-dea-lawsuit-idUSKBN0MZ1F720150408
- ↑ DEA Global Surveillance Dragnet Exposed; Access to Data Likely Continues https://firstlook.org/theintercept/2015/04/08/dea-surveillance-phone-records-crisscross-nsa/
- ↑ Inside Washington's Quest to Bring Down Edward Snowden https://news.vice.com/article/exclusive-inside-washingtons-quest-to-bring-down-edward-snowden
- ↑ ProPublica: New Snowden Documents Reveal Secret Memos Expanding Spying https://www.propublica.org/article/new-snowden-documents-reveal-secret-memos-expanding-spying
- ↑ Edward Snowden: The World Says No to Surveillance http://www.nytimes.com/2015/06/05/opinion/edward-snowden-the-world-says-no-to-surveillance.html