Items tagged with NSA

We wrote a couple of days ago about a huge treasure trove of alleged NSA-derived exploits that were hitting the market. That gold mine was accessed by a group calling itself Shadow Brokers, and it's been said that their source was Equation Group, which is believed to be an extension of the NSA. At that time, there was no proof that any of the exploits contained in the collection were still valid. Quickly, some noted that a few of the targets were already patched, leading the rest of us to believe that the entire collection came a bit too late. However, anyone who thought that might have to back it up a wee bit, as Cisco has today confirmed that one of the exploits contained within that collection... Read more...
A hacking group that calls itself Shadow Brokers claims to have stolen sophisticated surveillance tools previously used by a group of high-tech hackers with ties to the U.S. National Security Agency (NSA). The group announced plans to auction off the tools, though security experts aren't sure if what they have is the real deal or if this is an elaborate hoax.In a post that's since been removed on Tumblr, the hacking group said it's in possession of cyber weapons made by the creators of Duqu, Flame, and Stuxnet and that this cache of tools is even more dangerous. Stuxnet is still considered one of the most advanced computer worms ever built. It's widely credited to the United States and Israel... Read more...
It looks as though the National Security Agency (NSA) crown jewels are about to be fondled by the rest of America’s intelligence agencies. The NSA monitors and collects various types of communications including emails, phone calls, and even transmissions conducted by our foreign allies (and foes). As we learned from the the Edward Snowden leaks, this information is stored in bulk and is one of the reasons for the ever-increasing use of encryption in our smartphones (see Apple vs FBI). Historically, the data collected has mainly been kept within the halls of the NSA and only offered to other intelligence agencies — i.e. the CIA and the FBI — after being scrubbed of “irrelevant” identifiable personal... Read more...
If you're passionate about the topics of privacy, government surveillance, and security and also how they relate to the FBI and DOJ's fight to unlock that fateful San Bernardino iPhone, the whole situation likely pales in comparison to what communist countries like China force their citizens to tolerate. In an effort to root out threats to society, the Chinese Communist Party has contracted for development of a data analytics technology of sorts that is best described as taking a page straight out of the 2002 movie staring Tom Cruise called Minority Report. Credit: Flickr TadokoroAs Bloomberg reports, a top Chinese contractor by the name of China Electronics Technology Group is developing a big... Read more...
It's easier than ever to protect data online and elsewhere. Encryption is ubiquitous and while it's impossible to insure that your data well-secured from the likes of the government, there's no excuse for not taking important steps to increase your own personal protection as much as possible. That latter is especially true when you consider the fact that the FBI has a seemingly unlimited amount of resources to "counter the threat" of encryption. Humorously, many people who use encryption aim to "counter the threat" of the FBI or other government agencies. And according to the agency's 2017 budget request, the FBI is seeking another $38.3 million (on top of $31 million already appropriated) to... Read more...
If you think that the likes of the NSA needs to rely on zero-day exploits to get their job done, you apparently have things completely wrong. At the USENIX Enigma security conference in San Francisco this week, the NSA's chief of Tailored Access Operations, Rob Joyce said that it's his team's sheer talent makes its attacks successful, not simple flaws waiting to be exploited. While it does seem likely that the NSA makes use of zero-day exploits when the juicier ones are found, Joyce says that it's not as though his team simply has a "skeleton key" that's able to open any door it chooses. Instead, "persistence and focus will get you in." He continued that "There's so many more vectors that are... Read more...
While many of us were seeking out the hottest deals this weekend, the US government carried out the greatest reduction of its spying efforts since they were expanded-upon following the attacks of Sept 11, 2001. Adhering to a law passed some six months ago, the National Security Agency is no long allowed to blindly pull down phone records of millions of Americans, a move that's being considered a major win by privacy advocates. Effective immediately, if the NSA wants to gather phone data on a target, it must get a court order and work with phone carriers to enable monitoring, and only for up to six months. This change comes two weeks after Daesh (ISIS/ISIL) struck Paris in a terrorist attack,... Read more...
In the "vast majority of cases," when the U.S. government is made aware of a software vulnerability, it discloses that information to the vendor so that it can issue a patch to the public. What constitutes a "vast majority?" Nine times out of 10, or 91 percent of the time, according to the U.S. National Security Agency's own books. What about the other 9 percent of the time? The zero-day threats the NSA doesn't disclose are those that the vendors fixed before they were notified or, simply put, don't get disclosed in the interest of national security. "The National Security Council has an interagency process to consider when to disclose vulnerabilities," the NSA said. "The process requires the... Read more...
Following the revelations from Edward Snowden that the U.S. has engaged in wide-scale surveillance programs that spy not only Americans, but also ally nations, many in the tech industry have called for even tougher software encryption to keep law enforcement and government agencies from overstepping their bounds with regards to citizens’ privacy. “Technologists have worked tirelessly to re-engineer the security of the devices that surround us, along with the language of the Internet itself,” said Snowden in a June op-ed for The New York Times. “Secret flaws in critical infrastructure that had been exploited by governments to facilitate mass surveillance have been detected and corrected. Basic... Read more...
While the NSA had the support of all US telcos with its spying efforts, it's come to light that none offered the level of assistance that AT&T did. Recent documents that are part of the ongoing Snowden leaks show the NSA heaping a bit of praise on its relationship with AT&T, saying it was "highly collaborative" and that the company had an "extreme willingness to help." Beginning in 2003 and leading up to the time Edward Snowden blew the doors off the far-reaching spy efforts, AT&T gave the NSA access to an enormous amount of information through many methods under different legal rules. In particular, AT&T saw no issue with supplying "billions" of emails to the NSA as they passed... Read more...
It's been a full two years since Edward Snowden blew the whistle on the massive spying efforts of the NSA, and despite the sheer amount of information and revelations that have come out since then, there still seems to be a lot more to come. The latest reveal involves the NSA running an intrusion detection system on the Internet's backbone, something it was granted permission for behind-the-scenes. It's reported that in 2012, the Justice Department wrote secret memos to grant the agency the ability to monitor addresses that exhibited security risk behavior. It's important to note that this permission allows this intrusion only if the source is a foreign government. NSA Headquarters in Fort Meade,... Read more...
Edward Snowden, a former contractor for the National Security Agency who leaked confidential documents and information to the press regarding the U.S. government's PRISM program, says he has never been "so wrong," and for that he's "grateful." Let's add some context, shall we? Snowden says he was wrong to worry that his efforts and the risk he and the journalists who broke the story over the NSA's bulk collection of phone records would have been for nothing, "that the public would react with indifference, or practiced cynicism, to the revelations." "Never have I been so grateful to have been so wrong," Snowden said as part of an editorial celebrating the recent forced expiration... Read more...
In a 67-32 vote, the U.S. Senate passed an amended version of the USA Freedom Act, which among other things changes the way the National Security Agency can tap into phone records. The NSA can no longer collect phone records in bulk as it was allowed to do before that provision of the post-911 Patriot Act expired, and instead requires telecoms to store the records.The government can still access those records, but would need a court order. Part of the intent is that the NSA will only see phone records belonging to targeted individuals suspected of terrorism, as opposed to records belonging to thousands of individuals. It's an amendment to Section 215 of the Patriot Act, one of three key provisions... Read more...
Senator Rand Paul, a presidential hopeful for the Republican party, was ultimately successful in his ongoing effort to prevent the U.S. Senate from voting on extensions to key provisions of the Patriot Act. As a result, the National Security Agency's legal authority to collect telephone records in bulk expired at the stroke of midnight Monday."Tonight we stopped the illegal NSA bulk data collection. This is a victory no matter how you look at it," Rand said in a statement. "It might be short lived, but I hope that it provides a road for a robust debate, which will strengthen our intelligence community, while also respecting our Constitution."Image Source: Flickr (Ashleigh Nushawg)There were three... Read more...
The fate of the National Security Agency's ability to collect phone records on a mass scale has yet to be determined as the Senate continues to shoot down measures passed by the House of Representatives. One of those measures was the USA Freedom Act, a bill that would effectively put an end to bulk telephone data collection.It's a bill that President Barack Obama and his administration adamantly supported. The House of Representatives also was favor of the USA Freedom Act, as both Republicans and Democrats came together to approve the measure with a majority 338-to-88 vote. However, the bill stalled in the Senate, where it was shot down by a 57-to-42 vote, coming up three votes short of the 60... Read more...
Sen. Rand Paul spoke for nearly 10 and a half hours yesterday protesting the Patriot Act, which is soon to expire and is up for renewal. His attempted filibuster began at 1:18 PM and ended at 11:49 PM, though it wasn't quite as long as a 13-hour speech he gave two years ago on the topic of drones and to delay voting on the nomination of John O. Brennan as the Director of the CIA. This time around, the presidential candidate spoke out against the bulk collection of phone records that the National Security Agency (NSA) has been allowed to do as part of the Patriot Act. The apparent strategy is to prevent Congress from passing legislation to either continue or reform parts of the Patriot Act before... Read more...
If you thought that there couldn't possibly be more unbelievable stories to stem from Edward Snowden's leaks, you're sorely mistaken. Today, we learn of a truly appalling effort that the NSA and its partners worked together on to intercept Android users' connections to install malware and soak up information. The NSA's partners in crime are part of a group called 'Five Eyes', and in addition to the US, included countries are Canada, the UK, New Zealand, and Australia. Given other revelations that have trickled out in the past, this list shouldn't come as much of a surprise. The UK's GCHQ, which regularly works with the NSA on joint projects One of the Five Eyes' focal points was UC Browser, a... Read more...
In a 338-to-88 vote, the U.S. House of Representatives yesterday showed strong support for the USA Freedom Act, a bill that would effectively end the National Security Agency's ability to collect phone records on a mass scale. It would also make other changes to the scope of the NSA's surveillance program, though a similar bill was voted down in the Senate last year. "All I know is, these programs expire at the end of this month. They are critically important to keep Americans safe," House Speaker John A. Boehner (R-Ohio) said ahead of the vote. "The House is going to act, and I would hope the Senate would act soon as well." There's a division among politicians in how to balance civil liberties... Read more...
The NSA’s practice of collecting the phone records of Americans is illegal, a Federal appeals court ruled today. The new decision in the case brought by the American Civil Liberties Union (ACLU) effectively kills the NSA’s position that its data collection practice was authorized by section 215 of the Patriot Act. Overturning an earlier opinion, the Federal appeals court wrote that “the bulk telephone metadata program is not authorized by section 215 (of the Patriot Act).” The decision doesn’t necessarily mean an end to the government’s data collection program, however. In its opinion, the Federal court points out that the program is merely not authorized by the Patriot Act and suggests that... Read more...
Here we go again. This past November, the US' Department of Justice latched onto public heartstrings by saying that encryption on mobile phones could lead to the death of children, and in January, president Obama followed-up to plainly say that encryption should under no circumstance hinder police and spy agencies. The government can say what it wants, of course, but that doesn't mean that whatever it suggests will be kosher as far as our civil liberties go. Looking beyond the fact that criminals can benefit from encryption (just as they can benefit from a slew of other things), it stands to reason that citizens have the right to protect themselves from the prying eyes of the government. Even... Read more...
U.S. President Barack Obama is getting a little hot under the collar, and we’re not talking about the speech that Israeli Prime Minister Benjamin Netanyahu gave this morning. Instead, President Obama is troubled over new regulations that are being proposed by the Chinese government, which would affect American tech companies that conduct business within China’s borders. President Obama is fearful that China’s plans — which include allowing the Chinese government to install security backdoors, requiring companies to hand over encryption keys, and keeping user data on Chinese soil — are an assault on intellectual property held by American companies and leaves customers open to privacy violations.... Read more...
Dutch SIM card maker Gemalto has been enduring unwanted media attention for the past few weeks after reports surfaced that Britain’s GCHQ and the United States’ NSA may have breached the company’s networks. Today, Gemalto released a statement acknowledging that an attack in 2010 was probably the work of the spy agencies, but denied that they now had access to the encryption keys for millions of SIM cards.“If we look back at the period covered by the documents from the NSA and GCHQ, we can confirm that we experienced many attacks,” the company said in a statement. “In particular, in 2010 and 2011, we detected two particularly sophisticated intrusions which could be related to the operation."GCHQBut... Read more...
Prev 1 2 3 4 5 Next ... Last