Items tagged with Snowden
Over the past year, as criticism and anger have built over the NSA's numerous excesses and abuses of American civil rights, it's been easy to forget that underneath the justified anger, a genuine war has been raging. The NSA may have overreached in many respects, but that doesn't mean the government agency has invented problems from whole cloth -- and a new report drives that point home. According to the New York Times, top government officials have stated that Chinese hackers penetrated US government networks in March, potentially gaining access to thousands of dossiers on exactly which US citizens have applied for and been granted Top Secret clearance. The federal government did succeed in...
Read more...
The good news, if you can call it that, is that after polling hundreds of technology experts, the Pew Research Internet Project found that they don’t believe that cybercrime or hacking are the chief problems facing the Internet by 2025. Unfortunately, that’s because they believe there are other problems that will be worse. Those problems center around government and business interference with access and security as well as the curious issue of having too much information available. To be clear, this isn’t a study per se; Pew polled thousands of individuals in the tech field that it identified as experts with the following prompt: By 2025, will there be significant changes...
Read more...
Ever since Edward Snowden leaked details on how the government had forced various IT companies to disclose information (or secured their willing cooperation), companies like Google, Facebook, and Microsoft have been desperate to regain their users' trust. Six months ago, Microsoft announced that it would reengineer its products and services to provide a much higher level of security -- today, the company revealed that its reached an important milestone in that process. As of now, Outlook.com uses TLS (Transport Layer Security) to provide end-to-end encryption for inbound and outbound email -- assuming that the provider on the other end also uses TLS. The TLS standard has been in the news fairly...
Read more...
Today, the Supreme Court issued a landmark decision on data privacy, holding 9-0 that neither police officers nor federal law enforcement have a unilateral right to search cell phones without first procuring a warrant. Prior to today, the government had previously argued that the police could search a cell phone under previous court rulings that extended such rights in limited cases, including incidents where the officers on the scene had reason to believe evidence could be destroyed or that the evidence was on the individual (or within arms' reach). What the Court recognized today is that a cell phone is something unique from a pack of cigarettes or a glove compartment that might contain a firearm....
Read more...
Ever since 9/11 and the passage of the Patriot Act, the federal government has pursued an aggressive set of data collection policies and surveillance practices. Edward Snowden's leaks last year may have raised public awareness of many of these events, but simply being aware of practices doesn't do a thing to stop them. Recent court decisions, however, could be a sign that the wall of secrecy the NSA has constructed to veil its actions is cracking -- with profound long-term implications. First, earlier this week, the 11th Circuit Court of Appeals ruled in United States v. Davis that cell phone users do have an expectation of privacy and that they do not "reasonably" understand that information...
Read more...
Last week, the ACLU was scheduled to meet with local police in Sarasota Florida to discuss the use of cell phone interception towers, dubbed stingrays, that are an increasingly common feature of federal and local investigations. A stingray is a fake cell phone tower that law enforcement can configure to temporarily replace the real towers a device would normally connect to. In an astonishing turn of events, the US Marshals Service has acted to prevent the meeting from taking place -- seizing all of the relevant records and claiming that they're the property of the Marshals (and by extension, the US government). Meanwhile, a Tallahassee judge reviewing a similar request for access to what ought...
Read more...
One of the most troubling facts that came out of Edward Snowden's disclosures last year was the degree to which the government has relied on National Security Letters to compel companies to reveal information about their clients without producing a warrant. Many NSLs were accompanied by non-disclosure orders that forbade the receiving company from revealing to the accused that their information had been demanded. Microsoft had previously gone to court over such tactics and today, the details of the company's strategic victory became public for the first time. Last year, the FBI demanded information on an unidentified Office 365 enterprise customer and included a non-disclosure requirement alongside...
Read more...
Earlier this week, Apple released an updated set of legal guidelines spelling out exactly what it can and cannot access on your iDevice, what material it will turn over to the police, and under which circumstances it will surrender it. What's particularly interesting is the split response we've seen from different corners of the Internet. Everything Apple does tends to generate attention, but this particular set of announcements is getting a great deal of press -- and two very different narratives have emerged over what it means. Some readers and authors have reacted rather poorly to news that Apple can access user information even without knowing the passcode key. As my colleague, Rob Williams...
Read more...
A new comprehensive writeup at The Intercept claims to reveal additional details of the NSA's plans to infiltrate and conquer the Internet -- as well as its desire to bring virtually all data, everywhere, within its reach. A year ago, this kind of claim would've sounded like hyperbolic conspiracy theory, but no longer. Whether the NSA could ever effectively analyze that information is very much an open question, but the organization has launched a huge number of programs to pursue these ends. Own The Web What The Intercept report details is the NSA's plan for infiltrating target networks, right down to individual PCs. There are a dizzying number of codenames -- TURBINE is the automated system...
Read more...
The United States Government has filed a lawsuit against Sprint Communications requesting triple damages to the tune of $63M. Sprint's crime? Overcharging the NSA, FBI, and various other government agencies for the cost of spying on millions of Americans and turning their data over to the government. This is another "unintended consequence" of the Snowden revelations last year, though likely not one anyone anticipated. In the past, the government would've had no choice but to conduct this kind of action behind the tightest of closed doors, lest secrets leak that would reveal to the American people exactly how monitored our telecommunications are. Now, in the wake of the Snowden leaks, there's...
Read more...
If you’ve ever wondered how exactly NSA whistleblower Edward Snowden was able to access as much as he did, it’s apparently because he had help. According to an L.A. Times report, at least three other NSA workers helped him--wittingly or not. An NSA memo says that one of the three was an active-duty military member, while another was a civilian contractor like Snowden. No details were revealed about those two, including whether or not they worked with Snowden at his NSA location in Hawaii, but it does say that they have both been barred from accessing NSA systems since then. Edward Snowden (Credit: The Guardian) The third individual was a civilian employee who, it turns out, let Snowden...
Read more...
Facebook is facing a lawsuit from two users who allege that the company's "private" messaging is anything of the sort. We've seen a number of these cases over the years, going all the way back to Google's ad-crawling for Gmail, and it's generally known that if you use a service, company's are going to attempt to monetize your input. In Facebook's case, that includes all the things you post, the things you don't post, and apparently, even your private messages. Over the past few years, Facebook has been caught handing over user information to advertisers (including names and user IDs, despite promises to anonymize the information). According to the complaint, however, FB has been caught "clicking"...
Read more...
A fresh set of allegations and disclosures by der Spiegel claim that the NSA operates a Tailored Access Operations program designed to dig into spy targets conventionally perceived as "ungettable" for the purpose of extending the institutions global reach. The program has targeted individuals, companies, government institutions, and infrastructure, with tentacles that allegedly reach into nearly every facet of modern life. One facet of the program that's gotten quite a bit of attention is the NSA's ability to intercept packages shipped to targets, insert malware and other monitoring programs, and then ship the hardware to its intended destination. Der Spiegel reports that this interdiction gives...
Read more...
According to a new report, the NSA once paid the RSA Security $10M to implement a flawed security standard as the default protocol in its products. This new information builds on allegations from September that claimed the RSA had deployed a flawed, broken cryptographic standard. The new allegations, like much of what we've learned about the modern National Security Agency, comes from the files one-time Booz Allen contractor Edward Snowden began releasing this spring. If true, the blowback could destroy the RSA's credibility in the cryptographic world. The practical fallout from this news is likely to be relatively small. The standard in question is called Dual_EC_DRBG. It was first put forward...
Read more...
