March 13, 2014 at 1:23 AM
03/12/2014
Ryan Gallagher/Glenn Greenwald/TheIntercept:
Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.
The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.
The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.
One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.
An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.
“Assassination Market” Crowdfunds Murder of Gov’t Officials with Bitcoins; Bernanke, Obama, NSA’s Alexander Top Kill-List
In Archive, on November 20, 2013 at 9:56 AM
11/18/2013
…
Last month I received an encrypted email from someone calling himself by the pseudonym Kuwabatake Sanjuro, who pointed me towards his recent creation: The website Assassination Market, a crowdfunding service that lets anyone anonymously contribute bitcoins towards a bounty on the head of any government official–a kind of Kickstarter for political assassinations. According to Assassination Market’s rules, if someone on its hit list is killed–and yes, Sanjuro hopes that many targets will be–any hitman who can prove he or she was responsible receives the collected funds.
For now, the site’s rewards are small but not insignificant. In the four months that Assassination Market has been online, six targets have been submitted by users, and bounties have been collected ranging from ten bitcoins for the murder of NSA director Keith Alexander and 40 bitcoins for the assassination of President Barack Obama to 124.14 bitcoins–the largest current bounty on the site–targeting Ben Bernanke, chairman of the Federal Reserve and public enemy number one for many of Bitcoin’s anti-banking-system users. At Bitcoin’s current rapidly rising exchanges rate, that’s nearly $75,000 for Bernanke’s would-be killer.
Sanjuro’s grisly ambitions go beyond raising the funds to bankroll a few political killings. He believes that if Assassination Market can persist and gain enough users, it will eventually enable the assassinations of enough politicians that no one would dare to hold office. He says he intends Assassination Market to destroy “all governments, everywhere.”
“I believe it will change the world for the better,” writes Sanjuro, who shares his handle with the nameless samurai protagonist in the Akira Kurosawa film “Yojimbo.” (He tells me he chose it in homage to creator of the online black market Silk Road, who called himself the Dread Pirate Roberts, as well Bitcoin inventor Satoshi Nakamoto.) ”Thanks to this system, a world without wars, dragnet panopticon-style surveillance, nuclear weapons, armies, repression, money manipulation, and limits to trade is firmly within our grasp for but a few bitcoins per person. I also believe that as soon as a few politicians gets offed and they realize they’ve lost the war on privacy, the killings can stop and we can transition to a phase of peace, privacy and laissez-faire.”
I contacted the Secret Service and the FBI to ask if they’re investigating Assassination Market, and both declined to comment.
…
Sanjuro didn’t actually invent the concept of an anonymous crowdfunded assassination market. The idea dates back to the cypherpunk movement of the mid-1990s, whose adherents dreamt of using encryption tools to weaken the government and empower individuals. Former Intel engineer and Cypherpunk Mailing List founder Tim May argued that uncrackable secret messages and untraceable digital currency would lead to assassination markets in his “Cryptoanarchist’s Manifesto” written in 1992.
A few years later, another former Intel engineer named Jim Bell proposed a system of funding assassinations through encrypted, anonymous donations in an essay he called “ Assassination Politics.” The system he described closely matches Sanjuro’s scheme, though anonymity tools like Tor and Bitcoin were mostly theoretical at the time.
…
Sanjuro tells me he’s long been aware of Bell’s idea. But he only decided to enact it after the past summer’s revelations of mass surveillance by the NSA exposed in a series of leaks by agency contractor Edward Snowden. “Being forced to alter my every happy memory during internet activity, every intimate moment over the phone with my loved ones, to also include some of the people I hate the most listening in, analysing the conversation, was the inspiration I needed to embark on this task,” he writes. “After about a week of muttering ‘they must all die’ under my breath every time I opened a newspaper or turned on the television, I decided something had to be done. This is my contribution to the cause.”
…
“I am a crypto-anarchist,” Sanjuro concludes. “We have a bright future ahead of us.”
Human Rights Attorneys Working with Germany on Possible Asylum for Snowden in Exchange for Testimony
October 31, 2013 at 5:04 AM
10/30/2013
Human rights attorneys have been discussing the possibility of asylum for former NSA contractor Edward Snowden with left-wing politicians in Germany. The plan being developed involves giving testimony in an official government setting on recent revelations, such as the fact that the United States spied on Chancellor Angela Merkel’s cellphone. In return, he would be given asylum.
Jesselyn Radack, an attorney and national security and human rights director of the Government Accountability Project, confirmed the above details as part of an exclusive for Firedoglake.
…
No asylum offer has been made. No formal application for asylum has been submitted to the German government. However, it does appear this may be a next step.
Snowden was visited by a German politician, and they discussed whether he might enter the witness protection program or be granted asylum. They determined that pursuing the possibility of asylum would be better than witness protection.
In this slide from a National Security Agency presentation on “Google Cloud Exploitation,” a sketch shows where the “Public Internet” meets the internal “Google Cloud” where user data resides. Two engineers with close ties to Google exploded in profanity when they saw the drawing.
By Barton Gellman and Ashkan Soltani, Published: October 30 E-mail the writer
Graphic
How the NSA is hacking private networks, such as Google’s
How MUSCULAR collects too much data from Yahoo and Google
OCT 30
This NSA document describes a common problem of collecting too much information – and how the agency is attempting to control it.
Why the NSA wanted more access
Andrea Peterson OCT 30
The NSA already legally compelled tech companies to give it data via PRISM. So why did it hack into data links?
Full coverage: NSA Secrets
Read all of the stories in The Washington Post’s ongoing coverage of the National Security Agency’s surveillance programs.
The MUSCULAR project appears to be an unusually aggressive use of NSA tradecraft against flagship American companies. The agency is built for high-tech spying, with a wide range of digital tools, but it has not been known to use them routinely against U.S. companies.
In a statement, the NSA said it is “focused on discovering and developing intelligence about valid foreign intelligence targets only.”
“NSA applies Attorney General-approved processes to protect the privacy of U.S. persons — minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination,” it said.
In a statement, Google’s chief legal officer, David Drummond, said the company has “long been concerned about the possibility of this kind of snooping” and has not provided the government with access to its systems.
“We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” he said.
A Yahoo spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”
Under PRISM, the NSA gathers huge volumes of online communications records by legally compelling U.S. technology companies, including Yahoo and Google, to turn over any data that match court-approved search terms. That program, which was first disclosed by The Washington Post and the Guardian newspaper in Britain, is authorized under Section 702 of the FISA Amendments Act and overseen by the Foreign Intelligence Surveillance Court (FISC).
from the getprsm dept
Soon after the very earliest reporting on Ed Snowden’s leaked documents about PRISM, the folks from Datacoup put together the very amusing GETPRSM website, which looks very much like the announcement of a new social network, but (the joke is) it’s really the NSA scooping up all our data and making the connections. It’s pretty funny. Except, of course, when you find out that it’s real. And, yes, that seems to be the latest revelation out of Ed Snowden’s leaks. The NY Times has an article by James Risen and Laura Poitras (what a combo reporting team there!) detailing how the NSA has basically built its own “shadow” social network in which it tries to create a “social graph” of pretty much everyone that everyone knows, foreign or American, and it all happens (of course) without a warrant. And, note, this is relatively new:
The agency was authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners.
The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials said the agency drew on it for both Americans and foreigners.
There were apparently two policy changes that allowed this to happen, and both occurred in the past three years. First, in November of 2010, the NSA was allowed to start looking at phone call and email logs of Americans to try to help figure out associations for “foreign intelligence purposes.” Note that phrase. We’ll come back to it. For years, the NSA had been barred from viewing any content on US persons, and the NSA, President Obama and others have continued to insist to this day that there are minimization procedures that prevent spying on Americans. Except, this latest revelation shows that, yet again, this isn’t actually true.
The second policy change came in January of 2011, when the NSA was told it could start creating this massive “social graph” on Americans without having to make sure they weren’t Americans any more, as indicated above.
Somewhat amazingly, the new report notes that in 2006, the NSA asked the Justice Department for permission to do exactly this sort of thing, and was rejected, saying that a “misuse” of that kind of data “could raise serious concerns.” Indeed, it could, and does raise serious concerns, but apparently the current administration just doesn’t give a crap.
If all of this sounds familiar, it’s almost exactly what the feds tried to setup in 2002 with the Orwellian name Total Information Awareness. Except that time (right after 9/11, when you’d think the public would be at its most receptive to such programs), as word got out about the program, the public rightly flipped out, and we were told the program was shuttered. Except, as some have been arguing for years, it was never shuttered, it was just rebuilt in secret.
And, of course, the NSA is still willing to defend this massive breach on Americans’ privacy:
An agency spokeswoman, asked about the analyses of Americans’ data, said, “All data queries must include a foreign intelligence justification, period.”
“All of N.S.A.’s work has a foreign intelligence purpose,” the spokeswoman added. “Our activities are centered on counterterrorism, counterproliferation and cybersecurity.”
Note the continued shift in language. For a while, they kept saying that the NSA does no surveillance on Americans at all. At all! They insisted that would be illegal. Then, later, people started to note that they would use the phrase “targeting foreign intelligence” which had just enough (barely) wiggle room to get people to think that they were only looking at non-US person data and content, but really meant as long as the overall investigation “targeted” foreign intelligence, it was fine. Now they’re even walking back from that, and saying that apparently it’s fine to spy on Americans without a warrant so long as there’s “a foreign intelligence justification.” In short: if you can come up with some excuse for how it might impact something foreign, the NSA can spy on Americans without a warrant.
That’s no limitation at all. In fact, such a rule is meaningless. We already know that the NSA gets every telephone record handed over because they claim it’s “necessary” to “connect the dots” on foreign terror plots. And, similarly, now they’re arguing that they can look at anything else so long as they claim that there’s a “foreign intelligence justification.” That means they have no limits. They just have to come up with some wacky reason to claim that so-and-so might have foreign connections that are important to know about, and voila, their life is open for the NSA to dig in, all without any oversight or a warrant.
Somewhat surprisingly, the already disclosed phone metadata dragnet is actually not used for this social network effort, but that doesn’t mean the NSA is lacking in data with which to create this shadow spying social network. It uses the NSA’s taps on fiber optic networks, the ones that collect a ton of internet data, as Dianne Feinstein confirmed last week.
The N.S.A. documents show that one of the main tools used for chaining phone numbers and e-mail addresses has the code name Mainway. It is a repository into which vast amounts of data flow daily from the agency’s fiber-optic cables, corporate partners and foreign computer networks that have been hacked.
The documents show that significant amounts of information from the United States go into Mainway. An internal N.S.A. bulletin, for example, noted that in 2011 Mainway was taking in 700 million phone records per day. In August 2011, it began receiving an additional 1.1 billion cellphone records daily from an unnamed American service provider under Section 702 of the 2008 FISA Amendments Act, which allows for the collection of the data of Americans if at least one end of the communication is believed to be foreign.
Um. That’s an awful lot of records on Americans. And yet, we’re still being told that the NSA doesn’t spy on Americans? Yeah, right.
Anyway, it appears that the GETPRSM social network has been in existence for quite some time now, and don’t worry if you haven’t received your invite. You’ve already joined.
In Archive, NSA, NSA Files on September 29, 2013 at 7:56 AM
09/28/2013
AP:
Two American journalists known for their investigations of the United States’ government said Saturday they’ve teamed up to report on the National Security Agency’s role in what one called a “U.S. assassination program.”
The journalists provided no evidence of the purported U.S. program at the news conference, nor details of who it targeted.
Jeremy Scahill, a contributor to The Nation magazine and the New York Times best-selling author of “Dirty Wars,” said he will be working with Glenn Greenwald, the Rio-based journalist who has written stories about U.S. surveillance programs based on documents leaked by former NSA contractor Edward Snowden.
“The connections between war and surveillance are clear. I don’t want to give too much away but Glenn and I are working on a project right now that has at its center how the National Security Agency plays a significant, central role in the U.S. assassination program,” said Scahill, speaking to moviegoers in Rio de Janeiro, where the documentary based on his book made its Latin American debut at the Rio Film Festival.
“There are so many stories that are yet to be published that we hope will produce ‘actionable intelligence,’ or information that ordinary citizens across the world can use to try to fight for change, to try to confront those in power,” said Scahill.
band annie's Weblog 