Skip navigation
Help

Mass surveillance

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

The National Security Agency wants your kids to know that it's cool to be "cyber smart."

As part of the agency's outreach to promote interest in technology and recruit a future generation of computer security experts, the NSA has links on its homepage to two sites targeted at children and adolescents. The "Kids Page," intended for elementary age children, appears to be down at the moment—either that, or the error code reference (Reference #97.887ffea5.1374616699.dc7bfc5) is an encoded message to grade school operatives that it's time to report in.

But the "Change The World" page, targeted at middle and high school students, is chock full of crypto-clearance fun. There's a word search, a PDF to print to make your own letter substitution code wheel, and a collection of tips on how to be a good cyber-citizen. Ironically, some of these tips might be useful for people concerned about how much data is being collected on them through broad metadata collection and FISA Court warranted PRISM probes.

Among the NSA's tips for kids is this sage wisdom: "Be cyber courteous! It is too easy to hide behind a computer! A cyber smart person never says anything online that they wouldn’t say in person. Remember that what you write in an e-mail can usually be retrieved and shared with others, so be responsible with e-mails, chats, and online communications." Especially since those e-mails, chats, and online communications could be getting captured in real-time by one of the NSA's network taps.

The NSA does offer kids some helpful password advice. "Try this: Take four random words…take the first three letters of each word, make some letters upper case and others lower case, then add any two or three numbers and then some character like @#$%&... the password should be at least 14 characters and memorable (or write it down but protect it). You should have a different password for each account that you have!" The NSA also suggests that kids only share their passwords with their parents. "No one else should have them—not your friends, teachers, or other family members."

The NSA wants kids to look out for software trojan horses and to play fair. "Do you download 'cheat' programs that promise information to how to perform better or beat a game?" the site asks. "Sometimes cheat downloads are used to implant a virus or malware on your computer!"

There's also some helpful information on protecting kids' identities online, including how to behave on social networks and in online games. "Do you use an avatar? You should. While cameras and webcams are popular, they also reveal who you are. When gaming, keep your true identity a mystery. Cyber sleuths never reveal their true identity except to trusted adults, like your parents!"

0
Your rating: None

Given that we now know that the National Security Agency (NSA) has the ability to compromise some, if not all of VPN, SSL, and TLS forms of data transmission hardening, it’s worth considering the various vectors of technical and legal data-gathering that high-level adversaries in America and Britain (and likely other countries, at least in the “Five Eyes” group of anglophone allies) are likely using in parallel to go after a given target. So far, the possibilities include:

  • A company volunteers to help (and gets paid for it)
  • Spies copy the traffic directly off the fiber
  • A company complies under legal duress
  • Spies infiltrate a company
  • Spies coerce upstream companies to weaken crypto in their products/install backdoors
  • Spies brute force the crypto
  • Spies compromise a digital certificate
  • Spies hack a target computer directly, stealing keys and/or data, sabotage.

Let’s take these one at a time.

0
Your rating: None
Original author: 
Cyrus Farivar


Smári McCarthy, in his Twitter bio, describes himself as a "Information freedom activist. Executive Director of IMMI. Pirate."

SHARE Conference

On Friday, two Icelandic activists with previous connections to WikiLeaks announced that they received newly unsealed court orders from Google. Google sent the orders earlier in the week, revealing that the company searched and seized data from their Gmail accounts—likely as a result of a grand jury investigation into the rogue whistleblower group.

Google was forbidden under American law from disclosing these orders to the men until the court lifted this restriction in early May 2013. (A Google spokesperson referred Ars to its Transparency Report for an explanation of its policies.)

On June 21, 2013, well-known Irish-Icelandic developer Smári McCarthy published his recently un-sealed court order dating back to July 14, 2011. Google sent him the order, which included McCarthy's Gmail account metadata, the night before. The government cited the Stored Communications Act (SCA)(specifically a 2703(d) order) as grounds to provide this order.

Read 8 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher


NSA Headquarters in Fort Meade, MD.

mjb

One organization's data centers hold the contents of much of the visible Internet—and much of it that isn't visible just by clicking your way around. It has satellite imagery of much of the world and ground-level photography of homes and businesses and government installations tied into a geospatial database that is cross-indexed to petabytes of information about individuals and organizations. And its analytics systems process the Web search requests, e-mail messages, and other electronic activities of hundreds of millions of people.

No one at this organization actually "knows" everything about what individuals are doing on the Web, though there is certainly the potential for abuse. By policy, all of the "knowing" happens in software, while the organization's analysts generally handle exceptions (like violations of the law) picked from the flotsam of the seas of data that their systems process.

I'm talking, of course, about Google. Most of us are okay with what Google does with its vast supply of "big data," because we largely benefit from it—though Google does manage to make a good deal of money off of us in the process. But if I were to backspace over Google's name and replace it with "National Security Agency," that would leave a bit of a different taste in many people's mouths.

Read 31 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Megan Geuss

The Guardian

The Guardian released an interview today with the man who has been the paper's source for a few now-infamous leaked documents that revealed a vast dragnet maintained by the NSA for gathering information on communications in America. That source is Edward Snowden, 29, an employee of American defense contractor Booz Allen Hamilton and a former technical assistant for the CIA.

When The Guardian published a leaked document on Wednesday of last week that showed a FISA court granting the NSA power to collect the metadata pertaining to phone calls from all of Verizon's customers over a period of three months, it became one of the biggest exposures of privacy invading actions taken by the government without the public's knowledge.

That is, until the next day, when The Guardian and The Washington Post revealed slides pertaining to another NSA project called PRISM, which apparently gathered vast swaths of information on users of Google services, Facebook, Apple, and more. While the companies named in the PRISM slides have all denied participation in such a program, President Obama and a number of senators confirmed the collection of phone call metadata on Friday.

Read 9 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Adi Robertson

Boundless-heatmap-large-001_large

Leaked information about a piece of NSA software called Boundless Informant could shed light on how organized the agency's surveillance program really is. Glenn Greenwald — who recently exposed both widespread phone metadata collection and an internet spying program called PRISM — has revealed details about the ominously named program, which aggregates and organizes the NSA's data. Greenwald says the tool is focused on metadata, not the contents of emails or phone calls. Among other things, it tracks how many pieces of information have been collected per country.

3 billion pieces of information were allegedly tracked in the US over a 30-day period ending in March. In that same period, 97 billion pieces were collected worldwide, with...

Continue reading…

0
Your rating: None
Original author: 
Cyrus Farivar

The Washington Post

It’s worse than we thought.

Just one day after disclosing a secret court order between the National Security Agency (NSA) and Verizon, The Guardian and The Washington Post both published secret presentation slides revealing a previously undisclosed massive surveillance program called PRISM. The program has the capability to collect data “directly from the servers” of major American tech companies, including Microsoft, Google, Apple, Facebook, and Yahoo. (Dropbox is said to be “coming soon.”)

The newspapers describe the system as giving the National Security Agency and the FBI direct access to a huge number of online commercial services, capable of “extracting audio, video, photographs, e-mails, documents, and connection logs that enable analysts to track a person’s movements and contacts over time.”

Read 16 remaining paragraphs | Comments

0
Your rating: None