Skip navigation
Help

Surveillance

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

Given that we now know that the National Security Agency (NSA) has the ability to compromise some, if not all of VPN, SSL, and TLS forms of data transmission hardening, it’s worth considering the various vectors of technical and legal data-gathering that high-level adversaries in America and Britain (and likely other countries, at least in the “Five Eyes” group of anglophone allies) are likely using in parallel to go after a given target. So far, the possibilities include:

  • A company volunteers to help (and gets paid for it)
  • Spies copy the traffic directly off the fiber
  • A company complies under legal duress
  • Spies infiltrate a company
  • Spies coerce upstream companies to weaken crypto in their products/install backdoors
  • Spies brute force the crypto
  • Spies compromise a digital certificate
  • Spies hack a target computer directly, stealing keys and/or data, sabotage.

Let’s take these one at a time.

0
Your rating: None

fbi_biometric_guidelines

Chaos Computer Club have given Apple one in the eye by undermining their fingerprint biometric security feature within 48 hours of the handset being in the publics hands. This makes the NYPD pavement pounding exhortations of the merits of the 5S security ring a little more hollow. Rest assured that Apple including such a feature is probably the thin wedge of biometrics featuring more in consumer devices. For one Valve, the online gaming colossus, have plans to include biometrics in their forthcoming console Steambox. That's a concerning trend, given the amount of countries already deploying the technology within organs of the state. So what else other biometrics can we expect to see in the gadgets of the near future?

0
Your rating: None
Original author: 
Sean Gallagher


NSA Headquarters in Fort Meade, MD.

mjb

One organization's data centers hold the contents of much of the visible Internet—and much of it that isn't visible just by clicking your way around. It has satellite imagery of much of the world and ground-level photography of homes and businesses and government installations tied into a geospatial database that is cross-indexed to petabytes of information about individuals and organizations. And its analytics systems process the Web search requests, e-mail messages, and other electronic activities of hundreds of millions of people.

No one at this organization actually "knows" everything about what individuals are doing on the Web, though there is certainly the potential for abuse. By policy, all of the "knowing" happens in software, while the organization's analysts generally handle exceptions (like violations of the law) picked from the flotsam of the seas of data that their systems process.

I'm talking, of course, about Google. Most of us are okay with what Google does with its vast supply of "big data," because we largely benefit from it—though Google does manage to make a good deal of money off of us in the process. But if I were to backspace over Google's name and replace it with "National Security Agency," that would leave a bit of a different taste in many people's mouths.

Read 31 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Adi Robertson

Boundless-heatmap-large-001_large

Leaked information about a piece of NSA software called Boundless Informant could shed light on how organized the agency's surveillance program really is. Glenn Greenwald — who recently exposed both widespread phone metadata collection and an internet spying program called PRISM — has revealed details about the ominously named program, which aggregates and organizes the NSA's data. Greenwald says the tool is focused on metadata, not the contents of emails or phone calls. Among other things, it tracks how many pieces of information have been collected per country.

3 billion pieces of information were allegedly tracked in the US over a 30-day period ending in March. In that same period, 97 billion pieces were collected worldwide, with...

Continue reading…

0
Your rating: None
Original author: 
Cyrus Farivar

The Washington Post

It’s worse than we thought.

Just one day after disclosing a secret court order between the National Security Agency (NSA) and Verizon, The Guardian and The Washington Post both published secret presentation slides revealing a previously undisclosed massive surveillance program called PRISM. The program has the capability to collect data “directly from the servers” of major American tech companies, including Microsoft, Google, Apple, Facebook, and Yahoo. (Dropbox is said to be “coming soon.”)

The newspapers describe the system as giving the National Security Agency and the FBI direct access to a huge number of online commercial services, capable of “extracting audio, video, photographs, e-mails, documents, and connection logs that enable analysts to track a person’s movements and contacts over time.”

Read 16 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Dan Goodin

Josh Chin

The Chinese hackers who breached Google's corporate servers 41 months ago gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government, according to a published report.

The revelation came in an article published Monday by The Washington Post, and it heightens concerns about the December, 2009 hack. When Google disclosed it a few weeks later, the company said only that the operatives accessed Google "intellectual property"—which most people took to mean software source code—and Gmail accounts of human rights activists.

Citing officials who agreed to speak on the condition that they not be named, Washington Post reporter Ellen Nakashima said the assets compromised in the attack also included a database storing years' worth of information about US surveillance targets. The goal, according to Monday's report, appears to be unearthing the identities of Chinese intelligence operatives in the US who were being tracked by American law enforcement agencies.

Read 7 remaining paragraphs | Comments

0
Your rating: None
Original author: 
boesing

sha

The real capabilities and behavior of the US surveillance state are almost entirely unknown to the American public because, like most things of significance done by the US government, it operates behind an impenetrable wall of secrecy. But a seemingly spontaneous admission this week by a former FBI counterterrorism agent provides a rather startling acknowledgment of just how vast and invasive these surveillance activities are.

http://www.guardian.co.uk/commentisfree/2013/may/04/telephone-calls-reco...

0
Your rating: None
Original author: 
samzenpus

An anonymous reader writes "In the last few years there has been a significant upsurge in subverting the cellular network for law enforcement purposes. Besides old school tapping, phones are have become the ideal informant: they can report a fairly accurate location and can be remotely turned into covert listening devices. This is often done without a warrant. How can I default the RF transmitter to off, be notified when the network is paging my IMSI and manually re-enable it (or not) if I opt to acknowledge the incoming call or SMS? How do I prevent GPS data from ever being gathered or sent ?"

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None