Jump to content

Theme© by Fisana
 

Photo

NSA's Dirty Work Exposed

NSA

  • Please log in to reply
347 replies to this topic

#241 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 05 August 2016 - 01:47 PM

See What NSA Has Started?  

A Massive Invasion Of Privacy

 

Forget telephoto lenses and fake mustaches: The most important tools for America’s 35,000 private investigators are database subscription services. For more than a decade, professional snoops have been able to search troves of public and nonpublic records—known addresses, DMV records, photographs of a person’s car—and condense them into comprehensive reports costing as little as $10. Now they can combine that information with the kinds of things marketers know about you, such as which politicians you donate to, what you spend on groceries, and whether it’s weird that you ate in last night, to create a portrait of your life and predict your behavior.

IDI, a year-old company in the so-called data-fusion business, is the first to centralize and weaponize all that information for its customers.

 

(Zharkov:  I can imagine that "IDI" was copied from "IDF" or Israeli Defense Force and stands for Israeli Defense Intelligence.)

 

The Boca Raton, Fla., company’s database service, idiCORE, combines public records with purchasing, demographic, and behavioral data. Chief Executive Officer Derek Dubner says the system isn’t waiting for requests from clients—it’s already built a profile on every American adult, including young people who wouldn’t be swept up in conventional databases, which only index transactions. “We have data on that 21-year-old who’s living at home with mom and dad,” he says.

Dubner declined to provide a demo of idiCORE or furnish the company’s report on me. But he says these personal profiles include all known addresses, phone numbers, and e-mail addresses; every piece of property ever bought or sold, plus related mortgages; past and present vehicles owned; criminal citations, from speeding tickets on up; voter registration; hunting permits; and names and phone numbers of neighbors. The reports also include photos of cars taken by private companies using automated license plate readersbillions of snapshots tagged with GPS coordinates and time stamps to help PIs surveil people or bust alibis.

IDI also runs two coupon websites, allamericansavings.com and samplesandsavings.com, that collect purchasing and behavioral data. When I signed up for the latter, I was asked for my e-mail address, birthday, and home address, information that could easily link me with my idiCORE profile. The site also asked if I suffered from arthritis, asthma, diabetes, or depression, ostensibly to help tailor its discounts.

 

"The cloud" never forgets

Users and industry analysts say the addition of purchasing and behavioral data to conventional data fusion outmatches rival systems in terms of capabilities—and creepiness. “The cloud never forgets, and imperfect pictures of you composed from your data profile are carefully filled in over time,” says Roger Kay, president of Endpoint Technologies Associates, a consulting firm. “We’re like bugs in amber, completely trapped in the web of our own data.”

When logging in to IDI and similar databases, a PI must select a permissible use for a search under U.S. privacy laws. The Federal Trade Commission oversees the industry, but PI companies are largely expected to police themselves, because a midsize outfit may run thousands of searches a month.

Dubner says most Americans have little to fear. As examples, he cites idiCORE uses such as locating a missing person and nabbing a fraud or terrorism suspect.

IDI, like much of the data-fusion industry, traces its lineage to Hank Asher, a former cocaine smuggler
and self-taught programmer who began fusing sets of public data from state and federal governments in the early 1990s. After Sept. 11, law enforcement’s interest in commercial databases grew, and more money and data began raining down, says Julia Angwin, a reporter who wrote about the industry in her 2014 book, Dragnet Nation.

 

“I know it’s Thursday, you haven’t eaten Chinese food in two weeks...”

Asher died suddenly in 2013, leaving behind his company, the Last One (TLO), which credit bureau TransUnion bought in bankruptcy for $154 million. Asher’s disciples, including Dubner, left TLO and eventually teamed up with Michael Brauser, a former business partner of Asher’s, and billionaire health-care investor Phillip Frost. In May 2015, after a flurry of purchases and mergers, the group rebranded its database venture as IDI.

Besides pitching its databases to big-name PIs (Kroll, Control Risks), law firms, debt collectors, and government agencies, IDI says it’s also targeting consumer marketers. The 200-employee company had revenue of about $40 million in its most recent quarter and says 2,800 users signed up for idiCORE in the first month after its May release. It declined to provide more recent figures. The company’s data sets are growing, too. In December, Frost helped underwrite IDI’s $100 million acquisition of marketing profiler Fluent, which says it has 120 million profiles of U.S. consumers. In June, IDI bought ad platform Q Interactive for a reported $21 million in stock.

IDI may need Frost’s deep pockets for a while. The PI industry’s three favorite databases are owned by TransUnion and media giants Reed Elsevier and Thomson Reuters. “There’s no shortage,” says Chuck McLaughlin, chairman of the board of the World Association of Detectives, which has about 1,000 members. “The longer you’re in business, the more data you have, the better results.” He uses TLO and Tracers Information Specialists.

Steve Rambam, a PI who hosts Nowhere to Hide on the Investigation Discovery channel, says marketing data remains a niche monitoring tool compared with social media, but its power can be unparalleled. “You may not know what you do on a regular basis, but I know,” Rambam says. “I know it’s Thursday, you haven’t eaten Chinese food in two weeks, and I know you’re due.”


http://www.bloomberg...-american-adult
 


  • 0

#242 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 05 August 2016 - 02:01 PM

Is There An Olympic "Intelligence Competition" Event?

 

U.S. intelligence has assigned more than 1,000 spies to Olympic security as part of a highly classified effort to protect the Rio 2016 Summer Games and American athletes and staff, NBC News has learned.

Hundreds of analysts, law enforcement and special operations personnel are already on the ground in Rio de Janeiro, according to an exclusive NBC News review of a highly classified report on U.S. intelligence efforts.

In addition, more than a dozen highly trained Navy and Marine Corps commandos from the U.S. Special Operations Command are in Brazil, working with the Brazilian Federal Police and the Brazilian Navy, according to senior military officials.

The U.S. military, as expected, has placed larger military units on call should a rescue or counterterrorism operation be needed, the officials said.

The classified report outlines an operation that encompasses all 17 U.S. intelligence agencies, including those of the armed services, and involves human intelligence, spy satellites, electronic eavesdropping, and cyber and social media monitoring.

Areas of cooperation include vetting 10,000-plus athletes and 35,000-plus security and police personnel and others; monitoring terrorists' social media accounts; and offering U.S. help in securing computer networks, the review shows.

"U.S. intelligence agencies are working closely with Brazilian intelligence officials to support their efforts to identify and disrupt potential threats to the Olympic Games in Rio," said Richard Kolko, a spokesman for National Intelligence Director James Clapper.

The operation is being conducted with the full cooperation of the Brazilian government.

"U.S. intelligence cooperation with Brazil has been excellent since 9/11," a senior intelligence official said, adding, "We consider the Brazilians to be well-prepared and highly professional."

There is no indication of any specific plot against the Games, which officially kick off with Friday's opening ceremonies.

But two weeks ago, Brazilian authorities detained a dozen Rio residents for alleged ties to the Islamic State and arrested a Brazilian of Lebanese descent for alleged links to ISIS. Brazil's justice minister described those arrested as "amateurs" but noted they had discussed attacking the Olympics. U.S. intelligence documents from March also identify Hezbollah activity in Brazil.

Another U.S. intelligence official told NBC News that the U.S. has not seen "any threats" of an ISIS attack, contrasting the Olympics with the EuroCup soccer championship last month in France, "which was overlaid with the ISIS threat profile."

According to the intelligence review, the U.S. put a 24/7 multi-agency "Olympic Watch" in place late last year, involving all agencies of the intelligence and law enforcement communities, including the CIA, the NSA, the Secret Service, the FBI. It also included the National Reconnaissance Office, responsible for spy satellites, and the National Geospatial Intelligence Agency, in charge of imagery interpretation.

 

The NSA, America's eavesdropping agency, is the lead agency

The NSA, America's eavesdropping agency, is the lead agency and played the "leading role for the [intelligence community] in the Olympics since the 1984 Los Angeles games," the review said. Officials told NBC News that the NSA has proven most able to provide unique intelligence on the ground and real-time warnings that the host nations can't provide themselves.

 

Each of the U.S. military services have athletes participating in the Olympics

 

(Zharkov:  Yet the Olympics was always advertised as "amateur competition")

The U.S. is one of 51 countries supplying intelligence to the Brazilian counter terrorism effort, but the American effort is second only to the Brazilians' operation. According to senior U.S. intelligence officials, 800 intelligence professionals, mostly analysts operating in the U.S., have been assigned and another 350 are on the ground supporting U.S., Brazilian and International Olympic Committee efforts.

The official noted that the each of the U.S. military services have athletes participating in the Olympics, including shooting, men and women's boxing, and wrestling competitions. "We have actual equities involved," said the official in explaining the breadth and depth of the operation.


http://www.nbcnews.c...lympics-n623186

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Why are American taxpayers throwing money into a private corporate atheletic event?

Where in the US Constitution or Statutes does it say we have to pay for protecting parties and celebrations?

The "Olympic Games" are sponsored by corporate money, so why are US taxes paying for security?

This is how the elite fund their lifestyles - using public money for their own private purposes.


  • 0

#243 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 16 August 2016 - 12:58 AM

Something Else The NSA Started...

 

NSA hacked - Top cyber weapons allegedly go up for auction
 

The hackers have offered sample files, which some security researchers say appear to contain legitimate exploits.

An anonymous group claims to have stolen hacking tools that belong to the National Security Agency and is auctioning them off to the highest bidder.

It’s a pretty bold claim, but the hackers have offered sample files, and some security researchers say they appear to contain legitimate exploits.

The files were allegedly stolen from the Equation Group, a top cyberespionage team that may have links to the NSA.

The Equation Group is known to use some of the most advanced malware and probably helped develop the infamous Stuxnet computer worm, according to security firm Kaspersky Lab.

Over the weekend, hackers known as the Shadow Brokers claimed to have stolen the very cyber weapons the group has used.

“We auction best files to highest bidder. Auction files better than Stuxnet,” the hackers said in a Tumblr posting using broken English.

Samples of the stolen files are dated most recently to 2013, and they contain coding related to hacking, said Nicholas Weaver, a security researcher at the International Computer Science Institute in California.

“It appears to be a large amount of NSA infrastructure for controlling routers and firewalls, including implants, exploits and other tools,” he said in an email.


http://www.computerw...or-auction.html

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

(Good things sometimes happen to bad people)
 


  • 0

#244 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 16 August 2016 - 01:06 AM

It's also possible the Shadow Brokers are promoting a big scam.

 

Deception-based schemes are very common in hacking, Risk Based Security added. The NSA hasn't acknowledged any ties with Equation Group and on Monday, it didn't respond for comment.

 

Nevertheless, the Shadow Brokers are asking buyers to bid with bitcoin, although the group is offering no guarantees it will hold its own end of the bargain.

 

However, it’s promising to publicly dump all the files for 1 million bitcoins or $566 million. So far, the group has only received $45 worth in bitcoin, but it's hoping that "wealthy elites" end up trying to buy the stolen files. 

 

In their Tumblr posting, the Shadow Brokers warned that the hacking tools they've stolen could be used on banks to cause havoc. 

 

"If electronic data go bye bye where leave Wealthy Elites?" the group said.

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

If English study go bye bye, where leave bitcoin go?


  • 0

#245 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 16 August 2016 - 01:40 AM

NSA COMMITS WORLD'S BIGGEST DATA THEFT

 

Former Director: NSA Are the Best Thieving Hackers in the World
by Samburaj DasJanuary 13, 2016
 

General Michael Hayden had some interesting things to say about his former employers, the National Security Agency (NSA).

 

The former director of the NSA made no qualms while speaking about cyberespionage operations at a recent cybersecurity conference in Miami Beach. Hayden delivered the keynote address at the S4X16 conference, with the night’s topic of focus on hackers targeting critical infrastructure such as power plants and utilities like water and gas.

 

The former NSA director was quoted by CNN to state:

"We steal other people’s stuff in the cyber domain"

The cyber domain is a reference to cyberespionage operations such as Snowden’s revelation that the United States spied on Chinese public officials, businesses and even the Chinese University, in Hong Kong.

Speaking to the South China Post at the time, Snowden revealed that the NSA engaged and led more than 61,000 hacking operations around the world.

 

In an interview to the publication after fleeing to Hong Kong, Snowden said:

We hack network backbones – like huge internet routers, basically – that give us access to the communications of hundreds of thousands of computers without having to hack every single one.

Hayden fundamentally defended the United States hacking into the computers of foreign countries and their officials while adding: “As a former director of NSA, I like to think we’re number one [in cyberespionage.]”

 

Hayden also referred to four American partners as a part of the “Five Eyes” group – a collective of nations that includes Australia, Canada, New Zealand, the United Kingdom and the United States.

 

“We steal stuff to keep you free and keep you safe,” Hayden said, addressing those attending the conference. He continued: “We do not steal stuff to make you rich. (Zharkov: But they steal data to make themselves rich)

 

I can think of only four other countries who can say that. They all speak English,” he added, speaking about the “Five Eyes.”

National Security 

Hayden argued that the United States differs from other countries in the reasons it conducts cyber espionage operations. He made the claim that other countries include economic success as a part of national security, which isn’t the case with the United States, according to Hayden.

 

“Do we steal economic information? Of course we do: precursor chemicals, dual-use equipment… money laundering,” the former director said.”But we do not do it for commercial advantage (for you).” (Zharkov:  Would you believe that government officials have no interest in making big money?)

 

Boisterous as the former NSA director is about America’s cyber surveillance operations, the rest of the world aren’t particularly thrilled with the former’s global cyber-spying efforts. Following Snowden’s revelations, an age-old data-sharing agreement between the United States and Europe was firmly shut by the European Union’s highest court, the European Court of Justice.

 

https://hacked.com/n...rector-hackers/


  • 0

#246 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 16 August 2016 - 01:49 AM

Is the NSA Using Zero-Day Exploits before Reporting Them?

According to the NSA, it will report zero-day security vulnerabilities to software vendors “9 out of 10 times.” The other 10% of the time, it won’t say what it does with them, but it does say there are times when the military and national security benefits outweigh the benefit to disclosing vulnerabilities to vendors.

The agency was not quick to explain exactly what happens to the information if it is not disclosed to the companies in question.  For it would seem that if they’re not using the exploits they discover, then there is no good justification for not disclosing them. The existence of an un-leveraged security vulnerability on the computers of foreign adversaries does NSA no good. The only reason to leave them open is that they are being used, but then the question arises: strictly foreign or domestic as well?   (Zharkov:  If you read this entire thread, that question was already answered - yes.)

The issue raises an important question for software vendors doing business in the United States, who are very near having immunity in reporting customer data to the government.

 

The question is, if the government is not always going to report flaws to the companies, how can the companies trust that the government will always use the data in ethical ways?

There is a bit of irony to the situation. Companies pay out millions in taxes to the federal government. In 2016, the US intelligence community will get a $3 billion dollar raise, to about $53 billion. This money is in turn partially used to research vulnerabilities in software, and then some of those vulnerabilities are not disclosed. More than a mere breach in service, companies could rightly suffer significant losses in customer base a result of such activities. It seems the only logical next step to the government’s current trends is to require source code be turned over as well, even trade secrets. This despite the government’s checkered history with network security.

All things come out in the wash, but certainly most will agree that if the government is doing security research, it should be for the benefit of all society, not just its operations. Otherwise, it should leave such research to the private industry that has cropped up to do it.


https://hacked.com/n...oits-reporting/


  • 0

#247 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 16 August 2016 - 02:22 AM

“I can only imagine how much money you could make if you had access to the calls made around Wall Street”

The Great SIM Heist
How NSA Spies Stole the Keys to the Encryption Castle


AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.

The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.

In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

As part of the covert operations against Gemalto, spies from GCHQ — with support from the NSA — mined the private communications of unwitting engineers and other company employees in multiple countries.

Gemalto was totally oblivious to the penetration of its systems — and the spying on its employees. “I’m disturbed, quite concerned that this has happened,” Paul Beverly, a Gemalto executive vice president, told The Intercept. “The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn’t happen again, and also to make sure that there’s no impact on the telecom operators that we have served in a very trusted manner for many years. What I want to understand is what sort of ramifications it has, or could have, on any of our customers.” He added that “the most important thing for us now is to understand the degree” of the breach.

Leading privacy advocates and security experts say that the theft of encryption keys from major wireless network providers is tantamount to a thief obtaining the master ring of a building superintendent who holds the keys to every apartment. “Once you have the keys, decrypting traffic is trivial,” says Christopher Soghoian, the principal technologist for the American Civil Liberties Union. “The news of this key theft will send a shock wave through the security community.”

The massive key theft is “bad news for phone security.

Really bad news.”

Beverly said that after being contacted by The Intercept, Gemalto’s internal security team began on Wednesday to investigate how their system was penetrated and could find no trace of the hacks. When asked if the NSA or GCHQ had ever requested access to Gemalto-manufactured encryption keys, Beverly said, “I am totally unaware. To the best of my knowledge, no.”

According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto.

Additionally, the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information and network engineers machines for network maps.” GCHQ also claimed the ability to manipulate the billing servers of cell companies to “suppress” charges in an effort to conceal the spy agency’s secret actions against an individual’s phone. Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. A note accompanying the slide asserted that the spy agency was “very happy with the data so far and [was] working through the vast quantity of product.”

The Mobile Handset Exploitation Team (MHET), whose existence has never before been disclosed, was formed in April 2010 to target vulnerabilities in cellphones. One of its main missions was to covertly penetrate computer networks of corporations that manufacture SIM cards, as well as those of wireless network providers. The team included operatives from both GCHQ and the NSA.

While the FBI and other U.S. agencies can obtain court orders compelling U.S.-based telecom companies to allow them to wiretap or intercept the communications of their customers, on the international front this type of data collection is much more challenging. Unless a foreign telecom or foreign government grants access to their citizens’ data to a U.S. intelligence agency, the NSA or CIA would have to hack into the network or specifically target the user’s device for a more risky “active” form of surveillance that could be detected by sophisticated targets. Moreover, foreign intelligence agencies would not allow U.S. or U.K. spy agencies access to the mobile communications of their heads of state or other government officials.

“It’s unbelievable. Unbelievable,” said Gerard Schouw, a member of the Dutch Parliament, when told of the spy agencies’ actions. Schouw, the intelligence spokesperson for D66, the largest opposition party in the Netherlands, told The Intercept, “We don’t want to have the secret services from other countries doing things like this.” Schouw added that he and other lawmakers will ask the Dutch government to provide an official explanation and to clarify whether the country’s intelligence services were aware of the targeting of Gemalto, whose official headquarters is in Amsterdam.

Last November, the Dutch government proposed an amendment to its constitution to include explicit protection for the privacy of digital communications, including those made on mobile devices. “We have, in the Netherlands, a law on the [activities] of secret services. And hacking is not allowed,” Schouw said. Under Dutch law, the interior minister would have to sign off on such operations by foreign governments’ intelligence agencies. “I don’t believe that he has given his permission for these kind of actions.”

The U.S. and British intelligence agencies pulled off the encryption key heist in great stealth, giving them the ability to intercept and decrypt communications without alerting the wireless network provider, the foreign government or the individual user that they have been targeted.

 

“Gaining access to a database of keys is pretty much game over for cellular encryption,” says Matthew Green, a cryptography specialist at the Johns Hopkins Information Security Institute. The massive key theft is “bad news for phone security. Really bad news.”
att_sim

AS CONSUMERS BEGAN to adopt cellular phones en masse in the mid-1990s, there were no effective privacy protections in place. Anyone could buy a cheap device from RadioShack capable of intercepting calls placed on mobile phones. The shift from analog to digital networks introduced basic encryption technology, though it was still crackable by tech savvy computer science graduate students, as well as the FBI and other law enforcement agencies, using readily available equipment.

Today, second-generation (2G) phone technology, which relies on a deeply flawed encryption system, remains the dominant platform globally, though U.S. and European cellphone companies now use 3G, 4G and LTE technology in urban areas. These include more secure, though not invincible, methods of encryption, and wireless carriers throughout the world are upgrading their networks to use these newer technologies.

It is in the context of such growing technical challenges to data collection that intelligence agencies, such as the NSA, have become interested in acquiring cellular encryption keys. “With old-fashioned [2G], there are other ways to work around cellphone security without those keys,” says Green, the Johns Hopkins cryptographer. “With newer 3G, 4G and LTE protocols, however, the algorithms aren’t as vulnerable, so getting those keys would be essential.”

The privacy of all mobile communications — voice calls, text messages and Internet access — depends on an encrypted connection between the cellphone and the wireless carrier’s network, using keys stored on the SIM, a tiny chip smaller than a postage stamp, which is inserted into the phone. All mobile communications on the phone depend on the SIM, which stores and guards the encryption keys created by companies like Gemalto. SIM cards can be used to store contacts, text messages, and other important data, like one’s phone number. In some countries, SIM cards are used to transfer money. As The Intercept reported last year, having the wrong SIM card can make you the target of a drone strike.

SIM cards were not invented to protect individual communications — they were designed to do something much simpler: ensure proper billing and prevent fraud, which was pervasive in the early days of cellphones. Soghoian compares the use of encryption keys on SIM cards to the way Social Security numbers are used today. “Social security numbers were designed in the 1930s to track your contributions to your government pension,” he says. “Today they are used as a quasi national identity number, which was never their intended purpose.”

Because the SIM card wasn’t created with call confidentiality in mind, the manufacturers and wireless carriers don’t make a great effort to secure their supply chain. As a result, the SIM card is an extremely vulnerable component of a mobile phone. “I doubt anyone is treating those things very carefully,” says Green. “Cell companies probably don’t treat them as essential security tokens. They probably just care that nobody is defrauding their networks.” The ACLU’s Soghoian adds, “These keys are so valuable that it makes sense for intel agencies to go after them.”

As a general rule, phone companies do not manufacture SIM cards, nor program them with secret encryption keys. It is cheaper and more efficient for them to outsource this sensitive step in the SIM card production process. They purchase them in bulk with the keys pre-loaded by other corporations. Gemalto is the largest of these SIM “personalization” companies.

After a SIM card is manufactured, the encryption key, known as a “Ki,” is burned directly onto the chip. A copy of the key is also given to the cellular provider, allowing its network to recognize an individual’s phone. In order for the phone to be able to connect to the wireless carrier’s network, the phone — with the help of the SIM — authenticates itself using the Ki that has been programmed onto the SIM. The phone conducts a secret “handshake” that validates that the Ki on the SIM matches the Ki held by the mobile company. Once that happens, the communications between the phone and the network are encrypted. Even if GCHQ or the NSA were to intercept the phone signals as they are transmitted through the air, the intercepted data would be a garbled mess. Decrypting it can be challenging and time-consuming. Stealing the keys, on the other hand, is beautifully simple, from the intelligence agencies’ point of view, as the pipeline for producing and distributing SIM cards was never designed to thwart mass surveillance efforts.

One of the creators of the encryption protocol that is widely used today for securing emails, Adi Shamir, famously asserted: “Cryptography is typically bypassed, not penetrated.” In other words, it is much easier (and sneakier) to open a locked door when you have the key than it is to break down the door using brute force. While the NSA and GCHQ have substantial resources dedicated to breaking encryption, it is not the only way — and certainly not always the most efficient — to get at the data they want. “NSA has more mathematicians on its payroll than any other entity in the U.S.,” says the ACLU’s Soghoian. “But the NSA’s hackers are way busier than its mathematicians.”

GCHQ and the NSA could have taken any number of routes to steal SIM encryption keys and other data. They could have physically broken into a manufacturing plant. They could have broken into a wireless carrier’s office. They could have bribed, blackmailed or coerced an employee of the manufacturer or cellphone provider. But all of that comes with substantial risk of exposure. In the case of Gemalto, hackers working for GCHQ remotely penetrated the company’s computer network in order to steal the keys in bulk as they were en route to the wireless network providers.

SIM card “personalization” companies like Gemalto ship hundreds of thousands of SIM cards at a time to mobile phone operators across the world. International shipping records obtained by The Intercept show that in 2011, Gemalto shipped 450,000 smart cards from its plant in Mexico to Germany’s Deutsche Telekom in just one shipment.

In order for the cards to work and for the phones’ communications to be secure, Gemalto also needs to provide the mobile company with a file containing the encryption keys for each of the new SIM cards. These master key files could be shipped via FedEx, DHL, UPS or another snail mail provider. More commonly, they could be sent via email or through File Transfer Protocol, FTP, a method of sending files over the Internet.

The moment the master key set is generated by Gemalto or another personalization company, but before it is sent to the wireless carrier, is the most vulnerable moment for interception. “The value of getting them at the point of manufacture is you can presumably get a lot of keys in one go, since SIM chips get made in big batches,” says Green, the cryptographer. “SIM cards get made for lots of different carriers in one facility.” In Gemalto’s case, GCHQ hit the jackpot, as the company manufactures SIMs for hundreds of wireless network providers, including all of the leading U.S.— and many of the largest European — companies.

But obtaining the encryption keys while Gemalto still held them required finding a way into the company’s internal systems.

Diagram from a top-secret GCHQ slide.

TOP-SECRET GCHQ documents reveal that the intelligence agencies accessed the email and Facebook accounts of engineers and other employees of major telecom corporations and SIM card manufacturers in an effort to secretly obtain information that could give them access to millions of encryption keys. They did this by utilizing the NSA’s X-KEYSCORE program, which allowed them access to private emails hosted by the SIM card and mobile companies’ servers, as well as those of major tech corporations, including Yahoo and Google.

In effect, GCHQ clandestinely cyberstalked Gemalto employees, scouring their emails in an effort to find people who may have had access to the company’s core networks and Ki-generating systems. The intelligence agency’s goal was to find information that would aid in breaching Gemalto’s systems, making it possible to steal large quantities of encryption keys. The agency hoped to intercept the files containing the keys as they were transmitted between Gemalto and its wireless network provider customers.

GCHQ operatives identified key individuals and their positions within Gemalto and then dug into their emails. In one instance, GCHQ zeroed in on a Gemalto employee in Thailand who they observed sending PGP-encrypted files, noting that if GCHQ wanted to expand its Gemalto operations, “he would certainly be a good place to start.” They did not claim to have decrypted the employee’s communications, but noted that the use of PGP could mean the contents were potentially valuable.

The cyberstalking was not limited to Gemalto. GCHQ operatives wrote a script that allowed the agency to mine the private communications of employees of major telecommunications and SIM “personalization” companies for technical terms used in the assigning of secret keys to mobile phone customers. Employees for the SIM card manufacturers and wireless network providers were labeled as “known individuals and operators targeted” in a top-secret GCHQ document.

According to that April 2010 document, “PCS Harvesting at Scale,” hackers working for GCHQ focused on “harvesting” massive amounts of individual encryption keys “in transit between mobile network operators and SIM card personalisation centres” like Gemalto. The spies “developed a methodology for intercepting these keys as they are transferred between various network operators and SIM card providers.” By that time, GCHQ had developed “an automated technique with the aim of increasing the volume of keys that can be harvested.”

The PCS Harvesting document acknowledged that, in searching for information on encryption keys, GCHQ operatives would undoubtedly vacuum up “a large number of unrelated items” from the private communications of targeted employees. “[H]owever an analyst with good knowledge of the operators involved can perform this trawl regularly and spot the transfer of large batches of [keys].”

The document noted that many SIM card manufacturers transferred the encryption keys to wireless network providers “by email or FTP with simple encryption methods that can be broken … or occasionally with no encryption at all.” To get bulk access to encryption keys, all the NSA or GCHQ needed to do was intercept emails or file transfers as they were sent over the Internet — something both agencies already do millions of times per day. A footnote in the 2010 document observed that the use of “strong encryption products … is becoming increasingly common” in transferring the keys.

In its key harvesting “trial” operations in the first quarter of 2010, GCHQ successfully intercepted keys used by wireless network providers in Iran, Afghanistan, Yemen, India, Serbia, Iceland and Tajikistan. But, the agency noted, its automated key harvesting system failed to produce results against Pakistani networks, denoted as “priority targets” in the document, despite the fact that GCHQ had a store of Kis from two providers in the country, Mobilink and Telenor. “[I]t is possible that these networks now use more secure methods to transfer Kis,” the document concluded.

From December 2009 through March 2010, a month before the Mobile Handset Exploitation Team was formed, GCHQ conducted a number of trials aimed at extracting encryption keys and other personalized data for individual phones. In one two-week period, they accessed the emails of 130 people associated with wireless network providers or SIM card manufacturing and personalization. This operation produced nearly 8,000 keys matched to specific phones in 10 countries. In another two-week period, by mining just six email addresses, they produced 85,000 keys. At one point in March 2010, GCHQ intercepted nearly 100,000 keys for mobile phone users in Somalia. By June, they’d compiled 300,000. “Somali providers are not on GCHQ’s list of interest,” the document noted. “[H]owever, this was usefully shared with NSA.”

The GCHQ documents only contain statistics for three months of encryption key theft in 2010. During this period, millions of keys were harvested. The documents stated explicitly that GCHQ had already created a constantly evolving automated process for bulk harvesting of keys. They describe active operations targeting Gemalto’s personalization centers across the globe, as well as other major SIM card manufacturers and the private communications of their employees.

A top-secret NSA document asserted that, as of 2009, the U.S. spy agency already had the capacity to process between 12 and 22 million keys per second for later use against surveillance targets. In the future, the agency predicted, it would be capable of processing more than 50 million per second. The document did not state how many keys were actually processed, just that the NSA had the technology to perform such swift, bulk operations. It is impossible to know how many keys have been stolen by the NSA and GCHQ to date, but, even using conservative math, the numbers are likely staggering.

GCHQ assigned “scores” to more than 150 individual email addresses based on how often the users mentioned certain technical terms, and then intensified the mining of those individuals’ accounts based on priority. The highest-scoring email address was that of an employee of Chinese tech giant Huawei, which the U.S. has repeatedly accused of collaborating with Chinese intelligence. In all, GCHQ harvested the emails of employees of hardware companies that manufacture phones, such as Ericsson and Nokia; operators of mobile networks, such as MTN Irancell and Belgacom; SIM card providers, such as Bluefish and Gemalto; and employees of targeted companies who used email providers, such as Yahoo and Google. During the three-month trial, the largest number of email addresses harvested were those belonging to Huawei employees, followed by MTN Irancell. The third largest class of emails harvested in the trial were private Gmail accounts, presumably belonging to employees at targeted companies.

    “People were specifically hunted and targeted by intelligence agencies, not because they did anything wrong, but because they could be used.”

The GCHQ program targeting Gemalto was called DAPINO GAMMA. In 2011, GCHQ launched operation HIGHLAND FLING to mine the email accounts of Gemalto employees in France and Poland. A top-secret document on the operation stated that one of the aims was “getting into French HQ” of Gemalto “to get in to core data repositories.” France, home to one of Gemalto’s global headquarters, is the nerve center of the company’s worldwide operations. Another goal was to intercept private communications of employees in Poland that “could lead to penetration into one or more personalisation centers” — the factories where the encryption keys are burned onto SIM cards.

As part of these operations, GCHQ operatives acquired the usernames and passwords for Facebook accounts of Gemalto targets. An internal top-secret GCHQ wiki on the program from May 2011 indicated that GCHQ was in the process of “targeting” more than a dozen Gemalto facilities across the globe, including in Germany, Mexico, Brazil, Canada, China, India, Italy, Russia, Sweden, Spain, Japan and Singapore.

The document also stated that GCHQ was preparing similar key theft operations against one of Gemalto’s competitors, Germany-based SIM card giant Giesecke and Devrient.

On January 17, 2014, President Barack Obama gave a major address on the NSA spying scandal. “The bottom line is that people around the world, regardless of their nationality, should know that the United States is not spying on ordinary people who don’t threaten our national security and that we take their privacy concerns into account in our policies and procedures,” he said.

The monitoring of the lawful communications of employees of major international corporations shows that such statements by Obama, other U.S. officials and British leaders — that they only intercept and monitor the communications of known or suspected criminals or terrorists — were untrue. “The NSA and GCHQ view the private communications of people who work for these companies as fair game,” says the ACLU’s Soghoian. “These people were specifically hunted and targeted by intelligence agencies, not because they did anything wrong, but because they could be used as a means to an end.”
key-slide2

THERE ARE TWO basic types of electronic or digital surveillance: passive and active. All intelligence agencies engage in extensive passive surveillance, which means they collect bulk data by intercepting communications sent over fiber-optic cables, radio waves or wireless devices.

Intelligence agencies place high-power antennas, known as “spy nests,” on the top of their countries’ embassies and consulates, which are capable of vacuuming up data sent to or from mobile phones in the surrounding area. The joint NSA/CIA Special Collection Service is the lead entity that installs and mans these nests for the United States. An embassy situated near a parliament or government agency could easily intercept the phone calls and data transfers of the mobile phones used by foreign government officials. The U.S. embassy in Berlin, for instance, is located a stone’s throw from the Bundestag. But if the wireless carriers are using stronger encryption, which is built into modern 3G, 4G and LTE networks, then intercepted calls and other data would be more difficult to crack, particularly in bulk. If the intelligence agency wants to actually listen to or read what is being transmitted, they would need to decrypt the encrypted data.

Active surveillance is another option. This would require government agencies to “jam” a 3G or 4G network, forcing nearby phones onto 2G. Once forced down to the less secure 2G technology, the phone can be tricked into connecting to a fake cell tower operated by an intelligence agency. This method of surveillance, though effective, is risky, as it leaves a digital trace that counter-surveillance experts from foreign governments could detect.

Stealing the Kis solves all of these problems. This way, intelligence agencies can safely engage in passive, bulk surveillance without having to decrypt data and without leaving any trace whatsoever.

“Key theft enables the bulk, low-risk surveillance of encrypted communications,” the ACLU’s Soghoian says. “Agencies can collect all the communications and then look through them later. With the keys, they can decrypt whatever they want, whenever they want. It’s like a time machine, enabling the surveillance of communications that occurred before someone was even a target.”

Neither the NSA nor GCHQ would comment specifically on the key theft operations. In the past, they have argued more broadly that breaking encryption is a necessary part of tracking terrorists and other criminals. “It is longstanding policy that we do not comment on intelligence matters,” a GCHQ official stated in an email, adding that the agency’s work is conducted within a “strict legal and policy framework” that ensures its activities are “authorized, necessary and proportionate,” with proper oversight, which is the standard response the agency has provided for previous stories published by The Intercept. The agency also said, “[T]he UK’s interception regime is entirely compatible with the European Convention on Human Rights.” The NSA declined to offer any comment.

It is unlikely that GCHQ’s pronouncement about the legality of its operations will be universally embraced in Europe. “It is governments massively engaging in illegal activities,” says Sophie in’t Veld, a Dutch member of the European Parliament. “If you are not a government and you are a student doing this, you will end up in jail for 30 years.” Veld, who chaired the European Parliament’s recent inquiry into mass surveillance exposed by Snowden, told The Intercept: “The secret services are just behaving like cowboys. Governments are behaving like cowboys and nobody is holding them to account.”

The Intercept’s Laura Poitras has previously reported that in 2013 Australia’s signals intelligence agency, a close partner of the NSA, stole some 1.8 million encryption keys from an Indonesian wireless carrier.

A few years ago, the FBI reportedly dismantled several transmitters set up by foreign intelligence agencies around the Washington, D.C. area, which could be used to intercept cellphone communications. Russia, China, Israel and other nations use similar technology as the NSA across the world. If those governments had the encryption keys for major U.S. cellphone companies’ customers, such as those manufactured by Gemalto, mass snooping would be simple. “It would mean that with a few antennas placed around Washington, D.C., the Chinese or Russian governments could sweep up and decrypt the communications of members of Congress, U.S. agency heads, reporters, lobbyists and everyone else involved in the policymaking process and decrypt their telephone conversations,” says Soghoian.

“Put a device in front of the U.N., record every bit you see going over the air. Steal some keys, you have all those conversations,” says Green, the Johns Hopkins cryptographer. And it’s not just spy agencies that would benefit from stealing encryption keys. “I can only imagine how much money you could make if you had access to the calls made around Wall Street,” he adds.

GCHQ slide.

THE BREACH OF Gemalto’s computer network by GCHQ has far-reaching global implications. The company, which brought in $2.7 billion in revenue in 2013, is a global leader in digital security, producing banking cards, mobile payment systems, two-factor authentication devices used for online security, hardware tokens used for securing buildings and offices, electronic passports and identification cards. It provides chips to Vodafone in Europe and France’s Orange, as well as EE, a joint venture in the U.K. between France Telecom and Deutsche Telekom. Royal KPN, the largest Dutch wireless network provider, also uses Gemalto technology.

In Asia, Gemalto’s chips are used by China Unicom, Japan’s NTT and Taiwan’s Chungwa Telecom, as well as scores of wireless network providers throughout Africa and the Middle East. The company’s security technology is used by more than 3,000 financial institutions and 80 government organizations. Among its clients are Visa, Mastercard, American Express, JP Morgan Chase and Barclays. It also provides chips for use in luxury cars, including those made by Audi and BMW.

In 2012, Gemalto won a sizable contract, worth $175 million, from the U.S. government to produce the covers for electronic U.S. passports, which contain chips and antennas that can be used to better authenticate travelers. As part of its contract, Gemalto provides the personalization and software for the microchips implanted in the passports. The U.S. represents Gemalto’s single largest market, accounting for some 15 percent of its total business. This raises the question of whether GCHQ, which was able to bypass encryption on mobile networks, has the ability to access private data protected by other Gemalto products created for banks and governments.

As smart phones become smarter, they are increasingly replacing credit cards and cash as a means of paying for goods and services. When Verizon, AT&T and T-Mobile formed an alliance in 2010 to jointly build an electronic pay system to challenge Google Wallet and Apple Pay, they purchased Gemalto’s technology for their program, known as Softcard. (Until July 2014, it previously went by the unfortunate name of “ISIS Mobile Wallet.”) Whether data relating to that, and other Gemalto security products, has been compromised by GCHQ and the NSA is unclear. Both intelligence agencies declined to answer any specific questions for this story.

Signal, iMessage, WhatsApp, Silent Phone.

PRIVACY ADVOCATES and security experts say it would take billions of dollars, significant political pressure, and several years to fix the fundamental security flaws in the current mobile phone system that NSA, GCHQ and other intelligence agencies regularly exploit.

A current gaping hole in the protection of mobile communications is that cellphones and wireless network providers do not support the use of Perfect Forward Secrecy (PFS), a form of encryption designed to limit the damage caused by theft or disclosure of encryption keys. PFS, which is now built into modern web browsers and used by sites like Google and Twitter, works by generating unique encryption keys for each communication or message, which are then discarded. Rather than using the same encryption key to protect years’ worth of data, as the permanent Kis on SIM cards can, a new key might be generated each minute, hour or day, and then promptly destroyed. Because cellphone communications do not utilize PFS, if an intelligence agency has been “passively” intercepting someone’s communications for a year and later acquires the permanent encryption key, it can go back and decrypt all of those communications. If mobile phone networks were using PFS, that would not be possible — even if the permanent keys were later stolen.

The only effective way for individuals to protect themselves from Ki theft-enabled surveillance is to use secure communications software, rather than relying on SIM card-based security. Secure software includes email and other apps that use Transport Layer Security (TLS), the mechanism underlying the secure HTTPS web protocol. The email clients included with Android phones and iPhones support TLS, as do large email providers like Yahoo and Google.

Apps like TextSecure and Silent Text are secure alternatives to SMS messages, while Signal, RedPhone and Silent Phone encrypt voice calls. Governments still may be able to intercept communications, but reading or listening to them would require hacking a specific handset, obtaining internal data from an email provider, or installing a bug in a room to record the conversations.

“We need to stop assuming that the phone companies will provide us with a secure method of making calls or exchanging text messages,” says Soghoian.


https://theintercept...reat-sim-heist/


  • 0

#248 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 19 August 2016 - 02:17 PM

NSA DIRECTOR TO JOIN Alcoholics Anonymous?

nsax2000.png?sw=600&cx=0&cy=162&cw=2000&

NSA director Michael Rogers.

 

Security Experts Agree: The NSA Was Hacked

Analysis of the software tools made available by the Shadow Brokers suggests that they’re the real deal.
 

Meanwhile, Russian security firm Kaspersky has also been interrogating the software. It’s discovered unusual math in the code that’s been published so far, which it believes ties the software to the so-called Equation Group. Kaspersky identified the previously unknown Equation Group last year, and at the time Reuters claimed that it was the work of the U.S. National Security Agency. The same quirky mathematics seen in last year’s analysis is also present in the recently released code.

 

Ex-NSA employees have also told the Wall Street Journal that they believe the code published by the Shadow Brokers to be “authentic.”

 

These scraps of information raise the question of why the NSA had for years been sitting on vulnerabilities that affect widely used networking gear. They also suggest that the agency may have gone against White House policy on when it is reasonable to keep flaws secret.

 

The Cisco bugs were zero-day vulnerabilities, so called because they give the author of a piece of software zero days to identify and distribute a solution. Zero-days are valuable to criminals and spies because they can be used to break into systems undetected.

 

Organizations in the business of hacking, like the NSA, can secretly stockpile vulnerabilities to keep their operations stealthy. Critics of the NSA have accused it of weakening Internet security by hoarding zero-days and preventing companies from fixing their products. 

NSA retaining Cisco ASA 0day, like FBI not sharing Apple iPhone vuln, goes against Obama's policy & NSC guidance. Need EO & stronger process

— Jason Healey (@Jason_Healey) August 18, 2016

In 2013, the Obama administration quietly created a new process that all government departments must follow to decide whether it was reasonable to keep a zero-day vulnerability secret. In 2014 the National Security Council cybersecurity coordinator Michael Daniel told Wired that the process led to the NSA sharing the majority of flaws that it identifies. But the Shadow Brokers leak suggests that the NSA was breaking the rules, according to Columbia University researcher Jason Healey.

 

Even with evidence suggesting this freely published software is genuine, it remains unclear exactly what tools lurk in the software the Shadow Brokers have put up for sale.

 

The highest bidder will get to find out.

 

https://www.technolo...ked/?set=602199


  • 0

#249 shaktiman

shaktiman

    Registered User

  • Members
  • PipPipPip
  • 14221 posts

Posted 19 August 2016 - 04:42 PM

A Massive Invasion Of Privacy

 

 

 

Don't worry too much Zharkov.

 

Sometimes the idiots at NSA do it to each other.

 

Imbeciles?

 

I'll go over all of this in time.

 

There's a lot to digest.

 

For now, I have to sit back and watch the Clinton lawyers here in my wife's NC federal case hiding and destroying evidence as usual.

 

I find particularly heinous when their lawyers, officers of the federal courts per say, are assisting in the commission of crimes as defined by federal statute.

 

i don't think this happens "all the time".

 

Thanks for your mandrake commentary on his self satisfying yoga behavior.

 

Best regards..


  • 0

#250 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 20 August 2016 - 02:12 AM

The funny part is that everything on this thead was once classified "Top Secret" or higher.

 

hhtt2.jpg

 

So Hillary has dementia - what did the NSA do about it?

 

Did they warn the American people?

 

If protecting America is not their job, why does NSA exist?


  • 1

#251 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 20 August 2016 - 02:16 AM

A little secret for the NSA - in case you didn't know...

 

ssjj3.jpg


  • 0

#252 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 22 August 2016 - 05:06 PM

NSA%20teaser%202_0.jpg?1471871828

                                         Three Amigos, or The Three Stooges?

 

"Evidence Points To Another Snowden At The NSA"
Last week, following the news that a previously unknown hacker collective, "The Shadow Brokers" had hacked and released legitimate hacking tools from the NSA's own special-ops entity, the "Equation Group", initial speculation that Russians may have penetrated the US spy agency - suggested by none other than Edward Snowden - shifted to the suggestion that the agency may be housing another "mole" insider. As we noted on Thursday, a former NSA source told Motherboard, that “it’s plausible” that the leakers are actually a disgruntled insider, claiming that it’s easier to walk out of the NSA with a USB drive or a CD than hack its servers. Michael Adams, an information security expert who served more than two decades in the US Special Operations Command, agreed that it’s a viable theory.
 

“It’s Snowden junior,” Adams told Motherboard. “Except he doesn’t want to end up in virtual prison in Russia. He’s smart enough to rip off shit, but also smart enough to be unidentifiable.”

 

Today, in an op-ed by cybersecurity expert, James Bamford, author of The Shadow Factory: The Ultra-Secret NSA From 9/11 to the Eavesdropping on America, and columnist for Foreign Policy magazine, writes that this is increasingly looking as the most probable explanation, and that Russia had nothing to do with this latest - and most provocative yet - hack.

This is what he think is really going on behind the scenes, courtesy of Reuters.

 

Another Snowden at the NSA

 

In the summer of 1972, state-of-the-art campaign spying consisted of amateur burglars, armed with duct tape and microphones, penetrating the headquarters of the Democratic National Committee. Today, amateur burglars have been replaced by cyberspies, who penetrated the DNC armed with computers and sophisticated hacking tools. 

Where the Watergate burglars came away empty-handed and in handcuffs, the modern- day cyber thieves walked away with tens of thousands of sensitive political documents and are still unidentified.

 

Now, in the latest twist, hacking tools themselves, likely stolen from the National Security Agency, are on the digital auction block. Once again, the usual suspects start with Russia – though there seems little evidence backing up the accusation. 

 

In addition, if Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination. 

 

A more logical explanation could also be insider theft. If that’s the case, it’s one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can’t keep its most valuable data from being stolen, or as it appears in this case, being used against us.

 

In what appeared more like a Saturday Night Live skit than an act of cybercrime, a group calling itself the Shadow Brokers put up for bid on the Internet what it called a “full state-sponsored toolset” of “cyberweapons.” “!!! Attention government sponsors of cyberwarfare and those who profit from it !!!! How much would you pay for enemies cyberweapons?” said the announcement. 

 

The group said it was releasing some NSA files for “free” and promised “better” ones to the highest bidder. However, those with loosing bids “Lose Lose,” it said, because they would not receive their money back. And should the total sum of the bids, in bitcoins, reach the equivalent of half a billion dollars, the group would make the whole lot public. 

 

While the “auction” seemed tongue in cheek, more like hacktivists than Russian high command, the sample documents were almost certainly real. The draft of a top-secret NSA manual for implanting offensive malware, released by Edward Snowden, contains code for a program codenamed SECONDDATE. That same 16-character string of numbers and characters is in the code released by the Shadow Brokers. The details from the manual were first released by The Intercept last Friday.

 

The authenticity of the NSA hacking tools were also confirmed by several ex-NSA officials who spoke to the media, including former members of the agency’s Tailored Access Operations (TAO) unit, the home of hacking specialists.  

“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Washington Post. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.” Another added, “From what I saw, there was no doubt in my mind that it was legitimate.”

 

Like a bank robber’s tool kit for breaking into a vault, cyber exploitation tools, with codenames like EPICBANANA and BUZZDIRECTION, are designed to break into computer systems and networks. Just as the bank robber hopes to find a crack in the vault that has never been discovered, hackers search for digital cracks, or “exploits,” in computer programs like Windows. 

 

The most valuable are “zero day” exploits, meaning there have been zero days since Windows has discovered the “crack” in their programs. Through this crack, the hacker would be able to get into a system and exploit it, by stealing information, until the breach is eventually discovered and patched. According to the former NSA officials who viewed the Shadow Broker files, they contained a number of exploits, including zero-day exploits that the NSA often pays thousands of dollars for to private hacking groups.

 

The reasons given for laying the blame on Russia appear less convincing, however. “This is probably some Russian mind game, down to the bogus accent,” James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank, told the New York Times. Why the Russians would engage in such a mind game, he never explained.

 

Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA and fled to Hong Kong carrying flash drives containing hundreds of thousands of pages of NSA documents. 

 

So, if Snowden could not have stolen the hacking tools, there are indications that after he departed in May 2013, someone else did, possibly someone assigned to the agency’s highly sensitive Tailored Access Operations.

 

In December 2013, another highly secret NSA document quietly became public. It was a top secret TAO catalog of NSA hacking tools. Known as the Advanced Network Technology (ANT) catalog, it consisted of 50 pages of extensive pictures, diagrams and descriptions of tools for every kind of hack, mostly targeted at devices manufactured by U.S. companies, including Apple, Cisco, Dell and many others. 

 

Like the hacking tools, the catalog used similar codenames. Among the tools targeting Apple was one codenamed DROPOUTJEEP, which gives NSA total control of iPhones. "A software implant for the Apple iPhone,” says the ANT catalog, “includes the ability to remotely push/pull files from the device. SMS retrieval, contact-list retrieval, voicemail, geolocation, hot mic, camera capture, cell-tower location, etc.” 

 

Another, codenamed IRATEMONK, is, “Technology that can infiltrate the firmware of hard drives manufactured by Maxtor, Samsung, Seagate and Western Digital.” 

 

In 2014, I spent three days in Moscow with Snowden for a magazine assignment and a PBS documentary. During our on-the-record conversations, he would not talk about the ANT catalog, perhaps not wanting to bring attention to another possible NSA whistleblower.

 

I was, however, given unrestricted access to his cache of documents. These included both the entire British, or GCHQ, files and the entire NSA files.

 

But going through this archive using a sophisticated digital search tool, I could not find a single reference to the ANT catalog. This confirmed for me that it had likely been released by a second leaker. And if that person could have downloaded and removed the catalog of hacking tools, it’s also likely he or she could have also downloaded and removed the digital tools now being leaked.

 

In fact, a number of the same hacking implants and tools released by the Shadow Brokers are also in the ANT catalog, including those with codenames BANANAGLEE and JETPLOW. These can be used to create “a persistent back-door capability” into widely used Cisco firewalls, says the catalog. 

 

Consisting of about 300 megabytes of code, the tools could easily and quickly be transferred to a flash drive. But unlike the catalog, the tools themselves – thousands of ones and zeros – would have been useless if leaked to a publication. This could be one reason why they have not emerged until now.

 

Enter WikiLeaks. Just two days after the first Shadow Brokers message, Julian Assange, the founder of WikiLeaks, sent out a Twitter message. “We had already obtained the archive of NSA cyberweapons released earlier today,” Assange wrote, “and will release our own pristine copy in due course.” 

 

The month before, Assange was responsible for releasing the tens of thousands of hacked DNC emails that led to the resignation of the four top committee officials. 

 

There also seems to be a link between Assange and the leaker who stole the ANT catalog, and the possible hacking tools. Among Assange’s close associates is Jacob Appelbaum, a celebrated hacktivist and the only publicly known WikiLeaks staffer in the United States – until he moved to Berlin in 2013 in what he called a “political exile” because of what he said was repeated harassment by U.S. law enforcement personnel. In 2010, a Rolling Stone magazine profile labeled him “the most dangerous man in cyberspace.” 

 

In December 2013, Appelbaum was the first person to reveal the existence of the ANT catalog, at a conference in Berlin, without identifying the source. That same month he said he suspected the U.S. government of breaking into his Berlin apartment. He also co-wrote an article about the catalog in Der Spiegel. But again, he never named a source, which led many to assume, mistakenly, that it was Snowden.

 

In addition to WikiLeaks, for years Appelbaum worked for Tor, an organization focused on providing its customers anonymity on the Internet. But last May, he stepped down as a result of “serious, public allegations of sexual mistreatment” made by unnamed victims, according to a statement put out by Tor. Appelbaum has denied the charges.

Shortly thereafter, he turned his attention to Hillary Clinton. At a screening of a documentary about Assange in Cannes, France, Appelbaum accused her of having a grudge against him and Assange, and that if she were elected president, she would make their lives difficult. “It's a situation that will possibly get worse” if she is elected to the White House, he said, according to Yahoo News.

 

It was only a few months later that Assange released the 20,000 DNC emails. Intelligence agencies have again pointed the finger at Russia for hacking into these emails. 

Yet there has been no explanation as to how Assange obtained them. He told NBC News, "There is no proof whatsoever" that he obtained the emails from Russian intelligence. Moscow has also denied involvement.  

 

There are, of course, many sophisticated hackers in Russia, some with close government ties and some without. And planting false and misleading indicators in messages is an old trick. Now Assange has promised to release many more emails before the election, while apparently ignoring email involving Trump. (Trump opposition research was also stolen.)  

 

In hacktivist style, and in what appears to be phony broken English, this new release of cyberweapons also seems to be targeting Clinton. It ends with a long and angry “final message” against “Wealthy Elites . . . breaking laws” but “Elites top friends announce, no law broken, no crime commit[ed]. . . Then Elites run for president. Why run for president when already control country like dictatorship?”

 

Then after what they call the “fun Cyber Weapons Auction” comes the real message, a serious threat. “We want make sure Wealthy Elite recognizes the danger [of] cyberweapons. Let us spell out for Elites. Your wealth and control depends on electronic data.” Now, they warned, they have control of the NSA’s cyber hacking tools that can take that wealth away. “You see attacks on banks and SWIFT [a worldwide network for financial services] in news. If electronic data go bye-bye where leave Wealthy Elites? Maybe with dumb cattle?”

 

Snowden’s leaks served a public good.

He alerted Americans to illegal eavesdropping on their telephone records and other privacy violations, and Congress changed the law as a result. The DNC leaks exposed corrupt policies within the Democratic Party.  

 

But we now have entered a period many have warned about, when NSA’s cyber weapons could be stolen like loose nukes and used against us. It opens the door to criminal hackers, cyber anarchists and hostile foreign governments that can use the tools to gain access to thousands of computers in order to steal data, plant malware and cause chaos.

It’s one more reason why NSA may prove to be one of Washington’s greatest liabilities rather than assets.

 

http://www.blacklist.../38/38/Y/M.html


  • 0

#253 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 22 August 2016 - 05:19 PM

NSA LOOK - ANOTHER SECRET FOR FREE!

 

cchh2.jpg

 

Why not check your data records and find the money?


  • 0

#254 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 25 August 2016 - 01:37 AM

hillary%20insider%20threat_0.jpg


  • 0

#255 shaktiman

shaktiman

    Registered User

  • Members
  • PipPipPip
  • 14221 posts

Posted 25 August 2016 - 11:51 AM

So Hillary has dementia - what did the NSA do about it?

Did they warn the American people?

If protecting America is not their job, why does NSA exist?

 

 

 

Great info Zharkov.

 

Good questions.

 

So who is NSA and other security agencies protecting?

 

Best Regards!


  • 0

#256 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 14 September 2016 - 07:18 PM

What were US Intelligence agencies focusing on before Trump became a candidate?   

One thing for sure, they were not focused on crimes committed by current government officials.

 

Maybe this means Pravda Forum will become more popular in Washington?

U.S. intelligence agencies focus anew on the Kremlin
 
 

U.S. intelligence agencies are expanding spying operations against Russia on a greater scale than at any time since the end of the Cold War, U.S. officials said.

 

The mobilization involves clandestine CIA operatives, National Security Agency cyberespionage capabilities, satellite systems and other intelligence assets, officials said, describing a shift in resources across spy services that had previously diverted attention from Russia to focus on terrorist threats and U.S. war zones.

 

U.S. officials said the moves are part of an effort to rebuild U.S. intelligence capabilities that had continued to atrophy even as Russia sought to reassert itself as a global power. Over the past two years, officials said, the United States was caught flat-footed by Moscow’s aggression, including its annexation of Crimea, its intervention in the war in Syria and its suspected role in hacking operations against the United States and Europe.

 

U.S. spy agencies “are playing catch-up big time” with Russia, a senior U.S. intelligence official said. Terrorism remains the top concern for American intelligence services, the official said, but recent directives from the White House and the Office of the Director of National Intelligence (ODNI) have moved Russia up the list of intelligence priorities for the first time since the Soviet Union’s collapse.

 

(Long article, but fun to read)

 

https://www.washingt...1dc7_story.html

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Everything Russia did in reaction to Obama regime aggression was foreseeable.

All it takes is getting NSA & CIA employees away from the porn websites and reading the news occasionally.

 

“We have really talented people that need direction from the DNI and White House,” a senior U.S. official said.

 

Looks like you're screwed again.   

Obama's direction is for Obama to retire rich.

Intel agencies have to figure it out for themselves.

And the answer isn't in Trump Tower.


Edited by Zharkov, 06 October 2016 - 01:05 AM.

  • 0

#257 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 28 September 2016 - 04:45 PM

Russia Collapses Entire US Intelligence System Using Microsoft, Facebook And Google
http://www.whatdoesi...m/index2125.htm

 

And they had a lot of help from ordinary Americans who don't like the idea of government employees monitoring them 24/7 on our dime.

NSA monitoring is as welcome in America as a terrorist bomb, a jihad, or nuclear detonation.

Got explosives?   How does it feel to chase tag words that lead nowhere?


  • 0

#258 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 06 October 2016 - 01:02 AM

The Shadow Knows:  Two Snowdens = Twice The Fun

 

N.S.A. Contractor Arrested in Possible New Theft of Secrets

WASHINGTON — The F.B.I. secretly arrested a National Security Agency contractor in recent weeks and is investigating whether he stole and disclosed highly classified computer code developed to hack into the networks of foreign governments, according to several senior law enforcement and intelligence officials.

The arrest raises the embarrassing prospect that for the second time in three years, an insider has managed to steal highly damaging secret information from the N.S.A. In 2013, Edward J. Snowden, who was also a contractor for the agency, took a vast trove of documents that were later passed to journalists, exposing N.S.A. surveillance programs in the United States and abroad.

The contractor was identified as Harold T. Martin III, 51, of Glen Burnie, Md., according to a criminal complaint filed in late August. He was charged with theft of government property, and unauthorized removal or retention of classified documents. During an F.B.I. raid of his house, agents seized documents and digital information stored on electronic devices. A large percentage of the materials found in his house and car contained highly classified information.

At the time, F.B.I. agents interviewed Mr. Martin, and he initially denied having taken the documents and digital files. The agency later said he had stated that he knew he was not authorized to have the materials. According to the complaint, he told the agency that “he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized.”

In a brief statement issued on Wednesday, lawyers for Mr. Martin said: “We have not seen any evidence. But what we know is that Hal Martin loves his family and his country. There is no evidence that he intended to betray his country.”

The information believed stolen by Mr. Martin — who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency’s most sensitive cyberoperations — appears to be different in nature from Mr. Snowden’s theft.

Mr. Martin is suspected of taking the highly classified computer code developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated.

Officials said Mr. Martin did not fit any of the usual profiles of an “insider threat,” and it is unclear whether he had political motives, as Mr. Snowden did when he exposed programs that he said violated the privacy of American citizens.

An administration official said the case had been handled secretively not in order “to keep this guy from becoming another N.S.A. martyr,” but because it was a continuing law enforcement case and the hope was that Mr. Martin would cooperate. The official said investigators suspected that Mr. Martin might have taken the material before Mr. Snowden’s actions became public.

The official said that at the moment it did not look like an espionage case, but added the caveat that it is a continuing investigation. At the same time, the official said that investigators think Mr. Martin is not politically motivated — “not like a Snowden or someone who believes that what we were doing was illegal and wanted to publicize that.”

Motivation is one of many unanswered questions about the case. It is not clear when and how the authorities first learned the contractor’s identity, when they believe he began taking information, or whether he passed it to people outside the government. It is also not known whether he is believed to be responsible for a leak of classified N.S.A. code attributed to a group calling itself the Shadow Brokers, or whether he had any role in a series of leaks of N.S.A. intercepts involving Japan, Germany and other countries that WikiLeaks has published since last year.

“We’re struggling to figure him out,” the official said, speaking on the condition of anonymity because no indictment has been publicly released.

Mr. Martin was charged in United States District Court in Baltimore. The government is allowed to charge people and bring them before a court in secret. That happens most often when defendants are cooperating or negotiating plea deals, or out of fear for their safety. But the secrecy could also indicate that the Justice Department requested it while analyzing the evidence, and that defense lawyers agreed.

For the N.S.A., which spent two years and hundreds of millions, if not billions, of dollars repairing the damage done by Mr. Snowden, a second insider leaking the agency’s information would be a devastating blow. The agency’s director, Adm. Michael Rogers, who previously ran the Navy’s Fleet Cyber Command, was brought in to restore the agency’s credibility, open it to more scrutiny and fix the problems that allowed Mr. Snowden to sweep up hundreds of thousands of documents.

http://www.nytimes.c...n-hamilton.html


  • 0

#259 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 06 October 2016 - 01:04 AM

So the only secrets remaining that NSA has to guard are the titles to the porn movies they watch?


  • 0

#260 Zharkov

Zharkov

    Registered User

  • Members
  • PipPipPip
  • 36942 posts

Posted 06 October 2016 - 01:43 AM

New NSA commercial:

 

"Ask your doctor if nuclear war is right for you."

 

Common side effects:  Nausia, pain, burning sensations, loose bowels, digestive inflammation, death.

 

(Do you really need to wiretap movie stars when H-bombs are on the way?)


Edited by Zharkov, 06 October 2016 - 01:46 AM.

  • 0





Also tagged with one or more of these keywords: NSA

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Copyright © 2020 Pravda.Ru