Juniper's products are still insecure; more evidence that the company was complicit

MX480_left.png

It's been a month since Juniper admitted that its firewalls had back-doors in them, possibly inserted by (or to aid) US intelligence agencies. In the month since, Juniper has failed to comprehensively seal those doors, and more suspicious information has come to light. Read the rest

Free Stanford course on surveillance law UPDATED

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x913

Aw, crap, this was last year

Stanford is offering a free online course by computer scientist/law professor Jonathan Mayer that surveys the baroque, interleaved world of US surveillance law through the Coursera MOOC platform. Read the rest

NSA's biggest congressional apologist is outraged that the NSA spied on him and Israel

Petehoekstra

Rep Pete Hoekstra [R-MI] calls spying "a matter of fact," he attacked a bill that would impose oversight on the NSA, and he "laughs at foreign governments who are shocked they’ve been spied on because they, too, gather information" -- except when the targets of the NSA's surveillance are Congress and Israel's leaders. Read the rest

Juniper Networks backdoor confirmed, password revealed, NSA suspected

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x906

Juniper Networks makes a popular line of enterprise firewalls whose operating system is called Screen OS. The company raised alarm bells with a late-day-on-a-Friday advisory announcing that they'd discovered "unauthorized code" in some versions of Screen OS, a strange occurrence that hinted at a security agency or criminal enterprise had managed to tamper with the product before it shipped. Read the rest

IXmaps: a tool to figure out when the NSA can see Canadians' data

working

Canadians' data requests overwhelming flow through US cables, even when the communications are within Canada. Since the NSA takes the view that it is legally entitled to collect, inspect and retain foreign communications, this means that almost all Canadian communications are being spied on by a foreign power. Read the rest

What I told the kid who wanted to join the NSA

One_of_six_wings_of_Washington_Hall,_the_Cadet_Mess_Hall_at_the_United_States_Military_Academy_at_West_Point,_NY_during_lunch

In my latest Guardian column, I tell the story of my recent lecture at West Point's Cyber Institute, where a young cadet took me aside as asked what I thought of their plans for joining the NSA. Read the rest

If the Paris attackers weren't using crypto, the next ones will, and so should you

imessage-logo.png

Lots of law enforcement agencies hate crypto, because the technology that helps us protect our communications from criminals and griefers and stalkers and spies also helps criminals keep secrets from cops. With each terrorist attack there's a fresh round of doom-talk from spooks and cops about the criminals "going dark" -- as though the present situation, in which the names and personal information of everyone who talks to everyone else, all the time, where they are then they talk, where they go and who they talk to next, is somehow less surveillant than the past, when cops could sometimes use analog tape-recorders to wiretap the very few conversations that took place on landlines. Read the rest

There is no record of US mass surveillance ever preventing a large terror attack

animation

CIA Director John Brennan wants you to think the Paris attacks were Snowden's fault -- the "hand wringing" over mass surveillance has ended his agency's ability to "thwart" terrorists attacks "before they're carried out." There's only one problem with that: there's no evidence that the US's mass surveillance programs have ever prevented a major terrorist attack. Read the rest

Federal judge orders NSA to stop collecting and searching plaintiffs' phone records

leon

United States District Judge Richard Leon has affirmed his 2013 ruling and has ordered the NSA to stop collecting phone records belonging to J.J. Little and his firm J.J. Little & Associates, P.C., and to segregate all the records collected to date so that they aren't searched. Read the rest

Big Data refusal: the nuclear disarmament movement of the 21st century

Post-Atomic-Eyes.003

James Bridle's new essay (adapted from a speech at the Through Post-Atomic Eyes event in Toronto last month) draws a connection between the terror of life in the nuclear shadow and the days we live in now, when we know that huge privacy disasters are looming, but are seemingly powerless to stop the proliferation of surveillance. Read the rest

NSA spying: judge tosses out case because Wikipedia isn't widely read enough

9693327611_bf4dd78a83_b

Wikimedia -- Wikipedia's parent org -- has had its case against the NSA dismissed by a Federal judge who said that the mere fact that the site is one of the most popular destinations on the net was not a basis for assuming that the NSA had intercepted data between Wikipedia and its users. Read the rest

Every email NSA says it got after asking Americans for tips on how to protect their privacy

Former NSA chief Keith Alexander at Black Hat 2013 [Reuters]

At the Black Hat hacker convention in 2013, Former NSA director Keith Alexander asked hackers to help the NSA come up with ways to protect Americans' privacy and civil liberties.

"How do we start this discussion on defending our nation and protecting our civil liberties and privacy?" Alexander asked the Las Vegas crowd. "The reason I'm here is because you may have some ideas of how we can do it better. We need to hear those ideas."

Read the rest

Now we know the NSA blew the black budget breaking crypto, how can you defend yourself?

v1P0LA

Well, obviously, we need to get Congress to start imposing adult supervision on the NSA, but until that happens, there are some relatively simple steps you can take to protect yourself. Read the rest

The NSA sure breaks a lot of "unbreakable" crypto. This is probably how they do it.

bump-key

There have long been rumors, leaks, and statements about the NSA "breaking" crypto that is widely believed to be unbreakable, and over the years, there's been mounting evidence that in many cases, they can do just that. Now, Alex Halderman and Nadia Heninger, along with a dozen eminent cryptographers have presented a paper at the ACM Conference on Computer and Communications Security (a paper that won the ACM's prize for best paper at the conference) that advances a plausible theory as to what's going on. In some ways, it's very simple -- but it's also very, very dangerous, for all of us. Read the rest

EU top court: NSA spying means US servers are not a fit home for Europeans' data

800px-123Net_Data_Center_(DC2)

Historically, US companies have been able to get around the (relatively stringent) European data-protection rules thanks to a "Safe Harbor" agreement between the US and the EU -- but Max Schrems, an Austrian privacy activist, has successfully argued that the NSA's mass surveillance programs violate European law and invalidates the Safe Harbor. Read the rest

Anti-surveillance activists send a drone to pamphlet-bomb an NSA complex in Germany

Screen-Shot-2015-10-05-at-2.35.50-PM-e1444070309349-article-header

Intelexit is an activist group whose mission is to get spies to quit their jobs; they've recently installed billboards around spy complexes in the US and UK. Read the rest

Smurfs vs phones: GCHQ's smartphone malware can take pics, listen in even when phone is off

smurfs-wallpaper-the-smurfs-251131_1024_768

In a new episode of the BBC's Panorama, Edward Snowden describes the secret mobile phone malware developed by GCHQ and the NSA, which has the power to listen in through your phone's mic and follow you around, even when your phone is switched off. Read the rest

More posts