In a leaked "weaponized information" catalog, Indian cyberarms dealer offers blackest-ever SEO

1472825788119723

In 2014, an Indian company called Aglaya brought a 20-page brochure to ISS World (AKA the Wiretappers' Ball -- the annual trade fair where governments shop for surveillance technology): the brochure laid out the company's offerings, which ranged from mobile malware for Ios and Android to a unique "Weaponized Information" selection that combined denial-of-service with disinformation to "discredit a target" online. Read the rest

Edward Snowden performs radical surgery on a phone to make it "go black"

animation (1)

If you think that your phone may have been hacked so that your adversaries can watch you through the cameras and listen through the mics, one way to solve the problem is to remove the cameras and microphones, and only use the phone with a headset that you unplug when it's not in use. Read the rest

Volkswagen's internal Dieselgate probe stuck because the company used code-words for its cheat software

swordfish

The internal Volkswagen investigators who are trying to figure out who knew what, when, about the company's illegal, lethal practice of programming its cars to cheat on emissions tests say they've been slowed down because the company assigned dozens of secret code-names to the software, such as "acoustic software." Read the rest

Brussels terrorists kept their plans in an unencrypted folder called "TARGET"

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1029

Remember how, in the wake of the horrific terrorist attacks on Brussels last month, authorities all over the world declared that the world was critically endangered by cryptography, insisting that crazy, far-reaching crypto-bans were necessary to prevent another attack? Read the rest

ISIS opsec: jihadi tech bureau recommends non-US crypto tools

1123

The US government is attempting to force Apple to backdoor its Iphone security, congress is considering mandatory backdoors for all secure technology, and FBI director James Comey insists that this will work, because there's no way that America's enemies might just switch over to using technology produced in other countries without such mandates. Read the rest

Laura Poitras's Astro Noise: indispensable book and gallery show about mass surveillance

laura-poitras-whitney-1024x768

Laura Poitras is the Macarthur-winning, Oscar-winning documentarian who made Citizenfour. Her life has been dogged by government surveillance and harassment, and she has had to become a paranoid OPSEC ninja just to survive. Read the rest

Army decides to stop putting soldiers' Social Security numbers on their dog tags

dog-tags-600x400

In a major policy change that sounds like a Very Good Idea, the U.S. Army announced today that dog tags will no longer include the Social Security numbers of the soldier wearing them. SSNs have been part of this identification system for over 40 years.

Read the rest

Edward Snowden's operational security advice for normal humans

lee-snowden-promo

There's no one else on Earth who's more familiar with the surveillance capabilities of governments, spy agencies and criminals who is also willing to discuss those capabilities. Edward Snowden's wide-ranging conversation with the Freedom of the Press Foundation's Micah Lee on operational security for normal people is a must-read for anyone who wants to be safe from identity thieves, stalkers, corrupt governments, police forces, and spy agencies. Read the rest

HOWTO use Tor Messenger, the new, super-secure/private chat app

tor-msg-logo

It's still in beta, but Tor Messenger from the Tor Project has security and privacy baked in by design, and it's the easiest method yet devised to use OTR (Off the Record), the gold standard in secure communications. Read the rest

Sixth grader sells artisanal Diceware passwords

IMG_2455-e1445538863131

11 year old Mira Modi, daughter of privacy journalist Julia Angwin, has a startup through which she hand-generates secure Diceware passwords for $2, which she mails in sealed letters through the USPS, "which cannot be opened by the government without a search warrant." Read the rest

Laura Poitras's Citizenfour OPSEC

One of the most startling motifs of Citizenfour, Laura Poitras's Academy Award-winning documentary about Edward Snowden, is the use and abuse of cryptographic tools, which are at the center of the NSA's surveillance plans and Snowden's audacious act of whistleblowing. Read the rest

Make yourself doxx-resistant by opting out of data-brokers

It's an incredibly arduous, tedious, and deliberately unfriendly process, but you can, in fact, opt out of the data-brokers that are most commonly used to doxx people, uncovering their home addresses, work details, and so on (but beware, you have to do this on a more-or-less monthly basis to stay out of their databases). Read the rest

Free encryption training workshops in NYC

Tommy writes, "I'm working with Verso Books (which just published Gabriella Coleman's Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous to provide free encryption workshops to groups in NYC." Read the rest

Opsec, Snowden style

Micah Lee, the former EFF staffer whom Edward Snowden reached out to in order to establish secure connections to Glenn Greenwald and Laura Poitras, shares the methodology he and Snowden employed to stay secure and secret in the face of overwhelming risk and scrutiny. Read the rest

Darkmatter: a secure Paranoid Android version that hides from attackers

Stock Android phones with the Darkmatter OS use encrypted storage, OS-level app controls, and secure messaging by default, but if the phone thinks it's under attack, it dismounts all the encrypted stuff and reboots as a stock Android phone with no obvious hints that its owner has anything hidden on it. Read the rest

Journalist believes his phone was hacked by spooks at HOPE X, will upload image for forensics

Douglas writes, "My rooted CyanogenMod phone got hacked at HOPE X. I'm planning to get it write-blocked and imaged to crowdsource forensics." Read the rest

Anti-forensic mobile OS gets your phone to lie for you

In Android Anti-forensics: Modifying CyanogenMod Karl-Johan Karlsson and William Bradley Glisson present a version of the Cyanogenmod alternate operating system for Android devices, modified so that it generates plausible false data to foil forensic analysis by law enforcement. The idea is to create a mobile phone that "lies" for you so that adversaries who coerce you into letting them take a copy of its data can't find out where you've been, who you've been talking to, or what you've been talking about.

I'm interested in this project but wonder about how to make it practical for daily use. Presently, it maintains a hidden set of true data, and a trick set of false data intended to be fetched by forensic tools. Presumably, this only works until the forensic tools are modified to spot the real data. But you can conceptually imagine a phone that maintains a normal address book and SMS history, etc -- all the things that are useful to have in daily use -- but that, on a certain signal (say, when an alternate unlock code is entered, or after a certain number of failed unlock attempts) scrubs all that and replaces it with plausible deniability data.

Obviously, this kind of thing doesn't work against state-level actors who can subpoena (or coerce) your location data and call history from your carrier, but those people don't need to seize your phone in the first place. Read the rest