Submit a link Features Reviews Podcasts Video Forums More ▾

Alaska senator on a comedy news video about NSA surveillance

Pat sez, "Alaska Robotics News is a political satire series covering the Alaska legislative session. We've had good luck at engaging law makers and have had several notable guests on the show. U.S. Senator Mark Begich recently joined us to talk about NSA dragnet surveillance and precognitive policing. We have a small group of writers contributing the the show and enjoy a lot of support from our community. This segment was a good opportunity to get outside our local issues and poke at the boiling frog of government surveillance."

Read the rest

Fedbizopps: the US government's searchable database of defense-contractor opportunities


Dave from the Electronic Frontier Foundation sez, "The government often makes itself more accessible to businesses than the general public. For Sunshine Week, we compiled this guide to using FedBizOpps to keep an eye on surveillance technology contracts."

Fedbizopps is a weird, revealing window into the world of creepy surveillance, arms, and technology contractors who build and maintain the most oppressive and unethical parts of the apparatus of the US government. Everything from drone-testing of biological and chemical weapons to license plate cameras to weaponized bugs and other malware are there. The EFF post also has links to data-mining tools that help estimate just how much money the private arms dealers extract from the tax-coffers.

Read the rest

NSA recording all the voice calls in one country; 5-6 more countries in the pipeline


A new Snowden leak reveals that all the voice calls in an unnamed country are recorded and saved for 30 days on a rolling basis, with millions of voice "cuts" (clippings) harvested from the corpus for long-term storage by the system. The system, called MYSTIC, has been running since 2009, and its search tool, RETRO, has been fully operational against a whole country's phone calls since 2011.

President Obama has stated that " the United States is not spying on ordinary people who don't threaten our national security" -- this is a hard statement to square with the idea of recording all the voice calls made in an entire country.

The Washington Post article detailing the programs states at least five more countries are now covered by MYSTIC, with a sixth coming online.

Read the rest

Australian attorney general wants the power to launch man-in-the-middle attacks on secure Internet connections


The Australian attorney general has mooted a proposal to require service providers to compromise their cryptographic security in order to assist in wiretaps. The proposal is given passing mention in a senate submission from the AG's office, where it is referenced as "intelligibility orders" that would allow "law enforcement, anti-corruption and national security agencies" to secure orders under which providers like Google, Facebook and Yahoo would have to escrow their cryptographic keys with the state in order to facilitate mass surveillance.

Edward Snowden referenced this possibility in his SXSW remarks, pointing out that any communications that are decrypted by service providers are vulnerable to government surveillance, because governments can order providers to reveal their keys. This is why Snowden recommended the use of "end-to-end" security, where only the parties in the discussion -- and not the software vendor -- have the ability to spy on users.

The "intelligibility order" is the same kind of order that led to the shutdown of Lavabit, the secure email provider used by Snowden, whose creator shut the service down rather than compromising his users' security.

Read the rest

Congress was giving spies a pass back in 1975, too


If you are outraged by American spies getting a free pass from their political masters (and you really should be), remember that this is an age-old tradition. Matt Stoller revisits the 1975 Congressional hearings in which radical Congresswoman Bella Abzug grilled CIA director William Colby over the CIA's records of the membership rolls of peaceful, domestic protest groups, only to have Arizona Congressman Sam Steiger suck up to the spook-in-chief, expressing concern that anti-American terrorists could destroy the CIA by sending it too many Freedom of Information Act requests.

Read the rest

British spies lied about getting super-censorship powers over Youtube

Turns out that the claims made by British spies about Youtube granting them the power to censor Youtube videos that they didn't like (but weren't illegal) were bullshit.

The "super-flagger" status they got from Google just means that their complaints get quicker scrutiny, but are (theoretically, anyway) judged by the same criteria as all other complaints about videos that violate Youtube's community standards.

But as Techdirt's Mike Masnick points out, the fact that senior UK government ministers believe that Youtube should remove anything "that may not be illegal, but certainly is unsavoury" is a pretty disturbing insight into the mindset of our censorious masters.

Zuckerberg phones Obama to complain about NSA spying


The day after a Snowden leak revealed that the NSA builds fake versions of Facebook and uses them to seed malicious software in attacks intended to hijack "millions" of computers, Facebook CEO and founder Mark Zuckerberg telephoned President Obama to complain about the NSA's undermining of the Internet's integrity.

As many have pointed out, it would have been nice to hear Zuckerberg taking the Internet's side before his own stock portfolio was directly affected, but better late than never. Zuckerberg's post on his conversation excoriates the US government for its Internet sabotage campaign, and calls on the USG to "be the champion for the internet, not a threat." Curiously, Zuckerberg calls for "transparency" into the NSA's attacks on the Internet, but stops short of calling for an end to government-sponsored attacks against the net.

In the end, though, Zuckerberg calls on companies to do a better job of securing themselves and their users against intrusive spying. It's not clear how that will work for Facebook, though: its business model is predicated on tricking, cajoling, and siphoning personal data out of its users and warehousing it forever in a neat package that governments are unlikely to ignore. I'm told that 90% of US divorce proceedings today include Facebook data; this is a microcosm of the wider reality when you make it your business to stockpile the evidentiary chain of every human being's actions.

Read the rest

How the NSA plans to automatically infect "millions" of computers with spyware




A new Snowden leak, detailed in a long, fascinating piece in The Intercept, explains the NSA's TURBINE initiative, intended to automate malicious software infections. These infections -- called "implants" in spy jargon -- have historically been carried out on a narrow, surgical scale, targeted at people of demonstrated value to spies, due to the expense and difficulty of arranging the attacks.

But TURBINE, which was carried out with other "Five Eyes" spy agencies as part of the NSA's $67.6M "Owning the Net" plan, is intended to automate the infection process, allowing for "millions" of infections at once.

The article mentions an internal NSA message-board posting called "I hunt sys admins," sheds some light on the surveillance practices at the NSA. In the post, an NSA operative explains that he targets systems administrators at companies, especially telecoms companies, as a "means to an end" -- that is, infiltrating the companies' networks. As Glenn Greenwald and Ryan Gallagher point out, this admission shows that malware attacks are not targeted solely or even particularly at people suspected of terrorism or other crimes -- rather, they are aimed at the people who maintain the infrastructure of critical networks and systems to allow the NSA to control those systems.

The malware that TURBINE implants can compromise systems in a variety of ways, including hijacking computer cameras and microphones, harvesting Web-browsing history and email traffic, logging passwords and other keystrokes, etc.

Read the rest

Snowden at SXSW: immediate impressions


Yesterday at SXSW, Barton Gellman and I did a one-hour introductory Q&A before Edward Snowden's appearance. Right after Snowden and his colleagues from the ACLU wrapped up, I sat down and wrote up their event for The Guardian, who've just posted my impressions:

Read the rest

Kansas Rep Pompeo wants to cancel Snowden's SXSW appearance

Edward Snowden is speaking at SXSW on Monday at an event that I'm also part of.Rep Mike Pompeo (R-KS), who sits on the House Intelligence Committee (and on whose watch the abuses that Snowden has detailed occurred) has demanded that his appearance be cancelled. Pompeo says that Snowden lacks credibility in the area of "privacy, surveillance, and online monitoring." Pompeo demonstrably lacks credibility in the area of the First Amendment. Cory 23

Middle schooler wins C-SPAN prize for doc about NSA spying

Dave from the Electronic Frontier Foundation sez, "Remember when Rep. Mike Rogers likened opponents of pernicious cybersecurity legislation to 14-year-olds? It turns out that middle-school-age students are also well-prepared to debate him on the NSA's programs as well. EFF congratulates students from two middle schools who took home top prizes in the C-SPAN StudentCam 2014 competition for young filmmakers with their documentaries on the debate over mass surveillance."

Read the rest

Modeling privacy rules on environmental regulations

Michael Froomkin writes, "My latest privacy paper, Regulating Mass Surveillance as Privacy Pollution: Learning from Environmental Impact Statements, has a new take on how to regulate mass surveillance in the US where the EU privacy model has not taken root, and where the 1st Amendment creates obstacles to stopping some data sharing."

Read the rest

UK Deputy PM commissions independent review of spy powers

Glyn sez, "UK Deputy PM Nick Clegg has commissioned a review into the new intrusive capabilities of British intelligence agencies and the legal framework in which they operate."

Read the rest

Trustycon: how to redesign NSA surveillance to catch more criminals and spy on a lot fewer people

The Trustycon folks have uploaded over seven hours' worth of talks from their event, an alternative to the RSA security conference founded by speakers who quit over RSA's collusion with the NSA. I've just watched Ed Felten's talk on "Redesigning NSA Programs to Protect Privacy" (starts at 6:32:33), an absolutely brilliant talk that blends a lucid discussion of statistics with practical computer science with crimefighting, all within a framework of respect for privacy, liberty and the US Bill of Rights.

Felten's talk lays out how the NSA's mass-collection program works, what its theoretical basis is for finding terrorists in all that data, and then explains how this is an incredibly inefficient and risky and expensive way of actually fighting crime. Then he goes on to propose an elegant alternative that gets better intelligence while massively reducing the degree of surveillance and the risk of disclosure.

I'm using Vid to MP3 to convert the whole seven hours' worth of talks to audio and plan on listening to them over the next couple of days.

Update: Here's that MP3 -- it's about 1GB. Thanks to the Internet Archive for hosting it!

TrustyCon - Live from San Francisco

Doc film on surveillance seeks fund to film Syrian activist subjected to state surveillance

Charles Koppelman writes, "Zero Day (working title) is a documentary film being produced and directed by Charles Koppelman. BBC Storyville is co-producing and intends to air it. The film begins with the story of a single malware attack by the Assad regime in Syria using Skype as a platform. This targeted phishing attack used a Remote Access Tool (Xtreme RAT) to infect an activist’s computer. He was then tracked surreptitiously by security forces. He suffered very real physical consequences — detention, jail, and torture. His jailers showed him a file with hundreds of pages of email, web posts and surveillance reports on his movements. It is well-documented that he was the first Syrian activist to be attacked in the ongoing cyberwar conducted by the Assad regime. The Assad regime uses this same digital surveillance tool to compromise countless other activists and citizen journalists."

Read the rest