The National Security Agency is reportedly considering ending the mass surveillance program that gathered data about hundreds of millions of telephone call records each year, including ones by Americans. Read the rest
Since 2001, the NSA has secretly ingested the calling records of virtually every US mobile phone subscriber, with the covert participation of the mobile carries; the program -- authorized by a secret order of then-president GW Bush -- remained secret until it was disclosed through documents provided to journalists by the whistleblower Edward Snowden. Read the rest
It's getting more difficult with every passing day to keep from being spied upon by nefarious tools interested in getting their hands on your personal information, creeping on what you're browsing with on your laptop or phone and, if you've not bothered to cover up that webcam, keep tabs on your life as they stream images of your day-to-day doings across the Internet. Thanks to a group of computer-savvy scientists, it looks like there may soon be one more monitoring method that we'll have to watch out for.
From Ars Technica:
Daniel Genkin of the University of Michigan, Mihir Pattani of the University of Pennsylvania, Roei Schuster of Cornell Tech and Tel Aviv University, and Eran Tromer of Tel Aviv University and Columbia University investigated a potential new avenue of remote surveillance that they have dubbed "Synesthesia": a side-channel attack that can reveal the contents of a remote screen, providing access to potentially sensitive information based solely on "content-dependent acoustic leakage from LCD screens."
Synesthesia, at its core, is pretty much just Van Eck phreaking with a twist. Where Van Eck phreaking typically uses radio signals leaking from display hardware to snoop on what a computer user's perusing, Synesthesia listens for aural emissions from the bits and pieces that are required to power a display. Depending on what you're looking at on your computer's screen, the power being sent out to drive each pixel ramps up or down. This changes the pitch of power running through the display's guts. By capturing this audio for review, using the microphone built into the device or a nearby device like an Amazon Echo or other digital assistant-enabled device (never let one in your house,) it's very possible that a hacker could sort out what you were looking at with a bit of skill and a whole lot of machine learning. Read the rest
America paid about $16 billion to five companies last year for 80% of our contracted domestic and international surveillance: Leidos Holdings, CSRA Inc., SAIC, CACI International, and Booz Allen Hamilton, recently in the news following an employee arrest on cyberweapons theft charges.
Tim Shorrock at The Nation did the legwork to to come up with the numbers.
“The problem with just five companies providing the lion’s share of contractors is that the client, the U.S. government, won’t have much alternative when a company screws up,” says David Isenberg, the author of Shadow Force: Private Security Contractors in Iraq. [...] “There comes a point when the marketplace is so concentrated that the service provider simply becomes too big to fail, no matter how lousy their performance,” says Isenberg, who closely monitors the privatization of national-security work. “If that makes you think of the financial-services industry, well, that’s exactly what I’m talking about.”
The Intercept has obtained a secret government catalog that law enforcement agencies use to source even-more-secret cellular spying devices, mostly variants on the Read the rest