NSA report discloses that the agency tripled its surveillance of Americans in 2017

One effect of the Snowden leaks is that the NSA now makes an annual disclosure of the extent of its domestic surveillance operations; that's how we know that the NSA collected 534 million phone call and text message records (time, date, location, from, to -- but not the content), which more than triples its surveillance takings in 2016. Read the rest

Senate confirms Paul Nakasone to head NSA and U.S. Cyber Command

The U.S. Senate today confirmed President Donald Trump’s selection to lead the National Security Agency and U.S. Cyber Command. Paul Nakasone will replace Mike Rogers, who is retiring. Read the rest

ISO rejects the NSA's IoT crypto standard, believing it to be backdoored

For three years, International Standards Organization has been wrangling over which cryptographic algorithms will be incorporated into a standard for interoperability in "Internet of Things" gadgets; at issue has been the NSA's insistence that "Simon" and "Speck" would be the standard block cipher algorithms in these devices. Read the rest

Epidemic of cryptojacking can be traced to escaped NSA superweapon

The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic. Read the rest

News report claims Dutch spies hacked Russian cyberwar operation and pwned their CCTVs, then recorded video of Russian government hackers attacking the DNC

Dutch left-leaning daily de Volkskrant has published a remarkable -- but thinly sourced -- report claiming that a Dutch spy agency called the General Intelligence and Security Service of the Netherlands (AIVD) hacked into the network of a notorious Russian spy group called "Cozy Bear" or APT29, thought to be an arm of the Russian spy apparatus, and obtained direct evidence of Russian state involvement in the hacking of the DNC during the 2016 US election campaign. Read the rest

The NSA's new "core values" statement no longer includes "honor," "honesty" or "openness"

Ironically, the most honest thing the NSA has done since its founding might just be deleting the word "honesty" from its statement of core values, in January 12th's revisions to the earlier version that also once included "openness." Read the rest

#FISA: Senate passes bill to give NSA 6 more years of warrantless surveillance on Americans

The U.S. Senate today passed a bill that will renew the National Security Agency’s warrantless internet surveillance program for six years with no substantive changes. It's bad news, say privacy and security advocates, but not a surprise. Read the rest

EFF to NSA: you scammed your way to another six years of warrantless spying, and you'd better enjoy it while it lasts

Last week, cowards from both sides of the aisle caved into America's lawless spy agencies, and today bipartisan senators reprised that cowardice to ensure that the Senate would not get a chance to vote on amendments to the renewal of Section 702, the rule that has allowed the NSA to conduct mass, warrantless surveillance on Americans in secret, without meaningful oversight or limits. Read the rest

Congressional Democrats have so little faith in Trump's leadership that they've awarded him the power to conduct limitless, warrantless mass surveillance of Americans

When Congress voted last week to renew the NSA's controversial Section 702 powers, which gives the spy agency the power to conduct mass, secret, warrantless surveillance on Americans, they also voted down a bipartisan amendment that would have limited the president's ability to abuse these powers, injecting the barest minimum of accountability and proportionality into a system that Republican and Democratic presidents alike have abused for decades. Read the rest

Congress votes to give NSA 6 more years of spying on Americans without a warrant

On January 11, the House passed the Foreign Intelligence Surveillance Act bill which renews a controversial NSA surveillance program that allows the spy agency to intercept the communications of Americans without a warrant. Read the rest

A detailed look at how US police forces collude with spy agencies to cover up the origin of evidence in criminal cases

Since the 1970s, spy agencies have been feeding police forces tips about who to arrest and where to look for evidence, despite the illegality of their practicing surveillance within the USA. Read the rest

The NSA can't recruit or retain hackers because the pay sucks and the Agency is a bureaucratic mess

The Washington Post reports that the NSA "is losing its top talent at a worrisome rate as highly skilled personnel" because of a mix of low-pay, uninspiring leaders, and a bureaucratic re-org that everyone hates. Read the rest

ACT NOW: Only hours remain to stop Congress from sneaking in massive new NSA spying powers

There's only hours remaining before Congress will vote to renew the Section 702 powers that let the NSA conduct mass surveillance; powers that expand in 12 days. Read the rest

NSA employee pleads guilty of taking classified info that was later stolen by hackers

Former National Security Agency employee Nghia H. Pho said in a Baltimore courtroom today he'd illegally taken home classified documents from NSA that are understood to have later “been stolen from his home computer by hackers working for Russian intelligence,” the NYT reports.

Nghia H. Pho, 67, of Ellicott City, Md., pleaded guilty to one count of removal and retention of national defense information, an offense that carries a possible 10-year sentence. Prosecutors agreed not to seek more than eight years, however, and Mr. Pho’s attorney, Robert Bonsib, will be free to ask for a more lenient sentence. He remains free while awaiting sentencing.

Mr. Pho had been charged in secret, though some news reports had given a limited description of the case. Officials unsealed the charges on Friday, resolving the long-running mystery of the defendant’s identity.

Mr. Pho, who worked as a software developer for N.S.A., was born in Vietnam but is a naturalized United States citizen. Prosecutors withheld from the public many details of his government work and of the criminal case against him, which is linked to a continuing investigation of Russian hacking.

Read the rest

US Army doxes itself, reveals $100 million NSA spy program that got flushed before it was ever used

Chris Vickery from Upguard found an Army Amazon Web Services instance with no password or encryption, containing 100GB of data on a defunct NSA program called Red Disk. Read the rest

Teardown of a consumer voice/location cellular spying device that fits in the tip of a USB cable

Mich from ha.cking bought a $25 "S8 data line locator" device -- a cellular spying tool, disguised as a USB cable and marketed to the general public -- and did a teardown of the gadget, offering a glimpse into the world of "trickle down surveillance" where the kinds of surveillance tools used by the NSA are turned into products and sold to randos over the internet for $25. Read the rest

Origin story of the Mimikatz password cracker is a parable about security, disclosure, cyberwar, and crime

Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords. Read the rest

More posts