risking his life to tell you about NSA surveillance [ot]

Search
Go

Discussion Topic

Return to Forum List
This thread has been locked
Messages 1281 - 1300 of total 1468 in this topic << First  |  < Previous  |  Show All  |  Next >  |  Last >>
TomCochrane

Trad climber
Santa Cruz Mountains and Monterey Bay
Mar 2, 2014 - 05:34pm PT

World News
03.02.14
Ukraine’s Revolutionary Lesson for Russia
Vladimir Putin isn’t sending troops into Ukraine merely to protect Russian interests abroad. He’s also trying to protect his regime at home.

As Russian forces seize key objects in Crimea, their objective is not just to create chaos in Ukraine but also to protect kleptocratic rule in Russia itself.

Russia and Ukraine under Yanukovych shared a single form of government – rule by a criminal oligarchy. This is why the anti-criminal revolution that overthrew Ukrainian president Viktor Yanukovych is a precedent that is perfectly applicable to Putin’s Russia. It is also the reason why, from the Russian regime’s point of view, the Ukrainian revolution must be stopped at all costs.

Russia is presently quiescent and opinion polls show that 75 percent of respondents believe that what happened in Ukraine could not happen in Russia. Public sentiment in Russia, however, is subject to dramatic shifts and, in the wake of the overthrow of Yanukovych, Russian authorities were taking nothing for granted.

Hours after the closing ceremonies of the Sochi Olympics, a Russian court sentenced opposition activists to prison terms of two to four years for taking part in a protest rally in May 2012 against President Vladimir Putin’s inauguration. When demonstrators took to the streets to protest the verdict, hundreds were detained.

This is why the anti-criminal revolution that overthrew Ukrainian president Viktor Yanukovych is a precedent that is perfectly applicable to Putin’s Russia

Russia also restricted what is left of the independent press. Yuri Fedutinov, the veteran director of the independent Ekho Moskvy radio station, was removed in what chief editor Alexei Benediktov said was a “political” decision aimed at changing the station’s editorial policy. The independent television channel “Dozhd” was removed from satellite and cable networks and I was expelled from Russia, where I had been serving as an adviser to Radio Liberty.

Russia and Ukraine reflect the legacy of communism, which destroyed any sense of moral values. In both countries, the rulers place the accumulation of wealth far ahead of the welfare of the nation.

In Ukraine, Yanukovych took power and began to reprivatize for the benefit of himself and the members of his immediate family. In three years, his son Olexander, a dentist, became a multi-billionaire. The owners of businesses were offered below market prices for their enterprises under threat of being ruined by courts and government inspectors.

In Russia the process was similar. The seizure of property began in earnest in 2003 after the arrest of the president of the Yukos oil company, Mikhail Khodorkovsky. At present, thousands of businessmen are in pretrial detention in Russia on false charges and at the behest of their competitors.

To accumulate wealth so fast and on such a scale, it is necessary to eliminate independent law enforcement. The result was that in Russia and Ukraine, each person was aware that he was at the mercy of the authorities who could imprison him and seize his property at any time.

It was this condition that, in Ukraine, inspired the revolt against Yanukovych. The “European choice” was popular in Ukraine not only for economic reasons but because it offered the possibility that European practices including the rule of law would be introduced there. When Yanukovych refused on November 30 to sign an association agreement with the European Union after years of promising to do so, he provoked a revolt by eliminating hope for a more democratic future.

The Putin regime has traditionally been protected by high rates of economic growth, but the conditions that previously made growth rates of 7.2 percent possible no longer exist. The increase in well-being in Russia was guaranteed by the rise in the price of oil and gas, the decline in the price of imported goods, and huge underinvestment that was compensated for by the using up of the Soviet inheritance. In the absence of these factors, growth has slowed to 1.2 per cent, with little prospect of improvement.

In 2011 and 2012, Moscow witnessed the biggest protests since the fall of the Soviet Union over the falsification of elections and Putin’s decision to run for a third term as president. The protests eventually fizzled but, given the worsening economic situation, they could be reignited.

In February 2010, two doctors, Vera Sidelnikova and Olga Aleksandrina, a mother and daughter, were killed in Moscow when their car collided head on with a car driven by Anatoly Barkov, a vice president of the Lukoil oil company who, according to witnesses, was trying to jump the morning traffic. There was an explosion of outrage on the internet, but no demonstrations. Under the right conditions, a similar incident today might bring tens of thousands into the street.

The Ukrainian revolution is a powerful example of the capacity of a people to take charge of its own destiny. The lesson would be of great benefit to Russia if it inspired Russia’s leaders to undertake real reforms. The invasion of Crimea, however, shows that the Putin has chosen to forestall change with the help of foreign aggression. This portends not only a crisis in Ukraine but a dangerous future confrontation between rulers and ruled in the world’s second nuclear power.

David Satter is a senior fellow of the Hudson Institute and an adviser to Radio Liberty. He is the first U.S. correspondent to be expelled from Russia since the Cold War.

http://www.thedailybeast.com/articles/2014/03/02/ukraine-s-revolutionary-less-for-russia.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+thedailybeast%2Farticles+%28The+Daily+Beast+-+Latest+Articles%29
pyro

Big Wall climber
Calabasas
Mar 2, 2014 - 05:43pm PT
Smart meters/phones/tv/, Smart everything, is a means of mass surveillance

that's called "mobile connectivity"!

TomCochrane

Trad climber
Santa Cruz Mountains and Monterey Bay
Mar 4, 2014 - 06:18pm PT
http://www.youtube.com/watch?v=Ask57bjVv5Q

TomCochrane

Trad climber
Santa Cruz Mountains and Monterey Bay
Mar 5, 2014 - 11:28am PT
There is a lot we can do! First, learn about what is going on and communicate with everyone. They are only able to do all these things because the sheeple don't think about it. From the perspective of an individual, it seems overwhelming. But we still have the internet to communicate. They can't keep doing all these evil actions if people know what is happening and just stop supporting them. All their power comes from the people. People will not support these things if they understand what is being done with their power. They must keep people in the dark or all their power fades away. We don't need big protests or revolts, as they are prepared for that. It is enough to just stop supporting anything that is being done by the big banks, corporations, and governments. They make you think we can't live without them. That is only true if you believe in them. Our bodies and our planets have amazing healing abilities if given a chance.
WBraun

climber
Mar 5, 2014 - 11:36am PT
But we still have the internet to communicate.

That's why they want to regulate it, censored it and control the media.

When you have control of the media you have control of the general population and can keep the dissents in check.

The mainstream American media whores are all under the control of the established corporate tools .....
Yak-Chik

Trad climber
Phoenix
Mar 7, 2014 - 09:15pm PT
Another thing this Snowden deal should have beat into our heads is
that it’s essential to be paranoid.

So have you placed pieces of tape over all your cell phone and wifi
camera's yet?

Don't believe the single job perk that gets the legion of NSA analysts to
work on time?

It's to vouyeristically watch the coast to coast bathroom tittie show from
millions of naked women using their cell phones while getting ready for the commute?

No? Living under a rock still?
What legal recourse do you have if your wife is on their fav's list?


http://www.nytimes.com/2014/03/09/magazine/the-guardians-alan-rusbridger-its-essential-to-be-paranoid.html?smid=tw-nytimes&_r=1
couchmaster

climber
pdx
Mar 8, 2014 - 11:27am PT
Titled "Snowden Says 'Many Other' Spy Programs Remain Secret, For Now"


http://www.usnews.com/news/articles/2014/03/07/snowden-says-many-other-spy-programs-remain-secret-for-now


"Exiled whistle-blower Edward Snowden told the European Parliament in testimony published Friday there are many more surprises in the classified cache of documents he downloaded and distributed last year.

But, Snowden said, he will allow the journalists with whom he’s shared the material to decide what to report.

“There are many other undisclosed programs that would impact EU citizens' rights, but I will leave the public interest determinations as to which of these may be safely disclosed to responsible journalists in coordination with government stakeholders,” he said...."
TomCochrane

Trad climber
Santa Cruz Mountains and Monterey Bay
Mar 11, 2014 - 01:16am PT
The suspicionless surveillance programs of the NSA, GCHQ, and so many others that we learned about over the last year endanger a number of basic rights which, in aggregate, constitute the foundation of liberal societies.


The first principle any inquiry must take into account is that despite extraordinary political pressure to do so, no western government has been able to present evidence showing that such programs are necessary. In the United States, the heads of our spying services once claimed that 54 terrorist attacks had been stopped by mass surveillance, but two independent White House reviews with access to the classified evidence on which this claim was founded concluded it was untrue, as did a Federal Court.

...There are indications of a growing disinterest among governments for ensuring intelligence activities are justified, proportionate, and above all accountable. We should be concerned about the precedent our actions set.

http://www.huffingtonpost.com/peter-van-buren/snowden-warns-us-of-the-d_b_4927205.html?ncid=txtlnkusaolp00000592

Snowden understands that the programs he revealed are fundamentally in conflict with the very basis of a just society; the two cannot co-exist. When the government turns its full resources to spy, without suspicion or reason or legitimate purpose, on its full citizenry (including the Senate, charged with in theory a check-and-balance role on the executive), a fundamental shift occurs: the Government is no longer of the People, it has made the People its enemy. The opposite follows by course. Deceiving your enemy is part of any war.

http://site.d66.nl/intveld/document/testimony_snowden/f=/vjhvekoen1ww.pdf

If even the US government, after determining mass surveillance is unlawful and unnecessary, continues to operate to engage in mass surveillance, we have a problem.
I consider the United States Government to be generally responsible, and I hope you will agree with me.
Accordingly, this begs the question many legislative bodies implicated in mass surveillance have sought to avoid: if even the US is willing to knowingly violate the rights of billions of innocents
--
and I say billions without exaggeration
--
for nothing more substantial than a
"potential" intelligence advantage that has never materialized, what are other governments going to do?
kunlun_shan

Mountain climber
SF, CA
Mar 14, 2014 - 03:03am PT
The NSA is a virus intent on subverting the internet

https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/
Tvash

climber
Seattle
Mar 14, 2014 - 11:38am PT
The ACLU is now providing Snowden with legal representation.
TomCochrane

Trad climber
Santa Cruz Mountains and Monterey Bay
Mar 14, 2014 - 11:56pm PT
March 14, 2014 - NSA Posed as Facebook to Infect “Millions”
of Computers with Malware, in Latest Snowden Release.

“In ... QUANTUMHAND, the agency disguises itself as a fake
Facebook server. When a target attempts to log in to the social
media site, the NSA transmits malicious data packets that trick
the target’s computer into thinking they are being sent from the real
Facebook. By concealing its malware within what looks like
an ordinary Facebook page, the NSA is able to hack into the
targeted computer and covertly siphon out data from its hard drive.
A top-secret animation demonstrates the tactic in action.”

See NSA QUANTUMHAND Video and more at The Intercept.

https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/


Glenn Greenwald

How the NSA Plans to Infect ‘Millions’ of Computers with Malware
By Ryan Gallagher and Glenn Greenwald 12 Mar 2014, 9:19 AM EDT 558
Featured photo - How the NSA Plans to Infect ‘Millions’ of Computers with Malware One presentation outlines how the NSA performs “industrial-scale exploitation” of computer networks across the world.

Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”

In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the “Expert System,” which is designed to operate “like the brain.” The system manages the applications and functions of the implants and “decides” what tools they need to best extract data from infected machines.

Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.

“When they deploy malware on systems,” Hypponen says, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”

Hypponen believes that governments could arguably justify using malware in a small number of targeted cases against adversaries. But millions of malware implants being deployed by the NSA as part of an automated process, he says, would be “out of control.”

“That would definitely not be proportionate,” Hypponen says. “It couldn’t possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance.”

The NSA declined to answer questions about its deployment of implants, pointing to a new presidential policy directive announced by President Obama. “As the president made clear on 17 January,” the agency said in a statement, “signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes.”


“Owning the Net”

The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to secret internal records, the agency was managing a small network of only 100 to 150 implants. But over the next six to eight years, as an elite unit called Tailored Access Operations (TAO) recruited new hackers and developed new malware tools, the number of implants soared to tens of thousands.

To penetrate foreign computer networks and monitor communications that it did not have access to through other means, the NSA wanted to go beyond the limits of traditional signals intelligence, or SIGINT, the agency’s term for the interception of electronic communications. Instead, it sought to broaden “active” surveillance methods – tactics designed to directly infiltrate a target’s computers or network devices.

In the documents, the agency describes such techniques as “a more aggressive approach to SIGINT” and says that the TAO unit’s mission is to “aggressively scale” these operations.

But the NSA recognized that managing a massive network of implants is too big a job for humans alone.

“One of the greatest challenges for active SIGINT/attack is scale,” explains the top-secret presentation from 2009. “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).”

The agency’s solution was TURBINE. Developed as part of TAO unit, it is described in the leaked documents as an “intelligent command and control capability” that enables “industrial-scale exploitation.”

TURBINE was designed to make deploying malware much easier for the NSA’s hackers by reducing their role in overseeing its functions. The system would “relieve the user from needing to know/care about the details,” the NSA’s Technology Directorate notes in one secret document from 2009. “For example, a user should be able to ask for ‘all details about application X’ and not need to know how and where the application keeps files, registry entries, user application data, etc.”

In practice, this meant that TURBINE would automate crucial processes that previously had to be performed manually – including the configuration of the implants as well as surveillance collection, or “tasking,” of data from infected systems. But automating these processes was about much more than a simple technicality. The move represented a major tactical shift within the NSA that was expected to have a profound impact – allowing the agency to push forward into a new frontier of surveillance operations.

The ramifications are starkly illustrated in one undated top-secret NSA document, which describes how the agency planned for TURBINE to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.” (CNE mines intelligence from computers and networks; CNA seeks to disrupt, damage or destroy them.)

Eventually, the secret files indicate, the NSA’s plans for TURBINE came to fruition. The system has been operational in some capacity since at least July 2010, and its role has become increasingly central to NSA hacking operations.

Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.

The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”

The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”


Circumventing Encryption

The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.

One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.

An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.

The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That’s because the NSA’s malware gives the agency unfettered access to a target’s computer before the user protects their communications with encryption.

It is unclear how many of the implants are being deployed on an annual basis or which variants of them are currently active in computer systems across the world.

Previous reports have alleged that the NSA worked with Israel to develop the Stuxnet malware, which was used to sabotage Iranian nuclear facilities. The agency also reportedly worked with Israel to deploy malware called Flame to infiltrate computers and spy on communications in countries across the Middle East.

According to the Snowden files, the technology has been used to seek out terror suspects as well as individuals regarded by the NSA as “extremist.” But the mandate of the NSA’s hackers is not limited to invading the systems of those who pose a threat to national security.

In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.

The internal post – titled “I hunt sys admins” – makes clear that terrorists aren’t the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any “government official that happens to be using the network some admin takes care of.”

Similar tactics have been adopted by Government Communications Headquarters, the NSA’s British counterpart. As the German newspaper Der Spiegel reported in September, GCHQ hacked computers belonging to network engineers at Belgacom, the Belgian telecommunications provider.

The mission, codenamed “Operation Socialist,” was designed to enable GCHQ to monitor mobile phones connected to Belgacom’s network. The secret files deem the mission a “success,” and indicate that the agency had the ability to covertly access Belgacom’s systems since at least 2010.

Infiltrating cellphone networks, however, is not all that the malware can be used to accomplish. The NSA has specifically tailored some of its implants to infect large-scale network routers used by Internet service providers in foreign countries. By compromising routers – the devices that connect computer networks and transport data packets across the Internet – the agency can gain covert access to monitor Internet traffic, record the browsing sessions of users, and intercept communications.

Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform “exploitation attacks” against data that is sent through a Virtual Private Network, a tool that uses encrypted “tunnels” to enhance the security and privacy of an Internet session.

The implants also track phone calls sent across the network via Skype and other Voice Over IP software, revealing the username of the person making the call. If the audio of the VOIP conversation is sent over the Internet using unencrypted “Real-time Transport Protocol” packets, the implants can covertly record the audio data and then return it to the NSA for analysis.

But not all of the NSA’s implants are used to gather intelligence, the secret files show. Sometimes, the agency’s aim is disruption rather than surveillance. QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target’s file downloads. These two “attack” techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for “defensive” purposes – to protect U.S. government networks against intrusions.


“Mass exploitation potential”

Before it can extract data from an implant or use it to attack a system, the NSA must first install the malware on a targeted computer or network.

According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a “back-door implant” infects their computers within eight seconds.

There’s only one problem with this tactic, codenamed WILLOWVIXEN: According to the documents, the spam method has become less successful in recent years, as Internet users have become wary of unsolicited emails and less likely to click on anything that looks suspicious.

Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.

To perform a man-on-the-side attack, the NSA observes a target’s Internet traffic using its global network of covert “accesses” to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency’s surveillance sensors alert the TURBINE system, which then “shoots” data packets at the targeted computer’s IP address within a fraction of a second.

In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.

The documents show that QUANTUMHAND became operational in October 2010, after being successfully tested by the NSA against about a dozen targets.

According to Matt Blaze, a surveillance and cryptography expert at the University of Pennsylvania, it appears that the QUANTUMHAND technique is aimed at targeting specific individuals. But he expresses concerns about how it has been covertly integrated within Internet networks as part of the NSA’s automated TURBINE system.

“As soon as you put this capability in the backbone infrastructure, the software and security engineer in me says that’s terrifying,” Blaze says.

“Forget about how the NSA is intending to use it. How do we know it is working correctly and only targeting who the NSA wants? And even if it does work correctly, which is itself a really dubious assumption, how is it controlled?”

In an email statement to The Intercept, Facebook spokesman Jay Nancarrow said the company had “no evidence of this alleged activity.” He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.

Nancarrow also pointed out that other services besides Facebook could have been compromised by the NSA. “If government agencies indeed have privileged access to network service providers,” he said, “any site running only [unencrypted] HTTP could conceivably have its traffic misdirected.”

A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.

This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers.

The man-in-the-middle tactic can be used, for instance, to covertly change the content of a message as it is being sent between two people, without either knowing that any change has been made by a third party. The same technique is sometimes used by criminal hackers to defraud people.

A top-secret NSA presentation from 2012 reveals that the agency developed a man-in-the-middle capability called SECONDDATE to “influence real-time communications between client and server” and to “quietly redirect web-browsers” to NSA malware servers called FOXACID. In October, details about the FOXACID system were reported by the Guardian, which revealed its links to attacks against users of the Internet anonymity service Tor.

But SECONDDATE is tailored not only for “surgical” surveillance attacks on individual suspects. It can also be used to launch bulk malware attacks against computers.

According to the 2012 presentation, the tactic has “mass exploitation potential for clients passing through network choke points.”

Blaze, the University of Pennsylvania surveillance expert, says the potential use of man-in-the-middle attacks on such a scale “seems very disturbing.” Such an approach would involve indiscriminately monitoring entire networks as opposed to targeting individual suspects.

“The thing that raises a red flag for me is the reference to ‘network choke points,’” he says. “That’s the last place that we should be allowing intelligence agencies to compromise the infrastructure – because that is by definition a mass surveillance technique.”

To deploy some of its malware implants, the NSA exploits security vulnerabilities in commonly used Internet browsers such as Mozilla Firefox and Internet Explorer.

The agency’s hackers also exploit security weaknesses in network routers and in popular software plugins such as Flash and Java to deliver malicious code onto targeted machines.

The implants can circumvent anti-virus programs, and the NSA has gone to extreme lengths to ensure that its clandestine technology is extremely difficult to detect. An implant named VALIDATOR, used by the NSA to upload and download data to and from an infected machine, can be set to self-destruct – deleting itself from an infected computer after a set time expires.

In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency’s hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. “If we can get the target to visit us in some sort of web browser, we can probably own them,” an agency hacker boasts in one secret document. “The only limitation is the ‘how.’”


Covert Infrastructure

The TURBINE implants system does not operate in isolation.

It is linked to, and relies upon, a large network of clandestine surveillance “sensors” that the agency has installed at locations across the world.

The NSA’s headquarters in Maryland are part of this network, as are eavesdropping bases used by the agency in Misawa, Japan and Menwith Hill, England.

The sensors, codenamed TURMOIL, operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet.

When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack.

The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.

Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.

What’s more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.

GCHQ, the British agency, has taken on a particularly important role in helping to develop the malware tactics. The Menwith Hill satellite eavesdropping base that is part of the TURMOIL network, located in a rural part of Northern England, is operated by the NSA in close cooperation with GCHQ.

Top-secret documents show that the British base – referred to by the NSA as “MHS” for Menwith Hill Station – is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant “exploitation” attacks against users of Yahoo and Hotmail.

In one document dated 2010, at least five variants of the QUANTUM hacking method were listed as being “operational” at Menwith Hill. The same document also reveals that GCHQ helped integrate three of the QUANTUM malware capabilities – and test two others – as part of a surveillance system it operates codenamed INSENSER.

GCHQ cooperated with the hacking attacks despite having reservations about their legality. One of the Snowden files, previously disclosed by Swedish broadcaster SVT, revealed that as recently as April 2013, GCHQ was apparently reluctant to get involved in deploying the QUANTUM malware due to “legal/policy restrictions.” A representative from a unit of the British surveillance agency, meeting with an obscure telecommunications standards committee in 2010, separately voiced concerns that performing “active” hacking attacks for surveillance “may be illegal” under British law.

In response to questions from The Intercept, GCHQ refused to comment on its involvement in the covert hacking operations. Citing its boilerplate response to inquiries, the agency said in a statement that “all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight.”

Whatever the legalities of the United Kingdom and United States infiltrating computer networks, the Snowden files bring into sharp focus the broader implications. Under cover of secrecy and without public debate, there has been an unprecedented proliferation of aggressive surveillance techniques. One of the NSA’s primary concerns, in fact, appears to be that its clandestine tactics are now being adopted by foreign rivals, too.

“Hacking routers has been good business for us and our 5-eyes partners for some time,” notes one NSA analyst in a top-secret document dated December 2012. “But it is becoming more apparent that other nation states are honing their skillz and joining the scene.”
Ken M

Mountain climber
Los Angeles, Ca
Mar 15, 2014 - 02:47am PT
Just remember that Greenwald has vowed to cause as much damage to the US as possible.
froodish

Social climber
Portland, Oregon
Mar 15, 2014 - 03:40am PT
Greenwald has a pretty good track record. For now, I trust him.
Tvash

climber
Seattle
Mar 15, 2014 - 09:58am PT
Greenwald has never "vowed to damage the US", so we needn't remember what never happened. I challenge Ken M to produce the Greenwald quote in its entirety with a source that backs up this false assertion.

Quite to the contrary - Snowden carefully selected his leaks to avoid damaging US interests, bur rather to expose illegal, unconstitutional, and unethical behavior on the part of our intelligence services. The evidence - for those who bother to actually read what it comprises, is damning.

Snowden did it solely to make America aware of what was going on so the country could have this conversation. He had no other agenda, and there is zero evidence that indicates that he did.

There is a huge propaganda/smear campaign about Snowden, as there was against Ellsberg and all high profile whistleblowers. It's disappointing to see posters here parrot bits of that campaign long after those bits have been debunked.

Such is the power and danger of misinformation.

Ken M

Mountain climber
Los Angeles, Ca
Mar 18, 2014 - 02:25pm PT
Greenwald has never "vowed to damage the US", so we needn't remember what never happened. I challenge Ken M to produce the Greenwald quote in its entirety with a source that backs up this false assertion.


http://www.telegraph.co.uk/news/worldnews/northamerica/usa/10251337/Greenwald-UK-will-be-sorry-for-detaining-partner.html

And you seem to have a selective memory about the traitor Snowden: How he dumped hundreds of thousands of documents into the public that he could not have possibly read.....that the NYTimes and other actual journalism sites redacted before they published, because they thought that inappropriate stuff was contained within.
Tvash

climber
Seattle
Mar 18, 2014 - 02:32pm PT
Nothing in that link supports your statement.

So there's that.
Marlow

Sport climber
OSLO
Mar 18, 2014 - 02:45pm PT
Tvash

Ken M is a tool in this case. He keeps on repeating that Greenwald has threatened to "cause as much damage to the US as possible". To Ken M "will be sorry for" and "continue to publish NSA secrets" is the same thing as "cause as much damage to the US as possible".

I wonder how anybody with an academic education is able to reason this way.

That said: Greenwald's statement was unnecessary and unwise. He must have known that tools like Ken M would twist the words and use them in their spinning of "half-truths".
Tvash

climber
Seattle
Mar 18, 2014 - 03:21pm PT
Ken M is one of millions of parrots right wing PR campaigns depend on to do exactly what he's doing. He's a type, and a common one. It's more important to shout the party line than to be accurate or truthful. As Fox well knows, you publish the lie on page one, retract on page 10 (actually, they never retract - you don't need to with pure propaganda). This is today's anti-liberalism at work. It's easier to order off a fast food menu that learn to cook yourself. Guys like Ken M get the instant emotional stroke of liberal bashing without putting out much if any effort. Spoon fed, all the way.

The funny thing is, Snowden is far from being a 'liberal'. He's far more of a libertarian - a highly ethical, really smart libertarian. He also happens to be a patriotic as it gets. The magnitude of the sacrifice he just made so this country could simply have this conversation speaks volumes there.

I've heard Greenwald speak. He's a straight shooter and doesn't mince words. That's just his style. It's refreshing, actually. It's also the very same trait the Right loves about its spokespeople - TELL IT LIKE IT IS! - who, unlike Greenwald, tend to be ethically challenged, fast and loose with their facts, in some cases, dumb as a bag of donuts.

In the end, it wouldn't matter how Greenwald worded anything. Big Brother's fanbois will broadcast the inevitable smear campaign regardless.
froodish

Social climber
Portland, Oregon
Mar 18, 2014 - 03:32pm PT
Members of the Church Committee publish open letter to Congress:

http://arstechnica.com/tech-policy/2014/03/us-intelligence-oversight-group-from-1975-says-things-are-way-worse-now/
NutAgain!

Trad climber
South Pasadena, CA
Mar 18, 2014 - 04:37pm PT
If we take the long view of society, that is, over decades or centuries, the very real risk of becoming an Orwellian society outweigh the risks of compromising the position of the current government in conflicts with other countries or corporate/political/terrorist organizations. "We the people" are not the same as "we the government." We the people elect a government to represent our interests, and in spirit it is our job as Americans to prioritize what is right for the people rather than what is right for the elected government if those two causes diverge. That is how America was created in the first place. The government (England) wasn't meeting the needs of the people (or at least not meeting the needs of American corporations that influenced the American people to feel like their needs weren't being met).

To that end, I believe it is incisive, prescient, self-sacrificing, and heroic to take a personal risk for something that seems esoteric to many, yet is at the very heart of our society's future. Whatever personal gain or recognition Snowden might have hoped to gain, if any, is not worth the difficulties he will face. He was probably smart enough to know that before this started. To really dig into this, just think about who has something to gain and who has something to lose in the discussion of these issues, the revelation of secrets.

It's really a pandora's box though... we all have something to gain and to lose by the revelation of secrets. But if the US suddenly "took the moral high road" on this stuff, then the US might cease to exist in a few years or decades after being over-run by other countries that don't have any moral qualms about doing it. Basic game theory operating here- it just takes the probability of any group other than the US government exploiting these technologies (which is almost certain), and the US basically has no strategic choice but to respond or stop existing. You can't put the genie back in the bottle.

The challenge is how we as a society authorize our government to keep us on a path of democratic ideals and life that we prefer, between two opposing forces that threaten these:
1) Foreign powers that would like to topple US and send us back to the stone age, Sharia law, etc.
2) US shadow/hidden government (powerful people? corporations?) that uses people's fear of #1 to give up basic freedoms and societal expectations to give more power to an emergent elite/ruling class whilst the remainder of society lives under constant surveillance, and in complete fear and powerlessness.

The tightrope of democracy....

Whatever crimes Snowden committed against USA government, and whatever real risk he has exposed to the people of the USA, I would hope that the service he has done to humanity is offset when his punishments are handed out. And in any case, I am grateful for his personal sacrifice, that he has faced punishment so that I don't have to. He is a soldier of humanity, and I am grateful for the life I can live because of people like him, just like I am grateful for the life I can live because of the soldiers of the US military.

In an ideal world we wouldn't need soldiers, but this world isn't ideal. There is always room for soldiers to be better deployed, for smarter decisions to be made, but I don't know enough of the details to second-guess any decisions. It's easy to point out mistakes in something, much harder to actually fix it or even try.

Messages 1281 - 1300 of total 1468 in this topic << First  |  < Previous  |  Show All  |  Next >  |  Last >>
Return to Forum List
 
Our Guidebooks
spacerCheck 'em out!
SuperTopo Guidebooks

guidebook icon
Try a free sample topo!

 
SuperTopo on the Web

Recent Route Beta