Tag: snowden

Zuckerberg phones Obama to complain about NSA spying

The day after a Snowden leak revealed that the NSA builds fake versions of Facebook and uses them to seed malicious software in attacks intended to hijack “millions” of computers, Facebook CEO and founder Mark Zuckerberg telephoned President Obama to complain about the NSA’s undermining of the Internet’s integrity. As many have pointed out, it would have been nice to hear Zuckerberg taking the Internet’s side before his own stock portfolio was directly affected, but better late than never. Zuckerberg’s post on his conversation excoriates the US government for its Internet sabotage campaign, and calls on the USG to “be the champion for the internet, not a threat.” Curiously, Zuckerberg calls for “transparency” into the NSA’s attacks on the Internet, but stops short of calling for an end to government-sponsored attacks against the net. In the end, though, Zuckerberg calls on companies to do a better job of securing themselves and their users against intrusive spying. It’s not clear how that will work for Facebook, though: its business model is predicated on tricking, cajoling, and siphoning personal data out of its users and warehousing it forever in a neat package that governments are unlikely to ignore. I’m told that 90% of US divorce proceedings today include Facebook data; this is a microcosm of the wider reality when you make it your business to stockpile the evidentiary chain of every human being’s actions. The internet works because most people and companies do the same. We work together to create this secure environment and make our shared space even better for the world. This is why I’ve been so confused and frustrated by the repeated reports of the behavior of the US government. When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government. The US government should be the champion for the internet, not a threat. They need to be much more transparent about what they’re doing, or otherwise people will believe the worst. I’ve called President Obama to express my frustration over the damage the government is creating for all of our future. Unfortunately, it seems like it will take a very long time for true full reform. So it’s up to us — all of us — to build the internet we want. Together, we can build a space that is greater and a more important part of the world than anything we have today, but is also safe and secure. I’m committed to seeing this happen, and you can count on Facebook to do our part. As the world becomes more complex and governments everywhere struggle, trust in the internet is more important today than ever. ( Image: Mark Zuckerberg Facebook SXSWi 2008 Keynote , a Creative Commons Attribution (2.0) image from deneyterrio’s photostream )        

Link:
Zuckerberg phones Obama to complain about NSA spying

Spooks of Warcraft: how the NSA infiltrated gamespace

A new Snowden leak details how he NSA and GCHQ tasked its agents to infiltrate Second Life, World of Warcraft, and other MMOs to find jihadis and spy on them. The battalions of undercover orcs did indeed take much of gamespace, but there’s no evidence they ever spotted a plot. I was once questioned by members of an “unnamed branch of the State Department” at a games and public diplomacy event about the likelihood that jihadis were playing MMOs; and I said something like, “Sure, of course. Everyone plays MMOs.” I didn’t realize they’d take it all quite so much to heart. The absurdity of sending spies to infiltrate Warcraft can best be understood as a natural outflow of the doctrine that holds that if any two bad guys, anywhere in the world, can communicate in such a way that the NSA can’t listen in on them, all of society will crumble. Once you set yourself the insane task of eavesdropping on all conversations, everywhere, always, it’s inevitable that you’ll send Secret Squirrel and his pals to Azeroth. At the request of GCHQ, the NSA had begun a deliberate effort to extract World of Warcraft metadata from their troves of intelligence, and trying to link “accounts, characters and guilds” to Islamic extremism and arms dealing efforts. A later memo noted that among the game’s active subscribers were “telecom engineers, embassy drivers, scientists, the military and other intelligence agencies”. The UK agency did not stop at World of Warcraft, though: by September a memo noted GCHQ had “successfully been able to get the discussions between different game players on Xbox Live”. Meanwhile, the FBI, CIA, and the Defense Humint Service were all running human intelligence operations – undercover agents – within the virtual world of Second Life. In fact, so crowded were the virtual worlds with staff from the different agencies, that there was a need to try to “deconflict” their efforts – or, in other words, to make sure each agency wasn’t just duplicating what the others were doing. By the end of 2008, such human intelligence efforts had produced at least one usable piece of intelligence, according to the documents: following the successful takedown of a website used to trade stolen credit card details, the fraudsters moved to Second Life – and GCHQ followed, having gained their first “operational deployment” into the virtual world. This, they noted, put them in touch with an “avatar [game character] who helpfully volunteered information on the target group’s latest activities”. Second Life continued to occupy the intelligence agencies’ thoughts throughout 2009. One memo noted the game’s economy was “essentially unregulated” and so “will almost certainly be used as a venue for terrorist laundering and will, with certainty, be used for terrorist propaganda and recruitment”. Revealed: spy agencies’ covert push to infiltrate virtual world of online games [James Ball/The Guardian]        

See the article here:
Spooks of Warcraft: how the NSA infiltrated gamespace

GCHQ used fake Slashdot, LinkedIn to target employees at Internet exchanges

A new Snowden leak, reported by Laura Poitras in Der Spiegel , shows that the UK spy agency GCHQ used fake versions of Slashdot and LinkedIn to attack tech staff at Global Roaming Exchanges — interchange points where large networks meet up. It’s speculated that the attacks were used to compromise Belgacom International Carrier Services (BICS) . GRX is roughly analogous to an IX (Internet Exchange), and it acts as a major exchange for mobile Internet traffic while users roam around the globe. There are only around two dozen such GRX providers globally. This new attack specifically targeted administrators and engineers of Comfone and Mach (which was acquired over the summer by Syniverse), two GRX providers. Der Spiegel suggests that the Government Communications Headquarters (GCHQ), the British sister agency to the NSA, used spoofed versions of LinkedIn and Slashdot pages to serve malware to targets. This type of attack was also used to target “nine salaried employees” of the Organization of Petroleum Exporting Countries (OPEC), the global oil cartel. This new revelation may be related to an attack earlier this year against Belgacom International Carrier Services (BICS), a subsidiary of the Belgian telecom giant Belgacom. BICS is another one of the few GRX providers worldwide. UK spies continue “quantum insert” attack via LinkedIn, Slashdot pages [Cyrus Farivar/Ars Technica] ( via TechDirt )        

Follow this link:
GCHQ used fake Slashdot, LinkedIn to target employees at Internet exchanges

NSA hacked email of Mexican president and drug-war reformers

A Snowden leak, discussed in detail in Der Spiegel , shows how the NSA broke into the email servers of the Mexican president Felipe Calderon’s public account, and used that access to wiretap the president, cabinet members, and senior diplomats. The NSA described the program, called “Flatliquid” as “lucrative.” A second program, “Whitetamale,” also spied on senior Mexican politicians (including presidential candidate Peña Niet), targeting efforts to change the country’s disastrous War on Drugs. Rousseff believes Washington’s reasons for employing such unfriendly methods are partly economic, an accusation that the NSA and its director, General Keith Alexander, have denied. Yet according to the leaked NSA documents, the US also monitored email and telephone communications at Petrobras, the oil corporation in which the Brazilian government holds a majority stake. Brazil possesses enormous offshore oil reserves. Just how intensively the US spies on its neighbors can be seen in another, previously unknown operation in Mexico, dubbed “Whitetamale” by the NSA. In August 2009, according to internal documents, the agency gained access to the emails of various high-ranking officials in Mexico’s Public Security Secretariat that combats the drug trade and human trafficking. This hacking operation allowed the NSA not only to obtain information on several drug cartels, but also to gain access to “diplomatic talking-points.” In the space of a single year, according to the internal documents, this operation produced 260 classified reports that allowed US politicians to conduct successful talks on political issues and to plan international investments. The tone of the document that lists the NSA’s “tremendous success” in monitoring Mexican targets shows how aggressively the US intelligence agency monitors its southern neighbor. “These TAO accesses into several Mexican government agencies are just the beginning — we intend to go much further against this important target,” the document reads. It goes on to state that the divisions responsible for this surveillance are “poised for future successes.” Fresh Leak on US Spying: NSA Accessed Mexican President’s Email [Jens Glüsing, Laura Poitras, Marcel Rosenbach and Holger Stark/Speigel Online]        

See the original post:
NSA hacked email of Mexican president and drug-war reformers

When Google and Microsoft "Stand Together" against US spying, you know stuff just got real

“To followers of technology issues, there are many days when Microsoft and Google stand apart.” Quite an understatement, but so begins a recent blog post by Microsoft’s General Counsel and Legal/Corporate Affairs EVP Brad Smith .        

See original article:
When Google and Microsoft "Stand Together" against US spying, you know stuff just got real

Edward Snowden answers your questions

On the Guardian right now NSA whistleblower Edward Snowden is answering live questions from the world at large. 1) First, the US Government, just as they did with other whistleblowers, immediately and predictably destroyed any possibility of a fair trial at home, openly declaring me guilty of treason and that the disclosure of secret, criminal, and even unconstitutional acts is an unforgivable crime. That’s not justice, and it would be foolish to volunteer yourself to it if you can do more good outside of prison than in it. Second, let’s be clear: I did not reveal any US operations against legitimate military targets. I pointed out where the NSA has hacked civilian infrastructure such as universities, hospitals, and private businesses because it is dangerous. These nakedly, aggressively criminal acts are wrong no matter the target. Not only that, when NSA makes a technical mistake during an exploitation operation, critical systems crash. Congress hasn’t declared war on the countries – the majority of them are our allies – but without asking for public permission, NSA is running network operations against them that affect millions of innocent people. And for what? So we can have secret access to a computer in a country we’re not even fighting? So we can potentially reveal a potential terrorist with the potential to kill fewer Americans than our own Police? No, the public needs to know the kinds of things a government does in its name, or the “consent of the governed” is meaningless. The whistleblower behind the biggest intelligence leak in NSA history will be live online at 11am ET/4pm BST to answer your questions about the NSA surveillance revelations        

Read More:
Edward Snowden answers your questions