background preloader

Warrantless Tracking & Hacking

Facebook Twitter

How the NSA Plans to Infect 'Millions' of Computers with Malware. One presentation outlines how the NSA performs “industrial-scale exploitation” of computer networks across the world.

How the NSA Plans to Infect 'Millions' of Computers with Malware

Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process. The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.”

The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks. Phone call metadata does betray sensitive details about your life – study. Warnings that phone call “metadata” can betray detailed information about your life has been confirmed by research at Stanford University.

Phone call metadata does betray sensitive details about your life – study

Researchers there successfully identified a cannabis cultivator, multiple sclerosis sufferer and a visitor to an abortion clinic using nothing more than the timing and destination of their phone calls. Jonathan Mayer and Patrick Mutchler, the researchers behind the finding, used data gleaned from 546 volunteers to assess the extent to which information about who they had called and when revealed personally sensitive information. The research aimed to answer questions raised by the NSA wiretapping revelations, where it was revealed that the US intelligence agency collects metadata - but not content - of millions of phone calls on mobile networks.

Give Me Complicity or Give Me Death: Lavabit Chooses Death. ‘Encryption is a human right’: Wikipedia aims to lock out NSA. German companies to automatically encrypt emails. BERLIN (AP) — Two of Germany's biggest Internet service providers said Friday they will start encrypting customers' emails by default in response to user concerns about online snooping after reports that the U.S.

German companies to automatically encrypt emails

National Security Agency monitors international electronic communications. The plan by Deutsche Telekom AG and United Internet AG is the digital equivalent of putting an envelope around a postcard. Currently most emails are sent across the web in plain view of anyone standing between the sender and the recipient. Initially the encryption will only be secure between customers of Deutsche Telekom's T-Online service and United Internet's GMX and WEB.DE services — which together account for two-thirds of primary email addresses in Germany — the companies said.

Don't Even THINK of Using Encryption Software to Escape NSA Scrutiny. If you were thinking about employing encryption software to avoid the all-encompassing gaze of the NSA, think again.

Don't Even THINK of Using Encryption Software to Escape NSA Scrutiny

By seeking to preserve your privacy, you just make yourself a hapless lab rat in their running experiments: Bad news for fans of anonymizing Tor networks, PGP and other encryption services: If you're attempting to avoid the National Security Agency's digital dragnet, you may be making yourself a target, as well as legally allowing the agency to retain your communications indefinitely -- and even use them to test the latest code-breaking tools. Those revelations come via leaked documents that detail the operating guidelines for secret NSA surveillance programs authorized by Congress in 2008. Sorry, NSA, Terrorists Don't Use Verizon. Or Skype. Or Gmail. Image: Flickr The NSA has to collect the metadata from all of our phone calls because terrorists, right?

Sorry, NSA, Terrorists Don't Use Verizon. Or Skype. Or Gmail.

And the spy agency absolutely must intercept Skypes you conduct with folks out-of-state, or else terrorism. It must sift through your iCloud data and Facebook status updates too, because Al Qaeda. Terrorists are everywhere, they are legion, they are dangerous, and, unfortunately, they don't really do any of the stuff described above. NSA Project XKeyscore Collects Nearly Everything You Do On The Internet. XKeyscore presentation from 2008 – read in full.

Browse Like Bond: Use Any Computer Without Leaving a Trace with Tails. ELI5: The deep web, onion routing , and TOR : explainlikeimfive. Why 'I Have Nothing to Hide' Is the Wrong Way to Think About Surveillance. The programs of the past can be characterized as “proximate surveillance,” in which the government attempted to use technology to directly monitor communication themselves.

Why 'I Have Nothing to Hide' Is the Wrong Way to Think About Surveillance

The programs of this decade mark the transition to “oblique surveillance,” in which the government more often just goes to the places where information has been accumulating on its own, such as email providers, search engines, social networks, and telecoms. Apologists will always frame our use of information-gathering services like a mobile phone plan or Gmail as a choice. If You've Got Nothing To Hide, You've Actually Got Plenty To Hide. The line "if you've got nothing to hide, you have nothing to worry about" is used all too often in defending surveillance overreach.

If You've Got Nothing To Hide, You've Actually Got Plenty To Hide

It's been debunked countless times in the past, but with the line being trotted out frequently in response to the NSA revelations, it's time for yet another debunking, and there are two good ones that were recently published. First up, we've got Moxie Marlinspike at Wired, who points out that, you're wrong if you think you've got nothing to hide, because our criminal laws are so crazy, that anyone sifting through your data would likely be able to pin quite a few crimes on you if they just wanted to. For instance, did you know that it is a federal crime to be in possession of a lobster under a certain size?

It doesn't matter if you bought it at a grocery store, if someone else gave it to you, if it's dead or alive, if you found it after it died of natural causes, or even if you killed it while acting in self defense. Text message privacy just the start when cell patterns are like fingerprints - Blog Central, Jesse Brown, Uncategorized. No Warrant, No Problem: How The Government Can Still Get Your Digital Data. Update, Jan. 8, 2014: This post has been updated.

No Warrant, No Problem: How The Government Can Still Get Your Digital Data

It was originally published on Dec. 4, 2012. The government isn't allowed to wiretap American citizens without a warrant from a judge. But there are plenty of legal ways for law enforcement, from the local sheriff to the FBI to the Internal Revenue Service, to snoop on the digital trails you create every day. Authorities can often obtain your emails and texts by going to Google or AT&T with a simple subpoena that doesn’t require showing probable cause of a crime.

And recent revelations about classified National Security Agency surveillance programs show that the government is regularly sweeping up data on Americans’ telephone calls and has the capability to access emails, files, online chats and other data — all under secret oversight by a special federal court. Google Tells Cops to Get Warrants for User E-Mail, Cloud Data.

Google demands probable-cause, court-issued warrants to divulge the contents of Gmail and other cloud-stored documents to authorities in the United States — a startling revelation Wednesday that runs counter to federal law that does not always demand warrants.

Google Tells Cops to Get Warrants for User E-Mail, Cloud Data

The development surfaced as Google publicly announced that more than two-thirds of the user data Google forwards to government agencies across the United States is handed over without a probable-cause warrant. A Google spokesman told Wired that the media giant demands that government agencies — from the locals to the feds — get a probable-cause warrant for content on its e-mail, Google Drive cloud storage and other platforms — despite the Electronic Communications Privacy Act allowing the government to access such customer data without a warrant if it’s stored on Google’s servers for more than 180 days.

Emails should be protected like regular mail, California senator says. SACRAMENTO, Calif.

Emails should be protected like regular mail, California senator says

(KABC) -- If law enforcement wanted to read your letters or other paper correspondence, they have to get a warrant. But in this age of technology, you don't have the same protections. If your email has already been opened or is more than 6 months old, law enforcement and other government agencies can read them. Texas proposes one of nation’s “most sweeping” mobile privacy laws. Privacy experts say that a pair of new mobile privacy bills recently introduced in Texas are among the “most sweeping” ever seen. And they say the proposed legislation offers better protection than a related privacy bill introduced this week in Congress. If passed, the new bills would establish a well-defined, probable-cause-driven warrant requirement for all location information. That's not just data from GPS, but potentially pen register, tap and trace, and tower location data as well.

Such data would be disclosed to law enforcement "if there is probable cause to believe the records disclosing location information will provide evidence in a criminal investigation. " Further, the bills would require an annual transparency report from mobile carriers to the public and to the state government. “That’s why we think it is essential that the government get a search warrant, approved by a judge, before demanding this kind of information from cell phone providers. Broad powers. OK for police to search cellphone if no password, says court - Toronto. The court says it's okay for police to look through someone's cellphone under certain conditions. (CBC) Ontario's highest court has signalled that the right of police officers to look through someone's phone depends on whether there's a password.

The Court of Appeal for Ontario says it's all right for police to have a cursory look through the phone upon arrest if it's not password protected, but if it is, investigators should get a search warrant. The court's ruling comes in the case of a man who appealed his robbery conviction, arguing that police breached his charter rights by looking through his phone after his arrest. Kevin Fearon was arrested in July 2009, after a jewelry stall at a flea market in Toronto was robbed, and police found pictures of a gun and cash as well as a text message about jewelry on his phone.

"Rather, because the phone was not password protected, the photos and the text message were readily available to other users. " ITU Approves Deep Packet Inspection Standard Behind Closed Doors, Ignores Huge Privacy Implications. Police don't need a warrant to seize phone location data, US court rules. The US Court of Appeals for the Fifth Circuit has ruled that historical cellphone location data is not protected by the Fourth Amendment, allowing police to access the data without a search warrant.

After losing GPS-tracking case at high court, FBI goes after warrantless cell-site location data.