background preloader

The NSA has its own team of elite hackers

The NSA has its own team of elite hackers
NSA headquarters at Fort Meade, MD where TAO's main team reportedly works (Wikipedia) Our Post colleagues have had a busy day. First, they released documents revealing the U.S. intelligence budget from National Security Agency (NSA) leaker Edward Snowden. In that second report, Craig Whitlock and Barton Gellman shared a few tidbits about the role of the government's hacking unit, Tailored Access Operations (TAO) in the hunt, writing that TAO "enabled the NSA to collect intelligence from mobile phones that were used by al-Qaeda operatives and other 'persons of interest' in the bin Laden hunt." So just what is Tailored Access Operations? So, TAO might have had something to do with the development of Stuxnet and Flame, malware programs thought to have been jointly developed by the U.S. and Israel. According to Aid, TAO's primary base is in the NSA headquarters in Fort Meade. More on this story: Interactive: Explore the Black Budget Secret budget details U.S. spy network’s successes, failures Related:  hackers & hacking

On eve of incarceration, Anonymous hacker clears the air When 22-year-old John Anthony Borell, a.k.a. ItsKahuna of now-defunct Anonymous offshoot CabinCr3w, stood trial for hacking police department websites across the country—and even after he was sentenced to pay restitution of $227,736 and serve three years in prison—he was none too forthcoming about his crimes or motivations. But yesterday, just weeks away from his Dec. 6 incarceration date, he posted an open letter in hopes of somewhat clearing the air. Borell still wasn’t interested in divulging his exact objectives in breaching municipal and law enforcement Web properties based out of Salt Lake City, Syracuse, St. Louis, and Los Angeles. “I can’t blame those who jumped to rash conclusions so quickly,” Borell wrote, blaming the period of confusion that erupted as the feds began to crack down on the group. "Privacy is becoming a forgotten thing of the past as mass surveillance has progressed as an everyday thing in the world. Photo by ribizlifozelek/Flickr

How Antisec Died — Notes from a Strange World First, an introduction: I write about hackers, and for the past few years that has meant I write about Anonymous. At the time of the Stratfor hack I was working for Wired covering Anonymous — notably the antics of Antisec anons much of the time. I had missed the Lulzsec period, which I spent under federal investigation myself. By the winter of 2011, I was making up for lost time. This was in part because I didn’t want my work to become involved in any court cases, but also because for the nature of my coverage, I didn’t believe, and still don’t, that the legal identity of individuals tells us much about the collective I was writing about. As a result, much of the story I have to tell of what really happened to Antisec comes of years-old memories. Jeremy Hammond, aka sup_g and crediblethreat, was sentenced to 10 years last Friday in connection with the hack of Stratfor at the end of 2011. There was always something a bit off about Sabu’s voice. It never seemed quite right to me.

A Saudi Arabia Telecom's Surveillance Pitch Last week I was contacted by an agent of Mobily, one of two telecoms operating in Saudi Arabia, about a surveillance project that they’re working on in that country. Having published two reasonably popular MITM tools, it’s not uncommon for me to get emails requesting that I help people with their interception projects. I typically don’t respond, but this one (an email titled “Solution for monitoring encrypted data on telecom”) caught my eye. I was interested to know more about what they were up to, so I wrote back and asked. After a week of correspondence, I learned that they are organizing a program to intercept mobile application data, with specific interest in monitoring: Mobile Twitter Viber Line WhatsApp I was told that the project is being managed by Yasser D. From: Yasser Alruhaily <…….. .. . In The Name Of Terror When they eventually asked me for a price quote, and I indicated that I wasn’t interested in the job for privacy reasons, they responded with this: Culture Over Time

Hacktivists on Trial Prosecutors are warping the law to throw activist hackers like Aaron Swartz behind bars for years. (AP Photo/File) When Aaron Swartz committed suicide at the age of 26 in January, the online world was stunned. Why did he kill himself? In the year since Swartz’s death, a number of other computer hacktivists and whistleblowers have become the targets of the wrath of prosecutors and judges, and they have either gone to jail or are facing decades in prison—in one case 105 years. Taken together, the lesson appears to be that computer hacking for social causes and computer hacking aimed at exposing the secrets of governing elites will not be tolerated. The prosecution of Aaron Swartz was based on the premise that he had obtained unauthorized access to the computer network at the Massachusetts Institute of Technology and downloaded millions of pages of academic journal articles from JSTOR, an online library. But did this act of civil disobedience actually break any laws?

iPad Hack Statement Of Responsibility Editor’s note: Andrew Auernheimer, also known by his pseudonym weev, is an American grey hat hacker and self-described Internet troll. Follow him on Twitter @rabite. In June of 2010 there was an AT&T webserver on the open Internet. There was an API on this server, a URL with a number at the end. If you incremented this number, you saw the next iPad 3G user email address. I did this because I despised people I think are unjustly wealthy and wanted to embarass them. I was convicted of two consecutive five-year felonies, and am now awaiting sentencing. I left the Aaron Swartz memorial tonight emotionally exhausted. Over time, this has become less and less of a game. Lawrence Lessig said of Aaron’s indictment that the prosecutor Ortiz was “either an idiot, or a liar.” One of my prosecutors, Michael Martinez, claimed that our querying a public webserver was criminal because “it isn’t like going to ESPN and checking your sports team’s scores.” I can’t survive like this. God bless.

MJM as Personified Evil Says Spyware Saves Lives Not Kills Them In the secretive world of surveillance technology, he goes just by his initials: MJM. His mystique is such that other security professionals avoid using wireless Internet near him. MJM himself suggests that those he meets allay their paranoia by taking batteries out of their mobile phones. Special Report: Unsafe at Any Bitrate MJM -- Martin J. In the past year, the hacker-turned-executive has himself been under attack as the 2011 Arab Spring uprisings unravelled the cloak of secrecy he’d operated behind. FinFisher’s once-elusive FinSpy tool has been exposed targeting activists from the Persian Gulf kingdom of Bahrain; decoded for the first time by computer-virus hunters; placed under export control by the U.K.; and traced to countries with poor human rights records, such as Turkmenistan in Central Asia. As evidence mounts that repressive regimes routinely use surveillance gear to track and capture dissidents, FinSpy has been singled out as one of the most invasive weapons. ‘No Control’

Teenage Hacker "Cosmo the God" Sentenced by California Court | Gadget Lab “Cosmo the God” in a park near his home in Long Beach, California. Photo: Sandra Garcia/Wired The 15-year-old UG Nazi hacker known as Cosmo* or Cosmo the God was sentenced in juvenile court on Wednesday in Long Beach, California. According to Cosmo, he pleaded guilty to multiple felonies in exchange for a probation, encompassing all the charges brought against him, which included charges based on credit card fraud, identity theft, bomb threats, and online impersonation. Over the course of 2012, Cosmo and his group UG Nazi took part in many of the highest-profile hacking incidents of the year. Representatives from both the Long Beach district attorney and public defenders offices refused to comment on the case, given Cosmo’s status as a juvenile. The probationary period lasting until age 21 is standard, but other terms were more surprising. *Editor’s note: Wired is not disclosing Cosmo’s name due to his status as a minor.

FBI’s Huge Hacker Bust Could Be Bogus The story of the British intelligence agent who rigged an election, installed a king loyal to the British, drew new borders—and gave us today’s ungovernable country. She came into Baghdad after months in one of the world’s most forbidding deserts, a stoic, diminutive 45-year-old English woman with her small band of men. She had been through lawless lands, held at gunpoint by robbers, taken prisoner in a city that no Westerner had seen for 20 years. It was a hundred years ago, a few months before the outbreak of World War I. She was, in fact, a spy and her British masters had told her that if she got into trouble they would disclaim responsibility for her. For decades, beginning in the mid-19th century, the Orientalists had explored the desert and found there the ruins of the great powers of the ancient world—Egypt, Assyria, Babylonia, Persia. Among the explorers, a state of mind developed that was patronizing and paternalistic. The Orientalists thought differently.

You Can Get Hacked Just By Watching This Cat Video on YouTube Many otherwise well-informed people think they have to do something wrong, or stupid, or insecure to get hacked—like clicking on the wrong attachments, or browsing malicious websites. People also think that the NSA and its international partners are the only ones who have turned the internet into a militarized zone. But according to research I am releasing today at the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, many of these commonly held beliefs are not necessarily true. The only thing you need to do to render your computer’s secrets—your private conversations, banking information, photographs—transparent to prying eyes is watch a cute cat video on YouTube, and catch the interest of a nation-state or law enforcement agency that has $1 million or so to spare. To understand why, you have to realize that even in today’s increasingly security-conscious internet, much of the traffic is still unencrypted.

Intelligence Gap: How a Chinese National Gained Access to Arizona’s Terror Center Lizhong Fan’s desk was among a crowd of cubicles at the Arizona Counter Terrorism Information Center in Phoenix. For five months in 2007, the Chinese national and computer programmer opened his laptop and enjoyed access to a wide range of sensitive information, including the Arizona driver’s license database, other law enforcement databases, and potentially a roster of intelligence analysts and investigators. The facility had been set up by state and local authorities in the aftermath of the 9/11 terror attacks, and so, out of concerns about security, Fan had been assigned a team of minders to watch him nearly every moment inside the center. Fan, hired as a contract employee specializing in facial recognition technology, was even accompanied to the bathroom. However, no one stood in Fan’s way when he packed his equipment one day in early June 2007, then returned home to Beijing. Under Arizona law, then-Gov. To this day, they have not. “That really is outrageous,” Longman said. Col.

DOJ Won't Ask Supreme Court to Review Hacking Case | Threat Level The Justice Department has decided not to ask the Supreme Court to review a controversial federal appeals court decision that said employees may not be prosecuted under a federal anti-hacking statute for simply violating their employer’s computer use policy. The 9-2 decision in April by the 9th U.S. Circuit Court of Appeals dealt a blow to the Obama administration, which is invoking the same theory to prosecute alleged WikiLeaks leaker Bradley Manning. The case concerns the Computer Fraud and Abuse Act, which was passed in 1984 to enhance the government’s ability to prosecute hackers who accessed computers to steal information or to disrupt or destroy computer functionality. At least, that’s what the San Francisco-based appeals court said was the act’s purpose. Orin Kerr, a George Washington University Law School scholar and considered one of the leading experts on the topic, suggested the government did not appeal because it “may have been scared off by Judge Kozinski’s opinion.”

How Apple and Amazon Security Flaws Led to My Epic Hacking | Gadget Lab In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook. In many ways, this was all my fault. Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location. Those security lapses are my fault, and I deeply, deeply regret them. But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. This isn’t just my problem. ‬Moreover, if your computers aren’t already cloud-connected devices, they will be soon. It then rebooted to the setup screen.

U.S. Outgunned in Hacker War Hackers Said to be Planning to Launch Own Satellites to Combat Censorship Hackers reportedly plan to fight back against Internet censorship by putting their own communications satellites into orbit and developing a grid of ground stations to track and communicate with them. The news comes as the tech world is up in arms about proposed legislation that many feel would threaten online freedom. According to BBC News, the satellite plan was recently outlined at the Chaos Communication Congress in Berlin. It's being called the "Hackerspace Global Grid." If you don't like the idea of hackers being able to communicate better, hacker activist Nick Farr said knowledge is the only motive of the project, which also includes the development of new electronics that can survive in space, and launch vehicles that can get them there. Farr and his cohorts are working on the project along with Constellation, a German aerospace research initiative that involves interlinked student projects. The plan isn't without limitations.