background preloader

The NSA's Secret Campaign to Crack, Undermine Internet Encryption

The NSA's Secret Campaign to Crack, Undermine Internet Encryption
The National Security Agency headquarters at Fort Meade, Md., in January 2010. (Saul Loeb/AFP/Getty Images Sept. 6: This story has been updated with a response from the Office of the Director of National Intelligence [2]. The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents. This story has been reported in partnership between The New York Times [3], the Guardian [4] and ProPublica based on documents obtained by The Guardian. For the Guardian: James Ball, Julian Borger, Glenn Greenwald For the New York Times: Nicole Perlroth, Scott Shane For ProPublica: Jeff Larson The N.S.A. hacked into target computers to snare messages before they were encrypted. An intelligence budget document makes clear that the effort is still going strong. Related:  The NSA Files: PRISM & Boundless InformationSURVEILLANCE

Revealed: how US and UK spy agencies defeat internet privacy and security | World news | Guardian Weekly US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments. The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – "the use of ubiquitous encryption across the internet". But security experts accused them of attacking the internet itself and the privacy of all users.

Through the Azerothian Looking Glass: Mapping In-Game Preferences to Real World Demographics ProPublica Journalism in the public interest. Through the Azerothian Looking Glass: Mapping In-Game Preferences to Real World Demographics Get Updates Stay on top of what ProPublica's working on by subscribing to our e-mail digest. optional Through the Azerothian Looking Glass: Mapping In-Game Preferences to Real World Demographics Document Pages Notes Text Zoom Previous for “” Next Previous Next p. 3 younger and male vs. older and female Delete Save Save as Draft Cancel p. 1 Loading Loading p. 2 Page Note 1 of 4 1 Contents younger and male vs. older and female p.3 Original Document (PDF) » Print Notes » Contributed by: Justin Elliott, ProPublica To print the document, click the "Original Document" link to open the original PDF.

The US government has betrayed the internet. We need to take it back | Bruce Schneier Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do. One, we should expose. We need to know how exactly how the NSA and other agencies are subverting routers, switches, the internet backbone, encryption technologies and cloud systems.

Partner of NSA leaks reporter carried paper with password, says UK David Miranda, who was recently detained while carrying British intelligence documents through London's Heathrow Airport, reportedly wrote down the password to one of the encrypted files on a piece of paper seized by police. Miranda, partner of The Guardian reporter Glenn Greenwald, carried a "piece of paper containing basic instructions for accessing some data, together with a piece of paper that included the password for decrypting one of the encrypted files on the external hard drive," UK Deputy National Security Adviser Oliver Robbins said in a "statement prepared for a High Court hearing," according to the BBC. Robbins said one file Miranda was carrying included 58,000 "highly classified UK intelligence documents," but it's not clear how many documents were part of the file said to be associated with the password. For his part, Greenwald denied that the password on its own could decrypt a document. Miranda had been traveling to Berlin to visit documentary filmmaker Laura Poitras.

World of Spycraft: NSA and CIA Spied in Online Games Visitors play "World of Warcraft" at an exhibition stand during the Gamescom 2012 fair in Cologne, Germany. (Ina Fassbender/Reuters) Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents [3]. Fearing that terrorist or criminal networks could use the games to communicate secretly, move money or plot attacks, the documents show, intelligence operatives have entered terrain populated by digital avatars that include elves, gnomes and supermodels. The spies have created make-believe characters to snoop and to try to recruit informers, while also collecting data and contents of communications between players, according to the documents, disclosed by the former National Security Agency contractor Edward J. Slideshow: prev [7]1 of 5next [7]

Comment on NSA Effort to Defeat Encryption Worldwide September 5, 2013 FOR IMMEDIATE RELEASE CONTACT: 212-549-2666, WASHINGTON – In an effort to defeat encrypted communications worldwide, the National Security Agency has manipulated U.S. and global encryption standards; utilized supercomputers to break open encrypted communications and data; and has persuaded, and sometimes forced, technology and Internet service providers to give it access to protected data, according to reports published today in The Guardian and The New York Times in partnership with ProPublica. "The encryption technologies that the NSA has exploited to enable its secret dragnet surveillance are the same technologies that protect our most sensitive information, including medical records, financial transactions, and commercial secrets," said Christopher Soghoian, principal technologist of the ACLU's Speech, Privacy and Technology Project." For more information on the ACLU's work on NSA surveillance:

To hunt Osama bin Laden, satellites watched over Abbottabad, Pakistan, and Navy SEALs The disclosures about the hunt for the elusive founder of al-Qaeda are contained in classified documents that detail the fiscal 2013 “black budget” for U.S. intelligence agencies, including the NSA and the CIA. The documents, provided to The Washington Post by former NSA contractor Edward Snowden, make only brief references to the bin Laden operation. But the mission is portrayed as a singular example of counterterrorism cooperation among the U.S. government’s numerous intelligence agencies. Eight hours after the raid, according to the documents, a forensic intelligence laboratory run by the Defense Intelligence Agency in Afghanistan had analyzed DNA from bin Laden’s corpse and “provided a conclusive match” confirming his identity. Also playing a role in the search for bin Laden was an arm of the NSA known as the Tailored Access Operations group. That doctor was convicted by a Pakistani court in May 2012 of “conspiring against the state.”

Attention, mondes virtuels sous surveillance ! Les mondes virtuels vont-ils devenir un terrain privilégié pour les agences de renseignement, soucieuses de déceler parmi les avatars des criminels potentiels ? Dans un précédent article, nous évoquions déjà les hypothèses - plus ou moins fantasques -de contrôle des usagers de Second Life par la CIA. Dans un vaste projet de contrôle du réseau Internet, l'Office of the Director of National Intelligence (ODNI), qui supervise l'action du renseignement américain, entend vérifier l'attitude de chaque joueur en ligne. Intitulé " Reynard ", le dispositif généralise la fouille de données (" data mining " en anglais) aux univers numériques, et spécifiquement, aux mondes virtuels. Le but " est d'étudier les dynamiques sociales, et particulièrement des terroristes dans les mondes virtuels et les jeux en ligne ", prévient l'ODNI. Le processus fonctionne en deux temps : en utilisant les données collectées, Reynard produit " une base de conduite normale ". Inconstitutionnel ? Laurent Checola

Web Conferences-Privacy Conference The Risks in Assessing Risks Free to IAPP Members: IAPP Global Privacy Summit “Best of” Reprise session 60-minute recording made available on Thursday, April 10 Companies have embraced risk management to an unprecedented degree and with real benefits. What you’ll take away: The common traps that people fall into when identifying risk Techniques for avoiding common mistakes that can skew risk assessments The value of thinking of approaches that cover a wide range of potential risks Virtual Panelist:Adam Turteltaub, Society of Corporate Compliance & Ethics Order Now Big Data, Privacy and Intangible Assets Free to IAPP Members 60-minute recording made available on Thursday, April 10, 2014 We know that personalised data and databases are valuable, but how valuable are they? What will be covered: The application of data protection law can dramatically affect company valutations.Those valuations can be affected up as well as down. Order Now Vendor Management and Assurance Broadcast Date: Thursday, April 3

The Black Budget: Top secret U.S. intelligence funding - Interactive Graphic - Washington Post World of Warcraft, nid d’espions Des Elfes et des avatars virtuels, utilisés dans la lutte antiterroriste. Telles sont les méthodes – peu conventionnelles – employées par les services de renseignements américains et britanniques, selon les dernières révélations liés aux documents fournis par Edward Snowden. D’après un document datant de 2008, publié sur le site Propublica et consulté par le New York Times et le Guardian, le jeu de rôle en ligne massivement multijoueurs World of Warcraft était sous surveillance des principales agences de renseignement. Lire : le document de 2008 Selon le document, les mondes virtuels et les jeux massivement multijoueurs, capables de réunir des dizaines de millions de joueurs, permettraient aux malfaiteurs potentiels de « se cacher, tout en étant visible de tous ». Outre World of Warcraft du studio américain Blizzard, les articles de presse évoquent également une surveillance de la plateforme de jeu en ligne de Microsoft, le Xbox Live, mais aussi du monde virtuel Second Life. Data mining

‘Black budget’ summary details U.S. spy network’s successes, failures and objectives The 178-page budget summary for the National Intelligence Program details the successes, failures and objectives of the 16 spy agencies that make up the U.S. intelligence community, which has 107,035 employees. The summary describes cutting-edge technologies, agent recruiting and ongoing operations. The Post is withholding some information after consultation with U.S. officials who expressed concerns about the risk to intelligence sources and methods. Sensitive details are so pervasive in the documents that The Post is publishing only summary tables and charts online. “The United States has made a considerable investment in the Intelligence Community since the terror attacks of 9/11, a time which includes wars in Iraq and Afghanistan, the Arab Spring, the proliferation of weapons of mass destruction technology, and asymmetric threats in such areas as cyber-warfare,” Director of National Intelligence James R. Among the notable revelations in the budget summary: An espionage empire Lee H.

Big Data Should Be Regulated by 'Technological Due Process' In our increasingly scored society – where algorithms turn our browsing habits, click patterns, purchases and GPS location data into ratings and predictions of who we are – it is very difficult for those who are mislabeled, or tagged in an undesirable way, to break out of their scoring prisons, in part because they are usually unaware they are being reviewed. Oversight of scoring algorithms would go a long way to ensure their fairness and accuracy for both government and private systems. When the government makes important decisions that affect our life, liberty and property, it owes us “due process” – understood as notice of, and a chance to object to, those decisions. Unlike the government, private companies have no obligation to tell us about their scoring systems. Oversight of scoring determinations – a sort of “technological due process” – would go a long way to ensure their fairness and accuracy for both government and private systems. Precedent exists for such agency review.

Inside the 2013 U.S. intelligence 'black budget' The pages in this document appear in the summary of the Office of the Director of National Intelligence's multivolume FY 2013 Congressional Budget Justification — the U.S. intelligence community's top-secret "black budget." It covers many of the high-profile agencies, such as the Central Intelligence Agency and the National Security Agency, as well as lesser-known programs, including those within the Treasury, State and Energy Departments. This budget does not include funding for intelligence-gathering by the military. Although the government has annually released its overall level of intelligence spending since 2007, it has not divulged how it uses those funds. See detailed breakdowns of how the U.S. government allocates resources across the intelligence community and within individual agencies in the annotated pages below. » The Black Budget: Explore top secret U.S. intelligence funding