NSA and GCHQ unlock privacy and security on the internet
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments. The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – "the use of ubiquitous encryption across the internet". But security experts accused them of attacking the internet itself and the privacy of all users.
The NSA's Secret Campaign to Crack, Undermine Internet Encryption
The National Security Agency headquarters at Fort Meade, Md., in January 2010. (Saul Loeb/AFP/Getty Images Sept. 6: This story has been updated with a response from the Office of the Director of National Intelligence [2]. The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents. This story has been reported in partnership between The New York Times [3], the Guardian [4] and ProPublica based on documents obtained by The Guardian. For the Guardian: James Ball, Julian Borger, Glenn Greenwald For the New York Times: Nicole Perlroth, Scott Shane For ProPublica: Jeff Larson The N.S.A. hacked into target computers to snare messages before they were encrypted. An intelligence budget document makes clear that the effort is still going strong.
Why Mozilla Was Right: GCHQ & NSA Track Cookies
Subscribe to this blog About Author Glyn Moody's look at all levels of the enterprise open source stack. The blog will look at the organisations that are embracing open source, old and new alike (start-ups welcome), and the communities of users and developers that have formed around them (or not, as the case may be). Contact Author Email Glyn Twitter Profile Linked-in Profile During 2013, I've written a few articles about Mozilla's attempt to give users greater control over the cookies placed on their systems, and how the European arm of the Interactive Advertising Bureau (IAB) tried to paint this as Mozilla "undermining the openness", or "hijacking" the Internet because it dared to stand up for us in this way. The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using "cookies" and location data to pinpoint targets for government hacking and to bolster surveillance. And it gets even worse:
Comment on NSA Effort to Defeat Encryption Worldwide
September 5, 2013 FOR IMMEDIATE RELEASE CONTACT: 212-549-2666, media@aclu.org WASHINGTON – In an effort to defeat encrypted communications worldwide, the National Security Agency has manipulated U.S. and global encryption standards; utilized supercomputers to break open encrypted communications and data; and has persuaded, and sometimes forced, technology and Internet service providers to give it access to protected data, according to reports published today in The Guardian and The New York Times in partnership with ProPublica. "The encryption technologies that the NSA has exploited to enable its secret dragnet surveillance are the same technologies that protect our most sensitive information, including medical records, financial transactions, and commercial secrets," said Christopher Soghoian, principal technologist of the ACLU's Speech, Privacy and Technology Project." For more information on the ACLU's work on NSA surveillance: aclu.org/time-rein-surveillance-state-0
The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle
AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data. The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. In all, Gemalto produces some 2 billion SIM cards a year. “It’s unbelievable. GCHQ slide.
Web Conferences-Privacy Conference
The Risks in Assessing Risks Free to IAPP Members: IAPP Global Privacy Summit “Best of” Reprise session 60-minute recording made available on Thursday, April 10 Companies have embraced risk management to an unprecedented degree and with real benefits. However, behavioral economics and psychology have revealed significant gaps in the abilities of humans to adequately assess risk. What you’ll take away: The common traps that people fall into when identifying risk Techniques for avoiding common mistakes that can skew risk assessments The value of thinking of approaches that cover a wide range of potential risks Virtual Panelist:Adam Turteltaub, Society of Corporate Compliance & Ethics Order Now Big Data, Privacy and Intangible Assets Free to IAPP Members 60-minute recording made available on Thursday, April 10, 2014 We know that personalised data and databases are valuable, but how valuable are they? What will be covered: Order Now Vendor Management and Assurance Broadcast Date: Thursday, April 3
