Tras el ataque al Parlamento Británico ocurrido la semana pasada, los políticos británicos han exigido que Whatsapp y otras aplicaciones de mensajería instantánea proporcionen acceso a la policía y fuerzas de seguridad para así poder monitorear conversaciones terroristas. Sin embargo, los expertos en tecnología discuten que abrir las “puertas traseras” de los servicios de mensajería popular, las cuales usan cifrado de extremo a extremo, arrojaría una serie de problemas.
Tres académicos renunciaron a organizar un seminario sobre temas de seguridad e inteligencia, porque sospechan que una editorial ligada a la actividad pueda ser usada como pantalla por espías del Kremlin. “Cambridge es un maravilloso lugar de teorías conspirativas pero la idea de que haya un complot maquiavélico es ridículo”, dijo Neil Kent, uno de los principales impulsores del evento.
The European Union’s top court has severely undermined the British government’s mass surveillance powers in a new ruling that could rein in police and spy agency investigations.In a judgment handed down in Luxembourg on Wednesday, the European Court of Justice declared that the “general and indiscriminate retention” of data about people’s communications and locations was inconsistent with privacy rights. The court stated that the “highly invasive” bulk storage of private data “exceeds the limits of what is strictly necessary and cannot be considered to be justified, within a democratic society.”
Perhaps the most controversial aspect of the new law is that it will give the British government the authority to serve internet service providers with a “data retention notice,” forcing them to record and store for up to 12 months logs showing websites visited by all of their customers. Law enforcement agencies will then be able to obtain access to this data without any court order or warrant. In addition, the new powers will hand police and tax investigators the ability to, with the approval of a government minister, hack into targeted phones and computers.
A bill giving the UK intelligence agencies and police the most sweeping surveillance powers in the western world has passed into law with barely a whimper, meeting only token resistance over the past 12 months from inside parliament and barely any from outside.The Investigatory Powers Act, passed on Thursday, legalises a whole range of tools for snooping and hacking by the security services unmatched by any other country in western Europe or even the US.
Following on from our recent victory against unlawful surveillance by the British intelligence services, Privacy International is taking the British Government to court again. Why? Because it is using ‘general warrants’ to hack the electronic devices (computers, phones, tablets, and the increasing number of things that ‘connect’ to the internet) of sweeping groups of unidentified people at home and abroad. General warrants permit the government to target wide categories of people, places or property (e.g. all mobile phones in London) without any individualised suspicion of wrongdoing.
While most eyes are focused on the presidential race between Hillary Clinton and Donald Trump, three major events prove how widespread, and dangerous, mass surveillance has become in the West. Standing alone, each event highlights exactly the severe threats that motivated Edward Snowden to blow his whistle; taken together, they constitute full-scale vindication of everything he’s done.
Ten organizations – including Privacy International, the American Civil Liberties Union, and Amnesty International – are taking up the landmark case against the U.K. government in the European Court of Human Rights (pictured above). In a 115-page complaint released on Thursday, the groups allege that “blanket and indiscriminate” surveillance operations carried out by British spy agencies in collaboration with their U.S. counterparts violate privacy and freedom of expression rights.
in the heart of the tranquil English countryside, is the National Security Agency’s largest overseas spying base. Originally used to monitor Soviet communications through the Cold War, its focus has since dramatically shifted, and today it is a vital part of the NSA’s sprawling global surveillance network.
The bulk collection of personal data by British spy agencies is vital in preventing terrorist attacks, an independent review of draft security legislation has found.David Anderson QC, the independent reviewer of terrorism legislation, concluded that laws giving MI5, MI6 and GCHQ the right to gather large volumes of data from members of the public had a “clear operational purpose”.
NEWLY DISCLOSED DOCUMENTS offer a rare insight into the secretive legal regime underpinning the British government’s controversial mass surveillance programs.The London-based group Privacy International obtained the previously confidential files as part of an ongoing legal case challenging the scope of British spies’ covert collection of huge troves of private data.
Los refugiados no tienen derechos. De ahí se deriva que sus teléfonos pueden ser hackeados y sus ordenadores también. Al parecer, esto es lo que ha hecho -legalmente y según The Observer – los funcionarios de la oficina de inmigración británica. En 2013 recibieron poderes para hackear los dispositivos electrónicos de todos los refugiados y peticionarios de asilo que considerasen necesario. Y lo consideran.
GCHQ, Britain’s national security surveillance agency, has been ordered to destroy legally privileged communications it unlawfully collected from a Libyan rendition victim.
The ruling marks the first time in its 15-year history that the investigatory powers tribunal has upheld a specific complaint against the intelligence services, lawyers have said. It is also the first time the tribunal has ordered a security service to give up surveillance material.
The IPT says GCHQ must destroy two documents which are legally privileged communications belonging to a former opponent of the Gaddafi regime, Sami al-Saadi, who was sent back to Libya in 2004 in a joint MI6-CIA “rendition” operation with his wife and four children under 12.
The tribunal, chaired by Mr Justice Burton, ruled that GCHQ must give an undertaking that parts of those documents must be “destroyed or deleted so as to render such information inaccessible to the agency in the future”. The agency has to submit a secret report within 14 days confirming that the destruction has been carried out.
GCHQ has also been ordered to hand over a hard copy of the papers to the interception of communications commissioner within seven days. They will be kept safe for five years in case there are further legal proceedings or an inquiry.
The tribunal says that although the two documents contain information covered by legal privilege they did not disclose or refer to any legal advice: “The tribunal, after careful consideration, is [also] satisfied that there was no use or disclosure of the privileged information for the purpose of defending the civil claim brought by [Saadi] and others.”
This is a compensation claim against Jack Straw, the then foreign secretary, and the Foreign Office, being brought by Saadi along with another prominent opponent of Gaddafi, Abdel Hakim Belhaj and his family, for their role in their rendition and subsequent torture in Libya in 2004.
Britain’s laws governing the intelligence agencies and mass surveillance require a total overhaul to make them more transparent, comprehensible and up to date, parliament’s intelligence and security committee (ISC) has said in a landmark report prompted by the revelations of Edward Snowden, the former US National Security Agency contractor.
The 18-month inquiry finds that the existing laws are not being broken by the agencies and insists the bulk collection of data by the government does not amount to mass surveillance or a threat to individual privacy.
But it also says that the legal framework is unnecessarily complicated and – crucially – lacks transparency. The current laws could be construed as providing the agencies with a “blank cheque to carry out whatever actives they deem necessary”, it says.
In what it describes as its key recommendation it calls for all the current legislation governing the intrusive capabilities of the security and intelligence agencies to be replaced by a new, single act of parliament.
This new legal framework should for the first time explicitly set out surveillance capabilities, detailing the authorisation procedures, privacy constraints, transparency requirements, targeting criteria, sharing arrangements, oversight, and other safeguards.
The report will form a central pillar of the discussions in the next parliament on how to redraft UK surveillance laws, including a report from the Royal United Services Institute (Rusi) commissioned by Nick Clegg and work being undertaken by the commissioner on intelligence law.
This inquiry, disrupted by the last-minute resignation of the committee chairman, Sir Malcolm Rifkind, over allegations concerning cash for influence, has always been viewed sceptically by libertarians, who regard the ISC as the democratic voice for the agencies as opposed to their scrutineers.
Guardian defence and intelligence correspondent Ewen MacAskill reads out a message to Guardian readers at a Members’ screening of Citizenfour in London. MacAskill joined editor-in-chief Alan Rusbriger, Janine Gibson and Stuart Millar to discuss the Snowden story in Kings Place on 2 March 2015.
lunes, 2 de marzo de 2015
Carmen Esquivel (PL)
Cuando aún está fresco en la memoria el escándalo por el espionaje masivo contra ciudadanos, instituciones y hasta dignatarios europeos, el tema vuelve a la palestra al revelarse ahora que otros objetivos estuvieron en la mira de los servicios de inteligencia estadounidenses.
El nuevo blanco de los ataques es la compañía holandesa Gemalto, primera de su tipo en el mundo en la fabricación de tarjetas SIM (Subscriber Identity Module), en español Módulo de Identificación de Abonados, usada en teléfonos celulares y módems.
Para dar una idea de la magnitud de lo que esto significa baste señalar que la firma produce cerca de dos mil millones de estos dispositivos al año para 450 empresas de telecomunicaciones, entre ellas T-Mobile, Vodafone, Orange, Verizon y Sprint.
Gemalto trabaja, además, con unas tres mil instituciones financieras porque elabora chips para tarjetas de crédito.
De acuerdo con documentos filtrados recientemente por Edward Snowden, ex analista de la Agencia Nacional de Seguridad (NSA, por sus siglas en inglés), las inteligencias estadounidense y británica lograron apropiarse de las claves de la compañía, lo cual les abrió las puertas a los celulares de medio mundo.
La NSA y el Cuartel General de Comunicaciones del gobierno de Gran Bretaña (GCHQ) obtuvieron las llaves al acceder a los servidores centrales de Gemalto, valiéndose de información privada de algunos ingenieros, fabricantes de tarjetas y proveedores.
De esta manera pudieron espiar las llamadas, mensajes y correos electrónicos de una persona o empresa sin necesidad de pasar por una operadora o de obtener una orden judicial y, lo más alarmante, sin dejar ningún tipo de rastro.
“Es imposible saber cuántos códigos robaron la NSA y el GCHQ, pero si nos basamos en hipótesis modestas, el número es impresionante”, afirmó el sitio digital The Intercept, que filtró la información.
Downing Street and the German chancellery are embroiled in a worsening dispute over intelligence-sharing and the covert counter-terrorism campaign because of conflicts arising from the surveillance scandals surrounding the US National Security Agency and Britain’s GCHQ.
According to German newspaper reports citing government and intelligence officials in Berlin, the Bundestag’s inquiry into the NSA controversy is being jeopardised by Britain’s refusal to cooperate and its threats to break off all intelligence-sharing with Berlin should the committee reveal any UK secrets.
The weekly magazine Focus reported last month that a national security aide to David Cameron had written to Peter Altmaier, Angela Merkel’s chief of staff, refusing all requests for help in the inquiry and warning that Britain would cease supplying terrorism-related intelligence to the Germans unless Berlin yielded.
It emerged during the NSA revelations that the Americans had hacked into Merkel’s mobile phone, generating outrage in Germany and feeding growing anti-American sentiment.
Internationally, the BND, Germany’s foreign intelligence service, is viewed as less than vigorous. In the secret war on terror, the Germans are said to be dependent on signals intelligence from the British and the Americans.
Gemalto, the French-Dutch digital security giant, confirmed that it believes American and British spies were behind a “particularly sophisticated intrusion” of its internal computer networks, as reported by The Intercept last week.
This morning, the company tried to downplay the significance of NSA and GCHQ efforts against its mobile phone encryption keys — and, in the process, made erroneous statements about cellphone technology and sweeping claims about its own security that experts describe as highly questionable.
Gemalto, which is the largest manufacturer of SIM cards in the world, launched an internal investigation after The Intercept six days ago revealed that the NSA and its British counterpart GCHQ hacked the company and cyberstalked its employees. In the secret documents, provided by NSA whistleblower Edward Snowden, the intelligence agencies described a successful effort to obtain secret encryption keys used to protect hundreds of millions of mobile devices across the globe.
The company was eager to address the claims that its systems and encryption keys had been massively compromised. At one point in stock trading after publication of the report, Gemalto suffered a half billion dollar hit to its market capitalization. The stock only partially recovered in the following days.
After the brief investigation, Gemalto now says that the NSA and GCHQ operations in 2010-2011 would not allow the intelligence agencies to spy on 3G and 4G networks, and that theft would have been rare after 2010, when it deployed a “secure transfer system.” The company also said the spy agency hacks only affected “the outer parts of our networks — our office networks — which are in contact with the outside world.”
Security experts and cryptography specialists immediately challenged Gemalto’s claim to have done a “thorough” investigation into the state-sponsored attack in just six days, saying the company was greatly underestimating the abilities of the NSA and GCHQ to penetrate its systems without leaving detectable traces.
“Gemalto learned about this five-year-old hack by GCHQ when the The Intercept called them up for a comment last week. That doesn’t sound like they’re on top of things, and it certainly suggests they don’t have the in-house capability to detect and thwart sophisticated state-sponsored attacks,” says Christopher Soghoian, the chief technologist at the American Civil Liberties Union. He adds that Gemalto remains “a high-profile target for intelligence agencies.”
Matthew Green, a cryptography specialist at the Johns Hopkins Information Security Institute, said, “This is an investigation that seems mainly designed to produce positive statements. It is not an investigation at all.”
People who go on to commit serious cybercrime often start out with minor thefts in online games such as World Of Warcraft, a leading detective has said.
Looking at how people end up on a particular criminal path could help with early intervention, said Dr Jamie Saunders of the National Crime Agency.
In an interview with the Independent, the director of the National Cyber Crime Unit said cybercriminals can do “a great deal of damage, but not in a traditional criminal way”, and explained that the crimes can start out on a small scale.
The regime that governs the sharing between Britain and the US of electronic communications intercepted in bulk was unlawful until last year, a secretive UK tribunal has ruled.
The Investigatory Powers Tribunal (IPT) declared on Friday that regulations covering access by Britain’s GCHQ to emails and phone records intercepted by the US National Security Agency (NSA) breached human rights law.
Advocacy groups said the decision raised questions about the legality of intelligence-sharing operations between the UK and the US. The ruling appears to suggest that aspects of the operations were illegal for at least seven years – between 2007, when the Prism intercept programme was introduced, and 2014.
The critical judgment marks the first time since the IPT was established in 2000 that it has upheld a complaint relating to any of the UK’s intelligence agencies. It said that the government’s regulations were illegal because the public were unaware of safeguards that were in place. Details of those safeguards were only revealed during the legal challenge at the IPT.
An “order” posted on the IPT’s website early on Friday declared: “The regime governing the soliciting, receiving, storing and transmitting by UK authorities of private communications of individuals located in the UK, which have been obtained by US authorities … contravened Articles 8 or 10” of the European convention on human rights.
The former head of MI6, Sir John Sawers, has called for a new surveillance compact between internet companies and the security services in the UK and US in the wake of the Snowden revelations.
In his first speech since standing down as “C” at the end of last year, Sawers said the two could work together as they had in the past to prevent a repeat of events such as the Charlie Hebdo attack, the always present threats from militant Islamists in places such as Yemen, and the advance of Boko Haram in Nigeria.
In other parts of the speech, he aligned himself with Pope Francis in calling for restraint in offending the religious sensitivities of others after the Paris attack. He also, surprisingly, distanced MI6 from the CIA over what he called “lethal” operations.
Sawers, who is going into the private sector after decades in the Foreign Office and latterly at MI6, said the Snowden revelations in 2013 had shattered the previous informal relationship between tech companies and the surveillance agencies.
Companies such as Google and Microsoft had suffered a consumer backlash as a result of the revelations and are increasingly unwilling to cooperate to the same degree, creating a headache for the surveillance agencies in the US and the UK.
• Agency includes investigative journalists on ‘threat’ list
• Editors call on Cameron to act against snooping on media
GCHQ’s bulk surveillance of electronic communications has scooped up emails to and from journalists working for some of the US and UK’s largest media organisations, analysis of documents released by whistleblower Edward Snowden reveals.
Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and the Washington Post were saved by GCHQ and shared on the agency’s intranet as part of a test exercise by the signals intelligence agency.
The disclosure comes as the British government faces intense pressure to protect the confidential communications of reporters, MPs and lawyers from snooping.
The journalists’ communications were among 70,000 emails harvested in the space of less than 10 minutes on one day in November 2008 by one of GCHQ’s numerous taps on the fibre-optic cables that make up the backbone of the internet.
The communications, which were sometimes simple mass-PR emails sent to dozens of journalists but also included correspondence between reporters and editors discussing stories, were retained by GCHQ and were available to all cleared staff on the agency intranet. There is nothing to indicate whether or not the journalists were intentionally targeted.
The mails appeared to have been captured and stored as the output of a then-new tool being used to strip irrelevant data out of the agency’s tapping process.
New evidence from other UK intelligence documents revealed by Snowden also shows that a GCHQ information security assessment listed “investigative journalists” as a threat in a hierarchy alongside terrorists or hackers.
EE UU y Reino Unido lanzan ejercicios y equipos mixtos de expertos para responder a la oleada de ataques informáticos
A lo largo de 2015 los poderosos sectores financieros de Estados Unidos y Reino Unido, posiblemente el Banco de Inglaterra y Wall Street, serán objeto de un ciberataque. Será, en realidad, un ataque ficticio. Un simulacro. El primero de una serie de ejercicios conjuntos entre los servicios de espionaje, que se producirán en el marco de un acuerdo “sin precedentes” entre los dos aliados, para poner a prueba los mecanismos de seguridad en las “infraestructuras nacionales críticas” ante la amenaza de los cibercriminales.
Así lo confirmaron el viernes en Washington el primer ministro británico, el conservador David Cameron, y el presidente estadounidense, Barack Obama. “Dado el urgente y creciente peligro de los ciberataques, hemos decidido expandir nuestra cooperación en ciberseguridad para proteger nuestra infraestructura más crítica, nuestros negocios y la privacidad de nuestros pueblos”, dijo Obama.
A renglón seguido, el primer ministro británico coincidió en la necesidad de forjar una estructura conjunta que pueda proteger “mejor” a sus países ante los ciberataques, en referencia al asalto atribuido a Corea del Norte contra la compañía Sony a finales de año o el que esta semana afectó a la cuenta en Twitter del Mando Central de EE UU, lanzado presuntamente por simpatizantes del Estado Islámico (EI).
Cameron, que ya adelantó los planes conjuntos de ambos aliados antes de reunirse con Obama, ha intensificado, tras el ataque contra el semanario francés Charlie Hebdo, su campaña para lograr que los Gobiernos dispongan de más poderes para acceder a la actividad en Internet de los sospechosos de terrorismo, y busca aliados en su empeño.
David Cameron is to urge Barack Obama to pressure internet firms such as Twitter and Facebook to do more to cooperate with Britain’s intelligence agencies as they seek to track the online activities of Islamist extremists.
As he becomes the first European leader to meet the president after the multiple shootings in Paris last week, the prime minister will seek to win Obama’s support for his plans to secure a new legal framework to deny terrorists a “safe space”.
The prime minister arrives after he proposed earlier this week that British intelligence agencies have the power to break the encrypted communications of suspected terrorists and insisting that the likes of Twitter and Facebook do more to cooperate with Britain’s GCHQ eavesdropping centre.