NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet

The supercomputer described in the trove, “WindsorGreen,” was a system designed to excel at the sort of complex mathematics that underlies encryption, the technology that keeps data private, and almost certainly intended for use by the Defense Department’s signals intelligence wing, the National Security Agency. WindsorGreen was the successor to another password-cracking machine used by the NSA, “WindsorBlue,” which was also documented in the material leaked from NYU and which had been previously described in the Norwegian press thanks to a document provided by National Security Agency whistleblower Edward Snowden. Both systems were intended for use by the Pentagon and a select few other Western governments, including Canada and Norway.

Fuente: NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet


Leaked NSA Malware Is Helping Hijack Computers Around the World

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Fuente: Leaked NSA Malware Is Helping Hijack Computers Around the World


Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador

El gigante de la informática criticó el papel de los gobiernos y organizaciones que coleccionan vulnerabilidades informáticas que después pueden ser robadas o vendidas a delincuentes informáticos. La empresa pide que lo sucedido sea una lección para erradicar esta práctica en el mundo.

Fuente: Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador


The Strangers Who Got Snowden’s Secrets in the Mail

The story of Edward Snowden’s disclosure of NSA secrets to the press has been told and retold in books, films, and countless articles. Left unreported has been the quiet role of two journalists who literally had Snowden material mailed to them in a cardboard box.

Fuente: The Strangers Who Got Snowden’s Secrets in the Mail


New York’s New Digital Crime Lab Is a Forensic Marvel

In an exclusive tour of the new lab, Fortune got a glimpse of Law & Order in the digital age. The lab is Exhibit A in how America’s biggest city is embracing big data analytics and a dash of hacker culture to solve complex crimes. It also raises hard questions about how to balance these sophisticated crime-fighting tools with civil liberties.

Fuente: New York’s New Digital Crime Lab Is a Forensic Marvel


Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser

Hillary Clinton’s advisers recognized that her policy position on encryption was problematic, with one writing that it was tantamount to insisting that there was “‘some way’ to do the impossible.”Instead, according to campaign emails released by Wikileaks, they suggested that the campaign signal its willingness to use “malware” or “super code breaking by the NSA” to get around encryption.

Fuente: Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser


Yahoo may have let the government spy on emails. Now will we embrace encryption? | Trevor Timm | Opinion | The Guardian

Finally, Yahoo’s possible betrayal of its users is another example of why whistleblowers and leaks to the press are so important. The US government considers this type of surveillance “legal” even though it shocks the conscience of many ordinary Americans and dozens of civil liberties groups have been attempting to have courts rule it illegal for years.

Fuente: Yahoo may have let the government spy on emails. Now will we embrace encryption? | Trevor Timm | Opinion | The Guardian


FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’

The FBI has “hundreds of millions of dollars” to spend on developing technology for use in both national security and domestic law enforcement investigations — but it won’t reveal the exact amount.

Fuente: FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’


Court refuses request to force alleged hacker to divulge passwords | Technology | The Guardian

An alleged hacker fighting extradition to the US will not have to give the passwords for his encrypted computers to British law enforcement officers, following a landmark legal ruling.

Fuente: Court refuses request to force alleged hacker to divulge passwords | Technology | The Guardian


Child porn suspect jailed indefinitely for refusing to decrypt hard drives | Ars Technica

A Philadelphia man suspected of possessing child pornography has been in jail for seven months and counting after being found in contempt of a court order demanding that he decrypt two password-protected hard drives.

Fuente: Child porn suspect jailed indefinitely for refusing to decrypt hard drives | Ars Technica


‘Crypto Wars’ timeline: A history of the new encryption debate

Encryption is finally mainstream.Government officials and technologists have been debating since the early 1990s whether to limit the strength of encryption to help the law-enforcement and intelligence communities monitor suspects’ communications. But until early 2016, this was a mostly esoteric fight, relegated to academic conferences, security agencies’ C-suites, and the back rooms of Capitol Hill.Everything changed in mid-February, when President Barack Obama’s Justice Department, investigating the terrorists who carried out the San Bernardino, California, shooting, asked a federal judge to force Apple to help the Federal Bureau of Investigation unlock one attacker’s iPhone.What followed was an unexpectedly rancorous and unprecedentedly public fight over how far the government should go to pierce and degrade commercial security technology in its quest to protect Americans from terrorism.

Fuente: ‘Crypto Wars’ timeline: A history of the new encryption debate


Ron Wyden vows to filibuster anti-cryptography bill / Boing Boing

Senators Richard Burr [R-NC] and Dianne Feinstein [D-CA] finally introduced their long-rumored anti-crypto bill, which will ban US companies from making products with working cryptography, mandating that US-made products have some way to decrypt information without the user’s permission.

Fuente: Ron Wyden vows to filibuster anti-cryptography bill / Boing Boing


Microsoft y Apple redoblan lucha por privacidad de datos en EEUU – El Mostrador

Si bien estos casos judiciales destacados han sumado impulso, la ofensiva del sector contra la intrusión gubernamental en la información privada de los clientes comenzó hace al menos dos años, luego de las revelaciones de Edward Snowden sobre la recolección encubierta de datos que pusieron a todos a la defensiva.

Fuente: Microsoft y Apple redoblan lucha por privacidad de datos en EEUU – El Mostrador


Forget Apple's fight with the FBI – our privacy catastrophe has only just begun | Technology | The Guardian

The privacy crisis is a disaster of our own making – and now the tech firms who gathered our data are trying to make money out of privacy

Fuente: Forget Apple’s fight with the FBI – our privacy catastrophe has only just begun | Technology | The Guardian


Obama Wants Nonexistent Middle Ground on Encryption, Warns Against “Fetishizing Our Phones”

Obama’s first extended disquisition on the contentious issue of encryption suggests he’s only been listening to one side.

Fuente: Obama Wants Nonexistent Middle Ground on Encryption, Warns Against “Fetishizing Our Phones”


Snowden: FBI's claim it can't unlock the San Bernardino iPhone is 'bullshit' | Technology | The Guardian

NSA whistleblower rubbishes claims that only Apple can unlock killer’s iPhone 5C, indicating FBI has the means itself

Fuente: Snowden: FBI’s claim it can’t unlock the San Bernardino iPhone is ‘bullshit’ | Technology | The Guardian


NSA Is Mysteriously Absent From FBI-Apple Fight

The Federal Bureau of Investigation insisted that it was helpless. The bureau told a judge in February that Apple has the “exclusive technical means” to try to unlock the contents of San Bernardino shooter Syed Rizwan Farook’s iPhone — and that’s why it should be forced to do so. But notably missing from the FBI’s argument was any mention of whether it had consulted spies and sleuths from the government’s intelligence community — particularly the National Security Agency. The Twitterverse exploded with q

Fuente: NSA Is Mysteriously Absent From FBI-Apple Fight


Apple gains support from tech rivals in FBI case – FT.com

ft.com > Companies >TechnologySubscribe Sign in Home World Companies Energy Financials Health Industrials Luxury 360 Media Retail & Consumer Tech Telecoms Transport By Region Tools Markets Global Economy Lex Comment Management Life & Arts March 4, 2016 2:25 amApple gains support from tech rivals in FBI caseTim Bradshaw in San Francisco Share Print Clip CommentsFBI and Apple logos©FBI/AppleAmerica’s largest technology companies have joined Apple’s fight against the government over data protection and security, in an unusual display of unity by the Silicon Valley rivals.More than a dozen motions filed on Thursday sided with Apple as it tries to resist a demand to write software that would help the FBI unlock the San Bernardino shooter’s iPhone. Civil liberties groups and IT trade associations lined up alongside dozens of law professors and cryptography experts, after Apple filed its own motion for the judicial order to be withdrawn last week.

Fuente: Apple gains support from tech rivals in FBI case – FT.com


What has the FBI ordered Apple to do and why is it refusing? – FT.com

What has Apple been ordered to do?The US court has told Apple to write a piece of software that lowers an iPhone’s defences, enabling the FBI to use brute force to break in by bombarding the device with many possible passwords until it gets the right answer. The new tool would do three things:

Fuente: What has the FBI ordered Apple to do and why is it refusing? – FT.com


EFF, ACLU, and Amnesty International voice support for Apple in FBI battle | The Verge

The American Civil Liberties Union (ACLU), Electronic Frontier Foundation (EFF), and Amnesty International have come out in support of Apple, after the company said it would contest a judge’s order to unlock an iPhone used by one of the San Bernardino shooters.

Fuente: EFF, ACLU, and Amnesty International voice support for Apple in FBI battle | The Verge


Apple’s FBI Battle Is Complicated. Here’s What’s Really Going On | WIRED

The news this week that a magistrate ordered Apple to help the FBI hack an iPhone used by one of the San Bernardino shooter suspects has polarized the nation—and also generated some misinformation.  In the interest of clarifying the facts and correcting some misinformation, we’ve pulled together a summary of the issues at hand.

Fuente: Apple’s FBI Battle Is Complicated. Here’s What’s Really Going On | WIRED


Bill Gates backs FBI in battle with Apple over San Bernardino killer's phone | Technology | The Guardian

US government is asking for a particular case, and Apple should comply, says Microsoft co-founder Gates

Fuente: Bill Gates backs FBI in battle with Apple over San Bernardino killer’s phone | Technology | The Guardian


Hillary Clinton and Bernie Sanders Refuse to Choose Between Apple and the FBI

Both candidates tried to occupy a middle ground that doesn’t really exist – either in the war between Apple and the FBI, or when it comes to the spread of unbreakable encryption.

Fuente: Hillary Clinton and Bernie Sanders Refuse to Choose Between Apple and the FBI


FBI Says Apple Court Order Is Narrow, But Other Law Enforcers Hungry to Exploit It

The Justice Department says Apple can destroy the hacking software it makes after it’s used once. But other law enforcers are already lining up to use it themselves.

Fuente: FBI Says Apple Court Order Is Narrow, But Other Law Enforcers Hungry to Exploit It


Apple to beef up customers’ iCloud encryption – FT.com

Apple is working on new ways to strengthen the encryption of customers’ iCloud backups in a way that would make it impossible for the company to comply with valid requests for data from law enforcement, according to people familiar with its plans.

Fuente: Apple to beef up customers’ iCloud encryption – FT.com


Apple's Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian

More high-profile titans need to use their platforms to make crystal clear how important encryption is to users everywhere

Fuente: Apple’s Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian


Comey Calls on Tech Companies Offering End-to-End Encryption to Reconsider “Their Business Model”

The FBI director essentially wants tech companies to roll back secure encryption to something less secure that law enforcement can intercept.

Fuente: Comey Calls on Tech Companies Offering End-to-End Encryption to Reconsider “Their Business Model”


How have journalists responded to revelations of mass surveillance? | Technology | The Guardian

How have journalists responded to revelations of mass surveillance? | Technology | The Guardian.

Two thirds of investigative journalists think they're being spied on, and many are taking action to combat that.

 Two thirds of investigative journalists think they’re being spied on, and many are taking action to combat that. Photograph: PAWEL KOPCZYNSKI/REUTERS

NSA whistleblower Edward Snowden’s revelations of mass surveillance by government agencies has made a big impact on investigative journalists, according to a new study.

The survey of 671 journalists, conducted by the US-based Pew Research Center and Columbia University’s Tow Center for Digital Journalism, found that 64% believe that the US government has probably collected data about their communications.

49% said that they have changed the way they store and share potentially sensitive documents in the last year as a result, while 29% have altered the way they communicate with fellow journalists.

However, only 3% have opted not to pursue a particular story due to concerns about electronic surveillance and hacking, although 13% have not reached out to a particular source for those reasons. Just 2% have considered abandoning investigative journalism.


Apple encryption: Stop the hysteria (Opinion) – CNN.com

Apple encryption: Stop the hysteria (Opinion) – CNN.com.

By Bruce Schneier
October 4, 2014 — Updated 1641 GMT (0041 HKT)
It all started with a truck driver in St. Louis. Ok, if we're being honest, it all started with a Swedish engineer named Lars Magnus Ericsson and <a href='http://www.ehow.com/about_5426865_history-car-phones.html ' target='_blank'>some electrical wires</a>... but let's skip ahead a few decades. The first mobile call was made on an<a href='http://www.corp.att.com/attlabs/reputation/timeline/46mobile.html ' target='_blank'> AT&amp;T car phone</a> in 1946. But owning a car phone didn't become mainstream until the 1980s. Now <a href='http://www.cnn.com/2011/TECH/mobile/10/03/cell.phones.numbers.gallery/index.html '>85% of American adults</a> own a cell phone, and we're annoyed when we can't get service. In celebration of the <a href='http://www.cnn.com/2011/10/04/tech/mobile/apple-iphone-announcement/index.html'>iPhone 4S's release</a>, take a look back at the evolution of popular mobile phones in the U.S.

It all started with a truck driver in St. Louis. Ok, if we’re being honest, it all started with a Swedish engineer named Lars Magnus Ericsson andsome electrical wires… but let’s skip ahead a few decades. The first mobile call was made on an AT&T car phone in 1946. But owning a car phone didn’t become mainstream until the 1980s. Now 85% of American adults own a cell phone, and we’re annoyed when we can’t get service. In celebration of theiPhone 4S’s release, take a look back at the evolution of popular mobile phones in the U.S.

HIDE CAPTION
Evolution of the mobile phone
<<
<
1
2
3
4
5
6
7
8
9
10
11
>
>>

STORY HIGHLIGHTS
  • Schneier: Apple closed serious security vulnerability in the iPhone, enabling wide encryption
  • He says law enforcement overreacted in saying it is a major form of protection for criminals
  • Law enforcement always complains about encryption but is little stymied by it, he says
  • Schneier: The benefits in protecting privacy far outweigh the costs

Editor’s note: Bruce Schneier is a security technologist and the chief technology officer of Co3 Systems. The opinions expressed in this commentary are solely those of the author.

(CNN) — Last week Apple announced that it is closing a serious security vulnerability in the iPhone. It used to be that the phone’s encryption only protected a small amount of the data, and Apple had the ability to bypass security on the rest of it.

From now on, all the phone’s data is protected. It can no longer be accessed by criminals, governments, or rogue employees. Access to it can no longer be demanded by totalitarian governments. A user’s iPhone data is now more secure.

To hear U.S. law enforcement respond, you’d think Apple’s move heralded an unstoppable crime wave. See, the FBI had been using that vulnerability to get into peoples’ iPhones. In the words of cyberlaw professor Orin Kerr, “How is the public interest served by a policy that only thwarts lawful search warrants?”

Bruce Schneier

Bruce Schneier

Ah, but that’s the thing: You can’t build a “back door” that only the good guys can walk through. Encryption protects against cybercriminals, industrial competitors, the Chinese secret police and the FBI. You’re either vulnerable to eavesdropping by any of them, or you’re secure from eavesdropping from all of them.

Back-door access built for the good guys is routinely used by the bad guys. In 2005, some unknown groupsurreptitiously used the lawful-intercept capabilities built into the Greek cell phone system. The same thing happened in Italy in 2006.

In 2010, Chinese hackers subverted an intercept system Google had put into Gmail to comply with U.S. government surveillance requests. Back doors in our cell phone system are currently being exploited by the FBI and unknown others.

This doesn’t stop the FBI and Justice Department from pumping up the fear. Attorney General Eric Holder threatened us with kidnappersand sexual predators.

The former head of the FBI’s criminal investigative division went even further, conjuring up kidnappers who are also sexual predators. And, of course, terrorists.

FBI Director James Comey claimed that Apple’s move allows people to place themselves beyond the law” and also invoked that now overworked “child kidnapper.” John J. Escalante, chief of detectives for the Chicago police department now holds the title of most hysterical: “Apple will become the phone of choice for the pedophile.”

It’s all bluster. Of the 3,576 major offenses for which warrants were granted for communications interception in 2013, exactly one involved kidnapping. And, more importantly, there’s no evidence that encryption hampers criminal investigations in any serious way. In 2013, encryption foiled the police nine times, up from four in 2012 — and the investigations proceeded in some other way.


NPR Is Laundering CIA Talking Points to Make You Scared of NSA Reporting – The Intercept

NPR Is Laundering CIA Talking Points to Make You Scared of NSA Reporting – The Intercept.

By and 514
Featured photo - NPR Is Laundering CIA Talking Points to Make You Scared of NSA Reporting Photo credit: Charles Dharapak/AP

On August 1, NPR’s Morning Edition broadcast a story by NPR national security reporter Dina Temple-Raston touting explosive claims from what she called “a tech firm based in Cambridge, Massachusetts.” That firm, Recorded Future, worked together with “a cyber expert, Mario Vuksan, the CEO of ReversingLabs,” to produce a new report that purported to vindicate the repeated accusation from U.S. officials that “revelations from former NSA contract worker Edward Snowden harmed national security and allowed terrorists to develop their own countermeasures.”

The “big data firm,” reported NPR, says that it now “has tangible evidence” proving the government’s accusations. Temple-Raston’s four-minute, 12-second story devoted the first 3 minutes and 20 seconds to uncritically repeating the report’s key conclusion that ”just months after the Snowden documents were released, al-Qaeda dramatically changed the way its operatives interacted online” and, post-Snowden, “al-Qaeda didn’t just tinker at the edges of its seven-year-old encryption software; it overhauled it.” The only skepticism in the NPR report was relegated to 44 seconds at the end when she quoted security expert Bruce Schneier, who questioned the causal relationship between the Snowden disclosures and the new terrorist encryption programs, as well as the efficacy of the new encryption.


I, spy: Edward Snowden in exile | World | The Guardian

I, spy: Edward Snowden in exile | World | The Guardian.

Fiction and films, the nearest most of us knowingly get to the world of espionage, give us a series of reliable stereotypes. British spies are hard-bitten, libidinous he-men. Russian agents are thickset, low-browed and facially scarred. And defectors end up as tragic old soaks in Moscow, scanning old copies of the Times for news of the Test match.

Such a fate was anticipated for Edward Snowden by Michael Hayden, a former NSA and CIA chief, who predicted last September that the former NSA analyst would be stranded in Moscow for the rest of his days – “isolated, bored, lonely, depressed… and alcoholic”.

But the Edward Snowden who materialises in our hotel room shortly after noon on the appointed day seems none of those things. A year into his exile in Moscow, he feels less, not more, isolated. If he is depressed, he doesn’t show it. And, at the end of seven hours of conversation, he refuses a beer. “I actually don’t drink.” He smiles when repeating Hayden’s jibe. “I was like, wow, their intelligence is worse than I thought.”

Oliver Stone, who is working on a film about the man now standing in room 615 of the Golden Apple hotel on Moscow’s Malaya Dmitrovka, might struggle to make his subject live up to the canon of great movie spies. The American director has visited Snowden in Moscow, and wants to portray him as an out-and-out hero, but he is an unconventional one: quiet, disciplined, unshowy, almost academic in his speech. If Snowden has vices – and God knows they must have been looking for them – none has emerged in the 13 months since he slipped away from his life as a contracted NSA analyst in Hawaii, intent on sharing the biggest cache of top-secret material the world has ever seen.

Since arriving in Moscow, Snowden has been keeping late and solitary hours – effectively living on US time, tapping away on one of his three computers (three to be safe; he uses encrypted chat, too). If anything, he appears more connected and outgoing than he could be in his former life as an agent. Of his life now, he says, “There’s actually not that much difference. You know, I think there are guys who are just hoping to see me sad. And they’re going to continue to be disappointed.”

When the Guardian first spoke to Snowden a year ago in Hong Kong, he had been dishevelled, his hair uncombed, wearing jeans and a T-shirt. The 31-year-old who materialised last week was smartly, if anonymously, dressed in black trousers and grey jacket, his hair tidily cut. He is jockey-light – even skinnier than a year ago. And he looks pale: “Probably three steps from death,” he jokes. “I mean, I don’t eat a whole lot. I keep a weird schedule. I used to be very active, but just in the recent period I’ve had too much work to focus on.”

 Edward Snowden – video interview

There was no advance warning of where we would meet: his only US television interview, with NBC’s Brian Williams in May, was conducted in an anonymous hotel room of Snowden’s choosing. This time, he prefers to come to us. On his arrival, there is a warm handshake for Guardian reporter Ewen MacAskill, whom he last saw in Hong Kong – a Sunday night after a week of intense work in a frowsty hotel room, a few hours before the video revealing his identity to the world went public. Neither man knew if they would ever meet again.

Snowden orders chicken curry from room service and, as he forks it down, is immediately into the finer points of the story that yanked him from a life of undercover anonymity to global fame. The Snowden-as-alcoholic jibe is not the only moment when he reflects wryly on his former colleagues’ patchy ability to get on top of events over the past year. There was, for instance, the incident last July when a plane carrying President Evo Morales back to Bolivia from Moscow was forced down in Vienna and searched for a stowaway Snowden. “I was like, first off, wow, their intelligence sucks, from listening to everything. But, two, are they really going to the point of just completely humiliating the president of a Latin American nation, the representative of so many people? It was just shockingly poorly thought out, and yet they did it anyway, and they keep at these sort of mistakes.” It was as if they were trying not to find him. “I almost felt like I had some sort of friend in government.”


Four ways Edward Snowden changed the world – and why the fight's not over | Trevor Timm | Comment is free | theguardian.com

Four ways Edward Snowden changed the world – and why the fight’s not over | Trevor Timm | Comment is free | theguardian.com.

Encrypted Gmail. Transparency from mobile providers. Maybe even a legal ‘revolt’ against ‘Orwellian’ surveillance. But until we get real reform, NSA and Co may survive in the shadows

 

 

edward snowden illustration
During the first weeks of the Snowden revelations, it wasn’t clear legislators cared. Then public opinion changed, and now there’s a bill. Will we ever get real reform? Illustration: Kyle Bean for the Guardian

 

Thursday marks one year since the Guardian published the first in a series of eye-opening stories about surveillance based on documents provided by Edward Snowden. The events in the 52 weeks since have proven him to be the most significant whistleblower in American history – and have reverberated throughout the world.

But along with the changes Snowden sparked, vital questions remain about how and if the National Security Agency and its global spy apparatus will truly be reformed. Many wheels are finally in motion, but will the US Congress and the courts actually respond in a meaningful way? In truth, the second year of Snowden may be more important than the first. It’s when we’ll see if global privacy rights get protected for the better – or if mass surveillance becomes more entrenched in our laws than ever before. For now, it’s important to take stock in looking ahead to the next chapter.


Privacy under attack: the NSA files revealed new threats to democracy | Technology | The Guardian

Privacy under attack: the NSA files revealed new threats to democracy | Technology | The Guardian.

Thanks to Edward Snowden, we know the apparatus of repression has been covertly attached to the democratic state. However, our struggle to retain privacy is far from hopeless

US National Security Agency
The US National Security Agency threat operations centre in Fort Meade, Maryland, in 2006. Photograph: Paul Richards/AFP/Getty Images

In the third chapter of his History of the Decline and Fall of the Roman Empire, Edward Gibbon gave two reasons why the slavery into which the Romans had tumbled under Augustus and his successors left them more wretched than any previous human slavery. In the first place, Gibbon said, the Romans had carried with them into slavery the culture of a free people: their language and their conception of themselves as human beings presupposed freedom. And thus, says Gibbon, for a long time the Romans preserved the sentiments – or at least the ideas – of a freeborn people. In the second place, the empire of the Romans filled all the world, and when that empire fell into the hands of a single person, the world was a safe and dreary prison for his enemies. As Gibbon wrote, to resist was fatal, and it was impossible to fly.

The power of that Roman empire rested in its leaders’ control of communications. The Mediterranean was their lake. Across their European empire, from Scotland to Syria, they pushed roads that 15 centuries later were still primary arteries of European transportation. Down those roads the emperor marched his armies. Up those roads he gathered his intelligence. The emperors invented the posts to move couriers and messages at the fastest possible speed.

Using that infrastructure, with respect to everything that involved the administration of power, the emperor made himself the best-informed person in the history of the world.

That power eradicated human freedom. “Remember,” said Cicero to Marcellus in exile, “wherever you are, you are equally within the power of the conqueror.”

The empire of the United States after the second world war also depended upon control of communications. This was more evident when, a mere 20 years later, the United States was locked in a confrontation of nuclear annihilation with the Soviet Union. In a war of submarines hidden in the dark below the continents, capable of eradicating human civilisation in less than an hour, the rule of engagement was “launch on warning”. Thus the United States valued control of communications as highly as the Emperor Augustus. Its listeners too aspired to know everything.

We all know that the United States has for decades spent as much on its military might as all other powers in the world combined. Americans are now realising what it means that we applied to the stealing of signals and the breaking of codes a similar proportion of our resources in relation to the rest of the world.

The US system of listening comprises a military command controlling a large civilian workforce. That structure presupposes the foreign intelligence nature of listening activities. Military control was a symbol and guarantee of the nature of the activity being pursued. Wide-scale domestic surveillance under military command would have violated the fundamental principle of civilian control.

Instead what it had was a foreign intelligence service responsible to the president as military commander-in-chief. The chain of military command absolutely ensured respect for the fundamental principle “no listening here”. The boundary between home and away distinguished the permissible from the unconstitutional.

The distinction between home and away was at least technically credible, given the reality of 20th-century communications media, which were hierarchically organised and very often state-controlled.

When the US government chose to listen to other governments abroad – to their militaries, to their diplomatic communications, to their policymakers where possible – they were listening in a world of defined targets. The basic principle was: hack, tap, steal. We listened, we hacked in, we traded, we stole.

In the beginning we listened to militaries and their governments. Later we monitored the flow of international trade as far as it engaged American national security interests.


NSA reform: lawmakers aim to bar agency from weakening encryption | World news | theguardian.com

NSA reform: lawmakers aim to bar agency from weakening encryption | World news | theguardian.com.

Concerned about weaknesses in USA Freedom Act, Zoe Lofgren and colleagues pushing to prevent NSA from weakening online encryption with new amendment

 

 

California congressman Zoe Lofgren
Lofgren, in debate with her colleagues last week, attempted to move the USA Freedom Act closer to its civil libertarian origins. Photograph: Carolyn Kaster/AP

 

US legislators concerned about weaknesses in a major surveillance reform bill intend to insert an amendment barring the National Security Agency from weakening the encryption that many people rely on to keep their information secure online, or exploiting any internet security vulnerabilities it discovers.

Congresswoman Zoe Lofgren, a California Democrat, told the Guardian that she and a group of colleagues want to prevent the NSA from “utilizing discovered zero-day flaws,” or unfixed software security vulnerabilities, and entrench “the duty of the NSA and the government generally not to create them, nor to prolong the threat to the internet” by failing to warn about those vulnerabilities.

Since the discovery of the Heartbleed bug afflicting web and email servers, the NSA has faced suspicions that it has exploited the vulnerability, which the agency has strenuously denied. Beyond Heartbleed, documents from whistleblower Edward Snowden have revealed that the NSA has weakened online encryption, causing consternation among technology companies as well as privacy advocates.

Lofgren intends to attach the provision to the USA Freedom Act, increasingly the consensus bill to reform surveillance in the wake of the Edward Snowden disclosures. The bill, mostly favored by civil libertarians and expected to go for a vote on the House floor as early as next week, does not include language stopping the NSA from undermining encryption.

In an indication of the difficulty legislators will face in recasting the USA Freedom Act to better protect privacy, Lofgren conceded that attaching the provision will be difficult, as House legislators do not want to upset a tenuous deal on surveillance reform by adding to the bill. She is currently seeking a parliamentarian ruling on the “germaneness” of her online security amendment in order to make it difficult for opponents to exclude it from consideration on the floor.

Lofgren said she and other civil libertarian-minded lawmakers will have limited opportunities to add amendments to the bill, and so are prioritizing measures they believe stand the best chance of winning House support.

Lofgren said she thought those would most likely include a ban on the NSA searching through its foreign-focused communications content troves for Americans’ information without a warrant; clarifying a Patriot Act prohibition on collecting Americans’ phone calls and email content; and permitting more detailed transparency for telecoms and internet companies to disclose the sorts of national-security orders they receive from the government for their customers’ data.


Lavabit acusado de desacato por entregar clave SSL impresa en 11 hojas con letra pequeña – FayerWayer

Lavabit acusado de desacato por entregar clave SSL impresa en 11 hojas con letra pequeña – FayerWayer.

(CC) Chris Preen

El servicio de correo electrónico usado por Snowden prefirió cerrar antes de entregar las claves SSL que protegían todo el tráfico web del sitio.

Hace unos meses atrás les contamos cómo Lavabit, el servicio de correo electrónico cifrado que utilizaba Edward Snowden, se vio “forzado” a cerrar por las presiones del Gobierno de Estados Unidos.

Si bien en su momento no contábamos con muchos detalles debido a la naturaleza del juicio, con el tiempo nos fuimos enterando de detalles bastante interesantes.

Por ejemplo, cuando el FBI presionó a Ladar Levison (el fundador de Lavabit) para que entregara su clave privada del protocolo SSL, éste intentó dilatar la medida entregando la clave impresa en 11 páginas con una letra de tamaño 4 (un milímetro y medio de altura).

Ahora, una corte federal de apelaciones aceptó una acusación de desacato a la autoridad contra Levison y Lavabit por entregar en ese formato la clave SSL. Según el fiscal Andrew Peterson, “la empresa trató la orden judicial como si estuviera negociando un contrato en vez de ser un requerimiento legal“.

Por su parte, Levison se defiende argumentando que “solo objeté entregar la clave SSL porque comprometería todas las comunicaciones seguras dentro y fuera de mi red, incluyendo mi propio tráfico de datos“.


La NSA desmiente haber estado al tanto de la falla de Internet “Heartbleed” – BioBioChile

La NSA desmiente haber estado al tanto de la falla de Internet “Heartbleed” – BioBioChile.


Heartbleed.com

Heartbleed.com

Publicado por Gabriela Ulloa | La Información es de Agencia AFP
La agencia estadounidense encargada de interceptar comunicaciones, la NSA, desmintió el viernes las revelaciones de la agencia Bloomberg según la cual sabía de la falla de seguridad en el programa de conexiones seguras conocida como “Heartbleed”, y la habría utilizado en su beneficio.

Bloomberg, que mencionó “fuentes cercanas al caso”, afirmó que la agencia de inteligencia sabía desde hacía “al menos dos años” que existía esta falla, pero no lo había revelado sino que la había utilizado en su beneficio para obtener datos.

“Heartbleed” afecta ciertas versiones de OpenSSL, un programa libre usado para conexiones seguras en Internet, que se reconoce por ejemplo en las direcciones web que empiezan con https o un pequeño candado durante operaciones bancarias y de identificación en internet. Su existencia fue revelada al inicio de esta semana.

“La NSA no estaba al tanto de la vulnerabilidad identificada recientemente en OpenSSL, llamada falla Heartbleed, hasta que se hizo pública en el informe de una firma privada de seguridad informática. Las informaciones que establecen lo contrario son falsas”, declaró a la AFP una portavoz de la NSA, Vanee Vines.


Has the NSA’s mass spying made life easier for digital criminals? | Technology | theguardian.com

Has the NSA’s mass spying made life easier for digital criminals? | Technology | theguardian.com.

In flooding the internet with malware, and by increasing wariness of data sharing, the NSA’s actions have had a negative impact on the fight against cybercrime

A man hands out 'RSA sold us out' ribbons near Moscone West for the badges of people attending the RSA conference.
A man hands out ‘RSA sold us out’ protest ribbons near Moscone West to people attending the RSA conference. Photograph: Steve Rhodes/Demotix/Corbis

Thousands of the world’s security professionals, mostly of them middle-aged white males, gathered in San Francisco last week for the annual RSA Conference.

Traditionally, it’s the time of year vendors hawk their gear in halls containing a perturbing whiff of ammonia, research announcements provide relief from the festival of commerce, and government mandarins hobnob with corporate types – all with the implied intent to work together to protect people’s data.

Yet 2014’s event was always going to be a bit different. RSA, the security company hosting the event, had to defend itself against criticism over an alleged $10m deal with the National Security Agency (NSA) to include flawed encryption in its products.

The company’s chief, Art Coviello, outright denied any wrongdoing, saying RSA was only following advice given by the US government’s National Institute of Standards and Technology (NIST).

RSA’s excuses have convinced some onlookers, others remain sceptical. But the organisation that took far more flak this week was the NSA itself, which had its own booth on the trade floor, albeit a considerably plainer one than the surrounding neon-clad stalls of commercial firms.

There was one criticism, amid the understandable ire around the damage done to global privacy, which stood out: that the NSA’s mass spying had perversely made life easier for digital criminals.

Data sharing in danger

Cross-border data-sharing mechanisms – a critical part in both online and non-internet crime investigations – have come under threat since the Edward Snowden leaks. Even though information-sharing deals covering banking and airline passenger data just about survived calls to suspend them, the Snowden files have caused problems for collaboration between public and private bodies.

The heightened tensions lie not between law enforcement agencies, but between police and other organisations that potentially hold valuable information for investigations. “The impact is more [with] third parties giving more consideration to sharing their data with agencies or other departments,” said Charlie McMurdie, formerly the head of the defunct Metropolitan Police Central e-Crime Unit and now senior crime adviser at PricewaterhouseCoopers.

“This can have a negative impact on law enforcement ability to respond to or progress investigations, but on the positive side [this] has also made third parties think more about where their data exists, security and sharing protocols, which isn’t a bad thing.”

A recent European Commission report on trust between the US and the EU following the leaks last year said: “Information sharing is … an essential component of EU-US security cooperation, critically important to the common goal of preventing and combating serious crime and terrorism. However, recent revelations about US intelligence collection programmes have negatively affected the trust on which this cooperation is based. In particular, it has affected trust in the way personal data is processed.”

Discussions are ongoing about an umbrella agreement covering law enforcement data sharing, with much talk of the need to ensure safeguards are in place, with “strict conditions”.

The US government has already seen the impact. In response to a Guardian question on the effect of Snowden’s revelations on data sharing, Phyllis Schneck, the chief cybersecurity official at the US Department of Homeland Security, said the government body’s partners were “feeling it”.


Bitcoin Foundation vice chair arrested for money laundering | Technology | theguardian.com

Bitcoin Foundation vice chair arrested for money laundering | Technology | theguardian.com.

Charlie Shrem stands accused of knowingly selling over $1m of bitcoins to users of the Silk Road online black-marketplace

 

 

A screengrab of the Silk Road after it was shut down in October.
A screengrab of the Silk Road after it was shut down in October. Photograph: David Colbran/Demotix/Corbis

 

The vice chair of the Bitcoin Foundation, Charlie Shrem, has been arrested for conspiracy to commit money laundering and operating an unlicensed money transmitting business.

The arrest comes as a major blow for the digital currency lobby group. Bitcoin Foundation staff have been working hard to distance the digital currency from its links to crime. They testified to the Senate last year and have been lobbying regulators in Washington.

Patrick Murck, Bitcoin’s general counsel, said: “I don’t think it’s damaging for the Foundation. Foundation wasn’t involved in any of the allegations.”

The charges stem from Shrem’s ownership of the BitInstant bitcoin exchange, of which he is the chief executive, co-founder and compliance officer. The exchange hit the headlines in May 2013 when the Winklevoss brothers led a seed round which raised $1.5m of investment.

A second man, Robert Faiella, has also been arrested and charged for the same crimes relating to his operation of a small bitcoin exchange under the name BTCKing.

The charges, unsealed by the Manhattan distort attorney Preet Bharara, accuse the pair of “engaging in a scheme to sell over $1m in bitcoins to users of Silk Road”, the online black marketplace which was closed by the FBI in October 2013.

Shrem is additionally charged with “wilfully failing to file any suspicious activity report regarding Faiella’s illegal transactions through the company,” the documents reveal.


Qué pasa si las autoridades le confiscan su computadora – El Mostrador

Qué pasa si las autoridades le confiscan su computadora – El Mostrador.

Si las autoridades estadounidenses lo desean, pueden confiscar su ordenador cuando usted ingrese dentro de los límites del país, para buscar allí evidencia de actividad delictiva, vínculos con servicios de inteligencia en el extranjero o conexiones extremistas.

seguridadbbc2

Un juez federal en Nueva York dictaminó que las autoridades estadounidenses pueden incautar la computadora portátil de un viajero cuando cruza la frontera, sin tener un motivo legal, sin que se sospeche que la persona haya cometido algún delito y sin dar ninguna clase de explicación. ¿Qué pasa si confiscan la suya?

El año pasado, los medios dedicaron gran parte de su cobertura a historias sobre la Agencia de Seguridad Nacional (NSA, por sus siglas en inglés) de Estados Unidos y sus operaciones de vigilancia, y los riesgos de estas actividades para la privacidad de los usuarios en internet.

La publicación de documentos obtenidos por el exanalista de la NSA Edward Snowden arrojó nueva luz sobre el programa global de espionaje electrónico.

Sin embargo, las autoridades pueden averiguar información sobre usted de una forma más tradicional: confiscando sus posesiones en la frontera.