The supercomputer described in the trove, “WindsorGreen,” was a system designed to excel at the sort of complex mathematics that underlies encryption, the technology that keeps data private, and almost certainly intended for use by the Defense Department’s signals intelligence wing, the National Security Agency. WindsorGreen was the successor to another password-cracking machine used by the NSA, “WindsorBlue,” which was also documented in the material leaked from NYU and which had been previously described in the Norwegian press thanks to a document provided by National Security Agency whistleblower Edward Snowden. Both systems were intended for use by the Pentagon and a select few other Western governments, including Canada and Norway.
In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.
El gigante de la informática criticó el papel de los gobiernos y organizaciones que coleccionan vulnerabilidades informáticas que después pueden ser robadas o vendidas a delincuentes informáticos. La empresa pide que lo sucedido sea una lección para erradicar esta práctica en el mundo.
In an exclusive tour of the new lab, Fortune got a glimpse of Law & Order in the digital age. The lab is Exhibit A in how America’s biggest city is embracing big data analytics and a dash of hacker culture to solve complex crimes. It also raises hard questions about how to balance these sophisticated crime-fighting tools with civil liberties.
Hillary Clinton’s advisers recognized that her policy position on encryption was problematic, with one writing that it was tantamount to insisting that there was “‘some way’ to do the impossible.”Instead, according to campaign emails released by Wikileaks, they suggested that the campaign signal its willingness to use “malware” or “super code breaking by the NSA” to get around encryption.
Finally, Yahoo’s possible betrayal of its users is another example of why whistleblowers and leaks to the press are so important. The US government considers this type of surveillance “legal” even though it shocks the conscience of many ordinary Americans and dozens of civil liberties groups have been attempting to have courts rule it illegal for years.
Encryption is finally mainstream.Government officials and technologists have been debating since the early 1990s whether to limit the strength of encryption to help the law-enforcement and intelligence communities monitor suspects’ communications. But until early 2016, this was a mostly esoteric fight, relegated to academic conferences, security agencies’ C-suites, and the back rooms of Capitol Hill.Everything changed in mid-February, when President Barack Obama’s Justice Department, investigating the terrorists who carried out the San Bernardino, California, shooting, asked a federal judge to force Apple to help the Federal Bureau of Investigation unlock one attacker’s iPhone.What followed was an unexpectedly rancorous and unprecedentedly public fight over how far the government should go to pierce and degrade commercial security technology in its quest to protect Americans from terrorism.
Si bien estos casos judiciales destacados han sumado impulso, la ofensiva del sector contra la intrusión gubernamental en la información privada de los clientes comenzó hace al menos dos años, luego de las revelaciones de Edward Snowden sobre la recolección encubierta de datos que pusieron a todos a la defensiva.
The Federal Bureau of Investigation insisted that it was helpless. The bureau told a judge in February that Apple has the “exclusive technical means” to try to unlock the contents of San Bernardino shooter Syed Rizwan Farook’s iPhone — and that’s why it should be forced to do so. But notably missing from the FBI’s argument was any mention of whether it had consulted spies and sleuths from the government’s intelligence community — particularly the National Security Agency. The Twitterverse exploded with q
ft.com > Companies >TechnologySubscribe Sign in Home World Companies Energy Financials Health Industrials Luxury 360 Media Retail & Consumer Tech Telecoms Transport By Region Tools Markets Global Economy Lex Comment Management Life & Arts March 4, 2016 2:25 amApple gains support from tech rivals in FBI caseTim Bradshaw in San Francisco Share Print Clip CommentsFBI and Apple logos©FBI/AppleAmerica’s largest technology companies have joined Apple’s fight against the government over data protection and security, in an unusual display of unity by the Silicon Valley rivals.More than a dozen motions filed on Thursday sided with Apple as it tries to resist a demand to write software that would help the FBI unlock the San Bernardino shooter’s iPhone. Civil liberties groups and IT trade associations lined up alongside dozens of law professors and cryptography experts, after Apple filed its own motion for the judicial order to be withdrawn last week.
The news this week that a magistrate ordered Apple to help the FBI hack an iPhone used by one of the San Bernardino shooter suspects has polarized the nation—and also generated some misinformation. In the interest of clarifying the facts and correcting some misinformation, we’ve pulled together a summary of the issues at hand.
NSA whistleblower Edward Snowden’s revelations of mass surveillance by government agencies has made a big impact on investigative journalists, according to a new study.
The survey of 671 journalists, conducted by the US-based Pew Research Center and Columbia University’s Tow Center for Digital Journalism, found that 64% believe that the US government has probably collected data about their communications.
49% said that they have changed the way they store and share potentially sensitive documents in the last year as a result, while 29% have altered the way they communicate with fellow journalists.
However, only 3% have opted not to pursue a particular story due to concerns about electronic surveillance and hacking, although 13% have not reached out to a particular source for those reasons. Just 2% have considered abandoning investigative journalism.
On August 1, NPR’s Morning Edition broadcast a story by NPR national security reporter Dina Temple-Raston touting explosive claims from what she called “a tech firm based in Cambridge, Massachusetts.” That firm, Recorded Future, worked together with “a cyber expert, Mario Vuksan, the CEO of ReversingLabs,” to produce a new report that purported to vindicate the repeated accusation from U.S. officials that “revelations from former NSA contract worker Edward Snowden harmed national security and allowed terrorists to develop their own countermeasures.”
The “big data firm,” reported NPR, says that it now “has tangible evidence” proving the government’s accusations. Temple-Raston’s four-minute, 12-second story devoted the first 3 minutes and 20 seconds to uncritically repeating the report’s key conclusion that ”just months after the Snowden documents were released, al-Qaeda dramatically changed the way its operatives interacted online” and, post-Snowden, “al-Qaeda didn’t just tinker at the edges of its seven-year-old encryption software; it overhauled it.” The only skepticism in the NPR report was relegated to 44 seconds at the end when she quoted security expert Bruce Schneier, who questioned the causal relationship between the Snowden disclosures and the new terrorist encryption programs, as well as the efficacy of the new encryption.
iction and films, the nearest most of us knowingly get to the world of espionage, give us a series of reliable stereotypes. British spies are hard-bitten, libidinous he-men. Russian agents are thickset, low-browed and facially scarred. And defectors end up as tragic old soaks in Moscow, scanning old copies of the Times for news of the Test match.
Such a fate was anticipated for Edward Snowden by Michael Hayden, a former NSA and CIA chief, who predicted last September that the former NSA analyst would be stranded in Moscow for the rest of his days – “isolated, bored, lonely, depressed… and alcoholic”.
But the Edward Snowden who materialises in our hotel room shortly after noon on the appointed day seems none of those things. A year into his exile in Moscow, he feels less, not more, isolated. If he is depressed, he doesn’t show it. And, at the end of seven hours of conversation, he refuses a beer. “I actually don’t drink.” He smiles when repeating Hayden’s jibe. “I was like, wow, their intelligence is worse than I thought.”
Oliver Stone, who is working on a film about the man now standing in room 615 of the Golden Apple hotel on Moscow’s Malaya Dmitrovka, might struggle to make his subject live up to the canon of great movie spies. The American director has visited Snowden in Moscow, and wants to portray him as an out-and-out hero, but he is an unconventional one: quiet, disciplined, unshowy, almost academic in his speech. If Snowden has vices – and God knows they must have been looking for them – none has emerged in the 13 months since he slipped away from his life as a contracted NSA analyst in Hawaii, intent on sharing the biggest cache of top-secret material the world has ever seen.
Since arriving in Moscow, Snowden has been keeping late and solitary hours – effectively living on US time, tapping away on one of his three computers (three to be safe; he uses encrypted chat, too). If anything, he appears more connected and outgoing than he could be in his former life as an agent. Of his life now, he says, “There’s actually not that much difference. You know, I think there are guys who are just hoping to see me sad. And they’re going to continue to be disappointed.”
When the Guardian first spoke to Snowden a year ago in Hong Kong, he had been dishevelled, his hair uncombed, wearing jeans and a T-shirt. The 31-year-old who materialised last week was smartly, if anonymously, dressed in black trousers and grey jacket, his hair tidily cut. He is jockey-light – even skinnier than a year ago. And he looks pale: “Probably three steps from death,” he jokes. “I mean, I don’t eat a whole lot. I keep a weird schedule. I used to be very active, but just in the recent period I’ve had too much work to focus on.”
There was no advance warning of where we would meet: his only US television interview, with NBC’s Brian Williams in May, was conducted in an anonymous hotel room of Snowden’s choosing. This time, he prefers to come to us. On his arrival, there is a warm handshake for Guardian reporter Ewen MacAskill, whom he last saw in Hong Kong – a Sunday night after a week of intense work in a frowsty hotel room, a few hours before the video revealing his identity to the world went public. Neither man knew if they would ever meet again.
Snowden orders chicken curry from room service and, as he forks it down, is immediately into the finer points of the story that yanked him from a life of undercover anonymity to global fame. The Snowden-as-alcoholic jibe is not the only moment when he reflects wryly on his former colleagues’ patchy ability to get on top of events over the past year. There was, for instance, the incident last July when a plane carrying President Evo Morales back to Bolivia from Moscow was forced down in Vienna and searched for a stowaway Snowden. “I was like, first off, wow, their intelligence sucks, from listening to everything. But, two, are they really going to the point of just completely humiliating the president of a Latin American nation, the representative of so many people? It was just shockingly poorly thought out, and yet they did it anyway, and they keep at these sort of mistakes.” It was as if they were trying not to find him. “I almost felt like I had some sort of friend in government.”
Encrypted Gmail. Transparency from mobile providers. Maybe even a legal ‘revolt’ against ‘Orwellian’ surveillance. But until we get real reform, NSA and Co may survive in the shadows
Thursday marks one year since the Guardian published the first in a series of eye-opening stories about surveillance based on documents provided by Edward Snowden. The events in the 52 weeks since have proven him to be the most significant whistleblower in American history – and have reverberated throughout the world.
But along with the changes Snowden sparked, vital questions remain about how and if the National Security Agency and its global spy apparatus will truly be reformed. Many wheels are finally in motion, but will the US Congress and the courts actually respond in a meaningful way? In truth, the second year of Snowden may be more important than the first. It’s when we’ll see if global privacy rights get protected for the better – or if mass surveillance becomes more entrenched in our laws than ever before. For now, it’s important to take stock in looking ahead to the next chapter.
Thanks to Edward Snowden, we know the apparatus of repression has been covertly attached to the democratic state. However, our struggle to retain privacy is far from hopeless
In the third chapter of his History of the Decline and Fall of the Roman Empire, Edward Gibbon gave two reasons why the slavery into which the Romans had tumbled under Augustus and his successors left them more wretched than any previous human slavery. In the first place, Gibbon said, the Romans had carried with them into slavery the culture of a free people: their language and their conception of themselves as human beings presupposed freedom. And thus, says Gibbon, for a long time the Romans preserved the sentiments – or at least the ideas – of a freeborn people. In the second place, the empire of the Romans filled all the world, and when that empire fell into the hands of a single person, the world was a safe and dreary prison for his enemies. As Gibbon wrote, to resist was fatal, and it was impossible to fly.
The power of that Roman empire rested in its leaders’ control of communications. The Mediterranean was their lake. Across their European empire, from Scotland to Syria, they pushed roads that 15 centuries later were still primary arteries of European transportation. Down those roads the emperor marched his armies. Up those roads he gathered his intelligence. The emperors invented the posts to move couriers and messages at the fastest possible speed.
Using that infrastructure, with respect to everything that involved the administration of power, the emperor made himself the best-informed person in the history of the world.
That power eradicated human freedom. “Remember,” said Cicero to Marcellus in exile, “wherever you are, you are equally within the power of the conqueror.”
The empire of the United States after the second world war also depended upon control of communications. This was more evident when, a mere 20 years later, the United States was locked in a confrontation of nuclear annihilation with the Soviet Union. In a war of submarines hidden in the dark below the continents, capable of eradicating human civilisation in less than an hour, the rule of engagement was “launch on warning”. Thus the United States valued control of communications as highly as the Emperor Augustus. Its listeners too aspired to know everything.
We all know that the United States has for decades spent as much on its military might as all other powers in the world combined. Americans are now realising what it means that we applied to the stealing of signals and the breaking of codes a similar proportion of our resources in relation to the rest of the world.
The US system of listening comprises a military command controlling a large civilian workforce. That structure presupposes the foreign intelligence nature of listening activities. Military control was a symbol and guarantee of the nature of the activity being pursued. Wide-scale domestic surveillance under military command would have violated the fundamental principle of civilian control.
Instead what it had was a foreign intelligence service responsible to the president as military commander-in-chief. The chain of military command absolutely ensured respect for the fundamental principle “no listening here”. The boundary between home and away distinguished the permissible from the unconstitutional.
The distinction between home and away was at least technically credible, given the reality of 20th-century communications media, which were hierarchically organised and very often state-controlled.
When the US government chose to listen to other governments abroad – to their militaries, to their diplomatic communications, to their policymakers where possible – they were listening in a world of defined targets. The basic principle was: hack, tap, steal. We listened, we hacked in, we traded, we stole.
In the beginning we listened to militaries and their governments. Later we monitored the flow of international trade as far as it engaged American national security interests.
Concerned about weaknesses in USA Freedom Act, Zoe Lofgren and colleagues pushing to prevent NSA from weakening online encryption with new amendment
US legislators concerned about weaknesses in a major surveillance reform bill intend to insert an amendment barring the National Security Agency from weakening the encryption that many people rely on to keep their information secure online, or exploiting any internet security vulnerabilities it discovers.
Congresswoman Zoe Lofgren, a California Democrat, told the Guardian that she and a group of colleagues want to prevent the NSA from “utilizing discovered zero-day flaws,” or unfixed software security vulnerabilities, and entrench “the duty of the NSA and the government generally not to create them, nor to prolong the threat to the internet” by failing to warn about those vulnerabilities.
Since the discovery of the Heartbleed bug afflicting web and email servers, the NSA has faced suspicions that it has exploited the vulnerability, which the agency has strenuously denied. Beyond Heartbleed, documents from whistleblower Edward Snowden have revealed that the NSA has weakened online encryption, causing consternation among technology companies as well as privacy advocates.
Lofgren intends to attach the provision to the USA Freedom Act, increasingly the consensus bill to reform surveillance in the wake of the Edward Snowden disclosures. The bill, mostly favored by civil libertarians and expected to go for a vote on the House floor as early as next week, does not include language stopping the NSA from undermining encryption.
In an indication of the difficulty legislators will face in recasting the USA Freedom Act to better protect privacy, Lofgren conceded that attaching the provision will be difficult, as House legislators do not want to upset a tenuous deal on surveillance reform by adding to the bill. She is currently seeking a parliamentarian ruling on the “germaneness” of her online security amendment in order to make it difficult for opponents to exclude it from consideration on the floor.
Lofgren said she and other civil libertarian-minded lawmakers will have limited opportunities to add amendments to the bill, and so are prioritizing measures they believe stand the best chance of winning House support.
Lofgren said she thought those would most likely include a ban on the NSA searching through its foreign-focused communications content troves for Americans’ information without a warrant; clarifying a Patriot Act prohibition on collecting Americans’ phone calls and email content; and permitting more detailed transparency for telecoms and internet companies to disclose the sorts of national-security orders they receive from the government for their customers’ data.
16 Abril 2014
El servicio de correo electrónico usado por Snowden prefirió cerrar antes de entregar las claves SSL que protegían todo el tráfico web del sitio.
Si bien en su momento no contábamos con muchos detalles debido a la naturaleza del juicio, con el tiempo nos fuimos enterando de detalles bastante interesantes.
Por ejemplo, cuando el FBI presionó a Ladar Levison (el fundador de Lavabit) para que entregara su clave privada del protocolo SSL, éste intentó dilatar la medida entregando la clave impresa en 11 páginas con una letra de tamaño 4 (un milímetro y medio de altura).
Ahora, una corte federal de apelaciones aceptó una acusación de desacato a la autoridad contra Levison y Lavabit por entregar en ese formato la clave SSL. Según el fiscal Andrew Peterson, “la empresa trató la orden judicial como si estuviera negociando un contrato en vez de ser un requerimiento legal“.
Por su parte, Levison se defiende argumentando que “solo objeté entregar la clave SSL porque comprometería todas las comunicaciones seguras dentro y fuera de mi red, incluyendo mi propio tráfico de datos“.
Charlie Shrem stands accused of knowingly selling over $1m of bitcoins to users of the Silk Road online black-marketplace
The vice chair of the Bitcoin Foundation, Charlie Shrem, has been arrested for conspiracy to commit money laundering and operating an unlicensed money transmitting business.
The arrest comes as a major blow for the digital currency lobby group. Bitcoin Foundation staff have been working hard to distance the digital currency from its links to crime. They testified to the Senate last year and have been lobbying regulators in Washington.
Patrick Murck, Bitcoin’s general counsel, said: “I don’t think it’s damaging for the Foundation. Foundation wasn’t involved in any of the allegations.”
The charges stem from Shrem’s ownership of the BitInstant bitcoin exchange, of which he is the chief executive, co-founder and compliance officer. The exchange hit the headlines in May 2013 when the Winklevoss brothers led a seed round which raised $1.5m of investment.
A second man, Robert Faiella, has also been arrested and charged for the same crimes relating to his operation of a small bitcoin exchange under the name BTCKing.
The charges, unsealed by the Manhattan distort attorney Preet Bharara, accuse the pair of “engaging in a scheme to sell over $1m in bitcoins to users of Silk Road”, the online black marketplace which was closed by the FBI in October 2013.
Shrem is additionally charged with “wilfully failing to file any suspicious activity report regarding Faiella’s illegal transactions through the company,” the documents reveal.
Si las autoridades estadounidenses lo desean, pueden confiscar su ordenador cuando usted ingrese dentro de los límites del país, para buscar allí evidencia de actividad delictiva, vínculos con servicios de inteligencia en el extranjero o conexiones extremistas.
Un juez federal en Nueva York dictaminó que las autoridades estadounidenses pueden incautar la computadora portátil de un viajero cuando cruza la frontera, sin tener un motivo legal, sin que se sospeche que la persona haya cometido algún delito y sin dar ninguna clase de explicación. ¿Qué pasa si confiscan la suya?
El año pasado, los medios dedicaron gran parte de su cobertura a historias sobre la Agencia de Seguridad Nacional (NSA, por sus siglas en inglés) de Estados Unidos y sus operaciones de vigilancia, y los riesgos de estas actividades para la privacidad de los usuarios en internet.
La publicación de documentos obtenidos por el exanalista de la NSA Edward Snowden arrojó nueva luz sobre el programa global de espionaje electrónico.
Sin embargo, las autoridades pueden averiguar información sobre usted de una forma más tradicional: confiscando sus posesiones en la frontera.