Category Archives: Five Eyes

Author of PATRIOT Act goes to EU parliament, admits Congress failed and NSA is out of control

Mike Masnick writes: It’s already strange enough that the author of the PATRIOT Act, Rep. Jim Sensenbrenner, has come out strongly against the NSA’s mass spying, said that James Clapper should be fired and prosecuted, and introduced sweeping new legislation that would significantly curtail the NSA’s activities. If you’ve followed civil liberties issues over the past dozen years or so, Sensenbrenner used to be very much in the camp of folks like Rep. Mike Rogers and Senator Dianne Feinstein — seen as carrying water for the intelligence community (and industry). The change of heart (even if he claims the original PATRIOT Act was never meant to allow this stuff) is quite impressive.

Even so, it’s perhaps even more incredible to see that Sensenbrenner has now gone over to the EU Parliament to admit that the NSA is out of control and needs to be reined in. [Continue reading…]

Facebooktwittermail

Spying scandal alters U.S. ties with allies and raises talk of policy shift

The New York Times reports: Just as European and American negotiators resumed work on a groundbreaking trade accord meant to tie their two continents closer together, René Obermann, the chief executive of Deutsche Telekom, the German telecommunications giant, told a cybersecurity conference in Germany on Monday that his company was working to keep electronic message traffic from “unnecessarily” crossing the Atlantic, where it could fall into the hands of the National Security Agency.

Other German executives, and some politicians, are beginning to talk of segmenting the Internet, so that they are not reliant on large American firms that by contract or court order allow United States intelligence agencies to delve into their data about phone and Internet usage. Europeans are demanding that any new trade accord include data-privacy protections that the United States is eager to avoid.

Almost never before has a spying scandal — in this case the revelation of the monitoring of the cellphone of Chancellor Angela Merkel of Germany — resulted in such a concrete, commercial backlash. Now it is also driving a debate inside the American government about whether the United States, which has long spied on allies even while nurturing them as partners, may have to change its approach.

“What’s more important?” Gen. Keith B. Alexander, the director of the N.S.A., asked during an interview last month, before the Merkel revelations. “Partnering with countries may be more important than collecting on them,” he said, especially when it comes to protecting against cyberthreats to the computer networks of the world’s largest economies. [Continue reading…]

Facebooktwittermail

Sarah Harrison joins other Edward Snowden files ‘exiles’ in Berlin

The Guardian reports: Sarah Harrison, the British journalist and WikiLeaks staffer who has been working with Edward Snowden since his arrival in Moscow, has left Russia and joined the growing band of net activists stranded in Berlin.

A statement released on the WikiLeaks website, attributed to Harrison, states that she arrived in Germany on Saturday and has been advised by her lawyers that it is “not safe to return home” to the UK.

Harrison joins a growing group of journalists and activists who were involved in the publication of Snowden’s files and are now living in the German capital “in effective exile”, including Laura Poitras and Jacob Applebaum.

Facebooktwittermail

NSA: our analogue spying laws must catch up with the digital era

Kenneth Roth writes: News that US intelligence services tapped the phones of allied leaders has generated understandable outrage in Europe. But far more significant is the American government’s practice of monitoring the communications of millions of ordinary people, who have no legal redress in the United States because they are foreigners.

Electronic surveillance has become easy. Authorities can reconstruct someone’s life with a simple request to their mobile phone provider, while the costs of storing and processing massive amounts of data have declined dramatically. We already live much of our lives through digital communications, and the trend will only accelerate, so we need swift reform, or the problems will escalate. The issue is not just our emails and mobile phones but also our calendars, address books and medical and banking records. Governments and corporations are increasingly able to track people’s location, associations and communications.

Existing legal frameworks were devised in an analogue age, when cross-border communication was rare and online communication and social media were unheard of. In that pre-internet age, surveillance techniques were labour-intensive and time-consuming, which helped to constrain arbitrary and abusive practices. The law has to catch up. [Continue reading…]

Facebooktwittermail

GCHQ used fake LinkedIn pages to target engineers

Der Spiegel reports: Elite GCHQ teams targeted employees of mobile communications companies and billing companies to gain access to their company networks. The spies used fake copies of LinkedIn profiles as one of their tools.

The Belgacom employees probably thought nothing was amiss when they pulled up their profiles on LinkedIn, the professional networking site. The pages looked the way they always did, and they didn’t take any longer than usual to load.

The victims didn’t notice that what they were looking at wasn’t the original site but a fake profile with one invisible added feature: a small piece of malware that turned their computers into tools for Britain’s GCHQ intelligence service.

The British intelligence workers had already thoroughly researched the engineers. According to a “top secret” GCHQ presentation disclosed by NSA whistleblower Edward Snowden, they began by identifying employees who worked in network maintenance and security for the partly government-owned Belgian telecommunications company Belgacom.

Then they determined which of the potential targets used LinkedIn or Slashdot.org, a popular news website in the IT community.

The computers of these “candidates” were then infected with computer malware that had been placed using infiltration technology the intelligence agency refers to as “Quantum Insert,” which enabled the GCHQ spies to deeply infiltrate the Belgacom internal network and that of its subsidiary BICS, which operates a so-called GRX router system. This type of router is required when users make calls or go online with their mobile phones while abroad. [Continue reading…]

Facebooktwittermail

How the NSA and GCHQ spied on OPEC

Der Spiegel reports: America’s NSA and Britain’s GCHQ are both spying on the OPEC oil cartel, documents from whistleblower Edward Snowden reveal. The security of the global energy supply is one of the most important issues for the intelligence agencies.

Documents disclosed by whistleblower Edward Snowden reveal that both America’s National Security Agency (NSA) and Britain’s Government Communications Headquarters (GCHQ) have infiltrated the computer network of the the Organization of the Petroleum Exporting Countries (OPEC).

In January 2008, the NSA department in charge of energy issues reported it had accomplished its mission. Intelligence information about individual petroleum-exporting countries had existed before then, but now the NSA had managed, for the first time, to infiltrate OPEC in its entirety.

OPEC, founded in 1960, has its headquarters in a box-like building in Vienna. Its main objective is to control the global oil market, and to keep prices high. The 12 member states include Saudi Arabia, Venezuela, Iran and Iraq.

When the NSA used the Internet to infiltrate OPEC’s computers, its analysts discovered an internal study in the OPEC Research Division. It stated that OPEC officials were trying to cast the blame for high oil prices on speculators. A look at files in the OPEC legal department revealed how the organization was preparing itself for an antitrust suit in the United States. And a review of the section reserved for the OPEC secretary general documented that the Saudis were using underhanded tactics, even within the organization. According to the NSA analysts, Riyadh had tried to keep an increase in oil production a secret for as long as possible. [Continue reading…]

Facebooktwittermail

Cyber spying risks the future of the internet, says Eugene Kaspersky

The Sydney Morning Herald reports: Cyber espionage between nations has reached such damaging levels it risks not only the trust between friendly countries, but the future of the internet itself.

That is the view of Eugene Kaspersky, the ebullient chief executive of Russian security firm Kaspersky Labs, who is in Canberra this week to deliver the message to politicians and business leaders.

Speaking ahead of his speech to the National Press Club on Thursday, Mr Kaspersky told Fairfax Media he was “very surprised” and concerned about the extent of espionage currently undertaken by Western countries. He also warned Australia to invest in educating a new generation of security engineers to future-proof its critical systems.

“Cyber espionage is not new,” he said. “We knew that from years ago, but I did not expect it in such a huge scale and coming from so many different nations.”
Advertisement

Mr Kaspersky said he feared governments would withdraw to their own parallel networks away from the prying eyes of others, and would cease investing in the development of the public internet, products and services.

“If governments and enterprises exit the public internet, there will be a lot less investment. If they emigrate to a separate zone, I’m afraid the internet will have a crisis”. [Continue reading…]

Facebooktwittermail

A fraying of the public/private surveillance partnership

Bruce Schneier writes: The public/private surveillance partnership between the NSA and corporate data collectors is starting to fray. The reason is sunlight. The publicity resulting from the Snowden documents has made companies think twice before allowing the NSA access to their users’ and customers’ data.

Pre-Snowden, there was no downside to cooperating with the NSA. If the NSA asked you for copies of all your Internet traffic, or to put backdoors into your security software, you could assume that your cooperation would forever remain secret. To be fair, not every corporation cooperated willingly. Some fought in court. But it seems that a lot of them, telcos and backbone providers especially, were happy to give the NSA unfettered access to everything. Post-Snowden, this is changing. Now that many companies’ cooperation has become public, they’re facing a PR backlash from customers and users who are upset that their data is flowing to the NSA. And this is costing those companies business.

How much is unclear. In July, right after the PRISM revelations, the Cloud Security Alliance reported that US cloud companies could lose $35 billion over the next three years, mostly due to losses of foreign sales. Surely that number has increased as outrage over NSA spying continues to build in Europe and elsewhere. There is no similar report for software sales, although I have attended private meetings where several large US software companies complained about the loss of foreign sales. On the hardware side, IBM is losing business in China. The US telecom companies are also suffering: AT&T is losing business worldwide.

This is the new reality. The rules of secrecy are different, and companies have to assume that their responses to NSA data demands will become public. This means there is now a significant cost to cooperating, and a corresponding benefit to fighting. [Continue reading…]

Facebooktwittermail

Firsthand accounts of how NSA surveillance chilled the right to association

The Electronic Frontier Foundation (EFF) has provided a federal judge with testimony from 22 separate advocacy organizations detailing how the National Security Agency’s (NSA) mass telephone records collection program has impeded the groups’ work, discouraged their members and reduced the numbers of people seeking their help via hotlines. The declarations accompanied a motion for partial summary judgment filed late Wednesday, in which EFF asks the court to declare the surveillance illegal on two levels — the law does not authorize the program, and the Constitution forbids it.

In First Unitarian Church of Los Angeles v. NSA, EFF represents a diverse array of environmentalists, gun-rights activists, religious groups, human-rights workers, drug-policy advocates and others that share one major commonality: they each depend on the First Amendment’s guarantee of free association. EFF argues that if the government vacuums up the records of every phone call — who made the call, who received the call, when and how long the parties spoke — then people will be afraid to join or engage with organizations that may have dissenting views on political issues of the day. The US government acknowledged the existence of the telephone records collection program this summer, after whistleblower Edward Snowden leaked a copy of a Foreign Intelligence Surveillance Court order authorizing the mass collection of Verizon telephone records.

“The plaintiffs, like countless other associations across the country, have suffered real and concrete harm because they have lost the ability to assure their constituents that the fact of their telephone communications between them will be kept confidential from the federal government,” EFF Senior Staff Attorney David Greene said. “This has caused constituents to reduce their calling. This is exactly the type of chilling effect on the freedom of association that the First Amendment forbids.” [Continue reading…]

Facebooktwittermail

Feinstein’s NSA bill shows she doesn’t have a clue about intelligence reform

Michelle Richardson writes: Members of Congress have introduced almost 30 separate bills to rein in NSA spying, increase transparency, or rework the secret court process that has sanctioned these programs. Two pieces of legislation, however, have momentum, and they couldn’t be more different.

The Senate Select Committee on Intelligence – the body charged with oversight of these very programs – advanced legislation introduced by its chair, Senator Dianne Feinstein (Democrat from California), last week that would entrench the current spying programs and give them explicit Congressional authorization to continue.

The legislation would make clear in no uncertain terms that communication records like phone, email, and internet data can be collected without even an ounce of suspicion, pursuant to the so-called privacy rules already in place. Being silent on other types of data like location information or financial records, it passively condones their collection too, but without even the benefit of the paltry protections in place now. For the first time in history, Congress would explicitly and intentionally authorize dragnet domestic spying programs targeting every day Americans.

The Feinstein bill also makes the current situation even worse. It gives the government a 72-hour grace period to warrantlessly spy on foreigners who enter the US, without even the attorney general approval that is currently required in emergency situations. It explicitly states that none of its provisions should be read to prevent law enforcement from digging through massive NSA databases for evidence of criminal activity. By doing so, it authorizes that specific practice in a roundabout way. Finally, it sets up the prospect of all members of Congress accessing important court orders and other information, but then undercuts this requirement by endorsing current rules and practices that have been used to prevent members of the House from reading foundational documents that could inform the votes they must make on whether to continue these programs. [Continue reading…]

Facebooktwittermail

A British subservience to government

Jonathan Freedland writes: Think of it as the ‘‘Skyfall’’ session. In a committee room of the House of Commons, the heads of the British secret services appeared on Thursday before a panel of M.P.’s in what might have been a re-enactment of that scene from the latest Bond movie — minus the shootout.

Even without gunfire, it was not short of drama. The mere sight of the heads of Britain’s domestic and foreign intelligence agencies, MI5 and MI6, along with the director of its listening post, G.C.H.Q., was spectacle enough. This was their first joint appearance in public, addressing a parliamentary intelligence and security committee whose hearings had, until now, always been held behind closed doors. (Indeed, little more than 20 years ago even the names of the intelligence chiefs were a state secret.)

That fact alone guaranteed coverage on the evening news. Which meant a rare focus on the topic that provided the session’s most electrifying moments: the Edward Snowden affair. Rare because the dominant British reaction to the revelations provided by Mr. Snowden, the former National Security Agency contractor, has been a shrug of indifference. The Guardian helped break the story — that the N.S.A. and G.C.H.Q. (Government Communications Headquarters) have engaged in mass surveillance of American and British citizens online — and has covered it intensely, but the rest of the British media have largely steered clear. In Parliament, a few maverick individuals have raised concerns about civil liberties and privacy. When others have mentioned the subject, it’s mostly been to accuse The Guardian of damaging national security, rather than to ask whether the intelligence agencies have gone too far.

What explains this reaction — so at odds with the response in the United States, where Congress is reviewing its oversight arrangements and where everyone from President Obama on down has acknowledged that a debate is necessary, if not overdue, and so at odds with, say, Germany, where memories of Stasi eavesdropping ensure revulsion at the notion of all-seeing surveillance? The answers say much about the current political landscape of Britain — and much of what lies beneath. [Continue reading…]

Facebooktwittermail

Rep. Alan Grayson asks Eric Holder if U.S. citizen Glenn Greenwald will actually be allowed back into the US without arrest

TechDirt: It’s horrifying enough that this question needs to be asked, but Rep. Alan Grayson, who has been one of the most vocal members of Congress in calling out the NSA’s bad behavior has sent a letter to Attorney General Eric Holder, seeking assurance that if US citizen Glenn Greenwald were to come back into the US that he could do so without being arrested. Grayson notes that a variety of prominent people, both within and outside the government (but who have influence on the government) have called for Greenwald to be arrested and prosecuted.

Mr. Greenwald, a United States citizen currently living in Brazil, has been publicly attacked by Members of Congress such as Representative Peter King, who on multiple occasions has called for his arrest merely because of his reporting as a journalist on the NSA. The Chairs of the Senate and House Intelligence Committees, Senator Dianne Feinstein and Representative Mike Rogers, have appeared to echo this threat, as have prominent foreign-policy commentators such as Alan Dershowitz and Marc Thiessen.

He also highlights the infamous UK detention of Greenwald’s partner, David Miranda. And then asks the basic question of whether or not the US government will agree that Greenwald can enter his own country without arrest for the crime of “journalism the government doesn’t like.” [Continue reading…]

Facebooktwittermail

Ben Franklin was right about the NSA

Eric Margolis writes: In 1975, I was invited to join the US Senate’s Church Committee that was formed after the Watergate scandals. Its goal was to investigate massive illegalities committed by the CIA, National Security Agency and FBI.

As a then staunch Republican, and having worked on President Nixon’s reelection campaign developing Mideast policy, I declined.

With the wisdom of hindsight, I should have joined the investigation.

Senator Frank Church warned: “ If this government ever became a tyrant, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back because the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of the government to know. “

The Church Committee revealed Washington’s role in the assassinations of foreign leaders, CIA collaboration with the Mafia, wide scale subversion around the globe, mail and phone intercepts, spying on Americans by the US Army and intelligence services, collusion with right-wing terrorist groups like Gladio, and much, much more.

Edward Snowden’s revelations of NSA malfeasance have done much the same thing today. Both Church and Snowden were branded traitors by rightwing zealots and flag-wavers. Government security agencies were reined in for decades. But it’s now clear they are not only back to their old tricks, but are out of control. [Continue reading…]

Facebooktwittermail

Snowden persuaded other NSA workers to give up passwords

Reuters reports: Former U.S. National Security Agency contractor Edward Snowden used login credentials and passwords provided unwittingly by colleagues at a spy base in Hawaii to access some of the classified material he leaked to the media, sources said.

A handful of agency employees who gave their login details to Snowden were identified, questioned and removed from their assignments, said a source close to several U.S. government investigations into the damage caused by the leaks.

Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator, a second source said. [Continue reading…]

Facebooktwittermail

Al Gore: Snowden ‘revealed evidence’ of crimes against U.S. constitution

The Guardian reports: Former US vice-president Al Gore has described the activities of the National Security Agency as “outrageous” and “completely unacceptable” and said whistleblower Edward Snowden has “revealed evidence” of crimes against the US constitution.

Gore, speaking Tuesday night at McGill University in Montreal, said he was in favour of using surveillance to ensure national security, but Snowden’s revelations showed that those measures had gone too far.

“I say that as someone who was a member of the National Security Council working in the White House and getting daily briefings from the CIA,” Gore said, in comments reported by the Canadian Press.

Gore had previously said he believed the practice of the NSA collecting US citizens phone records was unlawful and “not really the American way”, but his comments on Tuesday represent his strongest criticism yet. [Continue reading…]

Facebooktwittermail

Tim Berners-Lee: encryption cracking by spy agencies ‘appalling and foolish’

The Guardian reports: Sir Tim Berners-Lee, the computer scientist who created the world wide web, has called for a “full and frank public debate” over internet surveillance by the National Security Agency and its British counterpart, GCHQ, warning that the system of checks and balances to oversee the agencies has failed.

As the inventor of the global system of inter-connectivity known as the web, with its now ubiquitous www and http, Berners-Lee is uniquely qualified to comment on the internet spying revealed by the former NSA contractor Edward Snowden.

In an interview with the Guardian, he expressed particular outrage that GCHQ and the NSA had weakened online security by cracking much of the online encryption on which hundreds of millions of users rely to guard data privacy.

He said the agencies’ decision to break the encryption software was appalling and foolish, as it directly contradicted efforts of the US and UK governments to fight cybercrime and cyberwarfare, which they have identified as a national security priority. Berners-Lee also said it was a betrayal of the technology industry. [Continue reading…]

Facebooktwittermail

CIA is said to pay AT&T for call data

The New York Times reports: The C.I.A. is paying AT&T more than $10 million a year to assist with overseas counterterrorism investigations by exploiting the company’s vast database of phone records, which includes Americans’ international calls, according to government officials.

The cooperation is conducted under a voluntary contract, not under subpoenas or court orders compelling the company to participate, according to the officials. The C.I.A. supplies phone numbers of overseas terrorism suspects, and AT&T searches its database and provides records of calls that may help identify foreign associates, the officials said. The company has a huge archive of data on phone calls, both foreign and domestic, that were handled by its network equipment, not just those of its own customers.

The program adds a new dimension to the debate over government spying and the privacy of communications records, which has been focused on National Security Agency programs in recent months. The disclosure sheds further light on the ties between intelligence officials and communications service providers. And it shows how agencies beyond the N.S.A. use metadata — logs of the date, duration and phone numbers involved in a call, but not the content — to analyze links between people through programs regulated by an inconsistent patchwork of legal standards, procedures and oversight. [Continue reading…]

Facebooktwittermail