Category Archives: FBI

The Sony hack, fearless journalism and conflicts of interest

Given that The Intercept is a publication that trumpets its commitment to fearless journalism, you’d think they’d be all over the Sony hack story. National security threats, hacking, corporate power, cyberattacks — aren’t these more than enough ingredients for some hard-hitting investigative journalism?

Apparently not.

Instead we get Jana Winter (who before moving to The Intercept was a reporter at FoxNews.com for six years) recycling an old narrative about governmental negligence: “FBI warned Year Ago of impending Malware Attacks — But Didn’t Share Info with Sony.”

Nearly one year before Sony was hacked, the FBI warned that U.S. companies were facing potentially crippling data destruction malware attacks, and predicted that such a hack could cause irreparable harm to a firm’s reputation, or even spell the end of the company entirely. The FBI also detailed specific guidance for U.S. companies to follow to prepare and plan for such an attack.

But the FBI never sent Sony the report.

The Dec. 13, 2013 FBI Intelligence Assessment, “Potential Impacts of a Data-Destruction Malware Attack on a U.S. Critical Infrastructure Company’s Network,” warned that companies “must become prepared for the increasing possibility they could become victim to a data destruction cyber attack.”

How could Sony have been adequately prepared to meet this threat if the FBI had neglected to send them their report?!

Urrr… maybe Sony’s global chief information security officer Philip Reitinger knew something about the risks of a data destruction cyber attack. After all, directly before moving to Sony in 2011, Reitinger had been Deputy Under Secretary of the National Protection and Programs Directorate (NPPD) and Director of the National Cyber Security Center (NCSC) at the United States Department of Homeland Security. It seems likely that one way or another, Reitinger saw the FBI report.

Winter closes her “report” by quoting a source within the “information security industry” who said: “The question is, who dropped the ball?”

The Intercept in its headline and paragraph two doesn’t hesitate to answer that “question”: The FBI.

This is really a bizarrely irrelevant narrative to be spinning, given that there has already been so much reporting on Sony’s own negligence in handling cyber-security.

Winter makes the dubious assertion that in the eyes of the U.S. government, Sony is part of this nation’s “critical infrastructure” — the implication apparently being that the FBI is responsible for safeguarding the company’s cyber-security standards.

For The Intercept to want to portray the Sony story as a story about the failings of the U.S. government, is perhaps to be expected, given the ideological straightjacket inside which the publication remains trapped.

But maybe I’m just being cynical in thinking that there might be another explanation: that Glenn Greenwald hasn’t abandoned all hope Sony will produce his Snowden movie — even though a leaked November 14 email from Sony executive Doug Belgrad wrote that the Greenwald project “is unlikely to happen” — and so doesn’t want to embarrass his commercial partner.

Even if the Snowden movie has no bearing here, there is a deeper philosophical problem that the Sony hack story presents to The Intercept and everyone with a visceral fear of government.

American companies, fully aware of the government’s data collection capabilities want to see a more proactive partnership between the public and private sectors to improve information security and thwart cyberattacks. At the same time, libertarians and much of the public at large want to see these capabilities reined in, and businesses themselves don’t want to be burdened by overregulation.

Much as free-market economics promotes a myth of a self-balancing system that functions most efficiently by suffering the least governmental interference, the information economy sustains similar myths about its ability to self-organize.

But on the cyber frontier, threats from the likes of North Korea are probably smaller than those posed by agents whose identities remain forever concealed and whose motives may be as difficult to discern.

This year, hackers caused “massive damage” to a steel factory in Germany by gaining access to control systems that would have generally been expected to be physically separated from the internet, yet the emerging Internet of Things in which as many as 30 billion devices are expected to be connected by the end of the decade, suggests that physically destructive cyberattacks are destined to become much more commonplace.

The politics of information security right now favors an approach in which everyone is expected to maintain their own systems of fortification and yet the protection of collective interests may demand that we live in a world where there is much greater data transparency.

As things stand right now on the information highways, none of the vehicles are licensed, no one has insurance, most of the drivers are robots, and most of the robots are employed by crooks.

Facebooktwittermail

Was the FBI wrong on North Korea?

CBS News reports: Cybersecurity experts are questioning the FBI’s claim that North Korea is responsible for the hack that crippled Sony Pictures. Kurt Stammberger, a senior vice president with cybersecurity firm Norse, told CBS News his company has data that doubts some of the FBI’s findings.

While Norse is not involved in the Sony case, it has done its own investigation.

“We are very confident that this was not an attack master-minded by North Korea and that insiders were key to the implementation of one of the most devastating attacks in history,” said Stammberger.

He says Norse data is pointing towards a woman who calls herself “Lena” and claims to be connected with the so-called “Guardians of Peace” hacking group. Norse believes it’s identified this woman as someone who worked at Sony in Los Angeles for ten years until leaving the company this past May. [Continue reading…]

The New York Times adds: A number of private security researchers are increasingly voicing doubts that the hack of Sony’s computer systems was the work of North Korea.

President Obama and the F.B.I. last week accused North Korea of targeting Sony and pledged a “proportional response” just hours before North Korea’s Internet went dark without explanation. But security researchers remain skeptical, with some even likening the government’s claims to those of the Bush administration in the build-up to the Iraq war.

Fueling their suspicions is the fact that the government based its findings, in large part, on evidence that it will not release, citing the “need to protect sensitive sources and methods.” The government has never publicly acknowledged doing so, but the National Security Agency has begun a major effort to penetrate North Korean computer networks.

Because attributing the source of a cyberattack is so difficult, the government has been reluctant to do so except in the rarest of circumstances. So the decision to have President Obama charge that North Korea was behind the Sony hack suggested there is some form of classified evidence that is more conclusive than the indicators that the F.B.I. made public on Friday. “It’s not a move we made lightly,” one senior administration official said after Mr. Obama spoke.

Still, security researchers say they need more proof. “Essentially, we are being left in a position where we are expected to just take agency promises at face value,” Marc Rogers, a security researcher at CloudFlare, the mobile security company, wrote in a post Wednesday. “In the current climate, that is a big ask.”

Mr. Rogers, who doubles as the director of security operations for DefCon, an annual hacker convention, and others like Bruce Schneier, a prominent cryptographer and blogger, have been mining the meager evidence that has been publicly circulated, and argue that it is hardly conclusive. [Continue reading…]

Facebooktwittermail

No, North Korea didn’t hack Sony

Marc Rogers writes: All the evidence leads me to believe that the great Sony Pictures hack of 2014 is far more likely to be the work of one disgruntled employee facing a pink slip.

I may be biased, but, as the director of security operations for DEF CON, the world’s largest hacker conference, and the principal security researcher for the world’s leading mobile security company, Cloudflare, I think I am worth hearing out.

The FBI was very clear in its press release about who it believed was responsible for the attack: “The FBI now has enough information to conclude that the North Korean government is responsible for these actions,” they said in their December 19 statement, before adding, “the need to protect sensitive sources and methods precludes us from sharing all of this information”.

With that disclaimer in mind, let’s look at the evidence that the FBI are able to tell us about. [Continue reading…]

Facebooktwittermail

Did North Korea really attack Sony?

Bruce Schneier writes: I am deeply skeptical of the FBI’s announcement on Friday that North Korea was behind last month’s Sony hack. The agency’s evidence is tenuous, and I have a hard time believing it. But I also have trouble believing that the U.S. government would make the accusation this formally if officials didn’t believe it.

Clues in the hackers’ attack code seem to point in all directions at once. The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks. Korean language in the code also suggests a Korean origin, though not necessarily a North Korean one since North Koreans use a unique dialect. However you read it, this sort of evidence is circumstantial at best. It’s easy to fake, and it’s even easier to interpret it wrong. In general, it’s a situation that rapidly devolves into storytelling, where analysts pick bits and pieces of the “evidence” to suit the narrative they already have worked out in their heads.

In reality, there are several possibilities to consider: [Continue reading…]

Facebooktwittermail

Why there’s still reason to doubt North Korea was behind the Sony attack

Why would the FBI say it has “enough information to conclude that the North Korean government is responsible for these actions,” if that’s not really true?

Firstly, the FBI and the U.S. government as a whole is always reluctant to present itself as ignorant. Presenting itself as having privileged access to secret information is something every government does in order to bolster its image of power. The FBI can’t tell us exactly how it knows what it claims to know because “the need to protect sensitive sources and methods precludes us from sharing all of this information” — trust us; we know; we’re the FBI.

Secondly, the only way that North Korea can convincingly refute the accusation is to identify the real culprits — and they have no means of doing that.

Given the appalling reputation of the leaders of the hermit kingdom, there is a prevailing assumption of guilt even in the absence of compelling evidence, which makes the FBI’s accusation an easy sell.

Sean Gallagher recently wrote: “Based on the amount of data stolen, and the nature of the malware itself, it’s likely the attackers had physical access to the network and that the attack may have been ongoing for months…”

Are we to imagine that North Korea not only instigated the attack but was also able to recruit inside collaboration?

I can see this as central to the plot that numerous Hollywood screenwriters must currently be working on for a blockbuster thriller about how an evil dictator tries to destroy Hollywood, but I can’t really see it in real life.

Michael Hiltzik writes:

The North Korea/”Interview” narrative is comforting in several ways. It feeds into the tendency to attribute almost God-like capabilities to an adversary, especially a secretive one; that’s very much a scenario favored by Hollywood. (Think of the all-time definitive James Bond movie line, from “Dr. No”: “World domination–same old dream.”) And it helps Sony executives deflect blame — how could anyone expect them to defend against an attack by such a sinister, all-powerful enemy? You can expect to see more coverage, like this piece from CNN, about North Korea’s shadowy “Bureau 121,” purportedly its Cyberattack Central.

There are great dangers in mistaken attribution — it shifts attention from the real perpetrators, for one thing. A counterattack against North Korea could needlessly provoke the regime, wrecking the few diplomatic initiatives taking place.

Here’s a rundown of the counter-narrative.

–“Whitehat” hacker and security expert Marc W. Rogers argues that the pattern of the attack implies that the attackers “had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time … Occam’s razor suggests the simpler explanation of an insider,” perhaps one out for workplace revenge. (N.B. “Occam’s razor” is the principle that the simplest explanation for something is often the best.)

–The assertion that the attack was uniquely sophisticated, which is an element of the accusation against North Korea, is both untrue and incompatible with the North Korea narrative. It presupposes that a nation-state without a native computer infrastructure could launch an unprecedented assault. More to the point, very similar hacking technology has been used in earlier hacks in Saudi Arabia and elsewhere. The consulting firm Risk Based Security has a discussion of these and other aspects of the Sony affair.

It’s worth noting that Risk Based Security’s team isn’t entirely convinced by the FBI statement. In an update to their commentary Friday, they observed that the agency has “not released any evidence to back these claims.” They add: “While the FBI certainly has many skilled investigators, they are not infallible. Remember, this agency represents the same government that firmly stated that Iraq had weapons of mass destruction, leading the U.S. into a more than ten year conflict, which was later disproven.

Finally, Caroline Baylon from Chatham House, in an interview with ITN, laid out the reasons why the North Korean government was probably not behind the hack:

Facebooktwittermail

Feds release new details about malware targeting Sony

Ars Technica reports: The highly destructive malware believed to have hit the networks of Sony Pictures Entertainment contained a cocktail of malicious components designed to wreak havoc on infected networks, according to new technical details released by federal officials who work with private sector security professionals.

An advisory published Friday by the US Computer Emergency Readiness Team said the central malware component was a worm that propagated through the Server Message Block protocol running on Microsoft Windows networks. The worm contained brute-force cracking capabilities designed to infect password-protected storage systems. It acted as a “dropper” that then unleashed five components. The advisory, which also provided “indicators of compromise” that can help other companies detect similar attacks, didn’t mention Sony by name. Instead, it said only that the potent malware cocktail had targeted a “major entertainment company.” The FBI and White House have pinned the attack directly on North Korea, but so far have provided little proof. [Continue reading…]

Facebooktwittermail

U.S. ties to terrorism in Iran

The New York Times reports: After a car bombing in southeastern Iran killed 11 Revolutionary Guard members in 2007, a C.I.A. officer noticed something surprising in the agency’s files: an intelligence report, filed ahead of the bombing, that had warned that something big was about to happen in Iran.

Though the report had provided few specifics, the C.I.A. officer realized it meant that the United States had known in advance that a Sunni terrorist group called Jundallah was planning an operation inside Shiite-dominated Iran, two former American officials familiar with the matter recalled. Just as surprising was the source of the report. It had originated in Newark, with a detective for the Port Authority of New York and New Jersey.

The Port Authority police are responsible for patrolling bridges and tunnels and issuing airport parking tickets. But the detective, a hard-charging and occasionally brusque former ironworker named Thomas McHale, was also a member of an F.B.I. counterterrorism task force. He had traveled to Afghanistan and Pakistan and developed informants inside Jundallah’s leadership, who then came under the joint supervision of the F.B.I. and C.I.A.

Reading the report, the C.I.A. officer became increasingly concerned. Agency lawyers he consulted concluded that using Islamic militants to gather intelligence — and obtaining information about attacks ahead of time — could suggest tacit American support for terrorism. Without specific approval from the president, the lawyers said, that could represent an unauthorized covert action program. The C.I.A. ended its involvement with Mr. McHale’s informants.

Despite the C.I.A.’s concerns, American officials continued to obtain intelligence from inside Jundallah, first through the F.B.I., and then the Pentagon. Contacts with informants did not end when Jundallah’s attacks led to the deaths of Iranian civilians, or when the State Department designated it a terrorist organization. [Continue reading…]

Facebooktwittermail

Federal judge says public has a right to know about FBI’s facial recognition database

Nextgov reports: A federal judge has ruled that the FBI’s futuristic facial-recognition database is deserving of scrutiny from open-government advocates because of the size and scope of the surveillance technology.

U.S. District Judge Tanya Chutkan said the bureau’s Next Generation Identification program represents a “significant public interest” due to concerns regarding its potential impact on privacy rights and should be subject to rigorous transparency oversight.

“There can be little dispute that the general public has a genuine, tangible interest in a system designed to store and manipulate significant quantities of its own biometric data, particularly given the great numbers of people from whom such data will be gathered,” Chutkan wrote in an opinion released late Wednesday.

Her ruling validated a Freedom of Information Act lawsuit filed by the Electronic Privacy Information Center that last year made a 2010 government report on the database public and awarded the group nearly $20,000 in attorneys’ fees. That government report revealed the FBI’s facial-recognition technology could fail up to 20 percent of the time. Privacy groups believe that failure rate may be even higher, as a search can be considered successful if the correct suspect is listed within the top 50 candidates. [Continue reading…]

Facebooktwittermail

The FBI’s secret House meeting to get access to your iPhone

National Journal reports: The Obama administration is ramping up its campaign to force technology companies to help the government spy on their users.

FBI and Justice Department officials met with House staffers this week for a classified briefing on how encryption is hurting police investigations, according to staffers familiar with the meeting.

The briefing included Democratic and Republican aides for the House Judiciary and Intelligence Committees, the staffers said. The meeting was held in a classified room, and aides are forbidden from revealing what was discussed.

Facebooktwittermail

FBI warns news outlets that group affiliated with ISIS is targeting journalists

The Washington Post reports: The FBI on Thursday warned news organizations that it had recently obtained “credible information” indicating that members of an Islamic State-affiliated group have been “tasked with kidnapping journalists” in the region and taking them to Syria.

The bureau noted that supporters of the terrorist group have called on members to retaliate against the United States and its allies for airstrikes in Iraq and Syria and have identified journalists as “desirable targets.”

The warning was released as a rare intelligence bulletin to news outlets so they could take security precautions. [Continue reading…]

Facebooktwittermail

Visiting the ODNI: A day of speaking truth to power

Quinn Norton: “It’s called ‘the crackpot realism of the present’” someone said to me, and handed me a note. I folded up the note, and stuffed it in my purse. This was a phrase used to explain, much more clearly than I was doing at the time, the bias of thinking that now is right, forgetting that the future will look back on our ideas with the same curious and horrified amusement we watch the human past with. It’s believing, without any good reason, that right now makes sense.

The present I was in right then didn’t make a lot of sense.

I was sitting in a cleared facility near Tyson’s Corner in Virginia, the beating heart of the industrial-military-intelligence-policing complex, the Office of the Director of National Intelligence. I was there to help the government. Of the places I did not expect to ever go, at least not of my free will, the ODNI would be up there.

A few weeks ago, a friend from the Institute for the Future [IFTF] asked me if I would fly to DC for a one day workshop on the future of identity with the Office of the Director of National Intelligence. “What?” I sputtered, “Did they google me?” and then, mentally: Duh. The ODNI can do a lot more than google me.

I knew IFTF had intel clients, with whom I have occasionally chatted at events in the past. My policy when confronted with spooks asking questions about how the world works is to give them as much information as I can — one of my biggest problems with how security services work is their lack of wisdom. If I can reach people in positions of power and persuade them to critically examine that power, I consider that a win. I also consider it a long shot.

An invite from the ODNI is a strange thing. I’ve been publicly critical of them, sometimes viciously so. A few days earlier I tweeted that their director should be publicly tried for lying to Congress. I’ve written about the toxicity of the NSA spying (under ODNI direction), the corrupt fictions of Anonymous staged by the FBI (FBI/NSB is within ODNI’s area) and spoken out countless times in the last eight years against warrantless spying. I have even less love for the FBI and DOJ.

I turned the offer over in my head. I was influenced by a few things –yes it was paid, but not well paid. It was what I normally get from IFTF for a day of my time, and given the travel commitment, a bit low. I weighed the official imprimatur of involvement, and that was a factor. I am afraid of being pursued and harassed by my government. This has never happened to me in relation to my work, though I have been turned down for housing by people who feared I might bring police attention. It has to my friends, sources and associates. I know what it feels like, what they do when you’re a target, because I have been subject to terrorizing tactics and harassment because of whom I chose to love. I have publicly acknowledged that I self-censor because of this fear. I have a child to raise, and you can’t do that while you fight for your life and freedom in court. Raising my profile with the government as an expert probably makes me harder to harass.

I told my IFTF contact I don’t sign NDAs (which he already knew) and that I’d have to be public about my attendance and write about it. He told me they were publicly publishing their work for the ODNI too. “Huh,” I said to my screen. The organizers were on board with all of it. They wanted me in particular.

Finally, I thought about the hell I would get from the internet — like government harassment, internet harassment is part of the difficult and hated process of self-censorship for me.

In the end, I said yes, because you only get so far talking to your friends. [Continue reading…]

Facebooktwittermail

Document shows it was the FBI, not the NSA, that monitored 5 Americans

electrospaces.net: [O]n July 9, 2014, Glenn Greenwald published an article which he earlier announced as being the grand finale of the Snowden-revelations. It would demonstrate that NSA is also spying on ordinary American citizens, something that would clearly be illegal.

The report is titled “Meet the Muslim-American Leaders the FBI and NSA Have Been Spying On” and it tells the story of Faisal Gill, Asim Ghafoor, Hooshang Amirahmadi, Agha Saeed and Nihad Awad whose e-mail addresses were found in an NSA file from the Snowden-trove. Although the article confusingly mentions both FBI and NSA, many people and media got the impression that this was the long-awaited major NSA abuse scandal.

But as we will show here, the document that was published contains no evidence of any involvement of the NSA in this particular case. Everything indicates that it was actually an FBI operation, so it seems not justified to have NSA mentioned in the article. [Continue reading…]

Facebooktwittermail

The FBI’s dirty little secret: The NSA wasn’t the only one snooping on ordinary Americans

Shane Harris writes: Believe it or not, some officials at the National Security Agency are breathing a sigh of relief over Glenn Greenwald’s new exposé on the government’s secret surveillance of U.S. citizens. That’s because it’s the FBI that finds itself in the cross-hairs now, in a story that identifies by name five men, including prominent Muslim American civil rights activists and lawyers, whose emails were monitored by the FBI using a law meant to target suspected terrorists and spies. The targets of the spying allege that they were singled out because of their race, religion, and political views — accusations that, if true, would amount to the biggest domestic intelligence scandal in a generation and eclipse any of the prior year’s revelations from documents provided by leaker Edward Snowden.

After a year in which the digital spies at the NSA have taken unrelenting heat on Capitol Hill and in the media, it’s rare for the FBI to come under scrutiny — and that’s surprising, given the central role that the bureau plays in conducting surveillance operations, including all secret intelligence-gathering aimed at Americans inside the United States. “It’s an important point of distinction that it was the FBI directing this, not the NSA,” said a former senior intelligence official, welcoming the shift in focus away from the beleaguered spy agency to its often-overlooked partner.

Ever since the 9/11 attacks, the FBI has been frequently cast as the judicious and measured army of the war on terror, the home to interrogation experts who know how to coax secrets out of detained terrorists without resorting to the “enhanced techniques” of the CIA. But now, the FBI, and with it the Justice Department, finds itself exposed for spying on Americans who were never accused of any crime, and in the position of having to defend and explain its reasoning for taking that intrusive step. [Continue reading…]

Facebooktwittermail

Exposed: FBI and NSA spying on law-abiding Muslim-American leaders

The Intercept reports: The National Security Agency and FBI have covertly monitored the emails of prominent Muslim-Americans—including a political candidate and several civil rights activists, academics, and lawyers—under secretive procedures intended to target terrorists and foreign spies.

According to documents provided by NSA whistleblower Edward Snowden, the list of Americans monitored by their own government includes:

• Faisal Gill, a longtime Republican Party operative and one-time candidate for public office who held a top-secret security clearance and served in the Department of Homeland Security under President George W. Bush;

• Asim Ghafoor, a prominent attorney who has represented clients in terrorism-related cases;

• Hooshang Amirahmadi, an Iranian-American professor of international relations at Rutgers University;

• Agha Saeed, a former political science professor at California State University who champions Muslim civil liberties and Palestinian rights;

• Nihad Awad, the executive director of the Council on American-Islamic Relations (CAIR), the largest Muslim civil rights organization in the country.

The individuals appear on an NSA spreadsheet in the Snowden archives called “FISA recap” — short for the Foreign Intelligence Surveillance Act. Under that law, the Justice Department must convince a judge with the top-secret Foreign Intelligence Surveillance Court that there is probable cause to believe that American targets are not only agents of an international terrorist organization or other foreign power, but also “are or may be” engaged in or abetting espionage, sabotage, or terrorism. The authorizations must be renewed by the court, usually every 90 days for U.S. citizens.

The spreadsheet shows 7,485 email addresses listed as monitored between 2002 and 2008. Many of the email addresses on the list appear to belong to foreigners whom the government believes are linked to Al Qaeda, Hamas, and Hezbollah. Among the Americans on the list are individuals long accused of terrorist activity, including Anwar al-Awlaki and Samir Khan, who were killed in a 2011 drone strike in Yemen.

But a three-month investigation by The Intercept — including interviews with more than a dozen current and former federal law enforcement officials involved in the FISA process — reveals that in practice, the system for authorizing NSA surveillance affords the government wide latitude in spying on U.S. citizens. [Continue reading…]

Facebooktwittermail

BlackShades malware bust ends in nearly 100 arrests worldwide

CNET reports: Law enforcement officials from 19 countries joined forces over the last two days to takedown nearly 100 alleged hackers. These purported hackers were said to be creating, selling, and using what the FBI calls a “particularly insidious” computer malware known as BlackShades.

Over the course of the operation, officials’ searched 359 houses and confiscated more than 1,100 data storage devices, such as computers, laptops, cell phones, routers, external hard drives, and USB memory sticks. Law enforcement also seized “substantial quantities” of cash, illegal firearms, and drugs, according to the European Union’s law enforcement agency Europol.

BlackShades is a type of malicious software that acts as a Remote Access Tool, or RAT — letting users remotely control a victim’s computer. Once a hacker installs BlackShades onto a victim’s computer, they can see anything on the computer, such as documents, photographs, passwords, banking credentials, and more. They can also deny access to files, record victims’ keystrokes, and activate the computer’s webcam.

One case of BlackShades use documented by Europol involved an 18-year-old man from the Netherlands who allegedly infected roughly 2,000 computers to take photos of women and girls who were using the machines.

Since 2010, BlackShades has been distributed and sold to thousands of people worldwide in more than 100 countries and used to infect more than half a million computers, according the FBI. Certain versions of the malware can be bought for as little as $40. [Continue reading…]

Facebooktwittermail

Israel’s aggressive spying in the U.S. mostly hushed up

Jeff Stein reports: When White House national security advisor Susan Rice’s security detail cleared her Jerusalem hotel suite for bugs and intruders Tuesday night, they might’ve had in mind a surprise visitor to Vice President Al Gore’s room 16 years ago this week: a spy in an air duct.

According to a senior former U.S. intelligence operative, a Secret Service agent who was enjoying a moment of solitude in Gore’s bathroom before the Veep arrived heard a metallic scraping sound. “The Secret Service had secured [Gore’s] room in advance and they all left except for one agent, who decided to take a long, slow time on the pot,” the operative recalled for Newsweek. “So the room was all quiet, he was just meditating on his toes, and he hears a noise in the vent. And he sees the vent clips being moved from the inside. And then he sees a guy starting to exit the vent into the room.”

Did the agent scramble for his gun? No, the former operative said with a chuckle. “He kind of coughed and the guy went back into the vents.”

To some, the incident stands as an apt metaphor for the behind-closed-doors relations between Israel and America, “frenemies” even in the best of times. The brazen air-duct caper “crossed the line” of acceptable behavior between friendly intelligence services – but because it was done by Israel, it was quickly hushed up by U.S. officials.

Despite strident denials this week by Israeli officials, Israel has been caught carrying out aggressive espionage operations against American targets for decades, according to U.S. intelligence officials and congressional sources. And they still do it. They just don’t get arrested very often. [Continue reading…]

Facebooktwittermail

FBI keeps internet flaws secret to defend against hackers

Bloomberg reports: The Obama administration is letting law enforcement keep computer-security flaws secret in order to further U.S. investigations of cyberspies and hackers.

The White House has carved out an exception for the Federal Bureau of Investigation and other agencies to keep information about software vulnerabilities from manufacturers and the public. Until now, most debate has focused on how the National Security Agency stockpiles and uses new-found Internet weaknesses, known as zero-day exploits, for offensive purposes, such as attacking the networks of adversaries.

The law enforcement operations expose a delicate and complicated balancing act when it comes to agencies using serious security flaws in investigations versus disclosing them to protect all Internet users, according to former government officials and privacy advocates. [Continue reading…]

Facebooktwittermail

FBI abruptly walks out on Senate briefing after being asked how ‘insider threat’ program avoids whistleblowers

Mike Masnick writes: While we’ve been disappointed that Senator Chuck Grassley appears to have a bit of a double standard with his staunch support for whistleblowers when it comes to Ed Snowden, it is true that he has fought for real whistleblower protections for quite some time. Lately, he’s been quite concerned that the White House’s “Insider Threat Program” (ITP) is really just a cover to crack down on whistleblowers. As we’ve noted, despite early promises from the Obama administration to support and protect whistleblowers, the administration has led the largest crackdown against whistleblowers, and the ITP suggests that the attack on whistleblowers is a calculated response. The program documentation argues that any leak can be seen as “aiding the enemy” and encourages government employees to snitch on each other if they appear too concerned about government wrong-doing. Despite all his high minded talk of supporting whistleblowers, President Obama has used the Espionage Act against whistleblowers twice as many times as all other Presidents combined. Also, he has never — not once — praised someone for blowing the whistle in the federal government.

Given all of that, Senator Grassley expressed some concern about this Insider Threat Program and how it distinguished whistleblowers from actual threats. He asked the FBI for copies of its training manual on the program, which it refused to give him. Instead, it said it could better answer any questions at a hearing. However, as Grassley explains, when questioned about this just 10 minutes into the hearing, the FBI abruptly got up and left: [Continue reading…]

Facebooktwittermail