NSA | KitGuru https://www.kitguru.net KitGuru.net - Tech News | Hardware News | Hardware Reviews | IOS | Mobile | Gaming | Graphics Cards Thu, 06 Oct 2016 10:12:47 +0000 en-US hourly 1 https://wordpress.org/?v=6.4.3 https://www.kitguru.net/wp-content/uploads/2021/06/cropped-KITGURU-Light-Background-SQUARE2-32x32.png NSA | KitGuru https://www.kitguru.net 32 32 Snowden 2.0? Another NSA contractor arrested for classified theft https://www.kitguru.net/gaming/security-software/jon-martindale/snowden-2-0-another-nsa-contractor-arrested-for-classified-theft/ https://www.kitguru.net/gaming/security-software/jon-martindale/snowden-2-0-another-nsa-contractor-arrested-for-classified-theft/#respond Thu, 06 Oct 2016 10:12:47 +0000 http://www.kitguru.net/?p=307971 The U.S. Department of Justice has confirmed that a government contractor was arrested in August and charged with removing and retaining classified materials without permission. Other sources have confirmed it was an NSA contractor who was detained, though it isn't clear at this time what information he is alleged to have stolen. The man in …

The post Snowden 2.0? Another NSA contractor arrested for classified theft first appeared on KitGuru.]]>
The U.S. Department of Justice has confirmed that a government contractor was arrested in August and charged with removing and retaining classified materials without permission. Other sources have confirmed it was an NSA contractor who was detained, though it isn't clear at this time what information he is alleged to have stolen.

The man in question is Harold Thomas Martin III, who worked for U.S. based management consulting firm, Booz Allen Hamilton, as a contractor for the NSA. He was arrested on 27th August and charged two days later as per the New York Times. His legal team released a statement saying that he was a family man who loved his country and would never betray it.

Ars has it that prosecutors have received search warrants for his home, vehicle and two storage sheds, within which documents and digital information had been recovered. Some of that material is said to have identifiers which pin it as documents that are property of the U.S. government and some classified material.

therecruit

No word yet if Pacino talked him into it

Although a full confession has not been discussed, Martin is said to have admitted wrongdoing in this instance and said that he knew he shouldn't have some of the material at home.

What isn't clear from this whole investigation though, is the motive behind it all. There have been high-profile instances of negligence on behalf of U.S. government employees, as well as deliberate attempts at whistle blowing. In the latter sense, this instance does have similarities to the Edward Snowden leaks, which saw the NSA contractor flee overseas before revealing mass surveillance by governments around the world.

It may well be that Martin was looking to make revelations about secretive NSA activities, though it may also be that he simply brought materials home without thought.

While there are protections for whistle blowers under U.S. law, the Obama administration has shown little sympathy for them in the past. While Snowden remains a wanted man, presumably residing somewhere in Russia, Chelsea (formerly Bradley) Manning, who leaked military reports which some argue helped catalsye the Arab Spring, resides in jail, where she will likely spend several decades.

Discuss on our Facebook page, HERE.

KitGuru Says: If Martin was intending to leak those secretive documents to the press or world at large, I cannot imagine his next few months and years will be easy. For his sake, I hope it was a dumb mistake. 

 

The post Snowden 2.0? Another NSA contractor arrested for classified theft first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/snowden-2-0-another-nsa-contractor-arrested-for-classified-theft/feed/ 0
Yahoo said to be complicit in email scanning for U.S. intelligence https://www.kitguru.net/gaming/security-software/jon-martindale/yahoo-said-to-be-complicit-in-email-scanning-for-u-s-intelligence/ https://www.kitguru.net/gaming/security-software/jon-martindale/yahoo-said-to-be-complicit-in-email-scanning-for-u-s-intelligence/#respond Wed, 05 Oct 2016 08:34:19 +0000 http://www.kitguru.net/?p=307859 If you're a Yahoo email user, you should be aware that in 2015 the web giant built a specialised piece of software to scan all incoming emails to all Yahoo mail accounts, searching for certain phrases and statements related to U.S. intelligence. Three former employees have claimed to have seen the surveillance in action and said …

The post Yahoo said to be complicit in email scanning for U.S. intelligence first appeared on KitGuru.]]>
If you're a Yahoo email user, you should be aware that in 2015 the web giant built a specialised piece of software to scan all incoming emails to all Yahoo mail accounts, searching for certain phrases and statements related to U.S. intelligence. Three former employees have claimed to have seen the surveillance in action and said it was the reason for Yahoo information security officer, Alex Stamos, leaving that same year.

“Yahoo is a law abiding company, and complies with the laws of the United States,” is the only statement Yahoo has released on the matter. However Reuters cites three ex-Yahoo workers as sources, as well as a fourth person said to be ‘familiar with the matter.' It claims Yahoo's legal department was contacted by a federal agency, though it remains unconfirmed if it was FBI or NSA.

It also remains unclear what information Yahoo was tasked to find or who it related to. It's possible that since it was said to be using intelligence information as a marker, that perhaps it was helping to discover the identity or location of a whistleblower or leaker, like Edward Snowden and Julian Assange.

yahoo

What's staggering with this news though isn't necessarily that the surveillance took place – surveillance of email is hardly new – but the scale of it. Scanning every incoming email means that not only did Yahoo breach the privacy of every one of its users without a warrant, but it also did so for anyone who emailed its customers. That's arguably data it had no right to.

When asked it if had received similar requests with regards to its Gmail service, Google said that it had never and would never comply with any such demands. Microsoft too said it had never engaged in any email scanning.

It could be that Yahoo believed if it fought the demand, that it would lose. In 2007 it previously contested a similar request for specific email accounts without a warrant. Yahoo purportedly challenged it and lost, so perhaps it wanted to avoid a similar instance in 2015.

Regardless, it's claimed that the discovery of this clandestine surveillance is why chief information security officer at Yahoo, Alex Stamos, resigned in 2015.

It will be interesting to see if this revelation has any impact on Yahoo's pending sale to media giant Verizon.

Discuss on our Facebook page, HERE.

KitGuru Says: This is a pretty gross use of power and a clear indication of why encryption is so important in protecting the privacy of individuals around the world. 

The post Yahoo said to be complicit in email scanning for U.S. intelligence first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/yahoo-said-to-be-complicit-in-email-scanning-for-u-s-intelligence/feed/ 0
Edward Snowden thinks NSA hacker leak was a warning https://www.kitguru.net/gaming/security-software/jon-martindale/edward-snowden-thinks-nsa-hacker-leak-was-a-warning/ https://www.kitguru.net/gaming/security-software/jon-martindale/edward-snowden-thinks-nsa-hacker-leak-was-a-warning/#comments Wed, 17 Aug 2016 10:47:03 +0000 http://www.kitguru.net/?p=303228 Yesterday the news hit that an organisation appeared to have hacked the command and control server for an NSA-tied hacking group, purportedly known as Equation Group. Looking at the information and tools released, Edward Snowden thinks this was a warning from a foreign nation. Equation Group is an NSA-linked hacking collective considered by many to …

The post Edward Snowden thinks NSA hacker leak was a warning first appeared on KitGuru.]]>
Yesterday the news hit that an organisation appeared to have hacked the command and control server for an NSA-tied hacking group, purportedly known as Equation Group. Looking at the information and tools released, Edward Snowden thinks this was a warning from a foreign nation.

Equation Group is an NSA-linked hacking collective considered by many to be one of the most advanced in the world, but that doesn't mean it's immune to having its dirty washing exposed. That's what seems to have happened in the case of this sever hack, with many advanced hacking tools now being put up for auction by those claiming responsibility.

According to Snowden though, this isn't anything that new. While the rules might state that all servers be cleaned of tools after use, people are lazy he said, which is why these hackers found tools from 2010 through 2013 on the server.

What is new though, is a group talking about it. It seems unlikely that anyone is going to hand over the million Bitcoin ransom price for these tools, so why would the hackers announce it? In Snowden's mind, this is a warning.

He suggests there could be some Russian involvement and that this warning is designed to show that proof exists that the U.S. took part in certain hacks, by linking it to the tools discovered on the server. It could be a way of forcing officials not to look too deeply into the recent hacks of the Democratic National Convention in America. If they did and started pointing fingers, this group may start to point them right back, with real evidence.

Funnily enough though, Snowden thinks that his initial document leak may have actually helped in this instance. His original story came out in mid-2013, around the time that this server appears to have stopped being used. It could be that his leak caused a migration as a precaution – even if they didn't clean house first.

Discuss on our Facebook page, HERE.

KitGuru Says: It would be really interesting to look at an alternate timeline where Snowden didn't flee to China/Russia and didn't leak anything. Would this leak have been even worse of the NSA?

Image source: Wikimedia

 

The post Edward Snowden thinks NSA hacker leak was a warning first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/edward-snowden-thinks-nsa-hacker-leak-was-a-warning/feed/ 2
Hackers claim to have cracked NSA-tied white hat team https://www.kitguru.net/gaming/security-software/jon-martindale/hackers-claim-to-have-cracked-nsa-tied-white-hat-team/ https://www.kitguru.net/gaming/security-software/jon-martindale/hackers-claim-to-have-cracked-nsa-tied-white-hat-team/#comments Tue, 16 Aug 2016 10:42:38 +0000 http://www.kitguru.net/?p=303167 Hackers are some of the most security conscious in the world. When you're trying to break safeguards all day, you have a good knowledge of how to protect yourself. So you'd assume a group of white hats tied to the NSA would be doubly safe, but not from everyone. A second group of hackers is …

The post Hackers claim to have cracked NSA-tied white hat team first appeared on KitGuru.]]>
Hackers are some of the most security conscious in the world. When you're trying to break safeguards all day, you have a good knowledge of how to protect yourself. So you'd assume a group of white hats tied to the NSA would be doubly safe, but not from everyone. A second group of hackers is claiming to have bust their servers wide open.

The group in question, going by the name of Shadow Brokers, claimed to have infiltrated the data storage for another hacking collective, Equation Group. Although this might not be big news on the surface, the latter organisation has been linked with the NSA and may well be responsible for some of the hacks it has participated in over the years.

There's even a suggestion that it was behind the Stuxnet worm that took down Iran's nuclear power plants.

hackerringleaders

Although we don't know much, we do have this shot of the ringleaders in action.

Lending credence to Shadow Brokers claims, is that it's not released emails or documents, but legitimate hacking tools. Ars reports that they are rather advanced too and date back to as early as 2010, suggesting quite a comprehensive breach.

“We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many, many Equation Group cyber weapons […] You break many things. You find many intrusions […] we auction the best files,” the Shadow Brokers' post reads.

Currently Shadow Brokers are looking for a million Bitcoins in return, or around £430 million.

Although there has yet to be any word from the NSA or an official representative of any hacking group, some security analysts have confirmed that at least portions of the hacked files and tools appear to be genuine. However the general consensus so far is that Equation Group wasn't hacked, but one of its command-and-control servers was, which let the ‘brokers gain access to some data, but far from all.

Discuss on our Facebook page, HERE.

KitGuru Says: I doubt we'll see any real response to this. If it can be proved that the NSA was compromised, even through a third party though, that would be monumental.

The post Hackers claim to have cracked NSA-tied white hat team first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/hackers-claim-to-have-cracked-nsa-tied-white-hat-team/feed/ 2
Snowden: the CIA did not ‘accidentally’ destroy torture report https://www.kitguru.net/gaming/security-software/jon-martindale/snowden-the-cia-did-not-accidentally-destroy-torture-repot/ https://www.kitguru.net/gaming/security-software/jon-martindale/snowden-the-cia-did-not-accidentally-destroy-torture-repot/#comments Fri, 20 May 2016 11:05:43 +0000 http://www.kitguru.net/?p=293390 American whistle blower and Russian resident Edward Snowden, doesn't believe the CIA when it claims it “accidentally,” destroyed a 6,700 page torture report, claiming that it never does anything like that without proper consideration. “When the CIA destroys something, it's never a mistake,” he said. The CIA was recently quoted in the press saying that it had …

The post Snowden: the CIA did not ‘accidentally’ destroy torture report first appeared on KitGuru.]]>
American whistle blower and Russian resident Edward Snowden, doesn't believe the CIA when it claims it “accidentally,” destroyed a 6,700 page torture report, claiming that it never does anything like that without proper consideration. “When the CIA destroys something, it's never a mistake,” he said.

The CIA was recently quoted in the press saying that it had mistakenly destroyed a 6,700 page document that was intended to inform the senate on interrogation, though many people termed it a ‘torture report.' The digital file was first deleted by accident we were told and then later the original disk containing the report was also inadvertently destroyed.

Snowden doesn't see it that way though. In-fact he was happy to allude that the CIA would deliberately destroy such a report. He would know too, since he claims to have written the Emergency Destructive Plan.

Although its location is unknown, it is said that another copy of the report exists, though whether that will be ‘accidentally' destroyed too is anyone's guess. It is said to contain details on controversial U.S. torture practices like waterboarding and sleep deprivation.

Even if it does exist and survives though, the public are unlikely ever to see it. A U.S. court of appeals recently ruled it as not subject to the Freedom of Information act (as per Independent).

Snowden in the mean time remains in Russia, where he sought asylum after fleeing the U.S., initially to China, in order to blow the whistle on NSA mass surveillance. He has since continued to disparage governments that breach privacy law and has called for a reduction in government's and intelligence agencies spying on their own citizens.

Discuss on our Facebook page, HERE.

KitGuru Says: It seems obvious what's happened here. All I can imagine is the shredding scene from Devil's Advocate. Nothing to see here, move along.

The post Snowden: the CIA did not ‘accidentally’ destroy torture report first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/snowden-the-cia-did-not-accidentally-destroy-torture-repot/feed/ 7
Meta data can reveal more about you than you thought https://www.kitguru.net/channel/jon-martindale/meta-data-can-reveal-more-about-you-than-you-thought/ https://www.kitguru.net/channel/jon-martindale/meta-data-can-reveal-more-about-you-than-you-thought/#comments Wed, 18 May 2016 09:54:17 +0000 http://www.kitguru.net/?p=293198 One of the big arguments for more government surveillance, is that they're only ever after metadata. While that is rarely true, in the cases that it is, it's cited as being just a record of your calls, not the content of them. But it turns out that knowing who was called and when, can reveal …

The post Meta data can reveal more about you than you thought first appeared on KitGuru.]]>
One of the big arguments for more government surveillance, is that they're only ever after metadata. While that is rarely true, in the cases that it is, it's cited as being just a record of your calls, not the content of them. But it turns out that knowing who was called and when, can reveal a lot about a person.

Looking into just how revealing metadata can be, Stanford University conducted a recent study where it analysed the phone call and text logs from 800 volunteers over a six month period. In total they gathered up the details on 250,000 calls and 1.2 million texts.

That information and the patterns that emerged, allowed the testers – without reading the contents of those communications – to identify names of spouses, addresses, health conditions like heart disease and MS and in one case a pregnancy.

phonecall

‘Who you gonna call? We already know.' Source: Pexels

One of the test subjects was found to own an AR 15 rifle, after placing certain calls to a firearms dealer and customer support helplines for a major manufacturer. The pregnancy was identified based on calls to planned parenthood at specific times, along with other local health organisations.

As the Telegraph points out, the information that Stanford recorded is exactly the same type of data that both U.S. and British governments collect on their citizens, with the idea being that it can be used to identify terrorists and other nefarious criminals. It turns out though that it can reveal a lot more than that about individuals, information that should be private.

Especially considering none of this information was gathered with a warrant. Indeed, ex NSA director Michael Hayden, was quoted previously as saying that “we kill people based on metadata,” showing that if your calls and texts paint a poor picture of you, then your very life could be in danger in some cases.

Discuss on our Facebook page, HERE.

KitGuru Says: This just shows that even recording metadata on the entire country is a massive invasion of privacy. This sort of mass-surveillance needs to be halted in its tracks. 

The post Meta data can reveal more about you than you thought first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/meta-data-can-reveal-more-about-you-than-you-thought/feed/ 4
Apple thinks someone is modifying its servers during transit https://www.kitguru.net/professional/server/jon-martindale/apple-thinks-someone-is-modifying-its-servers-during-transit/ https://www.kitguru.net/professional/server/jon-martindale/apple-thinks-someone-is-modifying-its-servers-during-transit/#comments Thu, 24 Mar 2016 18:45:20 +0000 http://www.kitguru.net/?p=287918 In the latest instance of Apple looking to distance itself from government interference, it has announced that it is now designing its own servers in-house, because it's concerned that someone is modifying its servers after they've been shipped from the manufacturer. In some cases, it believes hardware was added to provide backdoors and information harvesting …

The post Apple thinks someone is modifying its servers during transit first appeared on KitGuru.]]>
In the latest instance of Apple looking to distance itself from government interference, it has announced that it is now designing its own servers in-house, because it's concerned that someone is modifying its servers after they've been shipped from the manufacturer. In some cases, it believes hardware was added to provide backdoors and information harvesting functions for a third party.

As its services rely more and more on cloud infrastructure, making sure that it is in control of customer information is of paramount importance. So the fact that for some time it's suspected an organisation was getting a hold of servers it ordered and changing their hardware configurations during transit (as per The Information, via Ars), is worrisome.

In the past it has had employees photographing chips and individual components, questioning  manufacturers to explain the purpose of each and every one – but that is extremely laborious. Moving forward, it is looking to build its own systems in-house, thereby making it much harder for an outside organisation to modify the hardware in any way.

server

Microsoft, Facebook and Google have developed their own server platforms in the past too. Source: Wikimedia

Although Apple hasn't made any official announcement about this – and therefore this should be taken with a small pinch of salt – it has long been known that the NSA has no problem installing backdoors and tweaking hardware before it reaches the consumer. In one of the more famous instances, Kaspersky claimed that the NSA had infected the firmware of major hard drive manufacturers, to prevent its malware from being deleted by full-drive formats.

This also comes at a time where Apple has ‘won' its fight against the FBI to deliberately weaken the security on one of its devices. It seems keen to take steps to further improve security for its users, despite calls from government and intelligence agencies that encryption could prevent terrorist attacks from being detected.

This hardware hacking doesn't sound that far-fetched in the UK now either, as the new Investigatory Powers Bill, currently being rushed through parliament, has provisions to allow for the large-scale hacking of hardware devices, possibly through physical modification.

KitGuru Says: Nobody is suggesting that intelligence agencies aren't incredibly important, but when there is so little trust between them and the people they're protecting, something needs to change.

The post Apple thinks someone is modifying its servers during transit first appeared on KitGuru.]]>
https://www.kitguru.net/professional/server/jon-martindale/apple-thinks-someone-is-modifying-its-servers-during-transit/feed/ 3
NSA whistleblower AMA dumps more details on mass surveillance https://www.kitguru.net/gaming/security-software/jon-martindale/nsa-whistleblower-ama-dumps-more-details-on-mass-surveillance/ https://www.kitguru.net/gaming/security-software/jon-martindale/nsa-whistleblower-ama-dumps-more-details-on-mass-surveillance/#comments Fri, 13 Nov 2015 11:39:25 +0000 http://www.kitguru.net/?p=275035 As much as Edward Snowden might have drawn the most headlines and public attention in recent years, he's far from the only person to ever leave the NSA and blow the whistle on some of its more unscrupulous actions. Bill Binney is another such individual, having left the intelligence agency in 2001 after 30 years …

The post NSA whistleblower AMA dumps more details on mass surveillance first appeared on KitGuru.]]>
As much as Edward Snowden might have drawn the most headlines and public attention in recent years, he's far from the only person to ever leave the NSA and blow the whistle on some of its more unscrupulous actions. Bill Binney is another such individual, having left the intelligence agency in 2001 after 30 years and a tenure as its Technical Director.

Yesterday he took to Reddit to answer some questions and break down other aspects of the NSA's mass surveillance.

On the subject of the anonymising Tor browser, Binney said he believes that the NSA can track users on it in some cases, but does not find it easy by any measure. This makes sense, as we've heard of techniques like DDOSing nodes within the Tor network to send the data of individuals the NSA wishes to track through servers it controls. Binney seems confident the NSA hasn't cracked it wide open however.

One of the big problems with the NSA he says, is that its budget is out of control. There is “no oversight on NSA spending,” he said (via the Independent). This is countered somewhat by the NSA releasing its own auditing data, but it could be that he means there is no external auditing, which would mean the allocation of the NSA's budget could be all over the place.

This lack of exterior oversight means that the NSA can collect data on whoever it wants – usually everyone – which is actually something a lot of employees at the NSA weren't happy with he claims, when post 11th September attacks led to increased surveillance of the civilian populace. However many of them went along with it he said, as there is a culture of not arguing with orders from higher up.

billbinney

Source: A Good American/Twitter

Somewhat depressingly for those asking the questions, when Binney was quizzed on what the public can do to protect their data, he jokingly said “use smoke signals.” With as much as $10 billion of budget per year, he said there is almost nothing civilians can do to protect their information if the NSA wants it.

“This has to be addressed in law and legislation. Call your local governmental representative and complain, otherwise, if you sit and do nothing… you are f*****!”

It is worth considering however that Binney has been called bitter by some individuals in the past. He attempted to introduce an alternative, less intrusive tracking system for internet activity back in the early '00s, called ThinThread, but the NSA opted for TrailBlazer instead. While he did claim that TrailBlazer was too intrusive, it should be noted that he left the NSA shortly after and continued to champion his own developments over those the NSA ultimately made use of.

He was also using the AMA to help promote a film based on his time in the NSA and his ThinThread technology.

Discuss on our Facebook page, HERE.

KitGuru Says: This is a little depressing, but pragmatic advice perhaps. It is always worth taking steps to make yourself as far from the lowest hanging fruit as possible, but he's right, if the NSA wants our data there probably isn't a lot we can do to stop it. 

The post NSA whistleblower AMA dumps more details on mass surveillance first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/nsa-whistleblower-ama-dumps-more-details-on-mass-surveillance/feed/ 3
Police push for ability to view web history without warrants https://www.kitguru.net/channel/jon-martindale/police-push-for-ability-to-view-web-history-without-warrants/ https://www.kitguru.net/channel/jon-martindale/police-push-for-ability-to-view-web-history-without-warrants/#comments Fri, 30 Oct 2015 11:26:33 +0000 http://www.kitguru.net/?p=273590 Police in the UK are lobbying the government to give them the powers to look at what they describe as the “where, when and what,” of online activities, essentially letting them view the browsing history of every single internet user in the UK, without being issued a warrant. The reasoning they claim, is that with more …

The post Police push for ability to view web history without warrants first appeared on KitGuru.]]>
Police in the UK are lobbying the government to give them the powers to look at what they describe as the “where, when and what,” of online activities, essentially letting them view the browsing history of every single internet user in the UK, without being issued a warrant. The reasoning they claim, is that with more and more transactions being carried out online,  traditional methods of surveillance just can't keep an eye on people like they used to.

“Five years ago, [a suspect] could have physically walked into a bank and carried out a transaction. We could have put a surveillance team on that but now, most of it is done online. We just want to know about the visit,” said Richard Berry (via the Guardian), a spokesperson for the National Police Chief's council and assistant chief constable at Gloucestershire police.

overshoulder
‘What's that some kind of illegal porn?! Oh, it's a medical device? Log his activity anyway…'  Source: Wikimedia

Perhaps not believing his own argument, Berry did clarify that he would consider it much too “intrusive,” for officers to be able to read the content of online actions such as as search results and social networking messages and said that a warrant should be required in those instances. He did say however that the measures being proposed were no different than what the police were already capable of doing with telephone records.

These are the sorts of measures that the Theresa May pushed ‘Snooper's Charter' were meant to implement, but it was initially shot down by the Liberal Democrats when they were part of the last government's coalition. However it may be that the Investigatory Powers Bill announced earlier this year and set to come into force soon, will provide many of these same powers to police forces and intelligence agencies, despite the concern of privacy advocates.

Discuss on our Facebook page, HERE.

KitGuru Says: The two scenarios Berry is talking about are apples and oranges. It's totally different to have ISPs log the activities of every single customer's online activity, than it is to look at security footage of someone who is thought to have committed a crime and tailing them. Just because it's harder to do that online, doesn't mean everyone should have every action they make on the internet recorded for posterity and potential criminal investigations. 

The post Police push for ability to view web history without warrants first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/police-push-for-ability-to-view-web-history-without-warrants/feed/ 3
EU Parliament calls on countries to pardon Snowden, give asylum https://www.kitguru.net/channel/jon-martindale/eu-parliament-calls-on-countries-to-pardon-snowden-give-asylum/ https://www.kitguru.net/channel/jon-martindale/eu-parliament-calls-on-countries-to-pardon-snowden-give-asylum/#comments Fri, 30 Oct 2015 10:53:21 +0000 http://www.kitguru.net/?p=273586 Despite the United States continued stance that Edward Snowden needs to come home from Russia and face the music of his document stealing actions, the European Parliament has further solidified his position as a whistleblower by voting – by a slim margin – for EU nations to pardon him for all crimes and to provide …

The post EU Parliament calls on countries to pardon Snowden, give asylum first appeared on KitGuru.]]>
Despite the United States continued stance that Edward Snowden needs to come home from Russia and face the music of his document stealing actions, the European Parliament has further solidified his position as a whistleblower by voting – by a slim margin – for EU nations to pardon him for all crimes and to provide asylum and prevent any extradition to the U.S. Although Snowden appeared humbled and pleased with the move, experts warn that it is a non-binding resolution and could be ignored.

When the numbers eventually came in, EU MPs voted 285 to 281 to drop the charges against him and give him protection within their borders. Snowden himself said that the move was a “game changer,” but wasn't a “blow against the U.S. government, but an open hand extended by friends.”

Of course this isn't a ruling that the U.S. is likely to be pleased with as its extradition treaties with many European nations would see it put immense pressure on them if Snowden did cross into their borders. As a non-binding resolution it is not something that the EU can enforce on its member states, but this vote is considered a way of it voicing its approval in one particular direction, as well as the concerns of the various MPs' constituents.

eup
Source: Wikimedia

As much as the Snowden ruling is a positive one for privacy campaigners though, another vote that took place recently ruled that a majority of EU MPs consider that too little is being done to “safeguard citizens' fundamental rights following revelations of electronic mass surveillance,” as per Ars.

The resolution passed at an even greater margin, 342 to 274. In a statement the parliament said that it was concerned about “recent laws in some member states that extend surveillance capabilities of intelligence bodies,” specifically citing the Netherlands and the UK as being problematic. Germany was also highlighted, with the BND intelligence agency said to have too close ties with the United States' NSA.

Better online privacy protections are needed the EU said, as well as “meaningful democratic oversight of intelligence activities.”

Discuss on our Facebook page, HERE.

KitGuru Says: Although David Cameron seems more than happy to just ignore rulings like these, announcing yesterday that he would just write in new porn-blocking laws to British legislation in order to get around their illegality under new EU law, it does feel like Europe at least offers some sort of protection against too heavy handed internet legislation.

The post EU Parliament calls on countries to pardon Snowden, give asylum first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/eu-parliament-calls-on-countries-to-pardon-snowden-give-asylum/feed/ 3
Snowden breaks cover and chats with Neil Degrasse Tyson on Twitter https://www.kitguru.net/channel/jon-martindale/snowden-breaks-cover-and-chats-with-neil-degrasse-tyson-on-twitter/ https://www.kitguru.net/channel/jon-martindale/snowden-breaks-cover-and-chats-with-neil-degrasse-tyson-on-twitter/#comments Wed, 30 Sep 2015 08:04:26 +0000 http://www.kitguru.net/?p=270026 As much as Edward Snowden has been a popular public figure over the past couple of years after he revealed the depths of intelligence agency spying in America and around the world, he's had to live in relative hiding within Russia since. While he's made the odd video appearance at conferences and events to discuss …

The post Snowden breaks cover and chats with Neil Degrasse Tyson on Twitter first appeared on KitGuru.]]>
As much as Edward Snowden has been a popular public figure over the past couple of years after he revealed the depths of intelligence agency spying in America and around the world, he's had to live in relative hiding within Russia since. While he's made the odd video appearance at conferences and events to discuss personal privacy and encryption, Snowden hasn't been very reachable. Now though you can tweet the man directly, as he has a verified Twitter account.

Announcing his presence on the site with a “can you hear me now?” notice, Snowden then took to answering tweets from a fan of his, renowned astrophysicist and presenter, Neil Degrasse Tyson.

follower
Snowden certainly has kept his sense of humor

Tyson welcomed the exiled whistle blower to the platform, before asking him what was keeping him busy day to day. Snowden highlighted his work with a press freedoms organisation which is currently working with The Intercept, an online news source edited by Glenn Greenwald, who initially released some of the documents Snowden spirited away from the NSA.

The pair continued their back and forth, with Tyson asking what Snowden thought of the labels people tagged him with. Names like traitor. Snowden answered that they were mostly unimportant (including the good ones) and that he wouldn't allow any of them to halt his progress.

Tyson continued to geek out at the exchange, thanking Snowden at the end for championing free speech.

Snowden's last message to the world was a fun poking at the NSA's expense, stating: “Meanwhile, a thousand people at Fort Meade just opened Twitter.”

Discuss on our Facebook page, HERE.

KitGuru Says: Are there any particular questions you guys would like to ask Snowden? If so, give it a shot, you never know, he may answer. 

The post Snowden breaks cover and chats with Neil Degrasse Tyson on Twitter first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/snowden-breaks-cover-and-chats-with-neil-degrasse-tyson-on-twitter/feed/ 3
Microsoft and US still butting heads over data stored in Ireland https://www.kitguru.net/channel/generaltech/matthew-wilson/microsoft-and-us-still-butting-heads-over-data-stored-in-ireland/ https://www.kitguru.net/channel/generaltech/matthew-wilson/microsoft-and-us-still-butting-heads-over-data-stored-in-ireland/#comments Thu, 10 Sep 2015 15:47:23 +0000 http://www.kitguru.net/?p=267247 Microsoft and the US Department of Justice are still butting heads over access to data stored on the company's Ireland based servers. The US has been trying to force Microsoft in to giving it access to information in the firm's datacentre in Ireland for some time now and Microsoft is continuing to fight them at …

The post Microsoft and US still butting heads over data stored in Ireland first appeared on KitGuru.]]>
Microsoft and the US Department of Justice are still butting heads over access to data stored on the company's Ireland based servers. The US has been trying to force Microsoft in to giving it access to information in the firm's datacentre in Ireland for some time now and Microsoft is continuing to fight them at every turn.

The courts actually granted a search warrant for the Department of Justice to access Microsoft's servers but in December 2014, the company filed an appeal: “Microsoft is challenging a US government search warrant seeking access to customer emails in Dublin. Lower courts ruled in favour of the government and Microsoft appealed to the US Court of Appeals, filing its first brief with the Second Circuit in December 2014”, Microsoft said in a brief (Via: The Inquirer)

new-microsoft-logo

Since Microsoft's brief filing, the case has attracted input from 28 other technology and media companies, 23 trade associations, the Irish government and a member of the European Parliament, and we already know how protective the EU is over privacy, you only need to look at Google's ‘right to be forgotten' to see proof of that.

“The power of a subpoena to reach business records anywhere in the world has only ever applied to a company's own records, not to private documents it holds in trust for its customers. A customer's private email correspondence is no different from the contents of a safe deposit box or the letter inside a FedEx envelope. Like those physical letters, an electronic message belongs to the customer alone, not the email provider.”

Discuss on our Facebook page, HERE.

KitGuru Says: Microsoft has gained a lot of support for standing up to the US government in this case. User privacy and protection from prying eyes has become a big concern over the last couple of years so I imagine many will be glad to see Microsoft continuing to argue its case here. 

The post Microsoft and US still butting heads over data stored in Ireland first appeared on KitGuru.]]>
https://www.kitguru.net/channel/generaltech/matthew-wilson/microsoft-and-us-still-butting-heads-over-data-stored-in-ireland/feed/ 2
U.S. and EU near agreement on data sharing https://www.kitguru.net/channel/jon-martindale/u-s-and-eu-near-agreement-on-data-sharing/ https://www.kitguru.net/channel/jon-martindale/u-s-and-eu-near-agreement-on-data-sharing/#comments Thu, 06 Aug 2015 09:52:02 +0000 http://www.kitguru.net/?p=262581 Since the Edward Snowden revelations about the NSA, GCHQ and international data gathering and sharing came out in 2013, the world has been trying to figure out the right balance between privacy and security. To that end, the European Commission has been in talks with U.S. representatives to renegotiate “safe harbour,” laws put in place …

The post U.S. and EU near agreement on data sharing first appeared on KitGuru.]]>
Since the Edward Snowden revelations about the NSA, GCHQ and international data gathering and sharing came out in 2013, the world has been trying to figure out the right balance between privacy and security. To that end, the European Commission has been in talks with U.S. representatives to renegotiate “safe harbour,” laws put in place in 2000, which allowed much more liberal sharing of data. According to a new document leak, they're now close to reaching an agreement.

The difficulty in these discussions comes from the fact that many companies and organisations currently take advantage of the safe-harbour rules. However, the Commission was keen to see the U.S. provide assurances that it would only gather data on European citizens it was deemed appropriate and necessary.

spyvsspyt
If only spying were as simple as the games we play

According to the documents Reuters claims to have been privy to, the new deal being hashed out will make it so that U.S. companies have stricter rules on who they can send data too. This is to stop them circumventing data protection laws by sending data to a third party that isn't governed by the regulations – though presumably those restrictions won't have any effect on sending the information to government agencies.

While the details of the deal are yet to be announced, it's thought likely that new provisions to aid protection of those living outside the U.S. will be implemented, as President Obama has previously made assurances that current laws in place to prevent too much data being gathered on United States citizens will be extended to foreigners too.

Discuss on our Facebook page, HERE.

KitGuru Says: I don't have much hope with these being ironclad or preventing U.S. oversight, but if we can tighten protection standards a little more that wouldn't hurt. 

The post U.S. and EU near agreement on data sharing first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/u-s-and-eu-near-agreement-on-data-sharing/feed/ 3
Wikileaks release suggests NSA spied on Germany pre-11th Sept. https://www.kitguru.net/channel/jon-martindale/wikileaks-release-suggests-nsa-spied-on-germany-pre-11th-sept/ https://www.kitguru.net/channel/jon-martindale/wikileaks-release-suggests-nsa-spied-on-germany-pre-11th-sept/#respond Wed, 22 Jul 2015 09:42:01 +0000 http://www.kitguru.net/?p=260120 Although many people believe that intelligence agencies are a major part of a modern society's national defence, most of the big name ones have been through the ringer in recent years for unlawful spying on their own citizens and allies. However it turns out the NSA has been doing that for far longer than expected, as …

The post Wikileaks release suggests NSA spied on Germany pre-11th Sept. first appeared on KitGuru.]]>
Although many people believe that intelligence agencies are a major part of a modern society's national defence, most of the big name ones have been through the ringer in recent years for unlawful spying on their own citizens and allies. However it turns out the NSA has been doing that for far longer than expected, as new documents released by Wikileaks suggest that the NSA spied on German ministers as far back as 1998.

The targets included vice chancellor and foreign minister Joschka Fischer and current minister for foreign affairs, Frank-Walter Steinmeier. While they were spied upon for many years, the most damning evidence released is a recorded phone call made by Steinmeier following a meeting with his opposite number in the US, secretary of state (at the time) Condoleezza Rice in 2005.

However as damning as it may be that the NSA recorded phone calls of foreign politicians of allied nations, the fact that Steinmeier softballed his counterpart when he was supposed to be asking hard questions is perhaps more so.

steinmeier
Steinmeier is still a prominent figure in German politics

In the recorded call he was to said to have expressed relief that he had not been given a definitive answer to concerns that the US was involved in abduction and interrogation of European nationals at ‘black sites' with the cooperation of several EU nations.

“Today's publication indicates that the NSA has been used to help the CIA kidnap and torture with impunity,” said Wikileaks founder Julian Assange in a statement. “For years the CIA was systematically abducting and torturing people, with the tacit complicity of European governments.”

“In 2005 German Foreign Minister Steinmeier was thrilled that his tactic of asking Condoleezza Rice no hard questions about CIA renditions had worked. The US said nothing that would require him to do anything. And how do we know about it? Because the National Security Agency was gloating to the US senior executive about intercepting this cowardly display. Nobody comes out of this looking good.”

In total, some 20 names and numbers have been documented by Wikileaks, suggesting that throughout the '00s the NSA had unprecedented access to German politics. Previously we learned that the NSA had hacked the phone of current German chancellor Angela Merkel, back in 2014 and more recently, French politicians were spied on too.

Discuss on our Facebook page, HERE.

KitGuru Says: Quite a damning release for all involved. It might be prudent to start asking who the NSA doesn't spy on at this point. I feel like it would be a much shorter list. 

The post Wikileaks release suggests NSA spied on Germany pre-11th Sept. first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/wikileaks-release-suggests-nsa-spied-on-germany-pre-11th-sept/feed/ 0
NSA’s XKEYSCORE can identify you via repeated passwords https://www.kitguru.net/gaming/security-software/jon-martindale/nsas-xkeyscore-can-identify-you-via-repeated-passwords/ https://www.kitguru.net/gaming/security-software/jon-martindale/nsas-xkeyscore-can-identify-you-via-repeated-passwords/#comments Mon, 06 Jul 2015 09:26:28 +0000 http://www.kitguru.net/?p=257547 When we first learned about the NSA's XKEYSCORE software back in the 2013 Edward Snowden revelations, it was clear that it was (and is) a pretty versatile piece of software, able to parse huge swatches of recorded information in order to store the most juicy bits of data on every person that holds some interest …

The post NSA’s XKEYSCORE can identify you via repeated passwords first appeared on KitGuru.]]>
When we first learned about the NSA's XKEYSCORE software back in the 2013 Edward Snowden revelations, it was clear that it was (and is) a pretty versatile piece of software, able to parse huge swatches of recorded information in order to store the most juicy bits of data on every person that holds some interest for the intelligence agency. Now though, thanks to more document reveals from that same NSA contractor, we know that it stores passwords and emails and can even identify people by their reuse of the same login information.

This is an important part of what the NSA does with its snooping, because as many anti-pirate organisations have shown, identifying someone online can actually be quite difficult. An IP address is a good start, but that may point to a university, cafe or at best, a flat with the potential for multiple occupants. Figuring out who exactly is inputting certain information is much easier with XKEYSCORE around though, since it looks at things like password reuse – the more unique the better – and browser cookies.

This means that with or without a VPN, with or without a private Wi-Fi connection, the NSA can figure out who's who by tracking the similarity of their login details across various sites and services.

xkeyscore
Image source: The Intercept

This is even more pronounced on smartphones, where The Intercept explains a similar, but less powerful, tool called BADASS is used. It's whole purpose is to hoover up details on individuals using leaky smartphone applications. Often those apps use analytics software to learn what users want and therefore how to make better games and apps, or to improve the marketing of adverts to those individuals. That means unique identifiers, which if not secure properly, are hoovered up by the NSA to continue to augment its data collection.

Of course none of this would be too problematic if the tools were specifically targeted at international criminals, terrorist groups and other nefarious individuals. However the document dump also reveals that the NSA repeatedly used its snooping software on allied nations and friendly targets. In one instance, it used the programs to learn the talking points of UN Secretary General Ban Ki-moon before he met with President Obama in 2013.

The NSA does not deny these claims, but insists that it is stringent in its protection of individual privacy: “The National Security Agency’s foreign intelligence operations are 1) authorized by law; 2) subject to multiple layers of stringent internal and external oversight; and 3) conducted in a manner that is designed to protect privacy and civil liberties. As provided for by Presidential Policy Directive 28 (PPD-28), all persons, regardless of their nationality, have legitimate privacy interests in the handling of their personal information. NSA goes to great lengths to narrowly tailor and focus its signals intelligence operations on the collection of communications that are most likely to contain foreign intelligence or counterintelligence information.”

Discuss on our Facebook page, HERE.

KitGuru Says: This sort of power to snoop into everyone's lives through their highly personal and professional communication is dangerous on many levels, but perhaps most so because it dehumanises the people it tracks. It turns those viewing it into voyeuristic gods, rather than the protectors of those people's country and interests, which is the whole point of the intelligence agencies in the first place.  

The post NSA’s XKEYSCORE can identify you via repeated passwords first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/nsas-xkeyscore-can-identify-you-via-repeated-passwords/feed/ 1
French politicians sound off on NSA spying https://www.kitguru.net/gaming/security-software/jon-martindale/french-politicians-sound-off-on-nsa-spying/ https://www.kitguru.net/gaming/security-software/jon-martindale/french-politicians-sound-off-on-nsa-spying/#comments Thu, 25 Jun 2015 10:03:43 +0000 http://www.kitguru.net/?p=256069 In the aftermath of revelations that the USA spent half a decade spying on France's presidents and members of its cabinet, discovering phone call meta data and occasionally content, many French politicians have made public statements condemning the actions. Although many suspect little will happen behind the scenes due to the tight relationship France's intelligence agencies …

The post French politicians sound off on NSA spying first appeared on KitGuru.]]>
In the aftermath of revelations that the USA spent half a decade spying on France's presidents and members of its cabinet, discovering phone call meta data and occasionally content, many French politicians have made public statements condemning the actions. Although many suspect little will happen behind the scenes due to the tight relationship France's intelligence agencies have with the NSA, publicly at least, they are kicking up quite a stink. Some politicians are even calling for a block on the controversial trade agreement, TTIP in response.

francois

Hollande promised Obama a knuckle sandwhich, but settled for some mild assurances

Following Wikileaks' unveiling of the documents, French president Francois Hollande spoke with President Obama, who reassured him that the USA was “no longer,” spying on the European country. While this may have placated the current French administration however, many other politicians and prominent members of the public have spoken out against it. Current Prime Minister Manuel Valls was one of the latest, stating that the US “must work to repair relations with France,” in a speech to parliament (via The Local).

Earlier, co-president of the Left Party, Jean-Luc Mélenchon, said that negotiations on the much decried TTIP trade deal should be halted in response to the news. This was an opinion shared by Marine Le Pen, president of France's third largest political party. However Mélenchon went further still, and suggested that France should offer asylum to both Wikileaks founder Julian Assange – who is currently holed up in the Ecuadorian embassy in London – and Edward Snowden, who resides somewhere in Russia.

Ex-president and one of the people purportedly spied on by the US, Jacques Chirac, also stated publicly that he thought the spying was “unacceptable” and “shocking.”

The French government said that several meetings have taken place with its own intelligence and security personnel in the wake of the leaked documents, and it will send its team to meet with NSA representatives in order to discuss it further.
Despite all of the bluster though, many experts believe it's mostly for show and that the US and France are too close behind the scenes to let this spoil their relationship.

“It’s a storm in a tea cup. Nothing will happen and it will be allowed to blow over,” said Nicolas Duncan, a senior fellow at the Atlantic Council. He went on to suggest that France and the US know what the other is capable of and likely were at least partially aware of what was going on.

Discuss on our Facebook page, HERE.

KitGuru Says: While I think we can all assume that some spying takes place in every advanced country, this feels very similar to the NSA's spying on its citizens Treating everyone like the enemy does not foster comfortable relationships. 

The post French politicians sound off on NSA spying first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/french-politicians-sound-off-on-nsa-spying/feed/ 1
Wikileaks documents show US spied on French presidents https://www.kitguru.net/gaming/security-software/jon-martindale/wikileaks-documents-show-us-spied-on-french-presidents/ https://www.kitguru.net/gaming/security-software/jon-martindale/wikileaks-documents-show-us-spied-on-french-presidents/#comments Wed, 24 Jun 2015 08:09:10 +0000 http://www.kitguru.net/?p=255928 Apparently not content with snooping on the smartphone of the German chancellor Angela Merkel, the NSA also spent over half a decade spying on the last three French presidents, Jacques Chirac, Nicolas Sarkozy and Francois Hollande between 2006 and 2012, according to some newly leaked Wikileaks documents. Titled, “Espionnage Élysée”, they show how the US had phone …

The post Wikileaks documents show US spied on French presidents first appeared on KitGuru.]]>
Apparently not content with snooping on the smartphone of the German chancellor Angela Merkel, the NSA also spent over half a decade spying on the last three French presidents, Jacques Chirac, Nicolas Sarkozy and Francois Hollande between 2006 and 2012, according to some newly leaked Wikileaks documents. Titled, “Espionnage Élysée”, they show how the US had phone data and recordings of conversations held by each president, including one that showed frustration at the US' continued snooping, suggesting France was aware at the time.

Although it can be assumed that all nations spy on each other's actions to some extent, the fact that the US would go so far as to infiltrate the phones of several presidents of an officially allied nation, doesn't foster confidence for its other friends.

nsafrance

WikiLeaks founder Julian Assange said in a statement: “The French people have a right to know that their elected government is subject to hostile surveillance from a supposed ally. We are proud of our work with leading French publishers Liberation and Mediapart to bring this story to light. French readers can expect more timely and important revelations in the near future.”

Indeed if the fallout in France is anything like that which took place in Germany after the announcement of Merkel's phone being hacked, there may be some unrest in France as people demand to know whether that was intelligence agency collusion, or a failing of local protective efforts. Current president, François Hollande, has said that he will convene a meeting of his defence council to discuss the government's response to the revelations.

The NSA has refused to comment, other than saying in general, it does not conduct “foreign intelligence surveillance unless there is a specific and validated national security purpose.”

Discuss on our Facebook page, HERE.

KitGuru Says: One of the leaked NSA reports highlights just how long the current problems with Greece have been ongoing. Dated back to May 2012, the documents talks about the potential for a “Eurozone crisis,” if Greece were to exit from the EU. 

The post Wikileaks documents show US spied on French presidents first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/wikileaks-documents-show-us-spied-on-french-presidents/feed/ 1
NSA and GCHQ reverse engineering anti-virus software https://www.kitguru.net/gaming/security-software/jon-martindale/nsa-and-gchq-reverse-engineering-anti-virus-software/ https://www.kitguru.net/gaming/security-software/jon-martindale/nsa-and-gchq-reverse-engineering-anti-virus-software/#comments Tue, 23 Jun 2015 09:48:45 +0000 http://www.kitguru.net/?p=255702 In the name of thwarting terrorism, British and US intelligence agencies have taken part in many questionable practices over the past few years. Often those actions are considered legally dubious by various international authorities, but that hasn't stopped them pushing full speed ahead. In a new round of document reveals from Edward Snowden, we've now …

The post NSA and GCHQ reverse engineering anti-virus software first appeared on KitGuru.]]>
In the name of thwarting terrorism, British and US intelligence agencies have taken part in many questionable practices over the past few years. Often those actions are considered legally dubious by various international authorities, but that hasn't stopped them pushing full speed ahead. In a new round of document reveals from Edward Snowden, we've now learned that both the NSA and GCHQ attempted to reverse engineer commercial anti-virus software in order to infiltrate end user systems for monitoring purposes.

Revealed in a new exposé by The Intercept, the documents show how the NSA and GCHQ specifically went after the Russian owned Kaspersky labs, with a warrant renewal request stating that without being able to bypass commercial anti-virus software, the intelligence agencies' actions would be “detected.”

gchq
Make your own Goatse jokes people. 

The NSA also targets foreign anti-virus firm employee emails for more in depth surveillance, in order for it to learn about new vulnerabilities and problems before anyone else. The implication is that it's doing so in order to learn about flaws in anti-virus software, which it can then exploit.

Kaspersky Labs issued a statement on the matter, stating how worrisome such government agency actions were:

“It is extremely worrying that government organizations would be targeting us instead of focusing resources against legitimate adversaries, and working to subvert security software that is designed to keep us all safe. However, this doesn’t come as a surprise. We have worked hard to protect our end users from all types of adversaries. This includes both common cyber-criminals or nation state-sponsored cyber-espionage operations.”

This specific focus on going after the Russian anti-malware company may further divide the security services around the world, who already appear to be siding with their nation's intelligence agencies, in order to point out the failings of their international counterparts, rather than focusing on protecting consumers.

Discuss on our Facebook page, HERE.

KitGuru Says: Although the NSA and GCHQ have taken part in a lot of underhanded tactics, going after commercial anti-virus firms seems such an error in philosophy. It seems like they see enemies everywhere. 

Image source: Wikimedia

The post NSA and GCHQ reverse engineering anti-virus software first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/nsa-and-gchq-reverse-engineering-anti-virus-software/feed/ 5
Dotcom demands independent analysis over alleged US trojans https://www.kitguru.net/gaming/security-software/jon-martindale/dotcom-demands-independent-analysis-over-alleged-us-trojans/ https://www.kitguru.net/gaming/security-software/jon-martindale/dotcom-demands-independent-analysis-over-alleged-us-trojans/#respond Tue, 02 Jun 2015 10:33:37 +0000 http://www.kitguru.net/?p=252294 One of the biggest back and forth struggles of the Kim Dotcom legal saga, was that the US wanted access to his decryption keys so that it could look into the data held on his personal systems, which were seized as part of the raid on his New Zealand mansion in 2012. However according to …

The post Dotcom demands independent analysis over alleged US trojans first appeared on KitGuru.]]>
One of the biggest back and forth struggles of the Kim Dotcom legal saga, was that the US wanted access to his decryption keys so that it could look into the data held on his personal systems, which were seized as part of the raid on his New Zealand mansion in 2012. However according to one of the German national's lawyers, the NSA and FBI may have had access all along and to prove it, they now want an independent security expert to analyse his computers to see if trojans created by the intelligence agency were previously installed.

dotcomparty
Image source: Wikimedia

The lawyer representing Dotcom claims that the reason the drivers were infected with the malware was to give the FBI and other organisations access to the original data on Dotcom's machines. Initially it was planned for them to be cloned and sent to the US – though some argued that it would save time and money to send the original drives. Dotcom's lawyers protested that the originals should stay in country, at least until the outcome of the extradition trial. It's then he said, that the US authorities attempted to infect Dotcom's hardware.

Now they want an independent test to prove it and they want it to take place before the extradition trial, currently set to take place in September. The court is now considering the matter and will respond in short order.

Discuss on our Facebook page, HERE.

KitGuru Says: As much as it wouldn't surprise me if the FBI or the NSA used malware to infect Dotcom's systems, this sounds more like a delaying tactic from Dotcom's legal team than anything else. They've been pushing back the date for years already, despite the man's funds running low and this just seems like another way to give him a bit more time to distance himself from the original allegations.

[Thanks Stuff]The post Dotcom demands independent analysis over alleged US trojans first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/dotcom-demands-independent-analysis-over-alleged-us-trojans/feed/ 0
US phone tapping clause expires, NSA halts servers https://www.kitguru.net/gaming/security-software/jon-martindale/us-phone-tapping-clause-expires-nsa-halts-servers/ https://www.kitguru.net/gaming/security-software/jon-martindale/us-phone-tapping-clause-expires-nsa-halts-servers/#comments Mon, 01 Jun 2015 10:41:03 +0000 http://www.kitguru.net/?p=252064 Whoever said talking too much was a bad thing? Thanks to unending debates, filibusters and a growing unease at the US government's willingness to spy on its own citizens, the clause within the Patriot Act that allowed the NSA to record every phone call made by a member of the public within its borders, has …

The post US phone tapping clause expires, NSA halts servers first appeared on KitGuru.]]>
Whoever said talking too much was a bad thing? Thanks to unending debates, filibusters and a growing unease at the US government's willingness to spy on its own citizens, the clause within the Patriot Act that allowed the NSA to record every phone call made by a member of the public within its borders, has expired. This has forced the NSA to halt its servers that were previously engaged in the recording practice and has seen a flurry of activity to push through new legislation which would extend current US spying powers.

The particular part of the Patriot Act, initially signed in by George Bush in the wake of the World Trade Centre attack of 2001, expired at midnight EST. While the US Senate did meet on Sunday to try and pass an extension or renewal of the bill, it was blocked by an extended speech by Republican – and potential 2016 presidential candidate – Rand Paul, who deliberately continued talking for hours in order to make a vote impossible.

nsahq

The Obama administration has decried these efforts, suggesting that it was “irresponsible,” of the senate not to reinstate the Patriot Act's clause, even claiming that it had threatened national security. However, behind the scenes it has been pushing for the instigation of a new bill known as the Freedom Act. While initially designed as a piece of legislation that would improve intelligence agency transparency and allow companies to appeal data requisitions, it has been watered down and in many ways expands current spying powers.

While this act is likely to be voted in within the next few days to shore up the hole left by the expiring Patriot Act clause, Rand Paul spent much of his speech yesterday criticising it, arguing that the mass collection of American citizens' data was unconstitutional and illegal (via BBC).

While other republicans criticsed Paul's actions, suggesting he was grandstanding rather than considering the safety of the nation, he has remained steadfast that he believes spying on citizens is not right and has repeatedly attacked national spying and data collection in the past.

Discuss on our Facebook page, HERE.

KitGuru Says: I'm really quite jealous the Americans have someone like Rand Paul. I've yet to see any prominent politicians stand up for the human right to privacy in the UK. All of the big parties seem more than happy for our data to be hoovered up by GCHQ.

Image source: Wikimedia

The post US phone tapping clause expires, NSA halts servers first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/us-phone-tapping-clause-expires-nsa-halts-servers/feed/ 3
US appeals court declares NSA spying illegal https://www.kitguru.net/channel/jon-martindale/us-appeals-court-declares-nsa-spying-illegal/ https://www.kitguru.net/channel/jon-martindale/us-appeals-court-declares-nsa-spying-illegal/#comments Fri, 08 May 2015 09:10:38 +0000 http://www.kitguru.net/?p=248552 Despite British MP's quickly jumping on the idea of increasing the amount of spying that agencies like GCHQ perform against the British public, across the pond things don't look quite so rosy for the intelligence agencies. The NSA's record of spying on US citizens has been deemed illegal by a federal appeals court, paving the …

The post US appeals court declares NSA spying illegal first appeared on KitGuru.]]>
Despite British MP's quickly jumping on the idea of increasing the amount of spying that agencies like GCHQ perform against the British public, across the pond things don't look quite so rosy for the intelligence agencies. The NSA's record of spying on US citizens has been deemed illegal by a federal appeals court, paving the way for legal action against the state and its federal agencies, and potentially even leading to a cessation of all related schemes.

While government and agency officials argued that the Patriot act, which allows for data seizure and collection to help fight terrorism, covered its spying programs, the appeals court did not agree. While it could be used to target individuals it said, the act did not give the NSA or anyone else the right to collect mass phone records on the US populace.

“Such expansive development of government repositories of formerly private records would be an unprecedented contraction of the privacy expectations of all Americans,” said Circuit Judge Gerard Lynch. “We would expect such a momentous decision to be preceded by substantial debate, and expressed in unmistakable language. There is no evidence of such a debate.”

nsahq

He then put the continuation of such programs in the hands of congress, overruling a 2013 decision that declared the NSA programs lawful. However, he did stop short of saying that the NSA had violated the terms of the US constitution.

What happens next will certainly be interesting, though according to Reuters, we may see a big revamp of the NSA's spying systems, as even President Obama has shown interest in ending much of what they do while preserving its “essential capabilities.”

Discuss on out Facebook page, HERE.

KitGuru says: This is pretty excellent news for anyone that's a fan of personal privacy, but it's only the first step to having the programs stopped in their tracks. Hopefully rulings like this will make British MPs think twice about further extending snooping laws.

Image source: Wikimedia

The post US appeals court declares NSA spying illegal first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/us-appeals-court-declares-nsa-spying-illegal/feed/ 2
The NSA wants ‘front door’ access to encrypted data https://www.kitguru.net/gaming/security-software/matthew-wilson/the-nsa-wants-front-door-access-to-encrypted-data/ https://www.kitguru.net/gaming/security-software/matthew-wilson/the-nsa-wants-front-door-access-to-encrypted-data/#comments Mon, 13 Apr 2015 12:34:47 +0000 http://www.kitguru.net/?p=244789 You probably know by now that the biggest tech companies in the US are currently battling it out with the NSA over data encryption and what the US government should be allowed to access. Since back door access to customer data is clearly out of the question following the Snowden leaks, the NSA is trying …

The post The NSA wants ‘front door’ access to encrypted data first appeared on KitGuru.]]>
You probably know by now that the biggest tech companies in the US are currently battling it out with the NSA over data encryption and what the US government should be allowed to access. Since back door access to customer data is clearly out of the question following the Snowden leaks, the NSA is trying a new approach, seeking ‘front door’ access instead.

Last month, companies like Microsoft, Apple and Google, urged the Obama administration to stop the NSA from collecting mass amounts of data. However, the NSA continues to hide behind the idea that the government needs access to encrypted smartphone data and other devices in order to track criminal activity.

nsa

NSA Director, Michael S. Rogers, has a new idea, suggesting that tech companies could create a master multi-part encryption key capable of unlocking any device, with the key being broken in to multiple pieces, no single entity could actually use it without everyone else being on-board.

During a speech at Princeton University, Rogers (Via The Washington Post) said: “I don’t want a back door, I want a front door. And I want the front door to have multiple locks. Big locks.”

This new ‘front door’ would allow for essential security measures, while also keeping data safe. However, the key argument here is that just having a master security key in existence brings along some hefty security flaws.

Discuss on our Facebook page, HERE.

KitGuru Says: This is just one of the ideas that the White House is currently considering, as it prepares to introduce changes to the way the NSA operates and encrypted data is handled. However, at this point, the NSA having any access to data is going to be looked at unfavourably by many.

Source: The Washington Post (Via: Engadget, The Verge)

The post The NSA wants ‘front door’ access to encrypted data first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/matthew-wilson/the-nsa-wants-front-door-access-to-encrypted-data/feed/ 2
China’s ‘Great Cannon’ could be its most powerful digital weapon https://www.kitguru.net/gaming/security-software/jon-martindale/chinas-great-cannon-could-be-its-most-powerful-digital-weapon/ https://www.kitguru.net/gaming/security-software/jon-martindale/chinas-great-cannon-could-be-its-most-powerful-digital-weapon/#comments Mon, 13 Apr 2015 11:04:09 +0000 http://www.kitguru.net/?p=244781 China has had a firm grasp on its country's internet for decades, with researchers in the 90's terming its mix of legislation and technological censorship, “The Great Firewall.” On a more aggressive front, it's maintained divisions of the military exclusively for hacking for years now but it may have recently given birth to an entirely new digital weapon …

The post China’s ‘Great Cannon’ could be its most powerful digital weapon first appeared on KitGuru.]]>
China has had a firm grasp on its country's internet for decades, with researchers in the 90's terming its mix of legislation and technological censorship, “The Great Firewall.” On a more aggressive front, it's maintained divisions of the military exclusively for hacking for years now but it may have recently given birth to an entirely new digital weapon that analysts are calling “The Great Cannon” and it could be the country's best offensive weapon yet.

Used for the first time at the end of March to prevent access to GitHub depositories of tools designed to aid Chinese citizens in circumventing The Great Firewall, The Great Cannon is a denial of service attack tool. However unlike other systems like the Anonymous Low Orbit Ion Cannon, which utilise the user's machine to send heavy traffic to a single domain, The Great Cannon crowdsources its efforts. Utilising China's heavy influence on local internet, authorities are able to hijack legitimate traffic and send it somewhere else entirely, acting like a man-in-the-middle.

howitzer
That's not a cannon. This is a cannon.

In the case of last month's attack on Github, traffic from the country's most popular search engine, Baidu, was redirected to GitHub. This makes tracking those responsible very difficult and could even put some of the blame of the attack at the feet of innocent web users.

However, according to researchers from the University of Toronto (via The Guardian), The Great Cannon can be linked with the Chinese government, much like The Great Firewall. This they warn, is worrying, as not only can the ‘Cannon' be used in this DDOS manner, but it could theoretically be used to make a surgical strike against any individual, stealing their information as they send it out and even infecting data they request with malware and spyware.

Of course this sort of attack tool isn't that uncommon. The NSA has one of its own.

KitGuru Says: It's a shame that Western intelligence agencies have abused our trust so much that it hardly seems that bothersome that China has such a tool. When our own government will spy on all of us, is there much worry about another doing it too?

The post China’s ‘Great Cannon’ could be its most powerful digital weapon first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/chinas-great-cannon-could-be-its-most-powerful-digital-weapon/feed/ 1
Austrians launch class action suit against Facebook https://www.kitguru.net/channel/jon-martindale/austrians-launch-class-action-suit-against-facebook/ https://www.kitguru.net/channel/jon-martindale/austrians-launch-class-action-suit-against-facebook/#comments Fri, 10 Apr 2015 09:31:24 +0000 http://www.kitguru.net/?p=244433 Since the Edward Snowden revelations of 2013, many organisations have been held under the spotlight for their collusion with the NSA and other international intelligence agencies, most notably Google and Microsoft. Facebook was involved too though, which is why a group of over 25,000 Austrians have launched a class action lawsuit against the site, for …

The post Austrians launch class action suit against Facebook first appeared on KitGuru.]]>
Since the Edward Snowden revelations of 2013, many organisations have been held under the spotlight for their collusion with the NSA and other international intelligence agencies, most notably Google and Microsoft. Facebook was involved too though, which is why a group of over 25,000 Austrians have launched a class action lawsuit against the site, for invading their personal privacy and breaching European law.

The suit, spearheaded by 27 year old Max Schrems, is demanding a compensatory amount of 500 euros (£360) each – totalling £9,000,000 if fully awarded. However a further 55,000 people have also registered to become part of the suit at a later date, suggesting the payout could be as much as three times that figure if the plaintiffs get their way.

Of course for a company like Facebook, even a sum like that would be a drop in the bucket. Instead, the suit is more about drawing attention to the company's violations of international law and setting a precedent in a legal setting for such behaviour.

owl
Having a cute Owl on your privacy page won't help you

“Basically we are asking Facebook to stop mass surveillance, to (have) a proper privacy policy that people can understand, but also to stop collecting data of people that are not even Facebook users,” said Schrems (via Guardian).

The suit was filed against Facebook's EU HQ, founded in Dublin – totally not for tax purposes – and is currently being heard in the European Court of Justice in Luxembourg. Facebook has since attempted to have the case thrown out suggesting that it was inadmissible under Austrian law.

Discuss on our Facebook page, HERE.

KitGuru Says: I feel like everyone is a loser when it comes to the NSA's spying. It's killed a lot of trust in US tech companies, gagged them from telling their customers what was going on and milked user data without informing them. 

The post Austrians launch class action suit against Facebook first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/austrians-launch-class-action-suit-against-facebook/feed/ 2
NZ journalist promises big spying revelations https://www.kitguru.net/gaming/security-software/jon-martindale/nz-journalist-promises-big-spying-revelations/ https://www.kitguru.net/gaming/security-software/jon-martindale/nz-journalist-promises-big-spying-revelations/#comments Wed, 04 Mar 2015 13:01:34 +0000 http://www.kitguru.net/?p=238618 It's no secret at this point that every member of the Five Eyes spying network (essentially every English speaking nation) has been snooping on not only their citizens, but everyone else's over the past few years, under the guise of anti-terrorism efforts. Despite this though, new revelations every few months continue to surprise with the …

The post NZ journalist promises big spying revelations first appeared on KitGuru.]]>
It's no secret at this point that every member of the Five Eyes spying network (essentially every English speaking nation) has been snooping on not only their citizens, but everyone else's over the past few years, under the guise of anti-terrorism efforts. Despite this though, new revelations every few months continue to surprise with the depths that some of the world's intelligence agencies have gone, like infecting commercial HDD firmware or hacking SIM cards. Now New Zealand journalist Nicky Hager, is promising even more scandalous spying revelations, with plans to release documents in the next 24 hours.

Although details on the release are pretty thin at the moment, the document dump is expected to provide details on a US led coalition, that involved unlawful spying on allied nations and specifically in the case of New Zealand, its Pacific neighbours.

hager2

According to the NZHerald, Hager is said to have obtained access to the revealing documents from Edward Snowden, via a partnership with The Intercept, a site that originally published many of the whistleblower's documents. Hager has said in the build up to the release, that his report will show a much deeper involvement in international spying for the New Zealand intelligence agency the GCSB. While he did admit that some of the countries that the organisation has spied on wouldn't' come as a surprise to many people, others would.

Perhaps more importantly though, Hager believes that the news won't just be shocking to the public, but to many members of the government and ministers involved with foreign policy, most of whom would be understandably perturbed to hear of allied nations being hacked and spied upon by its intelligence services.

Hager's report and accompanying articles in a number of different outlets will be published tomorrow morning in New Zealand, so in reality only a few hours from now.

KitGuru Says: One of the biggest NSA reveals was that it had tapped the phone of German Chancellor Angela Merkel. If similar accusations are thrown at the GCSB, its response and that of its government will be very interesting.

Image source: Wikipedia

The post NZ journalist promises big spying revelations first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/jon-martindale/nz-journalist-promises-big-spying-revelations/feed/ 1
Open Rights Group calls on members to combat GCHQ https://www.kitguru.net/channel/jon-martindale/open-rights-group-calls-on-members-to-combat-gchq/ https://www.kitguru.net/channel/jon-martindale/open-rights-group-calls-on-members-to-combat-gchq/#respond Fri, 27 Feb 2015 13:23:32 +0000 http://www.kitguru.net/?p=237937 The Open Rights Group is a big proponent of, above all else, open rights. That means it champions the rights of individuals online, including freedoms of expression, freedoms of speech, information and privacy. With all of the Edward Snowden revelations and similar in the past couple of years, it's had its work cut out for …

The post Open Rights Group calls on members to combat GCHQ first appeared on KitGuru.]]>
The Open Rights Group is a big proponent of, above all else, open rights. That means it champions the rights of individuals online, including freedoms of expression, freedoms of speech, information and privacy. With all of the Edward Snowden revelations and similar in the past couple of years, it's had its work cut out for it, with many a politician, lobby group and often individuals uttering the line: “if you've nothing to hide, you have nothing to fear.”

The ORG spends a lot of time combating these sorts of claims, but with the election campaign coming and the recent revelation that GCHQ had been hacking into people's sim cards, it's put the call out for members to contact the press, business leaders and their local politicians to try and explain just why the government's current interest in undermining basic digital freedoms and effective encryption are so wrong.

According to the government, GCHQ has apparently done nothing substantially wrong. Hacking into legitimate businesses, stealing data or SIM encryption keys is ok. 0wn1ng [sic] Belgacom’s networks with GCHQ malware is just targeting terrorists. Who cares if it costs them £12 million to clean up the mess GCHQ has made?” said Jim Killock, executive director of the ORG in a letter to members.

org

“Digital businesses depend on customer trust, including trust of encryption tools, which are used for all kinds of secure transactions. Cloud services need to be trusted as secure, rather than surveillance platforms, or they won’t be used.”

He later went on to ask all the group's members to get in touch if they feel strongly enough to contact influential people to explain the problems. The ORG is even offering to help coach them in how best to talk to their politicians and how to put the issues across in a concise and effective manner.

“If you have experience of this, or simply think politicians are getting this wrong, and are willing to speak up, please let us know,” the letter concludes.

You can also contact the Mr Killock using his jim.killock@openrightsgroup.org email address, and can even do so privately using his publicly available PGP key if you prefer.

KitGuru Says: My local MP is probably fed up with the number of times I've contacted him to address issues I have with his style of governance. Do any of you make a point of contacting your MP when someone bothers you?

The post Open Rights Group calls on members to combat GCHQ first appeared on KitGuru.]]>
https://www.kitguru.net/channel/jon-martindale/open-rights-group-calls-on-members-to-combat-gchq/feed/ 0
CITIZENFOUR wins an Oscar and Snowden does an AMA https://www.kitguru.net/gaming/security-software/brendan-morgan/citizenfour-wins-an-oscar-and-snowden-does-an-ama/ https://www.kitguru.net/gaming/security-software/brendan-morgan/citizenfour-wins-an-oscar-and-snowden-does-an-ama/#respond Mon, 23 Feb 2015 23:55:13 +0000 http://www.kitguru.net/?p=237080 CITIZENFOUR, the recently premiered documentary by Laura Poitras about the beginning of the Edward Snowden NSA revelations, has won an Oscar for “Best Documentary” at this year's Academy Awards ceremony. The film shows Snowden's efforts to expose the gross abuses of the US government's National Security Agency, along with the help of Laura Poitras and Glenn Greenwald. The project …

The post CITIZENFOUR wins an Oscar and Snowden does an AMA first appeared on KitGuru.]]>
CITIZENFOUR, the recently premiered documentary by Laura Poitras about the beginning of the Edward Snowden NSA revelations, has won an Oscar for “Best Documentary” at this year's Academy Awards ceremony. The film shows Snowden's efforts to expose the gross abuses of the US government's National Security Agency, along with the help of Laura Poitras and Glenn Greenwald.

The project first began back in 2013 when Poitras received an encrypted e-mail from a stranger who called himself Citizen Four. Then later that year herself, Greenwald and a colleague from the Guardian, Ewen MacAskill headed to Hong Kong to interview the mysterious Citizen Four, who as we now know, turned out to be Snowden. After Poitras and Greenwald collected the award (Snowden was unfortunately not present for obvious reasons) they, along with Snowden, have been answering questions on Reddit's /r/AskMeAnything subreddit.
snowden
After a bit of a shaky start due to some confusion over which Reddit account the NSA Snowden was going to be using, himself, Greenwald and Poitras got around to answering some pretty interesting questions in the short amount of time that they had. Snowden was a self-confessed Redditor before the leaks and even had time to display that he really is just one of us.
SuddenlySnowden
Other than that he answered a lot of questions about Moscow, where he is currently being forced to reside by the US government. He said that: “Moscow is the biggest city in Europe. A lot of people forget that. Shy of Tokyo, it's the biggest city I've ever lived in. I'd rather be home, but it's a lot like any other major city.”

He went on to talk about the effects that his leaks have had on everyone, some of these being pretty invisible, like Google and others encrypting data between their data centres and Apple doing full device encryption by default on new iPhones. He also mentioned more visible things, like individuals being careful what they say and post online and people who used to be called “NSA conspiracy theorists” are now taken very seriously.

Reddit have also made the logo of the site his proof drawing for today, which is almost better than being in an Oscar-winning film for a Redditor. If you want to have a look at all of the answers in the thread go here and start scrolling down.

Discuss on our Facebook page, HERE.

KitGuru Says: While there are some who seem to think that what Snowden did was treasonous, I can't help but think that these people seem to like living in the dark. Hopefully someday soon the US government will see the errors of its ways and Snowden will be repatriated, without having to go through the torture that the likes of Chelsea Manning is going though.

The post CITIZENFOUR wins an Oscar and Snowden does an AMA first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/brendan-morgan/citizenfour-wins-an-oscar-and-snowden-does-an-ama/feed/ 0
Spies probably have the keys to your phone https://www.kitguru.net/lifestyle/mobile/brendan-morgan/spies-probably-have-the-keys-to-your-phone/ https://www.kitguru.net/lifestyle/mobile/brendan-morgan/spies-probably-have-the-keys-to-your-phone/#respond Thu, 19 Feb 2015 23:50:36 +0000 http://www.kitguru.net/?p=236642 Everything your phone transmits to and receives from your network providers phone tower is encrypted, so that only the network operator can receive your calls and data and route them as you request. This is all encrypted with a set of keys on the sim card inside your phone and another set held by the network provider, …

The post Spies probably have the keys to your phone first appeared on KitGuru.]]>
Everything your phone transmits to and receives from your network providers phone tower is encrypted, so that only the network operator can receive your calls and data and route them as you request. This is all encrypted with a set of keys on the sim card inside your phone and another set held by the network provider, this should ensure that nobody can intercept and listen in to communications between your phone and the mobile phone tower. Unfortunately if anyone else has the network providers encryption keys, then this is no longer the case. The NSA and GCHQ have these keys.

In the latest Snowden leak (yes these revelations are still coming out) it seems that a joint task force made up of operatives from both the US NSA and the British GCHQ formed the Mobile Handset Exploitation Team (MHET) in April 2010. This team has done everything it can to totally undermine the security of the mobile infrastructure that we have in place today.
SIM
One of the main things listed in the top-secret documents provided to The Intercept by Edward Snowden is the fact that the MHET targeted a sim card company in the Netherlands that makes 2 billion SIM cards a year. They targeted Gemalto by spying on its employees, both sales staff and engineering teams and have boasted that “[We] believe we have their entire network”.

They also have the encryption keys, known as a “Ki”, for every sim produced and seem to have, or at least had access to the authentication servers that generate these keys. This means that they would be able to intercept and decrypt live calls on any network that was using Gemalto sim cards, some 450 wireless network providers around the world in 85 countries. This would be without any warrant needed and neither the user nor the network operator would be any the wiser. Christopher Soghoian, the principal technologist for the American Civil Liberties Union said, “The news of this key theft will send a shock wave through the security community.”

Discuss on our Facebook page, HERE.

KitGuru Says: The only silver lining here is that apps that pass encrypted data over these connections are still secure as far as we know. So the likes of TextSecure, SilentText, Signal and Whatsapp should still be out of the line of fire.

Source: The Intercept

The post Spies probably have the keys to your phone first appeared on KitGuru.]]>
https://www.kitguru.net/lifestyle/mobile/brendan-morgan/spies-probably-have-the-keys-to-your-phone/feed/ 0
Kaspersky claims NSA hid spyware in HDD firmware https://www.kitguru.net/components/hard-drives/jon-martindale/kaspersky-claims-nsa-hid-spyware-in-hdd-firmware/ https://www.kitguru.net/components/hard-drives/jon-martindale/kaspersky-claims-nsa-hid-spyware-in-hdd-firmware/#comments Tue, 17 Feb 2015 22:00:14 +0000 http://www.kitguru.net/?p=236110 Hot off of the heels of breaking news on the biggest digital bank heist run in history, Kaspersky labs, the anti-malware firm, has released a new batch of information that indirectly paints the NSA and the US government as having inserted malware into the firmware of commercial hard drives. While the malware has turned up …

The post Kaspersky claims NSA hid spyware in HDD firmware first appeared on KitGuru.]]>
Hot off of the heels of breaking news on the biggest digital bank heist run in history, Kaspersky labs, the anti-malware firm, has released a new batch of information that indirectly paints the NSA and the US government as having inserted malware into the firmware of commercial hard drives. While the malware has turned up the most in countries like Russia and China, due to the commercial nature of the hard drives, it could be far more wide reaching than currently known.

While Kaspersky didn't say explicitly that the NSA was responsible for the malware creation – which due to being present in the HDD firmware, can infect a PC every time it boots – it said that it was closely related to the Stuxnet infection which targeted Iranian nuclear power stations. Due to Edward Snowden leaks, that attack was pinned on the USA. In the same vein, the HDD malware was designed to go after foreign banks, energy companies, telecoms businesses and military installations.

hdds

All in all, over 30 countries were found to have been infected with the malware, including: Russia, China, Pakistan, Afghanistan, Mali, Syria, Yemen and Algeria. However, despite the wide spread nature of the infection, Kaspersky claims the people behind it only utilised it to target specific installations, taking remote control of machines at the most desirable of targets.

However, the potential for further infection is huge, as the malware was said to be found in commercial drives from Seagate, Western Digital, Toshiba, IBM and Samsung. The question at this point is, whether those companies colluded with the NSA to achieve the goal of infecting so many machines, or whether they were none the wiser, as infecting the firmware should only be possible with the proprietary source code for the drives, according to a Reuters' source.

Since the news broke, WD has come forward to state that it had no involvement in the hacking and had never “provided its source code to government agencies.” The other manufacturers have yet to directly address whether they were involved, but several stated that their drives featured robust security and did not permit the use of foreign code.

KitGuru Says: According to ex-NSA staffers, sometimes the NSA pretends to be a software developer in order to gain access to the hardware source code. It may be a case that the HDD makers really were in the dark on this one, but even if that was the case, chances are they couldn't tell anyone.

Image source: William Hook

The post Kaspersky claims NSA hid spyware in HDD firmware first appeared on KitGuru.]]>
https://www.kitguru.net/components/hard-drives/jon-martindale/kaspersky-claims-nsa-hid-spyware-in-hdd-firmware/feed/ 2
Microsoft to notify Office 365 and Azure customers of government requests https://www.kitguru.net/gaming/security-software/matthew-wilson/microsoft-to-notify-office-365-and-azure-customers-of-government-requests/ https://www.kitguru.net/gaming/security-software/matthew-wilson/microsoft-to-notify-office-365-and-azure-customers-of-government-requests/#comments Tue, 17 Feb 2015 19:34:53 +0000 http://www.kitguru.net/?p=236132 Microsoft is now the first major cloud provider to make use of the ISO/IEC 27018 international standard for cloud privacy. From now on, Microsoft Azure and Office 365 customers will be notified when a government data request is received, allowing for more transparency. The standard was published by the International Organisation for Standardization in an …

The post Microsoft to notify Office 365 and Azure customers of government requests first appeared on KitGuru.]]>
Microsoft is now the first major cloud provider to make use of the ISO/IEC 27018 international standard for cloud privacy. From now on, Microsoft Azure and Office 365 customers will be notified when a government data request is received, allowing for more transparency.

The standard was published by the International Organisation for Standardization in an effort to protect data stored in the cloud. Under the new standard, enterprise customers will have control of their data and will be informed of everything that happens to it, including whether there are any deletions, transfers or returns of personal information.

new-microsoft-logo

Data will not be used for advertising purposes and customers will be notified of any government data requests. Microsoft has said: “The standard requires that law enforcement requests for disclosure of personally identifiable data must be disclosed to you as an enterprise customer, unless this disclosure is prohibited by law.”

“We've already adhered to this approach (and more), and adoption of the standard reinforces this commitment.”

This all comes in the midst of a legal battle Microsoft is involved in with the US government, as the company refuses to hand over data stored over seas.

Discuss on our Facebook page, HERE.

KitGuru Says: Microsoft has been doing a better job of fighting for transparency and data protection. What do you guys think of Microsoft's recent efforts?

Source: The Inquirer

The post Microsoft to notify Office 365 and Azure customers of government requests first appeared on KitGuru.]]>
https://www.kitguru.net/gaming/security-software/matthew-wilson/microsoft-to-notify-office-365-and-azure-customers-of-government-requests/feed/ 1