bothernews

Posts Tagged ‘electronic surveillance

Ex-spy says NSA did mass surveillance during Utah Olympics

leave a comment »

 


June 2, 2017

SALT LAKE CITY (AP) — A former top spy agency official who was the target of a government leak investigation says the National Security Agency conducted blanket surveillance in Salt Lake City during the 2002 Winter Olympics in Utah, according to court documents.

Ex-NSA official Thomas Drake wrote in a declaration released Friday that the NSA collected and stored virtually all electronic communications going into or out of the Salt Lake City area, including the contents of emails and text messages.

“Officials in the NSA and FBI viewed the Salt Lake Olympics Field Op as a golden opportunity to bring together resources from both agencies to experiment with and fine tune a new scale of mass surveillance,” Drake wrote.

It comes as part of a lawsuit filed by attorney Rocky Anderson, who was the mayor of Salt Lake City during the games held a few months after the Sept. 11, 2001, attacks. Anderson said the document was disclosed to the U.S. Department of Justice on Wednesday.

Full Story:  http://hosted.ap.org/dynamic/stories/U/US_OLYMPICS_NSA_LAWSUIT?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2017-06-02-20-04-38

Advertisements

New NSA Documents Shine More Light into Black Box of Executive Order 12333

leave a comment »

 

In the NSA’s own words, EO 12333 is "the primary source of the NSA’s foreign intelligence-gathering authority."

Surveillance conducted under EO 12333 is implemented almost entirely by the executive branch, without review by Congress or the courts. EO 12333 lacks even the plainly inadequate legislative and judicial checks on the two more well-known surveillance authorities — Section 215 of the Patriot Act and the FISA Amendments Act.

 

 

Edward Snowden Christmas Message: Transcript & Video

leave a comment »

 

Edward Snowden:

“Hi, and Merry Christmas. I’m honored to have the chance to speak with you and your family this year.

Recently, we learned that our governments, working in concert, have created a system of worldwide mass surveillance, watching everything we do.

Great Britain’s George Orwell warned us of the danger of this kind of information. The types of collection in the book — microphones and video cameras, TVs that watch us — are nothing compared to what we have available today. We have sensors in our pockets that track us everywhere we go.

Think about what this means for the privacy of the average person. A child born today will grow up with no conception of privacy at all. They’ll never know what it means to have a private moment to themselves — an unrecorded, unanalyzed thought. And that’s a problem, because privacy matters. Privacy is what allows us to determine who we are and who we want to be.

The conversation occurring today will determine the amount of trust we can place both in the technology that surrounds us and the government that regulates it. Together, we can find a better balance. End mass surveillance. And remind the government that if it really wants to know how we feel, asking is always cheaper than spying.

For everyone out there listening, thank you, and Merry Christmas.”

 

[BN:  Thank you, Mr. Snowden.]

VIDEO Edward Snowden Christmas Message: End Mass Surveillance

See Also:

The NSA’s New Risk Analysis

leave a comment »

 

Schneier on Security

A blog covering security and security technology.

October 9, 2013

 

The NSA’s New Risk Analysis

 

As I recently reported in the Guardian, the NSA has secret servers on the Internet that hack into other computers, codename FOXACID. These servers provide an excellent demonstration of how the NSA approaches risk management, and exposes flaws in how the agency thinks about the secrecy of its own programs.

Here are the FOXACID basics: By the time the NSA tricks a target into visiting one of those servers, it already knows exactly who that target is, who wants him eavesdropped on, and the expected value of the data it hopes to receive. Based on that information, the server can automatically decide what exploit to serve the target, taking into account the risks associated with attacking the target, as well as the benefits of a successful attack. According to a top-secret operational procedures manual provided by Edward Snowden, an exploit named Validator might be the default, but the NSA has a variety of options. The documentation mentions United Rake, Peddle Cheap, Packet Wrench, and Beach Head — all delivered from a FOXACID subsystem called Ferret Cannon. Oh how I love some of these code names. (On the other hand, EGOTISTICALGIRAFFE has to be the dumbest code name ever.)

Snowden explained this to Guardian reporter Glenn Greenwald in Hong Kong. If the target is a high-value one, FOXACID might run a rare zero-day exploit that it developed or purchased. If the target is technically sophisticated, FOXACID might decide that there’s too much chance for discovery, and keeping the zero-day exploit a secret is more important. If the target is a low-value one, FOXACID might run an exploit that’s less valuable. If the target is low-value and technically sophisticated, FOXACID might even run an already-known vulnerability.

[…]

According to Snowden, the TAO — that’s Tailored Access Operations — operators running the FOXACID system have a detailed flowchart, with tons of rules about when to stop. If something doesn’t work, stop. If they detect a PSP, a personal security product, stop. If anything goes weird, stop. This is how the NSA avoids detection, and also how it takes mid-level computer operators and turn them into what they call "cyberwarriors." It’s not that they’re skilled hackers, it’s that the procedures do the work for them.

And they’re super cautious about what they do.

While the NSA excels at performing this cost-benefit analysis at the tactical level, it’s far less competent at doing the same thing at the policy level. The organization seems to be good enough at assessing the risk of discovery — for example, if the target of an intelligence-gathering effort discovers that effort — but to have completely ignored the risks of those efforts becoming front-page news.

[…]

Schneier on Security: The NSA’s New Risk Analysis

Written by bothernews

November 6, 2013 at 3:07 am