FBI Surveillance, NIST’s Rubbish Encryption Standards, NSA and GCHQ Hacking in the News
Let’s start with domestic snooping, and just in case you missed Kevin Gosztola’s excellent report ‘ACLU Releases Report on FBI’s Development Into Abusive Domestic Intelligence Enterprise’; you may want to read it closely. Some excerpts (my bolds throughout):
‘The report describes, “Every 90 days for the past seven years the FBI has obtained secret Foreign Intelligence Surveillance Court (FISA Court) orders compelling telecommunications companies to provide the government with the toll billing records of every American’s telephone calls, domestic and international, on an ongoing daily basis. Other programs have collected similar data about Americans’ email and Internet activity and seized the content of their international communications, even though there was no evidence they had done anything wrong. State and local police and the general public are encouraged to report all “suspicious” people and activity to the FBI.”
“This is what a domestic intelligence enterprise looks like in our modern technological age,” the report declares.
It examines how technology has enabled the FBI to hoard data on communities and engage in racial profiling that includes citing lawful activities as suspicious to justify investigations. It notes how the FBI has targeted First Amendment-protected activities and fought to suppress whistleblowers. It details the excessive secrecy in the FBI that has helped shield the agency from accountability. It also calls attention to the dubious practices in which the FBI is using informants in investigations and how they have also used the No-Fly List to coerce individuals into becoming informants.’
The following are some headings from the 60-pagereport:
~Racial and Ethnic Profiling
~ Targeting First Amendment-Protected Activities
The database, eGuardian, was setup in 2009 for reports of “suspicious” behavior, which could be shared amongst state and local law enforcement agencies. The report from the ACLU indicates that eGuardian “has become a repository for improperly collected information about First Amendment-protected activities.
~ Overzealously Applying Authorities to Manipulate Minorities into Becoming Informants (including the use of agents provacateurs)
~ Using the No Fly List to Force Individuals to Become Informants
The ACLU report, entitled ‘UNLEASHED AND UNACCOUNTABLE: The FBI’s Unchecked Abuse of Authority’ (pdf) can be read here.
And from the Guardian comes ‘Major US security company warns over NSA link to encryption formula: RSA, the security arm of EMC, sends email to customers over default random number generator which uses weak formula’
That formula they’d been using was one of the NIST encryptions that was shown via others of Snowden’s documents to have been created as weak by the NSA (as far as I understand it) .
A major American computer security company has told thousands of customers to stop using an encryption system that relies on a mathematical formula developed by the National Security Agency (NSA). [snip]
Last week, the New York Times reported that Snowden’s cache of documents from his time working for an NSA contractor showed that the agency used its public participation in the process for setting voluntary cryptography standards, run by the government’s National Institute of Standards (NIST) and Technology, to push for a formula it knew it could break. Soon after that revelation, the NIST began advising against the use of one of its cryptographic standards and, having accepted the NSA proposal in 2006 as one of four systems acceptable for government use, said it would reconsider that inclusion in the wake of questions about its security.’
Well yes, one has to wonder why RSA would still have been using that ‘weak random-number generator’ after being warned against it, but part of the answer may be here:
‘Encryption systems use pseudo-random number generators as part of a complex mathematical process of creating theoretically uncrackable codes. If the number sequences generated can be predicted, that makes the code crackable, given sufficient computing power.
Ferguson pointed to a 2007 presentation by two researchers from Microsoft, Dan Shumow and Niels Ferguson, in which they said: “What we are not saying: NIST intentionally put a back door in this PRNG. What we are saying: the prediction resistance of this PRNG … is dependent on solving one instance of the elliptic curve discrete log problem. (And we do not know if the algorithm designer knew this beforehand.)”
A person familiar with the process by which NIST would have accepted the PRNG told Reuters that it accepted the code in part because many government agencies were already using it.’
Robert Westervelt at CRN.com has more if you’re interested.
Onto the international scene:
From Der Spiegel, ‘Belgacom Attack: Britain‘s GCHQ Hacked Belgian Telecoms Firm’:
Documents from the archive of whistleblower Edward Snowden indicate that Britain’s GCHQ intelligence service was behind a cyber attack against Belgacom, a partly state-owned Belgian telecoms company. A “top secret” Government Communications Headquarters (GCHQ) presentation seen by SPIEGEL indicate that the goal of project, conducted under the codename “Operation Socialist,” was “to enable better exploitation of Belgacom” and to improve understanding of the provider’s infrastructure. [snip]
The document shows that the Belgacom subsidiary Bics, a joint venture between Swisscom and South Africa’s MTN, was on the radar of the British spies.
Belgacom, whose major customers include institutions like the European Commission, the European Council and the European Parliament, ordered an internal investigation following the recent revelations about spying by the United States’ National Security Agency (NSA) and determined it had been the subject of an attack. The company then referred the incident to Belgian prosecutors. Last week, Belgian Prime Minister Elio di Rupo spoke of a “violation of the public firm’s integrity.”
When news first emerged of the cyber attack, suspicions in Belgium were initially directed at the NSA. But the presentation suggests that it was Belgium’s own European Union partner Britain that is behind “Operation Socialist,” even though the presentation indicates that the British used spying technology for the operation that the NSA had developed.
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a “Quantum Insert” (“QI”). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them. Some of the employees whose computers were infiltrated had “good access” to important parts of Belgacom’s infrastructure, and this seemed to please the British spies, according to the slides.’
The Wiki provides a list of the nations that use MTM. Heh. Belacoms’ Wiki history is here. The investigation seems to have come on the heels of the Snowden documents revealing the ‘Follow the Money’ flowing into the NSA’s financial database Tracfin programs, and representing the transactions of close to 200 million credit card transactions via companies like Visa. In addition:
‘The NSA’s Tracfin data bank also contained data from the Brussels-based Society for Worldwide Interbank Financial Telecommunication (SWIFT), a network used by thousands of banks to send transaction information securely. SWIFT was named as a “target,” according to the documents, which also show that the NSA spied on the organization on several levels, involving, among others, the agency’s “tailored access operations” division. One of the ways the agency accessed the data included reading “SWIFT printer traffic from numerous banks,” the documents show.’
Visa swiftly struck back: ‘”We are not aware of any unauthorized access to our network.’ Who can argue with that weasely non-denial denial?
International blowback; from venezuelanalysis.com, ‘Venezuela Rejects U.S. Version of Maduro Airspace Prohibition Dispute’:
‘Mérida, 20th September 2013– Venezuela has rejected the United States’ version of events in the dispute over President Nicolas Maduro’s passage through U.S. airspace last night.
The diplomatic fallout reached media attention when Venezuelan foreign minister Elias Jaua told reporters yesterday that President Maduro had been denied permission to fly through U.S. airspace.’ [snip]
Rejecting the US State Department’s Official Bullshit:
‘Venezuela’s top diplomat in Washington, Calixto Ortega, rejected the U.S. version of events, affirming in a call to state channel VTV that the U.S. had indeed denied Maduro’s passage through its airspace.
“The permission was denied. I have the denial in writing. We had to have a series of conversations [to gain clearance for the flight],” he said.
Ortega also disagreed with the arguments put forward for the delay in granting permission to enter U.S. airspace, explaining that the plane, route and flight request were exactly the same as in June when Maduro passed over Puerto Rico en route to Italy for a diplomatic tour of Europe.
“It’s the same plane, with the same crew, and exactly the same route made, [and in June] a permission request [was] immediately approved,” he explained.
This, mind you, is the US and Obomba hoping to establish more ‘cordial’ relations with Nicolas Maduro after his election in July. Brilliant.
In solidarity with Venezuela:
‘Bolivian president Evo Morales requested an “emergency meeting” of the Community of Latin American and Caribbean States (CELAC), saying that he would propose that all member states of the bloc withdraw their ambassadors from the U.S. in protest. CELAC brings together every state in the Western Hemisphere with the exception of the U.S. and Canada.
“If it’s with Maduro, it’s with everyone. The United States must know that if it messes with Maduro, it messes with the whole Latin American people…because this is about the unity and sovereignty of our peoples,” he said.
Also from Der Spiegel, ‘SWIFT Suspension? EU Parliament Furious about NSA Bank Spying…
But the odds are against it, the author of article admits, since the EU Council would have to approve that sort of major move.
Stop Watching Us will hold a rally against mass surveillance on October 26 in Washington DeeCee.
(cross-posted at Cafe-Babylon.net)