NSA planned to infect Samsung with spyware

 

NSA planned to infect Samsung with spyware

NSA planned to infect Samsung with spyware

If you’re in the business of writing spyware or malware, smartphones are a tempting target. For many people, their phone or tablet is now the primary compute device they use to surf the web, access content, and explore new software. Google has had problems keeping the Google Play store free from malware and spyware, but new information suggests that both Google and Samsung almost faced a much more potent opponent — the NSA itself.

A report from The Intercept highlights how the NSA explored options for hacking the App Store and Google Play over several workshops held in Australia and Canada between November 2011 and February 2012. The projects used the Internet-monitoring Xkeyscore system to identify smartphone traffic, then trace that traffic back to app stores. This led to a project dubbed Irritant Horn, the point of which was to develop the ability to distribute “implants” that could be installed when the smartphones in question attempted to connect to Google or Samsung app stores.

The NSA has targeted mobile devices ever since the post-Patriot Act era made such warrantless comprehensive spying legal, but it’s never been clear how the organization managed to tap certain hardware in the first place. The goal was twofold: First, use app stores to launch spyware campaigns and second, gather information about the phone users themselves by infiltrating the app stores in question.

The reference to “Another Arab spring,” refers to the fact that the events of 2010-2011 apparently caught western intelligence agencies off-guard, with few resources that could quickly be brought to bear. The NSA wanted to be aware of future events before they happened. Note, however, that this has precious little to do with the direct goal of protecting the United States from terrorism.

Few would argue that the US should not monitor the activities of known threats, but where was the threat from internal strife and the possible toppling of autocratic governments? It’s true that in the longer run, some new governments might pursue policies that the United States found less desirable than those of the previous regime, but there’s an enormous leap between “We don’t like Country X’s new trade policy,” and “Country X is actively assisting terrorist groups to carry out an attack on the United States.”

 The NSA was primarily interested in the activities of African countries. But in the course of investigating these possibilities, it discovered significant security flaws in a program called UC Browser, used by nearly half a billion people in East Asia. Instead of disclosing the security vulnerability, the NSA and other foreign intelligence groups chose to exploit it — thereby increasing the chances that other criminal elements would have time to find and exploit it as well.

These issues are at the heart of the debate over what the NSA’s role should be in the future. There’s always been tension over whether the NSA should weaken or strengthen the cryptographic standards that allow for secure communication. That discussion may be even more nuanced when it involves software produced by foreign companies. There are few signs, however, that such nuanced discussions of capability have ever occurred. Instead, we continue to see intelligence resources deployed with the goal of vacuuming up all information from any source, regardless of legal precedent or cooperation.

The future of the Patriot Act and the scope of NSA’s future powers remains in some doubt. Senator Rand Paul gave a 10-hour speech yesterday aimed at derailing support for the Patriot Act (his actions were not properly a filibuster, because a vote on the renewal of Section 215 wasn’t actually before the chamber at the time). Others in the House of Representatives have called for a full appeal of the Patriot Act’s provisions, and the Federal Appeals Court for the Second Circuit recently ruled that the current spying program is illegal under the Patriot Act as it stands.

 

Source:  extremetech.com

 

Freelance NSA Spies Private Conversations

NSA Spies

NSA Spies

Thanks to Edward Snowden, we know that the National Security Agency collects the phone records of every American in order to keep the country safe from terrorism. But for the past eight months a group of artists claiming to work for the NSA on “a freelance, pro bono basis” have been recording people’s private conversations in popular bars, restaurants, and gyms in Lower Manhattan to ensure that no actionable intelligence falls through the cracks.

“We’re looking for terrorism, we’re looking for signs of plots and schemes that could put the homeland at risk,” one of the group’s “agents” tells us.

The project’s website, We Are Always Listening, includes snippets of actual conversations recorded by tiny, hidden tape recorders placed in The Brindle Room, Café Mogador, and the Crunch Gym in Union Square, among other popular public spaces.

In the recordings, a group of men talk about how a friend is “trying too hard to be one of us,” a woman complains about paying more than $2,000/month in rent, and a man describes a former boyfriend’s fetish: “He wanted me to like, fake double over in pain. Like we’re doing a scene from Batman Returns.”

None of the recordings contain any last names or other forms of information that would allow the people in the recordings to be directly identified, but first names flow freely.

“The reason we broadcast small, small, small, fractions of what we’ve gathered is because we’ve also heard members of the American public say they want a more transparent window into how data is collected,” said the “agent,” who asked to speak anonymously because New York State law requires the consent of at least one party in order to record a conversation (as Governor Cuomo famously discovered).

“Our agents would dispute that having a conversation at a restaurant or a gym is private. There should not be an assumption of privacy.”

The Manhattan DA’s office declined to comment on the group’s activities.

The project is seemingly designed to shake Americans (and, based on the locations the group placed their recorders, the Downtown bourgeoisie) out of their torpor with respect to how the NSA collects data and the federal government’s reliance on millions of independent contractors with security clearances.

“We imagine people are fine with this type of surveillance,” the “agent” said, tongue firmly in cheek. “The general public has mostly spoken in a unified voice saying, well, it’s just what you need to do to keep the country safe.”

For those who believe that posting audio of private conversations online is wrong, or that it surpasses what even the NSA considers appropriate, a button marked “Angry?” on the group’s website directs users to the ACLU’s website that allows you to contact your federal representatives and urge them to kill the portion of the Patriot Act that allows for the NSA’s blanket surveillance (the Senate recently voted to block a bill from the House designed to curtail the government’s collection of phone data).

The “agent” told us that New Yorkers should expect more leaked conversations. If you’ve hung out at 61 Local in Cobble Hill recently, you might want to keep your eye on the group’s website: a tape recorder has been listening there for some time.

 

Source:  gothamist.com

Google closer to developing human-like intelligence

Artificial Intelligence

Artificial Intelligence

Computers will have developed “common sense” within a decade and we could be counting them among our friends not long afterwards, one of the world’s leading AI scientists has predicted.

Professor Geoff Hinton, who was hired by Google two years ago to help develop intelligent operating systems, said that the company is on the brink of developing algorithms with the capacity for logic, natural conversation and even flirtation.

The researcher told the Guardian said that Google is working on a new type of algorithm designed to encode thoughts as sequences of numbers – something he described as “thought vectors”.

Although the work is at an early stage, he said there is a plausible path from the current software to a more sophisticated version that would have something approaching human-like capacity for reasoning and logic. “Basically, they’ll have common sense.”

The idea that thoughts can be captured and distilled down to cold sequences of digits is controversial, Hinton said. “There’ll be a lot of people who argue against it, who say you can’t capture a thought like that,” he added. “But there’s no reason why not. I think you can capture a thought by a vector.”

Hinton, who is due to give a talk at the Royal Society in London on Friday, believes that the “thought vector” approach will help crack two of the central challenges in artificial intelligence: mastering natural, conversational language, and the ability to make leaps of logic.

He painted a picture of the near-future in which people will chat with their computers, not only to extract information, but for fun – reminiscent of the film, Her, in which Joaquin Phoenix falls in love with his intelligent operating system.

“It’s not that far-fetched,” Hinton said. “I don’t see why it shouldn’t be like a friend. I don’t see why you shouldn’t grow quite attached to them.”

In the past two years, scientists have already made significant progress in overcoming this challenge.

Richard Socher, an artificial intelligence scientist at Stanford University, recently developed a program called NaSent that he taught to recognise human sentiment by training it on 12,000 sentences taken from the film review website Rotten Tomatoes.

Part of the initial motivation for developing “thought vectors” was to improve translation software, such as Google Translate, which currently uses dictionaries to translate individual words and searches through previously translated documents to find typical translations for phrases. Although these methods often provide the rough meaning, they are also prone to delivering nonsense and dubious grammar.

Thought vectors, Hinton explained, work at a higher level by extracting something closer to actual meaning.

The technique works by ascribing each word a set of numbers (or vector) that define its position in a theoretical “meaning space” or cloud. A sentence can be looked at as a path between these words, which can in turn be distilled down to its own set of numbers, or thought vector.

The “thought” serves as a the bridge between the two languages because it can be transferred into the French version of the meaning space and decoded back into a new path between words.

The key is working out which numbers to assign each word in a language – this is where deep learning comes in. Initially the positions of words within each cloud are ordered at random and the translation algorithm begins training on a dataset of translated sentences.

At first the translations it produces are nonsense, but a feedback loop provides an error signal that allows the position of each word to be refined until eventually the positions of words in the cloud captures the way humans use them – effectively a map of their meanings.

Hinton said that the idea that language can be deconstructed with almost mathematical precision is surprising, but true. “If you take the vector for Paris and subtract the vector for France and add Italy, you get Rome,” he said. “It’s quite remarkable.”

Dr Hermann Hauser, a Cambridge computer scientist and entrepreneur, said that Hinton and others could be on the way to solving what programmers call the “genie problem”.

“With machines at the moment, you get exactly what you wished for,” Hauser said. “The problem is we’re not very good at wishing for the right thing. When you look at humans, the recognition of individual words isn’t particularly impressive, the important bit is figuring out what the guy wants.”

“Hinton is our number one guru in the world on this at the moment,” he added.

Some aspects of communication are likely to prove more challenging, Hinton predicted. “Irony is going to be hard to get,” he said. “You have to be master of the literal first. But then, Americans don’t get irony either. Computers are going to reach the level of Americans before Brits.”

A flirtatious program would “probably be quite simple” to create, however. “It probably wouldn’t be subtly flirtatious to begin with, but it would be capable of saying borderline politically incorrect phrases,” he said.

Many of the recent advances in AI have sprung from the field of deep learning, which Hinton has been working on since the 1980s. At its core is the idea that computer programs learn how to carry out tasks by training on huge datasets, rather than being taught a set of inflexible rules.

With the advent of huge datasets and powerful processors, the approach pioneered by Hinton decades ago has come into the ascendency and underpins the work of Google’s artificial intelligence arm, DeepMind, and similar programs of research at Facebook and Microsoft.

Hinton played down concerns about the dangers of AI raised by those such as the American entrepreneur Elon Musk, who has described the technologies under development as humanity’s greatest existential threat. “The risk of something seriously dangerous happening is in the five year timeframe. Ten years at most,” Musk warned last year.

“I’m more scared about the things that have already happened,” said Hinton in response. “The NSA is already bugging everything that everybody does. Each time there’s a new revelation from Snowden, you realise the extent of it.”

“I am scared that if you make the technology work better, you help the NSA misuse it more,” he added. “I’d be more worried about that than about autonomous killer robots.

 

Source:  theguardian.com

NSA Reveal How To Hide From The NSA

NSA

NSA

 

If you want a truly anonymous life, then maybe it’s time you learned about Tor, CSpace and ZRTP.

These three technologies could help people hide their activities from the National Security Agency, according to NSA documents newly obtained from the archive of former contractor Edward Snowden by the German magazine Der Spiegel.

The combination of Tor, CSpace and ZRTP (plus another anonymizing technology for good measure) results in levels of protection that the NSA deems “catastrophic” — meaning the organization has “near-total loss/lack of insight to target communications,” according to Der Spiegel.

“Although the documents are around two years old, experts consider it unlikely the agency’s digital spies have made much progress in cracking these technologies,” Spiegel’s staff wrote.

In comparison, accessing somebody’s Facebook messages is considered a “minor” task for the agency. Similarly, virtual private networks (or VPNs), which are widely used by companies, are easily accessed by the NSA, according to Der Spiegel’s report, as are so-called “HTTPS” connections.

So, what are these services and what do you actually have to do to use them?

Tor is basically a network that offers an easy way for people to mask their location when communicating online. Anyone can download Tor’s web browser — it’s available on Mac, Windows, Linux, and smartphones. It’s not foolproof: When using Tor, you’re advised to sacrifice the convenience of browser plugins, torrent downloads, and websites that don’t use “HTTPS encryption” if you truly want to stay off the grid.

And that’s just if you want to mask your online habits — messaging and phone calls require more steps still, meaning you also have to add CSpace and ZRTP if you want to hide those from the NSA, according to Der Spiegel.

CSpace is a program that lets people text chat and transfer files, while ZRTP is a form of encryption that protects mobile phone calls and texting — it’s used in apps like RedPhone and Signal.

If that all sounds a bit daunting, anonymous living may not be for you. There are plenty of ways to stay relatively private online. But true anonymity is harder to achieve, and so coveted that some people will pay $629 for a special phone that purports to keep a user’s information more secure.

As noted, the Snowden documents are a couple of years old; it’s possible the NSA has found ways around these tools by now. But for the privacy-conscious, they are certain to work better than a tinfoil hat.

 

Source:  huffingtonpost.com

NSA should track every American email

NSA should track every American email:

NSA should track every American email

NSA should track every American email

 

If you think that President Obama to review the National Security Agency panel was purely in loosening of its scope , think again.

One participant said on Sunday that the NSA recommends tracking details metadata such as sender, recipient , time and location emails of all Americans.

It would not be the first time. The NSA followed up on email metadata of Americans without a warrant, although it is said that the practice ended in 2011, and none of the documents leaked by former contractor Edward Snowden released so far contradicts that statement. The agency does not store all metadata, which admitted a couple of months after Snowden leaked documents showing that the case , although the review panel recommended ending the program.

Those familiar with the faces of five members of the review panel, Obama probably would not be surprised at who made ​​the recommendation : Michael Morell, former director of the CIA.

“I would say that in fact the email data is probably more valuable than data telephony,” Morell told the National Journal , in a telephone interview Sunday .

Morell actually granted what has previously been hailed as a victory for privacy advocates who oppose the NSA : the program metadata collection phone made ” only a modest contribution to the security of the nation ” and that ” the last thing a smart terrorist will do at this point is to call someone in the United States. ”

So the solution in Morell ‘s mind , is the ability to legally track all e- mails sent to or from American computers.

” If I had been in effect in 2000 and 2001 , I think , probably 9/11 would not have happened,” he said.

Firm denies accepting bribe from NSA

Firm denies accepting bribe from NSA:

Firm denies accepting bribe from NSA

Firm denies accepting bribe from NSA

 

More details came to light of the National Security Agency U.S. to break encryption schemes that protect personal communications and financial transactions on the Internet.

Reuters reported that RSA, a Internet encryption firms , may have accepted $ 10 million to weaken services. Specifically , the report claimed , generator vulnerable to attack by the NSA incorporates random numbers .

NSA ‘s efforts to weaken encryption Internet , either by direct attack or through agreements with several Internet companies apparently began after the September 11, 2001 .

On Sunday , RSA denied any money from the agency to weaken encryption. ” We categorically deny this accusation , ” RSA wrote in a blog. “We worked with the NSA , both as a provider and an active member of the security community . Never have kept this relationship a secret and , in fact, have openly publicized it.”

While RSA not refused to work with the spy agency , said that behind when he apparently went into contract together, ” the NSA had a role of trust in the community -wide effort to strengthen, not weaken , the encryption. ”

In fact , it was only in September 2013 that the New York Times revealed that the NSA had intentionally weakened the random number generator used by some of the tools of RSA . Once the history of time left , RSA agreed that the generator must not be used. ” RSA always acts in the best interest of their clients and in any case the RSA design or enable backdoors into our products,” the firm wrote at the time .

NSA collects 5 billion cell phone records a day

NSA reportedly collects 5 billion cell phone location records a day:

NSA reportedly collects 5 billion cell phone location records a day

NSA reportedly collects 5 billion cell phone location records a day

The NSA collects nearly 5 billion records a day on the locations of cell phones overseas to create a huge database that stores information from hundreds of millions of devices, including those belonging to some Americans abroad, the Washington Post reported Wednesday.

Documents provided to the Post by NSA leaker Edward Snowden detail how this database is able to track people worldwide and map out their relationships with others.

The NSA inadvertently gathers U.S. location records, along with the billions of other records it collects by tapping into worldwide mobile network cables, the Post reported.

The database and projects designed to analyze it have created a mass surveillance tool for the NSA, allowing it to monitor individuals in a way never seen before.

NSA analysts can look at the data and track an individual’s movements throughout the world. They can then map out the person’s relationships with others and expose previously unknown correspondence.

The agency collects the large amount of cell phone data in order to find out who is interacting with targets the agency is already tracking, even though most of the records collected are not relevant to national security.

The number of Americans who are tracked as part of the data collection overseas is unclear from the Snowden documents, and a senior intelligence official told the Post it is “awkward for us to try to provide any specific numbers.”

U.S. officials told the Post the programs that collect cell phone data are strictly geared towards tracking foreign intelligence targets, and are not against the law.

Congress doesn’t know how NSA works

Congress NSA doesn't works

Congress NSA doesn’t works

While the president and the intelligence community cling to “Congressional oversight” as a justficiation for the pervasive intelligence-gathering programs in place within the US, members of Congress theselves are saying that they don’t have the information they need to exercise real authority over the NSA. A recent report in The Guardian quotes two House members, Morgan Griffith (R-VA) and Alan Grayson (D-FL), who have both requested information about the agency and its programs from the House Intelligence Committee, only to be rebuffed.

In a June 25th request, Rep. Griffith asked the committee for the “classified FISA court order(s)” discussed on Meet the Press the previous weekend — a 2011 opinion holding that many of the NSA’s programs under the FISA Amendments Act were unconstitutitional. Weeks later he requested additional information surrounding Yahoo’s legal challenge to the NSA’s PRISM program and Verizon’s supplying of customer metadata to government intelligence agencies. More than six weeks since the first letter, Griffith still hasn’t received a response.

In Rep. Grayson’s case, the committee did sometimes respond to his requests for information. “The transcript is classified,” read one such reply to a request for the text from a vote — itself a decision to refuse an earlier request for information. So far, neither Griffith nor Grayson have received the information they requested.

Adding to the overall lack of oversight, media reports containing classified information are similarly barred from Congress. Last month, Grayson attempted to circulate slides published by The Guardian only to be told that he could face sanctions because the material they contained was still classified, echoing the Obama administration’s 2010 decision to ban the WikiLeaks website from federal computers while the diplomatic cables it sought to block access to were being published in major newspapers. Expressing frustration at the House Intelligence Committee, Rep. Griffith said, “my oath is to make informed decisions, and I can’t do my job when I can’t get even the most basic information about these programs.”

NSA

NSA partners with Google

 

DOJ Asks Court To Keep Secret Any PARTNERSHIP Between GOOGLE And NSA:

NSA

NSA

The Justice Department refuses to divulge whatever sort of agreement there may be between Google and the National Security Agency. Not that there is one, of course.

Mike Scarcella in The Legal Times writes about The Justice Department defending the government’s refusal to discuss, or acknowledge the existence of, “any cooperative research and development agreement between Google and the National Security Agency.”

 The Washington based advocacy group Electronic Privacy Information Center sued in federal district court here to obtain documents about any such agreement between the Internet search giant and the security agency.

The NSA responded to the suit with a so-called “Glomar” response in which the agency said it could neither confirm nor deny whether any responsive records exist. U.S. District Judge Richard Leon in Washington sided with the government last July.

 

N.S.A. copies all American Emails

   Former NSA Mathematician Says He Believes the Agency Stores Copies of All Emails Transmitted in America:

NSA Agent

NSA Agent

While most of the N.S.A. was reeling on September 11th, inside SARC the horror unfolded “almost like an ‘I-told-you-so’ moment,” according to J. Kirk Wiebe, an intelligence analyst who worked there. “We knew we weren’t keeping up.” SARC was led by a crypto-mathematician named Bill Binney, whom Wiebe describes as “one of the best analysts in history.” Binney and a team of some twenty others believed that they had pinpointed the N.S.A.’s biggest problem—data overload—and then solved it. But the agency’s management hadn’t agreed.  Binney, who is six feet three, is a bespectacled sixty-seven-year-old man with wisps of dark hair; he has the quiet, tense air of a preoccupied intellectual. Now retired and suffering gravely from diabetes, which has already claimed his left leg, he agreed recently to speak publicly for the first time about the Drake case. When we met, at a restaurant near N.S.A. headquarters, he leaned crutches against an extra chair. “This is too serious not to talk about,” he said.  Binney expressed terrible remorse over the way some of his algorithms were used after 9/11. ThinThread, the “little program” that he invented to track enemies outside the U.S., “got twisted,” and was used for both foreign and domestic spying: “I should apologize to the American people. It’s violated everyone’s rights. It can be used to eavesdrop on the whole world.” According to Binney, Drake took his side against the N.S.A.’s management and, as a result, became a political target within the agency.  Binney, for his part, believes that the agency now stores copies of all e-mails transmitted in America, in case the government wants to retrieve the details later. In the past few years, the N.S.A. has built enormous electronic-storage facilities in Texas and Utah. Binney says that an N.S.A. E-mail database can be searched with “dictionary selection,” in the manner of Google. After 9/11, he says, “General Hayden reassured everyone that the N.S.A. didn’t put out dragnets, and that was true. It had no need—it was getting every fish in the sea.”  Binney considers himself a conservative, and, as an opponent of big government, he worries that the N.S.A.’s data-mining program is so extensive that it could help “create an Orwellian state.” Whereas wiretap surveillance requires trained human operators, data mining is automated, meaning that the entire country can be watched. Conceivably, U.S. officials could “monitor the Tea Party, or reporters, whatever group or organization you want to target,” he says. “It’s exactly what the Founding Fathers never wanted.”

Former NSA Genius Apologizes for His Super Spying Software (Gizmodo):

Long before 9/11, brilliant NSA crypto-mathematician Bill Binney had developed an algorithm to make sense of the unbelievably massive amounts of data American spies were pulling in—he called it ThinThread. And then it went very, very wrong.

Thin Thread, the New Yorker reports, proved to be too good: designed to track foreign enemies via their electronic footprints, Binney was horrified to find that the powerful software processed mammoth amounts of American communications as well. Without a warrant—illegally. Binney implemented an encryption scheme that blurred out American chatter unless it was flagged by a judge, but his system was discarded by the NSA for being too invasive.

NSA building

NSA building