Resources

Stare Into The Lights My Pretties >

Bloomberg’s Spy Chip Story Reveals the Murky World of National Security Reporting

Chinese spies reportedly infiltrated the supply chain and installed tiny chips the size of a pencil tip on the motherboards built by Supermicro, which are used in data center servers across the U.S. tech industry — from Apple to Amazon. That chip can compromise data on the server, allowing China to spy on some of the world’s most wealthy and powerful companies. Apple, Amazon and Supermicro — and the Chinese government — strenuously denied the allegations. Apple also released its own standalone statement later in the day, as did Supermicro.

Welcome to the murky world of national security reporting.

I’ve covered cybersecurity and national security for about five years, most recently at CBS, where I reported exclusively on several stories — including the U.S. government’s covert efforts to force tech companies to hand over their source code in an effort to find vulnerabilities and conduct surveillance. And last year I revealed that the National Security Agency had its fifth data breach in as many years, and classified documents showed that a government data collection program was far wider than first thought and was collecting data on U.S. citizens.

Even with this story, my gut is mixed.

In the aftermath of the disclosure of PRISM, the NSA’s data pulling program that implicated several tech companies — including Apple, but not Amazon — the companies came out fighting, vehemently denying any involvement or connection. Was it a failure of reporting? Partially, yes. But the companies also had plausible deniability by cherry picking what they rebuffed. Despite a claim by the government that PRISM had “direct access” to tech companies’ servers, the companies responded that this wasn’t true. They didn’t, however, refute indirect access — which the companies wouldn’t be allowed to say in any case.

Forbes: Cellebrite can unlock every iPhone

Cellebrite, a Petah Tikva, Israel-based vendor that’s become the U.S. government’s company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 . That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

The Israeli firm, a subsidiary of Japan’s Sun Corporation, hasn’t made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren’t authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company’s literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of “Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11.” Separately, a source in the police forensics community told Forbes he’d been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple’s newest devices worked in much the same way.

Robot police “officer” goes on duty in Dubai

Dubai Police have revealed their first robot officer, giving it the task of patrolling the city’s malls and tourist attractions.

People will be able to use it to report crimes, pay fines and get information by tapping a touchscreen on its chest.

Data collected by the robot will also be shared with the transport and traffic authorities.”

Leaked files reveal scope of Cellebrite’s phone cracking technology

“Earlier this year, [ZDNet was] sent a series of large, encrypted files purportedly belonging to a U.S. police department as a result of a leak at a law firm, which was insecurely synchronizing its backup systems across the internet without a password. Among the files was a series of phone dumps created by the police department with specialist equipment, which was created by Cellebrite, an Israeli firm that provides phone-cracking technology. We obtained a number of these so-called extraction reports. One of the more interesting reports by far was from an iPhone 5 running iOS 8. The phone’s owner didn’t use a passcode, meaning the phone was entirely unencrypted. The phone was plugged into a Cellebrite UFED device, which in this case was a dedicated computer in the police department. The police officer carried out a logical extraction, which downloads what’s in the phone’s memory at the time. (Motherboard has more on how Cellebrite’s extraction process works.) In some cases, it also contained data the user had recently deleted. To our knowledge, there are a few sample reports out there floating on the web, but it’s rare to see a real-world example of how much data can be siphoned off from a fairly modern device. We’re publishing some snippets from the report, with sensitive or identifiable information redacted.”

FBI authorised informants to break the law 22,800 times in 4 years

“Over a four-year period, the FBI authorized informants to break the law more than 22,800 times, according to newly reviewed documents.

Official records obtained by the Daily Dot under the Freedom of Information Act (FOIA) show the Federal Bureau of Investigation gave informants permission at least 5,649 times in 2013 to engage in activity that would otherwise be considered a crime. In 2014, authorization was given 5,577 times, the records show.

Those crimes can have serious and unintended consequences. For example, a Daily Dot investigation found that an FBI informant was responsible for facilitating the 2011 breach of Stratfor in one of the most high-profile cyberattacks of the last decade. While a handful of informants ultimately brought down the principal hacker responsible, the sting also caused Stratfor, an American intelligence firm, millions of dollars in damages and left an estimated 700,000 credit card holders vulnerable to fraud.”

Steven Rambam at HOPE XI, 2016

“First came the assault on privacy. Name, address, telephone, DOB, SSN, physical description, friends, family, likes, dislikes, habits, hobbies, beliefs, religion, sexual orientation, finances, every granular detail of a person’s life, all logged, indexed, analyzed and cross-referenced. Then came the gathering of location and communication data. Cell phones, apps, metro cards, license plate readers and toll tags, credit card use, IP addresses and authenticated logins, tower info, router proximity, networked “things” everywhere reporting on activity and location, astoundingly accurate facial recognition mated with analytics and “gigapixel” cameras and, worst of all, mindlessly self-contributed posts, tweets, and “check-ins,” all constantly reporting a subject’s location 24-7-365, to such a degree of accuracy that “predictive profiling” knows where you will likely be next Thursday afternoon. Today we are experiencing constant efforts to shred anonymity. Forensic linguistics, browser fingerprinting, lifestyle and behavior analysis, metadata of all types, HTML5, IPv6, and daily emerging “advances” in surveillance technologies – some seemingly science fiction but real – are combining to make constant, mobile identification and absolute loss of anonymity inevitable. And, now, predictably, the final efforts to homogenize: the “siloing” and Balkanization of the Internet. As Internet use becomes more and more self-restricted to a few large providers, as users increasingly never leave the single ecosystem of a Facebook or a Google, as the massive firehose of information on the Internet is “curated” and “managed” by persons who believe that they know best what news and opinions you should have available to read, see, and believe, the bias of a few will eventually determine what you believe. What is propaganda? What is truth? You simply won’t know. In a tradition dating back to the first HOPE conference, for three full hours Steven Rambam will detail the latest trends in privacy invasion and will demonstrate cutting-edge anonymity-shredding surveillance technologies. Drones will fly, a “privacy victim” will undergo digital proctology, a Q&A period will be provided, and fun will be had by all.”

Stare Into The Lights My Pretties

“From Uber To Eric Schmidt, Tech Is Closer To the US Government Than You’d Think”

“Alphabet’s [Google] executive chairman, Eric Schmidt, recently joined a Department of Defense advisory panel. Facebook recently hired a former director at the U.S. military’s research lab, Darpa. Uber employs Barack Obama’s former campaign manager David Plouffe and Amazon.com tapped his former spokesman Jay Carney. Google, Facebook, Uber and Apple collectively employ a couple of dozen former analysts for America’s spy agencies, who openly list their resumes on LinkedIn.

These connections are neither new nor secret. But the fact they are so accepted illustrates how tech’s leaders — even amid current fights over encryption and surveillance — are still seen as mostly U.S. firms that back up American values. Christopher Soghoian, a technologist with the American Civil Liberties Union, said low-level employees’ government connections matter less than leading executives’ ties to government. For instance, at least a dozen Google engineers have worked at the NSA, according to publicly available records on LinkedIn. And, this being Silicon Valley, not everyone who worked for a spy agency advertises that on LinkedIn. Soghoian, a vocal critic of mass surveillance, said Google hiring an ex-hacker for the NSA to work on security doesn’t really bother him. “But Eric Schmidt having a close relationship with the White House does…”

Catalogue of US Government Surveillance Devices

The Intercept has obtained a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States.

The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before.

Slides of the catalogue available here, while a stylised version is available here.

How the CIA made Google… and WHY

Two articles from Medium by ‘Insurge Intelligence,’ a crowd-funded investigative journalism project, tell the story of how the United States intelligence community funded, nurtured and incubated Google as part of a drive to dominate the world through control of information. Seed-funded by the NSA and CIA, Google was merely the first among a plethora of private sector start-ups co-opted by US intelligence to retain ‘information superiority.’

By Nafeez Ahmed.

 

Part One: How the CIA made Google

“From inception, in other words, Google was incubated, nurtured and financed by interests that were directly affiliated or closely aligned with the US military intelligence community: many of whom were embedded in the Pentagon Highlands Forum.

The US intelligence community’s incubation of Google from inception occurred through a combination of direct sponsorship and informal networks of financial influence, themselves closely aligned with Pentagon interests.

The Highlands Forum itself has used the informal relationship building of such private networks to bring together defense and industry sectors, enabling the fusion of corporate and military interests in expanding the covert surveillance apparatus in the name of national security. The power wielded by the shadow network represented in the Forum can, however, be gauged most clearly from its impact during the Bush administration, when it played a direct role in literally writing the strategies and doctrines behind US efforts to achieve ‘information superiority.’”

Noting Google’s genesis with DARPA funding, the expansion of the empire today in the realm of Google’s actions with GeoEye and Keyhole; Boston Dynamics, DeepMind, Nest Labs, Dropcam, etc—the trajectory becomes clear.

 

Part Two: Why Google made the NSA

“Mass surveillance is about control. It’s promulgators may well claim, and even believe, that it is about control for the greater good, a control that is needed to keep a cap on disorder, to be fully vigilant to the next threat. But in a context of rampant political corruption, widening economic inequalities, and escalating resource stress due to climate change and energy volatility, mass surveillance can become a tool of power to merely perpetuate itself, at the public’s expense.

A major function of mass surveillance that is often overlooked is that of knowing the adversary to such an extent that they can be manipulated into defeat. The problem is that the adversary is not just terrorists. It’s you and me. To this day, the role of information warfare as propaganda has been in full swing, though systematically ignored by much of the media.

Here, INSURGE INTELLIGENCE exposes how the Pentagon Highlands Forum’s co-optation of tech giants like Google to pursue mass surveillance, has played a key role in secret efforts to manipulate the media as part of an information war against the American government, the American people, and the rest of the world: to justify endless war, and ceaseless military expansionism.”

Police set-up Sydney Muslims with post-seige raids, culture of fear

“About 2pm on Monday, December 15, Rebecca Kay took a phone call from NSW Police Counter-Terrorism.

The officer wondered if she could help police find an Islamic State flag. This was one of the demands of Man Haron Monis, the gunman holding 18 hostages at the Lindt cafe in Martin Place.

”And if they give him a flag he was going to exchange it for a hostage,” says Ms Kay, a convert to Islam who has become a prominent community member in western Sydney.

Ms Kay was one of several people contacted that afternoon, and she was only too willing to help.

”A lot of people in the Muslim community were devastated,” she says. “We were ready to jump – ‘just say how high’ – to help police prevent a tragedy.”

Ms Kay believes she called as many as 50 people, but finding an IS flag – or anyone willing to admit they had one – proved no easy task.

And soon her contacts started asking: “Are we being set up?”

”They were very suspicious,” she says. “Some accused me of being an informant.”

But she counselled that they should try to help.

And the officer kept calling back, “three or four times over the next hour to see if I had got an Islamic State flag or not. There was a sense of urgency that I get it and that I take it down to Bankstown police station, and they were going to put it in a patrol car, with the lights [flashing], and bring it to the city.”

Monis’s hostages recited his demands on Facebook and YouTube, as police worked to have them taken down. Hostage Julie Taylor, a barrister, said he would free five hostages if Prime Minister Tony Abbott called him to record a short conversation to be played on air. He would release two if the politicians told “the truth, which is that this is an attack by Islamic State against Australia”. And he would allow one to go if the flag were delivered.”

 
“In the end, Ms Kay says, police sourced their own flag. But then they told her it had been decided there would be no trade with Monis in any case.

By now she had burnt many bridges in her own community.

It got worse. About 2am the next morning – about the time of the deadly final shootout inside the Lindt cafe – NSW police searched the western Sydney home of one of the young men she had contacted. He had considered handing over his flag to Ms Kay but then thought, no, it was a trap.

”And so he then believed I did try to set him up,” she says.

The next morning, she was told, the Australian Federal Police raided the homes of another two men who had been contacted during the community’s urgent attempt to help save hostages.

“Obviously, they were listening to all our phone calls,” Ms Kay says.

“I want to be able to have dealings with police … but when it gets thrown back in your face, it sets us back two steps.”

Lawyer Zali Burrows, who represents some of the people who tried to help police, wonders: “Why didn’t they just print one out.” A laser printer could have produced the flag on cloth and they could have delivered it in half an hour, she says.

Lydia Shelly, a solicitor from the Muslim Legal Network, says: “Our overriding concern was with the safety of those innocent Australians being held against their will.”

Police would not respond to questions about the flag or whether they intended to allow Monis to display it to the world’s televisions and risk him winning the support of other extremists.

Ms Kay says there is nothing sinister about the flag that Islamic State has misappropriated. It depicts the prophet’s seal and “it’s a flag that Muslims should have. It’s not our fault that these barbarians have taken it as their flag.”

She says she would want to help police in another such crisis, but: “They’re not building trust. With this incident they have not built trust at all.

”You don’t understand the pressure cooker we’re in and the interference that the AFP and ASIO have, and the fear that they create, and how they stalk – and I can say stalk with confidence – members of our community and instil fear in their families and ostracise them from their workplace and the people they know, so they become paranoid and they don’t interact with anyone.”

”This is the kind of norm they’ve created here, where no one trusts anyone anymore.””

The Melbourne Apartment that spies on activists

“An inconspicuous Melbourne apartment block is home to a monitoring service that keeps watch on environment groups at the request of the federal government.

The National Open Source Intelligence Centre, a private intelligence company, works under contract for the Australian Federal Police and Federal Attorney-General’s Department to monitor activist websites, blogs, Facebook and Twitter to provide warning and analysis of protest activity.

It aims to provide law enforcement agencies and other private clients with internet monitoring and analysis directed at groups engaged in “radical activism, criminal (terrorist) activity or unlawful behaviour.”

Services provided by NOSIC include “issue monitoring,” “tactical intelligence,” “threat analysis” and “trend analysis and forecasting focus on emerging patterns and trends in activism.”

NOSIC has been engaged on contract by the AFP and the Attorney-General’s Department since at least 2003. From 2006 to 2008, it was paid $184,800.

In addition to its ongoing work for the federal agencies and state police, NOSIC also provides services relating to specific events…”

New datacentre for Australian spook agencies

“The Australian government has been building a state-of-the art, secret data storage facility just outside Canberra to enable intelligence agencies to deal with a ‘’data deluge’’ siphoned from the internet and global telecommunications networks.

The high-security facility nearing completion at the HMAS Harman communications base will support the operations of Australia’s signals intelligence agency, the top-secret Defence Signals Directorate.

Privately labelled by one Defence official as ‘’the new black vault’’, the data centre is one of the few visible manifestations of Australia’s deep involvement in mass surveillance and intelligence collection operations such as the US National Security Agency’s PRISM program revealed last week by US intelligence leaker Edward Snowden.

Fairfax Media has confirmed Australian intelligence agencies receive what Defence intelligence officials describe as ‘’huge volumes’’ of ‘’immensely valuable’’ information derived from PRISM and other US signals intelligence collection programs.

Australian agencies assist the US to target foreign nationals and Australian citizens who are of security and intelligence interest to both countries.”

Stare Into The Lights My Pretties

NSA Project TURBINE

“In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.

When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack.

The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.

Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.

What’s more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.”