NSA has direct access to tech giants' systems for user data, secret files reveal

It's too bad that the poll didn't explore that issue. Some minds might have been blown. But as usual, polls tend to find whatever they're looking for. Because most people just don't think stuff through.

 

Maybe there's a selection bias at work. You could argue that genes associated with security and subservience stayed in the UK, while genes associated with privacy and independence left for the US. And yes, that's far too simplistic.

 

There's also various demographic and gender differences how much people care about privacy.

Most of all, there's the salience effect because this was conducted in the immediate aftermath of the London attack, which spookily led to Amber Rudd's comments against encryption - exactly the same as Cameron did after the Paris attacks.

 

Good point!

From http://www.reuters.com/article/us-usa-cyber-poll-idUSKBN1762TQ?rpc=401&

So arguably timing relative to "terrorist" attacks is a confounding variable.

 

"Hacker Group Releases Password To NSA's 'Top Secret Arsenal'..."

There's a lot of political stuff in the URL link below about the hacking group's (the Shadow Brokers) stated reasons for the release, but it is the most complete story of this security/intel-world event.

The bottom line is that: The Shadow Brokers have released The Password to the entire trove of hacking tools of The Equation Group, the NSA's own special-ops entity, that had been either hacked or leaked by an NSA insider. (The Shadow Group had originally been asking $568 million for the password.)

"Last August, the intel world was abuzz following the news that a previously unknown hacker collective, "The Shadow Brokers" had hacked and released legitimate hacking tools from the NSA's own special-ops entity, the "Equation Group", ...The Shadow Brokers released a bunch of the organization's hacking tools, and were asking for 1 million bitcoin (around $568 million at the time) to release more files, however failed to find a buyer...

Since then, the Shadow Broker group, whose origin and identity still remains a mystery, disappeared from the radar only to emerge today, when in an article posted on Medium,...released the password which grants access to what Edward Snowden moments ago called the NSA's "Top Secret arsenal of digital weapons."..

Even Edward Snowden got involved
NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.

— Edward Snowden https://twitter.com/Snowden?lang=en April 8, 2017...

Finally, as other hackers organizations confirm, the key released by the ShadowBrokers has been verified: ..."


http://www.zerohedge.com/news/2017-...sas-top-secret-arsenal-protest-trump-betrayal

 

"...Security researchers are still going through the files, but many of the exploits appear to be used for attacking older or little-used systems. And at least one guy thinks this leak might lead to the unmasking of the hackers:

…much here that NSA should be able to instantly identify where this set came from and how they lost it. If they can't, it's a scandal.
— Edward Snowden https://twitter.com/Snowden?lang=en April 8, 2017..."

https://techcrunch.com/2017/04/08/shadow-brokers-be-back/?ncid=rss

 

"...This second cache is quite fresh, and security researchers haven't had the time to search it in its entirety. As of now, we know of the following findings:

> A list of servers belonging to companies and universities from around the world, which the NSA allegedly hacked and used as staging points for deploying malware and launching attacks.
> The same list, but only the IPs
> A list of usernames and passwords used for tools and backdoor acconts
> The TOAST framework used to clean server logs and delete the NSA's tracks.
> Many tools for hacking *NIX systems, especially Solaris.
> A tool called ELECTRICSLIDE that impersonates a Chinese browser with fake Accept-Language.
> A new tool named PITCHIMPAIR used to hack into servers.
> An implant called SIDETRACK, used with PITCHIMPAIR.

https://www.bleepingcomputer.com/ne...rd-for-the-rest-the-stolen-nsa-hacking-tools/

 

https://www.thecipherbrief.com/arti...ent-disclose-company-cyber-security-gaps-1091

 

NSA, CIA, try Comodo or Bitdefender.

https://www.yahoo.com/tech/cia-thinks-antivirus-program-153301819.html

 

Snowden’s Box
http://harpers.org/archive/2017/05/snowdens-box/?single=1

I'm gobsmacked by that choice of return address. From "B Manning"? Only one digit off from his real address? I mean, aren't those obvious mistakes? Or at least, an odd sense of humor.

Maybe it was a test. Let's say that he in fact mailed the package anonymously. So its interception would arguably have told him that he was under close observation. But still, using "B Manning" seems like a confounder, even if a small one.

I'm guessing that he used different return addresses for the other two boxes. Controls for the test, as it were.

 

Besides the NSA, what other intelligence agencies will have access to this user data from giant hi tech companies? What does the NSA do with this data? They can't possibly retain all of it indefinitely; beyond a certain date, old data has to be deleted in order to store new data in their databases.

 

It does seem that the NSA shares. I've seen mention of CIA, FBI, DEA and DHS.

And yes, they can't retain all of it indefinitely. So they triage. Everything is retained for a few days. Stuff gets automatically prioritized, based on keywords etc, and whatever seems more important gets retained longer. All metadata (time, IP addresses, headers, and so on) are retained indefinitely. So is stuff that seems most important. I've read that all encrypted data (but not all HTTPS, obviously) are retained indefinitely.

 

No problem -- they just build more storage space

NSA's recently constructed Bluffdale, Utah facility:

"...NSA whistle-blower William Binney has put the capacity at 5 zettabytes of data storage — the equivalent of 1.25 trillion DVDs, according to Cisco Systems. Other estimates have ranged as high as 1 yottabyte, or 250 trillion DVDs..."

http://www.npr.org/sections/alltech...oting-up-new-nsa-data-farm-takes-root-in-utah

Fact is no one on the outside knows for sure, but rest assured it's huge.

"...Much has been written about just how much data that facility might hold, with estimates ranging from “yottabytes” (in Wired) to “5 zettabytes” (on NPR), a.k.a. words that you probably can’t pronounce that translate to “a lot.” A guide from Cisco explains that a yottabyte = 1,000 zettabytes = 1,000,000 exabytes = 1 billion pettabytes = 1 trillion terabytes. For some sense of scale, you would need just 400 terabytes to hold all of the books ever written in any language. Dana Priest at the Washington Post decided to go with a simpler, non-technical approximation, saying the million-square-foot facility will store 'oceans of bulk data...; ”

https://www.forbes.com/sites/kashmi...is-less-impressive-than-thought/#6dd670a27457

 

An interesting if long read.

https://forums.malwarebytes.com/topic/199426-nsa-hacking-window-os/?do=findComment&comment=1117456

 

I don't give a **** if they have direct access or not, the thing is that if they provier would really hold what they promise, then it wouldn't matter at all. We need more transparency when it comes to encryption.

People giving agencies too much credits they almost can't do anything with external help. It's not like in the movies .. giving them an IP and it takes second to crack the target. The real pervert thing is that providers like ISPs and companies are forced to work together with them (this needs to be changed by government), otherwise they wouldn't get that much data since it would be too many effort to crack - same goes with encryption if they use proper and known 'secure' encryption then the effort would be so high that mass surveillance wouldn't be possible .. or only on specific targets.

I also wouldn't give exploits or leaks like ShadowBroker too many credits, they getting mostly fixed asap. Like MS already did.

People should come down, there are so many negative press recently but no one really cares if a) the exploits are widely used b) not already fixed or still relevant at all due effort.

I remember when NSA/FBI tried to crack apple's encryption, they couldn't and are forced to ask CIA .. and two weeks later it was revealed that even CIA was forced to get external help from an university to crack one single target device ... story was about FDE. With next iOS update everything was fixed anyway. Time is here an important factor.


Also as long the question security vs privacy isn't answered we not need to blame each other (agencies <-> 'normal' people) since no one ever come with a final solution. So this is an endless discussion. And I can understand both sides even if I'm against 'spying'.

 

https://www.helpnetsecurity.com/2017/04/18/shadow-brokers-nsa-stuxnet-link/

 

http://securityaffairs.co/wordpress/58210/intelligence/cia-weeping-angel-guide.html

 

"N.S.A. Halts Collection of Americans’ Emails About Foreign Targets

WASHINGTON — The National Security Agency is stopping one of the most disputed forms of its warrantless surveillance program, one in which it collects Americans’ emails and texts to and from people overseas and that mention a foreigner under surveillance, according to officials familiar with the matter..."

https://www.nytimes.com/2017/04/28/us/politics/nsa-surveillance-terrorism-privacy.html?_r=0

 

Was reading that yesterday. Kinda weird.

 

Weird as in "Why Now?"

The Intercept has a fuller explanation:

https://theintercept.com/2017/04/28...d-americans-communications-without-a-warrant/

 

Seriously, you can't trust anything that the NSA says. It's prudent to assume that it intercepts all Internet traffic. And that it stores as much as it can, for as long as it can, focusing on what seems most important. I gather that everything is retained for a few days. Then it gets triaged, based on names, addresses, keywords, and so on. And what seems most important gets retained the longest. I get that metadata and encrypted stuff (but probably not all HTTPS) are retained indefinitely.

Also, I suspect that they honestly consider this to be their job, no matter what the damn civilians say. Because they're the professionals, who know better.

 

It sounds more like an acknowledgement of the chaff problem that Binney highlighted ages ago. Can't keep pace with the amount of false-positives, and diversion of attention from the important. Mind you, that hasn't stopped the empire building and increase in budgets & expenditure & power which was surely an insider objective.

 

"Newly revived lawsuit could reveal secrets of NSA surveillance program...

On Tuesday, the 4th U.S. Circuit Court of Appeals ruled 3-0 to revive a lawsuit brought by the Wikimedia Foundation — the nonprofit that operates Wikipedia — claiming that the NSA’s massive surveillance program is unconstitutional and invades people’s privacy. The case will now head back to Maryland court, and its impact could be enormous...

Not only will it likely reveal more about the secret NSA surveillance program, but it could also potentially end such surveillance...

In October 2015, a federal District of Maryland judge dismissed the case after ruling that Wikimedia and its fellow plaintiffs couldn’t prove that their communications had been captured by the NSA’s warrantless “Upstream” collection program, which involves vacuuming up people’s communications as they fly through internet cables, switches, and routers.

But the judges of the 4th Circuit found that the NSA has probably seized at least some of Wikimedia’s communications without a warrant, due to both the sheer volume of its communications and the fact that its users span the globe — meaning Wikimedia can continue to sue the NSA for violating the 4th Amendment..."

https://news.vice.com/story/newly-r...ld-reveal-secrets-of-nsa-surveillance-program

 

Cool

 

The issue of standing (and lack of it) brings the law into disrepute in my opinion - precisely because of the secret Catch 22 aspect, so this judgement is a slight step forward (but did not apply to Amnesty who were co-plaintiffs).