Bulk data collection has cost industry foreign contracts, compromise user privacy
A new bill in the US Senate is being rushed through in an attempt to curtail NSA spying on Americans, and make federal agency requests for data more transparent ahead of the January takeover of the body by Republicans. The bill, known as the USA Freedom Act (S. 2685), has won the backing of the Consumer Electronics Association, the Information Technology Industry Council, the Internet Association and many of the major tech firms. Apple, Microsoft, Google and others, as members of the CEA, are pushing the Senate to pass the bill.
WTF, memory leak in Messages?
Today in the MacNN forums, Clinically Insane member "turtle777" was bashing their head against the wall trying to figure out why the Messages app seems to have sprung a memory leak which took up more than 50GB, and brought his iMac to a halt. Forum Regular "imdipped" was trying to figure out how to get rid of their Master Boot Record formatting, and do a clean install of Mavericks.
Missing language suggests Apple has received Patriot Act request
Apple's transparency report on governmental information requests has made a minor but significant change. Language saying that "Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us" has been completely removed from the latest version of the document, suggesting that Apple has now received a Patriot Act request, and is subject to a secret Foreign Intelligence Surveillance Court warrant and subsequent gag order.
Newly released documents shed light on 2008 FISC hearings
Reports have surfaced that search engine Yahoo (and possibly others) were threatened by the US government to comply with PRISM surveillance requirements, or face a $250,000 per day fine in 2008. While Yahoo fought the demand through the US Foreign Intelligence Surveillance Court of Review, it ultimately lost and complied with the order, which paved the way towards mass surveillance of Internet users.
Two-day Syrian Internet blackout blamed on failed NSA hack
The National Security Agency (NSA) was behind the two-day Internet blackout of Syria in 2012, claims whistleblower Edward Snowden. The accusation, alongside claims that the NSA is working on an automated malware killer, from Snowden comes at the same time as a separate report appearing to show the NSA collected far more information than was legally allowed.
Report claims three judges in FISA Court bought Verizon stock in the last year
Judges sitting on the Foreign Intelligence Surveillance Court (FISA Court) may not be entirely impartial, according to a report. A number of judges on FISA Court allegedly own stock in Verizon, one of the companies subject to NSA bulk surveillance orders issued by the court, with the report suggesting this could be considered as unethical behavior by judges in an important role.
Claims data could be used to glean state secrets
State-run China Central Television has called iOS 7's Frequent Locations function a "national security concern" in a noon broadcast, according to the Wall Street Journal. The report quoted researchers as saying that people with access to the underlying data could get a glimpse of the broader Chinese situation, or "even state secrets." Electronic security has become a sensitive topic for the Chinese government in the wake of leaks from Edward Snowden, revealing that the NSA is spying on Chinese leaders, and that American businesses have willingly or unwillingly provided the NSA with access to demanded data.
Director of National Intelligence report reveals number of surveillance requests in 2013
The Director of National Intelligence (DNI) has released a report, revealing a number of insights into the activities of the National Security Agency (NSA). The report, posted on Tumblr, comes as part of a DNI directive from August 2013, itself prompted by President Obama in June of the same year, with the report listing how many information requests and surveillance-related activities have been performed by the US government in the entirety of last year.
Tech companies declared 'pawns' of US government surveillance program
Chinese state media is calling for the country's government to penalize US technology companies for their alleged roles in the National Security Agency (NSA) surveillance row. The People's Daily and China Daily accuse companies including Google, Microsoft, Facebook, and Apple of helping the US government to monitor and threaten the security of users in China, asking for Beijing to "punish severely the pawns."
Hour-long special promises revelations, discovery about leaker, his process
NBC News anchor Brian Williams has interviewed NSA document leaker Edward Snowden in Russia. The former NSA contractor's first-ever American television interview will air in an hour-long NBC News primetime special on Wednesday, May 28 at 10PM ET.
Unanimous vote sends bill to House floor over NSA record collection, surveillance practices
The USA Freedom Act will make its way to the House of Representatives for vote after the House Judiciary Committee unanimously voted to approve the amended version, 32-0. If passed in the House, the act will require the NSA to acquire approval on a case-by-case basis via the FBI. The Foreign Intelligence Surveillance Court's approval would need to be given before any business or telephone records could be collected on a US resident.
Emails obtained show correspondence between NSA, Brin, Schmidt
A report has surfaced, potentially belying Google's claims of little if any contact with the US National Security Agency (NSA). Emails from June 2012 obtained by the Al-Jazeera news network purport that Google was frequently in contact with then-director of the NSA, General Keith Alexander.
Agency claims it didn't know of flaw until public disclosure
As reports of the severity of the Heartbleed OpenSSL bug has spread, so have the rumors. A report from Bloomberg has claimed that the US National Security Agency exploited the flaw for years. In its own defense, the NSA issued an unusually specific statement saying that not only did it not use the exploit, but it didn't even know about it until news of it went public a few days ago.
Huawei servers allegedly penetrated by NSA, possibility of hardware compromise
In an interesting reversal, Snowden-leaked documents are pointing to a pervasive infiltration of Chinese electronics manufacturer Huawei's servers. The NSA's "Operation Shotgiant" allegedly probed connections between Huawei and the Chinese army, but also aimed to attack technology manufactured by the company and use the compromised technology for worldwide surveillance.
Sysadmins, with the keys to networks, lynchpin of NSA plans
More Snowden document leaks have shed light on the US National Security Agency's initiative to compromise system administrators in its quest to gather intelligence on American citizens and potential enemies both foreign and domestic. The documents lay out the NSA's plan to build a network of system administrators, personnel associated with access to networks that the agency wants to implant spyware and other malware.
Meeting scheduled for 4PM, no specific attendees known
President Obama is slated to meet with Facebook CEO Mark Zuckerberg and undisclosed tech company executives later today, according to the White House schedule. On the agenda are further discussions with the executives about recent NSA revelations, and a continuation of the president's "dialogue with them on the issues of privacy, technology, and intelligence."
First Comcast transparency report details government requests for customer data
Comcast received a total of 24,698 requests for customer data from law enforcement officials in 2013, the company has revealed in its first transparency report. The telecommunications provider is joining a number of other technology companies, including competitor Verizon, in providing summary figures to reveal how much data the US government is requesting about its subscribers.
Chief defends Facebook initiatives to protect users from surveillance
Facebook's Chief Security Officer Joe Sullivan claims that the alleged NSA ability to intercept traffic to and from the social network and masquerade as an official Facebook server is "not viable." The executive pointed to the company's shift to SSL data encryption for all Facebook traffic last summer as the primary method of defense against intelligence-gathering agency surveillance.
NSA denies claims of far-reaching blanket spyware installation
As news has spread of the possibility that the US National Security Agency (NSA) was using wide-scale malware in its intelligence-gathering efforts, so have the responses. Over the last two days, Facebook founder Mark Zuckerberg has penned a harshly-worded response, including making a call to President Barack Obama. Additionally, the NSA has refuted the claim, saying that all it is doing is supporting "lawful and appropriate foreign intelligence operations" in accordance with US law.
NSA shifting from personal hack to 'industrial scale' widespread attacks
Recently-examined Snowden-leaked documents have shown that the NSA is looking at significantly growing its ability to install malware on a large scale, using automated systems and falsified websites. The documents detail efforts to fake a Facebook server, with the targeted population infected upon visitation of the spoof site.
Whistleblower addresses US cyber defense weakness, need for privacy
Despite US officials' protestations, NSA whistleblower Edward Snowden addressed a packed venue at SXSW today, by way of a Google Hangout routed through no less than seven proxies. In his hour-long moderated conversation, Snowden said that end-to-end encryption with readily-accessible tools are the keys to privacy. Additionally, he cited NSA leadership and intrusive surveillance as a reason for the onslaught of digital intrusion by hostile powers, caused by weakening of US cyber defenses.
Automated facial recognition performed on webcam stills by UK security agency
The British security intelligence agency GCHQ secured millions of photographs from webcams used with Yahoo's chat services, a report alleges. The agency is claimed to have captured and stored images from more than 1.8 million users in one six month period in 2008 alone, with the surveillance activities said to have continued from 2008 to 2010, though it is possible the program continued for years afterward.
No plan currently agreed upon, shutdown still possible
As directed by the Obama administration, a cadre of federal lawyers have developed a quartet of plans to restructure the National Security Agency (NSA) phone monitoring program. The proposals run the range from officially running operations through the telephone companies with full approval and support, all the way to completely shutting the program down, according to people familiar with the matter.
Agrees to measures requiring court approval for NSA metadata searches
The Foreign Intelligence Surveillance Court has given its approval to changes President Barack Obama has requested as part of a surveillance reforms speech last month. Two measures in the reforms have been accepted by the court, which will affect the way the National Security Agency (NSA) searches its phone records database in the future.
Denial of Service attacks employed against hacking groups by UK intelligence agency
A spy unit under the control of the United Kingdom's intelligence services was used to attack the Anonymous and LulzSec hacking groups, according to GCHQ documents leaked by Edward Snowden. The Government Communications Headquarters (GCHQ) used the unit to deploy distributed denial of service (DDOS) attacks against the groups, a similar strategy employed by the hackers themselves.
FISA requests detailed in agreement with US government
A group of tech companies have released more information about government requests from the NSA and other agencies for user information, as part of their transparency reporting programs. Google, Facebook, LinkedIn, Yahoo, and Microsoft have all posted more statistics online for these Foreign Intelligence Surveillance Act (FISA) requests, following an agreement between the companies and the US Department of Justice (DoJ).
Suggests third-party app networks may be entry point
Angry Birds developer Rovio has issued a new official statement, denying collaborating with the NSA, GCHQ, or any other government agency It emerged yesterday that the NSA and GCHQ have been using the "leaky" nature of some smartphone apps to collect data about individuals. Rovio suggests that the spy agencies may be gathering data from third-party ad networks without its consent. "If advertising networks are indeed targeted, it would appear that no internet-enabled device that visits ad-enabled web sites or uses ad-enabled applications is immune to such surveillance," the company comments.
NSA,GCHQ allegedly claimed to collect information on individuals from mobile advertising
Intelligence agencies in the United States and the United Kingdom are allegedly taking advantage of smartphone apps to collect a wealth of information about individuals, in new spying allegations. The National Security Agency (NSA) and the UK's Government Communications Headquarters (GCHQ) are able to use the "leaky" nature of popular mobile phone apps to extract information about an individual, according to new leaked documents.
Truth of statement difficult to verify
ABC has released another clip from its interview with Tim Cook and other Apple executives. In the new piece, Cook discuses the National Security Agency's domestic spying operations, and whether or not the agency has direct access to Apple servers, as it does at some other corporations like AT&T. "I've been pushing very, very hard to open the books and be totally transparent," he says. "Much of what has been said isn't true; there is no back door. The government doesn't have access to our servers. They would have to cart us out in a box for that. And that just will not happen. We feel that - strongly about it. But I do want to be transparent, because I think transparency would help put everything in perspective."
Collection programs such as Prism is illegal according to review board
An independent federal watchdog has decided that the National Security Agency's (NSA) phone call logging and collection activity is illegal. The Privacy and Civil Liberties Oversight Board advises that the call log collection provided "minimal" benefits to current counter-terrorism operations and should be stopped, in a 238-page report set to be released today.
Carrier receives over 1K national security letters
Amid increased scrutiny over privacy regulations, Verizon has released its first transparency report detailing the number and type of government requests for customer data. The carrier was asked to respond to over 320,000 requests from federal, state or local law-enforcement agencies in the US during 2013. Notably, nearly 1,500 of the requests resulted in wiretaps and between 1,000 and 2,000 National Security Letters were included in the numbers.
Collected data to be handed to third party, judicial findings required for access
The United States government will reform the way it uses surveillance data, President Barack Obama has announced. Addressing concerns over the National Security Agency (NSA) and the various programs employed to monitor potential threats, Obama outlined a number of changes in how the data will be accessed by security agencies as he attempts to ease the concerns of US citizens.
New program gathers data for trend analysis, profiling of selectees
The revelations of the NSA surveillance first broken by Edward Snowden continue. The NSA is accused of building the "Dishfire" surveillance network, which targets 200 million text messages per day for collection and analysis. Information collected by the program allegedly includes names, phone numbers, and images.
Says it has 'never worked with the NSA'
Apple has never worked to install backdoors in any of its products for the National Security Agency, and was unaware of a program specifically targeting the iPhone, the company claims in a new statement. Yesterday, German publication Der Spiegel revealed that the NSA has methods of gaining backdoor access to virtually any hardware. One program, codenamed "DROPOUTJEEP," involves planting software on an iPhone to track location, send and receive files, steal text messages, contact lists and voicemail, and even turn on the microphone and camera. Leaked documents from 2008 indicate that the NSA requires "close access," meaning physical access to an iPhone it wants to spy on.
German mag says NSA diverts retail orders to secretly add tracking software, devices
The National Security Agency (NSA) has the ability to bug computers and peripherals being shipped to customers from retail, says a new report allegedly laying out more of the agency's surveillance activities. Some orders for electronics can apparently get redirected to the Tailored Access Operations (TAO) group, run by the NSA, which can secretly add hardware devices and malware to the unit before resealing and forwarding it on to the customer.
RSA blog states no payment from NSA for number generator backdoor
RSA Security has struck out against claims that the company was paid by the National Security Agency (NSA) to sell flawed encryption software that was vulnerable to surveillance. A blog post states that it has never entered into a "secret contract" with the NSA, and that any collaboration between it and the agency has been openly publicized.
Agency pushes vulnerable encryption standard
The National Security Agency has been accused of paying computer-security company RSA $10 million to sell encryption software vulnerable to surveillance, unnamed sources have told Reuters. The agency's role in promoting a crackable encryption standard was exposed earlier this year in documents leaked by former NSA contractor Edward Snowden, however the latest report is the first to detail a formal contract and monetary compensation for compliance.
Meeting originally to have discussed both NSA and healthcare reform
Contrary to many media reports, the gathering of tech executives called to a meeting with President Obama were invited to weigh in on the US' digital surveillance policies and programs, and the topic dominated the two-hour meeting while still touching on other topics, such as the government's Healthcare.gov website and general Internet topics. The tech CEOs and representatives urged the government to adopt stricter rules over various NSA-related programs.
Surfing habits, location tracking claimed performed by security agencies
The National Security Agency (NSA) may have been using cookies from web advertisements in order to track individuals, according to a report. A PREF cookie, a unique identifier typically used in Google's advertising system, has apparently been used by the NSA alongside location data, in order to locate individuals of interest to the agency.
Agents infiltrate World of Warcraft
Eight tech giants, including industry competitors Apple, Google and Microsoft, have joined forces to demand reforms to the US government's surveillance tactics. In an open letter sent to President Barack Obama and members of Congress, the companies argue that current surveillance practices, as detailed in ongoing leaks from former National Security Agency staffer Edward Snowden, have created an imbalance "too far in favor of the state and away from the rights of the individual-rights that are enshrined in our Constitution."
Commission blasts US data-collection methods
The European Commission has called on the US to change its data-collection policies to "restore trust" that has been eroded by recent revelations detailing the National Security Agency's foreign spying programs. The Commission has outlined several recommendations, including an EU-US data protection "umbrella" agreement that would give European citizens the right to legally challenge the US government whenever their personal data is intercepted in the US.
Users will have more encryption options in Q1
Yahoo has announced plans to encrypt all information that moves between its data centers, in an attempt to prevent unauthorized access by the National Security Agency or other government agencies. The company is also preparing to add new encryption options for users, enabling all data to be encrypted on its way to and from Yahoo's servers.
Suggests Apple may be complying with PRISM
Apple's data on requests by law enforcement indicates that the company is relying on a practice known as a "warrant canary," ArsTechnica observes. The concept involves publishing a notice that a warrant hasn't been served, and simply omitting/pulling the notice if the opposite is true. This can be a way of getting around gag orders that prevent organizations from disclosing their compliance with government surveillance.
Search giant registers complaints with NSA, Obama
Google executive chairman Eric Schmidt has spoken out against the National Security Agency, arguing that spying activities on data centers are "outrageous" and "not OK," according to an interview with the Wall Street Journal (sub. required). The executive further suggests that collecting phone records on 320 million people in an attempt to identify "roughly 300 people" is also "bad public policy ... and perhaps illegal."
Spying scandal forces UK government to take caution with mobile devices
The British government is combating the overreaching electronic surveillance by intelligence agencies by banning tablets from closed door meetings, according to reports. A number of iPads used during a presentation to the Cabinet were allegedly seized shortly after it had concluded, for fear that they may be used to listen in on private and secret governmental conversations.
Possible acquisition of Vodafone a politically difficult feat
AT&T's plan to acquire a carrier and operate in Europe may have to be put on hold for a long time, thanks to the National Security Agency (NSA). The revelations of national and international surveillance by the agency is now forcing European officials to scrutinize any attempt by AT&T or any other carrier to purchase a mobile phone network on the continent.
Customers able to download data blocked after company shutdown
Encrypted e-mail service Lavabit has temporarily reopened, to allow customers to retrieve their stored data after the service's shutdown. Customers will be able to change their account password on the service for a 72-hour period starting at 7pm Central Time today, with personal account data being made available to download from Friday for a limited time.
Government considers banning information sharing
Luxembourg's data-protection commissioner has reportedly opened an investigation into connections between Skype and the National Security Agency's PRISM surveillance program, according to a Guardian report. The commissioner is said to be looking into potential violations of the country's data-protection and privacy laws, which could lead to fines or other sanctions.
Request to monitor e-mail escalated to threats of fines, jail time
Encrypted e-mail service Lavabit was pressured by the FBI to provide private SSL keys for all of its traffic, according to unsealed court documents that provide more details about the service's shutdown. The Texas e-mail provider's refusal to provide details about one specific account, believed to be that of NSA whistleblower Edward Snowden, forced the courts to threaten daily fines and possible imprisonment if it continued to disobey the FBI's order.
Laws would only offer more precision in reporting gov't. requests
Apple, Google, Microsoft, Facebook, and Yahoo are among the companies that have signed a new Center for Democracy and Technology letter asking the US Congress to pass Rep. Zoe Lofgren's (D-CA) Surveillance Order Reporting Act of 2013, and Sen. Al Franken's (D-MN) Surveillance Transparency Act of 2013. The bills were first introduced in August, and would let companies be more precise about when and how often they receive national security-related requests and hand data over to the government.