Category Archives: Privacy

InSecurityWatch: Nukes, hacks, cops, zones


Today’s compendium of security woes open with two stories about America’s nuclear arsenal and the folks charged with its oversight.

First up, via the Associated Press, merely the latest instance of a phenomenon all too common these days, given that earlier this year similar cheats were exposed amongst Air Force officers overseeing nuclear missiles:

Navy kicks out 34 for nuke cheating

At least 34 sailors are being kicked out of the Navy for their roles in a cheating ring that operated undetected for at least seven years at a nuclear power training site, and 10 others are under criminal investigation, the admiral in charge of the Navy’s nuclear reactors program told The Associated Press.

The number of accused and the duration of cheating are greater than was known when the Navy announced in February that it had discovered cheating on qualification exams by an estimated 20 to 30 sailors seeking to be certified as instructors at the nuclear training unit at Charleston, South Carolina. Students there are trained in nuclear reactor operations to prepare for service on any of the Navy’s 83 nuclear-powered submarines and aircraft carriers.

Neither the instructors nor the students are involved in handling nuclear weapons.

After further investigation the Navy determined that 78 enlisted sailors were implicated. Although the cheating is believed to have been confined to a single unit at Charleston and apparently was not known to commanding officers, the misconduct had been happening since at least 2007, according to Adm. John M. Richardson, director of naval reactors. The exact start of the cheating was not pinpointed.

From the Associated Press again, nuclear spooks:

Former lab worker sentenced in nuke secrets plot

A former Los Alamos National Laboratory contractor has been sentenced to a year and a day in prison for conspiring with her physicist husband to sell nuclear secrets.

The Justice Department on Wednesday announced the sentencing of 71-year-old Marjorie Roxby Mascheroni, who pleaded guilty to charges accusing the couple of plotting to communicate classified nuclear weapons data to an undercover agent who they thought was a Venezuelan government official.

Her husband, 79-year-old Pedro Leonardo Mascheroni, has also pleaded guilty in the case and is in federal custody pending his sentencing. He was a scientist at the lab from 1979 to 1988. She did technical writing and editing from 1981 to 2010. Prosecutors say both held security clearances that allowed them access to certain classified information and restricted data.

Defense One covers up:

Yet Again, CIA is Concealing Information Americans Should See

Once again, the CIA is concealing information that Americans have a right to know, and once again President Obama should ensure its release.

The Senate Select Committee on Intelligence is set to release a landmark report on the CIA’s post-9/11 torture program. But Obama allowed the CIA to oversee redactions, and it predictably went to town with the black marker. According to committee Chair Dianne Feinstein, D-Calif., the redactions “eliminate or obscure key facts that support the report’s findings and conclusions.”

From The Intercept, seriously surreal:

U.S. Military Bans The Intercept

The U.S. military is banning and blocking employees from visiting The Intercept in an apparent effort to censor news reports that contain leaked government secrets.

According to multiple military sources, a notice has been circulated to units within the Army, Navy, Air Force, and Marine Corps warning staff that they are prohibited from reading stories published by The Intercept on the grounds that they may contain classified information. The ban appears to apply to all employees—including those with top-secret security clearance—and is aimed at preventing classified information from being viewed on unclassified computer networks, even if it is freely available on the internet. Similar military-wide bans have been directed against news outlets in the past after leaks of classified information.

A directive issued to military staff at one location last week, obtained by The Intercept, threatens that any employees caught viewing classified material in the public domain will face “long term security issues.” It suggests that the call to prohibit employees from viewing the website was made by senior officials over concerns about a “potential new leaker” of secret documents.

From the Guardian, does that include begonias?:

US police given billions from Homeland Security for ‘tactical’ equipment

  • With little oversight, federal agency awarded billions to local police for spending on drones, drugs, vehicles and ‘animals and plants’, among eligible purchases

Billions of federal dollars have been spent since September 11 on purchasing modern and often military-grade equipment for state and local police. But there is little that limits the use of that hardware to counter-terrorism purposes, and oversight of the spending is difficult, according to federal sources and documents reviewed by the Guardian.

In the wake of the Ferguson protests, much attention has gone to the Department of Defense’s program to supply surplus military equipment to police. But that program is eclipsed in size and scope by grant money from the Department of Homeland Security (DHS), which enables purchases of similar “tactical” equipment.

Under existing federal requirements, police departments and state law enforcement agencies do not need to spend much of that money on preventing terrorism or preparing for disaster relief.

The Wire covers a benching:

ACLU: Officer Who Threatened to ‘F*cking Kill’ Ferguson Protesters Taken Off Duty

A Ferguson Police officer who threatened to kill protesters has been taken off duty after a complaint from the Missouri ACLU, the organization announced Wednesday.

The organization tweeted, “SUCCESS! In response to our letter, officer who threatened to kill #Ferguson protesters has been removed from duty,” soon after posting a copy of a letter addressed to the Missouri State Highway Patrol. The ACLU’s Vanita Gupta tweeted “Highway patrol called. They identified the cop. He will no longer be in ferguson.”

In a letter sent Wednesday, the ACLU called on the Missouri Highway Patrol to “identify and remove” an officer featured in the video below. In the video, the officer points a gun protesters and says he’ll “fucking kill” one man. When asked what his name is, he replies “Go fuck yourself.” While Ferguson protests have had “tense moments,” the ACLU argues that the officer’s behavior was “from start to finish wholly unacceptable.”

From the Christian Science Monitor, another containment effort:

After Foley murder, an effort to stamp out jihadi Twitter accounts

The jihad group IS videotaped its murder of American journalist James Foley as a propaganda exercise, fueling a debate over when and how often such groups should be censored on social media sites.

The gruesome murder of American journalist James Foley yesterday was an opportunity for the self-styled Islamic State (IS) to put on a propaganda show. The jihadi group uploaded video of the killing to YouTube and Vimeo and its social media team bombarded Twitter – including targeting journalists and others who closely follow the war in Syria and Iraq – with the links.

Within minutes YouTube deleted the original post and Twitter was not far behind, announcing it would suspend accounts spreading the distressing video. But by that time the clip had multiplied. Users posted slightly different versions to evade detection – YouTube has an algorithm that prevents re-uploads. By Tuesday evening, dozens of copies of the footage could be found with just a simple web search.

As social media sites fought to shut them down, the online followers of IS reveled in the butchery of a hostage and called for more, part of the point of the exercise for the group. Social media has become an important fund-raising and recruitment tool for them. While to most people the murder was nihilistic and repugnant, for would-be internet mujahideen it was a moment of celebration.

PandoDaily catches a contradiction:

Twitter suspends users that share graphic James Foley images — Unless you’re a New York tabloid

Twitter CEO Dick Costolo announced a new policy, tweeting, “We have been and are actively suspending accounts as we discover them related to this graphic imagery.” But far from setting this controversy to rest, Costolo’s announcement has only sparked a greater debate over a social network’s responsibility when it comes to policing graphic imagery posted by users.

For example, Costolo’s tweet seems clear enough — post images of Foley’s beheading and you will be suspended. And yet accounts belonging to the New York Post and the New York Daily News, which both tweeted out today’s front pages depicting what by any standards is “graphic imagery” of Foley, are still chugging along.

A Twitter spokesperson told Business Insider that these accounts would not be suspended, arguing that, depending on a user’s media settings, at least one of the tweets included a warning in place of the photo. But not all users saw that warning, and in any case, letting these accounts off the hook because (presumably — Twitter would not comment on this) they belong to major media organizations, directly contradicts Costolo’s tweet, which didn’t leave much room for interpretation. Making matters even worse, Twitter even suggested the Post’s tweet to one user who didn’t even follow the New York tabloid.

From the Toronto Globe and Mail, numbers to the north:

Spy agency intercepted, kept communications of 66 Canadians

Canada’s electronic security agency intercepted and retained the communications of 66 citizens during its spying on foreigners last year in actions that were taken without a judicial warrant or a court order.

That level of detail on the activities of Communications Security Establishment Canada (CSEC), disclosed in a report issued on Wednesday by its watchdog commissioner, had never before released by the Canadian government.

Nor has such information been divulged by other allied intelligence agencies, observers say.

“All of the activities of CSEC reviewed in 2013-2014 complied with the law,” Commissioner Jean-Pierre Plouffe wrote in his annual report.

Via SecurityWeek, Se habla español:

‘Machete’ Cyber Espionage Attacks Target Spanish-Speaking Countries

  • Researchers have identified a cyber-espionage campaign focused on Spanish-speaking countries.

Researchers at Kaspersky Lab have dubbed the attack ‘Machete.’ It is believed the attack campaign started in 2010 and was renewed in 2012 with an improved infrastructure.

“Some time ago, a Kaspersky Lab customer in Latin America contacted us to say he had visited China and suspected his machine was infected with an unknown, undetected malware,” Kaspersky Lab’s Global Research and Analysis Team explained in a blog post. “While assisting the customer, we found a very interesting file in the system that is completely unrelated to China and contained no Chinese coding traces. At first look, it pretends to be a Java related application but after a quick analysis, it was obvious this was something more than just a simple Java file. It was a targeted attack we are calling “Machete”.”

The malware at the center of attacks is capable of a number of actions, including logging keystrokes, capturing audio and screenshots, taking photos from the victim’s webcam and capturing geo-location data. The malware can also copy files to a USB device if inserted, and can also copy files to a remote server. In addition, it can hijack the clipboard and capture information from the target machine.

From TheLocal.se, is should come as no surprise:

Top ministers count cost of ‘less secure world’

Foreign and Finance Ministers Carl Bildt and Anders Borg held a press conference on Wednesday to discuss how Sweden was being affected by a “less secure” world, and how it would foot the bill for a growing influx of refugees.

“Things are changing and we’re heading towards a much less secure world,” Bildt told reporters at Stockholm’s government offices on Wednesday.

“We have a lot more of Sweden in the world today, and a lot more of the world in Sweden.”

From Wired threat level, does it make you feel more secure?:

Researchers Easily Slipped Weapons Past TSA’s X-Ray Body Scanners

Two years ago, a blogger named Jonathan Corbett published a YouTube video that seemed to show a facepalm-worthy vulnerability in the TSA’s Rapiscan full-body X-ray scanners: Because metal detected by the scanners appeared black in the images they created, he claimed that any passenger could hide a weapon on the side of his or her body to render it invisible against the scans’ black background. The TSA dismissed Corbett’s findings, and even called reporters to caution them not to cover his video.

Now a team of security researchers from the University of California at San Diego, the University of Michigan, and Johns Hopkins plans to reveal their own results from months of testing that same model of scanner. And not only did they find that Corbett’s weapon-hiding tactic worked; they also found that they could pull off a disturbing list of other possible tricks, such as using teflon tape to conceal weapons against someone’s spine, installing malware on the scanner’s console that spoofed scans, or simply molding plastic explosives around a person’s body to make it nearly indistinguishable from flesh in the machine’s images.

From the London Telegraph, ditto:

Innocent couple branded shoplifters in CCTV release

  • Police in Devon apologise for airing a ‘caught on camera’ CCTV photograph which told the public to report any sightings of a couple who had done nothing wrong

An innocent young couple found themselves wrongly accused of shoplifting after bungling police issued a CCTV ‘wanted’ photograph of the pair to the public.

CCTV shots of Charlotte and James Cozens shopping in their local Boots with their three-year-old son were sent to the media as part of a “caught on camera” appeal.

They were accompanied by a description of the pair and details of how they stashed stolen goods in their toddler’s pushchair.

After the jumps, the latest from the Asian Games of Zones, including Afghan anxieties, escalating Pakistani tensions, Thai coup consolidation, trouble in Thibet, trash talk in Pyongyang, lecturing Tokyo, and Japanese eyes in the sky. . . Continue reading

InSecurityWatch: Cops, hacks, spooks, busts, zones


Lots going on in the realms of spies, lies, media, and that constantly shifting and increasingly inflammatory Asian Game of Zones.

buzzfeed covers an intelligence failure:

White House “Did Not Know” National Guard Was Being Deployed In Ferguson

Missouri Gov. Jay Nixon called the National Guard to Ferguson late Sunday without letting the White House know first.

“Folks didn’t know,” an administration official told BuzzFeed Monday. “The White House did not know they were sending it in.”

Nixon gave “no heads-up,” the official said.

From The Wire, and we hope that headline’s not literal:

Pentagon Fires Back At Critics of ‘Police Militarization’ Program

The Pentagon on Tuesday mounted a vigorous defense of the surplus military equipment transfer program that has drawn criticism following the police crackdown in Ferguson, Missouri.

The Defense Department’s chief spokesman, John Kirby, told reporters during a briefing that the 1033 program was not “some program run amok,” despite images of heavily armored officers in Ferguson that have fed concerns about the “militarization” of local law enforcement.

Congress created the program in 1990 to allow police departments to apply for free transfers of excess military equipment as local authorities sought to beef up security to combat drug gangs. Transfers have increased as the Pentagon wound down the wars in Iraq and Afghanistan.

Vocativ militarizes the neighborhood schools:

Back to School: Make Sure You Pack Your AR-15, Honey

  • If Compton schools were hoping to dispel stereotypes about their area, allowing school police to pack assault weapons is not the way

School’s back in session next week, and the campus police in Compton are packing more heat than ever. That’s not a reference to the hot drought California has faced in 2014—we’re talking guns. Specifically: controversial AR-15 semi-automatic rifles, approved for use on school campuses to prevent future gun rampages.

“This is our objective—save lives, bottom line,” Compton Unified Police Chief William Wu told the city’s school board. The board has been told that select campus police officers will be allowed buy the rifles and keep them in their cars, in case of a mass shooting incident or terrorist attack.

On to the spooky front with Deutsche Welle:

Binney: ‘The NSA’s main motives: power and money’

  • Whistleblower William Binney recently made headlines when he told the German parliament that the NSA, his former employer, had become “totalitarian.” DW spoke to him about NSA overrreach and the agency’s power.

DW: In your testimony, you described the NSA as “totalitarian,” and many commentators say that Germany’s Stasi history has made the country more sensitive to NSA revelations. But others have suggested this comparison is too easy. After all, the Stasi also targeted intellectuals and general writers opposed to the East German regime.

Binney: Sure, they haven’t gone that far yet, but they tried to shut down newspaper reporters like Jim Risen [who is fighting legal action by the Department of Justice to testify against an alleged source - the eds.]. Look at the NDAA Section 1021, that gave President Obama the ability to define someone as a terrorist threat and have the military incarcerate them indefinitely without due process. That’s the same as the special order 48 issued in 1933 by the Nazis, [the so-called Reichstag Fire Decree]. Read that – it says exactly the same thing.

These were totalitarian processes that were instituted. And it’s not just us – it’s happening around the world. Totalitarianism comes in the form first of knowledge of people and what they’re doing, and then it starts to transition into using that power against people. That’s what’s happening – in terms of newspaper reporters, in terms of crimes. That’s a direct violation of our constitution.

TechWeekEurope covers a digital Baedecker:

GCHQ Is Mapping Open TCP Ports Across Whole Countries

  • The reconnaissance operation codenamed ‘Hacienda’ supplies the agency with some of the information needed to compromise systems

German journalists and academics have criticised Britain’s intelligence service GCHQ for scanning servers round the world, and maintaining a database of open ports which could be used in attacks.

British intelligence agency GCHQ has been cataloguing open TCP ports across entire countries as part of a secret programme codenamed ‘Hacienda’, reports German publication Heise Online.

The database resulting from the scans is used in other GCHQ surveillance projects and shared with the rest of the Five Eyes – the US, Canada, Australia and New Zealand – using the secure MAILORDER transport protocol.

An open port can enable the attackers to identify services that are running on a server with the view to compromise it. According to Heise, Hacienda targeted 32 countries since 2009, and has completely mapped ports of at least 27.

From  Nextgox, and significant:

Exclusive: Nuke Regulator Hacked by Suspected Foreign Powers

Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation.

One incident involved emails sent to about 215 NRC employees in “a logon-credential harvesting attempt,” according to an inspector general report Nextgov obtained through an open-records request.

The phishing emails baited personnel by asking them to verify their user accounts by clicking a link and logging in. The link really took victims to “a cloud-based Google spreadsheet.”

From the Guardian, domestic espionage:

25 Turkish police officers arrested amid Erdogan wiretapping scandal

  • Swoop in cities including Istanbul and Izmir during investigation linked to government corruption claims

Twenty-five police officers have been arrested by Turkish authorities in the latest nationwide swoop to detain suspects alleged to have illegally wiretapped key government figures, including the prime minister, Recep Tayyip Erdogan, reports said.

Police carried out raids in 12 cities, including Istanbul and Izmir, as part of an investigation into allegations of espionage and illegal wiretapping, the private Dog(an news agency reported.

The swoop on Tuesday was the third such roundup since July in a probe that has resulted in dozens of arrests and raised tensions as Erdog(an prepares for his inauguration as president on 28 August.

From intelNews, evoking suspicions of Mossad?:

‘Sensitive files’ stolen as Saudi motorcade is ambushed in Paris

A 12-vehicle entourage transporting a Saudi royal to a Paris airport was ambushed on Monday in cinematic fashion by heavily armed men, who stole a suitcase full of cash and diplomatic files described as “sensitive”.

French police are trying to determine whether the ambush, which occurred on Monday evening just north of downtown Paris, was aimed at the money or the documents, which French newspaper Le Parisien described as “sensitive”. According to French police, the Saudi motorcade was heading from the renowned Four Seasons George V hotel on the Champs Elysées to Le Bourget airport, 15 miles north of Paris, which handles private jets. But as the convoy drove through Porte de la Chapelle, two BMWs without license tags suddenly made their way to the top of the motorcade and forced it to stop.

Within seconds, eight heavily armed men brandishing handguns and AK-47s stormed out of the two cars and hijacked a Mercedes minivan that was part of the motorcade. Several of them boarded the vehicle and drove away, taking with them its three occupants, a driver, a bodyguard and another official. Later on, the three hostages were abandoned by the side of the road. The minivan, as well as one of the two BMWs used by the armed assailants, were later found burnt out in the village of Saint-Mesmes, northeast of the French capital. But the thieves took with them a suitcase containing €250,000 ($330,000) in cash, as well as what the French press said were “important diplomatic documents”.

Deutsche Welle covers spooky journalistic blowback:

BND head to discuss Spiegel report with top Turkey spy

The German and Turkish intelligence heads will meet to discuss reports that Berlin routinely spied on its NATO partner. On Monday, Turkey’s Foreign Ministry summoned the German ambassador in Ankara, Eberhard Pohl.

Turkey’s state-run news agency Anadolu reported that the chiefs of the two countries’ spy agencies had agreed to meet after Turkey’s Ahmet Davutoglu spoke by phone with Frank-Walter Steinmeier, his German counterpart, whose office confirmed that the two foreign ministers engaged in a “long talk.”

A spokeswoman for Germany’s foreign intelligence agency, the BND, would neither confirm nor deny the meeting to news agencies on Tuesday.

Turkish officials have demanded an explanation after news magazine Der Spiegel reported that Germany had repeatedly eavesdropped on officials from the country. Anakara called the spying “unacceptable.”

From MIT Technology Review, a red light alert:

Researchers Hack Into Michigan’s Traffic Lights

  • Security flaws in a system of networked stoplights point to looming problems with an increasingly connected infrastructure.

With permission from a local road agency, researchers in Michigan hacked into nearly 100 wirelessly networked traffic lights, highlighting security issues that they say are likely to pervade networked traffic infrastructure around the country. More than 40 states currently use such systems to keep traffic flowing as efficiently as possible, helping to reduce emissions and delays.

The team, led by University of Michigan computer scientist J. Alex Halderman, found three major weaknesses in the traffic light system: unencrypted wireless connections, the use of default usernames and passwords that could be found online, and a debugging port that is easy to attack.

“The vulnerabilities we discover in the infrastructure are not a fault of any one device or design choice, but rather show a systemic lack of security consciousness,” the researchers report in a paper they’re presenting this week at a computer security conference. They did not disclose exactly where in Michigan they did the research.

Network World takes wing:

Senator questions airlines’ data privacy practices

A senior U.S. senator is asking airlines about their data privacy practices, saying he’s concerned about what information the companies are collecting and sharing with third parties.

Some consumer advocates have raised concerns that airline privacy policies “can contain substantial caveats and that it is difficult for consumers to learn what information airlines and others in the travel sector are collecting, keeping, and sharing about them,” Senator John “Jay” Rockefeller, a West Virginia Democrat, wrote in a letter to 10 U.S. airlines Monday.

The airlines receiving the letters included United Airlines, Delta Air Lines, American Airlines and Southwest Airlines. Airlines contacted about Rockefeller’s letter didn’t immediately respond to requests for comments.

From the Los Angeles Times, security for conspicuous consumers:

New Corvette will record every move a valet driver makes

  • Attention valet drivers: Don’t get frisky with the 2015 Chevrolet Corvette — big brother is watching.

General Motors is offering next year’s model of the famous sport coupe with a data recorder that captures video, audio and driving data from the vehicle when switched into a special “Valet Mode.”

Valet Mode is displayed on the touchscreen panel of the 2015 Corvette. Data and video can be viewed instantly by the owner on the screen when the car is parked, or it can be downloaded to a computer. (GM / Associated Press)

The Vette’s owner can come back from dinner and check out if the valet was testing the sports car’s 3.8 second zero to 60 mph time. The car will have recorded data such as speed, engine RPM, which gears have been used and the highest level of g-force incurred on that joy ride to the parking garage.

EUobserver covers critique:

EU justice chief criticises Google on ‘right to be forgotten’

The EU’s justice commissioner has accused internet giant Google of leading a campaign to shoot down data protection reforms.

Speaking in Lyon, France on Monday (18 August), the commissioner, Martine Reicherts, said: “Google and other affected companies who complain loudly” about a recent EU court verdict on personal data are “detractors … attempting to throw a new spanner in the works”.

The Luxembourg-based EU court in May ruled that Google must remove links to any content that is “inadequate, irrelevant or no longer relevant” or face a fine.

From Deutsche Welle, with a suggestion that they try American police departments:

Uncertain outlook for German arms industry

  • German tanks, submarines and weapons are in high demand. They’re exported to Israel despite the war in Gaza, and Kurdish fighters would also welcome a shipment. Yet the defense industry is worried about its future.

When trade unions look to politicians for help, they’re generally hoping for backing in the fight against managers planning job cuts. But when workers’ representatives from the German arms industry met at the Ministry for Economic Affairs on Tuesday, it was for a very different cause.

In this case, it’s the minister of economic affairs himself, Sigmar Gabriel, who is putting their jobs at risk by approving fewer and fewer German arms shipments to worldwide customers. In a letter sent to Gabriel in July, the unionists said that the minister’s decisions were threatening the very existence of a number of corporations in the security and defense industry.

Ernst-August Kiel, an employee representative with ThyssenKrupp Marine Systems, said after the meeting with Gabriel that they’d debated some “dicey deals,” involving thinner order books and fewer follow-up orders.

And from Sky News, semantics rebooting on the ground:

Exclusive: US Recruits Iraq Security ‘Advisers’

  • The US Army looks to beef up its ‘Office of Security Assistance’, despite Barack Obama ruling out sending troops back to Iraq.

Barack Obama may have ruled out sending “boots on the ground” back to Iraq but in the face of a growing threat from the Islamic State (IS), the Pentagon appears to have hit upon a way to get them back in by the back door.

The US Army’s Contracting Command has issued a tender notice for companies capable of deploying security assistance mentors and advisers in Iraq.

These individuals would be required for a 12-month contract, potentially extendable to a total of 36 months.

After the jump, that latest from the Asian Games of Zones — including Indo-Pakistani tensions rising, Pakistani protests, an Aussie/Malaysian rift abated and terrorism foiled in Malaysia, a high-level Taiwanese security sacking, Chinese border and terror strategems, Japanese armaments move, Shinzo Abe’s militarism redux, Japanese Korean fears, semantic riffs, and a Nazi pasta invasion. . . Continue reading

InSecurityWatch: Cops, Assange, Taps, Zones


Straight to it, first with the unsurprising from Defense One:

Congress Is Not Canceling the Pentagon-to-Police Weapons Program Anytime Soon

Rep. John Conyers, the House Judiciary Committee’s top Democrat, and two of his Democratic colleagues are asking committee Chairman Bob Goodlatte to convene hearings on the militarization of police forces. And Democratic Rep. Hank Johnson of Georgia said Thursday he will introduce a bill that would limit the kinds of military equipment local police forces can acquire.

Libertarian-leaning Republicans are joining the chorus as well. Republican Sen. Rand Paul penned a piece for Time protesting the “cartoonish imbalance between the equipment some police departments possess and the constituents they serve,” and Republican Rep. Justin Amash of Michigan spoke out against police militarization via Twitter as well.

The response from congressional Republican leadership, however, has been measured or nonexistent, suggesting the issue is unlikely to make the agenda when Congress returns from recess in September. And even if it does, the program that connects police forces to military equipment has well-placed defenders in Congress.

TPM Livewire covers a First Amendment crackdown:

Three More Journalists Detained In Ferguson

Relations between police in Ferguson, Mo. and members of the media covering protests against law enforcement there broke down again Sunday night.

Echoing the arrests of the Huffington Post’s Ryan Reilly and the Washington Post’s Wesley Lowery earlier this week, three reporters said they were briefly handcuffed and detained by police. Other reporters said officers threatened them with mace, while one radio reporter caught an officer’s threat to shoot him on tape.

Three journalists — Neil Munshi of the Financial Times, Robert Klemko of Sports Illustrated and Rob Crilly of the Telegraph — tweeted that they were briefly detained and handcuffed by Missouri highway police Capt. Ron Johnson. Munshi emphasized that the three of them were held by police but were not arrested.

From the Guardian, the harsh reality of Hope™ and Change™:

James Risen calls Obama ‘greatest enemy of press freedom in a generation’

  • Journalist refuses to reveal source of story about CIA operation
  • President’s support for press freedom called ‘hypocritical’

The New York Times reporter James Risen, who faces jail over his refusal to reveal a source and testify against a former CIA agent accused of leaking secrets, has called President Barack Obama “the greatest enemy of press freedom in a generation”.

Speaking to his colleague Maureen Dowd, Risen accused the president of aggressively pursuing journalists, including himself, who report sensitive stories that reflect poorly on the US government.

Risen faces jail over his reporting of a botched intelligence operation that ended up spilling nuclear secrets to Iran. The Justice Department has long been seeking to force him to testify and name the confidential source of the account, which is contained in his 2006 book State of War.

From Techdirt, more of that good ol’ Hope™ and Change™:

Government’s Response To Snowden? Strip 100,000 Potential Whistleblowers Of Their Security Clearances

  • from the surface-issues-neutralized.-underlying-causes-unaddressed. dept

Snowden just re-upped for three years in picturesque Russia, a land best known for not being a US military prison. Not exactly ideal, but under the circumstances, not entirely terrible. The government knows where Snowden is (more or less) and many officials have a pretty good idea what they’d like to do to him if he returns, but the NSA is still largely operating on speculation when it comes to what documents Snowden took.

But they do have someone looking into this. The government has tried to assess the damage posed by Snowden’s leaks, but so far all it has come up with is vague proclamations that the released have caused grave and exceptional damage to US security and an even vaguer CIA report claiming that a bunch of documents Snowden theoretically has in his possession might severely harm the US if a) they are released and b) they exist.

The Associated Press complains of buggery:

Turkey calls German ambassador over spying claims

Turkey’s Foreign Ministry says the German ambassador has been summoned for talks over reports that Germany’s foreign intelligence agency had eavesdropped on conversations between officials in the U.S. and Turkey, both NATO allies.

German magazine Der Spiegel reported Saturday that the agency, known by its German acronym BND, had listened to calls made by U.S. Secretary of State John Kerry and his predecessor Hillary Clinton. It also cited a confidential 2009 BND document listing Turkey as a target for German intelligence gathering.

A Foreign Ministry official said Monday the ambassador was summoned to “discuss” the report.

Peter J. Espina of China’s state-published Global Times offered his take on a certain irony of German “unintentional” eavesdropping on calls by John Kerr and Hillary Clinton:

BLOG Spooky

More from Der Spiegel:

Targeting Turkey: How Germany Spies on Its Friends

For years, the BND has intercepted satellite telephone conversations from its listening station in Bad Aibling in Bavaria in order to obtain knowledge of the Islamist terrorist scene. But intelligence sources now say that US office holders have also fallen into the BND’s crosshairs while making satellite telephone calls from airplanes. Sources described it as a kind of unintentional “by-catch”.

That’s how Clinton got caught in the BND’s net in 2012. The former secretary of state had telephoned with former United Nations Secretary General Kofi Annan. At the time, he was serving as the joint UN-Arab League special envoy for the Syrian crisis. Annan had just left the latest negotiations in Syria and wanted to provide Clinton with an update.

Following protocol, staff at BND headquarters prepared a several-page-long transcript of the conversation and passed it along to senior agency officials. They in turn ordered that the transcript be destroyed. Sources say that the document was not forwarded to Merkel’s Chancellery.

But the person tasked with destroying the transcript was Markus R., an employee in the agency’s Areas of Operations/Foreign Relations department, who also turns out to be the same man recently accused of serving as an agent for the Americans.

And still more from Deutsche Welle:

German surveillance upsets Turkish trust

Germany’s surveillance of Turkey has damaged the trust between the two nations, Turkish experts say. An apology would be appropriate, they argue – but they don’t really expect one.

It took two days before the Turkish government reacted to the news that Germany’s Bundesnachrichtendienst (BND), the country’s foreign intelligence agency, had allegedly been spying on Turkey for years.

On Monday, the Foreign Ministry in Ankara summoned Germany’s ambassador Eberhard Pohl, making it clear that the surveillance is unacceptable and must stop.

Foreign Minister Davutoglu called Germany’s behaviour “inexcusable.” There were principles of interaction that must always be considered, he said, adding the German government owed Turkey an explanation. Davutoglu, favored to take over the post of premier after new President Recep Tayyip Erdogan takes office, said he would discuss the issue with German Foreign Minister Frank-Walter Steinmeier on the phone.

From Techdirt, why are we not surprised?:

From The Unsealed ‘Jewel v. NSA’ Transcript: The DOJ Has Nothing But Contempt For American Citizens

  • from the and-[local]-god-help-you-if-you’re-a-foreign-citizen dept

With some of the proceedings unsealed in the EFF’s long-running Jewel vs. NSA lawsuit, more details can finally be exposed. Not that what’s already been exposed hasn’t been damning enough. Over the past several months, the DOJ has run interference for the NSA, traveling from courtroom to courtroom, destroying and saving (or at least pretending to…) collected data amongst a flurry of contradictory orders.

Not that it ultimately mattered. The NSA just kept destroying relevant evidence, claiming the system was too complex to do anything with but allow to run its course. Evidence would be destroyed at the 5-year limit, no matter what preservation orders were issued. The NSA, of course, has a vested interest in destroying evidence that its 215 and 702 programs collect the data and communications of Americans. Thanks to Snowden’s leaks, it can no longer pretend it doesn’t. But despite this, the DOJ still claims Section 702 targets only foreigners and American suspects located outside of the US.

The mock concern about compliance with court orders was a hustle. The DOJ wants as much evidence that might be useful to plaintiffs gone as swiftly as possible. Thanks to the unsealing of Jewel court documents, the EFF can now relate that the DOJ’s efforts went much further than simply letting aged-off collections expire. It also actively tried to change the historical record of the Jewel case, as Mike covered here recently.

Al Jazeera English announces a move:

Julian Assange ‘to leave’ Ecuador embassy

  • WikiLeaks founder says he will leave Ecuador’s embassy in London “soon”, but gives no further details.

WikiLeaks founder Julian Assange has said he plans to leave Ecuador’s embassy in London “soon”, having spent the last two years avoiding extradition to Sweden over allegations of sexual assault.

Assange told reporters during a news conference on Monday that he would be “leaving the embassy soon” but not for reasons “reported by the Murdoch press”, without elaborating further.

“I am leaving the embassy soon… but perhaps not for the reasons that Murdoch press and Sky news are saying at the moment,” he said.

And a video report from RT:

‘Important changes coming’ – Assange’s friend

Program note:

After spending more than two years trapped in a tiny embassy room, Wikileaks founder Julian Assange has made a sudden announcement that he will leave the embassy ‘soon’. For more perspective on what Assange had to say, and why he said it RT talks to someone who knows him personally – Gavin Macfadyen, Director of the Centre for Investigative Journalism.

A video of Assange’s full statement is here.

But the London Telegraph promptly threw a bucket of cold water:

Home Office shoots down Julian Assange’s claim about extradition law change

  • Julian Assange, the WikiLeaks founder, says he plans to leave the Ecuador embassy in London after spending two years there

Mr Assange and his legal advisers appeared to have made an embarrassing error by misunderstanding a basic aspect of the new legislation.

The Home Office quickly undermined his key claim by confirming the changes would not apply in the case of Mr Assange, who has been a wanted man in Sweden since 2010, because they are not retrospective.

Mr Assange, 43, is alleged to have raped a woman known as SW, then aged 26, and committed other sexual offences against AA, a 31-year-old woman.

From the Register, the Rupester crows:

Rupert Murdoch says Google is worse than the NSA

  • Mr Burns vs. The Chocolate Factory, round three!

Media tycoon Rupert Murdoch has taken to Twitter and labelled Google worse than the NSA.

Here’s The Dirty Digger’s missive:

Rupert Murdoch     @rupertmurdoch

NSA privacy invasion bad, but nothing compared to Google.
10:15 AM – 17 Aug 2014

Murdoch and Google have history, with the former accusing the latter of stealing his newspapers’ content (yet never putting in place a robots.txt file that would prevent search engines crawling it). Uncle Rupert has also criticised Google as enabling the theft of films by indexing torrent sites.

Reuters covers a hack:

Community Health says data stolen in cyber attack from China

Community Health Systems Inc (CYH.N), one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.

Security experts said the hacking group, known as “APT 18,” may have links to the Chinese government.

“APT 18″ typically targets companies in the aerospace and defense, construction and engineering, technology, financial services and healthcare industry, said Charles Carmakal, managing director with FireEye Inc’s (FEYE.O) Mandiant forensics unit, which led the investigation of the attack on Community Health in April and June.

From TechWeekEurope, cyberwarfare:

Syrian Malware Is On The Rise, Warns Kaspersky

  • As the civil war in Syria enters its fourth year, cyber warfare shows no sign of abating

The number of cyber attacks against Internet users in Syria is growing, with organised groups relying on increasingly sophisticated strains of malware to target media agencies, activists and dissidents, warns Russian security vendor Kaspersky Labs.

According to a report by Kaspersky’s Global Research & Analysis Team (GReAT), groups from both sides of the civil war are using advanced social engineering techniques, modifying legitimate apps and obfuscating their code in order to infect target machines with Remote Access Tools (RATs) such as the ‘Dark Comet’.

The company says people should be extra careful when they access online material that relates to the conflict.

From PetaPixel, delinquency of a [data] miner:

Tumblr Will Soon Scan Your Photos for Clues About What Brands You Use

Tumblr users post approximately 130 million photos every day. And starting this week, they will begin to sort through every single one of them for various brands and items, with the help of Ditto Labs.

The Yahoo-owned social media platform and Ditto are officially signing a deal this week that will help Tumblr take advantage of the unfathomable amount of images shared on its services every day. Specifically, the technology Ditto owns will allow Tumblr to analyze photos posted by users and draw out brand-related data.

This means, if someone shares an image with a pair of Beats headphones, Nike shoe, Starbucks drink or Canon camera, Ditto’s technology will be able to pinpoint the products, more effectively defining demographics for advertisers. However, accorfing to T.R. Newcomb, head of business development at Tumblr, “right now, we’re not planning to do anything ad-related.”

After the jump, a Chinese media crackdown and the latest on the Asian Game of Zones, including border crossings, peace feelers, a Japanese military woe and internal doubts, more allegations of Japanese ethnic intolerance, and more ghosts from World War II troubled the Asian present. . . Continue reading

InSecurityWatch: Cops amok, hacks, spies, zones


We begin today’s look at the world of the dark side with America’s sudden realization that America’s police forces look a lot like those of a police state.

First up, the San Francisco Chronicle looks at the impact on Bay Area cops:

How local police forces got outfitted for warfare

The paramilitary hardware that police in Missouri deployed against demonstrators angered by an officer’s killing of an unarmed black teenager has become commonplace in police departments in the Bay Area and around the country, thanks to billions of dollars in homeland security money and surplus military equipment that the federal government has showered on communities.

Big-city police departments have long had riot gear, shields and even lightly armored vehicles to deal with unrest. What has changed in recent years is the volume of military equipment finding its way to smaller, suburban police agencies like the ones that confronted protesters last week in Ferguson, Mo.

The federal programs that delivered heavy weaponry and armored vehicles to police there are the same ones that allowed the Alameda County Sheriff’s Office to obtain a decommissioned Coast Guard cutter. They enabled Concord police to acquire an armored personnel carrier that the U.S. military once used in Kuwait.

Police in South San Francisco, Vallejo, San Jose, Napa and Antioch now have specially reinforced armored personnel carriers like those that carried U.S. troops in battle areas in Afghanistan and Iraq, courtesy of a Pentagon program that distributes surplus war equipment to cities around the country.

From the Daily Dot, we hope it’s more than wishful thinking:

Social media may have turned the tide of police militarization

In many respects, last Wednesday night may turn out to be the single most important event in the history of American law enforcement in a generation.

For most of the week, the images flooding out of Ferguson, Mo., and onto social media resembled nothing so much as a military occupation. Officers from the St. Louis County Sheriff’s Department patrolled the streets in full body armor while toting machine guns, as millions of Americans started to suddenly wonder why law enforcement officials were outfitted as if they were going into a war zone.

When all you have is riot gear, even peaceful protests start to look like riots. By giving police officers the tools to use overwhelming force and military-style tactics at every opportunity, it creates a situation that may be safer for individual police officers, but is significantly more dangerous for society as a whole.

From Bloomberg of all places, confronting a real source of national insecurity:

Ferguson Unrest Shows Poverty Grows Fastest in Suburbs

A week of violence and protests in a town outside St. Louis is highlighting how poverty is growing most quickly on the outskirts of America’s cities, as suburbs have become home to a majority of the nation’s poor.

In Ferguson, Missouri, a community of 21,000 where the poverty rate doubled since 2000, the dynamic has bred animosity over racial segregation and economic inequality. Protests over the police killing of an unarmed black teenager on Aug. 9 have drawn international attention to the St. Louis suburb’s growing underclass.

Such challenges aren’t unique to Ferguson, according to a Brookings Institution report July 31 that found the poor population growing twice as fast in U.S. suburbs as in city centers. From Miami to Denver, resurgent downtowns have blossomed even as their recession-weary outskirts struggle with soaring poverty in what amounts to a paradigm shift.

On to the world of secrecy-cloaked acts of dubious legality with the Guardian:

UK ambassador ‘lobbied senators to hide Diego Garcia role in rendition’

  • Rights groups claim that top-level talks were part of bid to redact link to Diego Garcia from report

Logs released under the Freedom of Information Act have reinforced claims that the UK lobbied to keep its role in the CIA’s torture and interrogation programme out of what is expected to be a damning Senate report.

They show that the UK ambassador to the US met members of the Senate select committee on intelligence 11 times between 2012 and 2014 – as they were investigating the CIA’s rendition programme. This included two meetings with the committee’s chair, Diane Feinstein, which took place as crucial decisions were being made regarding how much of its report into the programme should be made public.

The revelation has prompted fresh concern that the government lobbied for key parts of the report referring to Diego Garcia, a British territory in the Indian Ocean leased to the US as a military base, to be redacted. Human rights groups believe that the territory played a key role in facilitating the CIA’s extraordinary rendition programme – the movement of high-value terrorist suspects to “black sites” around the world without legal oversight.

The Register looks at hacking made easy:

Who needs hackers? ‘Password1′ opens a third of all biz doors

  • GPU-powered pen test yields more bad news about defences and passwords

Hundreds of thousands of hashed corporate passwords have been cracked within minutes by penetration testers using graphics processing units.

The 626,718 passwords were harvested during penetration tests over the last two years conducted across corporate America by Trustwave infosec geeks.

The firm’s threat intelligence manager Karl Sigler said in a post that half of the plundered passwords were cracked within “the first few minutes”.

While Computerworld rings an alarm:

Microsoft urges customers to uninstall ‘Blue Screen of Death’ update

  • One of last week’s security updates has bricked an unknown number of PCs running Windows 7

Computerworld – Microsoft on Friday quietly recommended that customers uninstall one of last week’s security updates after users reported that it crippled their computers with the infamous “Blue Screen of Death” (BSOD).

The update, identified as MS14-045 in Microsoft’s numbering, was one of nine released on “Patch Tuesday,” Aug. 12, was designed to fix three separate flaws, including one related to a font vulnerability and another in the Windows kernel, the heart of the operating system.

Within hours of its release, however, users reported that MS14-045 had generated a Stop 0x50 error on some systems, mostly on Windows 7 PCs running the 64-bit version of the OS.

Off the Asia, first with South China Morning Post:

More than 20,000 rally in Islamabad, calling for Sharif to resign as PM

  • Cleric Qadri and cricket star turned politician Khan lead rallies in capital

More than 20,000 anti-government protesters flooded the centre of Pakistan’s capital yesterday, vowing to stay in the streets until Prime Minister Nawaz Sharif resigns.

The numbers were far below what protest organisers expected, but the power of protesters to paralyse the central business district has presented the biggest challenge yet to the 15-month-old civilian government.

The unrest has raised questions about Pakistan’s stability, at a time when the nation of 180 million is waging an offensive against Pakistani Taliban militants and when the influence of anti-Western and sectarian groups is growing.

More from the Express Tribune in Karachi:

Govt to form separate committees to negotiate with Imran, Qadri

Interior Minister Chaudhry Nisar Ali Khan has said that the government is willing to listen to each and every constitutional demand of the Pakistan Tehreek-e-Insaf (PTI) and the Pakistan Awami Tehreek (PAT), Express News reported.

“As a goodwill gesture, we have decided to constitute two separate committees to negotiate with PTI and PAT,” said Nisar while addressing a press conference late Sunday night. “We are ready to hear all their constitutional demands,” he added.

Earlier in the day, PAT chief Tahirul Qadri and PTI chief Imran Khan reiterated their demand for the resignation of Prime Minister Nawaz Sharif in separate addresses to their supporters, with the latter announcing the launch of a civil disobedience movement.

Reuters covers another form of protest:

Pakistan opposition leader calls for tax boycott in anti-government protest

Leading opposition politician Imran Khan urged Pakistanis on Sunday not to pay taxes or utility bills as a protest against the government and vowed to force the country’s “corrupt” prime minister to step down this week.

“After two days … your time is up,” Khan shouted to thousands of supporters at a rally in central Islamabad.

Police estimated on Sunday that around 55,000 people have occupied two streets in the center of the Pakistani capital as part of separate protests led by Khan and cleric Tahir ul-Qadri.

From the Diplomat, walking a fine line of the subcontinent:

India-China Border Engagement

As India races to catch up on infrastructure, its military is increasingly engaged with the PLA.

For the Indian military, this is a time of some fairly fundamental changes.

After decades of pursuing Pakistan-centric war planning, the Indian Army and the Indian Air Force are recalibrating their sights towards the hitherto neglected northern frontiers with China, giving a hard push to improving its war-fighting capabilities against its more powerful neighbor and at the same time, increasing on-the-ground interaction with the People’s Liberation Army (PLA).

This two-track policy, outcome of the experience of the past five years, is aimed at preventing any unnecessary flare ups along the Line of Actual Control (LAC), as the contested border between the two countries is known.

While the Times of India invokes dubious imagery:

I’m Hitler for thieves misusing funds, Telangana CM says

A crucial meeting between two warring chief ministers of Andhra Pradesh and Telangana failed to bring about a change of heart as both chose to remain on the warpath over several issues, including the Governor’s special powers in Hyderabad and the controversial household survey, on Sunday.

Governor ESL Narasimhan had brought K Chandrasekhar Rao of Telangana and N Chandrababu Naidu of AP to the negotiation table, for the first time since the bifurcation of the state. But the two chief ministers stuck to their guns, with KCR threatening to be a “Hitler” for those who allegedly misuse government’s schemes and funds, ahead of the controversial household survey.

“There is nothing wrong in being a Hitler for the people’s cause. I would like to be a Hitler for those who want to misuse the government schemes and funds. Yes, I am a Hitler for thieves,” he said after the meeting.

And Deutsche Welle covers another protest, this tiem one against another protest:

Tens of thousands stage Hong Kong pro-government rally

A protest march with tens of thousands of participants has taken place in Hong Kong. The rally was organized in response to a planned pro-democracy disobedience campaign in the former British colony.

Tens of thousands of people protested in Hong Kong on Sunday against plans by pro-democracy activists to shut down the semi-autonomous Chinese city’s financial district with a mass sit-in unless China allows electoral reforms.

The Alliance for Peace and Democracy, which organized Sunday’s rally in sweltering heat, claims that most people in the city of seven million do not support the pro-democracy campaign run by the Occupy Central group.

The Alliance says it has so far collected almost 1.5 million signatures – including that of leader Leung Chun-ying – from people opposed to the Occupy campaign on the grounds that it would tarnish Hong Kong’s reputation and harm business.

From Reuters, another spooky saga:

Chinese national charged with hacking U.S. defense contractors

A Chinese businessman has been indicted in California on charges he hacked the computer systems of Boeing Co and other U.S. defense contractors and stole confidential plans for military aircraft, federal prosecutors said on Friday.

According to the indictment in federal court in Los Angeles, Su Bin traveled to the United States at least 10 times between 2008 and 2014 and worked with two unidentified co-conspirators based in China to steal the data.

Prosecutors said the trio stole plans relating to the C-17 military transport plane and F-22 and F-35 fighter jets, and attempted to sell them to Chinese companies.

The Japan Times orders:

U.S. military told troops not to visit Yasukuni Shrine

  • Trip to war-related shrine canceled before Obama visit in April

U.S. military leaders in Japan advised against a planned visit by some of their troops to war-linked Yasukuni Shrine in early April, before President Barack Obama’s visit to Tokyo, apparently out of consideration to South Korea and China, an American military source said Saturday.

U.S. Forces Japan headquarters warned against the visit to the controversial shrine by more than 20 troops, leading to the trip’s cancellation, according to the source.

The Shinto shrine honors past Japanese leaders convicted as Class-A war criminals, along with millions of war dead. Beijing and Seoul consider it a symbol of Japan’s past militarism and wartime aggression and bristle when Japanese politicians make state visits viewed as glorifying the war.

From SINA English, another play:

Japan freezes assets of N Korean shipping firm for smuggling arms

Japan has frozen the assets of the operator of a North Korean ship seized for smuggling arms, the Foreign Ministry said, just as Tokyo is engaged in talks with Pyongyang to return Japanese citizens kidnapped by North Korean agents decades ago.

The sanction against Ocean Maritime Management, which operated the ship detained near the Panama Canal a year ago carrying Soviet-era arms, follows similar steps by the United States and U.N. blacklisting of the North Korean firm in July.

It is not immediately clear how much assets, if any, Ocean Maritime Management holds in Japan, the Finance Ministry said Saturday.

The Diplomat poses a scary question:

Nuclear Weapons for South Korea

Under threat of a possible fourth North Korean nuclear test, should South Korea develop its own nuclear weapon?

Nuclear tensions are again ratcheting up on the Korean Peninsula, with Pyongyang threatening a fourth nuclear weapons test in what one U.S. analyst described as its new “allergic reaction” to routine military exercises by South Korea and United States scheduled to start on August 18.

A fourth nuclear test could further influence the debate in Seoul and Washington over whether South Korea should consider the “nuclear option.” Such a decision – if South Korea were to seriously consider it – could upturn the 60-year South Korean-U.S. alliance, global nonproliferation efforts, not to mention dozens of international obligations that tie one of Asia’s wealthiest nations to the global economy.

Even talk of “going nuclear” has some in South Korea’s political class worrying out loud that the debate has already moved from the political fringe to occupy center stage.

From Want China Times, bulking up:

China considers buying four Russian Amur-Class AIP submarines

China reportedly signed two military sale frameworks with Moscow, of which Russia will jointly build four Amur-Class AIP submarines with China and sell them to the country while China will buy 24 Su-35 fighters from Russia, reports Sina’s military news portal.

It is the first major military procurement China has made with Russia in 10 years, said the report. China needs submarines to counter threats from India’s fleet and build a fleet to resist America’s influence, said the Voice of Russia, the Russian government’s international radio broadcasting service. A manager for a Russian national defense export company said Moscow and Beijing have been negotiating over submarine technologies. China has not revealed how many submarines it wants to buy and has not scheduled to sign a supply contract.

It is natural for India and China to show interest in Russia’s Amur-Class submarines, said a retired Russian Navy general named Sivkov. The submarine is superior to the export version of China’s 877 submarine and China would want the Amur-Class vessel since India has them. The Russian submarine can also effectively fight against American submarines and destroy Los Angeles and Virginia-class nuclear-powered submarines from long distances.

Jiji Press bolsters the borders:

Japan to Strengthen Analysis of Information on Foreigners

Japan’s Justice Ministry will set up an intelligence center at the Immigration Bureau to strengthen the ability to analyze information on foreigners in preparation for the 2020 Tokyo Olympic and Paralympic Games, informed sources said Sunday.

The ministry will seek about 220 million yen in related expenditures as part of its fiscal 2015 budget request, the sources said.

By 2020, the government aims to boost the annual number of visitors to Japan to 20 million, about double the 10.36 million in 2013.

From the Japan Times, learning from the University of California:

Japan plans fund to develop military technology with universities

  • Ministry plans fund to aid schools engaged in military research

The Defense Ministry plans to set up a fund to develop military technology by aiding research projects at universities and other civilian institutions, government sources have revealed.

In a move aimed at keeping down development costs and bolstering civilian-military cooperation, the ministry plans to seek roughly ¥2 billion for the fund in its budget request for fiscal 2015 beginning next April, raising it to ¥6 billion in three years, the sources said Saturday.

The fund, which will be modeled after the U.S. Defense Advanced Research Projects Agency, is part of Prime Minister Shinzo Abe’s drive to expand the nation’s military capabilities. It will finance promising projects in such fields as surveillance radar technology and aviation materials.

The Japan Times again, with another sort of education:

Japan to hold seminar to pitch defense equipment exports to ASEAN

The government plans to hold a seminar in late September attended by officials from ASEAN countries to make a pitch for exports of Japanese-made defense equipment to those Asian nations, government sources said Sunday.

It will be the first gathering of Japan and the Association of Southeast Asian Nations to hold full-fledged discussions concerning such exports since Prime Minister Shinzo Abe’s Cabinet decided in April to ease restrictions on arms exports.

During the seminar in Tokyo, the government plans to discuss how Japanese equipment and technology could help enhance the defense capabilities of ASEAN nations, as it seeks business opportunities to export Japanese defense equipment.

And for our final item, JapanToday covers box office militancy:

Film on 1597 victory over Japan breaks Korean box office records

A film depicting a famous 16th century naval victory against Japanese invaders has set records at the South Korean box office, drawing the largest audience and becoming the first local movie to take more than $100 million.

“Myeongryang” (“Roaring Currents”) attracted 13.62 million viewers as of Saturday after 18 days of screening, distributor CJ Entertainment.

The previous frontrunner, Hollywood blockbuster “Avatar”, drew 13.61 million Korean cinema goers over a span of four months.

InSecurityWatch: Buggery, hacks, spies, zones


Though it’s a Saturday here in ol’ Berzerkeley, the news from the dark side continues to flow unabated.

We open with the disingenuous, via the McClatchy Foreign Staff:

Germans say they accidentally tapped Clinton, Kerry calls

The German Foreign Intelligence Agency has admitted tapping “at least one” phone call each by current Secretary of State John Kerry and then-Secretary of State Hillary Clinton while they were aboard United States government jets, according to German media reports.

The reports claim Kerry’s intercepted communication was a satellite phone call from the Middle East in 2013. Clinton’s communication was also a satellite call, in 2012, and was reportedly to then United Nations Secretary General Kofi Annan. Both calls were reported to have been intercepted accidentally while German intelligence was targeting terror suspects in the Middle East and northern Africa.

The intelligence agency (the Bundesnachrichtendienst or BND) told German media that terror groups often use the same frequencies that the secretaries phone calls were made over, so the calls were picked up. The calls were among what the German newspaper Suddeutsche Zeitung said intelligence sources described as several cases of U.S. official phone calls being picked up accidentally during anti-terror communications monitoring.

From the Guardian, more buggery deprecated:

Tony Abbott says phone hack did not compromise talks with Julie Bishop

  • The prime minister responds to a report the foreign minister’s phone was hacked saying sensitive discussions were secure

Following reports the foreign minister’s phone was hacked, the prime minister, Tony Abbott, has said sensitive discussions were conducted over secure phone lines and were not monitored.

The Herald Sun reported that Julie Bishop’s mobile phone was compromised while she was overseas. The newspaper said Australian intelligence officials seized the phone when she returned from a trip negotiating access to the MH17 crash site in the Ukraine.

Australian intelligence agencies know which country those responsible for compromising the phone were from, the report said. The phone was not used to discuss sensitive communications and was replaced.

And Network World goes for the vulnerable:

British spy agency scanned for vulnerable systems in 32 countries, German paper reveals

British intelligence agency GCHQ used port scanning as part of the “Hacienda” program to find vulnerable systems it and other agencies could compromise across at least 27 countries, German news site Heise Online has revealed.

The use of so-called port scanning has long been a trusty tool used by hackers to find systems they can potentially access. In top-secret documents published by Heise on Friday, it is revealed that in 2009, GCHQ started using the technology against entire nations.

One of the documents states that full scans of network ports of 27 countries and partial scans of another five countries had been carried out. Targets included ports using protocols such as SSH (Secure Shell) and SNMP (Simple Network Management Protocol), which are used for remote access and network administration.

The results were then shared with other spy agencies in the U.S., Canada, the U.K., Australia and New Zealand. “Mailorder” is described in the documents as a secure way for them to exchange collected data.

From the McClatchy Washington Bureau, they’d tell us, but then they’d have to kill us:

(REDACTED) memo released on killing (REDACTED) American overseas

The government on Friday made public a heavily redacted memo that was used to legally justify the killing of an American overseas.

Acting under pressure from a lawsuit filed by the ACLU and the New York Times, the Justice Department turned over the long-sought Feb. 19, 2010 Office of Legal Counsel memo relating to the killing of Anwar al-Aulaqi.

Characterized as “egregiously over-redacted” by ACLU Deputy Legal Director Jameel Jaffer, the seven page memo is signed by then-Acting Assistant Attorney General David J. Barron. Barron is now a judge on the 1st Circuit Court of Appeals.

The only words that survive the redacting knife on pages 2 and 3 are “top secret.” Snippets that survive include the ominous sounding word play “killings in self-defense are not assassination.” More elaborately, the memo declares that “the use of lethal force would not violate the Fourth Amendment” if certain conditions prevail, including a “capture operation ts infeasible and the targeted person is part of a dangerous enemy force and poses a continued and imminent threat to U.S. persons or interests.”

Ars Technica covers the action:

Five American Muslims sue FBI, attorney general over travel watch list

  • Plaintiffs decry “invisible web of consequences that are imposed indefinitely.”

A group of five Muslims (four of whom are United States citizens) have sued top American government officials, alleging that their constitutional rights have been violated for having been put on a federal watch list.

The plaintiffs’ lawsuit, which was filed on Thursday in federal court in Detroit, accuses numerous leaders—including the attorney general, the directors of the FBI and the Department of Homeland Security, and others—of violating their constitutional rights to due process and the right to be free from religious discrimination.

In the complaint, each person outlines a similar story: being detained at the border, often having digital devices seized, and being subject to prolonged physical searches. One was told that he was on the no-fly list and was later offered a chance to work on behalf of federal law enforcement in exchange for removal. He seems to have declined.

Next up, with all the talk about militarized police in the U.S., just how well has Uncle Sam armed them. A Los Angeles Times graphic has the numbers:

BLOG Cop arms

From International Business Times, context for Missouri misery:

Mike Brown Shooting: What It’s Like To Grow Up Black In A Town Where 94% Of Cops Are White

When Gregory Carr was growing up in the suburbs of St. Louis, his father gave him and his four brothers advice about dealing with the police.

“He’d say ‘let me tell you something, when you’re black and you get stopped by the man you just say, yes sir, no sir, and cooperate. Because that man will crack your head.’”

A generation later, Carr, 49, who teaches speech and theater at Harris-Stowe State University in St. Louis, said that he tells his own son the same thing.

“I’m very concerned, he’s only six years younger than Mike Brown,” he said, referring to the shooting of Brown, 18, who was unarmed when he was killed by police Saturday in this St. Louis suburb, an incident that sparked six days of protests, a violent police backlash, sympathetic protests across the country and a national discussion about race and segregation in America.

From the Independent, hooded bigotry gone bananas:

Michael Brown shooting: Ku Klux Klan raises ‘reward’ for officer who shot unarmed teen in Ferguson, Missouri

The Missouri chapter of a faction of the Ku Klux Klan is allegedly raising money as a reward for the white police officer who fatally shot Michael Brown, an unarmed black teenager, in Ferguson a week ago.

On its website, the South Carolina-based New Empire Knights of the Ku Klux Klan (KKK) has published a series of racist posts describing Brown as “a black punk” and “not a good kid”, the Southern Poverty Law Center’s Hate Watch (SCPLCHW) blog has reported.

The group has also advertised a fundraiser asking for donations of $10 (£6) and above, with all proceeds going to “the cop who did his job against the negro criminal”.

And from Boing Boing, a note about a podcast for the modern journalist:

Essential gadgets while reporting on civil unrest

In this episode, we talk to journalist Quinn Norton, who writes about digital rights, hacker culture, copyright, and the strangeness of the world and the complexity of the people who inhabit it for Medium and other outlets. She has covered the Occupy Wall Street movement and civil unrest around the world for Wired and other publications.

News Corp Australia covers aquatic hack attacks:

Sharks eat the internet but Google fights back

A NEW food craze is sweeping the underwater world with sharks taking a fancy to Google’s undersea data cables.

Vision has emerged showing sharks munching away on the cables, mistaking them for dinner.

Google has been forced to take action, reinforcing parts of the trans-Pacific fibre-optic cables and wrapping them in material to keep the sharks at bay.

From TheLocal.dk, information control in the name of IP. [And if you do want to see a picture, Wikipedia has ‘e here]:

Denmark’s icon… that we can’t show you

  • The Little Mermaid is perhaps the most photographed attraction in the entire country, but Danish media outlets are extremely hesitant to publish a photo of the sculpture.

Earlier this week, The Local reported that Seoul’s mayor wants a miniature version of Copenhagen’s famous Little Mermaid statue for his own city.

Rather than illustrate the photo with a beautiful picture of the sculpture – thousands of which can be found all over the internet – we chose a photo in which the famous landmark was surrounded by tourists and thus not the main focus of the image.

There was a reason for that. The family of sculptor Edvard Eriksen is known for being very aggressive about the sculpture’s copyright and numerous Danish media outlets have received a large bill in the mail for using a photo of the Little Mermaid – even though it is arguably the most recognisable image in all of Denmark.

The newspapers Politiken, Berlingske and the now-closed Nyhedsavisen have all been fined for using an image of the Little Mermaid. Berlingske had to pay 10,000 kroner ($1,800) for using a photo of the statue in connection with a 2005 story on Denmark’s tourism industry.

From Ars Technica, check your grocery bills:

Grocery shoppers nationwide probably had credit card data stolen

  • Coast-to-coast: Albertsons, Acme Markets, Jewel-Osco and more were hit

Two major supermarket chains announced that their customers’ credit card information may have been stolen during a network intrusion.

SuperValu, the Minnesota parent company of Cub Foods, Farm Fresh, Hornbacher’s, Shop ‘n Save, and Shoppers Food and Pharmacy, announced that 180 stores in North Carolina, Maryland, Virginia, Illinois, Missouri, North Dakota, and Minnesota were affected.

“The Company has not determined that any such cardholder data was in fact stolen by the intruder, and it has no evidence of any misuse of any such data, but is making this announcement out of an abundance of caution,” SuperValu said in a statement Friday.

Consortiumnews.com covers a sin of MSM omission:

The Hushed-Up Hitler Factor in Ukraine

Behind the Ukraine crisis is a revision of World War II history that seeks to honor eastern European collaborators with Hitler and the Holocaust by repackaging these rightists as anti-Soviet heroes, a reality shielded from the U.S. public, as Dovid Katz explains.

Would America support any type of Hitlerism in the course of the State Department’s effort to turn the anti-Russian political classes of Eastern Europe into paragons of PR perfection that may not be criticized, howsoever mildly?

It was frankly disconcerting to see Sen. John McCain, R-Arizona, embracing the leader of Ukraine’s far right, anti-Semitic, pro-fascist Svoboda party last December. It was disturbing to learn of the neo-Nazi elements that provided the “muscle” for the actual Maidan takeover last February (BBC’s Newsnight was among the few major Western outlets to dare cover that openly).

Most disturbing of all has been the mainstream Western media’s almost Soviet-grade wall somehow erected against critical mention of the far-right component of Ukraine’s 2014 history, rendering any such thought as worthy of ridicule on New York Times opinion pages last spring.

And the Associated Press covers an offer:

EU Offers to Take Charge of Gaza Border, Says Status Quo ‘Is Not an Option’

The European Union offered Friday to take charge of Gaza’s border crossings and work to prevent illegal arms flows, insisting on a durable truce and saying a return to the status quo for the region “is not an option.”

As EU foreign ministers held an urgent meeting in Brussels about global conflicts, Hamas negotiators met with the Islamic militant group’s leadership in Qatar to discuss a proposal for a long-term truce with Israel. An official said the group was inclined to accept the Egyptian-mediated offer.

The Gaza blockade remains the main stumbling block. It has greatly limited the movement of Palestinians in and out of the territory of 1.8 million people, restricted the flow of goods into Gaza and blocked virtually all exports.

After the jump, the last from Asia, where the Game of Zones continue to boil. There’s turmoil in Pakistan, Indian assertiveness, bellicose rhetoric, avowals and disavowals, dubious ploys, and data protectionism — plus a flatulent tale from up north and an apology that’s not nearly enough. . . Continue reading

InSecurityWatch: Taps, hacks, zones, bluster


Today’s headlines from the world of spies, deep politics, hackery, state violence, and the ongoing Asian Games of Zones is agenda’s so full we opted to switch the order of our compendia today, and we’ll get straight to it, first with a pair of stories about prominent conversations overheard.

We open with this from International Business Times:

Germany Recorded Hillary Clinton When She Was Secretary Of State, German Media Says

Germany’s Federal Intelligence Service (BND) recorded a conversation of Hillary Clinton while she was secretary of state, three German media outlets reported on Friday. Clinton was recorded while flying in a U.S. government aircraft. Reports did not specify the exact date of the recording.

Germany’s largest daily newspaper and two public broadcasting services broke the story on the alleged incident and cited anonymous government sources that said the recording was by accident. One source said the recordings should have been destroyed immediately and it was “idiocy” that they weren’t. The report also mentions the BND recorded other “American politicians and other friendly countries,” but did not specify which politicians or what countries.

The disclosure came after last year’s revelation by Edward Snowden that the U.S. ran an espionage operation on Germany, one of America’s closest allies. German Chancellor Angela Merkel, who was bugged and recorded by the U.S., was highly critical of the surveillance, saying there must not be “spying among friends.” More recently, German officials revealed in July that the U.S had been working with a spy in Germany for more than two years.

And the other eavesdropping saga, via News Corp Australia:

Foreign Minister Julie Bishop’s phone was hacked at the height of the MH17 crisis

FOREIGN Affairs Minister Julie Bishop’s mobile phone was compromised while she was overseas leading tense negotiations to win access to the MH17 crash site in Ukraine.

Australian intelligence officials seized Ms Bishop’s phone on her return from a two-week trip to the United States, Ukraine and Holland, having secured a deal to get Australian police into the crash area.

Russian-backed rebels shot down the Malaysia Airlines flight with a surface-to-air missile on July 17, killing 298 passengers and crew, including 38 Australians.

It is thought that our intelligence agencies know which country those responsible for compromising Ms Bishop’s phone were operating from.

American accessory convicted, via Al Jazeera:

Court: Poland culpable for CIA secret prisons

  • The European Court of Human Rights has ordered Poland to pay reparations to two Saudis being held in Guantanamo Bay

On July 24, seven judges on the European Court of Human Rights (ECHR) ruled against Poland in a landmark case, making it the first European Union country to be held accountable for its involvement in the United States’ systematic, extrajudicial detention of suspects, known as the “extraordinary rendition” programme. Established by the George W Bush administration in the aftermath of September 11 attacks, the programme was run by the CIA, and designed to detain suspects deemed to be of “high value”.

In the unanimous ruling, the judges stated that “Poland had cooperated in the preparation and execution of the CIA rendition, secret detention, and interrogation operations on its territory” and that it had failed in its duty under the European Convention on Human Rights to “ensure that individuals within its jurisdiction were not subjected to torture or inhuman or degrading treatment or punishment.”

The ECHR ordered Poland to pay $175,000 to Saudi-born Palestinian Abu Zubaydah and $135,000 to Saudi national Abd al-Rahim al-Nashiri. Both applicants are currently being held in US custody in Guantanamo Bay, isolated from the outside world.

From the Daily Californian, an alarm sounds in Berkeley:

UC to evacuate affiliates in Pakistan after bombing this week

The university is initiating evacuation of UC affiliates in Pakistan after a bombing in the city of Quetta on Tuesday.

Two UC Berkeley faculty members are currently in Pakistan on UC-related business, according to campus risk manager Andy Goldblatt. No students or staff have been reported to be in the country, although an email was sent Wednesday to campus deans, directors and chairs asking for help identifying other UC faculty, staff and students in Pakistan.

Campus professor Ron Gronsky, special faculty assistant to the chancellor for international relations, said in the email that not all UC affiliates take the recommendation that they register their international travel with the university.

The Los Angeles Times plays the overture for the next act:

Nouri Maliki’s departure sets stage for deeper U.S. role in Iraq

The resignation of Iraqi Prime Minister Nouri Maliki after a bitter final power struggle sets the stage for increasing U.S. arms shipments and military advisors, deepening America’s role in a conflict President Obama had sought to avoid.

White House officials, who had urged Maliki to step down, praised him for agreeing Thursday to back Haider Abadi, a less divisive successor who they hope can unite Iraq’s political and religious factions against the Islamic State militants who control or threaten much of the country.

“Iraqis took another major step forward in uniting their country,” national security advisor Susan Rice said in a statement. “These are encouraging developments that we hope can set Iraq on a new path.”

And from the Associated Press, hints of Perry-less times ahead for the Lone Star State:

Texas’ Perry indicted for coercion for veto threat

A grand jury indicted Texas Gov. Rick Perry on Friday for abusing the powers of his office by carrying out a threat to veto funding for state prosecutors investigating public corruption — making the possible 2016 presidential hopeful his state’s first indicted governor in nearly a century.

A special prosecutor spent months calling witnesses and presenting evidence that Perry broke the law when he promised publicly to nix $7.5 million over two years for the public integrity unit, which is run by Travis County District Rosemary Lehmberg’s office. Several top aides to the Republican governor appeared before grand jurors in Austin, including his deputy chief of staff, legislative director and general counsel. Perry himself wasn’t called to testify.

He was indicted by an Austin grand jury on felony counts of abuse of official capacity and coercion of a public servant. Maximum punishment on the first charge is five to 99 years in prison. The second is two to 10 years.

The Reporters Committee for Freedom of the Press challenges First Amendment insecurity:

Media coalition protests police treatment of reporters during Ferguson events

The Reporters Committee for Freedom of the Press led a coalition of 48 national media organizations that sent a protest letter [PDF] objecting to the treatment of reporters during the recent events in Ferguson, Mo., that followed the police shooting of Michael Brown.

The letter was sent to the heads of the city and county police, as well as the state highway patrol.

“Officers on the ground must understand that gathering news and recording police activities are not crimes,” the letter states. “The actions in Ferguson demonstrate a lack of training among local law enforcement in the protections required by the First Amendment as well as the absence of respect for the role of newsgatherers. We implore police leadership to rectify this failing to ensure that these incidents do not occur again.”

From the Washington Post, another source of insecurity:

Ex-cop who burned body again gets 17 years

For a second time, a former New Orleans police officer has been sentenced to more than 17 years in prison for burning the body of a man shot to death by another New Orleans police officer in the chaotic days following Hurricane Katrina.

Gregory McRae, 53, already is imprisoned for burning Henry Glover’s body. However, an appeals court had ordered a recalculation of his original 17-year sentence after one of his original convictions was thrown out.

In giving the same 17-year, 3-month sentence, U.S. District Judge Lance Africk said Friday that McRae was guilty of covering up an unlawful killing by fellow Officer David Warren. Africk’s assertion comes despite a jury’s earlier acquittal of Warren.

The Center for Investigative Reporting covers another insecurity on the borders:

Ousted chief accuses border agency of shooting cover-ups, corruption

More than two dozen people have died in violent clashes with U.S. Customs and Border Protection since 2010. Despite public outrage over some of the killings, no agent or officer has faced criminal charges – or public reprimand – to date.

Yet at least a quarter of the 28 deaths were “highly suspect,” said James F. Tomsheck, the agency’s recently removed head of internal affairs. In a sweeping and unauthorized interview with The Center for Investigative Reporting, he said the deaths raised serious questions about whether the use of lethal force was appropriate.

Instead, Tomsheck said, Border Patrol officials have consistently tried to change or distort facts to make fatal shootings by agents appear to be “a good shoot” and cover up any wrongdoing.

The Oakland Tribune covers questionable consistency:

Judge orders investigation into Oakland’s police arbitration losses

A federal judge with sweeping power over Oakland’s police department ordered an investigation Thursday into why the city consistently loses arbitration cases with officers who are appealing discipline.

U.S. District Judge Thelton Henderson wrote that an arbitrator’s recent decision overturning the termination of an officer videotaped tossing a tear gas grenade into a crowd of Occupy Oakland protesters struck at the heart of a reform drive that he has overseen for more than a decade.

“Just like any failure to impose appropriate discipline by the (police) chief or city administrator, any reversal of appropriate discipline at arbitration undermines the very objectives of the (reform program),” Henderson wrote.

From the London Daily Mail, yet another way to bug you:

Are apps secretly listening to your calls? Security experts discover gyroscopes can identify voices from VIBRATIONS

  • Computer scientists from Stanford University and Israeli defence research group Rafael have turned a phone gyroscope into a crude microphone
  • Smartphones contain the sensors which are used for games and orientation
  • They found gyroscopes can pick up frequency of soundwaves around them
  • Vibrations are then decoded by software, making it possible for experts to eavesdrop on phone conversations – with 65 per cent accuracy
  • No permission is needed from third parties to access gyroscopes

Many people are careful to protect their pin numbers, and are vigilant about giving smartphone apps access to their microphone in case they could be listened in on.

But now there’s a new snooping threat, and it comes from a smartphone’s gyroscope.

From the Guardian, security questions:

Australian intelligence watchdog wants clarification on national security plan

  • Inspector General of Intelligence and Security also wants increased budget for effective oversight of expanded surveillance

Australia’s intelligence watchdog has called on the Abbott government to clarify various elements of its national security reforms – and also increase its budget so that it is in a position to carry out effective oversight in an environment where the surveillance footprint is being significantly expanded.

In a public hearing in parliament on Friday, the Inspector General of Intelligence and Security (IGIS) said the Australian Security Intelligence Organisation (Asio) should be required to report more extensively on the use of new powers proposed in the Coalition’s national security reforms.

IGIS said the government should consider adding a requirement to the first tranche of its security legislation requiring Asio to report on instances where it used force in operations, where it accessed third party property, or where it disrupted computers.

From the Guardian, those with info want others to have less info:

CIA security luminary: ‘Right to be forgotten is not enough’

  • Leading security expert Dan Geer says the EU ruling does not go far enough in protecting users’ privacy

The EU’s so-called “right to be forgotten” laws have not gone far enough to protect citizens’ privacy, according to Dan Geer, one of the world’s best-known security experts.

Geer, currently chief information security officer at the CIA’s venture capital arm, told delegates at the Black Hat security conference in Las Vegas that he was confused by the Guardian’s coverage of the issue. The so called “right to be forgotten” issue stemmed from a European court of justice ruling, forcing Google to remove a link relating to a 1998 newspaper article from its search results after a complaint from the person named in the article.

Geer described it as “notably ironic” that the Guardian had championed Edward Snowden’s revelations about intrusion by government agencies into civilians’ privacy, while also claiming in one editorial (though he did not specify which) that nobody has a right to be forgotten.

From the Washington Post, why are not surprised?:

U.S. firm helped the spyware industry build a potent digital weapon for sale overseas

CloudShield Technologies, a California defense contractor, dispatched a senior engineer to Munich in the early fall of 2009. His instructions were unusually opaque.

As he boarded the flight, the engineer told confidants later, he knew only that he should visit a German national who awaited him with an off-the-books assignment. There would be no written contract, and on no account was the engineer to send reports back to CloudShield headquarters.

His contact, Martin J. Muench, turned out to be a former developer of computer security tools who had long since turned to the darkest side of their profession. Gamma Group, the British conglomerate for which Muench was a managing director, built and sold systems to break into computers, seize control clandestinely, and then copy files, listen to Skype calls, record every keystroke and switch on Web cameras and microphones at will.

According to accounts the engineer gave later and contemporary records obtained by The Washington Post, he soon fell into a shadowy world of lucrative spyware tools for sale to foreign security services, some of them with records of human rights abuse.

More of the same from The Verge:

Hacking Team is spreading government malware through YouTube and Microsoft Live

You don’t have to click on a sketchy link to end up downloading malware. A new report from Citizen Lab’s Morgan Marquis-Boire shows how companies can spread targeted malware by intercepting web traffic en route, sending malicious traffic from an otherwise friendly link. A company called Hacking Team has been using the tactics on traffic from YouTube and Microsoft’s login.live.com servers, seeding innocent videos with surveillance software designed to track the target’s activities online.

The attacks are more targeted than traditional malware, usually targeting a single person at a time, and relying on access to government internet infrastructure to intercept the traffic. Hacking Team typically works with governments like Morocco and the United Arab Emirates, but Marquis-Boire says similar capabilities have been used by intelligence agencies in the US, Britain, Russia, China and Israel. Snowden documents released in The Washington Post have identified NSA malware injection attacks that infected more than 80,000 different devices.

Since the attacks are injected into everyday web traffic, defending against them is difficult, but many companies have already adopted HTTPS encryption as a possible defense. HTTPS would encrypt the connection between the user and the server, preventing injection attacks. At the moment, only a small fraction of web traffic is encrypted, but Google is offering incentives to sites that switch over, including a small boost in search rankings. It’s unclear whether login.live or YouTube will switch to default HTTPS, but Marquis-Boire says both Microsoft and Google “have taken steps to close the vulnerability by encrypting all targeted traffic.”

intelNews lays blame:

Malware targeting ex-Soviet states has Russian hallmarks

A malicious software that has infiltrated the computer systems of dozens of embassies belonging to former Eastern Bloc nations “has all the hallmarks of a nation-state” cyberespionage operation, according to researchers.

Security firm Symantec said last week that the malware appears to be specifically targeting embassies of former communist nations located in China, Jordan, as well as in locations across Western Europe.

In a report published on its website, Symantec said “only a nation state” was likely to have the funds and technical resources to create a malware of such complexity. Additionally, the malware seems to be designed “to go after explicit government networks that are not easy to find”, according to Symantec senior security researcher Vikram Thakur.

Big Brother still seduces, via Nextgov:

The Snowden Effect

Revelations last year that the National Security Agency is collecting Americans’ telephone metadata soured some people’s opinions about the U.S. intelligence community, but they apparently haven’t affected the views of many computer security professionals.

Anecdotal evidence suggests that leaks by Edward Snowden, the former systems administrator and contractor with the National Security Agency, have not hindered efforts to recruit or retain cyber staff at the three-letter agencies. Instead, the disclosures actually might have helped intelligence agencies attract computer aficionados by spotlighting the agencies’ bleeding edge technology.

“We have had no indication that cyber pros have any reticence about working for the government,” says Mark Aiello, president of Massachusetts-based Cyber 360 Solutions, a staffing firm. “It is probably the opposite, and mostly for the opportunity to work with some advanced tools or techniques. The Big Brother aspect is appealing if you are the watcher, not the watched.”

From Motherboard, young accomplices:

DARPA Uses Preteen Gamers to Beta Test Tomorrow’s Military Software

Sieg Hall doesn’t look like much from the outside. Located at the University of Washington, the building was constructed in the 1960s, when it was  a focal point for Vietnam-era antiwar protests. Before renovations were carried out it had become so dilapidated that students had a tradition of taking home chunks of rock off its façade. If I didn’t know better, Sieg is just another nondescript computer science building, not a front line in military research and development.

But it’s here, tucked away on the third floor, that you’ll find precisely that: the Center for Game Science, a research lab that makes educational video games for children, and that received the bulk of its funding from the  Defense Advanced Research Projects Agency, the wing of the US Department of Defense that supports research into experimental military technology.

Why is DARPA the original primary funder of the CGS? According to written and recorded statements from current and former DARPA program managers, as well as other government documents, the DARPA-funded educational video games developed at the CGS have a purpose beyond the pretense of teaching elementary school children STEM skills.

Instead, the games developed at CGS have had the primary purpose of using grade-school children as test subjects to develop and improve “adaptive learning” training technology for the military.

From MercoPress, invoking the T-word in a curious context:

Cristina Fernandez will use anti-terrorism law against US company that closed its Argentine plant

Argentina’s government will use an anti-terrorism law for the first time to seek criminal charges against a U.S.-based international printing firm which closed its Argentine plant without warning, president Cristina Fernández said on Thursday. She linked the company to some of the hedge funds in litigation with Argentina over defaulted bonds.

Several hundred workers were left jobless when RR Donnelly abruptly filed for bankruptcy and shut down its printing presses on the outskirts of the Argentine capital, Buenos Aires.

“We are facing a real case of fraudulent behavior and an attempt to intimidate the population,” said Cristina Fernandez in a speech at Government House.

“We will apply the anti-terrorist law. We filled a motion under charges of altering the economic and financial order and terrorizing of people,” the head of state expressed after blaming Donnelly with tax fraud and evasion.

On to other attempts to suppress information, first from the Latin American Herald Tribune:

Sexism of Authorities Aggravates Violence Against Women Journalists in Mexico

The sexism of Mexican authorities generates impunity and has led to a 300 percent increase in violence against women journalists in just a decade, according to a report presented by an NGO.

In the last few years 86 cases of violence against women journalists were reported, of which 54 percent occurred in 2013, the study by the Communication and Information for Women organization (CIMAC) revealed.

It added that Mexico City reported 35 percent of the total number of cases, thus making the capital “the most dangerous place for women in this profession.”

GlobalPost sends up a rocket:

Hamas says it has deported foreign journalists for reporting on missile launches

  • The group that runs Gaza says foreign media coverage of this latest conflict with Israel was skewed against the Palestinians.

Did Hamas, the Islamist group that rules Gaza, intimidate, harass or even deport journalists trying their damnedest to cover a dangerous war with Israel?

If you take Hamas’ word for it, the answer appears to be yes.

In an interview with the Lebanese-based Al Mayadeen TV, Hamas spokeswoman Isra Almodallal said that foreign journalists have been deported from Gaza for filming Hamas rocket launches.

Why? According to Almodallal, they “were fixated on the notion of peace and on the Israeli narrative. So when they were conducting interviews or when they went on location to report they would focus on filming the places from where the missiles were launched. Thus, they were collaborating with the occupation.”

From the Associated Press, many questions remain:

Liberian police seal newspaper office

Dozens of riot police have sealed the offices of a newspaper critical of the Liberian government and officers attempted to detain its publisher. Police spokesman Sam Collins says the paper’s criticisms could “plunge the country into confusion” when the government is struggling to contain an Ebola outbreak.

Philibert Brown’s National Chronicle has often accused President Ellen Johnson Sirleaf’s government of corruption and on Wednesday it called for the government to step down.

Brown has been ordered to report for questioning Friday.

Sirleaf’s government has come under stiff criticism for its record on press freedoms. Sirleaf has signed the Declaration of Table Mountain, which calls for the Africa-wide repeal of defamation and “insult” laws, but multiple libel convictions have been handed down since she came to power in 2006.

From International Business Times, more media under fire:

China’s Anti-Corruption Crackdown Increasingly Targets CCTV, Flagship Network

In the latest sign that China Central Television, the country’s state-run television giant, is in political trouble,  the government announced Friday that one of the network’s top officials is under detention.

China arrested Huang Haitao, deputy director of CCTV 8, a channel devoted to scripted dramas, according to 163.com, a popular news portal. His arrest is in connection with a wide-ranging government audit of CCTV, which claims an audience of more than 1 billion viewers.

Huang is only the latest prominent CCTV personality to run afoul of Chinese authorities since the December 2013 arrest of Li Dongsheng, a former vice president of the network. In late May, authorities arrested Guo Zhenxi, the head of CCTV’s financial news network, while high-profile anchor Rui Chenggang, whose “Economic News” program has an estimated 10 million viewers, was detained on July 11.

After the jump, more tensions in the Asian Games of Zones, including Pakistani protests and violence, a resounding chorus of moans from the ghosts of history, claims and counterclaims, U.S. marines of a Japanese island, and as story that really is too good to be true. . . Continue reading

InSecurityWatch: Cops, spooks, zones, drones


Today we open our coverage with the ongoing tragedy in Missouri, with a particular focus on the transformation of America’s cops from officers on the beat into an occupying paramilitary.

First up, a major development from Canada’s National Post:

Security of Ferguson will be taken over by Highway Patrol after local and county police lose community trust

Captain Ron Johnson of Highway Patrol, will be leading the security efforts in Ferguson, Missouri, going forward after several nights of racially charged provocation has left residents feeling little trust in local and county police forces.

The St. Louis suburb has been the scene of violent protests since a police officer fatally shot an unarmed black teenager on Saturday.

Gov. Jay Nixon said the change is intended to make sure “that we allow peaceful and appropriate protests, that we use force only when necessary, that we step back a little bit and let some of the energy be felt in this region appropriately.”

Johnson, who is black, said he grew up in the community and “it means a lot to me personally that we break this cycle of violence.”

And on to our primary focus, first from Businessweek:

A Federal Effort to Reuse Military Gear Turned Cops Into Commandos

The heavily militarized police force in a St. Louis suburb is hardly an anomaly. Local police departments across the country deploy not just military-style equipment but actual castoffs from the U.S. military.

Federal grant programs fund the police acquisition of military weapons and vehicles, and a U.S. law has sent more than $4 billion of surplus Pentagon gear to law enforcement over the past 17 years. Now protests following the fatal police shooting of unarmed teenager Michael Brown in Ferguson, Mo.—and the heavily armed response by local police—seem likely to spark a national debate on the militarization of law enforcement. Do local cops from from Maine to New Mexico need military rifles and armored personnel carriers to do their jobs?

“I know that many Americans have been deeply disturbed by images we’ve seen in the heartland of our country,” President Barack Obama said Thursday, urging calm amid the investigation of the Aug. 9 shooting. Police have said Brown fought with a police officer and tried to grab his service weapon, while witness have said the 18-year-old did not struggle with police and was surrendering when he was shot.

But Businessweek is somewhat disingenuous, as witness this from Pacific Standard:

Lockdown Nation

How military-style policing became America’s new normal.

In the fascinating and sometimes terrifying Rise of the Warrior Cop: The Militarization of America’s Police Forces, journalist Radley Balko traces the changes in American policing from colonial times to the present. His focus, though, is law enforcement’s increased reliance on military hardware and strategy in the last 45 years, especially in the form of SWAT (special weapons and tactics) teams.

As recently as 1969, the Los Angeles Police Department had one of the only SWAT teams in the country. Its first raid targeted a group of Black Panthers. Four police officers and four Panthers were shot and wounded. After hours of gunfire, the raid’s leader, Daryl Gates, called the mayor, who received permission from the Department of Defense to use a grenade launcher. “My words seemed unreal,” Gates would later remember. “Anytime you even talk about using military equipment in a civil action, it’s very serious business. You’re bridging an enormous gap.” The Panthers were charged with conspiracy to murder police officers, but acquitted on self-defense grounds. “Practically, logistically, and tactically,” Balko writes, “the raid was an utter disaster. But in terms of public relations, it was an enormous success.”

Paramilitary policing quickly spread across the country. Today there are more than 1,000 U.S. police forces with SWAT or SWAT-type units. In 1980, nationwide, they carried out an average of eight paramilitary raids a day; now there are well over 100. Balko attempts to explain why this happened, and why it matters.

Nextgov has some details:

The Pentagon Gave the Ferguson Police Department Military-Grade Weapons

According to Michelle McCaskill, media relations chief at the Defense Logistics Agency, the Ferguson Police Department is part of a federal program called 1033, in which the Department of Defense distributes hundreds of millions of dollars of surplus military equipment to civilian police forces across the U.S.

That surplus military equipment doesn’t just mean small items like pistols or automatic rifles; towns like Ferguson could become owners of heavy armored vehicles, including the MRAPs used in Afghanistan and Iraq. “In 2013 alone, $449,309,003.71 worth of property was transferred to law enforcement,” the agency’s website states.

All in all, it’s meant armored vehicles rolling down streets in Ferguson and police officers armed with short-barreled 5.56-mm rifles that can accurately hit a target out to 500 meters hovering near the citizens they’re meant to protect.

Glenn Greenwald offers a specific focus at The Intercept:

The Militarization of U.S. Police: Finally Dragged Into the Light by the Horrors of Ferguson

The intensive militarization of America’s police forces is a serious menace about which a small number of people have been loudly warning for years, with little attention or traction. In a 2007 paper on “the blurring distinctions between the police and military institutions and between war and law enforcement,” the criminal justice professor Peter Kraska defined “police militarization” as “the process whereby civilian police increasingly draw from, and pattern themselves around, the tenets of militarism and the military model.”

The harrowing events of the last week in Ferguson, Missouri – the fatal police shooting of an unarmed African-American teenager, Mike Brown, and the blatantly excessive and thuggish response to ensuing community protests from a police force that resembles an occupying army – have shocked the U.S. media class and millions of Americans. But none of this is aberrational.

It is the destructive by-product of several decades of deliberate militarization of American policing, a trend that received a sustained (and ongoing) steroid injection in the form of a still-flowing, post-9/11 federal funding bonanza, all justified in the name of “homeland security.” This has resulted in a domestic police force that looks, thinks, and acts more like an invading and occupying military than a community-based force to protect the public.

And one hopeful response, via BuzzFeed:

Democratic Congressman Will Introduce Police Demilitarization Bill

  • Rep. Hank Johnson pivots off Ferguson to introduce the “Stop Militarizing Law Enforcement Act”

Amid growing criticism of the military-style equipment and tactics deployed by police in Ferguson, Missouri, a Democrat from Georgia plans to introduce the “Stop Militarizing Law Enforcement Act” in Congress next month.

Rep. Hank Johnson asked his all his colleagues Thursday to join him in supporting the bill, which he said in a letter “will end the free transfers of certain aggressive military equipment to local law enforcement and ensure that all equipment can be accounted for.”

Images of assault rifle-carrying camouflaged police riding through Ferguson on military vehicles similar to the IED-resistant equipment used by American armed forces in combat have proven to be a jolt of energy for a long-simmering debate about police militarization.

While the Independent makes a telling point:

America is one nation, still divided: Protests over the shooting of a black teenager could have erupted in any number of US cities

While Ferguson is the latest flashpoint in America’s struggle to overcome a legacy of racial tension going back to slavery, it could just as easily have been somewhere else; Los Angeles, where 24-year-old Ezell Ford, also black, was shot and killed by a police officer on Monday, or perhaps New York, where the death of Eric Garner while in custody, after an officer held him in an illegal chokehold last month, is still fuelling anger.

The grievances still felt by many African-Americans are rooted in the life experiences of many of them, particularly young men, which are also reflected in the sometimes shocking statistics. Statistics just from Ferguson are startling but by no means unique to the town, which, on the edge of downtown St Louis, became majority black after whites fled decades ago to escape rising violence and sinking schools.

Until last weekend, few beyond Ferguson will have known that only three of its 53 police officers are black, even if the community is overwhelmingly more black than white. Or that 483 blacks were arrested in town last year but only 36 whites. Or that blacks, who make up less than two thirds of the driving-age population, account for 86 per cent of all traffic stops by police.

From International Business Times, an intersection of two threads:

Anonymous Twitter Suspended Amid St. Louis Police Hack; Other Anon Accounts Decry Naming Officer

The St. Louis County Police confirmed to multiple outlets Thursday that the department has been hit by a cyberattack, with the agency’s website and emails down since Wednesday. Word of the hack came at the same time Twitter suspended the account of the Anonymous hacker collective, who’ve been feuding with the police online over details withheld in the Mike Brown shooting.

The confirmation also comes after the Ferguson, Missouri, police reported their system was infiltrated, with Anonymous claiming responsibility for briefly rendering the department’s phones and computers useless.

More from The Wire:

Anonymous Stops Releasing Information on Alleged Officer Who Shot Michael Brown

The online activist group Anonymous has threatened to reveal the identity and other personal information of the police officer they say is responsible for the shooting of Michael Brown in Ferguson, Missouri. However, they have called that effort (for now) after denials from St. Louis area police that they had the right person, and after Twitter suspended one of their accounts. No other media outlets have been able to verify whether their information is correct or not. Read below for the latest updates…

The latest:

1:21 p.m.: After switching to a secondary account (@TheAnonMessage), the group that named the alleged shooter says they won’t be releasing any more information for the time being.

The McClatchy Washington Bureau takes us to another scene of conflict and a triumphant declaration:

U.S. declares Yazidi intervention a success, says rescue mission unneeded

The United States military has concluded that there are too few Yazidi refugees still trapped in the mountains of northern Iraq to warrant mounting a potentially risky rescue, the Pentagon said late Wednesday.

Military advisers who earlier in the day visited the Sinjar mountains, where as many as 30,000 people were thought to still be trapped, said that they found “far fewer” Yazidis than expected and that those who were there were in better condition than anticipated. Food and water dropped in recent days have reached those who remain, the Pentagon statement said.

The Pentagon said the visit proved that the actions the United States had taken in recent days had succeeded in preventing the Islamic State from capturing and executing the Yazidis, members of a religious sect that Sunni extremists view as heretics. It said the assessment team encountered no hostile forces during its visit and “did not engage in combat operations.”

While the Guardian foreshadows:

British SAS sent to Iraq on ‘intelligence’ mission before airlift of Yazidi refugees

  • Deployment to Mt Sinjar ahead of US-led rescue of civilians follows plan for RAF to deliver arms to Kurds fighting jihadists

British SAS soldiers have been deployed to northern Iraq to “gather intelligence” ahead of any potential rescue operation, led by the US, to airlift thousands of Yazidi refugees from Mount Sinjar.

In the most dramatic sign of Britain’s growing involvement in the Iraqi crisis, the SAS soldiers have moved to the region near Mount Sinjar where US special forces are coordinating the rescue effort.

Last night, a small team from the US landed on Mount Sinjar to assess the situation, and said that an evacuation mission was less likely as “there are far fewer Yazidis on Mount Sinjar than previously feared”, according to Pentagon press secretary Rear Admiral John Kirby.

Deutsche Welle covers a related development:

Morocco breaks up recruitment cell for ‘Islamic State’

  • Moroccan police have dismantled a jihadist network suspected of recruiting volunteers to fight with the radical “Islamic State” group in Iraq and Syria. The operation was carried out with help from authorities in Spain.

The Moroccan Interior Ministry said on Thursday that it had broken up a network that was used to recruit and send volunteers to fight with the “Islamic State” (IS) in Iraq and Syria.

“The operation, based on detailed investigations carried out in close collaboration with Spain, stems from a proactive security approach aimed at battling terrorist threats,” a ministry statement said.

According to Moroccan police, the group was operating in the Moroccan cities of Fez and Tetouan, as well as the town of Fnideq, close to the Spanish exclave of Ceuta.

On to rampant Orwellianism, first with the New York Times:

Reagan-Era Order on Surveillance Violates Rights, Says Departing Aide

After President Obama delivered a speech in January endorsing changes to surveillance policies, including an end to the National Security Agency’s bulk collection of Americans’ domestic calling records, John Napier Tye was disillusioned.

A State Department official, Mr. Tye worked on Internet freedom issues and had top-secret clearance. He knew the Obama administration had also considered a proposal to impose what an internal White House document, obtained by The New York Times, portrayed as “significant changes” to rules for handling Americans’ data the N.S.A. collects from fiber-optic networks abroad. But Mr. Obama said nothing about that in his speech.

So in April, as Mr. Tye was leaving the State Department, he filed a whistle-blower complaint arguing that the N.S.A.’s practices abroad violated Americans’ Fourth Amendment rights. He also met with staff members for the House and Senate intelligence committees. Last month, he went public with those concerns, which have attracted growing attention.

While Techdirt notes another development:

Newly Released Documents Show NSA Abused Its Discontinued Internet Metadata Program Just Like It Abused Everything Else

  • from the so,-more-of-the-same,-then? dept

James Clapper’s office (ODNI) has released a large batch of declassified documents, most of which deal with the NSA’s discontinued Section 402 program. What this program did was re-read pen register/trap and trace (PR/TT) statutes to cover internet metadata, including sender/receiver information contained in email and instant messages. (Not to be confused with the Section 702 program, which is still active and harvests internet communications.)

Notably, this marks only the second time that the ODNI has acknowledged the document release has been compelled by a FOIA lawsuit.

Following a declassification review by the Executive Branch, the Department of Justice released on August 6, 2014, in redacted form, 38 documents relating to the now-discontinued NSA program to collect bulk electronic communications metadata pursuant to Section 402 of the FISA (“PRTT provision”). These documents are also responsive to a Freedom of Information Act request by the Electronic Privacy Information Center.

As EPIC’s site notes (and the ODNI’s doesn’t), the program was authorized in 2004, but no legal justification was provided to Congressional oversight until a half-decade later

And Nextgov adds a touch of the Kafkaesque:

Watchdog: The FBI Spied on the Wrong People Because of Typos

The FBI unintentionally spied on the communications data of some Americans who were not targets of investigations because of typographical errors, according to a government watchdog.

The Justice Department’s inspector general concluded in a report Thursday that the FBI has improved its overall handling of national security letters, which permit the agency to collect telephone and Internet data of suspects believed to be tied to a national security investigation.

But the inspector general identified a number of areas that “require additional effort and attention,” such as a tendency to collect data on the wrong person because of routine mistakes.

From The Hill, another bizarre revelation:

IRS wrongly allowed contractors access to sensitive data

IRS contractors without background checks had access to sensitive information, potentially putting confidential taxpayer data at risk, according to a federal audit.

The Treasury inspector general for tax administration found more than a dozen cases in which the IRS awarded contracts that required access to taxpayer information without background investigations or before those checks were completed.

Under IRS policy, background checks are mandatory for contractors who work with that kind of data.

More from Nextgov:

IRS Gave Sensitive Data to Convict Sentenced to 21 Years

At the IRS, contractors hired for courier, printing, document recovery, and sign language and interpreter services who accessed sensitive information had not undergone investigations, which is a policy violation.

A Treasury Inspector General for Tax Administration report released today details several situations where employees had ample opportunity to steal data.

In one, a courier who daily delivered IRS documents and mail to post offices and other locations had previously served 21 years in prison for arson, retaliation and attempted escape.

The Intercept takes action:

Five Muslim-Americans Sue Feds Over Watchlisting

Relying in part on recent Intercept reporting on the vast breadth of the government’s watchlisting system, several Muslim Americans filed a complaint in a Michigan federal court today, arguing that they have been wrongly ensnared in an unaccountable system without any opportunity to defend themselves.

Citing “recent media accounts,” including secret government documents published exclusively by The Intercept, the complaint claims that the plaintiffs—five men on the terror watchlist—have been falsely stigmatized and punished without trial by a system motivated by “bigotry and misguided, counterproductive zeal.”

“This lawsuit is an expression of anger grounded in law,” the 28-page complaint begins. “Our federal government is imposing an injustice of historic proportions upon the Americans who have filed this action, as well as thousands of others.”

From the London Telegraph, a fascinating tale:

Google removes Telegraph stories about explosives arrests

  • Google has removed links to two Telegraph articles, each more than a decade old, describing arrests for possession of explosives after receiving requests under the EU’s ‘right to be forgotten’

Google has removed links to two Telegraph articles from certain search results describing arrests for possession of explosives after receiving requests under the EU’s ‘right to be forgotten’.

The first story is a news article from June 2001 reporting that three men had appeared in court after being arrested when explosives were found in a Dublin apartment.

The three men had been seen looking at something in a car, then refused to stop when police later attempted to pull them over. Inside the car were balaclavas and plastic boxes with switches attached to them, which “could be used as incendiary devices”.

Follow-up searches of a number of homes found explosives and similar equipment to that found in the car.

The second story is a collection of brief articles, one of which refers to the case above.

On to the hacking front, first with the National Post:

Several rallies planned to support alleged hacker Matt DeHart before his Canadian refugee hearing

The bizarre case of a former U.S. airman seeking asylum in Canada — claiming he was tortured by U.S. authorities probing his links to the shadowy Anonymous hacker collective — is sparking protest rallies and an international day of action.

Matt DeHart, 30, is in prison in Ontario awaiting an Aug. 20 refugee hearing in Toronto during which he will argue his claim for refugee protection.

“It is a very serious case that could set a lot of dangerous precedents for activists, hacktivists whistleblowers and journalists,” said Stacie Te Korako, director of #FreeMattDeHart, a support group based in New Orleans.

SecurityWeek covers another front:

Ukrainian Hackers Claim Attack on Polish Websites

Ukrainian hackers hostile to the government claimed Thursday to have launched a cyber attack against the websites of Poland’s presidency and the Warsaw Stock Exchange.

The hacker group Cyber Berkut said it blocked the sites, both down on Thursday afternoon, in response to what it said were Poland’s actions as “sponsors of fascism in Ukraine”.

“Our western neighbour on orders from Washington renders political, diplomatic and military assistance to nationalists and oligarchs who destabilise and wreck Ukraine,” the group alleged on its website.

SecurityWeek again, charting a hack attack whack:

Lockheed: Attackers Went Quiet After APT1 Report Exposed Chinese Hackers

Threat actors targeting Lockheed Martin immediately halted their cyberattacks against the defense contractor following the release of Mandiant’s APT1 report, Lockheed executives said Wednesday.

In February 2013, Mandiant released its bold, unprecedented report that made direct allegations and exposed a multi-year, massive cyber state-sponsored espionage campaign from a unit of China’s People’s Liberation Army (PLA).

The threat actor group, dubbed APT1 by FireEye-owned Mandiant, is alleged to be one of the most persistent of China’s cyber threat actors, which the security firm claims has “systematically stolen hundreds of terabytes of data” from at least 141 organizations.

China Daily tracks another web crackdown that could make a reader Yelp!:

Micro-blogger in court charged with spreading rumors

A popular Chinese micro-blogger went on trial on Thursday for allegedly spreading rumors to attract followers and helping others delete posts for profit.

Yang Xiuyu, founder of Erma Co and with the online identity Lier Chaisi, was accused of illegal business operations after receiving 531,200 yuan ($86,312) for helping people remove Internet posts and publish rumors, according to Beijing Chaoyang District People’s Court.

Yang, 41, from Northeast China’s Jilin province, was charged with running the illegal operation between May 2012 and September 2013, the court said.

From the Independent, bids to cop a deal:

Chief Constable bombarded with offers for private contracts

One of Britain’s most senior police officers has repeatedly rebuffed attempts by former service colleagues to use their contacts to push for contracts on behalf of their new private sector employers.

Lynne Owens, the Chief Constable of Surrey Police, said that she had been “bombarded” with requests for meetings from people who used to work in policing to tap into the £2.3bn market in private police services.

Industry watchers say the approaches signal a new drive by security companies for deals with police forces after the political furore died down over the failure of the world’s biggest security company G4S to supply enough security staff for the 2012 Olympics. Under pressure from 20 per cent budget cuts, some police forces have done deals with outside companies for technology, human resources and detention services.

On the drone front, there’s this from Aviation Week & Space Technology:

France, U.K. Move Toward Joint UCAV

  • UCAV feasiblity study renews French-British aerospace industry cooperation

New low-observable technologies, a highly reliable turbofan engine and multifunction radar are among the technologies that could be destined for an Anglo-French unmanned combat air vehicle (UCAV) in the 2030s.

A two-year feasibility study, signed by defense ministers from the two countries at the Farnborough air show last month, could mark the return to an era of close cooperation between the British and French aerospace industries not seen since the development of the Concorde in the 1960s.

Now more details have emerged of some of the ambitious capabilities and technologies being envisaged for the Future Combat Air System (FCAS), which both nations hope will give them a leading edge in air power and defense exports in the coming decades.

After the jump, it’s off to Asia with an allegation of a seditious Like and a non-illegal ISIS fan club, tensions in Pakistan, and the latest in the Game of Zones, including Korean missiles and a papal plea, Chinese arms developments, another “comfort women” demand, Japanese protests, Russo-Japanese tensions, the real Men in Black, and much, much more. . . Continue reading

Quote of the day: Snowden’s decisive moment


From “The Most Wanted Man in the World,” a superb Wired report on Edward Snowden by James Bamford, the writer who ongoing documentation of the National Security Agency gave American’s their first in-depth look at the nation’s spookiest outfit:

On March 13, 2013, sitting at his desk in the “tunnel” surrounded by computer screens, Snowden read a news story that convinced him that the time had come to act. It was an account of director of national intelligence James Clapper telling a Senate committee that the NSA does “not wittingly” collect information on millions of Americans. “I think I was reading it in the paper the next day, talking to coworkers, saying, can you believe this shit?”

Snowden and his colleagues had discussed the routine deception around the breadth of the NSA’s spying many times, so it wasn’t surprising to him when they had little reaction to Clapper’s testimony. “It was more of just acceptance,” he says, calling it “the banality of evil”—a reference to Hannah Arendt’s study of bureaucrats in Nazi Germany.

“It’s like the boiling frog,” Snowden tells me. “You get exposed to a little bit of evil, a little bit of rule-breaking, a little bit of dishonesty, a little bit of deceptiveness, a little bit of disservice to the public interest, and you can brush it off, you can come to justify it. But if you do that, it creates a slippery slope that just increases over time, and by the time you’ve been in 15 years, 20 years, 25 years, you’ve seen it all and it doesn’t shock you. And so you see it as normal. And that’s the problem, that’s what the Clapper event was all about. He saw deceiving the American people as what he does, as his job, as something completely ordinary. And he was right that he wouldn’t be punished for it, because he was revealed as having lied under oath and he didn’t even get a slap on the wrist for it. It says a lot about the system and a lot about our leaders.” Snowden decided it was time to hop out of the water before he too was boiled alive.

Accompanying the article are two videos, posted online.

First, a scenesetter, featured Bamford and Platon, the very talented photographer whose mostly black-and-white images accompany the story.

From Wired:

The Most Wanted Man in the World: Behind the Scenes with Edward Snowden

Program note:

It took almost a year to arrange to interview and photograph Edward Snowden in Moscow, where he has sought asylum. Author James Bamford and photographer Platon reflect back on their encounters with the elusive whistleblower.

And the second video, consisting of Snowden’s voice and Platon’s images:

The Most Wanted Man in the World: Edward Snowden in His Own Words

Program note:

Dispatched to Moscow, famed portrait photographer Platon captured a never-before-seen side of Edward Snowden for WIRED. In this riveting montage, the elusive whistleblower explains the thinking behind his decision to reveal the extent of domestic surveillance being conducted by US intelligence services.

InSecurityWatch: Bombs, spies, hacks, zones


Bit under the weather, so two day’s worth of headlines from the realms of spies, hacks, privacy, and the geopolitical Game of Zones underway in Europe.

We’re using just a couple of stories form the escalating Iraqi debacle, given the wide coverage in the mainstream press. First up, this from Sky News:

US Military: Airstrikes ‘Won’t Stop ISIS’

  • Islamist militants in Iraq will continue to seize territory and attack security forces despite airstrikes, the US warns.

Islamic militants fighting in northern Iraq are unlikely to be stopped by targeted airstrikes, a US general has warned.

Joint staff operations director Lieutenant General William Mayville told a news conference that 15 airstrikes on Islamic State (IS) positions were focused initially on protecting US facilities and citizens, as well as aiding the humanitarian mission.

He said: “These airstrikes have helped check the advance of missile forces around Mount Sinjar and in the area west of Irbil.

And the New York Times offers a timely reminder:

U.S. Actions in Iraq Fueled Rise of a Rebel

  • Baghdadi of ISIS Pushes an Islamist Crusade

When American forces raided a home near Falluja during the turbulent 2004 offensive against the Iraqi Sunni insurgency, they got the hard-core militants they had been looking for. They also picked up an apparent hanger-on, an Iraqi man in his early 30s whom they knew nothing about.

The Americans duly registered his name as they processed him and the others at the Camp Bucca detention center: Ibrahim Awad Ibrahim al-Badry.

That once-peripheral figure has become known to the world now as Abu Bakr al-Baghdadi, the self-appointed caliph of the Islamic State in Iraq and Syria and the architect of its violent campaign to redraw the map of the Middle East.

From the Washington Post, adding yet more arms to the pile:

U.S. sending weapons directly to Kurdish forces, officials say

The U.S. government has begun to funnel weapons directly to Kurdish forces fighting Islamist militants in northern Iraq, U.S. officials said Monday, deepening American involvement in a conflict that the Obama administration had long sought to avoid.

The decision to arm the Kurds, via a covert channel established by the CIA, was made even as Pentagon officials acknowledged that recent U.S. airstrikes against the militants were acting only as a temporary deterrent and were unlikely to sap their will to fight.

“I in no way want to suggest that we have effectively contained, or that we are somehow breaking, the momentum of the threat,” said Army Lt. Gen. William C. Mayville Jr., the director of operations for the Joint Chiefs of Staff.

More Indonesian blowback from the Jakarta Globe:

Maluku Police Arrest Four Students Over Alleged ISIS Ties

  • Maluku Police have arrested four high school students in Ambon for alleged ties with the Islamic State of Iraq and Syria.

“I was reported last night [Sunday] by the police that four students were arrested because of their ties to ISIS,” Maluku Governor Said Assagaff was quoted as saying by newsportal Harianterbit.com on Monday. “They have to be intensively questioned to find out to what extent they were involved and what were their exact roles.”

One of the suspects is a junior high school student, while the other three were senior high school students.

“The junior high school student is still very young, so [he’s] easy to provoke. Therefore [this case] needs to be handled seriously,” Said told the state-run Antara news agency on Monday.

On to that agency that gives everyone the shivers, first with the Wall Street Journal:

Surveillance Court Judge Criticized NSA ‘Overcollection’ of Data

  • Decision Offers Scathing Assessment of Agency’s Management of Internet-Surveillance Program

Newly declassified court documents show one of the National Security Agency’s key surveillance programs was plagued by years of “systemic overcollection” of private Internet communications.

A 117-page decision by Judge John Bates of the Foreign Intelligence Surveillance Court offers a scathing assessment of the NSA’s ability to manage its own top-secret electronic surveillance of Internet metadata—a program the NSA scrapped after a 2011 review found it wasn’t fulfilling its mission.

The newly declassified documents suggest another possible reason for its demise. The surveillance agency struggled to collect metadata, such as the “to” and “from” information of an email, without also collecting other information, such as the contents or partial contents of such communications, information that is supposed to be beyond what it legally is permitted to gather.

Reuters covers up:

U.S. can keep court orders, phone cos secret in NSA spy case

The U.S. government need not turn over a secret surveillance court’s orders or the names of phone companies helping it collect call records, because it might reveal methods needed to protect national security, a federal judge decided on Monday.

U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, rejected the Electronic Frontier Foundation’s argument that the U.S. Department of Justice should turn over the materials, in the wake of unauthorized disclosures last year by a former National Security Agency contractor, Edward Snowden.

The EFF noted that the government had already declassified hundreds of pages of other documents discussing data collection under the U.S. Patriot Act, including some that the data privacy advocacy group had requested. These declassifications came after Snowden’s leaks had been revealed.

While The Intercept covers boosterism:

NPR Is Laundering CIA Talking Points to Make You Scared of NSA Reporting

On August 1, NPR’s Morning Edition broadcast a story by NPR national security reporter Dina Temple-Raston touting explosive claims from what she called “a tech firm based in Cambridge, Massachusetts.” That firm, Recorded Future, worked together with “a cyber expert, Mario Vuksan, the CEO of ReversingLabs,” to produce a new report that purported to vindicate the repeated accusation from U.S. officials that “revelations from former NSA contract worker Edward Snowden harmed national security and allowed terrorists to develop their own countermeasures.”

The “big data firm,” reported NPR, says that it now “has tangible evidence” proving the government’s accusations. Temple-Raston’s four-minute, 12-second story devoted the first 3 minutes and 20 seconds to uncritically repeating the report’s key conclusion that “just months after the Snowden documents were released, al-Qaeda dramatically changed the way its operatives interacted online” and, post-Snowden, “al-Qaeda didn’t just tinker at the edges of its seven-year-old encryption software; it overhauled it.” The only skepticism in the NPR report was relegated to 44 seconds at the end when she quoted security expert Bruce Schneier, who questioned the causal relationship between the Snowden disclosures and the new terrorist encryption programs, as well as the efficacy of the new encryption.

With this report, Temple-Raston seriously misled NPR’s millions of listeners. To begin with, Recorded Future, the outfit that produced the government-affirming report, is anything but independent. To the contrary, it is funded by the CIA and U.S. intelligence community with millions of dollars. Back in 2010, it also filed forms to become a vendor for the NSA. (In response to questions from The Intercept, the company’s vice president Jason Hines refused to say whether it works for the NSA, telling us that we should go FOIA that information if we want to know. But according to public reports, Recorded Future “earns most of its revenue from selling to Wall Street quants and intelligence agencies.”)

Defense One braves a new frontier:

Navy Chief Says the Future of War Lies in ‘Information Dominance’

Chief of Naval Operations Adm. Jonathan Greenert views “information dominance” as key to the future of warfare while the service’s new transformation framework calls for development of a “data-savvy” workforce.

Speaking at a ceremony last Thursday at which Rear Adm. David Lewis took command of the Space and Naval Warfare Systems Command in San Diego, Greenert said: “SPAWAR is the technical agent for information dominance, we know that. It is also the technical agent for a new era in Navy and naval warfare. Control of the information is going to be the key to the future.”

That control includes electronic warfare systems. Greenert focused on shortcomings in jamming systems used by the EA-18G “Growler” electronic attack aircraft in his SPAWAR speech.

Here’s another kind of “information dominance,” via the Guardian:

Kuwaiti media owner is stripped of his citizenship

The owner of a newspaper and TV outlet is one of five people who have been stripped of their citizenship by the Kuwaiti authorities.

It means that Ahmed Jabr al-Shammari, proprietor of the independent Alam Al-Yom newspaper and the Al-Yom television station, has been rendered stateless.

The decision, a parliamentary decree, was announced by the Kuwait news agency on 21 June 2014 following a call by the Kuwaiti cabinet for a crackdown on people who “undermine the country’s security and stability.”

But it has only just emerged through Human Rights Watch (HRW) in an interview with al-Shammari, who explained that the revoking of citizenship was based on Kuwait’s nationality law.

Defense One again, this time with a piece by a former Obama Pentagon official:

The U.S. Needs More Drones

Al-Qaeda is morphing and metastasizing, spreading like a cancer in an arc of jihadism from the deserts of Northern Mali through Libya, Nigeria, Somalia, Yemen, Syria, and Iraq. Islamic extremists continue to gain ground in Iraq, and President Barack Obama has authorized more than a dozen airstrikes as fighters with the Islamic State of Iraq and the Levant threaten to take Irbil, the capital of Iraqi Kurdistan.

Meanwhile, the Defense Department is cutting one of the most vital tools against this threat: loitering unmanned aircraft, aka drones, to provide persistent surveillance of terrorist networks.

While DOD has had drones flying over Iraq for over a month, a drastic shortfall in global supply means that their presence in Iraq is at the expense of another vital mission elsewhere. And yet not only is DOD not moving to address this shortfall, it is taking steps to reduce its drone fleet, a dangerous move that will make it harder to keep tabs on a growing and changing terrorist threat.

From the Associated Press, getting dope the old fashioned way, illegally:

DEA improperly paid $854,460 for Amtrak passenger lists

The Drug Enforcement Administration paid an Amtrak secretary $854,460 over nearly 20 years to obtain confidential information about train passengers, which the DEA could have lawfully obtained for free through a law enforcement network, The Associated Press has learned.

The employee was not publicly identified except as a “secretary to a train and engine crew” in a report on the incident by Amtrak’s inspector general. The secretary was allowed to retire, rather than face administrative discipline, after the discovery that the employee had effectively been acting as an informant who “regularly” sold private passenger information since 1995 without Amtrak’s approval, according to a one-paragraph summary of the matter.

On Monday, the office of Amtrak Inspector General Tom Howard declined to identify the secretary or say why it took so long to uncover the payments. Howard’s report on the incident concluded, “We suggested policy changes and other measures to address control weaknesses that Amtrak management is considering.” DEA spokesman Matt Barden declined to comment.

TheLocal.dk covers reconsideration:

Denmark to reconsider its terror laws

Following through on a 2011 promise, the government will appoint a commission to look at the effectiveness of national terror laws and their effects on residents’ rights.

The Danish government will set up a commission to examine the effects of the nation’s anti-terror laws on personal rights and freedoms.

The tax minister, Morten Østergaard, announced the move on Tuesday.

“In the words of former Norwegian Prime Minister Jens Stoltenberg, it is important that we don’t trample the same freedoms we are trying to defend,” Østergaard told Politiken.

From Ars Technica, more digital spookery:

Espionage programs linked to spying on former Soviet targets

  • Same malware was previously linked to attacks on US and European targets

A one-two combination of malware programs has infiltrated the embassies and government systems of a number of former Eastern Bloc nations as well as European targets, according to a technical analysis by security researchers.

Using exploits and malicious downloads delivered through phishing attacks or on compromised websites, attackers first infect a system with a program, known as Wipbot, according to an analysis posted by security firm Symantec on Friday. The program conducts initial reconnaissance, collecting system information and only compromising systems that correspond with a specific Internet address. After the target is verified, a second program—alternatively known as Turla, Uroburos, and Snake—is downloaded to further compromise the system, steal data, and exfiltrate information camouflaged as browser requests.

The one-two combination has all the hallmarks of a nation-state intelligence gathering operation targeting the embassies of former Eastern Bloc countries in Europe, China, and Jordan, according to Symantec.

While IDG News Service covers hacks at home:

Many home routers supplied by ISPs can be compromised en masse, researchers say

Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.

By gaining access to such servers, hackers or intelligence agencies could potentially compromise millions of routers and implicitly the home networks they serve, said Shahar Tal, a security researcher at Check Point Software Technologies. Tal gave a presentation Saturday at the DefCon security conference in Las Vegas.

At the core of the problem is an increasingly used protocol known as TR-069 or CWMP (customer-premises equipment wide area network management protocol) that is leveraged by technical support departments at many ISPs to remotely troubleshoot configuration problems on routers provided to customers.

PCWorld has more:

Fifteen new vulnerabilities reported during router hacking contest

Routers appear to be as insecure as ever, after hackers successfully compromised five popular wireless models during a contest at the DefCon 22 security conference, reporting 15 new vulnerabilities to affected vendors.

The SOHOpelessly Broken contest pitted hackers against 10 router models from different manufacturers: Linksys EA6500, ASUS RT-AC66U, TRENDnet TEW-812DRU, Netgear Centria WNDR4700, Netgear WNR3500U/WNR3500L, TP-Link TL-WR1043ND, D-Link DIR-865L, Belkin N900 DB and the Open Wireless Router firmware developed by the Electronic Frontier Foundation (EFF).

There were three challenges. In one researchers had to demonstrate unpatched—zero-day—vulnerabilities in the preselected devices, and received points based on their criticality. The second challenge was a capture-the-flag-style game in which contestants had to hack into routers running known vulnerable firmware to extract sensitive information, and the third was a similar surprise challenge targeting a router from Asus and one from D-Link.

And from Network World, non-reassurance:

Study finds firmware plagued by poor encryption and backdoors

The first large-scale analysis of a fundamental type of software known as firmware has revealed poor security practices that could present opportunities for hackers probing the “Internet of Things.”

Firmware is a type of software that manages interactions between higher-level software and the underlying hardware, though it can sometimes be the only software on a device. It’s found on all kinds of computer hardware, though the study focused on embedded systems such as printers, routers and security cameras.

Researchers with Eurecom, a technology-focused graduate school in France, developed a web crawler that plucked more than 30,000 firmware images from the websites of manufacturers including Siemens, Xerox, Bosch, Philips, D-Link, Samsung, LG and Belkin.

Frontera NorteSur covers discontent to the south:

Indigenous Mexico Rising Again

Representatives of Mexico’s indigenous peoples have issued a new declaration and announced upcoming mobilizations to further their cause.  Unveiled on August 9, the UN-celebrated International Day of the World’s Indigenous People, the declaration followed a week-long meeting between the Zapatista National Liberation Army (EZLN) and National Indigenous Congress (CNI) in the southern Mexican border state of Chiapas.

Detailing 29 points, the Declaration of the Plundering of Our Peoples blasted the Pena Nieto Administration, big corporations and capitalism in general for threatening the culture and survival of indigenous peoples.

Couched in historical terms that reference the sacrifices made by indigenous people and small farmers for a Mexico that was denied to them,  the statement was read by Venustiano Vazquez Navarette, indigenous resident of Tepotzlan, Morelos, in the Zapatista base community of La Realidad.

It read in part:  “Capitalism has grown from plunder and exploitation since the beginning.  Invasion and plunder are the words that best describe what is called the conquest of America, plunder and robbery of our lands, our territories, our knowledge, our culture.  Plunder accompanied by war, massacres, jail, death and more death…”

And Brazzil Magazine benefits from blowback:

Brazil Talks About a Revolution in Exports After Russia’s Embargo on US’s and EU’s Produce

Russian president Vladimir Putin Russia’s announcement about its embargo on agriculture products from the US and Europe opens “a great window of opportunities for Brazil” to get into the Russian market, says Secretary for Agricultural Policy Seneri Paludo from the Ministry of Agriculture, Livestock and Supply.

Russia has imposed a ban on imported food products from European countries and the US in response to their economic sanctions against Moscow over its involvement in the Ukrainian war. This embargo includes beef, pork, chicken, fish, cheese, milk, vegetables and fruit originated from the US, the European Union and also Australia, Canada and Norway.

“From the point of view of Brazilian agriculture policy, this is positive,” stated the secretary, because “Russia is a big consumer not only of grains but also of meat.” In his view, Russia’s move may result in a “revolution” in Brazil’s meat, corn and soy exports.

After the jump, the latest from the Asian Game of Zones, including expanding arsenals, political posturing [domestic, regional and trans-Pacific], dirty war deaths, historical assertions, and much, much more. . . Continue reading

InSecurityWatch: Bombs, blather, zones, spooks


Lots of ground to cover, and we’ll start with the biggest story, the latest violent blowback for American violence, the little war we waged on a false pretext to satisfy deeper geopolitical motivations.

First, we turn to the Los Angeles Times for the latest in imperial hubris:

Obama sets ambitious goals for Iraq intervention

President Obama said Saturday that U.S. forces will seek to deny a safe haven to “barbaric terrorists” in Iraq and will help create a humanitarian corridor to rescue thousands of religious refugees trapped on a mountaintop, broadening his goals for the latest U.S. intervention in Iraq.

Speaking on the White House South Lawn, the president also suggested that the airstrikes by U.S. Navy fighter jets and Predator drones against Islamist militants that began Friday near the major city of Irbil won’t be a short-term operation.

The U.S. is prepared, he said, to continue bombing the fighters of Islamic State, an Al Qaeda breakaway group, as long as thousands of Americans living and working in Irbil are threatened. “We’re going to maintain vigilance and ensure that our people our safe,” the president said, before departing for Martha’s Vineyard on a family vacation.

More from Deutsche Welle:

Obama declines to put timeframe on Iraq operation

  • US President Barack Obama has declined to say how long the current American military operations in Iraq will likely continue. He also said the crisis could only be resolved after a unified Iraqi government is in place

Speaking to reporters on the South Lawn of the White House on Saturday, President Barack Obama said airstrikes, which US forces began carrying out on Friday, had “successfully destroyed arms and equipment “ used by a group of militants who call themselves the “Islamic State” (IS). Obama said that the US had “stepped up” military assistance to Kurdish forces fighting the Sunni extremists near the northern Iraq city of Irbil.

The US president said an operation to provide humanitarian aid through airdrops to members of Iraq’s Yazidi religious minority trapped on Sinjar mountain would continue. The Yazidis were left without food or water after taking refuge on the mountain to escape IS militants advancing into the city of Sinjar one week ago.

Obama also said he had secured the support in that humanitarian operation of British Prime Minister David Cameron and French President Francois Hollande.

And the predictably belligerent response from the London Daily Mail:

‘A message from ISIS to the US’: Islamist militants tweet gruesome images of dead American soldiers and vow to blow up embassies as terrorist convoy is wiped out in SECOND round of airstrikes

WARNING: GRAPHIC CONTENT: Militants who support the terror group ISIS tweeted threats to America on Friday after Barack Obama began airstrikes in Iraq

  • Some warn of car bombs at embassies while others taunt US military personnel with death threats
  • A handful of biting retorts have mocked the ham-fisted attempt to use social media as a tool of war
  • Tweets coincided with first U.S. airstrikes authorized by Obama to protect American staff and relief efforts
  • Food and water supplies have been airdropped to 50,000 refugees trapped on mountain
  • ISIS have been accused of taking hundreds of women hostage

Supporters of the ISIS terror group tweeted thousands of messages on Friday bearing the hashtag #AmessagefromISIStoUS featuring gruesome photos and threats to U.S. soldiers and citizens after American airstrikes took out terrorist targets in Iraq for the first time.

Some tweeted photos depict dead U.S. Army soldiers, U.S. marines hung from bridges in Fallujah, decapitated men, human heads on spikes, and the twin towers in flames on September 11, 2001.

‘This is a message for every American citizen,’ read one message sent with the hashtag. ‘You are the target of every Muslim in the world wherever you are.’

From the McClatchy Washington Bureau, a question:

New Iraq mission’s tough question: What does U.S. do if Islamic State survives?

“The words ‘limited’ and ‘deterrence’ don’t belong in the same sentence. There has to be the threat of a disproportionate size,” said Christopher Harmer, a senior naval analyst for the Washington-based Institute for the Study for War. “ISIS is not going to respond to limited strikes. They understand the West is reluctant to get involved.”

Senior military officials, speaking on condition of anonymity because they weren’t authorized to speak to a reporter, conceded as much, with one explaining: “There is probably some gray area” in the latest U.S. effort in Iraq.

Part of the concern is based on the most recent “limited” mission the Obama administration undertook on behalf of a besieged group: Libya. In 2011, as residents of Benghazi, Libya, faced an imminent attack from forces loyal to the country’s leader, Moammar Gadhafi, the U.S. announced it would intervene as part of a NATO mission to protect civilians from harm. The effort was billed as humanitarian, but it ended up toppling Gadhafi and leading to his death and empowering Islamist militias that now control much of the country. Libya is convulsed in a civil war between those Islamists and secular forces, the U.S. ambassador and three other Americans were killed in an attack in Benghazi in 2012, and last month the United States evacuated its embassy in Tripoli, the country’s capital.

And from the McClatchy Washington Bureau again, another question:

When is it genocide? U.S. interests help decide

Obama’s use of the word genocide _ which was echoed on Thursday by Secretary of State John Kerry _ is extremely unusual, said Jonas Claes, a conflict analyst for the United States Institute of Peace.

Claes couldn’t recall any other time during Obama’s presidency when he had used the term to describe current events.

Usually presidents dance around the word because it implies a legal responsibility to act, Claes said.

Meanwhile, the tragic legacy of using vaccination programs as covers for spooky operations continues to unfold, reports the Express Tribune in Karachi, Pakistan:

Unavailability of security cover forces polio drive in Quetta to be postponed

Despite the first reported case of polio in over a year in Balochistan surfacing last month, the government has been forced to postpone its immunisation drive in parts of the crisis hit province since it cannot provide security.

A three day anti-polio drive scheduled for Quetta and Pishin from August 11 to August 13 has been postponed.

With the security focus on Independence’s day celebrations, the government apparently can’t spare enough forces to safely oversee the immunization drive.

From the London Daily Mail, fuel poised for a toss into the flames:

The Spark that ignites quite a fire:’ Imminent release of CIA ‘torture’ report could put Americans and embassies in harm’s way, warn intelligence officials

  • National Intelligence Council pressures White House against the release of information on CIA interrogation techniques
  • Officials say the report could inflame anti-US passions in the Middle East
  • Sen. Dianne Feinstein remains locked in battle with the Obama administration over redactions that ‘obscure key facts’ in the report
  • The report shows CIA techniques were ‘far more brutal than previously understood’

American citizens and embassies could be at risk of attacks if the US Senate releases a lengthy intelligence report on CIA interrogation techniques.

The warning comes from the National Intelligence Council, which is pressuring the White House to keep the report under wraps to avoid inflaming anti-US passions abroad, lest more violence breaks out throughout the Middle East, reported Yahoo News.

‘It doesn’t take a rocket scientist to figure out if you release a report like this at a time when terrorism is surging all over the Mideast you are handing the other side a recruitment tool,’ ex-CIA Director John McLaughlin told the news outlet. ‘It’s blindingly obvious.’

On to the desperation of the outfit once dubbed No Such Agency, via Reuters:

NSA, struggling to recruit top talent, turns to Silicon Valley

The U.S. National Security Agency is turning to Silicon Valley for topflight talent, but first it has to rebuild trust.

Anne Neuberger, special assistant to NSA Director Michael Rogers, said this week she feared the agency would no longer be able to recruit top technologists, since former contractor Edward Snowden blew the lid off the extent of its spying activities.

At a seminar organized by the non-profit LongNow Foundation in San Francisco, she extended a plea to an audience replete with tech workers to consider a career in government, or at least apply for a fellowship.

And some NSA blowback from TheLocal.de:

Berlin seeks names of secret service agents

Berlin has asked all foreign diplomatic missions to provide names of secret service agents working in Germany, according to a media report on Friday, amid a rift with Washington over allegations of US spying.

Contacted by AFP, the German foreign ministry did not refute the report, originally published in Der Spiegel, which said that a note has been sent to embassies asking them for “lists of names of all active agents”.

The move came about a month after Germany ordered the Berlin CIA station chief to leave the country in an unprecedented show of anger after uncovering two cases of suspected US spying, hot on the heels of mass surveillance by the National Security Agency (NSA).

The Spiegel report said the circular to embassies was sparked by Berlin’s frustration over Washington’s repeated denials that its agents were operating in Germany.

For a change, some increased security from El País:

Ministry to cut bodyguard protection to minimum levels as ETA threat recedes

  • Protection will gradually be withdrawn from more than 1,500 public figures, saving millions of euros

The Spanish Interior Ministry says that it is to begin withdrawing armed protection for senior members of the former Socialist Party administration, along with that given to other public figures and journalists. The announcement reflects confidence that Basque terrorist organization ETA no longer represents a threat, and will see some 200 police bodyguards and around 30 vehicles return to normal duties.

When Popular Party Prime Minister Mariano Rajoy took office in late 2011, more than 1,600 officials were under police protection. In most other European countries, that figure is usually around 30, and applies only to senior members of government and other institutional posts.

In March 2012, the secretary of state for security said that “given the ostensible reduction in the threat from ETA,” it would be cutting back on the number of bodyguards, a process that has gradually been underway since.

The Latin American Herald Tribune covers security sought:

Busy Mexican Highway Blocked by Protesters

The expressway linking the Mexican capital with the Pacific resort city of Acapulco was re-opened early Friday after being blocked for more than 10 hours by peasants demanding that authorities do more to fight crime, the Guerrero state government said.

Members of the Union of Towns and Organizations of Guerrero blocked the expressway outside Chilpancingo, the state capital, at some 200 kilometers (120 miles) south of Mexico City.

Authorities agreed to install a round-table to review the peasants’ demands, as a result of which the blockade was removed after about 10 hours, the Guerrero Public Safety Office said.

And from the Mainichi, digital stalking:

Stalkers use GPS devices to track down victims

In recent years, there have been multiple instances of stalkers using global positioning system (GPS) devices to track down victims and police are urging people who feel they are being stalked to quickly contact authorities.

According to Akiko Kobayakawa, head of the anti-stalking NPO Humanity, even when victims take all the steps available for them to flee, such as putting restrictions on the viewing of their resident’s card, there have been many instances recently where stalkers have located them. “There has been an increase in cases where GPS trackers are used,” says Kobayakawa.

Many GPS devices can be found for sale in Tokyo’s Akihabara district. Their original purpose is to, for example, keep track of the locations of people like children or the elderly. A store employee introduced one such product, saying, “The battery lasts four days. As long as this device is above ground, you will know where it is.”

From TechWeekEurope, and will the outcome be real or ornamental?:

Yahoo And Google To Work Together On Encrypted Email

  • Yahoo promises to implement end-to-end PGP encryption by 2015

Yahoo is planning to introduce end-to-end encryption and advanced privacy features into its email service by 2015, helping customers avoid both cyber criminals and government surveillance. The company will collaborate with Google, which detailed its efforts in June after contributing its encryption implementation to the open source community.

According to the Wall Street Journal, Yahoo’s email encryption will rely on the Pretty Good Privacy (PGP) standard developed by Phil Zimmerman, currently the president of secure communications provider Silent Circle. This means even Yahoo itself won’t be able to access the contents of the messages.

The sudden popularity of encrypted messaging services is seen as a response to the mass surveillance practices employed by government agencies such as US National Security Agency (NSA) and UK’s GCHQ, revealed by Edward Snowden last year.

On a related note, this from Ars Technica:

Father of PGP encryption: Telcos need to get out of bed with governments

  • Zimmermann’s Silent Circle working with Dutch telco to deliver encrypted calls

Phil Zimmermann, the creator of Pretty Good Privacy public-key encryption, has some experience when it comes to the politics of crypto. During the “crypto wars” of the 1990s, Zimmermann fought to convince the US government to stop classifying PGP as a “munition” and shut down the Clipper Chip program—an effort to create a government-mandated encryption processor that would have given the NSA a back door into all encrypted electronic communication. Now Zimmermann and the company he co-founded are working to convince telecommunications companies—mostly overseas—that it’s time to end their nearly century-long cozy relationship with governments.

Zimmermann compared telephone companies’ thinking with the long-held belief that tomatoes were toxic until it was demonstrated they weren’t. “For a long time, for a hundred years, phone companies around the world have created a culture around themselves that is very cooperative with governments in invading people’s privacy. And these phone companies tend to think that there’s no other way—that they can’t break from this culture, that the tomatoes are poisonous,” he said.

The Verge covers corporate resistance:

Google, Microsoft, others backing Facebook in fight over user privacy in New York

  • Tech companies and civil liberties unions are trying to fend off warrants

Facebook’s getting some company in its fight with the New York district attorney’s office over the protection of user data from government investigations, something that has quickly become a battle over constitutional rights. Today, a number of major tech companies including Dropbox, Foursquare, Google, Kickstarter, LinkedIn, Meetup, Microsoft, Pinterest, Twitter, Tumblr, and Yelp, along with the New York Civil Liberties Union and the ACLU, filed amicus briefs in support of Facebook.

In a trio of filings today, the groups collectively argue that bulk warrants like the one that required Facebook to hand over user data for 381 users over to the NYDA are problematic, especially when attached to so-called “gag orders” that keep companies from alerting users that they are under investigation.

“Unless Facebook is able to assert its subscribers’ constitutional rights — and any of its own rights — the legality of the government’s actions with respect to those subscribers will escape review altogether. And had the government chosen to indict no one, no one would have been the wiser,” reads the opener of a filing from Google, Pinterest, Microsoft, Twitter, and Yelp.

From Channel NewsAsia Singapore, a major unLike:

Malaysia to study whether Facebook should be blocked

The Malaysian government will study whether it is necessary to block Facebook following a case of abuse involving the social website, said Communication and Multimedia Minister Datuk Seri Ahmad Shabery Cheek.

He said his ministry was conducting studies to gather public views on the matter. “If the people are of the opinion that Facebook should be closed, we are prepared to look into the matter but it is a radical approach,” he told reporters after closing the Cheras Wanita Umno Delegates Meeting on Saturday (Aug 9).

Also present were Cheras Umno head Datuk Seri Syed Ali Alhabshee and Cheras Wanita Umno chief Datuk Hajah Zurainah Musa.

From TheLocal.ch, old school spookery? Journalism? Curiosity?:

Swiss man arrested in Tunisia for ‘spying’

A Swiss man is under arrest in Tunisia for suspected spying activities in Kasserine, a city in the North African country.

Tunisian police arrested the tourist on Thursday afternoon, according to media reports from Tunisia picked up by media in Switzerland.

He was apprehended after being caught attempting to take pictures of the house of Tunisia’s interior minister, Lotfi Ben Jeddou, and military posts in Lasserine, local radio station FM Express reported.

In the man’s camera police discovered hundreds of images of police stations, government buildings and other structures with strategic objectives, the radio station said.

From Ars Technica, less than reassuring:

Hacking is simple, says author claiming role in breach of spyware firm

  • DIY guide provides instructions for carrying out similar muckraking exploits

An anonymous author who claims to be the hacker who penetrated controversial UK-based Gamma Group International and aired 40 gigabytes of its dirty laundry has published a how-to guide for other hacktivists.

“I’m not writing this to brag about what an 31337 h4x0r I am and what m4d sk1llz it took to 0wn Gamma,” wrote the author, who rightly cautions that the unauthorized access of other people’s networks is illegal. “I’m writing this to demystify hacking, to show how simple it is, and to hopefully inform and inspire you to go out and hack shit. If you have no experience with programming or hacking, some of the text below might look like a foreign language. Check the resources section at the end to help you get started.”

The do-it-yourself guide explains how hackers can map entryways into a target’s network, scan for vulnerable services and exploit any that are found. It also lists some of the most common methods hackers use to keep their IP addresses and other digital fingerprints off their attacks. Among other things, the how-to suggests installing Whonix inside a hidden encrypted volume created by TrueCrypt and carrying out all operations from there. It also counsels against using Tor and instead using hacked servers. Again, this is illegal.

From the Associated Press, maple leaf imperialism sure to inflate an Arctic Game of Zones, one abetted by icecaps shrinking because of dependence on the same resources being sought in the Far North:

Canada sends icebreakers to Arctic to gather data

Canada is sending two icebreakers to the High Arctic to gather scientific data in support of its plan to bid for control of the sea floor under and beyond the North Pole.

The coast guard vessels have set out on a six-week journey that will take them to the eastern side of the Lomonosov Ridge.

The undersea ridge starts near Ellesmere Island and runs northward over the pole. Some say the ridge could give Canada a claim on a vast section of Arctic sea floor.

From the Associated Press, allegations with a certain resonance in those Ivy Bells of yesteryear:

Russia: Apparent US sub driven from Barents Sea

Russian state news agencies say the country’s navy claims to have driven away a submarine believed to be American that entered Russia’s northern waters.

The reports Saturday cited an unnamed representative of the navy’s general staff as saying the incident occurred Thursday in the Barents Sea. The Barents Sea lies off northwest Russia and the Russian navy’s Northern Fleet is based on its shores.

The reports said the fleet sent several vessels and an anti-submarine Il-38 aircraft to drive the submarine away.

After the jump, the Asian Game of Zones intensifies with hacks, web crackdowns, rhetorical and military hardware escalations, espionage arrests, deep political plays, and a sudden German love of the good old-fashioned sound of a typewriter key hitting platen-encircling paper. . . Continue reading

InSecurityWatch: Bombs, hacks, drones, more


We’ve got a major collection today, including some items revealing how vulnerable our phones, cars, planes, and more are increasingly vulnerable to government, corporate, and other hackers, the latest developments in Asia’s Game of Zones, and a whole lot more. . .

We open with the newest phase of America’s endless wars — call it Iraq.3.0 — via the New York Times:

U.S. Warplanes Strike Militants in Iraq

The United States on Friday afternoon launched a second round of airstrikes on Sunni militants in northern Iraq, sending four Navy fighter jets to strike eight targets around Erbil, according to Pentagon officials.

The attacks came hours after an initial wave of strikes by military aircraft and armed drones, escalating the American involvement in Iraq a day after President Obama announced that the United States military was returning to a direct combat role in the country it left in 2011.

Military officials said they believed that the second round of attacks resulted in a number of casualties among the militants with the Islamic State in Iraq and Syria. The Navy fighters launched from the aircraft carrier George H. W. Bush, which has been deployed in the Arabian Sea.

Earlier Friday, two F-18 fighters dropped 500-pound laser-guided bombs on a mobile artillery target that had just begun shelling Erbil, Pentagon officials said. A senior military official said on Friday that the artillery unit hit in the earlier bombing was being towed by a truck toward Erbil.

The Associated Press has some context:

Iraq official: Militants hold 100s of Yazidi women

Hundreds of women from the Yazidi religious minority have been taken captive by Sunni militants with “vicious plans,” an Iraqi official said Friday, further underscoring the dire plight of Iraq’s minorities at the hands of the Islamic State group.

Kamil Amin, the spokesman for Iraq’s Human Rights Ministry, said hundreds of Yazidi women below the age of 35 are being held in schools in Iraq’s second largest city, Mosul. He said the ministry learned of the captives from their families.

“We think that the terrorists by now consider them slaves and they have vicious plans for them,” Amin told The Associated Press. “We think that these women are going to be used in demeaning ways by those terrorists to satisfy their animalistic urges in a way that contradicts all the human and Islamic values.”

While the London Daily Mail rattles sabers:

TWO retired four-star generals blast Obama for failing to use ‘decisive’ force in Iraq with ‘pinprick’ attacks for ‘political posturing’

  • Retired Gen. Barry McCaffrey laid into Obama on Friday, saying bombing runs against ISIS positions are political posturing
  • ‘These are political gestures using military power,’ he said, lamenting the president’s lack of commitment to a full-blown military campaign
  • Obama ran for president on a platform of getting US military out of Iraq but began bombing runs Friday morning in the country’s northern region
  • White House Press Secretary Josh Earnest assured reporters on Friday that a ground-troop incursion is out of the question
  • GOP critics are hammering the White House for not being more aggressive
  • House Speaker John Boehner said the White House has an ‘ongoing absence of a strategy for countering the grave threat ISIS poses’
  • Obama underestimated ISIS in January, telling The New Yorker that ‘If a jayvee team puts on Lakers uniforms that doesn’t make them Kobe Bryant’

CNBC raises an ironic question:

Will US airstrikes target US-supplied weapons?

As American pilots fly new airstrikes over northern Iraq Friday, they’ll see some very familiar weaponry in the hands of Islamic State forces: Humvees, MRAP transports, American-made heavy machine guns and American artillery.

Islamic State (which also goes by ISIS or ISIL) forces captured the haul of American weapons as the U.S.-supplied Iraqi Army retreated in the face of the extremist onslaught, leaving expensive American equipment littered on the battlefield.

All that raises the prospect that, at some point during these airstrikes, American taxpayer-financed fighter jets will fire on and destroy American taxpayer-financed weapons on the ground.

And the McClatchy Washington Bureau adds a dash of bitters:

Why can’t Islamic State be stopped? Analysts say it’s better armed, better organized

Observers on the ground and analysts in Washington believe that the latest push was possible because the peshmerga forces are stretched trying to defend a frontier with the Islamic State that is nearly 900 miles long. The Islamic State is also better equipped, with U.S.-supplied weapons that its forces have looted from every Iraqi military based it has seized. It also has recently captured major Syrian arsenals.

On Twitter, the Islamic State often posts photos of its bounty from military bases, which include rocket-propelled-grenade launchers, artillery and weapons that are far more sophisticated than those in the peshmerga arsenal.

The Islamic State also has the advantage of momentum. According to the Long Wars Journal, citing a tweet by the Islamic State, its forces have taken control of 17 communities in the area around Mosul. Its push stretches all the way to Diyala province in northeast Iraq, which borders Iran. On Thursday, the Islamic State claimed to control the Mosul Dam, the largest water supply source in Iraq _ a claim U.S. and Iraqi sources confirmed.

And perhaps most importantly, the Islamic State has very simply put together a smarter offensive plan. Its push toward Irbil is believed by many not to be a move to take that city but to force the peshmerga to defend its capital, allowing the Islamic State to harden its grip on places nearby it’s more interesting in holding.

And for our final item on the subject, no comment needed, via The Verge:

The Pentagon used a tweet to tell the world about airstrikes in Iraq

  • Tweets are the new briefings

From United Press International, gettin’ real [somewhat late]:

New York Times will now use the word ‘torture’

President Barack Obama made waves last Friday when he admitted the United States tortured terror suspects in order to get information.

The New York Times will now use the word “torture” in stories regarding interrogations in which the paper is sure pain was inflicted to get information.

The Times has faced criticism for its hesitation to use the word when speaking about the controversial interrogation techniques used by the United States and specifically the Central Intelligence Agency when trying to get information from terror suspects. They had previously used Bush administration-coined euphemisms such as “enhanced interrogation techniques.”

In an editorial published Thursday, executive editor Dean Baquet said The Times will no longer use these euphemisms and instead call it what it is.

From Aviation Week, Skynet fears continue unabated [thank heavens]:

‘Certifiable Trust’ Required To Take Autonomous Systems Past ‘Unmanned’

  • Deployment of autonomous capabilities across aerospace faces major hurdle

Aviation has been built around humans since before the origins of powered flight, but unmanned technology is opening new design spaces in unexpected ways. Now shaped by the strengths and weaknesses of pilots and controllers, how aircraft are flown and air traffic managed could change dramatically in coming decades as autonomy becomes understood, accepted and, eventually, trusted.

“Aviation has been very successful with a -humancentric paradigm, the idea that it is humans that save the day,” says Danette Allen, chief technologist for autonomy at NASA Langley Research Center. Even with the Northrop Grumman RQ-4 Global Hawk—arguably the most automated of today’s unmanned aircraft—“the human is still on or in the loop for situational awareness, just in case they have to jump in and solve problems,” she says.

But autonomy means machines making decisions, not humans, and behaving in ways that are not painstakingly pre-planned and pre-programmed. It requires safe and trusted systems than can perceive their environment for situational awareness and assessment, make decisions on uncertain and inaccurate information, act appropriately, learn from experience and adapt their behavior. “In Washington, autonomy has become the ‘A’ word. It has become a negative,” says Rose Mooney, executive of the Mid-Atlantic Aviation Partnership, one of six civil-UAS test sites established by the FAA.

“Certifiable trust”? Does that mean you have to be certifiable to trust ‘em?

For our next drone story, we turn to the Associated Press:

Central NY airport new site for drone safety tests

Federal regulators have approved drone research flights at a central New York airport, one of six sites nationally chosen to assess the safety of the aerial robots in already busy skies.

The other mission at Griffiss International Airport in Rome will be to study how drones can help farmers stay on top of pests, weeds and the conditions of their crops.

The NUAIR Alliance, a consortium of private industry, academic institutions and the military, says flights could begin in a couple of weeks after the Federal Aviation Administration approval Thursday. Future operations will include Massachusetts. The other test sites are in Alaska, North Dakota, Nevada, Texas and Virginia.

And for our final dronal delight, there’s this from Ars Technica:

San Jose Police Department says FAA can’t regulate its drone use

  • FAA disagrees, says law enforcement definitely needs permission to use a drone.

Newly published documents show that the San Jose Police Department (SJPD), which publicly acknowledged Tuesday that it should have “done a better job of communicating” its drone acquisition, does not believe that it even needs federal authorization in order to fly a drone. The Federal Aviation Administration thinks otherwise.

Late last month, a set of documents showed that the SJPD acquired a Hexacopter called the Century Neo 660, along with a GoPro video camera and live video transmitter. The nearly $7,000 January 2014 purchase was funded through a grant from the Bay Area Urban Areas Security Initiative, a regional arm of the Department of Homeland Security. San Jose, which proclaims itself the “capital of Silicon Valley,” is the third-largest city in California and the tenth-largest in the United States.

The documents, which were sent to MuckRock as part of a public records request and were published on Wednesday for the first time, make a number of statements suggesting that the SJPD has a deep misunderstanding of current drone policy.

Next up, more dirty dealing at Scotland Yard from the Independent:

Secret internal police report points to ‘highly corrupt’ cells in the Met

Three former Scotland Yard detectives were part of “highly corrupt cells within the Metropolitan Police Service” but have never been brought to justice, according to a secret internal report seen by The Independent.

The police officers, who left the Met to open a private investigation agency, were suspected of seizing tens of thousands of ecstasy tablets from criminals and selling the drugs themselves, according to a file produced by the force’s anti-corruption command.

The 2000 report said the officers also had links to London’s criminal underworld and were capable of tracking down and threatening witnesses involved in sensitive trials.

On to the world of hackery, starting with the latest biggie, first from ProPublica:

Leaked Docs Show Spyware Used to Snoop on U.S. Computers

  • Software created by the controversial U.K. based Gamma Group International was used to spy on computers that appear to be located in the United States.

Software created by the controversial U.K. based Gamma Group International was used to spy on computers that appear to be located in the United States, the U.K., Germany, Russia, Iran and Bahrain, according to a leaked trove of documents analyzed by ProPublica.

It’s not clear whether the surveillance was conducted by governments or private entities. Customer email addresses in the collection appeared to belong to a German surveillance company, an independent consultant in Dubai, the Bosnian and Hungarian Intelligence services, a Dutch law enforcement officer and the Qatari government.

The leaked files — which were posted online by hackers — are the latest in a series of revelations about how state actors including repressive regimes have used Gamma’s software to spy on dissidents, journalists and activist groups.

And The Intercept covers one country amongst the targets:

Leaked Files: German Spy Company Helped Bahrain Hack Arab Spring Protesters

A notorious surveillance technology company that helps governments around the world spy on their citizens sold software to Bahrain during that country’s brutal response to the Arab Spring movement, according to leaked internal documents posted this week on the internet.

The documents show that FinFisher, a German surveillance company, helped Bahrain install spyware on 77 computers, including those belonging to human rights lawyers and a now-jailed opposition leader, between 2010 and 2012—a period that includes Bahrain’s crackdown on pro-democracy protesters. FinFisher’s software gives remote spies total access to compromised computers. Some of the computers that were spied on appear to have been located in the United States and United Kingdom, according to a report from Bahrain Watch.

Earlier this week, an anonymous hacker released 40 gigabytes of what appears to be internal data from FinFisher on Twitter and Reddit, including messages between people who appear to be Bahraini government officials and FinFisher customer service representatives.

In those messages, Bahraini software administrators complained to FinFisher that they were “losing targets daily” due to faults in its software. In one message employing the language of a frustrated consumer, a spy appeared to complain that he or she had to keep re-infecting a targeted computer, risking detection: “[W]e cant stay bugging and infecting the target every time since it is very sensitive. and we don’t want the target to reach to know that someone is infecting his PC or spying on him” one message reads.

For our next hackery item, RT America covers a major conference and some revelations aired during sessions:

Black Hat hackers conference exposing flaws in everyday electronics

Program notes:

The “Internet of Things” is a hot topic at this year’s Black Hat cybesrsecurity conference in Las Vegas. With more household, security and even medical devices being connected to the internet, the threats posed by hackers and nefarious governments are growing. Web connected insulin pumps, home thermostats and other technologies are easily hacked and have had numerous security flaws exposed, potentially putting lives at risk, warn experts. Erin Ade, host of RT’s Boom Bust, is at the conference and has more.

Al Jazeera America has another overview:

Hackers sound alarm about Internet of Things

  • By reframing cybersecurity as a public safety issue, white-hat hackers may be making inroads in Washington

A hacker with a smartphone can unlock your front door. Your refrigerator becomes infected with a virus that launches cyber attacks against activists in Bahrain. Criminals and intelligence agencies grab data from your home thermostat to plan robberies or track your movements.

According to computer-security researchers, this is the troubling future of the Internet of Things, the term for an all-connected world where appliances like thermostats, health-tracking wristbands, smart cars and medical devices communicate with people and each other through the Internet. Many of these products are already on the market, and over the next decade, they are expected to become dramatically more commonplace.

For consumers, the Internet of Things will allow high-tech convenience that not long ago seemed like science fiction — a car’s GPS automatically turning on the air conditioner in your house as you drive home from work, for example. But security experts see a dystopian nightmare that is quickly becoming reality. A study released last week by Hewlett Packard concluded that 70 percent of Internet of Things devices contain serious vulnerabilities. Experts say it’s the latest evidence that our dependence on Internet-connected technology is outpacing our ability to secure it.

Defense One covers one session’s fruits:

Hacker Shows How to Break Into Military Communications

Soldiers on the front lines use satellite communications systems, called SATCOMS to call in back up, lead their comrades away from hot spots and coordinate attacks, among other things. Airplanes use SATCOMS to rely on data between the ground and the plane, and ships use them to avoid collisions at sea and call for help during storms or attacks. A well-known hacker says he’s found some major flaws in the communication equipment that ground troops use to coordinate movements. The equipment is also common on a variety of commercial ships and aircraft rely on to give pilots vital information. In other words, you can hack planes.

Speaking at the Black Hat cyber security conference, analyst Ruben Santamarta of IOActive presented a much-anticipated paper showing that communications devices from Harris, Hughes, Cobham, Thuraya, JRC, and Iridium are all highly vulnerable to attack. The security flaws are numerous but the most important one — the one that’s the most consistent across the systems— is back doors, special points that engineers design into the systems to allow fast access. Another common security flaw is hardcoded credentials, which allows multiple users access to a system via a single login identity.

Santamarta claims that a satellite communication system that’s common in military aviation, the Cobham Aviator 700D, could be hacked in a way that could affect devices that interact with critical systems possibly resulting in “catastrophic failure.”

MIT Technology Review covers another:

Black Hat: Google Glass Can Steal Your Passcodes

  • Footage of people unlocking their phones can be used to steal mobile passcodes even if the typing can’t be seen.

Criticism of Google Glass has often focused on the way its camera makes surreptitious video recording too easy. Now researchers have shown that footage captured by the face-mounted camera could also pose a security threat.

Software developed by the researchers can automatically recover the passcodes of people recorded on video as they type in their credentials, even when the screen itself is not visible to the camera. The attack works by watching the movement of the fingers to work out what keys they are touching. It also works on footage from camcorders, webcams, and smartphones, but Glass offers perhaps the subtlest way to stage it.

The work suggests that “shoulder surfing”—stealing passwords or other data by watching someone at a computer—could become more of a threat as digital cameras and powerful image processing software become more common.

Ars Technica covers a third:

Security expert calls home routers a clear and present danger

  • In Black Hat Q&A, In-Q-Tel CISO says home routers are “critical infrastructure.”

During his keynote and a press conference that followed here at the Black Hat information security conference, In-Q-Tel Chief Information Security Officer Dan Geer expressed concern about the growing threat of botnets powered by home and small office routers. The inexpensive Wi-Fi routers commonly used for home Internet access—which are rarely patched by their owners—are an easy target for hackers, Geer said, and could be used to construct a botnet that “could probably take down the Internet.” Asked by Ars if he considered home routers to be the equivalent of critical infrastructure as a security priority, he answered in the affirmative.

Geer spoke about the threat posed by home routers in advance of “SOHOpelessly Broken,” a router hacking contest scheduled for the DEF CON security conference later this week sponsored by the Electronic Frontier Foundation. “Because they are so cheap, you can get a low-end router for less than 20 bucks that hasn’t been updated in a while,” Geer explained.

Attackers could identify vulnerabilities in particular models and then scan the Internet for targets based on the routers’ signatures. “They can then build botnets on the exterior of the network—the routing that it does is only on side facing ISPs,” he said. “If I can build a botnet on the outside of the routers, I could probably take down the Internet.”

MIT Technology Review covers a fourth:

Black Hat: Car Security Is Likely to Worsen, Researchers Say

  • In-car applications and wireless connectivity are a boon to hackers who take aim at cars.

The electronic systems in cars increasingly control safety-critical functionality.

As more cars come with wireless connectivity and in-car apps, more of them will be vulnerable to potentially dangerous hacking, two well-known researchers warned at the Black Hat security conference in Las Vegas on Wednesday.

In a study of nearly 20 different vehicles, Charlie Miller, a security engineer with Twitter, and Chris Valasek, director of vehicle security research with security services firm ioActive, concluded that most control systems were not designed with security in mind and could be compromised remotely. The pair created cybersecurity ratings for the vehicles, which will be published in a paper later this week.

And from Wired threat level, that darned cat:

How to Use Your Cat to Hack Your Neighbor’s Wi-Fi

Late last month, a Siamese cat named Coco went wandering in his suburban Washington, DC neighborhood. He spent three hours exploring nearby backyards. He killed a mouse, whose carcass he thoughtfully brought home to his octogenarian owner, Nancy. And while he was out, Coco mapped dozens of his neighbors’ Wi-Fi networks, identifying four routers that used an old, easily-broken form of encryption and another four that were left entirely unprotected.

Unbeknownst to Coco, he’d been fitted with a collar created by Nancy’s granddaughter’s husband, security researcher Gene Bransfield. And Bransfield had built into that collar a Spark Core chip loaded with his custom-coded firmware, a Wi-Fi card, a tiny GPS module and a battery—everything necessary to map all the networks in the neighborhood that would be vulnerable to any intruder or Wi-Fi mooch with, at most, some simple crypto-cracking tools.

Reuters covers another blow to online anonymity:

Russia demands Internet users show ID to access public Wifi

Russia further tightened its control of the Internet on Friday, requiring people using public Wifi hotspots provide identification, a policy that prompted anger from bloggers and confusion among telecom operators on how it would work.

The decree, signed by Prime Minister Dmitry Medvedev on July 31 but published online on Friday, also requires companies to declare who is using their web networks. The legislation caught many in the industry by surprise and companies said it was not clear how it would be enforced.

A flurry of new laws regulating Russia’s once freewheeling Internet has been condemned by President Vladimir Putin’s critics as a crackdown on dissent, after the websites of two of his prominent foes were blocked this year.

The Guardian covers the Down Under version of a familiar story:

Warrantless metadata access is already taking place at higher rate than ever

  • A multitude of agencies currently have access to metadata and in 2012-13 used those powers on 330,640 occasions

Given the current debate about metadata retention in Australia it’s worth pointing out that various organisations can access your metadata already, without a warrant – and it’s occurring at a higher rate than ever before.

In mid 2013 we wrote about how agencies from the police to the RSPCA to the Victorian Taxi Directorate are able to access “existing information or documents” from telecommunications companies without a warrant. The information can include details of phone calls (but not the contents of the call) and internet access details such as subscribers’ personal information, and dates and times of internet usage.

The most recent figures, released in December 2013, show warrantless access to metadata occurred on 330,640 occasions in the 2012-13 financial year. The agency requesting the data is required to fill out a request form, however there is no judicial oversight or requirement that law enforcers prove suspicion of a crime being committed.

And from the McClatchy Washington Bureau, idiotic obstructionism:

Judge dings FBI for response to inmate’s FOIA requests

A federal judge has slapped the FBI, or maybe just laughed at it, for making “transparently implausible” arguments while resisting a prison inmate’s Freedom of Information Act requests.

The feds, U.S. District Judge James E. Boasberg wrote, in what sounds like a state of near-incredulity, argued that the “FOIA request need not be disclosed because they reside on two CDs and a thumb drive.”

That’s right. The FBI seemed to say that information was exempt from disclosure because of the medium it was stored on.

After the jump, the latest developments in the Game of Zones, including spooky arrests, an Orwellian anecdote, an X-rated protest, and a whole lot more. . . Continue reading

InSecurityWatch: Bombers, hacks, spooks, zones


Today’s InSecurityWatch opens with another crack at the ol’ Pottery Barn Rule.

First the prextext, via the Christian Science Monitor:

Islamic State persecution of Yazidi minority amounts to genocide, UN says

Tens of thousands of Yazidis have taken refuge on a mountain in Sinjar province after Islamic State fighters overran their town and other areas, pushing out Kurdish paramilitary forces.

Sunni Arab militants in northern Iraq are hunting down and killing large numbers of minority Yazidis, acts which amount to genocide, according to a senior United Nations official.

On Sunday, fighters from the self-declared Islamic State overran the city of Sinjar, part of a widening offensive that on Thursday saw IS take control of other Christian and Yzedi towns on the Nineveh plains. According to UN officials and Yazidi elders, the militants have killed hundreds of Yazidis, a secretive faith with pre-Islamic roots. Others have been taken as slaves. Tens of thousands have taken refuge on Sinjar Mountain, their traditional refuge over centuries of persecution, and are appealing for emergency aid.

Unlike Christians, who have been told they must either pay a religious tax or convert to Islam to avoid death, the Yazidis are considered by Sunni militants to be infidels who deserve extermination.

And the response, via the Los Angeles Times:

U.S. will use airstrikes to avert genocide in Iraq, Obama says

President Obama, saying that he was acting to avert a threatened genocide, announced that he had authorized airstrikes against Sunni militants who have advanced quickly across northern Iraq, driving tens of thousands of people out of their towns and villages.

In addition to the threat of airstrikes, Obama said U.S. cargo planes had dropped supplies to the refugees in the area of Mt. Sinjar, who he said faced the risk of imminent starvation.

“Today, America is coming to help,” Obama said. But he repeated his vow that no American combat troops would be sent back to Iraq.

And another country invaded, another lingering blowback, via the McClatchy Washington Bureau:

‘Green-on-blue’ killings in Afghanistan raise tough questions about U.S. strategy

In the hours after a suspected coalition-trained Afghan soldier opened fire at Afghanistan’s national defense university, killing an American two-star general and injuring more than a dozen others, a question that has plagued U.S. efforts arose again in quiet murmurs at coalition bases and camps across that country:

How are we supposed to train people who often want to kill us?

Attacks by Afghan forces on their coalition partners _ the Long Wars Journal has counted 87 since 2008 _ reached a peak in 2012. That’s when the U.S. military imposed security and education measures intended to protect coalition troops from the very people they are supposed to help. Until Tuesday’s attack, those measures were thought to have been successful; it had been six months since a uniformed Afghan had attacked American soldiers.

And from the newly issued World Drug Report [PDF] of the United Nations Office of Drug and Crime, another Afghan invasion result. Click on the chart to embiggen:

BLOG Smack

And some good news for America’s leaker-in-exile via Al Jazeera English:

Snowden gets three-year residence in Russia

  • NSA whistleblower granted asylum allowing him to move about freely and travel abroad.

Edward Snowden, the former US intelligence contractor turned whistleblower, has been granted a three-year residence permit to remain in Russia.

Snowden’s lawyer, Anatoly Kucherena, told reporters on Thursday that Snowden had been granted asylum allowing him to move about freely and travel abroad.

“The request was accepted and accordingly Edward Snowden was given a three-year residence permit,” Kucherena said.

Techdirt raises an interesting question:

As DOJ Hunts For ‘Second Leaker,’ Will It Also Explore Who Leaked The Intercept’s Story To The AP?

  • from the questions-to-ponder dept

Earlier this week, Tim Cushing wrote about The Intercept’s latest scoop, concerning the makeup of the US government’s federal terrorist watchlist, and the fact that a large chunk of it isn’t affiliated with any terrorist groups. While most of the article focused on that point, he made two other notes in passing — the first was that it was obvious that this release was from a second leaker, not Snowden, and the second was about how the government “leaked” the story in a “friendlier” manner to the AP in order to beat The Intercept. We thought both of these asides were interesting, but they’ve both turned into big stories on their own.

CNN later confirmed that US government officials are now searching for the second leaker (though “second” may not be accurate either…), more or less confirming what many people had been suspecting. Meanwhile, the “scoop spoiling” by the federal government actually resulted in a semi-apology from the National Counterterrorism Center (NCTC) who gave the scoop to the AP. The NCTC claimed it had been working with the AP on a story for a while, and after seeing what The Intercept was doing, felt it needed to give them the heads up, though it also says it could have handled the situation better. Of course, this also makes it more likely that The Intercept won’t bother giving the government much time (if any) to respond on future stories. Why risk the chance of having the government spoil the scoop again?

From the Dept. Of We Say So, via Defense One:

The CIA Can’t Hack Senate Computers Because They Own Them, Experts Say

CIA personnel probably didn’t commit a hacking crime by rummaging through congressional computers used to research the agency’s torture activities, former federal attorneys and scholars say.

Some lawmakers are calling for a criminal probe into new findings by a CIA inspector general that the agency improperly searched Senate intelligence committee files about its detention and interrogation program. Committee staff has been compiling a report condemning the program.

Under an agreement, only CIA information technology employees were allowed to access the system, says committee Chairwoman Sen. Dianne Feinstein, D-Calif. The CIA violated that agreement by removing about 920 agency items and searching through the committee’s own internal work, she maintains.

SecurityWeek covers turnabout:

Attackers Used Multiple Zero-Days to Hit Spy Agencies in Cyber-Espionage Campaign

Kaspersky Lab said that it has discovered how victims of an ongoing massive cyber espionage campaign were infected, shedding light on questions previously left unanswered in earlier research.

The campaign, called Epic Turla, targeted intelligence agencies, government institutions, embassies, military groups, education institutions, and research and pharmaceutical companies in more than 45 countries, the security firm said on Thursday.

Turla, also known as Snake or Uroburos, is considered by researchers to be one of the most sophisticated ongoing cyber-espionage campaigns. Earlier research by G-Data published in February of this year on Turla/Snake didn’t address how victims were getting infected in the first place, or the role Epic Turla/Tavdig played in the infection path.

From Wired threat level, let’s make a deal:

CIA Insider: U.S. Should Buy All Security Exploits, Then Disclose Them

To increase the security of the internet and computers, the government should corner the market on zero-day vulnerabilities and exploits, offering top-dollar to force out all other buyers. At least, that’s what Dan Geer thinks, and his opinion matters. Geer is chief information security officer at the CIA’s venture capital arm In-Q-Tel, which invests in technologies that help the intelligence community.

Geer, an icon in the world of computer security, delivered his controversial stance during a keynote at the Black Hat security conference in Las Vegas today. His talk, entitled “Cybersecurity as Realpolitik” was provocative throughout, including advocating that software companies make their unsupported products open source to keep them secure. He even quoted the Code of Hammurabi (circa 1700 B.C.) while suggesting that product liability be applied to source code. “If a builder builds a house for someone, and does not construct it properly, and the house which he built falls in and kills its owner, then the builder shall be put to death,” he said. While the death penalty may be a little severe for software makers who fail to adequately secure their products, criminal and civil liability isn’t, he suggests.

But the highlight of Geer’s talk was definitely his suggestion that the U.S. government own the zero-day market. Zero-day vulnerabilities are security holes in software that are yet unknown to software makers or to antivirus firms. They’re unpatched and unprotected, leaving them open to exploit by spy agencies, criminal hackers, and others.

From Reuters, color them embarrassed:

U.S. Homeland Security contractor reports computer breach

A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that “it has all the markings of a state-sponsored attack.”

The computer breach at Falls Church, Virginia-based US Investigations Services (USIS) probably involved the theft of personal information about DHS employees, according to the Washington Post, which first reported the story.

DHS said it had suspended all work with the company amid an investigation by the FBI. A “multi-agency cyber response team is working with the company to identify the scope of the intrusion,” DHS spokesman Peter Boogaard said in a statement.

The Sacramento Bee covers another major embarrassment:

Homeland Security official arrested in sting involving sordid Sacramento Craigslist ad

A Homeland Security employee has been arrested in connection with a sting that alleges he used a Craigslist ad in an effort to get a mother and an underage daughter to have sex with him.

George Hristovski, 54, of Elverta, was booked into Sacramento County Jail on Monday after his arrest by the Federal Bureau of Investigation. His LinkedIn posting identifies him as an inspector for the U.S. Department of Homeland Security.

A federal court filing requesting an arrest warrant for Hristovski said that Placer County Sheriff’s Department detectives noticed an ad on Craigslist on July 14 in the “Casual Encounters” section of the Sacramento area part of the website.

The person who placed the ad sought a mother who wanted a man to teach a daughter about sex. Detectives, posing as a mother and a 13-year-old daughter, corresponded via e-mails with the person who took out the ad.

And from the Guardian, yet another embarrassment:

‘Jedi Council’ sex ring: 171 Australian Defence Force staff disciplined

  • Ten soldiers were sacked and another 161 received censures, warnings, performance counselling or punishment

More than 170 defence personnel were sacked or disciplined over the allegations around the creation and distribution of explicit and degrading emails, including images of a woman having sex which were taken without her knowledge.

In June 2013 the chief of army, Lieutenant General David Morrison, revealed the Australian Defence Force (ADF) was investigating a large number of military personnel who had allegedly created or shared the “explicit, derogatory, demeaning and repugnant” emails. A number of ADF personnel were sacked over the incident, and several were referred to police.

The army has since terminated the service of 10 soldiers ranked from lance corporal to major – six of them in November last year – in response to the ADF investigation into the allegations, and another 161 officers and noncommissioned officers were identified as involved.

From Greek Reporter, austerity blowback:

Greek Armed Forces Protest Merging of Pensions; Prepare For Strike

Members of the Greek armed forces protested in Athens on Wednesday morning against the Greek government’s plans to merge their auxiliary pension funds with others.

According to the president of the Panhellenic Federation of Police Officers, Christos Fotopoulos, Greek police officers are considering going on strike.

“If our demands, which are absolutely reasonable, are not met, the members of Greek armed forces will take the next step” he said during the Greek police officers protest in central Athens on August 6.

And yet another embarrassment, via Bloomberg News:

TSA Checkpoints Vulnerable to Hacks Through Backdoors

The Transportation Security Administration, that guardian of airports for whom we have all shed shoes, jackets, and loose change, has a worrisome safety issue of its own, according to a cyber researcher for Qualys.

Two devices that may be used at airport and other security checkpoints have “backdoors”—usernames and passwords hard-coded into the equipment that a hacker could use to get into the machines, says Billy Rios, in findings he discussed yesterday at the Black Hat security conference in Las Vegas.

Why would a manufacturer create that kind of risk? It’s actually quite common—usually for ease of maintenance, so technicians can get in and service the machine.

From RT, another hack attack:

Smartphone hack: Malware able to steal anything infects 500,000+ devices

Banks should look for new – secure – ways of exchanging information with their clients after the emergence of malicious software which allows criminals to steal passwords and text message security codes from people’s phones, security firm Group-IB warned.

More than 541,000 smartphones running on Android in Russia, Europe and the US are already infected with malware which grants the perpetrators full access to people’s mobile devices, a report by the Moscow-based company said.

The hostile program is distributed through “massive spam on the SMS-messages,” Nikita Kislitsin, head of botnet intelligence at Group-IB, told RT.

And another one from Wired threat level:

Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins

Among all the scams and thievery in the bitcoin economy, one recent hack sets a new bar for brazenness: Stealing an entire chunk of raw internet traffic from more than a dozen internet service providers, then shaking it down for as many bitcoins as possible.

Researchers at Dell’s SecureWorks security division say they’ve uncovered a series of incidents in which a bitcoin thief redirected a portion of online traffic from no less than 19 Internet service providers, including data from the networks of Amazon and other hosting services like DigitalOcean and OVH, with the goal of stealing cryptocurrency from a group of bitcoin users. Though each redirection lasted just 30 second or so, the thief was able to perform the attack 22 times, each time hijacking and gaining control of the processing power of a group of bitcoin miners, the users who expend processing power to add new coins to the currency’s network.

The attacker specifically targeted a collection of bitcoin mining “pools”–bitcoin-producing cooperatives in which users contribute their computers’ processing power and are rewarded with a cut of the resulting cryptocurrency the pool produces.

From TheLocal.it, really?:

‘Jail pro-anorexia web writers’: Italian MPs

A group of Italian MPs has proposed jail terms and hefty fines for people encouraging eating disorders, an idea rejected as criminalizing mental illness by one organization.

The law put forward would make it a crime to “incite practicing a diet which causes anorexia and bulimia,” Tgcom24 reported.

The multiparty proposal has been put forward by MPs including Michela Marzano, from the ruling Democratic Party (PD), Forza Italia’s Mara Carfagna and Valentina Vezzali from Civic Choice (Scelta Civica).

From TheLocal.it again, isn’t this more worthy of their zeal?:

Italy’s journalists live in fear of mafia threat

Journalists in parts of Italy are being forced to live in fear due to an increase in mafia intimidation of the press, with one journalist in Calabria telling The Local that he was recently given state protection due to “very violent threats” from the mafia.

Journalists in Calabria, the stronghold of the ‘Ndrangheta mafia clan, are most at risk, with 89 out of the every 1,000 members registered with the Order of Journalists, receiving “verbal and physical threats”, according to a study by the research group, Istituto Demoskopika.

The next most under threat are journalists in Basilicata, Sicily, the home of the Camorra, and Campania.

The Independent answers that Cui Bono?:

Google removes links to notorious criminals’ Wikipedia pages

Some of Europe’s most notorious criminals are among those to have successfully sanitised their past, after Google agreed to remove links to content on Wikipedia, it has emerged.

New information released by the Wikimedia Foundation, the organisation behind Wikipedia, today reveals that Google has deleted 50 links to information on the website. It comes in the wake of a controversial European court ruling earlier this year granting people the right to be forgotten.

One of the latest beneficiaries of the ruling is Renato Vallanzasca, a former crime boss who has committed seven murders, three kidnappings and scores of armed robberies. A link to the gang he led in Italy, Banda della Comasina, has also been removed.

And the Telegraph trumpets support:

Information Commissioner defends ‘right to be forgotten’

  • The UK’s data protection watchdog insists that the EU’s Right to be Forgotten legislation is working

The UK’s data protection watchdog has defended the EU’s Right to be Forgotten legislation, claiming that the House of Lords’ criticism of the judgment as “unworkable” is misplaced.

Last month the House of Lords EU Committee published a report claiming that the EU’s Right to be Forgotten is “unworkable and wrong”, and that it is based on out-dated principles.

“We do not believe that individuals should have a right to have links to accurate and lawfully available information about them removed, simply because they do not like what is said,” it said.

After the jump, the latest form Asia, including a texting crackdown, spy busts, and the latest escalations — including some biggies — in the Game of Zones, plus a couple of headlines indicating the End is Nigh. . . Continue reading

InSecurityWatch: Idiots, spooks, hacks, threats


An extra-long edition today because, well, there’s a lot of ground to cover, ranging from the latest Obama idiocy revelation to the last developments in the Asian Game of Zones.

We open with the Obamanation, via the Guardian:

USAID programme used young Latin Americans to incite Cuba rebellion

  • HIV workshop was ‘perfect excuse’ for political goals
  • Revelations follow failure of ‘Cuban Twitter’ effort

An Obama administration programme secretly dispatched young Latin Americans to Cuba using the cover of health and civic programs to provoke political change, a clandestine operation that put those foreigners in danger even after a US contractor was sent to a Cuban jail.

Beginning as early as October 2009, a project overseen by the US Agency for International Development (USAID) sent Venezuelan, Costa Rican and Peruvian young people to Cuba in hopes of ginning up rebellion. The travelers worked undercover, often posing as tourists, and traveled around the island scouting for people they could turn into political activists.

In one case, the workers formed an HIV-prevention workshop that memos called “the perfect excuse” for the programme’s political goals – a gambit that could undermine America’s efforts to improve health globally.

But their efforts were fraught with incompetence and risk, an Associated Press investigation found. Cuban authorities questioned who was bankrolling the travelers. The young workers nearly blew their mission to “identify potential social-change actors”. One said he got a paltry, 30-minute seminar on how to evade Cuban intelligence, and there appeared to be no safety net for the inexperienced workers if they were caught.

International Business Times gets close to the crux of the matter, given that earlier use of polio vaccination programs in Pakistan have played a major role in the resurgence of the disease:

How USAID Cuba Revelations May Threaten Global Health Programs

It’s getting harder for the United States to keep its secrets when it comes to democracy-promotion programs in Cuba. The Associated Press revealed this week a U.S. International Development Agency-funded operation to spur antigovernment activism among Cubans, this time through an HIV-prevention program. U.S. lawmakers and health advocates are lambasting USAID’s use of a health program for political ends, saying it puts the U.S.’s other global health and development programs at risk.

“This blatant deception undermines U.S. credibility abroad and endangers U.S. government-supported public health programs, which have saved millions of lives in recent years around the world,” said Democratic Rep. Barbara Lee of California, co-chair of the Congressional HIV/AIDS Caucus, in a statement Monday. Democratic Sen. Patrick Leahy of Vermont also said the program “tarnishes USAID’s long track record as a leader in global health.”

Global aid network InterAction also told the Associated Press that the United States “should never sacrifice delivering basic health services or civic programs to advance an intelligence goal.”

And the latest leak from the Intercept:

Barack Obama’s Secret Terrorist-Tracking System, by the Numbers

Nearly half of the people on the U.S. government’s widely shared database of terrorist suspects are not connected to any known terrorist group, according to classified government documents obtained by The Intercept.

Of the 680,000 people caught up in the government’s Terrorist Screening Database—a watchlist of “known or suspected terrorists” that is shared with local law enforcement agencies, private contractors, and foreign governments—more than 40 percent are described by the government as having “no recognized terrorist group affiliation.” That category—280,000 people—dwarfs the number of watchlisted people suspected of ties to al Qaeda, Hamas, and Hezbollah combined.

The documents, obtained from a source in the intelligence community, also reveal that the Obama Administration has presided over an unprecedented expansion of the terrorist screening system. Since taking office, Obama has boosted the number of people on the no fly list more than ten-fold, to an all-time high of 47,000—surpassing the number of people barred from flying under George W. Bush.

Here’s the chart accompanying the article:

BLOG Intercept

And from PandoDaily, a spoilsport story:

“That was our bad.” US government “spoils” the Intercept’s scoop, tips off rival outlet

According to a report by the Huffington Post’s Ryan Grim, the National Counterterrorism Center (NCTC) had “spoiled the scoop,” tipping off the AP that the Intercept was preparing a story.

Why would the government care? Grim explains:

To spoil a scoop, the subject of a story, when asked for comment, tips off a different, typically friendlier outlet in the hopes of diminishing the attention the first outlet would have received. Tuesday’s AP story was much friendlier to the government’s position, explaining the surge of individuals added to the watch list as an ongoing response to a foiled terror plot.

A source told Grim that the Intercept promptly hopped on a conference call with the NCTC after the stories hit, during which an official reportedly said the agency did not expect the AP reporter, Eileen Sullivan, to publish her story first. “That was our bad,” the official added, which is perhaps the greatest mea culpa from a government official in US history.

The Verge covers the source:

US officials say someone else is leaking documents in the wake of Snowden

  • New documents shed light on US terror watch list, revealing almost half the people on it don’t have any known connections to terror groups

Almost a year since former NSA contractor Edward Snowden’s leaked information was first revealed to the world, US officials today confirmed to CNN a new leaker is responsible for providing additional secret documents to The Intercept. The Intercept is an investigative website cofounded by Glenn Greenwald, the reporter to whom Snowden entrusted the bulk of his documents, and it has recently been publishing a series on the inner workings of the US government’s terror watch list. Just today, The Intercept published a new article based on leaked information indicating that 40 percent of the 680,000 total people listed on the watch list have “no recognized terrorist group affiliation.”

The documents, which The Intercept reported were leaked by someone within the intelligence community, further show that the separate “no fly” list banning people from air travel has expanded under President Obama to include 47,000 names, the highest number since the list was created in 2001. The new information raises the question of why 280,000 names remain on the terrorist watch list if there isn’t evidence linking them to specific terror groups. Are all of these people potentially homegrown terrorists, or are they part of groups that the government hasn’t identified yet, or perhaps they have shown interest in terror groups but haven’t joined them?

Newsweek covers another source of insecurity:

Israel Flagged as Top Spy Threat to U.S. in New Snowden/NSA Document

Israel was singled out in 2007 as a top espionage threat against the U.S. government, including its intelligence services, in a newly published National Security Agency (NSA) document obtained by fugitive leaker Edward Snowden, according to a news report Monday.

The document also identified Israel, along with North Korea, Cuba and India, as a “leading threat” to the infrastructure of U.S. financial and banking institutions.

The threats were listed in the NSA’s 2007 Strategic Mission List, according to the document obtained by journalist/activist Glenn Greenwald, a founding editor of The Intercept, an online magazine that has a close relationship with Snowden, a former NSA and CIA contractor who fled the U.S. with thousands of top-secret documents last year.

From RT, an emergence:

Snowden makes first public appearance, secretly visits Moscow’s Bolshoi theatre

The US whistleblower Edward Snowden has visited Moscow’s Bolshoi Theatre in his first public appearance since coming to Russia a year ago. Reporters were hardly able to recognize the former CIA employee without his signature look glasses.

The NSA whistleblower apparently decided to mark a year of asylum in Russia by making a public appearance. He attended the Tsar’s Bride opera in Moscow’s historic Bolshoi Theatre.

Snowden slipped in almost unnoticed. He sat in one of the theatre’s boxes, admiring Nikolay Rimsky-Korsakov’s opera that recounts a tragic love story during the time of Ivan the Terrible’s reign in Russia.

The Hill gets wiki’d:

House staffer edited Wikipedia page to label Snowden a ‘traitor’

Someone working on a House computer updated Wikipedia to call government leaker Edward Snowden an “American traitor who defected to Russia” on Tuesday.

The change, which was picked up by a Twitter account that automatically notes edits from congressional Internet Protocol (IP) addresses, occurred on the Wikipedia page for United Nations High Commissioner for Human Rights Navi Pillay.

Last month, Pillay said that the world owes a “great deal” to Snowden and called him a “human rights defender.”

And from Down Under via the Guardian, another victory for the spooky panotpicon:

Data retention proposal revealed to media before cabinet

  • Ministers understood to hold strongly differing views on retaining metadata as part of national security legislation

Federal cabinet has been caught unawares by media reports of a national security committee plan to require telecommunications companies to retain customers’ metadata for at least two years.

Cabinet is likely to be briefed on Tuesday morning about the plan, but had no knowledge a decision had been taken before it was revealed in the Daily Telegraph newspaper. The issue is not on the formal cabinet agenda.

Telecommunications companies had not been briefed on the decision before it was revealed in the media and were frantically seeking information on Tuesday morning, although they have responded to several parliamentary inquiries on the issue.

And back to the U.S. for the latest Obama cover-up push via the McClatchy Washington Bureau:

Obama officials, Senate intelligence panel spar over deletions from torture report

The Obama administration and the Senate Intelligence Committee are sparring over the administration’s deletions of fake names from the public version of a long-awaited report on the CIA’s use of harsh interrogation methods on suspected terrorists, McClatchy has learned.

The outcome of the debate could impact the clarity and narrative flow of the report, the product of the most intensive congressional investigation of CIA operations since lawmakers examined the agency’s role in the Iran-Contra arms-for-hostages scandal of the Reagan presidency.

“Redactions are supposed to remove names or anything that could compromise sources and methods, not to undermine the source material so that it is impossible to understand,” Sen. Martin Heinrich, D-N.M., a member of the committee, said Sunday in a statement. “Try reading a novel with 15 percent of the words blacked out. It can’t be done properly.”

And yet another, even more ridiculous coverup try, via DeepLinks:

UNSEALED: The US Sought Permission To Change The Historical Record Of A Public Court Proceeding

A few weeks ago we fought a battle for transparency in our flagship NSA spying case, Jewel v. NSA. But, ironically, we weren’t able to tell you anything about it until now.

On June 6, the court held a long hearing in Jewel in a crowded, open courtroom, widely covered by the press. We were even on the local TV news on two stations. At the end, the Judge ordered both sides to request a transcript since he ordered us to do additional briefing. But when it was over, the government secretly, and surprisingly sought permission to “remove” classified information from the transcript, and even indicated that it wanted to do so secretly, so the public could never even know that they had done so.

We rightly considered this an outrageous request and vigorously opposed it. The public has a First Amendment right not only to attend the hearing but to have an accurate transcript of it. Moreover, the federal law governing court reporting requires that “each session of the court” be “recorded verbatim” and that the transcript be certified by the court reporter as “a correct statement of the testimony taken and the proceedings had.” 28 U.S.C. § 753(b).

The Court allowed the government a first look at the transcript and indicated that it was going to hold the government to a very high standard and would not allow the government to manufacture a misleading transcript by hiding the fact of any redactions. Ultimately, the government said that it had *not* revealed classified information at the hearing and removed its request. But the incident speaks volumes about the dangers of allowing the government free rein to claim secrecy in court proceedings and otherwise.

We couldn’t tell you anything about that fight because the government’s request, our opposition to it, and the court’s order regarding it were all sealed. But with today’s order by Judge White, the transcript and the arguments over the government’s request to revise it are finally public documents.

Meanwhile, the war on photography continues, as Techdirt reports:

Documents Show 100 Officers From 28 Law Enforcement Agencies Accessed A Photographer’s Records

  • from the the-First-Amendment-right-to-be-hassled-endlessly dept

Here’s what exercising your First Amendment rights gets you in certain parts of the US. Photographer Jeff Gray has been filming cops and photographing public structures, as well as documenting the reactions of law enforcement to his activities.

The Department of Homeland Security apparently felt Gray was enough of a “threat” that it opened an investigation on him. After scrutinizing publicly-available information (like Gray’s own YouTube account), it came to the conclusion that his activities were completely protected… it just didn’t like the way he acted.

This subject is exercising his first amendment rights, however the manner in which he lures the officers in is concerning.

Well, you can’t be “lured” if you just respect citizens’ rights — rights that were recently upheld by a Supreme Court decision. Despite the DHS declaring Gray’s actions perfectly fine, local law enforcement officers still took it upon themselves to send social services to his home (after being “tipped” that Gray owned guns) and interviewing his kids at school without his knowledge.

And from Homeland Security News Wire, a major shift in the top threat as seen by cops across the country:

U.S. law enforcement agencies perceive Sovereign citizen movement as top terrorist threat

Sovereign citizen, Islamist extremist, and militia/patriot groups are perceived by law enforcement agencies to pose the greatest threats to their communities, according to a new study from the National Consortium for the Study of Terrorism and Responses to Terrorism (START). While sovereign citizens were the top concern of law enforcement, assessments about whether most groups were a serious terrorist threat actually declined for most groups (for example, the KKK; Christian Identity; Neo-Nazis; Racist Skinheads; Environmental Extremists; Animal Rights Extremists) when compared to a previous study.

START researchers David Carter, Steven Chermak, Jeremy Carter, and Jack Drew recently conducted in-depth surveys with more than 364 officers representing 175 state, local, and tribal (SLT) law enforcement agencies to examine perceptions of: the threat of terrorism; the nature of information-sharing; and whether agencies are prepared to deal with terrorist attacks. Their results are published in Understanding Law Enforcement Intelligence Processes.

A START release reports that the Sovereign Citizen movement was the most highly ranked threat, with 86 percent of respondents agreeing or strongly agreeing that it was a serious terrorist threat. This is a significant increase in ranking from an earlier survey implemented in 2006-2007, which showed Islamist extremists to be law enforcement’s top concern at the time. In that survey, approximately 67 percent agreed or strongly agreed that Islamist extremists were a serious terrorist threat.

Here’s the breakdown from the report [PDF]. Click on it to embiggen:

BLOG Terror

Next, as at home, Obama’s bucks-and-bombs Realpolitick trumps Hope™ and Change™ in Africa, via the Guardian:

Africa leaders’ summit: why human rights are off Obama’s agenda

  • As much of the continent’s leadership meets in Washington, security and trade have trumped pressing issues ranging from suppression of democracy to the criminalising of gay people

Barack Obama has had plenty to say about human rights in Africa over the years but the issue is glaringly absent from this week’s summit with much of the continent’s leadership in Washington.

Activists have taken to reminding Obama of his own soaring rhetoric about the one item not on an agenda that takes in trade and conflict, health and even how to combat of wildlife trafficking.

On his visits to Africa Obama has spoken about human rights with a passion rarely heard from earlier US presidents. “History offers a clear verdict: governments that respect the will of their own people, that govern by consent and not coercion, are more prosperous, they are more stable, and more successful than governments that do not,” he told Ghana’s parliament in 2009.

And from Europe, drones ahoy via TheLocal.dk:

Danish drones want to soar above the rest

  • A drone test centre in Odense is positioning itself to take advantage of the rapid growth in the unmanned aircraft market.

The skies of the future will be filled with drones and Denmark wants to lead the way.

An EU Commission report from April predicted bright times ahead for the European drone market.

“The technology for drones is maturing and the market for civil drones is evolving fast. On some estimates in the next ten years civil drones could be worth ten percent of the aviation market. That’s 15 billion euro per year,” a commission report read. “Drones manufacturing may create up to 150,000 European jobs by 2050.”

And a global hackery alert from Mint Press News:

Over 2 Billion Smartphones Are Hacker-Friendly

  • Researchers reveal a smartphone security vulnerability that puts the data and private communiques of millions at risk of being hacked and stolen.

In 2013, the Pew Research Center’s Internet & American Life Project found that, for the first time, most American adults own a smartphone. With 55 percent of the survey’s respondents using either an iPhone or an Android-enabled device, and with only 44 percent indicating they do not use a microcomputer-based cellphone, it’s apparent that smartphones have become an integral part of everyday life for many.

Two researchers from Accuvant Labs — Matthew Skolnik and Marc Blanchou — have discovered, however, that this dependency on smartphones has put the data and private communiques of millions at risk of being stolen. Utilizing device management software that carriers and phone manufacturers embed into mobile devices for remote servicing, the researchers have discovered that by using a femtocell and a third-party software package, a hacker can remotely and covertly install malicious code into a device and take it over — something that could potentially affect over two billion smartphones worldwide.

A femtocell is a privately-owned small-range cellular-to-broadband connector used to extend cellular range in a residence or business. They are typically available for sale from the major wireless carriers and retailers for $150 to $250, and are thought to offer “5-bars” reception to any device located within 10 meters.

Another one, from Nextgov:

Invisible Web Infection Poses Threat to Federal Computers

A surge of malicious software hit news media websites during the first half of 2014, unleashing a threat to federal agencies that rely on those sites to get information, cybersecurity researchers say.

Media networks were almost four times as likely to attract malware as the average enterprise network, likely because of an increasingly popular hacking tactic called “malvertising,” according to a new Cisco threat intelligence report.

Web publications are magnets for online ads that harbor malware and pass it on to readers. The media industry depends on advertising for revenue, but ads are hardly ever vetted for subversive code.

The Verge confronts the bleak reality:

The internet doesn’t care about security

  • Paypal’s two-factor problems are the rule, not the exception

Companies rarely care about security, even if various people within the companies do. Good security is expensive. It often means structuring your service in a certain way that pushes users through an extra step or two, and that’s a sacrifice most companies simply don’t want to make.

Paypal’s bug is a great example. Paypal wanted to make it easy for eBay users to link their accounts, so the company set up a special cookie that identified anyone coming in from eBay. As it turned out, that cookie also let Rogers bypass Paypal’s two-factor protections. Fixing it should be simple, just disable the cookie and make eBay users log in the old-fashioned way. But if PayPal did that, fewer users would link the accounts and it would cost the company money — more money than they’re likely to lose as a result of this bug. Given the choice between security and usability, companies will take usability every time.

This is the central problem of every vulnerability report: researchers want to fix it and companies don’t. I’m usually more sympathetic to the security side, but the companies have a point too. It’s hard to make software with no vulnerabilities, just like it’s hard to make a door that can’t be broken into. As security ramps up, diminishing returns set in fast. You could put a three-inch steel door on your house, but it would be ugly and heavy and you don’t want to. Instead, you trust that no one will want to kick in your door. Aside from once-in-a-generation bugs like Heartbleed, most security failures don’t have much fallout, particularly for the companies that spawn them. Six months later, it’s hard to argue that Goto-Fail had much effect on Apple’s bottom line.

And from the New York Times, another massive hack attack:

Russian Gang Amasses Over a Billion Internet Passwords

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion username and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, ranging from household names to small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

Meanwhile, the Big Box goes Big Brother, via CBC News:

Robin Walsh upset Wal-Mart withheld ‘inappropriate’ baby photos

  • Wal-Mart ‘deeply regrets’ any inconvenience for Gander, N.L., teacher and mother of 2

A mother in central Newfoundland says she was surprised and upset when a Wal-Mart employee said she couldn’t pick up her photos because they were flagged as “inappropriate” by a processing technician.

Robin Walsh, a mother of two and a teacher in Gander, said she dropped off a batch of roughly 100 photos to be processed at the local Wal-Mart, but an employee refused to return three of them. “Initially I laughed, especially when I saw what photos they were referring to, ‘cause I kind of thought that it was a joke, but I was surprised,” said Walsh.

Two of the photos were of Walsh’s infant daughter holding an empty beer bottle. Another picture showed her daughter and five-year-old son lying partially naked on their stomachs before a bath.

Paris gets its own version of the French Connection heist, via France 24:

€2.5 million in cocaine ‘disappears’ from Paris police HQ

French investigators have launched an inquiry after more than 50 kilograms (110 pounds) of seized cocaine, worth approximately €2.5 million, went missing from the Paris police headquarters, French media reported Friday.

The cocaine, which was seized in multiple police raids in northern Paris in early July, had been stored in a special room secured with an armoured door at the imposing Paris police headquarters located at 36 quai des Orfèvres in the heart of the French capital, just steps away from famed Paris monuments such as Notre Dame.

According to the French daily Le Parisien, the cocaine was last seen on 23 July. The disappearance was reported Thursday and an investigation was immediately launched.

On to Russia, and another casualty of the war on the press, via the Guardian:

Russian journalist’s body found after disappearance

The body of an independent Russian journalist was found in a wood the day after he had gone missing following threats from law enforcement authorities.

Timur Kuashev worked for the magazine Dosh (or Dosch) as its correspondent in Nalchik, the capital of the autonomous Kabardino-Balkar republic in the Russian Caucasus.

His body was found on Friday (1 August) in a wood near the Nalchik suburb of Khasania after he went missing the previous evening. There were no visible signs of violence. At the time of his burial on Saturday, the results of an autopsy to determine the cause of his death were unknown.

Kuashev had written about alleged human rights abuses by the security forces in the course of anti-terrorism operations. He also criticised Russian policy in Ukraine.

Meanwhile, Business Insider sounds an alert from Moscow:

Russia Calls For Emergency UN Security Council Meeting As Troops Fortify On The Border

Russia called for an emergency meeting of the United Nations Security Council on Tuesday over what it called an urgent humanitarian situation in Ukraine, according to a report from the Russian news agency ITAR-TASS.

“We are convening an emergency meeting of the United Nations Security Council on the humanitarian situation in Ukraine,” Russian Ambassador to the U.N. Vitaly Churkin was quoted as saying.

Earlier on Tuesday, the Russian Foreign Ministry said the U.N. and the International Committee of the Red Cross expressed “readiness” to discuss its plan to deploy a “humanitarian mission” to Ukraine, which some consider to be a pretext for an invasion by Russian forces.

After the jump, the latest from the ever-intensifying Game of Zones in Asia, including a raft of inflammatory rhetoric reaching form Afghanistan to the Philippines, including attacks both military and rhetorical, orders to arm Vietnam’s fishing fleet, spy arrests, and new problems much closer to home. . . Continue reading

How to violate the Constituion with impunity


And, apparently, prosecutorial immunity from the administration of Hope™ and Change™.

From The Real News Network, a look at the CIA’s spying on Senate staffers and the rationalizations given by the Obama administration for not prosecuting what amounts to a near-treasonous violation of the separation of powers doctrine.

The discussion features TRNN’s Jessica Desverieaux with Elizabeth Goitein, codirector of NYU Law School’s Brennan Center for Justice Liberty and National Security Program, and Jonathan Landay, senior national security and intelligence reporter for McClatchy newspapers.

From The Real News Network:

CIA Admits to Spying on Senate but No Prosecutions to Follow 

From the transcript:

DESVARIEUX: So, Jonathan, let’s start off with you. Remind our viewers why Senator Feinstein came out denouncing the CIA’s spying on her staff, because she’s more or less been rubberstamping everything that the intelligence community has been doing. So why did she decide to go after them?

LANDAY: Well, this apparently was a major red line for her, having to do with the Constitution, the constitutional separation of powers between the executive and its congressional overseers, as well as, she said in March, a potential violation of the law, one of those laws probably being the Computer Fraud Act. What she was angry about was initially denied by CIA Director Brennan, and that was that contrary to an agreement that had been brought, an agreement between her committee and the CIA, there was a protected database on this system that the CIA required the committee staff to use in compiling its report in a top-secret CIA facility somewhere in Northern Virginia. The allegation that Senator Feinstein made in March was that the CIA had in fact penetrated this database and had the monitored the documents that her staff was putting into that database, and in fact had on several occasions not just blocked access to documents that had already been put in that database, but also removed documents that had been put in that database. An investigation was launched by the CIA inspector general based on these allegations, and what we came to know last week was that the inspector general had in fact, apparently, confirmed what Senator Feinstein had alleged, that CIA personnel, contrary to the agreement that they had with–the CIA had with committee, had in fact penetrated this database.

DESVARIEUX: This sounds like a huge deal, to say the least. Elizabeth, the last time you were on the program, you mentioned that if Senator Feinstein’s accusations were actually right, that this is “a crisis of constitutional proportions”. Give us a sense of where this stands. Will we see some criminal wrongdoing by the CIA? Will we actually see them being prosecuted?

ELIZABETH GOITEIN, CODIR., BRENNAN CENTER LIBERTY AND NATIONAL SECURITY PROGRAM: Well, you’ve asked two different questions, whether there’s criminal wrongdoing and whether there’ll be prosecutions. I think what I said before. I stand by it. I think this is a crisis of constitutional proportions. These actions by the CIA do violate the separation of powers, which is sort of the foundation of checks and balances in our Constitution. It’s possible they also violate the Fourth Amendment. It’s possible they violate the Speech or Debate Clause. It’s also possible that they violate the Computer Fraud Act. So we are talking about a number of fairly serious potential legal violations. However, the Justice Department has already looked into allegations of wrongdoing by the CIA and has declined prosecution, and presumably the Justice Department had access to the same information that the inspector general had access to. So I think this is going to play itself out in politics and not in the courtroom would be my prediction.

Turning household artifacts into secret snitches


Is there nothing that can’t be bugged? Surely, you think, your houseplants are safe, right? Or that bag of potato chips sitting on your coffee table.

Not so, according to a new MIT research paper published by SIGGRAPH 2014, “The Visual Microphone: Passive Recovery of Sound from Video.”

The summary:

When sound hits an object, it causes small vibrations of the object’s surface. We show how, using only high-speed video of the object, we can extract those minute vibrations and partially recover the sound that produced them, allowing us to turn everyday objects—a glass of water, a potted plant, a box of tissues, or a bag of chips—into visual microphones. We recover sounds from highspeed footage of a variety of objects with different properties, and use both real and simulated data to examine some of the factors that affect our ability to visually recover sound. We evaluate the quality of recovered sounds using intelligibility and SNR metrics and provide input and recovered audio samples for direct comparison. We also explore how to leverage the rolling shutter in regular consumer cameras to recover audio from standard frame-rate videos, and use the spatial resolution of our method to visualize how sound-related vibrations vary over an object’s surface, which we can use to recover the vibration modes of an object.

Skeptical? Well, consider the accompanying video posted by researcher Abe Davis:

The Visual Microphone: Passive Recovery of Sound from Video

The principle behind the technology isn’t new. Spy agency and embassies long ago gave up holding secret meetings in rooms with single-glazed windows because lasers can be used to detect vibrations in the glass and translate them back into the sounds that caused them.

The technology is so well known that you can even build your own laser eavesdropper form over-the-shelf components.

But the notion that even the leaves of your friendly household spider plant can turn informant is particularly chilling.

The question now becomes, is there anything that can’t be turned into a snitch?

InSecurityWatch: Partners, hacks, threats, more


Today’s collection of tales from the realms of espionage, privacy hacks, bellicosity, and that ol’ Games of Zones begins with Glenn Greenwald’s latest, via The Intercept:

Cash, Weapons and Surveillance: the U.S. is a Key Party to Every Israeli Attack

The U.S. government has long lavished overwhelming aid on Israel, providing cash, weapons and surveillance technology that play a crucial role in Israel’s attacks on its neighbors. But top secret documents provided by NSA whistleblower Edward Snowden shed substantial new light on how the U.S. and its partners directly enable Israel’s military assaults – such as the one on Gaza.

Over the last decade, the NSA has significantly increased the surveillance assistance it provides to its Israeli counterpart, the Israeli SIGINT National Unit (ISNU; also known as Unit 8200), including data used to monitor and target Palestinians. In many cases, the NSA and ISNU work cooperatively with the British and Canadian spy agencies, the GCHQ and CSEC.

The relationship has, on at least one occasion, entailed the covert payment of a large amount of cash to Israeli operatives. Beyond their own surveillance programs, the American and British surveillance agencies rely on U.S.-supported Arab regimes, including the Jordanian monarchy and even the Palestinian Authority Security Forces, to provide vital spying services regarding Palestinian targets.

Wired threat level listens in:

How the NSA Could Bug Your Powered-Off iPhone, and How to Stop Them

Just because you turned off your phone doesn’t mean the NSA isn’t using it to spy on you.

Edward Snowden’s latest revelation about the NSA’s snooping inspired an extra dose of shock and disbelief when he said the agency’s hackers can use a mobile phone as a bug even after it’s been turned off. The whistleblower made that eye-opening claim when Brian Williams of NBC Nightly News, holding his iPhone aloft during last Wednesday’s interview, asked, “What can the NSA do with this device if they want to get into my life? Can anyone turn it on remotely if it’s off? Can they turn on apps?

“They can absolutely turn them on with the power turned off to the device,” Snowden replied.

The Register covers mislabeled “reforms”:

NSA leaker Thomas Drake says Oz security reforms are ‘scary’

  • Australians urged to oppose NatSec laws before they silence whistleblowers

National Security Agency whistleblower Thomas Drake says Australia’s looming national security reforms makes him ‘shudder’, labelling them ambiguous and a plot to stamp out legitimate public-interest whistleblowing.

Drake, who Edward Snowden said was his inspiration for leaking the NSA spy documents, blew the lid in 2006 on the NSA’s massively inefficient Trailblazer Project while at the agency that wasted billions of US dollars in spy operations post 9/11.

He along with NSA colleagues had built ThinThread what he said was a much more efficient intelligence program that cost a fraction of the Trailblazer Project and had more checks and balances in place to prevent wholesale collection of private data.

Nextgov partners up, spooks and the Washington Post’s owner are BFFs:

CIA’s Amazon-Built Cloud Goes Live

The Central Intelligence Agency is now officially an Amazon Web Services cloud consumer.

Less than 10 months after a U.S. Court of Federal Claims judge ended a public battle between AWS and IBM for the CIA’s commercial cloud contract valued at up to $600 million, the AWS-built cloud for the intelligence community went online last week for the first time, according to a source familiar with the deal.

The cloud — best thought of as a public cloud computing environment built on private premises — is yet far from its peak operational capabilities when it will provide all 17 intelligence agencies unprecedented access to an untold number of computers for various on-demand computing, analytic, storage, collaboration and other services.

From BBC News, they’re reading all your emails, then snitching:

Google ‘reveals user’ over Gmail child abuse images

Police in Houston told the local news station that Google detected explicit images of a young girl in an email being sent by John Henry Skillern. After the existence of the email was referred to them by the National Center for Missing and Exploited Children, the police obtained a search warrant and arrested the man.

The 41-year-old is a convicted sex offender. He has been charged with possessing child pornography, it was reported. “I can’t see that information, I can’t see that photo, but Google can,” Detective David Nettles said.

Emma Carr, the acting director of privacy lobby group Big Brother Watch, told the BBC: “With the rate that Gmail messages are scanned, and the fact that all US companies are bound by US law to report suspected child abuse, it is hardly surprising that this individual has found themselves on the wrong side of the law.

“However, Gmail users will certainly be interested to know what action Google proactively takes to monitor and analyse Gmail messages for illegal content, including details of what sorts of illegal activity may be targeted. Google must also make themselves very clear about what procedures and safeguards are in place to ensure that people are not wrongly criminalised.”

The Guardian covers yet more sharing to come:

Whitehall tries to revive plans to share confidential personal data

  • Proposals to share people’s details resemble Labour’s 2009 plans which critics said could ‘wipe out privacy at a stroke’

Whitehall officials are trying to revive plans that could allow the government to share confidential details about people’s finances, health and criminal records across different providers of public services.

The data sharing plans being drawn up by the Cabinet Office appear to be similar to proposals dropped by Labour in 2009 after a backbench revolt. At the time, the plans were described by critics as having the potential to “wipe out privacy at a stroke”.

Details emerged in minutes of a meeting held in April by the Cabinet Office’s data team. Under the most radical option, data could even be shared with “all bodies providing public services”, which might allow private contractors to gain access to the data.

From We Meant Well, Uncle Spooky’s trans-Atlantic reach:

Caught Stealing Data in Europe, U.S. Now Seeks to Legalize the Theft

Nearly unique among nations, the U.S. broadly imposes extraterritoriality– in the case, the enforcement of U.S. laws in other, sovereign nations.

Many examples of extraterritoriality grow out of America’s archipelago of military bases around the world, where Status of Forces Agreements (SOFA) allow service members exemption from local laws, even when they commit crimes against host country people. The U.S. also stations Customs and Border Patrol agents in other nations, denying boarding on U.S.-bound flights from Canada, for example, to Canadian citizens otherwise still standing in their own country. Imagine the outcry in America if the Chinese were to establish military bases in Florida exempt from U.S. law, or if the Russians choose which Americans could fly out of Kansas City Airport. Never mind drone strikes, bombings, deployment of Special Forces, invasions and CIA-sponsored coups.

The snowballing NSA revelations have already severely damaged U.S. credibility and relationships around the world; nations remain shocked at the impunity with which America dug into their private lives. NSA spying has also cost American tech firms $180 billion in lost revenues, as “We’re not an American company” becomes a sales point.

An American court has just taken things to a new level of extraterritorial offensiveness by requiring Microsoft to turn over to the U.S. government emails it holds on its servers. But in this case, those servers are located in Ireland, a European Union nation with its own privacy laws. Those laws are apparently of no real concern to the United States.

Europe Online covers a challenge for Zuckerberg:

12,000 join class action suit against Facebook

Some 12,000 Facebook members have joined Austrian privacy advocates in suing the US social network over its use of personal data, activist Max Schrems said Monday.

“We are surprised by the positive feedback,” said Schrems, who had issued a call on Friday to join his lawsuit.

Schrems heads an Austria-based group called Europe vs. Facebook, which has been campaigning against Facebook’s use of member data, arguing that its policies are intransparent and run counter to EU law.

PandoDaily covers another secret snitch:

Your wearable fitness tracker is a narc. You should probably stay home and eat cake

  • Oh good, your wearable device is telling the world how lazy you are.

Researchers from Symantec have revealed that they were able to intercept data from fitness trackers simply by hanging out in parks and at athletic events with a Raspberry Pi device programmed to sniff the data out of the air.

According to a blog post published by the company:

Symantec also found vulnerabilities in how personal data is stored and managed, such as passwords being transmitted in clear text and poor session management.

The fitness snoopers also discovered that 20% of the devices broadcast their login credentials as plain text.

From Techdirt, droning on, secretly:

FBI Refuses To Let Public Know How Its Drone Usage Affects Their Privacy

  • from the I’ve-got-plenty-of-nothing-and-nothing’s-plenty-for-[REDACTED] dept

The FBI’s production of privacy impact assessments (PIAs) lags far behind its deployment of privacy-impacting technology. From facial recognition software to Stingray devices to its drone usage, the FBI has always violated privacy first and assessed the damage later. In some cases, it hasn’t bothered to assess the impact at all, despite repeated assurances to questioning lawmakers that the required report (and it is required) is (forever) nearing completion.

Its biometric database, which pulls in photos from all over the place for its facial recognition software to peruse, rolled out without the required PIA in 2012. Two years later, the FBI is still promising Eric Holder that the PIA will be completed literally any month now, even as it hopes to have the system fully operational by the end of the 2014 fiscal year.

It has supposedly cranked out a PIA for its drone use — again lagging far behind its first reported deployments in “late 2006.” But the public apparently isn’t allowed to know how the agency’s drone use impacts its privacy. Instead of placing the assessment on its website for public viewing (the default method), the FBI has stashed it behind every shady government entity’s favorite FOIA exception: b(5).

From RT, airborne spookery turns tail:

Confirmed: US spy plane fleeing Russian jet invaded Swedish airspace

US officials have confirmed Swedish media reports of a mid-July incident in which an American spy plane invaded Sweden’s airspace as it was evading a Russian fighter jet. The maverick plane was spying on Russia when it was intercepted.

The incident, which happened on July 18, went public last Wednesday after a classified document from Sweden’s Defense Ministry was leaked to the press.

The plane, a Boeing RC-135 Rivet Joint, entered Sweden’s airspace after permission to do so was denied by traffic control, Svenska Dagbladet (SvD) newspaper said. It passed from the east over the island of Gotland and flew more than 200km over 90 minutes before leaving.

And from TheLocal.de, another aerial panic:

French scramble jet after German’s wayward flight

French aviation authorities were forced to dispatch a fighter jet to intercept a German tourist who had sparked a security alert by flying over sensitive sites in his microlight aircraft, French media reported.

A Mirage 2000 fighter jet was scrambled after the German tourist set off alarm bells after flying over two nuclear power stations in the south of France, French TV station TF1 reported.

The German, who had taken off from Avignon on August 1st  for a day’s flying, was forced by authorities to land in the town of Valence, France’s air transport police (CGTA) said.

From Reuters a really chilling airborne threat:

Hacker says to show passenger jets at risk of cyber attack

Cyber security researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems – a claim that, if confirmed, could prompt a review of aircraft security.

Santamarta, a consultant with cyber security firm IOActive, is scheduled to lay out the technical details of his research at this week’s Black Hat hacking conference in Las Vegas, an annual convention where thousands of hackers and security experts meet to discuss emerging cyber threats and improve security measures.

His presentation on Thursday on vulnerabilities in satellite communications systems used in aerospace and other industries is expected to be one of the most widely watched at the conference.

From Wired threat level, hackery gone keyless :

Watch This Wireless Hack Pop a Car’s Locks in Minutes

Shims and coat hangers are the clumsy tools of last century’s car burglars. Modern-day thieves, if they’re as clever as Silvio Cesare, may be able to unlock your vehicle’s door without even touching it.

As part of a talk on the insecurity of wireless devices at the Black Hat security conference later this week, Cesare plans to reveal a technique that could allow anyone to spoof the signal from a wireless key fob and unlock a car with no physical trace, using a codebreaking attack that takes as little as a few minutes to perform. “I can use this to lock, unlock, open the trunk,” says Cesare, an Australian researcher for the security firm Qualys. “It effectively defeats the security of the keyless entry.”

For now, Cesare’s hack requires off-the-shelf tools that cost just over $1,000, and in some cases may require the attacker to remain within wireless range of the car for as long as two hours. He’s also only tested it on his own car, which is ten years old.

While the London Daily Mail sounds a Skynet alert:

AI is ‘potentially more dangerous than nukes’: Elon Musk claims a robot uprising could be a serious threat to humanity

  • Comment tweeted by Musk while recommending a book by Nick Bostrom
  • The book ‘Superintelligence: Paths, Dangers, Strategies’, asks major questions about how humanity will cope with super-intelligent computers
  • Musk previously said ‘Terminator-like’ scenario could be created from AI
  • 42-year-old is so worried that he said his investment in AI group, Vicarious, was purely to keep an eye on the technology rather than make money

Elon Musk is one of the driving forces behind super-intelligent computers that could improve everything from space travel to electric cars.

But the Tesla-founder claims the technology could someday be more harmful than nuclear weapons.

At the weekend, the billionaire tweeted a recommendation for a book that looks at a robot uprising, claiming ‘We need to be super careful with AI. Potentially more dangerous than nukes.’

Another airborne alert from Deutsche Welle:

Russia launches huge air defense exercises close to Ukraine

Russia has announced large-scale air defense exercises along its Ukraine border. The move is being perceived as a show of strength by Moscow, and is likely to further raise tensions in the region.

Russia has announced large-scale air defense exercises along its Ukraine border. The new military drills will involve around 100 aircraft, and will be staged from Monday through to Friday this week, a Russian air force spokesman told the Interfax news agency.

Fighter jets, supersonic interceptor jets and attack helicopters are expected to take part in missile-firing practice and target training maneuvers in the central and western military districts.

Air force spokesman Igor Klimov told AFP the drills were “a routine event.” He said they were not related to the ongoing conflict between government forces and pro-Russian separatists in eastern Ukraine.

And from Want China Times, a new chapter in the Game of Zones?:

Russia might win China as ally: Canadian military magazine

Russia may speed up siding with the East after the Crimea crisis and it is inevitable that neighboring China and Russia will forge closer ties, reports the military magazine of Canada-based news organization Kanwa Information Center.

The report said the stalemate among Russia, Europe and the United States may last for a long time, so China-Russia’s military cooperation may also enter a new era.

A Russian newspaper reported on March 29 that Russian president Vladimir Putin had agreed to the arms sales of the S-400 Triumf to China. It is unusual for a major media outlet to link Putin’s name with S-400 sales to China and is being interpreted as Russia sending a strong political message to the West and Japan.

And yet another one, this time from JapanToday:

Japan to launch military space force: report

Japan is planning to launch a military space force by 2019 that would initially be tasked with protecting satellites from dangerous debris orbiting the Earth, a report said.

The move is aimed at strengthening Japan-US cooperation in space, and comes after the countries pledged to boost joint work on monitoring space debris, Kyodo news agency said Sunday.

Japan would provide the US military with information obtained by the force as part of the joint bid to strengthen ties in space, the so-called “fourth battlefield”, Kyodo said, citing unnamed sources.

And for our final item, yet another airborne alert from Want China Times:

Chinese DF-41 missile can penetrate US air defense: German expert

None of the air defense systems the United States currently employs are capable of intercepting China’s newly developed DF-41 solid-fueled road-mobile intercontinental ballistic missile, reports the Berlin-based Die Welt.

Intercepting the DF-41 in the air is as challenging as trying to shoot a rifle bullet into another, Karl Josef Dahlem, chief advisor of air defense with the European guided weapons manufacturer MBDA, told Die Welt during an interview. Early detection by reconnaissance and radar facilities is a must for the US to intercept intercontinental missiles, Dahlem said.

“Depending upon the flight path a missile takes roughly 20 to 25 minutes to launch from Asia to a target in the USA,” said Dahlem. The DF-41 is capable of ascending over 1000 kilometers into space, twice as far as the International Space Station circling the Earth. For this reason, it is better for the defender to destroy the incoming missile when it is still far away from the ground.

InSecurityWatch: Taps, torture, zones, crime


We’ve been under the weather these last few days, so today’s collection of tales from the dark side has beaucoup items, starting with the latest buggery headline from the Independent:

Israel-Gaza conflict: John Kerry’s phone calls ‘tapped by Israeli government’ while he mediated Middle East peace talks

Israeli intelligence agencies reportedly tapped John Kerry’s phone while the US Secretary of State was in the Middle East trying to negotiate an end to the Gaza conflict.

According to reports in Sunday’s Der Spiegel, Israeli spies listened in on Mr Kerry’s conversations with other high-profile negotiators during the peace talks last year.

Mr Kerry was said to have used both encrypted and standard telephones to discuss issues between Israel, the Palestinians and the Arab states – and some of those normal calls were reportedly picked up by the authorities in Jerusalem.

Details from the Spiegel report:

During the peak stage of peace talks last year, Kerry spoke regularly with high-ranking negotiating partners in the Middle East. At the time, some of these calls were not made on encrypted equipment, but instead on normal telephones, with the conversations transmitted by satellite. Intelligence agencies intercepted some of those calls. The government in Jerusalem then used the information obtained in international negotiations aiming to reach a diplomatic solution in the Middle East.

In the current Gaza conflict, the Israelis have massively criticized Kerry, with a few ministers indirectly calling on him to withdraw from peace talks. Both the US State Department and the Israeli authorities declined to comment.

Only one week ago, Kerry flew to Israel to mediate between the conflict parties, but the Israelis brusquely rejected a draft proposal for a cease-fire. The plan reportedly didn’t include any language demanding that Hamas abandon its rocket arsenal and destroy its tunnel system. Last year, Kerry undertook intensive diplomatic efforts to seek a solution in the conflict between the Israelis and the Palestinians, but they ultimately failed. Since those talks, relations between Kerry and Israeli Prime Minister Benjamin Netanyahu have been tense.

And on to the latest evidence of spooks spooking on Congress, via Techdirt:

CIA Spying On The Senate Went Much Further Than Originally Reported

  • from the because-of-course-it-did dept

We already covered how the CIA has admitted to and apologized for its spying on the Senate, but the CIA’s official “unclassified” statement on the matter shows that what the CIA did was even worse than the initial allegations. Here’s the basic summary, according to the CIA’s Inspector General:

  • Agency Access to Files on the SSCI RDINet: Five Agency employees, two attorneys and three information technology (IT) staff members, improperly accessed or caused access to the SSCI Majority staff shared drives on the RDINet.
  • Agency Crimes Report on Alleged Misconduct by SSCI Staff: The Agency filed a crimes report with the DOJ, as required by Executive Order 12333 and the 1995 Crimes Reporting Memorandum between the DOJ and the Intelligence Community, reporting that SSCI staff members may have improperly accessed Agency information on the RDINet. However, the factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based. After review, the DOJ declined to open a criminal investigation of the matter alleged in the crimes report.
  • Office of Security Review of SSCI Staff Activity: Subsequent to directive by the D/CIA to halt the Agency review of SSCI staff access to the RDINet, and unaware of the D/CIA’s direction, the Office of Security conducted a limited investigation of SSCI activities on the RDINet. That effort included a keyword search of all and a review of some of the emails of SSCI Majority staff members on the RDINet system.
  • Lack of Candor: The three IT staff members demonstrated a lack of candor about their activities during interviews by the OIG.

From The Hill, that paragon of Hope™ and Change™ springs to the defense:

President gives vote of confidence to CIA chief

President Obama issued a strong defense of CIA Director John Brennan on Friday in the face of revelations that his agency spied on congressional staffers’ computers.

“I have full confidence in John Brennan,” Obama said in a White House press conference. “I think he has acknowledged — and directly apologized to [Senate Intelligence Committee Chairwoman] Sen. [Dianne] Feinstein [D-Calif.] — that CIA personnel did not properly handle an investigation into how certain documents that were not authorized to be release to the Senate staff got somehow into the hands of the Senate staff.

“It’s clear from the [inspector general] report that some very poor judgment was shown in terms of how that was handled,” Obama added. “Keep in mind, though, that John Brennan was the person who called for the IG report, and he’s already stood up a task force to make sure that lessons are learned and mistakes are resolved.”

And from The Wire, gettin’ all folksy and whatever:

Obama Condenses History With These Four Words: ‘We Tortured Some Folks’

President Obama is known for being long-winded, but on Friday he uttered a phrase that may be as blunt as any modern president has ever made.

“We tortured some folks,” the president said toward the end of a White House news conference as he responded to the release of a Senate report on the C.I.A.’s use of “enhanced interrogation techniques” in the months after 9/11.

“We crossed a line,” Obama continued. “That needs to be understood and accepted, and we as a country need to take responsibility for that so we don’t do it again in the future.”

From C-SPAN, the money shot:

President Obama: “We tortured some folks.”

Program note:

President Obama answers questions on CIA Spying and Torture Tactics and says, “We tortured some folks.”

MintPress News covers the Big Spin:

State Dept. ‘Torture Talking Points’ Reveal White House PR Machine Ahead Of Senate Report

  • Obama administration to argue that revelation of CIA torture program is an example of “America’s democratic system”.

A State Department document obtained by the Associated Press reveals part of the Obama administration’s attempt to ready its public relations response to an upcoming Senate report on the CIA’s torture program.

Due to be declassified in the coming days, the report is said to criticize the agency for its post-9/11 illegal torture of detainees in secret prisons. The document details some of the administration’s prepared talking points to be used once a White House-approved version of the report is released.

Reportedly sent by accident via email to the AP, the State Department memo describes the report as a demonstration of American democracy, rather than as an indictment of the CIA’s torture practices. The document states that “no American is proud” of the CIA’s tactics, but that “the story” of illegal, indefinite torture and imprisonment is part of a larger message, one in which “America’s democratic system worked just as it was designed to work in bringing an end to actions inconsistent with our democratic values.” That story, the document proclaims, is one in which Americans can take pride.

While the Observer covers a hoped-for coverup:

Britain ‘attempts to censor’ US report on torture sites

  • US Senate report may confirm that Diego Garcia was used for extraordinary rendition after 9/11

The government stands accused of seeking to conceal Britain’s role in extraordinary rendition, ahead of the release of a declassified intelligence report that exposes the use of torture at US secret prisons around the world.

The Senate report on the CIA’s interrogation programme, due to be released in days, will confirm that the US tortured terrorist suspects after 9/11. In advance of the release, Barack Obama admitted on Friday: “We tortured some folks. We did some things that were contrary to our values.”

Now, in a letter to the human rights group Reprieve, former foreign secretary William Hague has confirmed that the UK government has held discussions with the US about what it intends to reveal in the report which, according to al-Jazeera, acknowledges that the British territory of Diego Garcia was used for extraordinary rendition.

And from the McClatchy Washington Bureau, California’s plutocratic senator and a mandated delay:

Citing redactions, Feinstein delays release of report on CIA interrogations

The Obama administration censored significant portions of the findings of an investigation into the CIA’s use of harsh interrogation methods on suspected terrorists, forcing the chairwoman of the Senate Intelligence Committee to delay their release “until further notice.”

The postponement late Friday added to serious frictions over the investigation between the administration and lawmakers, who have been pressing for the swiftest, most extensive publication of the findings on one of darkest chapters in the CIA’s 65-year history.

Feinstein announced the delay only hours after the White House returned the document to her after it completed its declassification review. It also came after Obama acknowledged hours earlier that interrogators for the spy agency had tortured suspected terrorists.

While the Guardian covers the inevitable torture advocacy:

Senate Republicans to issue minority report on CIA ‘torture’ techniques

  • Saxby Chambliss: ‘information gleaned took down Bin Laden’
  • Majority to allege techniques were unnecessary and unhelpful

Republicans on the Senate intelligence committee will soon release a minority report asserting that the CIA’s use of harsh interrogation techniques helped bring down Osama bin Laden and other terrorists, the panel’s top Republican said on Sunday.

“Information gleaned from these interrogations was in fact used to interrupt and disrupt terrorist plots, including some information that took down Bin Laden,” the Georgia senator Saxby Chambliss said on CBS’s Face the Nation.

The Senate intelligence committee reports will come five years after it authorised an investigation into the use of possible torture by the CIA after the September 11 attacks.

Heading north of the border and a put-up-or-shut-up response via the Toronto Globe and Mail:

China challenges Canada to produce evidence of cyberattacks

China’s ambassador to Canada says if Ottawa has evidence that Beijing is responsible for a cyberattack on a top Canadian research body, it should turn it over to the Chinese government.

“If you have evidence, credible evidence, we will be happy to see that,” Ambassador Luo Zhaohui said in an interview. “Show me the evidence and then we can do something to investigate,” the Chinese envoy said.

This week, for the first time, the Canadian government publicly singled out China for hacking, announcing in a statement that computers at the National Research Council were breached, and pointing to “a highly sophisticated Chinese state-sponsored actor.”

On to Germany and a decline from Deutsche Welle:

Journalist Greenwald refuses to speak to Germany’s NSA scandal inquiry

Journalist Glenn Greenwald has refused to speak to a German parliamentary inquiry on the NSA scandal. He said the Bundestag’s decision not to interview Edward Snowden is indicative of the committee’s “empty symbolism.”

Greenwald on Friday said he had turned down an invitation to testify before the German parliament later this summer about the NSA spying scandal. The US journalist said that while he was “very supportive of any attempt by the German Parliament to conduct a serious investigation into NSA spying on Germans,” the existing Bundestag inquiry was not that.

“Unfortunately, German politicians have demonstrated, with their refusal to interview the key witness in person – Edward Snowden – that they care far more about not upsetting the US than they do about conducting a serious investigation,” he said in a statement.

Greenwald had been expected to speak to the Bundestag on September 11 via video link from Rio de Janeiro, Brazil, where he lives.

While Ars Technica covers the tech savvy:

Terrorists embracing new Android crypto in wake of Snowden revelations

  • Android is the “preferred platform” for terrorist groups, according to report.

Security researchers announced Friday that they have found new evidence to bolster claims from the National Security Agency that terrorists have altered their countermeasures in the wake of the Edward Snowden revelations.

“Al-Fajr, one of Al-Qaeda’s media arms, released a new Android encryption application [in] early June 2014 on their website, referring to how it follows the “latest technological advancements” and provides ‘4096 bit public key’ encryption,” intelligence firm Recorded Future said in a Friday report.

The report added that Global Islamic Media Front, another arm of Al Qaeda, just released a “new version” of Android crypto software.

After the jump, drone dilemmas, Internet crackdowns and privacy lawsuits, the 411 on Facebook 911 calls, online amnesia laments, USB under seige, homeland insecurity, Scotland Yard corruption, the latest escalation in the Asian Game of Zones, a terrorist who wasn’t, an Israeli call for genocide, and more. . . Continue reading

InSecurityWatch: Liars, spyers, bluffs, triers


Today’s collection of tales from the dark side begins with actions that in some other countries might be considered treasonous.

From the Guardian:

CIA admits to spying on Senate staffers

  • CIA director apologises for improper conduct of agency staff
  • One senator calls on John Brennan to resign in wake of scandal

The director of the Central Intelligence Agency, John Brennan, issued an extraordinary apology to leaders of the US Senate intelligence committee on Thursday, conceding that the agency employees spied on committee staff and reversing months of furious and public denials.

Brennan acknowledged that an internal investigation had found agency security personnel transgressed a firewall set up on a CIA network, which allowed Senate committee investigators to review agency documents for their landmark inquiry into CIA torture.

Among other things, it was revealed that agency officials conducted keyword searches and email searches on committee staff while they used the network.

The London Daily Mail has the inevitable mea culpa:

CIA director apologizes after government spooks snooped on US Senate computers

  • John Brennan said he’s investigating the CIA employees who hacked into Senate Intelligence Committee PCs
  • CIA created a fake user account to retrieve documents they believed Senate staffers had improperly accessed
  • Department of Justice has no plans to prosecute anyone

And from The Hill, a reasonable call:

Senators call for CIA chief’s resignation

Pressure is building on CIA Director John Brennan to resign following the agency’s admission Thursday that it spied on the computers of Senate staffers.

Two members of the Senate Intelligence Committee called for Brennan’s resignation on Thursday after a classified briefing on an agency watchdog report that concluded five CIA staffers had “improperly accessed” Senate computers.

Sen. Mark Udall (D-Colo.) became the first senator to make the call when he issued a statement declaring that he had “no choice but to call for the resignation of CIA Director John Brennan.”

“The CIA unconstitutionally spied on Congress by hacking into Senate Intelligence Committee computers,” he said.

More details from the Associated Press:

Leaked White House file addresses ‘torture by CIA’

The State Department has endorsed the broad conclusions of a harshly critical Senate report on the CIA’s interrogation and detention practices after the 9/11 attacks that accuses the agency of brutally treating terror suspects and misleading Congress, according to a White House document.

“This report tells a story of which no American is proud,” says the four-page document, which contains the State Department’s preliminary proposed talking points in response to the classified Senate report, a summary of which is expected to be released in the coming weeks.

“But it is also part of another story of which we can be proud,” adds the document, which was circulating this week among White House officials and which the White House accidentally e-mailed to an Associated Press reporter. “America’s democratic system worked just as it was designed to work in bringing an end to actions inconsistent with our democratic values.”

Still more from Techdirt:

CIA Torture Report Reveals That State Department Officials Knew About Torture; Were Told Not To Tell Their Bosses

  • from the loose-lips-stop-war-crimes dept

We continue to wait and wait for the White House to finish pouring black ink all over the Senate’s torture report, before releasing the (heavily redacted) 480-page executive summary that the Senate agreed to declassify months ago. However, every few weeks it seems that more details from the report leak out to the press anyway. The latest is that officials at the State Department were well aware of the ongoing CIA torture efforts, but were instructed not to tell their superiors, such that it’s likely that the top officials, including Secretary of State Colin Powell, may have been kept in the dark, while others at the State Department knew of the (highly questionable) CIA actions.

A Senate report on the CIA’s interrogation and detention practices after the 9/11 attacks concludes that the agency initially kept the secretary of state and some U.S. ambassadors in the dark about harsh techniques and secret prisons, according to a document circulating among White House staff.

The still-classified report also says some ambassadors who were informed about interrogations of al-Qaida detainees at so-called black sites in their countries were instructed not to tell their superiors at the State Department, the document says.

Still more from the Guardian:

CIA initially ‘kept Colin Powell in the dark’ about torture practices

  • It’s not entirely clear exactly which US officials knew about the practices at the time they began, a Senate report concludes

A Senate report on the CIA’s interrogation and detention practices after the 9/11 attacks concludes that the agency initially kept the secretary of state and some US ambassadors in the dark about harsh techniques and secret prisons, according to a document circulating among White House staff.

The still-classified report also says some ambassadors who were informed about interrogations of al-Qaida detainees at so-called black sites in their countries were instructed not to tell their superiors at the State Department, the document says.

The 6,300-page Senate report on the CIA’s interrogation program has been years in the making. The findings are expected to reveal additional details about the CIA’s program and renew criticisms that the US engaged in torture as it questioned terrorism suspects after the 2001 attacks.

From Wired threat level, Keeping us ignorant:

U.S. Marshals Seize Cops’ Spying Records to Keep Them From the ACLU

A routine request in Florida for public records regarding the use of a surveillance tool known as a stingray took an extraordinary turn recently when federal authorities seized the documents before police could release them.

The surprise move by the U.S. Marshals Service stunned the American Civil Liberties Union, which earlier this year filed the public records request with the Sarasota, Florida, police department for information detailing its use of the controversial surveillance tool.

Stingrays, also known as IMSI catchers, simulate a cellphone tower and trick nearby mobile devices into connecting with them, thereby revealing their location. A stingray can see and record a device’s unique ID number and traffic data, as well as information that points to its location. By moving a stingray around, authorities can triangulate a device’s location with greater precision than is possible using data obtained from a carrier’s fixed tower location.

And from Techdirt, in cyberspace nobody can hear you scream:

Court Says Who Cares If Ireland Is Another Country, Of Course DOJ Can Use A Warrant To Demand Microsoft Cough Up Your Emails

  • from the say-what-now? dept

A NY judge has ruled against Microsoft in a rather important case concerning the powers of the Justice Department to go fishing for information in other countries — and what it means for privacy laws in those countries. As you may recall, back in April, we wrote about a magistrate judge first ruling that the DOJ could issue a warrant demanding email data that Microsoft held overseas, on servers in Dublin, Ireland. Microsoft challenged that, pointing out that you can’t issue a warrant in another country. However, the magistrate judge said that this “warrant” wasn’t really a “warrant” but a “hybrid warrant/subpoena.” That is when the DOJ wanted it to be like a warrant, it was. When it wanted it to be like a subpoena, it was.

Microsoft fought back, noting that the distinction between a warrant and a subpoena is a rather important one. And you can’t just say “hey, sure that’s a warrant, but we’ll pretend it’s a subpoena.” As Microsoft noted:

This interpretation not only blatantly rewrites the statute, it reads out of the Fourth Amendment the bedrock requirement that the Government must specify the place to be searched with particularity, effectively amending the Constitution for searches of communications held digitally. It would also authorize the Government (including state and local governments) to violate the territorial integrity of sovereign nations and circumvent the commitments made by the United States in mutual legal assistance treaties expressly designed to facilitate cross-border criminal investigations. If this is what Congress intended, it would have made its intent clear in the statute. But the language and the logic of the statute, as well as its legislative history, show that Congress used the word “warrant” in ECPA to mean “warrant,” and not some super-powerful “hybrid subpoena.” And Congress used the term “warrant” expecting that the Government would be bound by all the inherent limitations of warrants, including the limitation that warrants may not be issued to obtain evidence located in the territory of another sovereign nation.

Off to Germany and humor with serious intent from the Guardian:

Bug spotting: Germans hold ‘nature walks’ to observe rare NSA spy

  • Weekly walks from Griesheim to nearby US Dagger Complex lead way in multi-generational protest against digital surveillance

One morning last July, the German intelligence service knocked on Daniel Bangert’s door. They had been informed by the US military police that Bangert was planning to stage a protest outside the Dagger Complex, an American intelligence base outside Griesheim in the Hesse region. Why hadn’t he registered the protest, and what were his political affiliations? they asked.

Bangert explained that he wasn’t planning a protest and that he didn’t have any links to political groups. All he had done was put a message on Facebook inviting friends to go on a “nature walk” to “explore the endangered habitat of NSA spies”. Eventually, the agents left in frustration.

Twelve months later, Bangert’s nature trail has not only become a weekly ritual in Griesheim, but also the frontrunner of a new multi-generational German protest movement against digital surveillance.

RT covers another German NSA-related story:

Germany rolls out surveillance-proof phone after NSA spying debacle

Program notes:

Germany is looking to take-on the NSA on its own ground – technology. It has come up with a cell phone which is claimed to be spy-proof. RT’s Peter Oliver talks to Karsten Nohl, crypto specialist, Security Research Labs.

And from the Guardian, a new lower profile:

NSA keeps low profile at hacker conventions despite past appearances

  • Though agency actively recruits security engineers and experts, NSA chiefs won’t speak at Black Hat or Def Con this year

As hackers prepare to gather in Las Vegas for a pair of annual conventions, the leadership of the National Security Agency won’t make the trek.

While the technically sophisticated US surveillance entity has often mingled in recent years with some of the world’s elite engineers and digital security experts at Black Hat and Def Con, Admiral Mike Rogers and Rick Ledgett, the newly minted director and deputy director of the agency, won’t prowl the Mandalay Bay and Rio hotel-casinos this year.

Vanee Vines, a spokeswoman for the NSA who confirmed Rogers and Ledgett’s absences, said she was unaware of any invitations the hacker conferences extended to NSA officials, and did not know if staffers would attend, either.

From BBC News, a whistleblower’s uncertain fate:

Snowden’s temporary asylum status expires in Russia

Fugitive US whistleblower Edward Snowden’s year-long leave to stay in Russia has expired without confirmation that it will be extended.

His lawyer said he could stay in the country while his application for an extension was being processed.

The man who exposed US intelligence practices to the world’s media won leave to remain in Moscow a year ago.

From the London Telegraph, a Cold War tradition continues:

Vienna named as global spying hub in new book

  • Vienna is the world leader in espionage with at least 7,000 spies plying their trade in the Austrian capital

Its reputation as a centre of espionage long predates its notoriety as the setting for the 1949 film The Third Man but only now can a figure be put on the number of spies operating in Vienna.

A survey compiled by experts in spying activities in the Austrian capital shows that at least 7,000 agents work undercover in the city.

As neutral country, Vienna was a Cold War spying hub where both sides were able to ply their trade and openly dealt with each other. Its allure was explained in the opening sequence in the Third Man when the narrator observed that Vienna allows agents a free run: “We’d run anything if people wanted it enough, and had the money to pay.”

From EurActiv, secrecy in the interest of corporadoes and banksters:

EU Ombudsman demands more TTIP transparency

The European Ombudsman today (31 July) opened two investigations into the EU Council and Commission over a lack of transparency around the Transatlantic Trade and Investment Partnership (TTIP).

Emily O’Reilly investigates complaints about maladministration in the EU institutions. She called on both Council and Commission to publish EU negotiating directives related to the EU-US trade deal, and take measures to ensure timely public access to TTIP documents, and stakeholder meetings.

It is a blow to the Commission, which has regularly protested that the talks are the most open ever held. MEPs, pressure groups, unions and other organisations have said that they are not transparent enough.

RT covers a symbolic hack:

Anonymous ‘knocks out’ Mossad website over Israel’s Gaza offensive

Hacker group Anonymous has reportedly taken down the website of the Israeli secret service Mossad in protest of Israel’s military incursion in Gaza. The ‘hacktivists’ have already targeted a number of organizations in their mission to stop the “genocide.”

Mossad’s website went offline at around 00:40 GMT and is still down at the time of writing. The Israeli government has yet to make any comment on the supposed hack attack.

In a previous attack on Monday, Anonymous knocked out multiple Israeli government sites after one of the organization’s members died in the West Bank over the weekend. 22-year-old Tayeb Abu Shehada was killed during a protest in the village of Huwwara in the West Bank after Israeli settlers and soldiers opened fire on demonstrators, reported Bethlehem-based Ma’an News Agency.

Off to Asia and still more NSA-directed ire — this time from India. Via the Hindu:

Sushma confronts Kerry with snooping

In India’s strongest statement on the issue yet, External Affairs Minister Sushma Swaraj called the U.S. surveillance of Indian entities “unacceptable”, and said she had taken up the issue of “snooping” by the National Security Agency (NSA) with Secretary of State John Kerry during the India-U.S. strategic dialogue here on Thursday.

“I did raise the snooping issue with Mr. Kerry,” Ms. Swaraj told presspersons at a joint press conference. “I told him that people in India were angry. I told him that since we are friendly nations, it is not acceptable to us.”

In reply, Mr. Kerry said, “We do not discuss intelligence matters in public. We value our relationship with India. President [Barack] Obama has undertaken a unique and unprecedented review of our intelligence.”Ms. Swaraj said India and the U.S. had now hit a “new level” in their relationship.

From the Associated Press, adding some spin, the latest from a militarized Thailand:

Thai junta appoints army-dominated legislature

Thailand’s junta has appointed a military-dominated interim legislature in another step in the slow return of promised electoral democracy. The junta announced Thursday night that King Bhumibol Adulyadej has officially endorsed the appointments.

The junta, which took power on May 22, announced a timetable a month ago for the gradual return to nominally civilian rule, culminating in a general election late next year.

Just over half of the 200 members of the interim legislature, formally known as the National Legislative Assembly, hold military ranks, and 11 are police. It is to convene on Aug. 7 and is to nominate an interim prime minister. The junta, officially called the National Council for Peace and Order, has already given itself what amounts to supreme power over political developments.

Want China Times draws a trans-Pacific line:

Canada has to pick between China and the US

Former Canadian ambassador to Beijing David Mulroney said recently that the intensifying relationship between Canada and China has been seen in both a positive and a negative light in his country.

Mulroney said that although the economic and trade relationship between the two countries has improved since 2012, especially in light of Canada’s increased uranium exports to China, and a memorandum of understanding on cooperation in agricultural technologies and agricultural trade signed during agricultural minister Gerry Ritz’s trip to Beijing in June of this year and the additional trade service offices that Canada plans to set up in China, boosting the number from four to 15, suspicion between the two countries is on the rise.

The Canada-China Foreign Investment Promotion and Protection Agreement, which has already been ratified by Beijing, is yet to be adopted by the Canadian government pending a legal challenge. The intensifying strategic contest between the US and China in the Asia-Pacific is also putting a damper on the Sino-Canadian economic and trade relationship.

From Xinhua, another trans-Pacific tension:

China accuses U.S. over military reconnaissance

China’s Defense Ministry on Thursday accused the United States of regular reconnaissance by naval ships and aircraft in Chinese waters and airspace.

“Vessels and aircraft of the U.S. military have for a long time carried out frequent reconnaissance in waters and airspace under Chinese jurisdiction, which seriously affects China’s national security and could easily cause accidents,” spokesman Geng Yansheng said at a monthly briefing.

His comments came in response to a question regarding a Chinese naval ship’s sailing in areas near the ongoing U.S.-organized RIMPAC (Exercise Rim of the Pacific) maritime exercise.

From South China Morning Post, a military concomitant:

Millions of Hong Kong fliers delayed by mainland military restrictions

  • About 100,000 flights using Chek Lap Kok each year have up to 20 minutes added to flight time thanks to height restrictions, analysis shows

About 100,000 flights carrying almost 15 million passengers to and from Hong Kong airport each year are affected by military airspace restrictions, analysis of official civil aviation data shows.

Environmental group Green Sense and the Airport Development Concern Network revealed their analysis yesterday, pointing out that a so-called “sky wall” imposed by the PLA was extending flight times by between 10 and 20 minutes.

“We found that, between 2010 and 2012, about 30 per cent of planes needed to fly through this ‘sky wall’. It is not the 23 per cent the Airport Authority has claimed,” network spokesman Michael Mo said.

From NHK WORLD, a pointed gesture:

Japan’s GSDF, Australian troops plan joint drills

Japan’s Ground Self-Defense Force will hold a disaster-preparedness drill with US and Australian forces in northeastern Japan in November.

Chief of Staff Kiyofumi Iwata of the Ground Self-Defense Force made the announcement at a news conference on Thursday.

Iwata said Japanese, US, and Australian troops will simulate a response to a massive earthquake in Miyagi Prefecture and other areas for 4 days starting from November 6th.

And a vulnerability reminder from WIRED:

Hackers Can Control Your Phone Using a Tool That’s Already Built Into It

A lot of concern about the NSA’s seemingly omnipresent surveillance over the last year has focused on the agency’s efforts to install back doors in software and hardware. Those efforts are greatly aided, however, if the agency can piggyback on embedded software already on a system that can be exploited.

Two researchers have uncovered such built-in vulnerabilities in a large number of smartphones that would allow government spies and sophisticated hackers to install malicious code and take control of the device.

The attacks would require proximity to the phones, using a rogue base station or femtocell, and a high level of skill to pull off. But it took Mathew Solnik and Marc Blanchou, two research consultants with Accuvant Labs, just a few months to discover the vulnerabilities and exploit them.

Plus a puzzler from TMZ:

Hollywood Cops, Prosecutors Stumped Over Drones

Hollywood cops and prosecutors want to go after a guy who flew a drone over the Hollywood police dept., but we’ve learned they’re stumped.

Law enforcement sources tell TMZ … several people have become a thorn in the side of the LAPD — trying to expose what they claim are police misdeeds.  One of them flew a drone over the Hollywood Division Tuesday afternoon, shooting video of the parking lot with prisoners and undercover officers.

The parking lot is shielded by a wall for security reasons — so it’s not visible from the street.

We’re told police detectives and lawyers from the L.A. County D.A. and the L.A. City Attorney had a meeting to figure out what criminal laws might have been violated, but they concluded as long as the drone flies lower than 400 feet … there’s nothing they can do.  Anything above is covered by the FAA.

For our final item, cross-border security hypocrisy from the Washington Post:

House GOP leaders spike border bill rather than see it defeated

House Republican leaders were ambushed by another conservative insurrection on Thursday, forced to scrap a pivotal vote on a border security bill and scramble to find a solution amid a familiar whirlwind of acrimony and finger-pointing.

The failure to move forward with legislation aimed at coping with a surge of unaccompanied minors at the U.S.-Mexico border left Republicans unable to act on a problem that they have repeatedly described as a national crisis. As the drama unfolded in the House, the Senate also failed to advance legislation to address the immigration crisis, unable to overcome a procedural hurdle and then leaving town for five-week summer break.

The congressional chaos ensured that President Obama’s administration will not have the resources necessary to stem the recent tide of tens of thousands of migrants from Central America, many of them children entering the United States alone, until mid-September at the earliest. The only two significant measures approved by Congress as of Thursday were bills authorizing broad reforms at the Department of Veterans Affairs and a nine-month -extension of federal highway-construction funding.

InSecurityWatch: Pols, ploys, snoops, zones


Today’s collection of tales from the dark side begins with more symbol than substance, via the Guardian:

Obama-backed surveillance reform bill introduced in US Senate

  • Patrick Leahy’s popular bill contains stricter privacy measures than the USA Freedom Act, which the House passed in May

A surveillance reform bill backed by the Obama administration was introduced in the Senate on Tuesday, raising the possibility that Congress could this year take the National Security Agency out of the business of collecting and storing all US phone data.

Introduced by Senator Patrick Leahy, the bill is a counterpart to the USA Freedom Act, which the House of Representatives passed in May, but contains some stricter privacy measures and broader transparency requirements – the absence of which caused civil libertarians, privacy groups and technology firms to abandon their support for the House version. Many of them are backing Leahy’s bill.

The question underlying the legislation is “whether we are in control of our own government or the other way around,” Leahy, the chairman of the Senate judiciary committee, said on the Senate floor.

From Truthdig, and why are we not surprised?:

NSA Court Judges Invest in Verizon While Surveillance Warps Law and Journalism

We must never be surprised when we learn once again that our lawmakers and law interpreters are in bed with the country’s largest corporations—this is how the American government now operates. A July 25 article in Vice includes documentation that shows three judges from the Foreign Intelligence Surveillance Act Court, the tribunal that evaluates the legality of the NSA’s practices, own stock in Verizon. Although there doesn’t seem to be a direct financial incentive for judges to allow the NSA to rifle through the data (our data) of a company in which they have invested, it does show the intimate relationship the NSA, the FISA Court and Verizon share.

Specifically, the article states: “On May 28 last year, Judge James Zagel, a FISA Court member since 2008, purchased stock in Verizon. In June of this year, Zagel signed off on a government request to the FISA Court to renew the ongoing metadata collection program.” The piece goes on to say that FISA Court Judges Susan Wright and Dennis Saylor also own shares in the company, and although Vice wasn’t able to obtain accurate numbers for the amount invested, it appears to be in the thousands of dollars.

The Vice article notes that judges are supposed to remove themselves from cases in which they might have a “financial stake in the outcome” or from any case in which they might find it difficult to be impartial. The Verge also pointed out that telecommunication companies like Verizon receive millions of dollars from the government in their “record-sharing deals.”

From Wired threat level, a question about California’s plutocratic and most powerful Democrat and Senate Select Committee on Intelligence chair:

Personal Privacy Is Only One of the Costs of NSA Surveillance

There is no doubt the integrity of our communications and the privacy of our online activities have been the biggest casualty of the NSA’s unfettered surveillance of our digital lives. But the ongoing revelations of government eavesdropping have had a profound impact on the economy, the security of the internet and the credibility of the U.S. government’s leadership when it comes to online governance.

These are among the many serious costs and consequences the NSA and those who sanctioned its activities—including the White House, the Justice Department and lawmakers like Sen. Dianne Feinstein—apparently have not considered, or acknowledged, according to a report by the New America Foundation’s Open Technology Institute.

“Too often, we have discussed the National Security Agency’s surveillance programs through the distorting lens of a simplistic ‘security versus privacy’ narrative,” said Danielle Kehl, policy analyst at the Open Technology Institute and primary author of the report. “But if you look closer, the more accurate story is that in the name of security, we’re trading away not only privacy, but also the U.S. tech economy, internet openness, America’s foreign policy interests and cybersecurity.”

And a reminder of Feinstein’s nature, this time as vulture capitalist via Pueblo Lands:

Richard Blum and Dianne Feinstein Make Big Investment in Foreclosure to Rental Housing

I’ve reported for a while now on the phenomenon of the Wall Street landlord. During the depths of the foreclosure crisis private equity firms and real estate investors bought up thousands of single family homes in Florida, Illinois, Arizona, Georgia, and especially California. These investors did quick rehabs on these properties and then rented them out, often to households that lost their homes between 2008 and 2013 due to the global financial crash. These elite investors bet that housing prices would rebound, and thanks to the actions of the US Federal Reserve and Treasury Department they did. They also bet that there would be a shift in America’s housing market toward more renter demand. Households that lost their savings and jobs have been forced into the rental market, creating an opportunity for those with capital to obtain higher returns on real estate.

One of the biggest investors in foreclosed single family homes has been Colony Capital, the private equity firm controlled by Thomas Barrack, Jr. Colony has purchased thousands of foreclosed houses in California and other states. Colony has also sustained recent complaints from tenants who accuse the company and its rental property managers of running slum housing and charging above-market rents. Activists in Los Angeles and other cities are now pressing local and federal officials to take a closer look at the Wall Street landlord business.

But some Washington D.C. insiders have already done due diligence with respect to the new corporate landlords. A recent financial disclosure filing by Richard C. Blum, husband of California Senator Dianne Feinstein, shows that Blum and Feinstein have made a major investment in Barrack’s Colony American Homes. As a member of the University of California Board of Regents Blum is required to disclose his economic interests each year. In his filing for 2014, Blum listed an investment in Colony American Homes Holdings, LP of over $1,000,000, making Blum and Feinstein major owners of one of the largest Wall Street landlord corporations.

From SECURITYWEEK, another cost of Big Brotherism run amok:

NSA Surveillance Programs Directly Damage Internet Security: Report

  • “The NSA has both weakened overall trust in the network and directly harmed the security of the Internet.”

A report published by the New America Foundation’s Open Technology Institute on Tuesday details the impact of NSA surveillance activities on the United Sates economy, foreign policy and Internet security.

There have been numerous discussions on the intelligence agency’s controversial spying programs over the past year, ever since former NSA contractor Edward Snowden started leaking classified information obtained from the organization’s systems. However, the Open Technology Institute argues that most discussions have revolved around the impact of surveillance programs on privacy and civil liberties, and not so much on how they affect the interests of the United States and the global Internet community.

The 64-page paper focuses on the costs to cybersecurity, the direct economic costs to U.S businesses, the economic and technological costs of data localization and data protection proposals, and political costs to American foreign policy.

Motherboard adds up other costs:

NSA Spying Will Cost US Tech Titans Billions, and That’s Just the Start

The National Security Agency spying scandal will cost the US technology and telecommunications industries billions of dollars in coming years if potential clients—including corporations and governments—take their business elsewhere following revelations of rampant US surveillance, according to a new study.

The financial cost to US corporate giants like IBM, Microsoft, Oracle, AT&T and Verizon is just the tip of the iceberg.

The NSA spying scandal, which was prompted by former NSA contractor Edward Snowden’s disclosure of classified documents, has already harmed US foreign policy efforts, jeopardized key relationships with US allies, and imperiled the ambitious US Internet Freedom Agenda, according to the report, which was published Tuesday by New America’s Open Technology Institute.

The basic architecture of the global internet could also be at risk if governments close off their networks in response to US surveillance efforts, the report warns.

From TechWeekEurope, a notable deal:

BlackBerry Buys Secusmart – The Firm That NSA-Proofed Merkel’s Phone

BlackBerry is to buy the German anti-eavesdropping solutions provider, Secusmart GmbH, which is already its partner in providing secure phones for Angela Merkel and other German officials.

BlackBerrywants to maintain its reuptation for security and capitalise on concerns about the snooping habits of the NSA, exposed by the whistleblower Edward Snowden. In 2013 it was revealed that German Chancellor Angela Merkel was a target of NSA eavesdropping, a move that soured Germany’s relationship with the US. However, it is believed that any attempts to crack her encryption likely failed, thanks to an ongoing agreement with Secusmart to provide BlackBerry phones with heightened security to German agencies and politicians.

BlackBerry announced the acquisition of Secusmart, for an undisclosed sum, and confirmed reports that the two organisation had previously collaborated to produce Secusmart-equipped BlackBerry phones for German government agencies, as well as German government leaders including Chancellor Angela Merkel.

From Techdirt, advice from Big Brother:

UK Government Report Recommends Ending Online Anonymity

  • from the dangerous-and-stupid dept

Every so often, people who don’t really understand the importance of anonymity or how it enables free speech (especially among marginalized people), think they have a brilliant idea: “just end real anonymity online.” They don’t seem to understand just how shortsighted such an idea is. It’s one that stems from the privilege of being in power. And who knows that particular privilege better than members of the House of Lords in the UK — a group that is more or less defined by excess privilege?

The Communications Committee of the House of Lords has now issued a report concerning “social media and criminal offenses” in which they basically recommend scrapping anonymity online. It’s not a true “real names” proposal — as the idea is that web services would be required to collect real names at signup, but then could allow those users to do things pseudonymously or anonymously. But, still, their actions could then easily be traced back to a real person if the “powers that be” deemed it necessary. Here’s the key bit:

From our perspective in the United Kingdom, if the behaviour which is currently criminal is to remain criminal and also capable of prosecution, we consider that it would be proportionate to require the operators of websites first to establish the identity of people opening accounts but that it is also proportionate to allow people thereafter to use websites using pseudonyms or anonymously. There is little point in criminalising certain behaviour and at the same time legitimately making that same behaviour impossible to detect. We recognise that this is a difficult question, especially as it relates to jurisdiction and enforcement.

And a German pol feels the heat, via EurActiv:

German minister under attack over Snowden remarks

Germany’s Justice Minister Heiko Maas has advised US whistleblower Edward Snowden to return to the United States, sparking outrage from opposition parties in the Bundestag. EurActiv Germany reports.

Maas has sparked criticism for suggesting Snowden should go back to the US amid an ongoing debate about whether the former National Security Agency (NSA) employee should testify in Germany on US surveillance activities.

“As we have heard, Snowden’s lawyers are in negotiations with American officials and looking into the possibility of Snowden returning to the US to go on trial,” Maas told the news agency DPA in Berlin.

“From Snowden’s point of view, I can completely understand this,” he said.

Homeland Security News Wire sounds an insecurity alert:

U.S. faces serious future threats in space

Gen. William Shelton, the commander of Air Force Space Command, said last week that U.S. dominance in space will be challenged by very real threats in the years ahead. The general said that those threats might consist of “jammers, lasers and tactical space nukes,” with any of these challenges exponentially more dangerous than in the past as the technology becomes more common.

Gen. William Shelton, the commander of Air Force Space Command, said last week that U.S. dominance in space will be challenged by very real threats in the years ahead.

As Defense One reports, the general also added that those threats might consist of “jammers, lasers and tactical space nukes,” with any of these challenges exponentially more dangerous thhan in the past as the technology becomes more common.

Off to Asia, starting with an Indian Watergate? From the Economic Times:

Nitin Gadkari bugging issue set to rock Parliament on Thursday again

Congress is set to keep up the heat on BJP over alleged bugging of Union Minister Nitin Gadkari’s house with the opposition party deciding to raise it aggressively in parliament for the second consecutive day tomorrow pressing for a discussion on the issue.

“We will raise it in Parliament tomorrow as well. There has to be a discussion on it, which culminates into an inquiry by a judge. We doubt that some internal agency is involved in the bugging.

“If a minister is being snooped, then it raises doubts that leaders of Opposition parties and other important personalities may also be facing it. That is why we say the inquiry should be done by a judge. The investigation has to be credible,” Leader of the Opposition in Rajya Sabha Ghulam Nabi Azad told reporters here.

Chinese internal security eruption from South China Morning Post:

Dozens of axe-wielding attackers shot dead by police during attacks in Xinjiang

Assailants wielding axes are shot dead by police during ‘organised and premeditated’ violence

Dozens of people, ethnic Han and Uygur, were killed or injured in at least one terror attack in the restive Xinjiang region early on Monday, state media reported late last night.

Xinhua said that a group of assailants, wielding knives and axes, attacked the government office and police station in Elixku township in Kashgar’s Yarkand, or Shache, county. Some attacked residents in neighbouring Huangdi township, the report said.

Police said they shot dead dozens of the attackers, describing the incident as an “organised and premeditated” act of terror.

Gaming in the Asian Game of Zones from the Japan Times:

India naval drill with Japan, U.S. seen as signal to China

Traffic at the Maritime Self-Defense Force base at Sasebo, Nagasaki Prefecture, is typically dominated by Japanese and U.S. warships, but in July it saw an unusual variety of vessel. An Indian frigate and destroyer docked en route to joint exercises in the Western Pacific.

The INS Shivalik and INS Ranvijay’s appearance at the port near Nagasaki showed Japan’s interest in developing ties with the South Asian nation as Prime Minister Shinzo Abe’s government faces deepening tensions with China. Japan for the third time joined the U.S. and India in the annual Malabar drills that usually are held in the Bay of Bengal.

With Abe loosening limits on his nation’s military, the exercises that conclude Wednesday showcase Japan’s expanding naval profile as China pushes maritime claims in disputed areas of the East and South China Seas. For newly installed Indian Prime Minister Narendra Modi, Japan’s attention adds to that of China itself, in an opportunity to expand his own country’s sway.

Another Japanese gambit, via Want China Times:

Japan and Brazil to make joint statement against China: Kyodo

Japanese prime minister Shinzo Abe and Brazilian president Dilma Rousseff are to announce a joint statement on August 1 which will include mention of counter-measures against China, reports Japan’s Kyodo International News on July 27.

A leaked draft of the statement says that both Japan and Brazil respect rule of law and that China’s declaration of an air defense identification zone (ADIZ) over the East China Sea last November and its growing aggression in the East and South China seas require counter measures. The draft states that “conflicts in the South China Sea should be resolved peacefully and in line with international law without the use of force or threat,” according to the report. The statement also says Japan and Brazil will cooperate in their efforts to reform the UN Security Council.

Both Sankei Shimbun and Nikkei Japan Review interpreted Abe’s visit shortly after Xi’s visits to the same region in early July, as intended to strengthen Japan’s influence in Latin America and to counter growing Chinese power there.

And for our final item, the wild card, upping ante. From the Japan Times:

North Korea may be closer to full ICBM test: U.S. think tank

  • Leading U.S. think tank says North Korea may conduct flight test soon

Fresh satellite images suggest North Korea might be wrapping up engine trials on an intercontinental ballistic missile, fueling speculation of a full-scale flight test to come, a U.S. think tank said Wednesday.

Development of a working ICBM would be a game-changing step, bringing the continental United States into range and adding a whole new threat level to the North’s regular nuclear-strike warnings.

“The rocket engine test program may wind down by the end of this year,” The U.S.-Korea Institute at Johns Hopkins University said on its closely followed 38 North website. “If the engine tests are concluded, the next stage in development of the KN-08 road-mobile ICBM may be full-scale flight tests of the missile.”

Quote of the day: The non-barking watchdog


From “The Secrecy Complex and The Press in Post-9/11 America,” a Chattaqua Institution speech delivered earlier this month by recently fired New York Times Executive Editor Jill Abramson. The full summary and an audio of the speech are here:

In her long career of covering Washington and in her executive role at the Times, Abramson has frequently been charged with deciding whether to print sensitive stories, calling this dilemma a “balancing test” in which members of the press weigh national security concerns against the public’s right to know about government activities.

In the aftermath of 9/11, Abramson said, the press listened closely to the government in deciding what to print. 

“In some ways, it wasn’t complicated to make that agreement, because the press always will not reveal certain sensitive intelligence information about, for instance, troop movements,” she said. “In general, you do not publish stories where you know publishing details are going to put anybody’s life in immediate danger.”

But as the Iraq War coalesced in 2003, Abramson admitted to a failure of the press to maintain true skepticism of the government.

“The press, in some ways, let the public down,” she said. “The press, including The New York Times , I will freely say, was not skeptical enough about the so-called ‘evidence’ about Saddam Hussein and weapons of mass destruction.”

The torture and prisoner abuse scandal at Abu Ghraib in 2003 and 2004 was another wake-up call to the press, Abramson said. Then, in 2005, the Times ran a Pulitzer Prize-winning story that revealed warrantless wiretapping by the National Security Agency — a report that had been held for a year at the behest of personnel within the Bush administration.