We begin with a twofer from Reuters:
South African spooks red-faced from latest spy data leak
A mass leak of South African espionage secrets will cause many foreign agencies to think twice before sharing information with Pretoria, hampering its efforts to walk a delicate diplomatic tightrope between East and West, experts said on Tuesday.
Britain’s Guardian paper and Gulf TV channel Al Jazeera said they had obtained hundreds of dossiers, files and cables from the world’s top spy agencies to and from South Africa, dubbing it “one of the biggest spy leaks in recent times”.
“A leak like this affects the credibility of the agencies and how they cooperate,” said Mike Hough, a retired professor from Pretoria University’s Institute for Strategic Studies. “It could lead to the termination of certain projects.”
From Al Jazeera, something many journalists have assumed for a half century:
Spy cables: Israel airline used as intelligence ‘front’
- Leaked documents reveal South Africa challenged Mossad over alleged clandestine security operations under El Al cover.
Secret cables obtained by Al Jazeera’s Investigative Unit confirm that South Africa’s spy agencies concurred with allegations that Israel uses its flag-carrier, El Al Airlines, as cover for its intelligence agencies.
Leaked documents from South Africa’s intelligence agency support claims made on a 2009 South African television programme by a former El Al employee-turned-whistleblower.
Despite official Israeli denials, the whistleblower’s claims prompted an emergency meeting between senior officials from both sides, as well as a separate note of enquiry from Canada’s intelligence agency.
Another leak, via the Guardian:
Spy cables: Greenpeace head targeted by intelligence agencies before Seoul G20
- South Korea’s intelligence service requested information about South African activist Kumi Naidoo in runup to leaders’ meeting in 2010
The head of Greenpeace International, Kumi Naidoo, was targeted by intelligence agencies as a potential security threat ahead of a major international summit, leaked documents reveal.
Information about Naidoo, a prominent human rights activist from South Africa, was requested from South African intelligence by South Korea’s National Intelligence Service (NIS) in the runup to a meeting of G20 leaders in Seoul in 2010.
He was linked in the intelligence request with two other South Africans who had been swept up in an anti-terrorist raid in Pakistan but later released and returned to South Africa.
And from Al Jazeera, faults revealed:
Spy Cables expose S Africa’s alarming security failings
- Secret documents reveal an array of security lapses and flaws within South African government and intelligence.
South African government and security agencies have left secrets exposed at every level and foreign spies have access to all areas of government, according to Intelligence documents obtained by Al Jazeera’s Investigative Unit.
A secret security assessment by South African intelligence says foreign espionage is booming, with more than 140 foreign spies estimated to be operating in South Africa – and that the South African state is doing a poor job of protecting itself.
They are thought to have gained access to government departments, ministries and “even the presidency” and are suspected of breaking into nuclear power plants, stealing military blueprints and hacking computers.
The report slams poor security awareness among civil servants, who regularly failing to observe the most basic procedures, leaving classified information unlocked and failing to adequately vet new recruits.
From the Los Angeles Times, a major security fail:
State Department official arrested, suspected of soliciting sex from minor
A senior State Department official who oversees counter-terrorism programs has been arrested on suspicion of of soliciting sex from a minor, authorities in Virginia said late Tuesday.
Daniel Rosen was arrested at his home in Washington, D.C., just after noon and is being held in the city’s jail on suspicion of use of a communications device to solicit a juvenile, said Lucy Caldwell, spokeswoman for the Fairfax County Police Department.
According to his LinkedIn profile, Rosen, 44, is the director of counter-terrorism programs and policy for the State Department. Police said they have notified the State Department of his arrest.
A kindred failure across the pond, via the London Telegraph:
Sir Malcolm Rifkind to step down as MP and resigns from security committee
- Tory MP Sir Malcolm Rifkind is to step down as an MP at the General Election and has also resigned as chairman of the Parliamentary Intelligence and Security Committee
Sir Malcolm Rifkind, the Conservative MP embroiled in cash for access allegations, is to step down as an MP at the General Election and has also resigned as chairman of the Parliamentary Intelligence and Security Committee.
Sir Malcolm was suspended by the Conservative Party pending an internal investigation on Monday after telling undercover reporters from The Telegraph and Channel 4’s Dispatches that he would use his position as a politician to help a fictitious Chinese company.
His decision to stand down as the Conservative MP for Kensington means there will be a contest for one of the Conservative Party’s safest seats.
The Guardian exposes a case of Chicago P.D. reality rising to film noir levels:
Chicago’s Homan Square ‘black site’: surveillance, military-style vehicles and a metal cage
- This building looks innocent enough. But those familiar with the secretive interrogation and holding facility describe a shocking display of police abuses
From the outside, you have to concentrate to realize Homan Square is a police facility. At first glance, it’s an unremarkable red brick warehouse, one of a handful on Chicago’s west side that used to belong to Sears Roebuck, complete with roll-up aluminum doors. No prominent signage tells outsiders it belongs to the police. The complex sits amidst fixtures in a struggling neighborhood: a medical clinic, takeout places, a movie theater, a charter school.
But a look at what surrounds the warehouse gives clearer indications of Homan Square’s police business. The yellow barrier for cars at the street checkpoint. The vans in the motor pool marked Chicago Police Forensic Services parked next to the unmarked cars. The black-and-white checkered door to match the signature pattern on Chicago police hats. The floodlights on the roof. The guy with a gun walking outside and smoking a cigarette in a black windbreaker with POLICE written on the back.
Over the years Homan Square has formed a backdrop for high-profile drug seizures, where Chicago officials or cops display cocaine, marijuana and guns taken off the street. The rock group Portugal.The Man reportedly sent Homan Square detectives three dozen doughnuts – plus croissants and danishes – in gratitude for helping the band recover stolen music equipment.
But its interrogations function is less well known, even to close observers of Chicago police. Anthony Hill, an attorney, said he once made it into Homan Square, to the surprise of police, and said he saw “four, five cells,” describing it as a “bare-bones police station.
“When I got in, they were so shocked I was there they didn’t know what to do with me,” he said.
The Hill takes a profitable spin through the revolving spooky door:
NSA staffers rake in Silicon Valley cash
Former employees of the National Security Agency are becoming a hot commodity in Silicon Valley amid the tech industry’s battle against government surveillance.
Investors looking to ride the boom in cybersecurity are dangling big paydays in front of former NSA staffers, seeking to secure access to the insider knowledge they gained while working for the world’s most elite surveillance agency.
With companies desperate to protect their networks against hackers, many tech executives say the best way to develop security products is to enlist the talents of people who have years of experience cracking through them.
“The stories he could tell,” venture capitalist Ray Rothrock recalled about his meetings with a former NSA employee who founded the start-up Area 1 Security. “They come with a perspective that nobody in Silicon Valley has.”
From the Verge, from their resumes:
The NSA’s SIM heist could have given it the power to plant spyware on any phone
Last week, The Intercept published shocking new documents detailing a campaign by US and UK spies to hack into the SIM manufacturer Gemalto, stealing crucial encryption keys that protect and authenticate cellphone signals. But while it was clearly a major attack, I had a hard time seeing the operational benefits for the world’s spy agencies. SIM encryption only protects calls between your phone and the cell tower, which means any would-be surveillers would need to stay within a mile of the target. It’s also puzzling because carriers are often happy to hand over all their data with a blanket court order. Why would the GCHQ go to so much trouble for access to data they mostly already have?
But in the days since the report published, there’s been concern over an even more frightening line of attack. The stolen SIM keys don’t just give the NSA the power to listen in on calls, but potentially to plant spyware on any phone at any time. Once the stolen keys have bypassed the usual protections, the spyware would live on the SIM card itself, undetectable through conventional tools, able to pull data and install malicious software. If the NSA and GCHQ are pursuing that capability, it could be one of the biggest threats unearthed by Snowden so far.
Our earlier report focused on the Ki keys, used to encrypt traffic between the phone and the tower — but this new attack uses a different set of keys known as OTA keys, short for “over-the-air.” Each SIM card gets its own OTA key, typically used to remotely install updates. Manufacturers can send a binary text message directly to the SIM card, and as long as it’s signed with the proper OTA key, the card will install the attached software without question. If those keys were compromised, it would give an attacker carte blanche to install all manner of spyware. Researcher Claudio Guarnieri, who’s researched the Snowden documents extensively, says the OTA keys could make the Gemalto heist the most important news to come out of the documents so far. “It’s scary,” Guarnieri says. “If the NSA and GCHQ have obtained a large quantity of OTA keys, we’re facing the biggest threat to mobile security ever.”
From the Guardian, real class-y AT&T:
AT&T is putting a price on privacy. That is outrageous
- Poor customers should not have to choose between being spied on and forking over money
Imagine if the postal service started offering discount shipping in exchange for permission to scan every letter you receive and then target you with junk mail based on the contents of your personal mail.
One of the largest telecommunications companies in America, AT&T, is doing just that for customers of its super-fast gigabit broadband service, which is rolling out in select cities. Though a few months ago, it dropped the use of an undeletable “supercookie” that tracked subscribers’ web browsing activity, AT&T reportedly plans to track and monetize its broadband customers’ internet activity – “webpages you visit, the time you spend on each, the links or ads you see and follow, and the search terms you enter” – to deliver targeted “ads online, via email or through direct mail”.
The tracking and ad targeting associated with the gigabit service cannot be avoided using browser privacy settings: as AT&T explained, the program “works independently of your browser’s privacy settings regarding cookies, do-not-track and private browsing.” In other words, AT&T is performing deep packet inspection, a controversial practice through which internet service providers, by virtue of their privileged position, monitor all the internet traffic of their subscribers and collect data on the content of those communications.
What if customers do not want to be spied on by their internet service providers? AT&T allows gigabit service subscribers to opt out – for a $29 fee per month.
After the jump, ghoulish corporate vultures follow our health concerns online, a Dutch university occupation evicted, Germans lose faith in democracy, the Anthem health data breach scope widens, widespread ongoing hack points persist in many aps, denial of service attacks target Google in Vietnam, on to the Mideast and an Assyrian Christian army mobilizing to fight ISIS, a Saudi apostasy death sentence, a Pakistani cell phone fingerprint requirement, pushing for a North Korean nuclear surrender, China raises NATO hackles with a missile sale to Turkey, Hong Kong delegates to the Beijing legislature call for a crackdown, Shinzo Abe aims for more power for military commanders, more Okinawan anger over an American military base move, and a Japanese human rights downgrade. . . Continue reading