In 1983, the US got a tip-off that the Soviets had designed a new breed of hard-to-find bug, capable of relaying information from office equipment. The Moscow Embassy had more than ten tons of gear, all of which was immediately suspect. It had to be fixed, and now. Problem one: how do you replace it all? Problem two: how do you get the old stuff back? Problem three: what on earth were they looking for? What they found surprised them! A tale of bureaucracy, secrecy, narrow corridors and IBM Selectrics that weren't quite what they seemed. (SL NSA PDF)
This week's Glenn Greenwald revelation is that Britain's GCHQ JTRIG intelligence organization offers its agents and planners tools with abilities to increase the search ranking of chosen web sites, “change outcome of online polls”, “masquerade Facebook Wall Posts for individuals or entire countries”, and accomplish “amplification of a given message, normally video, on popular multimedia websites (Youtube).” [more inside]
An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.
"Flame" is the name of a newly-identified malware program which utilizes a previously unknown MD5 collision attack to successfully spoof Microsoft Terminal Services, and install itself as a trusted program using Windows Update, Microsoft has confirmed. The program appears to have targeted computers in the Middle East, and specifically Iran; analysts have alleged it is likely created by the same entity that designed Stuxnet. Flame has been live and actively spying since 2010, but went undetected until recently, due to sophisticated anti-detection measures. [more inside]
He leaves his cellphone and laptop at home and instead brings "loaner" devices, which he erases before he leaves the US and wipes clean the minute he returns . In China, he disables Bluetooth and Wi-Fi , never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery , for fear his microphone could be turned on remotely. He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, "Chinese are very good at installing key-logging software on your laptop." - Travel precautions in the age of digital espionage.
This is an ironic tale of the consequences of inept application of cryptographic tools. Or is it? Dan Egerstad, a Swedish hacker, gained access to hundreds of computer network accounts around the world, belonging to various embassies, corporations and other organizations. How did he do it? Very easily: by sniffing exit traffic on his Tor nodes. [more inside]
Recipients of "Leaks" May Be Prosecuted, Court Rules In a momentous expansion of the government's authority to regulate public disclosure of national security information, a federal court ruled that even private citizens who do not hold security clearances can be prosecuted for unauthorized receipt and disclosure of classified information. The ruling by Judge T.S. Ellis, III, denied a motion to dismiss the case of two former employees of the American Israel Public Affairs Committee (AIPAC) who were charged under the Espionage Act with illegally receiving and transmitting classified information. The decision is a major interpretation of the Espionage Act with implications that extend far beyond this particular case. The Judge ruled that any First Amendment concerns regarding freedom of speech involving national defense information can be superseded by national security considerations.
Global Options, Inc. Have you been unfairly attacked by: the media? trial lawyers? disgruntled workers? terrorists? overzealous federal regulators? competitors? hackers? industrial spies? one-issue activists? extortionists? intellectual property thieves? or even the Russian mafia? Global Options has your back. [warning: radar beeps.]
Bob Cringely thinks the government's information gathering capability is a disaster waiting to happen. Does our government have too much faith in computers as a solution to our problems? Just as electronic voting is looked at skeptically by the computer-savvy among us, so should the use of computers to gather information.
For all your middle east rumor mill needs Just another alternative media, highly speculative source for rumors... blah, blah, blah Quite a few of their "stories" have been confirmed as of late. Maybe it's worth another look for those of you who have never been.
An article on espionage and security lapses? FBI says No Thanks The FBI has seized a computer hard drive used by former Energy Department intelligence chief Notra Trulock, concerned that he may have included classified data in a proposed article. Or maybe they just wanted to spell check it for him.