Hedge Funds Piled Into National Storage Affiliates Trust (NSA) At The Right Time – Yahoo Finance

Does National Storage Affiliates Trust (NYSE:NSA) represent a good buying opportunity at the moment? Lets quickly check the hedge fund interest towards the company. Hedge fund firms constantly search out bright intellectuals and highly-experienced employees and throw away millions of dollars on satellite photos and other research activities, so it is no wonder why they tend to generate millions in profits each year. It is also true that some hedge fund players fail inconceivably on some occasions, but net net their stock picks have been generating superior risk-adjusted returns on average over the years.

National Storage Affiliates Trust (NYSE:NSA) was in 18 hedge funds' portfolios at the end of the second quarter of 2019. NSA has experienced an increase in enthusiasm from smart money lately. There were 16 hedge funds in our database with NSA positions at the end of the previous quarter. Our calculations also showed that NSA isn't among the 30 most popular stocks among hedge funds (see the video below). Video: Click the image to watch our video about the top 5 most popular hedge fund stocks.

5 Most Popular Stocks Among Hedge Funds

According to most investors, hedge funds are seen as worthless, outdated investment vehicles of years past. While there are more than 8000 funds in operation at present, We choose to focus on the leaders of this group, around 750 funds. It is estimated that this group of investors command most of all hedge funds' total capital, and by watching their first-class equity investments, Insider Monkey has come up with various investment strategies that have historically outperformed the broader indices. Insider Monkey's flagship hedge fund strategy outrun the S&P 500 index by around 5 percentage points per year since its inception in May 2014. We were able to generate large returns even by identifying short candidates. Our portfolio of short stocks lost 25.7% since February 2017 (through September 30th) even thoughthe market was up more than 33% during the same period. We just shared a list of 10 short targetsin our latest quarterly update .

Unlike former hedge manager, Dr. Steve Sjuggerud, who is convinced Dow will soar past 40000, our long-short investment strategy doesn't rely on bull markets to deliver double digit returns. We only rely on hedge fund buy/sell signals. Let's analyze the recent hedge fund action encompassing National Storage Affiliates Trust (NYSE:NSA).

Heading into the third quarter of 2019, a total of 18 of the hedge funds tracked by Insider Monkey were long this stock, a change of 13% from the previous quarter. The graph below displays the number of hedge funds with bullish position in NSA over the last 16 quarters. With the smart money's capital changing hands, there exists an "upper tier" of noteworthy hedge fund managers who were upping their stakes considerably (or already accumulated large positions).

No of Hedge Funds with NSA Positions

Story continues

Of the funds tracked by Insider Monkey, Renaissance Technologies has the most valuable position in National Storage Affiliates Trust (NYSE:NSA), worth close to $44.2 million, accounting for less than 0.1%% of its total 13F portfolio. The second largest stake is held by Millennium Management, led by Israel Englander, holding a $20 million position; less than 0.1%% of its 13F portfolio is allocated to the company. Other professional money managers that are bullish include Paul Marshall and Ian Wace's Marshall Wace LLP, David Harding's Winton Capital Management and Jonathan Barrett and Paul Segal's Luminus Management.

As industrywide interest jumped, some big names have been driving this bullishness. Luminus Management, managed by Jonathan Barrett and Paul Segal, established the largest position in National Storage Affiliates Trust (NYSE:NSA). Luminus Management had $9.7 million invested in the company at the end of the quarter. Benjamin A. Smith's Laurion Capital Management also initiated a $0.9 million position during the quarter. The other funds with new positions in the stock are Matthew Tewksbury's Stevens Capital Management, Richard Driehaus's Driehaus Capital, and Michael Gelband's ExodusPoint Capital.

Let's go over hedge fund activity in other stocks - not necessarily in the same industry as National Storage Affiliates Trust (NYSE:NSA) but similarly valued. We will take a look at Prosperity Bancshares, Inc. (NYSE:PBH), Silicon Motion Technology Corporation (NASDAQ:SIMO), SSR Mining Inc. (NASDAQ:SSRM), and Newmark Group, Inc. (NASDAQ:NMRK). This group of stocks' market valuations match NSA's market valuation.

[table] Ticker, No of HFs with positions, Total Value of HF Positions (x1000), Change in HF Position PBH,15,66050,2 SIMO,12,141488,-1 SSRM,16,139260,3 NMRK,16,102144,-8 Average,14.75,112236,-1 [/table]

View table hereif you experience formatting issues.

As you can see these stocks had an average of 14.75 hedge funds with bullish positions and the average amount invested in these stocks was $112 million. That figure was $132 million in NSA's case. SSR Mining Inc. (NASDAQ:SSRM) is the most popular stock in this table. On the other hand Silicon Motion Technology Corporation (NASDAQ:SIMO) is the least popular one with only 12 bullish hedge fund positions. Compared to these stocks National Storage Affiliates Trust (NYSE:NSA) is more popular among hedge funds. Our calculations showed that top 20 most popular stocks among hedge funds returned 24.4% in 2019 through September 30th and outperformed the S&P 500 ETF (SPY) by 4 percentage points. Hedge funds were also right about betting on NSA as the stock returned 16.4% during Q3 and outperformed the market by an even larger margin. Hedge funds were clearly right about piling into this stock relative to other stocks with similar market capitalizations.

Disclosure: None. This article was originally published at Insider Monkey.

Related Content

Read the rest here:

Hedge Funds Piled Into National Storage Affiliates Trust (NSA) At The Right Time - Yahoo Finance

Posted in NSA

NSA: ‘We know we need to do some work’ on declassifying threat intel – CyberScoop

Written by Shannon Vavra Oct 24, 2019 | CYBERSCOOP

One of the National Security Agencys newly minted Cybersecurity Directorates goals is to quickly share information on adversarial threats with the private sector but the process for doing that needs to be refined, the directorates leader said Thursday.

The process in place today is where we know we need to do some work, Anne Neuberger said while speaking at CyberTalks, produced by CyberScoop. When we find indications of a threat, we see planning to execute a particular operation, or we see the operation being executed. [But] because we learn about it in a classified way, we treat it as classified.

Part of the difficulty the NSA faces is that adversaries often run operations and then discard their compromised infrastructure, making a protracted declassification process nearly useless since indicators of compromise pretty much they have a ticking time clock for how useful they are, Neuberger said.

The new directorate, which started operations earlier this month, is measuring success by examining how well it is able to prevent attacks moving forward.

Have we used threat intelligence, have we used security guidelines, have we worked with the network owner? are the questions the NSA needs to be asking itself moving forward, Neuberger said.

Its not clear what specific metrics the NSA will use to determine whether the new directorate is successful, but Neuberger said the unit will be asking government partners whether it has made a difference in their security.

Inevitably, deciding who will talk with the private sector about nation-state threats NSA or the Department of Homeland Security will involve the DHSsCybersecurity and Infrastructure Security Agency, given that the intelligence agencys authorities dont pertain to critical infrastructure, CISA Director Chris Krebs told reporters at CyberTalks.

By its very nature, Title 50 organizations should not be really researching and understanding how American critical infrastructure works. Thats my job working with Treasury [Department], working with [the Department of] Energy, Krebs said. Title 50 is the part of U.S. Code that covers intelligence agencies.

It may make sense for the NSA to take point and work directly with the private sector if the agency has interest in a specific threat, Krebs said.

But on critical infrastructure and threats to U.S. elections, Krebs thinks DHS should take the reins.

In the traditional critical infrastructure spaces, we would look to take the lead based on our relationships, based on our understanding of how to work with those folks, Krebs said. Since we have the relationship with the state and local election officials we think its probably most effective right now that we help harness various [intelligence] pieces and then put it in the hands of the network defenders in the local election jurisdictions.

Excerpt from:

NSA: 'We know we need to do some work' on declassifying threat intel - CyberScoop

Posted in NSA

The biggest tech scandals of the 2010s, from NSA spying to Boeing’s deadly crashes to WeWork – Business Insider

As the tech and information industries boomed in the 2010s, the decade was also rocked by scandals across both industries.

Tech companies are increasingly at the center of political and social issues in the US and across the globe, and the past 10 years saw a wave of abuses of power, failed business ventures, and disastrous gadget rollouts.

Facebook, Apple, and Google some of the most powerful tech companies in existence were the most frequent sites of scandal. However, startups and fringe organizations saw their share of infamy over the past ten years as well. And then there were the NSA spying revelations from whistleblower Edward Snowden.

Here are the biggest tech scandals from 2010 to the present.

Read the original:

The biggest tech scandals of the 2010s, from NSA spying to Boeing's deadly crashes to WeWork - Business Insider

Posted in NSA

Meet Tom Drake, the NSA Whistleblower Cheney Wanted to ‘Fry’ – The American Conservative

Thomas Drake. Credit: Adam Berry/Getty Images

Find and fry the leaker or leakers. Burn them. We have to make an example of them.

Vice President Dick Cheney issued that edict after whistleblower Thomas Drake, a former senior executive at the NSA, revealed the unconstitutional mass surveillance regime that had been instituted after 9/11, Drake himself said in a recent interview with The American Conservative.

The constant drumbeat of demands to reveal the names of whistleblowers who filed a complaint against President Trump gives Drake horrible flashbacks, he says. And while Republicans endlessly repeat that the American people have a right to know their identities, Drake doesnt agree.

The identity of the whistleblower is irrelevant, he says. The focus should be on the message, not the messenger. The information that was provided doesnt require the whistleblower to come before Congress. (Congress has been issuing subpoenas to first-hand witnesses to substantiate the complaint.)

I have major concerns for the safety of the whistleblower, Drake continues. The president of the United States hasnt minced words in terms of his perspective. If you call out the behavior of a presidenttheyre going to counterattack. Mine happened behind closed doors. The counterattack on the Ukraine whistleblower is occurring in full view of the public.

Drake says safety concerns are all the more salient because the president is fully exposed here. He has enormous power.

Drake recalls how in his case he was warned by senior leadership at the NSA: They were looking for leakers to Congress. The warning was crystal clear: you cooperate with them at your peril.

The way the Trump administration is responding tells you that the whistleblowers disclosures hit close to homejust like mine did, Drake says. The degree to which the government responds to a whistleblower complaint is the degree to which the whistleblowers disclosures are accurate.

Drake knows what its like to become a target of the state. He earned Cheneys wrath when he was working as a senior level official at the National Security Agency (NSA) after September 11, 2001. Alarmed by the NSAs warrantless surveillance of Americans, Drake reported it to the Inspectors General and to congressional committees. In 2007, after a reporter for the Baltimore Sun published articles on the waste, fraud, and abuse at the NSA, FBI agents, guns blazing, raided the homes of the people who had worked on the Inspector General report and took their computers, books, and papers. In 2010, Barack Obamas administration indicted Drake under the Espionage Act. Members of Congress, he says, were calling him a traitor.

They wanted me to be sent to prison in an orange jumpsuit. I was facing 35 years. The prosecutors were saying that I was worse than a spy, he says, pointing out how Trump has used the similar language to describe the Ukraine whistleblower.

After the leak, Drake was unable to find work in the intelligence community. To support his family, he worked at an Apple store. Eventually all 10 felony charges against him were dropped and a plea deal struck on the eve of the trial. Drake was sentenced to community service and probation. U.S. District Judge Richard D. Bennett refused to impose a fine, calling the governments decision to drag Drake and his family through four years of hell only to drop all felony charges at the last minute unconscionable.

Because he experienced the heavy personal toll of living as a whistleblower, Drake says he has concern for the blowback todays whistleblowers will face.

Your entire life gets blown up and theres no going back to the way it was before, he says. If theres an actual vote for impeachment, then the whistleblowers life will never be the same.

Historically, whistleblowers have a love/hate relationship particularly with those in power, says Drake. If youre in power you dont like them at all.

Weird things happen when you become president, Drake says. I saw what happens to people when they have power: it does affect you, believing you affect the lives of others. Its incredibly tempting to abuse power; its seductiveness is overwhelming.

Drake sounds like an idealist when he talks about the presidents duties under the Constitution, though its striking the amount of personal courage it takes to report government wrongdoing. He lost his job; he almost lost his freedom.

The media took a long time to cover Drakes case favorably. At first they accepted the Obama administrations narrative that Drake was a spy who must have done something awful, he says. But thanks in part to Jane Mayers reporting at the New Yorker, journalists slowly began to question whether he was really an enemy of the state. Drake went on to win the Ridenhour Truth Telling Prize while still facing felony charges.

The whistleblowers on Ukraine havent been subjected to the hell Drake endured because their complaint is public and highly politicized, says Drake. Trumps such a lightning rod.

Still, he says, its appalling that some reports wax poetic and yearn for the presidencies of George W. Bush and Barack Obama.

Just like his predecessors, Drake charges, Trump has been utterly unfaithful to the constitution.

Barbara Boland isThe American Conservatives foreign policy and national security reporter. Follow her on Twitter@BBatDC.

See original here:

Meet Tom Drake, the NSA Whistleblower Cheney Wanted to 'Fry' - The American Conservative

Posted in NSA

EXCLUSIVE Last Punched Tape Crypto Key Rolls off the NSAs Machines – Computer Business Review

Add to favorites

After decades in use, last paper tape crypto key punched

The USs National Security Agency (NSA) has ended production of punched paper tape cryptographic keys after over 50 years use; making its final shift to an electronic cryptographic key production and distribution architecture.

An agency spokesman confirmed to Computer Business Review that the last NSA punched tape key had rolled off its machines on October 2, 2019. Such keys were used to encrypt military and other communications, and needed to be physically entered into devices that could store the key, then shipped around the world.

The technology, which uses paper-mylar-paper tape rolls punched with holes to store cryptographic keys (a hole represents a binary 1, and the absence of a hole a binary 0) remains in use in the UK, particularly by the Ministry of Defence.

The NSA only confirmed the end of the programme and declined to provide an image of the now obsolete kit.

Neal Ziring, technical director of the NSAs Capabilities Directorate, told us earlier this year that the signals intelligence agency produced millions of the physical crypto keys per year during the 1980s but was now down to the hundreds annually.

He joked of the last production run: Well probably have a party.

Such cryptographic keys (used for symmetric algorithms widely deployed by the military) are physically shipped around the country in tamper-proof canisters.

Ziring attributed the longevity of the technology, despite digital alternatives, to slow military equipment replacement cycles: Once the military gets a tactical radio or something that they like, they tend to use it for a long while.

Weve been working with our military partners to get them off key tape for, oh jeez, well over a decade; probably longer.

Physical keys remain in widespread use in the UK. In 2018 the UK Key Production Authority, which sits under the NCSC, processed[pdf] 3,800 orders for key material; or 145,000 physical keys for 170 customers across government.

Richard Flitton, managing director ofL3 TRL; a Tewkesbury-based specialist in advanced electronic security systems, earlier told Computer Business Review that ongoing use of the technology was a security issue.

He said: Theres two issues here: one is that youve got to distribute the key, so youve got to physically move the things around the country or even overseas. If youre moving things theyre vulnerable to being intercepted or compromised. Then secondly theres the cost and logistical burden of doing all that.

The authority has a huge challenge to produce all those keys and then its got a challenge to distribute and install them all. I wont describe what happens. But if Joe Public knew, you would think this was all a bit 1960s really.

As Ziring explained earlier, digital cryptographic key management rendered comsec accounting and logistics a lot more straightforward.

In terms of how that works: A base or a depot would have an outpost of the key management system there are various form factors for that right on base.

If theyre trying to put keys into some military aircraft; theyd have fill devices in the hanger, you fill up the key fill device from the KMS, you take it around the airplanes youre talking about walking a couple hundred meters Its not like trying to ship it [a punched tape key] from Maryland out to a base from the other side of the world.

Such tape can either be used as a one-time key, roughly equivalent to a one-time pad to directly encipher a message (this was long ago phased out) or used to store a crypto variable; the key for a symmetric algorithm.

A blog by the NSA itself described the technology: Each 5,000 foot roll of Paper-Mylar-Paper-tape moving through the production line at one foot per second represented the raw material on which the COMSEC key would be punched and printed.

Keeping the punch and print operations moving with the necessary speed and precision presented a serious engineering challenge. Borrowing from the technology of magnetic tape drives, the development team came up with vacuum wells which were incorporated into the system to physically regulate the flow of the tape.

The software development engineer and crypto software programmers of such punch, verification, print (PVP) systems in the 1970s had to write the main system software for the DEC PDP-11 computer that would import cryptologic key and oversee the entire tape production process entirely in assembly language.

This task was daunting and would be considered the equivalent of travelling from Baltimore to Los Angeles on hands and knees by todays programmers.

Follow this link:

EXCLUSIVE Last Punched Tape Crypto Key Rolls off the NSAs Machines - Computer Business Review

Posted in NSA

Is This a Room Dramatizes the Interrogation of NSA Leaker Reality Winner – TheaterMania.com

If the FBI comes to your house, don't let them snoop around until they show you a warrant and for God's sake, don't talk to them until you have a lawyer present. That is the most useful lesson from director Tina Satter's Is This a Room, now playing at Vineyard Theatre. But this white-knuckle thriller based on true recent events contains more complicated observations about fear, intimidation, and how power mostly exerts itself in silence.

Satter uses as her script the verbatim transcript of the recording FBI agents Justin Garrick (Pete Simpson) and R. Wallace Taylor (T.L. Thompson) took the afternoon of June 3, 2017, shortly before the FBI arrested NSA contractor Reality Winner (Emily Davis). Winner was an Air Force veteran and specialist in Farsi, Dari, and Pashto. After leaving the military, she took a job as a translator with Pluribus, an organization that contracts with the NSA. Through her top-secret security clearance, she was able to access classified documents at work, including one that was leaked to online news source The Intercept revealing attempts by Russian intelligence to directly interfere with polling places during the 2016 election. In 2018, Winner pleaded guilty to leaking the document and was sentenced to five years, three months in federal prison the longest term ever to be given to someone for releasing government information to the media.

Winner's case raises unsettling questions about how the security state fits into our republic: Why is so much information gathered with our tax dollars withheld from us? Are leakers like Winner American patriots or threats to national security? Is it right that worker bees like Winner languish in prison while well-lawyered national security threats like Michael Flynn and Rudy Giuliani walk free? Is This a Room deals with none of these questions, but it does grippingly dramatize the moment when the cudgel of the state knocked down Reality Winner's door.

From the moment agents approach her, Winner knows she's in trouble. Small talk meant to keep the situation casual (but breathlessly delivered by all cast members) only seems to make things more awkward. Sattler reads a level of danger hidden beneath the anodyne chitchat of the transcript, and she brings that to her nerve-racking staging. The agents loom around her, invade her personal space, and breathe down her neck. Simpson and Thompson enact a classic good cop-bad cop routine, which is rendered no less effective for its transparency. The presence of an unnamed third male (Becca Blackwell) makes it clear that Winner is completely outnumbered.

All of this seems designed to undermine the government's narrative that Winner's confession (delivered without counsel and before any Miranda rights were read) was given freely. While the agents repeatedly state that this conversation is "voluntary," their menacing body language tells an entirely different story. Most damning is the presence of Winner's cat and dog, adorably fashioned by puppet designer Amanda Villalobos. Based on the vaguely threatening way Blackwell handles them alone, we understand that there will be consequences if Winner doesn't comply.

Davis plays Winner like she has just been caught with her hand in the cookie jar. Her childlike voice betrays guilt and fear from the earliest moments, and it only gets worse from there until she is standing with her hands over her crotch and her eyes downcast, like a little girl who has just wet herself. It's an interpretation of this Air Force veteran and powerlifter who regularly worked out within the testosterone-soaked walls of a CrossFit gym that I found hard to swallow. Did Reality Winner really crumple so completely?

While I intellectually bristled at Satter and Davis's infantilizing interpretation of Winner, that was only after I left the theater, and after I stopped feeling the real anxiety that Is This a Room conjures: Sattler's powerful blocking comes into sharp relief on Parker Lutz's unadorned platform set. The audience is seated in traverse, with the bulk of us staring at a singular line of brave souls seated opposite. Enver Chakartash faithfully re-creates the actual outfit Winner was wearing the day of her arrest, as captured by this snapshot. It leaves her exposed and vulnerable in the face of the handguns and (in Blackwell's case) body armor worn by the agents.

Lee Kinney and Sanae Yamada's aggressive sound design introduces disorienting alien noises to the theater, while Yamada's original music maintains an air of tension. Lighting designer Thomas Dunn has developed a clear convention for the redacted parts of the transcript: A magenta pulse for single words, a short blackout for full sentences. We are left briefly to contemplate in the dark how there are still aspects of this story that our government seeks to hide from us.

All of this created a feeling of anxiety that I've rarely encountered since I was a child being called on the carpet by some adult. Perhaps we are trained from an early age to revert to this red-eared state: From the all-seeing eye of Santa to the awesome surveillance apparatus of the NSA, our culture seems designed to infantilize us before authority. Through sharp design and gripping performances, Satter shows how even the strongest of us become weeping children in the face of the awesome power of the federal government. Does that sound like the land of the free to you?


See the original post here:

Is This a Room Dramatizes the Interrogation of NSA Leaker Reality Winner - TheaterMania.com

Posted in NSA

The Key Facts On National Storage Affiliates Trust ($NSA) (2019-10-28) Urgence News – Urgence News

2019-10-28 (URGENCE NEWS) | Welcome! Today I did some analysis on National Storage Affiliates Trust based on how it has behaved over the past few trading sessions. First of all, please note that this is technical analysis only (ie. analyzing how NSA is trading, not digging into the company fundamentals), and therefore you should not rely only on this to guide you on whether you should buy or sell NSA take it with a grain of salt only, and pay attention to the disclaimer below. With that said, many traders find value in technical analysis and others even swear by it, so if that is you, I hope my analysis will be of use to you. Lets get to it

First things first: during its last day of trading, NSA opened at 35.48, got to a maximum price of 35.48 and dropped to as low as 34.72 before finishing the session at 34.76. In total there were 399000 shares traded, which is enough to conduct our analysis.

VOLUME ANALYSIS: Generally, the higher the volume indicators are, the better you need liquidity to trade, after all. All of the volume indicators are as follows (click here for an explanation on volume)

VOLATILITY INDICATORS: These are what tell you how much the stock has really been moving around. We have calculated all of them (click here for an explanation on volatility)

Now for the most important indicator of all, the trend. Is the stock bullish or bearish? Is it going up or down? Various trend indicators can give us a good indication (click here for an explanation on trend)

Now for momentum. Relative strength is what you want to pay attention to here (click here for an explanation on momentum)

And for the final and simplest part: the return. No complicated calculations needed here!

THE VERDICT: For today (2019-10-28), our analysis of technical indicators for National Storage Affiliates Trust ($NSA) indicates the following (thanks to Trading View for the widget):

The verdict above will consider all these technical indicators and consider which are strong and weak, and then put them all together to come up with a conclusion stating whether NSA is strong or weak. Again this is not a reliable indication of whether National Storage Affiliates Trust is a good investment! None of these indicators consider the company fundamentals. All of this data is based on how it trades only.

What tools do we think are useful for NSA investors? We have identified a handful of great services and software products that we feel comfortable recommending. The first (and main) thing you should take a look at is the Beat The Market Analyzer software, but we also recommend 3 other products. These are Dividend Stocks (an excellent resource to find stocks that may pay far better than NSA), Microcap Millionaires (the best site online for profiting off micro-cap stocks) and Trading Code (an extremely powerful system for profiting off trading). These recommendations are valid for NSA investors as of 2019-10-28.

DISCLAIMER: We are not registered investment advisers and the above analysis should be taken at face value only. We strongly advise against buying or selling National Storage Affiliates Trust ($NSA) based solely on our analysis above, and are not responsible for any losses that you may incur if you choose make any investment decisions based on the above.

Mailing address: Rua do Cisne 1059, Campo Limpo Paulista, So Paulo 13234-432Phone number: (11) 3953-7297Email: julio@urgence.tv

View original post here:

The Key Facts On National Storage Affiliates Trust ($NSA) (2019-10-28) Urgence News - Urgence News

Posted in NSA

28 EU MPs on private visit to J&K tomorrow, briefed by NSA and PM – National Herald

A delegation of 28 MPs of the European Parliament were briefed on the situation in Kashmir on Monday in New Delhi by the National Security Advisor Ajit Doval and the Prime Minister. The delegation, on a private visit, is expected to fly to Kashmir on Tuesday. It is not clear though whether they will be allowed to meet the incarcerated political leaders including the three former chief ministers of Jammu & Kashmir, Farooq Abdullah, Mehbooba Mufti and Omar Abdullah.

The visit comes barely a week after a scathing hearing on Kashmir at the US House of Representatives, followed by the request of six US Senators for permission to visit Kashmir and see the ground realities for themselves.

The private visit of the EU delegation appears to be part of Government of Indias campaign to reassure the international community that there is no violation of human rights in J & K, that by and large the situation on the ground has remained peaceful and normal and that people in J & K by and large have accepted the revocation of Article 370 and Article 35A.

See the original post:

28 EU MPs on private visit to J&K tomorrow, briefed by NSA and PM - National Herald

Posted in NSA

Healthy ageing talks and courses for the elderly by NSA – The New Paper

There is something for everyone at the Active Ageing Nuggets event organised by the National Silver Academy (NSA).

Seniors can pick up valuable knowledge and tips on how to age well through the dozens of talks and specially curated educational videos.

Interesting topics include dementia, traditional Chinese medicine, acupuncture, financial literacy planning for retirement, caregiving and IT skills.

There will also be health and nutrition talks, as well as sharing of tips on how to reduce diabetes and hypertension and the signs and symptoms to look out for. The elderly can also sign up for some NSA courses after the talks.

Held at Heartbeat @ Bedok Atrium, Level 1, the Active Ageing Nuggets will take place from 11am to 8pm on Nov 1 and 2. Admission is free and no registration is required. Seats for the talks are on a first-come-first-served basis. Participants can also enjoy movie screenings with family and friends.

NSA is a network of post-secondary education institutions and community-based organisations offering a wide range of learning opportunities subsidised for those aged 50 years and above.

Most courses are SkillsFuture credit eligible too. Course topics cover both work skills and life skills in fields as varied as health and wellness, business and finance, IT, the humanities and arts.

Visit http://www.nsa.org.sg for the full list of courses or call 6478 5029 for more information. For details on the Active Ageing Nuggets event schedule, please visit http://www.c3a.org.sg/event_NSA_Bedok.

View post:

Healthy ageing talks and courses for the elderly by NSA - The New Paper

Posted in NSA

Sheep industry unites to set the record straight – The Scottish Farmer

EVIDENCE and facts, rather than 'headline grabbing' sensationalism, was to the fore at the first of a series of 'Setting the sheep farming record straight meetings organised by the National Sheep Association.

Kicking off at the Welshpool Livestock Market, Powys, the NSA was joined at the event by British Wool and Hybu Cig Cymru Meat Promotion Wales to counteract the 'almost weekly headlines claiming agriculture is responsible for many of the environmental and health problems' facing society.

NSA chief executive Phil Stocker said: It feels absolutely the right thing to do to be putting effort into positioning our industry as a solution and not the cause of global problems. Weve experienced unprecedented criticism and attack for the duration of this year. These meetings are the perfect platform to share evidence-based facts and statistics on what the actual situation is rather than that which many of the headline grabbing media would have you believe.

HCC meat quality executive Dr Eleri Thomas said: It was good to see a really engaged audience at Welshpool, raising exactly the issues that will be important for us as a levy board over the coming months. We discussed how the industry could give a unified response to the misleading media coverage on livestock farming and meat-free food.

"Also, we had the opportunity to explore how HCCs industry development work such as the Red Meat Development Programme feeds through into outcomes that have a wide benefit, for instance waste reduction, increasing shelf-life, and telling a consistent story to the consumer of how Welsh red meat is a sustainable, high-welfare, high-quality product.

British Wool was there to demonstrate its work to promote the high welfare standards of UK sheep farmers and shearers. Producer marketing executive Laura Johnson said: Working together with farmers to negate any negativity around animal welfare in the sheep farming industry is important and these meetings are doing that by giving farmers the confidence to defend their industry against false or misrepresented information.

NSA and British Wool will travel to Penrith and District Farmers Mart this Thursday, October 31, for their next farmer meeting. A full list of the future meetings with dates and locations can be found at http://www.nationalsheep.org.uk/events. All meetings are free to attend and open to all involved in the sheep sector, whether an NSA member or not.

See the original post:

Sheep industry unites to set the record straight - The Scottish Farmer

Posted in NSA

Inside Track: Is NSA Ajit Doval up or down in the Modi-2 regime? – The Indian Express

Prime Minister Narendra Modi with Minister of External Affairs S Jaishankar and NSA Ajit Doval

Is National Security Advisor Ajit Doval up or down in the Modi-2 regime? On one hand, with Amit Shah as Home Minister, Dovals wings automatically get clipped in internal security matters. When Rajnath Singh was home minister, Doval held forth freely at North Block meetings. But with Shah as boss there is less scope for interventions. At times, when Doval issues instructions to the IB chief or other agency heads, he is informed that they have to first check with Shah. On the other hand, there is physical evidence that Dovals clout is expanding in other areas. For instance, earlier he occupied just one floor of Sardar Patel Bhawan as his personal office. Now Doval, raised to the rank of Cabinet minister, has taken over most of the building for the National Security Council (NSC) Secretariat, which has expanded noticeably. There are even three deputy NSAs and the building entrance has got a facelift. Most importantly, the rules of business were re-framed this month so that the NSC can generate Cabinet notes and act like a full government department.

Defence Minister Rajnath Singh sent word to the Indian ambassador in France that he wanted a pandit to be present when he landed in Bordeaux for the formal ceremony of officially handing over the first of the 36 Rafale jets manufactured for the Indian Air Force. The French authorities, alerted that a puja would be performed on the runway, made discrete inquiries as to what the procedure entailed. At the Dassault Aviation Centre, Rajnath, carried out the rituals of a shastra puja, the ceremony for worshipping weapons. He offered a coconut and flowers, while a lemon was placed under the aircraft wheel. Singh put kum kum on his finger to inscribe the auspicious figure Om on the jet. The French witnessing the ceremony, including the Minister for Armed Forces, top army brass and senior officials of Dassault, heaved a sigh of relief. They had been informed that traditionally Indians inscribe a swastika during a puja. The swastika is an unhappy symbol for France since it evokes memories of Nazi occupation of the country during World War II.

Veteran journalist Ashok Maliks field of expertise is the media. His last job in fact was as press secretary to the President. But in his new position as policy advisor in the Ministry of External Affairs he has reportedly been told not to offer advice on the media. The External Publicity Division is possessive about its turf, even if its efforts for positive coverage on Kashmir in the foreign press have fallen rather short.

The recent BCCI elections demonstrated that this is yet another sphere in which Amit Shah holds sway. However, it was not Shah alone who rooted for Sourav Ganguly over Brijesh Patel for the presidents post. Along with MoS Finance Anurag Thakur, Assam minister Himanta Biswa Sarma, who controls the seven votes from the Northeast states, and Congressman Rajiv Shukla who is influential with the Madhya Pradesh, Rajasthan and Hyderabad cricket boards, also backed Ganguly. While the common surmise is that Shah coveted a winning face for his party in the Bengal Assembly polls, the BJP president realises that Bengals cautious dada has a history of keeping on the right side of all political parties, whether the TMC, CPI(M) or Congress, and is unlikely to throw his lot solely with the BJP. The common target of the new BCCI members from different camps is Vinod Rai, till last week head of the BCCIs Committee of Administrators (CoA). The cricket bosses who lost control of the most lucrative sport in the country for over three years had announced to all and sundry that they would settle scores by investigating some of the financial transactions of the CoA. Forewarned, the Supreme Court, while permitting the elected office-bearers to take charge, scuttled attempts for a potential witch-hunt against predecessors by inserting two safeguard clauses. No proceedings against the CoA members is possible without court clearance and legal expenses will be borne by the BCCI.

The Garvi Gujarat building, the new Gujarat Bhavan in Delhi inaugurated by PM Modi on September 2, has won plaudits and publicity. But the Bhavan, located on the prestigious Akbar Road, still awaits a resident cook. It is not easy to persuade a skilled Gujarati cook to move to Delhi, since cooks find the cost of living much cheaper in their home state and they prefer the familiar surroundings. The Gujarat authorities put out tenders for an agency to run the kitchen. The tender has finally been awarded, now everyone is waiting for the cook.

This article first appeared in the print edition on October 27, 2019 under the title Inside track: Some up, some down.

Read the original post:

Inside Track: Is NSA Ajit Doval up or down in the Modi-2 regime? - The Indian Express

Posted in NSA

Binaries and Brews: Jailbreak Security Summit convenes hackers on NSA’s doorstep – CyberScoop

Written by Sean Lyngaas Oct 15, 2019 | CYBERSCOOP

Of the countless security conferences held across the globe, only one combines craft beer and malware analysis in the National Security Agencys backyard.

Every year, federal contractors andanalysts at Beltway cybersecurity companies gather for a day at Jailbreak Brewerys Laurel, Maryland, headquarters to trade specialized knowledgein digital forensics.

The training is really good; the beers are even better, said a Department of Justice employee sipping a Lemon Meringue Berliner Weisse.

The DOJ employee, who declined to speak on the record, has been coming since the summits inception in 2015. I learn something new every year, he said, before descending from the bar and taking a seat in front of the presentation stage.

That is the comfort zone that Kasey Turner, a former NSA employee, sought to create when he opened the brewery in 2014 with cybersecurity contractor-turned-entrepreneur Justin Bonner.

We wanted this to be everybodys own jailbreak, Turner told CyberScoop. Whatever drama is in your lifewhile you sit here and drink a beer, we hope that you dont think about that for a few minutes.

The brewerys name is a nod to the cybersecuritydefinition of a jailbreak: using a vulnerability to gain root access to a device and install whatever programs you like on it.

Its more about the freedom of the jailbreak, so to speak,Turner said. Youre setting your phone free from the network and all of the constraints that are put on it.

It was early Friday evening and Turner and his colleague Tom McGuire, another ex-NSA-er, were taking a break from the exertions of running the brewery to reflect on how their project had progressed. Around them, glasses clinked as attendees lingered long after the last speaker had finished to share stories and exchange contact information. 0Day IPA was available at the bar, the walls were adorned with Big Lebowski-themed art, and 90s grunge hummed through the hall.

Before cybersecurity became a multibillion-dollar and endlessly hyped industry, security conferences had this low-key feel.

They were small, they were intimate, and you pretty much went to them because there wasnt anywhere else to talk about this stuff, Turner recalled. This was your opportunity to meet with these people and talk with them and put a face to a handle.

Sarah Edwards, a Mac/iOS forensics specialist who, fittingly, presented on jailbreaking tools at the conference, said the event was fertile ground for collaborating with others in her niche. It helped drive home the many positive reasons to jailbreak a phone, she said, including to study the devices interactions with its applications in order to make them more secure.

While previous summits focused on SCADA systems or Internet of Things devices, this years theme was reverse-engineering malware.

We need to make reverse engineering accessible to more people, proclaimedapresenterfrom theJohns Hopkins University Applied Physics Laboratory, in between meditations on binary static analysis. Carbon Blacks Erika Noerenberg riffed on the ability of a threat-hunting tool to decrypt payloads, while Google Project Zeros Maddie Stone walked attendees through how she deconstructed a vulnerability exploited in WhatsApp.

Each of us in this room may have a different reason for analyzing [a bug], Stone said.

Mike Bell, a longtime NSA contractor, presented on Ghidra, the reverse-engineering tool that the NSA publicly released earlier this year.

Looking relaxed in a sailor hat after going outon a boatthe previous night with fellowpresenters, Bell talked about his hope that Ghidra would be a valuable resource for academic researchers. Bell, who had helped write some of Ghidras algorithms, stood at the bar, his chin raised slightly, exuding an eagerness about where the project would go next.

The simple fact is the team cant keep up with all the changes in industry, Bell said, explaining one reason why the NSA released Ghidra publicly.

The camaraderie on display is one reason Turner and McGuire say they want to keep the conference small and unassuming, a contrast to the pomp and glitz of other industry events. What started for Turner and McGuire as a means of catching up with former colleagues will stay that way, they said.

Having a conference at a brewery gets people going, Turner said. They talk to one another.

View post:

Binaries and Brews: Jailbreak Security Summit convenes hackers on NSA's doorstep - CyberScoop

Posted in NSA

The Week That Will Be – Lawfare

Event Announcements(More details on theEvents Calendar)

Tuesday, October 15, 2019, 9:15 a.m.: The Hudson Institute will host a debate on the broader implications for U.S. Middle East policy following the latest developments in Syria and Turkey. Hudson Senior Fellow Mike Doran will argue in favor of President Trumps withdrawal decision, while Hudson Fellow Blaise Misztal will argue the move is detrimental to U.S. interests. More details and registration for the event can be found here.

Tuesday, October 15, 2019, 2:00 p.m.: The Heritage Foundation will host an event focusing on the ongoing challenges with U.S. border security. The event will feature a panel of Senior Heritage Legal Fellows who will discuss the role that states can play in assisting the federal government with enforcing immigration laws. More details and registration for the event can be found here.

Wednesday, October 16, 2019, 10:00 a.m.: The Senate Foreign Relations Committee will hold a hearing on U.S.-Iran policy. The committee will hear testimony from Brian Hook, the U.S. special representative for Iran.

Wednesday, October 16, 2019, 2:00 p.m.: The House Foreign Affairs Subcommittee on the Middle East, North Africa and International Terrorism will hold a hearing on the Syria Study Group's recommendations for U.S. policy. The subcommittee will hear testimony from the study group's co-chairs, Dana Stroul and Michael Singh.

Wednesday, October 16, 2019, 3:00 p.m.: The Senate Foreign Relations Subcommittee on East Asia, the Pacific, and International Cybersecurity Policy will hold a hearing on the implementation of the Asia Reassurance Initiative Act (ARIA) and America's Indo-Pacific Strategy. The subcommittee will hear testimony from David Stilwell, the assistant secretary of state for East Asian and Pacific affairs; Randall Schriver, the assistant defense secretary for Indo-Pacific security; and Gloria Steele, the acting assistant administrator for Asia at the U.S. Agency for International Development.

Thursday, October 17, 2019, 10:00 a.m.: The House Homeland Security Subcommittee on Emergency Preparedness, Response, and Recovery will hold a hearing on defending the homeland from bioterrorism. The subcommittee will hear testimony from Asha George, the executive director of the Bipartisan Commission on Biodefense; Umair Shah, the executive director of Harris County Public Health; and Jennifer Rakeman, the assistant commissioner and director of the Public Health Laboratory in the New York City Department of Health and Mental Hygiene.

Thursday, October 17, 2019, 10:00 a.m.: The House Foreign Affairs Committee will hold a hearing titled, "The Betrayal of Our Syrian Kurdish Partners: How Will American Foreign Policy and Leadership Recover?" The committee will hear testimony from James Jeffrey, the U.S. special representative for Syria engagement and the special envoy to the global coalition to defeat ISIS, and Joey Hood, the principal deputy assistant secretary of state for near eastern affairs.

Thursday, October 17, 2019, 11:00 a.m.: The Brookings Institution will host Irelands Minister for Finance Paschal Donohoe for remarks on the impact of Brexit for Ireland in the context of a broader discussion on the future of globalization. More details and registration for the event can be found here.

Thursday, October 17, 2019, 2:00 p.m.: The House Homeland Security Subcommittee on Oversight, Management, and Accountability will hold a hearing titled, "The Public's Right to Know: FOIA at the Department of Homeland Security." The subcommittee will hear testimony from James Holzer, the deputy chief FOIA officer at DHS; Tammy Meckley, the associate director of the immigration records and identity services directorate at U.S. Citizenship and Immigration Services; Alina Semo, the director of the office of government information services; and Vijay D'Souza, the director of the Government Accountability Office's information technology and cybersecurity team.

Employment Announcements(More details on theJob Board)

The following are job announcements of potential interest toLawfarereaders. If you have an announcement to add to the page,emailus.

Policy ProgramCoordinator, National Security Institute

The George Mason University Antonin Scalia Law School seeks a Policy Program Coordinator for the National Security Institute (NSI) on the Arlington, VA., campus. George Mason University has a strong institutional commitment to the achievement of excellence and diversity among its faculty and staff, and strongly encourages candidates to apply who will enrich Masons academic and culturally inclusive environment.


TheNSIPolicy Program Coordinator will be responsible for the successful planning and coordination ofNSIpolicy program efforts and events. Responsibilities include, but are not limited to:

Required Qualifications:

Preferred Qualifications:

This is not a supervisory position.

For full consideration, applicants must apply for position number 10522z at http://jobs.gmu.edu/; complete and submit the online application; and upload a cover letter, resume, and a list of three professional references with contact information.

Deputy Executive Director (International Refugee Assistance Project)


The International Refugee Assistance Project (IRAP) works through a robust network of staff, pro bono attorneys and law students to fill a major gap in access to legal aid for refugees, asylum seekers, and other displaced people. IRAP has become the first advocacy organization to provide comprehensive legal representation to refugees throughout the registration, protection and resettlement processes. As fear, division, hatred, and economic uncertainty persist in the global consciousness and manifest in discriminatory policies, speech, and actions, individuals across the world must respond by demanding and upholding commitments to justice. IRAP is leveraging its volunteers and resources to fight back and ensure that we continue to uphold the humanitarian tradition of welcoming those who need refuge.

IRAP is now seeking nominations and applications for the position of Deputy Executive Director.

Since its founding in 2008, IRAP has used legal aid, litigation and advocacy to protect and advance the rights of refugees, both domestically and internationally; the organization has also remained committed to developing the next generation of human rights attorneys through its work with law students. The global turn against refugee resettlement coupled with IRAPs highly effective model has led to a period of rapid expansion to meet new levels of demand. In the past two years, IRAPs annual budget has increased from $2 million to $9 million, and over the past six years, its staff has grown from ten to seventy-five.

As it builds capacity through this period of tremendous growth, IRAP seeks a Deputy Executive Director (DED) to provide strategic vision and leadership, lead infrastructure development and programmatic oversight, manage IRAPs dedicated and talented team, and steward the organizations continued development to maximize impact. Reporting directly to Becca Heller, IRAPs founder and Executive Director, the DED will work closely with staff across the organization and at all levels to foster IRAPs culture of collaboration and identify opportunities for increased support and development.

The ideal candidate will demonstrate a deep connection to IRAPs mission to use legal advocacy to find safe places to live and safe passage for the worlds most persecuted individuals. S/he/they will be an inclusive, passionate leader committed to combatting inequitable policies impacting refugees and other displaced people and to delivering the highest quality legal and advocacy services. S/he/they will bring at least eight years of progressive leadership experience in a legal and/or nonprofit setting, with demonstrable success in change implementation. The new Deputy Executive Director will be an experienced manager who excels at supporting, mentoring, and motivating staff; developing structures and processes that facilitate efficient and effective communication across leadership and teams within an organization; and supporting teams that work closely with individuals who have experienced trauma.


More information about IRAP may be found at:https://refugeerights.org/.

This search is being conducted with assistance from Callie Carroll, Allison Kupfer Poteet, Hallie Dietsch and Javier Garcia ofNPAG. Due to the pace of this search, candidates are strongly encouraged to apply as soon as possible. Applications including a cover letter describing your interest and qualifications, your resume (in Word format), and where you learned of the position should be sent to:[emailprotected]profitprofessionals.com. In order to expedite the internal sorting and reviewing process, please type your name (Last, First) as the only contents in the subject line of your e-mail.

IRAP believes that diversity is critical to fostering a strong workplace and serving our clients well. We strongly encourage applications from people with lived experiences in the communities that we serve, members of other marginalized communities, and individuals whose identities are underrepresented in the legal profession.

Legal Service Director/U.S. Legal Director(International Refugee Assistance Project)

The International Refugee Assistance Project (IRAP) works through a robust network of staff, pro bono attorneys and law students to fill a major gap in access to legal aid for refugees, asylum seekers, and other displaced people. IRAP has become the first advocacy organization to provide comprehensive legal representation to refugees throughout the registration, protection and resettlement processes. As fear, division, hatred, and economic uncertainty persist in the global consciousness and manifest in discriminatory policies, speech, and actions, individuals across the world must respond by demanding and upholding commitments to justice. IRAP is leveraging its volunteers and resources to fight back and ensure that we continue to uphold the humanitarian tradition of welcoming those who need refuge.

IRAPs Legal Services Department is growing in response to the increased demand to protect those whose rights are being threatened and is now seeking nominations and applications for the positions of Legal Service Director and U.S. Legal Director, both within its Legal Services Department.

Since its founding in 2008, IRAP has used legal aid, litigation and advocacy to protect and advance the rights of refugees, both domestically and internationally; the organization has also remained committed to developing the next generation of human rights attorneys through its work with law students. The global turn against refugee resettlement coupled with IRAPs highly effective model has led to a period of rapid expansion to meet new levels of demand. In the past two years, IRAPs annual budget has increased from $2 million to $9 million, and over the past six years, its staff has grown from ten to seventy-five.

Reporting to IRAPs Executive Director, Becca Heller, the Legal Services Director will lead a team of five talented program directors who oversee the work of over 40 staff. The Legal Services Department focuses on protecting the rights of refugees, and the Director will provide critical strategic partnership to the Executive Director as IRAP navigates this new phase of growth. The Legal Services Director will provide direct supervision to the U.S. Legal Services Director, Middle East Director, Director of Pro Bono, the Director of Complementary Pathways and the Intake and Legal Information Director. S/he/they will oversee staff based in New York City, Jordan, Lebanon, and remotely around the world.

IRAPs US Legal Services team assists individuals navigating the refugee recognition, resettlement, and visa application processes through their mentorship ofpro bonoteams, in-house representation, and legal information andpro sematerials. Reporting to IRAPs Legal Services Director, the U.S. Legal Services Director will lead a team of talented attorneys, intake caseworkers, and legal assistants who provide individual legal assistance to refugees and other displaced people around the world. Once hires are completed, the Director will supervise 14 IRAP staff and support a national pro bono network of over 1,000 attorneys and law students.

The ideal candidates will demonstrate a deep connection to IRAPs mission to use legal advocacy to find safe places to live and safe passage for the worlds most persecuted individuals. They will be an inclusive, passionate leaders committed to combatting inequitable policies impacting refugees and other displaced people and to delivering the highest quality legal and advocacy services. They will be a experienced managers who excel at supporting, mentoring, and motivating legal staff; developing processes that facilitate the efficient and effective delivery of direct legal services by staff and volunteer lawyers; and leading teams that work closely with individuals who have experienced trauma. The Directors be decisive, keenly analytical leaders and thinkers who will build and support healthy culture around prioritization, team communication and decision making. Both the Legal Services Director and U.S. Legal Services Director must have law degrees and be admitted to practice law in the United States.

These searches are being conducted by Meredith Horton, Allison Kupfer Poteet, Hallie Dietsch, and Javier Garcia of the national search firmNPAG. For more information, full position descriptions and instructions on how to apply, please visit the links below.



Call for Papers, ESIL Research Forum of the European Society of International Law

The ESIL Research Forum is a scholarly conference that promotes engagement with research in progress by members of the Society. It has a small and intensive format. The Forum targets scholars at an early stage of their careers. Approximately 15-25 paper submissions will be selected. During the Forum,selected speakers will receive comments on their presentations from members of the ESIL Board and invited experts.

The 2020 Research Forum addresses the topic:

Solidarity: The Quest for Founding Utopias of International Law

Solidarity is a founding utopia of international law. It has long appeared in the legal discourses of leading international law scholars as a value and political concept incorporated into international legal norms and evidenced in multilateral and bilateral treaties as an essential condition of interstate cooperation. As a principle of international law, it is mostly identifiable through the trust and confidence shown by states to one another in order to reap the mutual benefits of cooperation. In a broader sense, it also reveals a highly ambiguous ethical ideal not extraneous to the civilizing mission of a world order of interdependent states and communities addressing shared needs in a spirit of global cooperation and mutual responsibility. In response to the new global challenges faced by todays international legal system, solidarity has acquired a special prominencewith unprecedented developments in various fields of international law (e.g. trade law, environmental law, humanitarian law, disaster law, health law) while its utopian dimension has been stressed and expanded towards new directions.

The 2020 ESIL Research Forum aims to inspire thoughtful reflections on the genealogy of international solidarity by focusing on the actors, norms and processes influencing its evolution over time. Beyond the search for definitions, the scope of the Forumis to explore transformations and practical manifestations of this longstanding principle in the international legal community. Special attention will be given to international solidarity as interpreted by international and domestic courts and tribunals and to the analysis of some key areas where solidaristic paradigms have led to either positive outcomes or controversial repercussions.

Preference will be given to proposals in one of the following areas:

1.The historical boundaries of international solidarity

2. Solidarity and private law analogies

3.The invention of European solidarity

4. A human rights-based solidarity? Universal vs regional approaches

5. Peace and security: solidarity and the United Nations

6. International solidarity in emergency situations

7. Social solidarity economy and sustainable development

8. Civil society and transnational solidarity

9. International solidarity and burden-sharing: migration and refugee law

10. International solidarity and current trends: populism, nationalism vs multilateralism

Abstracts (of no more than 750 words) should be submitted to [emailprotected] by Monday 30 September 2019. Please include the following information with your abstract: your name, affiliation, email address, whether you are an ESIL member, plus a one-page curriculum vitae.

Successful applicants will be notified by email by 4 November 2019. Complete paper drafts will be required by 19 February 2020. Papers may in due course be published in the ESIL SSRN Conference Paper Series.

All those who take part in the Forum are expected to be ESIL members at the time of their participation.

Selected speakers will be expected to bear the costs of their own travel and accommodation. Some ESIL travel grantsand ESIL carers grantswill be available to offer partial financial support to speakers who have exhausted other potential sources of funding.

Speakers will be informed of several hotels that offer preferential rates to Research Forum participants. Lunch will be provided on both days, and a dinner for presenters, commentators and ESIL Board members will be hosted on the evening of Thursday 23 April 2020.

Attorney, Compliance Unit, National Security Agency

The National Security Agency (NSA) Office of General Counsel (OGC) is seeking highly motivated, skilled attorneys to join its expanded Compliance team of dedicated, professional attorneys advising NSA personnel and senior leadership on end-to-end compliance matters. Become involved in the earliest stages of operational technology development to ensure legal compliance issues are addressed; advise operational and compliance professionals in response to discrete regulatory questions and audits of NSA intelligence programs; team with NSA personnel and legal counterparts at the Department of Justice and the Office of the Director of National Intelligence to ensure NSA's overseers are fully informed of regulations, procedures and policies that support oversight of NSA's intelligence activities. Through work on the legal Compliance team, you will gain unique insight into inner-workings of NSA's technical operations and how its signals intelligence authorities are applied.

The professionals at the National Security Agency (NSA) have one common goal: to protect our nation. The mission requires a strong offense and a steadfast defense. The offense collects, processes and disseminates intelligence information derived from foreign signals for intelligence and counterintelligence purposes. The defense prevents adversaries from gaining access to sensitive of classified national security information.

The NSA OGC is an elite team of lawyers who provide legal advice to the Agency as it carries out its primary missions and all of its support functions. As a valued member of OGC, you will be performing critical work ensuring that Agency operations comply with the law while also protecting both our national security and our civil liberties.

Description of Position

The responsibilities of a Compliance Unit Attorney at the NSA can include:

- Advising the Agency on legal matters involving a particular subject matter (e.g., ensuring compliance with constitutional, statutory, regulatory, procedural, and policy requirements for intelligence operations)

- Analyzing proposed changes to legislation, programs, policies, regulations, or plans to determine impact on the Agency

- Representing the Agency's official position in legal and legislative proceedings, including proceedings before the Foreign Intelligence Surveillance Court

- Representing the Agency in interactions with outside customers, DoD, Congressional representatives, foreign partners, or the general public

- Conferring with/educating clients, customers, or stakeholders on legal or policy issues

- Determining the legal sufficiency of documents

- Drafting legal briefs, pleadings, etc.

- Making legal determinations in accordance with laws, regulations, professional standards, or Agency policies and procedures

The ideal candidate is a highly-motivated and qualified attorney with three years minimum experience, with excellent oral and written communication skills, a desire for continual learning, possesses problem-solving, analytic, and interpersonal skills, and is:

- detail-oriented

- customer and results oriented

- able to adjust to changing situational requirements

- able to build relationships across the Agency and with external stakeholders

- able to manage multiple tasks with competing timelines and deliverables

Experience and knowledge of law in one or more of the following areas is required:

- intelligence operations

- complex litigation

- national security law

This is a full-time position, Monday through Friday.

On-the job training, Internal NSA courses, and external training will be made available based on the need and experience of the selectee.

The Office of General Counsel (OGC) is the exclusive NSA component responsible for providing legal services to all NSA elements. The Office of General Counsel protects NSA's interests concerning the legal and regulatory authorities, requirements, entitlements, obligations and oversight requirements under which the Agency operate.

Salary Range $99,172 - $152,352 (Senior)

*The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position.

Entry for Grade 13 is with a Professional Law Degree (LLB or JD).

Degree must be a Professional Law Degree (LL.B. or J.D.) and requires active membership in the bar of the highest court of a State, U.S. commonwealth, U.S. territory, or the District of Columbia.

Grade 13: Must have in excess of 2 years of relevant experience. Relevant experience as determined by the Office of the General Counsel (or the Office of the Inspector General for positions in the OIG) must be professional legal experience that is commensurate with the duties and responsibilities of the position. See DoD Instruction (DoDI) 1442.02 for exceptions to the grade-level standards. Active membership in the bar of the highest court of a State, U.S. commonwealth, U.S. territory, or the District of Columbia is required.

Entry for Grade 14 is with a Professional Law Degree (LLB or JD).

Degree must be a Professional Law Degree (LL.B. or J.D.) and requires active membership in the bar of the highest court of a State, U.S. commonwealth, U.S. territory, or the District of Columbia.

Grade 14: Must have in excess of 3 years of relevant experience. Relevant experience as determined by the Office of the General Counsel (or the Office of the Inspector General for positions in the OIG) must be professional legal experience that is commensurate with the duties and responsibilities of the position. See DoD Instruction (DoDI) 1442.02 for exceptions to the grade-level standards. Active membership in the bar of the highest court of a State, U.S. commonwealth, U.S. territory, or the District of Columbia is required.

Salary Range: $137,849 - $166,500 (Expert)

*The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position.

Continue reading here:

The Week That Will Be - Lawfare

Posted in NSA

NSA on the Future of National Cybersecurity – Security Boulevard

Glenn Gerstell, the General Counsel of the NSA, wrote a long and interesting op-ed for the New York Times where he outlined a long list of cyber risks facing the US.

There are four key implications of this revolution that policymakers in the national security sector will need to address:

The first is that the unprecedented scale and pace of technological change will outstrip our ability to effectively adapt to it. Second, we will be in a world of ceaseless and pervasive cyberinsecurity and cyberconflict against nation-states, businesses and individuals. Third, the flood of data about human and machine activity will put such extraordinary economic and political power in the hands of the private sector that it will transform the fundamental relationship, at least in the Western world, between government and the private sector. Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.

He then goes on to explain these four implications. Its all interesting, and its the sort of stuff you dont generally hear from the NSA. He talks about technological changes causing social changes, and the need for people who understand that. (Hooray for public-interest technologists.) He talks about national security infrastructure in private hands, at least in the US. He talks about a massive geopolitical restructuring a fundamental change in the relationship between private tech corporations and government. He talks about recalibrating the Fourth Amendment (of course).

The essay is more about the problems than the solutions, but there is a bit at the end:

The first imperative is that our national security agencies must quickly accept this forthcoming reality and embrace the need for significant changes to address these challenges. This will have to be done in short order, since the digital revolutions pace will soon outstrip our ability to deal with it, and it will have to be done at a time when our national security agencies are confronted with complex new geopolitical threats.

Much of what needs to be done is easy to see developing the requisite new technologies and attracting and retaining the expertise needed for that forthcoming reality. What is difficult is executing the solution to those challenges, most notably including whether our nation has the resources and political will to effect that solution. The roughly $60 billion our nation spends annually on the intelligence community might have to be significantly increased during a time of intense competition over the federal budget. Even if the amount is indeed so increased, spending additional vast sums to meet the challenges in an effective way will be a daunting undertaking. Fortunately, the same digital revolution that presents these novel challenges also sometimes provides the new tools (A.I., for example) to deal with them.

The second imperative is we must adapt to the unavoidable conclusion that the fundamental relationship between government and the private sector will be greatly altered. The national security agencies must have a vital role in reshaping that balance if they are to succeed in their mission to protect our democracy and keep our citizens safe. While there will be good reasons to increase the resources devoted to the intelligence community, other factors will suggest that an increasing portion of the mission should be handled by the private sector. In short, addressing the challenges will not necessarily mean that the national security sector will become massively large, with the associated risks of inefficiency, insufficient coordination and excessively intrusive surveillance and data retention.

A smarter approach would be to recognize that as the capabilities of the private sector increase, the scope of activities of the national security agencies could become significantly more focused, undertaking only those activities in which government either has a recognized advantage or must be the only actor. A greater burden would then be borne by the private sector.

Its an extraordinary essay, less for its contents and more for the speaker. This is not the sort of thing the NSA publishes. The NSA doesnt opine on broad technological trends and their social implications. It doesnt publicly try to predict the future. It doesnt philosophize for 6000 unclassified words. And, given how hard it would be to get something like this approved for public release, I am left to wonder what the purpose of the essay is. Is the NSA trying to lay the groundwork for some policy initiative ? Some legislation? A budget request? What?

Charlie Warzel has a snarky response. His conclusion about the purpose:

He argues that the piece is not in the spirit of forecasting doom, but rather to sound an alarm. Translated: Congress, wake up. Pay attention. Weve seen the future and it is a sweaty, pulsing cyber night terror. So please give us money (the word money doesnt appear in the text, but the word resources appears eight times and investment shows up 11 times).

Susan Landau has a more considered response, which is well worth reading. She calls the essay a proposal for a moonshot (which is another way of saying they want money). And she has some important pushbacks on the specifics.

I dont expect the general counsel and I will agree on what the answers to these questions should be. But I strongly concur on the importance of the questions and that the United States does not have time to waste in responding to them. And I thank him for raising these issues in so public a way.

I agree with Landau.

Slashdot thread.

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from Schneier on Security authored by Bruce Schneier. Read the original post at: https://www.schneier.com/blog/archives/2019/10/nsa_on_the_futu.html

More here:

NSA on the Future of National Cybersecurity - Security Boulevard

Posted in NSA

Snowden Reveals How He Secretly Exposed NSA Criminal Wrongdoing Without Getting Arrested – Democracy Now!

This is a rush transcript. Copy may not be in its final form.

AMY GOODMAN: This is Democracy Now! Im Amy Goodman, as we continue Part 2 of our conversation with NSA whistleblower Edward Snowden, who has just published his memoir. Its called Permanent Record. Democracy Now!'s Juan Gonzlez and I spoke to him from his home in Moscow last week, where he's lived in exile since 2013. Ed Snowden talked about how he worked at the NSAs Office of Information Sharing an office of one: him.

EDWARD SNOWDEN: What does the Office of Information Sharing do? Well, besides me being way better at that job than the NSA ever thought that I would be, much to their dismay, think about the director of an agency, right? Think about the head of a unit. Think about someone whos supposed to know all the secrets to everything. Theyre not technologists, and these are very technical systems. When they say, I need to know whats going on with this, or, Show me this program, somebody has to get that, right? They dont know how to get it themselves. And that means somebody has all the access as these directors have all of these other things. These people are called systems administrators.

And so, I was sitting, for the first time in my career, really, with absolute awareness, not of the little picture, but the big picture, how all the pieces fit together. And I created a system called the HEARTBEAT. This is a new technological platform, that you can think of it like a news aggregator, the landing page, you know, on Google News, that pulls from all of these different newspapers and says, Heres whats interesting for you, based on who you are, whatever. And it would go, This person works in this office; they should see these kind of programs. And I created a kind of crude proof of concept system to do this.

But a byproduct of this meant that I now was sitting on top of a mountain of secrets. And it turned out that a lot of those secrets were criminal. So now I had to find a way to collect the evidence of wrongdoing, get it out of one of the most highly secured buildings on the planet it was a World War II-era airplane factory that was buried under a pineapple field, that was later converted into a spy base in Hawaii and somehow get it to journalists without getting caught.


EDWARD SNOWDEN: And this is really where we get into the climax of the book.

JUAN GONZLEZ: Ed, at this point, you also discuss that you had first considered going to WikiLeaks but then changed your mind because of some changes in WikiLeaks policy that also you felt you could not in good conscience participate in. If you could talk about that, as well?

EDWARD SNOWDEN: Right. So, a lot of people misread this and think of it as me sort of denouncing WikiLeaks. And its not. I think some of the reporting that WikiLeaks has done is tremendously important, both for the historic record and also for contemporary politics basically every story theyve run in the last many years. And, of course, this when were talking about is in 2013, its long before the 2016 election has been covered by newspapers around the world.

But what had happened in the wake of the 2009 Manning disclosures this is where WikiLeaks published the Collateral Murder video of U.S. helicopter pilots killing not just a journalist, but also the first responders that came to their aid, and the classified histories of the wars in Iraq and Afghanistan and the State Departments diplomatic cables, that in some ways are argued to have sort of helped spark or at least catalyze the Arab Spring movement. What had happened is, in the early parts of WikiLeaks reporting, they worked in concert with newspapers, with sort of The New York Times, The Washington Post, The Guardian, Der Spiegel major newspapers. But at some point, one of the journalists that they had worked with wrote a memoir, or some kind of book, where they published the password that Julian Assange had given them to the entire archive of data, that only journalists were supposed to have, not the public, because the journalists were supposed to go through this process of deciding what in this archive of material does the public need to know and what is a legitimate secret, that maybe theres no benefit for publishing.

Once this journalist published this, WikiLeaks went well, all of the bad guys in the world, basically, have access to this material, because the archive, encrypted archive, was available to anyone. Its just you needed the password to unlock it. Now this bonehead journalist had published it and basically unlocked Pandoras box. WikiLeaks was in a tough place there. And they basically revised their editorial policy to go, You know what? Were going to publish everything pristine and unredacted, so that everyone is on a common footing, whether youre a good guy or bad guy. At least we all have access to the same information.

Its not my place to agree or disagree with that, say its right or wrong. But what I did want to do was try a different model, go, What happens? Is there a difference? Because Chelsea Manning, of course, was accused of all the same things that I was said, you know, This persons a traitor, said, This person endangered the troops which has never borne out, by the way. Were now more than 10 years on from those activities, and the government, even at Chelsea Mannings trial, after theyve convicted her, the government was invited by the judge to show evidence of harm, and they couldnt show anyone was harmed as a result of the disclosures.

But could these accusations of government be mitigated by the process of whistleblowing? Could we simply be more discriminating? Could we be overly cautious? Could we accommodate, to the maximum extent, what the government thought would be an appropriate process, while still empowering journalists? And this was the model that I set out to try and prove. Can we have myself, any whistleblower right? gather evidence of wrongdoing and trust that to the press under the condition that the journalists agree they will publish no story simply because its newsworthy, simply because its interesting, but only publish stories they are willing to make an institutional judgment are in the public interest to know, and then, as an extraordinary check beyond that, go to the government in advance of publication, warn the government, We are about to publish this story, and give the government and adversarial opportunity to argue against this, say, This will cause harm. Someone will get hurt. Redact this detail? And in all cases Im aware of, that process was followed.

And this is why, in 2019, I think its so obvious that no harm to national security has resulted from this process of disclosure. And yet, the same criticisms, the same allegations are made to me as have been every other whistleblower. And what we need to understand here is not my model of publication is right and WikiLeaks model is wrong, but rather to see you have two very different levels of caution right? of risk mitigation in these publication models. And yet, despite years and years of investigation by the most powerful government in history, in neither case has the government ever established or even offered evidence of harm as a result of this disclosure.

And so, this is the fundamental point that I just want to summarize for people. Whenever the government faces a whistleblower that is revealing some kind of wrongdoing that makes them uncomfortable, that implicates them in some kind of activity they should not be doing, they are going to try and change the conversation from the concrete harms of their actions, of their policies in government, and instead try to have a discussion about the theoretical risks of journalism in a free and open society. And, of course, there are risks to having a free press, but we embrace those risks, because those are the things that guarantee we are truly free.

JUAN GONZLEZ: Your decisions to eventually provide the information to Glenn Greenwald and Laura Poitras, and how those meetings initially went?

EDWARD SNOWDEN: Yeah, so, I have to work with journalists to get them interested in meeting with someone who they dont even know their name right? because if I give the journalists my name and they mishandle it, because the government is spying on everyone I know how the mass surveillance system works the government will have me in jail before anybody knows anything. So I have to go through this elaborate process of trying to reach out to journalists, convince them to use encrypted communications, while protecting myself from mass surveillance, driving around Hawaii with a specialized system, thats basically a GPS magnet that I can attach to the roof of my car, run through the window by wire to a laptop, which has an enormously powerful antenna connected to it, and then basically create a map, using that antenna, of everywhere there are different wireless access points that are either open and unlocked or vulnerable to being unlocked by me, that I can use for this covert communications in a way that wont lead back to me. And then I have to convince them, you know, I know something serious that you need to know about, the public needs to know about. But I cant tell you what it is yet until you do this, then get them online, then begin showing them evidence, and then, ultimately, get them to meet. And this was a tremendously stressful period, thats covered in some detail in the book.

But I think it is extraordinary, and I think these journalists should be all applauded for the risks that they took, because its very likely they could have been meeting with somebody who was saying, Oh, you know, Ive got the biggest secret in the world: The aliens have landed, and they work in the State Department. But they came, and they looked at the documents. They took them seriously. They authenticated them. And eventually they won the Pulitzer Prize for Public Service journalism because of that.

AMY GOODMAN: And after you met with them and you shared your stories, and they were writing them as you were meeting together in Hong Kong, describe what it meant to go underground there and then to ultimately, how you made your way, ended up at the Moscow airport and couldnt leave once you got there.

EDWARD SNOWDEN: Oh, yeah, this is a great question. So, I had been looking at this entire reporting system as a crazy system of a series of challenges, that were becoming increasingly difficult. But the end of it, the finish line, was youve delivered the secret to journalists, that the government has violated the rights of Americans and the Constitution of the United States. They can then publish that information, and that was the end of the process, because I was always planning on getting arrested.

And so, then, when the story comes out and my biggest fear was this was going to be a two-day story that everybody stopped talking about, it just blew over, the government sort of suppressed it it became the biggest story on the planet that year. Suddenly, everybody was interested in me. The government made me public enemy number one. I was the most wanted man in the world. It was a question of: All right, what now? And I didnt really have an idea.

So I talked with journalists or, sorry, I talked with lawyers that were introduced to me by the journalists human rights lawyers and tried to plan my next stage. I talked to the United Nations. And ultimately, the United Nations came back and went this is sort of you know, they wouldnt say this publicly, and I wouldnt encourage them to go on the record about this, but they went, Look, practically, the U.S. has enormous sway in our organization. They pay an enormous amount of our budget. And the U.S. gets what the U.S. wants. We probably cant help you. We will try, but its likely to work out to your disadvantage. And so, if the U.N. cant protect you, who can?

And my lawyer, Robert Tibbo, had this idea that I would go underground with the refugee families that he had been representing, that were themselves trying to seek asylum in Hong Kong. And so, suddenly, Ive gone from staying in a five-star hotel with journalists to staying in an apartment shared by five people, where the kitchen is the bathroom, and the entire thing is smaller than most suburban bathrooms. And Im trying to communicate with journalists. And these people were so brave, I still cant believe Im in disbelief that they just welcomed me in, when my face was on the front page of every newspaper. But they knew what it was like to be hunted by a government for having done the right thing. They were escaping violence and persecution. And they were just trying to make their way through the world. And this is the thing that always strikes me. They had nothing. These were the most vulnerable people on the planet. But its the people who have nothing that care about others the most, because all they have are connections.

And so, Ive been an aggressive advocate since then for trying to get them resettled. We have resettled two of them, a mother and her daughter, in Canada, after years and years of effort. But, unfortunately, the Trudeau government is still digging in their heels and trying to prevent the rest of the families from entering into asylum. In Hong Kong, the number of people who have their asylum claims approved is less than 1%, which is actually some of the those are some of the worst figures in the world for that. And even if they get their asylum claims granted, they are forced to be resettled in third countries rather than in Hong Kong itself.

AMY GOODMAN: NSA whistleblower Edward Snowden. He tells his story in his new book, Permanent Record. Back in 30 seconds with Snowden.


AMY GOODMAN: El Triste by one of Latin Americas most beloved singers, Jos Jos. Known as The Prince of Song, he passed away in South Florida Saturday at the age of 71.

View original post here:

Snowden Reveals How He Secretly Exposed NSA Criminal Wrongdoing Without Getting Arrested - Democracy Now!

Posted in NSA

Former NSA Inspector: Whistleblower Does Not Need Firsthand Information – WBUR

WithMeghna Chakrabarti

We talk with former NSA inspector Joel Brenner about the whistleblower complaint.

"I think everybody in the intelligence community is extremely nervous. The president's been attacking the community, explicitly," he toldOn Point's Meghna Chakrabarti.

Joel Brenner, former inspector general for theNational Security Agency, and later senior counsel to the NSA.Former head of U.S. counterintelligence under the Director of National Intelligence. Senior research fellow at MIT's Center for International Studies.

On President Trumps demands to unmask the whistleblower

I think everybody in the intelligence community is extremely nervous. The president's been attacking the community, explicitly. And, the president's now attacking the norms by which the Congress and the intelligence community have agreed that there ought to be a way to report wrongdoing. This is dangerous. The president's M.O. is to create as much chaos and confusion on all fronts as he can. That's what he's doing here.

On concerns about Trumps desire to reveal the whistleblower's identity

It has to do with the basic trust that people used to have in American institutions. And, even as that trust diminished significantly during my lifetime, there were still basic norms that people observed; ways that they behaved. This is going to make whistleblowers more reluctant to come forward. I'm talking about whistleblowers who are not merely cranky and complaining about not getting promoted and stuff. We saw plenty of that, too. But, people who really saw something that they thought really looked wrong. [Especially] since the president's now saying such nasty things about this person who everybody else says, in a position to know, is following the rules. I mean, this is so beyond the pale. And, of course, people are extremely nervous about it.

On reporting that correspondence, such as the Ukranian phone call, and other information is being kept on highly secret servers at the advice of White House lawyers.

Is that outside of standard operating procedure?

Out of the normal operations of the intelligence community, it's just totally I can't say nobody's ever done it, but it is not according to Hoyle. Let me explain, first, what code word means. There are three classifications only, under our law: confidential, secret, top secret. You don't go higher than that. But, then, we have certain horizontal classifications that have to do with things that are put in compartments, or in [the] Defense Department, called Special Access Programs. That's what this is talking about. This server was to hold information that was compartmented or, sapped as they say. This information was clearly not appropriate, to put this information there.

Now, the president does have the power to classify things however he wants. Which means, his behavior and an ordinary IC [intelligence community] person's behavior, are not the same thing. But, I would remind people, that if you do a lawful act for an unlawful purpose, in the course of conspiring to cover up illegal behavior which I think is demonstrated in the transcript itself then that becomes illegal. That's an act in furtherance of conspiracy. And I think that's what was going on here."

On being astonished that White House lawyers would, reportedly, advise trying to hide Trumps behavior

Yes, I am. You know, when things go wrong, you always want to say, Where were the lawyers? And, if this whistleblower complaint pans out in all respects, it appears that the lawyers were actually guiding the cover-up of this information. And, I think if that is true if they've got problems under criminal law, and they're licensed to practice law they're going to be challenged, at some point, as well.

On whether a whistleblower has to have first-hand information in a complaint

No. And why would you want that to be the case? An investigator whether it's an investigative journalist, or a prosecutor, or an inspector general wants leads. You start with leads, you don't start with admissible evidence for in a courtroom which is what firsthand information is, so it's not hearsay. You want to get information that's credible, that will then guide an investigation to produce firsthand information. So, this is a complete red herring. It's not only not the case, but you wouldn't want it to be the case.

New York Times: "White House Knew of Whistle-Blowers Allegations Soon After Trumps Call With Ukraine Leader" "The White House learned that a C.I.A. officer had lodged allegations against President Trumps dealings with Ukraine even as the officers whistle-blower complaint was moving through a process meant to protect him against reprisals, people familiar with the matter said on Thursday.

"The officer first shared information about potential abuse of power and a White House cover-up with the C.I.A.s top lawyer through an anonymous process, some of the people said. The lawyer shared the officers concerns with White House and Justice Department officials, following policy. Around the same time, the officer separately filed the whistle-blower complaint.

"The revelations provide new insight about how the officers allegations moved through the bureaucracy of government. The Trump administrations handling of the accusations is certain to be scrutinized, particularly by lawmakers weighing the impeachment of the president.

"Lawyers for the whistle-blower refused to confirm that he worked for the C.I.A. and said that publishing information about him was dangerous."

USA Today: "A GoFundMe has raised over $70k to cover legal fees for anonymous Ukraine whistleblower" "Lawyers for an anonymous whistleblower who filed a complaint alleging Donald Trump pressured a foreign government to interfere in the U.S. election have launched a fundraiser to cover the whistleblower's legal aid.

"The fundraiser, organized through GoFundMe, has received over $70,000 from more than 2,000 donors as of Thursday afternoon, as House Democrats pursue an impeachment inquiry.

"The nonprofit Whistleblower Aid partnered with the whistleblower's legal counsel to launch the fundraiser, which was posted on Wednesday, according to the GoFundMe page.

"Whistleblower Aid founder and CEO John Tye told USA TODAY that the organization hopes to protect the anonymous whistleblower's rights including being free from retaliation, in addition to educating the public about the importance of whistleblowing."

Stefano Kotsonisproduced this segment for broadcast. Alex Schroeder and Sydney Wertheim adapted it for the web.

Visit link:

Former NSA Inspector: Whistleblower Does Not Need Firsthand Information - WBUR

Posted in NSA

How The NSA And US Cyber Command Hacked ISIS’s Media Operation – NPR

Neil stands in a room with military cyber operators from Joint Task Force ARES to launch an operation that would become one of the largest and longest offensive cyber operations in U.S. military history. Josh Kramer for NPR hide caption

Neil stands in a room with military cyber operators from Joint Task Force ARES to launch an operation that would become one of the largest and longest offensive cyber operations in U.S. military history.

The crowded room was awaiting one word: "Fire."

Everyone was in uniform; there were scheduled briefings, last-minute discussions, final rehearsals. "They wanted to look me in the eye and say, 'Are you sure this is going to work?' " an operator named Neil said. "Every time, I had to say yes, no matter what I thought." He was nervous, but confident. U.S. Cyber Command and the National Security Agency had never worked together on something this big before.

Four teams sat at workstations set up like high school carrels. Sergeants sat before keyboards; intelligence analysts on one side, linguists and support staff on another. Each station was armed with four flat-screen computer monitors on adjustable arms and a pile of target lists and IP addresses and online aliases. They were cyberwarriors, and they all sat in the kind of oversize office chairs Internet gamers settle into before a long night.

"I felt like there were over 80 people in the room, between the teams and then everybody lining the back wall that wanted to watch," Neil recalled. He asked us to use only his first name to protect his identity. "I'm not sure how many people there were on the phones listening in or in chat rooms."

From his vantage point in a small elevated bay at the back of the Operations Floor, Neil had a clear line of sight to all the operators' screens. And what they contained weren't glowing lines of code: Instead, Neil could see login screens the actual login screens of ISIS members half a world away. Each one carefully preselected and put on a target list that, by Operation Day, had become so long it was on a 3-foot-by-7-foot piece of paper hung on the wall.

It looked like a giant bingo card. Each number represented a different member of the ISIS media operation. One number represented an editor, for instance, and all the accounts and IP addresses associated with him. Another might have been the group's graphic designer. As members of the terrorist group slept, a room full of military cyber operators at Fort Meade, Md., near Baltimore were ready to take over the accounts and crash them.

All they were waiting for was Neil, to say that one word: "Fire."

In August 2015, the NSA and U.S. Cyber Command, the military's main cyber arm, were at a crossroads about how to respond to a new terrorist group that had burst on the scene with unrivaled ferocity and violence. The one thing on which everyone seemed to agree is that ISIS had found a way to do something other terrorist organizations had not: It had turned the Web into a weapon. ISIS routinely used encrypted apps, social media and splashy online magazines and videos to spread its message, find recruits and launch attacks.

A response to ISIS required a new kind of warfare, and so the NSA and U.S. Cyber Command created a secret task force, a special mission, and an operation that would become one of the largest and longest offensive cyber operations in U.S. military history. Few details about Joint Task Force ARES and Operation Glowing Symphony have been made public.

"It was a house of cards"

Steve Donald, a captain in the Naval Reserve, specializes in something called cryptologic and cyber operations, and when he is not in uniform, he is launching cybersecurity startups outside Washington, D.C. He's pale, bespectacled and has the slightly shy demeanor of a computer geek. In the spring of 2016 he received a phone call from the leader of his reserve unit. He needed Donald to come in.

"I said, well, I'm not in uniform [and he said] it doesn't matter if you have a badge come on in," Donald said. "I can't believe I can actually say this but they were building a task force to conduct offensive cyber operations against ISIS."

Donald had to find a team of specialists to do something that had never been done before hack into a terrorist organization's media operation and bring it down. Most of the forces flowed in from Joint Forces Headquarters, an Army cyber operation in Georgia. Donald also brought in experts in counterterrorism who understood ISIS and had watched it evolve from a ragtag team of Iraqi Islamists to something bigger. There were operators the people who would be at the keyboards finding key servers in ISIS's network and disabling them and digital forensics specialists who had a deep understanding of computer operating systems.

"They can say this is good, this is bad, this is where the files are located that we're interested in," he said. He found analysts, malware experts, behaviorialists and people who had spent years studying the smallest habits of key ISIS players. The mission, he explained to them, was to support the defeat of ISIS to deny, degrade and disrupt them in cyberspace.

This was more complicated than it sounded.

The battle against the group had been episodic to that point. U.S. Cyber Command had been mounting computer network attacks against the group, but almost as soon as a server would go down, communications hubs would reappear. The ISIS target was always moving and the group had good operational security. Just physically taking down the ISIS servers wasn't going to be enough. There needed to be a psychological component to any operation against the group as well.

"This cyber environment involves people," Neil said. "It involves their habits. The way that they operate; the way that they name their accounts. When they come in during the day, when they leave, what types of apps they have on their phone. Do they click everything that comes into their inbox? Or are they very tight and restrictive in what they use? All those pieces are what we look at, not just the code."

Neil is a Marine reservist in his 30s, and it wouldn't be an exaggeration to say that Operation Glowing Symphony was his idea. "We were down in the basement at the NSA, and we had an epiphany," he said. He had been tracking ISIS's propaganda arm for months painstakingly tracing uploaded videos and magazines back to their source, looking for patterns to reveal how they were distributed or who was uploading them. Then he noticed something that he hadn't seen before: ISIS was using just 10 core accounts and servers to manage the distribution of its content across the world.

The mission led by a special unit working with U.S. Cyber Command and the NSA was to get inside the ISIS network and disrupt the terrorist organization's media operation. Josh Kramer for NPR hide caption

The mission led by a special unit working with U.S. Cyber Command and the NSA was to get inside the ISIS network and disrupt the terrorist organization's media operation.

"Every account, every IP, every domain, every financial account, every email account ... everything," Neil said. The group's network administrators weren't as careful as they should have been. They took a shortcut and kept going back to the same accounts to manage the whole ISIS media network. They bought things online through those nodes; they uploaded ISIS media; they made financial transactions. They even had file sharing through them. "If we could take those over," Neil said, grinning, "we were going to win everything."

The young Marine ran into his leadership's office at the NSA, grabbed a marker and started drawing crazy circles and lines on a whiteboard. "I was pointing everywhere and saying, 'It's all connected; these are the key points. Let's go," he recalled. "I felt like I was in It's Always Sunny in Philadelphia, when he's doing the mystery investigation for Pepe Silvia. Pictures on the wall and red yarn everywhere and nobody was understanding me."

But as Neil kept explaining and drawing he could see the leaders begin to nod. "I drew this bicycle tire with spokes and all the things that were tied to this one node and then there was another one," he said. "It was a house of cards."

We confirmed this account with three people who were there at the time. And from those scrawls, the mission known as Operation Glowing Symphony began to take shape. The goal was to build a team and an operation that would deny, degrade and disrupt ISIS's media operation.

The cyber equivalent of a surgical strike

The spring and summer of 2016 were spent preparing for attack. And while members of Task Force ARES didn't reveal everything they did to crack into ISIS's network, one thing they used early on was a hacking standby: a phishing email. ISIS members "clicked on something or they did something that then allowed us to gain control and then start to move," said Gen. Edward Cardon, the first commander of Task Force ARES.

Almost every hack starts with hacking a human, cracking a password or finding some low-level unpatched vulnerability in software. "The first thing you do when you get in there is you've got to get some persistence and spread out," Cardon said, adding that the ideal thing is to get an administrator's account. "You can operate freely inside the network because you look like a normal IT person." (ISIS didn't just have IT people; it had an entire IT department.)

Once ARES operators were inside the ISIS network, they began opening back doors and dropping malware on servers while looking for folders that contained things that might be helpful later, like encryption keys or folders with passwords. The deeper ARES got inside ISIS's network, the more it looked like the theory about the 10 nodes was correct.

But there was a problem. Those nodes weren't in Syria and Iraq. They were everywhere on servers around the world, sitting right next to civilian content. And that complicated things. "On every server there might be things from other commercial entities," said Air Force Gen. Tim Haugh, the first deputy commander of JTF ARES working under Cardon. "We were only going to touch that little sliver of the adversary space and not perturb anyone else."

If ISIS had stored something in the cloud or on a server sitting in, say, France, ARES had to show Defense Department officials and members of Congress that U.S. cyber operators had the skill to do the cyber equivalent of a surgical strike: attack the ISIS material on a server without taking down the civilian material sitting right next to it.

They spent months launching small missions that showed they could attack ISIS content on a server that also contained something vital like hospital records. Being able to do that meant they could target ISIS material outside Syria and Iraq. "And I looked at this young Marine and said, 'How big can we go?' and he said, 'Sir, we can do global.' I said, 'That's it write it down, we're going to take it to Gen. Cardon.' "

That Marine was Neil. He began peppering the leadership with ideas. He talked to them about not just hacking one person ... or ISIS in Syria and Iraq, but how to take down the media operation's entire global network. "That's how these attacks work," Neil said. "They start very simple and they become more complex."

There was something else about Task Force ARES that was different: Young operators like Neil were briefing generals directly. "A lot of [ideas] come up that way, like somebody says, 'Well, we could gain access and do this to the files.' Really? You can do that? 'Oh yeah.' Would anyone notice? 'Well, maybe, but the chances are low.' It's like, hmmm, that's interesting, put that on the list."

Cardon said young operators on Joint Task Force ARES understood hacking in a visceral way and, in many respects, understood what was possible in cyberspace better than commanding officers did, so having a direct line to the people making the decisions was key.

"An incredible rush"

By the fall of 2016 there was a team, Joint Task Force ARES; there was a plan called Operation Glowing Symphony, and there were briefings that had gone right up to the president. It was only then that there was finally a go. This account of the first night of Operation Glowing Symphony is based on interviews with half a dozen people directly involved.

After months of looking at static webpages and picking their way through ISIS's networks, the task force starting logging in as the enemy. They deleted files. Changed passwords. "Click there," a digital forensic expert would say. "We're in," the operator would respond.

There were some unintentionally comical moments. Six minutes in there was very little happening, Neil recalls. "The Internet was a little slow," he said without irony. "And then you know minute seven, eight, nine, 10, it started to flow in, and my heart started beating again."

They began moving through the ISIS networks they had mapped for months. Participants describe it like watching a raid team clearing a house, except it was all online. Logging into accounts they had followed. Using passwords they discovered. Then, just as their move through targets started to accelerate, a roadblock: a security question. A standard, "what was your high school mascot"-type security question.

The question: "What is the name of your pet?"

The room quieted down.

"And we're stuck dead in our tracks," Neil said. "We all look to each other and we're like, what can we do? There's no way we're going to get in. This is going to stop the 20 or 30 targets after this."

Then an analyst stood up in the back of the room.

"Sir, 1-2-5-7," he said.

"We're like, what?" Neil says.

"Sir, 1-2-5-7."

"How do you know that? [And he said] 'I've been looking at this guy for a year. He does it for everything.' And we're like, all right ... your favorite pet. 1-2-5-7.

"And boom, we're in."

After that, the momentum started to build. One team would take screenshots to gather intelligence for later; another would lock ISIS videographers out of their own accounts.

"Reset Successful" one screen would say.

"Folder directory deleted," said another.

The screens they were seeing on the Ops floor on the NSA campus were the same ones someone in Syria might have been looking at in real time, until someone in Syria hit refresh. Once he did that, he would see: 404 error: Destination unreadable.

"Target 5 is done," someone would yell.

Someone else would walk across the room and cross the number off the big target sheet on the wall. "We're crossing names off the list. We're crossing accounts off the list. We're crossing IPs off the list," said Neil. And every time a number went down they would yell one word: "Jackpot!"

"We'd draw the line out and I had stacks of paper coming up on the corner of my desk," Neil said. "I knew in about the first 15 minutes that we were on pace to accomplish exactly what we need to accomplish."

Once they had taken control of the 10 nodes, and had locked key people out of their accounts, ARES operators just kept chewing their way through the target list. "We spent the next five or six hours just shooting fish in a barrel," Neil said. "We'd been waiting a long time to do that and we had seen a lot of bad things happen and we were happy to see them go away."

And there was something else that Neil said was hard to describe. "When you reach through the computer and on the other side is a terrorist organization, and you're that close, and you're touching something that's theirs, that they possess, that they put a lot of time and effort in to to hurt you, that is an incredible rush," he said. "You have the control to take that away."

Enough to drive you nuts

Brig. Gen. Jennifer Buckner was one of the people who took the reins of Task Force ARES after Glowing Symphony had started. And after that first night, the mission shifted into a second phase, one aimed at keeping pressure on ISIS with essentially five lines of effort: Keep the media operation under pressure, make it difficult for ISIS to operate on the Web more generally, use cyber to help forces on the ground fighting ISIS, hobble its ability to raise money, and work with other agencies in the U.S. and allies abroad.

The second phase of Operation Glowing Symphony focused on sowing confusion within ISIS. Joint Task Force ARES operators worked to make the attack look like frustrating, daily-life IT problems: dead batteries, slow downloads, forgotten passwords. Josh Kramer for NPR hide caption

The second phase of Operation Glowing Symphony focused on sowing confusion within ISIS. Joint Task Force ARES operators worked to make the attack look like frustrating, daily-life IT problems: dead batteries, slow downloads, forgotten passwords.

Once the distribution hubs were hamstrung, the second phase of the mission was more creative. Joint Task Force ARES operators started making all those things that drive you crazy about today's technology slow downloads, dropped connections, access denied, program glitches and made it start happening to ISIS fighters. "Some of these are not sophisticated effects, but they don't need to be," Buckner said. "The idea that yesterday I could get into my Instagram account and today I can't is confusing."

And potentially enraging. When you can't get into an email account, what do you do? You think: Maybe I mistyped the login or password. So you put it in again and it still doesn't work. Then you type it in more deliberately. And every time you type it, press enter, and are denied, you get a little more frustrated. If you're at work, you call the IT department, you explain the issue and then they ask you if you're sure you typed your login and password in correctly. It is enough to drive you nuts. It might never occur to you, or to ISIS, that this might be part of a cyberattack.

That's what the follow-on phases of Operation Glowing Symphony were about. Psy-ops with a high-tech twist. A member of ISIS would stay up all night editing a film and ask a fellow ISIS member to upload it. Operators with JTF ARES would make it so it didn't quite land at its destination. The ISIS member who stayed up all night starts asking the other ISIS member why he didn't do what he'd asked. He gets angry. And so on.

"We had to understand, how did all of that work?" Buckner said. "And so, what is the best way to cause confusion online?"

The ideas that flowed up from operators like Neil were endless. Let's drain their cellphone batteries; or insert photographs into videos that weren't supposed to be there. Task Force ARES would watch, react and adjust its plans. It would change passwords, or buy domain names, delete content, all in a way that made it (mostly) look like it was just run-of-the mill IT problems.

"Pinwheels of death; the network's working really slow," Cardon couldn't help smiling as he went through the list. "People get frustrated."

According to three people who were privy to after-action reports, ISIS's media operation was a shadow of its former self six months after Neil said "Fire" to start Operation Glowing Symphony. Most of the media operations servers were down and the group had not been able to reconstitute them.

There were lots of reasons for that, not the least of which is that getting a new server in the middle of a war zone deep inside Syria isn't easy to do. ISIS had plenty of cash but few credit cards, bank accounts or reputable emails that would allow it to order new servers from outside the country. Buying new domain names, which are used to identify IP addresses, is also complicated.

ISIS's popular online magazine, Dabiq, started missing deadlines and eventually folded. The group's foreign-language websites in everything from Bengali to Urdu also never came back up. The mobile app for Amaq Agency, the group's official news service, vanished.

"Within the first 60 minutes of go, I knew we were having success," Gen. Paul Nakasone, director of the NSA, told NPR in an interview. "We would see the targets start to come down. It's hard to describe but you can just sense it from being in the atmosphere, that the operators, they know they're doing really well. They're not saying that, but you're there and you know it."

Nakasone was there because he was the head of Joint Task Force ARES when Operation Glowing Symphony actually launched. Nakasone said that before ARES the fight against ISIS in cyberspace was episodic. JTF ARES ensures it is continuous. "We were going to make sure that anytime ISIS was going to raise money or communicate with their followers, we were going to be there."

Some critics have said that the mere fact that ISIS is still on the Web means Operation Glowing Symphony didn't work. Nakasone, naturally, sees it differently. He says ISIS has had to change the way it operates. It isn't as strong in cyberspace as it was. It is still there, yes, but not in the same way.

"We were seeing an adversary that was able to leverage cyber to raise a tremendous amount of money to proselytize," he said. "We were seeing a series of videos and posts and media products that were high-end. We haven't seen that recently. ... As ISIS shows their head or shows that ability to act, we're going to be right there."

Three years after Neil said "Fire," ARES is still in ISIS networks. Gen. Matthew Glavy is now the commander of Joint Task Force ARES. He says his operators still have a thumb on ISIS's media operations; the group is still having a lot of trouble operating freely on the Web. But it is hard to be sure why that is. While ARES has been hacking into ISIS in cyberspace, forces on the ground have driven the group out of most of Syria and Iraq.

ISIS itself has spread out. It now has fighters in Libya and Mali and even the Philippines. Glavy says his operators are still there. "We cannot have for them to gain the momentum that we saw in the past," he told me. "We have to learn that lesson."

"The whole point of the doomsday machine"

For most of the Obama administration, officials refused to talk about cyberattacks. Now the U.S. has not only confirmed the existence of cyberweapons but is starting to tell journalists, like those at NPR, about how they wield them. Cyberattacks, once taboo to even discuss, are becoming more normalized. In its military authorization bill last year, Congress cleared the way for the defense secretary to authorize some cyberattacks without going to the White House.

But there is a dark side to this new arsenal. The U.S. isn't the only country that has turned to cyber. Consider the case of Washington Post journalist Jamal Khashoggi, who was murdered in a Saudi embassy late last year; cybertools are thought to have been part of that case too. "A lot of the preparation for that and the lead-up to it had to do with Saudi Arabia using offensive weapons," said Ron Deibert, the director of the Citizen Lab at the University of Toronto's Munk School of Global Affairs.

Deibert's researchers found offensive cybertools tracking the journalist and his inner circle. "When we talk about offensive cyber operations, I think it's important to understand that it doesn't always come in one flavor," Deibert said, adding that the Khashoggi case is far from the exception. In Mexico alone, Citizen Lab found 27 cases of this kind of offensive cybertool targeting political rivals, reporters and civil rights lawyers. Six years ago, it rather famously discovered that China had been hacking into the Dalai Lama's computer networks.

Deibert is worried about escalation. "You really create conditions for an escalation of an arms race in cyberspace that really could come back to haunt the United States in the long run," Deibert said. "There's a demonstration effect. The equipment, the software, the methods, the capabilities proliferate." Deibert says U.S. reluctance to use offensive cyber has vanished. "Now ... what we're talking about is something that is more active," he said.

Nakasone made clear things had changed when he talked to NPR a few months ago at the NSA campus at Fort Meade. He uses terms like "persistent engagement" and "defend forward." He says that they are "part of the DOD cyber strategy that talks about acting outside our borders to ensure that we maintain contact with our adversaries in cyberspace."

In other words, you don't wait to be attacked in cyberspace. You do things that would allow you to hack back if there is an attack in the future. That could be deploying a small team in another country that asks for help or "hunting on our networks to look for malware, or it could be as we did in Operation Glowing Symphony, the idea of being able to impact infrastructure worldwide," he said.

All this is important now because you can draw a straight line from Joint Task Force ARES to a new unit from the NSA and U.S. Cyber Command: something called the Russia Small Group. Just as Joint Task Force ARES focused on ISIS, the Russia Small Group is organized in much the same way around Russian cyberattacks.

The mission against ISIS in cyberspace continues, though there is a dark side to fighting with this new arsenal: The U.S. isn't the only country using these kinds of weapons, and experts worry about proliferation. Josh Kramer for NPR hide caption

The mission against ISIS in cyberspace continues, though there is a dark side to fighting with this new arsenal: The U.S. isn't the only country using these kinds of weapons, and experts worry about proliferation.

In June, the New York Times reported that the U.S. had cracked into Russia's electrical power grid and planted malware there. Nakasone wouldn't confirm the Times story, but it isn't hard to see how planting malware in anticipation of needing it later would fit into the Russia Small Group's operations if it is modeled on ARES.

Nakasone said the first thing he did when he became NSA director in 2018 was to review what the Russians had done in the runup to the U.S. presidential election, so U.S. Cyber Command could learn from it and reverse-engineer it to see how it works. "It provided us with a very, very good road map of what they might do in the future," Nakasone said. He said Cyber Command was poised to act if the Russians attempt to hack the 2020 elections. "We will impose costs," he said, "on adversaries that attempt to impact our elections. I think it's important for the American public to understand that as with any domain air, land, sea, or space cyberspace is the same way; our nation has a force."

So why is Nakasone talking about this now?

Deibert thinks this is part of a deterrent justification. "You can't have cyber operations meaningfully deter your adversaries unless they know that you have these capabilities," he said. "But what's not probably being discussed or appreciated is the extent to which there is a systemic effect of the use of these operations. Other countries take notice."

At the end of Stanley Kubrick's film Dr. Strangelove there is an iconic scene in which the doomsday bomb is seen as the ultimate deterrent, but it only works as a deterrent if people know it exists. If you don't tell anyone about it, what good is it? "The whole point of the doomsday machine is lost if you keep it a secret," Peter Sellers concludes in the movie.

You could say the same thing about American offensive cyber operations. They have been so stealthy for so long, maybe people don't realize we have them.

We hear all about Russia's influence campaigns and Chinese intellectual property thefts and Iranian hackers trolling American infrastructure, but we rarely hear in any detailed way about the American response. Nakasone appears to be starting to address that.

The irony is that offensive cyber's richest target is us. "The United States is the country most highly dependent on these technologies," Deibert said. "And arguably the most vulnerable to these sorts of attacks. I think there should be far more attention devoted to thinking about proper systems of security, to defense."

That would mean trying to find a way to harden soft targets across the country, getting private companies to beef up their cybersecurity, getting the U.S. government to mandate standards. Offensive cyber, at this point anyway, may seem easier.

NPR's Adelina Lancianese contributed to this story.

See the original post here:

How The NSA And US Cyber Command Hacked ISIS's Media Operation - NPR

Posted in NSA

The FISA Oversight Hearing Confirmed That Things Need to Change – EFF

Section 215, the controversial law at the heart of the NSAs massive telephone records surveillance program, is set to expire in December. Last week the House Committee on the Judiciary held an oversight hearing to investigate how the NSA, FBI, and the rest of the intelligence community are using and interpreting 215 and other expiring national security authorities.

Congress last looked at these laws in 2015 when it passed the USA FREEDOM Act, which sought to end bulk surveillance and to bring much-needed transparency to intelligence agency activities. However, NSA itself has revealed that it has been unable to stay within the limits USA FREEDOM put on Section 215s Call Detail Records (CDR) authority. In response to these revelations, weve been calling for an end to the Call Details Records program, as well as additional transparency into the governments use of Section 215. If last weeks hearing made anything clear, its this: there is no good reason for Congress to renew the CDR authority.

Chairman Nadler began the hearing by asking Susan Morgan of the NSA if she could point to any specific instance where the CDR program helped to avert any kind of an attack on American soil. Morgan pushed back on the question, telling Chairman Nadler that the value of an intelligence program should not be measured on whether or not it stopped a terrorist attack, and that as an intelligence professional, she wants to make sure the NSA has every tool in the tool box available.

However, the NSA previously reported it had deleted all the information it received from the 215 program since 2015. Morgan confirmed that part of the reason the NSA chose to mass delete all the records was because not all the information was accurate or allowed under the law.

In other words, the NSA wants Congress to renew its authority to run a program that violates privacy protections and collects inaccurate information without providing any way to measure if the program was at all useful. The agencys best argument for why it wants to renew the legal authorization to use the CDR provision is because it might be useful one day.

Rep. Steve Cohen asked the panel if they could reassure his liberal friends that there have been meaningful reforms to the program. The witnesses cited some of the reforms from USA FREEDOM, passed in 2015, as evidence of post-Snowden reforms and safeguards.

However, their answer did not meaningfully address recent incidents where the NSA discovered that it had improperly collected information. Documents obtained by the ACLU include an assessment by the NSA itself that the overcollection had a significant impact on civil liberties and privacy, which is putting it mildly.

Fortunately, the committee did not appear to be convinced by this line of reasoning. As Rep. Sylvia Garcia told Morgan, If I have a broken hammer in my toolbox, I dont need to keep it.

We agree. No surveillance authority should exist purely because it might someday come in handy, particularly one that has already been used for illegal mass surveillance.

In addition to the CDR program, Section 215 also allows the government to collect business records or other tangible things related to a specific order. Despite the innocuous name, the business records provision allows intelligence agencies to collect a vast range of documents. But we dont have a sense of just what kinds of sensitive information are collected, and on what scale.

Rep. Pramila Japayal pressed the witnesses on whether Section 215 allows the collection of sensitive information such as medical records, drivers license photographs, or tax records. Reading from the current law, Brad Wiegmann, Deputy Assistant Attorney General, responded that while the statute does contemplate getting these records, it also recognizes the sensitive nature of those records and requires the requests to be elevated for senior review.

In other words, the DOJ, FBI and NSA confirmed that under the right circumstances, they believe that the current authority in Section 215 allows the government to collect sensitive records on a showing that they are relevant to a national security investigation. Plus, as more and more of our home devices collect information on our daily lives, all the witnesses said they could easily envision circumstances where they would want footage from Amazons Ring, which EFF has already argued is a privacy nightmare.

In addition, Rep. Hank Johnson and Rep. Andy Biggs pressed the witnesses on whether the government collects geolocation information under Section 215, and if there has been guidance on the impact of the Supreme Courts landmark Carpenter decision on these activities. Wiegmann acknowledged that while there may be some Fourth Amendment issues, the committee would need to have a classified session to fully answer that question.

Additionally, when asked about information sharing with other federal agencies, none of the witnesses were able to deny that information collected under Section 215 could be used for immigration enforcement purposes.

Both of these revelations are concerning. Carpenter brought on a sea change in privacy law and it should be highly concerning to the public and to overseers in Congress that the intelligence community does not appear to be seriously consider its effect on national security surveillance.

As it considers whether or not to renew any of the authorities in Section 215, Congress must also considering what meaningful privacy and civil liberties safeguards to include. Relying on the NSA to delete millions of inaccurate records collected over many years is simply insufficient.

In 2015, in the wake of Edward Snowdens revelations about the NSA mass spying on Americans, Congress passed USA FREEDOM to modify and reform the existing statute. One of the provisions of that bill specifically requires government officials to conduct a declassification review of each decision, order, or opinion issued by the FISC that includes a significant construction or interpretation of any provision of law.

Both the text of the bill and statements from members of Congress who authored and supported it make clear that the law places new, affirmative obligations on the government to go back, review decades of secret orders and opinions, and make the significant ones public.

However, the DOJ has argued in litigation with EFF that this language is not retroactive and therefore only requires the government to declassify significant opinions issued after June 2015.

It also remains unclear how the government determines which opinions are significant or novel enough to be published, as well as how many opinions remain completely secret.

Allowing the Foreign Intelligence Surveillance Court (FISC) to interpret the impact of that decision on Section 215 programs in secret means that the public wont know if their civil liberties are being violated.

Releasing all significant FISC opinions, starting from 1978, will not only comply with what Congress required under USA FREEDOM in 2015, it will also help us better understand exactly what the FISC has secretly decided about our civil liberties. Adding a new provision that requires the FISC to detail to Congress how it determines which opinions are significant and how many opinions remain entirely secret would provide additional and clearly needed transparency to the process of administering secret law.

Despite repeated requests from the members of the panel to describe some way of measuring how effective these surveillance laws are, none of the witnesses could provide a framework. Congress must be able to determine whether any of the programs have real value and if the agencies are respecting the foundational rights to privacy and civil liberties that protect Americans from government overreach.

Back in March, EFF, along with the ACLU, New America's Open Technology Institute, EPIC and others, sent a letter to the U.S. House Committee on the Judiciary, detailing what additional measures are needed to protect individuals rights from abuses under the Patriot Act and other surveillance authorities. Hearing members of the Intelligence Community speak before the Judiciary Committee reconfirmed just how essential it is that these new protections and reforms be enacted.

We look forward to working with the US House Committee on the Judiciary to end the authority for the Call Details Records program once and for all and to ensure that there are real transparency mechanisms in the law to protect civil liberties.

Visit link:

The FISA Oversight Hearing Confirmed That Things Need to Change - EFF

Posted in NSA

Snowden’s Former NSA Boss, Steven Bay, Headlines IEEE Computer Society’s Cybersecurity Awareness Campaign with Talk on "Edward Snowden: The…

IEEE Computer Society's cybersecurity awareness activities include the following:

Webinar: October 23 at 11:00am PDTEdward Snowden: The Ultimate Insider Threat - Steven Bay, Security On-Demand"Strict data control systems could have stopped Snowden," explains Bay. "My missing employee, Edward Snowden, revealed himself to be the person behind the Top Secret NSA leaks that rocked the country in the proceeding days." In this presentation you will hear the inside story of the Snowden affair from his former boss and the lessons we learn from it. You will develop a better understanding of who insiders are, why they do what they do, and strategies you can deploy to better protect yourself from them. Secure your spot today.

Podcasts: Software Engineering Radio (SE Radio): The Podcast for Professional Software Developers

October 8:Securing Your APINeil Madden, author of theAPI Security in Actionbook and Security Director of ForgeRock, discusses the key technical features of securing an API.

October 22: Zero-Trust NetworksEvan Gilman and Doug Barth, authors of Zero-Trust Networks: building secure systems in untrusted networks discuss zero-trust networks.

"Our October Cybersecurity campaign is an extension of our long-standing dedication to the promotion and education of cybersecurity awareness and proactive efforts" said Melissa Russell, IEEE Computer Society's Executive Director. "Our related publications such as IEEESecurity and Privacy, as well as our technical conferences that include IEEE Symposium on Security and Privacy, and International Symposium on Hardware Oriented Security and Trust (HOST), are integral parts of the Computer Society's continuing commitment to sharing important security research and developments to our members and the computing community."

Held every October, National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online.

Register for the webinar, sign up for tips, and access all cybersecurity awareness information at IEEE Computer Society's Cybersecurity Awareness Campaign.

About IEEE Computer Society

The IEEE Computer Society is the world's home for computer science, engineering, and technology.A global leader in providing access to computer science research, analysis, and information, the IEEE Computer Society offers a comprehensive array of unmatched products, services, and opportunities for individuals at all stages of their professional career. Known as the premier organization that empowers the people who drive technology, its unparalleled resources include membership, international conferences, peer-reviewed publications,a unique digital library, standards, and training programs. Visitwww.computer.orgfor more information.

SOURCE IEEE Computer Society


More here:

Snowden's Former NSA Boss, Steven Bay, Headlines IEEE Computer Society's Cybersecurity Awareness Campaign with Talk on "Edward Snowden: The...

Posted in NSA