1. NSA

Category Archives: NSA

NSAs top lawyer joins private sector

Posted on by

The top lawyer for the National Security Agency, Rajesh De, has stepped down from his post and will join the law firm Mayer Brown.

Des last day was Friday, and he plans to start at Mayer Brown in June as head of the firms privacy and security practice in Washington. He had been NSAs general counsel since April 2012 and oversaw the exposure of the governments controversial surveillance program by former NSA contractor Edward Snowden.

Its a natural time to move on, De said.

The NSAs deputy general counsel Teisha Anthony will be the acting general counsel until a permanent replacement is named. De defended the NSAs practices during his three-year tenure, arguing that the agency has acted within the legal and policy framework provided by the executive branch, Congress and the courts.

But he said that reasonable people can have an intelligent and thoughtful discussion about what they want that framework to look like. De said he hopes Congress, which has a June deadline to reauthorize Section 215 of the Patriot Act the provision that grants the NSA legal authority to collect Americans phone records will reach a resolution that allows the government to preserve the operational capabilities it needs to maintain national security, while also addressing the need to move the metadata out of the governments hands.

De declined to comment specifically on Snowden, other than to say that he believes no one should consider themselves above the law. No person, a king or an IT guy, should consider themselves above our democratic system, De said. Theres a legal process we all adhere to. None of us is above the system.

In his new role, De who was a partner in Mayer Browns litigation group before joining the government will advise companies in the financial services, health-care, retail and manufacturing sectors on data privacy and cybersecurity issues. He said he has not decided whether he will register as a lobbyist.

De held a number of senior roles in the Obama administration over the past six years, including staff secretary and deputy assistant to the president, principal deputy assistant attorney in the Justice Departments Office of Legal Policy, and counsel to the 9/11 Commission.

De is joining Mayer Brown at a time when law firms are clamoring to grow their data privacy and cybersecurity practices. A number of major firms, including DLA Piper and Pillsbury, have bulked up their cybersecurity capabilities in recent months.

Privacy and cybersecurity is probably the number one issue clients have been asking us about over the last year, Mayer Brown Chairman Paul Theiss said. Its certainly the fastest-growing.

See more here:

NSAs top lawyer joins private sector

Posted in NSA

Ex-NSA Researcher Finds Sneaky Way Past Apple Mac's Gatekeeper

Posted on by

Want to know something odd? Its 2015 and all the top anti-virus products for Mac OS X use insecure lines to transmit their software to Apple Apple machines. Download files, known as .dmg files,for products including Kaspersky, Symantec Symantec, Avast, Avira, Intego, BitDefender, Trend Micro, ESET and F-Secure are all sentover unencrypted HTTP lines, rather than the more secure HTTPS. There is method in their madness, as they trust Apples Gatekeepersecurity technology to recognise the digital signatures they sign their software with that should guarantee the authenticity of the download.

But a former NSA and NASA staffer Patrick Wardle, who now heads up research at security start-up Synack, believes he has found a new way to abuse such insecure downloads and bypass protections in Apple Macs without getting caught. Normally, anyone who intercepts a download to turn it nasty wont get away with it, as Mac Gatekeeperwill see that the vendors original signature has been altered or taken away entirely, and the software tampered with, meaning its no longer trusted.

Yetthe Gatekeeper software doesnt check all components of Mac OS X download files, according to Wardle. He believes he can sneak a malicious version of whats known as a dylib file into legitimate downloads done over HTTP to infect Macs and start stealing data.These dylibs (short for dynamic libraries) are designed to be re-used by different applications; they might be used for actions such as compressing a file or using native graphics capabilities of the operating system. Theyre supposed to make apps work more efficiently.

If an attacker can hijack the dylib processes used by Mac apps, however, they can carry out nasty attacks and send user data to their own servers, the researcher explained. Such an attack would not be trivial, Wardle admits. First, the attacker would have to get on the same network as a target, either by breaching it or simply logging on to the same public Wi-Fi. They would also have to injecta legitimate yet vulnerable application into the downloadand shuffle around the content of the .dmg so thatthe injected legitimate softwareis shown to the user. The latter is not so tricky:the attacker can set the name and icon of thisvulnerable app so nothing looks suspicious, said Wardle.

Finding vulnerable apps shouldnt be too hard either.Wardle created a scanner that looked for applications that would use his naughty dylibs. He found around 150 on his own machine, including hugely popular software likeMicrosoftWord and Excel,Apples own iCloud Photos and Dropbox. The list also includedApples developer tool XCODE and email encryption key management software GPG Keychain, both of which he abused in his proof of concept attacks. According to a recent article in The Intercept, Snowden files showed researchers were demonstrating how amodified version of XCODEcould be used to siphon off targets passwords and other data. Wardle said it was 100 per cent coincidence that his former employer had also targeted XCODE.

Wardled noted that apps from Apples Mac App Store are not vulnerable.

Apps vulnerable to dylib attacks slide from Patrick Wardle

Despite the barriers to successful exploitation, his techniques have provided him with a novel way to bypass Gatekeepers draconian detection mechanism (its also not too dissimilar from DLL attacks of yore on Windows).It is, he added, a cunning way to bypass Mac OS X Gatekeeper protections and allow hackers to go back to their old tricks.

When the injected legitimateapplication is launched the unsigned malicious dylib is loaded or executed(even if the user sets his machine to accept only all apps from the Mac App Store) before theapps main code. At this point the dylib can do anything. I see it a)kicking off the legitimate application that the user was downloading sonothing seems amiss, and b) installing the implant component which will then complete the rest of the attack, persistently infecting the userscomputer. He noted theattack should also work on downloaded .zip filesthat contain applications.

Mac OS X dylib hijacking attacks slide from Patrick Wardle

Read more:

Ex-NSA Researcher Finds Sneaky Way Past Apple Mac's Gatekeeper

Posted in NSA

Reports of NSA spying on Canadian companies fuel calls for more transparency

Posted on by

Critics say a crisis of transparency surrounds modern spying methods in Canada after revelations that a close ally the U.S. National Security Agency has been looking at the communications traffic of at least two Canadian corporations.

There are people from the NSA working inside of CSE as we speak, said NDP defence critic Jack Harris, referring to U.S. intelligence analysts embedded inside the Communications Security Establishment, the NSAs Canadian counterpart.

Mr. Harris said he has many questions about the extent of Canadas close surveillance partnerships with the United States, but Parliamentarians are not authorized to get answers.

Were reaching a crisis point on this, he said in an interview, pointing out that the Conservative government faces several spying controversies.

The Globe and Mail reported on Tuesday that a leaked NSA document from 2012 includes Royal Bank of Canada and Rogers Communications Inc. on a list of global firms whose private communication networks the U.S. agency appeared to be interested in mapping.

The document which The Globe obtained from a confidential source suggests the agency was describing efforts to identify and analyze computer networks controlled by corporations.

Markings on the document, a presentation for intelligence officers, indicate it may have been shared with Ottawa nearly three years ago. Rogers and RBC told The Globe they had no idea the NSA had any interest in their networks, which they insist are secured against intruders.

The NSA has said it will not discuss allegations about its intelligence activities.

There is no indication the NSA went as far as getting at any data inside individual computers or reading communications related to the Canadian companies. However, the presentation suggests the agency went further in using its mapping techniques to look at the computer systems controlled by a Chinese telecom giant.

The name of Huawei Technologies Co. Ltd. appears in the presentation, and the NSA appears to have had a keen interest in isolating the corporations data channels. These links are likely to carry Huawei traffic, reads one slide.

Excerpt from:

Reports of NSA spying on Canadian companies fuel calls for more transparency

Posted in NSA

PRINCETON: NSA director says better balance needed between individual privacy and national security

Posted on by

The National Security Agency needs to establish a broader dialogue across the nation in order to better strike a balance between an individuals rights to privacy and the need to intelligently secure our nation, said Admiral Michael Rogers, NSA director and U.S. Cyber Command commander.

Its not me as director of the NSA that ought to be making that decision [to find a balance]. We as a nation need to decide what are we comfortable with, whats the right balance, he said.

Admiral Rogers, who has been in command since April 2014, spoke to an audience of students, faculty, and community members in a conversation titled Challenges and Opportunities in an Interconnected World in Alexander Hall at Princeton University on Tuesday.

He opened the conversation with an introduction to the missions of the NSA and Cyber Command, and his expectations for the organizations core priorities: obeying the rule of law, being accountable to the citizens they defend, acknowledging mistakes, and not cutting corners.

In the end, NSA is a group of highly motivated men and women who are trying to do the right thing the right way, but they are men and women. They will sometimes make mistakes, Admiral Rogers said. So we say, hey, if we make a mistake, we stand up, we tell the court we made a mistake, we tell Congress we made a mistake, we tell the attorney general that we made a mistake.

During the subsequent question and answer session, Admiral Rogers emphasized the need for the NSA to create more public confidence in its mission.

If were honest with each other, what is our confidence in Congress and the world were living in right now? Admiral Rogers asked. Not as high as we all wish it were.

He noted that after Senate investigation into intelligence community abuses of the rights of citizens, Congress passed the Foreign Intelligence Surveillance Act of 1978, which created a new legal framework of oversight for the NSA yet national confidence in the NSA remains low.

The very mechanisms, almost 40 years ago, that we put in place to try to generate confidence are now questioned by our citizens. Its not a criticism, its just a fact, he said. What are the mechanisms we can create that will engender greater confidence?

In response to a question about cyberspace deterrence, Admiral Rogers advocated for a proportional and specific response. He also noted that much of the current research about deterrence is done in the private academic sector and called on the Princeton community to help address these difficult questions for the nation.

Excerpt from:

PRINCETON: NSA director says better balance needed between individual privacy and national security

Posted in NSA

An 'Upstream' Battle As Wikimedia Challenges NSA Surveillance

Posted on by

The lawsuit by Wikimedia and other plaintiffs challenges the National Security Agency's use of upstream surveillance, which collects the content of communications, instead of just the metadata. Patrick Semansky/AP hide caption

The lawsuit by Wikimedia and other plaintiffs challenges the National Security Agency's use of upstream surveillance, which collects the content of communications, instead of just the metadata.

Earlier this week, Wikimedia, the parent company of Wikipedia, filed a lawsuit against the National Security Agency, saying that the NSA's use of "upstream" mass surveillance violates the First and Fourth Amendments.

Under "upstream" surveillance, an American sending an email or making a video call to someone in another country could have the content of their correspondence collected by the NSA. That might even be true if the message is sent to someone in the U.S., but the data was passed through a foreign server.

Wikimedia was joined by several other plaintiffs in the suit, and will be helped by the American Civil Liberties Union, Wikipedia founder Jimmy Wales wrote in an op-ed in the New York Times.

Stephen Vladeck, a professor at the American University Washington College of Law and an expert on national security law, explained the lawsuit and its implications to NPR's Arun Rath.

On what the upstream surveillance program does

Under upstream, what the NSA is apparently doing is they're tapping the backbone of the Internet. In effect, if we think of the Internet as a highway, they're on the highway and intercepting traffic as it crosses the highway.

In critical distinction to the programs that we've learned about already, the programs that are already being challenged, part of what the NSA is collecting through upstream is content that is to say, the content of phone calls, the content of emails, and not just the metadata that has been at the heart of, for example, the bulk phone records program.

On privacy concerns

Follow this link:

An 'Upstream' Battle As Wikimedia Challenges NSA Surveillance

Posted in NSA

Lawsuit Challenges NSA Internet Dragnets

Posted on by

By John P. Mello Jr. 03/13/15 11:02 AM PT

The American Civil Liberties Union earlier this week filed a lawsuit seeking to stop the National Security Agency from indiscriminately snooping on United States Internet traffic.

Using a technique called "upstream" surveillance, the NSA does a spinal tap of the Internet's U.S. backbone, which carries the communications of millions of Americans, the ACLU explained in its complaint filed with a federal district court in Maryland.

"In the course of this surveillance, the NSA is seizing Americans' communications en masse while they are in transit," the complaint alleges, "and it is searching the contents of substantially all international text-based communications -- and many domestic communications as well -- for tens of thousands of search terms."

That kind of surveillance violates federal law, the First and Fourth Amendments and Article III of the Constitution, maintained the ACLU, which is representing in the lawsuit the Wikimedia Foundation, the National Association of Criminal Defense Lawyers, Human Rights Watch, Amnesty International USA, PEN American Center, the Global Fund for Women, The Nation magazine, The Rutherford Institute and the Washington Office on Latin America.

This lawsuit is similar to one filed in the past involving NSA Director James R. Clapper and Amnesty International. That case was rejected by the U.S. Supreme Court. Backers of the latest lawsuit, however, believe their case has stronger legs than the previous litigation.

"Thanks to the Snowden disclosures and government acknowledgments over the last 18 months, we now know more about government surveillance than we did in Clapper v. Amnesty," explained Ashley Gorski, an attorney with the ACLU's National Security Project.

"That, for us, makes all the difference," she told the E-Commerce Times, "and we think that will make a difference in court as well."

In the Amnesty case, the Supreme Court ruled that the parties bringing the lawsuit lacked standing -- that is, they couldn't prove they were harmed by the behavior alleged in their complaint. The reason they couldn't prove harm was that they didn't know enough about what the NSA was doing to make the connection between harm and behavior.

"Prior to the Snowden revelations and the government acknowledgments, the public did not know anything at all about upstream surveillance -- least of all that the NSA was copying entire streams of Internet traffic and searching through them for information about its targets," Gorski said.

See the original post:

Lawsuit Challenges NSA Internet Dragnets

Posted in NSA

NSA Strongly Suspected In 'Equation Group' Hacks On Russian, Iranian Hard Drives

Posted on by

The U.S. National Security Agency may have been planting surveillance software into hard drives and other essential computer equipment sold around the world for more than a decade through a shadowy organization known as the Equation Group, a respected cybersecurity researcher says. The revelation, if true, indicates that operators within the NSA have been collecting far more information on the spy agencys behalf than previously thought.

The Equation Group manipulated hard drives manufactured by Toshiba, Seagate, IBM, Western Digital and others dating back as far as 2001, researchers at the Moscow-based cybersecurity firm Kaspersky Lab said Wednesday. Equation has also proven able to reprogram a machines firmware, meaning that hackers were able to monitor even the most mundane activity on tens of thousands of individual PCs without their owners knowledge.

Privacy experts say the disclosures highlight the need for international companies to do more to protect customers from evolving threats to their online security.

Existence of the Equation Group, believed to be made up of 60 or so actors, was first revealed at Kasperskys annual security summit in Mexico on Feb. 16. Kaspersky on Wednesday released further information that strongly links the organization to the NSA.

The dense technical language in the Kaspersky report essentially argues that spies were able to install malicious software into computer hard drives that activate again and again each time the computer powers on.

Researchers found source code that makes reference to STRAITACID, STRAITSHOOTER, and BACKSNARF_AB25. Those names bear a remarkable resemblance to BACKSNARF and STRAITBIZARRE, two malware campaigns used by NSAs Tailored Access Operations team and first revealed by former NSA contractor Edward Snowden.

Costin Raiu, Kasperskys lead researcher on the project, told Reuters that while the Equation Group was able to steal files on any of the infected computers, they assumed full control only of computers used by high-value targets. Disk drive firmware, which was infected in this hack, is the second-most valuable space on a computer for hackers (after a microprocessors input/output system), the news outlet reported.

The Equation Group appears to rely on the programs EquationDrug and GrayFish for its espionage operations.

Its important to note that EquationDrug is not just a Trojan, but a full espionage platform, which includes a framework for conducting cyberespionage activities by deploying specific modules of selected victims, stated a version of the report updated Wednesday. The architecture of the whole framework resembles a mini-operating system with kernel-mode and user-mode components carefully interacting with each other via custom message passing interface.

Again, Kaspersky did not officially pin the Equation Group on the NSA, but pointed out links that are hard to dismiss as coincidence.

Read more:

NSA Strongly Suspected In 'Equation Group' Hacks On Russian, Iranian Hard Drives

Posted in NSA

NSA & San Antonio PD harassed & illegally detained me for snapping a photo of the NSA building – Video

Posted on by


NSA San Antonio PD harassed illegally detained me for snapping a photo of the NSA building
DHS "see something say something" program unfairly targets people for many reasons including photography. On (02/19/15) I was illegally stopped by NSA San Antonio PD for what NSA claims ...

By: crojas9962

Read more:

NSA & San Antonio PD harassed & illegally detained me for snapping a photo of the NSA building - Video

Posted in NSA

  1. NSA