Daily Archives: May 15, 2014

Canada is among the top beneficiaries of a U.S. National Security Agency program meant to build intelligence relationships with Americas allies by paying for improvements to their electronic-eavesdropping capabilities.

A newly published leak about the NSAs funding shows that in 2012 at least $300,000 was sent to Canada fourth place after Pakistan, Jordan and Ethiopia among the 15 countries that benefited from this program. The chart appears in No Place to Hide, the new book based on leaks from former NSA contractor Edward Snowden and written by U.S. journalist Glenn Greenwald.

The contribution is a pittance in the multibillion-dollar world of government surveillance. Over the past decade, the Canadian government has doubled the staff and budget of Communications Security Establishment Canada, the countrys counterpart organization to NSA.

But the disclosure is significant because CSEC does not acknowledge its partnerships with the NSA, including financial support.

The U.S. spy agency has fallen into global notoriety over the past year, after being caught covertly recording the communications of allied world leaders and amassing data about U.S. citizens.

In Ottawa on Tuesday, NDP defence critic Jack Harris questioned why U.S. money is heading north. This is one more piece of the puzzle that we dont understand, as to what exactly is the relationship between what Canada, the Americans and others are doing, he said.

For the past 70 years, the NSA and CSEC have been working together to spy on foreigners messages, while safeguarding their own governments messages from snooping adversaries.

For this, they use cryptology the art of code making and code breaking. To develop this capacity, CSEC has often relied on the much-larger NSA for know-how, technology and raw intelligence. But like many countries, Canada safeguards its NSA relationship by never speaking about it.

The Canadian blogger Bill Robinson, who tracks CSECs budget lines closely, has pointed out that Canada has been on the receiving end at least $11-million in research funding from unspecified foreign partners in just over a decade.

When The Globe inquired last fall about whether this money came from the NSA, the official reply was that it came from the Five Eyes partnership the wider alliance of U.S., British, Canadian, Australian and New Zealand intelligence agencies. Canada works closely with its allied counterparts to pursue the latest cryptological research, a spokeswoman said.

Read more here:

NSA gave Canada at least $300,000 to develop spy program

IDG News Service - Allegations that the NSA installed surveillance tools in U.S.-made network equipment, if true, could mean enterprises have more to worry about than just government spying.

While the U.S. government warned router buyers that the Chinese government might spy on them through networking gear made in China, the U.S. National Security Agency was doing that very thing, according to a report in the Guardian newspaper Monday.

The NSA physically intercepted routers, servers and other network equipment and installed surveillance tools before slapping on a factory seal and sending the products on to their destinations, according to the report, which is extracted from an upcoming book by Glenn Greenwald, a journalist who last year helped expose sensitive documents uncovered by former NSA contractor Edward Snowden.

With the tools it installs, the NSA can gain access to entire internal networks, the story said. For example, in a report on its use of the technology, the NSA said an embedded beacon was able to call back to the agency and "provided us access to further exploit the device and survey the network," Greenwald wrote.

The new charge vastly expands the scope of alleged NSA spying beyond the interception of traffic across the Internet, said Ranga Krishnan, a technology fellow at the Electronic Frontier Foundation. As an example, he pointed to reports from the Snowden documents that the NSA had tapped into Google's own fiber network among its data centers, where the company hadn't encrypted the traffic at all.

"That's how most organizations function," Krishnan said. "So once you're within the company's router, you have access to all that data that's unencrypted."

In addition, any security hole that a government installs could open up the network to attacks by others, he added.

"If you have made something vulnerable ... somebody else could discover that and very well use it," Krishnan said.

The House Intelligence Committee and other arms of the U.S. government have warned for years that networking equipment from vendors in China, namely Huawei Technologies and ZTE, poses a threat to U.S. service providers because of possible links between those companies and the Chinese government.

Specifically, critics have raised alarms that the government could install backdoor surveillance tools in the gear they sell, giving Chinese spies access to communications in the U.S. Those warnings reportedly have held back Huawei and ZTE's sales in the U.S. The companies have said their equipment is safe.

More here:

NSA backdoors my open networks to new threats, report says

NSA techs perform an unauthorized field upgrade to Cisco hardware in these 2010 photos from an NSA document.

A document included in the trove of National Security Agency files released with Glenn Greenwalds book No Place to Hide details how the agencys Tailored Access Operations (TAO) unit and other NSA employees intercept servers, routers, and other network gear being shipped to organizations targeted for surveillance and install covert implant firmware onto them before theyre delivered. These Trojan horse systems were described by an NSA manager as being some of the most productive operations in TAO because they pre-position access points into hard target networks around the world.

The document, a June 2010 internal newsletter article by the chief of the NSAs Access and Target Development department (S3261) includesphotos (above) of NSA employees opening the shipping box for a Cisco router and installing beacon firmware with a load station designed specifically for the task.

The NSA manager described the process:

Heres how it works: shipments of computer network devices (servers, routers, etc,) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO-S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targets electronic devices. These devices are then re-packaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.

Sean Gallagher / Sean is Ars Technica's IT Editor. A former Navy officer, systems administrator, and network systems integrator with 20 years of IT journalism experience, he lives and works in Baltimore, Maryland.

Excerpt from:

Photos of an NSA upgrade factory show Cisco router getting implant

NSA leaks View all

In his new book No Place to Hide, Glenn Greenwald revealed a number of additional details onthe craft and tools used by the NSA and its British counterpart, the GCHQ. While many of the capabilities and activities Greenwald details in the book were previously published in reports drawing from Edward Snowdens vast haul of NSA documents, a number of new pieces of information have come to lightincluding the NSAs and GCHQs efforts to use airlines in-flight data service to track and surveil targeted passengers in real time.

The systemscodenamed Homing Pigeon by the NSA and Thieving Magpie by the GCHQallowed the agencies to track which aircraft individuals under surveillance boarded based on their phone data.

We can confirm that targets are on board specific flights in near real time, enabling surveillance or arrest teams to be put in place in advance, a GCHQ analyst wrote in a PowerPoint slide presentation on the program. If they use data, we can also recover email addresss [sic], Facebook IDs, Skype addresses, etc.

The technology allows the NSA and GCHQ to get a geographic fix on surveilled aircraft once every two minutes in transit.

Latest batch of documents leaked shows NSA's power to pwn.

Greenwald asserts in his book that at the same time the US intelligence community and legislators were warning that Chinese networking vendors Huawei and ZTE were untrustworthy because of connections to Chinas Peoples Liberation Army, the NSA was routinely intercept[ing] routers, servers, and other computer network devices being exported from the US before they are delivered to the international customers.

Greenwald cited a June 2010 report from the head of the NSAs Access and Target Development department in which the official wrote, In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and the network.

Read this article:

NSA routinely tapped in-flight Internet, intercepted exported routers