• Cold War to cyber war, here’s how weapon exports are controlled

    It was reported last week that the U.K. government is pushing for new restrictions on software — in particular, on tools that would prevent surveillance by the state. This was the focus of negotiations to incorporate cyber security technologies into the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies. Wassenaar was born of the Cold War in 1996. The idea was to inhibit the Soviets (and Chinese) by preventing the export of military equipment and the technology that could be used to make, maintain or defeat that equipment. The push to include cybersecurity in Wassenaar negotiations is unlikely to be effective but will reassure nervous politicians and officials.

  • James Bond drank too much to perform at the level depicted in books, movies

    A detailed examination of James Bond’s books shows that Bond’s weekly alcohol intake is over four times the recommended limit for an adult male, putting him at high risk of several alcohol related diseases, such as alcoholic liver disease, cirrhosis, impotence, and alcohol-induced tremor, and an early death. The medical team concluded that it would not be realistic to expect Bond to have the capacity to perform (in all aspects of life) at his high level of alcohol intake.

  • NSA planted sleeper malware in 50,000 computer networks

    The NSA has planted 50,000 sleeper malware packages – in effect, digital sleeper agents – in more than 50,000 computer networks around the world. The agents, controlled by the NSA’s Tailored Access Operations (TAO) unit, can be activated on command to harvest information of cause disruption. To plant the digital agents, the NSA employed methods typically used by Internet scammers and fraudsters.

  • Airport scanner vendor failed to disclose use of Chinese components

    Recently TSA cancelled a $60 million contract with Rapiscan Systems, a manufacturer of anatomically revealing airport security scanners, after Rapiscan was found to be using unapproved Chinese components in its scanners – and failing to disclose this fact to TSA. Rapiscan, in bidding on the contract, submitted a list of U.S.-made components used in the scanners to the agency, as required by law. After the company received an approval of that list – and the $60 million contract – it ordered the same components from a Chinese company — the Shanghai Advanced Non-Destructive Testing – instructing the Chinese company to label the Chinese-made components with the same part numbers as the originally approved, U.S.-made components, apparently in an effort to make it more difficult for TSA inspectors to notice the illegal switch. Members of the House Homeland Security Committee, charging that the use of Chinese components made the machines susceptible to sabotage, disruption, or spying, want to know whether TSA was aware of Rapiscan’s shenanigans.

  • view counter
  • U.S., U.K. intelligence worried about Snowden’s “insurance policy” cache

    Edward Snowden has so far released about 500 of the classified documents he secretly downloaded while working for an NSA contractor. Source familiar with the case say he had downloaded between 50,000 and 200,000 classified NSA and British government documents. Those close to him suggest that in addition to continuing a steady release of secret documents over the next two to three years, the potentially most damaging information he obtained, information which includes the names of thousands of intelligence agents and informers employed by the United States and its allies, is kept in a secret cache as an insurance policy against arrest or physical harm.

  • Surveillance programs prompt start-up entry into privacy protection market

    Revelations of the surveillance programs of the National Security Agency(NSA) and the U.K. Government Communications Headquarters(GCHQ) have sparked technical innovations, legal challenges, and pursuits of political reforms in the United States and Britain. While some established providers of secure e-mails have bowed out, new companies are moving in to offer consumers protection from prying.

  • view counter
  • A civilian may be appointed to head the NSA

    The Obama administration is considering appointing a civilian to lead the National Security Agency (NSA). If carried out, the move would install a civilian to lead the agency for the first time since its founding in 1952. Keith Alexander, the current director of the NSA, is a four-star Army general. He plans to retire next spring.

  • Weakening cybersecurity to facilitate NSA surveillance is dangerous: experts

    In the wake of revelations about the NSA surveillance programs, an expert on surveillance and cybersecurity recommended a re-evaluation of those surveillance practices that weaken commercial products and services. These practices include weakening standards and placing “back doors” into products that are accessible to U.S. government agencies. The expert – Jon Peha, former chief technology officer of the FCC and assistant director of the White House’s Office of Science and Technology — said deliberately weakening commercial products and services may make it easier for U.S. intelligence agencies to conduct surveillance, but “this strategy also inevitably makes it easier for criminals, terrorists and foreign powers to infiltrate these systems for their own purposes.”

  • U.S. tech companies could go “dark” to regain trust

    With each new revelation of the scope of the American National Security Agency’s spying, perceptions of the importance of privacy are hardening around the world. There is thus a motivation for major technology companies to provide a verifiably secure means of allowing users to communicate securely without an ability for the companies to provide access to security agencies, even if requested to. Two companies, Silent Circle and Lavabit, have come together to form the Dark Mail alliance in an attempt to do exactly this.

  • Lawmakers want better security clearance process

    The Senate Homeland Security and Governmental Affairs Committee(HSGAC) held a hearing last week to review security clearance procedures in light of Edward Snowden’s leaks and the Washington Navy Yard assault in which contractor Aaron Alexis shot and killed twelve people. Members of various federal agencies involved in issuing security clearances testified about their initiatives to improve the security clearance process, but legislators pushed for concrete plans and changes to the current system.

  • Senate panel’s NSA curbs not enough: critics

    Yesterday, the Senate’s intelligence committee approved by an 11-4, and released the text of, a bill which would scale back the NSA’s bulk collection of Americans’ telephone records, increase congressional and judicial oversight of intelligence activities, and create 10-year prison sentences for people who access the classified material without authorization. Critics of U.S. surveillance programs and privacy rights advocates said the bill does little, if anything, to end the daily collection of millions of records that has spurred widespread demands for reform.

  • White House to curb NSA monitoring of some allies' leaders

    It appears that President Obama will soon instruct the NSA to stop eavesdropping on leaders of close U.S. allies. It now emerges that both the president and Congress’s intelligence committees were kept in the dark about this aspect of the NSA surveillance program. Yesterday’s indication by the White House that it moving toward banning the NSA from eavesdropping on some foreign leaders is a historic change in the practices of an agency which has enjoyed unlimited and unfettered – and, it now appears, unsupervised – freedom of action outside the borders of the United States. The move is similar to, if more complicated than, the limits imposed on the CIA in the mid-1970s. Security experts note, though, that prohibiting the NSA from eavesdropping on some foreign leaders would be more complicated and potentially more damaging to U.S. interests than the prohibitions imposed on the CIA more than three decades ago.

  • U.S. “black budget” reveals unwieldy bureaucracy, misplaced priorities: expert

    Classified budget figures and successes and failures by American intelligence agencies, exposed for the first time this week by the Washington Post, show a massive bureaucracy with misplaced priorities, according to a cybersecurity and privacy expert. “The major failure identified in all of the post-9/11 assessments was a ‘failure to connect the dots,’” the expert said. “Nevertheless, the vast majority of the black budget is being spent on data acquisition — collecting more dots — rather than analysis.”

  • NSA broke UN video-conferencing encryption, eavesdropped on deliberations

    The National Security Agency (NSA) in 2012 broke the encryption which secured the UN internal video conferencing at the organization’s headquarters in New York. Among other things, the NSA discovered that the Chinese secret service was also eavesdropping on the UN.

  • Russia grants Snowden a 1-year temporary refugee status

    Edward Snowden has left Moscow’s Sheremetyevo airport and has entered Russia after he had been granted temporary asylum – the official language: a temporary refugee status — for one year. It is not yet known whether Snowden’s plan is to stay in Russia permanently, or whether he will try to move on to one of the four Latin American countries — Venezuela, Bolivia, Nicaragua, and Ecuador – which last month had offered him asylum. U.S. lawmakers said Russia’s decision had damaged U.S.-Russian relations, and the White House hinted that President Obama may cancel a planned summit meeting with Putin in Moscow in September.