CHINESE HACKERS AT WORK ON MEMBERS PRIOR TO THE G2 SUMMIT

MALICIOUS CODES IMPLANTED INTO EUROPE’S G20 MEMBERS BY CHINA

1386723128609

Chinese hackers eavesdropped on the computers of five European foreign ministries before last September’s 2013 G20 Summit, which was dominated by the Syrian crisis, according to research by computer security firm FireEye.

The hackers infiltrated the ministries’ computer networks by sending emails to staff containing tainted files with titles such as “US_military_options_in_Syria,” said FireEye, which sells anti-virus software to companies.

When recipients opened these documents, they loaded malicious code on to their computers.

For about a week in late August, California-based FireEye said its researchers were able to monitor the “inner workings” of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems.

AAA

FireEye lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia. FireEye said it believes the hackers were preparing to start stealing data just as the researchers lost access.

The US company declined to identify the nations whose ministries were hacked, although it said they were all members of the European Union. FireEye said it reported the attacks to the victims through the FBI.

FBI spokeswoman Jenny Shearer declined to comment.

“The theme of the attacks was US military intervention in Syria,” said FireEye researcher Nart Villeneuve, one of six researchers who prepared the report. “That seems to indicate something more than intellectual property theft … the intent was to target those involved with the G20.”

The September 5-6 G20 summit was dominated by discussion of the Syrian crisis, with some European leaders putting pressure on US President Barack Obama to hold off on taking military action against Syrian President Bashar al-Assad.

Villeneuve said he was confident the hackers were from China based on a variety of technical evidence, including the language used on their control server, and the machines they used to test their malicious code.

He said he did not have any evidence, however, that linked the hackers to the Chinese government.

“All we have is technical data. There is no way to determine that from technical data,” Villeneuve said.

Chinese Foreign Ministry spokesman Hong Lei said China opposed any hacking activities.

“US internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible,” Hong told a daily news briefing in Beijing.

One of dozens

Western cyber security firms monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain.

China has long denied those allegations, saying it is the victim of spying by the US. Those claims gained some credibility after former NSA contractor Edward Snowden began leaking documents about US surveillance of foreign countries, including China.

FireEye said it had been following the hackers behind the Syria-related attack for several years, but this is the first time the group’s activities have been publicly documented. The company calls the group “Ke3chang”, after the name of one of the files it uses in one of its pieces of malicious software.

FireEye said it believed the hackers dubbed the Syria-related campaign “moviestar” because that phrase was used as a tag on communications between infected computers and the hackers’ command-and-control server.

In 2011, the group ran another operation dubbed “snake”, which enticed victims with a file that FireEye said contained nude pictures of Carla Bruni, the Italian-French singer, songwriter and model who in 2008 married then French President Nicolas Sarkozy.

The host name for that campaign’s command-and-control server contained the string “g20news”, which might indicate that it was related to the G20 Finance Ministers meeting in Paris in 2011, FireEye said.

The email address used to send those malicious files had the phrase “consulate” in it, which also bolstered the possibility that the attack was politically motivated, Villeneuve said.

He said researchers only gathered evidence about “snake” through reviewing emails and malicious code. They did not have access to its command-and-control server, which they did in the case of the “moviestar” attack.

Reuters

AAA

Henry Sapiecha

blue cam line

NATIONAL SECURITY AGENCY ILLEGAL ACCESS TO MICROSOFT GLOBAL COMMUNICATIONS LINKS

Microsoft is moving toward a major new effort to encrypt its internet traffic amid fears that the National Security Agency may have broken into its global communications links, said people familiar with the emerging plans.

1381280795980

Suspicions at Microsoft, while building for several months, sharpened in October when it was reported that the NSA was intercepting traffic inside the private networks of Google and Yahoo, two industry rivals with similar global infrastructures, said people with direct knowledge of the company’s deliberations. They said top Microsoft executives are meeting this week to decide what encryption initiatives to deploy and how quickly.

Documents obtained from former NSA contractor Edward Snowden suggest – though do not prove – that the company is right to be concerned. Two previously unreleased slides that describe operations against Google and Yahoo include references to Microsoft’s Hotmail and Windows Live Messenger services. A separate NSA email mentions Microsoft Passport, a web-based service formerly offered by Microsoft, as a possible target of that same surveillance project, called MUSCULAR, which was first disclosed by The Washington Post last month.

Though Microsoft officials said they had no independent verification of the NSA targeting the company in this way, general counsel Brad Smith said Tuesday that it would be ‘‘very disturbing’’ and a possible constitutional breach if true.

Microsoft’s move to expand encryption would allow it to join Google, Yahoo, Facebook and other major technology firms in hardening their defences in response to news reports about once-secret NSA programs. The resulting new investments in encryption technology stand to complicate surveillance efforts – by governments, private companies and criminals – for years, experts say.

Though several legislative efforts are underway to curb the NSA’s surveillance powers, the wholesale move by private companies to expand the use of encryption technology may prove to be the most tangible outcome of months of revelations based on documents that Snowden provided to The Washington Post and Britain’s The Guardian newspaper.

In another major shift, the companies also are explicitly building defenses against US government surveillance programs, in addition to combating hackers, criminals or foreign intelligence services.

‘‘That’s a pretty big change in the way these companies have operated,’’ said Matthew Green, a Johns Hopkins University cryptography expert. ‘‘And it’s a big engineering effort.’’

In response to questions about Microsoft, the NSA said in a statement Tuesday, ‘‘NSA’s focus is on targeting the communications of valid foreign intelligence targets, not on collecting and exploiting a class of communications or services that would sweep up communications that are not of bona fide foreign intelligence interest to the U.S. government.’’

A US official, who was not authorised to discuss the matter publicly and spoke on the condition of anonymity, said Tuesday that collection can be done at various points and does not necessarily happen on a company’s private fiber-optic links.

A 2009 email from a senior manager of the NSA’s MUSCULAR project specifies that a targeting tool called ‘‘MONKEY PUZZLE’’ is capable of searching only across certain listed ‘‘realms,’’ including Google, Yahoo and Microsoft’s Passport service. It is not clear what service a fourth listed realm, ‘‘emailAddr,’’ refers to.

‘‘NSA could send us whatever realms they like right now, but the targeting just won’t go anywhere unless it’s of one of the above 4 realms,’’ the email said.

The tech industry’s response to revelations about NSA surveillance has grown far more pointed in recent weeks as it has become clear that the government was gathering information not only through court-approved channels in the United States – overseen by the Foreign Intelligence Surveillance Court – but also through the massive data links overseas, where the NSA needs only authority from the president.

That form of collection has been done surreptitiously by gaining access to fiber-optic connections on foreign soil. Smith, the Microsoft general counsel, hinted at the extent of the company’s growing encryption effort at a shareholder’s meeting last week.

‘‘We’re focused on engineering improvements that will further strengthen security,’’ he said, ‘‘including strengthening security against snooping by governments.’’

People familiar with the company’s planning, who spoke on the condition of anonymity to discuss matters not yet publicly announced, said that while officials do not have definitive proof that the NSA has targeted Microsoft’s communication links, they have been engaged in a series of high-level meetings to pursue encryption initiatives ‘‘across the full range of consumer and business services.’’

A cost estimate was not available; key decisions are due to be made at a meeting of top executives this week in Redmond, Washington, where Microsoft is headquartered.

When asked about the NSA documents mentioning surveillance of Microsoft services, Smith issued a sharply worded statement: ‘‘These allegations are very disturbing. If they are true these actions amount to hacking and seizure of private data and in our view are a breach of the protection guaranteed by the Fourth Amendment to the Constitution.’’

That echoes a similar statement by Google’s general counsel, David Drummond, who said last month that he was ‘‘outraged’’ over the report in The Washington Post about the NSA tapping into the links connecting the company’s network of data centers. Google in September announced an ambitious new set of encryption initiatives, including among data centers around the world. Yahoo made a similar announcement last week.

Microsoft, Google and Yahoo also have joined other major tech firms, including Apple, Facebook and AOL, in calling for limits to the NSA’s surveillance powers. Most major US tech companies are struggling to cope with a global backlash over US snooping into internet services.

The documents provided by Snowden are not entirely clear on the way the NSA might gain access to Microsoft’s data, and it is possible that some or all of it happens on the public internet as opposed to on the private data center links leased by the company. But several documents about MUSCULAR, the NSA project that collects communications from links between Google and Yahoo data centers, discuss targeting Microsoft online services.

The company’s Hotmail email service also is one of several from which the NSA has collected users’ online address books.The impact of Microsoft’s move toward expanded encryption is hard to measure. And even as most major internet services move to encrypt their communications, they typically are decoded – at least briefly – as they move between each company’s systems, making them vulnerable.Privacy activists long have criticized Microsoft as lagging behind some rivals, such as Google and Twitter, in implementing encryption technology.

A widely cited scorecard of privacy and security by tech companies, compiled by the Electronic Frontier Foundation in San Francisco, gives Microsoft a single check mark out of a possible five.

‘‘Microsoft is not yet in a situation where we really call them praiseworthy,’’ said Peter Eckersley, technology projects director at the foundation. ‘‘Microsoft has no excuse for not being a leader in encryption and security systems, and yet we often see them lagging behind the industry.’’

Encryption, while not impervious to targeted surveillance, makes it much more difficult to read communications in bulk as they travel the internet. The NSA devotes substantial resources to decoding encrypted traffic, but the work is more targeted and time consuming, sometimes involving hacking into individual computers of people using encryption technology.

Documents provided by Snowden, and first reported by The Guardian, show that Microsoft worked with US officials to help circumvent some forms of encryption on the company’s services.

Soltani is an independent security researcher and consultant.

The Washington Post

AAA

Henry Sapiecha

blue cam line

GOVERNMENTS HAVE ACCESS TO CODES THAT CRACK INTO YOUR EMAILS, PHONE CALLS AND BUSINESS TRANSACTIONS ON LINE

BIG BROTHER IS WATCHING

360_avatar_video_0516

Australia’s electronic spy agency reportedly has access to a top secret program that has successfully cracked the encryption used by hundreds of millions of people to protect the privacy of their emails, phone calls and online business transactions.

Documents disclosed by US intelligence whistleblower Edward Snowden reveal the program run by the US National Security Agency, codenamed Bullrun, has been used to secretly descramble high-level internet security systems globally.

They show the NSA and British Government Communications Headquarters (GCHQ) have successfully cracked the encryption used in personal communications such as email and telephone calls as well as global commerce and banking systems.

An undated ”briefing sheet” on the program, provided to British analysts when they are cleared for access to Bullrun, was published on Friday in The New York Times and The Guardian newspapers.

It states that the Australian Signals Directorate – until recently called the Defence Signals Directorate (DSD) – was expected to be granted access.

”In recent years there has been an aggressive effort, lead [sic] by NSA, to make major improvements in defeating network security and privacy involving multiple sources and methods, all of which are extremely sensitive and fragile,” the briefing paper says.

”These include: Computer Network Exploitation (CNE); collaboration with other intelligence agencies; investment in high performance computers; and development of advanced mathematical techniques.”

It explains the British intelligence agency, GCHQ, ”is also introducing BULLRUN … CSEC, DSD and GCSB are expected to do likewise”.

The New York Times reported that the full extent of the NSA’s decryption capabilities – including Bullrun – is only shared with members of the so-called ”Five Eyes”: the NSA and equivalent agencies in Britain, Canada, Australia and New Zealand.

The newspaper reported documents disclosed by Mr Snowden reveal the NSA has ”circumvented or cracked” much of the encryption that automatically protects emails, web searches and phone calls.

The Guardian reported the documents reveal Britain’s GCHQ has been working on ways to unscramble encryption used by service providers Hotmail, Google, Yahoo and Facebook.

Last month it emerged in other documents released by Mr Snowden, that the Australian Signals Directorate is in a partnership with British, American and Singaporean intelligence agencies to tap undersea fibre-optic telecommunications cables that link Asia, the Middle East and Europe. The cables carry much of Australia’s international phone and internet traffic.

In May, Mr Snowden, a former contractor for the NSA, disclosed documents revealing efforts by the US agency to track telephone conversations and internet traffic globally.

AAA
blue cam line

WikiLeaks releases documents on global surveillance industry

1378333895919

WikiLeaks has stepped up its campaign to expose the global surveillance industry with the release of a new collection of sensitive documents from private intelligence and information technology companies.

The transparency group has published 294 documents from 92 contractor firms providing surveillance and intelligence technology to governments around the world.

WikiLeaks publisher Julian Assange said “Spy Files 3”, the third tranche of documents released on the subject, was part of his organisation’s “ongoing commitment to shining a light on the secretive mass surveillance industry”.

“The files form a valuable resource for journalists and citizens alike, detailing and explaining how secretive state intelligence agencies are merging with the corporate world in their bid to harvest all human electronic communication,” he said.

The released documents include sensitive sales brochures and presentations used by companies to encourage security, intelligence and police services to acquire surveillance systems and services. Technologies on offer include “lawful interception” systems, mass telecommunications monitoring, network recording, signals and communications intelligence and listening devices.

The WikiLeaks release shows internet spying capabilities now being sold on the intelligence market include detecting encrypted and obfuscated internet usage such as Skype, BitTorrent, VPN, SSH and SSL. The documents also reveal how contractors work with intelligence and police agencies to obtain decryption keys.

The documents detail bulk interception methods for voice, SMS, MMS, email, fax and satellite phone communications. The released documents also show intelligence contractors are selling capabilities to analyse web and mobile interceptions in real-time.

One 2011 document shows how companies such as British-based Gamma Group, German-based Desoma and Swiss-based Dreamlab are working in concert to “create Telecommunications Intelligence Systems for different telecommunications networks to fulfil the customers’ needs” regarding “massive data interception and retention”.

Other documents in the release show evidence of these technologies being used to infect users in Oman with remote-controlled spyware. The FinFly ‘iProxy’ installation by Dreamlab shows how targets are identified and malware is covertly inserted alongside a legitimate download while keeping the intended download functioning as expected. The target identification methods mean that anybody connecting through the same network would be systematically and automatically intercepted and infected as well, even unintended targets.

British-based privacy advocacy organisation Privacy International said the latest WikiLeaks release “further reveals the extent of which Western corporations are equipping repressive regimes and non-democratic governments to target activists, journalists, and human rights defenders”.

“Unequivocally, the newest ‘Spy Files’ documents show that this dark industry only continues to grow, in both technical capability and customer base, all while amassing billions in profits off the suffering of individuals,” Privacy International researcher Kenneth Page said.

“The types of surveillance being marketed by these companies represent some of the most sophisticated technologies available – whether it’s intrusion software, data mining, Trojans, location tracking, deep packet inspection, facial recognition or mass monitoring,” he said.

“And just like an advertisement you would see on television or in a magazine, spy firms are marketing these tools with flashy graphics, sales-speak and guarantees on effectiveness. It’s quite jarring to see such dangerous technologies being presented in such an unthreatening fashion, given that these products represent one of the biggest threats to human rights in the 21st century.”

The global trade of surveillance technology is estimated to be worth up to $US5 billion ($5.5 billion) a year. By comparison, the “traditional” global trade in small arms (excluding the sale of ammunition) was worth $US4 billion a year.

WikiLeaks has also published information on the movement of private intelligence corporate executives and sales personnel, thereby revealing the geographical focus of their activities.

Mr Assange said the WikiLeaks “Counter Intelligence Unit” has been “tracking the trackers”.

“The WikiLeaks Counter Intelligence Unit (WLCIU) operates to defend WikiLeaks’ assets, staff and sources, and, more broadly, to counter threats against investigative journalism and the public’s right to know,” he said. “The WLCIU has collected data on the movements of key players in the surveillance contractor industry, including senior employees of Gamma, Hacking Team and others as they travel through Azerbaijan, Bahrain, Brazil, Spain, Mexico and other countries.”

No further details of the new unit have been revealed. However it is a matter of public record that former US intelligence contractor turned whistle-blower Edward Snowden has been associated with WikiLeaks since his travel from Hong Kong to Russia in June.

AAA

Henry Sapiecha

blue cam line

BUGGING DEVICE FOUND IN BRITISH ECUADOR EMBASSY

ECUADOR EMBASSY BUGGED BY ENGLAND SAYS FOREIGN MINISTER

Ecuador's Foreign Minister Ricardo Patino shows a picture of a hidden spy microphone

Ecuador’s Foreign Minister Ricardo Patino shows a picture of a hidden spy microphone uncovered at the office of Ana Alban, the Ecuadorean ambassador to the United Kingdom, during a news conference in Quito. Photo: Reuters

Ecuador has accused one of the United Kingdom’s leading private security and surveillance firms of bugging its London embassy where WikiLeaks publisher Julian Assange is lodged.

WikiLeaks has denounced the electronic espionage operation as an instance of “imperial arrogance.”

“Aside from the gross violation of the integrity of Ecuador’s embassy, no candidate in Australian election should be subject to covert surveillance,” Mr Assange told Fairfax Media today.

Foreign Minister Ricardo Patiño has confirmed a sophisticated listening device was found inside the office of then Ecuadorian ambassador to the United Kingdom, Ana Alban, two days before the Foreign Minister visited the embassy to meet with Mr Assange on June 16.

Mr Patiño added that the Ecuadorian authorities “have reason to believe that the bugging was being carried out by the company, the Surveillance Group Limited, … one of the biggest private investigation and undercover surveillance companies in the United Kingdom.”

The Surveillance Group is one of the UK’s most prominent private security and intelligence firms. The company’s website says that by “combining the practices, skills and experience of Special Forces, police and commercial surveillance, the Surveillance Group has forged an entirely new form of surveillance service.”

“Our methods and technologies mean that there are few scenarios or locations in which we cannot achieve footage,” the company says in relation to its covert surveillance operations. “Our operatives are renowned for their ability to get closer, to take longer, better footage and to do so in a manner that is more beneficial to the eventual outcome.”

During a press conference in Quito, Foreign Minister Patiño said the listening device, discovered on June 14, had been running for at least two months, had GSM activation and was camouflaged inside an electrical installation.

“At first glance, the device was an electrical outlet, but incorporated a camouflaged spy microphone, which did not require any previous installation and was very easy to operate through a phone call to the SIM card that [was] contained inside,” Mr Patiño said.

“This device was designed to capture the conversations in the place where it was placed … Analysing the scenario where found, we deduce that the main purpose intended with the placement of the unit to listen, is to have direct information from the talks held in the place where it has been installed, which is the office of our Ambassador.”

AAA

The Foreign Minister said his government would seek the seek the cooperation of the British Government to further investigate the espionage operation.

“After this discovery, the government of Ecuador will request the collaboration of the British government in investigating this issue to discover who is implicated in this espionage operation,” Mr Patiño said.

In an earlier statement the Foreign Minister said he hadn’t announced the discovery at the time because he didn’t want to complicate his visit to London and talks with British Foreign Secretary William Hague about Mr Assange’s circumstances.

“Furthermore, we first wanted to ascertain with precision the origin of this interception device in the office of our ambassador, he said, adding that the discovery of the device was “another instance of a loss of ethics at the international level in relations between governments.”

Ecuador’s London embassy has been continuously under guard and surveillance by British Metropolitan police for more than a year since Mr Assange sought political asylum there in June last year.

The WikiLeaks publisher, who will run as a Senate candidate in Australia’s forthcoming federal election, has been granted political asylum on the grounds that he is at risk of extradition to the United States to face possible conspiracy charges relating to the leak of US military and diplomatic secrets by Private Bradley Manning.

AAA

Mr Assange is subject to a Swedish extradition warrant to face allegations by two women of sexual assault in August 2010.

WikiLeaks has been assisting US intelligence whistle-blower Edward Snowden who is believed to remain holed up at Moscow’s Sheremetyevo International Airport.

WikiLeaks used its Twitter account to condemn the bugging of Ecuador’s embassy, tweeting that “Sieging/bugging of Ecuador’s London embassy … shows that imperial arrogance is the gift that keeps on giving.”

In December 2011 WikiLeaks released “The Spy Files”, a collection of hundreds of reports documenting the global expansion of the private surveillance industry and the involvement of Western companies in assisting the security forces of repressive regimes in the Middle East, Africa and Asia.

The British Foreign Office has declined immediate comment on the allegation concerning the bugging of Ecuador’s embassy and Prime Minister David Cameron’s spokesman has said he will not comment on security issues.

The Surveillance Group has not responded to a request for comment emailed by Fairfax Media.

AAA

Henry Sapiecha

blue cam line

BRITISH SPIES ARE OPERATING AN EAVEDROPPING OPERATION THAT DWARFS THE USA SPY SAGA

BRITAIN HAS A SPY NETWORK WHICH OUTSTRIPS THE USA OPERATION

Security contractor Edward Snowden

London: British spies are running an online eavesdropping operation so vast that internal documents say it even outstrips the United States’ international internet surveillance effort, The Guardian newspaper says.

The paper cited UK intelligence memos leaked by former National Security Agency contractor Edward Snowden to claim that UK spies were tapping into the world’s network of fibre optic cables to deliver the “biggest internet access” of any member of the Five Eyes – the name given to the espionage alliance composed of the United States, Britain, Canada, Australia and New Zealand.

That access could in theory expose a huge chunk of the world’s everyday communications – including the content of people’s emails, calls, and more – to scrutiny from British spies and their US allies. How much data the British are copying off the fibre optic network isn’t clear, but it’s likely to be enormous.

The Guardian said the information flowing across more than 200 cables was being monitored by more than 500 analysts from the NSA and its UK counterpart, GCHQ.

“This is a massive amount of data!” The Guardian quoted a leaked slide as boasting.

The newspaper, whose revelations about America and Britain’s globe-spanning surveillance programs have reignited an international debate over the ethics of espionage, said GCHQ was using probes to capture and copy data as it crisscrossed the Atlantic between western Europe and North America.

It said that, by last year, GCHQ was in some way handling 600 million telecommunications every day – although it did not go into any further detail and it was not clear whether that meant that GCHQ could systematically record or even track all the electronic movement at once.

GCHQ declined to comment on Friday, although in an emailed statement it repeated past assurances about the legality of its actions.

“Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary, and proportionate,” the statement said.

Fibre optic cables – thin strands of glass bundled together and strung out underground or across the oceans – play a critical role in keeping the world connected. A 2010 estimate suggested that such cables are responsible for 95 per cent of the world’s international voice and data traffic, and The Guard-ian said Britain’s geographic position on Europe’s western fringe gave it natural access to many of the trans-Atlantic cables as they emerged from the sea.

The Guardian said GCHQ’s probes did more than just monitor the data live; British eavesdroppers can store content for three days and metadata – information about who was talking to whom, for how long, from where, and through what medium – for 30 days.

ocf-banner-500x300-FINAL

GOOGLE REQUESTS NATIONAL SECURITY & INTERNET DRAGNET TO BE REDETERMINED

REDETERMINING GUIDELINES FOR INTERNET SECURITY SURVEILLANCE

GOOGLE COLOURED LOGO image www.socialselect.net

Google is asking the Obama administration for permission to disclose more details about the U.S. government’s demands for email and other personal information transmitted online in an effort to distance itself from an Internet dragnet.

AAA

In a show of unity, Google rivals Microsoft Corp. and Facebook Inc. also supported the attempt to pressure the U.S. Justice Department to loosen the legal muzzle that limits disclosures about government surveillance authorized by courts to protect national security.

Google made its plea in a Tuesday letter to Attorney General Eric Holder and FBI Director Robert Mueller. Google is trying to debunk media reports that the company has created a way for the National Security Agency to gain access to large amounts of its users’ online communications as part of a secret program code-named “PRISM.”

The reports surfaced last week after a government contractor leaked confidential documents revealing the NSA has been tapping into the computers of Google Inc. and many other Internet services to retrieve information about foreigners living outside the U.S. The other companies linked to PRISM are: Microsoft, Facebook, Yahoo Inc., Apple Inc., AOL Inc., Paltalk, Google’s YouTube and Microsoft’s Skype.

All the companies and services have denied giving the U.S. government unfettered access to user data. The companies say they only turn over user data under legally binding orders, and try to regularly resist orders considered to be too broad.

AAA

Minimizing the appearance of their involvement in PRISM is important to the technology companies. The companies don’t want Web surfers to become paranoid about sharing personal information on their services or, worse yet, avoiding their websites altogether. Attracting big audiences helps the companies sell more advertising. Those ads command higher prices and run more frequently when the companies are able to decipher personal data and determine which parts of the audience are most likely to be interested in certain products.

The stakes are particularly high for Google, which sold $44 billion in digital advertising last year alone.

James Clapper, the director of national intelligence for the Obama administration, last week confirmed PRISM had been approved by a judge and is being conducted in accordance with U.S. law. He hasn’t listed the companies cooperating. Those identifications came from the PRISM documents leaked to The Washington Post and The Guardian, a British newspaper.

Even while acknowledging PRISM’s existence, Clapper has insisted the scope of its surveillance has been more limited than depicted in published reports.

AAA

Google also portrayed itself as an unwitting participant in the program. Executives at the Mountain View, Calif., company maintain that they didn’t know about PRISM until reading about it for the first time last week. Google insists it hasn’t been handing over user data on a broad scale, something the company believes it can prove if it receives clearance to disclose the number of requests that have been submitted under the Foreign Intelligence Surveillance Act, or FISA.

Federal law currently prohibits recipients of FISA requests from revealing information about them.

“Google’s numbers would clearly show that our compliance with these requests falls far short of the claims being made,” David Drummond, Google’s chief legal officer, wrote to Holder and Mueller. “Google has nothing to hide.”

In its own statement, Microsoft said it also wants to be more forthcoming if the Justice Department would allow it.

“Permitting greater transparency on the aggregate volume and scope of national security requests, including FISA orders, would help the community understand and debate these important issues,” the Redmond, Wash. company said.

Ted Ullyot, Facebook’s general counsel, said the social networking leader wants to provide “a complete picture of the government requests we receive, and how we respond.”

AAA

Henry Sapiecha

blue cam line

WORRIED THAT GOVERNMENTS CAN LISTEN IN ON YOUR CALLS & MONITOR YOUR INTERNET USE, THEN READ THIS.

How to shield your calls and internet activity from government surveillance

mobile phone people image www.ispysite

If you have followed the startling revelations about the scope of the US government’s surveillance efforts, you may have thought you were reading about the end of privacy. But even when faced with the most ubiquitous of modern surveillance, there are ways to keep your communications away from prying eyes.

A new frontier of sweeping secret surveillance is not a conspiracy theory but a burgeoning reality. 

First, instead of browsing the internet in a way that reveals your IP address, you can mask your identity by using an anonymising tool such as Tor or by connecting to the web using a Virtual Private Network, or VPN.

Additionally, you can avoid Google search by using an alternative such as Ixquick, which has solid privacy credentials and says it does not log any IP addresses or search terms or share information with third parties.

When it comes to sending emails, if you are using a commercial provider that has been linked to the PRISM spy initiative, you can throw a spanner in the NSA’s works by learning how to send and receive encrypted emails. PGP or its free cousin GPG are considered the standard for email security, and these can be used to both encrypt and decrypt messages – meaning you can thwart surveillance unless you are unlucky enough to have Trojan spyware installed on your computer.

Novice computer users learning how to use PGP or GPG may find it daunting at first, but there are plenty of tutorials online for both Mac and Windows users that can help guide you through the process. For journalists working with confidential sources, attorneys seeking to ensure attorney-client privilege, or others whose work requires secure communications, learning how to use PGP or GPG is an absolute necessity. Organisations seeking to protect themselves from email grabs could go one step further: they could take more control of their messages by setting up their own email server instead of relying on a third-party service, helping ensure no secret court orders can be filed to gain covert access to confidential files. And if you need to store private documents online, you can use Cloudfogger in conjunction with Dropbox.

AAA

For instant messaging and online phone or video chats, you can avoid Microsoft and Google services such as Skype and G chat by adopting more secure alternatives. Jitsi can be used for peer-to-peer encrypted video calls, and for encrypted instant message chats you can try using an “off the record” plugin with Pidgin for Windows users or Adium for Mac. Like using PGP encryption, both Pidgin and Adium can take a little bit of work to set up – but there are tutorials to help ease the pain, such as this for setting up Adium and this tutorial for Pidgin.

As for phone calls, if you want to shield against eavesdropping or stop the NSA obtaining records of who you are calling and when, there are a few options. You could use an encryption app such as Silent Circle to make and receive encrypted calls and send encrypted texts and files, though your communications will be fully secure only if both parties to the call, text or file transfer are using the app. Other than Silent Circle, you could try RedPhone (Android and iOS) for making encrypted calls or TextSecure for sending encrypted texts.

A new frontier of sweeping secret surveillance is not a conspiracy theory but a burgeoning reality. But it is not an Orwellian dystopia – at least, not yet. Tools to circumvent government monitoring exist and are freely available. The onus is on us as individuals to learn how to use and adopt them.

AAA
Henry Sapiecha
blue cam line