Archive for the ‘NSA’ Category

Censorship destroys the very diversity it was meant to protect: former NSA foreign surveillance agent – The Sociable

A former NSA foreign surveillance agent tells The Sociablehow censorship destroys the very diversity of thought it was meant to protect just beforeUS President Trump signs an Executive Order to prevent online censorship.

Jim Penrose is a former NSA foreign surveillance agent and the current Chief Operating Officer at the cybersecurity firm, BlueVoyant, which works with global industries around the world to help them understand how nation-state adversaries think and what cultural norms push them to act the way they do in cyber warfare.

Fundamentally, the scourge of censorship as we know it today is that its forcing an orthodoxy which actually destroys the very diversity its meant to protect

During his 17 years of service in the NSA and beyond, Penrose has seen first-hand how misinformation campaigns have been launched to influence elections, and how censorship has impacted societies from Russia, China, and the Middle East, and all the way back to the United States.

At the heart of the censorship debate is, as always, the issue of free speech.

Censorship creates a scenario where assumptions dont get the proper questioning that they need, and we need to have ideas tried in the crucible of public debate, and free speech is fundamental to that, Penrose told The Sociable.

Free speech is complicated by the fact that big social platforms like Facebook and Twitter have billions of users from just about every country on the planet, and these countries dont all have the same levels of protection for free speech in their laws, so regulating free speech on social is a slippery slope.

Censorship creates a scenario where assumptions dont get the proper questioning that they need, and we need to have ideas tried in the crucible of public debate, and free speech is fundamental to that Jim Penrose

However, at the time of writing, US President Donald Trump had just signed an Executive Order to Prevent Online Censorship, which stated, Online platforms are engaging in selective censorship that is harming our national discourse, and that It is the policy of the United States that large online platforms, such as Twitter and Facebook, as the critical means of promoting the free flow of speech and ideas today, should not restrict protected speech.

Today, Im signing an Executive Order to protect and uphold the free speech and rights of the American people, Trump said at the time of signing.

My Executive Order calls for new regulations under Section 230 of the Communications and Decency Act to make it that social media companies that engage in censoring or any political conduct will not be able to keep their liability shield, he added.

Further elaborating on the subject of free speech vs censorship, Penrose said that people can say things we dont like, or they may say things that are abhorrent, but at the end of the day, arguments should be won with the force of ideas and the proof to back up those statements.

Instead of having that respectful conversation that we used to have, and we would have had if we were face-to-face, we ended up going into a mode where were just not going to talk Jim Penrose

When ideas are censored; however, their arguments, too are censored. The right to question information becomes censored as well.

For example, in the name of public health and safety, massive amounts of content are removed on a daily basis while more orthodox narratives become the accepted truth without question.

Right now, YouTube is censoring content that goes against recommendations by the World Health Organization (WHO), but in hindsight, the WHO hasnt always given the best information, especially with regards to Chinas transparency in the handling of the coronavirus.

Nevertheless, the WHO narrative has become the orthodox ideology on world health policies, and saying anything against that orthodoxy on social media is met with censorship.

Fundamentally, the scourge of censorship as we know it today is that its forcing an orthodoxy which actually destroys the very diversity its meant to protect, said Penrose.

Big tech platforms are aggressively trying to stamp out misinformation, which is a very real problem when it comes to massive influence campaigns, but in stamping out misinformation, they are also stamping out real concerns from real people whose real voices have been silenced to censorship.

As citizens, we get pulled into this weird position where do I really want to debate this person on topic X do I really want to have that argument? Jim Penrose

Penrose explained that there are many motives and tactics behind spreading misinformation and how those activities influence the way we behave online.

If you think about the Russians and what they did during the election in 2016, their primary tactic was the noise in the channel tactic you create so much noise in the channel that people start to have overall doubts on all information thats available in the media, social media, and other places, he said.

Some people turn off and disengage. They stop debating and they stop talking. Then theres other groups that go full into what I would say vehement, strident, vitriolic mode where they themselves become internet trolls and attack the living daylights out of anybody who they disagree with and report them as abusive or objectionable content in trying to get everybody removed from a platform like Twitter, Penrose added.

Coincidentally, as Penrose was speaking, #TakeTrumpOffTwitter was trending on Twitter, highlighting those who call for censorship through efforts to deplatform certain individuals.

Some people turn off and disengage. They stop debating and they stop talking. Then theres other groups that go full into vehement, strident, vitriolic mode where they themselves become internet trolls and attack the living daylights out of anybody who they disagree with Jim Penrose

Meanwhile, the Wall Street Journal recently published a story called Facebook Executives Shut Down Efforts to Make the Site Less Divisive, in which it says that Facebook internally studied how it polarizes users, then largely shelved the research.

Social media companies bank on divisiveness in order to keep users on their platforms. In fact, the Center for Humane Technology president Tristan Harris went before Congress earlier this year and testified that tech products and culture were designed intentionally for mass deception, which furthers the division.

Tech products, culture are designed intentionally for mass deception: Ex-google ethicist testifies https://t.co/ewkeWBBvxF via @thesociable

Joe Rogan (@joerogan) January 17, 2020

Penrose said that this divisiveness on social media makes us turn on one another online, whereas if we had met in person, we would probably be having civilized discussions instead.

As citizens, we get pulled into this weird position where do I really want to debate this person on topic X do I really want to have that argument? said Penrose.

As a result, the divisiveness has led many to self-censor or fear the wrath of a thousand trolls calling for them to be censored.

It rips at the fabric of who we are and how we can still be friends and patriotic colleagues with each other, even when we disagree about topics Jim Penrose

I think what happens is we have actually estranged ourselves from each other, Penrose continued.

Instead of having that respectful conversation that we used to have and we would have if we were face-to-face, we ended up going into a mode where were just not going to talk, he added.

And weve actually grown farther apart from each other, which I think ultimately was one of the major goals of the Russians during their influence campaign.

It rips at the fabric of who we are and how we can still be friends and patriotic colleagues with each other, even when we disagree about topics X, Y, and Z, Penrose concluded.

No matter the intention, online censorship eliminates the possibility to have a free and open exchange of ideas if they are not in line with the ideologies of social media platforms.

Online censorship creates a herd mentality where there is no gray area; only black and white.

Its us vs them, and it looks like the truth lies somewhere between those who scream the loudest, and those who have disengaged and dont want to hear about it.

Big tech COVID-19 surveillance data & censorship threaten privacy & free speech: op-ed

Businesses are turning to more secure communication tools to avoid govt overreach: encryption platform report

We must not let coronavirus response be a cover to restrict our human rights: Committee to Protect Journalists advocacy director

Here is the original post:
Censorship destroys the very diversity it was meant to protect: former NSA foreign surveillance agent - The Sociable

FISA: Trump rails against ‘warrantless surveillance’ that he himself reauthorised in 2018 – The Independent

Donald Trump railed against "warrantless surveillance" of US citizens this week as Democrats and Republicans headed back to the drawing board on negotiations to reauthorise key elements of the Foreign Intelligence Surveillance Act (FISA) that lapsed in March.

"WARRANTLESS SURVEILLANCE OF AMERICANS IS WRONG!" the president tweeted in all caps on Wednesday.

But Mr Trump himself reauthorised such intelligence tools in January 2018 when he signed into law a bill re-upping the National Security Agencys (NSA) warrantless internet surveillance programme.

Sharing the full story, not just the headlines

At the time, Mr Trump said the NSA programme was a "critically important national security tool" to foil terrorist plots, illicit weapons sales, and other malign actors.

The NSA's warrantless surveillance programme, extended for six years by Congress and Mr Trump in 2018 as part of a FISA reauthorisation that year, collects information and intercepts communications from foreigners without their knowledge. But sometimes intelligence operatives end up trawling US citizens' communications in the process.

"In order to detect and prevent attacks before they happen, we must be able to intercept the communications of foreign targets who are reasonably believed to possess foreign intelligence information," Mr Trump said .

The covert NSA surveillance programme "has proven to be among the Nations most effective foreign intelligence tools," he said, adding that it has "enabled our Intelligence Community to disrupt numerous plots against our citizens at home and our warfighters abroad" and "unquestionably saved American lives."

Since signing the 2018 FISA reauthoristion, Mr Trump has grown increasingly wary of the intelligence community's wide-ranging surveillance authorities.

The president and congressional Republicans have seized on a 2019 report by Justice Department Inspector General Michael Horowitz that found the FBI committed multiple errors in 2016 on their applications for FISA warrants to surveil former Trump campaign aide Carter Page.

While Mr Page no longer worked for the Trump campaign by the time the courts approved the warrant to monitor his communications, Republicans have argued that such abuse of the FISA system warrants considerable reform.

The Republican chairmen of three Senate committees are investigating the so-far unsubstantiated claims that Obama administration officials intentionally abused surveillance laws to politically undermine Mr Trump's 2016 campaign and beset his incoming administration with lengthy investigations into possible ties between Mr Trump's aides and Russia.

The president's key allies in the House on intelligence matters ex-House Judiciary ranking member Doug Collins, current House Judiciary ranking member Jim Jordan, and others reached a deal with Democrats months ago on a package to reauthorise lapsing FISA elements with certain reforms, civil protections, and legal reviews. The Senate kicked it back to the House last week along with an amendment from Senators Mike Lee, Republican of Utah, and Patrick Leahy, Democrat of Vermont, that offered more civil and legal protections for those subject to surveillance.

Mr Trump effectively scuttled that deal this week by threatening to veto it.

The House and Senate will go to conference to settle their differences and craft legislation the president will sign or that is veto-proof, Speaker Nancy Pelosi wrote in a letter to Democrats on Thursday.

View original post here:
FISA: Trump rails against 'warrantless surveillance' that he himself reauthorised in 2018 - The Independent

The Cybersecurity Implications of 5G Technology – Security Boulevard

The coming of widespread 5G technology promises more than just faster everything, enhanced capacity and greater reliability. Leading proponents of the wonders of 5G, such as the theoretical physicist and author Michio Kaku, paint a picture of a true technological paradigm shift, a game-changer.

The self-described futurist invites us to imagine a lightning-fast global communications network that will fuel dramatic advancements in societys productivity and ultimately enrich and empower our lives.

Every once in a while there is this technology which changes the entire landscape, he says in a video produced by wireless network operator T-Mobile. Much like the arrival of the Gutenberg printing press in the mid-1400s triggered a Renaissance of knowledge, he explains that 5G hold the promise to bring connectedness to the rest of the world for millions of people who currently lack easy access to broadband technology.

Lets hope he is correct. Because there is also no shortage of bright minds waving red flags about potential risks to health and online security. Many are warning that 5G also holds the power to enrich and empower high-speed malicious hackers, supercharging their ability to wreak untold havoc in the global cybercrime epidemic.

One of the fundamental challenges of 5G involves balancing its far-reaching potential for human progress against the significant new security risks presented by this extraordinary technological breakthrough, said cybersecurity expert Chuck Bane, academic director for the University of San Diegos online Master of Science in Cyber Security Engineering program and retired naval officer whose experience includes collaboration on cybersecurity projects with the Department of Homeland Security, the NSA and the DoD.

Remember when 4G promised to revolutionize data-based communication across the globe? That was so 2010. The G, of course, stands for generation meaning that 5G is the next (Read more...)

Follow this link:
The Cybersecurity Implications of 5G Technology - Security Boulevard

America rethinks its strategy in the Wild West of cyberspace – The Economist

May 28th 2020

WASHINGTON, DC

COVID-19 HAS been a phishermans friend. Millions of professionals are at home and online, adjusting to new routines and anxious about their jobs. That makes them perfect marks: apt to click on an email that purports to be from their boss or a supplier asking for payment. Law-enforcement officials in many countries have reported a rise in cybercrime since the pandemic started.

But according to the FBI and Department of Homeland Security, not all such attacks come from gangs or individuals looking to make a quick buck. On May 13th those agencies warned that cyber-actors affiliated with China were trying to steal covid-related data and intellectual property. China is not the only worry. Russian hackers may probe for weaknesses in American electoral systems; Iranians have targeted an American drugmaker; North Koreans have gone after cryptocurrency stores.

Just as the attacks of September 11th 2001 spurred America to change its counterterrorism strategy, repeated intrusions are doing the same for its cyber-security. Yet it first has to define the problem. Terrorist attacks tend to involve carnage, a political motive and an attribution. Cyber-assaults have a range of motives, including theft (North Koreas raids on banks), digital disruption (Russias NotPetya strikes on Ukrainian and other infrastructure), sabotage (the Stuxnet attacks on Irans nuclear programme, probably by America and Israel) and political warfare (Russias interference in Americas election in 2016). Sometimes states use non-state actors to carry out cyber-attacks, much as some use terrorist proxies. Attackers may target private-sector networks in banks, hospitals or payment systems, which often appeal to the government for protection.

Defence is difficult. Potential targets are many and diffuse. Attackers identities are often obscure. They make use of vulnerabilities often unknown until exploited.

The National Defence Authorisation Act of 2019, which sets the Pentagons budget, set up a commission to rethink cyber-defence. The Cyberspace Solarium Commission, named after Project Solarium, Dwight Eisenhowers effort in 1953 to create a durable cold-war strategy, and headed by Angus King, an independent senator from Maine, and Mike Gallagher, a Republican congressman from Wisconsin, had the misfortune to release its recommendations on March 11th, just before America went into lockdown. The commission made its first public presentation to lawmakers via video conference on May 13th.

Americas cyber-defence, it argues, is hobbled by jurisdictional boundaries. Intruders are nimble; Americas defence is ponderous. Responsibilities are scattered among the FBI, the National Security Agency (NSA, Americas signals-intelligence agency), the Pentagons Cyber Command, the Department for Homeland Security, the Cyber-security and Infrastructure Security Agency (CISA), and others.

The commission recommends creating a national cyber-director within the White House, a co-ordinating role much like that of director of national intelligence, which emerged from the 9/11 Commissions report. It also recommends permanent congressional cyber-security committees and a beefed-up CISA. Yet the White House is cool on a new Senate-confirmed cyber-security post, and creating new congressional committees would mean convincing current ones to surrender jurisdiction.

More important than government structure, however, is working closely with the private sector. The commission recommends declaring some private servers, such as those for the energy, financial and telecoms industries, critical infrastructure. They would receive enhanced government monitoring in exchange for meeting more stringent security standards.

It also recommends building a platform, managed by CISA with help from other agencies including the NSA, where government bodies and private firms can share information about threats. The NSAs British counterpart, GCHQ, has a similar system. Some companies may be reluctant to let an agency that has engaged in widespread, warrantless surveillance monitor their security, but Mr King believes the proposal will have support from industry.

If one way to halt cyber-attacks is to parry the blows, another is to punch back. After Russian electoral intervention in 2016, American officials grew convinced that their country was seen as a soft touch because it had not done so hard enough. They dont fear us, lamented General Paul Nakasone, head of both the NSA and Cyber Command, in early 2018. The commission accordingly urges American hackers to strike back with speed and agility.

In practice, though, Americas approach has already shifted from punishment to pre-emptionnot so much striking back as striking first. In April 2018 Cyber Command and the NSA announced a strategy built around persistent engagement and defend forward. The first of these reflects the belief that competition in cyberspace is not a series of set-piece battles, but a constant digital mle. The second embodies the principle that to prevent an attack, you should go to its source. Just as our naval forces do not defend by staying in port, says General Nakasone, our forces must operate against our enemies on their virtual territory as well. In August 2018 President Donald Trump rescinded Obama-era guidance and made it easier for Cyber Command to operate beyond Pentagon networks without presidential authorisation.

The more aggressive posture was road-tested during Americas mid-term elections. Cyber Command attacked servers belonging to Russias Internet Research Agency, the company that sowed social-media discord in 2016, and sent text and email messages to Russian operatives warning them that America was tracking themthe digital equivalent of a horses head in the bed. Were now opening the aperture, broadening the areas were prepared to act in, noted John Bolton, then national security adviser, last summer.

Yet taking the fight to rivals presents challenges. The internet has no clean front lines. Attacks from enemy-held cyberspace can be routed through the networks of allies, says Max Smeets of the Centre for Security Studies in Zurich. In 2016 Cyber Command irritated Germany by wiping Islamic State propaganda on German servers without asking for permission. Mr Smeets says adversaries might route attacks via particular countries in the hope of driving wedges between America and its friends.

Another problem is that if one defends far enough forward, it can look an awful lot like attacking. America is said to have secreted malicious code deep into Russian and Iranian infrastructure networks. The practice is akin to burying arms caches behind enemy lines for use in wartime: it makes it easier to strike back if Russia, which has probed Americas own power grids, crosses a line. But the same access can be used for unprovoked attack.

An alternative is to punch back by other means. America and several like-minded allies have grown bolder in publicly attributing major cyber-attacks to China, Russia, Iran and North Korea. In 2014 the Obama administration indicted five members of Chinas armed forces for hacking into American companies. The Trump administration has brought similar charges against Iranian, Russian and North Korean hackers, including a dozen officers of the GRU, Russias military-intelligence agency, who intervened in the 2016 election. Though few American officials expect that foreign hackers will turn up in the dock, legal tools are still seen as useful for several reasons.

One is shame. Most countries do not like getting caught in the act. Second, Russian intelligence officers would rather avoid a sanctions listing that would cut off shopping trips to Paris and boarding schools in Britain. Third, the forensic evidence laid out within these indictmentseven down to Google searches conducted by individual GRU officersis a powerful way for America to hint at its reach.

Exposure also helps establish norms, defining what is considered beyond the pale in cyberspace. America and its allies argue that the existing laws of war, including ideas such as proportionality and distinctions between combatants and civilians, apply in the digital world (how this squares with suspected American attacks like Stuxnet is less clear). Russia, China, Cuba and others fear that this line of thinking might legitimise American retaliation.

Double standards abound. America indicted Russian officers for hacking the Organisation for the Prohibition of Chemical Weapons, but the NSA has itself run riot in international institutions. And practical deals have not survived contact with reality. An agreement in 2015 between Barack Obama and Xi Jinping, Chinas president, to ban commercial espionage is widely deemed to have fallen apart.

These divisions play out at the United Nations, where one group of experts, favoured by America and its allies, works parallel to a larger, Russian-dominated group. What weve really seen is a kind of a fracturing of the process, says Adam Segal of the Council on Foreign Relations. There are some interesting ideas percolating through, but they will never be formalised or centralised in any important way. So cyberspace remains a Wild West.

This article appeared in the United States section of the print edition under the headline "Policing the Wild West"

Go here to read the rest:
America rethinks its strategy in the Wild West of cyberspace - The Economist

Dark Mirror by Barton Gellman review the rise of today’s surveillance state – The Guardian

In January 2013, the documentary film-maker Laura Poitras asked Barton Gellman if he wanted to grab a coffee. The venue was New York. Poitras told Gellman a former Washington Post reporter that a few days earlier a mysterious source had been in touch with her.

The person claimed to be from the US spy community. He had news: the NSA or National Security Agency Americas foremost signals intelligence outfit had built an unprecedented surveillance machine. It was secretly hoovering up data from hundreds of millions of people. The implications were terrifying. The correspondent said he could supply documents.

This sounded promising, but how could one be sure? Over the next few months Gellman held a series of encrypted chats with this strange informant, code name Verax. Verax was sizing up Gellman for a job of historic proportions, it turned out. He was to be co-recipient of a trove of ultra-secret national security files.

Dark Mirror is Gellmans account of his interactions with Edward Snowden a series of lively exchanges, fallings out and making ups. It is a fine and deeply considered portrait of the US-dominated 21st-century surveillance state. Snowdens story has already been told in books, a film and a play. The whistleblowers own memoir Permanent Record, written from Moscow, was published in September.

Gellman has waited seven years to give his version. He has spent the time well delving into some of the more abstruse programmes from the Snowden archive, and talking to sources from the tech and security worlds. Dark Mirror doesnt alter what we have known since 2013: that the NSA and its British counterpart GCHQ routinely sweep up virtually all of our communications. But it does provide new and scary technical detail. The original documents published by the Guardian and the Washington Post revealed that the NSA claims backdoor access into the servers of Google and other social media companies, and grabs phone records. Privacy advocates call this spying; GCHQ disagrees. Yes, it collects our metadata in bulk. But, it adds, it doesnt examine it without proper legal cause.

Gellman argues that the NSA has gone so far as to make this distinction meaningless. The agency has constructed a live social graph of who speaks to whom. This includes not just terrorists but everybody. This database is constantly updated. And is precomputed. That means it is ready to yield up the intimacies of a persons life at the touch of a button, Gellman writes romantic, professional, political.

The dark mirror is a metaphor for the modern surveillance state: the security agencies cant be seen, we can. This massive expansion of spying capability took place in the years after 9/11. Until Snowden came along giving material to Poitras, Gellman and the then Guardian columnist Glenn Greenwald citizens had no idea of the scale of this operation, or its civic implications.

The Snowden who emerges from these pages is neither a hero nor a traitor. Gellman sketches him as fine company, funny and profane with a nimble mind and eclectic interests. He can also be stubborn, self-important and a scold. Gellman sees his role as that of a curious journalist, rather than advocate. Snowden isnt a Russian asset, he concludes, but may well have damaged national security a view Snowden rejects.

The most enthralling chapters cover the race to get the story out. Gellman had left the Post in 2010 and briefly contemplated going to a different paper. There are tense meetings with Post executives and lawyers. When he tells colleagues to get rid of their mobile phones several react as if theyve been told to peel off their socks.

Publication was made fraught by the fact that Snowden had left his NSA contractor job in Hawaii and fled to Hong Kong. He invited Poitras and Gellman to join him there. After agonising, Gellman decided not to go. This was the wrong call; he writes with honesty about his fear of arrest and prosecution. In June Poitras, Greenwald and the Guardian journalist Ewen MacAskill interviewed Snowden in his Hong Kong hotel room.

Gellman is frank about the pressures of taking on the Obama administration. Someone tried to hack his iPhone and laptops. He bought a safe for his New York apartment, rode the subway using burner phones. All this had a cost in terms of time, mental energy and emotional equilibrium, he writes.

Yet his paranoia was justified. Foreign intelligence services sought to get their hands on the leak. A Russian emailed to ask if Gellman might share a copy of the NSAs black budget. Gellmans colleague Ashkan Soltani received multiple approaches from hot young women via the dating service OKCupid; their profiles subsequently vanished. When Gellman visited Snowden in Moscow in late 2013, he took elaborate precautions.

For a while after the Snowden publications, Gellmans top intelligence contacts snubbed him. This hostility ended once Donald Trump became president, and declared war on his own intelligence operatives.

Dark Mirror brings down the curtain with Snowden stuck in Moscow, apparently content with his lot. He is, Gellman writes, an indoor cat, who considers his mission accomplished. There is little prospect of Snowden returning to the US, where he faces espionage charges. The most consequential whistleblower of our times does not regret his costly moment of truth-telling.

Luke Hardings Shadow State: Murder, Mayhem and Russias Remaking of the West will be published in July by Guardian Faber. Dark Mirror: Edward Snowden and the Surveillance State is published by Bodley Head (RRP 20). To order a copy go to guardianbookshop.com. Delivery charges may apply.

Original post:
Dark Mirror by Barton Gellman review the rise of today's surveillance state - The Guardian