Mediaboss Marketing

Since last night, the debate over how to reauthorize certain NSA surveillance authorities has seen a whirlwind of activity, culminating in the major news that the House Rules Committee postponed a vote today to potentially expand NSA spying powers.

As we wrote yesterday:

"According to reports published Tuesday evening by Politico, a group of surveillance hawks in the House of Representatives is trying to ram through a bill that would extend mass surveillance by the National Security Agency. We expect a vote to happen on the House floor as early as [December 20], which means there are only a few hours to rally opposition.

The backers of this bill are attempting to rush a vote on a bill that weve criticized for failing to secure Americans privacy. If this bill passes, we will miss the opportunity to prevent the FBI from searching through NSA databases for American communications without a warrant. Worse, nothing will be done to rein in the massive, unconstitutional surveillance of the NSA on Americans or innocent technology users worldwide."

With the House Rules Committee's postponed vote, this crisis is currently avoided. But the fight isnt over.

We do not know the exact steps House Permanent Select Committee on Intelligence Chairman Devin Nunes, who authored the bill (H.R. 4478), will take this week. We do not know if other bills to reauthorize Section 702, originally enacted as part of the FISA Amendments Actthe NSAs powerful surveillance authority scheduled to sunset in less than two weekswill be introduced for a House floor vote.

But we do know that our voices are being heard. And we still know that we stand against attempts to expand NSA surveillance by hitching it to separate efforts to fund the government, a strategy that some members of Congress have considered.

As we wrote previously:

"[It] is completely unacceptable for Congressional leadership to shove Section 702 reauthorization into an end-of-year funding bill. This program invades the privacy of an untold number of Americans. Before it can be reauthorized, Congress must undertake a transparent and deliberative process to consider the impactthis NSA surveillance has on Americans privacy."

You can speak up. Call your representatives and let them know that it is unacceptable to attach H.R. 4478or S. 2010to any year-end spending bills. Attempts to sneak expanded NSA surveillance powers into entirely separate legislation are attempts to rob surveillance reform of its own needed debate. This hurts the American people and it removes the opportunity for open, transparent discussion.

Call today. Your efforts are working.

Call Now

Call Your Representatives

Visit link:
Efforts to Expand NSA Spying Trip Up | Electronic Frontier ...

The Wall Street Journal reports there has been a new breach at the National Security Agency via one of the agency's contractors. NSA Handout/Getty Images hide caption

The Wall Street Journal reports there has been a new breach at the National Security Agency via one of the agency's contractors.

Russian hackers stole top secret cybertools from a National Security Agency contractor in yet another embarrassing compromise for U.S. spy agencies, the Wall Street Journal reported Thursday.

The NSA contractor is believed to have taken highly sensitive official software home to a personal computer in 2015. His machine was running a Russian security program made by Kaspersky Labs, which can be exploited by Russia's intelligence agencies, the Journal reported.

The NSA declined to comment.

Members of Congress, however, slammed the spy agency for the latest in a series of breaches blamed not on its own employees but on the vendors it uses in place of or in addition to them.

At least three other contractors Reality Winner, Hal Martin and Edward Snowden also have been accused of hoarding or releasing NSA's secrets. An online entity called the "Shadow Brokers" also has tried to auction what it called software stolen from the NSA.

Nebraska's Republican Sen. Ben Sasse said he was tired of seeing the same headlines about failures of NSA's information security.

"The men and women of the U.S. intelligence community are patriots, but the NSA needs to get its head out of the sand and solve its contractor problem," Sasse said. "Russia is a clear adversary in cyberspace, and we can't afford these self-inflicted injuries."

Intelligence officials often stress that the NSA and its sibling agencies have a "layered" cyberdefense that is larger than any single tool or system. So the failure reported by the Journal might not amount to the loss of what intelligence workers might call "the keys to the kingdom."

Plus spy agency bosses have previously also said they would not run the Russian-made security software from Kaspersky Labs that the Journal said was associated with the loss of the hacking tools. In fact, Acting Homeland Security Secretary Elaine Duke said in September that she was banning the entire federal government from using Kaspersky.

Kaspersky Labs has millions of users around the world and is among NPR's corporate underwriters. It has denied that it is a cat's-paw for Russia's intelligence agencies or any other government.

New Hampshire Democratic Sen. Jeanne Shaheen said Thursday that the widespread use of Kaspersky software was no excuse for what she called the slow action by the U.S. intelligence community and the broader federal government.

"This development should serve as a stark warning, not just to the federal government but to states, local governments and the American public, of the serious dangers of using Kaspersky software," Shaheen said.

"The strong ties between Kaspersky Lab and the Kremlin are extremely alarming and have been well-documented for some time. It's astounding and deeply disturbing that the Russian government continues to have this tool at their disposal to harm the United States."

Link:
Report: Hackers Stole NSA Cybertools In Another Breach ... - NPR

Satoshi Nakamoto

The creator of Bitcoin, Satoshi Nakamoto, is the worlds most elusive billionaire (worth more than $7B as of November 2017). Very few people outside of the Department of Homeland Security know Satoshis real name. In fact, DHS will not publicly confirm that even THEY know the billionaires identity. Satoshi has taken great care to keep his identity secret employing the latest encryption and obfuscation methods in his communications. Despite these efforts (according to my source at the DHS) Satoshi Nakamoto gave investigators the only tool they needed to find himhis own words.

Using stylometry one is able to compare texts to determine authorship of a particular work. Throughout the years Satoshi wrote thousands of posts and emails and most of which are publicly available. According to my source, the NSA was able to the use the writer invariant method of stylometry to compare Satoshis known writings with trillions of writing samples from people across the globe. By taking Satoshis texts and finding the 50 most common words, the NSA was able to break down his text into 5,000 word chunks and analyse each to find the frequency of those 50 words. This would result in a unique 50-number identifier for each chunk. The NSA then placed each of these numbers into a 50-dimensional space and flatten them into a plane using principal components analysis. The result is a fingerprint for anything written by Satoshi that could easily be compared to any other writing.

The NSA then took bulk emails and texts collected from their mass surveillance efforts. First through PRISM (a court-approved front-door access to Google and Yahoo user accounts) and then through MUSCULAR (where the NSA copies the data flows across fiber optic cables that carry information among the data centers of Google, Yahoo, Amazon, and Facebook) the NSA was able to place trillions of writings from more than a billion people in the same plane as Satoshis writings to find his true identity. The effort took less than a month and resulted in positive match.

This wasnt the first time efforts had been made to unearth the identity of Satoshi using stylometry. Various reporters and members of the Bitcoin community have used various open source stylometry tools to attempt to uncover the true identity of Bitcoins creator. Their problem? They didnt have access to trillions of emails from a billion people and they werent able to plug them into a supercomputer. The NSAs proprietary software, bulk email collection ability, and computing power made it possible for them to conclusively identify Satoshi.

But why? Why go to so much trouble to identify Satoshi? My source tells me that the Obama administration was concerned that Satoshi was an agent of Russia or Chinathat Bitcoin might be weaponized against us in the future. Knowing the source would help the administration understand their motives. As far as I can tell Satoshi hasnt violated any laws and I have no idea if the NSA determined he was an agent of Russia or China or just a Japanese crypto hacker.

The moral of the story? You cant hide on the internet anymore. Your sentence structure and word use is MORE unique than your own fingerprint. If an organization, like the NSA, wants to find you they will.

Sources: Many readers have asked that I provide third party citations to prove the NSA identified Satoshi using stylometry. Unfortunately, I cannot as I havent read this anywhere elsehence the reason I wrote this post. Im not trying to convince the reader of anything, instead my goal is to share the information I received and make the reader aware of the possibility that the NSA can easily determine the authorship of any email through the use of their various sources, methods, and resources.

Identity: Many readers have asked who Satoshi is and Ive made it clear that information wasnt shared with me. Based on my conversation I got the impression (never confirmed) that he might have been more than one person. This made me think that perhaps the Obama administration was right that Bitcoin was created by a state actor. One person commented on this post that Satoshi was actually four people. Again, I have no idea.

How to Protect Yourself: There is a project on Github you can join to help create a way to write without fingerprints: https://github.com/psal/anonymouth

Read this article:
How the NSA identified Satoshi Nakamoto - Medium

A series of leaks has rocked the National Security Agency over the past few years, resulting in digital spy tools strewn across the web that have caused real damage both inside and outside the agency. Many of the breaches have been relatively simple to carry out, often by contractors like the whistleblower Edward Snowden, who employed just a USB drive and some chutzpah. But the most recently revealed breach, which resulted in state secrets reportedly being stolen by Russian spies, was caused by an NSA employee who pleaded guilty Friday to bringing classified information to his home, exposing it in the process. And all, reportedly, to update his resume.

The Justice Department Friday announced that Nghia Hoang Pho, a 67-year-old from Ellicott City, Maryland, has admitted to willful retention of national defense information. He'll face up to 10 years in prison, but is free until his sentencing in early April. Pho is a naturalized United States citizen originally from Vietnam. Pho illegally mishandled classified information in spite of being an agent in the NSA's elite Tailored Access Operations foreign hacking group (now called Computer Network Operations) from 2006 to 2016. Though it's somewhat astonishing that someone with his position and training would cause such a basic breach, Pho brought classified data and paper documents to his home between 2010 and 2015. The New York Times, which originally reported on Pho's case before his identity was known, notes that he seems to have been charged in March 2015.

"In connection with his employment, Pho held various security clearances and had access to national defense and classified information. Pho also worked on highly classified, specialized projects," the DoJ said in a statement on Friday. "Pho removed and retained US government documents and writings that contained national defense information, including information classified as Top Secret and Sensitive Compartmented Information."

'Classified data is highly sensitive and shouldn't be able to be removed. It shows that TAO didn't have good controls over that data.'

David Kennedy, TrustedSec

That information didn't stay on Pho's computer. Instead, Pho appears to be the NSA employee from whom Russia stole valuable data, by compromising the Kaspersky antivirus software on a then-unidentified NSA employee's personal computer. Because antivirus software has deep and far-reaching permissions, Russian intelligence used its hooks into Kaspersky to lift files, and any number of secrets. Kaspersky has repeatedly denied any association with the Russian government.

Pho stands out among recent NSA leak culprits in that he specifically worked as a developer for TAO, which would have brought him into contact with a diverse array of sensitive NSA data, systems, and materials. One would also have thought an elite programmer focused on developing advanced hacking tools would know better than to put classified data at risk by transporting it to his house.

"It's not a mistake that's supposed to be common," says David Kennedy, the CEO of TrustedSec, who formerly worked at the NSA and with the Marine Corps' signal intelligence unit. "Lax practices, for sure. Classified data is highly sensitive and shouldn't be able to be removed. It shows that TAO didn't have good controls over that data."

The fact that Pho was a developer is significant, though, says Jake Williams, founder of the security firm Rendition Infosec, who formerly worked for TAO at the NSA (a fact that wasn't public until the NSA leakers known as the Shadow Brokers revealed it in April).

"CNO developers are usually experts in a very narrow field and often don't really understand how their tools are used in operations, so his lack of operations security is not as surprising as it should be." Williams says. "There's also an intense pressure to get the mission done, so the idea that a developer would take work home is not at all surprising."

Apparently, though, Pho wasn't focused entirely on work. The New York Times reports that the TAO developer brought home the materials so he could update his resume. The case documents don't give much indication of what types of data and materials Pho took and left on his personal computer. The frantic investigation into valuable NSA tools stolen by Russian spies, though, indicates that Pho may have exposed more than just resume materials.

Other NSA leaks have come from contractor Reality Winner, who sent classified information to The Intercept in September, and Harold Martin, another contractor, who was charged in October 2016 for bringing terabytes of NSA data to his house, like Pho.

Pho stands out, though, both for the apparent audaciousness of his actions, and his affiliation with TAO, a highly regarded unit within the world's most powerful intelligence apparatus. If someone like that can accidentally cause a critical NSA breach, there's no telling who else might have as well.

Go here to read the rest:
Here's the NSA Agent Who Inexplicably Exposed Critical ...

The contents of a highly sensitive hard drive belonging to a division of the National Security Agency have been left online.

The virtual disk image contains over 100 gigabytes of data from an Army intelligence project, codenamed "Red Disk." The disk image belongs to the US Army's Intelligence and Security Command, known as INSCOM, a division of both the Army and the NSA.

The disk image was left on an unlisted but public Amazon Web Services storage server, without a password, open for anyone to download. Unprotected storage buckets have become a recurring theme in recent data leaks and exposures. In the past year alone, Accenture, Verizon, and Viacom, and several government departments, were all dinged by unsecured data.

Chris Vickery, director of cyber risk research at security firm UpGuard, found the data and informed the government of the breach in October. The storage server was subsequently secured, though its owner remains unknown.

The leak marks yet another exposure of classified government data. Since the Edward Snowden disclosures in 2013, the agency made headlines last year when Harold Martin, an NSA contractor, was indicted for removing terabytes of secret data from the agency's headquarters. Another contractor, Reality Winner, was indicted this year for leaking classified secrets to news site The Intercept.

When approached prior to publication, an NSA spokesperson did not return a request for comment. An INSCOM spokesperson was unable to comment by the time of publication.

The disk image, when unpacked and loaded, is a snapshot of a hard drive dating back to May 2013 from a Linux-based server that forms part of a cloud-based intelligence sharing system, known as Red Disk. The project, developed by INSCOM's Futures Directorate, was slated to complement the Army's so-called distributed common ground system (DCGS), a legacy platform for processing and sharing intelligence, surveillance, and reconnaissance information.

Each branch of the military has its own version of the intelligence sharing platform -- the Army's is said to be the largest -- but the Army's system struggled to scale to the number of troops who need it.

Red Disk was envisioned as a highly customizable cloud system that could meet the demands of large, complex military operations. The hope was that Red Disk could provide a consistent picture from the Pentagon to deployed soldiers in the Afghan battlefield, including satellite images and video feeds from drones trained on terrorists and enemy fighters, according to a Foreign Policy report.

But the system was slow, crash prone, and difficult to use. A memo from 2014 by soldiers with one deployed brigade said the system was "a major hindrance to operations," as reported by the Associated Press.

The Pentagon spent at least $93 million on Red Disk, but it was never fully deployed in the field. The project has since been largely seen as a failure.

While the contents of the disk are readable, the system itself wouldn't boot -- likely because it relies on dependent systems and servers that are only available from within the Pentagon's network. But the files alone offer a glimpse into how Red Disk worked.

Red Disk was a modular, customizable, and scalable system for sharing intelligence across the battlefield, like electronic intercepts, drone footage and satellite imagery, and classified reports, for troops to access with laptops and tablets on the battlefield. Marking files found in several directories imply the disk is "top secret," and restricted from being shared to foreign intelligence partners.

Red Disk could draw in vast amounts of intelligence, documents, videos, and audio from several sources, including signals intelligence, radar, wide area aerial surveillance, drones, and audio databases -- some fed in directly from the NSA. That raw, mostly unstructured data passed through software called NiFi (formerly NiagraFiles), a since declassified NSA system to support highly scalable and flexible data flows, which directs different kinds of data across multiple computer networks and geographically dispersed sites. That was particularly useful for Red Disk, which relied on obtaining and sending data over wide areas.

An icon found in the leaked files, used to "target" individuals of interest. (Image: supplied)

The data then was sorted and organized through various filters. The data would be indexed, allowing analysts to carry out metadata tagging, extract geo-temporal information, and run a data provenance process to verify the source and owner of certain data.

All the collected intelligence would be stored in a central repository to be analyzed, correlated, and enriched. An analyst could pull intelligence from the repository based on their security clearance. An analyst would obtain their access from their Pentagon-issued certificate-based credentials, which grants them access only to data they are permitted to see.

The system also comes with several plug-in apps, allowing analysts to interact with intelligence data. One program includes DOMEX, a document and media program for analyzing seized documents and electronic evidence.

Several files also point to biometric analysis tools, and an integration of human language technologies to allow analysts to query reports and play audio in English.

One image found on the drive reveals how analysts can target individuals of interest, such as potential terrorists, in the DCGS system for later action -- such as by ground troops or autonomous drones.

Vickery noted that the disk image also contains other sensitive files, including private keys used for the system to access other servers on the intelligence community's network. The keys belong to a third-party firm, Invertix, a working partner of INSCOM and a key developer of Red Disk.

Invertix, now named Altamira Technologies, did not respond to a request for comment.

INSCOM's data exposure is the latest in a long list of government leaks in the past year.

Several government agencies, including US Central Command and US Pacific Command and the National Geospatial Intelligence Agency, charged with analyzing top secret satellite imagery, have admitted exposing sensitive or classified information.

Vickery, who searches for exposed data online, has been responsible for finding much of the data. But he said the latest data exposure was entirely avoidable.

"What are we doing wrong when 'top secret' data is literally two mouse clicks away from worldwide exposure?" he said. "How did we get here, and how do we find a way out?"

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-7558849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Read More

See the rest here:
New NSA leak exposes Red Disk, the Army's failed ...