Archive for the ‘NSA’ Category

Accused NSA leaker will get to see classified evidence in her espionage prosecution – The Augusta Chronicle

The Augusta National Security Agency leak suspect will get to review classified information federal prosecutors might use against her during her upcoming espionage trial.

In an supplemental protective order signed by U.S. District Court Magistrate Judge Brian K. Epps on Wednesday, both sides have agreed to the procedure which will allow Reality Leigh Winner to access evidence the prosecutors may use to prove she committed the crime of willful retention and transmission of national defense information.

Winner, 25, has pleaded not guilty. She has been held without bond since her June 3 arrest in which federal agents armed with a search warrant raided her Battle Row rental home. The search was brought on by a federal investigation launched after a National Security Agency official was approached by a reporter seeking to authenticate a national security document.

The prosecutors contend Winner accessed and copied a classified document through her job with the National Security Agency contractor Pluribus International Corp., at Fort Gordon. Winner, who served in the Air Force for six years as a linguist specializing in Middle Eastern languages, had a top security clearance.

In the order Epps signed this week, Winner will be held to the obligations of her security clearance. She can face further prosecution if she releases any classified information she may learn through the discovery materials in her case. She may see any document that is deemed unclassified or is specifically marked by federal prosecutors as authorized for disclosure to Reality Leigh Winner. That material is expected to include intelligence reporting, network audit logs of U.S. government agency, FBI interview reports including Winners own interview, and correspondence of contractors from May 24 to June 1.

Although federal prosecutors insist the document Winner allegedly leaked is classified, The Intercept online news media produced an in-depth report on a classified document it received this summer that is an analysis of the extent of Russias tampering efforts during the latest presidential election.

Winners trial is tentatively set to begin the week of Oct. 23.

Reach Sandy Hodson at sandy.hodson@augustachronicle.com or (706) 823-3226

Read the original here:
Accused NSA leaker will get to see classified evidence in her espionage prosecution - The Augusta Chronicle

NSA McMaster on Charlottesville: "Of course it was terrorism"

WASHINGTON President Donald Trump's national security adviser on Sunday minced no words and clearly labeled Saturday's deadly car attack in Charlottesville, Virginia, as terrorism.

"Certainly I think we can confidently call it a form of terrorism," the adviser, Lt. Gen H.R. McMaster, said on NBC's "Meet The Press."

"What terrorism is is the use of violence to incite terror and fear, and of course it was terrorism."

McMaster's words went further than Trump's did on Saturday, when Trump was widely criticized by members of both parties for placing blame on "many sides" for violence that was sparked by a white nationalist rally and for not specifically naming and condemning the racist groups involved.

McMaster said the president intended to denounce the racists.

"He condemned hatred and bigotry on all sides, and that includes white supremacists and neo-Nazis," McMaster said. "I think it's clear I know it's clear in his mind and ought to be clear to all Americans: We cannot tolerate, obviously, that bigotry, that hatred that is rooted in ignorance, ignorance of what America stands for, what America is."

But McMaster also offered very vague answers when asked more than once whether he can work with Trump's chief strategist, Steve Bannon, since considerable friction between the two advisers has seeped into the public.

"I am ready to work with anybody who will help advance the president's agenda and advance the security, prosperity of the American people," McMaster answered.

Asked whether Bannon is someone who does that, McMaster didn't specifically answer. Instead, he replied, "I believe everyone who works in the White House, who has the privilege, the great privilege every day of serving their nation, should be motivated by that goal."

Later on "Meet The Press," Rich Lowry, editor of National Review, assessed McMaster's language.

"He used Washington-speak three times to basically answer your question: 'No, I cannot work with Steve Bannon,'" Lowry told host Chuck Todd.

McMaster also said Sebastian Gorka, a deputy assistant for the president who frequently appears on television to speak about national security issues, "is not in the National Security Council."

McMaster indicated that if Gorka represents himself as a spokesman on national security, he wasn't involved. "The scheduling people for the media and spokespeople is not my area of responsibility," he said.

McMaster also rebutted an assertion that Gorka made to BBC Radio on Thursday, when Gorka called it "nonsensical" for Secretary of State Rex Tillerson to discuss military matters.

"We should always take Secretary of State Tillerson at his word," McMaster said. "He is a tremendously talented leader and diplomat."

Read more from the original source:
NSA McMaster on Charlottesville: "Of course it was terrorism"

Former NSA Official: Dems’ Russia Hacking Story Likely Bogus | Fox … – Fox News Insider

'He Sat On This': Judge Nap Reacts to Reports Obama Knew Russian Meddled in 2014

Antifa Protester: Trump's Denouncement of White Supremacists 'Too Little Too Late'

Former National Security Administration Technical Director Bill Binney told Tucker Carlson he has data showing that the Democrats' narrative regarding Russia hacking the DNC and 2016 election are untrue.

Binney, a member of Veteran Intelligence Professionals for Sanity (VIPS), said the story spread around the mainstream media that Russia is at fault can't necessarily be proven.

He said that during a prior Chinese hack of government systems, NSA agents were able to use "trace route programs" to track the "packets" of information back to a specific building in Shanghai.

Binney said that could be the reason Democrats did not want the FBI to look at their systems- ostensibly because they may not trace back to Russia.

He said a major file that was allegedly hacked from the DNC server was 1,976 megabytes in size and was transmitted in only 87 seconds.

"You made the point that it was moved too fast [that it] couldn't have gone out over the internet," Tucker Carlson surmised.

Binney said it likely was instead transmitted to a storage device.

"Many people are emotionally tied to this agenda, to tie the Russians to President Trump," Binney said.

He said that VIPS is nonpartisan and "tries to look at... the facts."

Watch more above.

Krauthammer: 'Shocking' Trump Didn't 'Reflexively' Call-Out Neo-Nazis on Saturday

Protesters Assemble in Front of Trump Tower Awaiting the President

Originally posted here:
Former NSA Official: Dems' Russia Hacking Story Likely Bogus | Fox ... - Fox News Insider

NSA enforces regulation in bid to restrict Gaurka Singh’s participation in multiple events – The Kathmandu Post

Aug 14, 2017-

In a decision that would shock country's swimming community, Nepal Swimming Association (NSA) has introduced a regulation barring swimmers from participating in more than four events, which according to NSA insiders serves a sole purpose to deny national teenage swimming sensation Gaurika Singh from participating in multiple events.

NSA intends to implement this new regulation in the upcoming National Swimming Championships scheduled to begin from August 17.

The National Swimming Competition organising committee under Vice Chairman Gita Rana, also a lawmaker, announced the competition dates and the regulation that would bar swimmers from participating in more than four events. The organising committee said such move was aimed at making the competition more inclusive.

Keeping in view the inclusiveness in the sport, we have introduced the regulation that no players will be allowed to participate in more than four events so that only one player will not win all the events, said NSA officials during a press meet on Sunday.

The final date for the submission of event participation form was August 26 and Singh had submitted application for entry form at the NSA, National Sports Council and Sports Ministry.

NSA, however, has also gone a step further and is mulling postponement of the national event in a bid to discourage the youngest Olympian in the history of the sport from participating in the competition. However, the association has not taken a final decision on the event postponement issue.

The associations one of a kind regulation is almost unheard in the swimming world.

Singh, 14, has 30 national records to her name and her competitors fear diving into the same pool with her as some of her timings fare much better even than her national male counterparts.

During the 12th South Asian Games, Singh won a record 4 medalsone silver and three bronze to better her own national recordat the age of 14.

Gaurika, who currently lives with her parents in London, England, arrived in Nepal on August 2 to take part in the national competition. Singh had reached the finals of English Age Group Championship and British Open Water Championship back in England but opted not to take part in it and instead fly to Nepal for the national competition.

Meanwhile, FINA (International Swimming Federation), the regulatory body for administering international competition in water sports, has no such regulation and allows athletes to participate in any events they wish to, even in the Olympics.

Katie Ledecky of the United States had won six medals at the World Swimming Championships that was held on July 30 in Hungary and legendary swimmer Michael Phelps also had won eight gold medals in the Beijing Olympics.

Likewise, in Nepal Karishma Karki had secured 12 gold medals in the 5th edition of national championships and and Shirish Gurung had claimed 14 gold medals in the 7th National Swimming Championships.

Similarly, Singh, during the 19th edition of the national swimming competition had won 8 gold and 1 silver medals along with national record in her belt at the age of 11 and on the 20th swimming championship she had won 6 gold medals.

Meanwhile, Paras Bahadur Singh, Gaurikas father, has said that they may be compelled to search for other options if NSA keeps on obstructing Gaurikas participation in national events.

Gaurika has achieved so much for the country in a small age, said Paras, For her (Gaurika) Nepal and swimming matters the most but if the association keeps on creating hurdles then we have to look for other options as well.

Published: 14-08-2017 13:34

Continued here:
NSA enforces regulation in bid to restrict Gaurka Singh's participation in multiple events - The Kathmandu Post

Former NSA Official Argues The Real Problem With Undisclosed Exploits Is Careless End Users – Techdirt

As leaked NSA software exploits have been redeployed to cause computer-based misery all over the world, the discussion about vulnerability disclosures has become louder. The argument for secrecy is based on the assumption that fighting an existential threat (terrorism, but likely also a variety of normal criminal behavior) outweighs concerns the general public might have about the security of their software/data/personal information. Plenty of recent real-world examples (hospital systems ransomed! etc.) do the arguing for those seeking expanded disclosure of vulnerabilities and exploits.

Former Deputy Director of the NSA Rick Ledgett appears on the pages of Lawfare to argue against disclosure, just as one would have gathered by reading his brief author bio. Ledgett's arguments, however, feel more like dodges. First off, Ledgett says the NSA shouldn't have to disclose every vulnerability/exploit it has in its arsenal, an argument very few on the other side of the issue are actually making. Then he says arguments against exploit hoarding "oversimplify" the issue.

The WannaCry and Petya malware, both of which are partially based on hacking tools allegedly developed by the National Security Agency, have revived calls for the U.S. government to release all vulnerabilities that it holds. Proponents argue that this would allow patches to be developed, which in turn would help ensure that networks are secure. On its face, this argument might seem to make sensebut it is a gross oversimplification of the problem, one that not only would not have the desired effect but that also would be dangerous.

At this point, you'd expect Ledgett to perform some de-simplification. Instead, the post detours for a bit to do some victim-blaming. It's not the NSA's fault if undisclosed exploits wreak worldwide havoc. It's the end users who are the problem -- the ones who (for various reasons) use outdated system software or don't keep current with patches. This isn't a good argument to make for the very reasons outlined in Ledgett's opening paragraph: software vendors can't patch flaws they're unaware of. This is where disclosure would help protect more users, even if it meant the loss of some surveillance intercepts.

Then Ledgett argues the NSA's leaked exploits weren't really the problem. If they hadn't been available, the malware purveyors just would have used something else.

The actors behind WannaCry and Petya, believed by some to be from North Korea and Russia, respectively, had specific goals when they unleashed their attacks. WannaCry seemed to be straightforward but poorly executed ransomware, while Petya appeared to have a more sinister, destructive purpose, especially in the early Ukraine-based infection vector. Those actors probably would have used whatever tools were available to achieve their goals; had those specific vulnerabilities not been known, they would have used others. The primary damage caused by Petya resulted from credential theft, not an exploit.

This is undoubtedly true. Bad actors use whatever tools help them achieve their ends. It's just that these specific cases -- the cases used by Ledgett to argue against increased disclosure -- were based on NSA exploits vendors hadn't been informed of yet. The patches that addressed more current vulnerabilities weren't issued until after the NSA told Microsoft about them, and it only did that because its toolset was no longer under its control.

Ledgett also points out that the NSA does better than most state entities in terms of disclosure:

Most of the vulnerabilities discovered by the U.S. government are disclosed, and at the National Security Agency the percentage of vulnerabilities disclosed to relevant companies has historically been over 90 percent. This is atypical, as most world governments do not disclose the vulnerabilities they find.

Maybe so, but there's not much honor than just being better than the worst governments. Ledgett only says the NSA is better than "most." This doesn't turn the NSA into a beacon of surveillance state forthrightness. All it does is place it above governments less concerned about the security and wellbeing of their citizens.

Ledgett then goes back to the well, claiming a) the two recent attacks had nothing to do with the NSA, and b) disclosing vulnerabilities would make the NSA less effective.

WannaCry and Petya exploited flaws in software that had either been corrected or superseded, on networks that had not been patched or updated, by actors operating illegally. The idea that these problems would be solved by the U.S. government disclosing any vulnerabilities in its possession is at best naive and at worst dangerous. Such disclosure would be tantamount to unilateral disarmament in an area where the U.S. cannot afford to be unarmed Neither our allies nor our adversaries would give away the vulnerabilities in their possession, and our doing so would probably cause those allies to seriously question our ability to be trusted with sensitive sources and methods.

The problem here is that Ledgett ignores the obvious: leaked NSA tools helped create the problem. The NSA never disclosed these vulnerabilities to affected software vendors -- at least not until it became obvious it could no longer keep these tools secret.

I'm guessing the NSA is already living through the last part of Ledgett's paragraph. A set of effective, still-undisclosed vulnerabilities being digitally spirited away and dumped into the public's lap probably makes it less likely foreign surveillance partners will be sharing their malware toolkits with the NSA.

This leads right into another argument against vulnerability hoarding: it has been shown with complete clarity that the NSA can't guarantee its exploits will never be used by criminals and malicious governments. The leak of its toolkit shows any suggestion that only the "good guys" will have access to undisclosed vulnerabilities is both ignorant and arrogant. The NSA isn't untouchable. Neither are all the surveillance partners the NSA has shared its tools with.

In the end, it's the private sector's fault, according to Ledgett. The solution is for vendors to write better software and end users to patch more frequently. This is good advice, but not an absolution of the NSA's vulnerability secrecy.

The NSA needs to do better balancing its needs and the security of the general public. Very few people are arguing the NSA should have zero undisclosed exploits. But the exploits dumped by the Shadow Brokers affected older versions of Microsoft system software dating back to Windows XP and they still weren't patched until the exploits had already been made public. These were exploits some in the NSA thought were too powerful, and yet, the NSA did nothing until the malware offspring of its secret exploit stash were taking down systems all over the world.

Read more:
Former NSA Official Argues The Real Problem With Undisclosed Exploits Is Careless End Users - Techdirt