Latest NSA Edward Snowden Documents / Slides / Leaks No Place To Hide

Most Recent Edward Snowden NSA LEAKS Access Here

 

NSA Edward Snowden Documents / Slides / Leaks No Place To Hide Documents, Glenn Greenwald

108 Pages. NSA plants backdoors and other spyware before these devices are shipped overseas.

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/3.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/4.jpg

FAIRVIEW

STORMBREW

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/6.jpgBLARNEY

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/7.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/8.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/9.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/10.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/5.jpg

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/partners/1.jpghttps://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/1.jpg

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/2.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/3.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/5.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/6.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/6.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/8.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/spying/9.jpg

BLACKPEARL, Private Networks

ORANGECRUSH SILVERZEPHYR (SZ) OAKSTAR

SSO

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/sso/1.jpg

10302021_10152009423115728_6935121413933226141_n (1)

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/1.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/2.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/4.jpg

https://i1.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/5.jpg

PROTON, Metadata collection and sharing expansion

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/6.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/7.jpg

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/8.jpg

https://i0.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/9.jpg

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/misc/10.jpg

The Threat Today

Collect it all. The basic strategy behind the massive efforts to monitor and control global communications via the sniff it, know it, collect it, process it, exploit it all techniques shared by the ‘Five Eyes’ partnership.

1238320_10152009426235728_4124713099438539093_nThe above image describes the NSA’s Strategic Partnerships with major telecommunication and network service providers, hardware platforms, operating systems, security hardware and software and system’s integration readily available to NSA operatives. Partnerships include over 80 major global corporations aligned with supporting NSA in their ‘Collect it All’  directive including Verizon, AT&T, Motorola, Intel, Microsoft, Verizon, IBM, EDS, Oracle, Cisco, Hewlett Packard, Qualcom, and Oracle.

10294256_10152009428020728_1600785913702117463_n

Leveraging unique key corporate partnerships allows NSA to gain access to high-capacity international fiber-optic cables, switches and/or routers worldwide. The vast partnerships enable the worldwide signals intelligence data collection conducted, listed as cooperative large access points. With covert and clandestine interception points this makes up the 20 fiber-optic cable access programs often appearing at entry or exit points to entire nations of data.

The slide below informs of the 50,000 worldwide data interception implants. It shows five types of data collection, called “Classes of Accesses”. These correspond to the organizational channels through which NSA gathers its intelligence:

3rd Party Liaison – Intelligence sharing with foreign agencies
– REGIONAL – SCS units, a joint venture between NSA and CIA
– CNE – Computer Network Exploitation – TAO division
– LARGE CABLE – NSA’s Special Source Operations (SSO) division
– FORNSAT – Foreign Satellite interception – Global Access Operations (GAO) division

10271492_10152009449590728_433286583110964716_nApproved SIGINT or signals intelligence partnerships listed in the new releases include the “five eyes” alliance of the US, Australia, Canada, New Zealand and the UK. Also listed is a long list of Third Party partnerships (Third Party Liasons from above slide) as well as Coalitions with AFSC, NATO, SSEUR (SIGINT Seniors Europe) and SSPAC (SIGINT Seniors Pacific).

10322606_10152009452310728_6718226436352069948_n

10329033_10152009424140728_8836759076408518299_nPartnerships come with a price-tag.

The NSA (american taxpayers) Paid GCHQ £22.9m in 2009. In 2010 the NSA’s contribution increased to £39.9m, which included £4m to support GCHQ’s work for NATO forces in Afghanistan, and £17.2m for the agency’s Mastering the Internet project, which gathers and stores vast amounts of “raw” information ready for analysis. The NSA also paid £15.5m towards redevelopments at GCHQ‘s sister site in Bude, north Cornwall, which intercepts communications from the transatlantic fiber optic cables that carry internet traffic.

In 2011/12 the NSA paid another £34.7m to GCHQ.  The chart below for calendar year 2012 details payments made to about a dozen other nations with Pakistan topping the charts at 2,600,000 USD followed by Jordon with 1,200,000 and Ethiopia at just under half a million.

10246765_10152009453030728_1228289443530629823_n13 May 2014.

https://i0.wp.com/nsa.gov1.info/dni/boundlessinformant/poland.jpg

https://i0.wp.com/nsa.gov1.info/dni/boundlessinformant/boundless-informant-fairview.JPG

https://i2.wp.com/nsa.gov1.info/dni/boundlessinformant/boundless-informant-sso.JPG

https://i0.wp.com/nsa.gov1.info/dni/xkeyscore/advanced-plugins.jpg

https://i0.wp.com/nsa.gov1.info/dni/xkeyscore/creating-email-address-queries.jpg

https://i0.wp.com/nsa.gov1.info/dni/xkeyscore/advanced-plugins.jpg

https://i0.wp.com/nsa.gov1.info/dni/xkeyscore/why-interested-http.jpg

https://i0.wp.com/nsa.gov1.info/dni/xkeyscore/http-activity-search.jpg

https://i2.wp.com/nsa.gov1.info/dni/xkeyscore/http-activity-search-example.jpg

https://i1.wp.com/nsa.gov1.info/dni/xkeyscore/user-activity-query.jpg

https://i1.wp.com/nsa.gov1.info/dni/xkeyscore/osn-intelligence.jpg

https://i0.wp.com/nsa.gov1.info/dni/prism-slides/prism-unique-selectors.jpg

https://i1.wp.com/nsa.gov1.info/dni/prism-slides/week-in-life-prism.jpg

The information comes, as always, from the batch of files that Edward Snowden provided the journalist with last year. Once more, it should be pointed out just how ironic it is that the United States government accused the Chinese government a couple of years ago of doing exactly this thing with Huawei and ZTE.

As a matter of fact, the government’s attack on the Chinese manufacturers were so violent that eventually Huawei decided to take a step back and abandon the US market. Ren Zhengfei, founder and CEO of Huawei, said in November last year that it wasn’t worth the trouble if the company’s presence in the United States caused trouble for the relationship between the US and China.

And while the American market was short of one big provider, the rest of the world should be avoiding the “Made in the USA” label for a range of products. Greenwald cites a June 2010 report from the chief of the NSA’s Access and Target Development department which indicates just how the NSA was fiddling with the tech shipments.

In the file, it is revealed that the NSA routinely receives or intercepts routers, servers and other computer networking devices that are being exported from the United States before they are delivered to the international customers.

The agency implants the spying tools, repackages the devices with a factory seal and sends them on their way.

“In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. The call back provided us access to further exploit the device and survey the network,” the file reads, explaining just how the NSA conducts business.

So while the US is pointing fingers across borders, it’s clear that it is doing the same thing that it is accusing others of.

While it’s not exactly safe to say that the Chinese aren’t doing their own snooping through such methods, products coming from the United States may be even more dangerous. Of course, no one can tell just how many devices are affected or from what manufacturers.

NSA leak story breaker Glenn Greenwald claims the U.S.-based National Security Agency actually intercepts and alters routers and server hardware exported from the U.S. to implant them with surveillance tools to facilitate spying on international users. The source of the report is a June 2010 document from the NSA’s Access and Target Development department, which outlines the program in detail. Now, the NSA has responded with two official statements addressing the fresh accusations.

These devices, which are either received or intercepted by the NSA in the course of their export, could include routers, servers and “other computer network devices.” The agency is said to open them, implant beacons and other backdoor surveillance tools, and then repackage them complete with factory seals before sending them on to their final destination.

If accurate, the report is especially damning because the U.S. government has, in the past, suggested that China-made network equipment has been intercepted and altered in exactly the same way. This has been used as grounds for encouraging U.S.-based firms to stick with hardware made by American-controlled companies, and to avoid network equipment built by Chinese corporations, including but not limited to Huawei and ZTE.

When contacted for comment, the NSA provided the following statements about these fresh allegations via email:

As we have said before, the U.S. technology industry builds the most secure hardware and software in the world today. NSA relies on these products to help protect our nation’s most sensitive information and, over the past decade, has turned to commercial technology to replace government-built technology. Given its own reliance on many of the very same technologies that the public uses, the U.S. Government is as concerned as the public is with the security of these products. While we cannot comment on specific, alleged intelligence-gathering activities, NSA’s interest in any given technology is driven by the use of that technology by foreign intelligence targets. The United States pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected.

 

and:

As we have previously said, the implication that NSA’s foreign intelligence collection is arbitrary and unconstrained is false. NSA’s activities are focused and specifically deployed against – and only against – valid foreign intelligence targets in response to intelligence requirements. We are not going to comment on specific, alleged foreign intelligence activities. Public release of purportedly classified material about U.S. intelligence collection systems, without context, further confuses an important issue for the country and jeopardizes human life as well as national security sources and methods.

US and UK spy agencies defeat internet privacy and security

• NSA and GCHQ unlock encryption used to protect emails, banking and medical records
• $250m-a-year US program works covertly with tech companies to insert weaknesses into products
• Security experts say programs ‘undermine the fabric of the internet’

• A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made “vast amounts” of data collected through internet cable taps newly “exploitable”.

• The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.

• The secrecy of their capabilities against encryption is closely guarded, with analysts warned: “Do not ask about or speculate on sources or methods.”

• The NSA describes strong decryption programs as the “price of admission for the US to maintain unrestricted access to and use of cyberspace”.

• A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.

NSA diagram This network diagram, from a GCHQ pilot program, shows how the agency proposed a system to identify encrypted traffic from its internet cable-tapping programs and decrypt what it could in near-real time. Photograph: Guardian

The agencies insist that the ability to defeat encryption is vital to their core missions of counter-terrorism and foreign intelligence gathering.

But security experts accused them of attacking the internet itself and the privacy of all users. “Cryptography forms the basis for trust online,” said Bruce Schneier, an encryption specialist and fellow at Harvard’s Berkman Center for Internet and Society. “By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet.” Classified briefings between the agencies celebrate their success at “defeating network security and privacy”.

“For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies,” stated a 2010 GCHQ document. “Vast amounts of encrypted internet data which have up till now been discarded are now exploitable.”

An internal agency memo noted that among British analysts shown a presentation on the NSA‘s progress: “Those not already briefed were gobsmacked!”

The breakthrough, which was not described in detail in the documents, meant the intelligence agencies were able to monitor “large amounts” of data flowing through the world’s fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government.

The key component of the NSA‘s battle against encryption, its collaboration with technology companies, is detailed in the US intelligence community’s top-secret 2013 budget request under the heading “Sigint [signals intelligence] enabling”.

NSA Bullrun 1 Classified briefings between the NSA and GCHQ celebrate their success at ‘defeating network security and privacy’. Photograph: Guardian

Funding for the program – $254.9m for this year – dwarfs that of the Prism program, which operates at a cost of $20m a year, according to previous NSA documents. Since 2011, the total spending on Sigint enabling has topped $800m. The program “actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs”, the document states. None of the companies involved in such partnerships are named; these details are guarded by still higher levels of classification.

Among other things, the program is designed to “insert vulnerabilities into commercial encryption systems”. These would be known to the NSA, but to no one else, including ordinary customers, who are tellingly referred to in the document as “adversaries”.

“These design changes make the systems in question exploitable through Sigint collection … with foreknowledge of the modification. To the consumer and other adversaries, however, the systems’ security remains intact.”

The document sets out in clear terms the program’s broad aims, including making commercial encryption software “more tractable” to NSA attacks by “shaping” the worldwide marketplace and continuing efforts to break into the encryption used by the next generation of 4G phones.

Among the specific accomplishments for 2013, the NSA expects the program to obtain access to “data flowing through a hub for a major communications provider” and to a “major internet peer-to-peer voice and text communications system”.

Technology companies maintain that they work with the intelligence agencies only when legally compelled to do so. The Guardian has previously reported that Microsoft co-operated with the NSA to circumvent encryption on the Outlook.com email and chat services. The company insisted that it was obliged to comply with “existing or future lawful demands” when designing its products.

The documents show that the agency has already achieved another of the goals laid out in the budget request: to influence the international standards upon which encryption systems rely.

Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.

“Eventually, NSA became the sole editor,” the document states.

The NSA‘s codeword for its decryption program, Bullrun, is taken from a major battle of the American civil war. Its British counterpart, Edgehill, is named after the first major engagement of the English civil war, more than 200 years earlier.

A classification guide for NSA employees and contractors on Bullrun outlines in broad terms its goals.

“Project Bullrun deals with NSA‘s abilities to defeat the encryption used in specific network communication technologies. Bullrun involves multiple sources, all of which are extremely sensitive.” The document reveals that the agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer (SSL), used to protect online shopping and banking.

The document also shows that the NSA’s Commercial Solutions Center, ostensibly the body through which technology companies can have their security products assessed and presented to prospective government buyers, has another, more clandestine role.

It is used by the NSA to “to leverage sensitive, co-operative relationships with specific industry partners” to insert vulnerabilities into security products. Operatives were warned that this information must be kept top secret “at a minimum”.

A more general NSA classification guide reveals more detail on the agency’s deep partnerships with industry, and its ability to modify products. It cautions analysts that two facts must remain top secret: that NSA makes modifications to commercial encryption software and devices “to make them exploitable”, and that NSA “obtains cryptographic details of commercial cryptographic information security systems through industry relationships”.

The agencies have not yet cracked all encryption technologies, however, the documents suggest. Snowden appeared to confirm this during a live Q&A with Guardian readers in June. “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on,” he said before warning that NSA can frequently find ways around it as a result of weak security on the computers at either end of the communication.

The documents are scattered with warnings over the importance of maintaining absolute secrecy around decryption capabilities.

NSA Bullrun 2 A slide showing that the secrecy of the agencies’ capabilities against encryption is closely guarded. Photograph: Guardian

Strict guidelines were laid down at the GCHQ complex in Cheltenham, Gloucestershire, on how to discuss projects relating to decryption. Analysts were instructed: “Do not ask about or speculate on sources or methods underpinning Bullrun.” This informaton was so closely guarded, according to one document, that even those with access to aspects of the program were warned: “There will be no ‘need to know’.”

The agencies were supposed to be “selective in which contractors are given exposure to this information”, but it was ultimately seen by Snowden, one of 850,000 people in the US with top-secret clearance.A 2009 GCHQ document spells out the significant potential consequences of any leaks, including “damage to industry relationships”.

“Loss of confidence in our ability to adhere to confidentiality agreements would lead to loss of access to proprietary information that can save time when developing new capability,” intelligence workers were told. Somewhat less important to GCHQ was the public’s trust which was marked as a moderate risk, the document stated.

“Some exploitable products are used by the general public; some exploitable weaknesses are well known eg possibility of recovering poorly chosen passwords,” it said. “Knowledge that GCHQ exploits these products and the scale of our capability would raise public awareness generating unwelcome publicity for us and our political masters.”

The decryption effort is particularly important to GCHQ. Its strategic advantage from its Tempora program – direct taps on transatlantic fibre-optic cables of major telecommunications corporations – was in danger of eroding as more and more big internet companies encrypted their traffic, responding to customer demands for guaranteed privacy.

Without attention, the 2010 GCHQ document warned, the UK’s “Sigint utility will degrade as information flows changes, new applications are developed (and deployed) at pace and widespread encryption becomes more commonplace.” Documents show that Edgehill‘s initial aim was to decode the encrypted traffic certified by three major (unnamed) internet companies and 30 types of Virtual Private Network (VPN) – used by businesses to provide secure remote access to their systems. By 2015, GCHQ hoped to have cracked the codes used by 15 major internet companies, and 300 VPNs.

Another program, codenamed Cheesy Name, was aimed at singling out encryption keys, known as ‘certificates’, that might be vulnerable to being cracked by GCHQ supercomputers.

Analysts on the Edgehill project were working on ways into the networks of major webmail providers as part of the decryption project. A quarterly update from 2012 notes the project’s team “continue to work on understanding” the big four communication providers, named in the document as Hotmail, Google, Yahoo and Facebook, adding “work has predominantly been focused this quarter on Google due to new access opportunities being developed”.

To help secure an insider advantage, GCHQ also established a Humint Operations Team (HOT). Humint, short for “human intelligence” refers to information gleaned directly from sources or undercover agents.

This GCHQ team was, according to an internal document, “responsible for identifying, recruiting and running covert agents in the global telecommunications industry.”

“This enables GCHQ to tackle some of its most challenging targets,” the report said. The efforts made by the NSA and GCHQ against encryption technologies may have negative consequences for all internet users, experts warn.

“Backdoors are fundamentally in conflict with good security,” said Christopher Soghoian, principal technologist and senior policy analyst at the American Civil Liberties Union. “Backdoors expose all users of a backdoored system, not just intelligence agency targets, to heightened risk of data compromise.” This is because the insertion of backdoors in a software product, particularly those that can be used to obtain unencrypted user communications or data, significantly increases the difficulty of designing a secure product.”

This was a view echoed in a recent paper by Stephanie Pell, a former prosecutor at the US Department of Justice and non-resident fellow at the Center for Internet and Security at Stanford Law School.

“[An] encrypted communications system with a lawful interception back door is far more likely to result in the catastrophic loss of communications confidentiality than a system that never has access to the unencrypted communications of its users,” she states.

Intelligence officials asked the Guardian, New York Times and ProPublica not to publish this article, saying that it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read.

The three organisations removed some specific facts but decided to publish the story because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of internet users in the US and worldwide.

1. Back Doors Could Be Abused By Others.

The most recently published leaks suggest that the NSA has built back doors into well-known technology products including CryptoAG, Lotus Notes, and possibly Windows, and purposefully weakened encryption standards. “It’s probably just a coincidence that Intel has a crypto random number generator called Bull Mountain,” tweeted Jeffrey Carr, CEO of network defense firm Taia Global, referring to Intel’s random number generator Bull Mountain, which of course bears a passing resemblance to the name of the NSA’s Bullrun decryption program.

But what’s to stop foreign intelligence agencies, criminal gangs or unscrupulous business rivals from finding and tapping the product back doors or cryptographic weaknesses designed by the NSA? In fact, Pro Publica, which bills itself as a “non-profit newsroom,” said that it had chosen to publish the recent information on the NSA’s capabilities precisely because of such questions.

“The potential for abuse of such extraordinary capabilities for surveillance, including for political purposes, is considerable,” it said. “The government insists it has put in place checks and balances to limit misuses of this technology. But the question of whether they are effective is far from resolved and is an issue that can only be debated by the people and their elected representatives if the basic facts are revealed.”

2. Press Reports Omitted Crucial Details.

None of last week’s press reports included details from the leaked documents pertaining to precisely which products the NSA might have had back doors added, or which encryption algorithms the agency might have weakened. “I wish we knew more, there isn’t enough detail in what’s been released to really pin down what we’re dealing with,” said security researcher and encryption expert Adam Caudill via email. “We know the NSA has attacks — we just don’t know on what, specifically. Most of the things mentioned are systems with many components, not just single algorithms. Without knowing what algorithms, we are left to guess, and speculation can be dangerous.”

3. NSA Documents Suggest Crypto Really Works.

Despite the NSA’s capabilities, it isn’t omniscient or “magical,” and in fact faces some real-world encryption challenges, said Bruce Schneier, chief security technology officer of BT, writing in Friday’s Guardian. Schneier revealed that for the past two weeks, he’s been helping the Guardian review hundreds of top-secret NSA documents that were leaked by whistleblower Edward Snowden.

“How do you communicate securely against such an adversary?” said Schneier. “Snowden said it in an online Q&A soon after he made his first document public: ‘Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.'”

“The crypto is good. It’s one of the few things we can rely on,” echoed Jon Callas, CTO of Silent Circle and previously a co-founder of PGP, via email. “Snowden said that himself. It’s the rest of the systems that need careful examination.”

Some of the NSA’s most recently revealed operating techniques likewise suggest that encryption still provides protection. “I am sure we’d all like to know more technical details about the weaknesses in the widely deployed ciphers and other algorithms, if there are any and especially if they are serious,” said encryption expert Ivan Ristic, director of engineering at Qualys, via email. “But, actually, I don’t think that’s what is really important. First, we now understand the extent at which the NSA is working to bypass encryption, rather than attack it. I think that’s very telling; we can conclude that encryption — if implemented properly — works as designed.”

4. Networks Are More Vulnerable Than Endpoints.

Another takeaway from the recent NSA revelations is that some types of eavesdropping employed by the agency require proportionally greater resources, and are thus less likely to be used on a regular basis. “The primary way the NSA eavesdrops on Internet communications is in the network. That’s where their capabilities best scale. They have invested in enormous programs to automatically collect and analyze network traffic,” said Schneier. “Anything that requires them to attack individual endpoint computers is significantly more costly and risky for them, and they will do those things carefully and sparingly.”

As that suggests, network infrastructure remains an especial weak point. “The NSA also attacks network devices directly: routers, switches, firewalls, etc. Most of these devices have surveillance capabilities already built in; the trick is to surreptitiously turn them on,” said Schneier. “This is an especially fruitful avenue of attack; routers are updated less frequently, tend not to have security software installed on them, and are generally ignored as a vulnerability.”

5. Embrace Well-Vetted Open-Source Tools.

People can protect themselves against casual NSA surveillance, but it’s going to require more work. “I still believe that those that are willing to put some effort into maintaining their privacy can, though the level of effort has certainly increased over what I thought it was,” Caudill said. “Precautions that I would have called paranoid and excessive today seem reasonable. Not everything can be hidden, of course, and especially not if you are singled out — but there are still ways to protect yourself — at least I hope that’s true.”

One strategy for defending against the NSA’s digital dragnet is to tap well-regarded — and thoroughly reviewed — open source tools. “Clearly, this is a big affirmation of the importance of open source, and openness in general,” said Qualys’ Ristic. “Who’s going to want to rely on proprietary software in the future? That would make no sense, given that government agencies are going to keep on doing what they were always been doing.”

Furthermore, many security experts believe that open-source tools will provide people with their most reliable source of an application they can trust that implements an encryption algorithm that’s known to be tough or impossible to break.

6. Complete NSA Resistance Is Futile.

But there’s a caveat to that advice: the NSA can still eavesdrop on high-value targets, no matter what they do. Indeed, Schneier said that the NSA’s TAO – Tailored Access Operations – group, which is charged with hacking into endpoints, has an array of tools which are almost impossible, even for trained security professionals, to find. “Your antivirus software won’t detect them, and you’d have trouble finding them even if you knew where to look. These are hacker tools designed by hackers with an essentially unlimited budget,” said Schneier. “What I took away from reading the Snowden documents was that if the NSA wants in to your computer, it’s in. Period.”

7. Foreign Businesses Will Think Twice About U.S. Goods, Cloud.

Will reports that the NSA has added back doors to equipment and software sold by U.S. technology firms lead businesses in other countries to avoid buying from American manufacturers? “I think it’ll have a detrimental effect on both foreign and U.S. businesses when considering using U.S. products and services that may have been compromised by the NSA,” said Taia Global’s Carr via email.

Callas echoed that assessment, saying that the revelations would “undoubtedly” have an effect. Then again, the NSA isn’t the only intelligence agency in the world, and when it comes to building back doors into commercial equipment, “we know that other countries are doing it, too,” he said.

As a result, Ristic predicts all security vendors will face some bigger questions from their customers, as well as a push for carefully vetted open-source alternatives. “This is a big blow to the security industry, the cloud, and the IT industry in general; especially for the companies headquartered in the U.S.,” he said. “Nothing’s going to change over night, but we should expect to see big movement of data and services in the following months and years.”

The files, from both the NSA and GCHQ, were obtained by the Guardian, and the details are being published in partnership with the New York Times and ProPublica

https://i2.wp.com/nsa.gov1.info/dni/2014/no-place-to-hide/nsa-prism-message-board.jpgAmong the documents are a cluster relating to New Zealand which show:

* our GCSB spies were shown instructional slides on how to operate the X-Keyscore surveillance program which trawls mass harvested email addresses, phone numbers, online chat, web-based email and attachments sent;

* they were privy to diplomatic espionage by other Five Eyes partners, including spying which was Canadian spies capturing the emails, text messages and phone calls between the Brazilian president and her aides;

* they were briefed on the NSA’s efforts to deliberately put backdoors into private companies’ computer networks;

* and the were given access to a program called “Homing Pigeon” which allowed in-air communications on passenger jets to be monitored.

Canada spies for the U.S. National Security Agency (NSA) and covers up its surveillance with widespread lies and obfuscation

Greenwald writes that Communications Security Establishment Canada boasted of targeting the Brazilian Ministry of Mines and Energy, and accuses the NSA of massive surveillance of its own citizens.

“The hacking practice is quite widespread in its own right: one NSA document indicates that the agency had succeeded in infecting at least fifty thousand individual computers with a type of malware called Quantum insertion,”

writes Greenwald “There is evidence of widespread CSEC/NSA co-operation, including Canada’s efforts to set up spying posts for communications surveillance around the world at the behest and for the benefit of the NSA, and spying on trading partners targeted by the U.S. agency.”“the NSA often maintains these partnerships by paying its partner to develop certain technologies and engage in surveillance, and can thus direct how the spying is carried out. The Fiscal Year 2012 ‘Foreign Partner Review’ reveals numerous countries that have received such payment, including Canada, Israel, Japan, Jordan, Pakistan, Taiwan and Thailand.”

In 2012, Canada took at least $325,000 in research money, placing it fourth among co-operating countries, behind Pakistan, Jordan and Ethiopia, Greenwald writes.

He quotes from an April 2010 message from Snowden to the journalists he sent documents: “The U.S. government, in conspiracy with client states, chiefest among them the (other members of the) Five Eyes — the United Kingdom, Canada, Australia, and New Zealand — have inflicted upon the world a system of secret, pervasive surveillance from which there is no refuge. They protect their domestic systems from the oversight of citizenry through classification and lies, and shield themselves from outrage in the event of leaks by overemphasizing limited protections they choose to grant the governed.”

Australia’s intelligence agency asked for more help from its US counterparts to increase surveillance on Australians suspected of involvement in international extremist activities.

Documents from the US National Security Agency, published by Glenn Greenwald on Tuesday in his book No Place to Hide: Edward Snowden, the NSA and the Surveillance State, reveal new details of Australia’s close relationship with the US spy agency.

In an extract on 21 February 2011 from the acting deputy director of Australia’s Defence Signals Directorate, which has since been re-named the Australian Signals Directorate (ASD), the director pleads for additional surveillance on Australians.

My sole motive is to inform the public as to that which is done in their name and that which is done against them. The U.S. government, in conspiracy with client states, chiefest among them the Five Eyes—the United Kingdom, Canada, Australia, and New Zealand—have inflicted upon the world a system of secret, pervasive surveillance from which there is no refuge. They protect their domestic systems from the oversight of citizenry through classification and lies, and shield themselves from outrage in the event of leaks by overemphasizing limited protections they choose to grant the governed. . . .

The enclosed documents are real and original, and are offered to provide an understanding of how the global, passive surveillance system works so that protections against it may be developed. On the day of this writing, all new communications records that can be ingested and catalogued by this system are intended to be held for [] years, and new “Massive Data Repositories” (or euphemistically “Mission” Data Repositories) are being built and deployed worldwide, with the largest at the new data center in Utah. While I pray that public awareness and debate will lead to reform, bear in mind that the policies of men change in time, and even the Constitution is subverted when the appetites of power demand it. In words from history: Let us speak no more of faith in man, but bind him down from mischief by the chains of cryptography.

Edward Snowden

ASPHALT; ARTIFICE; HOMINGPIGEON; TARMAC; THIEVINGMAGPIE; WOLFPOINT; WORDGOPHER

Most Recent Edward Snowden NSA LEAKS Access Here

 

View all Boundless Informant documents released to date

View all Xkeyscore documents released to date

View all PRISM documents released to date

See Also

New Edward Snowden NSA Leaks, GHOSTMACHINE, PRISM Olympic Option, Identifier Lead Triage With Echobase, GCHQ’s Request for NSA Data, Norway’s NIS Supercomputer Surveillance

New Ed Snowden NSA Leaks Target Knowledge Database” (TKB) Marina, Nymrod, & List of SIGAD Designations Surveillance 3/29/2014

New Snowden Leaks 3/20/14 – 3/23/14 Email Spying Program, NSA Targets, Hacking System Administrators, Orange

Snowden Leaks MYSTIC NSA Surveillance System 3/18/14

Stop NSA Spies : Ways How To Since Snowden Leaks

 

Sources:  http://techcrunch.com/2014/05/13/nsa-reportedly-intercepts-and-alters-routers-and-servers-exported-from-u-s-to-facilitate-surveillance/?ncid=rss , http://news.softpedia.com/news/NSA-Bugs-Routers-Other-Network-Tools-Before-They-Ship-Out-of-US-441871.shtml , http://www.darkreading.com/risk-management/nsa-crypto-revelations-7-issues-to-watch/d/d-id/1111464?page_number=1 , http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security , http://revolution-news.com/strategic-partnerships-new-snowden-leaks-revealed-with-greenwalds-book-release/ , http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11254935 , http://www.thestar.com/news/canada/2014/05/13/canada_actively_spies_for_nsa_new_book_says.html , http://www.theguardian.com/world/2014/may/13/australia-americans-help-spy-terror-suspects

Advertisements

5 thoughts on “Latest NSA Edward Snowden Documents / Slides / Leaks No Place To Hide

  1. Pingback: NSA Leak: Spying on Bahamas, Mexico, Kenya, the Philippines, and [Redacted] SOMALGET, MYSTIC | usnewsghost

  2. Pingback: NSA Leaks Edward Snowden, Documents | PicNews

  3. Pingback: Recent Top News, GMOs, Edward Snowden, Ukraine, Science, Internet, Bitcoin | PicNews

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s