Number of federal wiretaps rose 71 percent in 2012

The number of wiretaps secured in federal criminal investigations jumped 71 percent in 2012 over the previous year, according to newly released figures.

Federal courts authorized 1,354 interception orders for wire, oral and electronic communications, up from 792 the previous year, according to the figures, released Friday by the Administrative Office of the United States Courts. There was a 5 percent increase in state and local use of wiretaps in the same period. (more)

Read More

Stealth Wear for the Reg Blank in All of Us

The Tin Foil Hat folks have upgraded for the 21st Century. 
New types of stealth clothing are being developed. 
They thwart video and infrared surveillance techniques.  

Here is a brief rundown...


Stealth sunglasses.

 







Stealth handbag.


Stealth cap.

 
Stealth clothing.



TV Hat (More for video viewing rather than video stealth, but worth a peek :)

"What's a Reg Blank?" I hear you say... 
Reg is a "blank", a person not indexed in the government's database. (more) (video)
He sez... "All day every day, making tomorrow seem like yesterday."

Need a Tin Foil Hat to go with all your new anti-there gear? Check here.

Read More

New Video Game Steeped in Surveillance, Wiretapping and SpyCaming

One of several surveillance-related games at E3, "Watch Dogs" casts players as Aiden Pearce, a vigilante who can tap into security cameras and listen in on phone calls across a virtual rendition of an automated Chicago...

The timing of "Watch Dogs" is remarkable in light of recent revelations about the National Security Agency's controversial data-collection programs. They were revealed in media stories by The Guardian and The Washington Post, leaked by former NSA contractor Edward Snowden. 

Is "Watch Dogs" a case of a video game imitating life — or the other way around? (more)

Read More

SpyCam in Restaurant Can - "Don't like it? Don't go to the restroom!"

A visit to a restroom is usually a private thing but some customers at a Texas restaurant say that’s not the case. This comes after one man discovered a security camera in the restroom of Wolfie’s restaurant in Lake Conroe.

It’s not the place you’d expect to be under surveillance but the management says it’s for safety. The cameras are high up above the door so customers do not see them until they are about to exit.

There is a sign posted in the hallway stating the reason for the cameras but legal experts say it should not be done.

Management was asked about the tactic and they say it’s because some customers have destroyed property.

They also said if patrons do not like the cameras they do not have to go to the restroom. (more)

Read More

Spybusters Tip #543 - On "High Tech" Car Burglars

The news media is overflowing with reports of "High Tech" car burglars. They appear to be opening locked cars while holding a "black box" which "has police all over the nation stumped as to how it works."

Here, at the Spybusters Countermeasures Compound, we believe the black box is nothing more than a radio signal jammer. 

The thief is nearby when the person locks their car using a wireless fob. They interfere with the locking signal and the car never really locks. Once the owner walks away, they strike.

Spybusters Tip #543: When locking your car, make sure you test that it is really locked before walking way. This is especially important if you see anyone nearby. (sing-a-long)

Read More

Undercover Video Checks Government Waste

Undercover video shot in May by a conservative activist shows two corporate distributors of free cell phones handing out the mobile devices to people who have promised to sell them for drug money, to buy shoes and handbags, to pay off their bills, or just for extra spending cash.

The 'Obama phone,' which made its ignominious YouTube debut outside a Cleveland, Ohio presidential campaign event last September, is a project of the Federal Communications Commission's 'Lifeline' program, which makes land line and mobile phones available to Americans who meet low-income requirements. Lifeline was a $2.19 billion program in 2012. (more)

Read More

Angelina Jolie Stunt Double's Wiretapping Lawsuit

Eunice Huthart, who says she worked as a stunt double for Angelina Jolie, has filed a lawsuit against News Corp. for intercepting her voice-mail messages. 

The complaint was filed in California last week and is believed to be the first claim brought by a victim in the U.S. over the ongoing hacking scandal that has been haunting Rupert Murdoch's company.

Several thousands of people have been identified as phone hacking victims and News Corp. has already paid out hundreds of millions of dollars in settlement money. (more) (lawsuit)

Read More

Google Chrome Camera-Microphone Hijack Trick

An issue, previously fixed by Adobe in October 2011, has reappeared in Google Chrome and allows attackers to take control of webcams and microphones from Flash content. At its heart the problem is an old one: click-jacking.

The trick places a transparent Flash animation panel over an image and then makes the permissions dialog for accessing the webcam and microphone appear. All that is then needed is to convince the user to click on the right part of the image. In security consultant Egor Homakov's proof of concept this is done by using an image which suggests a possibly risque video is available for viewing and placing the play button where the "OK" button on the permissions dialog has been positioned. (more)

Read More

Amazon Has Everything... Even CIA Documents Soon

You can now add “spymaster” to Amazon CEO Jeff Bezos’s various titles. On Friday June 14, a US Government Accountability Office (GAO) report elaborated on previous reports that Amazon had won a $600 million contract to build a “private cloud” for the CIA...[on their employment site,] Amazon is looking for engineers who already have a “Top Secret / Sensitive Compartmented Information” clearance, or are willing to go through the elaborate screening process required to get it. TS/SCI is the highest security clearance offered by the US government, and getting it requires having your background thoroughly vetted. (more)

I know what's going on my "Wish List". ~Kevin

Read More

Run Your Own NSA with Your Old Phones and iOS Apps

Odds are, sometimes you wish you could check in on what’s happening around your home from your phone. Problem is, unless you regularly take a dip in your Scrooge McDuck money pool, decent remote-viewable camera technology is still an unaffordable luxury for most. It’s a premium feature for many alarm companies, even though the tech behind it is pretty old, and the prices on warehouse-store offerings can be steep.  

People Power’s Presence and Appologics’ Airbeam apps serve roughly the same purpose: repurposing iOS devices you already own into always-connected cameras that you can check in with anywhere. While similar on the surface, the underpinnings of the two apps are very different. We’ll shed some light on why this matters so you can decide which is right for you. (more)

Read More

Is PRISM just a not-so-secret web tool?

(Updated with an infographic on June 30, 2013)

Since The Guardian first published about the PRISM data collection program on June 6, there have been new disclosures of top secret documents almost every day, resulting in some fierce protests against apparently illegal wiretapping by the NSA and GCHQ. However, it remains unclear what PRISM actually is or does, as The Guardian didn't provide any new details or disclosed more than 5 of the 41 presentation slides about the program.

This makes it hard to determine whether PRISM really is the illegal or at least embarrassing program which most people now think it is. Especially, because it could even be the hardly secret Planning tool for Resource Integration, Synchronization and Management (PRISM), which is a web-based tool to manage information requests widely used by the US military. Here we will take a closer look at this program and try to determine whether this could be the same as the PRISM revealed by The Guardian.

> See for the latest information:
PRISM as part of the BLARNEY program
New insights into the PRISM program

Planning tool for Resource Integration, Synchronization and Management

The earliest document which mentions the Planning tool for Resource Integration, Synchronization and Management (PRISM) is a paper (pdf) from July 2002, which was prepared by the MITRE Corporation Center for Integrated Intelligence Systems. The document describes the use of web browsers for military operations, the so-called "web-centric warfare", for which intelligence collection management programs were seen as the catalyst. These programs fuse battlefield intelligence information with the national data that they already possess, in order to provide a complete picture to their users.

PRISM was developed by SAIC (formerly Science Applications International Corporation, a company that was also involved in the 2002 TRAILBLAZER program for analyzing network data). The program was originally prototyped and fielded for the US European Command, but is also being used in other military operation areas such as Iraq. Involved in the establishment of PRISM was Ron Baham. His LinkedIn profile says that he currently is senior vice president and operations manager at SAIC and that he worked on CMMA PRISM at JDISS from 2000 - 2004, so PRISM might be developed somewhere between 2000 and early 2002.

On an older page of its website, SAIC says that the PRISM application allows theater users, in various functional roles and at different echelons, to synchronize Intelligence, Surveillance and Reconnaissance (ISR) requirements with current military operations and priorities. The application was first developed for use on JWICS, the highly secure intelligence community network, but is now also being used on SIPRNet, the secure internet used by the US military.

Screenshot of the PRISM Input Tool (EEI = Essential Elements of Intelligence)
source: GMTI Utility Analysis for Airborne Assets (pdf)

Other sources clarify that PRISM consists of a web-based interface which connects to PRISM servers, and that it's used by a variety of users, like intelligence collection managers at military headquarters, to request the intelligence information which is needed for operations. These requests are entered in the PRISM interface, which sends them to the PRISM server. From there the request goes to units which collect the raw data. These are processed into intelligence, which then becomes available through the PRISM server.

PRISM is able to manage and prioritize these intelligence collection requirements to ensure critical intelligence is timely available to the commander during crisis operations. The application integrates these requirements and, with other tools, generates the so called daily collection deck. PRISM also provides traceability throughout the so-called intelligence cycle, from planning through exploitation to production.

The PRISM application made by SAIC is still widely used. It's mentioned in joint operations manuals from 2012 and in quite a number of job descriptions, like this one from March 2013 for a systems administator in Doha, Qatar, which says that part of the job is providing on-site and off-site PRISM training and support. Also these US government spending data show that in 2011 a maintaince contract (worth $ 1.085.464,-) for PRISM support services was awarded to SAIC, with options for 2012 and 2013.


Are there two different PRISMs?

So now it looks like as if there are two different programs called PRISM: one is a web-based tool for requesting and managing intelligence information from a server that gets input from various intelligence sources. The other is the program from which The Guardian says it's a top secret electronic surveillance program that collects raw data from the servers of nine major US internet companies.

If the Guardian's claims are true, it's strange that two important intelligence programs apparently have the exact same name. For sure, this would not be very likely, if "PRISM" would be an acronym or a codeword in both cases. But if we assume one PRISM being an acronym and the other PRISM a codeword, it could be somewhat more likely.

As we know, the PRISM tool developed by SAIC is an acronym, just like the names of many other military and intelligence software tools are often lengthy acronyms. This leaves the PRISM which was unveiled by The Guardian likely to be a codeword, or more correctly said, a nickname. NSA data collection methods, officially designated by an alphanumerical SIGAD like US-984, can have nicknames which may or may not be classified.

These are different from codenames, which are always classified and often assigned to the intelligence products from the various data collection methods. This can cause some confusion, as "PRISM" perfectly fits in the NSA tradition of using 5-letter codewords for products of sensitive Signals Intelligence programs.

If PRISM had been a classified codename, it should also have been part of the classification line, and the marking should have read TOP SECRET // SI-PRISM // [...] instead of the current TOP SECRET // SI // [...]. This indicates that if there are two PRISMs, and one is an acronym, the other PRISM isn't a codeword for intelligence from a specific source, but most likely the unclassified nickname of a collection method.

This still leaves the question of why in 2007 an apparently new collection program got a nickname which is exactly the same as the acronym of an already widely used computer application - which is even going to be one of its tasking systems.


A less spectacular PRISM?

Allthough The Guardian presented PRISM as a method of directly collecting raw data from major internet companies, other sources say that PRISM might well be a much less spectacular internal computer program.

Initially, The Washington Post came with the same story as The Guardian, but revised some of its claims by citing a classified report from the NSA Inspector General that describes PRISM as allowing "collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations." These words very much resemble the way the PRISM Planning Tool is described.

National security reporter Marc Ambinder describes PRISM as "a kick-ass GUI (Graphical User Interface) that allows an analyst to look at, collate, monitor, and cross-check different data types provided to the NSA from Internet companies located inside the United States" - which also sounds much more like the SAIC application, than like a data dragnet with free access to commercial company servers.

This view was also confirmed by a statement (pdf) of Director of National Intelligence (DNI) James Clapper, which says: "PRISM is not an undisclosed collection or data mining program. It is an internal government computer system used to facilitate the government’s [...] collection of foreign intelligence information from electronic communication service providers [...]".

With this statement, Clapper officially confirms the existance of a program called PRISM, and allthough his description could also fit that of the Planning tool for Resource Integration, Synchronization and Management, he didn't positively identified PRISM as such.

Finally, an anonymous former government official told CNet.com that The Guardian's reports are "incorrect and appear to be based on a misreading of a leaked Powerpoint document", making journalist Declan McCullagh go one step further by suggesting that PRISM might be actually the same as the web application named Planning Tool for Resource Integration, Synchronization, and Management.


PRISM as an all-source planning tool

Some sources, like a joint operations manual and a number of job descriptions, seem to indicate that the PRISM planning tool is primarily used for geospational intelligence (GEOINT), which is analysed imagery of the earth as collected by spy planes and satellites.

However, more extensive research has shown that the Planning tool for Resource Integration, Synchronization and Management (PRISM) is not only used for geospatial intelligence, but for fusing intelligence from all sources. Besides GEOINT, sources prove that PRISM is also used for SIGINT (Signals Intelligence), IMINT (Imagery Intelligence) and HUMINT (Human Intelligence), probably through additional modules for each of these sources.

Even the 2006 Geospatial Intelligence Basic Doctrine (pdf) says PRISM is a "web-based application that provides users, at the theater level and below, with the ability to conduct Integrated Collection Management (ICM). Integrates all intelligence discipline assets with all theater requirements."
More specifically, the 2012 Joint and National Intelligence Support to Military Operations manual describes that where applicable, requests for SIGINT support should be entered into approved systems such as PRISM, for approval by a military commander.

In a job description for an Intelligence Training Instructor from 2010 we see a distinction being made between PRISM-IMINT and PRISM-SIGINT, and a LinkedIn profile mentions the IMINT/SIGINT PRISM training in 2006 of someone who was administrator for PRISM, which is described as the system of record USCENTCOM uses for submitting, tracking, and researching theater ISR requirements. In a job description for a SIGINT Collection Management Analyst (by Snowden-employer Booz Allen Hamilton!) experience with PRISM is required too.

Also a module was added to PRISM for accessing information from HUMINT (Human Intelligence) sources. Testing of this module was done during the Empire Challenge 2008 exercise. In the daily reports of this exercise we can read that for example the Defense Intelligence Agency's HUMINT team loaded "additional data into PRISM HUMINT module for operations on Tuesday morning". From a French report about this exercise we learn that the PRISM HUMINT module was a new application, just like the Humint Online Tasking & Reporting (HOT-R) tool, which runs on SIPRNet. This indicates that modules for different -INTs were added gradually in time.


Are both PRISMs one and the same?

If The Guardian's PRISM really is just a computer system for sending tasking instructions to equipment that collects the raw data, it is hard to believe that it's different from the Planning tool for Resource Integration, Synchronization and Management (PRISM), which for many years is used to order and manage intelligence from all sources.

If this could be true, and there's only one PRISM program, what about the slides which were disclosed by The Guardian? First of all, as this newspaper is not willing to publish all PRISM-slides, we cannot be sure about what this presentation is really about, but it's possible that it's not about a PRISM which is the nickname of the US-984XN collection method, but about how to gather material from that source by using the PRISM web tool. This way around, the SIGAD US-984XN can still deliver for most NSA reporting, including the President's Daily Brief.

More specific, we can think of a machine-to-machine interface between the PRISM system and dedicated data collection devices at remote locations, like a secure FTP server or an encrypted dropbox at sites of the internet companies. At the PRISM desktop interface this tasking may be done through a separate SIGINT module. As one of the slides says: "Complete list and details on PRISM web page: Go PRISMFAA" we can even imagine a module called "PRISM FAA" for requesting intelligence from intercepts of foreign communications under the conditions of the FISA Amendment Act (FAA) from 2008.

Infographic of the PRISM Planning Tool as part of the Intelligence Cycle,
with a possible way of how it could be the same as the
PRISM internet data collection program
(click for a bigger picture)

By publishing the PRISM slides, The Guardian for the first time revealed evidence about the NSA collecting data from major internet companies. But as this apparently surprised the general public, the practice is hardly new. Spies and later intelligence agencies of all countries have always tried to intercept foreign communications and of course tried to do this with every new way of communication: first letters, later phonecalls and radio communications, and nowadays internet based social media. Therefore, it may hardly come as a surprise that NSA found ways to intercept those new means of communications too.

What looks more of a problem, is the fact that in the past, enemies were nation states, which could be targeted by focussing on diplomatic and military communications, leaving most people's privacy untouched. Nowadays, with terrorism considered as the main enemy, almost every (foreign) citizen could be a potential adversary. This made intelligence agencies try to search everyone's communications, which are also more internationally intertwined than ever before.


Next time we will discuss more specific details of the Planning tool for Resource Integration, Synchronization and Management (PRISM), as this gives an interesting look at internal intelligence procedures.


Links

- TheWeek.com: Is the NSA PRISM leak much less than it seems?
- CNet.com: What is the NSA's PRISM program? (FAQ)
- CNet.com: No evidence of NSA's 'direct access' to tech companies
- VanityFair.com: PRISM Isn’t Data Mining and Other Falsehoods in the N.S.A. “Scandal”
- ExtremeTech.com: Making sense of the NSA Prism leak as the real details emerge
- Medium.com: The PRISM Details Matter
- Reflets.info: #PRISM: let’s have a look at the big picture
- VanityFair.com: PRISM Isn’t Data Mining and Other Falsehoods in the N.S.A. “Scandal”- Mashable.com: See How PRISM May Work — in This Infographic
- ZDNet.com: How did mainstream media get the NSA PRISM story so hopelessly wrong?

Read More

"You know, it's just a Toys-r-Us kind of thing."

The FBI employs drones in domestic surveillance operations, Director Robert Mueller revealed, but said they were used in a "very, very minimal way."

Mr Mueller, in Senate testimony on Wednesday, acknowledged for the first time that the Federal Bureau of Investigation uses "very few" drones in a limited capacity for surveillance.  (more)

Read More

FREE - BYOD Policy Guidebook

Bring Your Own Device (BYOD) Policy Guidebook 

This policy guidebook was created to help guide you through the questions to ask and provide some best practices to consider when establishing your own BYOD policies. 

Your employees want to use their own mobile devices for work. This represents a tremendous opportunity for you to extend the benefits of mobile technology to all employees. As more companies embrace the Bring Your Own Device (BYOD) model, many questions arise. 

Offered Free by: SAP  (more)

Read More

They Know Who You Are... and it ain't the NSA!

Many Internet advertisers rely on cookies, digital code stored on your browser. Some websites place multiple cookies when you visit, allowing them to track some of your activity over time (you can see who is tracking you by installing an application such as Ghostery or Abine’s “DoNotTrackMe”).

The problem for marketers is that some users set their browsers to reject cookies or quickly extinguish them. And mobile phones, which are taking an increasing chunk of the Web usage, do not use cookies.

To combat the cookie’s flaws, advertisers and publishers are increasingly turning to something called fingerprinting. This technique allows a web site to look at the characteristics of a computer such as what plugins and software you have installed, the size of the screen, the time zone, fonts and other features of any particular machine. These form a unique signature just like random skin patterns on a finger...

Fingerprinting may prove a more robust tracking technology than cookies because the user’s identify endures even if they erase their cookies. Making changes to your software and settings only makes you more identifiable, not less. An EFF study several years ago found that it is easy to track when someone changes their profiles by adding software updates, for example. You can see what details your computer is transmitting right now by visiting this site. (more)

Try it. You'll be amazed. ~Kevin

Read More

India Launches Wide-Ranging Surveillance Program

India has launched a wide-ranging surveillance program that will give its security agencies and even income tax officials the ability to tap directly into e-mails and phone calls without oversight by courts or parliament, several sources said.

The expanded surveillance in the world's most populous democracy, which the government says will help safeguard national security, has alarmed privacy advocates at a time when allegations of massive U.S. digital snooping beyond American shores has set off a global furor. (more)

Read More

Abbreviations, Acronyms, Nicknames and Codewords

The communications security and intelligence branch is notorious for its abbreviations, acronyms, nicknames and codewords, and recently we learned a number of new NSA codewords from many classified documents which Edward Snowden handed over to The Guardian.

Here we provide two listings, one of abbreviations and acronyms, and one of nicknames and codewords, to get somewhat more grip on these things:

- Abbreviations and Acronyms

- Nicknames and Codewords

Listings like this can never be complete, and therefore expect new entries to be added gradually, as well as updates of existing entries.

Read More

Quote of the Week - Orwell Got it Wrong

"And surveillance has become entertainment, most ironically in 'Big Brother' where people compete to be under constant scrutiny. More revealing than their narcissism is the audience's enthusiastic voyeurism, playing at Thought Police from the couch." — Peter Marks, Associate Professor, senior lecturer in the Department of English at the University Sydney. He is also a member of the Surveillance and Everyday Life Research Group

Read More

"Is Privacy Dead?" - A Question Older Than Many of You

Note the date...

Click to enlarge.

We are still worried about the same things...

Click to enlarge.

(more)

Read More

New Crowdsourcing App Logs All Street Cameras

You may not be able to control the privacy of your electronic data. But keeping yourself off security cameras? There’s an app for that.

A new crowdsourcing mapping app called Surv gives city dwellers a way to prepare themselves for that kind of privacy infringement by mapping where those cameras are and what they’re used for.

Currently in private beta-mode for New York (and raising money for a wider release on Kickstarter), the app encourages users to post the locations of security cameras around their cities, along with a description of the camera--whether it’s a traffic camera or a police camera, a dome camera or a shielded one. (more)

It was noted that during the recent Boston bombings the FBI asked businesses if they had security videos. One would think, keeping a database of public cameras (proactively) would be an essential part of "Homeland Security". This app might fill that vacuum. How ironic that privacy advocates will build it for them. ~Kevin

Read More

FutureWatch - Increased use of Private Search Engines

Traffic at the private search engines StartPage and Ixquick has dramatically increased this week as Internet users react to news of the PRISM data sharing program. Combined, the two search engines served 3.4 million direct private searches on Wednesday, an increase of 500,000 over last week. (more) 

  
FutureWatch: A rise in encryption usage, and a new search engine... GoogleSecure?

Read More

Spy News Bites

We're not the only ones...

Russia - President Vladimir Putin has defended the right by Russian special services to wiretap... “If this [wiretapping] is made within the framework of the law, by which the special services’ rules of conduct are guided, this is normal." (more)

Canada has also been electronically eavesdropping on Canadians and others, scouring global telephone records and Internet data for patterns of suspicious activity, a newspaper said Monday. (more)

Panama - A TV journalist and cameraman were detained by police while working on a story... about alleged government wiretaps. (more)

Former Bulgarian interior minister Tsvetan Tsvetanov was indicted Wednesday in connection with a scandal over the irregular wiretapping of top politicians and businessmen, sources said. (more)

Not to be left out...

DC - The IRS... is ordering surveillance equipment that includes hidden cameras in coffee trays, plants and clock radios. The IRS wants to secure the surveillance equipment quickly – it posted a solicitation on June 6 and is looking to close the deal by Monday, June 10. (more)

PA - The Senate Judiciary Committee approved a bill that would... add audio surveillance to security cameras already mounted in school buses. (more)

Taiwan - Taiwan's top intelligence body is seeking a change to the law to expand its power to conduct wiretapping in anti-espionage operations. (more) (copycats)

Nigeria - The Bayelsa (state) Government awarded a contract valued at N3.6 billion for electronic surveillance in the state... to the Chinese Firm, Wali... The governor appealed to residents of the state to cooperate with the contractors... (more)

Unintended Consequences...

NSA leaks will... significantly increase the level of state-sponsored economic espionage directed against American companies. (more)

Sales of George Orwell's dystopian novel 1984 have skyrocketed following revelations about secret US spying on internet data. (more)

Read More

'I listened to Marilyn die': Private eye who bugged Monroe's house reveals details...

Files shedding new light on Marilyn Monroe's last night alive and her relationships with President John F Kennedy and his younger brother Bobby have emerged 51 years after her death.

Documents belonging to the late Fred Otash, one of Hollywood's most notorious private detectives, were uncovered by his daughter Colleen after being found in a suburban storage unit.

...in his notes, Otash claimed: 'I listened to Marilyn Monroe die.'

He recorded that on August 5 1962, she had a violent argument with the Kennedys and that she felt that she had been 'passed around like a piece of meat'.

The notes read: 'She was really screaming and they were trying to quiet her down.'

'She's in the bedroom and Bobby gets the pillow and he muffles her on the bed to keep the neighbors from hearing. She finally quieted down and then he was looking to get out of there.'

Otash only found out she had died later on.

A red filing cabinet that contained Otash's most sensitive material was removed from his apartment by his lawyer after he collapsed from an apparent heart attack. Its contents were never seen again. (more)

Read More

Cool but Off-Topic - Beer Bottle Record

19th Century technology meets 21st Century music over a bottle of beer in the latest extension to the Beck’s Record Label project. 

This time, the art label has evolved, and been replaced by the grooves of Auckland band Ghost Wave. Their new single was inscribed into the surface of a Beck’s beer bottle which could then be played on a specially-built device based on Thomas Edison’s original phonograph. 

Making the world’s first playable beer bottle was a formidable technical challenge. (more with video)

Read More

Top 10 iPhone Passwords

Time to change your password.

1. “1234”
2. “0000”
3. “2580”
4. “1111”
5. “5555”
6. “5683”
7. “0852”
8. “2222”
9. “1212”
10. “1998”
(more)

Oh, Number 6, it spells LOVE.

Read More

New "Surveillance-Industrial State" Book Coming

A Pulitzer Prize-winning author and investigative journalist is working on a book about the "surveillance-industrial state" that emerged after the Sept. 11, 2001, terrorist attacks.

Penguin Press announced Thursday that it had acquired a book by Barton Gellman, a contributing editor at large for Time magazine and a Washington Post reporter. The book, currently untitled, does not have a release date. (more)

Barton also has a great blog... CounterSpy

Read More

Cloak of Invisibility Emerges from the Labs

To make a Harry Potter-style invisibility cloak requires the use of materials that have what's known as a negative refractive index over all optical wavelengths, from red to violet. 

You don't see yourself.

However, the artificially-structured optical materials from which cloaks are made thus far have been restricted to a very narrow range of optical wavelengths, limiting their ability to cloak over a range of colors. 

That obstacle to progress looks to be at an end, as a group of optical engineers at Stanford has succeeded in designing a broadband metamaterial that exhibits a negative refractive index over nearly the entire rainbow...

The broad bandwidth of the new Stanford metamaterial suggests that this new class of materials will one day allow the fabrication of invisibility cloaks that are truly invisible, at least to the human eye. Beyond this, the extraordinary freedom to control light with metamaterials is likely to lead to hordes of applications never previously imagined. (more) (original paper) (lab-shirt) (How to hide a bug from an IR viewer.)

Imagine the impact on eavesdropping and spying.

Read More

Spybusters Tip #631 - Top Four Anti-Surveillance Apps

...as reported by Violet Blue for Zero Day.
Text Secure (play.google.com)
TextSecure encrypts your text messages over the air and on your phone. It's almost identical to the normal text messaging application, and is just as easy to use.

Red Phone (play.google.com)
RedPhone provides end-to-end encryption for your calls, securing your conversations so that nobody can listen in.

Onion Browser (Apple iTunes)
Onion Browser is a minimal web browser that encrypts and tunnels web traffic through the Tor onion router network and provides other tools to help browse the internet while maintaining privacy. 

Orbot (play.google.com)
Orbot is a "proxy app that empowers other apps to use the internet more securely. It uses Tor to encrypt Internet traffic and hide it by basically bouncing through a series of computers around the world; it is the official version of the Tor onion routing service for Android. (more)

Read More

Thoughts on a PRISM Term

by James B. Rule, a sociologist and a scholar at the University of California, Berkeley, School of Law.

"THE revelation that the federal government has been secretly gathering records on the phone calls and online activities of millions of Americans and foreigners seems not to have alarmed most Americans... We privacy watchers and civil libertarians think this complacent response misses a deeply worrying political shift of vast consequence...

Institutions and techniques predictably outlive the intentions of their creators. J. Edgar Hoover went before Congress in 1931 to declare that “any employee engaged in wiretapping will be dismissed from the service of the bureau.” A few decades later, F.B.I. agents were in full pursuit of alleged Communist sympathizers, civil rights workers and the Rev. Dr. Martin Luther King Jr. — using wiretapping, break-ins and other shady tactics.

We must also ask how far we want government to see into our private lives, even in the prevention and punishment of genuine wrongdoing. The promise that one especially egregious sort of crime (terrorism) can be predicted and stopped can tempt us to apply these capabilities to more familiar sorts of troublesome behavior.

Imagine that analysis of telecommunications data reliably identified failure to report taxable income. Who could object to exploiting this unobtrusive investigative tool, if the payoff were a vast fiscal windfall and the elimination of tax evasion? Or suppose we find telecommunications patterns that indicate the likelihood of child abuse or neglect. What lawmaker could resist demands to “do everything possible” to act on such intelligence — either to apprehend the guilty or forestall the crime.

Using surveillance for predictive modeling to prevent all sorts of undesirable or illegal behavior is the logical next step. These possibilities are by no means a fantastical slippery slope — indeed, the idea of pre-empting criminals before they act was envisioned by Philip K. Dick’s short story “The Minority Report,” later a movie starring Tom Cruise." (more)

Read More

Business Espionage - FBI Stops "Millions" from Flying Out of the U.S.

NJ - FBI agents arrested an engineer on Wednesday as he was preparing to return to India with trade secrets he allegedly stole from Becton, Dickinson and Co., the Franklin Lakes-based global medical technology company, authorities said.

B-D Patent from the late 1990's

Ketankumar "Ketan" Maniar, 36, an Indian national who lived in Mahwah until last week, had amassed a veritable tool kit for the manufacture of a new pen-like device for injecting drugs that was being developed by Becton Dickinson, authorities said...
 The stolen information was valued in the millions of dollars and could be used by Maniar to set up a new business or sold to a competitor...

If convicted, Maniar could face up to 10 years in prison and a $250,000 fine. (more)

Read More

Quote of the Year - You Decide

Quote 1: "You are not even aware of what is possible. The extent of their capabilities is horrifying. We can plant bugs in machines. Once you go on the network, I can identify your machine. You will never be safe whatever protections you put in place."

Quote 2: "You can't come up against the world's most powerful intelligence agencies and not accept the risk. If they want to get you, over time they will." (more - with video interview) 

From an interview with Edward Snowden, self-confessed Intelligence Community whistle-blower, now on the run.

Dead man running?
Russia has offered to consider an asylum request from the US whistleblower Edward Snowden... (more) (sing-a-long)

Read More

Guess Who Else is Scared of PRISM

Business and the advertising industry!

via... AdAge
Privacy legislation has been brewing in congress for years now, but a combination of public apathy and strong industry opposition has kept it at bay. Could the Prism data surveillance scandal become the watershed moment that propels it forward?

It's too soon to tell how revelations that the U.S. government has been mining web communications and phone logs will impact public opinion, but none of what the government has been implicated in doing would be possible if corporations weren't mining and storing consumer data, often for advertising purposes...

Of course, many in the ad industry hope this government data-gate serves as a foil to commercial data practices, resulting in less focus on how marketers gather and use consumer information. (more)

Read More

"Whatever happened to OPSEC?"

Last week's news sparked much discussion about privacy. Here is one semi-sarcastic exchange between two well-respected, over-50 security professionals...
 

Q. "Whatever happened to OPSEC?"
 
A. "Indeed. Whatever happened to OPSEC?

I think you and I are seeing the "generation gap" from the other side, now. Yesterday, I was talking to a sixteen year-old about the past week's news (PRISM and the Supreme Court decision on DNA).
 
The attitude was, "So?"
 
Geeez, the under-30 crowd has no expectation of privacy. It is a foreign concept to them. They grew up going to school with cameras aimed at them all day, and Ra-parents checking their email, and cocooning them in play dates and bike helmets. Sprinkle with general self: indulgence, centered-ness, and entitlement, and this is what evolves—a new world where real privacy is a quaint concept.
 
Their new world is "look at me, look at me", tweet, tweet, tweet. The new privacy hinges on SnapChat zaps, and the ability to 'friend' and 'unfriend'.

The first Eloi of this new wave are starting to take their places in business and government. They are being egged on, and in turn enabling, a few dystopian power-elders. Together they constructed PRISM. The flip side of the coin, however, is that they don't get to do it in private.
 
So, to answer the question, OPSEC and Privacy have joined hands... and are skipping on their merry f-ing way to oblivion.

Read More

The PRISM of Surveillance - 2002-2013

The Information Awareness Office (IAO) was established by the Defense Advanced Research Projects Agency (DARPA) in January 2002 to bring together several DARPA projects focused on applying surveillance and information technology to track and monitor terrorists and other asymmetric threats to U.S. national security, by achieving Total Information Awareness (TIA). 

Following public criticism that the development and deployment of this technology could potentially lead to a mass surveillance system, the IAO was defunded by Congress in 2003. 

However, several IAO projects continued to be funded, and merely run under different names. (more) (60's update... "We all prism'ers chicky babe, we all locked in.")

Read More

Obama: 'Nobody Is Listening to Your Telephone Calls'

President Barack Obama on Friday defended his administration's vast collection of emails and telephone records, saying the programs help prevent terrorist attacks while imposing only "modest encroachments" on people's privacy...

"When it comes to telephone calls, nobody is listening to your telephone calls," the president said. 

 Mr. Obama made clear that his own views of such intelligence-gathering efforts have evolved since he was a candidate for the presidency in 2008. He suggested he is now more comfortable with the "trade-offs" involved in guarding against terrorism. (more)

Read More

Are the NSA's PRISM slides photoshopped?

(Updated: June 10, 2013)

Yesterday, Thursday June 6, The Washington Post and The Guardian came with a breaking news story about a Top Secret NSA program called PRISM, which reportedly collects data directly from the servers of nine major internet companies like Microsoft, Google, Facebook, Skype and Apple.

Many of these firms have already denied that the government has access to their networks. Today both president Obama and director of National Intelligence James Clapper said there is no gathering of information about US citizens or of any person located within the United States.

> See for the latest information:
PRISM as part of the BLARNEY program
New insights into the PRISM program

The Guardian claimed to have obtained 41 slides of an NSA presentation about the PRISM collection program, and showed some of them on its website. But some strange looking details caused a number of people, especially on Twitter, think the slides might be fake.

Here we take a more close look at these slides, which, if genuine, give a very rare look at a recent Top Secret document from the US National Security Agency.

The strangest thing about the slides is probably the PRISM program logo, which is shown at the top right side of each slide. On the Guardian website this logo is also shown separately with an orange background box - the same way it appears on their slides. But as we look at the same slides on the website of The Washington Post, we see that the orange background has been cropped away.

This can only mean that the logo was added somewhere afterwards, and therefore wasn't part of the original slide deck. On Twitter, it was also noticed, that the PRISM logo was made by using a standard clipart image.

> UPDATE: One of the journalists of The Guardian explained on twitter, that these differences between the slides are caused by using different powerpoint readers (The Guardian using OpenOffice).


Details and explanation of the first PRISM slide

This does not automatically mean the whole slide deck is fake, so let's take a closer look at the rest of the slide contents:

- At the top left and the bottom right corner of each slide we see the standardized classification marking line, showing the classification level and the dissemination control markings.
In this case the slides are marked: TOP SECRET // SI // ORCON // NOFORN, which combines:
TOP SECRET - the classification level, meaning that public disclosure of the document would cause 'exceptionally grave damage' to national security.
SI - Special Intelligence, formerly known as COMINT or COMmunications INTelligence, which means this document is part of a control system for Sensitive Compartmented Information (SCI).
ORCON - ORiginator CONtrolled, meaning the originator controls dissemination and/or release of the document. Therefore these are always viewed in secured areas that are cleared for top-secret data and one cannot view or copy such a document without leaving an audit trail.
NOFORN - NO FOReign Nationals, meaning distribution to non-US citizens is prohibited, regardless of their clearance or access permissions.

- At the top of each slide we also see the logos of the internet companies involved in the PRISM program. The way these logos are grouped at the top of each slide looks not very professional, it distracts from the content and there's also no good reason for showing them on every slide. Therefore this part is also seen as a typical photoshop work.

- Top left we also see a seal with the words Special Source Operations, which is a department of the NSA responsible for important intelligence collection programs. This seal cannot be easily found elsewhere on the internet and looks well designed, so is most likely real.

- The title of the presentation is: PRISM/US-984XN Overview or The SIGAD Used Most in NSA Reporting Overview. SIGAD is the abbreviation of SIGINT Activity Designator, which is a unique addresss for every signals intelligence collection station, ship, or method and consists of a country code followed by alphanumeric characters. Thus the second part of the title (The SIGAD Used Most in NSA Reporting) refers to the first part, where US-984XN is the SIGAD of the PRISM program.

- Underneath the title there's a line which is partly (Guardian) or fully (Washington Post) blacked out. From what we can read, this line most likely started with the name of the person being the PRISM collection manager, followed by a kind of service/department number. Understandably the name has been blacked out because of privacy and security reasons, and the American paper even blacked out the rest.

- Finally, at the bottom right we see a red bordered box with three lines:
Derived from: NSA/CSSM 1-52 - meaning this was derived from the NSA/CSS Manual 1-52 about Classified National Security Information, which describes additional responsabilities of holders of NSA/CSS protected information.
Dated: 20070108 - meaning the presentation was derivative of work dated January 8, 2007, which appears to be the date of the NSA/CSS Manual 1-52.
Declassify On: 20360901 - meaning the slide deck was meant to be declassified on September 1, 2036. In general, this has to be 25 years from the date of the document’s origin, which seems to indicate that this presentation was classified on September 1, 2011, allthough the first slide itself is dated April 2013.

After this close look at the first slide of the PRISM presentation we have seen that there are a few strange elements, but also that most of the content looks realistic.


Another difference between the slides

Not only there's a difference between the PRISM logo on the slides at the Guardian and the Washtington Post websites, but, as noticed at this website, also on the slide showing in which years the various internet companies were "added" to the program:

As we can see in the picture, the slide on the Guardian website shows a different green arrow underneath the yellow circles than the Washington Post slide does. Both papers each seem to have some slightly different slides, which is quite strange if they really obtained a copy of such a higly classified slide deck.

> UPDATE: One of the journalists of The Guardian explained on twitter, that these differences between the slides are caused by using different powerpoint readers (The Guardian using OpenOffice).

As the presentation concerns signals intelligence, it has to be handled either trough the highly secured JWICS network used by the US intelligence community, or through NSAnet, which is the classified intranet of the NSA. It looks like PRISM is related to NSAnet, as one of the slides says: "Complete list and details on PRISM web page: Go PRISMFAA". Using a command like this appears to be common practice for NSAnet.

As it is very difficult and risky to get the slides themselves out of NSA's control, it is of course far more easy for someone who has seen the presentation, to tell a journalist what was in it. Then some graphic artist at the newspaper could have made these slides according to what was told to him. In this way, the differences between the slides of both newspapers can easily be explained by an internal messing up of some different versions.


The story revised?

Meanwhile, the Washington Post (because they had rushed the publication?) had to walk back a bit from its initial claims by citing a second classified report that identified PRISM as a program to "allow ‘collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,’ rather than directly to company servers."

Also the New York Times came with a story which says that each of the large internet companies negotiated with the government about handing out information. As far as this concerns non-US citizens, they are legally required to share the data under the Foreign Intelligence Surveillance Act (FISA) and in this way these companies are providing intelligence agencies like NSA with specific data in response to individual court orders.

These FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms. Last year there were 1856 of such FISA requests. In order to make this more easy, some companies agreed with NSA to transmit these data electronically, using company’s servers or even government equipment at a company location. This however is different from giving the NSA wholesale bulk access to user data.

This version of the PRISM story was more or less confirmed by Director of National Intelligence (DNI) James Clapper, who released a statement with a fact sheet (PDF), which says "PRISM is not an undisclosed collection or data mining program. It is an internal government computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers under court supervision".


More about classification markings

Earlier on the evening of June 8, The Guardian published another slide, to clarify that PRISM, which involves data collection from servers, is distinct from four different programs involving data collection from "fiber cables and infrastructure as data flows past".

This newest slide (shown left in the picture above) seems to have an omission, which can also be seen in some of the earlier slides: allthough they have the obligatory classification line (as described above), and the slide title is marked with the so called portion marking (the (TS//SI//NF) which is an abbreviation of the full classification line), this portion marking is missing in the content.

As the DoD and intelligence community Classification Markings Manuals prescribe, all content of briefing slides, including bullets, captions, titles, and embedded graphs, charts and figures, have to be marked with portion markings at the beginning of each portion (except when a waiver for the portion marking has been obtained). This because parts of a document classified as Top Secret can have a lower classification level or can even be unclassified, which also clearly applies to some of the paragraphs of the slides.

Again, this omission alone does not mean these slides are fake, it's also possible that the author of the presentation was simply somewhat lazy. At least in case of the slide titled "Introduction. U.S. as World's Telecommunications Backbone" the content is public information, for which the overall Top Secret classification would clearly not be justified.

A correct implementation of the portion marking can be seen in some slides about the NSA's BOUNDLESSINFORMANT data mining tool, which were disclosed by The Guardian on June 8. Here we see the slides are marked as TOP SECRET // SI // NOFORN within an orange bar, which is the color code for Top Secret, but with the separate text portions marked as (U//FOUO) as they are Unclassified // For Official Use Only:

With correct markings and a more professional look, these new slides look more credible than those of the PRISM presentation. As government agencies apparently often produce bad looking presentations, this alone doesn't make the PRISM slides fake, but we always should be aware of things like hoaxes, sensationalism and disinformation from whatever source, and at the same time don't get trapped into conspiracy theories.


Other PRISM programs

As there are still questions about what exactly NSA's PRISM program does, it became clear that there are also a number of other intelligence and security related programs called PRISM, which may cause some confusion:

The journalist Matthew Keys discovered that in 2007 a classified Defense Intelligence Agency (DIA) intelligence job listing mentions "national intelligence community collection management systems" like PRISM, COLISEUM and HOT-R. A DIA job listing from earlier this year requires "Experience working in collection requirements management systems and procedures, to include PRISM, HOT-R, GIMS, NSRP, TORS, OSCR, COLISEUM, and CMST"

As this are DIA jobs, it seems however that this PRISM system is different from the one of the NSA. At the website of defense contractor IIT, PRISM is explained as an abbreviation of the "Planning tool for Resource Integration, Synchronization and Management", which just like COLISEUM, seems to be used in the field of Geospatial Intelligence, which analyses satellite imagery of the earth. In this way, PRISM is also mentioned in a number of documents on the Cryptome website. These are dating back to 2003, which is four years before the alledged start of the NSA PRISM internet program in 2007.

> More about this confusion: Is PRISM just a not-so-secret web tool?

The existence of what looks like a third PRISM system was unveiled by this PDF document at the Cryptome website. This document, dated March 21, 2004, describes PRISM (Protect, Respond, Inform, Secure, and Monitor) as a Homeland security Command and Control (C2) decision support system, providing a single end-user application for messaging, alerting, geo-referenced mapping, and asset tracking.

A program called PRISM is also used by the US Secret Service, where this is an acronym which stands for Protective Research Information System Management (PRISM-ID). This system is used to record information that required to assist the agency in meeting its protective mission that includes the protection of the President, and other top level officials. More about this program can be found in this PDF document from 2010 at the Cryptome website.


Links and Sources

- The Washington Post: U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program
- The Guardian: NSA Prism program taps in to user data of Apple, Google and others
- Business Insider: Is The Claim That The Government Has A Direction Connection To Tech Companies A Lie?
- Forbes: Startup Palantir Denies Its 'Prism' Software Is The NSA's 'PRISM' Surveillance System
- New York Times: Tech Companies, Bristling, Concede to Federal Surveillance Program
- ABC News: 4 Unanswered Questions About NSA Leaks
- The 2011 Intelligence Community Classification and Control Markings Implementation Manual (PDF)
- The 2012 DoD Marking of Classified Information Manual (PDF)
- ZDNet: The real story in the NSA scandal is the collapse of journalism
- The Week: Solving the mystery of PRISM

Read More