Share This

Showing posts with label NSA. Show all posts
Showing posts with label NSA. Show all posts

Thursday 20 March 2014

NSA's secret MYSTIC system is capable recording 100% of foreign country's telephone calls



WASHINGTON, D.C. – The United States National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.

A senior manager for the program compares it to a time machine – one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

 http://wapo.st/1gyqVaz

The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere.

In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary.

The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage.

At the request of U.S. officials, The Washington Post is withholding details that could be used to identify the country where the system is being employed or other countries where its use was envisioned.

No other NSA program disclosed to date has swallowed a nation’s telephone network whole. Outside experts have sometimes described that prospect as disquieting but remote, with notable implications for a growing debate over the NSA’s practice of “bulk collection” abroad.

Bulk methods capture massive data flows “without the use of discriminants,” as President Barack Obama put it in January. By design, they vacuum up all the data they touch – meaning that most of the conversations collected by RETRO would be irrelevant to U.S. national security interests.

In the view of U.S. officials, however, the capability is highly valuable.

In a statement, Caitlin Hayden, spokeswoman for the National Security Council, declined to comment on “specific alleged intelligence activities.” Speaking generally, she said “new or emerging threats” are “often hidden within the large and complex system of modern global communications, and the United States must consequently collect signals intelligence in bulk in certain circumstances in order to identify these threats.”

NSA spokeswoman Vanee Vines, in an emailed statement, said that “continuous and selective reporting of specific techniques and tools used for legitimate U.S. foreign intelligence activities is highly detrimental to the national security of the United States and of our allies, and places at risk those we are sworn to protect.”

Some of the documents provided by Snowden suggest that high-volume eavesdropping may soon be extended to other countries, if it has not been already. The RETRO tool was built three years ago as a “unique one-off capability,” but last year’s secret intelligence budget named five more countries for which the MYSTIC program provides “comprehensive metadata access and content,” with a sixth expected to be in place by last October.

The budget did not say whether the NSA now records calls in quantity in those countries, or expects to do so. A separate document placed high priority on planning “for MYSTIC accesses against projected new mission requirements,” including “voice.”

Ubiquitous voice surveillance, even overseas, pulls in a great deal of content from U.S. citizens who telephone, visit and work in the target country. It may also be seen as inconsistent with Obama’s Jan. 17 pledge “that the United States is not spying on ordinary people who don’t threaten our national security,” regardless of nationality, “and that we take their privacy concerns into account.”

In a presidential policy directive, Obama instructed the NSA and other agencies that bulk acquisition may be used only to gather intelligence on one of six specified threats, including nuclear proliferation and terrorism. The directive, however, also noted that limits on bulk collection “do not apply to signals intelligence data that is temporarily acquired to facilitate targeted collection.”

The emblem of the MYSTIC program depicts a cartoon wizard with a telephone-headed staff. Among the agency’s bulk collection programs disclosed over the past year, its focus on the spoken word is unique. Most of the programs have involved the bulk collection of either metadata – which does not include content – or text, such as email address books.

Telephone calls are often thought to be more ephemeral and less suited than text for processing, storage and search. Indeed, there are indications that the call-recording program has been hindered by the NSA’s limited capacity to store and transmit bulky voice files.

In the first year of its deployment, a program officer wrote that the project “has long since reached the point where it was collecting and sending home far more than the bandwidth could handle.”

Because of similar capacity limits across a range of collection programs, the NSA is leaping forward with cloud-based collection systems and a gargantuan new “mission data repository” in Utah. According to its overview briefing, the Utah facility is designed “to cope with the vast increases in digital data that have accompanied the rise of the global network.”

Christopher Soghoian, the principal technologist for the American Civil Liberties Union, said history suggests that “over the next couple of years they will expand to more countries, retain data longer and expand the secondary uses.”

Spokesmen for the NSA and the Office of Director of National Intelligence James Clapper declined to confirm or deny expansion plans or discuss the criteria for any change.

Based on RETRO’s internal reviews, the NSA has strong motive to deploy it elsewhere. In the documents and interviews, U.S. officials said RETRO is uniquely valuable when an analyst first uncovers a new name or telephone number of interest.

With up to 30 days of recorded conversations in hand, the NSA can pull an instant history of the subject’s movements, associates and plans. Some other U.S. intelligence agencies also have access to RETRO.

Highly classified briefings cite examples in which the tool offered high-stakes intelligence that would not have existed under traditional surveillance programs in which subjects were identified for targeting in advance. Unlike most of the government’s public claims about the value of controversial programs, the briefings supply names, dates, locations and fragments of intercepted calls in convincing detail.

Present and former U.S. officials, speaking on the condition of anonymity to provide context for a classified program, acknowledged that large numbers of conversations involving U.S. citizens would be gathered from the country where RETRO operates.

The NSA does not attempt to filter out their calls, defining them as communications “acquired incidentally as a result of collection directed against appropriate foreign intelligence targets.”

Until about 20 years ago, such incidental collection was unusual unless a U.S. citizen was communicating directly with a foreign intelligence target. In bulk collection systems, which are exponentially more capable than the ones in use throughout the Cold War, calls and other data from U.S. citizens and permanent residents are regularly ingested by the millions.

Under the NSA’s internal “minimization rules,” those intercepted communications “may be retained and processed” and included in intelligence reports. The agency generally removes the names of U.S. callers, but there are several broadly worded exceptions.

An independent group tasked by the White House to review U.S. surveillance policies recommended that incidentally collected U.S. calls and emails – including those obtained overseas – should nearly always “be purged upon detection.” Obama did not accept that recommendation.

Vines, in her statement, said the NSA’s work is “strictly conducted under the rule of law.”

RETRO and MYSTIC are carried out under Executive Order 12333, the traditional grant of presidential authority to intelligence agencies for operations outside the United States.

Since August, Sen. Dianne Feinstein, D-Calif., the chairman of the Senate Intelligence Committee, and others on that panel have been working on plans to assert a greater oversight role for intelligence gathering abroad. Some legislators are now considering whether Congress should also draft new laws to govern those operations.

Experts say there is not much legislation that governs overseas intelligence work.

“Much of the U.S. government’s intelligence collection is not regulated by any statute passed by Congress,” said Timothy H. Edgar, the former director of privacy and civil liberties on Obama’s national security staff. “There’s a lot of focus on the Foreign Intelligence Surveillance Act, which is understandable, but that’s only a slice of what the intelligence community does.”

All surveillance must be properly authorized for a legitimate intelligence purpose, he said, but that “still leaves a gap for activities that otherwise basically aren’t regulated by law because they’re not covered by FISA.”

Beginning in 2007, Congress loosened 40-year-old restrictions on domestic surveillance because so much foreign data crossed U.S. territory. There were no comparable changes to protect the privacy of U.S. citizens and residents whose calls and emails now routinely cross international borders.

Vines noted that the NSA’s job is to “identify threats within the large and complex system of modern global communications,” where ordinary people share fiber-optic cables with legitimate intelligence targets.

For Peter Swire, a member of the president’s review group, the fact that U.S. citizens and foreigners use the same devices, software and networks calls for greater care to safeguard privacy.

“It’s important to have institutional protections so that advanced capabilities used overseas don’t get turned against our democracy at home,” he said.

© 2014, The Washington Post/http://www.ticotimes.net

Related post:

Monday 4 November 2013

You are being snooped on, Malaysia views US-NSA spying seriously!


Asia being snooped on, too 

Spying by foreign intelligence agencies is also prevalent in Malaysia and other regional countries via the Internet or spying equipment located in embassies.

SO last week it was the turn of Asians to learn that their region was also the subject of foreign spying.

This was no surprise. If American intelligence is spying on Americans, on Latin Americans, and on Europeans (including its top political leader, Angela Merkel of Germany), it is a foregone conclusion that Asia would not be left out.

There is no revelation yet that Asian prime ministers and presidents have had their personal mobile phones and e-mails tapped.

But it is also a foregone conclusion that these things are happening. Be prepared, therefore, to read in the coming weeks about famous Asian leaders, opposition stalwarts, journalists and celebrities being the subjects of snooping.

Nevertheless, the news that American and Australian embassies are being used to snoop on Asian countries justifiably caused outrage in our region. The Australian surveillance is reportedly in cooperation with the United States.

Malaysia is one of the places where Australian intelligence operates to spy, according to reports in the Der Spiegel and Sydney Morning Herald. They revealed that the spying takes place from the Australian High Commission in Kuala Lumpur.

Other Asian countries where the intelligence collection is conducted is the Australian embassies in China, Thailand, Indonesia, Vietnam, Timor Leste and Papua New Guinea.

The news reports also revealed that the US embassies have also been conducting surveillance activities in many Asian countries including Malaysia, Indonesia, China, Thailand, Cambodia and Myanmar.

Malaysia last Friday registered its protests in official notes handed to the Australian High Commissioner and the US Deputy Chief of Mission who were summoned to Wisma Putra. The notes warned that surveillance of close friends could severely damage relations.

Indonesia warned the United States and Australia that the continuation of surveillance facilities inside their embassies threatened to derail years of trust built up between countries.

China also responded to the report that the American embassy in Beijing and consulates in Shanghai and Chengdu operated special spying facilities.

Its Foreign Ministry has demanded an explanation from the United States, saying that “foreign entities must not in any form engage in activities that are incompatible with their status and that are harmful to China’s national security and interest”.

Also last Friday, Brazil and Germany introduced a draft resolution to a United Nations General Assembly committee calling for an end to excessive surveillance.

The press reports on spying in Asian countries are based on information leaked by Edward Snowden, a former contractor with the US National Security Agency.

Newspapers and magazines had previously revealed that the personal phones of the German chancellor and the Brazilian president had been tapped. Both leaders have registered protests directly to US President Barack Obama.

Last week also saw revelations by the Washington Post that the US and British intelligence agencies had found a way of intercepting communications from Google as well as Yahoo as the data were being passed between their data centres.

“We are outraged at the lengths to which the government seems to have gone,” said Google’s chief legal officer.

The Internet giant companies have found that their encryptment system protecting e-mail and other information flowing through its data centres is not secure after all.

The technology companies are worried that their millions of customers will no longer trust that their privacy will be protected.

How will this affect the use of browsing, e-mail, Facebook and other facets of the Internet technology?

US companies and entities currently dominate the global Internet business. Much of the world’s flow of data go through Internet companies based in the United States.

The US administration had projected itself as an honest host of the Internet centres, respecting the rights and privacy of the world’s Internet and e-mail users, and a champion of Internet freedom.

That image has been shattered by the series of revelations emerging from Snowden’s leaked files. The opposite image has replaced it, of a government that has used high technology to gather billions of bits of data on practically all Internet users.

If counter-terrorism was the official reason, this now seems to be only a pretext for also spying on any important person, including one’s closest allies.

Now that they have lost confidence that the United States or other countries will respect privacy of the politicians, companies and citizens of their countries, some governments are now planning to limit the reach of American-based Internet companies.

The Financial Times reported that Brazil is planning regulations that would force technology companies to retain information on the Internet about its citizens and institutions within Brazil itself.

It also said that European officials are discussing the need to have stronger cloud computing capabilities in Europe to protect their citizens’ privacy.

Brazil is also planning to bring up in various UN agencies and fora the need for a global framework to respect and protect privacy on the Internet.

Contributed by Global Trends Martiin Khor
The views expressed are entirely the writer’s own.

Related posts:  
1.  USA Spying, the Super-Snooper !
2.  NSA secretly hacks, intercepts Google, Yahoo daily 

Malaysia views spying seriously

KLUANG: Spying activities on Malaysia by its allies is a serious matter, says Defence Minister Datuk Seri Hishammuddin Hussein.

This is because it can cause relations between Malaysia and these countries, long established based on trust and sincerity, to be tense.

“I believe if this (spying) is not fully explained, our long-established good relations can be adversely affected. Therefore, we need a full explanation on the extent of the spying activities and for what purpose.

“Tensions can be avoided if the allies involved uphold the trust and sincerity in their relations with Malaysia,” he said.

Hishammuddin said this to reporters after attending a Deepavali open house hosted by Johor Unity and Human Resources Committee chairman R.Vidyanathan here yesterday.

The spying issue arose following media reports on the claim made by intelligence informant Edward Snowden that the United States had 90 electronic surveillance facilities throughout the world, including at its embassy in Kuala Lumpur.

In light of this, Hishammuddin wanted a detailed explanation on the matter as such activities could threaten Malaysia’s security and its other interests.

The US ambassador to Malaysia, Joseph Y. Yun, was reported to have explained on the spying claim to Wisma Putra.

Foreign Minister Datuk Seri Anifah Aman said Yun had stated that all surveillance activities by the United States throughout the world were specifically for security, to detect threats of terrorism and weapons of mass destruction.

On his trip to China last month, Hishammuddin said it was aimed at enhancing cooperation in the area of defence, especially through joint exercises, exchange programmes involving navy and other military officers, establishing cooperation between the defence industries of both countries, and efforts to combat terrorism and transnational crime.

Meanwhile in Yan, Inspector-General of Police Tan Sri Khalid Abu Bakar said they would arrest any foreign diplomat found to be involved in spying activities.

“We will not hesitate because spying is a threat to the country’s sovereignty. In the 1980s, we have arrested foreign diplomats involved in spying activities.

“We will do the same again if there is proof of such activities,” he told newsmen after a briefing on the Sungai Limau by-election at the Yan police headquarters yesterday.

- The Star/Asia News Network Monday Nov 4, 2013

Saturday 2 November 2013

NSA secretly hacks, intercepts Google, Yahoo daily

The United States’ National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers worldwide. That’s according to documents released by former NSA contractor, Edward Snowden, The Washington Post reports.

Video: NSA intercepts Google, Yahoo traffic overseas report | The National
 http://shar.es/IxZIJ



According to the documents, the agency and its British counterpart GCHQ, through a project called MUSCULAR, collected data stored on Google and Yahoo servers. That allowed both governments access to hundreds of millions of user accounts from individuals worldwide.

“From undisclosed interception points, the NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants,” RT cites the Post’s Barton Gellman and Ashkan Soltani.

A January 9th document says that in the preceding 30 days, collectors had processed over 181 million pieces of information, including both metadata and the actual contents of communications.

The government can already request information from phone or data through the FISA Amendments Act but this data collection would ostensibly take place without Google and Yahoo even being aware of it.

When you send email or store files with an internet company, that data is regularly shared among servers around the world, in order to ensure quick access to your information from wherever you happen to be. Google and Yahoo run customized private networks to shuttle that information around, passing between and within countries, as the Post indicates in a graphic. To move that information, the companies use fiber optic connections, light-speed networks running over thin glass cables. According to the Post, it’s those connections that the NSA is able to monitor. None of Yahoo’s inter-server traffic is encrypted. Not all of Google’s is either.

The MUSCULAR program, according to Wednesday’s leak, involves a process in which the NSA and GCHQ intercept communications overseas, where lax restrictions and oversight allow the agencies access to intelligence with ease.

“NSA documents about the effort refer directly to ‘full take,’ ‘bulk access’ and ‘high volume’ operations on Yahoo and Google networks,” the Post reported. “Such large-scale collection of Internet content would be illegal in the United States, but the operations take place overseas, where the NSA is allowed to presume that anyone using a foreign data link is a foreigner”.

The Post points out that company staffers were surprised and angry to hear that their their networks had been compromised. Google said that it was “troubled by allegations of the government intercepting traffic between our data centers”.

The report comes amid a storm of protest about NSA surveillance both at home and overseas of phone and Internet communications.

On Tuesday, US officials said reports that American spy agencies snooped on millions of Europeans were false.

Alexander told lawmakers that in many cases European spy agencies had turned over phone records and shared them with US intelligence.

Related posts:

1. USA Spying, the Super-Snooper ! 
2. Abusing intelligence is stupid
3. Upset over US cyber spying!
4.US Spy Snowden Says US Hacking China Since 2009 
5.US building new spy wing to focus on Asia 

Thursday 31 October 2013

USA Spying, the Super-Snooper !


The United States is running clandestine communications intelligence facilities at its embassies in Kuala Lumpur, Jakarta, Bangkok, Phnom Penh and Yangon.

The country is doing so by tapping telephones and monitoring communications networks from electronic surveillance facilities in US embassies and consulates across east and south-east Asia, according to information disclosed by intelligence whistleblower Edward Snowden.A top secret map dated August 13, 2010 lists nearly a hundred surveillance facilities worldwide, the map however, shows no such facilities are located in Australia, New Zealand, Britain, Japan and Singapore – the US’s closest allies.

Snoopy the Snooper

According to the map published by Germany’s Der Spiegel magazine today, a joint Central Intelligence Agency (CIA) – National Security Agency (NSA) group known as ” Special Collection Service” conducts the sweeping surveillance operation, as well as clandestine operations against specific intelligence targets.The map, which was initially published in full on Der Spiegel‘s website but subsequently replaced with a censored version, lists Special Collection Service facilities at 90 locations worldwide, including 74 manned facilities, 14 remotely operated facilities and two technical support centres.

The map confirms the global reach of US signals intelligence operations with special collection facilities located in most major capitals on every continent.Read the full story here


By Hanin Fadiyah@www.harakahdaily.com

Related posts:
1. Abusing intelligence is stupid
2. Upset over US cyber spying!
3.US Spy Snowden Says US Hacking China Since 2009 
4.US building new spy wing to focus on Asia 

Monday 30 September 2013

Brazil attacks US over spying issue

The UN General Assembly opened last week with an electrifying speech by President Dilma Rousseff who slammed US cyber-snooping activities with President Barack Obama in the audience.


INTERNET spying by the US government became a major issue at the United Nations General Assembly last week when political leaders heard a blistering attack by the Brazilian president who was visibly angry about how her country and her own office have been targets of cyber-snooping activities.

She called the US action a breach of international law, a grave violation of human rights and civil liberties, and a disrespect for national sovereignty.

It was condemnation in the strongest terms at the highest political forum in the world, with UN and commercial TV stations beaming the speech live.

The surveillance issue, which has caused ripples with continuous revelations in the media emerging from whistle-blower Edward Snowden’s files, has now reached the UN.

And in the most spectacular fashion. It was an extraordinary scene when President Dilma Rousseff gave the opening speech among the government leaders gathered for the annual General Assembly.

Traditionally, Brazil’s president speaks first, followed by the US president. Thus, Barack Obama could not avoid hearing her speech.

Many had expected Rousseff to touch on the Internet spying issue, since she had strongly criticised the US when the media broke the news on specific instances of US Internet surveillance on the Brazilian President’s office, other departments, including the Brazilian Mission to the UN, and the national oil company Petrobas. She recently cancelled a state visit to Washington.

But her speech and performance was far beyond what was anticipated. With the atmosphere electrifying in the packed hall of leaders, the Brazilian president cut out the usual diplomatic niceties while addressing one of the most sensitive issues to have emerged globally in recent years.

She called it “a matter of great importance and gravity ... the global network of electronic espionage that has caused indignation and repudiation in public opinion around the world.”

Rousseff described the Internet spying as creating “a situation of grave violation of human rights and of civil liberties; of invasion and capture of confidential information concerning corporate activities, and especially of disrespect to national sovereignty”.

She started by laying the foundation of her argument: “A sovereign nation can never establish itself to the detriment of another sovereign nation.

“The right to safety of citizens of one country can never be guaranteed by violating fundamental human rights of citizens of another country. The arguments that the illegal interception of information and data aims at protecting nations against terrorism cannot be sustained.”

She said she fought against authoritarianism and censorship, and thus has to uncompromisingly defend the right to privacy of individuals and the sovereignty of her country.

“In the absence of the right to privacy, there can be no true freedom of expression and opinion, and therefore no effective democracy. In the absence of the respect for sovereignty, there is no basis for the relationship among nations,” she added.

Her speech touched on three actions. First, Brazil had asked the US for explanations, apologies and guarantees that such procedures will never be repeated.

Second, Brazil is planning actions to defend itself from the spying. It will “adopt legislation, technologies and mechanisms to protect us from the illegal interception of communications and data”.

Third, she proposed international action, saying: “Information and telecommunication technologies cannot be the new battlefield between states. Time is ripe to create the conditions to prevent cyberspace from being used as a weapon of war, through espionage, sabotage, and attacks against systems and infrastructure of other countries.”

Stating that the UN must play a leading role to regulate the conduct of states with regard to these technologies, she called for the setting up of “a civilian multilateral framework for the governance and use of the Internet and to ensure the effective protection of data that travels through the web”.

She proposed multilateral mechanisms for the worldwide network, based on the principles of freedom of expression, privacy and human rights; open, multilateral and democratic governance; universality; cultural diversity; and neutrality of the network, guided only by technical and ethical criteria, with no restrictions allowed on political, commercial, religious grounds.

Delegates who hoped that Obama would respond were disappointed. He did not refer to the Brazilian president’s address made only a few minutes before.

He made only a passing reference to the issue, saying: “we are reviewing the way we gather intelligence.”

Rousseff’s speech came at the right time and venue, since people worldwide have been increasingly troubled or outraged by the extent of cyber-spying revealed by the media.

The issue is even more serious for developing countries. Media reports indicate that there are double standards, with the US spying programme requiring a special court procedure for opening data on individual US citizens, while there is no such procedure for residents outside the US, and thus the surveillance is comprehensive for the world outside the US, with the citizens, companies and government offices all being targets.

Moreover, the media reports show that the US actions do not stop at surveillance. There are also schemes to engage in cyber actions or attacks.

Rousseff’s speech at the UN indicates Brazil plans follow-up moves in the UN for setting up a multilateral system to regulate the use and misuse of the Internet. This would be a timely international response to the recent revelations.

Contributed by Global Trends, MARTIN KHOR
The views expressed are entirely the writer’s own.

Related posts:
 Upset over US cyber spying!
Abusing intelligence is stupid 
US Spy Snowden Says US Hacking China Since 2009
No privacy on the Net !
US building new spy wing to focus on Asia
Flawed perception remembering Heroes and Zeroes  

Sunday 29 September 2013

Abusing intelligence is stupid


Governments that deliberately pervert their spy agencies are shooting themselves in the head.

ALL countries operate spy agencies, so some of their practices and experiences are universal.

Governments deem intelligence services to be useful, even necessary, in evaluating and anticipating events – so they are earnestly nurtured and cultivated. However, whether and how far these services actually contribute to policymaking depends on a multitude of variable factors.

The capacity of a “secret service” derives from the scale of its available resources – human, financial, technical, etc.

The richer a country the greater the means for developing its intelligence service, and the more powerful a country the greater its need or purpose for doing so.

Yet that need not mean that a richer or more powerful country would have a more competent intelligence service.

Unlike conventional institutions such as the armed forces, the critical criteria cannot be the strength of numbers or the expanse of field coverage.

Since the quality of information handled is key, spy agencies perform like a scalpel where other security institutions act like meat cleavers.

At the same time, all of them need to be coordinated and concerted through optimised complementarity.

Conceptually, the intelligence services are highly professional institutions performing specialised tasks in the national interest.

In discharging their duties, they must observe laws and conventions that guide and limit their clandestine activities.

In practice, however, they are often politicised in the perceived interests of specific administrations.

This compromises their credibility, debases their status and subverts their effectiveness.

Another universal experience, regardless of a country’s developed or developing status, is that the intelligence services are boosted in times of great national distress.

Trying times are also the best times to stretch and test their capacities.

Britain’s Secret Intelligence Service (SIS), for example, originated in the Secret Service Bureau established in 1909.

This was a joint effort of the War Office and the Admiralty, with a focus on Imperial Germany.

The impetus for the service developed with the exigencies of two world wars.

In the United States, the demands of wartime intelligence in the early 1940s resulted in the creation of the OSS (Office of Strategic Services) to coordinate information streams from the armed forces.

The OSS would later morph into the CIA (Central Intelligence Agency), technically the first US spy agency.

The United States until then did not have a centralised intelligence agency, so the CIA emerged to fill the gap.

As it was with the SIS, the existence of the CIA was not officially acknowledged until decades later. But what began as a fledgling effort requiring British inputs soon ballooned into a US intelligence community comprising no less than 16 spy agencies.

Intelligence agencies tend to have a civilian (police) or military character depending on the needs of the state at the time. Nonetheless, their constant is the primary purpose of protecting the state.

The early Soviet Union felt it needed to guard against counter-revolution, and so established the Cheka secret police under the Ministry of Internal Affairs.

The Cheka then underwent several transformations to become the NKVD, which in turn experienced further transformations to become the KGB of Cold War lore, in the process picking up military elements in the world wars.

The Malayan Emergency (1948-60) was a domestic insurgency that exercised the resources of the police force.

The police department that focused on vital intelligence gathering was the Special Branch, evolving under British tutelage during the colonial period and developing further upon Malayan independence.

Currently, all national intelligence agencies combine human (Humint) and signals (Sigint, or telecommunications interceptions) intelligence.

The latter comprises communications between individuals (Comint) and electronic intelligence (electronic eavesdropping, or Elint) that favour countries with bigger budgets because of the costs incurred in technology and expertise.

However, while a common strength lies in surveillance or information-gathering, analysis and interpretation of the information so gathered often fail to keep pace.

Where analytical deficits occur, political interests often exploit these spaces to pervert the course of intelligence gathering.

At the same time, the quality of intelligence is sometimes patchy where official links are weak.

Britain’s SIS was thus handicapped in Germany during the First World War, just as US intelligence services are now hampered in Iran and Syria as they were in Saddam Hussein’s Iraq.

The problem is compounded when governments refuse to acknowledge their inadequacies and prefer to give their own dubious capacities the benefit of the doubt.

The mistake often lies in equating overwhelming military superiority with operational success requiring sound intelligence.

And so regime change in Iraq was described as a “cakewalk” and a “slam dunk”, with unanticipated difficulties emerging once the plan was operationalised.

A similar development almost occurred in Syria upon underestimating President Bashar al-Assad’s effective control.

Hyper-intelligence combines the prowess of two or more ally countries’ intelligence services, taking spying to a whole new level.

The US-British “special relationship” is one such example, only that it is more than bilateral collaboration.

What began as a post-war agreement between London and Washington in 1946 soon encompassed the other English-speaking countries of Canada, Australia and New Zealand in the UKUSA (United Kingdom – United States of America) Agreement.

Focusing on but not limited to Sigint, this “Five Eyes” pact formalises the sharing of intelligence on other countries that any of the five spies upon.

Earlier this month, a leak by former US intelligence operative Edward Snowden revealed that the UKUSA Agreement goes further than these five Western countries. It effectively and routinely includes Israel as well.

The National Security Agency (NSA) reputedly runs the most extensive intelligence gathering operation for the United States.

Its global reach is shared with the largest unit in the Israel Defense Force, the NSA-equivalent Unit 8200 (or ISNU, the Israeli Sigint National Unit), in unfiltered form.

That means anything and everything that the United States and/or the other “Five Eyes” countries knows about the rest of the world from spying are known by Israel as well.

It explains Washington’s determination to “get Snowden” – not only are the leaks embarrassing, they discourage other countries from engaging the United States in security cooperation.

The other problem is no less serious: politicisation, which corrupts and perverts otherwise professional and competent intelligence services.

This amounts to blowback, a CIA-originated term meaning self-inflicted policy injury.

It (in)famously occurred when the US-British axis that invaded Iraq built its rationale on the lie that Saddam had stockpiled “weapons of mass destruction” (WMDs) – even when whatever little intelligence there was had indicated that Iraq had dismantled WMD facilities years before.

It happened again when Washington insisted that Assad was responsible for chemical weapons attacks in civilian areas.

Not only had Russian intelligence and UN inspectors found anti-Assad rebels culpable instead, but both German and Israeli intelligence had privately cleared Assad of those charges.

The inside information available to diplomats had cast such doubt on the US allegations that US-friendly countries such as Singapore refused to accept Washington’s version at the UN.

Politics had dictated that the United States stick with its allegations, just as politics had dissuaded Israeli policymakers from correcting misinterpretations of intelligence data wrongly blaming Assad.

Fiddling with intelligence for some passing gratification such as attacking an adversary may seem tempting, but dumbing down vital strategic data is a dangerous and costly exercise. It is also an act of singular and self-defeating stupidity.

Contributed by  Behind The Headlines: Bunn Nagara
> Bunn Nagara is a Senior Fellow at the Institute of Strategic and International Studies (ISIS) Malaysia.
>The views expressed are entirely the writer's own.

Related posts:
Upset over US cyber spying!
US Spy Snowden Says US Hacking China Since 2009 - Rightways 
Technologies: No privacy on the Net ! 
US building new spy wing to focus on Asia
Flawed perception remembering Heroes and Zeroes 

Sunday 23 June 2013

No privacy on the Net !

Revelations about PRISM, a US government program that harvests data on the Internet, has sparked concerns about privacy and civil rights violations. But has there ever been real privacy and security on the WWW?

 Demonstrators hold posters during a demonstration against the US Internet surveillance program of the NSA, PRISM, at Checkpoint Charlie in Berlin, Germany, ahead of US President Barack Obama’s visit to the German capital.

IMAGINE a time before email, when all your correspondence was sent through the post. How would you feel if you knew that somebody at the post office was recording the details of all the people you were corresponding with, “just in case” you did something wrong?

I think quite a few of you would be upset about it.

Similarly, some Americans are furious over revelations made about a system called PRISM. In the last few weeks, an allegation has been made that the US government is harvesting data on the Internet by copying what travels through some of its Internet Service Providers.

The US Director of National Intelligence has said that PRISM “is not an undisclosed collection or data mining program”, but its detractors are not convinced that this doesn’t mean no such program exists.

I think there are mainly two kinds of responses to this revelation: “Oh my God!” and “What took them so long?”.

The Internet has never really been secure. Because your data usually has to travel via systems owned by other people, you are at their mercy as to what they do with it. The indications are that this is already being done elsewhere.

Countries such as China, India, Russia, Sweden and the United Kingdom allegedly already run similar tracking projects on telecommunications and the Internet, mostly modelled on the US National Security Agency’s (unconfirmed) call monitoring programme. For discussion, I’ll limit myself for the moment to just emails – something that most people would recognise as being private and personal.

I find many people are surprised when I tell them that sending email over the Internet is a little bit like sending your message on a postcard. Just because you need a password to access it, doesn’t mean it’s secure during transmission.

The analogy would be that your mailbox is locked so only you can open it, but those carrying the postcard can read it before it reaches its final destination. Of course, there are ways to mitigate this. One has to be careful about what one put in emails in the first place. Don’t send anything that would be disastrous if it were forwarded to someone else without your permission.

You could also encrypt your email, so only the receiver with the correct password or key could read it, but this is difficult for most end users to do. (For those interested in encrypting emails, I would recommend looking at a product called PGP.)

The analogy holds up for other Internet traffic. It’s easy to monitor, given enough money and time. And as easy as it is for the Good Guys to try to monitor the Bad Guys, it’s just as easy for the Bad Guys to monitor us hapless members of the public.

But who do we mean by the Bad Guys? Specifically, should the government and law-enforcement agencies be categorised as ‘Bad Guys’ for purposes of privacy? Generally, the line oft quoted is “if you have nothing to hide, then you have nothing to worry about”.

Yet, I think we all accept that there should be a fundamental right to privacy, for everybody from anybody. An interesting corollary to being able to express your thoughts freely is that you should also be able to decide when and how you make them public.

The fault in relying on organisations that say “trust us” isn’t in the spirit of their objectives, but in how the humans in them are flawed in character and action.

An example quoted regularly at the moment is how the FBI collected information about Martin Luther King because they considered him the “most dangerous and effective Negro leader in the country”.

One way of defining the boundaries are by codifying them in laws. For example, the Malaysian Personal Data Protection Act prohibits companies from sharing personal data with third parties without the original owner’s consent.

However, this law explicitly does not apply to the federal and state governments of Malaysia. Another clause indicates that consent is not necessary if it is for the purpose of “administration of justice”, or for the “exercise of any functions conferred on any person by or under any law”.

In relation to the revelations of PRISM, several questions come to mind: Can Internet traffic (or a subset of it) be considered “personal data”? Is it possible for government agencies to collect and store such data without your consent?

And if so, what safeguards are there to ensure that this personal data is accurate, is used correctly and is relevant for storage in the first place?

This should be a sharp point of debate, not just in terms of which of our secrets the government can be privy to, but also of which of the government’s information should be readily accessible by us.

True, there is so much data out there that analysing it is not a trivial task. However, companies such as Google are doing exactly that kind of work on large volumes of unstructured data so that you can search for cute kittens. The technology is already on its way.

Perhaps I am being over-cautious, but it seems a bit fantastical that people can know your deepest and darkest secrets by just monitoring a sequence of 1’s and 0’s. But, to quote science fiction author Phillip K. Dick, “It’s strange how paranoia can link up with reality now and then”.

Contradictheory
By DZOF AZMI

> Logic is the antithesis of emotion but mathematician-turned-scriptwriter Dzof Azmi’s theory is that people need both to make sense of life’s vagaries and contradictions. Speak to him at star2@thestar.com.my.

Related post:

US Spy Snowden Says U.S. Hacking China Since 2009

Monday 17 June 2013

Upset over US cyber spying!

There are increasingly strong reactions to revelations that United States agencies are spying on Internet use by Americans and foreigners as well as planning cyber actions on foreign targets.

 
Weekend News Round-up: US cyber spying whistle-blower revealed; is Snapchat worth US$1bn?

THE revelations of data collection on a massive scale by the United States’ security agencies of details of telephone calls and Internet use of its citizens and foreigners are having reverberations around the world.

Much of the responses have been on the potential invasion of privacy of individuals not only in the United States but anywhere in the world who use US-based Internet servers.

Also revealed is a US presidential directive to security agencies to draw up a list of potential overseas targets for US cyber-attacks.

This lays the Unites States open to charges of double standards and hypocrisy: accusing other countries of engaging in Internet snooping or hacking and cyber warfare, when it has itself established the systems to do both on a mega scale.

The revelations, published in the Guardian and Wall Street Journal, and based on a leak by a former US intelligence official, include that US security agencies have access to telephone data of Verizon Communications, AT&T and Sprint Nextel, as well as from credit card transactions.

They also can access data from major Internet companies – Google, Yahoo, Microsoft, Facebook, AOL, Apple, PalTalk, Skype and YouTube—under the Prism surveillance programme.

Millions of Internet users around the world use the servers or web-based services of the companies mentioned.

Two American citizen groups, the American Civil Liberties Union (ACLU) and the New York Civil Liberties Union, have filed a lawsuit against the US administration.

“Those programmes constitute unreasonable intrusions into American’s private lives that’s protected by the Fourth Amendment (on search and seizure),” said Brett Kaufman of the ACLU, as quoted by IPS news agency.

Governments and people outside the United States are equally upset, or more so, that they apparently are also covered by the massive US surveillance programme.

The European Union’s commissioner of justice Viviane Reding has written to the US attorney general asking if European citizens’ personal information had been part of the intelligence gathering, and what avenues are available for Europeans to find out if they had been spied on.

In China, commentators and opinion makers are citing double standards on the part of the United States.

An article in the China Daily commented that the massive US global surveillance programme as revealed is certain to stain Washington’s overseas image and test developing China-US ties.

An editorial in another Chinese paper, Global Daily, stated: “China needs to seek an explanation from Washington.

“We are not bystanders. The issue of whether the United States as an Internet superpower has abused its powers touches on our vital interests directly.”

In their summit last week in California, United States President Barack Obama reportedly pressed Chinese President Xi Jinpeng to curb cyber-spying by Chinese agencies and companies.

The breaking news about the United States snooping on Internet users must have caused some discomfort to Obama when bringing up this issue.

A Chinese Foreign Ministry spokesperson last week reiterated that “China is also a victim to the most sophisticated cyber hacking”.

Though less publicised, a part of the leaks published in the Guardian, was a 18-page directive from President Obama to his security and intelligence officials to draw up a list of potential overseas targets for US cyber-attacks.

The October 2012 directive states that what it calls Offensive Cyber Effects Operations (OCEO) “can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging”, according to the June 7 Guardian article by Glenn Greenwald and Ewen MacAskill.

The directive says the government will “identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power”.

The aim of the document was “to put in place tools and a framework to enable government to make decisions” on cyber actions, a senior administration official told the Guardian.

Obama’s move to establish a potentially aggressive cyber warfare doctrine will heighten fears over the increasing militarisation of the Internet, comments the Guardian article.

It adds that the United States is understood to have already participated in at least one major cyber attack, the use of the Stuxnet computer worm targeted on Iranian uranium enrichment centrifuges, the legality of which has been the subject of controversy.

In the presidential directive, the criteria for offensive cyber operations in the directive is not limited to retaliatory action but vaguely framed as advancing “US national objectives around the world”.

Obama further authorised the use of offensive cyber attacks in foreign nations without their government’s consent whenever “US national interests and equities” require such non-consensual attacks. It expressly reserves the right to use cyber tactics as part of what it calls “anticipatory action taken against imminent threats”.

The Guardian commented: “The revelation that the US is preparing a specific target list for offensive cyber-action is likely to reignite previously raised concerns of security researchers and academics, several of whom have warned that large-scale cyber operations could easily escalate into full-scale military conflict.”

Meanwhile, UN Human Rights Council’s Special Rapporteur Frank La Rue issued a report on June 4 on the increasing use of surveillance, warning that unfettered state access to surveillance technologies could compromise human rights to privacy and freedom of expression, as protected by the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights (ICCPR).

The report warned too against the use of “an amorphous concept of national security” as a reason to invade people’s rights to privacy and freedom of expression, arguing that such an invasion potentially “threatens the foundations of a democratic society”.

Global Trends
By MARTIN KHOR

Related posts:
US Spy Snowden Says U.S. Hacking China Since 2009 
New China-US relationship can avoid past traps 
Xi-Obama summit aims to boost ties, aspirations between China and USA 

Sunday 16 June 2013

US Spy Snowden Says U.S. Hacking China Since 2009

Support: Protesters shout slogans in support of former US spy Edward Snowden as march to the US consulate in Hong Kong

Video:
Director Robert Mueller says Edward Snowden has caused damage to national security.
http://www.dailymail.co.uk/news/article-2341451/Whistleblower-Edward-Snowden-smuggled-secrets-everyday-thumb-drive-banned-NSA-offices.html

 
The United States has hacked hundreds of Chinese civilians since 2009. But its favored hacking technique isn't to target individual PCs via advanced persistent threat (APT) attacks, in the manner of the Chinese military. Instead, it prefers to compromise foreign network backbones, thus potentially gaining access to hundreds of thousands of systems at once. 

 That revelation was delivered by whistle-blower Edward Snowden, until recently a contractor for the National Security Agency. He emerged from hiding Wednesday to grant an interview to Hong Kong's South China Morning Post.

"We hack network backbones -- like huge Internet routers, basically -- that give us access to the communications of hundreds of thousands of computers without having to hack every single one," he told the Post.

According to NSA documents reviewed by the Post, which haven't been verified, targets of the NSA's Prism program have included computers in both mainland China and Hong Kong. People targeted included systems at Hong Kong's Chinese University, as well as government officials, businesses and students in the region. But the Post reported that the program didn't appear to target Chinese military systems.

 [ Security standoff at recent U.S.-China summit: Read U.S.-Chinese Summit: 4 Information Security Takeaways. ]
 
According to Snowden, he learned of at least 61,000 such NSA hacking operations globally. The Post didn't specify whether those operations all allegedly occurred since 2009.

Why go public with the NSA's alleged hacking campaign? Snowden said he wanted to highlight "the hypocrisy of the U.S. government when it claims that it does not target civilian infrastructure, unlike its adversaries."

"Not only does it do so, but it is so afraid of this being known that it is willing to use any means, such as diplomatic intimidation, to prevent this information from becoming public," he said.

Snowden first arrived in Hong Kong May 20, and said that the choice of venue wasn't accidental. "People who think I made a mistake in picking Hong Kong as a location misunderstand my intentions. I am not here to hide from justice, I am here to reveal criminality," he said, noting that he planned to stay until "asked to leave." Noting that the U.S. government had already been "bullying" Hong Kong authorities into extraditing him, Snowden said that he would legally fight any such attempt.

How will Hong Kong handle Snowden's case? "We can't comment on individual cases," Hong Kong's chief executive, Leung Chun-ying, told Bloomberg Wednesday. "We'll handle the case according to our law."

Hong Kong is a special administrative region of China, and Beijing could influence the government's legal thinking. But when asked in a Thursday press conference if the Chinese government had received any requests from Washington related to Snowden's case, Hua Chunying, a spokeswoman for China's foreign ministry, said only: "We have no information to offer," reported The Hindu in India.

Snowden previously said he would prefer to "seek asylum in a country with shared values," and named Iceland. Asked to respond to a spokesman for Russian president Vladimir Putin recently saying that were Snowden to apply for asylum in his country, authorities would consider his request, Snowden replied: "My only comment is that I am glad there are governments that refuse to be intimidated by great power."

Snowden said he hadn't contacted his family since leaving the country, but feared for both their safety as well as his own. He also appeared disinclined to glorify what he'd done. "I'm neither traitor nor hero. I'm an American," he said. "I believe in freedom of expression. I acted in good faith but it is only right that the public form its own opinion."

How has China reacted to Snowden's revelations that the NSA is spying on the Chinese? Chinese foreign ministry spokewoman Hua said in a regular press conference Thursday that the government has been following the revelations of NSA monitoring detailed by Snowden, and she repeated calls from the Chinese government -- agreed to in principle at last week's U.S.-China summit in California -- to launch a cybersecurity working group to increase "dialogue, coordination and cooperation" between the two countries.

"We also think adoption of double standards," she said, "will bring no benefit to settlement of the relevant issue."

By  Mathew J. Schwartz
IT finally has its security priorities right, our annual survey shows. Also in the new, all-digital Strategic Security issue of InformationWeek: Five counterintuitive insights on innovation from our recent CIO Summit.

Related posts:
New China-US relationship can avoid past traps 
Xi-Obama summit aims to boost ties, aspirations between China and USA