‘Trojan Horse’ Bug Lurking in Vital US Computers Since 2011

A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.

National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat.

The hacked software is used to control complex industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. Shutting down or damaging any of these vital public utilities could severely impact hundreds of thousands of Americans.

DHS said in a bulletin that the hacking campaign has been ongoing since 2011, but no attempt has been made to activate the malware to “damage, modify, or otherwise disrupt” the industrial control process. So while U.S. officials recently became aware the penetration, they don’t know where or when it may be unleashed.

DHS sources told ABC News they think this is no random attack and they fear that the Russians have torn a page from the old, Cold War playbook, and have placed the malware in key U.S. systems as a threat, and/or as a deterrent to a U.S. cyber-attack on Russian systems – mutually assured destruction.

The hack became known to insiders last week when a DHS alert bulletin was issued by the agency’s Industrial Control Systems Cyber Emergency Response Team to its industry members. The bulletin said the “BlackEnergy” penetration recently had been detected by several companies.

DHS said “BlackEnergy” is the same malware that was used by a Russian cyber-espionage group dubbed “Sandworm” to target NATO and some energy and telecommunications companies in Europe earlier this year. “Analysis of the technical findings in the two reports shows linkages in the shared command and control infrastructure between the campaigns, suggesting both are part of a broader campaign by the same threat actor,” the DHS bulletin said.

The hacked software is very advanced. It allows designated workers to control various industrial processes through the computer, an iPad or a smart phone, sources said. The software allows information sharing and collaborative control.

http://abcnews.go.com/US/trojan-horse-bug-lurking-vital-us-computers-2011/story?id=26737476




World on a string: Breakthrough fiberoptic cable 2,500X faster than fastest internet

Imagine downloading your favorite flick in 31 thousandths of a second. Such insane internet speeds are now a reality, with researchers rolling out a 255 terabits per second fiberoptic network which could transport the entire Internet on a single cable.

The cable, the joint effort of Dutch and US scientists, is 2,550 times faster than the fastest single-fiber links in commercial operation today.

In real terms, it could transfer a 1 GB movie in 0.03 milliseconds or the entire contents of your 1 terabit hard drive in about 31 milliseconds.

At this speed, a single fiber optic cable could theoretically carry the all the data on the internet at peak times.

But how does it work?

Researchers from Eindhoven University of Technology and the University of Central Florida employed a well-known but still cost-prohibitive technology; multi-mode fiber.

Normal fibre optic cables contain thousands of strands of glass or plastic fibre which are slightly thicker than the thread of a needle. These fibers can, in essence, only carry the light for a single laser.

The multi-mode fiber used by the researchers in contrast, has seven distinct cores in a hexagonal shape which are able to carry just as many distinct signals at one time. What’s more, they are squeezed down into the size of the same kind of fiber optic cables used to support the current transatlantic internet cables.

In layman’s terms, it is something akin to a one way road being stretched out into a seven lane highway. This seven lane highway is then stretched into a multi-tier freeway, much like the so-called LA ‘Stack’. Except in this case, it’s like a seven lane, multi-story drag race, with all the power from the individual vehicles being directed into a single source.

Researchers said that this new type of optical fibre is like “allowing 21 times more bandwidth than currently available in communication networks,” which is 4-8 Terabits per second standard.

Moreover, the researchers have introduced “two additional orthogonal dimensions for data transportation – as if three cars can drive on top of each other in the same lane.”

In their test, the researchers managed to reach speeds of 5.1 terabits for each of the seven carriers. Then, by using wavelength division multiplexing (WDM), which allows a number of optical carrier signals onto a single optical wire, they managed to cram 50 carriers down the seven cores, reaching the massive 255 terabit per second speed.

Measuring less than 200 microns in diameter, the new fiber does not take noticeably more space than conventional fibres already deployed, Dr. Chigo Okonkwo who led the work explained.

“These remarkable results, supported by the European Union Framework 7, MODEGAP, definitely give the possibility to achieve petabits per second transmission, which is the focus of the European Commission in the coming seven-year Horizon 2020 research program,” Okonkwo said.

Research results were recently published in the journal Nature Photonics.

While the technology for multi-mode fiber is in place, the price tag on replacing the millions of miles of existing cables could put the upgrade off for decades.

But with the mind-blistering implications of a world wide web operating at thousands of times its current maximum speed, the cost of holding off on the upgrade for too long may be incalculable.

http://rt.com/news/200151-internet-speed-fiberoptic-cable/




The Dark Web: haven for drugs, guns, sex slavery

Drugs, guns, and counterfeit cash are all for sale in the so-called Dark Web, a secret and sinister part of the internet that’s flourishing despite a massive crackdown. The Dark Web is the subject of an historic trial that begins in November in New York City.

First some semantics. The Dark Web: what is it? It’s a part of the Internet that cannot be accessed by search engines like Google. It’s hidden on purpose. You need a special web browser to access it, and it’s designed to be used anonymously — no tracing. But this year, the light has shined very harshly on the Dark Web. A high-profile criminal case goes to trial next month. At the center of that case is a Dark Web site called Silk Road.

The U.S. government says Ross Ulbricht is behind one of the largest drug and crime rings in history. The man seen in a video on the “Free Ross” website certainly does not look like a worldwide menace, an Internet mobster.

In a video on the site, his mother, Lyn Ulbricht, said Ross “Is the most peaceful, non-violent, positive compassionate person I’ve ever met.”

Ulbricht was arrested last fall on charges of running Silk Road, a Dark Web site akin to Amazon or eBay with buyers, sellers, user and product reviews, except the product in Silk Road’s case is usually drugs.

Ulbricht’s family began a legal defense fund at the freeross.org.

After Ulbricht’s arrest, Silk Road was shut down. But now somebody has launched a new version.

“People did studies on Silk Road and found that the customer satisfaction level was remarkably high,” said Greg Virgin, whose day job is running RedJack, a company that keeps businesses and government agencies safe from hackers.

We asked him to use his knowledge to take us inside the Dark Web. To access it, we used the free TOR browser. Virgin said “TOR” stands for “the onion router.”

“So, it’s a network of servers that relay your traffic across one another so nobody can figure out who you are, where you are,” he said.

Our first stop, Virgin took us to a site that is essentially a Dark Web directory. Without listings like these, the sites would be impossible to access unless we knew the exact addresses.

“People have estimated that more than 70 percent of the activity on the Dark Net is illegal,” Virgin said.

A lot of that illegal activity revolves around money; fake money, in some cases. We saw listings for euros, PayPal accounts, cloned credit cards with PINs, and more.

One ad offered corporate account numbers for sale. Another showed off stacks of counterfeit $20 bills; 10 bills cost $80. And users offered advice on how to spend it: “I’ve finally ordered 10 bills and found a way of spending them at nightclubs. I just ask random drunks for change. 100% success rate.”

On almost every site, it was easy to find ads for electronics, such as new, unlocked iPhone 6 smartphones for sale. Plenty offered fake passports and IDs.

One site seeks donations to recruit jihadists in the United States “to establish a new Islamic front both in the United States and around the world.”

Murder does seem to be big business on the Dark Web. One site seeks to crowd fund assassinations. Another website says it’s easy to obtain high-powered firearms. Of course, no questions are asked. No pesky background checks are undergone.

The currency — as with most things on the Dark Web — is bitcoin.

“Bitcoin is a virtual currency that obscures the people doing the transaction, so the buyer and the seller,” said Bruce Upbin, a managing editor for Forbes. “It’s a piece of code that’s shared between two parties to replace currency.”

Anyone can buy bitcoin, but it’s not cheap. One bitcoin is about $300, although it’s been as high as $1,000.

And then, there is what Greg Virgin said is most disturbing about the Dark Web.

“There are a number of atrocious child exploitation sites,” he said.

In his spare time, Virgin works with the International Justice Mission to find and rescue children being sold on the Dark Web as sexual slaves. He said because of his work, he believes arrests are coming in the near future.

“We believe we’ve found dozens of victims, that there’s a strong possibility for rescue,” he said.

Shawn Henry spent 15 years leading cyber investigations around the world for the FBI before retiring as an executive assistant director.

“Imagine from a law enforcement perspective the challenge in identifying people who have never gotten together physically, who live in five separate countries,” Henry said, adding that the Dark Web is a nightmare for law enforcement.

It is also the source of all the high-profile hacks we’ve seen this past year. Target, Home Depot, Chase, Neiman Marcus have all been broken into. Even the U.S. government database holding personal information for employees with sensitive security clearance was breached.

“Can you protect the network from being breached? That’s out the window now,” Henry said. “We need to change the paradigm here and it needs to be: how soon after an adversary makes access do we detect them.”

His biggest fear is hackers, working through the Dark Web’s anonymity, going after power plants and financial systems; cyber terrorism.

“There are actually terrorist groups that are calling for electronic jihad,” Henry said. “What if the lights go out for a week, two weeks, a month? How do we handle that as a nation?” He said he believed it “absolutely” possible.

So, where did this come from? It may be hard to believe but TOR, the software that makes this anonymous and so hard to track and makes much of what you’ve just seen possible, was created by the United States Navy. Part of the goal was help people in oppressed nations have Internet freedom. So the Dark Web is not all bad.

“For us in America we live in a free society, for the most part, but there’s plenty of people in the world who don’t, who live in oppressive regimes, where they control the Internet,” Upbin of Forbes said.

Whether it’s pro-democracy protests in Hong Kong or the Arab Spring, the Dark Web’s anonymity helps makes it possible by letting organizers spread the word.

That brings us back to Silk Road and the criminal case pending against Ross Ulbricht.

Julia Tourianski, a blogger from Toronto, said she believes internet freedom in the U.S. rests on the outcome of the Silk Road case.

“This is about the future of our Internet freedom,” she said. “If Ross Ulbricht loses then I think what will happen is anybody who uses TOR networks or anonymous systems will be considered a criminal by default.”

Tourianski is a supporter of Ulbricht’s mother, who said the U.S. government is trying to rewrite law.

Lyn Ulbricht has traveled the country to raise awareness about the Silk Road case and has become something of an Internet star. She would not agree to an interview with us, but we caught her speech at Liberty Fest in Brooklyn. She believes the outcome of the case could lead to a world where everyone’s activities on the web are monitored.

Of course, Edward Snowden showed us last year the NSA is already collecting information about phone calls and emails.

“It’s something far more dangerous than any website could be and that is what our government has become and how they operate,” Lyn Ulbricht said at Liberty Fest.

Tourianski said the Dark Web’s dark side is worth living with.

“Most people are inherently good, and just because a small percentage of people may or may not commit a crime, we shouldn’t police everybody,” Tourianski said. “And if we do, that’s not a world anybody wants to live in.”

Ross Ulbricht has pleaded not guilty to all charges. His trial is set to begin November 10. No matter the outcome for him, the Dark Web seems to continue defying law enforcement despite their pledge to crack down.

Ulbricht’s lawyer and the U.S. attorney prosecuting the case declined to comment for our story.

If Ulbricht is convicted of the most serious charges he faces a maximum sentence of life in prison.

http://www.myfoxny.com/story/26785177/dark-web-haven-crime




FBI director: iPhones shields pedophiles from cops

NEW YORK (CNNMoney)

Apple’s new privacy features protect kidnappers, pedophiles and terrorists, according to FBI director James Comey.

In an interview on CBS’ “60 Minutes” on Sunday, Comey said Apple’s encryption standards for iPhones and iPads “put people beyond the law.”

Apple (AAPL, Tech30) recently took measures to enhance user privacy. Now, only users have the key to unlock text messages, photos and emails on their device. As such, iOS 8 will shield your data from anyone — including police.

Here’s how it works: You send a text message that’s encrypted on your device. It passes through Apple servers as jumbled code nobody can crack. And it can only get decrypted by your friend’s iPhone passcode.

Google (GOOG) has announced it’s doing the same for its Android devices.

The FBI director isn’t pleased.

“The notion that people have devices… that with court orders, based on a showing of probable cause in a case involving kidnapping or child exploitation or terrorism, we could never open that phone? My sense is that we’ve gone too far when we’ve gone there,” Comey told CBS.

Comey compared selling iPhones to selling “cars with trunks that couldn’t ever be opened by law enforcement with a court order.”

But there are two things that are wrong with that statement:

1) The FBI can still get your phone data. Now, they can’t do it secretly by going to Apple or Google. Agents must knock on your front door with a warrant in hand — the way it’s always been.

If you don’t give the FBI access to your phone, it can ask a federal judge to force you. If you refuse, the government can throw you in jail and hold you in contempt of court.

The FBI and Apple did not respond to requests for comment.

Joel Kurtzberg is a New York lawyer who specializes in First Amendment cases (in which journalists often refuse court orders to disclose sources). He said the biggest difference now is that the FBI can’t be covert when it wants your data.

“This is going to make it harder for law enforcement. Now, they’ll have to tip off their target,” he said. “And it will result in instances where someone will destroy evidence.”

But even for the most dangerous cases, there are still workarounds. Video surveillance — the classic kind — can spy on someone as they type their passcode. And the NSA has technology to slip device-controlling malware into phones anyway.

iPhone 6 vs. Galaxy Alpha: Cost to make

2) Opening devices to law enforcement means opening them to hackers. When it comes to data, possession of a key is everything. If your passcode is the only thing that unlocks your digital life, then it doesn’t matter if the FBI presents Apple or Google with a warrant — or if hackers break into the company’s servers. They won’t get anything useful.

The FBI wants companies to keep a backdoor into your life. That’s a problem, because as Comey himself has said in the past, everyone is under attack by hackers.

As Comey said in a previous episode of 60 Minutes: “There are those who’ve been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese.”

Related: Kmart says payment systems hacked

“You can’t have it both ways,” said David Oscar Markus, a Miami defense attorney with expertise in police searches and seizures. “If there’s a backdoor, it can be exploited. The government shouldn’t get to pick and choose what’s protected.”

CNNMoney is investigating recent hacks. Have you had money stolen from your bank account? Has someone stolen your identity? Share your story.

Related: Snapchat isn’t private. Period.

Related: How safe are you? CNNMoney’s cybersecurity Flipboard magazine

 

http://money.cnn.com/2014/10/13/technology/security/fbi-apple/index.html




The Internet is broken

Reports of Internet bugs like like Heartbleed and the recent shellshock are growing more frequent and the problems they pose are increasingly more dangerous.

Why? For two reasons that aren’t going to change anytime soon.

The Internet was never meant for this. We use the Internet for banking, business, education and national defense. These things require privacy and the assurance that you are actually who you say you are.

The Internet, as it was designed, offers neither. When the Worldwide Web was built 25 years ago, it existed as a channel for physicists to pass research back and forth. It was a small, closed community. The scientists at Stanford trusted the researchers at the University of California – Los Angeles.

Related: Shellshock bug could let hackers attack through a lightbulb

In 2014, it’s still standard to send Internet communication in plain text. Anyone could tap into a connection and observe what you’re saying. Engineers developed HTTPS nearly 20 years ago to protect conversations by encrypting them — but major email providers and social media sites are only now enabling this. And sites like Instagram and Reddit still don’t use it by default.

How hackers beat the Heartbleed bug

The Internet was also built on set of rules that requires every packet of sent information to have a valid address, kind of like a phone number — but the rules aren’t strict about validating the source. So, it can be spoofed. As a result, hackers can fake a return address. When millions of fraudulent packets are “returned to sender” all at once, a website can get shut down by a flood of illegitimate traffic — known as a Denial of Service attack.

“When the Internet evolved, the climate was friendly. That’s not true now,” said Paul Vixie, who was instrumental in developing how we connect to websites today. “A trusted network of academics is not a global network for all of humanity.”

Software is a hodgepodge of flawed Lego blocks. The big, ugly secret in the world of computer science is that developers don’t check their apps closely enough for bugs.

Today, software is so profitable that developers are under intense pressure to churn out apps as quickly as possible.

Related: Heartbleed Part 2: The handshake bug

When developer Peter Welch wrote a frightening essay revealing the sausage-making process, he explained how modern day developers rapidly stack together building blocks of code — without reviewing it for mistakes or ensuring the whole thing won’t collapse or let in a hacker.

“People will start cutting corners and speeding up,” Welch said in an interview. “It’s less about understanding the academic value of code and more about producing the product. We’ve lost some safety for speed.”

Sometimes, that flawed code becomes widespread. Most of the world relies on open-source software that’s built to be shared and maintained by volunteers and used by everyone — startups, banks, even governments.

There’s an illusion of safety. The thinking goes: So many engineers see the code, they’re bound to find bugs. Therefore, open-source software is safe, even if no one is directly responsible for reviewing it.

Nope. Last week’s shellshock bug is the perfect example of that flawed thinking. Bash, a program so popular it’s been placed on millions of machines worldwide, was found to have a fatal flaw that’s more than 20 years old. Eyes were on it, but no one caught it until now.

“It’s not Toyota having a recall,” explained Scott Hanselman, a programmer and former college professor in Oregon. “It’s like tires as a concept have been recalled and someone says, ‘Holy crap, tires?! We’ve been using tires for years!’ It’s that level of bad.”

http://money.cnn.com/2014/09/30/technology/security/internet-bug/index.html?iid=Lead




Inventor of World Wide Web warns of threat to internet

London (AFP) – The British inventor of the World Wide Web warned on Saturday that the freedom of the internet is under threat by governments and corporations interested in controlling the web.

Tim Berners-Lee, a computer scientist who invented the web 25 years ago, called for a bill of rights that would guarantee the independence of the internet and ensure users’ privacy.

“If a company can control your access to the internet, if they can control which websites they go to, then they have tremendous control over your life,” Berners-Lee said at the London “Web We Want” festival on the future of the internet.

“If a Government can block you going to, for example, the opposition’s political pages, then they can give you a blinkered view of reality to keep themselves in power.”

“Suddenly the power to abuse the open internet has become so tempting both for government and big companies.”

Berners-Lee, 59, is director of the World Wide Web Consortium, a body which develops guidelines for the development of the internet.

He called for an internet version of the “Magna Carta”, the 13th century English charter credited with guaranteeing basic rights and freedoms.

Concerns over privacy and freedom on the internet have increased in the wake of the revelation of mass government monitoring of online activity following leaks by former US intelligence contractor Edward Snowden.

A ruling by the European Union to allow individuals to ask search engines such as Google to remove links to information about them, called the “right to be forgotten”, has also raised concerns over the potential for censorship.

“There have been lots of times that it has been abused, so now the Magna Carta is about saying…I want a web where I’m not spied on, where there’s no censorship,” Berners-Lee said.

The scientist added that in order to be a “neutral medium”, the internet had to reflect all of humanity, including “some ghastly stuff”.

“Now some things are of course just illegal, child pornography, fraud, telling someone how to rob a bank, that’s illegal before the web and it’s illegal after the web,” Berners-Lee added.

http://news.yahoo.com/inventor-world-wide-warns-threat-internet-224455080.html;_ylt=AwrTWf2ygCdUCj8AYlfQtDMD




‘You are not a product’: Privacy-friendly ad-free ‘anti-Facebook’ network Ello explodes

A mostly obscure, privacy-orientated social network – an ‘anti-Facebook’ of sorts – has recently undergone meteoric growth. It poses itself as an advert-free enterprise which is not going to become a tool to manipulate its users.

‘Anti-facebook’ network Ello kicked off in July as an invite-only social network seeking to have an advert-free user-orientated role rather than becoming a profit-generating enterprise, according to itsmanifesto.

“Your social network is owned by advertisers. Every post you share, every friend you make and every link you follow is tracked, recorded and converted into data,” it points out.

Screenshot from ello.co

Screenshot from ello.co

Ello pledges that it will never sell user data to advertisers, forfeiting the one source of income keeping afloat online giants like Facebook and Google. Instead it attempts to cover expenses by selling premium features, such as managing several accounts from a single login – a service that appeals to privacy-focused users.

“We believe a social network can be a tool for empowerment. Not a tool to deceive, coerce and manipulate — but a place to connect, create and celebrate life. You are not a product,” Ello calmly states.

This ‘social network with a conscience’ approach appears to be filling a large gap in the market given Facebook’s ever-changing privacy policy and targeted advertisements.

According to the latest data from the Pew Research Centre, 71% of adults who use the internet use Facebook – an enormous proportion. However, while Ello is still undergoing beta testing, recent weeks have seen a mass-influx of users to the site – users who are apparently becoming increasingly dissatisfied with Facebook.

For months, the network remained small and grew slowly as word-of-month brought in new users. The likely driver for the explosive growth of Ello is the LGBT community, The Daily Dot points out.

Facebook had a falling out with the LGBT community due to the company’s strict ‘real name’ policy, thereby meaning drag queens couldn’t go under assumed titles.

While the giant’s desire to have as accurate as possible profiles of its users is understandable, considering that it is the profiles that make the money, the enforcement of the real name policy offends those who prefer to keep their identity private, often for safety reasons.

In what The Daily Dot, one of the first big news outlets to report Ello’s sudden rise, called a “queer mass exodus,” LGBT folk apparently fled Facebook. And newcomer Ello’s core team didn’t fail to notice the influx.

READ: Facebook takes down drag queens’ profiles

Artists, bloggers, people who are concerned about privacy, people who have had problems with stalkers, celebrities, and members of the LGBTQ community sometimes choose not to use their real names — out of personal preference, or to protect themselves,” Paul Budnitz, a toy maker by profession and one of the Ello creators told BetaBeat.

“All these people are being kicked out of Facebook.”

Since going viral, requests to join Ello went to over 27,000 per hour. Twitter overflowed with invite requests while eBay spurred an enormous black market for them. Ello briefly suspended new invites and experienced a website crash, which is understandable for a website that’s technically still in beta mode.

The Ello team also had to address new users’ concerns, pledging a zero-tolerance policy toward “hate, trolls, spamming, stalking, impersonating others, threats and abusive behavior toward anyone.” At the request from erotic artists and sex workers it changed posting rules to allow porn material (once NSFW tagging is rolled out) – as long as it isn’t something illegal, like child pornography.

Between fighting technical glitches, developing new features like making a profile private, and dealing with the unexpected scale-up, Ello say they will be true to their manifesto. Many wonder whether its black, eyeless smiley logo may one day become as ubiquitous as the white-on-blue word “Facebook,” or will sink back into obscurity once the fad passes.

Those who are more skeptical suspect that Ello is just a case of clever niche marketing that is bound to become as bad as the big players it criticizes.

However, it is currently remaining defiant in the face of such suggestions. While sales of the features – which will go for an estimated $1 or $2, Ello is relying on the fact that it will be inexpensive to maintain such a website.

In the “coming soon” section, the site says that its users can expect audio integration – such as soundcloud, the ability to ‘block’ other users, and video integration, among other things.

http://rt.com/news/191180-facebook-lgbt-refugees-ello/




Pirate Bay fools the system with cloud technology

Despite years of persecution, the world’s most notorious pirated content exchange continues to flout copyright laws worldwide. The Pirate Bay team revealed how cloud technology made their service’s virtual servers truly invulnerable.

Two founders of The Pirate Bay (TPB) file exchange are in prison, but their creation continues to receive millions of unique visitors daily and remains among the 100 most popular websites worldwide.

Today The Pirate Bay has 21 “virtual machines” (VMs) scattered around the globe with cloud-hosting providers, and the new setup works just fine, reported TorrentFreak, having anonymously questioned the Pirate Bay team. The cloud technology made the site more portable, eliminated the need for any crucial pieces of hardware and therefore made the torrent harder to take down. Costs have decreased and better uptime is now guaranteed.

True geeks cannot follow up hardware and server setup anymore, but the advantages of the new tech set-up for the notorious torrent site outweigh any inconveniences.

After operating ‘in exile’ in Guyana and Peru without much luck, two years ago The Pirate Bay team made a landmark decision and decided to move away from operating physical servers and switched all of their operations to the cloud.

Reuters/Susanne Lindholm/Scanpix Sweden

Reuters/Susanne Lindholm/Scanpix Sweden

Two years ago there were just four VMs, but the increased traffic has heralded a five-fold growth of virtual machines.

Out of 21 VMs, eight are busy serving web pages. Six machines are processing the searches, while TPB’s database is being run on two VMs. The remaining five VMs are needed for load balancing, statistics, torrent storage, the proxy site on port 80 and controller functions.

The system operates using 182 GB of RAM and 94 GPU cores, with total storage capacity of 620 GB, which are not used in full, actually. Considering the scale of The Pirate Bay website, these characteristics are quite modest.
One of the secrets of the modern day TPB is that the commercial cloud providers hosting the torrent site have no idea that the PTB is among their clients. The load balancer VM that funnels all the traffic to other TPB virtual servers masks their activities, which means none of the IP-addresses of the cloud hosting providers are publicly linked to TPB. This makes the new TPB virtually ‘raid-proof’ and very hard for police to track it down. There are no more physical servers to be seized, too, as happened in 2006, when Swedish police raided TPB’s hosting company, seizing everything from servers to fax machines and blank CDs.

Despite occasional difficulties that hit the service from time to time, there have been no major breakdowns recently and no agency has attempted to shut the torrent site down.

It is true that cloud servers can be disconnected like any physical server, but even in that case restoration of the operation is much easier than before and services can be restored from a different provider relatively quickly.

Still, The Pirate Bay remains The Pirate Bay, and this name is widely known among registrars as the root of evil, burning through five separate domain names the last year alone. But that doesn’t dampen the spirits of the TPB team, as operators have dozens of alternative domain names waiting in the wings.

Pirate Bay co-founders Fredrik Neij (L), Gottfrid Svartholm (C) and Peter Sunde leave the city court after the last day of argument's in their copyright trial in Stockholm March 3, 2009. (Reuters/Bob Strong)

Pirate Bay co-founders Fredrik Neij (L), Gottfrid Svartholm (C) and Peter Sunde leave the city court after the last day of argument’s in their copyright trial in Stockholm March 3, 2009. (Reuters/Bob Strong)

Two of TPB’s original founders, Gottfrid Svartholm and Peter Sunde, are currently serving terms in prison and TPB has posted a banner asking visitors to send their support to the site’s founders.

“Show your support by sending them some encouraging mail! Gottfrid is only allowed to receive letters, while Peter gladly receives books, letters and vegan candy.”

When Svartholm and Sunde are out of jail, they’ll find that the rules of the pirate game have changed – and most probably in their favor.

http://rt.com/news/189560-pirate-bay-cloud-servers/




Governments spy on journalists with weaponized malware – WikiLeaks

Journalists and dissidents are under the microscope of intelligence agencies, Wikileaks revealed in its fourth SpyFiles series. A German software company that produces computer intrusion systems has supplied many secret agencies worldwide.

The weaponized surveillance malware, popular among intelligence agencies for spying on “journalists, activists and political dissidents,” is produced by FinFisher, a German company. Until late 2013, FinFisher used to be part of the UK-based Gamma Group International, revealed WikiLeaks in the latest published batch of secret documents.

FinFisher’s spyware exploits and monitors systems remotely. It’s capable of intercepting communications and data from OS X, Windows and Linux computers, as well as Android, iOS, BlackBerry, Symbian and Windows Mobile portable devices. Three back-end programs are required for the spy program to operate. FinFisher Relay and FinSpy Proxy programs are FinFisher suite components that route and manage intercepted traffic, redirecting it to the FinSpy Master collection program. The spyware can steal keystrokes, Skype conversations, and even connect to your webcam and watch you in real time.

The whistleblower has a list of FinFisher surveillance software buyers. Among the German malware developer’s clients are intelligence agencies and police forces from Australia, Bosnia, Estonia, Hungary, Italy, Mongolia, the Netherlands, Pakistan and Qatar.

According to WikiLeaks’ estimates, FinFisher has already earned about 50 million euros in sales.

“FinFisher continues to operate brazenly from Germany selling weaponized surveillance malware to some of the most abusive regimes in the world,” the founder and editor-in-chief of Wikileaks, Julian Assange, said.

Earlier this year, the tapping of Chancellor Angela Merkel’s mobile phone by the American National Security Agency (NSA) created a scandal that rocked the German political establishment: a revelation made thanks to documents exposed by the former NSA contractor and whistleblower Edward Snowden.

Yet, despite all this, FinFisher continues its activities in Germany unhindered.

“The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher?” Assange asked.

Assange is calling for an ‘antidote’ to the German-made FinFisher FinSpy PC spyware, saying a tool is needed to repel such activities and expose those who do the surveillance by tracking down spying command and control centers.

WikiLeaks has made newly indexed FinFisher breach material public via torrents, “including new brochures and a database of the customer support website, that provide updated details on their product line and a unique insight into the company’s customer-base.”

“In order to make the data more easily accessible and consumable, all the new brochures, videos and manuals are now available organized under the related FinFisher product name. The database is represented in full, from which WikiLeaks compiled a list of customers, their eventual attribution, all the associated support tickets and acquired licenses, along with the estimated costs calculated from FinFisher’s price list,” the WikiLeaks memo said.

After the scandal that followed revelations of mass NSA spying worldwide, Germany and France came up with an idea to build a trustworthy data protection network in Europe to avoid data passing through the US.

The US slammed such plans to construct an EU-centric communication system, designed to prevent emails and phone calls from being swept up by the NSA, warning that such a move is a violation of trade laws.

http://rt.com/news/188052-german-spyware-wikileaks-journalists/




High Speed Click Fraud: Over One Third Of All Internet “Traffic” Is Fake

“When you bundle bots, clicks fraud, viewability and the lack of transparency [in automated ad buying], the total digital-media value equation is being questioned and totally challenged,” warns one advertising group executive as theWSJ reports about 36% of all Web traffic is considered fake, the product of computers hijacked by viruses and programmed to visit sites. This means, simply put, that marketers, who are pouring billion of dollars into online advertising, are confronting an uncomfortable reality: rampant fraud… and the fraud is only going to get worse…

Via WSJ,

Spending on digital advertising—which includes social media and mobile devices—is expected to rise nearly 17% to $50 billion in the U.S. this year. That would be about 28% of total U.S. ad spending. Just five years ago, digital accounted for 16%.

The big question is whether attitudes will change if signs of fraud increase.

Billions of dollars are flowing into online advertising. But marketers also are confronting an uncomfortable reality: rampant fraud.

About 36% of all Web traffic is considered fake, the product of computers hijacked by viruses and programmed to visit sites, according to estimates cited recently by the Interactive Advertising Bureau trade group.

So-called bot traffic cheats advertisers because marketers typically pay for ads whenever they are loaded in response to users visiting Web pages—regardless of whether the users are actual people.

The fraudsters erect sites with phony traffic and collect payments from advertisers through the middlemen who aggregate space across many sites and resell the space for most Web publishers. The identities of the fraudsters are murky, and they often operate from far-flung places such as Eastern Europe, security experts say.

Big advertisers are in “crisis”

Chief Executive Vivek Shah, the chairman of the Interactive Advertising Bureau, said at the group’s annual conference last month that Internet advertising was facing a “crisis.”

“The clients we work with would love to spend more money in digital,” says Quentin George, a co-founder of ad-technology consulting firm Unbound. “But until we give them more control and transparency on how the money is being spent, they will continue to have questions and hold money back.”

 

 

“We’re aware of the concerns within the industry about ad fraud and are working to address those concerns as they pertain to our business,” a GM spokeswoman says.

One wonders just how “valuable” all those social media companies really are if the bots and fraud was removed? This isn’t the first time we have discussed this, but it seems even the advertisers are now doubting the new word order of “social” and “mobile” as the panacea for ad spend.




Why HTTPS and SSL are not as secure as you think

GIH: We are led to believe that by installing a certificate, or by other common security practices, we are safe.  The following shows that this may not be the case, especially considering the vulnerabilities of HTTPS protocol, the commonly accepted ‘safe’ way to browse:


In this day and age of well-known NSA spying, everyone keeps saying that the only way to be safe is to use SSL/TLS, commonly known as “browsing with https://”.

The sad reality is that HTTPS does virtually nothing to protect you from the prying eyes of alphabet soup agencies – or anybody else with enough knowledge about how these supposedly “secure” connections actually work.

It’s true that connecting to web sites with SSL will certainly prevent “script kiddies” and other more winky opponents from eavesdropping on your surfing or otherwise interfering in your affairs. But as for the Real Bad Guys, forget it…

We shall begin by taking a brief dive down the rabbit hole of SSL, hopefully in a way that will make sense to even the least technically inclined among us.

This issue is, after all, so extremely important that I think everyone needs to understand what is really going on, and how web security actually works, without needing a PhD in cryptography, computer science, or engineering!

Our story begins with a little e-mail I received the other day. The basic message can be found here:

Microsoft Security Advisory (2880823)

Of course, the idea that Microsoft of all companies is warning me about security is kind of laughable, so I didn’t pay much attention. Nevertheless, there was this little voice in the back of my mind that kept pestering me, so I decided to dig in and see what all the hoopla was about… or indeed if any hoopla was even warranted.

Boy, is it ever warranted!

From the above link, we read:

Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing after January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

Microsoft recommends that certificate authorities no longer sign newly generated certificates using the SHA-1 hashing algorithm and begin migrating to SHA-2. Microsoft also recommends that customers replace their SHA-1 certificates with SHA-2 certificates at the earliest opportunity. Please see the Suggested Actions section of this advisory for more information.

Okay, so that’s probably like trying to read a foreign language to most people. Even I didn’t understand exactly how these hashing algorithms were used with SSL. So, I started digging. What I found nearly floored me:

MD5 considered harmful today: Creating a rogue CA certificate

Now, if you thought the M$ advisory was confusing, take a peek at the above link.

WOW! That’s wild.

In summary, way back in 2008, some smart people figured out a way to make themselves a Fake SSL Certificate Authority, and they accomplished this feat by using a weakness in the MD5 hashing algorithm.

“Eureka! This must be the key to our mystery,” I thought.

So, I began to read… and re-read… and think… and re-read. And then it clicked. To paraphrase Inspector Finch:

I suddenly had this feeling that everything was connected. It’s like I could see the whole thing, one long chain of events that stretched all the way back before the MD5 hash advisory in 2008. I felt like I could see everything that happened, and everything that is going to happen. It was like a perfect pattern, laid out in front of me. And I realised we’re all part of it, and all trapped by it.

“Well, that’s stunningly dramatic,” you think, “But just… What is going on?!”

System Failure

First, let’s define some terms – hopefully in Plain English:

SSL Web Site Certificate

This is a digital certificate, with a digital signature, that verifies that a website is who they say they are. When you connect to a web site using SSL (HTTPS), your browser says, “Papers, please!” The remote site then sends the SSL Web Site Certificate to your browser. Your browser then verifies the authenticity of this “passport”. Once verified, encrypted communications ensue. The point of the SSL Web Site Certificate is that under no circumstances should anyone else be able to create a valid, signed certificate for a web site that they do not own and operate. In order to obtain an SSL Web Site Cert, you must verify by varied means that you are the owner and operator of the web site involved. So, using HTTPS is not only for encryption of communications, but also a way to verify that the site you are communicating with is the Real Thing, and not an imposter. And of course you must pay for the certificate!

Certificate Authority (CA) Root Certificate

This is also a digital certificate, with a digital signature… But in this case, this certificate can be used to create and digitally sign normal SSL Web Site Certificates. This is the kind of certificate that a CA (Certificate Authority) has. These certificates also get passed to browser makers, and are then included in your web browser. This is so that when your browser receives an SSL Web Site cert, it can use the CA Root Certificate to verify that the Web Site Cert is in fact valid.

Certificate Authority (CA)

A CA is the kind of web site from which you would buy a valid, secure SSL Web Site Certificate to use for HTTPS on your site. For example: Verisign.com, RapidSSL.com, Geotrust.com, etc. are Certificate Authorities. They have CA Root Certificates for generating and signing valid SSL Web Site Certificates.

It’s helpful to understand that with all these certificates, there is a “chain of command”. SSL Web Site Certificates are validated and authenticated using CA Root Certificates. CA Root Certificates are validated with yet higher-authority certificates, all the way up the pyramid to The One Great Root Certificate, which is like the God of Certificates. Thus, each lower-ranking certificate is verified up the chain of command. This all happens behind the scenes, and you have no idea it’s occurring.

Certificate Authority Validation Chain

Each lower level certificate is validated using a certificate from the level above it.

Piece of cake, right?

Now, where do these hash algorithms like MD5, SHA-1, and SHA-2 come into play?

All certificates contain information, like:

  • Web site domain (www.mysite.com)
  • Site location (country, state, etc.)
  • Site owner info (company name)
  • Period of validity

This information is verified before a certificate is issued. Once verified, a hash of the data is generated. This hash acts as the digital signature for the certificate. The only thing you really need to understand about hash algorithms is that what is supposed to happen is this:

  1. Data of any length (30 characters, 3000 characters, 40MB, whatever) is passed into the hash algorithm
  2. The hash algorithm chops up the data and mathematically processes it, thereby spitting out a signature – or digital fingerprint – of the data
  3. The hash of no two chunks of data should ever be the same – just as the fingerprints of no two people should ever be the same
  4. The hash output is always the same size, regardless of the size of the input data (just like a fingerprint – no matter the size of the person)
Hash Fingerprint

Right. There is such a thing as a “hash collision”. This is when you have 2 hashes that are identical, but they were generated from different data. That’s like if you and your neighbor suddenly had the same thumbprint. OOPS!

Now, think about that for a minute… If the police were using these hashes, or thumbprints, to verify your identity, they might mistake you for your neighbor, or your neighbor for you, if you “had the same thumbprint”. If they did no other checking, and just relied on that thumbprint, they might very well “authenticate” your identities completely incorrectly. BIG OOPS!

This is exactly what happened with the MD5 SSL attack outlined at the above link.

These smarty-pants people were able to carefully buy a valid SSL Web Site Certificate from RapidSSL in 2008. Before they did that, they created their own CA Root Certificate in such a way that the hash (fingerprint) of their valid, just-purchased Web Site Cert was identical to the hash of the FAKE CA Root Certificate that they created out of thin air.

Since RapidSSL had just said, “Dudes, this Web Site Certificate fingerprint is valid!”, and since this was the same fingerprint on the fake CA Root Cert, the forged CA Root Certificate becomes valid.

Now, recall that a CA Root Certificate – as long as it has a valid hash/fingerpint that will validate up the “chain of authority” – can be used to generate a valid SSL Web Site Certificate for any web site in the world… And neither you, nor RapidSSL, nor your browser will ever know that anything is amiss.

Why is this a problem? For starters, consider a man-in-the-middle attack.

Man in the middle attack

© x-services.nl

You want to go to https://www.gmail.com. But some “hackers” have used another type of hack to insert their server between you and Gmail. Normally, this would not be possible, because you’re using HTTPS! You’re SAFE!

WRONG!

As far as anyone knows, you are connected to gmail.com over HTTPS. But in reality, what’s happening is this:

  1. You try to connect to https://www.gmail.com
  2. The attacker diverts your request (perhaps using DNS cache poisoning or some other such attack) to a fake server
  3. Since Attacker’s Server contains a falsely generated, perfectly valid SSL Web Site Certificate using the tricks outlined above, your browser doesn’t know any better. Everything appears to be legit.
  4. You begin doing e-mail, but all your data is actually going encrypted to Attacker’s Server, being decrypted and recorded/modified, and then Attacker’s Server then passes the data on to the real https://www.gmail.com (using Gmail’s actual, valid SSL cert).
  5. You have absolutely no clue that your “secure” communications are not secure in the least!

In other words, SSL / HTTPS means that the connection between your browser and the destination server at the URL you’re visiting is supposed to be encrypted. But due to the fact the certain types of SSL certificates (which help handle the encryption) can be forged, an attacker could set up their fake server that pretends to the be the real destination server, and thus insert themselves in the middle of the connection. When that is done, the attacker has control over the connection and the data, and can thus decrypt your data, manipulate it, and/or pass it on to the real intended destination server.

Now, isn’t that a daisy?

“But wait!” you say. “Isn’t it therefore good for Microsoft to recommend changing the hash function to SHA-256 if SHA-1 has the same potential problem as MD5 did back in 2008?”

An excellent question! Unfortunately, yes and no. Even if you, as a web site owner, change your SSL Web Site Certificate from one that is signed using SHA-1 to a new cert that is signed using SHA-2, you are still unsafe.

Why?

Because all it takes is for ONE Certificate Authority to use a “weak” hash algorithm, and someone who is up to no good can generate a forged CA Root Certificate. Once they have that, they can generate as many SSL Web Site Certs as they want – using any hashing algorithm they please – including a fake-yet-valid cert that they can use to impersonate your “secure” site!

In other words, the weakness in the hashing algorithm is just the tip of the iceberg. Due to the hierarchical “chain of authority” in the whole certificate system, if anyone manages to create a false CA Root Cert, they are more or less god in terms of creating false SSL Web Site Certs.

Thus, in order for Microsoft’s words to have an effect, there must not be ANY Certificate Authority (Web Site Cert issuer) in the whole world that still uses SHA-1. In order for the “security” to actually be more secure, everyone must upgrade right now. But this isn’t going to happen.

Now, if that isn’t bad enough, think about all the NSA spying. Think about how many people said, “Naw, man, I just surf using HTTPS, and I’m totally safe!”

You think so?

I don’t. You know why? Well, you should, by now… But there’s more!

Big Brother, NSA-Hauptquartier

Guess who??!

Guess who invented the SHA-1 hash algorithm in 1995?

The NSA.

Guess who invented SHA-2 in 2001?

The NSA.

So, why should all the Certificate Authorities switch from the NSA’s SHA-1 to the NSA’s SHA-2? Why, because the NSA created it the way they did for a reason!

SHA-1 already has been theoretically breached, and there are a few indications that SHA-2 isn’t quite as super-duper-safe as everyone thinks.

Imagine you are the NSA. You want to spy on everyone, everyone’s grandmother, the grandmothers’ cats, and the mice that are currently being digested inside the cats. SSL is kind of a problem… It can use pretty annoying encryption. Well, hell! No problem. Just compromise the “certificate authority chain” by forging one little CA Root Certificate, and blammo! You can eavesdrop and man-in-the-middle anybody you darn well please, SSL or not!

Web sites over SSL? No problem.

E-mail over SSL? No problem.

I have said it before, and I’ll say it again: There never was security or privacy on the internet, there is no security or privacy on the internet now, and most likely there never will be. Not unless some very big changes are made…

And do you know why all this (and much, much more) is possible?

Because just like you, I had no knowledge of the gaping holes in SSL. Awareness of this and many other issues – technological, political, psychological, social, etc. – is absolutely essential.

Otherwise, frankly, we’re screwed.

Avatar

Scott Ogrin

Scott Ogrin is an electrical and computer engineer with a BSEE and MSEE. After working in the automotive and telecom industries in hardware and testing, he ended up as a software engineer.

He joined SOTT in 2003 as an editor, and is currently the webmaster and Chief Techie for Sott.net. He is also part-owner of French publishing company Les Editions Pilule Rouge, and a member of the board of directors and engineering consultant for Quantum Future Group, Inc.

Although born in the USA, he became a Slovenian citizen and currently lives in France. He speaks English, French, Slovenian, and Spanish.

In his spare time, he works on his popular blog at ScottiesTech.Info.




How the NSA Plans to Infect ‘Millions’ of Computers with Malware

GIH:  As more information comes out about various spy agencies and their cyber divisions, it seems that those such as the NSA pose a larger threat to internet security than the hackers they are supposedly protecting us from.  The following information should make any user of the internet, be it a business or individual or government, reconsider use, policies, protocols, and security.


Featured photo - How the NSA Plans to Infect ‘Millions’ of Computers with MalwareOne presentation outlines how the NSA performs “industrial-scale exploitation” of computer networks across the world.

Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”

In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the “Expert System,” which is designed to operate “like the brain.” The system manages the applications and functions of the implants and “decides” what tools they need to best extract data from infected machines.

Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.

“When they deploy malware on systems,” Hypponen says, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”

Hypponen believes that governments could arguably justify using malware in a small number of targeted cases against adversaries. But millions of malware implants being deployed by the NSA as part of an automated process, he says, would be “out of control.”

“That would definitely not be proportionate,” Hypponen says. “It couldn’t possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance.”

The NSA declined to answer questions about its deployment of implants, pointing to a new presidential policy directive announced by President Obama. “As the president made clear on 17 January,” the agency said in a statement, “signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes.”

 

“Owning the Net”

The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to secretinternal records, the agency was managing a small network of only 100 to 150 implants. But over the next six to eight years, as an elite unit called Tailored Access Operations (TAO) recruited new hackers and developed new malware tools, the number of implants soared to tens of thousands.

To penetrate foreign computer networks and monitor communications that it did not have access to through other means, the NSA wanted to go beyond the limits of traditional signals intelligence, or SIGINT, the agency’s term for the interception of electronic communications. Instead, it sought to broaden “active” surveillance methods – tactics designed to directly infiltrate a target’s computers or network devices.

In the documents, the agency describes such techniques as “a more aggressive approach to SIGINT” and says that the TAO unit’s mission is to “aggressively scale” these operations.

But the NSA recognized that managing a massive network of implants is too big a job for humans alone.

“One of the greatest challenges for active SIGINT/attack is scale,” explains the top-secret presentation from 2009. “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).”

The agency’s solution was TURBINE. Developed as part of TAO unit, it is described in the leaked documents as an “intelligent command and control capability” that enables “industrial-scale exploitation.”

 

 

TURBINE was designed to make deploying malware much easier for the NSA’s hackers by reducing their role in overseeing its functions. The system would “relieve the user from needing to know/care about the details,” the NSA’s Technology Directorate notes in one secret document from 2009. “For example, a user should be able to ask for ‘all details about application X’ and not need to know how and where the application keeps files, registry entries, user application data, etc.”

In practice, this meant that TURBINE would automate crucial processes that previously had to be performed manually – including the configuration of the implants as well as surveillance collection, or “tasking,” of data from infected systems. But automating these processes was about much more than a simple technicality. The move represented a major tactical shift within the NSA that was expected to have a profound impact – allowing the agency to push forward into a new frontier of surveillance operations.

The ramifications are starkly illustrated in one undated top-secret NSA document, which describes how the agency planned for TURBINE to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.” (CNE mines intelligence from computers and networks; CNA seeks to disrupt, damage or destroy them.)

 

 

Eventually, the secret files indicate, the NSA’s plans for TURBINE came to fruition. The system has been operational in some capacity since at least July 2010, and its role has become increasingly central to NSA hacking operations.

Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.

The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”

The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”

 

Circumventing Encryption

The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.

One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.

An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.

The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That’s because the NSA’s malware gives the agency unfettered access to a target’s computer before the user protects their communications with encryption.

It is unclear how many of the implants are being deployed on an annual basis or which variants of them are currently active in computer systems across the world.

Previous reports have alleged that the NSA worked with Israel to develop the Stuxnet malware, which was used to sabotage Iranian nuclear facilities. The agency also reportedly worked with Israel to deploy malware called Flame to infiltrate computers and spy on communications in countries across the Middle East.

According to the Snowden files, the technology has been used to seek out terror suspects as well as individuals regarded by the NSA as “extremist.” But the mandate of the NSA’s hackers is not limited to invading the systems of those who pose a threat to national security.

In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.

The internal post – titled “I hunt sys admins” – makes clear that terrorists aren’t the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any “government official that happens to be using the network some admin takes care of.”

Similar tactics have been adopted by Government Communications Headquarters, the NSA’s British counterpart. As the German newspaper Der Spiegel reported in September, GCHQ hacked computers belonging to network engineers at Belgacom, the Belgian telecommunications provider.

The mission, codenamed “Operation Socialist,” was designed to enable GCHQ to monitor mobile phones connected to Belgacom’s network. The secret files deem the mission a “success,” and indicate that the agency had the ability to covertly access Belgacom’s systems since at least 2010.

Infiltrating cellphone networks, however, is not all that the malware can be used to accomplish. The NSA has specifically tailored some of its implants to infect large-scale network routers used by Internet service providers in foreign countries. By compromising routers – the devices that connect computer networks and transport data packets across the Internet – the agency can gain covert access to monitor Internet traffic, record the browsing sessions of users, and intercept communications.

Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform “exploitation attacks” against data that is sent through aVirtual Private Network, a tool that uses encrypted “tunnels” to enhance the security and privacy of an Internet session.

The implants also track phone calls sent across the network via Skype and other Voice Over IP software, revealing the username of the person making the call. If the audio of the VOIP conversation is sent over the Internet using unencrypted “Real-time Transport Protocol” packets, the implants can covertly record the audio data and then return it to the NSA for analysis.

But not all of the NSA’s implants are used to gather intelligence, the secret files show. Sometimes, the agency’s aim is disruption rather than surveillance. QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target’s file downloads. These two “attack” techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for “defensive” purposes – to protect U.S. government networks against intrusions.

 

“Mass exploitation potential”

Before it can extract data from an implant or use it to attack a system, the NSA must first install the malware on a targeted computer or network.

According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a “back-door implant” infects their computers within eight seconds.

There’s only one problem with this tactic, codenamed WILLOWVIXEN: According to the documents, the spam method has become less successful in recent years, as Internet users have become wary of unsolicited emails and less likely to click on anything that looks suspicious.

Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.

To perform a man-on-the-side attack, the NSA observes a target’s Internet traffic using its global network of covert “accesses” to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency’s surveillance sensors alert the TURBINE system, which then “shoots” data packets at the targeted computer’s IP address within a fraction of a second.

In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.

The documents show that QUANTUMHAND became operational in October 2010, after being successfully tested by the NSA against about a dozen targets.

According to Matt Blaze, a surveillance and cryptography expert at the University of Pennsylvania, it appears that the QUANTUMHAND technique is aimed at targeting specific individuals. But he expresses concerns about how it has been covertly integrated within Internet networks as part of the NSA’s automated TURBINE system.

“As soon as you put this capability in the backbone infrastructure, the software and security engineer in me says that’s terrifying,” Blaze says.

“Forget about how the NSA is intending to use it. How do we know it is working correctly and only targeting who the NSA wants? And even if it does work correctly, which is itself a really dubious assumption, how is it controlled?”

In an email statement to The Intercept, Facebook spokesman Jay Nancarrow said the company had “no evidence of this alleged activity.” He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.

Nancarrow also pointed out that other services besides Facebook could have been compromised by the NSA. “If government agencies indeed have privileged access to network service providers,” he said, “any site running only [unencrypted] HTTP could conceivably have its traffic misdirected.”

A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.

This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers.

The man-in-the-middle tactic can be used, for instance, to covertly change the content of a message as it is being sent between two people, without either knowing that any change has been made by a third party. The same technique is sometimes used by criminal hackers to defraud people.

A top-secret NSA presentation from 2012 reveals that the agency developed a man-in-the-middle capability called SECONDDATE to “influence real-time communications between client and server” and to “quietly redirect web-browsers” to NSA malware servers called FOXACID. In October, details about the FOXACID system were reported by the Guardian, which revealed its links to attacks against users of the Internet anonymity service Tor.

But SECONDDATE is tailored not only for “surgical” surveillance attacks on individual suspects. It can also be used to launch bulk malware attacks against computers.

According to the 2012 presentation, the tactic has “mass exploitation potential for clients passing through network choke points.”

Blaze, the University of Pennsylvania surveillance expert, says the potential use of man-in-the-middle attacks on such a scale “seems very disturbing.” Such an approach would involve indiscriminately monitoring entire networks as opposed to targeting individual suspects.

“The thing that raises a red flag for me is the reference to ‘network choke points,’” he says. “That’s the last place that we should be allowing intelligence agencies to compromise the infrastructure – because that is by definition a mass surveillance technique.”

To deploy some of its malware implants, the NSA exploits security vulnerabilities in commonly used Internet browsers such as Mozilla Firefox and Internet Explorer.

The agency’s hackers also exploit security weaknesses in network routers and in popular software plugins such as Flash and Java to deliver malicious code onto targeted machines.

The implants can circumvent anti-virus programs, and the NSA has gone to extreme lengths to ensure that its clandestine technology is extremely difficult to detect. An implant named VALIDATOR, used by the NSA to upload and download data to and from an infected machine, can be set to self-destruct – deleting itself from an infected computer after a set time expires.

In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency’s hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. “If we can get the target to visit us in some sort of web browser, we can probably own them,” an agency hacker boasts in one secret document. “The only limitation is the ‘how.’”

 

Covert Infrastructure

The TURBINE implants system does not operate in isolation.

It is linked to, and relies upon, a large network of clandestine surveillance “sensors” that the agency has installed at locations across the world.

The NSA’s headquarters in Maryland are part of this network, as are eavesdropping bases used by the agency in Misawa, Japan and Menwith Hill, England.

The sensors, codenamed TURMOIL, operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet.

When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack.

The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.

Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.

What’s more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.

GCHQ, the British agency, has taken on a particularly important role in helping to develop the malware tactics. The Menwith Hill satellite eavesdropping base that is part of the TURMOIL network, located in a rural part of Northern England, is operated by the NSA in close cooperation with GCHQ.

Top-secret documents show that the British base – referred to by the NSA as “MHS” for Menwith Hill Station – is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant “exploitation” attacks against users of Yahoo and Hotmail.

In one document dated 2010, at least five variants of the QUANTUM hacking method were listed as being “operational” at Menwith Hill. The same document also reveals that GCHQ helped integrate three of the QUANTUM malware capabilities – and test two others – as part of a surveillance system it operates codenamed INSENSER.

GCHQ cooperated with the hacking attacks despite having reservations about their legality. One of the Snowden files, previously disclosed by Swedish broadcaster SVT, revealed that as recently as April 2013, GCHQ was apparently reluctant to get involved in deploying the QUANTUM malware due to “legal/policy restrictions.” A representative from a unit of the British surveillance agency, meeting with an obscure telecommunications standards committee in 2010, separately voiced concerns that performing “active” hacking attacks for surveillance “may be illegal” under British law.

In response to questions from The Intercept, GCHQ refused to comment on its involvement in the covert hacking operations. Citing its boilerplate response to inquiries, the agency said in a statement that “all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight.”

Whatever the legalities of the United Kingdom and United States infiltrating computer networks, the Snowden files bring into sharp focus the broader implications. Under cover of secrecy and without public debate, there has been an unprecedented proliferation of aggressive surveillance techniques. One of the NSA’s primary concerns, in fact, appears to be that its clandestine tactics are now being adopted by foreign rivals, too.

“Hacking routers has been good business for us and our 5-eyes partners for some time,” notes one NSA analyst in a top-secret document dated December 2012. “But it is becoming more apparent that other nation states are honing their skillz [sic] and joining the scene.”

———

Documents published with this article:




Facebook click fraud revealed $600,000 small business nightmare

GIH: Click fraud is nothing new, but Facebook seems to be taking it to an entirely new level, according to this account of a small business operator who paid hundreds of thousands of dollars for fake profile likes, with no accounting of where his money went.  Now being a public company, this cannot be written off as another internet scam.  Supposedly, Facebook (FB) has a business model that can compete with any Fortune 500 company.  This account shows cracks in that model (if you can call it a model), and also is alarming for anyone considering using the Facebook ad system.


Submitted by Mike Krieger of Liberty Blitzkrieg blog [4],

It continues to amaze me how people are completely ignoring what appears to be an incredible amount of shadiness inherent in Facebook’s business model. Whether or not this is intentional click fraud, it is clear that advertisers are not getting what they think they are getting. They won’t be fooled forever, and once they wake up to the money being wasted on fake “likes” and “clicks,” I’m curious to see what happens to their revenue.

The following article from SF Gate is a perfect followup to my post from a couple weeks ago: How Much of Facebook’s Ad Revenue is From Click Fraud? [5]

Perhaps the most shocking passage from the entire article is the following:

Naturally, Brar began disputing his bill with Facebook. He wanted his clicks audited by a third party, to see how many were genuine. Then he discovered that Facebook’s terms of service forbid third-party verification of its clicks. That’s something all advertisers should be aware of before they spend a penny on Facebook.

Facebook is different from the rest of the online ad industry, which follows a standard of allowing click audits by third parties like the IAB, the Media Ratings Council or Ernst & Young.

Um, ok then…

Now more from the SF Gate:

Raaj Kapur Brar runs a small but successful empire of online fashion magazines from his base just outside Toronto. Some of his titles are huge online brands, such as Fashion & Style Magazine [6], which has 1.6 million Facebook fans.

That’s more fans than Elle magazine has.

Recently, however, Brar has fallen out of love with Facebook. He discovered  that his Facebook fanbase was becoming polluted with thousands of fake likes from bogus accounts. He can no longer tell the difference between his real fans and the fake ones. Many appear fake because the users have so few friends, are based in developing countries, or have generic profile pictures.

At one point, he had a budget of more than $600,000 for Facebook ad campaigns, he tells us. Now he believes those ads were a waste of time.

Facebook declined multiple requests for comment on this story.

Brar’s take is a cautionary one because Facebook has 25 million small businesses [7] using its platform for one marketing purpose or another. Many of them are not sophisticated advertisers — they are simply plugging a credit card number into the system and hoping for the best. This is what can happen if you don’t pay careful attention to contract language, or the live, real-time results your campaigns on Facebook are having.

Here’s how Brar believes it went down: He became interested in advertising on Facebook in 2012, and he took it seriously. He went to Facebook’s local Toronto office where he was trained to use the advertising interface. They set up the campaign, and ran a small “beta” test. Then, in late October Brar pulled the trigger on a massive push through Facebook’s Ads Manager. He used Bitly and Google Analytics to measure the number of clicks his campaign was generating.

The results were disastrous, Brar says.

Facebook’s analytics said the campaign sent him five times the number of clicks he was seeing arrive on his sites, which Brar was monitoring with Bitly, Google Analytics, and his own web site’s WordPress dashboard. There was a reasonable discrepancy between the Bitly and Google numbers, Brar says, but not the five-fold margin between Google’s and Facebook’s click counts.

At one point, data from Facebook indicated his ads had delivered 606,000 clicks, but the site itself registered only 160,000 incoming clicks from Facebook, according to data supplied by Brar. (160,000 clicks is a not insignificant return. After all, these are not clicks on a mere Facebook page, these are users who clicked through to an off-Facebook site.)

“I don’t know what to say, right? This is a huge loss. This ran for four days, then we just stopped the campaign,” Brar says.

Then, things got worse. Even though Fetopolis wasn’t advertising, the likes and new followers kept on piling up. Normally, an advertiser would be pleased at such a result, but every time Brar checked a sample of the new fans he found people with dubious names; a picture of a flower as a profile shot; and fewer than 10 friends — classic signs of a fake profile.

Naturally, Brar began disputing his bill with Facebook. He wanted his clicks audited by a third party, to see how many were genuine. Then he discovered that Facebook’s terms of service forbid third-party verification of its clicks [8]. That’s something all advertisers should be aware of before they spend a penny on Facebook: Facebook has operated this way for a long time, and has a page for advertisers explaining in more depth why third-party click reporting may not match Facebook’s click counts [9]. Essentially, Facebook suggests, if clicks are not measured in exactly the same way over the same time intervals then there will always be discrepancies.

Facebook is different from the rest of the online ad industry, which follows a standard of allowing click audits by third parties [10] like the IAB, the Media Ratings Council or Ernst & Young.

This will all be exposed by the market sooner or later. I’m just shocked it is taking so long for people to put two and two together.

Full article here [11].




The Conspiracy Theory Is True: Agents Infiltrate Websites Intending To “Manipulate, Deceive, And Destroy Reputations”

GIH: Alarming information has been brought forth as part of an ongoing disclosure regarding activities of NSA and other intelligence agencies.  The following should be alarming for anyone using the internet – especially businesses, governments, and other organizations.  What SEO managers and forum administrators have suspected for years, government agent ‘shills’ are infecting the internet with misinformation and various ‘black hat’ tactics to further their agenda, whether it be political, commercial, or other.  Inevitably, much of these activities will be misdirected.  But all will suffer with now a known element promulgating propaganda through the internet, whatever it may be.  Also these teams have financing and support unmatched by any individual or private organization.  This groundbreaking info should cause all organizations to rethink their internet strategy and how they use the internet.


In the annals of internet conspiracy theories, none is more pervasive than the one speculating paid government plants infiltrate websites, social network sites, and comment sections with an intent to sow discord, troll, and generally manipulate, deceive and destroy reputations. Guess what: it was all true.

 [8]

And this time we have a pretty slideshow of formerly confidential data prepared by the UK NSA equivalent, the GCHQ, to confirm it, and Edward Snowden to thank for disclosing it. The messenger in this case is Glenn Greenwald, who has released the data in an article in his new website, firstlook.org, which he summarizes as follows [9]: “by publishing these stories one by one, our NBC reporting highlighted some of the key, discrete revelations: the monitoring of YouTube and Blogger, the targeting of Anonymous with the very same DDoS attacks they accuse “hacktivists” of using, the use of “honey traps” (luring people into compromising situations using sex) and destructive viruses. But, here, I want to focus and elaborate on the overarching point revealed by all of these documents: namely, that these agencies are attempting to control, infiltrate, manipulate, and warp online discourse, and in doing so, are compromising the integrity of the internet itself.” Call it Stasi for “Generation Internet.”

Greenwald’s latest revelation focuses on GCHQ’s previously secret unit, the JTRIG (Joint Threat Research Intelligence Group).

Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: “false flag operations” (posting material to the internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting “negative information” on various forums. Here is one illustrative list of tactics from the latest GCHQ document we’re publishing today:

 [10]

Other tactics aimed at individuals are listed here, under the revealing title “discredit a target”:

 [11]

Then there are the tactics used to destroy companies the agency targets:

 [12]

Critically, the “targets” for this deceit and reputation-destruction extend far beyond the customary roster of normal spycraft: hostile nations and their leaders, military agencies, and intelligence services. In fact, the discussion of many of these techniques occurs in the context of using them in lieu of “traditional law enforcement” against people suspected (but not charged or convicted) of ordinary crimes or, more broadly still, “hacktivism”, meaning those who use online protest activity for political ends.

The title page of one of these documents reflects the agency’s own awareness that it is “pushing the boundaries” by using “cyber offensive” techniques against people who have nothing to do with terrorism or national security threats, and indeed, centrally involves law enforcement agents who investigate ordinary crimes:

 [13]

Greenwald’s punchline is disturbing, and is sure to make paradnoid conspiracy theorists crawl even deeper into their holes for one simple reason: all of their worst fears were true all along.

No matter your views on Anonymous, “hacktivists” or garden-variety criminals, it is not difficult to see how dangerous it is to have secret government agencies being able to target any individuals they want – who have never been charged with, let alone convicted of, any crimes – with these sorts of online, deception-based tactics of reputation destruction and disruption.

 

The broader point is that, far beyond hacktivists, these surveillance agencies have vested themselves with the power to deliberately ruin people’s reputations and disrupt their online political activity even though they’ve been charged with no crimes, and even though their actions have no conceivable connection to terrorism or even national security threats. As Anonymous expert Gabriella Coleman of McGill University told me, “targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs, resulting in the stifling of legitimate dissent.” Pointing to this study she published, Professor Coleman vehemently contested the assertion that “there is anything terrorist/violent in their actions.”

At this point Greenwald takes a detour into a well-known topic: Cass Sunstein. Who is Cass Sunstein? Recall: “Obama Picks Cass Sunstein (America’s Goebbels?) To Serve On NSA Oversight Panel[14].”

Government plans to monitor and influence internet communications, and covertly infiltrate online communities in order to sow dissension and disseminate false information, have long been the source of speculation. Harvard Law Professor Cass Sunstein, a close Obama adviser and the White House’s former head of the Office of Information and Regulatory Affairs, wrote a controversial paper in 2008 [15]proposing that the US government employ teams of covert agents and pseudo-”independent” advocates to “cognitively infiltrate” online groups and websites, as well as other activist groups.

 

Sunstein also proposed sending covert agents into “chat rooms, online social networks, or even real-space groups” which spread what he views as false and damaging “conspiracy theories” about the government. Ironically, the very same Sunstein was recently named by Obama to serve as a member of the NSA review panel created by the White House, one that – while disputing key NSA claims – proceeded to propose many cosmetic reforms [16]to the agency’s powers (most of which were ignored by the President who appointed them).

But while until now there was speculation that Sunstein’s policies had been implemented, there was no proof. That is no longer the case:

… these GCHQ documents are the first to prove that a major western government is using some of the most controversial techniques to disseminate deception online and harm the reputations of targets. Under the tactics they use, the state is deliberately spreading lies on the internet about whichever individuals it targets, including the use of what GCHQ itself calls “false flag operations” and emails to people’s families and friends. Who would possibly trust a government to exercise these powers at all, let alone do so in secret, with virtually no oversight, and outside of any cognizable legal framework?

What is perhaps most disturbing is the level of detail these modern day Stasi agents engage in, paradoxically proposing social subversion without realizing they themselves would be susceptible to just that. And all it would take is one whistleblower with a conscience:

Under the title “Online Covert Action”, the document details a variety of means to engage in “influence and info ops” as well as “disruption and computer net attack”, while dissecting how human being can be manipulated using “leaders”, “trust, “obedience” and “compliance”:

 [17]

 [18]

 [19]

 [20]

The documents lay out theories of how humans interact with one another, particularly online, and then attempt to identify ways to influence the outcomes – or “game” it:

 [21]

 [22]

 [23]

Greenwald’s conclusion is spot on:

These agencies’ refusal to “comment on intelligence matters” – meaning: talk at all about anything and everything they do – is precisely why whistleblowing is so urgent, the journalism that supports it so clearly in the public interest, and the increasingly unhinged attacks by these agencies so easy to understand. Claims that government agencies are infiltrating online communities and engaging in “false flag operations” to discredit targets are often dismissed as conspiracy theories, but these documents leave no doubt they are doing precisely that.

 

Whatever else is true, no government should be able to engage in these tactics: what justification is there for having government agencies target people – who have been charged with no crime – for reputation-destruction, infiltrate online political communities, and develop techniques for manipulating online discourse? But to allow those actions with no public knowledge or accountability is particularly unjustifiable.

So the next time you run into someone in a chat room or a message board who sounds just a little too much like a paid government subversive… it may not be just the paranoia speaking. For the full details “why not”, read the formerly confidential slideshow below.

[24]

– advertisements –

<a ‘target=”_blank'” target=”_blank” href=”http://adclick.g.doubleclick.net/aclk?sa=L&ai=BRwqnxbsMU9y1EpD3lgf454C4DPPt7cwEAAAAEAEgADgAWOvN3O2HAWDJrsSM2KSMEYIBF2NhLXB1Yi01NjQ5ODk0ODg5NTM3NzE4sgERd3d3Lnplcm9oZWRnZS5jb226AQlnZnBfaW1hZ2XIAQnaASVodHRwOi8vd3d3Lnplcm9oZWRnZS5jb20vcHJpbnQvNDg1MzE2wAIC4AIA6gIdNTIwNi9pbnZjLnplcm9oZWRnZS9lY29ub21pY3P4AvLRHpADpAOYA6QDqAMB0ASQTuAEAaAGIA&num=0&sig=AOD64_1S4yBjwkeG5sw0ydVyIaXItstIXQ&client=ca-pub-5649894889537718&adurl=http://www.fool.com/ecap/rule-breakers/485-million-reasons-to-put-down-the-iphone-and-inv/?aid=7006&source=erbicltxt0860015″>Leaked: Next Apple Gadget – And it could trump the iPod, iPhone, AND the iPad.



6 anti-NSA technological innovations that may just change the world

Rather than grovel and beg for the U.S. government to respect our privacy, these innovators have taken matters into their own hands, and their work may change the playing field completely. 

People used to assume that the United States government was held in check by the constitution, which prohibits unreasonable searches and seizures and which demands due process in criminal investigations, but such illusions have evaporated in recent years. It turns out that the NSA considers itself above the law in every respect and feels entitled to spy on anyone anywhere in the world without warrants, and without any real oversight.

Understandably these revelations shocked the average citizen who had been conditioned to take the government’s word at face value, and the backlash has been considerable. The recent “Today We Fight Back” campaign to protest the NSA’s surveillance practices shows that public sentiment is in the right place. Whether these kinds of petitions and protests will have any real impact on how the U.S. government operates is questionable (to say the least), however some very smart people have decided not to wait around and find out. Instead they’re focusing on making the NSA’s job impossible. In the process they may fundamentally alter the way the internet operates.

1. Decentralized social media – Vole.cc

Anyone who was paying attention at all over the past several years knows that many of the top social media websites Facebook and Google have cooperated with the NSA’s surveillance program under PRISM, handing over the personal information that they’ve been hoarding over the years. Many of us have grown to despise these companies but continue to use their services due to the fact that no real competitors have presented themselves. Yes there are a few sites oriented towards the anti-government niche but nothing that has the potential of opening up the kind of reach that’s possible on Facebook or Google plus. The underlying problem here is that the server technology to run a site even a fraction of the size of Facebook is highly expensive, and to build and maintain a code base that can handle millions of users requires a full time team of highly skilled programmers. What this means is that anyone who wants to launch a real competitor to these sites would have needed to be well funded and have a sustainable business model. But what if someone came up with a system that removed the need for massive centralized servers? That’s just what vole.cc is working to accomplish. Vole.cc is a decentralized social media system in development based on bittorrent and Ember.js which completely cuts the server out of the equation and allows users to build social media networks without exposing their personal information to “authorities” or data mining companies.

2. Getsync decentralized and encrypted file sharing – A Dropbox alternative

With the revelations that data in Apple’s iCloud was available to the NSA as part of PRISM it has become clear that any centralized file sharing service is vulnerable, and any information that you upload to services like dropbox may end up being inspected by government agents. The folks at Bittorrent didn’t like that idea, so they decided to build a viable alternative, one that doesn’t depend on a centralized server at all and encrypts your data to make it difficult if not impossible to open without your permission. The service claims to already have amassed over 2 million users. Interestingly the vole.cc social media project uses Getsync to manage the social media data on your computer.

3. Decentralized & encrypted communications – Bittorrent Chat

Don’t like the fact that the NSA has been rummaging through your skype chats, emails and other instant messaging services? Well if you were a bit tech savvy you might have opted to set up your own mumble server or IRC channel, but this route will likely never be approachable for the average citizen and the reliance on a centralized server brings security vulnerabilities. However work is currently underway on a protocol that will completely remove the need for a centralized server and cut the NSA out of the loop entirely.

4. Decentralized websites

This year isohunt.com was taken down, and the PirateBay has had to change domains several times work around domain name seizures and ip blocking in many countries. Those of you who have been paying attention know that there is much more at stake here than the survival of file sharing sites. Governments around the world have come to view the internet as a threat to their dominance due to the fact that it enables citizens to communicate outside of official channels and organize resistance. Repeated attempts to pass laws like SOPA, PIPA, and the TPP illustrate very clearly that government officials have the entire internet in their cross-hairs. The PirateBay however has come up with a solution for their site which may end up changing the entire way we browse the internet. PirateBay is developing a software that distributes its website among its users making any attempt to take down their website irrelevant. While this software is only aimed at protecting PirateBay the concept could (and should) be applied to the rest of the web. Doing so would not only make it impossible for the government to take down websites, but it would also make it much harder for them to spy on you through the websites that you visit.

5. Anti-NSA phones – Blackphone

The NSA has been recording and listening to phone conversations of people all over the world without warrants. Even Angela Merkel’s phone was tapped. It doesn’t help that the worlds two most powerful phone manufacturers, Apple and Google, are in bed with the NSA. One Swiss company decided to do something about that and they’ve developed a phone designed to block the NSA and to protect your privacy. They’re calling it Blackphone.

6. Fully encrypted email

You may not realize it, but any time you send an email you are sending an enormous amount of information to the recipient (and any 3rd party intercepting your communications). Among this information is your ip address which in many countries can be used to pinpoint your location on a map to startling precision. This is due to the fact that even if you encrypt your actual message the headers themselves are not encrypted. There is a project underway right now to change this, it’s called Darkmail. The darkmail project aims to introduce a “unique end-to-end encrypted protocol and architecture that is the ‘next-generation’ of private and secure email”. If they succeed, the NSA could monitor your emails all they want, but all they will be able to see is the size of the message.

Put all these technologies together and what we see emerging is a new paradigm of communications where decentralized networks replace massive servers, and where social media giants like Facebook and Google may very well go the way of the dinosaur myspace. If you can’t beat them at their game, make their game irrelevant.

A bonus technology that may make Youtube irrelevant:

http://www.sott.net/article/273758-6-anti-NSA-technological-innovations-that-may-just-change-the-world



Internet firms release data on NSA requests

GIH: We now have a better picture of how some tech giants were handling NSA requests for information.  Of course, we cannot be sure that this represents an accurate picture of data released.  Also, many of the NSAs collection strategies such as the TAO program, involve hacking or otherwise collecting info without the consent of the provider.  What is more concerning about this report, is the situation tech firms are in, on one hand, needing to comply with government requests; and on the other, protecting internet freedom.  The US Military, after all, created the internet (not Al Gore).  InQTel, the Venture group of the CIA, has been a major investor and partner in many silicon valley companies, most notably Google.  The relationship between tech firms and Washington is not new, but a public discussion about privacy is.  Also, in the past years, the government has not only played catch up on the technology development curve, in many areas they are leading (such as in Quantum computing).  Full story from the AP:


WASHINGTON (AP) — A flurry of new reports from major technology companies show that the government collects customer information on tens of thousands of Americans every six months as part of secret national security investigations. And the companies’ top lawyers struck a combative stance, saying the Obama administrative needs to provide more transparency about its data collection.

Freed by a recent legal deal with the Obama administration, Google, Microsoft, Yahoo, Facebook, LinkedIn and Tumblr provided expanded details and some vented criticism about the government’s handling of customers’ Internet data in counterterrorism and other intelligence-related probes.

The figures from 2012 and 2013 showed that companies such as Google and Microsoft were compelled by the government to provide information on as many as 10,000 customer accounts in a six-month period. Yahoo complied with government requests for information on more than 40,000 accounts in the same period.

The companies earlier had provided limited information about government requests for data, but an agreement reached last week with the Obama administration allowed the firms to provide a broadened, though still circumscribed, set of figures to the public.

Seeking to reassure customers and business partners alarmed by revelations about the government’s massive collection of Internet and computer data, the firms stressed details indicating that only small numbers of their customers were targeted by authorities. Still, even those small numbers showed that thousands of Americans were affected by the government requests approved by judges of the secret Foreign Intelligence Surveillance Court.

The data releases by the major tech companies offered a mix of dispassionate graphics, reassurances and protests, seeking to alleviate customer concerns about government spying while pressuring national security officials about the companies’ constitutional concerns. The shifting tone in the releases showed the precarious course that major tech firms have had to navigate in recent months, caught between their public commitments to Internet freedom and their enforced roles as data providers to U.S. spy agencies.

In a company blog post, Microsoft General Counsel Brad Smith scolded the U.S. and allied governments for failing to renounce the reported mass interception of Internet data carried by communications cables. Top lawyers and executives for major tech companies had raised alarms previously about media reports describing that hacking by U.S. and United Kingdom spy agencies and cited them during conversations with U.S. officials during President Barack Obama’s internal review of planned changes to the government’s spying operations.

“Despite the president’s reform efforts and our ability to publish more information, there has not yet been any public commitment by either the U.S. or other governments to renounce the attempted hacking of Internet companies,” Smith said in a Microsoft blog release. He added that Microsoft planned to press the government “for more on this point, in collaboration with others across our industry.”

The new figures were released just a week after major tech firms announced a legal agreement with the Justice Department. But lawyers and executives for the companies openly vented their discomfort with the government’s continuing insistence that they could only provide broad ranges instead of the actual numbers of government requests.

The companies said they would press for narrower data ranges that would offer more details. “We will also continue to advocate for still narrower disclosure ranges, which will provide a more accurate picture of the number of national security-related requests,” said Erika Rottenberg, LinkedIn’s general counsel.

On Tuesday, Director of National Intelligence James Clapper said that the tech firm reports show “how infrequently these capabilities are called upon.” He also said that officials were still discussing whether they could loosen restrictions on other information, such as figures involving non-U.S. citizens.

Google and all the other companies denied that they gave any government unfettered access to their users’ info. The companies are worried more people will reduce their online activities if they believe almost everything they do is being monitored by the government. A decline in Web surfing could hurt the companies financially by giving them fewer opportunities to show online ads and sell other services.

The companies can only reveal how many total requests they receive every six months, with the numbers in groupings of 1,000. And even those general numbers must be concealed for at least six months after any reporting period ends. That restriction means the FISA requests for the final half of last year can’t be shared until July, at the earliest.

The data released Monday indicated the U.S. government is digging deeper into the Internet as people spend more time online.

Most of the companies showed the number of government requests fell between 0 and 999 for each six-month period. But the numbers of customers affected by those searches ranged more widely.

Google, for instance, has seen the number of people affected by FISA court orders rise from 2,000 to 2,999 users during the first half of 2009 to between 9,000 and 9,999 users during the first half of last year. The company showed an unusual spike in the number of Americans whose data was collected between July and December 2012. During that period, metadata was collected from between 12,000 and 12,999 users. Under the restrictions imposed by the government, no explanation was provided for that anomaly.

Yahoo listed the highest number of people swept up in FISA requests for online content during the first half of last year. The orders seeking user content spanned 30,000 to 30,999 accounts, according to the company. The requested content could have included emails, instant messages, address books, calendar items and pictures.

All the companies also received FISA requests that weren’t aimed at scooping up online communications or photos. Those demands sought things such as billing information and locations of where people made an Internet connection.

Google described Monday’s disclosure as a positive step while promising to keep fighting for the right to provide more precise numbers about the FISA requests and more specifics about the data being sought. “We still believe more transparency is needed so everyone can better understand how surveillance laws work and decide whether or not they serve the public interest,” Richard Salgado, Google’s legal director of law enforcement and information security, wrote in a blog post.

Even if the companies can share more information about the FISA requests, they still might face doubts raised by other National Security Agency documents leaked by former NSA contractor Edward Snowden asserting that the U.S. government has found ways to tap into the lines transmitting personal information between data centers. The companies are trying to thwart the hacking by encrypting most, if not all, the data stored on their computers.

http://hosted.ap.org/dynamic/stories/U/US_NSA_SURVEILLANCE?SITE=CAOAK&SECTION=HOME&TEMPLATE=DEFAULT




Introducing the UltraCoin Cryptocurrency Composite Index

GIH: Alternative investing takes a new dimension with the introduction of ‘cryptocurrencies’ – designed mostly as payment systems, the value fluctuates based on customer demand, and marketplaces offer you the ability to trade your Bitcoins for USD or EUR.  Whatever your opinion if this is a valid investment, if one had purchased Bitcoin near it’s lows, the return would have been enormous.  Have a look at a traditional analysis of risk vs. return for Bitcoin and other cyrptocurrencies:


Cryptocurrencies have been on a tear over the last 2 years, both in terms of mindshare and returns. This is particularly true of the last year, in which Bitcoin (the de facto proxy for cryptocurrencies) has heaved from $13 to $950, making a pit stop at $1200 along the way. This 7,308% return looks to be outrageously delectable to many a speculator and has even caught the eye of an institutional fund or two. The problem is, and what many novice investors have a problem conceptualizing, that astute institutional “investment” funds actually have a problem dipping their toes in the wilding appreciative yet hyper-volatile world that is cryptocurrencies.

The reason is because “investment funds” as opposed to beta chasing “trading” or “hedge” funds seek a measured return on investment. The raw returns that you see spouted for Bitcoin and the various alt.coins are actually not what the smart institutional money is looking for.

Put another way, you tend to get what you pay for. Risk is the price of reward, with risk being defined as deviation from expected return. You nearly never get a reward without bearing some risk to attain said reward. On the flip side, you should always demand a commensurate reward for the risk that you take. Measuring reward without taking into consideration the risk paid to attain such reward is akin to jumping out of the top floor of a 50 story building to revel in the exhilaration of the drop without taking into consideration what happens when you reach ground level. All in all, it tends to end ugly.

My clients are told that if you assumed $1 of risk to reap $1 of reward, then you effectively made nothing from an economic, risk adjusted reward perspective. This is difficult for the layperson to understand since those who reaped said dollar are left holding one dollar of nominal returns which looks, smells and spends like a dollar. They don’t seem to get it until that third or fourth go around when they get 30 cents back for the dollar they invested (versus an amount over a dollar, hence a negative return). You see, probabilistically, you can reap more than you sow over the short term simply out of dumb luck. Realistically, the law of averages will catch up to you and eventually (and most likely close to immediately) you will reap what you sow, or… you get what you pay for!

Similarly, if bitcoin investors/traders believed they are doing well when bitcoin jumps from $13 to $950, they may be mistaken. The reason? Bitcoin has a modified beta of roughly 673! That means that it is volatile. Very volatile! More volatile than practically any basket of currencies or stocks you can think of. This volatility means that in a short period of time it’s just as easy to be on the losing side of the trade of this asset as it is to be on the winning side. So, you’re lucky if you bought at $500 and rode it to $950, but you could have just as easily bought at $1,200 and rode it down to $500.

With these concepts in mind, you should always adjust for risk before attempting to measure reward. By doing that you will find that you can compare disparate assets, ventures and opportunities that have different reward propositions and even different horizons by measuring the risk (or the economic cost) of the investments and then adjusting the actual or expected reward desired to compensate for said risk commensurately.

Notice how, if one were to take this approach, one can see the different risk adjusted returns between the top two cryptocurrencies by market value. Bitcoin is the most popular, but Litecoin is the most profitable – even when fully adjusted for risk.

ridk reward

The UltraCoin team has run these calculations, among many other currencies, on every cryptocurrency with a market value over $1 million. In addition, these currencies have been aggregated to form what we have coined as the “UltraCoin Cryptocurrency Composite Index” – a basket of cryptocurrencies upon which our custom UltraCoin derivatives can trade, hedge, invest and speculate.

These indices and calculations (not to mention a bevy of other calculations to assist in trading) are part and parcel of the UltraCoin client.

CryptoCurrencyComposite Index

The graph below depicts the outrageous raw returns had by holders of bitcoin. It also denotes the extreme volatility experienced therein, particularly from late 2013 onward.CryptoCurrencyComposite Index graphIf one were to place a hurdle rate of required return to compensate for said volatility, the return curve will look somewhat different.CryptoCurrencyComposite Index graph - adjusted

As you can see, all that glitters is not necessarily gold! I will be pushing for the beta release of the UltraCoin client quite soon, quite possibly at the Berlin Bicoin conference. In the meantime, for those of you who have not had a chance to play with the software, here are a few screen shots.

currency transalation errortest See http://ultra-coin.com/ to access the client when it becomes available.




ALERT: Point of Sale RAM scraper malware

Advances in technology have led to more sophisticated crimes by exploiting security vulnerabilities of new technologies.  This is exacerbated by the fact that understanding of these technologies and their use is only by a few, while the majority of end-users are unaware.  Generally speaking, following standard security practices will thwart 95% of electronic crimes such as phishing, hacking, etc.  This includes using complex passwords (Sf9$fpq%f82bsS), using network firewalls, encrypted emails, etc.  But the new POS RAM scraper is dangerous because the vendors are not the victims of their bad security, and you may never know where your credit card or other information was scraped from.


A look at Point of Sale RAM scraper malware and how it works

From Sophos:

A special kind of malware has been hitting the headlines recently – that which attacks the RAM of Point of Sale (PoS) systems.

Although it’s been getting quite a bit of publicity recently, we actually first identified it as a threat back in December 2009 and wrote about it in an article on Naked Security entitled Will RAM scraping loosen the sky and make it fall?.

Answering that question today, it just might!

Actually, the situation isn’t that bad – yet – but this malware family has definitely become more complex and far-reaching. In this article, we take a step back from the technical details and look at the evolution of PoS RAM scrapers.

What do PoS RAM scrapers do?

In a nutshell, PoS RAM scrapers steal payment data – such as credit card track one and track two data – from the RAM of PoS systems.

The payment card industry has a set of data security standards known asPCI-DSS. These standards require end-to-end encryption of sensitive payment data when it is transmitted, received or stored.

This payment data is decrypted in the PoS’s RAM for processing, and the RAM is where the scraper strikes. Using regular expression searches, they harvest the clear-text payment data and send that information to rogue callhome servers.

Why do we care about PoS RAM scrapers? How does it hurt me?

I believe this malware family has a higher probability of burning a hole in your pocket compared to other prevalent malware families.

In today’s plastic money economy people are carrying cash a lot less than before. Aside from a handful of stores, the majority of retailers accept debit or credit cards. Payment cards are convenient, quick, supposedly-secure, and you don’t have change jingling around in your pockets.

PoS RAM scrapers target the systems which process debit and credit card transactions and steal the sensitive payment information. Your home computer might be super secure, but there is no guarantee the PoS system at your neighborhood grocery store has the same level of security. You might end up losing your credit card data buying a candy bar!

How have PoS RAM scrapers evolved?

Sophos detects PoS RAM scraper malware under the family name Trackr(e.g. Troj/Trackr-GenTroj/Trackr-A) Other AV vendors detect this malware family with a variety of names, the most common name being Alina.

Some of the earliest variants of Trackr had simple functionality that worked like this:

  1. Install as a service
  2. Use a legitimate-looking name
  3. Scan RAM for credit card track one and track two data
  4. Dump the results into a text file. This text file was then probably accessed remotely or manually.

Over the years Trackr has become more industrialized, with some cosmetic changes and added bot and network functionality.

Our friends at Trustwave SpiderLabs have written two excellent articles,Alina: Casting a Shadow on PoS and Alina: Following The Shadow, about the inner workings of the Trackr family.

Till now we have observed the following types of Trackr:

  • Basic version (not packed, scrapes RAM for credit card information)
  • Complex version (added socially-engineered filenames, bot and network functionality)
  • Installed DLL version (the DLL is registered as a service and performs the RAM scraping)
  • Versions one and two packed with a commercially-available packer
  • Versions one and two packed with a custom packer

Most recently, SophosLabs discovered the highly-prevalent Citadel crimeware targeting PoS systems.

The Citadel malware uses screen captures and keylogging instead of the RAM-scraping technique used by Trackr. Citadel’s focus on PoS systems demonstrates that this avenue is fast becoming a point of serious concern.

Who do PoS RAM scrapers target?

One of the earliest serious PoS RAM scraper attacks that we observed was back in November 2011 when we found that a university and several hotels had their PoS systems compromised. Later we saw varied targets including an auto dealership in Australia infected with Trackr.

To better understand the threat we gathered statistics about the various industries targeted by Trackr during the past 6 months (as observed using Sophos Live Protection):

Trackr infections by industry

It doesn’t come as a surprise that the biggest targeted industries are:

  • Retail
  • Service
  • Healthcare
  • Food services
  • Education
  • Hotel and tourism

In these industries there’s a high volume of credit and debit card transactions taking place, meaning they have goldmines of payment data that can be harvested.

Compromising a single PoS system (e.g. in a fast food outlet) may yield thousands of credit cards per week, cheaply – much easier to gather 10,000 credit card details from one PoS system then attempt to infect 10,000 PCs, hoping to grab the data from there.

If not protected properly, PoS systems become easy targets – a single point of failure that can affect thousands of people.

In addition to the breakdown of industries targeted, we also looked at the countries where we saw Trackr infections over the same time period:

Trackr infections by country

Again, no surprises that the developed countries top this chart with the US, where credit cards are abundant, taking the #1 spot.

In fact, the Trackr infection numbers match up closely with the credit card country usage statistics published by Visa.

So how does Trackr get on a PoS system?

We have used the term PoS quite generally throughout this article. PoS is the place where a retail transaction is completed. So a PoS could be some custom hardware/software solution, a regular PC running PoS software, a credit card transaction server, or something similar.

Big box retailers and chain stores have security-hardened PoS systems, and we have not seen any major evidence of these large organizations getting compromised with Trackr.

The victims tend to be mostly small to medium sized organizations who will typically have less investment in defensive counter-measures.

Based on our analysis there were two main methods of infection:

Insider job

Someone with active knowledge of the payment processing setup installs a RAM scraper to gather data. The early Trackr samples dropped their harvested data in a plain text file which we suspect was manually retrieved or remotely accessed.

The malware had no network functionality and we found no evidence of a top-level dropper/installer.

Phishing/Social Engineering

These are the common infection vectors with the more complex versions of Trackr. The socially engineered filenames we have observed includeTaskmgr.exewindowsfirewall.exesms.exejava.exewin-firewall.exe, andadobeflash.exe. This suggests that the files were delivered as part of a phishing campaign, or social engineering tricks were used to infect the system.

Importantly however, Trackr is not seen regularly in the mass-spammed malware campaigns that we observe daily. Rather it is highly targeted towards a group of relevant businesses.

To conclude, it is not always a safe solution to pay for everything with cards.

Everyone should follow computer security best practices and consumers should proactively sign-up for credit monitoring services so they don’t becomes victims of credit or identity theft.

Businesses big and small need to make investments to protect their critical PoS infrastructure. Just like they wouldn’t keep their cash registers unlocked for someone to grab money out of them, PoS systems need proper protection.





Google’s robots and creeping militarization

Google’s connection to the US Military and specifically, the intelligence community, should be alarming both for political and technical reasons.  We can assume that Google has been compromised and any data exchange over Google networks including search, apps, web services such as Gmail, Google+, and others, are being recorded and analyzed.  Also disturbingly, Google is investing heavily in Military robotics, and they are setting themselves up to be the Military’s biggest contractor for robotics and weapon automation (drones, etc.).  Combined with the metadata Google already collects and stores about millions worldwide, Google could be the single most valuable asset to the US Military.  The below description from the Daily Caller explains:


Google’s robots and creeping militarization

Google CEO Larry Page has rapidly positioned Google to become an indispensable U.S. military contractor.

Google recently purchased Boston Dynamics, a robotics pioneer that produces amazing humanoid robots for the U.S. Defense Department.

This development invites attention to Google’s broader military contracting ambitions — especially since Boston Dynamics is the eighth robotics company that Google has bought in the last six months.

Just like drones are the future of air warfare, humanoid robots and self-driving vehicles will be the future of ground warfare according to U.S. defense plans.

There are many other reasons why the U.S. military is on path to become Google’s single largest customer. Likewise these reasons indicate Google has a closer working relationship with the NSA than it acknowledges publicly.

First, consider the military value of Google’s research and development efforts and the military contracting pipeline revenue it could represent.

Page created Google X, which is Google’s secretive research and development lab tasked with pursuing “moon-shot” technology breakthroughs. So far, Google X is best known for its earth-bound self-driving cars and Google Glass.

Tellingly, the purpose of the original “moon-shots” by the Soviet Union and America was military. The two Cold War superpowers were in a “space race” to publicly showcase the technological and military supremacy of their rival ideologies.

Simply, America’s Cold War “moon-shot” was about winning the military space and arms race with the former Soviet Union.

Even more tellingly, the greatest application for most all of Google X’s “moon-shot” technological efforts — are military. Like drones, self-driving vehicles, and robot soldiers could enhance military surveillance and payload delivery while reducing risks to military personnel.

Google Glass’ advances in wearable augmented reality could offer American soldiers tactical advantages over enemy combatants. Google’s Project Loon could quickly provide a supplemental battlefield bandwidth advantage in remote areas.

Second, Google’s personnel hiring signals its aspirations for a closer Google-military relationship.

In 2012, Google hired Regina Dugan, the head of DOD’s Defense Advanced Research Projects Agency (DARPA), DOD’s in-house “moon-shot” idea factory. At the time a Google spokesperson said: “Regina is a technical pioneer who brought the future of technology to the military during her time at DARPA.  She will be a real asset to Google.”

Simply, few people could have a better insider knowledge of the U.S. military’s future technology needs that Google could exploit than Ms. Dugan.

Third, Google has a long history of working for, and with, the NSA and the other U.S. intelligence services.

In 2004, Google purchased satellite mapping company Keyhole, which was strategically important enough to be funded by the CIA’s investment fund In-Q-Tel.

Google turned the aptly-named “Keyhole” surveillance capability into the wildly popular Google Earth and Google Maps service used by over a billion people and over one million websites.

In 2008, the San Francisco Chronicle reported that U.S. spy agencies use “Google equipment as the backbone of Intellipedia, a network aimed at helping agents share intelligence.” The article also reported that Google had a support contract with the NSA.

In 2010, the Washington Post reported that Google worked with the NSA to figure out how Chinese hackers broke into Google. The New York Times laterreported that those Chinese hackers stole Google’s entire password system called Gaia.

Fourth, Google has too many unique capabilities and metadata sets that are of strategic value to the NSA to believe Google’s denials that it does not work closely with the NSA.

Snowden’s NSA revelations have underscored the high value the NSA puts on collecting the metadata of who is communicating with whom, when, where, and how much.

Remember Google is metadata central. It is veritable surveillance catnip for the NSA.

Think about it. Google’s cookies track the Internet behavior of nearly 2 billion people. Over a billion people regularly use Google Search, Maps, Android, and YouTube. And about a half billion people use Gmail and Google + social media.

Former NSA Director Michael Hayden has said “Gmail is the preferred Internet service provider of terrorists worldwide.”

Thus Google has the unique capability to surveil for the NSA the online behavior of a targeted group of people by country, language, interests, keywords, names, communications, physical location, movements, time and more.

Simply put, Google’s world’s largest computer already can do what the NSA wants to do most.

Add to all this Google’s unique capability to instantaneously translate 80 different languages across applications, and why wouldn’t the NSA covet a close working relationship with Google?

Finally, the behavior of America’s greatest military rivals, Russia and China, speaks volumes about the likely extent of unreported close cooperation between Google and NSA/DOD.

Remember it was the U.S. Defense Advanced Research Projects Agency that invented the Internet in the early ‘70s. It is no coincidence that Russia and China have been the most hostile to allowing Google’s Internet dominance to extend into their countries.

In summation, the accumulating evidence indicates that the U.S. military is on path to become Google’s single largest customer.

Page’s strategic positioning of Google’s biggest investments to strongly align with future U.S. military needs is no coincidence. It is likely tacit confirmation of a much stronger relationship than Google has acknowledged to date.

Page’s creeping militarization of Google will increasingly become problematic for the privacy of Google’s foreign users, which generate over half of Google’s revenues. While U.S. law purportedly prevents the NSA from surveilling Americans without a warrant, the NSA’s official mandate is to surveil foreign signals intelligence.

In short, Google’s creeping militarization means Big Brother Inc. aspires to work more closely with Big Brother government.

Scott Cleland is President of Precursor LLC, a consultancy serving Fortune 500 clients, some of which are Google competitors. He is also author of “Search & Destroy: Why You Can’t Trust Google Inc. Cleland has testified before both the Senate and House antitrust subcommittees on Google and also before the relevant House oversight subcommittee on Google’s privacy problems.




The State of Technology Address at the End of 2013

From SOTT: Oh 2013, what a high-tech year you were!

From the general recognition (finally) that the US government was spying on everyone, everyone’s dog, and everyone’s dog’s lawn presents, to the almighty Mobile Revolution, to the 64-bit iPhone with 2X the awesome, to the complete abortion that is Windows 8/8.1… Yes, it was a year to remember in the tech world. Pay no attention to all those fireballs everyone was talking about. As 2014 rolls in, I thought I would take a brief, syrupy-sweet and fluffy look at The State of Technology. President Scottie: My fellow humans, the State of Technology is STROOOONG! Adoring Public: [APPLAUSE, STANDING OVATION] President Scottie: Shut up. Sit your monkey ass down. Chill out. Now I understand everyone’s shit’s emotional right now. But I’ve got a 3 point plan that’s going to fix EVERYTHING.

President Dwayne Elizando Mountain Dew Hebert Camacho

(If you think I’ve gone mad here, you’re probably right – but buy the movie Idiocracy!) The state of technology is completely ridiculous. It’s very much like a car with square tires. Sure, it goes, but whaaaa?! “What are you talking about??” you wonder. Well, let’s see… Is it really necessary for you to have a thermostat in your house that you can control remotely from your smartphone, or the internet? Do we not remember how to program thermostats? Is your life really better because of it? Does anyone even remember mechanical thermostats? They worked. They lasted. You could even teach your dog to turn it up or down for you:

You have a smartphone or a tablet. It’s highly portable, it’s got a great processor (for a mobile device), and you can do all kinds of things like Tweet when you’re hanging out in the bathroom at the airport. The rest of the time, you play games on it and generally screw around in an effort to totally dissociate from reality. You don’t actually use it to do real work. But it has changed your life! You buy everything online. That’s awesome. At the same time, you lament the fact that the economy is in the doldrums. Your country no longer actually produces anything, because everything is Made in China. But hey, you get everything cheaper, you need to buy replacement stuff because everything is cheaper, you never have to leave home to buy it all, and you can even buy stuff when you’re in the airport bathroom. And the only real person you ever have to talk to is… yourself. WOW… Now that is modern convenience! At the same time, your children can’t get a job because there are no jobs, your city/state/country is bankrupt, your politicians are corrupt, and all the small businesses that your children could have worked at have closed or are closing because they can’t compete. Somehow, that whole “information economy” they talked about 10 years ago just never seemed to actually materialize. Y’wanna know why? [WHISPERS]: Because it was all bullshit! Oh, sorry… This is supposed to be an article about the State of Technology. I’ll try not to talk about important things. So, what’s next? The following is my expert opinion about what you can expect for the year 2014 in the technological arena: 1. Google is all big on robots

Android Butler – Banana Cream Pie

Forget drones, dude! Now, not only will you be able to buy stuff from the comfort and solitude of your very own bathroom, but the NSA won’t even need to hack your accounts and record all your data the old fashioned way. No sir, your Android Butler: Banana Cream Pie will not only cook, clean, and take good care of you, he’ll also record your every move and let the alphabet soup folks know what’s up. And if you find yourself stabbed to death in your sleep or suffocated with a pillow by Android Butler, fear not! At least you won’t have to worry about your unemployed, unhappy, internet porn-addicted children (yeah, it really is that much worse, and it is directly technology-related). 2. Microsoft will release Windows Next. Someone, somewhere, will sneeze.

Microsoft claims that the next version of Windows will bring back more desktop goodness, because they finally listened to me when I said, “Whoa! WHOA! Real people don’t do real work on a phone or tablet, they don’t have touchscreen desktop computers, and they certainly can get a lot more done with a mouse and keyboard!” Rumor has it that “Windows Next” will have 2-ish versions: one for mobile devices, and one for real computers. Ya know, like they had before with their smash-hit Windows 7 and their No-One-Cares “Windows Phone Mango”… In short, they have reluctantly and vaguely admitted that their idea with Windows 8 was flat-out retarded. So they’ll move on – back to what they used to do – and call it something new and futuristic. Speaking of Microsoft, Paul Thurrott revealed that Microsoft has released three awesome games for Windows Phone: Mahjong, Minesweeper, and Solitaire Collection. Now, you might think this also fits nicely in the “Oh wow, I really don’t care…” Department, but check this out:

Now that they’re available on Windows Phone 8 as well, some interesting possibilities emerge: Thanks to Xbox Live integration, you can pause a game on a Windows PC or device or a Windows Phone handset and then pick it up again on any other supported device. So you can go back and forth between Windows and Windows Phone.

NO WAY!! That’s almost as earth-shattering as… Wow, it’s so sad that I can’t even think of a smartass remark – and that IS rare… But frankly, I love Microsoft. They are so totally clueless about most things that if Microsoft is the biggest “tech threat”, then I’m not worried at all. I’d rather have MS’ Hilarious Insanity than Google’s Big (Robotic) Brother. In any case, yes, that is the current Mobile Trend from the Microsoft side of things. What about Android? Google seems to be taking over the mobile space with all these Android-based goodies, right? Well, in 2014 you’ll need to spend more money you don’t have to get a new smartphone. And this time, it will be 64-bit (which really doesn’t matter in a smartphone at this point), and it will probably have a 4K 5.5″ screen. What exactly is a 4K screen? Permit me to elaborate:

    • FullHD is 1920 by 1080 pixels. This is the resolution of a Blu-ray movie, and probably the resolution of your 52″ flatscreen TV, and probably also the resolution of your 22″, 24″, or 27″ computer monitor. Looks good, right?
  • 4K is roughly 4 times the resolution of FullHD, or 4096 by 2160 pixels. Now, this ridiculously high resolution that the average human being will probably not even notice will not only be on a 52″ TV screen – oh no! It will also be compressed down into a 5.5″ screen on your new smartphone. WHAAAaaaaa?

Remember the switch from VHS to DVD? You probably noticed a difference in picture quality. Remember the switch from DVD to Blu-ray? You probably did NOT notice that much of a difference. Most people I talk to didn’t notice. Now, imagine FOUR TIMES the resolution of a Blu-ray movie, all crammed onto a tiny little 5″ screen on your phone. Well, hell’s bells! You really NEED one of those, yeah?! Eh, no. But that’s what’s coming in 2014:

More mobile. More Screen. More bits. And none of it matters to anyone!

But, in all fairness, it does help prevent you from thinking too much about the spying, the economy, the weird weather, the fireballs, the internet porn, the fact that military drones aren’t required because you live and work around a bunch of “zoned out human drones” (Willis says, “You know what I’m talkin’ ’bout!”), and so on. Moving along: 3. More Stupid Ads!

© thejumpstarter.com

I love these things. I go onto Amazon or some other online shopping site to look at something (not from the bathroom), and then I go to Facebook. What does it show me? Why, it shows me 3 separate ads of EXACTLY the product I just looked at. Now, I mean… DAMN… That is some smart advertising! I mean, the fact that I didn’t buy the item in question from Online Store A doesn’t dissuade them from throwing the product back in my face – THREE TIMES! No sir, they won’t show me similar products, or the same product at a reduced price, or even products in the same general category; they will just keep showing me that dang item until I go buy it! Except that I DON’T go back to Online Store A and buy it because I’m so irritated at their complete and utter stupidity! Apparently, online advertising at all companies is now managed by rabid monkeys (no offence to monkeys intended). Anyway, don’t worry: 2014 will bring more Stupid Ads. With flexible display technology, I fully expect ads for things I don’t want to show up on everyday household items: product labels, magazines (this little Moto ad is just the beginning), and probably even toilet paper. And if I get an Android Butler: Banana Cream Pie, I will name it Chalmsley (pronounced “CHUM-lee”). And then I will anxiously await for him to say:

Sir, are you sure you don’t want to purchase [INSERT PRODUCT NAME] from Amazon? It is still available for the same price as when you decided not to buy it when you were online 13.4 minutes ago. Here, let me show you a picture of it again… Sir, your Google Shades are detecting a slight increase in heart rate and perspiration. I think that you would feel much better if you bought [INSERT PRODUCT NAME] right now. Then, I suggest you get some fresh air. If you don’t feel like walking, I can push you around the neighborhood in your Man Stroller.

And then I will seamlessly continue my saved game of Farmville, which I will also be able to play on Chalmsley’s 4K Tummy Screen. SweeeEEET!

Yes my friends, 2014 will be a brave new world of technological excess, incompetence, and general insanity. And it will not be “The Year of Mobile” as some are predicting. If Google is making Google Glass (em, “augmented reality”, shall we say…), and if Google is buying up 1 gajillion dollars worth of robotics companies, then they don’t think that the future is mobile. If Microsoft is backtracking on Desktop Windows, then they don’t think that the future is one giant Mobile Candyland, either. Furthermore, where is the incentive to get a cooler phone? Your crappy smartphone can already do everything you need it to do. You don’t NEED a 4K display. You don’t NEED an 8-core 64-bit processor. The “killer app” never appeared, and people are getting tired of existing ones. It’s the same reason you didn’t buy Windows 8: because it adds nothing, and it costs you money. Deep down, you know this. And so do the people who design and manufacture this stuff. Well, if you made it this far, I commend your bravery. Let me know, and I will send you a cookie. I will close by noting that yes, I really do love technology despite, “all my negativity”. In fact, I take the statement, “You’re so negative!” as a compliment since it means that I have more electrons than other people. It is generally supposed that the human body has a net negative electric charge, after all! Well, perhaps I should say: I really love what technology COULD do for us. I just don’t see it happening right now if things continue on their present course. But, I suspect that more change than we know is in the air for 2014! Happy New Year!

http://www.sott.net/article/271152-The-State-of-Technology-Address-at-the-End-of-2013