Friday, 6 September 2013

Fwd: [ImpeachJeb] Obama Administration Secures Gag Order To Prevent Activist From Discussing Online Surveillance



--------


 
 

Obama Administration Secures Gag Order To Prevent Activist From Discussing Online Surveillance

Published 1, September 5,
http://jonathanturley.org/2013/09/05/obama-administration-secures-gag-order-to-prevent-activist-from-discussing-online-surveillance/#more-69304

It's decisons like this that make patriots of people like Ed Snowden.
Rich Martin

targeting by enacting the FairTax

the FairTax



Today's drone pilot was yesterday's violent video gamer. Murderers have euphemisms for KILL. Mafia calls it "whack". Hitler called it "cleanse". Abortionists call it "choice". Stalin called it "purge". CIA calls it "sanction". Drone murderers refer to it as "prosecuting the target"
http://www.youtube.com/playlist?list=PL2i2YIitddOKFPuv5TR-EWk4H0BfrJeBb



They've only gotten worse.


Google ---http:// united nations nsa

Google ---
NYT Guardian Snowden reporting

Google ---
nsa fbi hoover elected official


Google --->  NSA Leaked Info Embarrass Elected Congresswoman

Google --->   another friggin' beer

Google --->  nsa fbi hoover elected official

Google --->  NSA Crime Spree  9/11

Google --->   nsa prism skydrive

Google --->  NSA collecting phone records Verizon
 
Google --->   Phones Searched Hunches
            (not limited to Verizon) (include ISPs?)

Google --->   NSA surveillance reject


to be continued




 

 
 
 
 


__._,_.___
Reply via web post Reply to sender Reply to group

--
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
 
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
 
---
You received this message because you are subscribed to the Google Groups "PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to politicalforum+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Fwd: Where To Find At Risk DHS IT Programs In Need of Help









http://www.hstoday.us/single-article/where-to-find-at-risk-dhs-programs-in-need-of-help/79ad1a56cf3b2326dd33a6fb7e36571f.html

 

Where To Find At Risk DHS IT Programs In Need of Help

By: Stephanie Sullivan, immixGroup, Inc.

09/06/2013 ( 9:49am)

 

Special to Homeland Security Today

The US federal government runs some of the largest IT programs in the world. Some of these programs are in trouble and government is looking to industry for innovative and emerging products, solutions, and services to aid and rehabilitate their performance.

There are a number of resources that can help industry find these under-performing and at risk programs and help executives to build the right message before reaching out to program offices and decision makers.

One of the first methods is to use publicly available information from the Federal IT Dashboard, Center for Effective Government, and Government Accountability Office (GAO) reports (including the GAO High Risk List). If you're able to build a business case and really understand the challenges and obstacles a program is facing by doing the necessary research and creating a game plan of how your solutions can and will speed up milestones or reduce cost before reaching out to program managers it can be a great way to create a partnership. It will also help you to gain traction in an agency that may have been completely white space before. Leveraging past performance in areas where you've done work well will only help strengthen the business case and build rapport with a federal agency you want to increase business with.

The Federal IT Dashboard was launched in 2009 as part of the Obama administration's effort to shed more light on to the progress of "major" IT investments within 27 agencies by providing year-over-year project performance and milestone information. The dashboard develops program ratings using information from several resources, including assessments and evaluations given by the agency chief information officer (CIO) on the risks and ability for a major IT investment to accomplish its goals and objectives. The dashboard also utilizes budget documents released annually by the Office of Management and Budget (OMB) known as the Exhibits 53 and 300 to provide spend information on IT investments within federal agencies.

The online resource that used to be known as OMB Watch, released annual reports of troubled programs known as the OMB Watch List. The OMB Watch List was a result of the 1996 Clinger-Cohen Act, which required agencies to submit business plans for IT investments to OMB. In January 2013, OMB Watch became the Center for Effective Government (CEG), which is a nonprofit research and advocacy organization to provide transparency within OMB. CEG helps ensure that the government is effective and responsive to citizen priorities by increasing public engagement and encouraging participation in decision making..

One additional resource utilized to track troubled federal programs is the GAO High Risk List, which is released every two years (last released in 2013) at the start of a new Congress. The list "calls attention to agencies and program areas that are high risk due to their vulnerabilities to fraud, waste, abuse, and mismanagement, or are most in need of transformation."

Major at risk programs

DHS management programs


In 2003, GAO designated implementing and transforming the Department of Homeland Security as high risk because DHS had to transform 22 agencies -- several with major management challenges -- into one department. Further, failure to effectively address DHS's management and mission risks could have serious consequences for US national and economic security.

The department has made considerable progress in transforming its original component agencies into a single cabinet-level department and positioning itself to achieve its full potential. Important strides have also been made in strengthening the department's management functions and in integrating those functions across the department, particularly in recent years. However, continued progress is needed in order to mitigate the risks that management weaknesses pose to mission accomplishment and the efficient and effective use of the department's resources, the GAO said.



Sharing & managing terrorism data


GAO designated terrorism-related information sharing as high risk in 2005 because the government faces significant challenges in analyzing and disseminating this information in a timely, accurate, and useful manner. GAO has since monitored federal efforts to implement the Information Sharing Environment (Environment) -- an approach that is intended to serve as an overarching solution to strengthening the sharing of intelligence, terrorism, law enforcement, and other information among federal, state, local, tribal, international, and private sector partners. Recent homeland security incidents and the changing nature of domestic threats make continued progress in improving information sharing critical to reducing the risks of threats to the homeland.



Cybersecurity


Recent GAO studies found that 19 of 24 major federal agencies reported that information security control deficiencies were either a material weakness or significant deficiency in internal controls over financial reporting. Further, inspectors general at 22 of 24 agencies cited information security as a major management challenge for their agency. Most of the 24 major agencies had information security weaknesses in most of five key control categories: limiting, preventing, and detecting inappropriate access to computer resources; managing the configuration of software and hardware; segregating duties to ensure that a single individual does not control all key aspects of a computer-related operation; planning for continuity of operations in the event of a disaster or disruption; and implementing agency-wide information security management programs that are critical to identifying control deficiencies, resolving problems, and managing risks on an ongoing basis.



Protecting national security technology

The US government has a number of programs to identify and protect technologies critical to US interests. These include export control systems for defense articles and services and dual-use items, the Foreign Military Sales program, anti-tamper policies, and reviews of transactions that could result in control of a US business by a foreign person. GAO designated this area as high risk in 2007 because these programs, established decades ago, were ill-equipped to address the evolving 21st century challenge of balancing national security concerns and economic interests. GAO believes that a strategic re-examination of existing programs is needed to identify changes that will ensure the advancement of US interests.

 



__._,_.___





   
__,_._,___


--
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
 
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
 
---
You received this message because you are subscribed to the Google Groups "PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to politicalforum+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Fwd: [New post] Hey, John McCain, your ‘moderate’ Muslim friends, the FSA rebels, posted a picture on Facebook of how they intend to thank you for all your support




BareNakedIslam posted: "Isn't this the building you work in, John McCain? Facebook"



--
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
 
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
 
---
You received this message because you are subscribed to the Google Groups "PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to politicalforum+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Fwd: WikiLeaks Watches Watchers With New Exposé on Spy Tech Companies




 

WikiLeaks Watches Watchers With New Exposé on Spy Tech Companies

http://www.slate.com/blogs/future_tense/2013/09/05/wikileaks_spyfiles_new_documents_examine_spy_tech_companies_like_gamma_hacking.html?utm_source=tw&utm_medium=sm&utm_campaign=button_toolbar

 

 

By Ryan Gallagher

 

Posted Thursday, Sept. 5, 2013, at 4:21 PM

 

The secretive surveillance technology industry does its best to fly under

the radar. But the shadowy companies selling controversial spy tools to

governments are being exposed to public scrutiny whether they like it or

not, thanks to a new WikiLeaks project.

 

On Wednesday, the whistleblower organization published a new trove of

documents that reveal the surveillance equipment being sold by more than 90

firms to authorities across the world as part of a burgeoning clandestine

market in electronic spying. The documents shed light on the growing catalog

of surveillance devices being offered to governments, ranging from portable

transceivers that can sweep up thousands of phone calls to Trojan spyware

designed to help police and intelligence agencies hack into computers and

mobile phones to monitor chats and emails. 

 

Dubbed the "SpyFiles" by WikiLeaks, the release builds on a previous

surveillance industry exposé by the group in 2011, and comes amid

unprecedented international discussion about government spying tactics

disclosed in June by former National Security Agency contractor Edward

Snowden.

 

Particularly significant in the latest SpyFiles cache is a series of

contract documents that appear to show how the international arm of British

surveillance company Gamma Group was involved in a project with

Switzerland-based Dreamlab to install Internet surveillance equipment in

Oman, an autocratic country with a record of cracking down on free

expression and pro-democracy activists. Other documents show that Gamma,

well-known for its contentious Trojan spyware, is also offering governments

portable "massive intercept" tools that it boasts can record almost 40,000

cellphone conversations every hour. Gamma is selling portable Internet

surveillance equipment that it says can covertly intercept the "complete

traffic" of a target, too. But the company is not dealing in digital

espionage only: One marketing document dated 2011 shows off long-distance

microphones that it says government spies can conceal in a car tire and use

to hone in on particular conversations between targets meeting face-to-face

in busy public places.

 

Gamma did not respond to a request for comment. The company's spokesman

Martin Muench has previously told me that Gamma cooperates with export

control laws and "simply does not discuss its client base, its exports, or

any of the operations which its clients may or may not be undertaking."

 

Of course, not revealing customers is standard practice in the surveillance

business, where confidentiality agreements are commonly used to enforce a

strict code of secrecy. However, another notable part of the SpyFiles

released Wednesday involves the launch of what WikiLeaks is calling its

"counter intelligence unit"—aimed at shedding light on the countries (often

authoritarian) that spy tech companies are dealing with. Though it has not

disclosed its sources and methods, the group claims it has been "tracking

the trackers" by collecting location data on the movements of key employees

for some of the largest surveillance tech firms.

 

It is unclear exactly how the location data was obtained or whether it was

collected by the group lawfully. Either way, it has certainly turned up some

interesting details. The location data WikiLeaks says is linked to staff of

Italian spy Trojan vendor Hacking Team, for instance, shows the employees

visiting Morocco on two separate occasions between 2011 and 2013. Hacking

Team's spy software is designed to infiltrate computers and monitor

communications and is supposed to be used to target criminals and

terrorists. But the technology was linked to an attack on an award-winning

group of citizen journalists in Morocco in 2012, as I reported here last

year.

 

The WikiLeaks data also purports to show Hacking Team employees visiting

United Arab Emirates on several occasions between 2012 and 2013. Security

researchers said in a report published in October 2012 that they had turned

up evidence suggesting a pro-democracy activist in the UAE was targeted with

what that they believed was Hacking Team technology. Previously, Hacking

Team has played down these reports in response to my questions, while

refusing to say if it has sold its Trojans to Moroccan or UAE authorities.

But the company will have a hard time distancing itself from these countries

now, if the WikiLeaks data are anything to go by.

 

WikiLeaks said in a statement Wednesday that the release is part of an

ongoing commitment to pulling back the curtain on the practices of

surveillance companies. It's forming what is in essence a public library of

documents chronicling the burgeoning market in spy tools that will likely

help fuel the movement for reform of the outdated laws regulating the use

and sale of increasingly advanced tools used to eavesdrop on communications

across the world.

 

==========================================

(F)AIR USE NOTICE: All original content and/or articles and graphics in this

message are copyrighted, unless specifically noted otherwise. All rights to

these copyrighted items are reserved. Articles and graphics have been placed

within for educational and discussion purposes only, in compliance with

"Fair Use" criteria established in Section 107 of the Copyright Act of 1976.

The principle of "Fair Use" was established as law by Section 107 of The

Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain

permission or pay royalties for the use of previously copyrighted materials

if the purposes of display include "criticism, comment, news reporting,

teaching, scholarship, and research." Section 107 establishes four criteria

for determining whether the use of a work in any particular case qualifies

as a "fair use". A work used does not necessarily have to satisfy all four

criteria to qualify as an instance of "fair use". Rather, "fair use" is

determined by the overall extent to which the cited work does or does not

substantially satisfy the criteria in their totality. If you wish to use

copyrighted material for purposes of your own that go beyond 'fair use,' you

must obtain permission from the copyright owner. For more information go to:

http://www.law.cornell.edu/uscode/17/107.shtml

 

THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS

PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.

 

 

 

 

 



__._,_.





   
__,_._,___


--
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
 
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
 
---
You received this message because you are subscribed to the Google Groups "PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to politicalforum+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Fwd: N.S.A. Able to Foil Basic Safeguards of Privacy on Web





 

 

N.S.A. Able to Foil Basic Safeguards of Privacy on Web By NICOLE PERLROTH, JEFF LARSON and SCOTT SHANE

 

http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?nl=todaysheadlines&emc=edit_th_20130906&_r=0&pagewanted=print

 

The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.

 

The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.

 

Many users assume - or have been assured by Internet companies - that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor.

 

Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own "back door" in all encryption, it set out to accomplish the same goal by stealth.

 

The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.

 

The N.S.A. hacked into target computers to snare messages before they were encrypted. In some cases, companies say they were coerced by the government into handing over their master encryption keys or building in a back door.

And the agency used its influence as the world's most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.

 

"For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies," said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ.

"Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable."

 

When the British analysts, who often work side by side with N.S.A. officers, were first told about the program, another memo said, "those not already briefed were gobsmacked!"

 

An intelligence budget document makes clear that the effort is still going strong. "We are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic," the director of national intelligence, James R. Clapper Jr., wrote in his budget request for the current year.

 

In recent months, the documents disclosed by Mr. Snowden have described the N.S.A.'s reach in scooping up vast amounts of communications around the world. The encryption documents now show, in striking detail, how the agency works to ensure that it is actually able to read the information it collects.

 

The agency's success in defeating many of the privacy protections offered by encryption does not change the rules that prohibit the deliberate targeting of Americans' e-mails or phone calls without a warrant. But it shows that the agency, which was sharply rebuked by a federal judge in 2011 for violating the rules and misleading the Foreign Intelligence Surveillance Court, cannot necessarily be restrained by privacy technology. N.S.A. rules permit the agency to store any encrypted communication, domestic or foreign, for as long as the agency is trying to decrypt it or analyze its technical features.

 

The N.S.A., which has specialized in code-breaking since its creation in 1952, sees that task as essential to its mission. If it cannot decipher the messages of terrorists, foreign spies and other adversaries, the United States will be at serious risk, agency officials say.

 

Just in recent weeks, the Obama administration has called on the intelligence agencies for details of communications by leaders of Al Qaeda about a terrorist plot and of Syrian officials' messages about the chemical weapons attack outside Damascus. If such communications can be hidden by unbreakable encryption, N.S.A. officials say, the agency cannot do its work.

 

But some experts say the N.S.A.'s campaign to bypass and weaken communications security may have serious unintended consequences. They say the agency is working at cross-purposes with its other major mission, apart from eavesdropping: ensuring the security of American communications.

 

Some of the agency's most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or VPNs; and the protection used on fourth-generation, or 4G, smartphones. Many Americans, often without realizing it, rely on such protection every time they send an e-mail, buy something online, consult with colleagues via their company's computer network, or use a phone or a tablet on a 4G network.

 

For at least three years, one document says, GCHQ, almost certainly in collaboration with the N.S.A., has been looking for ways into protected traffic of popular Internet companies: Google, Yahoo, Facebook and Microsoft's Hotmail. By 2012, GCHQ had developed "new access opportunities"

into Google's systems, according to the document. (Google denied giving any government access and said it had no evidence its systems had been breached).

 

"The risk is that when you build a back door into systems, you're not the only one to exploit it," said Matthew D. Green, a cryptography researcher at Johns Hopkins University. "Those back doors could work against U.S.

communications, too."

 

Paul Kocher, a leading cryptographer who helped design the SSL protocol, recalled how the N.S.A. lost the heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip.

 

"And they went and did it anyway, without telling anyone," Mr. Kocher said.

He said he understood the agency's mission but was concerned about the danger of allowing it unbridled access to private information.

 

"The intelligence community has worried about 'going dark' forever, but today they are conducting instant, total invasion of privacy with limited effort," he said. "This is the golden age of spying."

 

A Vital Capability

 

The documents are among more than 50,000 shared by The Guardian with The New York Times and ProPublica, the nonprofit news organization. They focus on GCHQ but include thousands from or about the N.S.A.

 

Intelligence officials asked The Times and ProPublica not to publish this article, saying it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read. The news organizations removed some specific facts but decided to publish the article because of the value of a public debate about government actions that weaken the most powerful privacy tools.

 

The files show that the agency is still stymied by some encryption, as Mr.

Snowden suggested in a question-and-answer session on The Guardian's Web site in June.

 

"Properly implemented strong crypto systems are one of the few things that you can rely on," he said, though cautioning that the N.S.A. often bypasses the encryption altogether by targeting the computers at one end or the other and grabbing text before it is encrypted or after it is decrypted.

 

The documents make clear that the N.S.A. considers its ability to decrypt information a vital capability, one in which it competes with China, Russia and other intelligence powers.

 

"In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs," a 2007 document said. "It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace."

 

The full extent of the N.S.A.'s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand. Only they are cleared for the Bullrun program, the successor to one called Manassas - both names of an American Civil War battle. A parallel GCHQ counterencryption program is called Edgehill, named for the first battle of the English Civil War of the 17th century.

 

Unlike some classified information that can be parceled out on a strict "need to know" basis, one document makes clear that with Bullrun, "there will be NO 'need to know.' "

 

Only a small cadre of trusted contractors were allowed to join Bullrun. It does not appear that Mr. Snowden was among them, but he nonetheless managed to obtain dozens of classified documents referring to the program's capabilities, methods and sources.

 

Ties to Internet Companies

 

When the N.S.A. was founded, encryption was an obscure technology used mainly by diplomats and military officers. Over the last 20 years, it has become ubiquitous. Even novices can tell that their exchanges are being automatically encrypted when a tiny padlock appears next to a Web address.

 

Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency's success depends on working with Internet companies

- by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware.

 

According to an intelligence budget document leaked by Mr. Snowden, the N.S.A. spends more than $250 million a year on its Sigint Enabling Project, which "actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs" to make them "exploitable." Sigint is the acronym for signals intelligence, the technical term for electronic eavesdropping.

 

By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors or by exploiting security flaws, according to the documents. The agency also expected to gain full unencrypted access to an unnamed major Internet phone call and text service; to a Middle Eastern Internet service; and to the communications of three foreign governments.

 

In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.

 

The 2013 N.S.A. budget request highlights "partnerships with major telecommunications carriers to shape the global network to benefit other collection accesses" - that is, to allow more eavesdropping.

 

At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft's most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company's cloud storage service.

 

Microsoft asserted that it had merely complied with "lawful demands" of the government, and in some cases, the collaboration was clearly coerced. Some companies have been asked to hand the government the encryption keys to all customer communications, according to people familiar with the government's requests.

 

N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.

 

How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies' computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. "Approval to release to non-Sigint agencies,"

a GCHQ document says, "will depend on there being a proven non-Sigint method of acquiring keys."

 

Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency's 2013 budget request was to "influence policies, standards and specifications for commercial public key technologies," the most common encryption method.

 

Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology and later by the International Organization for Standardization, which has 163 countries as members.

 

Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort "a challenge in finesse."

 

"Eventually, N.S.A. became the sole editor," the memo says.

 

Even agency programs ostensibly intended to guard American communications are sometimes used to weaken protections. The N.S.A.'s Commercial Solutions Center, for instance, invites the makers of encryption technologies to present their products to the agency with the goal of improving American cybersecurity. But a top-secret N.S.A. document suggests that the agency's hacking division uses that same program to develop and "leverage sensitive, cooperative relationships with specific industry partners" to insert vulnerabilities into Internet security products.

 

By introducing such back doors, the N.S.A. has surreptitiously accomplished what it had failed to do in the open. Two decades ago, officials grew concerned about the spread of strong encryption software like Pretty Good Privacy, designed by a programmer named Phil Zimmermann. The Clinton administration fought back by proposing the Clipper Chip, which would have effectively neutered digital encryption by ensuring that the N.S.A. always had the key.

 

That proposal met a backlash from an unlikely coalition that included political opposites like Senator John Ashcroft, the Missouri Republican, and Senator John Kerry, the Massachusetts Democrat, as well as the televangelist Pat Robertson, Silicon Valley executives and the American Civil Liberties Union. All argued that the Clipper would kill not only the Fourth Amendment, but also America's global technology edge.

 

By 1996, the White House backed down. But soon the N.S.A. began trying to anticipate and thwart encryption tools before they became mainstream.

 

Each novel encryption effort generated anxiety. When Mr. Zimmermann introduced the Zfone, an encrypted phone technology, N.S.A. analysts circulated the announcement in an e-mail titled "This can't be good."

 

But by 2006, an N.S.A. document notes, the agency had broken into communications for three foreign airlines, one travel reservation system, one foreign government's nuclear department and another's Internet service by cracking the virtual private networks that protected them.

 

By 2010, the Edgehill program, the British counterencryption effort, was unscrambling VPN traffic for 30 targets and had set a goal of an additional 300.

 

But the agencies' goal was to move away from decrypting targets' tools one by one and instead decode, in real time, all of the information flying over the world's fiber optic cables and through its Internet hubs, only afterward searching the decrypted material for valuable intelligence.

 

A 2010 document calls for "a new approach for opportunistic decryption, rather than targeted." By that year, a Bullrun briefing document claims that the agency had developed "groundbreaking capabilities" against encrypted Web chats and phone calls. Its successes against Secure Sockets Layer and virtual private networks were gaining momentum.

 

But the agency was concerned that it could lose the advantage it had worked so long to gain, if the mere "fact of" decryption became widely known.

"These capabilities are among the Sigint community's most fragile, and the inadvertent disclosure of the simple 'fact of' could alert the adversary and result in immediate loss of the capability," a GCHQ document warned.

 

Since Mr. Snowden's disclosures ignited criticism of overreach and privacy infringements by the N.S.A., American technology companies have faced scrutiny from customers and the public over what some see as too cozy a relationship with the government. In response, some companies have begun to push back against what they describe as government bullying.

 

Google, Yahoo, Microsoft and Facebook have pressed for permission to reveal more about the government's requests for cooperation. One e-mail encryption company, Lavabit, closed rather than comply with the agency's demands for customer information; another, Silent Circle, ended its e-mail service rather than face such demands.

 

In effect, facing the N.S.A.'s relentless advance, the companies surrendered.

 

Ladar Levison, the founder of Lavabit, wrote a public letter to his disappointed customers, offering an ominous warning. "Without Congressional action or a strong judicial precedent," he wrote, "I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States."

 

John Markoff contributed reporting.

 

==========================================

(F)AIR USE NOTICE: All original content and/or articles and graphics in this message are copyrighted, unless specifically noted otherwise. All rights to these copyrighted items are reserved. Articles and graphics have been placed within for educational and discussion purposes only, in compliance with "Fair Use" criteria established in Section 107 of the Copyright Act of 1976.

The principle of "Fair Use" was established as law by Section 107 of The Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain permission or pay royalties for the use of previously copyrighted materials if the purposes of display include "criticism, comment, news reporting, teaching, scholarship, and research." Section 107 establishes four criteria for determining whether the use of a work in any particular case qualifies as a "fair use". A work used does not necessarily have to satisfy all four criteria to qualify as an instance of "fair use". Rather, "fair use" is determined by the overall extent to which the cited work does or does not substantially satisfy the criteria in their totality. If you wish to use copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to:

http://www.law.cornell.edu/uscode/17/107.shtml

 

THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.

 

 

 

 

 



__._,_.___





   
__,_._,___


--
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
 
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
 
---
You received this message because you are subscribed to the Google Groups "PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to politicalforum+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.