Não existe tal coisa como privacidade electrónica

  • 21 Respostas
  • 14937 Visualizações
*

Fernando Negro

  • Membro
  • *
  • 67
  • +0/-1
    • http://blackfernando.blogspot.pt/
Não existe tal coisa como privacidade electrónica
« em: Novembro 06, 2012, 02:45:16 pm »
Um breve apanhado que fiz, há uns poucos anos atrás, sobre a situação em que já nos encontrávamos, na altura, em termos de privacidade electrónica:


http://en.wikipedia.org/wiki/ECHELON
http://www.fromthewilderness.com/free/w ... _pt1.shtml
http://www.prisonplanet.com/barack-obam ... puter.html
http://forum.prisonplanet.com/index.php?topic=82985.0
http://www.zdnet.com.au/news/security/s ... 346,00.htm


"'Elbit' flash memory chips, allegedly designed at Kir Yat-Gat south of Tel Aviv. The unique feature of the Elbit chips was that they worked on ambient electricity in a computer. In other words, they worked when the computer was turned off. When combined with another newly developed chip, the 'Petrie,' which was capable of storing up to six months worth of key strokes, it was now possible to burst transmit all of a computer's activity in the middle of the night to a nearby receiver - say in a passing truck or even a low flying SIGINT (Signals Intelligence) satellite."
--- http://www.fromthewilderness.com/free/p ... romis.html


"NATO headquarters in Brussels, Belgium, where a giant computer designated '666' can store data of every type mentioned by Brzezinski, plus possessing an expanded capacity to take in data for several billions more people than presently exist"
--- Dr. John Coleman, The Conspirator's Hierarchy: The Committee of 300






E um acrescento:


- O Facebook é uma fachada da CIA. (E, consequentemente, tudo o que lá possam ter, é tudo menos "privado"...) Podem ouvir aqui, num programa da rádio estatal espanhola, mais sobre quem é que está por trás desta empresa de partilha de dados.
- A própria Google é, também ela, uma fachada da CIA/NSA. (E, consequentemente, tudo o que vocês escrevem em mensagens no Gmail é ainda menos privado do que é escrito em qualquer postal. As vossas pesquisas na Internet são também, obviamente, monitorizadas.) Também, o conhecido navegador de Internet, Google Chrome, tem incluído software que transmite dados sobre o seu uso para a Google.
Assinado,

Filho de um oficial militar que esteve envolvido no 25 de Abril e alguém que está presentemente sob vigilância pelo que escreve na Internet ;)
 

*

mafarrico

  • Investigador
  • *****
  • 1274
  • Recebeu: 20 vez(es)
  • Enviou: 74 vez(es)
  • +0/-0
Re: Não existe tal coisa como privacidade electrónica
« Responder #1 em: Julho 31, 2013, 11:24:56 pm »
http://www.theguardian.com/world/2013/j ... nline-data

http://www.theguardian.com/world/intera ... esentation

XKeyscore: NSA tool collects 'nearly everything a user does on the internet'

• XKeyscore gives 'widest-reaching' collection of online data
• NSA analysts require no prior authorization for searches
• Sweeps up emails, social media activity and browsing history
• NSA's XKeyscore program – read one of the presentations


Glenn Greenwald   
theguardian.com, Wednesday 31 July 2013 13.56 BST   


One presentation claims the XKeyscore program covers 'nearly everything a typical user does on the internet'

A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden.

The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet.

The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight.

The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10.

"I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email".

US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: "He's lying. It's impossible for him to do what he was saying he could do."

But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed.

XKeyscore, the documents boast, is the NSA's "widest reaching" system developing intelligence from computer networks – what the agency calls Digital Network Intelligence (DNI). One presentation claims the program covers "nearly everything a typical user does on the internet", including the content of emails, websites visited and searches, as well as their metadata.

Analysts can also use XKeyscore and other NSA systems to obtain ongoing "real-time" interception of an individual's internet activity.

Under US law, the NSA is required to obtain an individualized Fisa warrant only if the target of their surveillance is a 'US person', though no such warrant is required for intercepting the communications of Americans with foreign targets. But XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst.

One training slide illustrates the digital activity constantly being collected by XKeyscore and the analyst's ability to query the databases at any time.



The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a "selector" in NSA parlance) associated with the individual being targeted.

Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.

One document notes that this is because "strong selection [search by email address] itself gives us only a very limited capability" because "a large amount of time spent on the web is performing actions that are anonymous."

The NSA documents assert that by 2008, 300 terrorists had been captured using intelligence from XKeyscore.

Analysts are warned that searching the full database for content will yield too many results to sift through. Instead they are advised to use the metadata also stored in the databases to narrow down what to review.

A slide entitled "plug-ins" in a December 2012 document describes the various fields of information that can be searched. It includes "every email address seen in a session by both username and domain", "every phone number seen in a session (eg address book entries or signature block)" and user activity – "the webmail and chat activity to include username, buddylist, machine specific cookies etc".
Email monitoring

In a second Guardian interview in June, Snowden elaborated on his statement about being able to read any individual's email if he had their email address. He said the claim was based in part on the email search capabilities of XKeyscore, which Snowden says he was authorized to use while working as a Booz Allen contractor for the NSA.

One top-secret document describes how the program "searches within bodies of emails, webpages and documents", including the "To, From, CC, BCC lines" and the 'Contact Us' pages on websites".

To search for emails, an analyst using XKS enters the individual's email address into a simple online search form, along with the "justification" for the search and the time period for which the emails are sought.





The analyst then selects which of those returned emails they want to read by opening them in NSA reading software.

The system is similar to the way in which NSA analysts generally can intercept the communications of anyone they select, including, as one NSA document put it, "communications that transit the United States and communications that terminate in the United States".

One document, a top secret 2010 guide describing the training received by NSA analysts for general surveillance under the Fisa Amendments Act of 2008, explains that analysts can begin surveillance on anyone by clicking a few simple pull-down menus designed to provide both legal and targeting justifications. Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications:



Chats, browsing history and other internet activity

Beyond emails, the XKeyscore system allows analysts to monitor a virtually unlimited array of other internet activities, including those within social media.

An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.



An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen.



Analysts can search for internet browsing activities using a wide range of information, including search terms entered by the user or the websites viewed.



As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls "nearly everything a typical user does on the internet".



The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies.



The quantity of communications accessible through programs such as XKeyscore is staggeringly large. One NSA report from 2007 estimated that there were 850bn "call events" collected and stored in the NSA databases, and close to 150bn internet records. Each day, the document says, 1-2bn records were added.

William Binney, a former NSA mathematician, said last year that the agency had "assembled on the order of 20tn transactions about US citizens with other US citizens", an estimate, he said, that "only was involving phone calls and emails". A 2010 Washington Post article reported that "every day, collection systems at the [NSA] intercept and store 1.7bn emails, phone calls and other type of communications."

The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours."

To solve this problem, the NSA has created a multi-tiered system that allows analysts to store "interesting" content in other databases, such as one named Pinwale which can store material for up to five years.

It is the databases of XKeyscore, one document shows, that now contain the greatest amount of communications data collected by the NSA.



In 2012, there were at least 41 billion total records collected and stored in XKeyscore for a single 30-day period.

Legal v technical restrictions



While the Fisa Amendments Act of 2008 requires an individualized warrant for the targeting of US persons, NSA analysts are permitted to intercept the communications of such individuals without a warrant if they are in contact with one of the NSA's foreign targets.

The ACLU's deputy legal director, Jameel Jaffer, told the Guardian last month that national security officials expressly said that a primary purpose of the new law was to enable them to collect large amounts of Americans' communications without individualized warrants.

"The government doesn't need to 'target' Americans in order to collect huge volumes of their communications," said Jaffer. "The government inevitably sweeps up the communications of many Americans" when targeting foreign nationals for surveillance.



In recent years, the NSA has attempted to segregate exclusively domestic US communications in separate databases. But even NSA documents acknowledge that such efforts are imperfect, as even purely domestic communications can travel on foreign systems, and NSA tools are sometimes unable to identify the national origins of communications.

Moreover, all communications between Americans and someone on foreign soil are included in the same databases as foreign-to-foreign communications, making them readily searchable without warrants.

Some searches conducted by NSA analysts are periodically reviewed by their supervisors within the NSA. "It's very rare to be questioned on our searches," Snowden told the Guardian in June, "and even when we are, it's usually along the lines of: 'let's bulk up the justification'."

In a letter this week to senator Ron Wyden, director of national intelligence James Clapper acknowledged that NSA analysts have exceeded even legal limits as interpreted by the NSA in domestic surveillance.

Acknowledging what he called "a number of compliance problems", Clapper attributed them to "human error" or "highly sophisticated technology issues" rather than "bad faith".

However, Wyden said on the Senate floor on Tuesday: "These violations are more serious than those stated by the intelligence community, and are troubling."

In a statement to the Guardian, the NSA said: "NSA's activities are focused and specifically deployed against – and only against – legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interests.

"XKeyscore is used as a part of NSA's lawful foreign signals intelligence collection system.

"Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to XKeyscore, as well as all of NSA's analytic tools, is limited to only those personnel who require access for their assigned tasks … In addition, there are multiple technical, manual and supervisory checks and balances within the system to prevent deliberate misuse from occurring."

"Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law.

"These types of programs allow us to collect the information that enables us to perform our missions successfully – to defend the nation and to protect US and allied troops abroad."

An example is provided by one XKeyscore document showing an NSA target in Tehran communicating with people in Frankfurt, Amsterdam and New York.
"All the world's a stage" William Shakespeare

 

*

mafarrico

  • Investigador
  • *****
  • 1274
  • Recebeu: 20 vez(es)
  • Enviou: 74 vez(es)
  • +0/-0
Re: Não existe tal coisa como privacidade electrónica
« Responder #2 em: Setembro 10, 2013, 02:14:41 am »
nada de novo, ainda assim

http://www.nytimes.com/2013/09/06/us/ns ... wanted=all

N.S.A. Able to Foil Basic Safeguards of Privacy on Web

By NICOLE PERLROTH, JEFF LARSON and SCOTT SHANE
Published: September 5, 2013

The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.

The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.

Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor.

Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth.

The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.

The N.S.A. hacked into target computers to snare messages before they were encrypted. In some cases, companies say they were coerced by the government into handing over their master encryption keys or building in a back door. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.

“For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”

When the British analysts, who often work side by side with N.S.A. officers, were first told about the program, another memo said, “those not already briefed were gobsmacked!”

An intelligence budget document makes clear that the effort is still going strong. “We are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic,” the director of national intelligence, James R. Clapper Jr., wrote in his budget request for the current year.

In recent months, the documents disclosed by Mr. Snowden have described the N.S.A.’s reach in scooping up vast amounts of communications around the world. The encryption documents now show, in striking detail, how the agency works to ensure that it is actually able to read the information it collects.

The agency’s success in defeating many of the privacy protections offered by encryption does not change the rules that prohibit the deliberate targeting of Americans’ e-mails or phone calls without a warrant. But it shows that the agency, which was sharply rebuked by a federal judge in 2011 for violating the rules and misleading the Foreign Intelligence Surveillance Court, cannot necessarily be restrained by privacy technology. N.S.A. rules permit the agency to store any encrypted communication, domestic or foreign, for as long as the agency is trying to decrypt it or analyze its technical features.

The N.S.A., which has specialized in code-breaking since its creation in 1952, sees that task as essential to its mission. If it cannot decipher the messages of terrorists, foreign spies and other adversaries, the United States will be at serious risk, agency officials say.

Just in recent weeks, the Obama administration has called on the intelligence agencies for details of communications by leaders of Al Qaeda about a terrorist plot and of Syrian officials’ messages about the chemical weapons attack outside Damascus. If such communications can be hidden by unbreakable encryption, N.S.A. officials say, the agency cannot do its work.

But some experts say the N.S.A.’s campaign to bypass and weaken communications security may have serious unintended consequences. They say the agency is working at cross-purposes with its other major mission, apart from eavesdropping: ensuring the security of American communications.

Some of the agency’s most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or VPNs; and the protection used on fourth-generation, or 4G, smartphones. Many Americans, often without realizing it, rely on such protection every time they send an e-mail, buy something online, consult with colleagues via their company’s computer network, or use a phone or a tablet on a 4G network.

For at least three years, one document says, GCHQ, almost certainly in collaboration with the N.S.A., has been looking for ways into protected traffic of popular Internet companies: Google, Yahoo, Facebook and Microsoft’s Hotmail. By 2012, GCHQ had developed “new access opportunities” into Google’s systems, according to the document. (Google denied giving any government access and said it had no evidence its systems had been breached).

“The risk is that when you build a back door into systems, you’re not the only one to exploit it,” said Matthew D. Green, a cryptography researcher at Johns Hopkins University. “Those back doors could work against U.S. communications, too.”

Paul Kocher, a leading cryptographer who helped design the SSL protocol, recalled how the N.S.A. lost the heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip.

“And they went and did it anyway, without telling anyone,” Mr. Kocher said. He said he understood the agency’s mission but was concerned about the danger of allowing it unbridled access to private information.

“The intelligence community has worried about ‘going dark’ forever, but today they are conducting instant, total invasion of privacy with limited effort,” he said. “This is the golden age of spying.”

A Vital Capability

The documents are among more than 50,000 shared by The Guardian with The New York Times and ProPublica, the nonprofit news organization. They focus on GCHQ but include thousands from or about the N.S.A.

Intelligence officials asked The Times and ProPublica not to publish this article, saying it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read. The news organizations removed some specific facts but decided to publish the article because of the value of a public debate about government actions that weaken the most powerful privacy tools.

The files show that the agency is still stymied by some encryption, as Mr. Snowden suggested in a question-and-answer session on The Guardian’s Web site in June.

“Properly implemented strong crypto systems are one of the few things that you can rely on,” he said, though cautioning that the N.S.A. often bypasses the encryption altogether by targeting the computers at one end or the other and grabbing text before it is encrypted or after it is decrypted.

The documents make clear that the N.S.A. considers its ability to decrypt information a vital capability, one in which it competes with China, Russia and other intelligence powers.

“In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs,” a 2007 document said. “It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.”

The full extent of the N.S.A.’s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand. Only they are cleared for the Bullrun program, the successor to one called Manassas — both names of an American Civil War battle. A parallel GCHQ counterencryption program is called Edgehill, named for the first battle of the English Civil War of the 17th century.

Unlike some classified information that can be parceled out on a strict “need to know” basis, one document makes clear that with Bullrun, “there will be NO ‘need to know.’ ”

Only a small cadre of trusted contractors were allowed to join Bullrun. It does not appear that Mr. Snowden was among them, but he nonetheless managed to obtain dozens of classified documents referring to the program’s capabilities, methods and sources.

Ties to Internet Companies

When the N.S.A. was founded, encryption was an obscure technology used mainly by diplomats and military officers. Over the last 20 years, it has become ubiquitous. Even novices can tell that their exchanges are being automatically encrypted when a tiny padlock appears next to a Web address.

Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware.

According to an intelligence budget document leaked by Mr. Snowden, the N.S.A. spends more than $250 million a year on its Sigint Enabling Project, which “actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make them “exploitable.” Sigint is the acronym for signals intelligence, the technical term for electronic eavesdropping.

By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors or by exploiting security flaws, according to the documents. The agency also expected to gain full unencrypted access to an unnamed major Internet phone call and text service; to a Middle Eastern Internet service; and to the communications of three foreign governments.

In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.

The 2013 N.S.A. budget request highlights “partnerships with major telecommunications carriers to shape the global network to benefit other collection accesses” — that is, to allow more eavesdropping.

At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service.

Microsoft asserted that it had merely complied with “lawful demands” of the government, and in some cases, the collaboration was clearly coerced. Some companies have been asked to hand the government the encryption keys to all customer communications, according to people familiar with the government’s requests.

N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.

How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. “Approval to release to non-Sigint agencies,” a GCHQ document says, “will depend on there being a proven non-Sigint method of acquiring keys.”

Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency’s 2013 budget request was to “influence policies, standards and specifications for commercial public key technologies,” the most common encryption method.

Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology and later by the International Organization for Standardization, which has 163 countries as members.

Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort “a challenge in finesse.”

“Eventually, N.S.A. became the sole editor,” the memo says.

Even agency programs ostensibly intended to guard American communications are sometimes used to weaken protections. The N.S.A.’s Commercial Solutions Center, for instance, invites the makers of encryption technologies to present their products to the agency with the goal of improving American cybersecurity. But a top-secret N.S.A. document suggests that the agency’s hacking division uses that same program to develop and “leverage sensitive, cooperative relationships with specific industry partners” to insert vulnerabilities into Internet security products.

By introducing such back doors, the N.S.A. has surreptitiously accomplished what it had failed to do in the open. Two decades ago, officials grew concerned about the spread of strong encryption software like Pretty Good Privacy, designed by a programmer named Phil Zimmermann. The Clinton administration fought back by proposing the Clipper Chip, which would have effectively neutered digital encryption by ensuring that the N.S.A. always had the key.

That proposal met a backlash from an unlikely coalition that included political opposites like Senator John Ashcroft, the Missouri Republican, and Senator John Kerry, the Massachusetts Democrat, as well as the televangelist Pat Robertson, Silicon Valley executives and the American Civil Liberties Union. All argued that the Clipper would kill not only the Fourth Amendment, but also America’s global technology edge.

By 1996, the White House backed down. But soon the N.S.A. began trying to anticipate and thwart encryption tools before they became mainstream.

Each novel encryption effort generated anxiety. When Mr. Zimmermann introduced the Zfone, an encrypted phone technology, N.S.A. analysts circulated the announcement in an e-mail titled “This can’t be good.”

But by 2006, an N.S.A. document notes, the agency had broken into communications for three foreign airlines, one travel reservation system, one foreign government’s nuclear department and another’s Internet service by cracking the virtual private networks that protected them.

By 2010, the Edgehill program, the British counterencryption effort, was unscrambling VPN traffic for 30 targets and had set a goal of an additional 300.

But the agencies’ goal was to move away from decrypting targets’ tools one by one and instead decode, in real time, all of the information flying over the world’s fiber optic cables and through its Internet hubs, only afterward searching the decrypted material for valuable intelligence.

A 2010 document calls for “a new approach for opportunistic decryption, rather than targeted.” By that year, a Bullrun briefing document claims that the agency had developed “groundbreaking capabilities” against encrypted Web chats and phone calls. Its successes against Secure Sockets Layer and virtual private networks were gaining momentum.

But the agency was concerned that it could lose the advantage it had worked so long to gain, if the mere “fact of” decryption became widely known. “These capabilities are among the Sigint community’s most fragile, and the inadvertent disclosure of the simple ‘fact of’ could alert the adversary and result in immediate loss of the capability,” a GCHQ document warned.

Since Mr. Snowden’s disclosures ignited criticism of overreach and privacy infringements by the N.S.A., American technology companies have faced scrutiny from customers and the public over what some see as too cozy a relationship with the government. In response, some companies have begun to push back against what they describe as government bullying.

Google, Yahoo, Microsoft and Facebook have pressed for permission to reveal more about the government’s requests for cooperation. One e-mail encryption company, Lavabit, closed rather than comply with the agency’s demands for customer information; another, Silent Circle, ended its e-mail service rather than face such demands.

In effect, facing the N.S.A.’s relentless advance, the companies surrendered.

Ladar Levison, the founder of Lavabit, wrote a public letter to his disappointed customers, offering an ominous warning. “Without Congressional action or a strong judicial precedent,” he wrote, “I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.”

John Markoff contributed reporting.
"All the world's a stage" William Shakespeare

 

*

mafarrico

  • Investigador
  • *****
  • 1274
  • Recebeu: 20 vez(es)
  • Enviou: 74 vez(es)
  • +0/-0
Re: Não existe tal coisa como privacidade electrónica
« Responder #3 em: Setembro 28, 2013, 09:05:17 pm »
http://www.nytimes.com/2013/09/29/us/ns ... ns.html?hp

http://rt.com/usa/nsa-metadata-us-socia ... tions-490/

NSA uses metadata 'to create sophisticated graphs' of US citizens’ social connections

Published time: September 28, 2013 16:56
Edited time: September 28, 2013 19:14



The US National Security Agency has been exploiting US citizens' personal information drawn from its large collection of metadata to create complex graphs of social connections for foreign intelligence purposes, the latest Snowden leaks have revealed.

Documents obtained by the New York Times from the former NSA contractor Edward Snowden say that the practice has been going on since November 2010, after restrictions prohibiting the agency from working with  US citizens’ data were “lifted” by NSA officials.

The NSA was then authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of the e-mail addresses, phone numbers or any other identifiers, the documents reportedly said.

The policy shift was intended to help the agency “discover and track” connections between intelligence targets overseas and people in the US, a January 2011 NSA memorandum cited in the documents explained.

According to the report, the agency has been allowed to “enrich” their communications data with materials obtained from public, commercial and other sources while preparing the graphs. Such sources reportedly include Facebook profiles, bank codes, insurance information, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data.

The sophisticated graphs provide the agents with direct and indirect “contact chains” between an unspecified number of Americans and people or organizations overseas that are of foreign intelligence interest, the report says.

Not only do they identify the list of possible associates, but also note their locations at certain times, their traveling companions and other personal information, it adds.

The documents provided no information on the results of the NSA surveillance. According to the NYT, the agency’s officials declined to say how many Americans have been caught up in the effort.

The NSA has denied it abuses its practice of vast data collection, which includes the private information of the US citizens, with the agency’s spokeswoman saying that “all of NSA’s work has a foreign intelligence purpose” and that “all data queries must include a foreign intelligence justification.”

In justifying the warrantless analysis of metadata on US soil, the spokeswoman referred to a 1979 Supreme Court ruling saying that Americans could have no expectation of privacy about what numbers they had called.

When asked whether the NSA collects Americans’ locations based on cell phone signals data, the agency’s director Keith B. Alexander on Thursday told a Senate Intelligence Committee that the agency was not doing so as part of the the Patriot Act, but added that a fuller response would be classified.

While the agents are said to be allowed to analyze the metadata, but not the contents of the calls or e-mails, the experts argue that this information alone is enough to produce a portrait of a person based on his contacts, as well as to pick up some sensitive details of an individuals's private life.

“Metadata can be very revealing. Knowing things like the number someone just dialed or the location of the person’s cellphone is going to allow to assemble a picture of what someone is up to. It’s the digital equivalent of tailing a suspect,” Orin S. Kerr, a law professor at George Washington University, told the NYT.

The leaked documents, which are said to provide a rare window into what the NSA actually does with the information it gathers, and how it unlocks “as many secrets about individuals as possible,” are the latest revelations obtained via former CIA employee and NSA contractor Edward Snowden.

In the US, Snowden is wanted on espionage charges for leaking classified documents that focused on the massive electronic surveillance by the US government and its foreign allies which collaborated with the NSA.
 
Snowden was granted temporary asylum in Russia on August 1 after being stuck in a transit zone of Moscow’s Sheremetyevo airport for more than a month. He is now staying in an undisclosed location, with reports saying he has done some travel and already speaks some Russian.
"All the world's a stage" William Shakespeare

 

*

listadecompras

  • 168
  • +0/-1
Re: Não existe tal coisa como privacidade electrónica
« Responder #4 em: Outubro 16, 2013, 06:37:45 pm »
coisas que acontecem a quem anda pelas internets

Citar
Anonymous Hack Into Greek Foreign Ministry
By Sotiria Nikolouli on October 15, 2013 in News, Politics

The activist group Anonymous hacked into the data of the Greek Foreign Ministry in order to gain access to material exchanged via email.

The foreign ministry issued a statement regarding the internet violation, confirming that an investigation on the exact circumstances and extent of the breach which includes exchanges via email, as well as many office voucher conferences.

The successful breach of the activist group Anonymous, into the email of the Directorate of Greek Foreign Ministry, was announced through an official web suspension.

The violation is being investigated, and so far, it was found that the hacked information concerns material exchanged via email and includes releases from press offices. Social media tweets spoke of a “huge leak” involving some 3,700 documents.

A selection of the allegedly hacked material was posted online on file-sharing site Imgur. It included Foreign Ministry media reviews from Romania and Albania, a Greek intelligence service security review, an EU Council document on relations with Kosovo, and a Council of Europe money laundering report on Albania.

Anonymous announced that everyone knows the difficult situation in Greece and blames the government for allowing the Nazi Golden Dawn party to sabotage the integrity of the whole country along with its financial mess, as well as the European authorities.

Thus a series of leaks are revealed to uncover the truth about the involvement of the Greek government in collaboration with Internet crime units of the European Union Agency for Network and Information Security (ENISA) and Organization for Security and Co-operation in Europe (OSCE).

Those responsible for the breach will be arrested and punished under Operation Payback, which has been initiated as retaliation to distributed denial of service attacks.
 

*

HSMW

  • Moderador Global
  • *****
  • 12883
  • Recebeu: 3185 vez(es)
  • Enviou: 7768 vez(es)
  • +971/-1435
    • http://youtube.com/HSMW
https://www.youtube.com/user/HSMW/videos

"Tudo pela Nação, nada contra a Nação."
 

*

mafarrico

  • Investigador
  • *****
  • 1274
  • Recebeu: 20 vez(es)
  • Enviou: 74 vez(es)
  • +0/-0
"All the world's a stage" William Shakespeare

 

*

HSMW

  • Moderador Global
  • *****
  • 12883
  • Recebeu: 3185 vez(es)
  • Enviou: 7768 vez(es)
  • +971/-1435
    • http://youtube.com/HSMW
https://www.youtube.com/user/HSMW/videos

"Tudo pela Nação, nada contra a Nação."
 

*

mafarrico

  • Investigador
  • *****
  • 1274
  • Recebeu: 20 vez(es)
  • Enviou: 74 vez(es)
  • +0/-0
Re: Não existe tal coisa como privacidade electrónica
« Responder #8 em: Dezembro 07, 2014, 11:13:25 pm »
Operation Auroragold
How the NSA Hacks Cellphone Networks Worldwide


https://firstlook.org/theintercept/2014 ... ellphones/
"All the world's a stage" William Shakespeare

 

*

Pedro E.

  • Investigador
  • *****
  • 1534
  • Recebeu: 23 vez(es)
  • Enviou: 18 vez(es)
  • +22/-220
Re: Não existe tal coisa como privacidade electrónica
« Responder #9 em: Julho 05, 2016, 10:30:45 pm »
os emails de hillary clinton
https://wikileaks.org/clinton-emails/

exemplo
https://wikileaks.org/clinton-emails/?q=iraq|baghdad|basra|mosoul&mfrom=&mto=&title=&notitle=&date_from=&date_to=&nofrom=&noto=&count=50&sort=0#searchresult
 

*

Viajante

  • Investigador
  • *****
  • 4531
  • Recebeu: 2610 vez(es)
  • Enviou: 1492 vez(es)
  • +7666/-4858
Re: Não existe tal coisa como privacidade electrónica
« Responder #10 em: Julho 22, 2016, 11:55:16 am »
Edward Snowden vai criar capa para dar segurança ao iPhone

As questões de segurança dos dados e dos utilizadores tem sido um tema recorrente nos últimos tempos. Depois de Edward Snowden e outros terem mostrado a forma como alguns governos conseguem escutar os cidadãos, sem qualquer controlo, o tema foi lançado para a praça pública.

Mas Edward Snowden está empenhado em aumentar a segurança dos utilizadores e, por isso, está a trabalhar para criar uma capa para o iPhone que detectará quando este estiver a enviar dados de forma anormal.



É ainda apenas uma ideia que caminha para um protótipo, mas Edward Snowden quer criar uma capa que detecte e reaja sempre houver transmissão de dados de forma anormal.

Esta deverá monitorizar não apenas o envio de dados por Wi-Fi mas também pela antena 3G e até Bluetooth. Cobrirá assim todos os sinais de rádio e detectará quando estes não estiverem a funcionar da forma esperada. Esta situação fará desencadear um alarme no utilizador e, caso assim se pretenda, irá bloquear as transmissões, deixando o iPhone inacessível e protegido.

Para conseguir estas leituras, a capa de Edward Snowden irá usar a ranhura do cartão SIM e, por aí, irá conseguir aceder às diferentes antenas. Para isto o cartão é movido para a capa, funcionando de forma normal.



Este dispositivo está a ser criado por Edward Snowden com a ajuda de um conhecido hacker, Andrew “Bunnie” Huang, que tem já provas dadas neste campo. A sua ideia é ainda um esboço, mas o paper onde descrevem as suas ideias e as conclusões do trabalho até agora realizado foi apresentado numa conferência do MIT, onde este conceito foi discutido.

Depois de conseguirem materializar as suas ideias, a dupla espera conseguir passá-la para produção, com a certeza de que todo o software e hardware será aberto e disponível a todos, para que possam confirmar que nada foi alterado.

Há ainda muito a trabalho a ser realizado antes de passar a um protótipo funcional, mas a ideia de Edward Snowden e de Andrew “Bunnie” Huang tem tudo para ser um sucesso, em especial para todos os que precisam de garantir que as suas comunicações não são escutadas ou que os seus dados são roubados.

Fonte: https://pplware.sapo.pt/gadgets/high-tech/edward-snowden-criar-capa-iphone/
 

*

Pedro E.

  • Investigador
  • *****
  • 1534
  • Recebeu: 23 vez(es)
  • Enviou: 18 vez(es)
  • +22/-220
Re: Não existe tal coisa como privacidade electrónica
« Responder #11 em: Setembro 17, 2016, 02:11:37 am »

Citar
A Good American tells the story of the best code-breaker the USA ever had and how he and a small team within NSA created a surveillance tool that could pick up any electronic signal on earth, filter it for targets and render results in real-time while keeping the privacy as demanded by the US constitution. The tool was perfect - except for one thing: it was way too cheap. Therefor NSA leadership, who had fallen into the hands of industry, dumped it - three weeks prior to 9/11. In a secret test-run of the program against the pre-9/11-NSA database in early 2002 the program immediately found the terrorists. This is the story of former Technical director of NSA, Bill Binney, and a program called ThinThread.

 

*

Pedro E.

  • Investigador
  • *****
  • 1534
  • Recebeu: 23 vez(es)
  • Enviou: 18 vez(es)
  • +22/-220
Re: Não existe tal coisa como privacidade electrónica
« Responder #12 em: Setembro 22, 2016, 12:47:41 am »
Whatever you do, do not use Google Allo: Snowden
https://www.rt.com/usa/360196-edward-snowden-google-allo/
 

*

Pedro E.

  • Investigador
  • *****
  • 1534
  • Recebeu: 23 vez(es)
  • Enviou: 18 vez(es)
  • +22/-220
Re: Não existe tal coisa como privacidade electrónica
« Responder #13 em: Outubro 05, 2016, 06:03:53 pm »
 

*

Pedro E.

  • Investigador
  • *****
  • 1534
  • Recebeu: 23 vez(es)
  • Enviou: 18 vez(es)
  • +22/-220
Re: Não existe tal coisa como privacidade electrónica
« Responder #14 em: Outubro 06, 2016, 02:03:32 pm »
Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence - sources
http://uk.reuters.com/article/uk-yahoo-nsa-exclusive-idUKKCN1241YO