Prism and Verizon surveillance discussion thread

[Odibex Grallspice]

HAW HAW!

Hey, Mister Bank Robber, please design my safe.

Way of the world, Roger, way of the world.

[Cain]

RSA denies it has worked with the NSA

https://blogs.rsa.com/news-media-2/rsa-response/

[Cain]

Correct me if I'm wrong, but don't two contradictory rulings mean this becomes a Supreme Court issue?

[Cain]

Did anyone watch the 60 Minutes sloppy blowjob to the NSA?

I didn't, sadly, but it sounds amazing.  Fantastical conversations about pirates.  No discussion about metadata use in targeted assassinations.  Asking specifically about American wiretaps by the NSA to downplay the NSA's vast surveillance machine and the FBI's use of it.  And then there is the BIOS plot.

If you believe the NSA and 60 minutes, China had a secret plan to shut down the global economy.

To.

Shut.

Down.

The.

Global.

Economy.

That was news to many security experts, who had never before heard of the "BIOS plot," even though "60 Minutes" asserted that "computer manufacturers" had worked with the NSA "to close this vulnerability." Such an undertaking would have been well known in the information-security community.

Plunkett gave only the barest outline of the supposed Communist scheme, not specifying when and how the plot was uncovered and foiled. CBS' confirmation of the plot's existence and provenance relied on unnamed "cybersecurity experts briefed on the operation" who "told us it was China."

Security experts aren't buying it.

And with good reason.  Would security experts really not notice an unscheduled, global BIOS security patch being rolled out?  Like hell they wouldnt.  And why would the NSA subsequently reveal such a "top secret" operation?

Because it's bullshit, of course.

So, guess who was actually hacking BIOS?

The NSA, of course.

The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.

This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.

If anyone has the capability to shut down the global economy via a BIOS attack, it's the NSA.  Whether or not they would actually ever act on that capability (though who knows?  China is still set to overtake US economic dominance, and there are certain quarters of the US National Security State who believe it is better to rule in hell).

[Cain]

And while I'm here, questions are being asked about Greenwald's new media venture with Pierre Omidyar:

So there you go. A definitive answer, direct from Glenn Greenwald's new boss. "TechCrunch and anybody else who pubs stolen info should help catch the thief. Shldnt pub in the 1st place."

[Mesozoic Mister Nigel]

Did anyone watch the 60 Minutes sloppy blowjob to the NSA?

I didn't, sadly, but it sounds amazing.  Fantastical conversations about pirates.  No discussion about metadata use in targeted assassinations.  Asking specifically about American wiretaps by the NSA to downplay the NSA's vast surveillance machine and the FBI's use of it.  And then there is the BIOS plot.

If you believe the NSA and 60 minutes, China had a secret plan to shut down the global economy.

To.

Shut.

Down.

The.

Global.

Economy.

That was news to many security experts, who had never before heard of the "BIOS plot," even though "60 Minutes" asserted that "computer manufacturers" had worked with the NSA "to close this vulnerability." Such an undertaking would have been well known in the information-security community.

Plunkett gave only the barest outline of the supposed Communist scheme, not specifying when and how the plot was uncovered and foiled. CBS' confirmation of the plot's existence and provenance relied on unnamed "cybersecurity experts briefed on the operation" who "told us it was China."

Security experts aren't buying it.

And with good reason.  Would security experts really not notice an unscheduled, global BIOS security patch being rolled out?  Like hell they wouldnt.  And why would the NSA subsequently reveal such a "top secret" operation?

Because it's bullshit, of course.

So, guess who was actually hacking BIOS?

The NSA, of course.

The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.

This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.

If anyone has the capability to shut down the global economy via a BIOS attack, it's the NSA.  Whether or not they would actually ever act on that capability (though who knows?  China is still set to overtake US economic dominance, and there are certain quarters of the US National Security State who believe it is better to rule in hell).

Honestly, I read this and I think, well fuck it. Just fuck it.

They've fucking won.

[The Good Reverend Roger]

Honestly, I read this and I think, well fuck it. Just fuck it.

They've fucking won.

Oh, I dunno...

[Cain]

And while I'm here, questions are being asked about Greenwald's new media venture with Pierre Omidyar:

So there you go. A definitive answer, direct from Glenn Greenwald's new boss. "TechCrunch and anybody else who pubs stolen info should help catch the thief. Shldnt pub in the 1st place."

Omidyar has confimed that this is his position:

That changed last weekend when Pando investigations editor Paul Carr invited Omidyar to address remarks he made in 2009 about when editors should turn in non-violent leakers to the authorities.

Omidyar's response must have horrified any source considering leaking to NewCo: 

"nless I judge significant pub interest in those docs, I'd prob tell the cops. My jdgmt", he wrote, adding: "Every case is different, which is why you shouldn't make absolute statements."

I'd like to remind everyone, this is the man who is employing the only two people in the world with access to the Snowden documents.

Greenwald has also confirmed he is holding back documents, so he can put them in his upcoming book.

And out of over 55,000 documents, less than 300 pages have been published to date.

[Salty]

This is just random speculation on my part, but if I were in Snowden's position I would have loaded every single available oriface with thumbdrives.

And while I'm here, questions are being asked about Greenwald's new media venture with Pierre Omidyar:

So there you go. A definitive answer, direct from Glenn Greenwald's new boss. "TechCrunch and anybody else who pubs stolen info should help catch the thief. Shldnt pub in the 1st place."

Omidyar has confimed that this is his position:

That changed last weekend when Pando investigations editor Paul Carr invited Omidyar to address remarks he made in 2009 about when editors should turn in non-violent leakers to the authorities.

Omidyar's response must have horrified any source considering leaking to NewCo: 

"nless I judge significant pub interest in those docs, I'd prob tell the cops. My jdgmt", he wrote, adding: "Every case is different, which is why you shouldn't make absolute statements."

I'd like to remind everyone, this is the man who is employing the only two people in the world with access to the Snowden documents.

Greenwald has also confirmed he is holding back documents, so he can put them in his upcoming book.

And out of over 55,000 documents, less than 300 pages have been published to date.

Gotta make that money.

[Bu🤠ns]

http://ternus.github.io/nsaproductgenerator/ NSA Product Generator!


( eta: Actual catalog link )

[Bu🤠ns]

A pretty interesting lecture explaining these techniques used.  by Jacob Appelbaum

[The Johnny]

A pretty interesting lecture explaining these techniques used.  by Jacob Appelbaum

Much good.

[Cain]

Well, in using Gmail he was kinda asking for it.  Admittedly, there aren't any obvious good choices now SilentCircle and Lavabit are gone (not until Darkmail is working), but still, using a company that installs backdoors for the NSA and had its company hacked from top to bottom by Fort Meade's voyeurs probably wasn't a smart choice

http://nypost.com/2013/12/30/state-dept-whistleblower-has-email-hacked-deleted/

The personal e-mail account of a State Department whis­tle­­blower was hacked, and four years worth of messages — some detailing alleged wrongdoing at the agency — were deleted, The Post has learned.

The computer attack targeted the Gmail account of Diplomatic Security Service criminal investigator Richard Higbie, his lawyer, Cary Schulman, confirmed.

"They took all of his e-mails and then they deleted them all," said Schulman. He said that he could not prove who was responsible for the hack job, but said the attack was "sophisticated" and called the targeting of Higbie "alarming."

"Obviously, somebody is not happy with something he's doing and wanted to get that information and also cause him an inability in the future to have ready access to that," Schulman said.

The e-mails included evidence about misconduct by top officials at the department, communications with other potential whistleblowers there, and correspondence with members of Congress who are investigating the allegations, Schulman said.

[The Johnny]

Lmao, not making a backup is also ridiculous.

Im sure if he asks Gmail nicely, they could restore the deleted information, i recall reading that all telecoms and information companies are required by law to keep all info for like 2-5 years.

[Bu🤠ns]

Lmao, not making a backup is also ridiculous.

Im sure if he asks Gmail nicely, they could restore the deleted information, i recall reading that all telecoms and information companies are required by law to keep all info for like 2-5 years.

It amazes me how many people don't backup their shit...then cry about it when they lose everything....well ... typically they blame the computers rather than poor perseverance.