Category Archives: NSA Spying

Surveillance State, Your Touch and Your Smartphone

Posted on by

There was a Rand Paul filibuster last week over the NSA broad sweep of citizen’s private affairs. Senator Paul does have a major point in his efforts to protect our privacy yet to what ends when it comes to national security? He pledges to take the matter of the vote on the NSA to see the Patriot Act end.

There is yet another piece of legislation that is important to understand. The USA Freedom Act. In part:

Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet Collection, and Online Monitoring Act

H.R. 3361/ S. 1599

Purpose:  To rein in the dragnet collection of data by the National Security Agency (NSA) and other government agencies, increase transparency of the Foreign Intelligence Surveillance Court (FISC), provide businesses the ability to release information regarding FISA requests, and create an independent constitutional advocate to argue cases before the FISC.

End bulk collection of Americans’ communications records

• The USA Freedom Act ends bulk collection under Section 215 of the Patriot Act.
• The bill would strengthen the prohibition on “reverse targeting” of Americans—that is, targeting a foreigner with the goal of obtaining communications involving an American.
• The bill requires the government to more aggressively filter and discard information about Americans accidentally collected through PRISM and related programs.

Reform the Foreign Intelligence Surveillance Court

• The USA Freedom Act creates an Office of the Special Advocate (OSA) tasked with promoting privacy interests before the FISA court’s closed proceedings. The OSA will have the authority to appeal decisions of the FISA court.
• The bill creates new and more robust reporting requirements to ensure that Congress is aware of actions by the FISC and intelligence community as a whole.
• The bill would grant the Privacy and Civil Liberties Oversight  Board subpoena authority to investigate issues related to privacy and national security.

Increase Transparency

• The USA Freedom Act would end secret laws by requiring the Attorney General to publicly disclose all FISC decisions issued after July 10, 2003 that contain a significant construction or interpretation of law.
• Under the bill, Internet and telecom companies would be allowed to publicly report an estimate of (1) the number of FISA orders and national security letters received, (2) the number of such orders and letters complied with, and (3) the number of users or accounts on whom information was demanded under the orders and letters.
• The bill would require the government to make annual or semiannual public reports estimating the total number of individuals and U.S. persons that were subject to FISA orders authorizing electronic surveillance, pen/trap devices, and access to business records.

DONT APPLAUD JUST YET…this next introduction of technology is very chilling. When does it all stop with surveillance?

NSA will Track Your Smartphone Finger Strokes

Smartphone technology built by Lockheed Martin promises to verify a user’s identity based on the swiftness and shape of the individual’s finger strokes on a touch screen. The mobile device feature, created by Lockheed Martin, verifies a user’s identity based on the swiftness and shape of the individual’s finger strokes on a touch screen. The technology is but one incarnation of handwriting-motion recognition, sometimes called “dynamic signature” biometrics, that has roots in the Air Force. “Nobody else has the same strokes,” said John Mears, senior fellow for Lockheed IT and Security Solutions. “People can forge your handwriting in two dimensions, but they couldn’t forge it in three or four dimensions. Three is the pressure you put in, in addition to the two dimensions on the paper. The fourth dimension is time. The most advanced handwriting-type authentication tracks you in four dimensions.”  The biometric factors measured by Lockheed’s technology, dubbed “Mandrake,” are speed, acceleration and the curve of an individual’s strokes. “We’ve done work with the NSA with that for secure gesture authentication as a technique for using smartphones,” Mears said. “They are actually able to use it.” According to Defense One . Lockheed officials said they do not know how or if the agency has operationally deployed the Mandrake smartphone doodling-recognition tool. The company also is the architect of the FBI’s recently completed $1 billion facial, fingerprint, palm print, retina scan and tattoo image biometric ID system. That project, called the Next Generation Identification system, could tie in voice and “gait matching” (how a person walks) in the future, the bureau has said. Mandrake potentially might be useful for emergency responders who often do not have the time or capability to access an incident command website, Mears said.

Lynch To Open IRS Investigation?

Posted on by

 

Department of Justice to finally open an investigation into the IRS targeting? Congressman Paul Ryan transmits letter to Attorney General Loretta Lynch.

To read the letter and see the signatures click here. Key section of letter in part:

Ms. Lerner used her position to improperly influence agency action against only conservative organizations, denying these groups due process and equal protection rights under the law.

Ms. Lerner impeded official investigations by providing misleading statements in response to questions from the Treasury Inspector General for Tax Administration (TIGTA).

Ms. Lerner risked exposing, and may actually have disclosed, confidential taxpayer information, in apparent violation of Internal Revenue Code section 6103 by using her personal email to conduct official business.

Paul Ryan on Thursday sent his first official letter to Loretta Lynch, the new U.S. attorney general. With luck, Ms. Lynch will take a few moments out of her international soccer crackdown to give it a glance.

Signed by every Republican member of the House Ways and Means Committee, which Mr. Ryan heads, the letter is a forceful request that Ms. Lynch channel just a smidgen of her famed prosecutorial skill into the largest abuse of government power in decades: the IRS targeting scandal. It’s now been two full years since a little-known IRS bureaucrat named Lois Lerner admitted that her agency systematically collected the names of conservative groups, harassed them, and denied their right to participate in elections. It’s been two full years since the Justice Department opened an investigation. And it’s been two full years of crickets.

While Ms. Lynch was this week orchestrating a dramatic dawn raid and the arrest of seven international soccer officials, the IRS’s offices continued to operate as if nothing ever happened. Two years ago, in the days following the targeting revelations, the administration sacked Acting IRS Commissioner Steven Miller only because it had to. Ms. Lerner, who had led the exempt organizations division, was allowed to retire with full pension benefits. Holly Paz, her effective deputy, was put on administrative leave. Everyone else is still at their desks. Not a single official—there or gone—has faced prosecution.

The Ryan letter asks Ms. Lynch to finally answer his committee’s 2014 referral of Ms. Lerner to the Justice Department for criminal prosecution. That referral has been largely lost to time and other headlines. Most of the focus last year was on the House’s decision to issue a contempt citation against Ms. Lerner, for improperly asserting her Fifth Amendment rights and refusing to answer its questions about her time at the IRS. In March of this year, U.S. Attorney for the District of Columbia Ronald Machen, who has since resigned, informed Speaker John Boehner that he was refusing to bring that contempt citation before a grand jury.

That’s a pity. Note, though, that the citation dealt only with Ms. Lerner’s after-the-fact behavior in front of Congress. Investigators have also compiled compelling evidence that she may have broken the law while overseeing the targeting of conservative groups. Nearly a month before Mr. Boehner sent out the citation, the Ways and Means Committee (then under Rep. Dave Camp) sent a letter to Justice making the case that Ms. Lerner should be criminally prosecuted for her time at the IRS. The Justice Department has never responded to that letter.

Specifically, the committee provided documents that show three acts by Ms. Lerner that may have violated criminal statutes. One, she helped to target only conservative organizations, thereby robbing them of equal protection and due process. Two, she may have impeded the Treasury inspector general’s investigation of the matter by giving misleading statements. Three, she risked exposing (and may have exposed) confidential taxpayer information by using her personal email address to conduct official business.

And that’s only what we know so far. Congress’s problem is that the IRS has stonewalled it at every turn. The Treasury inspector general, J. Russell George, has become tentative after all the Democratic criticism of his probe. It seems the Justice Department is the only body with the powers to shake loose some answers about what happened.

The Ryan letter asks Ms. Lynch to tell him the status of that referral, and Speaker Boehner chimed in with a statement calling for the new attorney general to prove to Americans that “justice will be served.”

Ms. Lynch’s response will be enormously telling about her view of her job. Well before the IRS scandal broke, former Attorney General Eric Holder had already built a reputation as one of the most partisan and political holders of the office in history. It was never really a surprise that Justice assigned the IRS probe to a staff attorney who was a Obama donor, or that the FBI early on leaked that it didn’t intend any prosecutions, or that Mr. Holder ignored calls for a special prosecutor. The likelihood that he’d act dropped further as evidence came out that his own Justice attorneys were implicated in Ms. Lerner’s targeting.

Meanwhile, today’s IRS commissioner, John Koskinen, has been unable to acknowledge that someone at his agency might have engaged in intentional wrongdoing. This attitude, combined with Justice’s inaction, creates the scary potential of an IRS targeting repeat. When nobody in a position of authority or with police power is willing to even question whether some in the IRS might be bad actors, there is no guard whatsoever against a Lerner 2.0.

One of Ms. Lynch’s specialties in her previous post as U.S. attorney for the eastern district of New York was political corruption. She knows that government officials can and do break the law. If she ignores or skirts the Ryan letter, the country will see that it has another Obama partisan sitting in the attorney general seat. If she acts, she might instead restore some public faith in two of the nation’s least respected institutions: the Justice Department and the IRS. It doesn’t seem such a hard choice.

 

 

Stuxnet V. 1 Success V. 2 North Korea Failed

Posted on by

Iran wasn’t the only country that had its nuclear ambitions targeted by a sneaky US cyberattack. It turns out the American government also tried to take down North Korea’s nuclear programs with the Stuxnet worm five years ago, Reuters reports. But there was one major difference: That attack ultimately flamed out. While the US managed to get Stuxnet into Iran’s nuclear facilities (reportedly by hacking suppliers), which ultimately led to the destruction of more than a thousand uranium enriching centrifuges, it never managed to get it into North Korea’s core systems. It turns out having an extremely isolated network worked in North Korea’s favor. That’s particularly ironic since Stuxnet quickly made its way out of Iran and wreaked havoc across the web.

The operation began in tandem with the now-famous Stuxnet attack that sabotaged Iran’s nuclear program in 2009 and 2010 by destroying a thousand or more centrifuges that were enriching uranium. Reuters and others have reported that the Iran attack was a joint effort by U.S. and Israeli forces.
According to one U.S. intelligence source, Stuxnet’s developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.
But U.S. agents could not access the core machines that ran Pyongyang’s nuclear weapons program, said another source, a former high-ranking intelligence official who was briefed on the program.
The official said the National Security Agency-led campaign was stymied by North Korea’s utter secrecy, as well as the extreme isolation of its communications systems. A third source, also previously with U.S. intelligence, said he had heard about the failed cyber attack but did not know details.
North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open Internet is unknown except to a tiny elite. The country has one main conduit for Internet connections to the outside world, through China.
In contrast, Iranians surfed the Net broadly and had interactions with companies from around the globe.


A spokeswoman for the NSA declined to comment for this story. The spy agency has previously declined to comment on the Stuxnet attack against Iran.
The United States has launched many cyber espionage campaigns, but North Korea is only the second country, after Iran, that the NSA is now known to have targeted with software designed to destroy equipment.
Washington has long expressed concerns about Pyongyang’s nuclear program, which it says breaches international agreements. North Korea has been hit with sanctions because of its nuclear and missile tests, moves that Pyongyang sees as an attack on its sovereign right to defend itself.
U.S. Secretary of State John Kerry said last week that Washington and Beijing were discussing imposing further sanctions on North Korea, which he said was “not even close” to taking steps to end its nuclear program.

Experts in nuclear programs said there are similarities between North Korea and Iran’s operations, and the two countries continue to collaborate on military technology.
Both countries use a system with P-2 centrifuges, obtained by Pakistani nuclear scientist A.Q. Khan, who is regarded as the father of Islamabad’s nuclear bomb, they said.
Like Iran, North Korea probably directs its centrifuges with control software developed by Siemens AG that runs on Microsoft Corp’s Windows operating system, the experts said. Stuxnet took advantage of vulnerabilities in both the Siemens and Microsoft programs.
Because of the overlap between North Korea and Iran’s nuclear programs, the NSA would not have had to tinker much with Stuxnet to make it capable of destroying centrifuges in North Korea, if it could be deployed there.
Despite modest differences between the programs, “Stuxnet can deal with both of them. But you still need to get it in,” said Olli Heinonen, senior fellow at Harvard University’s Belfer Center for Science and International Affairs and former deputy director general of the International Atomic Energy Agency.
NSA Director Keith Alexander said North Korea’s strict limitations on Internet access and human travel make it one of a few nations “who can race out and do damage with relative impunity” since reprisals in cyberspace are so challenging.
When asked about Stuxnet, Alexander said he could not comment on any offensive actions taken during his time at the spy agency.
David Albright, founder of the Institute for Science and International Security and an authority on North Korea’s nuclear program, said U.S. cyber agents probably tried to get to North Korea by compromising technology suppliers from Iran, Pakistan or China.
“There was likely an attempt” to sabotage the North Korean program with software, said Albright, who has frequently written and testified on the country’s nuclear ambitions.

The Stuxnet campaign against Iran, code-named Olympic Games, was discovered in 2010. It remains unclear how the virus was introduced to the Iranian nuclear facility in Natanz, which was not connected to the Internet.
According to cybersecurity experts, Stuxnet was found inside industrial companies in Iran that were tied to the nuclear effort. As for how Stuxnet got there, a leading theory is that it was deposited by a sophisticated espionage program developed by a team closely allied to Stuxnet’s authors, dubbed the Equation Group by researchers at Kaspersky Lab.
The U.S. effort got that far in North Korea as well. Though no versions of Stuxnet have been reported as being discovered in local computers, Kaspersky Lab analyst Costin Raiu said that a piece of software related to Stuxnet had turned up in North Korea.
Kaspersky had previously reported that the software, digitally signed with one of the same stolen certificates that had been used to install Stuxnet, had been submitted to malware analysis site VirusTotal from an electronic address in China. But Raiu told Reuters his contacts had assured him that it originated in North Korea, where it infected a computer in March or April 2010.
Some experts said that even if a Stuxnet attack against North Korea had succeeded, it might not have had that big an impact on its nuclear weapons program. Iran’s nuclear sites were well known, whereas North Korea probably has at least one other facility beyond the known Yongbyon nuclear complex, former officials and inspectors said.
In addition, North Korea likely has plutonium, which does not require a cumbersome enrichment process depending on the cascading centrifuges that were a fat target for Stuxnet, they said.
Jim Lewis, an advisor to the U.S. government on cybersecurity issues and a senior fellow at the Center for Strategic and International Studies, said there are limitations to cyber offense.
A cyber attack “is not something you can release and be sure of the results,” Lewis said.

 

Follow the Nukes, Money and Death(s) to Putin?

Posted on by

Putin clamps down on troop-death data

Rule may hide ‘secret war’ in Ukraine

Putin signed an order Thursday making the deaths of Russian troops lost during “special operations” a secret, amending a previous decree that limited such secrecy to deaths of soldiers in wartime. Some watchers can see only one plausible reason for the change: Russia is gearing up for another military push into Ukraine.

“We’re in a pre-war situation. Right now, there’s going to be another campaign in Ukraine,” said Pavel Felgenhauer, a military analyst based in Moscow, who added that Russia was being secret about losses because “we’re fighting a secret war.” Read much more here.

Embedded image permalink

Who Took Moldovos Millions ~ The Crooks or the Kremlin

On the eve of a national election in tiny Moldova last November, $450 million — equal to 10 percent of the Eastern European country’s entire annual gross domestic product — went missing. So far, no one knows where it went.

Much was at stake in the election. Last June, Moldova’s pro-Europe government signed an association agreement with the European Union. Pro-Russia opponents favored partnership with Moscow’s Eurasian Economic Union instead. The incumbents barely won. Moscow signaled its displeasure with the EU agreement by placing an embargo on the import of Moldovan fruits, vegetables and wine.

Earlier this month, approximately 10,000 Moldovans marched in the streets of the capital, Chisinau, shouting, “Down with the thieves!” and “We want the billions back!”

Kroll, the international risk consultancy, had been engaged to do an initial private investigation. The parliament’s speaker posted this from their report: “There appears to have a deliberate plan to gain control of each of the banks and subsequently manipulate transactions to gain access to credit, whilst giving the appearance to the contrary.” Yet, the National Anti-corruption Center of Moldova claimed the report was based on rumors that leaked to local media. Read more here.

Oppose Putin?

Putin opponent near death in suspected poisoning

An outspoken opponent of Russian President Vladimir Putin was near death Friday from an apparent poisoning just three months after his close political ally was gunned down near the Kremlin, and supporters want him evacuated to Europe or Israel to determine what sickened him.

Vladimir Kara-Murza Jr., who has long been based in Washington, was in a hotel in Moscow when he suddenly lost consciousness May 26 and was hospitalized with what his wife called “symptoms of poisoning.” The 33-year-old is a coordinator for Open Russia, a nongovernmental organization which on the previous day released a documentary film accusing close Putin crony and Chechen strongman Ramzan Kadyrov of human rights abuses including torture and murder.

“Doctors have just confirmed that he was poisoned,” Andrei Bystrov, an opposition activist and friend of the Kara-Murza family, told The Telegraph. “As to what with, they can’t say yet. It could be anything.”

Kara-Murza, a dual Russian-British citizen, was a close associate of opposition leader Boris Nemtsov, who was assassinated in February.

“I am deeply concerned about the mysterious illness of Vladimir Kara-Murza, especially given the recent murder of Boris Nemtsov and the number of Putin’s opponents who have been poisoned,” Rep. Chris Smith, R-N.J., said in a statement

Kara-Murza’s family was trying to get him evacuated to Europe or Israel for toxicology tests after hemodialysis failed to stop complete kidney failure. Read more here.

Nuclear Aggression

NATO Leader Sees Dangerous Trend in Russia’s Nuclear Activities

Russia’s recent use of nuclear rhetoric, exercises and operations are deeply troubling. As are concerns regarding its compliance with the Intermediate Nuclear Forces Treaty.

President Putin’s admission that he considered putting Russia’s nuclear forces on alert while Russia was annexing Crimea is but one example.

Russia has also significantly increased the scale, number and range of provocative flights by nuclear-capable bombers across much of the globe. From Japan to Gibraltar. From Crete to California. And from the Baltic Sea to the Black Sea.

Russian officials announced plans to base modern nuclear-capable missile systems in Kaliningrad. And they claim that Russia has the right to deploy nuclear forces to Crimea.

 

No Longer Nuclear Zero

Posted on by

The nuclear weapons chatter is rising by the day. The Saudis paid for much of Pakistan’s nuclear weapons program that included an agreement to access to weapons at a future date. The ongoing talks the P5+1 with Iran has Saudi Arabia dusting off their immediate options. The White House and John Kerry are seeing a final date slippage with regard to the June 30 deadline, but to what end?

There has been recent inquiries into Israel’s nuclear program exposing their weapons systems, something that has never been previously discussed.

Vladimir Putin has recently increased his own nuclear points and expansion of flights by his nuclear bombers that include the Ukraine, Poland and northern Europe. This has NATO expressing distress and a counter-measures strategy.

Yet Russia has had some chilling nuclear weapons program history putting the world that includes jihadi network into the equation.

Breakdown in U.S.-Russia relations raises risk of nuclear-armed jihadists

In the last several years, a number of troubling events have revealed weaknesses in Russian nuclear security. A Russian general in command of nuclear weapon storage sites was fired due to massive corruption. A colonel in the Russian Ministry of Interior in charge of nuclear security inspections was arrested for soliciting bribes to overlook security violations. One American researcher visiting a nuclear facility was told it would take merely $100 to bribe his way in.

Graft in Russia is rife, and corruption plus available uranium is a troubling combination. This vulnerability is heightened by the fact that at many nuclear sites the accounting systems to track uranium and plutonium could not sufficiently identify thefts of newly manufactured or older stored fissile materials. More broadly, Russia does not possess a master baseline inventory of all nuclear materials produced in the former Soviet Union — and where all of it is today.

At a 2010 summit of world leaders, President Barack Obama described nuclear terrorism as “the single biggest threat to U.S. security.” He’s right — but as the crisis in Ukraine festers, recent U.S. actions have unraveled decades of successful cooperation with Russia to reduce the risk.

While some argue that the United States needs to “punish” Russia due to Moscow’s contribution to the crisis in Ukraine, this is akin to cutting off our nose to spite our face. Given the threat from “loose nukes” to our national security, the United States should take steps to jump-start U.S.-Russian nuclear security cooperation.

When the Soviet Union collapsed in 1991, American policymakers suddenly faced a frightening new threat: Poverty and chaos caused a complete breakdown in security throughout the former Soviet nuclear complex. Insiders at top-secret Russian nuclear weapons plants tried to steal and sell nuclear materials on the black market. Unpaid guards at nuclear sites left their posts to search for food. A senior White House science adviser even discovered more than 150 pounds of highly enriched uranium — enough for several nuclear bombs — sitting unguarded in lockers in the middle of Moscow.

In response to this threat, the United States spent billions of dollars under the Cooperative Threat Reduction (CTR) program to help Russia secure its nuclear materials and facilities. From the deactivation of almost 8,000 Russian nuclear warheads to the building of a massive storage facility for 27 tons of fissile materials, CTR was arguably the most successful American foreign aid program in history.

Following the conclusion of the CTR program in 2013, the U.S. Department of Energy (DOE) and Russia’s state-owned nuclear company Rosatom signed a comprehensive nuclear cooperation agreement. This agreement, which was designed to build trust between the two countries, called for projects ranging from the development of advanced nuclear security and safety technologies, to visits by each side’s scientists to the other’s most sensitive nuclear labs and facilities.

Less than seven months after the agreement was signed, however, the DOE dealt a devastating blow to Russian-American nuclear security cooperation, banning Russian nuclear scientists from visiting the United States while also banning DOE nuclear scientists from visiting Russia.

The current defense budget, passed seven months after the DOE’s action, also bars all funding for nuclear nonproliferation activities and assistance in Russia.

Its pride wounded, Russia retaliated, first announcing it would boycott the 2016 nuclear security summit in Chicago and then informing U.S. officials it would no longer accept American aid to help secure Russia’s weapons-grade uranium and plutonium — a significant blow to U.S. national security.

Nuclear security in Russia is undoubtedly better than it was in the 1990s. Guards at nuclear sites are paid on time. Perimeter fences surrounding these sites no longer have holes. Fissile materials are no longer stored in lockers. That’s the good news.

The bad news is that while physical security at nuclear sites is greatly improved, real problems still remain. Russia continues to have the world’s largest nuclear stockpile and there are more than 200 buildings and bunkers where highly enriched uranium or separated plutonium is stored. Sophisticated criminals could still exploit the remaining weaknesses in Russian nuclear security.

We know that Osama bin Laden considered a nuclear attack targeting American civilians to be a legitimate action, and last year Islamic State stole 88 pounds of non-enriched uranium compounds from a university in Mosul. With nearly 2,000 Russian citizens fighting with Middle East extremist groups, if fissile material does end up in the hands of militants, it is quite possible it will have originated from Russia.

The DOE should work with Rosatom to restart the September 2013 agreement and implement the reciprocal nuclear site visits, scientist-to-scientist cooperation and joint-research the agreement envisions. The personal relationships developed over decades of cooperation between Russian and American scientists are too important to jeopardize — we are only shooting ourselves in the foot by cutting these off.

The United States should also understand that the narrative from the 1990s whereby the United States is a donor and Russia is an aid recipient is no longer acceptable in Moscow. Going forward, nuclear cooperation must be reframed as a partnership of equals, with both sides contributing to the conversation about how and why to strengthen security. Republicans and Democrats should put aside partisan differences and fully fund U.S.-Russian nuclear security cooperation — whatever that ultimately involves. The Obama administration is proposing to spend $348 billion upgrading the U.S. nuclear arsenal over the next ten years. It’s worth spending a tiny fraction of that money to prevent loose nukes.

All of these steps require that the United States end the linkage between nuclear security cooperation with Russia and the crisis in Ukraine. While the current political environment makes this difficult, not doing so is foolhardy.

*** Yet there is nuclear weapons and testing history that is important to understand and an example is the Marshall Islands and the Nuclear Proliferation Treaty. Fascinating read is here. A declassified video is below: