Tag: snowden

Top encryption software project nearly went under

Glens_EnigmaA free email encryption software project which was used by whistleblower Edward Snowden nearly went under this week when the bloke behind it ran out of cash.

Koch’s code is behind most of the popular email encryption programs GPGTools, Enigmail, and GPG4Win.  If he packed it in, he would create a nightmare scenario for the security industry.

Werner Koch appealed for cash to keep his Gnu Privacy Guard project going.  He wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded.

He has been running the project more or less for free because he believed there was a need to have some sort of open saucy encrypted software.  In 2013 he was all set to pack it in and then the Snowden news broke, and he realised that this was not the time to cancel.

It is not as if the industry has been particularly helpful, despite its dependence on him, the security industry has not been that helpful.

Koch could not raise enough money to pay himself and to fulfill his dream of hiring a full-time programmer. He has been living off $25,000 per year since 2001 — a fraction of what he could earn in private industry. In December, he launched a fundraising campaign that has garnered about $43,000 to date but he needed $137,000 to pay himself a decent salary and hire a full-time developer.

A lifeline was thrown to him this week. He was awarded a one-time grant of $60,000 from Linux Foundation’s Core Infrastructure Initiative. Donations flooded Werner’s website donation page and he reached his funding goal of $137,000. In addition, Facebook and the online payment processor Stripe each pledged to donate $50,000 a year to Koch’s project.

The cash gave Koch, who has an 8-year-old daughter and a wife who isn’t working, some breathing room. But when Propublica  http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke asked him what he will do when the current batch of money runs out, he shrugged and said he prefers not to think about it. “I’m very glad that there is money for the next three months,” Koch said. “Really I am better at programming than this business stuff.”

Western spooks behind Regin

 james_bond_movie_poster_006Security experts at Kaspersky Lab have discovered shared code and functionality between the Regin malware and a similar platform  in a newly disclosed set of Edward Snowden documents 10 days ago by Germany’s Der Spiegel.

The link, found in a keylogger called QWERTY allegedly used by the so-called Five Eyes, leads them to conclude that the developers of each platform are either the same, or work closely together.

Writing in their blog, Kaspersky Lab researchers Costin Raiu and Igor Soumenkov  said that considering the extreme complexity of the Regin platform there’s little chance that it can be duplicated by somebody without having access to its source codes.

They think that the QWERTY malware developers and the Regin developers were the same or working together.

The Der Spiegel article describes how the U.S National Security Agency, the U.K.’s GCHQ and the rest of the Five Eyes are allegedly developing offensive Internet-based capabilities to attack computer networks managing the critical infrastructure of its adversaries.

QWERTY is  a module that logs keystrokes from compromised Windows machines; Der Spiegel said the malware is likely several years old and has likely already been replaced.

Kaspersky researchers Raiu and Soumenkov said QWERTY malware is identical in functionality to a particular Regin plugin.

Raiu and Soumenkov said within QWERTY there were three binaries and configuration files. One binary called 20123.sys is a kernel mode component of the QWERTY keylogger that was built from source code also found in a Regin module, a plug-in called 50251.

Side-by-side comparisons of the respective source code shows they are close to identical and sharing large chunks of code.

Regin was discovered in late November by Kaspersky Lab and it was quickly labelled one of the most advanced espionage malware platforms ever studied, surpassing even Stuxnet and Flame in complexity. The platform is used to steal secrets from government agencies, research institutions, banks and can even be tweaked to attack GSM telecom network operators.



How Snowden put the brakes on Amazon’s cloud

snowdenWhile the industry is telling the world+dog know that 2015 was the year of the cloud, one has to wonder what it would have been like if Edward Snowden had not revealed high level snooping of off-site data centres.

This year Taser discovered first hand some of the problems. It won a high-profile contract to supply body cameras to the London police. But the deal nearly collapsed because video footage on Amazon’s cloud.

The deal survived only after Taser dropped Amazon.com because it did not have a data centre in Britain.  The UK coppers did not want their data going overseas where it could be snooped upon by the US.

Larger companies are getting worried about relying too heavily on Amazon’s public cloud servers, preferring to store data on their own premises or work with cloud providers that can offer them the option of dedicated servers.

It has opened the door for Microsoft which has flogged the private cloud over the public and offered companies more direct oversight of their data in the cloud.

Steve Herrod, the former chief technology officer of VMware now a venture capitalist at General Catalyst Partners said Edward Snowden did more to create a future with many clouds in many locations than any tech company has managed.

A web of new laws restricting how data can move across national borders creates another hurdle for Amazon and led for calls for it to build more localised clouds.

SAP has ruled out working with Amazon on many upcoming projects due partly to data-location issues.

Amazon insists that demand for AWS, including in Europe and Asia, has never been stronger, and that any contracts lost to rivals are the extreme exception. It said that it will build data centres in every large country over time, but that will cost a bomb.

However it is having to face that fact that the model it pioneered in 2006 is slowing down because it is UScentric – at least for now.

AWS is five times the computing capacity of its next 14 rivals, including Microsoft, Google and IBM, according to Gartner and analysts are predicting that AWS revenue will more than double from 2014 levels to $10.5 billion in 2017, faster than the market overall.

But Synergy Research Group said that it could have been a lot different. At the moment  AWS holds a 27 percent market share in the third quarter of 2014, compared to 10 percent for Microsoft’s Azure cloud business. Azure, however, grew 136 percent on a rolling annualized basis in the quarter, while AWS grew 56 percent.

Part of the reason that Azure did so well is because that Microsoft is willing to work with third-party data centre managers, such as Fujitsu, when clients are required to keep data within a country’s borders.


Vole is helping companies add cloud capabilities to their existing data centres and create a “hybrid” model that Amazon has only just started to offer.

Aix months ago, Barclays chose  Azure over AWS to power some development and testing work because of its private-cloud option, along with Barclays’ existing familiarity with Microsoft’s data-centre software.

Vole has the advantage that it knows a few people in corporate and government and is using them to  peddle Azure. AWS has only just started to build such ties.

It would have been different if it had not been for Snowden making those corporates and governments very nervous about allowing their data out of their sight.


Verizon’s end-to-end encryption has back door

back-doorUS carrier Verizon really does not understand why people want end-to-end encryption on their phone lines.

The outfit just announced that it is bringing in an expensive service which guarantees security by providing the sort of encryption on the line which users want following the Edward Snowden revelations.

Verizon Voice Cypher, the product introduced with the encryption company Cellcrypt, offers business and government customers’ end-to-end encryption for voice calls on iOS, Android, or BlackBerry devices equipped with a special app. The encryption software provides secure communications for people speaking on devices with the app, regardless of their wireless carrier, and it can connect to an organization’s secure phone system. All this will cost you $45 per device each month.

All sounds good but then comes the part which Verizon and Cellcrypt fail to understand why people want their product in the first place.

Cellcrypt and Verizon both say that law enforcement agencies will be able to access communications that take place over Voice Cypher, so long as they are able to prove that there is a legitimate law enforcement reason for doing so.

Seth Polansky, Cellcrypt’s vice president for North America, said building technology to allow wiretapping was not a security risk. “It’s only creating a weakness for government agencies,” he says. “Just because a government access option exists, it doesn’t mean other companies can access it.”

While Verizon is required by US law to build networks that can be wiretapped, the Communications Assistance for Law Enforcement Act requires phone carriers to decrypt communications for the government only if they have designed their technology to make it possible to do so. All Verizon and Cellcrypt needed to do is structure their encryption so that neither company had the information necessary to decrypt the calls, they would not have been breaking the law.

Verizon believes major demand for its new encryption service will come from governmental agencies conveying sensitive but unclassified information over the phone. It might have a point – such agencies want encryption and do not have to worry about others snooping on them.


Snowden taught companies something

Edward_SnowdenAfter years of ignoring warnings from experts, companies and individuals started to take security more seriously after the Snowden leaks, according to a new survey.

More than 39 per cent have taken steps to protect their online privacy and security because of spying revelations by one-time NSA employee Edward Snowden, according to the Centre for International Governance Innovation (CIGI).

The survey found that 43 percent of Internet users now avoid certain websites and applications and 39 percent change their passwords regularly.

The survey reached 23,376 internet users in 24 countries and was conducted between October 7 and November  12.

More than 39  percent of those surveyed indicated they are taking steps to safeguard their online data from government prying eyes.

Writing in his blog, Security specialist Bruce Schneier said that Snowden’s whistleblowing on the NSA is having an enormous impact.

“I ran the actual numbers country by country, combining data on Internet penetration with data from this survey. Multiplying everything out, I calculate that 706 million people have changed their behavior on the Internet because of what the NSA and GCHQ [a British intelligence and security organization] are doing.”

This means that two-thirds of users indicated they are more concerned today about online privacy than they were a year ago. When given a choice of various governance sources to effectively run the world-wide Internet, a majority chose the multi-stakeholder option — a “combined body of technology companies, engineers, non-governmental organizations and institutions that represent the interests and will of ordinary citizens, and governments.”

A majority indicated they would also trust an international body of engineers and technical experts to store their online data, while only 36 percent of users would trust the United States to play an important role in running the Internet.

Nearly three-quarters of the Internet users surveyed indicated they want their online data and personal information to be physically stored on a secure server in their own country.

Those surveyed also indicated that 64 percent are concerned about government censorship of the Internet and 62 percent are worried about government agencies from countries other than the US secretly monitoring their online activities

Another notable finding was that 83 percent of people believe that affordable access to the internet should be a basic human right.


Assange lobbies for a giant statue of himself

Julian AssangeNo-one can say that being locked up in the Ecuadorean embassy on the run from sex charges has damaged Julian Assange’s ego much.

The founder of Wikileaks wants people to invest their hard-earned dollars into the creation of a life-size bronze public artwork featuring himself, Chelsea Manning and Edward Snowden.

“A monument to courage” is a proposed statue by Italian sculptor Davide Dormino, entitled Anything to Say?, will depict the trio standing on chairs, with another empty seat beside them onto which members of the public will be encouraged to climb – allowing them to stand shoulder to shoulder with the whistleblowers.

We would have thought “oh for goodness sake” would have been a better title. Putting Assange in the same league as Manning and Snowden who actually paid the price for actually leaking documents is a bit unfair.  They are either in jail or in exile, for leaking documents. He is banged up in the embassy because he does not want to face questions about two women who laid complaints about sexual assault about  him.  He denies the charges but refuses to go court to face his accusers.

Organisers need £100,000 to complete the project, a sum they hope to raise by 1 January through the crowd-funding website Kickstarter. With just 21 days to go, only £19,360 has been pledged – perhaps explaining why Assange chose to alert WikiLeaks’ 2.4 million Twitter followers to the campaign.

According to the Kickstarter page, the statue “is not a simple homage to individuals, but to courage and to the importance of freedom of speech and information”. The reason for the empty chair is that each of us can climb onto it to change our point of view.

“The work of art will travel from country to country and offer the opportunity for us to hear each other out and think.”

The idea for the statue came from Dormino and Charles Glass, an American author, journalist and broadcaster. British journalist Vaughan Smith, with whom Assange stayed while he was on bail in 2010, is organising the Kickstarter campaign. This is surprisingly forgiving of Smith, because when Assange skipped bail he left those who posted bail for him in the embarrassing position where they had to pay up.

“I got excited by it because I thought it was some art that suggested, rather appropriately, that these whistleblowers were our true friends rather than the politicians who pretend to be,” Smith told The Independent.

He added that most of the £100,000 for the project would go towards transporting the artwork around the world and that nobody was being paid for taking part. The rest of the money will go towards the statue’s creation at a foundry in Pietrasanta, Tuscany.

Oddly,Wikileaks will not get any cash out of the project and the sculpture has not worked out a way of getting a good image of Chelsea Manning, whose appearance has changed and there are not enough pictures of her.  There are shedloads of snaps of Assange.

Snowden did not seem too worried about snooping

snowdenThe NSA has poured cold water on the central plank of Edward Snowden’s statements that he was worried about overwhelming government spying and could not make anyone listen.

Snowden said that he had complained to his fellow workers about the snooping programmes but had to take action when no one listened.

The NSA said that it had reviewed all of Edward Snowden’s available emails in addition to interviewing NSA employees and contractors to determine if he had ever raised concerns internally about the agency’s vast surveillance programs.

According to documents the government filed in a federal court last Friday, NSA officials were unable to find any evidence Snowden ever had shared his concerns with anyone.

In a sworn declaration, David Sherman, the NSA’s associate director for policy and records, said the agency launched a “comprehensive” investigation after journalists began to write about top-secret NSA spy programs upon obtaining documents Snowden leaked to them.

The investigation included searches of any records where emails Snowden sent raising concerns about NSA programs “would be expected to be found within the agency.”

Sherman said the NSA searched sent, received, and deleted emails from Snowden’s account and emails “obtained by restoring back-up tapes.”

Still, the agency says it did not find any evidence that Snowden attempted to address his concerns internally — as he has said he did — before leaking the documents.

This is problematic for Snowden’s supporters because VICE News filed a case against the NSA earlier this year seeking copies of emails in which Snowden raised concerns about spy programs he believed were unconstitutional.

However if he did not then some of Snowden’s reputation as a whistleblower suffers. If Snowden was really concerned about the antics of the NSA he never even mentioned his concerns to his colleagues.   Of course that might mean that he simply did not want to end up unemployed, or given a nice walk around a German forest somewhere, but it could also mean that he was not concerned about snooping.

Of course, there is the small matter if you believe the spooks, whose reputation for truth is about on a par with Robert Maxwell’s.

So far, the NSA has found a single email Snowden sent to the NSA’s general counsel in April 2013 in which he raised a question about NSA legal authorities in training materials.

That email poses a question about the relative authority of laws and executive orders — it does not register concerns about NSA’s intelligence activities.


NSA recruits cyberbots

TerminatorWhistleblower Edward Snowden claims that the NSA is building a cyberbot which could wage an automatic cyber-war without needing humans.

Snowden said that the agency is developing a cyber defence system that would instantly and autonomously neutralise foreign cyberattacks against the US, and could be used to launch retaliatory strikes.

Dubbed MonsterMind, the project makes it clear that US spooks do not read enough science fiction and have no real idea about what could possibly go wrong.

Snowden told Wired  that the system involves algorithms which would scour massive repositories of metadata and analyse it to differentiate normal network traffic from anomalous or malicious traffic. Armed with this knowledge, the NSA could instantly and autonomously identify, and block, a foreign threat.

Apparently, it is not exactly rocket science. If the NSA knows how a malicious algorithm generates certain attacks, this activity may produce patterns of metadata that can be spotted.

However it is a little like a digital version of the Star Wars initiative President Reagan proposed in the 1980s in that it would probably cost a bomb and never actually do what it says it will.

To make matters worse, Snowden suggests MonsterMind could one day be designed to return fire—automatically, without human intervention—against the attacker. However, whatever way it does this, it could break the internet and there will almost certainly be collateral damage.

For example if the hacker operated through a proxy in a third party country, MonsterMind would cheerfully destroy computers in that country. Microsoft has experience of the effects of following such a policy, when it attempted to take out two botnets it disabled thousands of domains that had nothing to do with the malicious activity Microsoft was trying to stop.

Spotting malicious attacks in the manner Snowden describes would, he says, require the NSA to collect and analyze all network traffic flows in order to design an algorithm that distinguishes normal traffic flow from anomalous, malicious traffic.

This would mean that the NSA would have to be intercepting all traffic flows and violating the Fourth Amendment.

It would also require sensors placed on the internet backbone to detect anomalous activity.


US spooks in Snowden panic

spyUS spooks have uncovered what they think is another Edward Snowden who has been secretly leaking classified info to the great unwashed.

The Secret Service is thinking of asking the US Department of Justice to open a criminal investigation into the suspected leak of a classified counter-terrorism document to a news website.

A document which was published in The Intercept provides a statistical breakdown of the types of people whose names and personal information appear on two government data networks listing people with supposed connections to militants.

The Intercept is co-founded by Grenn Greenwald, the reporter who worked with Edward Snowden but the document was dated August 2013, after Snowden left the US.

Since Snowden is not thought to have had access to US networks after May, officials to suspect the drop may have come from a second leaker.

The document talked about the Terrorist Identities Datamart Environment database (TIDE) and the Terrorist Screening Database.

It said 680,000 names were “watchlisted” in the Terrorist Screening Database, an unclassified data network which is used to draw up more selective government watchlists.

The file also showed that 280,000 of the 680,000 people are described by the government as having “no recognised terrorist group affiliation.”

More lists include a “no fly” list totalling 47,000 people who are supposed to be banned from air travel, and a further “selectee list” of 16,000 people who are supposed to get extra screening.

The screening database is taken from TIDE, a larger, ultra-classified database which contains 320,000 more names.

This is not the first time the Intercept has a big scoop that has put the fear of god into the spooks. It has also published a lengthy document setting out the criteria and procedures by which names are placed into terrorist watchlist databases.

Hole found in Edward Snowden

black_holeSecurity experts have found a flaw that could expose the identities of people using a privacy-oriented operating system touted by Edward Snowden.

The news came two days after widely used anonymity service Tor acknowledged a similar problem, making this a bad week for those who do not want their information made public.

The most recent finding concerns a heavily encrypted networking program called the Invisible Internet Project, or I2P. It is used to send messages and run websites anonymously and ships along with the specialized operating system “Tails.”

Tails was what Snowden used to communicate with journalists in secret.

I2P is supposed to obscure the Internet Protocol addresses of its roughly 30,000 users, but anyone who visits a booby-trapped website could have their true address revealed, making it likely that their name could be exposed as well.

The hole was found by researchers at Exodus Intelligence which warned people might think the technology is safe because Snowden used it.

Tails launches from a DVD or USB stick and is designed to maintain privacy even when a computer or network has been hacked.

The I2P flaw will be fixed, in what a spokesman for the I2P project called the “near future.” In the meantime, he said, users should disable JavaScript.

Exodus is normally seen as one of the bad guys, working with one of a dozen or more companies known to sell secret security flaws to intelligence agencies and spooks. In this case, Exodus alerted I2P and Tails to the problem and said it would not divulge the details to customers until the problem has been fixed.