Anonops #12: Spy on the Spyers

quote:

http://youranonnews.tumbl(...)er-from-rose-collins

In response to an open letter from Rose Collins, the mother of arrested Anonymous hacktivist Jeremy Hammond, @YourAnonNews issues the following remarks:

First, we do not presume to speak on behalf of the entire Anonymous movement. No one can speak for everyone in Anonymous. However, when we saw the open letter from Jeremy Hammond’s mother linked above, we knew we had to issue a response of some sort. This response encapsulates the personal views of the YourAnonNews team and in no way is meant to be reflective of Anonymous as a whole. Second, Hammond was a true friend and ally in Anonymous—a fellow compatriot at electronic arms, so to say. His fierce convictions and inner strength could be strongly sensed even over nothing but text on a screen. If we can in any way help his mother understand the strongly held convictions of her son and the movement he is involved in, we will do our best. Here goes…

(1) Please Rose, for the sake of all that is good in this world, don’t EVER attempt to speak “Internet” again. Please. Don’t. (We kid, of course. We appreciated the attempt.)

(2) If you do some basic research, you would find that Anonymous has a strong legal network, with close ties to various legal organisations, including the NLG and EFF, as well as various criminal defence law firms. Your son is represented currently by attorney Liz Fink, with the NLG. We suggest that you reach out to the attorney and establish contact, if you have not done so already.

(3) Your son also has a legal defense fund and a dedicated site with constant updates on his legal proceedings. You can learn more about it here: http://freehammond.org/

(4) Some of us here knew Hammond closely online. His arrest is a great loss to us, not only as Anons, but also on a personal level. Your son is an amazing person and has a big heart. We sorely miss his online presence.

(5) We will not presume to know what your family’s personal situation is like, but whatever your political differences may be with your son, it’s probably best to reach out to him at this time. Be there for him. Support him. He believed in what he was doing. Honour that.

(6) What will we do if we meet up with Sabu? We’ll listen to his side of the story. Because we strongly believe that every story has multiple sides and each deserves a fair hearing. Perhaps many in the community were too quick to rush to judgment. Perhaps not. Only time will tell once all of the facts get laid out and properly sorted.

(7) Please get a manicure. And why are your nails poisonous? Just curious. That’s probably not a good thing…

(8) You actually make some interesting points about the feds and Sabu and raise some good questions that all of us should have asked ourselves before we hastily jumped to conclusions. It is interesting that you, out of all of us, are the one to most vocally question the how and why the feds burned Sabu as their informant asset. Thank you for reminding us of the need to remain critical and curious. We strongly encourage all Anons and other individuals to do their own research and analyse mainstream-media disseminated stories before jumping into them head first and making assumptions. We cannot say it enough: Facts, facts, facts. Research, research, research.

(9) How does one “spit a rat”? Wait…don’t answer, we don’t want to know! D:

(10) You ask, who are we to decide that all government secrets must be exposed? You should actually be asking, who are we NOT to demand this? The People have a right to know what is going on within the depths of THEIR government. The government is there to serve us, not politicians’ self interest, corporate profits, or special interest groups. If it fails in its singular goal of preserving liberty and freedom, and instead starts to impinge onto our essential rights, who are we to NOT stand up to it? Who watches the watchmen? WE DO, because frankly, no one else will.

(11) No one’s trying to force you to wear a burqa. How does ending capitalism lead to you wearing a burqa? Lady, we’d love to get inside your head and understand your reasoning.

(12) We’re not a group. Stop thinking of us as such. It seems that your arguments directed at us are actually directed at your son’s political views. Why don’t you take some time to hash them out with him? Or at least try to understand how he conceptualises Anonymous and sees himself in it?

(13) Anonymous actively works toward contradictory aims. What can we say? We’re just a bag of convoluted contradictions. But don’t you see? That is the beauty of the idea and movement. Anonymous has been pro choice and pro life. Anonymous has fought for uncensored Internet and yet conducts vigilante attacks on pedophile websites. Anonymous is comprised of tens of thousands of people from all schools of political thought. And yet, despite all of that, there exists a common fibre that is woven through the social fabric within Anonymous—We care about change and we exist to challenge the status quo. We have a remarkable degree of ability to work together on common causes where they exist because we know that we are working to create a better future not just for ourselves, but for generations to come. We hope you can understand this.

(14) We’re glad that you’re just as mad at the economic situation as us. You actually raise a good point—that perhaps the economic crisis is not any one specific segment’s fault more than another, but rather, a multi-faceted endemic systemic failure of the current capitalistic economy and its supporting structures. Thank you.

(15) We are doing what we can to help your son. And we hope you are as well. Reach out to him. Be there for him. Support him. Stay strong for him. Try to understand him. Try to put his actions in context. Help him. Love him. You can do this better than any of us.

We sincerely hope we provided some sort of insight in answer of your queries. Please feel free to reach out to us or any other Anons should you have additional questions or concerns.

Best,

The YourAnonNews Team

quote:

The CIA wants to spy on you through your TV: Agency director says it will 'transform' surveillance

> Devices connected to internet leak information
> CIA director says these gadgets will 'transform clandestine tradecraft'
> Spies could watch thousands via supercomputers
> People 'bug' their own homes with web-connected devices


When people download a film from Netflix to a flatscreen, or turn on web radio, they could be alerting unwanted watchers to exactly what they are doing and where they are.

Spies will no longer have to plant bugs in your home - the rise of 'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus.

The CIA claims it will be able to 'read' these devices via the internet - and perhaps even via radio waves from outside the home.

Everything from remote controls to clock radios can now be controlled via apps - and chip company ARM recently unveiled low-powered, cheaper chips which will be used in everything from fridges and ovens to doorbells.

The resultant chorus of 'connected' gadgets will be able to be read like a book - and even remote-controlled, according to CIA CIA Director David Petraeus, according to a recent report by Wired's 'Danger Room' blog.

Petraeus says that web-connected gadgets will 'transform' the art of spying - allowing spies to monitor people automatically without planting bugs, breaking and entering or even donning a tuxedo to infiltrate a dinner party.

'Transformational’ is an overused word, but I do believe it properly applies to these technologies,' said Petraeus.

'Particularly to their effect on clandestine tradecraft. Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters - all connected to the next-generation internet using abundant, low-cost, and high-power computing.'

Petraeus was speaking to a venture capital firm about new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.

This week, one of the world's biggest chip companies, ARM, has unveiled a new processor built to work inside 'connected' white goods.

The ARM chips are smaller, lower-powered and far cheaper than previous processors - and designed to add the internet to almost every kind of electrical appliance.

It's a concept described as the 'internet of things'.

Futurists think that one day 'connected' devices will tell the internet where they are and what they are doing at all times - and will be mapped by computers as precisely as Google Maps charts the physical landscape now.

Privacy groups such as the Electronic Frontier Foundation have warned of how information such as geolocation data can be misused - but as more and more devices connect, it's clear that opportunities for surveillance will multiply.

Read more: http://www.dailymail.co.u(...)e.html#ixzz1pNO5K1Jg

quote:

Which VPN Providers Really Take Anonymity Seriously?

Last month it became apparent that not all VPN providers live up to their marketing after an alleged member of Lulzsec was tracked down after using a supposedly anonymous service from HideMyAss. We wanted to know which VPN providers take privacy extremely seriously so we asked many of the leading providers two very straightforward questions. Their responses will be of interest to anyone concerned with anonymity issues.

As detailed in yesterday’s article, if a VPN provider carries logs of their users’ activities the chances of them being able to live up to their claim of offering an anonymous service begins to decrease rapidly.

There are dozens of VPN providers, many of which carry marketing on their web pages which suggests that the anonymity of their subscribers is a top priority. But is it really? Do their privacy policies stand up to scrutiny? We decided to find out.

Over the past two weeks TorrentFreak contacted some of the leading, most-advertised, and most talked about VPN providers in the file-sharing and anonymity space. Rather than trying to decipher what their often-confusing marketing lingo really means, we asked them two direct questions instead:

1. Do you keep ANY logs which would allow you or a 3rd party to match an IP address and a time stamp to a user of your service? If so, exactly what information do you hold?

2. Under what jurisdictions does your company operate and under what exact circumstances will you share the information you hold with a 3rd party?

This article does not attempt to consider the actual quality of service offered by any listed provider, nor does it consider whether any service is good value for money. All we are interested in is this: Do they live up to claims that they provide a 100% anonymous service? So here we go, VPN providers in the file-sharing space first.

quote:

#InfoSec: How The NSA Intends to Eliminate Privacy on Earth

quote:

1 Geostationary satellites

Four satellites positioned around the globe monitor frequencies carrying everything from walkie-talkies and cell phones in Libya to radar systems in North Korea. Onboard software acts as the first filter in the collection process, targeting only key regions, countries, cities, and phone numbers or email.

2 Aerospace Data Facility, Buckley Air Force Base, Colorado

Intelligence collected from the geostationary satellites, as well as signals from other spacecraft and overseas listening posts, is relayed to this facility outside Denver. About 850 NSA employees track the satellites, transmit target information, and download the intelligence haul.

3 NSA Georgia, Fort Gordon, Augusta, Georgia

Focuses on intercepts from Europe, the Middle East, and North Africa. Codenamed Sweet Tea, the facility has been massively expanded and now consists of a 604,000-square-foot operations building for up to 4,000 intercept operators, analysts, and other specialists.

4 NSA Texas, Lackland Air Force Base, San Antonio

Focuses on intercepts from Latin America and, since 9/11, the Middle East and Europe. Some 2,000 workers staff the operation. The NSA recently completed a $100 million renovation on a mega-data center here—a backup storage facility for the Utah Data Center.

5 NSA Hawaii, Oahu

Focuses on intercepts from Asia. Built to house an aircraft assembly plant during World War II, the 250,000-square-foot bunker is nicknamed the Hole. Like the other NSA operations centers, it has since been expanded: Its 2,700 employees now do their work aboveground from a new 234,000-square-foot facility.

6 Domestic listening posts

The NSA has long been free to eavesdrop on international satellite communications. But after 9/11, it installed taps in US telecom “switches,” gaining access to domestic traffic. An ex-NSA official says there are 10 to 20 such installations.

7 Overseas listening posts

According to a knowledgeable intelligence source, the NSA has installed taps on at least a dozen of the major overseas communications links, each capable of eavesdropping on information passing by at a high data rate.

8 Utah Data Center, Bluffdale, Utah

At a million square feet, this $2 billion digital storage facility outside Salt Lake City will be the centerpiece of the NSA’s cloud-based data strategy and essential in its plans for decrypting previously uncrackable documents.

9 Multiprogram Research Facility, Oak Ridge, Tennessee

Some 300 scientists and computer engineers with top security clearance toil away here, building the world’s fastest supercomputers and working on cryptanalytic applications and other secret projects.

10 NSA headquarters, Fort Meade, Maryland

Analysts here will access material stored at Bluffdale to prepare reports and recommendations that are sent to policymakers. To handle the increased data load, the NSA is also building an $896 million supercomputer center here.

quote:

We were down a few hours earlier today. There's no need to worry, we haven't been raided this time. We're only upgrading stuff since we're still growing.

One of the technical things we always optimize is where to put our front machines. They are the ones that re-direct your traffic to a secret location. We have now decided to try to build something extraordinary.

With the development of GPS controlled drones, far-reaching cheap radio equipment and tiny new computers like the Raspberry Pi, we're going to experiment with sending out some small drones that will float some kilometers up in the air. This way our machines will have to be shut down with aeroplanes in order to shut down the system. A real act of war.

We're just starting so we haven't figured everything out yet. But we can't limit ourselves to hosting things just on land anymore. These Low Orbit Server Stations (LOSS) are just the first attempt. With modern radio transmitters we can get over 100Mbps per node up to 50km away. For the proxy system we're building, that's more than enough.

But when time comes we will host in all parts of the galaxy, being true to our slogan of being the galaxy's most resilient system. And all of the parts we'll use to build that system on will be downloadable.

quote:

Rogers’ “Cybersecurity” Bill Is Broad Enough to Use Against WikiLeaks and The Pirate Bay

Congress is doing it again: they’re proposing overbroad regulations that could have dire consequences for our Internet ecology. The Cyber Intelligence Sharing and Protection Act of 2011 (H.R. 3523), introduced by Rep. Mike Rogers and Rep. Dutch Ruppersberger, allows companies or the government1 free rein to bypass existing laws in order to monitor communications, filter content, or potentially even shut down access to online services for “cybersecurity purposes.” Companies are encouraged to share data with the government and with one another, and the government can share data in return. The idea is to facilitate detection of and defense against a serious cyber threat, but the definitions in the bill go well beyond that. The language is so broad it could be used as a blunt instrument to attack websites like The Pirate Bay or WikiLeaks. Join EFF in calling on Congress to stop the Rogers’ cybersecurity bill.

Under the proposed legislation, a company that protects itself or other companies against “cybersecurity threats” can “use cybersecurity systems to identify and obtain cyber threat information to protect the rights and property” of the company under threat. But because “us[ing] cybersecurity systems” is incredibly vague, it could be interpreted to mean monitoring email, filtering content, or even blocking access to sites. A company acting on a “cybersecurity threat” would be able to bypass all existing laws, including laws prohibiting telcos from routinely monitoring communications, so long as it acted in “good faith.”

The broad language around what constitutes a cybersecurity threat leaves the door wide open for abuse. For example, the bill defines “cyber threat intelligence” and “cybersecurity purpose” to include “theft or misappropriation of private or government information, intellectual property, or personally identifiable information.”

Yes, intellectual property. It’s a little piece of SOPA wrapped up in a bill that’s supposedly designed to facilitate detection of and defense against cybersecurity threats. The language is so vague that an ISP could use it to monitor communications of subscribers for potential infringement of intellectual property. An ISP could even interpret this bill as allowing them to block accounts believed to be infringing, block access to websites like The Pirate Bay believed to carry infringing content, or take other measures provided they claimed it was motivated by cybersecurity concerns.

The language of “theft or misappropriation of private or government information” is equally concerning. Regardless of the intent of this language, the end result is that the government and Internet companies could use this language to block sites like WikiLeaks and NewYorkTimes.com, both of which have published classified information. Online publishers like WikiLeaks are currently afforded protection under the First Amendment; receiving and publishing classified documents from a whistleblower is a common journalistic practice. While there’s uncertainty about whether the Espionage Act could be brought to bear against WikiLeaks, it is difficult to imagine a situation where the Espionage Act would apply to WikiLeaks without equally applying to the New York Times, the Washington Post, and in fact everyone who reads about the cablegate releases. But under Rogers' cybersecurity proposal, the government would have new, powerful tools to go after WikiLeaks. By claiming that WikiLeaks constituted “cyber threat intelligence” (aka “theft or misappropriation of private or government information”), the government may be empowering itself and other companies to monitor and block the site. This means that the previous tactics used to silence WikiLeaks—including a financial blockade and shutting down their accounts with online service providers—could be supplemented by very direct means. The government could proclaim that WikiLeaks constitutes a cybersecurity threat and have new, broad powers to filter and block communication with the journalistic website.

Congress is intent on passing cybersecurity legislation this year, and there are multiple proposals in the House and the Senate under debate. But none is as poorly drafted and dangerously vague as the Rogers bill. We need to stop this bill in its tracks, before it can advance in the House and before the authors can negotiate to place this overbroad language into other cybersecurity proposals.

Internet security is a serious problem that needs to be addressed. But we don’t need to sacrifice our civil liberties to do so. Help us safeguard the web by contacting Congress today.

quote:

Syrian activists targeted by fake YouTube

Spoof site can plant malware on PCs of people who leave comments on videos, pressure group warns

Syrian activists are being targeted by a fake version of Google's YouTube video site which plants malware on the PCs of people who leave comments on videos shown there, the Electronic Frontier Foundation has warned.

The EFF, a pressure group for free speech online, said that the site has been used to target people watching videos showing the conflict inside Syria, and that it may have captured the login details for Google accounts belonging to activists inside or outside the country. It also warns that the site offers a fake "update" to the Flash software used on most PCs to view video content.

The discovery ratchets up the online attacks against Syrian anti-government activists, who have been increasingly targeted by malware which is capable of capturing webcam details, turning off antivirus programs and capturing passwords.

The organisation warned last week that it had found two cases of pro-Syrian government malware – which can take over a machine or silently watch everything that the user types – being sent as web links in emails and chat.

It found that that malware sent back details to an internet address, 216.6.0.28, which has been assigned to the Syrian Telecommunications Establishment – indicating that unlike the vast majority of malware, which is used by criminals to download bank or other details and controlled via machines on the wider web, this one connects back to an official address inside Syria. That makes it likely that it is controlled by agencies acting for the Syrian government. The online security company Symantec detailed the effects of the malware in February.

The EFF warns people who have recently viewed such videos that they should check the security of their Google account, including the enabling of "two-factor authentication" – which requires special login details and will send a warning to the user's phone if the account is accessed from a different machine than the one which they normally use.

The fake YouTube uses the same layout as the official one, with Arabic script as Syrian users would expect.

YouTube has become an important channel for Syrian activists trying to get news about attacks by the government on citizens and locations out to the rest of the world. Videos uploaded to the site have revealed detail about the effects of shelling on cities and the killing of citizens. By targeting those who watch such videos, pro-government activists might be able to build up information about the networks and members of activist groups.

In a statement, the EFF noted that "EFF is deeply concerned about this pattern of pro-government malware targeting online activists in authoritarian regimes. We will continue to keep a close eye on future developments in this area."

quote:

Doc outrage: Anonymous 'behind' web-siege on Russian TV channel

The Russian faction of Anonymous has claimed responsibility for a cyber-attack on a Russian TV station's website. The outage follows a controversial documentary about Russian protestors produced by NTV.

One of Russia's major TV channels, NTV says its website was down for eleven hours Monday after DDoS attacks 'claimed by Anonymous.'

The site was under continuous threat of serious hacker attacks since last Friday, after the network showed a controversial documentary on the Russian opposition's protests that sparked a wave of outrage.

Anonymous admitted it was behind the cyber attack on March 16. “ntv.ru Tango down!” one member of Russian Anonymous posted to their twitter account.

“Protests Anatomy,” the documentary which sparked the attacks, was first aired last Thursday. Focusing on protests that have been taking place in Moscow ever since the 2011 parliamentary election, NTV speculated about whether protestors were paid from outsideof the country.

The documentary features a number of 'exposing videos' which are said to prove that many protestors were taking part in opposition mass-rallies for money. The reaction was explosive – shortly after the broadcast, a hashtag in Russian – #НТВлжет (#NTVlies) – made it to the top of worldwide trends on Twitter. Many were quick to label the program as outright propaganda, accusing NTV of fabrications and disinformation.

On Sunday, people angry at the channel gathered outside Moscow’s main TV center, which headquarters NTV, for an unsanctioned protest. Dozens were detained, but were released shortly after.

Gazprom-Media Holding, the owner of the channel, has slammed the hackers' attacks: "NTV is an informational and publicist channel that covers all aspects of societal life, and presents a palette of opinions and moods. Programs broadcasted are a matter of discussions of issues of the day. I believe the attacks violate democratic mechanisms and freedom of speech," said Nikolay Senkevich, general director of Gazprom Media.

quote:

Obama zet zich in voor vrij internet in Iran

Obama wil zich sterker inzetten voor het vrije internet in Iran. De Amerikaanse president beschuldigt Iran ervan een ‘elektronisch gordijn’ te hebben opgetrokken. Burgers hebben er geen toegang tot vrije informatie, zegt de president.

De Verenigde Staten zullen het makkelijker gaan maken voor Amerikaanse bedrijven om software Iran in te krijgen. Met die software moeten Iraniërs makkelijker van internet gebruik kunnen maken, zei Obama vandaag volgens persbureau Reuters in een videobericht aan het Iraanse volk.

Obama meent dat Iran een ‘elektronisch gordijn’ heeft opgetrokken om een vrije uitwisseling van ideeën en informatie tegen te houden. Hij roept de Iraanse regering op te stoppen met het blokkeren van informatie voor burgers, en voor het respecteren van hun universele rechten.

Tegelijkertijd gaf Obama aan dat er geen reden is voor een verdeling tussen de Verenigde Staten en Iran. Obama zei dat hij wil dat Iraniërs weten dat Amerika de dialoog zoekt om hun visie en wensen te horen. De president gaf de videotoespraak ter gelegenheid van het Iraanse nieuwjaar.

De opmerkingen van Obama komen tijdens verhoogde spanningen tussen Iran en de VS rond het nucleaire programma van Iran. Obama zei dat als Iraanse regering een “verantwoordelijk pad” volgt, het welkom is in de internationale gemeenschap terug te keren. Iran houdt vol dat het nucleaire programma vreedzaam van aard is en dat het niet bezig is kernwapens te ontwikkelen.

quote:

Judge Lifts Twitter Ban On "Anonymous" 14

MARCH 19--Over objections from the Department of Justice, a judge has lifted a Twitter ban on 14 accused members of “Anonymous” now under indictment for their alleged roles in a coordinated online assault against PayPal, an attack prosecutors contend was carried out via the social networking site.

Ruling on motions filed by several defendants, Magistrate Judge Paul Grewal stated that since government lawyers did not sufficiently link “allegedly criminal activities to use of a Twitter account,” the defendants were free to use the microblogging service. Grewal’s order was filed Friday in U.S. District Court in San Jose, California.

In a January court filing, defendant Vincent Kershaw argued that bail conditions barring his use of Twitter unduly burdened his First Amendment right to engage in political discourse. Kershaw, 28, contended that the Twitter ban prohibited him from “even perusing such critical communications from our own President or engaging in the Twitter Town Halls in any manner.”

In opposing Kershaw’s motion, a prosecutor described Twitter as one of the “principle tools through which the members of the Anonymous hacking group planned and coordinated their criminal activities.”

Kershaw, pictured in the above mug shot, also sought permission to use Internet Relay Chat so that he could participate in “political debate” and “political speech” in IRC chat rooms. That motion was denied by Grewal, who ruled that Kershaw and his codefendants are allowed “substantial internet use for purposes that include political discourse.”

Kershaw, a Colorado landscaper, and his codefendants were charged last July with conspiracy and intentional damage to a protected computer for allegedly participating in an “Anonymous”-organized denial of service attack on PayPal. The felony counts carry a combined maximum of 15 years in prison and a $500,000 fine.

The December 2010 online assault--dubbed “Operation Avenge Assange”--was prompted by the suspension of WikiLeaks’s PayPal account in the wake of the publication of classified Department of State cables by the group headed by Julian Assange. (3 pages)

twitter:

AnonOpsRomania twitterde op dinsdag 20-03-2012 om 22:05:57 Dutch biggest ISP's website Ziggo.nl Database leaked http://t.co/g2UjuI4O VIA @anonyINTRA #Anonymous #AntiSec reageer retweet

quote:

http://pastebin.com/Qpa4MMMU
#author:
AnonyINTRA
AnonbiH

#Target:
Ziggo.nl

-----------------------------------------------------------------------------------------------
Ya, as some proof some few costumers information.

quote:

Op woensdag 21 maart 2012 14:41 schreef picodealion het volgende:

[..]

Virusmelding op die pastebin link.

quote:

NSA Chief Denies, Denies, Denies Wired’s Domestic Spying Story

NSA chief General Keith Alexander faced tough — and funny — questions from Congress Tuesday stemming from Wired’s story on the NSA’s capabalities and warrantless wiretapping program.

Congressman Hank Johnson, a Georgia Democrat, asked Alexander whether the NSA could, at the direction of Dick Cheney, identify people who sent e-mails making fun of his inability to hunt in order to waterboard them.

Alexander said “No,” adding that the “NSA does not have the ability to do that in the United States.” Elaborating, Alexander added: “We don’t have the technical insights in the United States. In other words, you have to have [...] some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We’re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information.”

That statement seemingly contradicts James Bamford’s story, The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say), as well as stories from The New York Times, the Los Angeles Times, USA Today and Wired, which collectively drew a picture of the NSA’s post-9/11 foray into wiretapping the nation’s telecommunication’s infrastructure to spy on Americans without getting warrants.

Bamford writes:

. In the process — and for the first time since Watergate and the other scandals of the Nixon administration — the NSA has turned its surveillance apparatus on the US and its citizens. It has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. It has created a supercomputer of almost unimaginable speed to look for patterns and unscramble codes. Finally, the agency has begun building a place to store all the trillions of words and thoughts and whispers captured in its electronic net. And, of course, it’s all being done in secret. To those on the inside, the old adage that NSA stands for Never Say Anything applies more than ever.

But in testimony Tuesday in front of the House Armed Services subcommittee on Emerging Threats and Capabilities, Alexander responded to questions about the program, saying the NSA did not have the capability to monitor, inside the United States, Americans’ text messages, phone calls and e-mails. He added that if the NSA were to target an American, the FBI would take the lead and fill out the paperwork. (That’s an odd statement, since the process for targeting an American by the intelligence services is for the NSA to fill out the paperwork, submit it to the Justice Department and then send it to a secret court, according to statements by former Director of National Intelligence Michael McConnell.)

Alexander and Johnson both mispronounced Bamford’s name as Bashford (a Freudian slip). But it’s an odder mistake by Alexander, given that Bamford is the premier chronicler of the NSA.

It’s hard to tell here whether Alexander is parsing the questions closely, misspeaking or telling the truth. The heads of the intelligence service have a long tradition of misspeaking or telling untruths that advance their agenda. President George Bush himself on the re-election campaign trail said that no American had been wiretapped without a warrant, which was plainly false, according to numerous news stories and the government’s own admissions of the program.

In the aftermath of those half-truths, the Congress passed, and Bush signed into law, the FISA Amendments Act, which re-wrote the nation’s surveillance laws to give the NSA a much freer hand to wiretap American infrastructure wholesale.

Court challenges to the program, brought by the EFF and the ACLU, attempted to argue that even allowing the NSA to harvest Americans’ communications alongside foreigners into giant databases violated American law and the US Constitution. However, those challenges have never survived the Bush and Obama administration’s invocation of the “state secrets” privilege to have them thrown out of court.

Which is another way of saying that Americans have no idea what’s going on. Given the choice between an administration official saying nothing is going on and a respected reporter with inside sources saying something wicked this way comes, I know where my trust would lie.

Hank asks NSA director tough questions about wiretaps, e-mail intercepts

quote:

DHS Turns Over Occupy Wall Street Documents to Truthout

quote:

The Department of Homeland Security (DHS) closely monitored the Occupy Wall Street movement, providing agency officials with regular updates about protests taking place throughout the country, responding to requests from fusion centers for intelligence on the group and mining Twitter for information about Occupy's activities, according to hundreds of pages of documents DHS released to Truthout Wednesday morning in response to our Freedom of Information Act (FOIA) request.

quote:

http://truth-out.org/file(...)elease_OWS_Part1.pdf

I left both of you voice mail messages in which I described this issue in greater detail.
There is attached to this email a threat bulletin being disseminated by the Office of Emergency Management in Pittsburgh in which it discusses the threat posed by the Occupy Pittsburgh campaign and the hackers’ group: Anonymous. Both myself and (IO deployed to the PACIC Center in Harrisburg) are somewhat concerned that several items contained in this Intel Bulletin might be advocating surveillance and other countermeasures to be employed against activities protected under the 1st Amendment. Would either one or both of you be able to see what could be developed from this document that could take back to the Intel staff that produced this so that in the future they have a greater awareness of how to develop intelligence assessments that don’t undermine Constitutionally protected speech and assembly rights? Thanks in advanced, really appreciate all your help.

quote:

Documents Show Homeland Security Was Tracking Occupy Wall Street Even Before The First Protest

The Department of Homeland Security has been tracking the Occupy Wall Street movement since well before protesters first took Zuccotti Park last September, according to internal DHS memos obtained by Business Insider through a Freedom of Information Act Request.

The documents show that DHS alerted its agents to the Wall Street protests — and specifically the involvement of the hacker group Anonymous in organizing the protests — sometime before the Sept. 17 kickoff of the protests in downtown Manhattan.

In an undated memo, titled "Details On 'Anonymous' Upcoming Operations: 17 September 2011: Occupy Wall Street; U.S. Day of Rage," the DHS Office of Intelligence notes that the hacker group had came out in support of the planned Sept. 17 Wall Street protests. The memo provides details of a YouTube video released by Anonymous that called on protesters "to adopt a non-violent 'Tahrir-acampadas model,'" and to "flood into lower Manhattan, set up tents, kitchens, peaceful barricades and occupy Wall Street for a few months."

The memo warns that AdBusters, the original organizers of the OWS protests, had also planned a demonstration on the National Mall to coincide with the 10th anniversary of the invasion of Iraq in October 2011.

Another DHS Intelligence memo provides further warnings about the impact and likelihood of upcoming Anonymous Operations.

According to that memo, DHS cybersecurity analysts considered it "likely" that that peaceful OWS protests would occur on Sept. 17, and that "those protests may be accompanied by malicious cyber activity conducted by Anonymous."

The memo says analysts considered it unlikely that Anonymous would follow through with threats to launch a coordinated attack against Facebook on Nov. 5 2011.

On Anonymous's "Project Mayhem," — a year-long effort that will end with an "unveiling of secrets" on Dec. 21 2012 — the DHS warns that "inconsequential physical mischief and potentially disruptive malicious cyber activities" are expected, but "specific tactics, techniques, and procedures are unknown."

The memo also mentions an "Operation Halliburton" but says that "little is known" about the potential operation, which presumably targets the U.S. oilfield services giant.

Two other memos obtained by BI warn about Anonymous' threats to take down the New York Stock Exchange and to hack Fox News' website over the network's coverage of the OWS movement.

The documents were released to Business Insider today in response to a FOIA request we filed when reports first started circulating that DHS helped coordinate the nationwide OWS crackdown last November.

Although we have only made it through some of the 408 documents, what we've seen so far indicates that while the agency reluctant to get involved in the Occupy protests (at least initially), Homeland Security was definitely keeping tabs on the movement from the outset.

Read the memos below.

Read more: http://www.businessinside(...)2012-3#ixzz1pmgAeMeE

quote:

Brein wil omzeilen van verbod Pirate Bay aanpakken

Stichting Brein sommeert mensen die het klanten van Ziggo en Xs4all via een omweg het mogelijk maken om toch op The Pirate Bay te komen om hier onmiddellijk mee te stoppen.

Enkele Nederlandse beheerders van zogeheten proxyservers hebben een brief gekregen van de auteursrechtenorganisatie. Dat meldt de website Tweakers.net.

Ziggo en XS4ALL blokkeerden onlangs al de toegang tot torrentsite The Pirate bay, nadat de rechtbank in Den Haag ze daar toe had verplicht in een door Brein aangespannen zaak. Abonnees zouden muziek, films of games uitwisselen via The Pirate Bay en daarmee inbreuk maken op auteursrechten.

Volgens Brein-directeur Tim Kuik bieden de beheerders van proxyservers opzettelijk omzeiling van een rechterlijk verbod aan. “Als zij niet voldoen houden wij ze aansprakelijk voor schade”, zegt hij aan Tweakers.net. Onduidelijk is hoeveel mensen een beschikking en een sommatie hebben gekregen.

Brein daagde vorige maand internetproviders UPC, KPN, Tele2 en T-Mobile voor de rechter in een poging ook deze bedrijven ertoe te bewegen de website The Pirate Bay te blokkeren. De zaak dient 19 april.

quote:

T E L E C O M I X opsyria has established a secure dropbox

quote:

#opsyria has established a secure dropbox, administrated by LulzPanda, where you can put informations and files to publish without fear of being identified.

quote:

Exposed: Inside the NSA’s Largest and Most Expansive Secret Domestic Spy Center in Bluffdale, Utah

A new exposé in Wired Magazine reveals details about how the National Security Agency is quietly building the largest spy center in the country in Bluffdale, Utah, as part of a secret NSA surveillance program codenamed "Stellar Wind." We speak with investigative reporter James Bamford, who says the NSA has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. The Utah spy center will contain near-bottomless databases to store all forms of communication collected by the agency. This includes the complete contents of private emails, cell phone calls and Google searches, as well as all sorts of personal data trails — parking receipts, travel itineraries, bookstore purchases and other digital "pocket litter." "The NSA has constantly denied that they’re doing things, and then it turns out they are doing these things," Bamford says in response to NSA Director General Keith Alexander’s denial yesterday that U.S. citizens’ phone calls and emails are being intercepted. "A few years ago, President Bush said before camera that the United States is not eavesdropping on anybody without a warrant, and then it turns out that we had this exposure to all the warrantless eavesdropping in the New York Times article. And so, you have this constant denial and parsing of words." [includes rush transcript]

quote:

Sarkozy wil bezoek terroristische sites bestraffen – ‘campagne weer begonnen’

Sarkozy wil het bezoeken van terroristische websites en het reizen naar terroristische kampen in Afghanistan en Pakistan strafbaar stellen. Daarnaast wil hij strafrechtelijke maatregelen tegen “indoctrinatie” van islamisten, zei hij vanmiddag in een verklaring na de dood van de Franse schutter.

Sarkozy reageerde vanmiddag in een verklaring op het nieuws dat de schutter die zeven mensen in Frankrijk heeft vermoord, vanochtend gedood is bij een hevig vuurgevecht.

De Franse president zei dat Frankrijk het bezoeken van websites die oproepen tot terrorisme, haat of geweld strafbaar gaat maken. “Frankrijk zal geen rekrutering en ideologische indoctrinatie op zijn grondgebied tolereren”, zei Sarkozy. Daarnaast wil hij onderzoeken of gevangenissen gebruikt worden om extremisme in Frankrijk te propaganderen.

quote:

Anonymous Hacks Christian Websites In Mexico: “POPE is not welcome, out out!!!!!”

Anonymous Hispano, the Mexican branch of the online hacktivist collective based in Latin America lay siege to two Mexican websites on Tue, March 20 in protest of Pope Benedict XVI's upcoming visit in an cyber-operation referred to as #opFariseo (hypocrite) on Twitter. The hackers succeeded in temporarily knocking the websites offline and defacing them with their own message: "Hacked system. The POPE is not welcome, out out!!!!!"

Both hacked websites were linked to the Pope's planned visit to the country this Friday through Monday, before the religious leader continues his tour in Cuba. The website of the Achdiocese of Mexico was down for several hours on Tue. March 20 as was the website of the Institute of Communications and Philosophy (Comfil), which is usually devoted to teaching philosophy.

On their Facebook page, Anonymous Hispano confirmed that the websites were "hacked for supporting Benedict XVI). In a corresponding YouTube video the hacktivists claimed that the Pope's visit was connected to political campaigning for the upcoming Mexican presidential elections on July 1, and is an effort to throw the Catholic Church's support behind the current ruling party and to "keep the population shrouded in lies."

They also argue that the Pope's visit will not include any chances to witness the country's intense poverty and violence. Instead he will only see "a country of lies and facades where everything will apparently be wonderful."

In an explanatory message on Pastebin in Spanish, Anonymous Hispano posted a manifesto of sorts, titling the cyber-attack "Operation Freeloader," in a reference to the Pope. The message goes on to state that the collective believes Mexico should be a secular nation, and described the alliance of church and state in Mexico as an "irrefutable fact." (Read the full translated message below).

Anonymous has conducted operations in Mexico before, targeting the notorious drug cartels in the past when members of the hacktivist collective were held captive by the Mexican warlords.

quote:

TERRORIST Facebook pages leaked from CIA.

quote:

Source: Roger Landry WTPNetwork™(312-94876)
Updated List (3/17/12) These groups, pages and websites will be added to the terrorists watch list pending investigation.

quote:

List of Partner Forums

A Free and Voluntary Society
"Action Group to Uphold the Constitution"
Anarcho-Capitalism
Columbia Missouri for Ron Paul 2012
End the War on Drugs
Growing Organic, Eating Organic

quote:

Shopping For Zero-Days: A Price List For Hackers' Secret Software Exploits

A clever hacker today has to make tough choices. Find a previously unknown method for dismantling the defenses of a device like an iPhone or iPad, for instance, and you can report it to Apple and present it at a security conference to win fame and lucrative consulting gigs. Share it with HP’s Zero Day Initiative instead and earn as much as $10,000 for helping the firm shore up its security gear. Both options also allow Apple to fix its bugs and make the hundreds of millions of iPhone and iPad users more secure.

But any hacker who happens to know one Bangkok-based security researcher who goes by the handle “the Grugq”–or someone like him–has a third option: arrange a deal through the pseudonymous exploit broker to hand the exploit information over to a government agency, don’t ask too many questions, and get paid a quarter of a million dollars–minus the Grugq’s 15% commission.

That iOS exploit price represents just one of the dozens of deals the Grugq (pictured above) has arranged in his year-old side career as a middle man for so-called “zero-day” exploits, hacking techniques that take advantage of secret vulnerabilities in software. Since he began hooking up his hacker friends with contacts in government a year ago, the Grugq says he’s on track to earn a million in revenue this year. He arranged the iOS deal last month, for instance, between a developer and a U.S. government contractor. In that case, as with all of his exploit sales, he won’t offer any other details about the buyer or the seller.

Even with the $250,000 payout he elicited for that deal, he wonders if he could have gotten more. “I think I lowballed it,” he wrote to me at one point in the dealmaking process. “The client was too happy.”

A six-figure price for a single hacking technique may sound extravagant, but it’s hardly unique. Based on speaking with sources in this secretive but legal trade, I’ve assembled a rough price list for zero-day exploits below.



Each price assumes an exclusive sale, the most modern version of the software, and, of course, not alerting the software’s vendor. Some fees might even be paid in installments, with each subsequent payment depending on the vendor not patching the security vulnerabilities used by the exploit. In some cases the techniques would need to be used in combination to be effective.

An exploit’s price factors in both how widely the target software is used as well as the difficulty of cracking it. A technique that allows a hacker to gain control of a Mac OSX machine after hacking an application might earn only a fraction of one that targets Windows, for instance, because of Windows’ greater market share. But an iOS exploit pays more than one that targets Android devices partly because it requires defeating Apple’s significantly tougher security features. That means most agencies can simply develop their own Android attacks, the Grugq says, while ones that can penetrate the iPhone are rare and pricey. For the Jailbreakme 3 iOS exploit created by the hacker Comex last year, the Grugq says he heard agencies would have been eager to pay $250,000 for exclusive use of the attack.

Who’s paying these prices? Western governments, and specifically the U.S., says the Grugq, who himself is a native of South Africa. He limits his sales to the American and European agencies and contractors not merely out of ethical concerns, but also because they pay more. “Selling a bug to the Russian mafia guarantees it will be dead in no time, and they pay very little money,” he says, explaining that he has no contacts in the Russian government. ”Russia is flooded with criminals. They monetize exploits in the most brutal and mediocre way possible, and they cheat each other heavily.”

As for China, he says that the country has too many hackers who sell only to the Chinese government, pushing down prices. “The market is very depressed,” he says. Other regions like the Middle East and the rest of Asia can’t match Western prices either.

As a result, the Grugq earns 80% of his revenue from the U.S., though occasionally the developers who work with him have asked that he sell only to Europeans. Over more than a decade in the hacker scene, he’s met enough federal agents to have contacts at multiple U.S. agencies, and he knows how to package his developer’s exploits for sale to those buyers, with professional marketing and support. “You’re basically selling commercial software, like anything else. It needs to be polished and come with documentation,” he says. “The only difference is that you only sell one license, ever, and everyone calls you evil.”

One of the most vocal of those critics is Chris Soghoian, a privacy activist with the Open Society Foundations, who has described the firms and individuals who sell software exploits as “the modern-day merchants of death” selling “the bullets of cyberwar.”

“As soon as one of these weaponized zero-days sold to governments is obtained by a ‘bad guy’ and used to attack critical U.S. infrastructure, the shit will hit the fan,” Soghoian warned in a talk at the Kaspersky analyst summit in February. “Security researchers should not be selling zero-days to middle man firms…These firms are cowboys and if we do nothing to stop them, they will drag the entire security industry into a world of pain.”

The Grugq sees no ethical compromise in his work. “The Chinese are conducting espionage on a massive scale. [Soghoian] wants to ban sales of software–sorry, exploits–to the U.S. and European allies?” he asks. “The only possible outcome is that the Chinese will increase their internal production and skills and the…West will fall behind.”

Anyway, he adds, he doesn’t believe banning the sale of exploit code wouldn’t make users more secure. “That’ll work just as well at eliminating exploits as the war on drugs has worked at eliminating drugs,” he says.

The Grugq is hardly alone in his industry. Small firms like Vupen, Endgame and Netragard buy and sell exploits, as do major defense contractors like Northrop Grumman and Raytheon.

Netragard’s founder Adriel Desautels says he’s been in the exploit-selling game for a decade, and describes how the market has “exploded” in just the last year. He says there are now “more buyers, deeper pockets,” that the time for a purchase has accelerated from months to weeks, and he’s being approached by sellers with around 12 to 14 zero-day exploits every month compared to just four to six a few years ago.

Desautels won’t offer much about exactly who his customers are. But he says not every buyer aims to use his zero-days for spying. He claims to have recently sold a browser exploit for $125,000 to a private sector client for who aimed to use it merely as a proof-of-concept for marketing purposes. Other buyers use Netragard’s exploits for penetration testing, he says. “If you test a bullet proof vest, you use a bullet, not a squirt gun,” says Desautels.

Nonetheless, he says that the firm is “extremely careful” about choosing its customers. “We reject a lot more people than we accept,” he says. “Realistically, we’re selling cyberweaponry.”

And what about the option of selling the exploits to the software vendor itself, so that it can patch the targeted program? Firms like Mozilla and Facebook offer developers a few thousand dollars for reporting bugs. Google typically offers a maximum of $3,133.70 for information about the most complex flaws in its software, a number that’s meant to spell out “elite” in hacker slang.

But a four-figure price is hardly elite enough for the Grugq. ”If they want their bugs fixed, they can buy them at market rates like everyone else,” he says. “From each according to their ability, to each according to their needs? That’s communism. If they want the output, they can pay for it like anyone else. They have my email.”

quote:

Planned BitTorrent Pirate Punishments Spark Protest

In a few months, millions of alleged BitTorrent pirates in the US will risk being punished by their Internet providers. While the plan was announced a year ago, protests against it have only started to heat up this week. In just a few days more than 90,000 people have signed a petition asking their Internet providers not to participate, and many more are expected to follow.

Last year the MPAA and RIAA signed a ‘ground-breaking’ deal with all the major Internet providers in the United States.

In an attempt to deter online piracy, a third-party company will collect the IP-addresses of alleged infringers on BitTorrent and other public file-sharing networks.

The ISPs will then notify these offenders and tell them that their behavior is unacceptable. After six warnings the ISP may then take a variety of repressive measures, which include cutting off the offender’s connection temporarily.

After the initial announcement things went quiet, but that changed last week when the RIAA and the Center for Copyright Information confirmed that all major ISPs will start warning BitTorrent users this summer.

This renewed attention resulted in wide press coverage, and also sparked massive protests. Activist group Demand Progress quickly switched back to SOPA-style campaign mode and launched a petition asking ISPs to cut out of the deal.

“They’re selling us out,” the group writes.

“Just weeks after Internet users from across the globe came together to beat SOPA, the major ISPs are cutting a deal with Big Content to restrict web access for users who are accused of piracy.”

The call didn’t go unheard, and within 24 hours more than 60,000 people signed the petition. Today this number has swelled to more than 90,000 and the end still isn’t in sight.

Earlier this week the Electronic Frontier Foundation (EFF) also expressed its concerns over the so-called ‘graduated response’ system. They highlight that the agreement puts the burden of proof on the alleged file-sharers, which doesn’t seem fair considering the many wrongful accusations that can occur.

“One key problem is the arrangement shifts the burden of proof: rather than accusers proving infringement before the graduated response process starts against a subscriber, the subscriber must disprove the accusation in order to call a halt to it,” EFF writes.

“Worse, accused subscribers have to defend themselves on an uneven playing field. For example, they have only ten days to prepare a defense, and with only six pre-set options available. Of course, there’s no assurance that those who review the cases are neutral, and the plan sorely lacks consequences for an accuser who makes mistaken or fraudulent claims.”

The EFF informed TorrentFreak that they plan to launch an activism campaign in the near future to raise awareness of these issues.

How ‘bad’ the graduated warning system turns out to be largely depends on what punishments Internet providers intend to hand out. Needless to say, a temporary reduction in bandwidth is less severe than cutting people’s Internet access.

At TorrentFreak we are interested in finding out which third-party company will be hired to monitor people’s BitTorrent downloads, and how solid their evidence gathering methods are.

This is important, because the RIAA’s previous partner MediaSentry used rather shoddy techniques which resulted in many false accusations. The RIAA’s current partner DtecNet also has shortcomings as they fail to understand how BitTorrent works.

As we move closer to the July deadline more details should emerge. At the same time the online protests are also expected to increase, both through public initiatives and various advocacy groups. While it’s doubtful that they will ever get the same exposure as the SOPA revolt, there is no doubt that these protests will be noticed.

quote:

DOJ Signs New Rules To Let Intelligence Officials Access, Store And Search More Info About US Citizens

quote:

The Obama administration is moving to relax restrictions on how counterterrorism analysts may access, store and search information about Americans gathered by government agencies for purposes other than national security threats.

Attorney General Eric H. Holder Jr. on Thursday signed new guidelines for the National Counterterrorism Center, which was created in 2004 to foster intelligence sharing and to serve as a clearinghouse for terrorism threats.

The guidelines will lengthen to five years — from 180 days — the center’s ability to retain private information about Americans when there is no suspicion that they are tied to terrorism, intelligence officials said. The guidelines are also expected to result in the center making more copies of entire databases and “data-mining them” — using complex algorithms to search for patterns that could indicate a threat — than it currently does.

quote:

An Answer to Rose Collins, Mother of Jeremy Hammond

This letter is in response to http://finance.townhall.c(...)for_anonymous/page/2

Hello Rose,

I have read your open letter and would like to provide a response. Before I do that please understand the following: I am merely one Anon of many and I can only speak for myself. I do not know how many fellow Anons do agree with this, some may, others may in part while even more may totally disagree. But this does not matter, this is just the way Anonymous works.

I will not go into my involvement in Anonymous Operations but I can say that I have communicated with both Sabu and the online identity who is alleged to be your son Jeremy on more than one occasion. So the whole situation is not completely alien to me.

As for your first question: Yes, we do have lawyers. Within Anonymous and also outside, which are willing to support and defend Anons who have been arrested. You may have seen the websites http://anonlg.com/, http://freeanons.org/, and http://freehammond.org.

These are just the ones I can think of right now, there are more. Additionally the EFF (Electronic Frontier Foundation, http://www.eff.org) is willing to help. So yes, there is much help on the legal front and if you want to provide your son with additional legal help, I suggest you contact one of these volunteers.

To your second question: "If you do not forget or forgive, are you in agreement with Jeremy regarding imprisonment of those convicted of crimes?"

This is a tough one, but I will give you my own answer: I guess you won't find many lawyers that would argue that AntiSec related actions are not illegal at all, but I do *not* consider them criminal. This is an important difference. I think his actions were morally justifiable because he did not hack for his profit - never. He did it out of conviction, because he believed in a good cause. He is sick of the system we live in, which certainly is a view that many Anons share. While there are a large group of Anons that do not share the methods he used, this is not relevant to me (and my opinion on this does not matter). What is important is that Jeremy - in my belief - acted out of a conviction that is ethically honorable and I respect that.

Coming to Sabu. A very delicate subject, as you can imagine. From what I can see, the majority of Anons despise Sabu with all their guts and some may even want to do him physical harm. I do not consider myself one of them, mostly because there is so much information missing (and some information reported in the media may be outright false) so I dare not judge on this incident without having access to the full facts. Secondly, I believe that Sabu was also fighting for a good cause and I would think (and hope) that he hates himself for what he has done. If what the FBI claims is all true, I am certainly disappointed in him, as I would have never expected that Sabu - of all! - would commit such a treason. It was a very sad day for Anonymous when this came out.

Next question: "Who are you to decide that all government secrets must be exposed?"

Well, I am Anonymous and again, I can only speak for myself. As I said above, many Anons do not condone the actions done by groups such as LulzSec and AntiSec; these operations were certainly controversial. But many Anons believe that governments must become more transparent and less secretive, especially because we learn every day that the Government is filled with corruption, lies and greed. There are very good reasons that almost every Anon is also a strong supporter of Wikileaks.

As for your last question: I agree. While the banks and bankers certainly play a major role in all the problems the system has, and certainly are to blame for much suffering of the majority of the people, they are only part of the machinery. There are also politicians, mighty international companies, manipulating mass media and lobbies - they all have their role in the fuckup we are living in. But in the end it all comes down to money. And this is why bankers are one of the most obvious targets.

I hope this answer helps you in any way. As a final word I wish to say that I hope that Jeremy will have the best possible result in court and I wish you both the very best for the future.

Kindly,

An Anon