Forgot your password?
typodupeerror

Comment: What, wait?! (Score 1) 66

RE 'US doesn't even trust the other Five Eyes nations' spy agencies to be able to do this?*"
Some data is kept private for 5 Eye political leaders and policy formation over decades or longer.
Some information needs to be laundered in public in the short term to ensure good public relations spin, good news for sock puppets on social media or new public funding for gov/mil.
The press finds a new story.

Comment: who is doing the spying? (Score 1) 70

by AHuxley (#48043271) Attached to: Hundreds of Police Agencies Distributing Spyware and Keylogger
Depends on the city, state or federal funding. In the past 10 or so years huge amounts of funding, contractors and quickly cleared staff having been moving around all over the USA.
Products have been sold, technical support and maintenance is in place for years covering federal and state needs.
Now its up to the locals to find something to do with the cell phone data, maps, voice prints, credit card usage, cctv, gunshot location systems and keystroke-capturing.
The information sorting is done by local or federal staff and then presented to local or federal officials to then put in for more funding or to buy in more private sector systems once new local patterns are found.
The only trick is to keep people buying cell phones and enjoying social media in near real time over decades.
The tracking systems are now in place down to the town, city and state level. The public just has to keep on having tame telco products on them at all times.

Comment: FBI hidden agenda (Score 1) 66

Follow the press and PR. The US was finding and stopping computer issues around the world in public.
The US was finding out about computer networks around the world.
Information was flowing back to the US using consumer grade networks and tools found in the wild using the pubic as cover.
Recall Operation CHAOS (or Operation MHCHAOS) https://en.wikipedia.org/wiki/... and COINTELPRO https://en.wikipedia.org/wiki/...
Just like now domestic groups where needed with liaison services.

Comment: Re:Malware infection vector? (Score 1) 28

by AHuxley (#48031577) Attached to: FBI Plans To Open Up Malware Analysis Tool To Outside Researchers
A person at a cafe, gym gets near a person who has clearance, a file worked on at home is infected, a well crafted email that is opened on an internal network.
With wireless, huge internal networks and new staff been security cleared for very sensitive positions over the past decade... it more connecting a project to staff to a location and working the needed code in.
Internal networks are well understood as they are the same product sold around the world, trusted or been expanded with security to be upgraded when done.
Ideas around cloud, sharing data, regional and national searching is also a new aspect to what was one air gapped. Contractors are also happy to suggest wider networking, upsell their network security and onging network support.

Comment: Re:if they give it away....... (Score 1) 28

by AHuxley (#48031491) Attached to: FBI Plans To Open Up Malware Analysis Tool To Outside Researchers
State-sponsored malware seems to be crafted per person or project so it can get past most of the existing behavioral analysis.
Or a gov just goes to hardware logging or social engineering after a sneak and peek visit.
Suspect files will just be the the same real time consumer system's behavior AV finds in the wild everyday :)

Comment: Re:I can't quite decide (Score 1) 82

by AHuxley (#48007805) Attached to: How the NSA Profits Off of Its Surveillance Technology
re "But I can't actually decide if making useful security tools available is somehow against our citizens' interests."
The tools offered will protect against distant man, expected in the wild man in the middle efforts.
The tools, tame crypto, tame academics, tame OS, tame source code will not protect against modern version or equivalents of TEMPEST like ideas.
The plain text, voice, call, gps, voice print or other network details will always be in the clear for gov tracking and parallel construction.
Just good enough for international work, always easy enough for realtime domestic decryption.

Comment: Re:Someone explain please (Score 1) 212

by AHuxley (#47992121) Attached to: Australian Senate Introduces Laws To Allow Total Internet Surveillance
Re But why? It can't be just the lobbyist money.
To the political class it becomes addictive. Reading embassy communications in the 1920's, WW2 Enigma. Australian staff became aware of a huge effort to listen to the world and wanted in after WW2.
Australia was warned by some of it's top military people not to sell out to the US and UK given Australia's role in WW2 (full exploitation of crypto in Australia, troops under the control of the UK) but the political leaders joined the 5 eyes.
The rest is history, from Soviet traffic in the late 1940's to the early role of ASIO, the Defence Signals Branch work on China in the 1950's, then Indonesia, Vietnam (Australian special forces with real time sigint support).
US Ryolite satellites got Australia into more ground station work with sites like Pine Gap and local support. DSD Geraldton took over from UK sites lost in Hong Kong.
After that its USA all the way. Generations of Australian staff know nothing but supporting roles.
What the USA and UK do not put into law, Australia may to have to to secure legally safe convictions. Parallel construction would not work so mass collection and self signed warrants are made legal.
User Journal

Journal: DoJ and FBI looking at users "concealed through technological means"

Journal by AHuxley

http://www.theregister.co.uk/2014/09/19/fbi_overseas_hacking_powers/
A change to Rule 41 of the Federal Rules of Criminal Procedure may allow for deeper searches into foreign countries that hide people wanting to protect their anonymity on the internet. Interesting times for darknet, Tor users, proxies or VPN users.

Comment: Re:What could possibly go wrong (Score 1) 241

by AHuxley (#47952631) Attached to: Putin To Discuss Plans For Disconnecting Russia From the Internet
Re: "Sure it'd be noticeable and some stuff would stop working, but it is certainly feasable."
Russia knows most of its spending on Western tech was useful but the reality of phone home or back doors, trap doors, poor quality crypto or other access cannot be totally understood network wide.
The ability to turn the net off to bulk external chatter would be a safe option for Russia to have fully explored over time. Russia can then just let its air gapped internal networks function and Russians would understand the reason why.
Academic, science and other larger institutions would be fine on wide national local networks. Domestic phones would work. Russian language sites would show when connecting to any local isp.
The US could think of it in terms of the quality built into the older POTS networks from the 1950-1980's per building, city, regional site, workers kept on site and expensive voice and data redundancy.
Chinese backed credit card products will also help.

Comment: fortress on foundations of sand. (Score 1) 236

by AHuxley (#47942391) Attached to: Apple's "Warrant Canary" Has Died
Thats why govs use number stations and one time pads. The data around any encryption use found is just so useful.
Every product sold that can be connected and used with a telco has to conform tech thats wide open to "Communications Assistance for Law Enforcement Act"
https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act

Comment: Re:There is no (Score 1) 236

by AHuxley (#47942239) Attached to: Apple's "Warrant Canary" Has Died
With a gov/mil buying spy software thats ready for average consumer phone products?
The running process and modules are looked at to ensure different drop/inject methods will get around any antivirus products found.
With your average consumer OS and devices, seconds after you enter your pw :)
Its like the 1950's and been given Western encryption hardware. The code works and the message will not be broken as sent.
Its just that using TEMPEST every plaintext keystroke in and print out is readable near the hardware.
That same fun idea has never left signals intelligence, get the world fixated on encryption, company branding, while a input layer just offers up all plaintext.

Comment: Re:The act of detecting changes your results (Score 1) 64

by AHuxley (#47941443) Attached to: London's Crime Hot Spots Predicted Using Mobile Phone Data
The GCHQ was very aware of this in the 1960's on and did all it could to ensure people saw radomes and satellite dishes as been for tracking Soviet movements deep into Eastern Europe.
ie not a gov ground station getting domestic calls.
UK law enforcement and political parties where more interested in phone calls, later cell phone tracking, rapid decryption of consumer grade computer encryption and getting legally safe convictions in closed courts.
Government Technical Assistance Centre (GCHQ Technical Assistance Centre), National Technical Assistance Centre and other units where set up to try and hide the GCHQ role in tracking and helping with crime from courts.
The problem the GCHQ had was that such details about such efforts would make it to the press, lawyers, the public and the people been tracked or court cases been worked on.
Smart people in the press, legal system and police forces quickly saw the new tasks and the interesting people changed methods away from easy signals intelligence just as the GCHQ had always predicted. All the UK police could do is try and find out who leaked but details about that leak hunt went public too.
Contrast with the US views around keeping all domestic call data and using it in court as a talking point.
The easy days of voice prints, "catch them in the act" or at least catch them quicker "after the fact" dont last if people dont need the the phone or computer.
The other option is to place or turn an informant but that has always been more interesting.

If Machiavelli were a hacker, he'd have worked for the CSSG. -- Phil Lapsley

Working...