Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

+ - XKEYSCORE: NSA'S Google for the World's Private Communications->

Advocatus Diaboli writes: "The NSA’s ability to piggyback off of private companies’ tracking of their own users is a vital instrument that allows the agency to trace the data it collects to individual users. It makes no difference if visitors switch to public Wi-Fi networks or connect to VPNs to change their IP addresses: the tracking cookie will follow them around as long as they are using the same web browser and fail to clear their cookies. Apps that run on tablets and smartphones also use analytics services that uniquely track users. Almost every time a user sees an advertisement (in an app or in a web browser), the ad network is tracking users in the same way. A secret GCHQ and CSE program called BADASS, which is similar to XKEYSCORE but with a much narrower scope, mines as much valuable information from leaky smartphone apps as possible, including unique tracking identifiers that app developers use to track their own users."


"Other information gained via XKEYSCORE facilitates the remote exploitation of target computers. By extracting browser fingerprint and operating system versions from Internet traffic, the system allows analysts to quickly assess the exploitability of a target. Brossard, the security researcher, said that “NSA has built an impressively complete set of automated hacking tools for their analysts to use.” Given the breadth of information collected by XKEYSCORE, accessing and exploiting a target’s online activity is a matter of a few mouse clicks. Brossard explains: “The amount of work an analyst has to perform to actually break into remote computers over the Internet seems ridiculously reduced — we are talking minutes, if not seconds. Simple. As easy as typing a few words in Google.”

Link to Original Source

+ - Controversial GCHQ Unit Engaged in Domestic Law Enforcement, Online propaganda ->

Advocatus Diaboli writes: The spy unit responsible for some of the United Kingdom’s most controversial tactics of surveillance, online propaganda and deceit focuses extensively on traditional law enforcement and domestic activities — even though officials typically justify its activities by emphasizing foreign intelligence and counter-terrorism operations. Documents published today by The Intercept demonstrate how the Joint Threat Research Intelligence Group (JTRIG), a unit of the signals intelligence agency Government Communications Headquarters (GCHQ), is involved in efforts against political groups it considers “extremist,” Islamist activity in schools, the drug trade, online fraud, and financial scams. Though its existence was secret until last year, JTRIG quickly developed a distinctive profile in the public understanding, after documents from NSA whistleblower Edward Snowden revealed that the unit had engaged in “dirty tricks” like deploying sexual “honey traps” designed to discredit targets, launching denial-of-service attacks to shut down internet chat rooms, pushing veiled propaganda onto social networks, and generally warping discourse online.
Link to Original Source

+ - Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks->

Advocatus Diaboli writes: Not long after blowing the lid off a National Security Agency-backed hacking group that operated in secret for 14 years, researchers at Moscow-based Kaspersky Lab returned home from February's annual security conference in Cancun, Mexico to an even more startling discovery. Since some time in the second half of 2014, a different state-sponsored group had been casing their corporate network using malware derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.

Further in the article..

While neither the US nor Israel has officially acknowledged any involvement with Stuxnet, New York Times reporter David Sanger's book Obama's Secret Wars and Surprising Use of American Power leaves little doubt the computer weapon was jointly developed by the two countries in an attempt to sabotage Iran's uranium enrichment program. Nearly identical code signatures in Stuxnet and the 2011 version of Duqu mean that whoever developed the latter had broad access to the Stuxnet source. And given the work schedules of the Duqu attackers, it seems likely they were physically located in or near Israel.

Link to Original Source

+ - New Snowden Documents Reveal Secret Memos Expanding Spying->

Advocatus Diaboli writes: Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents. In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought permission to target hackers even when it could not establish any links to foreign powers.

Link to Original Source

+ - NSA Planned to Hijack Google App Store to Hack Smartphones->

Advocatus Diaboli writes: "The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals. The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia."

"The newly published document shows how the agencies wanted to “exploit” app store servers – using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones."

Link to Original Source

+ - On the Dangers and Potential Abuses of DNA familial searching->

Advocatus Diaboli writes: Investigators last year turned to a controversial technique known as familial searching, which seeks to identify the last name of potential suspects through a DNA analysis focusing on the Y chromosome. A promising “partial match” emerged between the semen sample and the genetic profile of Usry’s father, Michael Usry Sr. — a finding that excluded the father but strongly suggested one of his relatives had a hand in the young woman’s murder. The results instantly breathed new life into a high-profile investigation in which Idaho Falls authorities have weathered intense criticism. But the story of how the police came to suspect the younger Usry and then eventually clear him of murder raises troubling questions about civil liberties amid the explosive — and increasingly commercial — growth of DNA testing. The elder Usry, who lives outside Jackson, Mississippi, said his DNA entered the equation through a project, sponsored years ago by the Mormon church, in which members gave DNA samples to the Sorenson Molecular Genealogy Foundation, a nonprofit whose forensic assets have been acquired by, the world’s largest for-profit genealogy company.
Link to Original Source

+ - ACLU-Obtained Documents Reveal Breadth of Secretive Stingray Use in Florida->

Advocatus Diaboli writes: The results should be troubling for anyone who cares about privacy rights, judicial oversight of police activities, and the rule of law. The documents paint a detailed picture of police using an invasive technology — one that can follow you inside your house — in many hundreds of cases and almost entirely in secret. The secrecy is not just from the public, but often from judges who are supposed to ensure that police are not abusing their authority. Partly relying on that secrecy, police have been getting authorization to use Stingrays based on the low standard of “relevance,” not a warrant based on probable cause as required by the Fourth Amendment.
Link to Original Source

+ - "SSL Hijacker" Behind Superfish Debacle Imperils Large Number of Users->

Advocatus Diaboli writes: The fake secure sockets layer certificate found on Lenovo machines preinstalled with Superfish came from none other than Komodia. It was bundled with a password-protected private encryption key, presumably to prevent it from being used by malicious hackers to create websites that spied on users as they visited HTTPS-protected pages. But as Ars reported Thursday, the measure was laughably easy to bypass, since it took Errata Security CEO Rob Graham just three hours to discover that the password was, you guessed it, "komodia."
Link to Original Source

+ - The Great SIM Heist: How Spies Stole The Keys To The Encryptation Castle->

Advocatus Diaboli writes: AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.
Link to Original Source

Comment: The NSA hides surveillance software in hard drives (Score 5, Informative) 115 115

Ya.. another related post from engadget ( "It's been known for a while that the NSA will intercept and bug equipment to spy on its soon-to-be owners, but the intellgency agency's techniques are apparently more clever than first thought. Security researchers at Kaspersky Lab have discovered apparently state-created spyware buried in the firmware of hard drives from big names like Seagate, Toshiba and Western Digital. When present, the code lets snoops collect data and map networks that would otherwise be inaccessible -- all they need to retrieve info is for an unwitting user to insert infected storage (such as a CD or USB drive) into an internet-connected PC. The malware also isn't sitting in regular storage, so you can't easily get rid of it or even detect it."

+ - How "omnipotent" hackers tied to NSA hid for 14 years and were found at last-> 2 2

Advocatus Diaboli writes: The money and time required to develop the Equation Group malware, the technological breakthroughs the operation accomplished, and the interdictions performed against targets leave little doubt that the operation was sponsored by a nation-state with nearly unlimited resources to dedicate to the project. The countries that were and weren't targeted, the ties to Stuxnet and Flame, and the Grok artifact found inside the Equation Group keylogger strongly support the theory the NSA or a related US agency is the responsible party, but so far Kaspersky has declined to name a culrit. NSA officials didn't respond to an e-mail seeking comment for this story. What is safe to say is that the unearthing of the Equation Group is a seminal finding in the fields of computer and national security, as important, or possibly more so, than the revelations about Stuxnet.
Link to Original Source

+ - Sites featuring "terrorism" or "child pornography" to be blocked in France->

Advocatus Diaboli writes: Now, the General Directorate of the National Police and its cybercrimes unit will be able to request that sites serving terrorist or pedophilia-related content be blocked by Internet Service Providers serving people in France and its territories. ISPs then have to comply with the request within 24 hours. ISPs will be able to request compensation from the French government for any extra costs incurred in blocking the sites. Users who navigate to a site “to which access is prohibited will be led to an informational page from the Ministry of the Interior,” the text of the decree said. The informational page will list the grounds for the blocking as well as any possibly remedies. Every quarter, French authorities will check whether the blocked pages still contain the offending material. If not, then the authorities will contact ISPs, which will have to unblock the sites, again within 24 hours.
Link to Original Source

+ - CSE tracks millions of downloads daily: Snowden documents-> 2 2

Advocatus Diaboli writes: Canada's electronic spy agency sifts through millions of videos and documents downloaded online every day by people around the world, as part of a sweeping bid to find extremist plots and suspects, CBC News has learned. Details of the Communications Security Establishment project dubbed "Levitation" are revealed in a document obtained by U.S. whistleblower Edward Snowden and recently released to CBC News. Under Levitation, analysts with the electronic eavesdropping service can access information on about 10 to 15 million uploads and downloads of files from free websites each day, the document says.
Link to Original Source

+ - US expands spy program on American drivers beyond border region->

Advocatus Diaboli writes: The revelation comes from new documents obtained and published late Monday by the American Civil Liberties Union (ACLU) under the Freedom of Information Act. The documents also show the DEA captured over 793 million license plates from May 2009 through May 2013 with the stated goal of drug-related asset forfeiture. "The government has essentially created a program of mass tracking," Catherine Crump, a former ACLU lawyer who now teaches at the University of California, Berkeley, told Ars. "The US has created a system where the government can track you and the American public simply has to accept it as a fait accompli."

Also see this link (

Link to Original Source

The early bird who catches the worm works for someone who comes in late and owns the worm farm. -- Travis McGee