Nicola Hahn writes: While reporters clamor about the hacking of the Democratic National Committee, NSA whistleblower James Bamford offers an important reminder: American intelligence has been actively breaching email servers in foreign countries like Mexico and Germany for years. According to Bamford documents leaked by former NSA specialist Ed Snowden show that the agency is intent on “tracking virtually everyone connected to the Internet.” This includes American citizens.
So it might not be surprising that another NSA whistleblower, William Binney, has suggested that certain elements within the American intelligence community may actually be responsible for the DNC hack. This raises an interesting question: facing down an intelligence service that is in a class by itself, what can the average person do? One researcher responds to this question using an approach that borrows a line from the movie THX 1138: “The T-H-X account is six percent over budget. The case is to be terminated.”
Nicola Hahn writes: While top secret NSA documents continue to trickle into the public sphere tech industry leaders have endeavored to reassure anxious users by extolling the benefits of strong encryption. Rising demand among users for better privacy protection signifies a growth market for the titans of Silicon Valley and this results in a tendency to frame the issue of cyber security in terms of the latest mobile device. Yet whistleblowers from our intelligence services offer dire warnings that contrast sharply with feel good corporate talking points. Ed Snowden, for example, noted that under mass surveillance we’re essentially “tagged animals” who pay for our own tags. Hence there’s an argument to be made that the vast majority of network-connected gadgets enable monitoring far more than they protect individual liberty and perhaps in some instances the most secure option is to opt out.
Nicola Hahn writes: As the Department of Justice exerts legal pressure on Apple in an effort to recover data from the iPhone used by Syed Rizwan Farook, Apple’s CEO has publicly stated that “the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.”
But, as one Windows rootkit developer has observed, the existing functionality that the FBI seeks to leverage is itself a backdoor. Specifically, the ability to remotely update code on a device automatically, without user intervention, represents a fairly serious threat vector. Update features marketed as a safety mechanism can just as easily be wielded to subvert technology if the update source isn’t trustworthy. Something to consider in light of the government’s ability to steal digital certificates and manipulate network traffic, not to mention the private sector’s lengthy history of secret cooperation.
Nicola Hahn writes: One of the Intercept's founding editors has momentarily stepped away from his outlet to publish an op-ed piece with the Los Angeles Times. During the course of his article he openly repeats a couple of widespread talking points. For example he presumes that the primary mission of our intelligence services is to "find and stop people who are plotting terrorist attacks". A notion that’s been challenged by the BBC documentary series The Power of Nightmares. Greenwald also espouses the idea that the basic relationship between the government and hi-tech companies is adversarial. The subtext being that Silicon Valley wants to defend user privacy against government surveillance. Yet Ed Snowden’s own documents cast doubt on this assertion. That Greenwald assumes this stance is extraordinary. But then again he's never presented himself as a radical critic, has he?
Nicola Hahn writes: For years a veritable procession of high-ranking Pentagon officials, apparatchiks like Mike McConnell, Leon Panetta, Keith Alexander, and Admiral Mike Rogers, have made ominous public statements about foreign governments hacking the power grid and sending the United States hurtling into darkness. A couple of days ago the American public got a comic reminder of which threat vectors actually represent a genuine risk when a military blimp cut loose from its mooring at a base in Maryland and floated north into Pennsylvania. Before being "contained" by authorities the blimp's tether broke power lines near a city named Bloomsburg resulting in a widespread power outage. This incident underscores a reality that both the energy industry and Department of Homeland Security confirm: the truly serious dangers that our power grid faces aren't cyber, they're physical in nature.
Nicola Hahn writes: The pluralist stance of American politics contends that true power in the United States has been constitutionally vested in "the people" through mechanisms like the electoral process, freedom of speech, and the ability to establish political parties. The traditional view is that these aspects of our political system result in a broad distribution of power that prevents any one faction from gaining an inordinate amount of influence.
And today the New York Times has revealed the shortcomings of this narrative by publishing the names of the 158 wealthy families that have donated almost half of the money spent towards the 2016 presidential race. This group of donors is primarily Republican and is dominated by interests in the banking industry. These facts lend credence to the idea that national policy making is influenced heavily by a relatively small group of people. That the American body politic is largely controlled by a deep state.
Nicola Hahn writes: German automaker Volkswagen has been pilloried in the media for installing an emission defeat device in millions of cars. And rightly so. The Guardian estimates that VW’s emission hack could translate into something like a million tons of toxic gas spewed into the atmosphere every year. Equivalent to “the UK’s combined emissions for all power stations, vehicles, industry and agriculture.”
Sadly the practice of installing hidden code is far more widespread than it might appear. And while FBI officials and tech CEOs quibble over key escrow encryption there’s a horde of spies currently relying on hidden code to break into networks all over the planet. An inconvenient truth that certain executives are desperate for us to overlook and which raises unsettling political issues. Hidden code is control, it’s power.
Nicola Hahn writes: "The topic of key escrow encryption has once again taken center stage as former Secretary of Homeland Security Michael Chertoff has spoken out against key escrow both at this year’s Aspen Security Forum and in an op-ed published recently by the Washington Post. However the debate over cryptographic back doors has a glaring blind spot. As the trove of leaks from Hacking Team highlights, most back doors are implemented using zero-day exploits. Keep in mind that the Snowden documents reveal cooperation across the tech industry, on behalf of the NSA, to make products that were "exploitable". Hence, there are people who question whether the whole discussion over key escrow includes an element of theater. Is it, among other things, a public relations gambit, in the wake of the PRISM scandal, intended to cast Silicon Valley companies as defenders of privacy?"
Nicola Hahn writes: Back in March of 2000, one of the 9/11 hijackers called Osama bin Laden’s operation center in Yemen from his apartment in San Diego. For some reason the call was never investigated. Former NSA director Michael Hayden, in an interview with Frontline, claimed that the NSA was unable to determine that the phone call had originated from San Diego. He used this same explanation to help justify the bulk phone record collection program that was implemented under Section 215 of the Patriot Act. Thanks to James Bamford and a handful of NSA whistleblowers we know that Hayden was lying. The NSA was well aware of the caller’s identity and his location. The fact that intelligence officials didn’t follow up on this raises all sorts of disturbing questions.
Nicola Hahn writes: As American lawmakers run a victory lap after passing the USA Freedom Act of 2015, Edward Snowden has published an op-ed piece which congratulates Washington on its "historic" reform. He also identifies Apple Inc. as a champion of user privacy. Snowden states:
"Basic technical safeguards such as encryption — once considered esoteric and unnecessary — are now enabled by default in the products of pioneering companies like Apple, ensuring that even if your phone is stolen, your private life remains private."
This sort of talking point encourages the perception that Apple has sided with users in the battle against mass surveillance. But there are those who question Snowden's public endorsement of hi tech monoliths. Given their behavior in the past is it wise to assume that corporate interests have turned over a new leaf and won't secretly collaborate with government spies?
Nicola Hahn writes: The journalist who broke the story of the CIA's MHCHAOS program back in 1974 has just dropped another bombshell in the London Review of Books. According to a retired senior intelligence officer the CIA's narrative about torture playing a key role in the capture of Osama bin Laden is a fabrication fed to the public with the assistance of Hollywood executives (Zero Dark Thirty). Here's an excerpt of assertions:
"That bin Laden had been a prisoner of the ISI at the Abbottabad compound since 2006; that Kayani and Pasha knew of the raid in advance and had made sure that the two helicopters delivering the Seals to Abbottabad could cross Pakistani airspace without triggering any alarms; that the CIA did not learn of bin Laden’s whereabouts by tracking his couriers, as the White House has claimed since May 2011, but from a former senior Pakistani intelligence officer who betrayed the secret in return for much of the $25 million reward offered by the US, and that, while Obama did order the raid and the Seal team did carry it out, many other aspects of the administration’s account were false."
This puts the CIA's stance on the torture report in a whole new light. Doesn't it? Also note the role played by the Saudis, and how worried they were that bin Laden might "start talking to us about what the Saudis had been doing with al-Qaida. And they were dropping money – lots of it."
Nicola Hahn writes: While congress considers the merits of the USA Freedom Act of 2015, a bill which revises the business records provisions of the Patriot Act, a panel of judges in a federal appeals court has just thrown a clump of sand into the gears of the global panopticon. Overturning an earlier ruling, where federal judges dismissed a lawsuit filed by the ACLU, the United States Court of Appeals for the Second Circuit has ruled that the NSA’s bulk collection of telephone metadata is illegal. Yet there are unnamed intelligence officials who would probably refer to this as “hardly a change” as there are other, more sweeping, surveillance mandates (e.g. Section 702 and Executive Order 12333) that are still legal.
Nicola Hahn writes: The RSA conference is underway in San Francisco this week and a myriad of vendors are extolling the virtues of encryption-based corporate security products. Yet a series of recently published documents detail how the DEA and U.S. Army used Hacking Team’s Remote Control System (RCS) technology to subvert encryption and make off with sensitive data.
There are high-profile experts who believe that this sort of clandestine subversion is “perfectly reasonable” just so long as spying campaigns are carefully targeted. Yet Hacking Team’s RCS product is designed for mass deployment against hundreds of thousands of people. Hardly what could be called “targeted.” This raises important questions about the role of the private sector in mass surveillance. Some researchers would argue that mass surveillance is fundamentally driven by corporate interests. As Ed Snowden put it, “these programs were never about terrorism: they're about economic spying, social control, and diplomatic manipulation.” Cui Bono?
“Both are brutally expensive and arguably un-winnable. And in both cases, use of the word ‘war’ is a deliberate and calculated language choice. Americans are taught that a war is something an entire nation must fight, and something that requires sacrifice for the greater good. Considered in the context of government surveillance, both ‘wars’ are euphemisms for a specific kind of government rationalization.”
Indeed it’s not surprising that the word “cyberwar” has likewise been conspicuously wielded by officials in a deliberate effort to both enhance government control and channel hundreds of billions of dollars to the patronage networks of the defense industry.
Nicola Hahn writes: NSA director Mike Rogers spoke to a Senate Committee yesterday, admonishing them that the United States should bolster its offensive cyber capabilities to deter attacks. Never mind that deterrence is problematic if you can’t identify the people who attacked you.
In the past a speech by a spymaster like Rogers would have been laced with hyperbolic intimations of the End Times. Indeed, for almost a decade mainstream news outlets have conveyed a litany of cyber doomsday scenarios on behalf of ostensibly credible public officials. So it’s interesting to note a recent statement by the U.S. intelligence community that pours a bucket of cold water over all of this. According to government spies the likelihood of a cyber Armageddon is “remote.” And this raises some unsettling questions about our ability to trust government officials and why they might be tempted to fall back on such blatant hyperbole.