Paranoid Technology All things cybersecurity

18May/17Off

Wanna Cry?!!! We do…

The cyber-attack that happened earlier this week reminded us of the questions posed in our March post – Initial Thoughts on Wikileaks Vault 7 Leak Series:

This wikileak points to increasing erosion of public safety - despite having these tools at hand, world governments (US, UK, Germany) continue to push for encryption back doors. Equation Group’s leak (NSA) late 2016 and this latest CIA leak once again prove all organizations have their OpSec issues - the three letter agencies are themselves at risk; backdoors, once discovered, work just as well for foreign spies, cyber-criminals and script kiddies.  Who is protecting the innocent? “

Apparently no one… Is the NSA going to step up and accept responsibility? Maybe if hell freezes over – “Cannot either deny or confirm the existence of these weapons…” Well, everybody else did – who cares if you do or don’t?!!

Interestingly, even Chinese state media called for the NSA to take some responsibility, how ironic… Like they should be talking…

19Mar/14Off

NSA’s MYSTIC Program – Where is it deployed?

mystic-logoOn March 18 Washington Post published an article detailing another NSA program based on Snowden documents. According to these documents the NSA has a surveillance system that is capable of recording 100% of  a foreign country's phone calls.

Some details of the system - from the Washington Post article:

".... In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary.

The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage. ...."

16Mar/14Off

Zuckerberg Calls Obama about NSA’s antics…

fb-markzuckerbegMark Zuckerbeg apparently called President Obama the day after more revelations from Edward Snowden documents came into light that NSA was using a system called Turbine to emulate Facebook servers for hijacking user accounts and hacking into computer systems.

Zuckerberg who has been speaking against NSA's intrusive surveillance operations for a while now wrote on his page:

"I've called President Obama to express my frustration over the damage the government is creating for all of our future. Unfortunately, it seems like it will take a very long time for true full reform."

On his personal page Zuckerberg further said -

28Feb/14Off

GCHQ Tops the Cake with Spying on Yahoo Messenger

optic-nerveAccording to the Guardian newspaper British intelligence agency GCHQ collected millions of people's webcam chats and stored still images of them, including sexually explicit ones in a program called Optic Nerve. Wow! This really tops the cake and takes the UKUSA intelligence sharing agreement to a new level. Let's not forget the "Five Eyes" alliance with Canada, Australia and New Zealand either...

The implications of GCHQ's actions can be far reaching, given that quite a bit of the images captured were sexually implicit ones - just the thought of your government wanting to collect your naked images while chatting is extremely disturbing. Well the thought of being naked in front of the chat is a little disturbing too, but I guess one will think twice before doing that now. Especially the bad guys!

27Nov/12Off

Cyber Corps program trains spies for the digital age

LA Times - At the University of Tulsa school, students learn to write computer viruses, hack digital networks and mine data from broken cellphones. Many graduates head to the CIA or NSA.

 

Stalking is part of the curriculum in the Cyber Corps, an unusual two-year program at the University of Tulsa that teaches students how to spy in cyberspace, the latest frontier in espionage.

Students learn not only how to rifle through trash, sneak a tracking device on cars and plant false information on Facebook. They also are taught to write computer viruses, hack digital networks, crack passwords, plant listening devices and mine data from broken cellphones and flash drives.

It may sound like a Jason Bourne movie, but the little-known program has funneled most of its graduates to the CIA and the Pentagon's National Security Agency, which conducts America's digital spying. Other graduates have taken positions with the FBI, NASA and the Department of Homeland Security.

The need for stronger cyber-defense — and offense — was highlighted when Defense Secretary Leon E. Panetta warned in an Oct. 11 speech that a "a cyber-terrorist attack could paralyze the nation," and that America needs experts to tackle the growing threat.

"An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals," Panetta said. "They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country."

Panetta said the Pentagon spends more than $3 billion annually for cyber-security. "Our most important investment is in skilled cyber-warriors needed to conduct operations in cyberspace," he said.

....

Read the original article here.

14May/12Off

Pentagon opens classified cyber program to all defense contractors, ISPs

Here is a move that will be very interesting and in the direction of improving security in the age of BYOD...

The Obama administration is expanding to all military contractors a computer security program that shares classified threat information, Defense Department officials announced Friday. After a year of trials with select vendors, the Defense Industrial Base, or DIB, cybersecurity pilot program will invite all military vendors and their Internet service providers to voluntarily join the two-way information-sharing initiative.

10Feb/12Off

Hoping for a “Cyber Crisis”…

It is true, industrial espionage is a big problem in the U.S. - Russia and China were pointed out to be the two major conspirators stealing technology and trade secrets from American companies in a report sent to the Congress by the U.S. intelligence community last year... According to the report the loss is in billions of dollars. So what should be done, should we rely on the companies to protect themselves or ask for the government to step in?

17Jan/12Off

NSA Releases Secure Android OS Version

+

=

SE ANDROID

The National Security Agency (NSA) has released SE Android, a security-enhanced version of Android, which provides and enforces stricter access-control policies than those found in the popular mobile operating system by default. According to the project web site SE Android:

"Security Enhanced (SE) Android is a project to identify and address critical gaps in the security of Android. Initially, the SE Android project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps. However, the scope of the SE Android project is not limited to SELinux."

   
Stop SOPA