Entries Tagged "surveillance"

Page 33 of 93

Electronic Surveillance Failures Leading up to the 2008 Mumbai Terrorist Attacks

Long New York Times article based on “former American and Indian officials and classified documents disclosed by Edward J. Snowden” outlining the intelligence failures leading up to the 2008 Mumbai terrorist attacks:

Although electronic eavesdropping often yields valuable data, even tantalizing clues can be missed if the technology is not closely monitored, the intelligence gleaned from it is not linked with other information, or analysis does not sift incriminating activity from the ocean of digital data.

This seems to be the moral:

Although the United States computer arsenal plays a vital role against targets ranging from North Korea’s suspected assault on Sony to Russian cyberthieves and Chinese military hacking units, counterterrorism requires a complex mix of human and technical resources. Some former counterterrorism officials warn against promoting billion-dollar surveillance programs with the narrow argument that they stop attacks.

That monitoring collects valuable information, but large amounts of it are “never meaningfully reviewed or analyzed,” said Charles (Sam) Faddis, a retired C.I.A. counterterrorism chief. “I cannot remember a single instance in my career when we ever stopped a plot based purely on signals intelligence.”

[…]

Intelligence officials say that terror plots are often discernible only in hindsight, when a pattern suddenly emerges from what had been just bits of information. Whatever the reason, no one fully grasped the developing Mumbai conspiracy.

“They either weren’t looking or didn’t understand what it all meant,” said one former American official who had access to the intelligence and would speak only on the condition of anonymity. “There was a lot more noise than signal. There usually is.”

Posted on February 12, 2015 at 6:57 AMView Comments

National Academies Report on Bulk Intelligence Collection

In January, the National Academies of Science (NAS) released a report on the bulk collection of signals intelligence. Basically, a year previously President Obama tasked the Director of National Intelligence with assessing “the feasibility of creating software that would allow the Intelligence Community more easily to conduct target information acquisition rather than bulk collection.” The DNI asked the NAS to answer the question, and the result is this report.

The conclusion is about what you’d expect. From the NAS press release:

No software-based technique can fully replace the bulk collection of signals intelligence, but methods can be developed to more effectively conduct targeted collection and to control the usage of collected data, says a new report from the National Research Council. Automated systems for isolating collected data, restricting queries that can be made against those data, and auditing usage of the data can help to enforce privacy protections and allay some civil liberty concerns, the unclassified report says.

[…]

A key value of bulk collection is its record of past signals intelligence that may be relevant to subsequent investigations, the report notes. The committee was not asked to and did not consider whether the loss of effectiveness from reducing bulk collection would be too great, or whether the potential gain in privacy from adopting an alternative collection method is worth the potential loss of intelligence information. It did observe that other sources of information—for example, data held by third parties such as communications providers—might provide a partial substitute for bulk collection in some circumstances.

Right. The singular value of spying on everyone and saving all the data is that you can go back in time and use individual pieces of that data. There’s nothing that can substitute for that.

And what the report committee didn’t look at is very important. Here’s Herb Lin, cyber policy and security researcher and a staffer on this report:

…perhaps the most important point of the report is what it does not say. It concludes that giving up bulk surveillance entirely will entail some costs to national security, but it does not say that we should keep or abandon bulk surveillance. National security is an important national priority and so are civil liberties. We don’t do EVERYTHING we could do for national security—we accept some national security risks. And we don’t do everything we could do for civil liberties—we accept some reductions in civil liberties. Where, when, and under what circumstances we accept either—that’s the most important policy choice that the American people can make.

Just because something can be done does not mean that 1) it is effective, or 2) it should be done. There’s a lot of evidence that bulk collection is not valuable.

Here’s an overview of the report. And a news article. And the DNI press release.

Posted on February 9, 2015 at 6:16 AMView Comments

NSA Using Hacker Research and Results

In the latest article based on the Snowden documents, the Intercept is reporting that the NSA and GCHQ are piggy-backing on the work of hackers:

In some cases, the surveillance agencies are obtaining the content of emails by monitoring hackers as they breach email accounts, often without notifying the hacking victims of these breaches. “Hackers are stealing the emails of some of our targets…by collecting the hackers’ ‘take,’ we…get access to the emails themselves,” reads one top secret 2010 National Security Agency document.

Not surprising.

Posted on February 6, 2015 at 9:39 AMView Comments

Basaaly Moalin: The One "Terrorist" Caught by Section 215 Surveillance

Remember back in 2013 when the then-director of the NSA Keith Alexander claimed that Section 215 bulk telephone metadata surveillance stopped “fifty-four different terrorist-related activities”? Remember when that number was backtracked several times, until all that was left was a single Somali taxi driver who was convicted of sending some money back home? This is the story of Basaaly Moalin.

Posted on January 26, 2015 at 5:51 AMView Comments

US Law Enforcement Also Conducting Mass Telephone Surveillance

Late last year, in a criminal case involving export violations, the US government disclosed a mysterious database of telephone call records that it had queried in the case.

The defendant argued that the database was the NSA’s, and that the query was unconditional and the evidence should be suppressed. The government said that the database was not the NSA’s. As part of the back and forth, the judge ordered the government to explain the call records database.

Someone from the Drug Enforcement Agency did that last week. Apparently, there’s another bulk telephone metadata collection program and a “federal law enforcement database” authorized as part of a federal drug trafficking statute:

This database [redacted] consisted of telecommunications metadata obtained from United Stated telecommunications service providers pursuant to administrative subpoenas served up on the service providers under the provisions of 21 U.S.C. 876. This metadata related to international telephone calls originating in the United States and calling [redacted] designated foreign countries, one of which was Iran, that were determined to have a demonstrated nexus to international drug trafficking and related criminal activities.

The program began in the 1990s and was “suspended” in September 2013.

News article. Slashdot thread. Hacker News thread.

EDITED TO ADD (1/19): Another article.

Posted on January 19, 2015 at 12:42 PMView Comments

Surveillance Detection for Android Phones

It’s called SnoopSnitch:

SnoopSnitch is an app for Android devices that analyses your mobile radio traffic to tell if someone is listening in on your phone conversations or tracking your location. Unlike standard antivirus apps, which are designed to combat software intrusions or steal personal info, SnoopSnitch picks up on things like fake mobile base stations or SS7 exploits. As such, it’s probably ideally suited to evading surveillance from local government agencies.

The app was written by German outfit Security Research Labs, and is available for free on the Play Store. Unfortunately, you’ll need a rooted Android device running a Qualcomm chipset to take advantage.

Download it here.

Posted on January 14, 2015 at 1:18 PMView Comments

How Surveillance Causes Writers to Self-Censor

A worldwide survey of writers affiliated with PEN shows a significant level of self-censoring. From the press release:

The report’s revelations, based on a survey of nearly 800 writers worldwide, are alarming. Concern about surveillance is now nearly as high among writers living in democracies (75%) as among those living in non-democracies (80%). The levels of self-censorship reported by writers living in democratic countries are approaching the levels reported by writers living in authoritarian or semi-democratic countries. And writers around the world think that mass surveillance has significantly damaged U.S. credibility as a global champion of free expression for the long term.

New York Times article. Hacker News thread. Slashdot thread.

Posted on January 12, 2015 at 6:10 AMView Comments

Merry Christmas from the NSA

On Christmas Eve, the NSA released a bunch of audit reports on illegal spying using EO 12333 from 2001 to 2013.

Bloomberg article.

The heavily-redacted reports include examples of data on Americans being e-mailed to unauthorized recipients, stored in unsecured computers and retained after it was supposed to be destroyed, according to the documents. They were posted on the NSA’s website at around 1:30 p.m. on Christmas Eve.

In a 2012 case, for example, an NSA analyst “searched her spouse’s personal telephone directory without his knowledge to obtain names and telephone numbers for targeting,” according to one report. The analyst “has been advised to cease her activities,” it said.

The documents were released in response to an ACLU lawsuit.

Another article.

EDITED TO ADD (12/27): Remember Edward Snowden’s comment that he could eavesdrop on anybody? “I, sitting at my desk, certainly had the authorities to wiretap anyone, from you, or your accountant, to a federal judge, to even the President if I had a personal email.” Lots of people have accused him of lying. Here’s former NSA General Counsel Stewart Baker: “All that makes Snowden’s claim about being able to wiretap anyone extremely unlikely—and certainly not demonstrated by the latest disclosures, despite Glenn Greenwald’s claims to the contrary.”

These documents demonstrate that Snowden is probably correct. In these documents, NSA agents target all sorts of random Americans.

Posted on December 26, 2014 at 6:29 AMView Comments

1 31 32 33 34 35 93

Sidebar photo of Bruce Schneier by Joe MacInnis.