Monthly Archives: August 2017

Data Encryption in OneDrive for Business and SharePoint Online

Posted on by

This documentation is archived and is not being maintained.

We are in the process of combining the SharePoint Server 2013 and SharePoint Server 2016 content into a single content set. We appreciate your patience while we reorganize things. See the Applies To tag at the top of each article to find out which version of SharePoint an article applies to.

Applies to: OneDrive for Business, SharePoint Online

Topic Last Modified: 2017-07-31

Summary: Learn how encryption of data security works in OneDrive for Business and SharePoint Online.

Understand the basic elements of encryption for data security in OneDrive for Business and SharePoint Online.

Office 365 is a highly secure environment that offers extensive protection in multiple layers: physical data center security, network security, access security, application security, and data security. This article specifically focuses on the in-transit and at-rest encryption side of data security for OneDrive for Business and SharePoint Online.

For a description of Office 365 security as a whole, see Security in Office 365 White Paper.

Watch how data encryption works in the following video.

In OneDrive for Business and SharePoint Online, there are two scenarios in which data enters and exits the datacenters.

Client communication with the server Communication to OneDrive for Business across the Internet uses SSL/TLS connections. All SSL connections are established using 2048-bit keys.

Data movement between datacenters The primary reason to move data between datacenters is for geo-replication to enable disaster recovery. For instance, SQL Server transaction logs and blob storage deltas travel along this pipe. While this data is already transmitted by using a private network, it is further protected with best-in-class encryption.

Encryption at rest includes two components: BitLocker disk-level encryption and per-file encryption of customer content.

BitLocker is deployed for OneDrive for Business and SharePoint Online across the service. Per-file encryption is also deployed in OneDrive for Business and SharePoint Online in Office 365 multi-tenant and new dedicated environments that are built on multi-tenant technology.

While BitLocker encrypts all data on a disk, per-file encryption goes even further by including a unique encryption key for each file. Further, every update to every file is encrypted using its own encryption key. Before theyre stored, the keys to the encrypted content are stored in a physically separate location from the content. Every step of this encryption uses Advanced Encryption Standard (AES) with 256-bit keys and is Federal Information Processing Standard (FIPS) 140-2 compliant. The encrypted content is distributed across a number of containers throughout the datacenter, and each container has unique credentials. These credentials are stored in a separate physical location from either the content or the content keys.

For additional information about FIPS 140-2 compliance, see FIPS 140-2 Compliance, and for AES with 256 bit see, Keep Your Data Secure with the New Advanced Encryption Standard.

File-level encryption at rest takes advantage of blob storage to provide for virtually unlimited storage growth and to enable unprecedented protection. All customer content in OneDrive for Business and SharePoint Online will be migrated to blob storage. Heres how that data is secured:

All content is encrypted, potentially with multiple keys, and distributed across the datacenter. Each file to be stored is broken into one or more chunks, depending its size. Then, each chunk is encrypted using its own unique key. Updates are handled similarly: the set of changes, or deltas, submitted by a user is broken into chunks, and each is encrypted with its own key.

All of these chunksfiles, pieces of files, and update deltasare stored as blobs in our blob store. They also are randomly distributed across multiple blob containers.

The map used to re-assemble the file from its components is stored in the Content Database.

Each blob container has its own unique credentials per access type (read, write, enumerate, and delete). Each set of credentials is held in the secure Key Store and is regularly refreshed.

In other words, there are three different types of stores involved in per-file encryption at rest, each with a distinct function:

Content is stored as encrypted blobs in the blob store. The key to each chunk of content is encrypted and stored separately in the content database. The content itself holds no clue as to how it can be decrypted.

The Content Database is a SQL Server database. It holds the map required to locate and reassemble all of the content blobs held in the blob store as well as the keys needed to decrypt those blobs.

Each of these three storage componentsthe blob store, the Content Database, and the Key Storeis physically separate. The information held in any one of the components is unusable on its own. This provides an unprecedented level of security. Without access to all three it is impossible to retrieve the keys to the chunks, decrypt the keys to make them usable, associate the keys with their corresponding chunks, decrypt any chunk, or reconstruct a document from its constituent chunks.

Follow this link:
Data Encryption in OneDrive for Business and SharePoint Online

ESET reveals what to watch out for before you buy encryption – SecurityBrief NZ

Posted on by

Encryption services are becoming a focus for organisations and decision makers as new data protection laws such as the GDPR come in but when faced with a market flooded by various products and little time to make the right choice, it can be difficult to find the one that best fits individual needs, ESET says.

The company has assembled a list of the five questions organisations should ask before buying encryption.

1.Which laptops present the biggest risk; on-site or off-site?

This might seem like a pointless question with an obvious answer; systems are more liable to loss or theft when away from the office, but making this distinction and keeping it in mind is the right place to start and when you have settled on a solution, be sure to test its effectiveness at managing problem scenarios for your remote users.

2.Does the system offer full remote control of off-site endpoint encryption that fits your IT department?

All major Endpoint Encryption products offer the means to manage remote systems, but look carefully at the requirements. Most need either an open incoming connection to a demilitarized zone (DMZ) on your Server, or a VPN connection. All involve a higher level of IT skills and additional costs and may require the user to initiate the connection to function; not much use with a rogue employee or stolen laptop. A well-designed product will give you the remote management necessary without creating additional security problems, requiring specialist knowledge or adding expense to the project.

Why is this important?

Being able to quickly vary security policy, encryption keys, features and operation of endpoint encryption remotely, means that your default policy can be strong and tight. Exceptions can be made only when and where they are needed, and reverted just as easily. If you can't do this you'll be forced to leave 'a key under the doormat' - just in case, tearing holes in your policy before deployment is complete.

3.Does the solution allow you to remotely lock or wipe keys from laptops?

The answer might be crucial if a company computer with full-disk encryption gets stolen while in sleep mode or with operating system booted up, not to mention those systems with the pre-boot password affixed on a label or tucked in the laptop bag. If a remote lock or wipe function is not available, then the system is either unprotected or secured only by the OS password, with the encryption being bypassed in either case.

Similarly, it is important to know whether the solution has been designed to accommodate the typical use-cases that would otherwise unravel a well-designed security policy.

4.Does the solution secure removable media without having to whitelist each item?

With an array of writeable devices that people use for their everyday work, it is almost impossible for the admins to whitelist each and every one of them and decide if they can be read from or written to.

It is much easier to set a file-level policy-- distinguishing between files that need encryption and those that don't-- and keep these protected every time they move from workstation or corporate network to any portable device.

In other words, if you connect your own USB stick, it won't force you to encrypt your private data, however anything coming from the company system will be encrypted without the keys being held on your device. A simple idea, but one which makes any device safe, without the need for whitelisting.

5.Is the solution easy to deploy?

If the setup of the solution takes hours or even days and needs additional tools for its operation, it might cause new headaches for company admins and create new security risks. Aim for an easy-to-deploy solution that doesn't require advanced IT expertise, preserving your finances as well as human resources. If the user-experience mirrors that easy deployment, then IT staff won't be further taxed by user-lockouts, lost data and other frustrations.

Closing remarks: The security was there a long time ago; what will make or break your deployment is flexibility and ease of use.

All validated, commercial encryption products have been more than strong enough for many years, yet a significant proportion of the recorded data breaches involving lost or stolen laptops and USB drives happened to organizations who had bought and deployed encryption products. Reading the case notes for these incidents reveals being able to fit the solution your environment and working practices and making encryption easy for everyday users as the real challenges.

See original here:
ESET reveals what to watch out for before you buy encryption - SecurityBrief NZ

Facebook won’t change React.js license despite Apache developer pain – The Register

Posted on by

Facebook's decided to stick with its preferred version of the BSD license despite the Apache Foundation sin-binning it for any future projects.

The Foundation barred use of Facebook's BSD-plus-Patents license in July, placing it in the Category X it reserves for disallowed licenses.

Facebook's BSD+Patents license earned that black mark because the Foundation felt it includes a specification of a PATENTS file that passes along risk to downstream consumers of our software imbalanced in favor of the licensor, not the licensee, thereby violating our Apache legal policy of being a universal donor.

Apache's decision became a problem because Facebook's React UI-building JavaScript library has been widely adopted by projects that also code licensed in ways the Foundation approves. Developers are therefore faced with disentangling React if they want to stay on the right side of the T&Cs.

Developers who didn't fancy that work therefore kicked off a GitHub thread calling for Facebook to change React's licence.

But despite describing the situation developers face as painful, Facebook's engineering director Adam Wolff has explained that The Social Network won't be changing anything.

Wolff's asserts that Facebook adores open source and likes to give as good as it gets, but says As our business has become successful, we've become a larger target for meritless patent litigation that sucks up time and money.

Facebook could have walked away from open source, he says, but instead decided to add a clear patent grant when we release software under the 3-clause BSD license, creating what has come to be known as the BSD + Patents license. The patent grant says that if you're going to use the software we've released under it, you lose the patent license from us if you sue us for patent infringement.

Wolff says Facebook believes that if this license were widely adopted, it could actually reduce meritless litigation for all adopters, and we want to work with others to explore this possibility.

As Facebook likes its license and feels it is commercially necessary to keep The Social Network in the world of open source but out of legal strife, Wolff says the company won't change it. Discussions with Apache about a compromise have come up empty.

We recognize that we may lose some React community members because of this decision, Wolff writes. We are sorry for that, but we need to balance our desire to participate in open source with our desire to protect ourselves from costly litigation. We think changing our approach would inhibit our ability to continue releasing meaningful open source software and increase the amount of time and money we have to spend fighting meritless lawsuits.

Sponsored: The Joy and Pain of Buying IT - Have Your Say

Read the original:
Facebook won't change React.js license despite Apache developer pain - The Register

Introduction to Cryptocurrency – Crypto Currency Facts

Posted on by

Cryptocurrency facts takes a simplified look at digital currency like bitcoin to help everyone understand what it is, how it works, and its implications. On this site, we cover everything you need to know about:

As of 2017, cryptocurrency has been used as a decentralized alternative to traditional fiat currencies (which are usually backed by somecentral government)such asthe US dollar (USD).

For theaverage person using cryptocurrency is as easy as:

What is a cryptocurrency address?: A public address is a unique string of charactersused to receive cryptocurrency. Each public address has a matching private address that can be used to prove ownership of thepublic address. WithBitcoin the addressis called a Bitcoin address. Think of it like a unique email address that people can send currency to as opposed to emails.

The first decentralized digital cryptocurrency can be traced back to Bit Gold, which was worked on by Nick Szabo between 1998 and 2005. Bit gold is considered the first precursor to bitcoin. In 2008,Satoshi Nakamoto (an anonymousperson and/or group) released a paper detailing what would become Bitcoin.

Bitcoin became the first decentralized digital coin when it was created in 2008. Itthen went public in2009. As of 2015, Bitcoinis the most commonly known cryptocurrency. Given thepopularity of Bitcoin as well asits history, the term altcoin is sometimes used to describe alternative cryptocurrenciesto bitcoin.

As of January 2015, there wereover 500different types of cryptocurrencies or altcoins for trade in online markets. However,only 10 of them had market capitalizations over $10 million.As of 2017 thetotal market capitalization of all cryptocurrencies reached an all-time high passing $60 billion!

In other words, cryptocurrency isnt just a fad, it is likely a growing market that (despite its pros and cons) is likely here for the long haul.

On this site, we explore every aspect of cryptocurrency. Simply choose a page from the menu,visitour what is cryptocurrency page for a more detailed explanation of cryptocurrency, or jump right in to the how cryptocurrency works section to start learning about transactions, mining, and public ledgers.

Originally posted here:
Introduction to Cryptocurrency - Crypto Currency Facts

Media A-Listers Back eSports Betting Firm As It Dives Into Cryptocurrencies – Deadline

Posted on by

Talk about trendy: An investment group that includes Mark Cuban, Ashton Kutcher, Elisabeth Murdoch, and Shari Redstone is feeling lucky about a business that aims to become a power in betting on eSports with cryptocurrencies.

The A-listers have invested in Unikrn, an eSports betting company. And it says today that beginning September 22 it hopes to persuade consumers to spend $100 million on its own currency, UnikoinGold, which is based on the Ethereum software platform.

The company, founded in 2014, says that its currency will be accessible around the world and allow users to earn prizes, hardware, and exclusive features.

The value of the tokens will be determined by the utility and turnover of the token itself from within the Unikrn platform as well as the value of the token on the free market, the company adds.

Betting on e-Sports is only legal in a few countries including the U.K., Ireland, and Australia.

Unikrn CEORahul Sood says that the company is in the middle of testing our eSports skill betting platform that will allow [U.S.] customers to use UnikoinGold for betting.Much of this has been in development for the last two years, we will start launching new applications 90 days after our token sale is complete.

Buyers should beware: Rules and structures governing eSports competitions are still evolving.

And cryptocurrency markets are even more turbulent although Bitcoins are making news this week with valuations hitting new highs after appreciating 750% over the last year.

The SEC recently found that coin offerings are covered by securities laws, although its not clear whod be covered since valuations are determined by a decentralized market. The IRS is looking into how tax laws apply to cryptocurrencies. And there are lingering concerns that criminals use the computer-based currencies to launder money, sell illegal drugs, or commit fraud.

Sood says the decentralized market for UnikoinGold tokens would give users more autonomy and opportunity to participate on our platform, with flexibility to trade in a more open marketplace. Our improved eSports betting system is creating a new world of opportunity for cryptocurrency wagering that is legal, safe and fun. Competitive gaming thrives on innovation, risk and reward, and we believe that UnikoinGold is the breakthrough that the eSports world has been waiting for.

See more here:
Media A-Listers Back eSports Betting Firm As It Dives Into Cryptocurrencies - Deadline

Meet Charlie Lee, Inventor Of Litecoin Cryptocurrency – International Business Times

Posted on by

If future generations buy their coffee with cryptocurrency, they will have globetrotting programmer Charlie Lee to thank for it.

Lee was born in the Ivory Coast, West Africa, immigrated to the United States at 13 and now lives in the Bay Area. He read a Wired article about the Silk Road black market back in 2011, when Lee was still a Google software engineer who dabbled in gold trading on the side. Intrigued, heimmediately reached out to Bitcoin Core developer Mike Hearn and bought a bitcoin from Hearn. Soon Lee was mining bitcoin and buying computer equipment off the darknet.

That was when bitcoin was $30, Lee told International Business Times. I fell in love with bitcoin, seeing it as really good money, better than gold. It wasnt long until Lee started playing around with the idea of his own blockchain cryptocurrency, inspired by bitcoin. His code copied bitcoins features and mechanisms in almost every way. The biggest difference was to make the tokens work faster than bitcoin and be more cost-effective.

I really didnt expect it to become what it is today, he said. Just for fun... I wanted to create silver to bitcoins gold. Lee left Google and worked at the worlds most popular bitcoin exchange, Coinbase, before dedicating himself completely to his brainchild litecoin in the summer of 2015.

Silver is cheaper and lighter, so the idea is people will use it more as a currency, were as gold would not be used for daily spending, Lee said. Over the years, you see how bitcoin transactions are costing more in fees, and litecoin transactions are still relatively cheap. In fact, thats kind of the whole idea behind the comparison.

Because bitcoin operates on a decentralized network run by contributors around the world, transactions are slow and users pay a portion of their tokens to use the networks computing power. The price goes up when demand rises, just like it does with Ethereums gas system. Litecoin transactions cost a pittance compared to its bulkier predecessors.

Today, most people use litecoin for trading and currency exchanges. Most users still cant pay for services with it or use it for business transactions like Ripples XRP. Even so, some websites like Yours.org are switching from bitcoin to litecoin payments because its easier. If you have a site ready for bitcoin, its just like one or two code changes and you can start running it on litecoin, Lee said. Overstock.com recently started accepting litecoin, and where that megastore site goes other retailers often follow.

There are now reportedly 50 cryptocurrency ATMs around the world that use litecoin, which reached a peak price of $56 in July. Bitcoin, being the most secure and most decentralized, will handle the most expensive transactions, he said. Litecoin will be used for more everyday transactions, like buying food and coffee.

Lee just hired two full-time employees, meaning the whole litecoin operation is run bythree people, including Lee himself. Most unpaid contributors are hobbyists participating through open source communities. Were not really based anywhere, were all working remotely. Communicating online. The developers are all over the world, Lee said. The whole purpose of the [Litecoin] foundation is so we can raise money to hire more developers.

Given how limited their resources are, the litecoin team has already accomplished some incredible feats. Litecoin is now one of the worlds top 10 cryptocurrencies, with a market cap well over $2 billion. The technology behind it is much more cutting edge and flexible than bitcoin itself, thanks toscaling solutions called SegWit and Lightning.

Bitcoin is like a highway, where developers argue over how to add extra lanes as traffic piles up. Meanwhile, nimble little litecoin is much closer to adding new metaphorical roads and ramps altogether, so people can hop on and off the highway whenever they need to.

The vision is that you can easily convert between the two [bitcoin and litecoin], via Lightning networks. So you can store most of your money in bitcoin and, if you ever need to spend it, you can easily convert to litecoin and spend it, Lee said. Bitcoins fees will still be high. So if you are spending five dollars, and the fee is five dollars, it wont be worth it.

Lee isnt trying to dethrone bitcoin. He just thinks it is better suited to high value transactions. The thing about a decentralized network is, it is by nature inefficient. Every node in the network needs to process every transaction and hold a copy of every transaction, he said. We need to split up the work between various different currencies.

All of this wouldnt be possible without the work of people like Elizabeth Stark, the CEO of Lightning Labs. Shes working to implement her blockchain solution for multiple currencies including both bitcoin and litecoin. Despite her no-nonsense approach, revamping a headless infrastructure is inherently tricky. While Lee jokes on Twitter about how the bitcoin community debates updates, Stark is already working with blockchain companies like Bitfury to test network capacities.

Its still hard to say when either currency will graduate from testing to full implementation with the Lightning Network, although litecoin has laid more groundwork so far. Litecoin has Segregated Witness [SegWit] activated, Stark told IBT. Itll be working on litecoin when we feel the software has reached a point where we feel comfortable with people using amounts of real currency. Which we will be soon.

What if, in order to send an email, you first had to download every email that anyone ever sent? That would take forever, right? Stark and Lee want to make it possible for blockchain networks to retain some of bitcoins security features without all of its bulk.

Lightning is like an added layer on top of everything, which changes the way the blockchain network itself works while simultaneously making it easier to build on that network. It enables instant clearing, Stark said. So you can instantly withdraw or deposit or send it to your friend or build apps.

She told IBT litecoin is better positioned to adapt to technological advancements than many other virtual tokens. Its implementing a lot of things that folks in bitcoin have wanted to do, but it takes them longer to get the community on board in a kind of consensus, Stark said. While litecoin can be iterative, put all these cool new technologies onto it without changing the direction in which its heading.

One of the coolest features the Lightning Network offers is the ability to transfer value between blockchain networks without needing an exchange or a trusted central party. Imagine handing a dollar to a cashier to buy coffee in Italy. As your hand moves, the bill magically shifts and becomes a euro. Its not a perfect metaphor, but it illustrates what cross-network compatibility can do. That is a new technology we havent seen yet, Stark said. In the future, Lee also wants to add more privacy features to litecoin.

Many experts believe cryptocurrency will continue to spread until it reaches widespread, global adoption for daily transactions. If that dream comes true within the next decade, litecoin will have paved the way.

Original post:
Meet Charlie Lee, Inventor Of Litecoin Cryptocurrency - International Business Times

2017 EFF Pioneer Award winners: Chelsea Manning, Mike Masnick and Annie Game – Boing Boing

Posted on by

The Electronic Frontier Foundation has announced the winners of the 2017 Pioneer Awards, "which recognize leaders who are extending freedom and innovation on the electronic frontier." They are whistleblower Chelsea Manning, Techdirt editor Mike Masnick and free expression defender Annie Game.

Congrats to all three! As a former winner myself, I count the Pioneer Award as one of the greatest honors ever bestowed on me, and I can't imagine three more deserving honorees.

There will be an awards ceremony on Sept 14 at Delancey Streets Town Hall Room in San Francisco, with a keynote from Full Frontal correspondent Ashley Nicole Black, $65 for EFF members and $75 for non-members.

Chelsea E. Manning is a network security expert, whistleblower, and former U.S. Army intelligence analyst whose disclosure of classified Iraq war documents exposed human rights abuses and corruption the government kept hidden from the public. While serving in Iraq, Chelsea worked to release hundreds of thousands of classified war and State Department files on the Internet, including a video depicting the shooting deaths of Iraqi civilians and two Reuters reporters by U.S. troops. Chelseas conscience-driven leaks exposed critical information about U.S. involvement in Iraq and Afghanistan and made it available online to journalists and citizens around the world, greatly contributing to public knowledge, understanding, and discussion of the governments actions. While serving seven years of an unprecedented 35-year sentence for leaking the documents, she became a prominent and vocal advocate for government transparency and transgender rights, both on Twitter and through her op-ed columns for The Guardian and The New York Times. She currently lives in the Washington, D.C. area, where she writes about technology, artificial intelligence, and human rights.

Mike Masnick is the founder and editor of the popular and respected Techdirt blog and an outspoken activist for digital rights, the First Amendment, and a free and open Internet. For 20 years Mike has explored the intersection of technology, policy, civil liberties, and economics, making Techdirt a must-read for its insightful and unvarnished analysis. He was a powerful voice in the fight against SOPA, and coined the term The Streisand Effect. Today Mike is in a fight for Techdirts survivalhe and the weblog are targets of a $15 million libel lawsuit for publishing articles disputing claims of a man who says he invented email. The case pits Mike and Techdirt against the self-proclaimed email inventor and his lawyer, who, bankrolled by Peter Thiel, brought down Gawker. Mike has vowed to stand up for a free and independent press and fight this attempt to silenceor drive out of businesshis blog for publishing First Amendment-protected opinions.

Annie Game is Executive Director of IFEX, a global network of over 115 journalism and civil liberties organizations that defends and promotes freedom of expression as a fundamental human right. IFEX exposes threats to online free expression, focuses on bringing to justice those who harm or kill journalists, and advocates for the rights of media workers, women and LGBT journalists, citizen journalists, and activists. For over 10 years Annie has led IFEXs efforts to free imprisoned journalists, defend online activists targeted by repressive regimes, provide tools for organizing successful campaigns advocating for free expression, and expose legislation aimed at quelling free speech. Under Annies leadership, IFEX has begun pairing more traditional free expression organizations with their more digitized counterparts with a focus on building organizational security capacities. Annie has been activist throughout her career in the NGO sector and is also a published writer and broadcaster of satire and humor.

Whistleblower Chelsea Manning, Techdirt Founder Mike Masnick, and Free Expression Defender Annie Game Named Electronic Frontier Foundation Pioneer Award Winners [EFF]

The whole magic community mourns the passing of Eugene Burger, at age 78. One of the most influential magicians of the 20th century, as well as an exceptional human being, he will be sorely missed by a vast network of loving friends, students and fans all the world over. The impact of Eugenes contribution to []

Back in 2011, The New York Review of Books inducted Daniel Pinkwaters classic Lizard Music into its canon with a handsome little hardcover edition; today they follow that up with a stylish, jazzy paperback, priced to move at $10.

My Walkaway book-tour is basically over, but Im taking a little victory lap tonight at my local library, the Buena Vista Branch of the Burbank Public Library. Hope to see you there!

The Pry.Me Bottle Opener holds tens of thousands of times its own weight, and you can pick one up now from the Boing Boing Store.This remarkable keychain is considerably smaller than any of your keys, but dont let that fool you: it can easily open any bottle, and could even tow a trailer full of []

Guaranteeing your privacy online goes way beyond checking the Do Not Track option in your browsers settings. To ensure that your internet activity is totally hidden from Internet Service Providers, advertisers, and other prying eyes, take a look at Windscribes VPN protection. It usually costs $7.50 per month, but you can get a 3-year subscription []

This project management bundle will help you get organized and learn how to lead a team to success. You can pay what you want for these five courses when you pick them up from the Boing Boing Store.To help you become an invaluable asset for your company, this bundle includes a curated collection of professional []

Read the rest here:
2017 EFF Pioneer Award winners: Chelsea Manning, Mike Masnick and Annie Game - Boing Boing

‘It’s very much a 1984 world’: Oliver Stone on making the film Snowden – Bendigo Advertiser

Posted on by

4 Sep 2016, 12:15 a.m.

Director Oliver Stone found the stakes were high in making a movie about US whistleblower Edward Snowden.

The core of the film centres around a tense six days inside a Hong Kong hotel room. Photo: Jurgen Olczyk

Few filmmakers have been as controversial as Oliver Stone. Photo: Chris Pizzello/Invision/AP

Joseph Gordon-Levitt plays Edward Snowden and Shailene Woodley his girlfriend Lindsay Mills. Photo: Gray Pictures

"Ed may go down in history as one of those guys who actually made a difference to his time," says director Oliver Stone. Photo: Jurgen Olczyk

The film Snowden centres on a tense six days inside a Hong Kong hotel room with Edward Snowden, played by Joseph Gordon-Levitt (pictured). Photo: Jurgen Olczyk

Oliver Stone has made a career of mapping out pivotal moments in American culture to bring us politicallycharged films such asPlatoon, Born on the Fourth of July, Nixon, The People vs. Larry Flynt and JFK. But when the 70-year-old Oscar-winning director became interested in making a movie about Edward Snowden the man responsible for what has been described as the most far-reaching security breach in USintelligence history he realised the stakes were much higher.

"Ed may go down in history as one of those guys who actually made a difference to his time," Stone says solemnly, as we sit in a hotel in San Diego, California, overlooking costumed fans at an annual Comic Con event. As he glances out the window, he can't help wondering if his movie will garner attention here from this community of geeks and outsiders.

"This is a huge issue, what this film raises," he declares in his booming voice, "and this is the beginning of a new generation that won't even know what they are losing. Ironically, a lot of them are here today, in the streets of San Diego, and I think many of them still take things for granted about their privacy."

The film begins in 2013, when Edward Snowden, played by Joseph Gordon-Levitt, has quietly left his job as a contractor at the US National Security Agency and flown to Hong Kong to meet with two journalists from The Guardian newspaper and an award-winning filmmaker. The virtuoso programmer was a self-declared patriot and former soldier who had become angry and disillusioned after discovering a mountain of data assembled by tracking all kinds of digital communications from ordinary citizens.

During the meeting in Hong Kong, he handed over a vast tranche of top-secret files that revealed US government cyber-surveillance programs of epic proportions, instantly making him one of America's most wanted men and anicon of popular culture at the same time.

Oliver Stone, no stranger to controversy, initially flew to Russia to meet with Snowden's lawyer, Anatoly Kucherena, about making a fiction movie loosely inspired by Snowden's own story. But once he was introduced to the youthful-looking reluctant hero trapped outside the US after his passport was revoked and granted temporary asylum in Russia his focus shifted.

"It was only after we had met three times, each time over a different trip, that we mutually decided to go ahead with the realistic version of his life story," Stone says.

"There was all this controversy, with some people saying he should be hanged and others wanting to give him a Nobel Prize, so we were looking for a story that reflected the reality of his present situation and decided the core of the 10-year journey in the film could be found in the tense six days inside that Hong Kong hotel room where they were all waiting to get the material out and had no idea who could come bursting into the room at any moment to arrest them all."

After a screening of the film at Comic Con, attended by Stone and his actors, a bespectacled Snowden made a surprise appearance via satellite and confessed he was still conflicted about the decision to collaborate on a movie. "I don't think anybody looks forward to having a movie made about themselves, particularly someone who is a privacy advocate," the 33-year-old exile said.

Despite those hesitations, Snowden agreed to make a compelling cameo appearance in the film. He said: "It made me nervous but I think there's a kind of magic to it and I think it works."

Gordon-Levitt recently won acclaim portraying real-life French high-wire artist Philippe Petit in the drama The Walk, but the 35-year-old actor known for films such as Inception and The Dark Knight Rises says this challenge was nothing like his previous roles.

"I've never been on the phone with a producer before a film to say, 'Can you guarantee me I'm going to be 100 per cent safe?' " Gordon-Levitt says. "But I went to Russia and it turned out I was quite safe and I got to spend about four hours with Ed and his girlfriend Lindsay Mills [who recently relocated to Russia to be with Snowden] and really get a sense of who he was besides all of his politics, so that was important to me."

Stone says Snowden's girlfriend, a yoga and pole-dancing instructor, was the key to understanding the mystery man at the centre of the controversy in human terms, and he was excited when he received a letter from Shailene Woodley offering herself for the role. Already a star with her own franchise (Divergent), Woodley is also fiercely political, having spent a large part of the year on the campaign trail with presidential candidate Bernie Sanders, and has an earnest doe-eyed look about her when asked about her motivation.

"It wasn't just wanting a job, although I did ask him for an audition," the 24-year-old says, "but I wrote to thank him for having the courage to make a film like this because as a young woman knowing about privacy issues outside the fact my privacy is already limited by the Hollywood side I felt like growing up we always heard about 'big brother' watching and when Ed released what he released, it verified and validated all of those suspicions and fears and sent a chill up my spine."

Few filmmakers have been as controversial as Stone, whose mantra seems to be "to hell with the consequences". Even at Comic Con, he couldn't help ruffle feathers by publicly describing the app sensation Pokemon Go as "totalitarian" and suggesting "they are data mining every single person in this room for information, so it's a whole new level of invasion".

Stone grew up in a deeply conservative familyin New York with a father who served as a colonel on General Dwight D. Eisenhower's staff in Paris, post-World War II. After attending Yale University with classmates such as George W. Bush and John Kerry, the current US Secretary of State, he dropped out to teach English in Saigon, Vietnam, and later enlisted in the army. After two tours of duty in Vietnam, Stone returned home in 1968 with two Purple Heartmedals, a Bronze Star for Valor and a transformed outlook on the world as an anti-establishment rebel full of an almost radicalised hatred of the establishment that still bubbles to the surface when he's talking politics.

"It's very much a 1984 world," Stone says, in a nod to George Orwell's tyrannical tale. "We are all being told how to think and being manipulated and while I think it's important the Democratic party gets to appoint the next Supreme Court justice, on the other hand you have Mrs Clinton, who is one of the greatest warmongers of our generation, and that makes me very concerned about her attitude and aggression towards foreign countries."

In the hands of an expert filmmaker like Stone, the story of Edward Snowden has depth and emotion. Not surprisingly, the director has a unique relationship with many of his movie alter-egos after his own experiences in life.

"My growth of consciousness has sometimes cost me dearly but this is my journey and it's important stuff," he says. "The stories I told about the Vietnam War or JFK or Nixon, those were revelations to me at the time and this is what I am going through now with the Snowden revelations.

"In the end, I can really only go by my own sense of the truth. If it's the truth, I want to put it in my movies."

Snowden is out in cinemas on September 22.

Edward Snowden isn't the first person whose conscience madehim risk everything. Here are some other memorable films about whistleblowers.

On the waterfront (1954) The classic film about a worker (Marlon Brando) who agrees to risk everything to give evidence about union corruption on the docks of Hoboken, New Jersey, after he unwittingly helps facilitate a union-authorised murder.

All the President's Men (1976) Robert Redford and Dustin Hoffman star as Washington Post reporters Bob Woodward and Carl Bernstein, who expose corruption in the Richard Nixon administration after receiving tips from a man who identifieshimself only as Deep Throat.

Silkwood (1983) The film, based on a true story, stars Meryl Streep as Karen Silkwood, an employee at a plutonium plant and a union activist. After being contaminated by radiation, she exposesthe plant's cover-up before dying under mysterious circumstances.

The Insider (1999) Russell Crowe plays a former research biologist for a cigarette company who agrees to do a 60 Minutes interview to reveal that tobacco companies were not only aware that cigarettes were addictive and harmful, but worked to increase their addictiveness.

Erin Brockovich (2000) Julia Roberts won an Oscar portraying the working-class single mother who, as a law clerk, stumbled upon evidence that a big gas and electric company was knowingly poisoning people through contaminated water and helped to organise a major class-action lawsuit against them.

The Most Dangerous Man In America: Daniel Ellsberg and the Pentagon Papers (2009) A documentary about Daniel Ellsberg, a US military analyst working for the RAND Corporation in 1971 when he accessed and leaked thousands of top-secret documents that became known as the Pentagon Papers, infuriating the Nixon administration.

We Steal Secrets: The Story of WikiLeaks/The Fifth Estate (2013) The documentary looks at the rise to prominence of WikiLeaks founder Julian Assange and his war on secrecy while the movie, The Fifth Estate, is a fictional version of the story starring Benedict Cumberbatch as the famed hacker now living in exile.

The story 'It's very much a 1984 world': Oliver Stone on making the film Snowden first appeared on The Sydney Morning Herald.

Go here to see the original:
'It's very much a 1984 world': Oliver Stone on making the film Snowden - Bendigo Advertiser

Pine Gap plays crucial role in America’s wars, leaked documents reveal – ABC Online

Posted on by

Updated August 20, 2017 13:09:45

Intelligence from Australia's Pine Gap base is being used on US battlefields, leaked documents from the US National Security Agency have revealed for the first time.

The documents reveal that the base outside Alice Springs, officially titled Joint Defence Facility Pine Gap, provides detailed geolocation intelligence to the US military that can be used to locate targets, including for special forces and drone strikes.

The use of lethal unmanned drones by the US military has been blamed for hundreds of civilian deaths across countries like Pakistan, Afghanistan Syria, Yemen and Somalia.

The documents, which Background Briefing is publishing for the first time, come from the massive archive of classified documents leaked by NSA whistleblower Edward Snowden.

One document, titled "NSA Intelligence Relationship with Australia" is marked "top secret", and demonstrates that the role of Pine Gap, referred to by its NSA codeword RAINFALL, has become more military-focused over time.

It says: "Joint Defence Facility at Pine Gap (RAINFALL) [is] a site which plays a significant role in supporting both intelligence activities and military operations."

Another document reads: "One of RAINFALL's primary mission areas is the detection and geolocation of Communications Intelligence, Electronic Intelligence and Foreign Instrumentation signals."

Locating the source of signals is crucial for targeting military action, including the lethal unmanned drone strikes.

Richard Tanter, a professor at the University of Melbourne's school of political and social studies and the co-author of a recent Nautilus Institute report on Pine Gap, says the documents confirm the facility's military role.

"Those documents provide authoritative confirmation that Pine Gap is involved, for example, in the geolocation of cell phones used by people throughout the world, from the Pacific to the edge of Africa," he said.

"It shows us that Pine Gap knows the geolocations, it derives the phone numbers, it often derives the content of any communications, it provides the ability for the American military to identify and place in real time the location of targets of interest."

Another secret NSA document, a "site profile" of Pine Gap, explains that the facility's role is not only to collect signals, but to analyse them.

"RAINFALL detects, collects, records, processes, analyses and reports on PROFORMA signals collected from tasked target entities," the profile says.

These PROFORMA signals are the communications data of radar and weapon systems such as surface-to-air missiles, anti-aircraft artillery and fighter aircraft vital tactical information that is provided in near real-time to US forces on the battlefield.

David Rosenberg, a 23-year veteran of the NSA who worked inside Pine Gap as team leader of weapon signals analysis for 18 years until 2008, confirms the base's geolocation capability.

"We're talking about the ability of satellites to geolocate particular electronic transmissions," he says.

"The tasking we get at Pine Gap, is [to] look for this particular signal coming out of this particular location. If you find it, report it, and if you find anything else of interest, report that as well.

"That is the kind of tasking we are looking for. It would be up to the recipients who get this kind of intelligence to make these types of decisions to say, 'Is that relevant? Is that what we are looking for? Are these the people we are targeting?'"

But Mr Rosenberg says preventing civilian casualties is a high priority.

"One thing I can certainly tell you the governments of Australia, and the United States would of course want to minimise all civilian casualties," he says.

"Pine Gap does help to provide limitation of civilian casualties by providing accurate intelligence."

Not everyone is sure things are that clear cut.

Emily Howie, the director of advocacy and research at the Human Rights Law Centre, believes Pine Gap's potential role in drone strikes may leave Australians open to prosecution.

"The legal problem that's created by drone strikes is that there may very well be violations of the laws of armed conflict, or war crimes as it's called colloquially, and that Australia may be involved in those potential war crimes through the facility at Pine Gap," she says.

"Australia, in so far as it is locating suspects that the US targets, is assisting the US. So it could be liable for any crimes committed by the US, in terms of aiding and assisting in that.

"The question then is: is the killing that's done by the United States a war crime or not?"

Ms Howie argues there is an urgent need for greater public knowledge and debate about the Pine Gap base.

"What we have here are credible and really serious allegations made against the personnel at Pine Gap that they could be involved in assisting international crimes war crimes and we have absolutely zero transparency around what's happened," she says.

However, Peter Jennings, the executive director of the Australian Strategic Policy Institute, an independent thinktank in Canberra funded largely by the Department of Defence, says Pine Gap's role is a natural part of Australia's alliance with the US.

"If you accept that the USA and Australia, we're fighting in necessary conflicts in the Middle East, then it's appropriate that our intelligence facilities support those conflicts," he says.

"It reflects a reality that both Australia and the United States and a significant number of other countries besides, are engaged in military operations against a fairly entrenched enemy in the form of extremists or terrorists that are operating in a number of countries in the Middle East. So I think it's perfectly reasonable that we should be using our intelligence resources to support our military operations in in those countries."

According to Cian Westmoreland, who worked for four years as a US Air Force signals relay technician for lethal drones in Afghanistan, it's difficult to say who is responsible for any one piece of targeting information.

"All of this information that's getting sucked up is being used to basically develop targets and find out where the next strike is going to be," he says.

"You have different countries doing different things all working together. You have stations in Great Britain and the Australians would be working with the Americans and the British.

"It's collaborative, and it's really hard to say 'the Australians are responsible for this' or 'the British are responsible for that'.

"Everybody is working together and if the Australians were involved in one piece that happened to be used in a strike, they're essentially complicit with whatever the end result is."

This report was prepared in collaboration with The Intercept, a US investigative news website. The leaked NSA documents are available on the Background Briefing website.

Topics: defence-and-national-security, security-intelligence, defence-forces, wireless-communication, information-and-communication, treaties-and-alliances, unrest-conflict-and-war, alice-springs-0870, australia, united-states

First posted August 20, 2017 08:14:25

Go here to see the original:
Pine Gap plays crucial role in America's wars, leaked documents reveal - ABC Online

Food for thought: UAE ambassador’s hacked mails feed crucial policy debates – HuffPost

Posted on by

The hacked email account of Yousef al-Otaiba, the influential United Arab Emirates ambassador in Washington, has provided unprecedented insight into the length to which the small Gulf state is willing to go in the pursuit of its regional ambitions.

Mr. Al-Otaiba is unlikely to acknowledge the contribution the insight has made to understanding the ten week-old Gulf crisis and diplomatic and economic boycott of Qatar that was engineered by the UAE. The ambassador may, however, have greater appreciation for the contribution his private email exchanges have made to the theory and policy debate about the place of small states in an increasingly polarized international order.

Similarly, Mr. Al-Otaiba is unlikely to see merit in the fact that his email exchanges raise serious questions, including the role and purpose of offset arrangements that constitute part of agreements on arms sales by major defense companies as well as the relationship between influential, independent policy and academic institutions and their donors.

To be sure, Mr. Al-Otaiba is likely to be most concerned about the potential damage to the UAEs reputation and disclosure of the Gulf states secrets caused by the hack. No doubt, the selective and drip-feed leaking of the ambassadors mails by Global Leaks, a mysterious group that uses a Russian email address, is designed to embarrass the UAE and support Qatar in its dispute with an alliance of nations led by the Emirates and Saudi Arabia.

Mr. Al-Otaiba as well as his interlocutors have not confirmed the authenticity of the mails. The UAE embassy did however tell The Hill that Hotmail address involved was that of the ambassador. Moreover, various of the leaks have been confirmed by multiple sources.

The UAE is hardly the only government that donates large sums to think tanks and academic institutions in a bid to enhance soft power; influence policy, particularly in Washington; and limit, independent and critical study and analysis. While Gulf states, with the UAE and Qatar in the lead, are among the largest financial contributors, donors also include European and Asian governments. Think tank executives have rejected allegations that the donations undermine their independence or persuade them to do their donors bidding.

The latest leaks, however, raise the debate about the funding of think tanks and academic institutions to a new level. Mails leaked to The Intercept, a muckraking online publication established by reporters who played a key role in publishing revelations by National Security Council whistle blower Edward Snowden, raise questions not only about funding of institutions, but also the nature and purpose of offset arrangements incorporated in arms deals. Those deals are intended to fuel economic development and job creation in purchasing countries and compensate them for using available funds for foreign arms acquisitions rather than the nurturing of an indigenous industry.

The mails disclosed by The Intercept as well as The Gulf Institute, a Washington-based dissident Saudi think tank, showed that a UAE donation of $20 million to the Washington-based Middle East Institute (MEI) involved funds funnelled through Tawazun, a Abu Dhabi-based investment company, and The Emirates Center for Strategic Studies and Research (ECSSR) that is headed by UAE Crown Prince Mohammed bin Zayed, that had been paid to the UAE in cash rather than projects by defense contractors as part of agreements to supply military equipment.

The US embassy in Abu Dhabi reported as far back as 2008 in a cable to the State Department published by Wikileaks that reports as well as anecdotal evidence suggested that that defense contractors can sometimes satisfy their offset obligations through an up-front, lump-sum payment directly to the UAE Offsets Group despite the fact that the UAEs offset program requires defense contractors that are awarded contracts valued at more than $10 million to establish commercially viable joint ventures with local business partners that yield profits equivalent to 60 percent of the contract value within a specified period (usually seven years).

The cash arrangement raises questions about the integrity of offset arrangements as well as their purpose and use. In the case of MEI, it puts defense contractors in a position of funding third party efforts to influence US policy. In an email to Mr. Al-Otaiba, MEI president Wendy Chamberlain said the funding would allow the institute to counter the more egregious misperceptions about the region, inform US government policy makers, and convene regional leaders for discreet dialogue on pressing issues.

The UAE has been a leader in rolling back achievements of the 2011 popular Arab revolts that toppled the leaders of four countries, promoting autocratic rule in the region, and opposing opposition forces, particularly the controversial Muslim Brotherhood.

The donations by countries like the UAE and Qatar to multiple think tanks as well as the source of the funding links to the even larger issue of strategies adopted by small states to defend their independence and ensure their survival in a world in which power is more defuse and long-standing alliances are called into question.

The leaked emails provide insight into the UAEs strategy that is based on being a power behind the throne. It is a strategy that may be uniquely Emirati and difficult to emulate by other small states, but that suggests that given resources small states have a significant ability to punch above their weight.

US intelligence officials concluded that the hacking of Qatari news websites to plant a false news report that sparked the Gulf crisis in early June had been engineered by the UAE. The UAE move was embedded in a far broader strategy of shaping the Middle East and North Africa in its mould by turning Saudi Arabia into its policy instrument.

Leaked email traffic between Mr. Al Otaiba and three former US officials, Martin Indyk, who served in the Clinton and Obama administrations, Stephen Hadley, former President George W. Bushs national security advisor, and Elliott Abrams who advised Presidents Bush and Ronald Reagan, as well as with Washington Post columnist David Ignatius documents what some analysts long believed but could not categorically prove. It also provided insight into the less than idyllic relationship between the UAE and Saudi Arabia that potentially could become problematic.

In the emails, Mr. Al-Otaiba, who promoted Saudi Crown Prince Mohammed bin Salman in Washington as Saudi Arabias future since he came to office in 2015, was unequivocal about UAE backing of the likely future king as an agent of change who would adopt policies advocated by the UAE.

I think MBS is far more pragmatic than what we hear is Saudi public positions, Mr. Al-Otaiba said in one of the mails, referring to Prince Mohammed by his initials. I dont think well ever see a more pragmatic leader in that country. Which is why engaging with them is so important and will yield the most results we can ever get out of Saudi, the ambassador said. Change in attitude, change in style, change in approach, Mr. Al-Otaiba wrote to Mr. Ignatius.

In another email, Mr. Al-Otaiba noted that now was the time when the Emiratis could get the most results we can ever get out of Saudi.

In a subsequent email dump, published by Middle East Eye, an online news site allegedly funded by persons close to Qatar, if not Qatar itself, and also sent to this writer, Mr. Al-Otaiba, makes no bones about his disdain for Saudi Arabia and his perception of the history of Emirati-Saudi relations.

Writing to his wife, Abeer Shoukry, in 2008, Mr. Al-Otaiba describes the Saudi leadership as f***in coo coo! after the kingdoms religious police banned red roses on Valentines Day. The powers of the police have been significantly curtailed since the rise of Prince Mohammed, who has taken steps to loosen the countrys tight social and moral controls.

In one email, Mr. Al-Otaiba asserts that Abu Dhabi has battled Saudi Arabia over its adherence to Wahhabism, a literal, intolerant and supremacist interpretation of Islam, for the past 200 years. The ambassador asserted that the Emirates had a more bad history with Saudi Arabia than anyone else.

Taken together, the leaked emails involving multiple other issues, including the UAEs military relationship with North Korea as well as its competition with Qatar to host an office of the Afghan Taliban, serve not only as a source for understanding the dynamics of the Gulf crisis, but also as case studies for the development of more stringent guidelines for funding of policy and academic research; greater transparency of military sales and their offset arrangements; and the place of small states in the international order as well as the factors that determine their ability to maintain the independence and at times punch above their weight.

To be sure, that was not the primary purpose of the leaks. The leaks were designed to further Qatars cause and undermine the UAEs arguments as well as embarrass it. The jury is still out on the degree to which the leakers may have succeeded. Nonetheless, one unintended consequence of the leaks is that they raise issues that go to the core of a broad swath of issues, including accountability, transparency, economic and social development, and international relations.

Dr. James M. Dorsey is a senior fellow at the S. Rajaratnam School of International Studies, co-director of the University of Wrzburgs Institute for Fan Culture, and the author of The Turbulent World of Middle East Soccer blog, a book with the same title, Comparative Political Transitions between Southeast Asia and the Middle East and North Africa, co-authored with Dr. Teresita Cruz-Del Rosario and four forthcoming books, Shifting Sands, Essays on Sports and Politics in the Middle East and North Africa as well as The Gulf Crisis: Small States Battle It Out, Creating Frankenstein: The Saudi Export of Ultra-conservatism and China and the Middle East: Venturing into the Maelstrom.

The Morning Email

Wake up to the day's most important news.

Read the rest here:
Food for thought: UAE ambassador's hacked mails feed crucial policy debates - HuffPost