Former U.S. National Security Agency contractor Edward Snowden, shown broadcasting from Moscow in 2014, says he acted as a whistleblower when he shared classified documents with journalist Barton Gellman. Charles Platiau/AP hide caption

Former U.S. National Security Agency contractor Edward Snowden, shown broadcasting from Moscow in 2014, says he acted as a whistleblower when he shared classified documents with journalist Barton Gellman.

In 2013, Edward Snowden, a contractor with the National Security Agency, rocked the world when he leaked thousands of classified documents about U.S. surveillance programs.

Barton Gellman, formerly of The Washington Post, was one of three journalists including filmmaker Laura Poitras and Glenn Greenwald of The Guardian with whom Snowden chose to share the documents. Gellman says initially Snowden was skeptical of him.

"He thought that The Washington Post would be afraid to publish or would bow down to government pressure," Gellman says. "It took a lot of convincing for him, just as it took a lot of convincing for me that he was for real."

Snowden shared information about surveillance programs previously unknown to the American public, including the fact that the government was keeping records of private citizens' phone calls and that the NSA was harvesting data from big internet companies, including Google, Facebook and Microsoft.

Gellman reached out to The Washington Post, the paper he had left three years earlier, which went on to publish a series of articles based on Snowden's classified information.

In a new book, Dark Mirror, Gellman writes about his relationship with Snowden and the high-stakes reporting that ultimately garnered him, Poitras and Greenwald a Pulitzer Prize.

The U.S. government charged Snowden with espionage, but Snowden, who is living in exile in Russia, maintains that he acted as a whistleblower in sharing the classified documents.

Gellman says that no matter what your opinion about Snowden is, one thing is clear: "Ed Snowden succeeded beyond the wildest ambitions that he could plausibly have had. ... Even the biggest critics of Snowden not all of them, but some of them ... all say he started a debate that the public needed to have about the limits of surveillance in a democratic society."

"At the same time," Gellman adds, "most of the programs that he exposed continue."

On the terms Snowden agreed upon with Gellman, Poitras and Greenwald

I told Snowden that ... I would make my own judgment about the news value and that I would give the government an opportunity to tell me about damage they foresaw, if the story was published. And so I had that conversation with the government every time. Snowden at first seemed a little skeptical about this and worried that it simply meant I was going to give the government veto power over an article. And in fact, he saw it as potential evidence of a cowardly approach by The Washington Post. Later, he came to see the value and the importance of trying to avoid avoidable harm in the publication of these stories. And he began to insist that that was what he wanted all along. ...

Snowden absolutely wanted us to make our own judgments about newsworthiness. He absolutely did not want us to dump the entire archive online. If he wanted that, he could have done it himself. I mean, the guy knows how to work the Internet. He wanted the credibility of journalists behind the disclosures. He wanted us to check the facts and set the context. And he wanted us to decide what was newsworthy and what was harmful. So he essentially relinquished all the close judgment calls to me and my fellow journalists.

On the importance of checks and balances on the government's surveillance power

In 2014, Washington Post reporter Barton Gellman shared a Pulitizer Prize with fellow journalists Laura Poitras and Glenn Greenwald for their reporting on Edward Snowden and the NSA's surveillance programs. The Washington Post via Getty Images hide caption

In 2014, Washington Post reporter Barton Gellman shared a Pulitizer Prize with fellow journalists Laura Poitras and Glenn Greenwald for their reporting on Edward Snowden and the NSA's surveillance programs.

There were people in 2013 and '14 and '15 who told me they didn't worry about the enormous power of this surveillance machinery because they trusted the people who were running it. They trusted themselves. They trusted the inspector general to call out and prevent bad behavior. They trusted supervisors. They trusted, fundamentally, the president and the presidency. And they trusted Democrats and Republicans. They trusted George W. Bush and Barack Obama equally to use this stuff with the right motives and with the right kinds of limits.

But so much of what is done under authority of the NSA is done based on norms and traditional understandings of what terms mean and on legal interpretations. When [Donald] Trump came to power a guy who is allergic to norms, a guy who is at war with every institution of accountability, whether it's the press, whether it's inspectors general, whether it's courts when that kind of person has his hands on the enormous power that is granted by the ability to look into [and] see into anything that travels across the Internet, then they're worried.

So people who surprise me people like Jim Comey, and people like Gen. [James] Clapper, who had been the director of national intelligence, these were people who had ardently defended the surveillance powers and the checks and balances held on them they were no longer so confident about those checks and balances.

On his tense relationship with Snowden

Snowden wanted advocates on his side. He wanted a pure and clear message of dissent against the way the NSA was behaving. And he wanted nothing that would raise any doubts or questions about him or get into his personal life or anything like that. I continued to ask questions the way a journalist should ask questions. And so we would have these tense exchanges in which he would say, for example, "Are you purposely asking me things you know I won't answer just to piss me off?"

The first time [Snowden] got angry at me he was right to be angry. In an early profile of him, I inadvertently exposed an online handle an anonymous handle that he was still using for communications. And that caused him some trouble as he tried to change handles and encryption keys on the fly.

Barton Gellman

The first time he got angry at me he was right to be angry. In an early profile of him, I inadvertently exposed an online handle an anonymous handle that he was still using for communications. And that caused him some trouble as he tried to change handles and encryption keys on the fly. ...

He quit talking to me for several months after that. And we started up again because he believed I was handling these stories seriously, that I was diving into the subject in a way that was exposing truths that weren't being exposed anywhere else, because this wasn't just a question of opening the documents, reading and writing your story. The documents were incomplete, pieces of a jigsaw puzzle, very hard to understand. They required external reporting with sources in the government and out of the government. They required interpretation and discovery. And I was putting things together in a way that he thought was important. And so he got over his personal anger at the way I behaved.

On the cybersecurity precautions he took when he visited Snowden in Moscow in December 2013

I don't like to be dramatic or self-important, but I thought, "Yeah, there's a pretty good chance that if an American journalist who is writing about secret American intelligence programs comes over to interview a former intelligence officer, Ed Snowden, that that would probably be worth their diversion of a little bit of surveillance to themselves."

I assumed that my devices and my telephone calls would be monitored, and so to begin with, I didn't bring any data over with me. I wasn't gonna bring classified U.S. documents to a country where they could possibly read them and directly expose American secrets to a foreign power.

So I didn't log onto any of my accounts, I didn't bring my actual computer or my usual telephone, I brought empty ones. But I still had the puzzle of how I was going to interview Snowden, take notes, take photographs, make recordings, and then bring those back to the United States while crossing an international border and not hand over those documents, those recordings and so on to either government. I didn't want the U.S. government to hear everything I'd said with Snowden. I didn't want the Russian government to have access to all that information either.

On the House Intelligence Committee report, which was very critical of Snowden

If there were particular harms done by particular disclosures, that fact itself would be classified. ... And so I can't argue with an assertion that's made in the dark, and there may be legitimate reasons to keep that classified. On the other hand, I would have to say that, not to put a fine point on it, that House Intelligence Committee report was garbage. It was a political document. It was basically a long screed about Ed Snowden, and it was filled with facts or assertions of fact that were plainly rebuttable, that they were simply wrong.

Just the simple question of calling Ed Snowden "a high school dropout." He had earned his GED at the same time that his class graduated, with top, top scores. They knew that he had advanced computer security and computer science credentials. Or, for example, they said there's no evidence that Ed Snowden actually was injured in the Army. And so he was lying about the reasons for the end of his Army service. Well, Army records made it very clear. I've seen the records. He broke both legs in training, and for the House Intelligence Committee, which had privileged access to government records, to say things like that gives you a decent flavor of the more complicated untruths in the report.

On being a target for international hackers

It's not paranoid if people are really trying to get you. I knew from the first time I saw the documents before I published a story that this was going to paint a big target on my back. It's advertising that you have something special and secret and advertising pretty quickly that I was not going to publish all of it. So I knew that I would be a subject of interest to hackers, to the U.S. government and to foreign intelligence agencies. And I gradually accumulated considerable evidence that this was true.

Someone tried to break into my Gmail accounts, where I did not store sensitive documents. But nevertheless, Google warned me, a big flashing pink bar on my screen said, "Warning! We believe that state-sponsored attackers are trying to break into your device or your account." I found out later that that was the government of Turkey. Turkey was unexpected and bad news for me, because I thought there were a substantial number of likely candidates and more capable candidates coming after me. So if Turkey also was joining the party, that suggested the threat landscape was broader than I would have liked to think.

My iPad was hacked right in front of my eyes as I was holding it.

Barton Gellman

My iPad was hacked right in front of my eyes as I was holding it. The screen gutted out of the static and then white letters started marching across the screen with technical commands in a language called Unix. If that had worked as expected, as intended, it would have happened while I slept or wasn't looking at the machine. And after a couple of minutes of fooling around like that, the hacker would have complete control of the device. And what worried me about that was that remotely hacking an iPad is not a beginners' hack. It's quite difficult and quite expensive to break through Apple's considerable security remotely without physically connecting to the device. It's a million-dollar hack, that is, say that data brokers or surveillance brokers pay million-dollar bounties for what's called an untethered hack of the iPad operating system. I did not want to be worth that kind of effort. I did not want to be worth that kind of expense. But I was.

Sam Briger and Joel Wolfram produced and edited this interview for broadcast. Bridget Bentz, Molly Seavy-Nesper and Meghan Sullivan adapted it for the Web.

Read this article:
Journalist Reflects On High-Stakes Reporting Of The Edward Snowden Story - NPR

Signal is a popular instant messaging (IM) app with a difference.

That difference or at least its major difference is simple: its not owned and operated by an industry behemoth.

WhatsApp belongs to Facebook, Skype is part of Microsoft, and iMessage is owned by Apple, but the open-source app Signal belongs, inasmuch as it belongs to anyone, to Signal.

Signal is a US-registered non-profit organisation that was founded entirely around making and supporting the messaging app.

As a result, Signals big selling point is, well, that it isnt selling anything.

Sharing information about you with third parties isnt part of Signals business model, so theres actually no point in it figuring out how to do so

which means that theres a much more compelling reason to believe the organisation when it claims to have an unbending focus on end-to-end encryption.

Signal not only has no desire, but also has no need, to take any interest in what youre saying, or whom youre saying it to.

Signal is also endorsed by a privacy celebrity that other IM service providers cant match, namely Edward Snowden.

Snowden is quoted on Signals website with the five simple words, I use Signal every day.

(With apologies to well-known cryptographers Bruce Schneier and Matt Green, who are two of Signals other celebrity endorsers.)

Signal, however, has one curious aspect that puts some people off, this author included.

Weve never bothered with Signal for the reason that signing up means handing over your phone number.

Conveniently, a phone number is all you need to sign up, but you cant sign up with your name instead, or with an email address.

You need to use a working phone number that really is yours.

Basing the identity of accounts on a phone number makes a lot of sense, not least because a phone number is something you can easily and cheaply acquire in many countries, and it guarantees that the user has a satisfactory way of verifying their identity.

But in some countries, getting hold of a phone number isnt an easy process, and may involve proving not only your identity but also your address.

Indeed, getting hold of an anonymous SIM card, or using an improperly registered one, is a criminal offence in some jurisdictions.

And theres something unappealing about entrusting your identity on a secure online service (one that prides itself on immunity to surveillance) to a cryptographic chip that must by law be registered with a central authority so it can keep tabs on you via that same chip.

Theres something even less appealing about the worry that you could be locked out of your own account simply by losing the right to the phone number you used for the account.

This irony isnt lost on Signal, and it has just announced a new feature called Signal PINs that allow you to keep control of your account even if you lose your phone or are forced to switch numbers and cant get your old one back.

Signal aims to be easy and safe to use for everyone, which is why it hasnt insisted on using long and hard-to-remember recovery codes.

Signal PINs can be as long and complex as you like, including letters as well as digits, if thats what you prefer, but you can safely use a short PIN if you want something thats easy to remember and doesnt need writing down, an act that could be a risk for some Signal users.

Signal is using a technique it announced late last year called SVR, short for Secure Value Recovery.

One obvious problem with short PINs used as recovery codes for databases that arent stored in secure memory on your smartphone is the issue of whats called an offline attack.

For example, your iPhone can get away with a 6-digit PIN because you can only type in the PIN on the phone, and the only way to verify the PIN (unless there is a bug somewhere) is to communicate directly with a tamper-resistant chip inside the phone.

That chip cant be opened up, modified or cloned, so the internal counter it maintains of how many guesses youve had at the PIN cant be reset or bypassed you get 10 goes and then its game over.

You cant make 10,000 copies of the chip and have 9 guesses on each copy without getting locked out forever.

But regular server databases arent as easy to protect against attacks where the crooks arent hindered by the presence of dedicated, tamper resistant hardware.

Signal has therefore put a lot of effort into developing hacker-resistant storage enclaves that the company can run on its own servers using Intels Software Guard Extensions (SGX) to keep your master secrets secure with a pass code thats easy to remember.

As we mentioned, however, you dont need to use a PIN to secure your Signal account you can just use your phone number alone, as before, or choose a proper pass-phrase thats as long as you like. (We recommend the latter, SVR or no SVR.)

The disappointing news here, at least in our opinion, is that Signal isnt yet announcing a way to use its product without handing over a phone number at all.

Weve seen excitable reports in the media suggesting that this marks the beginning of the end of phone-based identity for Signal, but we dont think it does.

You still cant use the laptop versions of the app without setting Signal up on your phone first, and you cant set it up on your phone without handing over a real, live phone number right at the start of the installation.

As Signal itself says, PINs arent a replacement for phone numbers but they do provide a safer way to recover your account in an emergency than a phone number alone.

In the latest version of our apps, were introducing Signal PINs. Signal PINs are based on Secure Value Recovery, which we previewed in December, to allow supporting data like your profile, settings, and who youve blocked to be securely recovered should you lose or switch devices. PINs will also help facilitate new features like addressing that isnt based exclusively on phone numbers, since the system address book will no longer be a viable way to maintain your network of contacts.

Its a start, not least because it means an interfering government or mobile phone company cant lock you out of your account simply by cancelling your SIM card.

But you still need a phone to get onto Signal in the first place.

View original post here:
Signal secure messaging can now identify you without a phone number - Naked Security

The coronavirus pandemic pushed people to stay in their homes, and in turn, forced them to use video conferencing products. In the past couple of months, Zoom became an almost indispensable app, Facebook had to step up and make a rival product, and Google made its enterprise conferencing product free for everyone.

Amid this video conferencing boom, Zooms security and privacy-relatedproblems made a lot of people skeptical about using its products. Plus, the company wasnt transparent about communicating its mishaps this forced a lot of people to look for free open source products, and Jitsi emerged as a perfect solution for them.

Apart from being open-sourced, Jitsi benefited from endorsements by a few highly-regarded names in the security community. In March, a privacy-focusedbrowser Tor tweeted about the product as an alternative to Zoom.

In 2017, in an interview with WIRED, Edward Snowden talked about using his own Jitsi server. Later, in a security conference, a lot of people saw Snowden using Jitsi to deliver a talk.

The product suddenly exploded during the pandemic. That meant Emil Ivov, Jitsis founder, and the rest of the team had to work even longer hours to keep the ship running.

Ivov originally built Jitsi as a project in 2003, when he was studying at the University of Strasbourg. Later, he spun off the project into an app and kept building it for desktop. In 2009, he started a company called BlueJimp (not to confused with BlueJeans, another video conferencing app) around it.

In 2011, Google open-sourced WebRTC communication standards to facilitate things like video-conferencing over browsers.The team took advantage of that and built abrowser-basedproduct, and so Meet Jitsi was born.

Apart from being open-sourced Jitsis ease of use helped it gain more users. To set up a call, you need to go to its website, and itll generate a meeting link with four words. That makes it difficult for Zoombombers uninvited people who join public video conferences and broadcast pornographic material to guess the link. Plus, you dont need to sign up to set up a meeting.

While the open-sourced version is free-to-usefor everyone. Its parent company, 88 offers a paid version with features such as transcription and meeting history.

In the past few months, the team had to scale up the infrastructure as users started to mount due to lockdowns all over the world.

The company learned that all kinds of people started to use video conferencing products. So they had to make things easier for users and educate them about the product as many of them were used to old-fashioned dial-in calls.

However, the pandemic has popularized the companys product. Ivov claims it pushed the apps growth by 10 years:

The pandemic provided an acceleration of 10 years in terms of growth. The last decade was an indicator of people moving towards remote work. This situation has just put us into the fast track mode.

After the pandemic hit the world, Jitsis open-sourced version and 88s paid version have managed to achieve 20 million unique monthly participants.

The next challenge for the company is to introduce end-to-end encryption for calls. The service already offers end-to-end encryption one-on-one calls and plenty of other security measures.

Ivov told me that hes never heard so many people talk about end-to-end encryption:

Ive never heard so many people talk about security and end-to-end encryption as I have in the past few months. We provide different levels of security for different needs. So primarily, we needed to educate people about the options they have.

He said that end-to-end encryption for a call with multiple people is challenging to develop. Ideally, when someone joins an encrypted call without a valid key, they would only see jumbled up video streams. When they have the legitimate key, the video stream would look normal. You can see that in a demo video below.

Now, this is easy to execute when there are two or three people on the call. When video services such as Jitsi meet use WebRTC, they create a connection with a central server that dishes out a single video stream to all participants.

If a service wants to use encryption, it has to create the same number of encrypted connection to the central server as the number of participants on a call.And the central server has to decrypt every stream, re-encrypt it, and send it to another participant.This works well for two or three-person calls. But puts a lot of load on the server for calls with multiple people.

To solve this problem, Jitsi is going to use Insertable Streams, a new feature released by the Chromium team that lets you add an additional layer of encryption. The idea is to encrypt frames rather than connections.

Ivov says the open-source nature of the app has helped people find bugs and report them and thats why we havent seen a major security scare on the app yet.Plus, this also helps anyone who wants to implement their own set of functions on top of Jitsis app.

For instance, the Italy-based classroom collaboration platform WeSchool has built some features on top of Jitsis open-sourced version. And according to WeSchools CEO, Marco De Rossi, nearly 30% of secondary schools in the country are using that tool. Rocket Chat, a free and open-source enterprise team chat solution also uses Jitsi for video conferencing.

The number of people using video conferencing simultaneously might decrease as countries are opening up, but Ivov believes a lot of people will still prefer this method of communication instead of a meeting packed with people.

He said that conferencing apps will need to try and make peoples lives easier by making meeting itemssuch as slideshows, documents, and transcripts available even after the session ends. However, the challenge for them would be to do all of this without compromising anyones privacy, and Ivov believes its possible.

Read next: Ben Goertzel: I'm just another neuron in the goddamn global brain

Read our daily coverage on how the tech industry is responding to the coronavirus and subscribe to our weekly newsletter Coronavirus in Context.

For tips and tricks on working remotely, check out our Growth Quarters articles here or follow us on Twitter.

Continued here:
A look at how Jitsi became a 'secure' open-source alternative to Zoom - The Next Web

UPDATED: We have updated this article following a response from Signal, which told us new, updated versions of the app are available to download now.

Researchers have identified a security vulnerability in popular privacy-centric messaging app Signal.

Discovered by security firm Tenable, the bug could allow hackers to gain access to users coarse location data and map out patterns of movement - such as time-periods during which a user is likely to be at home, work, or their favorite local haunt.

To execute an attack, the hacker need only use Signal to call another user, whose location could be compromised whether or not the call is answered.

The Signal messaging app features end-to-end encryption for both calls and text messages, attracting millions of privacy-conscious users every day across Android and iOS. Even infamous whistleblower and champion of data privacy Edward Snowden claims to use Signal every day.

However, according to an advisory published by Tenable, the app is not as watertight from a privacy perspective as its users might expect.

The newly discovered flaw exploits the WebRTC code handling DNS requests on a user's device. This can be used to leak information about a users DNS, which can in turn reveal coarse location data and allow the hacker to identify the victims location within a 400 mile radius.

While this might appear inconsequential to most, using coarse location data in conjunction with DNS server pings from different networks (domestic Wi-Fi, public hotspots, 4G connections etc.) could be used by the hacker to make more precise location assumptions.

Signal was quick to issue a patch for the vulnerability via GitHub, as well as a patch to the WebRTC project in order to help other potentially affected apps.

The company added that an updated version of the app is also available now on the Apple App Store and Google Play Store, which users should download immediately.

Tenable noted that although average Signal users arent to be impacted, for certain Signal users, the issue could be, "quite serious". As the flaw affects WebRTC code used in many other popular apps, the company notes that users of other services could also be at risk.

See more here:
Beware calls from unknown numbers - this top messaging app has placed millions of iOS and Android users at risk - TechRadar India