The Daily Banter | More Bullsh*t Wikileaks for the Easily Misled The Daily Banter Despite this ham-fisted stab at discrediting Mueller, the anti-Hillary far left will still hold Assange and Wikileaks up as heroes of the revolution. Even more unbelievable, Wikileaks pulled the same trick back in May and was immediately debunked by ... |
Read the original post:
More Bullsh*t Wikileaks for the Easily Misled - The Daily Banter
WikiLeakslatest release in their CIA Vault 7 series details a number of advanced hacking tools that fall under the title of Project Imperial. The programs Achilles and SeaPea both target MacOS while the Aeris program targets Linux based systems. The WikiLeaks release page states that CIA agents can use Achilles to, Trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.
SeaPea however, acts as a MacOS rootkit, infiltrating OSX systems once theyre rebooted. WikiLeaks states that SeaPea, provides stealth and tool-launching capabilities, allowing CIA agents to infiltrate and control targets computers without their knowledge. The Linux Aeris program is a malware that attacks Linux distributions such asDebian, CentOS, Red Hat, FreeBSD and Solaris Unix. The Linux malware includes data transferring capabilities and can commit custom attacks.
Discussing the Aeris program WikiLeaks states,Aeris is an automated implant written in C that supports a number of POSIX-based systems (Debian, Red Hat, Solaris, FreeBSD, [and] CentOS]), the release page continues to state,It supports automated file exfiltration, configurable beacon interval and jitter, standalone Collide-based HTTPS LP support and SMTP protocol support all with TLS encrypted communications with mutual authentication. It is compatible with the NOD cryptographic specification and provides structured command and control that is similar to that used by several Windows implants.
The full user guide to all of the hacking tools included in the Project Imperial group can be found on the WikiLeaks release page here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter@LucasNolan_or email him atlnolan@breitbart.com
P.S. DO YOU WANT MORE ARTICLES LIKE THIS ONE DELIVERED RIGHT TO YOUR INBOX?SIGN UP FOR THE DAILY BREITBART NEWSLETTER.
See the article here:
WikiLeaks Reveals 'Project Imperial' Mac Hacking Tools from CIA Vault 7 Leaks - Breitbart News
Add to favorites
Want to avoid seeing your corporate data appear in WikiLeaks?
However much you thrive on the roller coaster of business, one adrenaline rush you want to avoid is finding out that your corporate data is on WikiLeaks.
CIOs face the dichotomy of running an agile, flexible, data-sharing organisation while ensuring they are keeping corporate data safe. Much of the data being shared is sensitive in nature and if it gets into the wrong hands the results would be disastrous.
The good news is that it is possible to strike a delicate balance between an agile data model and strong data security.
When it comes to safeguarding data, establishing role-based, data-level security settings and encryption at rest are key to ensuring that data is only shared with appropriate individuals or organisations.
Take, for instance, the activities involved in supporting NHS patients or insurance customers. A doctor or financial analyst should have access to a great deal of patient or customer personal information. On the other hand, a call centre handler booking appointments or renewing policies only needs a restricted view of the same data.
Based on our work with security-conscious organisations, including global banks, here are the key factors that need addressing:
Redaction: Using redaction makes it easy to mask sensitivedata for certain audiences. By removing, replacing or blocking out details such as personallyidentifiable information (PII), it is easy to share custom views of your dataand prevent leakage.This feature has the added bonus of helping with compliance as it provides support for regulations including EU GDPR.
Advanced encryption: To protect data from cyber criminals and insider threats, organisations need to implement encryption in a more systematic way. Advanced encryption involves the selective and transparent encryption of data, configuration and logs. With its automatic and fast granular key rotation, standards-based cryptography and advanced key management, advanced encryption provides separation of duties between the security administrator and any system, network or database administrator to decrease the risk of potential exposure.
Standards Focus: Ensure you use data management products that support standards such as Common Criteria Certification, a stringent standard for computer security. Additionally, look for compartment security, data auditing, strict access controls as well as authentication tools that work with your organisations existing IT infrastructure.
Principle of least privilege: This is the process of deciding which users, programs and processes require access to the information in any particular layer of a computing environment. This includes application security controls around the databases APIs and security capabilities.
RBAC at scale: Role-Based Access Controls that manage individual users access to data dependent on their role have to be deployed at scale or designed with very granular roles and access controls to ensure performance isnt impacted at times when there are high volumes of data being added or queried.
Element level security: While older databases offered security at the document level, the latest technology has made it possible to increase granularity and hide specific elements within a document from users. Security at the element or property level based on an employees role enables companies to protect sensitive information throughout the life cycle of a document.
Certificate-Based Strong Authentication (CBA): CBA ensures the use of an encryption key that is unique to the authentication device and the user. CBA can also be used to digitally sign transactions and provide proof of the integrity and origin of data, also known as non-repudiation.
Effective data governance policies: Its important to implement and follow effective data governance policies and best practices such as maintenance of access controls, metadata, data quality and security features. If your database platform allows attributes to travel with the data, then the policy enforcement can be more granular and effective.
Separation of duties: This security method is used to manage conflicts of interest, the appearance of conflict of interest and fraud. By carefully restricting the types or amount of data any one individual employee can access, it creates a naturalbarrier to fraudulent activity.
Use the strongest available authentication: Using the highest level of authentication ensures the security and quality of the data.Examples include, LDAP, Kerberos and an external Key Management System.
Use SSL/TLS: Last but not least, Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) is essential to encrypt all communications between all the different nodes and hosts.
We believe enterprises dont need to make a trade-off between data sharing and security. When your most sensitive and valuable data is being integrated across multiple silos of data, it takes a combination of products and processes to ensure that data is secure. But these capabilities can protect against some of the most sophisticated security threats companies are facing todayand in doing so, provide a competitive advantage.
Read more here:
How to keep your data out of WikiLeaks - Computer Business Review
(image via Fridman Gallery / Facebook)
A Becoming ResemblanceOpening Wednesday, August 2 at Fridman Gallery, 6 pm to 8 pm. On view through September 5.
Its hard to ignore Chelsea Manning lately. And rightfully so: Against all odds, her newly liberatedpresence, both on Twitter and IRL, remains one of the most fiercely optimistic in a pool of (justifiably) jaded folk. Ironic memes have no match for colorful emojis, it seems. But this Wednesday, Manning can be found in an art gallery, and her presence manifests in more ways than just the literal.
A Becoming Resemblance is a collaborative venture between Manning and interdisciplinary artist Heather Dewey-Hagborg, using and exploring the technology of genomic identity construction. The show consists of 3D-printed portraits constructed in 2015 from pieces of DNA (hair, nail clippings) Chelsea sent her collaborator from prison. This gave the world a chance to once again put a human face to her identity, which had been shrouded by incarceration for years. The show will also include a graphic novel the duo made last year in collaboration with illustrator Shoili Kanungo depicting Chelseas sentence getting commuted by Obama and her being able to see her 3D portraits in person. What was initially drawn as hopeful fiction can now become reality.
(flyer via Erin Davis and Max C Lee)
Ride Collision: Voice-Haptic On-Road Patio For Liaison SessioningOpening Friday, August 4 at Invisible Exports, 6 pm to 10 pm. On view through August 26.
Though theyve been hard at work curating the Re: Art Show, which manifests in a different part of the vast and strange Pfizer Building in Bed-Stuy every month, Erin Davis and Max C Lee are still finding time to make work of their own. Aside from being quite a mouthful of a title, Ride Collision: Voice-Haptic On-Road Patio For Liaison Sessioning is the duos first solo show in New York.
The show is part of a larger series entitled Ride Collision, exploring the ways one can construct environments using discarded or repurposed found materials. These sculptural creations relate to cars and transportation and the culture and norms surrounding them. The show is also described as delving into how car crashes and other hazards can throw into turmoil the very rules and norms put in place to prevent them. Rocks made from painted styrofoam resemble asphalt, pieces of drywall are modified to resemble road barriers that brace for impact, and caution tape abounds.
Karin Ferrari, still from DECODING The Intros of ZiB (THE WHOLE TRUTH), 2016, digital video, 28:58 (via Tiger Strikes Asteroid)
Revealing Reflected RefractionsOpening Friday, August 4 at Tiger Strikes Asteroid New York, 6 pm to 9 pm. On view through September 10.
This week appears to be a week of long and/or sort of convoluted exhibition titles. For example, try saying this one five times fast. If youre in need of a nice vocal warm-up, it could be a useful one to tuck in your back pocket. If youre not interested in such folly, know that Revealing Reflected Refractions is also a group art exhibition.
The exhibition showcases four artists of differing backgrounds and practices. Video by Karin Ferrari combines the Austrian national news and the Illuminati, drawings from Hai-Hsin Huang depict a multicultural humanity, light sculptures by Alison Kudlow are both tangible and intangible, and site-specific by Nooshin Rostami makes the formality of a gallery space a little more uncertain. At Fridays opening reception, Rostami will also be performing.
(image via Knockdown Center)
The Clock Is Taking A NapOpening Sunday, August 6 at Knockdown Center, 5 pm to 7 pm. On view through November 5.
Using a color palette reminiscent of scoops of sherbet and making shapes that recall fruit, body parts, rainbows, and more, Amie Cunats mural for Knockdown Center breathes new life into New York City architecture. The mural takes inspiration from drawings of notable buildings like churches, layering each structure on so it recalls the squished reality of real estate in the city, but with an added dose of sugary surrealism. Every day the cityscape changes a little more, for better or for worse, and here you can see it from yet another perspective.
More here:
Chelsea Manning's DNA, Candy-Colored Churches, and More Art ... - Bedford + Bowery
Amnesty International has denounced a new Russian law banning the use of Internet proxy services -- including virtual private networks, or VPNs -- as a "major blow to Internet freedom" in the country.
The criticism from the global rights watchdog on July 31 came a day after the Russian government formally published the new law, which President Vladimir Putin signed on July 29.
The law was also criticized by Russia's most famous asylum recipient, former U.S. security consultant Edward Snowden, who leaked a trove of classified U.S. documents on government surveillance before fleeing to Russia.
The main provisions in the new law are set to take effect on November 1, just months before a March 2018 presidential election in which Putin is widely expected to seek and win a new six-year term.
The law will require Internet providers to block websites that offer VPNs and other proxy services. Russians frequently use such websites to access blocked content by routing connections through servers abroad.
Lawmakers who promoted the law said it is needed to prevent the spread of extremist materials and ideas.
Critics say Putin's government often uses that justification to suppress political dissent. Russian authorities in recent years have carried out a broad crackdown on web content deemed extremist.
"This is the latest blow in an assault on online freedom which has seen critical sites blocked and social-media users prosecuted solely for what they post online, under vaguely written antiextremism legislation," Denis Krivosheev, deputy director for Europe and Central Asia at Amnesty International, said in a July 31 statement.
"The ban on VPNs takes this shameful campaign a whole step further," he added.
Putin signed another law on July 29 that will require operators of instant messaging services, such as messenger apps, to establish the identity of those using the services by their phone numbers.
Snowden, meanwhile, called the new restrictions a "violation of human rights" https://twitter.com/Snowden/status/891822030810697728 and a "tragedy of policy."
"Banning the 'unauthorized' use of basic Internet security tools makes Russia both less safe and less free," Snowden, who continues to reside in Russia, wrote on his Twitter feed.
Visit link:
Amnesty, Snowden Decry New Russian Internet Restrictions - RadioFreeEurope/RadioLiberty
Filmmaker Bryan Fogel set out to make a gonzo documentary about dopingand ended up unearthing the largest, most unbelievable sports scandal in recent memory. The entire saga is captured in Icarus, a Sundance darling that made waves this January when Netflix acquired it for $5 millionone of the highest sums a doc has ever fetched at the festival.
The story begins with Fogel, a cyclist as well as a documentarian, investigating the effects of performance-enhancing drugs by injecting himself with those very substances. His goal is to prove how simple it is for even an amateur like him to evade anti-doping tests. For assistance, he reaches out to Dr. Grigory Rodchenkov, the Russian doctor in charge of drug testing at Moscows Olympics lab . . . and, as Fogel soon finds out, the mastermind behind the state-approved doping program that boosted his nations performance at the 2014 Sochi Olympics and beyond; as the film reveals, up to 99 percent of Russian athletes are guilty of doping.
As Fogel and Rodchenkov become more closely entwined, more and more details about the Russian doping program emerge, even as Russia denies that its Sochi medals were ill-gottenand the doctor gradually begins to realize that his insider knowledge has put a target on his back. Things come to a head in the pivotal scene youll find above, exclusively on Vanity Fair, in which Rodchenkov compares himself to Edward Snowden.
Icarus premieres on Netflix August 4.
PreviousNext
From Getty Images.
From Getty Images.
2016 Getty Images
2016 Getty Images
From Getty Images.
From Getty Images.
From Getty Images.
From Getty Images.
From Getty Images.
From Getty Images.
2016 Getty Images
2016 Getty Images
Read the original here:
Icarus: See the Chilling Moment Russia's Doping Doctor Realizes His Life Is in Danger - Vanity Fair
The National Security Agency and FBI violated specific civil liberty protections during the Obama administrationby improperly searching and disseminating raw intelligence on Americans or failing to promptly delete unauthorized intercepts, according to newly declassified memos that provide some of the richest detail to date on the spy agencies ability to obey their own rules.
The memos reviewed by The Hill were publicly released on July 11 through Freedom of Information Act litigation by the American Civil Liberties Union.
They detail specific violations that the NSA or FBI disclosed to the Foreign Intelligence Surveillance Court or the Justice Departments national security division during President Obamas tenure between 2009 and 2016. The intelligence community isnt due to report on compliance issues for 2017, the first year under the Trump administration, until next spring.
ADVERTISEMENTThe NSA says that the missteps amount to a small number less than 1 percent when compared to the hundreds of thousands of specific phone numbers and email addresses the agencies intercepted through theso-called Section 702 warrantless spying program created by Congress in late 2008.
Quite simply, a compliance program that never finds an incident is not a robust compliance program, said Michael Halbig, theNSAs chief spokesman. The National Security Agency has in place a strong compliance program that identifies incidents, reports them to external overseers, and then develops appropriate solutions to remedy any incidents.
But critics say the memos undercut the intelligence communitys claim that it has robust protections for Americans incidentally intercepted under the program.
Americans should be alarmed that theNSAisvacuuming up their emails and phone calls without a warrant, said , an ACLU staff attorney in New York who helped pursue the FOIA litigation.TheNSAclaims it has rules to protectour privacy, but it turns out those rules are weak, full of loopholes, andviolated again and again.
Section 702 empowers the NSA to spy on foreign powers and to retain and use certain intercepted data that was incidentally collected on Americans under strict privacy protections. Wrongly collected information is supposed to be immediately destroyed.
The Hill reviewed the new ACLU documents as well as compliance memos released by the NSA inspector general and identified more than 90 incidents where violations specifically cited an impact on Americans. Many incidents involved multiple persons, multiple violations or extended periods of time.
For instance, thegovernment admitted improperly searching the NSAs foreign intercept data on multiple occasions, including one instance in which ananalyst ran the same search query about an American every work day for a period between 2013 and 2014.
There also were several instances in which Americans unmasked names were improperly shared inside the intelligence community without being redacted, a violation of the so-called minimization procedures that Obama loosened in 2011that are supposed to protect Americans identity from disclosure when they are intercepted without a warrant.Numerous times improperly unmasked information about Americans had to be recalled and purged after the fact, the memos stated.
CIA and FBI received unminimized data from many Section 702-tasked facilities and at times are thus required to conduct similar purges, one report noted.
NSAissued a report which included the name of a United States person whose identity was not foreign intelligence, said one typical incident report from 2015, which said theNSAeventually discovered the error and recalled the information.
Likewise, the FBI disclosed three instances between December 2013 and February 2014 of improper disseminations of U.S. persons identities.
TheNSAalso admitted it was slow in some cases to notify fellow intelligence agencies when it wrongly disseminated information about Americans. The law requires a notificationwithin five days, but some took as long as 131 business days and the average was 19 days, the memos show.
U.S. intelligence officials directly familiar with the violations told The Hill that the memos confirm that the intelligence agencies have routinely policed, fixed and self-disclosed to the nations intelligence court thousands of minor procedural and more serious privacy infractions that have impacted both Americans and foreigners alike since the warrantless spying program was created by Congress in late 2008.
Alexander Joel, who leads the Office of Civil Liberties, Privacy and Transparency under the director of national intelligence, said the documents chronicle episodes that have been reported to Congress and the Foreign Intelligence Surveillance Court for years in real time and are a tribute to the multiple layers of oversight inside the intelligence community.
We take every compliance incident very seriously and continually strive to improve compliance through our oversight regime and as evidence by our reporting requirements to the FISC and Congress, he told The Hill. That said, we believe that, particularly when compared with the overall level of activity, the compliance incident rate is very low.
The FBI said it believes it has adequate oversight to protect Americans privacy, while signaling it will be pushing Congress hard this fall to renew the Section 702 law before it expires.
The FBIs mission is to protect the American people and uphold the Constitution of the United States, the bureau said in a statement to The Hill. When Congress enacted Section 702, it built in comprehensive oversight and compliance procedures that involve all three branches of government. These procedures are robust and effective in identifying compliance incidents. The documents released on July 11, 2017 clearly show the FBIs extensive efforts to follow the law, and to identify, report, and remedy compliance matters.
Section 702 is vital to the safety and security of the American people. It is one of the most valuable tools the Intelligence Community has, and therefore, is used with the utmost care by the men and women of the FBI so as to not jeopardize future utility. As such, we continually evaluate our internal policies and procedures to further reduce the number of these compliance matters.
The new documents show that theNSAhas, on occasion, exempted itself from its legal obligation to destroy all domestic communications that were improperly intercepted.
Under the law, theNSAis supposed to destroy any intercept if it determines the data was domestically gathered, meaning someone was intercepted on U.S. soil without a warrant when the agency thought they were still overseas. The NSA, however, has said previously it created destruction waivers to keep such intercepts in certain cases.
The new documents confirm theNSAhas in fact issued such waivers and that it uncovered in 2012 a significant violation in which the waivers were improperly used and the infraction was slow to be reported to the court.
In light of related filings being presented to the Court at the same time this incident was discovered and the significance of the incident, DOJ should have reported this incident under the our immediate notification process, then-Assistant Attorney General Lisa Monaco wrote the FISA court in Aug. 28, 2012, about the episode, according to one memo released through FOIA.
TheNSAdeclined to say how often destruction waivers are given. But Joel, of the Office of the Director of National Intelligence, said the Foreign Intelligence Surveillance Court has supervised such waivers and affirmed they are consistent with the Fourth Amendment of the Constitution and the statutory requirements of Section 702.
Other violations cited in the memos:
In annual and quarterly compliance reports that have been released in recent years, U.S. intelligence agencies have estimated the number of Section 702 violations has averaged between 0.3 percent and 0.6 percent of the total number of taskings. A tasking is an intelligence term that reflects a request to intercept a specific phone number or email address.
The NSA now targets more than 100,000 individuals a year under Section 702 for foreign spying, and some individual targets get multiple taskings, officials said.
The actual number of compliance incidents remains classified but from the publicly available data it is irrefutable that the number is in the thousands since Section 702 was fully implemented by 2009, said a senior U.S. official with direct knowledge, who spoke only on condition of anonymity.
The increasing transparency on Section 702 violations is having an impact on both critics and supporters of a law that is up for renewal in Congress at the end of this year. Of concern are the instances in which Americans data is incidentally collected and then misused.
Retired House Intelligence Committee Chairman Pete Hoekstra, a Republican who strongly supported the NSA warrantless spying program when it started under President George W. Bush, said he now fears it has now become too big and intrusive.
If I were still in Congress today, I might vote with the people today to shut the program down or curtail it, Hoekstra, who has been tapped by Trump to be ambassador to the Netherlands, said in an interview.
One percent or less sounds great, but the truth is 1percent of my credit card charges dont come back wrong every month. And in my mind one percent is pretty sloppy when it can impact Americans privacy.
This story was updated at 10:38 a.m.
See the rest here:
Newly declassified memos detail extent of improper Obama-era NSA spying - MTNV
BBC News | Message encryption a problem - Rudd BBC News The major technology companies must step up their fight against extremism or face new laws, the home secretary has told the BBC. Amber Rudd said technology companies were not doing enough to beat the enemy on the internet. Encryption tools used by ... 'Real People' Don't Need Encrypted Messaging Services, Claims UK Home Secretary You're wrong, Amber Rudd encryption is for 'real people' UK home secretary Amber Rudd says 'real people' don't need end-to-end encryption |
Read the rest here:
Message encryption a problem - Rudd - BBC News
Awful terror attacks this year have confirmed again how terrorists use internet platforms to spread their vile ideology, and to inspire and to plan their acts of violence.
Nearly every plot we uncover has a digital element to it. Go online and you will find your own do-it-yourself jihad at the click of a mouse. The tentacles of Daesh (Isil) recruiters in Syria reach back to the laptops in the bedrooms of boys and increasingly girls in our towns and cities up and down the country. The purveyors of far-Right extremism pump out their brand of hate across the globe, without ever leaving home.
The scale of what is happening cannot be downplayed. Before he mowed down the innocents on Westminster Bridge and stabbed Pc Keith Palmer, Khalid Masood is thought to have watched extremist videos. Daesh claim to have created 11,000 new social media accounts in May alone. Our analysis shows that three-quarters...
Originally posted here:
We don't want to ban encryption, but our inability to see what terrorists are plotting undermines our security - Telegraph.co.uk
Updated August 01, 2017 07:34:44
The Federal Government's bid to force tech companies to reveal terrorists' secret conversations could be unachievable, according to the former deputy director of the US National Security Agency (NSA).
Chris Inglis had a 28-year career with the NSA and now advises private companies on how to detect Edward Snowden-style leakers within their ranks.
He told the ABC the Turnbull Government's bid to access encrypted messages sent by terrorists and other criminals is to be admired, but the technology may prove problematic.
"I don't know how feasible it is to achieve the kind of access the Government might want to have under the rule of law, the technology is tough to get exactly right," Mr Inglis told the ABC.
"But the Government is honour-bound to try to pursue both the defence of individual rights and collective security."
Encrypted messages affect close to 90 per cent of ASIO's priority cases and the laws would be modelled on Britain's Investigative Powers Act, which obliges companies to cooperate.
Technology experts, like adjust professor at the Centre for Internet Safety Professor Nigel Phair, have questioned how these laws would really work.
"From a technical perspective we are looking at very high-end computing power that makes it really, really difficult to decrypt a message on the fly, it's just not a simple process," he said.
Facebook has already indicated it will resist the Government's laws, saying weakening encryption for intelligence agencies would mean weakening it for everyone.
"Because of the way end-to-end encryption works, we can't read the contents of individual encrypted messages," a spokesman said.
But Mr Inglis said technology companies would not need to create a so-called backdoor to messages, but rather allow intelligence agencies to exploit vulnerabilities.
The NSA was criticised in May after it was revealed it knew about a vulnerability in Microsoft's system, but exploited it rather than reporting it to the company.
"Here's the dirty little secret: most of these devices already have what might be technically described as a backdoor their update mechanisms, their patch mechanisms," he said.
"My read on what you are trying to do is to put that issue on the table and say, 'we are not going to create backdoors, but we are going to try and use the capabilities that already exist'."
Mr Inglis said the Australian Government was pushing for legal powers the US Government had not called for.
"We have not had as rich a debate as what I sense is going on in Australia," he said.
"The Government by and large has not stepped in and directed that we are either going to seek a solution, we are still trying to find a voluntary way forward."
When Prime Minister Malcolm Turnbull announced the legislation, he noted strong libertarian tendencies of US-based technology companies.
Mr Inglis said Australia was "in the middle of the pack" when it came to cyber security planning.
"You are currently working through how to balance individual privacy the defence of liberty as well as we would say in the states and the pursuit of collective security," he said.
"No-one is exempt from the threats that are traversing across the cyber space at this moment in time."
Topics: science-and-technology, defence-and-national-security, security-intelligence, information-and-communication, turnbull-malcolm, government-and-politics, australia, united-states
First posted August 01, 2017 04:44:23
Read more:
Ex-NSA boss questions encrypted message access laws proposed by Malcolm Turnbull - ABC Online