Category Archives: NSA

It's been six years since Senator Ron Wyden first asked the Director of National Intelligence how many Americans' communications are being swept up "incidentally" in the NSA's Section 702 surveillance net. Six years later, he still doesn't have an answer.

Section 702 is up for reauthorization at the end of the year and there's still no information coming from the ODNI [Office of the Director of National Intelligence]. A group of Congressional reps is hoping to pry this info loose before the reauth, but the DNI's been able to hold Wyden off for six years, so

A U.S. congressional committee on Friday asked the Trump administration to disclose an estimate of the number of Americans whose digital communications are incidentally collected under foreign surveillance programs, according to a letter seen by Reuters.

Such an estimate is "crucial as we contemplate reauthorization," of parts of the Foreign Intelligence Surveillance Act that are due to expire at the end of the year, House Judiciary Committee Chairman Bob Goodlatte, a Republican, and John Conyers, the panel's top Democrat, wrote in a letter addressed to Director of National Intelligence Dan Coats.

The new wrinkle here is going above the head of the DNI and straight to the President. Not that this is any more likely to force a number out of the NSA. The president is all for a clean reauthorization and troubling numbers about "incidental" domestic surveillance will only make that more difficult.

In fact, the DNI's top lawyer just finished telling a Senate committee it won't be turning in its long-overdue homework.

The intelligence community will not produce that number, acting General Counsel for the Director of National Intelligence Bradley Brooker told the Senate Judiciary Committee on Tuesday. Producing the number would take too much time and effort and potentially violate Americans privacy in the process, Brooker said, echoing comments DNI Dan Coats made earlier this month. The resulting number might also not be very accurate, he said.

So, that's where this stands now. The DNI promised to pull something together as the previous president headed out the door, but appears to have abandoned its minimal stab at minimal transparency now that the guy up top isn't nearly as interested in curbing the NSA's powers.

Speaking of which, the ODNI is asking to have the "about" collection put back into play, just weeks after the NSA "voluntarily" gave it up.

The panel of intelligence leaders also urged Judiciary Committee members not to restrict so-called about collection, in which intelligence agencies collect information from people who are not intelligence targets but mention those targets in emails and text messages.

This would appear to be aimed at Senator Dianne Feinstein's call to codify the end of the "about" collection, which would prevent the NSA from re-implementing it down the road. We haven't even gotten down the road and IC leaders are already trying to rollback the NSA's rollback.

We'll see if this latest move by Congress has any effect. Six years of Ron Wyden (and others) hammering this same question hasn't moved us much closer to seeing how much purely domestic surveillance the NSA engages in. In recent dodges by the new DNI, Dan Coats (in response to Wyden's questions) suggests the NSA is doing far more domestic dabbling than has been disclosed by everyone but the DNI (leaked documents, FOIA'ed court opinions, etc.) These are answers the public needs to have, but they're especially essential to those who will be handling the Section 702 reauthorization. Failure to produce these numbers or answer questions directly should weigh against the sort of reauth the DNI is seeking.

See more here:
NSA Continues To Dodge 'Incidental Collection' Question, Wants Its 'About' Surveillance Program Back - Techdirt

Droplex Platform Financial instruments are digitize as apermissioned blockchain,here is a possibility to rapidly createtrading venues with astablevalue. And after that reduce operational overhead.Digital solutionsFull system run as a digital exchange, with fully-hosted optionsavailable. Custom deployments may be launched in less than a fewweeks.ExchangeAutomated market-making tool has got more than just one-party liquidity pool. We are honored that we can give you briliantthird-party liquidity sources. Supports multiple source exchanges and smart routing, with automated account management.Quantum defenderFeel safety with a quantum defender ! Weve already set up ameeting with D-wave company. Why ? Because Were going to beoneof the first platforms which soon tests the security systemagainstthe quantum pc. The quantum defender, is not just focused on theidea of being a wall against quantum computing attacks, but it isinpreparation to become a network of options for safe and trustedplace. We believe that blockchain needs to be involved in long-termassets and transactions, it has to think long-term. Long-term includes thinking about quantum computing and dealing with thattricks and threats.

See the original post here:
DROPLEX [DROP] secure NSA bulletproof blockchain ICO - newsBTC

NSA Property Holdings LLC, an affiliate of real estate investment trust National Storage Affiliates Trust (NSAT), has acquired a three-property Tri-State Self Storage portfolio in Castle County, Del., from Tri-State Realty Associates L.P. The facilities sit on approximately 28.3 acres of land, according to a press release from SkyView Advisors, the investment-sales and advisory firm that brokered the deal.

Overall, the properties comprise 264,237 rentable square feet of storage space in 2,428 units, 568 of are climate-controlled. They also contain 109 parking spaces and miscellaneous units, the release stated.

Its not often that a portfolio of this size becomes available in this region of the country, and it garnered multiple bids from national self-storage buyers, said Ryan Clark, director of investment sales for SkyView Advisors and a broker in the transaction.

Last month, NSA Property Holdingsacquired Stor-N-More Self Storage in Tampa, Fla., for $19 million. The property comprises 117,655 net rentable square feet in 1,105 units.

SkyView is a boutique firm specializing in self-storage acquisition, development, facility expansion and renovation, refinancing, and sales. Based in Tampa, the firm also has offices in Cleveland and Milwaukee.

Headquartered in Greenwood, Colo., NSAT is a self-administered and -managed REIT focused on the acquisition, operation and ownership of self-storage properties within the top 100 U.S. Metropolitan Statistical Areas throughout the United States. The company has ownership interest in 456 storage facilities in 23 states. Its portfolio comprises approximately 28 million net rentable square feet. It's owned by its affiliate operators, who are contributing their interests in their self-storage assets over the next few years as their current mortgage debt matures.

More here:
NSA Property Holdings Acquires Tri-State Self Storage in Castle County, DE - Inside Self-Storage

Hot Hardware

Snowden Leak Reveals NSA Traffic Shaping Tech That Diverts US Internet Routing For Spying Hot Hardware A NSA document from 2007 leaked by Edward Snowden, used Yemen as an example for traffic shaping. Yemen is often regarded as a gathering place for extremist activity. There are few ways for the NSA to inconspicuously monitor the Internet traffic ...

Read more:
Snowden Leak Reveals NSA Traffic Shaping Tech That Diverts US Internet Routing For Spying - Hot Hardware

Enlarge / A computer screen displaying Eternalromance, one of the NSA exploits used in Tuesday's NotPetya outbreak.

Update:This post was revised throughout to reflect changes F-Secure made to Thursday's blog post. The company now says that the NotPetya component was probably completed in February, and assuming that timeline is correct, it didn't have any definitive bearing on when the NSA exploits were obtained. F-Secure Security Advisor Sean Sullivan tells Ars that the component weaves in the NSA exploits so well that it's likely the developers had access to the NSA code. "It strongly hints at this possibility," he said. "We feel strongly that this is the best theory to debunk." This post has been revised to make clear that the early access is currently an unproven theory.

Original Story:The people behind Tuesday's massive malware outbreak might have had access to two National Security Agency-developed exploits several weeks before they were published on the Internet, according to clues researchers from antivirus F-Secure found in some of its code.

On Thursday, F-Secure researchers said that unconfirmed timestamps left in some of the NotPetya malware code suggested that the developers may have had access to EternalBlue and EternalRomance as early as February, when they finished work on the malware component that interacted with the stolen NSA exploits. The potential timeline is all the more significant considering the quality of the component, which proved surprisingly adept in spreading the malware from computer to computer inside infected networks. The elegance lay in the way the component combined the NSA exploits with three off-the-shelf tools including Mimikatz, PSExec, and WMIC. The result: NotPetya could infect both patched and unpatched computers quickly. Code that complex and effective likely required weeks of development and testing prior to completion.

"February is many weeks before the exploits EternalBlue and EternalRomance (both of which this module utilizes) were released to the public (in April) by the Shadow Brokers," F-Secure researcher Andy Patel wrote in a blog post. "And those exploits fit this component like a glove."

Whereas the two other main components of NotPetyaan encryption component and a component for attacking a computer's master boot recordwere "pretty shoddy and seem kinda cobbled together," Patel said the spreading component seems "very sophisticated and well-tested." It remains possible that the February timestamps found in some of the code was falsified. Assuming the stampsare correct, they suggest that developers may have had access, or at least knowledge of, the NSA exploits by then. By contrast, Patel added:

WannaCry clearly picked [the NSA] exploits up after the Shadow Brokers dumped them into the public domain in April. Also WannaCry didn't do the best job at implementing these exploits correctly.

By comparison, this "Petya" looks well-implemented, and seems to have seen plenty of testing. It's fully-baked.

The weeks leading up to the possible February completion of the NotPetya spreader was a particularly critical time for computer security. A month earlier, the Shadow Brokers advertised an auction that revealed some of the names of the exploits they had, including EternalBlue. NSA officials responded by warning Microsoft of the theft so that the company could patch the underlying vulnerabilities. In February, Microsoft abruptly canceled that month's Patch Tuesday. The unprecedented move was all the more odd because exploit code for an unpatched Windows 10 flaw was already in the wild, and Microsoft gave no explanation for the cancellation.

"Meanwhile, 'friends of the Shadow Brokers' were busy finishing up development of a rather nifty network propagation component, utilizing these exploits," Patel wrote.

When Patch Tuesday resumed in March, Microsoft released a critical security update that fixed EternalBlue. As the WCry outbreak would later demonstrate, large numbers of computersmainly running Windows 7failed to install the updates, allowing the worm to spread widely.

If the timeline is correct, it might mean the NotPetya developers had some sort of tie to the Shadow Brokers, possibly as customers, colleagues, acquaintances, or friends. It might also make NotPetya the first piece of in-the-wild malware that had known early access to the NSA exploits. Patel didn't speculate how the NotPetya developers might have gotten hold of EternalBlue and EternalRomance prior to their public release in April.

Early speculation was that Shadow Brokers members acquired a small number of hacking tools that NSA personnel stored on one or more staging servers used to carry out operations. The volume and sensitivity of the exploits and documents released over the next several months slowly painted a much grimmer picture. It's now clear that the group has capitalized on what is likely the worst breach in NSA history. There's no indication that the agency has identified how it lost control of such a large collection of advanced tools or that it knows much at all about the Shadow Brokers' membership. The group, meanwhile, continues to publish blog posts written in deliberately broken English, with the most recent one appearing on Wednesday.

The F-Secure theory adds a new, unsettling entry tothe Shadow Brokers' resume. The world already knew the group presided over a breach of unprecedented scope and leaked exploits to the world. Now, we know it also provided crucial private assistance in developing one of the most virulent worms in recent memory.

See the article here:
NotPetya developers may have obtained NSA exploits weeks before their public leak [Updated] - Ars Technica

The Trump administration wants to make some of the National Security Agencys vast spying powers permanent. Thats a dangerous proposition, and Ill tell you why.

Since 9/11, Americans have been asked to sacrifice their freedoms on the altar of national security. Weve had our phone calls monitored, our emails read, our movements tracked, and our transactions documented.

Every second of every day, the American people are being spied on by the U.S. governments vast network of digital Peeping Toms, electronic eavesdroppers and robotic snoops.

These government snoops are constantly combing through and harvesting vast quantities of our communications.

They are conducting this mass surveillance without a warrant, thus violating the core principles of the Fourth Amendment which protects the privacy of all Americans.

PRISM and Upstream, two of the spying programs conducted under Section 702 of the Foreign Intelligence Surveillance Act, are set to expire at the end of this year.

Heres why they should be allowed to expire.

PRISM lets the NSA access emails, video chats, instant messages, and other content sent via Facebook, Google, Apple, and others.

Upstream lets the NSA worm its way into the internet backbone the cables and switches owned by private corporations like AT&T that make the internet into a global network and scan traffic for the communications of tens of thousands of individuals labeled targets.

Ask the NSA why its carrying out this warrantless surveillance on American citizens, and youll get the same Orwellian answer the government has been trotting out since 9/11 to justify its assaults on our civil liberties: to keep America safe.

Yet warrantless mass surveillance by the government and its corporate cohorts hasnt made America any safer. And it certainly isnt helping to preserve our freedoms.

Frankly, America will never be safe as long as the U.S. government is allowed to shred the Constitution.

Now the government wants us to believe that we have nothing to fear from its mass spying program because theyre only looking to get the bad guys who are overseas.

Dont believe it.

The governments definition of a bad guy is extraordinarily broad, and it results in the warrantless surveillance of innocent, law-abiding Americans on a staggering scale.

Under Section 702, the government collects and analyzes over 250 million internet communications every year. There are estimates that at least half of these contain information about U.S. residents, many of whom have done nothing wrong.

The government claims its spying on Americans is simply incidental, as though it were an accident but it fully intends to collect this information.

Indeed, this sensitive data is not destroyed after the NSA vacuums it up. Rather, the government has written its own internal rules called minimization procedures that allow spy agencies such as the NSA to retain Americans private communications for years.

Far from minimizing any invasion of privacy, the rules expressly allow government officials to read our emails and listen to our phone calls without a warrant the very kinds of violations that the Fourth Amendment was written to prohibit.

Finally, once this information collected illegally and without any probable cause is ingested into NSA servers, other government agencies can often search through the databases to make criminal cases against Americans that have nothing to do with terrorism or anything national security-related. One Justice Department lawyer called the database the FBIs Google.

In other words, the NSA, an unaccountable institution filled with unelected bureaucrats, operates a massive database that contains the intimate and personal communications of countless Americans.

Warrantless mass surveillance of American citizens is wrong, un-American, and unconstitutional.

Its time to let Section 702 expire or reform the law to ensure that millions and millions of Americans are not being victimized by a government that no longer respects its constitutional limits.

Constitutional attorney John W. Whitehead, author of Battlefield America: The War on the American People, is the president of The Rutherford Institute, a civil liberties and human rights organization that is one of the plaintiffs in a lawsuit challenging Upstream surveillance under Section 702. Contact Whitehead at johnw@rutherford.org.

More:
John W. Whitehead column: A dangerous proposition: Making the NSA's powers permanent - Richmond.com

Today Democratic Congressman Ted Lieu of California wrote to the NSA in an appeal for the agency to do anything in its power to stop the spread of the globalransomware (or potentially just disguised as ransomware) attack that began yesterday.

Lieu seeks to hold the NSA accountable for its leaked exploit, known as EternalBlue, which appears to have facilitated the malwares spread. Last month, the ransomware known as WannaCry also leveraged EternalBlue in order to spread between networked machines that have not been updated to protect them from the vulnerability, which Microsoft issued a patch for back in March (MS17-010).

Based on various reports, it appears these two global ransomware attacks likely occurred because the NSAs hacking tools were released to the public by an organization called the ShadowBrokers, Lieu wrote.

My first and urgent request is that if the NSA knows how to stop this global malware attack, or has information that can help stop the attack, then NSA should immediately disclose it. If the NSA has a kill switch for this new malware attack, the NSA should deploy it now.

Lieu went on to implore the spy agency to communicate more openly with major tech companies about the vulnerabilities that it discovers in their systems. In the case of EternalBlue, the NSA is believed to have known about the exploit for years. Naturally that makes one wonder what other massive exploits the agency has up its sleeve and how easily those could be exposed in a new Shadow Brokers leak.

Given the ongoing threat, I urge NSA to continue actively working with companies like Microsoft to notify them of software vulnerabilities of which the Agency is aware, Lieu said.I also urge the NSA to disclose to Microsoft and other entities what it knows that can help prevent future attacks based on malware created by the NSA.

Some things about yesterdays ransomware attack make it even nastier than its predecessor WannaCry. As IEEE Senior Member and Ulster University Cybersecurity Professor Kevin Curran explained to TechCrunch: One key difference from WannaCry is that Petya does not simply encrypt disk files but rather locks the entire disk so nothing can be executed. It does it by encrypting the filesystems master file table so the operating system cannot retrieve files.

The other big difference: WannaCry had a kill switch, even if it wasserendipitous.

It does seem to have the same deadly replication feature of WannaCry which enables it to spread quickly across an internal network infecting other machines, Curran said. It seems to also be finding passwords on each infected computer and using those to spread as well. There seems to be no kill switch on this occasion.

We reached out to the NSA with questions about its ability to stop the spread of the current ransomware and its perceived responsibility moving forward. You can read Lieus full letter, embedded below.

View post:
In aftermath of Petya, congressman asks NSA to stop the attack if it knows how - TechCrunch

Should the NSA stop hacking computers out of concern that bad guys could steal its tools and use them for their own nefarious purposes?

Wikimedia Commons

Theres a moment in Dr. Strangelove, Stanley Kubricks dark Cold War comic masterpiece, when President Merkin Muffley (played by Peter Sellers) learns that an insane general has exploited a loophole in the militarys command-control system and launched a nuclear attack on Russia. Muffley turns angrily to Air Force Gen. Buck Turgidson (played by George C. Scott) and says, When you instituted the human reliability tests, you assured me there was no possibility of such a thing ever occurring. Turgidson gulps and replies, I dont think its quite fair to condemn a whole program because of a single slip-up.

The National Security Agency currently finds itself in a similar situation.

One of the NSAs beyondtop secret hacking tools has been stolen. And while the ensuing damage falls far short of an unauthorized nuclear strike, the thieves have wreaked cybermayhem around the world.

The mayhem was committed by a group called the Shadow Brokers, which in April announced that it had acquired the NSA tool (known as Eternal Blue) and published its exploit code online for any and all hackers to copy.* In May, some entitywidely believed to be North Koreansused the the exploit code to develop some malware, which became known as WannaCry, and launched a massive ransomware attack, which shut down 200,000 computers, including those of many hospitals and other critical facilities.

Then on June 27 came this latest attack, which was launched by the Shadow Brokers themselves. This struck some security analysts as odd, for two reasons. First, the Shadow Brokers are believed to be members ofor criminal hackers affiliated witha Russian intelligence agency, and Russians tend not to hack for mere cash. Second, the attack was slipshod: The ransoms were to be paid to a single email address, which security experts shut down in short order. If the Russians had decided to indulge in this mischief for money, it was a shock that they did it so poorly.

Now, however, several cybersecurity analysts are convinced that the ransomware was a brief ploy to distract attention from a devastating cyberattack on the infrastructure of Ukraine, through a prominent but vulnerable financial server.

Jake Williams, founder of Rendition InfoSec LLC (and a former NSA analyst), told me on Thursday, two days after the attack, The ransomware was a cover for disrupting Ukraine; we have very high confidence of that. This disruptive attack shut down computers running Ukrainian banks, metro systems, and government ministries. The virus then spread to factories, ports, and other facilities in 60 countriesthough Williams says its unclear whether this rippling effect was deliberate. (Because computers are connected to overlapping networks, malware sometimes infects systems far beyond a hackers intended targets.)

By the way, the attack left the ransomware victims, marginal as they were, completely screwed. Once the email address was disconnected, those who wanted to pay ransom had no place to send their bitcoins. Their computers remain frozen. Unless they had back-up drives, their files and data are irretrievable.

Its not yet clear how the Shadow Brokers obtained the hacking tool. One cybersecurity specialist involved in the probe told me that, at first, he and others figured that the theft had to be an inside job, committed by a second Snowden, but the forensics showed otherwise. One possibility, he now speculates, is that an unnamed NSA contractor, who was arrested last year for taking home files, either passed them onto the Russians or was hacked by the Russians himself. The other possibility is that the Russians hacked into classified NSA files. Its a toss-up which theory is more disturbing; the upshot of both is, it could happen again.

So should the NSA stop hacking computers out of concern that bad guys could steal its tools and use them for their own nefarious purposes? This remedy is probably unreasonable. After all, spy agencies spy, and the NSA spies by intercepting communications, including digital communications, and some of that involves hacking. In other words, the cyber equivalent of Gen. Turgidson would have a point if he told an angry superior its unfair to condemn a whole program for a single slip-up.

It may be time to view surfing the internet on computers as similar to the way we view driving cars on the highway.

Besides, the NSA doesnt do very many hacks of the sort that the Shadow Brokers stolehacks that involve zero-day exploits, the discovery and use of vulnerabilities (in software, hardware, servers, networks, and so forth) that no one has previously discovered. Zero-day exploits were once the crown jewels of the NSAs signals-intelligence shops. But theyre harder to come by now. Software companies continually test their products for security gaps and patch them right away. Hundreds of firms, many created by former intelligence analysts, specialize in finding zero-day vulnerabilities in commercial productsthen alerting the companies for handsome fees. Often, by the time the NSA develops an exploit for a zero-day vulnerability, someone in the private sector has also found it and already developed a patch.

More and more, in recent years, the NSA chooses to tell companies about a problem and even help them fix it. This trend accelerated in December 2013, when a five-member commission, appointed by President Obama in the wake of the Snowden revelations, wrote a 300-page report proposing 46 reforms for U.S. intelligence agencies. One proposal was to bar the government from doing anything to subvert, undermine, weaken, or make vulnerable generally available commercial software. Specifically, if NSA analysts found a zero-day exploit, they should be required to patch the hole at once, except in rare instances when the government could briefly authorize the exploit for high-priority intelligence collection, though, even then, only after approval not by the NSA directorwho, in the past, made such decisionsbut rather in a senior interagency review involving all appropriate departments.

Obama approved this recommendation, and as a result his White House cybersecurity chief, Michael Daniel, drafted a list of questions that this senior review panel must ask before letting the NSA exploit, rather than patch, the zero-day discovery. The questions: Would this vulnerability, if left unpatched, pose risks to our own societys infrastructure? If adversaries or crime groups knew about the vulnerability, how much harm could they inflict? How badly do we need the intelligence that the exploit would provide? Are there other ways to get this intelligence? Could we exploit the vulnerability for just a short period of time, then disclose and patch it?

A 2016 article in Bloomberg News reported that, due in part to this new review process, the NSA keepsand exploits for offensive purposesonly about two of the roughly 100 zero-day vulnerabilities it finds in the course of a year.

The vulnerability exploited in the May ransomware attack was one of those zero-days that the NSA kept for a while. (It is not known for how long or what adversaries it allowed us to hack.) The vulnerability was in a Microsoft operating system. In March, the government notified Microsoft of the security gap. Microsoft quickly devised a patch and alerted users to install the software upgrade. Some users did; others didnt. The North Koreans were able to hack into the systems of those who didnt. Thats how the vast majority of hacks happenthrough carelessness.

It may be time to view surfing the internet on computers as similar to the way we view driving cars on the highway. Both are necessary for modern life, and both advance freedoms, but they also carry responsibilities and can do great harm if misused. It would be excessive to require the equivalent of drivers licenses to go online; a government that can take away such licenses for poor digital hygiene could also take them away for impertinent political speech. But its not outrageous to impose regulations on product liability, holding vendors responsible for malware-infected devices, just as car companies are for malfunctioning brakes. Its not outrageous to force government agencies and companies engaged in critical infrastructure (transportation, energy, finance, and so forth) to meet minimal cybersecurity standards or to hit them with heavy fines if they dont. Its not outrageous to require companies to program their computers or software to shut down if users dont change or randomize their passwords or if they dont install software upgrades after a certain amount of time. Or if this goes too far, the government could require companies to program their computers or software to emit a loud noise or flash a bright light on the screen until the users take these precautionsin much the same way that drivers hear ding-ding-ding until they fasten their seatbelts.

Some of these ideas have been kicking around for decades, a few at high levels of government, but theyve been crushed by lobbyists and sometimes by senior economic advisers who warned that regulations would impede technical progress and harm the competitive status of American industries. Resistance came easy because many of these measures were expensive and the dangers they were meant to prevent seemed theoretical. They are no longer theoretical. The cyberattack scenarios laid out in government reports decades ago, dismissed by many as alarmist and science fiction, are now the stuff of front-page news stories.

Cyberthreats will never disappear; cybervulnerabilities will never be solved. They are embedded in the technology, as its developed in the 50 years since the invention of the internet. But the problems can be managed and mitigated. Either we take serious steps now, through a mix of regulations and market-driven incentivesor we wait until a cybercatastrophe, after which far more brutal solutions will be slammed down our throats at far greater cost by every measure.

*Correction, June 30, 2017: This article originally misstated that the NSA tool stolen by the Shadow Brokers was called WannaCry. It was called Eternal Blue, and its code was used to create WannaCry. (Return.)

Go here to read the rest:
The NSA's Inadvertent Role in the Major Cyberattack on Ukraine - Slate Magazine

A pared-down version of President Trumps travel ban took effect Thursday night, barring immigrants and refugees from six majority-Muslim countries from entering the United States unless they can prove a relationship with a U.S. citizen or entity; late adjustments to the administrations rules included fiancs but not grandparents and other extended family. In an emergency filing, the state of Hawaii asked a federal court to clarify the scope of the ban, saying the governments latest restrictions go further than the Supreme Court allowed. [Tony Romm / Recode]

This weeks international malware attack has raised concerns that the National Security Agency has rushed to create digital weapons that it cannot keep safe or disable. [The New York Times]

Airbnb is launching a new service for luxury vacation rentals at mega-homes, mansions and penthouses. Airbnb Lux will begin testing in some markets at the end of the year. [Bloomberg]

Meal-kit delivery company Blue Apron raised $300 million in its first day of trading on the New York Stock Exchange, opening at about $10 a share. The five-year-old New York City-based company slashed its IPO price amid questions about the long-term feasibility of its model. [Jason Del Rey / Recode]

Blue Apron CEO Matt Salzberg will join Bonobos CEO Andy Dunn and Williams-Sonoma CEO Laura Alber at Septembers Code Commerce event in New York City, where retail and commerce industry leaders will explore the convergence of digital and physical in the realm of buying and selling stuff. [Jason Del Rey / Recode]

No single device will have as much impact as the iPhone in the next 10 years. Heres a look at which products in the market today might have a comparable effect over the next decade. [Jan Dawson / Recode]

A former Binary Capital employee is suing Justin Caldbeck and the VC firm.

Ann Lai alleges defamation and other claims.

Facebooks internet-beaming drone completed its second test flight and landed perfectly.

Its first Aquila flight ended in a crash landing.

A new drone route is now open in Malawi.

Drones can soar over roads in the flood-prone region to help deliver supplies to remote areas.

This new movie about an Instagram stalker looks both hilarious and terrifying.

Remember: People can see your public social media posts.

Google is still mostly white and male.

Thats according to the latest diversity report.

Kids these days.

On the latest Too Embarassed to Ask, Kara Swisher and Lauren Goode talk with The Verges Casey Newton and Karas older son, Louie Swisher, about how teens are using (or not using) apps like Instagram, Snapchat, Musical.ly and more.

Nice day for a Crunchwrap Supreme wedding

This lucky couple won a glamorous, all-expenses-paid wedding at Taco Bells chic Las Vegas Cantina location, catered with Doubledillas, Gorditas and a hot-sauce-packet bouquet. They werent the first; the fast-food company is now offering anyone the chance to get married at the Vegas franchise for $600. [Eric Vilas-Boas / Thrillist]

Here is the original post:
Recode Daily: Trump's 'travel ban' goes into effect, and can the NSA control the cyber weapons it creates? - Recode

Turkey's General Directorate of Security on Friday refuted the claims that the U.S. National Security Agency (NSA) helped Turkey capture the gunman who carried out the deadly New Year's nightclub attack in Istanbul.

The statement released by the directorate said that the news report suggesting that NSA determined the location of Abdulkadir Masharipov and shared the information with Turkey does not reflect the truth.

"There has been no information shared by a country or foreign institutions in relation to the location of the person who carried out the attack. The identification and capture of the attacker were carried out by the intelligence branch of General Directorate of Security and affiliated branches," the statement said.

Masharipov, an Uzbek citizen, was captured by police in Istanbul after a two-week manhunt following the attack, claimed by Daesh, that killed 39 people, primarily party-goers from Turkey and Middle Eastern countries.

Masharipov confessed to the shooting and told his interrogators that he had received orders from Raqqa, the de facto capital of Daesh in Syria.

He faces charges of membership in a terror group, attempted murder of 79 people injured in the attack and violating Turkey's firearms law. These charges can carry a maximum total of 2,397 years in prison.

Read the original post:
Turkey's Directorate of Security rejects NSA role in capture of Reina attacker - Daily Sabah