The Prometheus League
Breaking News and Updates
- Abolition Of Work
- Ai
- Alt-right
- Alternative Medicine
- Antifa
- Artificial General Intelligence
- Artificial Intelligence
- Artificial Super Intelligence
- Ascension
- Astronomy
- Atheism
- Atheist
- Atlas Shrugged
- Automation
- Ayn Rand
- Bahamas
- Bankruptcy
- Basic Income Guarantee
- Big Tech
- Bitcoin
- Black Lives Matter
- Blackjack
- Boca Chica Texas
- Brexit
- Caribbean
- Casino
- Casino Affiliate
- Cbd Oil
- Censorship
- Cf
- Chess Engines
- Childfree
- Cloning
- Cloud Computing
- Conscious Evolution
- Corona Virus
- Cosmic Heaven
- Covid-19
- Cryonics
- Cryptocurrency
- Cyberpunk
- Darwinism
- Democrat
- Designer Babies
- DNA
- Donald Trump
- Eczema
- Elon Musk
- Entheogens
- Ethical Egoism
- Eugenic Concepts
- Eugenics
- Euthanasia
- Evolution
- Extropian
- Extropianism
- Extropy
- Fake News
- Federalism
- Federalist
- Fifth Amendment
- Fifth Amendment
- Financial Independence
- First Amendment
- Fiscal Freedom
- Food Supplements
- Fourth Amendment
- Fourth Amendment
- Free Speech
- Freedom
- Freedom of Speech
- Futurism
- Futurist
- Gambling
- Gene Medicine
- Genetic Engineering
- Genome
- Germ Warfare
- Golden Rule
- Government Oppression
- Hedonism
- High Seas
- History
- Hubble Telescope
- Human Genetic Engineering
- Human Genetics
- Human Immortality
- Human Longevity
- Illuminati
- Immortality
- Immortality Medicine
- Intentional Communities
- Jacinda Ardern
- Jitsi
- Jordan Peterson
- Las Vegas
- Liberal
- Libertarian
- Libertarianism
- Liberty
- Life Extension
- Macau
- Marie Byrd Land
- Mars
- Mars Colonization
- Mars Colony
- Memetics
- Micronations
- Mind Uploading
- Minerva Reefs
- Modern Satanism
- Moon Colonization
- Nanotech
- National Vanguard
- NATO
- Neo-eugenics
- Neurohacking
- Neurotechnology
- New Utopia
- New Zealand
- Nihilism
- Nootropics
- NSA
- Oceania
- Offshore
- Olympics
- Online Casino
- Online Gambling
- Pantheism
- Personal Empowerment
- Poker
- Political Correctness
- Politically Incorrect
- Polygamy
- Populism
- Post Human
- Post Humanism
- Posthuman
- Posthumanism
- Private Islands
- Progress
- Proud Boys
- Psoriasis
- Psychedelics
- Putin
- Quantum Computing
- Quantum Physics
- Rationalism
- Republican
- Resource Based Economy
- Robotics
- Rockall
- Ron Paul
- Roulette
- Russia
- Sealand
- Seasteading
- Second Amendment
- Second Amendment
- Seychelles
- Singularitarianism
- Singularity
- Socio-economic Collapse
- Space Exploration
- Space Station
- Space Travel
- Spacex
- Sports Betting
- Sportsbook
- Superintelligence
- Survivalism
- Talmud
- Technology
- Teilhard De Charden
- Terraforming Mars
- The Singularity
- Tms
- Tor Browser
- Trance
- Transhuman
- Transhuman News
- Transhumanism
- Transhumanist
- Transtopian
- Transtopianism
- Ukraine
- Uncategorized
- Vaping
- Victimless Crimes
- Virtual Reality
- Wage Slavery
- War On Drugs
- Waveland
- Ww3
- Yahoo
- Zeitgeist Movement
-
Prometheism
-
Forbidden Fruit
-
The Evolutionary Perspective
Category Archives: NSA
2008 FISA Transcript Shows NSA Already Knew It Might Have An Incidental Collection Problem – Techdirt
Posted: June 16, 2017 at 2:57 pm
The ODNI has released several documents in response to FOIA lawsuits (EFF, ACLU). The EFF scored 18 of these (handy zip link here) and the ACLU seven. The ACLU's batch has proven more interesting (at least initially). One document it obtained shows a tech company challenged a Section 702 surveillance order in 2014. The challenge was shut down by the FISA court, but with the exception of Yahoo's short-lived defiance, we haven't seen any other evidence of ISP resistance to internet dragnet orders.
Included in the ACLU's batch is a 2008 FISA Court transcript [PDF] that's particularly relevant to the NSA's voluntary shutdown of its "about" collection. In it, the NSA discusses its filtering and oversight procedures, which were already problematic nearly a decade ago.
There are some really interesting tidbits to be gleaned from the often heavily-redacted proceedings, including this statement, which makes it clear the NSA engaged in wholly-domestic surveillance prior to the FISA Amendments Act.
THE COURT: All right. Well, what about the non-U.S. person status, which of course is new under the FISA Amendments Act? Are you going to be changing anything in terms of focusing on that?
[REDACTED GOV'T RESPONDENT]: We already sort of do with respect to the U.S. person status is so intertwined with the location of the target [REDACTED] to the extent that in the past NSA.would actually affirmatively identify targeted U.S. persons to us on the sheets, because one of the additional fields that they put in the sheets is basically a blurb, an explanation and a description of the target.
Clearly, we're not allowed to target US persons anymore, so I don't anticipate seeing any such descriptions on the sheets. But again, since the status of the person, the determination of how that is made is so intertwined with the same information upon which NSA relies to make a foreignness determination, that it would be hard for us not to identify such information as we're conducting the reviews.
Which, of course, means the NSA was allowed to target US persons and their communications previously, contradicting statements made by US officials, including President George W. Bush and Vice President Dick Cheney.
It's stated earlier in the transcript that the NSA does a few things to help minimize examination of US persons' communications. But they're not great. The NSA runs spot checks on analysts' transactions, deploys filters, and relies on self-reporting to guard against Fourth Amendment violations. It sounds like quite a bit, but the details show it's not nearly enough. To start with, the filters meant to filter out US persons' communications don't work.
COURT: The NSA minimization procedures, you're stating, 'contain a provision for allowing retention of information because of limitations on NSA's ability to filter communications.' My question I had was is the filter discussed in targeting the same filtering. I just wanted to understand that, and apparently it is. [The rest of the court's question is redacted.]
GOV'T: I think the inclusion of that provision in the minimization procedures was intended to be prophylactic in the event that the filters don't necessarily work, and NSA has represented that it's been their experience with the filters and [redacted] this provision basically captures instances where the filters may not work in every instance.
And there's a good reason why they won't work "in every instance." Further unredacted discussion reveals the NSA partially relies on an IP address blacklist to filter out US persons' communications. This is better than nothing, but still a long way from being a strong positive indicator of a target's (or incidental target's) location.
The court then asks about the limitations of the filters and we get several fully-redacted pages as an answer.
The court also asks about the "about" collection -- where targets are discussed but the communications do not directly involve NSA targets.The judge wants to know how often this is being used rather than the more-targeted "to/from" collection and how often it results in incidental collection. Unsurprisingly, the government can't say how often this happens. This is because the NSA saw no reason to track these searches.
GOV'T: As far as the percentage number, we don't have a number for that, because as I mentioned earlier, when we [redacted] we find to's and froms and [redacted] so we don't categorize those separately to be able to count those communications as abouts.
The court then asks why it's not possible to limit the collection to to's and froms. The government's response is that collecting it all just works better for the NSA, even though it apparently possesses the technical ability to keep these collections separate.
It is technically feasible. The problem with doing so is if you end up discarding a number of communications that are truly to-froms that you should be able to collect but [redacted]...
So by trying to limit us to no abouts, then we end up cutting out those kind of communications as well, truly to-froms. So it would be -- we're not surgical enough to take that out of the equation without impacting our ability to do to-froms effectively.
And later in the discussion, there's a bit of a bombshell about the "about" collection. The NSA shut it down because it couldn't find a way to prevent incidental collection of US persons' communications. In this transcript, the government points out incidental collection is just as likely with to-from targeting.
COURT: Is it more or less likely to pick up U.S.-person information in an about than a to or from?
MR. OLSEN: I don't know the answer in practice. At least from my perspective in theory, I wouldn't see why it would be more likely than a targeted to or from collection where the target's outside the United States where there's a similar possibility that that target would be in communication with someone in the United States, with a U.S. person in the United States.
If this is true, the elimination of the "about" collection doesn't do much to curtail incidental collection. And almost a decade ago, the NSA was already making it "impossible" to comply with Congressional requests for incidental collection numbers by refusing to separate its collections, even with the FISA Court raising questions about its Fourth Amendment implications.
Continue reading here:
2008 FISA Transcript Shows NSA Already Knew It Might Have An Incidental Collection Problem - Techdirt
Posted in NSA
Comments Off on 2008 FISA Transcript Shows NSA Already Knew It Might Have An Incidental Collection Problem – Techdirt
NSA links Wannacry worm to North Korea – BBC News
Posted: June 15, 2017 at 8:57 pm
BBC News | NSA links Wannacry worm to North Korea BBC News The Wannacry worm that infected organisations in 150 countries in May has been blamed on North Korea by the US's National Security Agency (NSA). The Washington Post said there was "moderate confidence" in the report's findings, while the spy agency ... The NSA reportedly believes North Korea was responsible for WannaCry ransomware attacks Overnight Cybersecurity: NSA links Wanna Cry ransomware to North Korea | Dem proposes center to counter Russian ... NSA uncovers ties between North Korea and WannaCry attacks |
Read more from the original source:
NSA links Wannacry worm to North Korea - BBC News
Posted in NSA
Comments Off on NSA links Wannacry worm to North Korea – BBC News
Mystery internet company challenges NSA’s mass surveillance order – Engadget
Posted: at 8:57 pm
The document, a Foreign Intelligence Surveillance Court ruling, was wrested from the government thanks to an ACLU FOIA request. But it's so heavily redacted that we cannot identify the tech company who stood up to the NSA.
Specifically, the mysterious company didn't comply with an NSA order under Section 702. That's the legal structure supporting the PRISM domestic spying program, which forces companies to give the NSA access to Americans' international communications.
The company refused because cooperating to grant said access would implicate its First and Fourth Amendment rights. In short, it took the NSA to Constitutional school over the legality of Section 702 itself (to be precise, the company took issue with an "expansion" of Section 702 surveillance, the details of which were redacted), since opening up its users' international communications would eventually and inevitably expose those of domestic citizens. Ergo, if the NSA wanted access, it needed to get a warrant, the company stated.
Ultimately, the court rejected the tech company's claim and ordered it to comply with the NSA request. Judge Rosemary Collyer, who presided over the case, said "the mere fact that there is some potential for error is not a sufficient reason to invalidate the surveillance" -- in other words, prove misconduct or sit down. The document, only now made available to the public, is from 2014, so whatever surveillance may have happened as a result might already have happened.
Section 702 is set to expire at the end of this year, and debate rages on about whether Congress should renew it. The NSA already claimed back in April that it would stop even incidentally collecting domestic American emails in its sweeps, which its analysts were still accidentally doing in 2016. Regardless, this case is a sadly rare illuminating window into an intentionally shadowy world: Back in 2016, for example, the FBI reassured the public that it would be reforming how it accessed data collected by the NSA...but didn't say how, because that's classified.
Link:
Mystery internet company challenges NSA's mass surveillance order - Engadget
Posted in NSA
Comments Off on Mystery internet company challenges NSA’s mass surveillance order – Engadget
Trump Tried to Convince NSA Chief to Absolve Him of Any Russian Collusion: Report – Newsweek
Posted: at 8:57 pm
A recent National Security Agency memo documents a phone call in whichU.S. President Donald Trump pressures agency chief Admiral Mike Rogers to state publicly that there is no evidence of collusion between his campaign and Russia, say reports.
The memo was written by Rick Ledgett, the former deputy director of the NSA, sources familiar with the memo told The Wall Street Journal. Ledgett stepped down from his job this spring.
The memo said Trump questioned the American intelligence community findings that Russia interfered in the 2016 election. American intelligence agencies issued a report early this year that found Russian intelligence agencies hacked the countrys political parties and worked to sway the election to Trump.
Daily Emails and Alerts- Get the best of Newsweek delivered to your inbox
The Russia investigations special counsel Robert Mueller plans to interview Ledgett as part of his investigation into Russias efforts to manipulate the 2016 vote, a source toldWSJ. Mueller is also probing whether Trump himself obstructed justice when he fired former FBI Director James Comey on May 9, according to TheWashington Post.
A memo drawn up by a National Security Agency deputy reportedly records Trump pressuring NSA Director Mike Rogers to influence Russia investigation. Joshua Roberts/Reuters
They made up a phony collusion with the Russians story, found zero proof, so now they go for obstruction of justice on the phony story. Nice, Trump tweeted Thursday. You are witnessing the single greatest WITCH HUNT in American political historyled by some very bad and conflicted people! he wrote.
Read more: Trump asked intelligence chiefs to intervene in Comeys Russia investigation: report
Comey testified a week ago that Trump had pressured him to let go an investigation into fired National Security Adviser Michael Flynn after Flynn misled Vice President Mike Pence about contacthe had had with Russian officials.
Comey also testified that Trump asked him to deny publicly that the president was being investigated by the FBI. Comey said that at the time Trump was not being investigated, but he demurred from Trumps request because he would have to correct his statement publiclyif the facts changed.
On March 20, Comey testified that his investigation into Russian interference was looking at whether Trumps campaign colluded with the foreign power. British intelligence agencies first picked up contactbetween Trumps campaign members and associates in 2015.
Two current and two former officials told The Washington Post that in March Trump asked Rogers and Director of National Intelligence Daniel Coats to publicly deny the existence of any evidence of collusion between his campaign and Russia during the 2016 election.
During testimony to the Senate intelligence committee on June 7, neither Coats nor Rogers would answer many specific questions, but both said they did not feel pressure. Coats testified that he never felt pressure to intervene in the Russia investigation.
In the three-plus years that I have been the director of the National Security Agency, to the best of my recollection, I have never been directed to do anything I believed to be illegal, immoral, unethical or inappropriate, Rogers said. And to the best of my recollection...I do not recall ever feeling pressured to do so.
Here is the original post:
Trump Tried to Convince NSA Chief to Absolve Him of Any Russian Collusion: Report - Newsweek
Posted in NSA
Comments Off on Trump Tried to Convince NSA Chief to Absolve Him of Any Russian Collusion: Report – Newsweek
Senators seek answers on alleged NSA leaker’s security clearance – The Hill
Posted: at 8:57 pm
The leaders of a key Senate panel are pressing the federal government for information about the security clearance of a government contractor recently accused of passing classified material to a news outlet.
Reality Leigh Winner was arrested by the FBI in early June and charged in federal court with violating a section of the Espionage Act. Her arrest has been linked to The Intercepts publication of a purported classified National Security Agency document detailing Russian hacking efforts aimed at U.S. election and voting infrastructure.
Winner, an Air Force veteran, had worked as a contractor at Pluribus International Corporation, was assigned to a government facility in Georgia and held a top-secret clearance, according to the criminal complaint.
The leaking of classified information jeopardizes our national security, McCaskill said in a statement. We need to determine if Ms. Winners security clearance process was handled correctly or if we missed any red flags.
Together, Johnson and McCaskill lead theSenate Homeland Security and Governmental Affairs Committee.
The letter was sent to Kathleen McGettigan, acting director of OPM. The lawmakers also asked the agency to explain the process by which a member of the military has a security clearance reactivated or transferred in order to be employed by the intelligence community, given Winners previous service in the Air Force.
Additionally, the senators asked what OPM is doing to comply with with a provision included in an appropriations measure passed last year that mandated a review of the federal governments enhanced security clearance program.
Winner was arrested at her home in Georgia on June 3 and the Department of Justice announced the charges days later. Winner allegedly printed and improperly removed classified intelligence in early May and later sent it by mail to an online news outlet.
Winners arrest was the latest in a string of leak incidents, an issue that has attracted attention since ex-NSA contractor Edward Snowdens disclosures to news publications in 2013.
In February, former NSA contractor Harold Martin was indicted for stealing thousands of intelligence files, including classified documents from the NSA, CIA and U.S. Cyber Command.
Visit link:
Senators seek answers on alleged NSA leaker's security clearance - The Hill
Posted in NSA
Comments Off on Senators seek answers on alleged NSA leaker’s security clearance – The Hill
The NSA has linked the WannaCry computer worm to North Korea … – Washington Post
Posted: at 8:57 pm
The National Security Agency has linked the North Korean government to the creation of the WannaCry computer worm that affected more than 300,000 people in some 150 countries last month, according to U.S. intelligence officials.
The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with moderate confidence to North Koreas spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report.
The assessment states that cyber actors suspected to be sponsored by the RGB were behind two versions of WannaCry, a worm that was built around an NSA hacking tool that had been obtained and posted online last year by an anonymous group calling itself the Shadow Brokers.
[NSA officials worried about the day its potent hacking tool would get loose. Then it did.]
It was the first computer worm to be paired with ransomware, which encrypts data on victims computers and demands a ransom to restore access.
WannaCry was apparently an attempt to raise revenue for the regime, but analysts said the effort was flawed. Though the hackers raised $140,000 in bitcoin, a form of digital currency, so far they have not cashed it in, the analysts said. That is likely because an operational error has made the transactions easy to track, including by law enforcement.
As a result, no online currency exchange will touch it, said Jake Williams, founder of Rendition Infosec, a cybersecurity firm. This is like knowingly taking tainted bills from a bank robbery, he said.
[Clues point to possible North Korean involvement in massive ransomware attack]
Though the assessment is not conclusive, the preponderance of the evidence points to Pyongyang. It includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies. It states that the hackers behind WannaCry are also called the Lazarus Group, a name used by private-sector researchers.
One of the agencies reported that a prototype of WannaCry ransomware was found this spring in a non-Western bank. That data point was a building block for the North Korea assessment, the individual said.
The linkage shows that despite the Obama and Trump administrations efforts to deter North Korean aggression, the country does not appear to have been discouraged from launching one of the most wide-ranging cyberattacks the world has seen.
What it really confirms is that ... you dont have to be the best in the business to cause a lot of disruption, said Michael Sulmeyer, director of the cybersecurity project at Harvards Kennedy School. And thats what they showed they were willing and able to do.
The NSA declined to comment.
North Korea is one of the worlds most isolated countries, with very little computer infrastructure. Yet it has managed to deploy cyber capabilities to harass and annoy its rival, South Korea, and to generate revenue for the authoritarian regime.
Last year, security researchers identified North Korea as the culprit behind a series of cyber-enabled heists of banks in Asia, including one in Bangladesh that netted more than $81 million by manipulating the banks global payments messaging system.
The fact of a nation-state using cyber tools to rob banks, then-NSA Deputy Director Richard Ledgett said in March, represented a troubling new front in cyberwarfare. He did not name North Korea, but the allusion was clear. This is a big deal, he said.
North Korea in 2014 hacked Sony Pictures Entertainment and demanded that the movie studio pull a film that satirized the countrys leader, Kim Jong Un. The hackers disabled computers and released embarrassing company emails. But what tipped the scale for President Barack Obama was the threat to do more damage if the studio did not yank the movie a move that the administration viewed as an assault on free speech. The administration publicly blamed Pyongyang for the attack and imposed new economic sanctions on the regime.
The NSA cyber tool at the base of WannaCry was an exploit dubbed EternalBlue by the agency. It took advantage of a software flaw in some Microsoft Windows operating systems and enabled an attacker to gain access to those computers.
Although Microsoft, after being notified by the NSA, issued a patch for the software flaw in March, many companies around the world and some in the United States failed to update their machines and fell victim to the virus. Michael Daniel, president of the Cyber Threat Alliance, a nonprofit group devoted to improving cyberdefenses through data sharing, said there were a reasonable number of victims in the United States.
Microsoft declined to comment for this report.
Williams, who has closely studied the code, said he is convinced that the ransomware accidentally got loose in a testing phase. That would explain some of its shortcomings, such as an inability for the attacker to tell who has paid the ransom or not, he said.
Nonetheless, he said, this is a case where youve got a weaponized, government-sponsored exploit [or hacking tool] being used to deliver ransomware. If North Korea goes unchecked with this, I would expect other developing nations to follow suit. I think that would change the cyberthreat landscape quite a bit.
Daniel, who was Obamas cybersecurity coordinator, said there needs to be a broad-based approach to deterring North Korea across the board in the physical world and in cyberspace.
Federal prosecutors have been probing North Koreas role in the Bangladesh bank theft, and indictments could be issued. The Justice Department in recent years has used indictments as a tool to try to hold accountable hackers from other nation states, including China and Iran.
Rep. Adam B. Schiff (Calif.), the top Democrat on the House Intelligence Committee, which is investigating Russian interference in the 2016 election, has said that the Obama administrations response to North Korea after the Sony attack was not bold enough. I ... think the Russians were watching and decided that, well, we didnt respond to that. They could get away with a cyberattack, he said at a recent public discussion with Washington Post columnist David Ignatius.
When the South Koreans want to respond to North Korea, Schiff said, they use a form of information warfare. They do it with loudspeakers, he said. They do it by telling people in the North what a terrible regime they live under thats starving their own people.
Link:
The NSA has linked the WannaCry computer worm to North Korea ... - Washington Post
Posted in NSA
Comments Off on The NSA has linked the WannaCry computer worm to North Korea … – Washington Post
Rare XP Patches Fix Three Remaining Leaked NSA Exploits – Threatpost
Posted: at 8:57 pm
The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from Aprils ShadowBrokers leak.
The worst of the bunch, an attack called ExplodingCan (CVE-2017-7269), targets older versions of Microsofts Internet Information Services (IIS) webserver, version 6.0 in particular, and enables an attacker to gain remote code execution on a Windows 2003 server.
All three attacks allow an adversary to gain remote code execution; one is EsteemAudit, a vulnerability in the Windows Remote Desktop Protocol (RDP) (CVE-2017-0176), while the other is EnglishmanDentist (CVE-2017-8487), a bug in OLE (Object Linking and Embedding). Microsoft said the patches are available for manual download.
ExplodingCan merits a closer look because of the wide deployment of IIS 6.0.
Generally, when you put a Windows machine on the internet, its going to be a server and its going to run a webserver, so there are production machines on the internet running IIS 6.0 right now, said Sean Dillon, senior analyst at RiskSense and one of the first to analyze the NSAs EternalBlue exploit that spread WannaCry ransomware on May 12.
Its probably already been exploited for months now, Dillon said. At least now theres a fix thats publicly available.
Microsoft released a hefty load of patches for supported products and services on Tuesday as part of its normal Patch Tuesday update cycle. Normally, patches for unsupported versions of Windows are available only for Microsoft customers on an expensive extended support contract. The companys decision to make all of those fixes public on Tuesday, it said, was prompted by an elevated risk for destructive cyber attacks.
Due to the elevated risk for destructive cyber attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt, said Adrienne Hall, general manager of Microsofts Cyber Defense Operations Center.
In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations, Hall said. To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. These security updates are being made available toallcustomers, including those using older versions of Windows.
The ShadowBrokers leak in April unleashed a number of powerful Windows attacks into the public, allegedly belonging to the Equation Group, which is widely believed to the U.S. National Security Agency. Criminals and other nation states have already been leveraging the attacks to spread not only WannaCry ransomware, but also crytpocurrency mining utilities and other types of malware.
Microsoft said customers should not expect this type of patch release for unsupported products to become the norm. Some experts have been critical of Microsot, which also made a similar update available for unsupported products hours after the WannaCry outbreak.
I wish MS would stop releasing patches for xp/2003 it really harms efforts to get rid of legacy in the corporates
Quentyn Taylor (@quentynblog) June 13, 2017
Oh no. Take Windows XP off life support. Though it cannot die with dignity, it must be allowed to die. It will be messy. But this is cruel. https://t.co/euZVdTLC0z
Katie Moussouris (@k8em0) June 13, 2017
It was the right move by Microsoft, Dillon said. We saw the damage it can cause with WannaCry. Some of the most-used infrastructure, like SCADA systems, still run on XP whether theyre getting patches or not. When you have critical things [running on XP], its a good thing they released, but it should only be looked at as a temporary solution and people should look to upgrade off of legacy versions.
Some third-party services such as 0patch have provided micro-patches for some of these vulnerabilities on legacy versions, even before the ShadowBrokers leak, Dillon said. Hopefully people who are running legacy systems have looked into other means of patching beside official fixes, he said. Although, this is great that theres an official fix.
The remaining two vulnerabilities are a lesser severity but should be patched nonetheless on legacy systems.
EsteemAudit affects RDP, but only on XP and did not require a patch for modern versions of Windows. According to Microsoft, the vulnerability exists if the RDP server has smart card authentication enabled.
EnglishmanDentist, meanwhile, is triggered because Windows OLE fails to properly validate user input, Microsoft said.
Theres a whole wide assortment of exploits that were leaked, and weve only seen a few of them actively used at a mass scale. This is just plugging a hole before it becomes a bigger problem, Dillon said.
The rest is here:
Rare XP Patches Fix Three Remaining Leaked NSA Exploits - Threatpost
Posted in NSA
Comments Off on Rare XP Patches Fix Three Remaining Leaked NSA Exploits – Threatpost
Win XP patched to avert new outbreaks spawned by NSA-leaking Shadow Brokers – Ars Technica
Posted: June 14, 2017 at 3:56 am
On Tuesday, Microsoft took the highly unusual step of issuing security patches for XP and other unsupported versions of Windows. The company did this in a bid to protect the OSes against a series of "destructive" exploits developed by, and later stolen from, the National Security Agency.
According to this updated Microsoft post, Tuesday's updates include fixes for three other exploits that were also released by the Shadow Brokers. A Microsoft blog post announcing the move said the patches were prompted by an "elevated risk of destructive cyberattacks" by government organizations.
"In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyberattacks by government organizations, sometimes referred to as nation-state actors, or other copycat organizations," Adrienne Hall, general manager of crisis management at Microsoft, wrote. "To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. These security updates are being made available to all customers, including those using older versions of Windows."
The down-level patches come in addition to the normal Patch Tuesday releases. Normal releases are delivered automatically through the Windows Update mechanism to devices running supported Windows versions, including 10, 8.1, 7, and post-2008 Windows Server releases. The down-level patches, by contrast, must be manually downloaded and installed. They are available in the Microsoft Download Center or, alternatively, in the Update Catalog and can be found here.
In a separate blog post, Eric Doerr, general manager of the Microsoft Security Response Center, said the move was designed to fix "vulnerabilities that are at [heightened] risk of exploitation due to past nation-state activity and disclosures." He went on to urge users to adopt new Microsoft products, which are significantly more resistant to exploits, and not to expect regular security fixes in the future.
"Our decision today to release these security updates for platforms not in extended support should not be viewed as a departure from our standard servicing policies," he wrote. "Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly."
The only other time in recent memory Microsoft has patched an unsupported version of Windows was in 2014, when it issued a critical update for Windows XP during the same week it decommissioned the version. Tuesday's move suggests Microsoft may have good reason to believe attackers are planning to use EsteemAudit, ExplodingCan, and EnglishmanDentist in attacks against older systems. Company officials are showing that, as much as they don't want to set a precedent for patching unsupported Windows versions, they vastly prefer that option to a potential replay of the WCry outbreak.
Read more here:
Win XP patched to avert new outbreaks spawned by NSA-leaking Shadow Brokers - Ars Technica
Posted in NSA
Comments Off on Win XP patched to avert new outbreaks spawned by NSA-leaking Shadow Brokers – Ars Technica
Intel Chief Says He Cannot Reveal How Many Americans the NSA … – Gizmodo
Posted: at 3:56 am
Americas top intelligence official is reneging on a promise made under the Obama administration to estimate how many Americans have been spied on using a warrant-less surveillance law intended to target foreigners. The decision to abandon that commitment isnt sitting well with civil liberties advocates who formed a coalition this week in protest.
Director of National Intelligence Dan Coats told a Senate panel last week that it was infeasible to generate an exact, accurate, meaningful, and responsive methodology to show how many Americans have been spied on under Section 702 of the Foreign Intelligence Surveillance Actthe law which enables intelligence agencies to spy on the communications of foreigners with the help of American companies such as AT&T.
Coats said the National Security Agency had already undergone a Herculean effort to determine the number, but somehow failed miserably.
Given that the NSA claims to be the largest employer of mathematicians in the country (the exact number is classified), Coatss explanation that counting is really hard seemed fairly absurd. One can only conclude that the number of Americans being spied on incidentally under 702 is so shockingly high that announcing it would endanger any chance of renewing 702's authority before it expires on January 1, 2018.
Either way, the official President Trump appointed to lead the Intelligence Community seems to have thrown his hands in the air with regard to this simple accountability request. Its astonishing, really, that the White House was able to find someone who is less inclined to be straightforward with the American public than James Clapper, the former director, whose New York Times obituary will undoubtedly contain an accusation of perjury.
Late Monday, the American Civil Liberties Unionalong with more than two dozen other digital and civil rights groupssigned a letter [PDF] criticizing Coats decision to leave the public in the dark, and with justifiable and significant concerns about the effect of Section 702 surveillance on Americans privacy and civil liberties. The letter was sent to Office of the Director of National Intelligence and then forwarded [PDF] to the chairman and ranking member of the House Judiciary CommitteeRepresentatives Bob Goodlatte and John Conyers, respectively.
Members of Congress should be outraged that the NSA has reneged on its commitment to provide an estimate of the number of Americans that the NSA spies on under Section 702, and should use every tool at their disposal to demand that this information be provided, Neema Singh Guliani, ACLU legislative counsel, said in a statement.
The executive branch has provided no credible explanation for their abrupt reversal in position, which comes after months of discussions with Congressional staff on methodologies to obtain the exact information that they now claim is impossible to determine, Guliani continued. This decision is not rooted in practicalities, but rather part of an overall effort to withhold key information about Section 702 while the program is being debated in Congress.
Aside from the ACLU, 32 other groups signed on to the letter, including the Brennan Center for Justice, the Electronic Frontier Foundation, Demand Progress, and the Sunlight Foundation. The groups charge Coats with backtracking specifically for political reasons (as opposed to practical ones). It is critical to allow the American people and their representatives to fully understand the impact Section 702 has on their privacy and civil liberties as Congress considers reauthorization of the law, they said.
Rep. Conyers did not immediately respond to a request for comment. An aide to Rep. Goodlatte referred questions to a Judiciary Committee spokesperson, who likewise did not return a request for comment.
Update, 1:56pm: A Republican House Judiciary Committee aide provided Gizmodo the following comment:
As the House Judiciary Committee seeks to reauthorize and reform FISA Section 702, it is imperative that Members of Congress understand the impact of this intelligence-gathering program on U.S. persons. While Director Coats has indicated that it is not feasible to provide this information, the Committee will continue to explore with the agencies various options for obtaining the desired information. Chairman Goodlatte looks forward to working with Director Coats and others on efforts to reauthorize this critical intelligence-gathering program and to ensure it protects Americans civil liberties.
Read more:
Intel Chief Says He Cannot Reveal How Many Americans the NSA ... - Gizmodo
Posted in NSA
Comments Off on Intel Chief Says He Cannot Reveal How Many Americans the NSA … – Gizmodo
Accused NSA Leaker May Be Treated Harshly As An Example, Experts Say – Task & Purpose
Posted: June 12, 2017 at 7:52 pm
Her family calls Reality Leigh Winner a patriot who may have made some mistakes but acted with conviction for the good of her country. The federal government portrays her as something more sinister a threat to national security.
Those contrasting portraits, first unveiled last week in a bond hearing in an Augusta federal court, will likely emerge in the months ahead as the central themes in the first leak prosecution under the Trump administration.
Legal experts say prosecutors will want to make an example of someone who allegedly shared secrets in an era where rampant leaks have angered President Donald Trump and damaged his presidency. Winner, meanwhile, will be fighting for her freedom.
Winner, an intelligence contractor who worked at Fort Gordon near Augusta, pleaded not guilty to a single count of willful retention and transmission of national defense information. She is charged under the Espionage Act with leaking a top secret NSA document on Russian attempts to hack U.S. election systems to the news media.
Prosecutors won the first sortie on Thursday, convincing U.S. Magistrate Judge Brian Epps that Winner is too great a risk to be released on bond. Assistant U.S. Attorney Jennifer Solari said the government is concerned Winner might have compromised other secrets, and that she had a persistent desire to travel to Afghanistan and researched technology that could be used to cover her digital tracks.
Winner allegedly wrote that she wanted to burn the White House down and in notes appeared sympathetic to the Taliban.
Winners lawyer, Titus Nichols, said his client isnt a flight risk nor a threat.
Friends and her family have described her as an animal lover, a fitness buff and a decorated Air Force veteran. Her stepfather, Gary Davis, said her youth, her liberal views and her high security clearance make her a perfect patsy.
Thats what our biggest fear is political persecution to drive home a political point, Davis said. Thats the unwritten message. If you go against the government, then were going to shut you down. And were going to throw you into prison and throw away the key.
President Barack Obama prosecuted more leakers than all other presidents before him combined, and though the Winner case is the first under Trump, the new president has demanded the Department of Justice find and prosecute more.
Under Trump, even the definition of leaker has expanded. On Friday, the president called James Comey, the FBI director he fired amid probes into Russia election meddling, a leaker, although the contents of the memo Comey told Congress he had distributed to the press do not appear to qualify as classified information.
Joshua Lowther, a criminal defense attorney in Atlanta, said Winner could make a sympathetic defendant. Shes a six-year veteran of the Air Force awarded a commendation for her intelligence work, which helped kill and capture hundreds of enemy combatants.
One of Winners potential defenses is to highlight that history of service to her country, including in the decision whether misguided or principled to leak material about Russian influence on the 2016 presidential election that she believed the public needed to know, Lowther said.
In court Thursday, prosecutors sought to shoot down that line of defense with explosive allegations she expressed sympathies to American enemies and wanted to burn the White House, Lowther said.
The government thinks this is someone who deserves to be prosecuted severely, Lowther said.
So far, though, the prosecutions picture of Winner as a danger to the nation doesnt fully square with the material she is alleged to have leaked, said Kenneth Geers, a senior fellow at international affairs think tank Atlantic Council.
Geers, a former NSA and Defense Department analyst, said what Winner allegedly leaked and where she sent the information to the whistleblower website, The Intercept makes it appear she acted out of conscience.
When I read the (original Intercept) article I thought this is a person who might be a Bernie supporter, said Geers, referring to Bernie Sanders, the U.S. senator from Vermont and former Democratic presidential candidate.
Unless prosecutors uncover that Winner compromised more sensitive information, something that would aide an adversary or wound U.S. interests abroad, the case doesnt seem to support the argument that shes a jihadist, Geers said.
I dont know her state of mind or logic, but it seems like if she were a jihadist, only releasing information about the election doesnt make a lot of sense, Geers said.
Prosecutors do not have to prove harm
Former CIA Director Gen. David Petraeus and Marine Gen. James Cartwright avoided lengthy prison sentences by pleading to lesser charges. Winner fits into the pattern of the Justice Department throwing the book at lower level employees, said Edward MacMahon, a veteran criminal defense lawyer versed in national security cases.
MacMahon was part of the defense team for Jeffrey Sterling, a former CIA operative who was convicted of espionage and sent to prison for leaking details of a secret U.S. operation to sabotage Irans nuclear program to a New York Times reporter.
Though the Winner case is slated to be tried in federal court in Augusta, it will be directed from Washington by the Counterintelligence and Export Control Section of the Justice Departments National Security Division.
The government will put enormous resources into trying this case, MacMahon said.
Prosecutors will attempt to prove that Winner had access to the classified material, gave it to persons without that access and that they can exclude other possible suspects.
The salacious allegations of sympathizing with enemies only ups the ante.
Prosecutors also have a significant advantage: they do not have to prove the leak caused harm to the nation.
They dont have to prove actual harm, they only have to prove the possibility of harm, he said. Its been challenged in court as vague but no court has ever overturned a conviction from it.
2017 The Atlanta Journal-Constitution (Atlanta, Ga.). Distributed by Tribune Content Agency, LLC.
WATCH NEXT:
See the original post here:
Accused NSA Leaker May Be Treated Harshly As An Example, Experts Say - Task & Purpose
Posted in NSA
Comments Off on Accused NSA Leaker May Be Treated Harshly As An Example, Experts Say – Task & Purpose