Category Archives: NSA

SIGN UP FOR OUR NEWSLETTER

During his final year in office, President Obamas team significantly expanded efforts to search National Security Agency intercepts for information about Americans, distributing thousands of intelligence reports across government with the unredacted names of U.S. residents during the midst of a divisive 2016 presidential election, reported Circa on Thursday. The data, made available this week by the Office of the Director of National Intelligence, provides the clearest evidence to date of how information accidentally collected by the NSA overseasabout Americans was subsequently searched and disseminated after President Obama loosened privacy protections to make such sharing easier in 2011 in the name of national security. A court affirmed his order.

The NSA is currently prohibited from spying directly on U.S. citizens. However, it is reported thatIn all, government officials conducted 30,355 searches in 2016 seeking information about Americans in NSA intercept metadata, which include telephone numbers and email addresses.

The activity increased by 27.5 percent over the prior year, according to the report, and more than triple the 9,500 such searches that occurred in 2013, the first year such data was kept.

The government in 2016 also scoured the actual contents of NSA intercepted calls and emails for 5,288 Americans, an increase of 13 percent over the prior year and a massive spike from the 198 names searched in 2013, Circa claimed. The searches ultimately resulted in 3,134 NSA intelligence reports with unredacted U.S. names being distributed across government in 2016, and another 3,354 reports in 2015. About half the time, U.S. identities were unredacted in the original reports while the other half were unmasked after the fact by special request of Obama administration officials.

Included in this list of names were campaign and transition associates of President Trump, as well as members of Congress, according toCirca, who allegedly spoke with a U.S. official.

There is no doubt that there was a spike in the requests to search for Americans in the NSA database, said the official, who spoke on condition of anonymity. Its simply easier for people to make requests. And while we have safeguards, there is always concern and vigilance about possible political or prurient motives that go beyond national security concerns.

Neema Singh Guliani, who acts as the ACLUs legislative counsel, also claimed in a comment that the information being increasingly mined about Americans has nothing to do with terrorism.

I think it is alarming. There seems to be a universal trendtoward more surveillance and more surveillance that impacts Americans privacy without obtaining a warrant, said the ACLUs legislative counsel, Neema Singh Guliani. This data confirms that there is a lack of acknowledgment that information is being specifically and increasingly mined about Americans for investigations that have little or nothing to do with international terrorism.

Caveated in the report, however, is that this data excludes the Federal Bureau of Investigation (FBI), who are likely to have even more information on the subject.

The data kept by ODNI is missing some information from one of the largest consumers of NSA intelligence, the FBI, Circa noted. And officials acknowledge the numbers are likely much higher when the FBIs activity isadded.

This week, it was reported that the NSA ignored a law change and continued to collect phone records from U.S. citizens, while in April, it was revealed that the agency had eavesdropped on citizens using a blimp over Maryland.

Charlie Nash is a reporterforBreitbart Tech. You can follow himon Twitter@MrNashingtonorlike his page at Facebook.

Follow this link:
Report: Obama Sought NSA Intel on 'Thousands of Americans', Including Trump Campaign During 2016 Election - Breitbart News

Earlier today, the NSA announced its intentions to limit a surveillance technique that had a nasty side effect of sweeping up communications toand fromAmericans.

In a rare unprompted press statement, the NSA explained that it would halt any upstream internet communications that are solely about a foreign intelligence target, restrictingits surveillance to messages sent or received byforeign intelligence targets.

TechCrunch spoke with General Michael Hayden, former director of the NSA and CIA, about how the shiftwill be implementedand thereasoning behind the agencys surprise decision.

TC: Will this significantly impact the quality of the NSAs data collection on foreign targets?

Hayden: This will have an impact, I think marginal, on some foreign intelligence collection. It also reduces to zero the amount of inadvertent collection you do on Americans. We do that balancing all the time. They decided they were getting too much inadvertent collectionbut you lose some legitimate collection as well.

TC: Why did the NSA have so much trouble complying with court rules?

Hayden: Its routine due diligence, we do this all the time. I have been told there were court concerns about how much inadvertent collection was taking place. No one has blinders on, they know theres going to be grand debate about this system. Theyve got an option here with marginal intelligence disadvantage to reduce how much it squeezes American privacy. Operational, political, legal it all makes sense.

This does not affect something that will be contentious this summer. The stuff you will continue to collect, you can use a U.S. person identifier to query the data youve already collected. That will also be contentious.

Idont think thats right. The number of times you use a U.S. person query is easily retrievable. Incidental [collection]is foreigner is in the conversation, but theres information to, from or about an American.

They didnt know how much inadvertent [collection] they had unless you go back and look at every one. Wyden kept saying, how many? We said we dont know

TC: What does this mean for upstream data collection?

Hayden: What theyre going to do, theyve got to have a selector for upstream to grab the email coming by and it has to be someone they believe is not an American and outside the U.S. Up until this point, they used the selector to check to see who the email was from or to, or if the selector was mentioned in the body of the email.

The problem they had was when you use the selector about in the body of the email, occasionally you will pick up a communication in which neither end is foreign, in which both ends are American. Its inadvertent and its not authorized. When you discover it, you have to flush it from the system. Occasionally, when the foreign selector was in the body of the email and they picked up a communication,unless they looked at the email they would never know it. Itwould just sit in the database.

What they decided to do, and this means giving up a bit of intelligence collection, they are going to stop using the about selector. The only thing youre going to intercept is a communication to or from your target. In order to go the extra mile for American privacy, they are going to give up a bit of collecting that might have been useful. What this means is they were also getting a lot of information from a foreign selector mentioned in a body of email that wasnt us to us.

They are going to give up some coverage, but its due diligence so as not to do the inadvertent collection of communication between two Americans.

And then theyre going to go back in the database and purge all the collection that was triggered by about, without regard to who the communicates were.

TC: Does this mean the agency has a viable workaround that decouples about surveillance from upstream surveillance?

Hayden: They do. There is technology available to them that allows the selector to be applied to the to or from. You got a gajillion emails skidding by, your selector grabs the one related to the foreign target outside the US. [The]selector is just going to look at the to and from, not the content.

It isnt objectionable except when you do it that way, when youre grabbing some emails because of the content, occasionally you are getting emails to and from an American, [on]both ends.

Its an operational decision. We do this all the time,balancing privacy and operational effect. [Its]a reasonably dramatic step to preserve privacy. I think they made the operational decision.

Continue reading here:
Former NSA director explains why the spy agency will end a ...

In our digital worlds, there is a gap between the real you and the algorithmic you. Online, you live in a realm functionally distinct from the world you thought you knew: one where your data assigns you a gender different from your own, or a citizenship unlike the one in your passport.

In some cases, its easy to check out the algorithmic you. For example, the plug-in Citizen-Ex by UK artist James Bridle uses your browsers metadata to calculate your algorithmic citizenshipand the answer might surprise you. National citizenship is normally seen as binary: You either are, or are not, a citizen of a country. But Bridles plug-in assigns you a percentage-based citizenship where you can be 54.8% Irish, 43.7% American, 1.49% German, and even 0.01% Estonian, as I currently am.

I say currently because our algorithmic selves alter minute by minute and byte to byte depending on how were using the internet. Last night, after chatting with friends living in England, you might have skewed British. This morning, chatting to your cousin in Spanish, Mexican.

This is citizenship by algorithm. The concept comes from leaked 2013 documents from the National Security Agency (NSA) that outlined the agencys PRISM program, which allows analysts access to the data caches of private companies like Google, Microsoft, Yahoo, AOL, and Apple. The NSA avoided the privacy protections against domestic surveillance that US citizens normally enjoy by creating a new, datafied template for citizenship online. In other words, instead of halting domestic spying, the federal government redefined what it means to be a US citizen by creating an algorithmic citizen made only of data.

Your right to privacy modulates according to how the NSA interprets your data via its algorithmic logic of citizenship.Your right to privacy from government surveillance modulates according to how the NSA interprets your data via its algorithmic logic of citizenship. US citizens whose data appears foreign become classified as foreignersand therefore lose their constitutional right to privacy. This applies to a lot of Americans: To the NSA, Americans are likely to be perceived as foreign if they have an IP address outside the US, talk to people outside the US, use languages other than English, encrypt their communication, or even have friends who are reasonably believed to be foreign. In fact, youre considered algorithmically foreign if an NSA agent is only 51% confident of your foreignness.

But it doesnt stop at nationhood: You also have an array of algorithmic genders, races, class statuses, sexual orientations, and even statuses of celebrity. And like citizenship by algorithm, these additional interpretations are functionally disconnected from how we understand ourselves. Our algorithmic identities are simply fabrications made by the institutions profiling you for purposes of selling products and/or exerting digital control.

You can check out what gender and age Google thinks you are based on your search queries and website visits by clicking here. But be prepared: Googles algorithmic gender and age identifications will probably seem wrong. (For example, you might be a 30-year-old woman, but Google thinks youre a 65-year-old man.) This error actually has nothing to do with your real age or gender because Google is measuring something completely separate from the human notion of identity. These models are created by categorizing certain search terms and websites and then parsing our data to determine what algorithmically fits or doesnt. So if youre a woman who is algorithmically interpreted as a man, that merely means youre more closely aligned to Googles model of a man than a woman.

Because algorithms draw from our data, not our lived experience, it largely doesnt matter if were incorrectly identified. (And as much as it sometimes may seem, Google is not invested in explicitly maintaining the patriarchy.) Instead, Google wants to provide advertisers with a consumer base of users who are seen to be profitably man-ish. Similarly, the NSA really doesnt care if a user is citizen or foreigner, as algorithmic citizenship itself is only a legal caveat that protects them from constitutional overstepping.

But it still raises the question: What would the real world look like if users were identified based only on their algorithmic self?

This is already happening to some extent. Googles gender and age audience analytics determine which users are targeted with content and advertisements, as well as how websites interpret who is visiting their site. For example, if your data suggests youre algorithmically wealthy, you might be shown higher prices for hotels or flights on a site like Orbitz.com, because your data suggests you can pay. Or, like the case of a Wisconsin man this week, you might be denied parole because youve been identified as an algorithmic reoffender.

A life algorithmically ordered and reordered often beyond our comprehension ushers us into a dangerous terrain of lopsided knowledge. On this plane, users have little to no idea how they are defined, but commercial firms and governmental agencies use our data to determine privacy rights, targeted content, plane-ticket prices, and our position in society. As humans continue to produce increasing amounts of mineable information, who we are as data might soon become more important than who we are as people.

Learn how to write for Quartz Ideas. We welcome your comments at ideas@qz.com.

View original post here:
Who we are as data might soon become more important than who we are as people - Quartz

Former intelligence contractor and fugitive Edward Snowden has once and for all been honored by a Norwegian free expression group following a lengthy legal battle before the nations highest court.

Members of the Norwegian chapter of PEN personally awarded Mr. Snowden with its annual Ossietzky Prize in Moscow last month in place of holding a ceremony in Oslo as desired, the groups head, Hege Newth Nouri, told the Associated Press on Wednesday.

Mr. Snowden, a former National Security Agency contractor, was first announced as the recipient of the groups annual free expression award in April 2016 for leaking NSA documents unveiling the U.S. governments questionable, extensive global surveillance, according to Ms. Nouri and company. He remains the subject of an active arrest warrant for related charges four years later, but has evaded U.S. authorities cloaked by Russian asylum.

Lawyers for the PEN Clubs Norwegian chapter fought for months in local and federal courts to let Mr. Snowden pick up his award in person without being whisked away to the U.S. and potentially incarcerated for decades. Attorneys asked an Oslo City Court judge last April to let Mr. Snowden safely attend the ceremony, but their petition was rejected two months later. The case was unsuccessfully brought before a three-person appeals court and was eventually dismissed by the Norwegian Supreme Court last November.

The award was given to Mr. Snowden on April 21 in Moscow but went unreported for a week. English news reports of the event first appeared online Wednesday after Ms. Nouri confirmed the meeting to the AP.

Im grateful for the support from Norwegian PEN Mr. Snowdensaid at the ceremony, according to PEN.

Nevertheless, the NSA leaker said he was disappointed Norway wouldnt allow him safe passage so he could personally pick up his award, a lithography by Norwegian artist Nico Wideberg.

Its sad, Mr. Snowdentold Norways Aftenposten, according to an English translation of a recent interview. The Norwegian government had the opportunity to recognize what had been done in this case when the Norwegian PEN invited me to Norway to receive the prize, but instead they chose to use lawyers to fight in court, he said.

Mr. Snowden, 33, has resided around Moscow since being granted asylum by Russian President Vladimir Putin in 2013. His current asylum status is set to expire in 2021. In January, meanwhile, his attorneys made a case for asylum before the European Parliament.

More here:
Edward Snowden honored for NSA leaks in Moscow by Norwegian free expression group - Washington Times

For years, U.S. government surveillance of innocent Americans has been a topic of heated debate, especially for those in the tech community.

With Congress gearing up for a fight over the 2017 reauthorization of a surveillance authority that lets the NSA spy on innocent Americans without a warrantSection 702, enacted as part of the FISA Amendments Actthat debate is sure to rage on in the coming months.

So we sent reporter David Spark to the RSA Conference in San Francisco, California in February to ask one simple question: What dont you want the NSA to know about you?

The answers spanned the spectrum, from emails, to phone calls, to web browsing records, to financial information, to information about individuals children, to nothing.

Some got philosophical. Everyone says, I have nothing to hide, and thats not the point, one attendee told us. The point is that I want to control what people know about me.

Others turned the question on its head, asking instead why the NSA is conducting surveillance on Americans. I dont think their charter is to spy on Americans, so why are they? one asked.

And some got blunt. One attendee said he already assumes the NSA knows a lot about him already. It scares me and offends me, he said.

If the warrantless spying on Americans scares and offends you, contact your representatives in Congress and tell them to pull the plug on Section 702 surveillance. And watch the video to see other RSA Conference attendees responses.

Special thanks to David Spark (@dspark) and Spark Media Solutions for their support and production of this video. The background music heard at the endthe song Hydratedis licensed CC BY-NC-SA 3.0 by Kronstudios. EFF original work (i.e., every thing but the background music heard at the end) is licensed CC BY 4.0.

See the article here:
What Don't You Want the NSA to Know About You? | Electronic ... - EFF

Ever since the day of its creation, critics have slammed the Office of Director of National Intelligence as an expensive and unnecessary bureaucracy, a threat to the longtime primacy of the Director of Central Intelligence and a toothless tiger.

Much of that changed during the joint tenures of DNI Mike McConnell and SecDef Bob Gates (former DCI) when they agreed to give the DNI budgetary teeth in a March 21, 2008 memo. It gave the DNI acquisition authority over any program that received 51 percent of its funding from the intelligence communitys National Intelligence Program pool. Up til then, the Pentagon controlled an intelligence programif even one dollar of its money funded it.

But some Republicans have continued to press for a diminution or dissolution of the DNI. The 2017 Omnibus Spending Bill includes what would have been the 2017 Intelligence Authorization Act, which orders the new DNI review. It directs President Trump to create a five-person panel of expertswith significant intelligence and national security expertise to review ODNIs roles, missions and functions

Heres what the bill says the panel will do:

The panel should present its unclassified report within 180 days of the bills passage.

The intel committees come close to calling for the separation of the jobs of NSA Director and the head of Cyber Command.

They want a briefing from Defense Secretary Jim Mattis just three months after passage of the Omnibus Billconsidering theimpact of the dual-hatting relationship, including advantages and disadvantages.

It wants to know timelines for ensuring that no damage is done to national security should the arrangement change, any legal changes that might be neededand saya larger organizational review of NSA should be conducted with respect to the eventual termination of the dual-hatting relationship.

To that end, they also want a report from the DNI on options to better align the structure, budgetary procedures, and oversight of NSA with its national intelligence mission in the event of a termination of the dual-hatting relationship.

Read the original:
Hill Intel Committees Order DNI, NSA/CyberCom Review - Breaking Defense

May 2, 2017 4:43 PM By Alex DeMetrick

BALTIMORE (WJZ) The National Security Agency is promising to cut back on the number of private emails its been reading and collecting.

Alex DeMetrick reports, its ending a controversial surveillance technique thats focused on U.S. citizens.

For nearly 10 years, the NSA has been prying into the private emails of citizens. Congress OKd it when it amended how foreign intelligence can be collected.

It authorized NSA to look into strictly personal e-mails between U.S. citizens, says Dr. Michael Greenberger, of the University of Maryland Center for Health and Homeland Security. They got the right simply because a foreign operative of foreign operation was mentioned.

That practice came to light when former NSA contractor Edward Snowden publicly revealed it.

So just whose email got read?

Anyone who used a targeted phrase or word, according to Greenberger.

Like ISIS, which many people might mention in passing, he says.

The NSA says it has now stopped the practice, focusing instead only on communications that are sent directly to or from a foreign target.

This now means the NSA will not be reading those emails, and if they collect those emails, theyll destroy them, Greenberger says.

Violating Americans privacy has proven so controversial, the NSA may have ended the email practice in order to win congressional re-authoritization of its other surveillance techniques.

The authority for the NSA to conduct surveillance operations expires at the end of the year, unless congress re-authorizes it.

Follow @CBSBaltimore on Twitter and like WJZ-TV | CBS Baltimore on Facebook

Alex DeMetrick has been a general assignment reporter with WJZ Eyewitness News since September 1984. Alex began his journalism career in California. Alex has received many awards from United Press International and The Associated Press. He...

Track Weather On The Go With Our App!

Your Podcast Network Play.it

CBS All Access

About Us

Ad Choices

EEO Reports

CBS Television Public File

CBS Radio Public File

Continue reading here:
NSA Plans To Cut Back On The Number Of Private Citizen Emails It Reads - CBS Baltimore / WJZ

The National Security Agency (NSA) claims to have finally ended the warrantless surveillance of US citizens communications with overseas individuals where foreign targets are mentioned.

The practice of so-called about data collection, which is said to encroach on Fourth Amendment protections, first emerged as a result of the Edward Snowden leaks.

It refers to the bulk surveillance of US citizens communicating with those outside the country, where they have merely mentioned the name or email address of a foreign target.

This upstream collection is made possible by special equipment ISPs installed on their infrastructure to monitor cross-border communications.

In a lengthy statement on Friday, the NSA said its failure to comply with the Foreign Intelligence Surveillance Court (FISC) was inadvertent.

It explained:

After considerable evaluation of the program and available technology, NSA has decided that its Section 702 foreign intelligence surveillance activities will no longer include any upstream internet communications that are solely about a foreign intelligence target. Instead, this surveillance will now be limited to only those communications that are directly to or from a foreign intelligence target. These changes are designed to retain the upstream collection that provides the greatest value to national security while reducing the likelihood that NSA will acquire communications of US persons or others who are not in direct contact with one of the Agency's foreign intelligence targets.

In addition, as part of this curtailment, NSA will delete the vast majority of previously acquired upstream internet communications as soon as practicable.

The news was welcomed by Oregon senator, Ron Wyden, a Democrat who has long campaigned for rolling back the NSAs intrusive surveillance powers.

"This change ends a practice that could result in Americans' communications being collected without a warrant merely for mentioning a foreign target, he said in a statement.

For years, I've repeatedly raised concerns that this amounted to an end run around the Fourth Amendment. This transparency should be commended. To permanently protect Americans' rights, I intend to introduce legislation banning this kind of collection in the future."

View post:
NSA Ends Upstream About Data Collection - Infosecurity Magazine

New York Times

Reined-In NSA Still Collected 151 Million Phone Records in '16 New York Times Dan Coats, left, director of national intelligence, at his confirmation hearing in February. A report from his office offered a peek at how much data the N.S.A. is gathering now that bulk collection has ended. Credit Al Drago/The New York Times ... NSA collected Americans' phone records despite law change: reportReuters NSA collected 151M phone records in 2016, despite law changeCNET NSA granted nearly 2K 'unmasking' requests in 2016The Hill NBCNews.com -Breitbart News -PBS NewsHour all 11 news articles »

Read the original post:
Reined-In NSA Still Collected 151 Million Phone Records in '16 - New York Times

Thank you

Your message has been sent.

There was an error emailing this page.

The U.S. National Security Agency is now suggesting government departments and businesses buy smartphones secured using virtualization, a technology it currently requires only on tablets and laptops

The change comes about with the arrival of the first virtualization-based smartphone security system on the U.S. Commercial Solutions for Classified list.

CSFC is a program developed by the NSA to help U.S. government agencies and the businesses that serve them to quickly build layered secure systems from approved components.

AnHTC A9 smartphone security-hardened by Cog Systemsusing its D4 virtualization platform is now on that list, alongside devices without virtualization from Samsung Electronics, LG Electronics, and BlackBerry.

In the modified A9, communications functions are secured by running them in separate virtual machines on the D4 virtualization platform.

It's the first smartphone on the CSFC list to use virtualization, which the NSA has only required on more powerful devices such as tablets and laptops until now.

"If virtualization technology was commonly available in the smartphone, we could leverage it for some solutions. To date, the devices that have been considered did not offer that technology," the NSA's technical guidance reads.

Cog Systems' position on the list isn't definitive yet: It's still seeking certification for the D4/A9 combination against the National Information Assurance Partnership's mobile platform and IPSec VPN Client protection profiles. Vendors typically have six months to obtain the certification in order to remain on the list. For now, D4's validation is ongoing at Gossamer Security Solutions' Common Criteria Testing Laboratory.

Vendors don't seek certification lightly, according to Carl Nerup, chief marketing officer at Cog Systems. "It's a very expensive process," he said, between US$500,000 and $700,000 for each new model.

Somehow, though, Cog Systems is eating the additional cost of certification: The price for its security-hardened A9 is the same as HTC's list price for an unmodified phone, said Nerup. "We have multiple groups within the U.S. Department of Defense that have procured the device," he added.

A commercial off-the-shelf (COTS) smartphone like the modified A9 isn't only of interest to government customers, though, Cog Systems CEO Dan Potts pointed out. "In the oil and gas industry, they want to buy COTS. They want it to be at a competitive price, but with a greater concern for security."

Once certification for the modified A9 is in the bag, Potts is looking forward to seeking certification for D4 virtualization on other smartphones. The first time around takes time because there is a lot of preparatory work to do, but much of that work will also apply to other smartphones. Potts expects certification of D4 on other hardware to go more quickly.

Eric Klein, director for mobile software and enterprise mobility at analyst firm VDC Research, has had his eye on Cog Systems since meeting the company at Mobile World Congress.

He sees the broadest opportunity for Cog Systems in the enterprise market -- and expects that its approach to endpoint security could even take some business away from enterprise mobility management vendors.

Peter Sayer covers European public policy, artificial intelligence, the blockchain, and other technology breaking news for the IDG News Service.

Visit link:
NSA suggests using virtualization to secure smartphones | PCWorld - PCWorld