Articles about nsa

Woman reads book, sips tea on couch. Photo by Shutterstock

Data protection: Don't be an emotional knee jerk. When it comes to the law, RTFM

How many times have you spoken to someone in a call centre who refused to give you information on the basis that the "Data Protection Act" prevents them? Any potential customers in Germany who told you they can’t buy your IT or cloud service because their law prohibits data transfers outside Germany? Has anyone told you that a …
Frank Jennings, 10 Mar 2016

What are you doing to spot a breach?

Technology moves quickly, not just in legitimate business, but in the cybercriminal world too. Advanced attack tools are now available on the black market, lowering the barrier to entry for the average online lowlife. They are happy to target large and small organizations alike, and they only have to be lucky once. Security …
Robin Birtstone, 08 Mar 2016

Norman Conquest, King Edward, cyber pathogen and illegal gambling all emerge in Apple v FBI

Analysis OK, we got it: Apple good, FBI bad. But seeing as the court case between these two powerful institutions is taking on ever-increasing importance, we figured it was time to actually listen to what law enforcement has to say about the case of the locked phone. And the truth is, it makes a lot of sense. Certainly enough sense …
Kieren McCarthy, 05 Mar 2016

Snowden is a hero to the security biz – but not for the reason you'd expect

RSA 2016 This year's RSA conference was the busiest on record, with over 40,000 people cramming the halls (and later, bars) of San Francisco, and more than a few of them were raising glasses to NSA whistleblower Edward Snowden. "The Snowden effect has had an undeniable effect on the business," Pravin Kothari, CEO of cloud encryption …
Iain Thomson, 04 Mar 2016
Uncle Sam, photo via Shutterstock

How the FBI will lose its iPhone fight, thanks to 'West Coast Law'

Analysis Apple versus the FBI has generated much discussion and conjecture lately. The vast majority of it has centered on the rights and the wrongs, about the loss of privacy, and of the precedent that breaking one iPhone would create. Many are hanging on the blow-by-blow developments for an outcome, to see which side trumps: Apple …
(c) Rama, Cc-by-sa-2.0-fr

Q&A: Bruce Schneier on joining IBM, IoT woes, and Apple v the FBI

RSA 2016 Security guru Bruce Schneier is a regular at shows like RSA and his talks are usually standing-room-only affairs. Schneier has written some of the definitive texts for modern cryptography teaching and his current book, Data and Goliath, examines the perils and solutions to government and corporate surveillance of internet …
Iain Thomson, 04 Mar 2016

Forget data thieves, data sabotage will be your next IT nightmare

RSA 2016 For years, the security industry has been primarily focused on stopping information theft. Now more and more people in the trade are worried that the next wave of attacks won't steal data – they'll alter it instead. On Tuesday, the head of the NSA named data manipulation as one of his top three nightmares, and other vendors …
Iain Thomson, 03 Mar 2016
Mike Rogers

NSA boss reveals top 3 security nightmares that keep him awake at night

RSA 2016 Admiral Michael Rogers, head of the NSA and the US Cyber Command, has told delegates during his keynote address at RSA 2016 the three things that keep him awake at night. His first fear is an online attack against US critical infrastructure, which he said was a matter of when it will happen, not if. Citing the recent Ukrainian …
Iain Thomson, 01 Mar 2016

Security real talk time: So what exactly do we mean by 'backdoor'?

Analysis If there's one thing we've learned from the Snowden revelations it's that when you're dealing with law enforcement and national security, words matter. Section 215 of the US Patriot Act, for example, noted that the NSA was allowed to seize any "tangible thing" that is "relevant" to an investigation. It decided that definition …
Kieren McCarthy, 01 Mar 2016

Safe Harbour v2.0 greenlights six bulk data collection excuses

The final text of the EU's patchwork replacement for the Safe Harbour agreement, “Privacy Shield”, has been sent to data protection authorities. Privacy campaigners aren’t impressed. Safe Harbour established a self-certification regime that allowed US companies to process EU citizens' personal data. But a European Court of …
Andrew Orlowski, 01 Mar 2016
Blackhat

Operation Blockbuster security biz: We'll get you, Sony hackers

A newly created cross-industry initiative aims to pool resources in order to bring down – or, at least, disrupt – the hackers behind the infamous attack against Sony Pictures back in 2014. The Lazarus Group, which may in reality consist of several associated groups of attackers or hacking crews, started around seven years …
John Leyden, 24 Feb 2016
lottery

Randomness is a lottery, so why not use a lottery for randomness?

A group of French cryptographers reckons public lotteries are the perfect seed for elliptic curve cryptography. The group from company CryptoExperts and boffins from the Laboratoire de Mathematiques de Versailles in the University of Paris-Saclay playfully calls the scheme the “Million Dollar Curve” (modest in a world where …

NSA data centre brings 300 million daily security scares to its Utah home

Utah is being hit with up to 300 million security incidents a day, the state's public safety commissioner says. He complains that the undefined "incidents", the bulk of which are likely automated scans, have skyrocketed since 2010 when the number of incidents peaked at 80,000 a day. Commissioner Keith Squires told local …
Darren Pauli, 23 Feb 2016

GCHQ intel used to develop Stuxnet, claims new documentary

The super worm known as Stuxnet was but a cog in an active US war program in which hundreds of thousands of network implants and backdoors in Iran networks were actively maintained to facilitate a devastating barrage of hacking attacks, a documentary claims. Zero Days, due to screen at the Berlin Film Festival today, claims …
Darren Pauli, 17 Feb 2016

Apple must help Feds unlock San Bernardino killer's iPhone – judge

Apple must assist the FBI in unlocking the passcode-protected encrypted iPhone belonging to one of the San Bernardino shooters in California. US magistrate Sheri Pym says Cupertino has to find a way to supply software that prevents the phone from automatically annihilating its user data when too many password attempts have …
Darren Pauli, 17 Feb 2016
GCHQ Benhall doughnut aerial view

Brit spies can legally hack PCs and phones, say Brit spies' overseers

Blighty's spying nerve center GCHQ has a licence to hack computers and devices at will, a UK intelligence oversight court has ruled. The judgment was handed down on Friday after Privacy International and seven ISPs launched a legal challenge against the agency's hacking operations – operations that were laid bare by documents …
Iain Thomson, 12 Feb 2016
Money falling, image via Shutterstock

Insight Enterprises CEO: our EMEA ops are firing... no not staff

Managed and cloud services picked up some momentum for Insight Enterprises’ EMEA ops in 2015 but not at the pace to offset declines in the traditional hardware and software reselling lines. Locally, the firm reported a 13 per cent rise in year-on-year sales for calendar Q4 to $342m but in constant currency the decrease was …
Paul Kunert, 11 Feb 2016
Phone cables, photo via Shutterstock

No, HMG, bulk data surveillance is NOT inevitable

It is the topic that they don’t want us to discuss. When it came up in the Joint Committee on the Investigatory Powers Bill there was a desperate attempt to shoot the messenger, William Binney, as an alternative to the debating his message. The Joint Committee on which I served heard compelling evidence that collecting …

US Congress locks and loads three anti-encryption bullets

US Congress is preparing no fewer than three new bills over the ongoing encryption debate: one banning end-to-end encryption, one setting up a commission to review the issue, and a third to make sure that it is Congress that gets to decide what happens next. Leading member of the Senate Intelligence Committee Dianne Feinstein …
Kieren McCarthy, 10 Feb 2016

Let Europeans sue America for slurping their data – US Senate

European citizens will soon win the right to sue the US government for snatching their personal and private data. On Tuesday, the US Senate passed the Judicial Redress Act, which is a critical jigsaw piece for the new Privacy Shield agreement that governs the exchange of people's personal information over the Atlantic. The …
Kieren McCarthy, 10 Feb 2016
id4_white_house_648

Obama govt proposes 33% hike in cyber-security spending

The outgoing Obama administration has proposed increasing federal cyber-security spending by $5bn, or around a third, in the hope of reaching $19bn in 2017. Reuters reports that the Democrat president's proposals, due to be unveiled later on Tuesday, will earmark $3.1bn for technology modernisation at various federal agencies …
John Leyden, 09 Feb 2016
Merlin Data Center Interior

Private clouds kinda suck, you know?

Sysadmin Blog Are enterprises really starting to act like service providers? If you ask vendors, social media and "thought influencers" hired to speak at conferences, the answer is yes. I'm not so sure. On the one hand, we're asked to believe that enterprises are almost universally adopting private and hybrid cloud solutions in order to …
Trevor Pott, 09 Feb 2016

Brit spies want rights to wiretap and snoop on US companies' servers

The US and UK authorities are holding secret negotiations that would allow British domestic spies to tap into servers in the Land of the FreeTM when investigating Her Majesty's citizens. A draft proposal, seen by the Washington Post, would allow MI5 to get access to data stored on overseas computers run by American firms, and …
Iain Thomson, 05 Feb 2016
Ethernet cable rises up like a snake (artist's impression). Image via shutterstock

While we weren't looking, the WAN changed

Sysadmin Blog: Wide Area Networking (WAN) solutions are not discussed enough in the tech press. We babble incessantly about consumer broadband, or some new top end fibre speed achieved in a lab, but this is merely a fraction of the story. There is a very real revolution in WAN connectivity that is occurring right now, today. It goes largely …
Trevor Pott, 05 Feb 2016

UC Berkeley profs blast secret IT monitoring kit on campus

Academics at the University of California Berkeley have protested after it emerged that management had put a secret data slurping device into the campus that was mapping and storing all network traffic. "The intrusive device is capable of capturing and analyzing all network traffic to and from the Berkeley campus and has …
Iain Thomson, 05 Feb 2016
Sparta

Safe Harbor ripped and replaced with Privacy Shield in last-minute US-Europe deal

European and US legislators have hammered out a last-minute deal to allow data flows across the Atlantic to continue without breaking the law. "For the first time ever, the United States has given the EU binding assurances that the access of public authorities for national security purposes will be subject to clear limitations …
Iain Thomson, 02 Feb 2016

Microsoft vs US.gov, Internet of Stuff, etc: What's up with 2015's legal cloudy issues?

Last year, I highlighted five legal issues for cloud firms and consumers to watch out for in 2015. Here’s a quick recap of how those topics developed during the year. 1. Microsoft and the US government go back to court Microsoft is taking a stand against the ability of US law to reach into its Dublin data centres and, against …
Frank Jennings, 02 Feb 2016
networking plugs

Safe Harbor crunch time: Today's the day to hammer out privacy deal

US and EC (European Commission) officials have until the end of the day today to reach a new Safe Harbor agreement or risk a breakdown of transatlantic e-commerce. Despite furious efforts over three months and, for the past few weeks, daily meetings between officials, the two sides are still reportedly at loggerheads over two …
Kieren McCarthy, 01 Feb 2016
Israeli Heron drone

Israeli drones and jet signals slurped by UK and US SIGINT teams

The NSA and Britain’s GCHQ have access to the video feeds of Israel’s fleet of drones and aircraft, according to new documents. The spy agencies have intercepted data streams containing videos, pictures and GPS data from Israeli jets and drones since at least 2008, according to Snowden-supplied documents seen by The Intercept …
Iain Thomson, 29 Jan 2016

VirusTotal bashes bad BIOSes with forensic firmware fossicker

VirusTotal can now analyse firmware for known malware, prying inside almost-hard-coded code for hidden executables. The service allows users to search for low-level infections in embedded devices and BIOS which could represent the handiwork of sophisticated malware or well-resourced or dedicated attackers. Security engineer …
Darren Pauli, 29 Jan 2016
Rob Joyce

NSA’s top hacking boss explains how to protect your network from his attack squads

Usenix Enigma The United States National Security Agency (NSA) is a notoriously secretive organization, but the head of its elite Tailored Access Operations (TAO) hacking team has appeared at Usenix’s Enigma conference to tell the assembled security experts how to make his life difficult. Rob Joyce has spent over a quarter of a century at …
Iain Thomson, 28 Jan 2016

GitHub falls offline, devs worldwide declare today a snow day

Updated Popular and widely used source-code hosting service GitHub is, for the moment, no longer a widely used source-code hosting service. It has fallen offline. Since 1632 PT (0032 UTC, 1132 AEDT), the website has been down. Right now, the San Francisco-headquartered upstart reports: "We're investigating a significant network …
Chris Williams, 28 Jan 2016
Nick Weaver

Cops hate encryption but the NSA loves it when you use PGP

Usenix Enigma Although the cops and Feds wont stop banging on and on about encryption – the spies have a different take on the use of crypto. To be brutally blunt, they love it. Why? Because using detectable encryption technology like PGP, Tor, VPNs and so on, lights you up on the intelligence agencies' dashboards. Agents and analysts don't …
Iain Thomson, 27 Jan 2016
Alex Stamos

Facebook CSO slams RSA Conf for repping 'the worst parts of the security industry'

Usenix Enigma Facebook's chief security officer Alex Stamos is not a man to mince words. Today, he delivered a stinging rebuke to the RSA Conference, due to be held in San Francisco next month. "In my opinion, RSA represents some of the worse parts of the security industry in its direction and it's not very helpful," he told attendees at …
Iain Thomson, 27 Jan 2016
Doomsday clock

Safe Harbor 2.0: US-Europe talks on privacy go down to the wire

United States and European Commission officials have promised they are doing everything possible to reach agreement over transatlantic data-sharing before a critical deadline at the end of this week. After the Safe Harbor agreement – put in place in 2000 – was struck down by Europe's highest court back in October due to NSA …
Kieren McCarthy, 25 Jan 2016

Japanese chief TPP negotiator accused of taking $100,000 bribe

Japan's chief negotiator in the controversial Trans-Pacific Partnership (TPP) trade deal has been accused of taking bribes worth $100,000 from a construction company. Economy minister Akira Amari and his staff accepted 12 million yen ($101,000) in payments from an unnamed company from the Chiba province just outside Tokyo, …
Kieren McCarthy, 22 Jan 2016
Qualcomm

Qualcomm forms JV with Chinese province to design server chipsets

Qualcomm has struck a US$280 million joint venture with the government of China's Guizhou Province that will see the two organisations design server chips in China. Qualcomm took the wraps off an ARM-powered server CPU last October. On Sunday it advanced its plans by revealing “a strategic cooperation agreement and joint …
Simon Sharwood, 18 Jan 2016
Birthday Cake

Happy 30th birthday, IETF: The engineers who made the 'net happen

Special report Thirty years ago today, 16 January 1986, the Internet Engineering Task Force – IETF – was born at a meeting in San Diego. It was humble beginnings and the organization that is more responsible than any other for turning a research project into a viable global communications network boasted an initial attendance of just 21 …
Kieren McCarthy, 16 Jan 2016

Apple's anti-malware Gatekeeper still useless: Security bloke reveals lingering holes

Apple has flubbed attempts to patch flaws in OS X's anti-malware system Gatekeeper, leaving the defenses still easy to bypass. Patrick Wardle, a former NSA staffer who now heads up research at crowdsourced security intelligence firm Synack, found a way to circumvent Gatekeeper last year. Gatekeeper is supposed to block dodgy …
John Leyden, 15 Jan 2016

Investor to AT&T – give us a peek at your NSA data dealings

An activist investor is pressing AT&T for more details about how it handles government data requests. Arjuna Capital said it will ask at the next shareholder meeting for investors to vote on a proposal [PDF] requiring AT&T to issue detailed reports of the company's policy on providing customer information to the NSA in light …
Shaun Nichols, 14 Jan 2016
Theresa May

UK Home Sec stumbles while trying to justify blanket cyber-snooping

IPB UK Home Secretary Theresa May was grilled on Wednesday during the last evidence session held by the Parliamentary committee scrutinizing fresh powers proposed for GCHQ. Crucially, she was unable to explain to the panel exactly why Blighty's intelligence services need the ability to intercept and retain millions of innocent …
GCHQ Benhall doughnut aerial view

We know this isn't about PRISM, Matt Warman MP. But do you?

IPB +Comment Former consumer technology editor at The Telegraph and current Conservative MP Matt Warman derailed an NSA whistleblower's attempt to deliver evidence on GCHQ spying, raising questions about the committee's competence to scrutinise the government's draft surveillance bill. The MP offered distracting and irrelevant counter- …
Sign outside the National Security Agency HQ

Future Snowden hunt starts with audit of NSA spooks' privileges

The National Security Agency (NSA) has decided it really needs to catch the next Edward Snowden before he turns whistleblower/traitor (strike one according to your political orientation). According to this memo (PDF) from Carol Gorman, an assistant inspector general in the Department of Defense's Readiness and Cyber Operations …
Shouting match

How hard can it be to kick terrorists off the web? Tech bosses, US govt bods thrash it out

Senior US government executives and Silicon Valley's tech captains are sitting down together in San Jose, California, on Friday to try and sort out a way to combat terrorism online. The meeting, will include Attorney General Loretta Lynch, FBI Director James Comey, National Intelligence Director James Clapper and National …
Iain Thomson, 08 Jan 2016
Home Secretary Theresa May introduces draft Investigatory Powers Bill to MPs. Pic credit: Parliament TV

ISPs: UK.gov should pay full costs of Snooper's Charter hardware

IPB The Internet Services Providers' Association (ISPA) today told a Parliamentary committee that the government should bear the full cost of extra infrastructure needed to support the snooping databases authorised by the Investigatory Powers Bill. The lobby group's response to the joint committee's call for evidence also claimed …
William Binney

GCHQ mass spying will 'cost lives in Britain,' warns ex-NSA tech chief

Plans by the UK's Conservative government to legitimize the mass surveillance of Brits won't work, and will cause lives to be lost to terrorism. That's the view of a former senior US National Security Agency (NSA) staffer, who will sound off on blanket snooping at a parliamentary hearing this afternoon (Wednesday). William …
Iain Thomson, 06 Jan 2016
America

NSA spying on US and Israeli politicians stirs Congress from Christmas slumbers

After two years of doing little about the mass surveillance revealed by Edward Snowden, the US Congress has sprung into action in less than two days – with investigations into the NSA spying on some the legislature's members. On Tuesday the Wall Street Journal reported that conversations between members of Congress and senior …
Iain Thomson, 31 Dec 2015
Joanna Rutkowska of Invisible Things Labs gives talk "Towards (reasonably) trustworthy x86 laptops" at ccc - still from youtube

Trustworthy x86 laptops? There is a way, says system-level security ace

32c3 Security concerns around Intel's x86 processors – such as the company's decision to force the secretive Management Engine microcontroller onto its silicon – have raised fundamental questions about trust in personal computers, whatever architectures they may be based upon. Youtube Video The founder of Invisible Things Labs, …
Hateful Eight

The Infamous Eight: 2015's memes, themes and big pieces

Year in review So, was US Central Command (CENTCOM) hacked, were a LOT of Polish Airlines aircraft cyber breached, and did China block imports of products from Apple and others? The answer in all three cases was a simple “no”. So what of the multiple cloud outages, and Uber’s ongoing global legislative and driver woes? In a 140-character- …
Gavin Clarke, 30 Dec 2015

Upset Microsoft stashes hard drive encryption keys in OneDrive cloud?

Water cooler El Reg, some friends of mine have been showing me blog posts about Microsoft keeping secret copies of all our encryption keys. What's going on? Since Windows 8, Microsoft has built drive encryption into its operating system, so none of this should really be a shock. And this encryption feature shouldn't be confused with …
Chris Williams, 30 Dec 2015