Quotulatiousness

October 21, 2017

Canada’s equivalent to the NSA releases a malware detection tool

Filed under: Cancon, Technology — Tags: , , , — Nicholas @ 04:00

At The Register, Simon Sharwood looks at a new security tool (in open source) released by the Communications Security Establishment (CSE, formerly known as CSEC):

Canada’s Communications Security Establishment has open-sourced its own malware detection tool.

The Communications Security Establishment (CSE) is a signals intelligence agency roughly equivalent to the United Kingdom’s GCHQ, the USA’s NSA and Australia’s Signals Directorate. It has both intelligence-gathering and advisory roles.

It also has a tool called “Assemblyline” which it describes as a “scalable distributed file analysis framework” that can “detect and analyse malicious files as they are received.”

[…]

The tool was written in Python and can run on a single PC or in a cluster. CSE claims it can process millions of files a day. “Assemblyline was built using public domain and open-source software; however the majority of the code was developed by CSE.” Nothing in it is commercial technology and the CSE says it is “easily integrated in to existing cyber defence technologies.”

The tool’s been released under the MIT licence and is available here.

The organisation says it released the code because its job is to improve Canadian’s security, and it’s confident Assemblyline will help. The CSE’s head of IT security Scott Jones has also told the Canadian Broadcasting Corporation that the release has a secondary goal of demystifying the organisation.

February 9, 2015

The fantasy that CSE/CSIS oversight will actually protect the privacy of Canadians

Filed under: Cancon, Law, Technology — Tags: , , , , — Nicholas @ 04:00

Michael Geist on the rather disturbing news that Canadian intelligence agencies are busy watching the uploads of every internet user (including the Canadian users that CSE/CSIS are theoretically banned from tracking by the letter of the law):

… the problem with oversight and accountability as the primary focus is that it leaves the substantive law (in the case of CSE Internet surveillance) or proposed law (as in the case of C-51) largely unaddressed. If we fail to examine the shortcomings within the current law or within Bill C-51, no amount of accountability, oversight, or review will restore the loss of privacy and civil liberties.

First, consider the Snowden revelations that the CSE has been the lead on a surveillance initiative that gathers as many as 15 million uploads and downloads per day from a wide range of hosting sites that even appear to include the Internet Archive. The goal is reputed to be to target terrorist propaganda and training materials and identify who is uploading or downloading the materials. The leaked information shows how once a downloader is identified, intelligence agencies use other databases (including databases on billions of website cookies) to track the specific individual and their Internet use within hours of identified download.

The Levitation program, which removes any doubt about Canada’s role in global Internet surveillance, highlights how seemingly all Internet activity is now tracked by signals intelligence agencies. Note that the sites that host the downloads do not hand over their usage logs. Rather, intelligence agencies are able to track who visits the sites and what they do from the outside. That confirms a massive surveillance architecture of Internet traffic operating on a global scale. Is improved oversight in Canada alone going to change this dynamic that crosses borders and surveillance agencies? It is hard to see how it would.

Moreover, these programs point to the fundamental flaw in Canadian law, where Canadians are re-assured that CSE does not – legally cannot – target Canadians. However, mass surveillance of this nature does not distinguish between nationalities. Mass surveillance of a hundred million downloads every week by definition targets Canadians alongside Internet users from every corner of the globe. To argue that Canadians are not specifically targeted when it is obvious that the personal information of Canadians is indistinguishable from everyone else’s data at the time of collection, is to engage in meaningless distinctions that only succeed in demonstrating the weakness of Canadian law. Better oversight of CSE is needed, but so too is a better law governing CSE activities.

May 26, 2014

Confusion over extent of Canadian involvement in Nigeria’s hunt for the kidnapped schoolgirls

Filed under: Africa, Cancon, Military — Tags: , , , — Nicholas @ 09:12

In the Ottawa Citizen, David Pugliese outlines what we know (or at least, what we’ve been told) about the extent of Canadian participation in the search for the kidnapped Nigerian schoolgirls:

Geoff York at the Globe and Mail had an interesting article a couple of days ago about what Canada may or may not be doing in Nigeria to help in the hunt for school girls kidnapped by Boko Haram.

The Canadian government has claimed that it has sent personnel, both in a liaison and advisory capacity. The government has said it has sent surveillance equipment but has offered no other details for security reasons. Government officials privately claim that Canadian special forces have been sent.

York interviewed a number of Nigerian military and government officials who question whether Canada is involved or say they don’t have any information about the involvement because they have yet to see any presence of Canadians.

Nigerian President Goodluck Jonathan expressed his gratitude to the countries helping search for more than 200 kidnapped schoolgirls. As York writes he specifically singled out four countries for special praise — France, Britain, the United States and Israel — but made no mention of Canada.

The two most likely explanations seem to be a) we’re doing nothing particularly useful but our politicians want to be seen to be doing something or b) we’ve got special forces troops in Nigeria, but for operational security reasons, don’t want it advertised even by the host country. Or possibly a little from column A and a little from column B: JTF2/CSOR or CSEC have a small number of operatives in Nigeria, but they’re not considered a major contribution by the Nigerian government (or, more charitably, Nigeria is keeping mum about it by Canadian request).

May 24, 2014

Michael Geist – Who’s Watching Whom?

Filed under: Business, Cancon, Government, Law, Liberty — Tags: , , , , — Nicholas @ 10:08

Published on 22 May 2014

One of the most talked about technology tradeoffs today is the question of how much privacy we give up to live in a world of convenience, speed and intelligence. We’re now less anonymous than many people are aware of or comfortable with, and headline-grabbing stories like the Heartbleed Bug don’t provide much reassurance for those of us seeking comfort around data privacy. How can we balance our need for anonymity with the incredible benefits of our connected world? World class Internet privacy expert Dr. Michael Geist helps us understand which current surveillance and privacy issues should be on your mind.

Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law. He has obtained a Bachelor of Laws (LL.B.) degree from Osgoode Hall Law School in Toronto, Master of Laws (LL.M.) degrees from Cambridge University in the UK and Columbia Law School in New York, and a Doctorate in Law (J.S.D.) from Columbia Law School. Dr. Geist is an internationally syndicated columnist on technology law issues with his regular column appearing in the Toronto Star and the Ottawa Citizen. Dr. Geist is the editor of From “Radical Extremism” to “Balanced Copyright”: Canadian Copyright and the Digital Agenda (2010) and In the Public Interest: The Future of Canadian Copyright Law (2005), both published by Irwin Law, the editor of several monthly technology law publications, and the author of a popular blog on Internet and intellectual property law issues.

Dr. Geist serves on many boards, including the CANARIE Board of Directors, the Canadian Legal Information Institute Board of Directors, the Privacy Commissioner of Canada’s Expert Advisory Board, the Electronic Frontier Foundation Advisory Board, and on the Information Program Sub-Board of the Open Society Institute. He has received numerous awards for his work including the Kroeger Award for Policy Leadership and the Public Knowledge IP3 Award in 2010, the Les Fowlie Award for Intellectual Freedom from the Ontario Library Association in 2009, the Electronic Frontier Foundation’s Pioneer Award in 2008, Canarie’s IWAY Public Leadership Award for his contribution to the development of the Internet in Canada and he was named one of Canada’s Top 40 Under 40 in 2003. In 2010, Managing Intellectual Property named him on the 50 most influential people on intellectual property in the world.

March 29, 2014

Surveillance of Canadian telecommunications channels

Filed under: Cancon, Government, Law, Media — Tags: , , , , , — Nicholas @ 00:01

The University of Toronto’s Munk School of Global Affairs looks at how the Canadian security establishment operates:

The issue of lawful access has repeatedly arisen on the Canadian federal agenda. Every time that the legislation has been introduced Canadians have opposed the notion of authorities gaining warrantless access to subscriber data, to the point where the most recent version of the lawful access legislation dropped this provision. It would seem, however, that the real motivation for dropping the provision may follow from the facts on the ground: Canadian authorities already routinely and massively collect subscriber data without significant pushback by Canada’s service providers. And whereas the prior iteration of the lawful access legislation (i.e. C–30) would have required authorities to report on their access to this data the current iteration of the legislation (i.e. C–13) lacks this accountability safeguard.

In March 2014, MP Charmaine Borg received responses from federal agencies (.pdf) concerning the agencies’ requests for subscriber-related information from telecommunications service providers (TSPs). Those responses demonstrate extensive and unaccountable federal government surveillance of Canadians. I begin this post by discussing the political significance of MP Borg’s questions and then proceed to granularly identify major findings from the federal agencies’ respective responses. After providing these empirical details and discussing their significance, I conclude by arguing that the ‘subscriber information loophole’ urgently needs to be closed and that federal agencies must be made accountable to their masters, the Canadian public.

[…]

The government’s responses to MP Borg’s questions were returned on March 24, 2014. In what follows I identify the major findings from these responses. I first discuss the Communications Security Establishment Canada (CSEC), Canadian Security Intelligence Service (CSIS), Royal Canadian Mounted Police (RCMP), and Canadian Border Service Agency (CBSA). These agencies provided particularly valuable information in response to MP Borg’s questions. I then move to discuss some of the ‘minor findings’ related to the Canadian Revenue Agency (CRA), Competition Bureau, Statistics Canada, and the Transportation Safety Board (TSB).

January 31, 2014

The maple-flavoured NSA used airport Wi-Fi to track travellers

Filed under: Cancon, Government, Technology — Tags: , , , — Nicholas @ 09:17

With so much talk about the NSA and GCHQ using every electronic means at their disposal, it was inevitable that some of the documents being released by Edward Snowden would implicate Canadian intelligence in similar activities:

A top secret document retrieved by U.S. whistleblower Edward Snowden and obtained by CBC News shows that Canada’s electronic spy agency used information from the free internet service at a major Canadian airport to track the wireless devices of thousands of ordinary airline passengers for days after they left the terminal.

After reviewing the document, one of Canada’s foremost authorities on cyber-security says the clandestine operation by the Communications Security Establishment Canada (CSEC) was almost certainly illegal.

Ronald Deibert told CBC News: “I can’t see any circumstance in which this would not be unlawful, under current Canadian law, under our Charter, under CSEC’s mandates.”

The spy agency is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.

As CSEC chief John Forster recently stated: “I can tell you that we do not target Canadians at home or abroad in our foreign intelligence activities, nor do we target anyone in Canada.

“In fact, it’s prohibited by law. Protecting the privacy of Canadians is our most important principle.”

But security experts who have been apprised of the document point out the airline passengers in a Canadian airport were clearly in Canada.

CSEC said in a written statement to CBC News that it is “mandated to collect foreign signals intelligence to protect Canada and Canadians. And in order to fulfill that key foreign intelligence role for the country, CSEC is legally authorized to collect and analyze metadata.”

Metadata reveals a trove of information including, for example, the location and telephone numbers of all calls a person makes and receives — but not the content of the call, which would legally be considered a private communication and cannot be intercepted without a warrant.

“No Canadian communications were (or are) targeted, collected or used,” the agency says.

In the case of the airport tracking operation, the metadata apparently identified travelers’ wireless devices, but not the content of calls made or emails sent from them.

October 7, 2013

CSEC’s sudden media prominence … in Brazil

Filed under: Americas, Cancon, Technology — Tags: , , , , , — Nicholas @ 10:50

If you haven’t heard of CSEC before, you’re certainly not alone. The signals intelligence service known as Communications Security Establishment Canada has been eager not to be in the public eye, but allegations are being made that CSEC has been spying on the Brazilian government’s mining and energy ministry:

The impact for Canada of these revelations could be equally grave: they come at a time when Brazil has become a top destination for Canadian exports, when a stream of delegations from the oil and gas industries are making pilgrimages to Rio de Janeiro to try to get a piece of the booming offshore oil industry, and when the Canadian government is eager to burnish ties with Brasilia. Foreign Affairs Minister John Baird visited Brazil in August, and spoke repeatedly about the country as a critical partner for Canadian business.

[…]

While CSEC’s role in conducting economic espionage has been alluded to before, how it does this job has not. The significance of the documents obtained by Globo in Brazil is that they speak to how “metadata” analysis by CSEC can be used to exploit a rival country’s computer systems.

The CSEC-labeled slides about the “Olympia” program describe the “Brazilian Ministry of Mines and Energy” as a “new target to develop” despite “limited access/target knowledge.”

The presentation goes on to map out how an individual’s smartphone — “target’s handset” — can be discerned by analysis, including by cross-referencing the smartphone’s Sim card with the network telephone number assigned to it and also to the handset’s unique number (IMEI).

The “top secret” presentation also refers to attacks on email servers.

“I have identified MX [email] servers which have been targeted to passive collection by the Intel analysts,” one slide says, without explaining who the speaker is.

June 11, 2013

Federal government denies collecting electronic data on Canadians

Filed under: Cancon, Government, Media, Technology — Tags: , , , , , — Nicholas @ 08:55

Oh, well, if the government denies doing something I guess they pretty much have to be telling the truth, right? Unfortunately, the photo accompanying this Toronto Star article doesn’t show if Peter MacKay is crossing the fingers on his left hand:

The Conservative government flatly denies Canadian spy agencies are conducting any unauthorized electronic snooping operations.

After facing questions from the NDP Opposition about how far he has authorized Ottawa’s top secret eavesdropping spy agency to go, a terse Conservative Defence Minister Peter MacKay left the Commons, telling the Star: “We don’t target Canadians, okay.”

A former Liberal solicitor general says that doesn’t mean other allied spy agencies don’t collect information on Canadians and share it with the Canadian spying establishment.

Liberal MP Wayne Easter, who was minister responsible for the spy agency CSIS in 2002-03, told the Star that in the post-9/11 era a decade ago it was common for Canada’s allies to pass on information about Canadians that they were authorized to gather but Ottawa wasn’t.

The practice was, in effect, a back-door way for sensitive national security information to be shared, not with the government, but Communications Security Establishment Canada (CSEC) and, if necessary, the Canadian Security Intelligence Service (CSIS).

CSEC is a new bit of alphabet soup in the public sphere … I’d never heard of the organization until yesterday. Tonda MacCharles explains what the agency is empowered to do:

The CSEC, an agency that is rarely in the public eye, has far-reaching national security powers to monitor and map electronic communication signals around the globe.

It is forbidden by law to target or direct its spying on Canadians regardless of their location anywhere in the world, or at any person in Canada regardless of their nationality.

The National Defence Act says CSE may, however, unintentionally intercept Canadians’ communications, but must protect their privacy in the use and retention of such “intercepted information.” The agency’s “use” of the information is also restricted to cases where it is “essential to international affairs, defence or security.”

CSEC’s job is to aid federal law enforcement and security agencies, including the military, in highly sensitive operations. It was a key component of Canadian operations in Afghanistan, for example.

June 10, 2013

No surprise here – there’s also a maple-flavoured PRISM

Filed under: Cancon, Government, Media — Tags: , , , , , — Nicholas @ 11:05

In the Globe and Mail, Colin Freeze covers the Canadian data collection program that was approved by the Martin government in 2005 and “renewed” by the Harper government in 2011:

Defence Minister Peter MacKay approved a secret electronic eavesdropping program that scours global telephone records and Internet data trails — including those of Canadians — for patterns of suspicious activity.

Mr. MacKay signed a ministerial directive formally renewing the government’s “metadata” surveillance program on Nov. 21, 2011, according to records obtained by The Globe and Mail. The program had been placed on a lengthy hiatus, according to the documents, after a federal watchdog agency raised concerns that it could lead to warrantless surveillance of Canadians.

There is little public information about the program, which is the subject of Access to Information requests that have returned hundreds of pages of records, with many passages blacked out on grounds of national security.

It was first explicitly approved in a secret decree signed in 2005 by Bill Graham, defence minister in Paul Martin’s Liberal government.

It is illegal for most Western espionage agencies to spy on their citizens without judicial authorization. But rising fears about foreign terrorist networks, coupled with the explosion of digital communications, have shifted the mandates of secretive electronic-eavesdropping agencies that were created by military bureaucracies to spy on Soviet states during the Cold War.

The Canadian surveillance program is operated by the Communications Security Establishment Canada (CSEC), an arm of the Department of National Defence.

Powered by WordPress