Quotulatiousness

May 8, 2015

Quantum Insert

Filed under: Britain, Technology, USA — Tags: , , , , , — Nicholas @ 02:00

Kim Zetter talks about some of the NSA’s more sneaky ways of intercepting communications:

Among all of the NSA hacking operations exposed by whistleblower Edward Snowden over the last two years, one in particular has stood out for its sophistication and stealthiness. Known as Quantum Insert, the man-on-the-side hacking technique has been used to great effect since 2005 by the NSA and its partner spy agency, Britain’s GCHQ, to hack into high-value, hard-to-reach systems and implant malware.

Quantum Insert is useful for getting at machines that can’t be reached through phishing attacks. It works by hijacking a browser as it’s trying to access web pages and forcing it to visit a malicious web page, rather than the page the target intend to visit. The attackers can then surreptitiously download malware onto the target’s machine from the rogue web page.

Quantum Insert has been used to hack the machines of terrorist suspects in the Middle East, but it was also used in a controversial GCHQ/NSA operation against employees of the Belgian telecom Belgacom and against workers at OPEC, the Organization of Petroleum Exporting Countries. The “highly successful” technique allowed the NSA to place 300 malicious implants on computers around the world in 2010, according to the spy agency’s own internal documents — all while remaining undetected.

But now security researchers with Fox-IT in the Netherlands, who helped investigate that hack against Belgacom, have found a way to detect Quantum Insert attacks using common intrusion detection tools such as Snort, Bro and Suricata.

September 14, 2014

Latest Snowden revelation – NSA and GCHQ have full access to German telecom systems

Filed under: Britain, Europe, Germany, Technology, USA — Tags: , , , , — Nicholas @ 12:21

In The Register, Kelly Fiveash sums up the latest information from Edward Snowden:

An NSA and GCHQ surveillance programme — dubbed Treasure Map — grants US and British spooks access to the networks of German telcos such as Deutsche Telekom, according to a new stash of leaked documents from Edward Snowden.

Der Spiegel published the latest revelations today. However, Deutsche Telekom reportedly said it had found no evidence of such tampering on its system.

“We are looking into every indication of possible manipulations but have not yet found any hint of that in our investigations so far,” a spokesman at the company told Reuters.

He added: “We’re working closely with IT specialists and have also contacted German security authorities. It would be completely unacceptable if a foreign intelligence agency were to gain access to our network.”

The Register sought comment from the telco, but it hadn’t immediately got back to us at time of writing.

The Treasure Map programme was described by Snowden as “a 300,000 foot view of the internet” in a New York Times story published in November last year.

January 31, 2014

Security theatre special edition – destroying hard drives that held Snowden’s documents

Filed under: Britain, Government — Tags: , , , , — Nicholas @ 09:30

It may have been pointless — and it was! — but the British government not only felt it had to do something, but that it had to be seen to be doing something:

New video footage has been released for the first time of the moment Guardian editors destroyed computers used to store top-secret documents leaked by the NSA whistleblower Edward Snowden.

Under the watchful gaze of two technicians from the British government spy agency GCHQ, the journalists took angle-grinders and drills to the internal components, rendering them useless and the information on them obliterated.

The bizarre episode in the basement of the Guardian‘s London HQ was the climax of Downing Street’s fraught interactions with the Guardian in the wake of Snowden’s leak — the biggest in the history of western intelligence. The details are revealed in a new book — The Snowden Files: The Inside Story of the World’s Most Wanted Man — by the Guardian correspondent Luke Harding. The book, published next week, describes how the Guardian took the decision to destroy its own Macbooks after the government explicitly threatened the paper with an injunction.

In two tense meetings last June and July the cabinet secretary, Jeremy Heywood, explicitly warned the Guardian‘s editor, Alan Rusbridger, to return the Snowden documents.

Heywood, sent personally by David Cameron, told the editor to stop publishing articles based on leaked material from American’s National Security Agency and GCHQ. At one point Heywood said: “We can do this nicely or we can go to law”. He added: “A lot of people in government think you should be closed down.”

November 14, 2013

How the internet was “weaponized”

Filed under: Government, Technology, USA — Tags: , , , , , — Nicholas @ 07:45

In Wired, Nicholas Weaver looks back on the way the internet was converted from a passive network infrastructure to a spy agency wonderland:

According to revelations about the QUANTUM program, the NSA can “shoot” (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, “It wasn’t us. And even if it was, you started it.”

If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgicom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own.

Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector.

[…]

The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.

Encryption doesn’t just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.

There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.

October 4, 2013

John Lanchester on the Guardian‘s GCHQ files

Filed under: Britain, Government, Liberty, Media — Tags: , , , , , — Nicholas @ 07:44

Novelist John Lanchester was invited to look at the trove of files the Guardian received from Edward Snowden:

In August, the editor of the Guardian rang me up and asked if I would spend a week in New York, reading the GCHQ files whose UK copy the Guardian was forced to destroy. His suggestion was that it might be worthwhile to look at the material not from a perspective of making news but from that of a novelist with an interest in the way we live now.

I took Alan Rusbridger up on his invitation, after an initial reluctance that was based on two main reasons. The first of them was that I don’t share the instinctive sense felt by many on the left that it is always wrong for states to have secrets. I’d put it more strongly than that: democratic states need spies.

And all’s well in the world and we’re worried over nothing?

My week spent reading things that were never meant to be read by outsiders was, from this point of view, largely reassuring. Most of what GCHQ does is exactly the kind of thing we all want it to do. It takes an interest in places such as the Horn of Africa, Iran, and North Korea; it takes an interest in energy security, nuclear proliferation, and in state-sponsored computer hacking.

There doesn’t seem to be much in the documents about serious crime, for which GCHQ has a surveillance mandate, but it seems that much of this activity is covered by warrants that belong to other branches of the security apparatus. Most of this surveillance is individually targeted: it concerns specific individuals and specific acts (or intentions to act), and as such, it is not the threat.

Few people are saying we don’t need intelligence-gathering organizations like GCHQ, but we do have a right to be concerned about what they are doing when they’re not watching actual, known threats. They have capabilities that we generally thought were just from the pages of James Bond novels or Tom Clancy thrillers … and they use them all the time, not just for keeping tabs on the “bad guys”.

In the case of modern signals intelligence, this is no longer true. Life has changed. It has changed because of the centrality of computers and digital activity to every aspect of modern living. Digital life is central to work: many of us, perhaps most of us, spend most of our working day using a computer. Digital life is central to our leisure: a huge portion of our discretionary activity has a digital component, even things which look like they are irreducibly un-digital, from cycling to cooking.

[…]

As for our relationships and family lives, that has, especially for younger people, become a digital-first activity. Take away Facebook and Twitter, instant messaging and Skype and YouTube, and then — it’s hard to imagine, but try — take away the mobile phone, and see the yawning gap where all human interaction used to take place. About the only time we don’t use computers is when we’re asleep — that’s unless we have a gadget that tracks our sleep, or monitors our house temperature, or our burglar alarm, or whatever.

This is the central point about what our spies and security services can now do. They can, for the first time, monitor everything about us, and they can do so with a few clicks of a mouse and — to placate the lawyers — a drop-down menu of justifications.

Looking at the GCHQ papers, it is clear that there is an ambition to get access to everything digital. That’s what engineers do: they seek new capabilities. When it applies to the people who wish us harm, that’s fair enough. Take a hypothetical, but maybe not unthinkable, ability to eavesdrop on any room via an electrical socket. From the GCHQ engineers’ point of view, they would do that if they could. And there are a few people out there on whom it would be useful to be able to eavesdrop via an electrical socket. But the price of doing so would be a society that really did have total surveillance. Would it be worth it? Is the risk worth the intrusion?

That example might sound far-fetched, but trust me, it isn’t quite as far fetched as all that, and the basic intention on the part of the GCHQ engineers — to get everything — is there.

August 20, 2013

“You’ve had your debate. There’s no need to write any more.”

Filed under: Britain, Law, Liberty, Media — Tags: , , , , , — Nicholas @ 10:29

Things are getting surreal at the Guardian:

A little over two months ago I was contacted by a very senior government official claiming to represent the views of the prime minister. There followed two meetings in which he demanded the return or destruction of all the material we were working on. The tone was steely, if cordial, but there was an implicit threat that others within government and Whitehall favoured a far more draconian approach.

The mood toughened just over a month ago, when I received a phone call from the centre of government telling me: “You’ve had your fun. Now we want the stuff back.” There followed further meetings with shadowy Whitehall figures. The demand was the same: hand the Snowden material back or destroy it. I explained that we could not research and report on this subject if we complied with this request. The man from Whitehall looked mystified. “You’ve had your debate. There’s no need to write any more.”

During one of these meetings I asked directly whether the government would move to close down the Guardian‘s reporting through a legal route — by going to court to force the surrender of the material on which we were working. The official confirmed that, in the absence of handover or destruction, this was indeed the government’s intention. Prior restraint, near impossible in the US, was now explicitly and imminently on the table in the UK. But my experience over WikiLeaks — the thumb drive and the first amendment — had already prepared me for this moment. I explained to the man from Whitehall about the nature of international collaborations and the way in which, these days, media organisations could take advantage of the most permissive legal environments. Bluntly, we did not have to do our reporting from London. Already most of the NSA stories were being reported and edited out of New York. And had it occurred to him that Greenwald lived in Brazil?

The man was unmoved. And so one of the more bizarre moments in the Guardian‘s long history occurred — with two GCHQ security experts overseeing the destruction of hard drives in the Guardian‘s basement just to make sure there was nothing in the mangled bits of metal which could possibly be of any interest to passing Chinese agents. “We can call off the black helicopters,” joked one as we swept up the remains of a MacBook Pro.

Update: Charlie Beckett at the LSE’s Polis blog:

The narrative of increasing totalitarian persecution has a few flaws. Firstly, I think it was entirely reasonable for security forces to question someone linked to security breaches. I just think that doing it under terror laws was wrong, especially as Miranda is part of a journalism team.

I am still a little unsure of the Greenwald/Guardian narrative. I am puzzled by why the team chose to fly Miranda through London at all. I am also unclear as to why the Guardian let security officials smash up their hard-drives without making them go down a legal path.* [Someone with more profound doubts about the Guardian and Greenwald is former Tory MP Louise Mensch — good piece by her here]

But those are details. Overall, it’s clear that US and UK officials, long-tortured by WikiLeaks and Julian Assange, are now losing patience with whistle-blowers and their accomplices in the news media. Whatever the absolute truth of the NSA/PRISM revelations it is clear that the security service are pushing the boundaries on what they can do with new technologies to increase their information and surveillance. They are also seeking to reduce scrutiny by journalists, as they told Rusbridger:

    “You’ve had your debate. There’s no need to write any more.”

That in itself may be worrying but it’s hardly surprising. That is what they are there for. We would all be very cross if there was an act of terror missed because of inadequate data collection by spooks or if a press leak endangered our safety. But it’s also journalism’s job to hold these people to account and let the public know the scope of what they are up to. That’s what worries me about the Miranda incident.

March 27, 2013

MI5 and GCHQ will include assistance from the IT industry in the fight against online crime

Filed under: Britain, Government, Technology — Tags: , , , , — Nicholas @ 08:42

Two of the British government’s top intelligence agencies will team up with specialists from the IT field in a new initiative to counter online “cyber” crime:

Cyber-security experts from industry are to operate alongside the intelligence agencies for the first time in an attempt to combat the growing online threat to British firms.

The government is creating a so-called fusion cell where analysts from MI5 and GCHQ, the domestic eavesdropping agency, will work with private sector counterparts.

The cell is part of the Cyber Security Information Sharing Partnership (Cisp), launched on Wednesday, to provide industry with a forum to share details of techniques used by hackers as well as methods of countering them.

At any one time there will be about 12 to 15 analysts working at the cell, based at an undisclosed location in London.

“What the fusion cell will be doing is pulling together a single, richer intelligence picture of what is going on in cyberspace and the threats attacking the UK,” a senior official said.

John Leyden at The Register has more:

The programme, which follows a successful pilot scheme in 2011, is designed to support the wider aims of the UK’s cyber security strategy: such as making Britain the best country in the world to do e-business and protecting critical components of the national infrastructure (ie banks, utilities, telecoms and power grid).

Eighty companies from five key sectors of the economy — finance, defence, energy, telecommunications and pharmaceuticals — were encouraged to share information as part of the pilot scheme. The wider programme (involving a reported 160 organisations, at least initially) will allow access to a secure web-portal to gain access to shared threat intelligence information in real time, the BBC reports.

[. . .]

Terry Greer-King, UK MD for internet security firm Check Point, commented:

“This is a key step forward for both Governments and business in fighting web attacks, and reducing their impact. It’s essential that organisations collaborate and share intelligence with each other to track emerging threats, mitigate their severity or block them before they cause damage. Fighting threats together is much more effective than fighting alone.”

“In 2012, our research found that 63 per cent of organisations were infected with bots, and 54 per cent infected with malware that they didn’t know about. Any move which helps to reduce these figures is very welcome,” he added.

September 2, 2012

Margaret Thatcher and the British intelligence organizations

Filed under: Britain, Government — Tags: , , , , — Nicholas @ 00:01

An interesting post at the official website for Prime Minister David Cameron talks about former Prime Minister Margaret Thatcher and her relationship with the Joint Intelligence Committee during her time in office:

Soon after taking office a new Prime Minister receives special briefings from the Cabinet Secretary. One is on the ‘letters of last resort’, which give instructions to the commander of the British submarine on patrol with the nuclear deterrent, in the event of an attack that destroys the Government. Another briefing outlines the structure and control of the intelligence machinery, including the Joint Intelligence Committee (JIC) in the Cabinet Office. Sir John Hunt, the Cabinet Secretary in 1979, briefed Margaret Thatcher on the intelligence structure, including counter-subversion activities, the day after her election victory of 3 May.

Thatcher had started a programme of visits to Government departments to see first-hand what some of the 732,000 officials inherited from James Callaghan’s administration actually did. In September, during a routine briefing by Brian Tovey, the Director of GCHQ, Thatcher showed great interest in the way in which intelligence was collated and assessed by the JIC, stressing that assessment should be free from policy (or political) considerations. She also expressed a wish to attend a JIC meeting. It would be the first time a Prime Minister had attended the JIC since its creation in 1936.

It fell to Sir John Hunt, a former Secretary of the JIC, to make the arrangements, but there were complications. First, the JIC Chairman, Sir Antony Duff of the Foreign and Commonwealth Office (FCO), had also been made Deputy Governor of Southern Rhodesia (now Zimbabwe) after the British Government assumed direct rule of the rebellious colony. He was a key participant in the Lancaster House Conference, aiming finally to settle the Rhodesian problem, and could not be sure to attend the JIC until after its conclusion. Second, the JIC normally met on Thursday mornings in 70 Whitehall, which was also when the Cabinet met in 10 Downing Street, so a special JIC meeting would need to be arranged.

March 31, 2012

Botched investigation into GCHQ staff member’s mysterious death

Filed under: Britain, Government, Science, Technology — Tags: , , , — Nicholas @ 09:17

This sounds particularly bad:

Forensic investigators have apologized for the bungling of the inquiry into the mysterious death of a codebreaker employed by the Government Communications Headquarters (GCHQ).

In August 2010, Gareth Williams, described as a mathematical genius by his peers and employed at GCHQ since leaving university, was found dead in his flat in London. Williams, who had recently qualified for deployment with MI6 — Britain’s version of the CIA — was found naked and partially decomposed in a sports bag that had been locked from the outside and placed in the bath.

In the pre-inquest hearing on Friday, the court heard that the investigation into Williams’ death had been botched from the start. LGS Forensics said that DNA found on Mr Williams’ body was investigated, but later turned out to have been transferred there from one of the forensic scientists investigating the death, and a search of the apartment turned up no clues as to his death.

November 25, 2011

GCHQ goes public, sort of

Filed under: Britain, Technology — Tags: , , , — Nicholas @ 08:57

GCHQ grew out of the WW2 code-breaking group based at Bletchly Park and is the British equivalent of the NSA. Recently it was announced that GCHQ will start offering its expertise to private businesses:

Some of the secret technologies created at the government’s giant eavesdropping centre GCHQ are to be offered to private industry as part of new cyber security strategy being unveiled by ministers on Friday.

The idea is likely to be one of the most contentious in the plans, which could lead to the government being paid substantial sums for software developed by the intelligence agency based in Cheltenham.

Opening up GCHQ to commercial opportunities will not deflect it from defending national security, which remains its priority, ministers argue, and the agency has insisted it will not be side-tracked.

However, the new cyber strategy makes clear that the dangers posed by espionage and crime on the web cannot be faced without better co-operation between the two sectors, and that they will have to work together more closely in future.

Powered by WordPress