Cyber-ketju: verkkovakoilu,kännyköiden ja wlanien seuranta, hakkerointi, virukset, DoS etc

[ctg]

Infosec 2015 The Edward Snowden leaks might imply that electronic espionage is a relatively new innovation but an under-publicised story from the supersonic age bursts that myth, as well as highlighting the French as a major power in activities these days more closely associated with China and the US.

Ed Wallace, director of incident response and advanced threats at security consultancy MWR Infosecurity, pointed us towards forgotten reports that French spies routinely bugged first-class passengers flying with Air France – including Concorde passengers – back in the 1990s.

http://www.theregister.co.uk/2015/06/09/french_spied_concorde_passengers/

The idea was that business people relaxing on a long trip, and perhaps enjoying a drink or two, might discuss all manner of commercially sensitive information, oblivious to the possibility of eavesdropping. The motive was economic espionage rather than national security or anti-terrorism.

In 1993, The Independent revealed the existence of a French intelligence document compiled by the Department of Economics, Science and Technology that provided commercial shopping list for agents, a guide to which industrial secrets France wanted to snaffle from her allies.

The shopping list included British helicopter technology from Westland, solid-rocket booster technology, satellite research and information about high-definition televisions, a technology where European companies lagged far behind America.

American and Canadian intelligence services got wind of the snooping and issued discreet warnings to companies advising them to assume that their executives were being bugged whenever they flew first-class with Air France. The airline has long denied that any of its employees were involved in the practice, but suspicions persist that the operation could have been carried out without the involvement of flight crew.

Intelligence agents could be tasked to plant bugs before periodically recovering recordings all without the involvement of flight crew.

Steve Armstrong, MD of Logically Secure Ltd and former lead of the RAF's penetration and TEMPEST testing teams, told El Reg that Concorde (for example) might have been bugged with standard microphones of the time either within seats or built into an aircraft's infrastructure.

"Units could be dropped in for 'safety purposes', noise cancellation or several other purposes with feeds fed to a multitrack recorder," Armstrong told El Reg.

Armstrong – who previously worked in teams that swept British embassies for bugs – said that the scenario that French spies bugged Concorde was both "plausible and easy to implement".

"Surveillance systems could be integrated with the wiring and infrastructure of the plane," said Armstrong. "The recording could be fed to a black box, with a new box used every day. Flight crew would not need to be involved."

Mikä mahtaa olla tilanne SASsin ja Finnairin kanssa?

 

[Vonka]

Digitekniikka on tuonut sovelluksia, mutta periaatetaso on sama: tiedon hankkiminen ja analysointi. Vanhakantaisia konsteja käytetään menestyksekkäästi, ja nykyihmiset osaavat varoa enemmän verkkoa kuin omaa suutaan.

 

[ctg]

In early spring 2015, Kaspersky Lab detected a cyber-intrusion affecting several of its internal systems. Following this finding the company launched an intensive investigation, which led to the discovery of a new malware platform from one of the most skilled threat actors in the APT world: Duqu.

The attack exploited zero-day vulnerabilities and after elevating privileges to domain administrator, the malware was spread in the network through MSI files. The attack didn’t leave behind any disk files or change system settings, making detection difficult.

Kaspersky Lab researchers discovered the company wasn’t the only target of this threat actor. Other victims have been found in Western countries, as well as in countries in the Middle East and Asia. Most notably, some of the new 2014-2015 infections are linked to the P5+1 events and venues related to the negotiations with Iran about a nuclear deal.

The threat actor behind Duqu appears to have launched attacks at the venues where the high level talks took place. In addition to the P5+1 events, the Duqu 2.0 group launched a similar attack in relation to the 70th anniversary event of the liberation of Auschwitz-Birkenau. Similar to the P5+1 events, these meetings were attended by many foreign dignitaries and politicians.

Upon discovery, Kaspersky Lab performed an initial security audit and analysis of the attack. The audit included source code verification and checking of the corporate infrastructure. The comprehensive audit is still ongoing and will be completed in a few weeks. Besides intellectual property theft, no additional indicators of malicious activity were detected.

The analysis revealed that the main goal of the attackers was to spy on Kaspersky Lab technologies, ongoing research and internal processes. No interference with processes or systems was detected.

Preliminary conclusions

1. The attack was carefully planned and carried out by the same group that was behind the infamous 2011 Duqu APT attack. Kaspersky Lab believes this is a nation-state sponsored campaign.

2. Kaspersky Lab strongly believes the primary goal of the attack was to acquire information on the company’s newest technologies. The attackers were especially interested in the details of product innovations including Kaspersky Lab’s Secure Operating System, Kaspersky Fraud Prevention, Kaspersky Security Network and Anti-APT solutions and services. Non-R&D departments (sales, marketing, communications, legal) were out of attackers’ interests.

3. The information accessed by the attackers is in no way critical to the operation of the company’s products. Armed with information about this attack Kaspersky Lab will continue to improve the performance of its IT security solutions portfolio.

4. The attackers also showed a high interest in Kaspersky Lab’s current investigations into advanced targeted attacks; they were likely aware of the company’s reputation as one of the most advanced in detecting and fighting complex APT attacks.

5. The attackers seem to have exploited up to three zero-day vulnerabilities. The last remaining zero-day (CVE-2015-2360) has been patched by Microsoft on June 9, 2015 (MS15-061) after Kaspersky Lab experts reported it.

“Spying on cybersecurity companies is a very dangerous tendency. Security software is the last frontier of protection for businesses and customers in the modern world, where hardware and network equipment can be compromised. Moreover, sooner or later technologies implemented in similar targeted attacks will be examined and utilized by terrorists and professional cybercriminals. And that is an extremely serious and possible scenario,” commented Eugene Kaspersky, CEO of Kaspersky Lab.

http://www.net-security.org/malware_news.php?id=3054

Equation Group taas vauhdissa.

 

[ctg]

Germany withdrew its investigation into whether the National Security Agency tapped the phones of Chancellor Angela Merkel.

Chief prosecutor Harald Range dropped the legal probe into the NSA’s actions due to insufficient evidence and lack of the U.S. government’s cooperation.

The 2013 NSA document leaks from Edward Snowden revealed the NSA spied on international leaders’ communications, but the German probe strained its relationship with the United States, which didn’t deny the allegations.

Upon initiating the investigation last year, Range said the Snowden documents contained solid proof of the NSA’s misdeeds in tapping Merkel’s phone. That turned out not to be the case.

“[V]ague remarks from US officials about US intelligence surveillance of the chancellor’s cellphone — i.e. ‘not any more’ — are insufficient evidence,” Range said in a German-language statement, possibly referring to past White House remark on the matter.

The investigation began to falter in late 2014, when Range reported the NSA’s lack of cooperation in providing additional records.

European regulators have taken the Snowden revelations seriously, launching multiple investigations and taking legal action against not only the U.S. government but American tech companies that were used in the NSA’s surveillance programs.

Last year, Germany announced plans to end its contract with U.S. wireless carrier Verizon because of its legal requirements to oblige NSA data information requests.

The European Union’s high court, Court of Justice of the European Union, began hearing a case in March against Apple, Facebook, Microsoft, and Yahoo, which accused the companies of violating Europeans privacy by providing private data to the NSA.

During opening arguments, the court admitted that current law regarding transatlantic data transfers didn’t protect citizens from foreign spying; to which the European Commission’s lead attorney Bernhard Schima said, “You might consider closing your Facebook account if you have one.”

The outcome of the case could have serious repercussions for U.S.-European Union relations and may determine whether American tech companies can operate overseas. If the court rules against Facebook, it could mean any company that gave the NSA backdoor access through its controversial PRISM program must adhere stricter privacy protections such as getting users’ permission before collection or storing personal data and storing users’ data on European soil, an option Facebook has already said was unacceptable.

http://thinkprogress.org/world/2015/06/13/3669369/merkel-drops-nsa-probe/

 

[ctg]

Miten pitkään tämä ryhmä jatkaa saman nimen alla on kysymys. Luulen että jenkit eivät halua ryhmälleen samaa mainetta muiden hakkeriryhmien kanssa taikka toisaalta Equation Group. Mikä on huomattavaa on se että he eivät eroa muista ryhmistä taikka heidän teoistaan juuri yhtään mitään. Joten ainoa mitä voin sanoa on ... Lulz !11!!!111

New evidence uncovered by security researchers suggests that a dangerous hacking collective is actually the National Security Agency.

The so-called Equation Group, a set of hackers responsible for at least 500 malware infections in 42 countries, is considered one of history’s most effective cyber espionage rings.

Now, the Moscow-based Kaspersky Lab is pointing to new signs that the group is actually made up of NSA personnel.

In a report published Wednesday, Kaspersky researchers revealed that the term “BACKSNARF” was found inside the code of the Equation Group’s online platform. The same term was used by the NSA as the name of a project by its cyber warfare unit.

In addition to that coincidence, analysis of the Equation Group’s working hours suggests it operates as a regular software development team, likely located on the East Coast of the United States. Members of the group work overwhelmingly during regular business hours from Monday through Friday and almost never on Saturday or Sunday.

The Equation Group had already been suspected of ties to the NSA, though Kaspersky researchers still stop short of alleging a direct connection.

The hacking collective is considered to be the work of a nation-state, given the vast resources required to support its highly sophisticated activities.

Equation Group attacks have also focused almost exclusively on adversaries of the United States, including Iran and Russia.

http://thehill.com/policy/cybersecu...acking-group-likely-nsa-new-evidence-suggests

 

[ctg]

The spy unit responsible for some of the United Kingdom’s most controversial tactics of surveillance, online propaganda and deceit focuses extensively on traditional law enforcement and domestic activities — even though officials typically justify its activities by emphasizing foreign intelligence and counterterrorism operations.


Documents published today by The Intercept demonstrate how the Joint Threat Research Intelligence Group (JTRIG), a unit of the signals intelligence agency Government Communications Headquarters (GCHQ), is involved in efforts against political groups it considers “extremist,” Islamist activity in schools, the drug trade, online fraud and financial scams.

Though its existence was secret until last year, JTRIG quickly developed a distinctive profile in the public understanding, after documents from NSA whistleblower Edward Snowden revealed that the unit had engaged in “dirty tricks” like deploying sexual “honey traps” designed to discredit targets, launching denial-of-service attacks to shut down Internet chat rooms, pushing veiled propaganda onto social networks and generally warping discourse online.

https://firstlook.org/theintercept/...chq-unit-domestic-law-enforcement-propaganda/

 

[ctg]

Ei kestänyt kauan.

The Foreign Intelligence Surveillance Court ruled late Monday that the National Security Agency may temporarily resume its once-secret program that systematically collects records of Americans’ domestic phone calls in bulk.

http://www.nytimes.com/2015/07/01/u...nsa-can-resume-bulk-data-collection.html?_r=1

 

[ctg]

With congressional hearings due on Wednesday to discuss US government plans to force tech companies to install backdoors in their encryption systems, some of the leading minds in the security world have published a paper on how, and if, such a system would work.

The authors of the 34-page paper [PDF] read like a who's who of computer security: they are Whitfield Diffie (who along with Martin Hellman invented public key encryption); crypto guru Bruce Schneier; Ronald Rivest (the R in RSA), Matt Blaze, the killer of the Clipper Chip; Professor Ross Anderson from Cambridge University; and 11 other senior figures in the field.

The writers examine attempts in the early 1990s to allow the Feds to access to encrypted communications, referring back to the infamous Clipper chip proposed by Bill Clinton's administration. Clipper, developed by the NSA, would have allowed the government to unlock encrypted messages, but was shown to be both easily broken and counterproductive.

Back then the internet was in its infancy and encryption was used sparingly. Nowadays the entire e-commerce system relies on encryption, as does much of the mobile telephony industry and corporate systems. Introducing flaws would cause more harm than good, they argue, and would cripple US businesses, since who wants to buy technology with a back door?

The paper also points out that there are massive technical challenges in instituting an encryption key escrow service, such as the one suggested by the director of the FBI, James Comey. Such a system would lock the industry into a specific crypto system and poses a major question – who holds the master decryption key?

Any body, public or private, holding such keys would be an instant target for hacking attacks, the authors point out. As we've seen with cases like the Office of Personnel hack, the White House hack, and various successful hacks against US military targets, there are no government servers where such powerful tools would be safe and yet speedily accessible to law enforcement.

Private companies would be equally vulnerable. Hackers have already cracked RSA's servers to steal its keys, and Apple and Google would be similarly targeted if they held the encryption keys to iOS or Android mobile phones.

Even if such a system could be implemented safely, this wouldn’t stop criminal actors, who could simply buy their technology overseas or from non-compliant companies and countries. The only alternative is to insist on such a system globally, which would mean repressive regimes would need to have their own demands met for master encryption keys.

Another central concern raised in the paper is who would oversee all of this and make sure it was not abused, either by governments or corrupt employees, and how would the technology be checked? The most common mechanism for checking encryption systems is public disclosure so that it can be picked apart, but even that has flaws.

Damaging America's reputation abroad
They cite the Needham Schroeder public-key protocol, first published in 1978. It wasn't until 1995 that an enterprising security researcher named Gavin Lowe discovered that a flaw in the protocol would allow a man-in-the-middle attack to take place.

Finally, the team points out that even if the technology, engineering, and security problems behind such a scheme could be overcome, the resulting system would cripple the image of America in the eyes of the rest of the world, and drastically reduce the nation's soft power – it's influence as a bastion of freedom and democracy.

This reputation is already under threat from, among other things, the ongoing revelations from Edward Snowden and others about the shenanigans that the NSA has been committing at home and abroad. America's reputation needs to be repaired, and this system is only going to make the job harder, they argue.

"This report's analysis of law enforcement demands for exceptional access to private communications and data shows that such access will open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend," the authors conclude.

"The costs would be substantial, the damage to innovation severe, and the consequences to economic growth difficult to predict. The costs to developed countries' soft power and to our moral authority would also be considerable. Policy-makers need to be clear-eyed in evaluating the likely costs and benefits."

The paper is worth reading in its entirety, and it's to be hoped that some of the proponents of the government-mandated encryption scheme read and inwardly digest the case – in particular the FBI director James Comey.

On Monday Comey, who will be testifying at Wednesday's hearings in Congress, wrote a blog post once again touting his plan for encryption that's breakable by law enforcement. In it he states that such a plan is essential because "bad people" use encryption, and says it's up to Silicon Valley to come up with a workable system to help law enforcement catch them.

"I really am not a maniac (or at least my family says so)," he wrote. "But my job is to try to keep people safe. In universal strong encryption, I see something that is with us already and growing every day that will inexorably affect my ability to do that job."

http://www.theregister.co.uk/2015/0...paper_destroying_government_encryption_plans/

 

[Tetra]

http://www.verkkouutiset.fi/ulkomaat/Ruotsi_Karlson-38435

ULKOMAAT
"Lisääntyvää tiedustelua armeijaa, sen henkilökuntaa ja toimintaa kohtaan" - Ruotsin sotilastiedustelun päällikkö varoittaa vakoilusta
PEKKA VIRKKI
8 tuntia ja 13 minuuttia sitten(päivitetty 2 tuntia ja 2 minuuttia sitten)
Ruotsin sotilastiedustelun päällikkö varoittaa Ruotsin puolustusvoimia kohtaan lisääntyneestä vakoilusta, kertoo Dagens Nyheter.

Ruotsin sotilastiedustelua johtavan Gunnar Karlsonin mukaan tiedustelu armeijaa, sen henkilökuntaa ja toimintaa kohtaan on lisääntynyt. Puolustusvoimien henkilökuntaa kartoitetaan muun muassa Facebookin avulla.

Karlson vertaa tilannetta kylmän sodan aikaan.

"Suuri ero on nykyisissä mahdollisuuksissa, joilla voidaan sosiaalisen median ja kyberympäristön avulla kartoittaa ihmisiä. Ehkä nykyään on vähemmän tarvetta koputtaa ovelle. Sen sijaan voi käyttää Facebook-tiliä", hän muistuttaa.

Ruotsin turvallisuuspoliisin Säpon mukaan suurin uhka on Venäjä.

"Venäjän vakoilu Ruotsissa ja Ruotsia vastaan on laajamittaista. Sillä on myös yhteys Ukrainan sotaan", todettiin Säpon vuosiraportissa.

"Laittomasti - diplomaattisten peitetehtävien avulla - venäläiset tiedustelu-upseerit keräävät tietoja Ruotsin puolustuksesta", Säpo kuvailee.

"Meillä ja Säpolla on paljon yhteistyötä. Yhden tilannekuva on siis myös toisen tilannekuva", Karlson toteaa.

Hän ei kuitenkaan halua mainita nimeltä valtioita yhtä avoimesti kuin Säpo.

 

[hessukessu]

Että semmosta.

http://anonhq.com/report-hackers-momentarily-seized-control-of-a-us-patriot-missile-system/
Report: Hackers Momentarily Seized Control of A US Patriot Missile System

 

[ctg]

LAS VEGAS, Nev.— Every year, thousands of information-security specialists, computer scientists, and few mohawked geeks who proudly wear the moniker of hacker gather here for a very particular digital war game:, the DEF CON capture- the-flag, or CTF, competition. To win, you have to find weaknesses in other teams’ defenses, steal their data flags, and protect your own.

But next year, it won’t just be humans squaring off. In addition to the regular DEF CON CTF event, the 2016 meeting will pit seven teams’ robotic hackers against each other in an AI capture-the-flag contest. Then humans will take on the robots.

http://www.defenseone.com/technology/2015/08/hackers-military-replace-us-robots/118980/?oref=d-river

 

[BlackFox]

Tiedä sitten kuuluuko omaan ketjuun nuo televakoilu vehkeiden speksit.
aikoinaan tuli kerättyä talteen kun joku tietovuotaja sai ne ladattua jollekin sivulle ja tänään tuli pöytälaatikosta vastaan. Vissiikin alkujaan tapaus snow case.
Jos haluaa paremman kuvan jostaa ni koitan saada.
Tuossa nyt sitten saa vähän kuvaa siitä miksi se kännykän käyttö ei ole fiksua sodassa stna.
@Vonka onko oikeassa ketjus?

 

[ctg]

The National Security Agency’s ability to spy on vast quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership with a single company: the telecom giant AT&T.


While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed NSA documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”

AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the NSA access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks. It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.

The NSA’s top-secret budget in 2013 for the AT&T partnership was more than twice that of the next-largest such program, according to the documents. The company installed surveillance equipment in at least 17 of its Internet hubs on American soil, far more than its similarly sized competitor, Verizon. And its engineers were the first to try out new surveillance technologies invented by the eavesdropping agency.

One document reminds NSA officials to be polite when visiting AT&T facilities, noting: “This is a partnership, not a contractual relationship.”

…

Fairview is one of its oldest programs. It began in 1985, the year after antitrust regulators broke up the Ma Bell telephone monopoly and its long-distance division became AT&T Communications. An analysis of the Fairview documents by The Times and ProPublica reveals a constellation of evidence that points to AT&T as that program’s partner. Several former intelligence officials confirmed that finding.

https://www.propublica.org/article/nsa-spying-relies-on-atts-extreme-willingness-to-help

 

[ctg]

Security guru Bruce Schneier says there's a kind of cold war now being waged in cyberspace, only the trouble is we don't always know who we're waging it against.

Schneier appeared onscreen via Google Hangouts at the LinuxCon/CloudOpen/ContainerCon conference in Seattle on Tuesday to warn attendees that the modern security landscape is becoming increasingly complex and dangerous.

"We know, on the internet today, that attackers have the advantage," Schneier said. "A sufficiently funded, skilled, motivated adversary will get in. And we have to figure out how to deal with that."

Using the example of last November's crippling online attack against Sony Pictures, Schneier said it was clear that many of these new attacks were the work of well-funded nation-states.

"Many of us, including myself, were skeptical for several months. By now it does seem obvious that it was North Korea, as amazing as that sounds," he said.

But what's troubling about many of these new attacks, he added, is that they can be hard to spot when they don't come in the form that security experts typically expect.

"The target [in the Sony hack] was not critical infrastructure," Schneier said. "I think if you made a list of what we thought were foreign targets, a movie company wouldn't be in our top 100. Yet it seems that the first destructive attack by a nation-state against the United States was against a movie company."

What makes that problematic, he said, is that while we're getting pretty good at making financially motivated cyberattacks less profitable for the attackers, we're less well equipped to deal with politically or ideologically motivated attacks. And that goes double when the targets of the attacks are not government resources or critical infrastructure but "soft targets" like large businesses.

What's more, Schneier said, even though the evidence in the Sony case appears to point to North Korea, in other cases it can be difficult to pinpoint the attacker. In the case of the Stuxnet worm that crippled Iranian nuclear enrichment facilities, for example, Iran didn't even seem to be aware that the damage was the result of an attack until the media started reporting that story.

"It's easy to false-flag. It's easy to pretend your attack comes from somewhere else," Schneier said. "My belief is a lot of attacks from the Western countries go through China, simply because everyone knows a lot of attacks go through China, and that's a perfect way to hide where you're from."

Equally troubling, he said, is that what looks like an attack by a nation-state might not actually be one, because on the internet, so many potential actors have access to the same tools, tactics, and techniques.

"Last December, with respect to Sony, we were actually having legitimate discussions about whether the attack was the result of a nation with a $20m annual military budget or a couple of guys in a basement somewhere," Schneier said. "That is extraordinary, that we actually don't know who the attacker is."

In turn, that uncertainty makes it difficult to know who should be responsible for defending against such attacks, he said. Certainly, Sony must shoulder much of the blame for the failure of its security systems. But at what point should the government get involved?

If the attacker is two guys in a basement, as Schneier says, then most likely it's a matter for the police. If, on the other hand, the attacker is North Korea, then the military should probably get involved. Little wonder, then, that hackers' efforts to conceal themselves and prevent attribution of attacks are accelerating.

"Unfortunately, we're in the early years of a cyber arms race. We're seeing a lot of stockpiling cyber weapons, both by the United States and Western countries ... by China, Russia, other countries. A lot of rhetoric about cyberwar," Schneier said. "What concerns me is that we're all going to be in the blast radius."

http://www.theregister.co.uk/2015/08/19/bruce_schneier_linuxcon/

 

[ctg]

Siviili- ja sotilastiedustelulailla on edessä täystörmäys perustuslain 10. pykälän kanssa. Urkintalaiksikin kutsuttua, hallitusohjelman verkkotiedusteluoikeuksien laajentamista pusketaan eteenpäin kolmen kärjellä eli sisä-, puolustus- ja oikeusministeriön kesken.

Lakia verkkotiedustelusta vastustavat yhä muun muassa EK ja viestintäministeriö.

Perusteluna siviili- ja sotilastiedusteluoikeuksien laajentamiseen ovat Suomea koskevat uudet uhat ja kasvavat riskit. "Uhkaavat ilmiöt ja rosvot ovat siirtyneet kaapeleihin ja verkkoihin", kiteytetään sisäministeriöstä.

"Viattomat" tunnistetiedot kertovat enemmän kuin viestin sisältö
Viestintäministeriön ja EK:n lisäksi verkkotiedusteluoikeuksien laajentamiselle antavat kyytiä perustuslakiasiantuntijat. Esimerkiksi professori Tuomas Ojanen ja apulaisprofessori Juha Lavapuro ovat sanoneet, että tiedusteluun liittyvä varhaisvaiheen tiedonhankinta ilman minkäänlaista konkreettista rikosepäilyä ”ei kerta kaikkiaan mahdu perustuslain puitteisiin.”

Suojelupoliisi on puolestaan rauhoitellut tiedonhankintalain vastustusta muun muassa sillä, että poliisi ei saisi oikeutta ihmisten viestien sisällön lukemiseen – ainoastaan tunnistustietoihin.

Kansainvälisen oikeuden ja ihmisoikeuksien professori Martin Scheinin sanoo, että käsitys tunnistustietojen "viattomuudesta" on vanhanaikainen.

– Nykymaailmassa pystytään muun muassa pelkkien paikkatietojen avulla jäljittämään ihmisten tapaamiset, kuvaa muutosta Eurooppalaisen yliopistollisen instituutin (EUI) professori Scheinin.

– Tunnistetietoihin kuuluvat myös hakutermit. Jos vaikkapa Googlessa hakee tietoja abortista tai homobaareista, niin ne ovat mukamas tätä ’viatonta’ ei-sisältötietoa. Ja kun nämä yhdistetään paikkatietoihin, niin totta kai pystytään saamaan nykyoloissa paljon enemmän tietoa ihmisten yksityisyyden piiristä kuin pelkällä puhelunkuuntelulla saisi.

Esimerkiksi Edward Snowdenin mukaan tunnistamistiedot ovatkin arvokkaampia tiedusteluviranomaisille kuin puhelujen sisältö.

– Myös EU-tuomioistuin on päätynyt samaan, kun se julisti EU:n tallennedirektiivin pätemättömäksi osin tunnistamistietojen vähättelyn perusteella, sanoo Scheinin.

"Ei pelkkää kosmetiikkaa vaan NSA-tyyppistä massavalvontaa”
Sisäministeriön mukaan suunnitelmissa on raottaa ”kansallisen turvallisuuden suojaamiseksi” luottamuksellisen viestin suojaa.

Professori Martin Scheinin uskoo, että lakiin halutaan kirjata ns. "ennaltaehkäisy".

– Se ei edellyttäisi seurannan perusteeksi tehtyä tai tekeillä olevaa rikosta. Muutos ei ole kosmeettinen, vaan kyse on merkittävästä heikennyksestä perustuslainturvaan. Sillä tavoiteltaisiin NSA-tyyppistä valvontaa.

Scheinin sanoo myös, että massavalvonnasta on niukalti hyötyjä.

– Esimerkiksi EU:n Surveille-tutkimuksessa tuli esiin, että sähköinen massavalvonta on erittäin huono vaihtoehto. Siitä on hyvin vähän hyötyä turvallisuudelle, rikosten torjumiseen ja selvittämiseen. Sekä eettiset ongelmat että perusoikeusvaikutukset ovat hyvin syvälliset.

Asiaa valmistellut aiempi työryhmä kuuli tehokkuusarviota varten luottamuksellisesti kahta nimeämätöntä ulkomaista tietoliikenneasiantuntijaa.

– Ne, jotka katsovat massavalvonnasta olleen todellista hyötyä esimerkiksi terrorismin torjunnassa, ovat toiminnasta vastanneiden viranomaisten omien arvioiden varassa, sanoo Scheinin.

Vakoilun perustelut hatarat ja vaaralliset
Yksilön oikeuksien lisäksi professori Martin Scheinin rusikoi ulkomaantiedustelua. Supon tiedusteluoikeuksia halutaan laajentaa muiden valtioiden vakoiluun. Professori sanoo, että Suomi ei voi omalla lainsäädännöllään poistaa harjoittamansa vakoilun oikeudettomuutta.

– Suomessa on lainvalmistelussa lähdetty siitä, että olisi olemassa joku hyvä diplomaattinen tapa, jossa vakoilijat julistetaan ei-toivotuiksi henkilöiksi ja pannaan maasta pois ilman rikosoikeudellisia seuraamuksia ja julkisuutta.

Scheinin arvioi, että kyse on jonkinlaisesta kauhun tasapainosta suurvaltojen välillä.

– Vakoilijoita kehotetaan vain poistumaan. Tähän ei voi luottaa, sanoo professori.

Scheinin muistuttaa esimerkiksi virolaisen tiedustelupoliisin Eston Kohverin 15 vuoden vankilatuomiosta Venäjällä.

– Ei ole missään tapauksessa poissuljettua, että jonakin päivänä suomalainen vakoilija jossakin diktatuurissa kiinni jäätyään pannaan tuomioistuimen eteen ja tuomitaan ankariin rangaistuksiin – jopa kuolemaan.

http://yle.fi/uutiset/professori_tiedustelu-_ja_vakoilulaista_pahimmillaan_nsa-massaurkintaa/8235130

 

[ctg]

Admiral Michael Rogers was supposed to be the kinder, gentler face of the NSA. When he replaced General Keith Alexander as director in 2014, the government sent him on a charm offensive to repair damage done by the Snowden leaks. But charm only goes so far. He remains adamant that technology companies should install government-friendly backdoors in encrypted products.

http://www.wired.com/2015/09/nsa-boss-encrypted-software-needs-government-backdoors/

 

[ctg]

When you are an APT group, you need to deal with many different problems. One of them, and perhaps the biggest, is the constant seizure and takedown of domains and servers used for command-and-control (C&C). These servers are constantly appropriated by law enforcement or shut down by ISPs. Sometimes they can be used to trace the attackers back to their physical locations.

Some of the most advanced threat actors or users of commercial hacking tools have found a solution to the takedown problem — the use of satellite-based Internet links. In the past, we’ve seen three different actors using such links to mask their operations. The most interesting and unusual of them is the Turla group.

Also known as Snake or Uroburos, names which come from its top class rootkit, the Turla cyber-espionage group has been active for more than 8 years. Several papers have been published about the group’s operations, but until the Epic Turla research was published by Kaspersky Lab, little information was available about the more unusual aspects of their operations, such as the first stages of infection through watering-hole attacks.

https://securelist.com/blog/research/72081/satellite-turla-apt-command-and-control-in-the-sky/

 

[ctg]

A new chip built on strained glass can shatter within 10 seconds when remotely triggered. It’s not quite as fast as the fictional Mission: Impossible messages that self-destruct in five seconds, but such vanishing electronics could prove tremendously useful for the U.S. military and corporations by keeping data secure and out of unwanted hands.

The new chip was developed by Xerox PARC for the U.S. Defense Advanced Research Projects Agency (DARPA) and went on display at a DARPA technology forum last week, according to the IDG News Service. Engineers fabricated the chip on Corning Gorilla Glass, the material used in the displays of many smartphones. But it’s a strained version of the glass that makes it susceptible to heat. A self-destruct circuit triggered by laser light activates a resistor that heats the chip to the point of shattering into many tiny fragments

http://spectrum.ieee.org/tech-talk/computing/hardware/us-militarys-chip-self-destructs-on-command

Artikkeli on avoin mutta video on geoblokattu.

A chip of this type represents a potentially big step forward for DARPA’s Vanishing Programmable Resources initiative. That program previously awarded a $3.45 million contract to IBM for the purpose of creating a similar self-destructing chip made on “strained glass substrates,” according to Information Week. DARPA’s goal for the program goes as follows:

The Vanishing Programmable Resources (VAPR) program seeks electronic systems capable of physically disappearing in a controlled, triggerable manner. These transient electronics should have performance comparable to commercial-off-the-shelf electronics, but with limited device persistence that can be programmed, adjusted in real-time, triggered, and/or be sensitive to the deployment environment.

The recent chip demonstration relied upon the laser triggering a photo diode, which switched on the self-destruct circuit. Previous research by the U.S. Air Force Institute of Technology has also considered using a tiny resistor heater that could cause critical circuits to self-destruct to prevent reverse-engineering. But IDG News Service pointed out that future versions of the chip could use mechanical switches or radio signals as triggers.

The broader idea of vanishing or transient electronics has promise beyond battlefields or data security. On the health and medical side, John Rogers, a materials science professor at the University of Illinois, has developed a wide variety of biodegradable electronics and sensors that are compatible with both the human skin and body organs.

Electronics capable of dissolving into relatively harmless components could also eventually begin to reduce the huge “e-waste” problem of used and broken electronics being dumped in the developing world.

The DARPA initiative might eventually benefit those broader applications as well. But the latest Xerox PARC demonstration suggests a deliberately controlled, self-destructing chip that wouldn’t simply wait to slowly dissolve in the open environment or in the human body.

 

[ctg]

Venäjän valtio on vuosien ajan harjoittanut järjestelmällistä kybervakoilua, jonka kohteina ovat olleet valtiollisen organisaatiot niin Aasiassa, Yhdysvalloissa kuin Euroopassa. Tietoturvayritys F-Securen tänään julkaisemasta raportista selviää, että Venäjän tukema hakkeriryhmä on haittaohjelmien avulla murtautunut tietoverkkoihin ja varastanut niistä tietoja.

Venäjän tukema kybervakoilu on kohdistunut muun muassa entiseen Georgian Naton informaatiokeskukseen, Georgian puolustusministeriöön sekä Turkin ja Ugandan puolustuministeriöihin. Myös valtion laitoksen ja poliittiset ajatushautomot Yhdysvalloissa, Euroopassa ja Keski-Aasiassa ovat olleet kohteina.

F-Securen asiantuntija ja tutkimusta johtanut Artturi Lehtiö kertoo, että kybervakoilulla pyritään tukemaan Venäjän valtiollista vakoilutoimintaa. Vastaavasta toiminnasta on saatu viitteitä aikaisemminkin.

F-Securen mukaan kybervakoilusta on vastannut The Dukes -hakkeriryhmä, joka on tiettävästi toiminut Venäjän valtiolle vuodesta 2008 lähtien. Ryhmän pääkohteina ovat olleet länsimaiset valtiot ja niiden organisaatiot.

Suurin osa The Dukes -hakkeriryhmän käyttämistä menetelmistä oli tutkijoille ennestään tuttuja, mutta joukosta löytyi myös kaksi uutta työkalua. Nämä löydöt ovat auttaneet tutkijoita havaitsemaan hyökkäysten kohteiden ja tavoitteiden välisiä yhteyksiä.

– [Havaitut yhteydet] antavat uutta tietoa siitä, kuinka raskaasti Venäjä on investoinut kybervalmiuksiinsa ja osoittavat, että valmiuksista on tullut tärkeä osa strategisia tavoitteita, toteaa Viron kansainvälisen Puolustus- ja Turvallisuuskeskuksen nuorempi tutkija Patrik Maldre.

http://yle.fi/uutiset/f-securen_rap...ut_useiden_valtioiden_tietoverkkoihin/8311604

http://www.theregister.co.uk/2015/09/17/russian_cyberspy_dukes_campaign/

 

[ctg]

“Zerodium’s main goal is to capture the most advanced zero-day exploits and the highest risk vulnerabilities which are discovered, held, or sometimes stockpiled by talented researchers around the globe,” he wrote to WIRED in an email.

Bekrar has made no apologies for the fact that his business thrives on digital insecurity. Rather than report vulnerabilities in software to the companies that make it to help fix hackable bugs, Vupen develops hacking techniques based on those bugs and typically sells them to multiple government customers. His iOS bounty is no different: The terms of the offer include the demand that the bug not be reported to Apple or publicly disclosed, the better to allow Zerodium’s customers to use the technique in secret. Apple didn’t immediately respond to a request for comment.

Bekrar’s past customers for such undisclosed hacking techniques have included the NSA as well as other NATO countries and “NATO partners” that Bekrar declines to name. Bekrar declined to identify any of Zerodium’s potential customers, but the company’s website describes them as “major corporations in defense, technology, and finance, in need of advanced zero-day protection, as well as government organizations in need of specific and tailored cybersecurity capabilities.”1

But even Bekrar has admitted that he doesn’t always know where Vupen’s hacking tools have ended up, or how a customer agency uses or shares them. “We do the best we can to ensure it won’t go outside that agency,” Bekrar told me in 2012. “But if you sell weapons to someone, there’s no way to ensure that they won’t sell to another agency.”

http://www.wired.com/2015/09/spy-agency-contractor-puts-1m-bounty-iphone-hack/