August 3, 2013 at 4:06 am #41040
NSA tool collects “Nearly Everything You Do On the Internet”; Targeting Journalists; What Google Knows About You; Warrantless Cellphone Tracking Upheld
Posted: 02 Aug 2013 09:09 AM PDT by Mish Shedlock blog.
Today I offer a quartet of news stories on the NSA, widespread targeting of Journalists even by New Zealand, broad cellphone tracking, and a synopsis of what Google knows about you.
Let’s kick off with the Guardian XKeyscore: NSA tool collects ‘nearly everything a user does on the internet’.
XKeyscore gives ‘widest-reaching’ collection of online data
NSA analysts require no prior authorization for searches
Sweeps up emails, social media activity and browsing history
A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden.
The NSA boasts in training materials that the program, called XKeyscore, is its “widest-reaching” system for developing intelligence from the internet.
XKeyscore, the documents boast, is the NSA’s “widest reaching” system developing intelligence from computer networks what the agency calls Digital Network Intelligence (DNI). One presentation claims the program covers “nearly everything a typical user does on the internet”, including the content of emails, websites visited and searches, as well as their metadata.
The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a “selector” in NSA parlance) associated with the individual being targeted.
Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.
William Binney, a former NSA mathematician, said last year that the agency had “assembled on the order of 20 trillion transactions about US citizens with other US citizens”, an estimate, he said, that “only was involving phone calls and emails”. A 2010 Washington Post article reported that “every day, collection systems at the [NSA] intercept and store 1.7 billion emails, phone calls and other type of communications.”
Targeting of Investigative Journalists
Pater Tenebrarum on the Acting Man blog writes about the Targeting of Investigative Journalists and those opposed to the War in Afghanistan.
There are seemingly constantly new revelations about extremely questionable practices employed by the security apparatus. The latest comes from ‘five eyes’ partner New Zealand, which not too long ago had to admit that its spooks illegally spied on Kim Dotcom to help the FBI make an example of the man in the context of copyright enforcement (we have previously discussed the case of Dotcom, who is accused of breaking laws that apparently don’t even exist).
New Zealand’s reaction to this embarrassment was, as you may have guessed, to introduce new legislation that will henceforth legalize domestic spying. In the meantime, its security apparatus seems not really deterred by the embarrassment caused to it by the Dotcom case and continues to engage in highly dubious surveillance activities, actively aided and abetted by US intelligence services. The target in the latest case was an investigative journalist working for McClatchy. Here is an excerpt from an article on the matter by the CPJ, [the Committee to Protect Journalists]. We want to direct your attention especially to the final paragraph below, which is quite chilling:
Concern over government surveillance of journalists has washed up on the faraway shores of New Zealand, with a report in the country’s Sunday Star this week asserting that the military there, with help from U.S. intelligence, spied on an investigative journalist who had been critical of its activities in Afghanistan.
Compounding concerns about the New Zealand military’s targeting of journalists, the Sunday Star reported that a confidential military training manual drafted in 2003 lists investigative journalists as one of the top threats to state securityup there with terrorists and hostile foreign intelligence groups. A military official in New Zealand acknowledged the existence of the manual on Monday, referring to it as “inappropriate and heavy-handed,” and ordered a revision to remove any references to journalists, news reports said.
Whether or not they remove the references to journalists from their training manual, the mindset is clear this is what they actually believe: Investigative journalists are one of the top threats to state securityup there with terrorists and hostile foreign intelligence groups.
We have to admit that this is actually true in a dictatorship. In allegedly free countries, investigative journalists are usually deemed to be among the people who help seeing to it that they remain free.
Search for Pressure Cooker Leads to Knock on Door From Terrorism Police
Via reference from ZeroHedge, please consider pressure cookers, backpacks and quinoa, oh my!
It was a confluence of magnificent proportions that led six agents from the joint terrorism task force to knock on my door Wednesday morning. Little did we know our seemingly innocent, if curious to a fault, Googling of certain things was creating a perfect storm of terrorism profiling. Because somewhere out there, someone was watching. Someone whose job it is to piece together the things people do on the internet raised the red flag when they saw our search history.
Most of it was innocent enough. I had researched pressure cookers. My husband was looking for a backpack. And maybe in another time those two things together would have seemed innocuous, but we are in these times now.
I was at work when it happened. My husband called me as soon as it was over, almost laughing about it but I wasnt joining in the laughter. His call left me shaken and anxious.
What happened was this: At about 9:00 am, my husband, who happened to be home yesterday, was sitting in the living room with our two dogs when he heard a couple of cars pull up outside. He looked out the window and saw three black SUVs in front of our house; two at the curb in front and one pulled up behind my husbands Jeep in the driveway, as if to block him from leaving.
Six gentleman in casual clothes emerged from the vehicles and spread out as they walked toward the house, two toward the backyard on one side, two on the other side, two toward the front door.
They walked around the living room, studied the books on the shelf (nope, no bomb making books, no Anarchist Cookbook), looked at all our pictures, glanced into our bedroom, pet our dogs. They asked if they could go in my sons bedroom but when my husband said my son was sleeping in there, they let it be.
They asked about me, where was I, where do I work, where do my parents live. Do you have any bombs, they asked. Do you own a pressure cooker? My husband said no, but we have a rice cooker. Can you make a bomb with that? My husband said no, my wife uses it to make quinoa. What the hell is quinoa, they asked.
Have you ever looked up how to make a pressure cooker bomb? My husband, ever the oppositional kind, asked them if they themselves werent curious as to how a pressure cooker bomb works, if they ever looked it up. Two of them admitted they did.
45 minutes later, they shook my husbands hand and left. Thats when he called me and relayed the story. Thats when I felt a sense of creeping dread take over. What else had I looked up? What kind of searches did I do that alone seemed innocent enough but put together could make someone suspicious?
They mentioned that they do this about 100 times a week.
Mostly I felt a great sense of anxiety. This is where we are at. Where you have no expectation of privacy. Where trying to learn how to cook some lentils could possibly land you on a watch list. Where you have to watch every little thing you do because someone else is watching every little thing you do.
All I know is if Im going to buy a pressure cooker in the near future, Im not doing it online.
Im scared. And not of the right things.
CLARIFICATION AND UPDATE
We found out through the Suffolk Police Department that the searches involved also things my husband looked up at his old job. We were not made aware of this at the time of questioning and were led to believe it was solely from searches from within our house.
Warrantless Cellphone Tracking Upheld
The New York Times reports Warrantless Cellphone Tracking Is Upheld
In a significant victory for law enforcement, a federal appeals court on Tuesday said that government authorities could extract historical location data directly from telecommunications carriers without a search warrant.
The closely watched case, in the United States Court of Appeals for the Fifth Circuit, is the first ruling that squarely addresses the constitutionality of warrantless searches of historical location data stored by cellphone service providers. Ruling 2 to 1, the court said a warrantless search was not per se unconstitutional because location data was clearly a business record and therefore not protected by the Fourth Amendment.
For now, the ruling sets an important precedent: It allows law enforcement officials in the Fifth Circuit to chronicle the whereabouts of an American with a court order that falls short of a search warrant based on probable cause.
This decision is a big deal, said Catherine Crump, a lawyer with the American Civil Liberties Union. Its a big deal and a big blow to Americans privacy rights.
Cellphone privacy measures have been proposed in the Senate and House that would require law enforcement agents to obtain search warrants before prying open location records. Montana recently became the first state to require a warrant for location data. Maine soon followed. California passed a similar measure last year but Gov. Jerry Brown, a Democrat, vetoed it, saying it did not strike what he called the right balance between the demands of civil libertarians and the police.
What Google Knows About You
Tyler Durden at Zerohedge has an interesting post What Google Knows About You.
It’s safe to assume everything you have ever searched for, every address you looked up on Google, every email you sent, every chat message, every YouTube video you watched. It’s also safe to assume every entry is time-stamped, so its clear exactly, down to the minute, when all of this was done, and where you were at when you did it.
The data can and will be used against you, in many imaginable ways, and in some ways you may not have remotely conceived, such as how searching for pressure cookers may get you an unexpected call from the terrorist police.
My friend Pater Tenebrarum commented via email “The alleged ‘separation of powers’ is increasingly revealed as a sham – in the end, you have the government ‘controlling’ and ‘limiting’ itself.”August 5, 2013 at 8:25 am #41041
Silent Circle has a password test you dont need to sign up to test a password in the upper right. Note that longer passphrases, even if they are only lower case characters, are tougher to crack than shorter passwords with all sorts of numbers and non-characters.
8 Character Randomized Password: T0u%p@s5 Time to crack: 14 minutes
17 Character Passphrase: rockwell is right Time to crack: 4 Days
26 Character Passphrase: The Country Is Not The Government! Time to crack: centuries
Even with a passphrase take the extra security step and modify it with an algorithm you derive for every site. That way if a site is storing or transmitting passwords in cleartext (both big no-nos but it happens), your password will not be known for all sites.
Example apple.com starts with a the 1st letter in the alphabet, so my passphrase might become: 1The Country Is Not The Government! <- note that I pre-pended number 1 at the start of the passphrase. Id recommend adding at least 2 characters via your algorithm.
Several readers of my blog post wrote to ask if the NSA doesnt just have an end run around harder passwords for email. In short, they do, but mostly for US-based companies. The largest free email providers, Google, Yahoo!, and Microsoft are known to collaborate with the NSA and/or FBI, which means Hotmail, Yahoo! Mail, and Gmail are insecure despite your best passphrase. Hushmail, once considered a secure alternative, caved to the Feds over alleged drug running taking place via Hushmail accounts. If your 35 character passphrase is the moat to keep the NSA out, Gmail has the key to the backdoor and lets the NSA right in to directly read your email.
The solution is to get an email account hosted outside the US. Here are several paid alternatives: NeoMailBox (Swiss Based), CounterMail (Swedish) MailVault (Norway), and an excellent article discussing the pros and cons of each. If this is too much hassle, at least adopt passphrases to avoid the non-government criminals from taking over your email and other accounts. Imagine the damage a hacker could do with access to monitor, send forged email, then lock you out of your email account. It wouldnt take much effort to get your SSN, address and birthday from there its off to the races. Oh, you need those retirement funds wired where? If you think this is far fetched, count the number of times a year you get a frantic message from a friend not to open an email because their account was taken over.
Bottom Line: Consider an offshore email, but definitely make your passwords longer by using a passphrase rather than a shorter but harder password. Most sites will allow you to enter very long passphrases. Think of the minor investment in time versus the risk of identity theft, account takeover, and the extra time and resources for the government to snoop on you.August 6, 2013 at 2:33 pm #41043
Too much fear and paranoia in my view.
I have a gmail email account.
But I feel no need to get an “offshore” email account, or
fancy ridiculous unbreakable passwords.
I take basic precautions to protect against identity theft, but
I’m not going to spend my time worrying about if the GOVERNMENT is secretly
reading and learning things about me.
If someone/gov’t is that desperate that they want to read my email, have at.
Personally, I don’t think out of the 450 million Americans or 6 BILLION
people on that planet, that I am that interesting or that important.
And there aren’t many “dark secrets” of mine that I’m trying to keep hidden.
People don’t need to do fancy deceptive things to glean such info,
they can just ask me, lol.
When you stand in your own truth, you don’t have any fear about what others may learn about you. Nor do you care.
You must be logged in to reply to this topic.