Archive for the ‘NSA, Snowden and spying’ Category

Want to outfox the NSA? Generate memorizable passphrases even they can’t guess


Rolling dice



27 March 2015 – Micah Lee writes at The Intercept that coming up with a good passphrase by just thinking of one is incredibly hard, and if your adversary really is capable of one trillion guesses per second, you’ll probably do a bad job of it. It turns out humans are a species of patterns, and they are incapable of doing anything in a truly random fashion. But there is a method for generating passphrases that are both impossible for even the most powerful attackers to guess, yet very possible for humans to memorize. First, grab a copy of the Diceware word list, which contains 7,776 English words — 37 pages for those of you printing at home. You’ll notice that next to each word is a five-digit number, with each digit being between 1 and 6. Now grab some six-sided dice (yes, actual real physical dice), and roll them several times, writing down the numbers that you get. You’ll need a total of five dice rolls to come up with each word in your … Read more

Those mysterious, fake cellphone towers popping up all over the U.S. : how they work


Fake cell towers


18 November 2014 – Back in August, reports started emerging of mysterious fake cellphone towers popping up all over the US. It led many to assume that there were actually strange towers of unknown purpose dotting the nation. The truth is these weren’t physical towers of any sort, but devices that were being made to trick your cellphone into thinking it was a tower.

Why would such a thing exist? There haven’t been any definitive answers, but the Wall Street Journal has reported that the answer may lie in a 7-year-old US Department of Justice program to track criminals via their cellphone, using devices attached to airplanes. The publication reported that sources wouldn’t confirm or discuss specifics about the program but did say these surveillance flights take place on a regular basis. The purpose is to track criminals and fugitives, but doing so requires a sweep that captures a lot of cellphone data from a given area. Once a suspect’s phone is found, the device releases the non-suspect phones.

Certainly news like this is going to fuel … Read more

81% of Tor users can be de-anonymized by analyzing router information, says researcher


Tor cartoon

15 November 2014 – A former researcher at Columbia University’s Network Security Lab has conducted research since 2008 indicating that traffic flow software included in network routers, notably Cisco’s ‘Netflow’ package, can be exploited to deanonymize 81.4% of Tor clients.

Professor Sambuddho Chakravarty, currently researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology, uses a technique which injects a repeating traffic pattern into the TCP connection associated with an exit node, and then compares subsequent aberrations in network timing with the traffic flow records generated by Netflow (or equivalent packages from other router manufacturers) to individuate the ‘victim’ client. In laboratory conditions the success rate of this traffic analysis attack is 100%, with network noise and variations reducing efficiency to 81% in a live Tor environment. Chakravarty says: “it is not even essential to be a global adversary to launch such traffic analysis attacks. A powerful, yet non- global adversary could use traffic analysis methods to determine the various relays participating in a Tor circuit and directly monitor the traffic entering the entry node of … Read more

What’s next, a gift shop? The National Security Agency has a side business licensing its technology

Dollar sign on keyboard with magnifying glass


30 September 2014 – We were at the “Defense Labs Tech Transfer” trade show in Maryland last week and stumbled across a company called TechLink, which is a US Department of Defense (DoD) Partnership Intermediary. These partnership entities are all done via government statute (check out 15 USC 3715). TechLink is based at Montana State University. The company brokers licensing agreements between DoD labs and US industry for manufacture and use of DoD inventions. These inventions involve virtually all technology fields, including medicine, software, electronics, communications, advanced materials, and energy-related technologies. There are between 100 and 150 research labs that participate under the DoD’s umbrella.

And lo and behold … the National Security Agency (NSA) is in the program (the DoD includes the NSA under its umbrella) and has been making money on the side by licensing its technology to private businesses for more than two decades. It’s called the Technology Transfer Program, under which the NSA declassifies some of its technologies that it developed for previous operations, patents them, and, if they’re swayed by an American … Read more

Snowden used TAILS, designed for internet anonymity, to protect his communications. Journalists and (certain) corporates love it.


Tails anonimity

He likes TAILS!



By: Eric De Grasse / Chief Technology Officer

17 April 2014 – An interesting piece from Hugh Pickens over at on how Snowden protected his communications, using The Amnesic Incognito Live System (TAILS). I talked about TAILS in my client wrap-up post after attending the Black Hat and DEF CON hacker conferences last year in Las Vegas. TAILS is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer’s original operating system. It is free software and based on Debian GNU/Linux.

Here is Hugh’s piece with my comments following:

“When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System Read more

Sochi Olympics is a cyber war zone, a master class in espionage

Sochi cyber

Sochi is “the most connected Olympics ever”

By: Eric DeGrasse, Chief Technology Officer and Gregory P. Bufithis, Founder and CEO


13 February 2014 – NBC took a few hits last week for a report that turned out to be almost entirely bogus on Sochi malware, Wi-Fi honeypots and sinister auto-downloads.

But as it turns out, foreign visitors to the Winter Olympics in Sochi are unknowingly wading into a cyber battlefield, say U.S. government and security experts. Large international events – packed with diplomats, business leaders and celebrities – have become honeypots for computer hackers, while Russia is home to some of the most feared cyber criminals in the world.

The Sochi games have already been plagued by fears of a potential terrorist attack and U.S. officials have warned American supporters and athletes about the dangers of attending the games, which began on Friday. But in a sign of the mounting worries over the cyber threat, the U.S. government issued guidance advising American visitors to Sochi to remove all important information from their computers and devices before they travel. They … Read more

German TV: Edward Snowden says NSA is also involved in industrial sabotage

NSA industrial espionage


26 January 2014 – The National Security Agency is involved in industrial espionage and will take intelligence regardless of its value to national security, Edward Snowden has told a German television network. A lengthy interview was broadcast tonight by German public broadcaster ARD TV. It quotes Snowden as saying the NSA does not limit its espionage to issues of national security and citing the German engineering firm Siemens as one target.

“If there’s information at Siemens that’s beneficial to US national interests – even if it doesn’t have anything to do with national security – then they’ll take that information nevertheless”, Snowden said. The interview was recorded in Russia where Snowden has claimed asylum. Snowden also told the German public broadcasting network he no longer has possession of any documents or information on NSA activities and has turned everything he had over to select journalists. He said he did not have any control over the publication of the information, ARD said.

Reports that the NSA monitored Chancellor Angela Merkel’s mobile phone have added to anger in Germany, which … Read more

Researchers connect 91% of phone numbers with names in metadata probe


Metadata 2

24 December 2013 – One of the key tenets of the argument that the National Security Agency and some lawmakers have constructed to justify the agency’s collection of phone metadata is that the information it’s collecting, such as phone numbers and length of call, can’t be tied to the callers’ names.


Some quick investigation by some researchers at Stanford University who have been collecting information voluntarily from Android users found that they could correlate numbers to names with very little effort. The Stanford researchers recently started a program called Metaphone that gathers data from volunteers with Android phones. They collect data such as recent phone calls and text messages and social network information.

The goal of the project, which is the work of the Stanford Security Lab, is to draw some lines connecting metadata and surveillance. As part of the project, the researchers decided to select a random set of 5,000 numbers from their data and see whether they could connect any of them to subscriber names using just freely available Web tools.

The result: They found … Read more

The mathematics behind NSA hacking

back door open

23 December 2013 –  There has been a lot of chatter these past two days on whether the RSA (which has angrily denied the claim) secretly took $10 million from the NSA to use the buggered up Dual Elliptic Curve Deterministic Random Bit Generator in its encryption products. RSA, which is owned by EMC, started using Dual EC DRBG by default in 2004, before the generator was standardized.

In 2007 a backdoor in the algorithm weakened the strength of any encryption that relied on it. It was only in September 2013, RSA told its customers to stop using the algorithm. The NSA is also accused of weakening the random number generator during its development. The RSA said that it categorically denied the allegation that it knew Dual EC DRBG was “flawed” when it started using the algorithm. It said it made sense to use the random number generator in the context of an industry-wide effort to develop newer, stronger methods of encryption.

At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption. … Read more