Archive | Intelligence

Meanwhile, in the war on terror

THE DEPARTMENT OF JUSTICE proudly announced the first FBI terror arrest of the Trump administration on Tuesday: an elaborate sting operation that snared a 25-year-old Missouri man who had no terrorism contacts besides the two undercover FBI agents who paid him to buy hardware supplies they said was for a bomb — and who at one point pulled a knife on him and threatened his family.

There have been many reports (and at least one documentary film) about the FBI framing people who probably are not that dangerous at all – just to be seen doing something.

Law enforcement should focus on real terrorist, not creating their own ones.

The Intercept » Trump’s first terror arrest: A broke stoner the FBI threatened at knifepoint »

0

Trump, CIA, NSA, Palantir, Facebook & the common denominator

In the demo, Palantir engineers showed how their software could be used to identify Wikipedia users who belonged to a fictional radical religious sect and graph their social relationships. In Palantir’s pitch, its approach to the VAST Challenge involved using software to enable “many analysts working together [to] truly leverage their collective mind.” The fake scenario’s target, a cartoonishly sinister religious sect called “the Paraiso Movement,” was suspected of a terrorist bombing, but the unmentioned and obvious subtext of the experiment was the fact that such techniques could be applied to de-anonymize and track members of any political or ideological group.

The Intercept describes the (partly CIA financed) Palantir mass surveillance analysis software.

As if the above is not chilling enough, consider that Palantir owner Peter Thiel has become an advisor to President Trump and is on the board of directors at Facebook.

The Intercept: How Peter Thiel’s Palantir helped the NSA spy on the whole world »

/ HAX

0

Sweden – not so neutral, after all?

Possible targets might be the administrators of foreign computer networks, government ministries, oil, defense, and other major corporations, as well as suspected terrorist groups or other designated individuals. Similar Quantum operations have targeted OPEC headquarters in Vienna, as well as Belgacom, a Belgian telecom company whose clients include the European Commission and the European Parliament. (…)

Significantly, while WINTERLIGHT was a joint effort between the NSA, the Swedish FRA, and the British GCHQ, the hacking attacks on computers and computer networks seem to have been initiated by the Swedes.

It’s worth keeping in mind that Swedish intelligence agency FRA – together with British GCHQ – declined to participate in the European Parliaments hearings on mass surveillance.

The New York Review of Books: The Swedish Kings of Cyberwar »

0

Frosty relations between UK and German spy agencies

The Snowden revelations on US NSA spying in Germany still poison relations between UK (and US) intelligence community and their German counterparts.

The Daily Mail:

Relations between British and German spy chiefs have hit rock bottom because London says its counterparts in Berlin cannot be trusted to keep secrets. (…)

The source said: ‘It has now reached the point where there is virtual radio silence between the two biggest and most important intelligence services of the western world and the BND of Germany.

‘Germany is worried because it needs the umbrella protection of these agencies. It is virtually blind without it.’

This also concerns German requests for information demanded by the German Bundestag’s (parliaments) committee on mass surveillance:

Both the UK and America refused to send any of the requested files to Germany. Included among them was a demand for information about a 2013 operation handled by both countries – and in co-operation with the BND – which was, and remains, top secret but was known to involve a massive surveillance programme on suspected Islamic terrorists across Europe.

Britain fears a ‘big debate’ in the German parliament which would lay open secret sources and intelligence gathering techniques.

To complicate matters even more, the German Bundestag is searching for a »Wikileaks mole« – said to leak information from the said NSA investigative committee.

The Daily Mail » German spies ‘can’t be trusted’: Relations between the UK and Berlin intelligence chiefs hit after comments by London »

Berliner Morgenpost » Bundestagspolizei sucht Wikileaks-Maulwurf im Parlament »

0

Cyber war capabilities and mass surveillance

We definitely need cyber defence capabilities. Foreign powers, terrorists, and criminal networks have the capability to harm key functions in our societies.

We also need capacity for offensive cyber operations. No doubt, this will be a part of tomorrow’s conflicts and there is an ongoing cyber war arms race. Several western countries affiliated with NSA is adapting to this. (E.g. Sweden has recently made changes to legalise offensive operations, that according to the Snowden documents are already in place.)

First of all, the threshold for cyber attacks is lower than for conventional military conflicts. At the same time, most countries have made it clear that they will consider cyber attacks as an actual act of war. So there are reasons to tread carefully.

This is a grey area. It is difficult to be sure if a cyber attack originates from another nation or a criminal or terrorist organisation. In the same way, it is difficult to know who you engage in defensive or offensive cyber operations. Things might easily escalate.

Second, there is no clear line separating conventional mass surveillance and cyber warfare. One can easily spill over into the other. The lines are muddled. The rule of law can easily be circumvented by labelling surveillance that would be illegal in “civil” law enforcement as secret “military” operations.

Third, cyber warfare capabilities are frequently outsourced to private contractors. This will make it even harder to uphold democratic oversight and accountability.

I would argue that one major problem with cyber warfare capabilities is that they might be used to conceal domestic intelligence operations outside the realm of the law.

This calls for vigilance.

/ HAX

Statewatch » Council documents: responses to offensive cyber operations; “cyber capacity building” in non-EU countries; implementation report on Cyber Defence Policy Framework »

0

Make UN member states stand by their word on the Internet and privacy

“1. Affirms that the same rights that people have offline must also be protected online, in particular freedom of expression, which is applicable regardless of frontiers and through any media of one’s choice, in accordance with articles 19 of the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights;”

These are words from the United Nations Human Rights Council, in a declaration of the 27:th of June. (PDF») It continues…

“8. Calls upon all States to address security concerns on the Internet in accordance with their international human rights obligations to ensure protection of freedom of expression, freedom of association, privacy and other human rights online, including through national democratic, transparent institutions, based on the rule of law, in a way that ensures freedom and security on the Internet so that it can continue to be a vibrant force that generates economic, social and cultural development;”

“9. Condemns unequivocally all human rights violations and abuses, such as torture, extrajudicial killings, enforced disappearances and arbitrary detention, expulsion, intimidation and harassment, as well as gender based violence, committed against persons for exercising their human rights and fundamental freedoms on the Internet, and calls on all States to ensure accountability in this regard;”

“10. Condemns unequivocally measures to intentionally prevent or disrupt access to or dissemination of information online in violation of international human rights law and calls on all States to refrain from and cease such measures;”

Great! Or… what?

I cannot help noticing that Turkey is one of the signing countries… And Poland, despite the country’s ever more dubious approach to free speech.

The United Kingdom (with the GCHQ) and the United States (home of the NSA) have signed the declaration. And countries like Sweden (FRA), Germany (BND) – who are part of the global surveillance network.

Do they really mean what they say? Probably not.

This is a great UN declaration. But the fight for a free and open internet, free speech, privacy and civil rights still needs to be fought by an army of activists. You simply cannot trust governments with this, just because they say so.

It’s like 5 July 2012. The day that gave the 5 July-foundation (who, among other things is running this blog) its name. (Read more») This was the date for an ambitious UN resolution “on the Promotion, Protection, and Enjoyment of Human Rights on the Internet”.

Then, like now, we believe that words are not enough and that the Internet community must engage in the battle to defend the values stated in the resolution.

Today the 5 July-foundation runs several projects for security, privacy and liberty. (Read more»)

Actually, today is also the second anniversary of this blog – trying to identify threats to digital liberty. I hope you enjoy it.

And let’s use this UN resolution as valuable support when our governments go back to Big Brother Business as usual. We have their words on paper. And we demand that they stand by them!

/ HAX

• The Declaration (PDF) »
• UN rights council condemns internet blocking »
• UN rights council condemns the disruption of internet access »
• UN Human Rights Body Condemns Nations Blocking Internet Access »
• UN Human Rights Council Passes Resolution ‘Unequivocally’ Condemning Internet Shutdowns »
• Disrupting Internet Access Is A Human Rights Violation, UN Says »

0

What to learn from the Abdesalam fiasco

Surveillance should only be directed against people who are suspected of (or to commit) serious crimes.

Mass surveillance – of everyone – only creates a bigger haystack, more false positives, and hamper police and intelligence authorities in their efforts to identify real threats.

Take the Abdesalam brothers in the Paris attacks as an example…

Both were known to Belgian authorities; both were suspected to prepare “an irreversible act”. For years.

This is a case of sloppiness, lacking resources and being Belgian.

Belgium might be a dysfunctional mess, but the problem is the same in other countries. The more mass surveillance data, the more police officers gazing at computer screens – the less security and safety.

Authorities all over would need to get serious, pretty quickly. There is no room for public sector inefficiency when it comes to fighting terrorism. There is no room for incompetence and idleness.

And there are no (valid and publicly acceptable) reasons to replace human intelligence with mass surveillance of the entire population.

The Americans might do it. The Russians and Chinese also do it, for sure. But that is no reason that Europe should. This is exactly what makes our liberal democracy so special. In Europe, we trust ordinary and law-abiding people enough to keep out of their private lives.

The Paris attacks were very real, sad and terrifying. The Abdesalm brothers are very real terrorists. This reality underlines that we need other methods to protect us from danger rather than mass surveillance and data retention. We need wise and competent people, knowing what they are doing. If there are any.

/ HAX

• Link: Belgian police knew since 2014 that Abdeslam brothers planned ‘irreversible act’ »

0

The haystack dilemma

Binney said that an analyst today can run one simple query across the NSA’s various databases, only to become immediately overloaded with information. With about four billion people — around two-thirds of the world’s population — under the NSA and partner agencies’ watchful eyes, according to his estimates, there is too much data being collected.

“That’s why they couldn’t stop the Boston bombing, or the Paris shootings, because the data was all there,” said Binney. Because the agency isn’t carefully and methodically setting its tools up for smart data collection, that leaves analysts to search for a needle in a haystack.

ZDNet: NSA is so overwhelmed with data, it’s no longer effective, says whistleblower »

0