WikiLeaks has started publishing a large collection of classified CIA documents, including information on several — possibly many — unpublished (i.e., zero-day) vulnerabilities in computing equipment used by Americans. Despite assurances that the US government prioritizes defense over offense, it seems that the CIA was hoarding vulnerabilities. (It’s not just the CIA; last year we … Read More “WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies” »
Category: nsa
Auto Added by WPeMatico
The New York Times reports that Uber developed apps that identified and blocked government regulators using the app to find evidence of illegal behavior: Yet using its app to identify and sidestep authorities in places where regulators said the company was breaking the law goes further in skirting ethical lines — and potentially legal ones, … Read More “Uber Uses Ubiquitous Surveillance to Identify and Block Regulators” »
At a talk last week, the head of US Cyber Command and the NSA Mike Rogers talked about the US buying cyberweapons from arms manufacturers. “In the application of kinetic functionality — weapons — we go to the private sector and say, ‘Build this thing we call a [joint directed-attack munition], a [Tomahawk land-attack munition].’ … Read More “Adm. Rogers Talks about Buying Cyberweapons” »
The Intercept has a long article on the relationship between Palantir Technologies and the NSA, based on the Snowden documents. Powered by WPeMatico
These days, it’s rare that we learn something new from the Snowden documents. But Ben Buchanan found something interesting. The NSA penetrates enemy networks in order to enhance our defensive capabilities. The data the NSA collected by penetrating BYZANTINE CANDOR’s networks had concrete forward-looking defensive value. It included information on the adversary’s “future targets,” including … Read More “NSA Using Cyberattack for Defense” »
Duqu 2.0 is a really impressive piece of malware, related to Stuxnet and probably written by the NSA. One of its security features is that it stays resident in its host’s memory without ever writing persistent files to the system’s drives. Now, this same technique is being used by criminals: Now, fileless malware is going … Read More “Duqu Malware Techniques Used by Cybercriminals” »
Imagine that you are someone in the CIA, concerned about the future of America. You have this Russian dossier on Donald Trump, which you have some evidence might be true. The smartest thing you can do is to leak it to the public. By doing so, you are eliminating any leverage Russia has over Trump … Read More “A Comment on the Trump Dossier” »
President Barack Obama’s public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks and other sources has opened up a debate on what constitutes sufficient evidence to attribute an attack in cyberspace. The answer is both complicated and inherently tied up in … Read More “Attributing the DNC Hacks to Russia” »
Le Monde and the Intercept are reporting about NSA spying in Africa, and NSA spying on in-flight mobile phone calls — both from the Snowden documents. Powered by WPeMatico
The NSA has been abandoning secret and proprietary cryptographic algorithms in favor of commercial public algorithms, generally known as “Suite B.” In 2010, an NSA employee filed some sort of whistleblower complaint, alleging that this move is both insecure and wasteful. The US DoD Inspector General investigated and wrote a report in 2011. The report … Read More “Whistleblower Investigative Report on NSA Suite B Cryptography” »