Interesting post-Snowden reading, just declassified. (U) External Communication will address at least one of “fresh look” narratives: (U) NSA does not access everything. (U) NSA does not collect indiscriminately on U.S. Persons and foreign nationals. (U) NSA does not weaken encryption. (U) NSA has value to the nation. There’s lots more. Powered by WPeMatico
Category: nsa
Auto Added by WPeMatico
Rumor is that the Trump administration will separate the NSA and US Cyber Command. I have long thought this was a good idea. Here’s a good discussion of what it does and doesn’t mean. Powered by WPeMatico
Back in 2013, Der Spiegel reported that the NSA intercepts and collects Windows bug reports: One example of the sheer creativity with which the TAO spies approach their work can be seen in a hacking method they use that exploits the error-proneness of Microsoft’s Windows. Every user of the operating system is familiar with the … Read More “NSA Collects MS Windows Error Information” »
In April, the Shadow Brokers — presumably Russia — released a batch of Windows exploits from what is presumably the NSA. Included in that release were eight different Windows vulnerabilities. Given a presumed theft date of the data as sometime between 2012 and 2013 — based on timestamps of the documents and the limited Windows … Read More “Zero-Day Vulnerabilities against Windows in the NSA Tools Released by the Shadow Brokers” »
“Traffic shaping” — the practice of tricking data to flow through a particular route on the Internet so it can be more easily surveiled — is an NSA technique that has gotten much less attention than it deserves. It’s a powerful technique that allows an eavesdropper to get access to communications channels it would otherwise … Read More “More on the NSA’s Use of Traffic Shaping” »
Apple is fighting its own battle against leakers, using people and tactics from the NSA. According to the hour-long presentation, Apple’s Global Security team employs an undisclosed number of investigators around the world to prevent information from reaching competitors, counterfeiters, and the press, as well as hunt down the source when leaks do occur. Some … Read More “Fighting Leakers at Apple” »
According to a recently declassified report obtained under FOIA, the NSA’s attempts to protect itself against insider attacks aren’t going very well: The N.S.A. failed to consistently lock racks of servers storing highly classified data and to secure data center machine rooms, according to the report, an investigation by the Defense Department’s inspector general completed … Read More “NSA Insider Security Post-Snowden” »
There’s evidence: Though the assessment is not conclusive, the preponderance of the evidence points to Pyongyang. It includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies. It states that the hackers behind WannaCry are also … Read More “NSA Links WannaCry to North Korea” »
This week brought new public evidence about Russian interference in the 2016 election. On Monday, the Intercept published a top-secret National Security Agency document describing Russian hacking attempts against the US election system. While the attacks seem more exploratory than operational – and there’s no evidence that they had any actual effect – they further … Read More “NSA Document Outlining Russian Attempts to Hack Voter Rolls” »
There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities. First, there are the writers of the malicious software, which blocks victims’ access to their computers until they pay a fee. Then there are the users who … Read More “WannaCry and Vulnerabilities” »