Blog Archives
NSA PRISM program taps in to user data of Facebook, Yahoo and others | World news | The Guardian
• Top secret PRISM program claims direct access to servers of firms including Google, Apple and Facebook
• Companies deny any knowledge of program in operation since 2007
The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.
The NSA access is part of a previously undisclosed program called PRISM, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.
The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims “collection directly from the servers” of major US service providers.
Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.
In a statement, Google said: “Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data.”
Several senior tech executives insisted that they had no knowledge of PRISM or of any similar scheme. They said they would never have been involved in such a program. “If they are doing this, they are doing it without our knowledge,” one said.
An Apple spokesman said it had “never heard” of PRISM.
The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012.
Related articles
- Report: NSA PRISM program spied on American’s emails, searches (pcworld.com)
- Top-Secret NSA Internet Spying Program ‘PRISM’ Uncovered (vineoflife.net)
- Top-Secret NSA Internet Spying Program ‘PRISM’ Uncovered (lynleahz.com)
- Data Mining Expose: Facebook, Google, Apple Accessed by NSA (goldenageofgaia.com)
- Silicon Alley Insider: SCARY: These Slides Show How The NSA Watches Your Every Online Move (businessinsider.com)
- Secret program gives NSA, FBI backdoor access to Apple, Google, Facebook, Microsoft data (theverge.com)
- Google, Apple & Facebook Deny Participating In Alleged NSA “PRISM” Program (marketingland.com)
- NSA’s PRISM Snoops On You Via Google, Facebook, Apple (disinfo.com)
- PRISM scandal: tech giants flatly deny allowing NSA direct access to servers (guardian.co.uk)
Boston bombers: FBI hunting 12-strong terrorist “sleeper cell” linked to brothers
The FBI was last night hunting a 12-strong terrorist “sleeper cell” linked to the Boston marathon bomb brothers.
Police believe Tamerlan and Dzhokhar Tsarnaev were specially trained to carry out the devastating attack.
More than 1,000 FBI operatives were last night working to track down the cell and arrested a man and two women 60 miles from Boston in the hours before Dzhokhar’s dramatic capture after a bloody shootout on Friday.
A source close to the investigation said: “We have no doubt the brothers were not acting alone. The devices used to detonate the two bombs were highly sophisticated and not the kind of thing people learn from Google.
“They were too advanced. Someone gave the brothers the skills and it is now our job to find out just who they were. Agents think the sleeper cell has up to a dozen members and has been waiting several years for their day to come.”
A specialist team of CIA and FBI interrogators was yesterday flown to a Boston hospital to grill wounded Dzhokhar, 19, about the secret group. The University of Massachusetts student was caught on Friday after hiding out in a boat parked in a garden in locked down Watertown the day after a gun battle with police left his 26-year-old brother and a rookie cop dead.
Government Appetite Growing for Twitter User Data
via Wired.com
The Twitter transparency report released Monday.
Twitter said Monday that just 19 percent of federal and state government requests for user data were accompanied by probable-cause search warrants during the six months ending in December 2012.
In all, the San Francisco-based micro-blogging service, in its second so-called transparency report, said there were 815 demands for Twitter account-holder data. Twitter did not say what type of user data was sought in those 815 requests, but it likely includes a mixture of e-mail addresses associated with accounts, IP logs, tweets and direct messages.
Twitter neither said what data it hands over nor said what type of data requires probable-cause warrants. Twitter did not immediately respond for comment.
The disclosure came a week after Google and Yahoo told Wired that it requires probable-cause warrants to divulge to the authorities e-mail and cloud-stored content of its account holders, despite federal law not always demanding that.
MORE . . .
Related articles
- US gov displays growing appetite for Twitter users’ personal data (boingboing.net)
- The Government Is Still Trying to Spy on a Lot of Your Twitter and Google Data (theatlanticwire.com)
- The Government Is Still Trying to Spy on a Lot of Your Twitter and Google Data (revolutionpac.com)
- Twitter says govt data requests rise (bigpondnews.com)
- Twitter’s transparency report reveals increase in government data requests (guardian.co.uk)
- Data Privacy Day 2013: Twitter reveals US government makes 80% of info requests (rt.com)
- Twitter gives U.S. government its user data 69 percent of the time (digitaltrends.com)
- Twitter: 80% of Government User Data Requests Issued Without a Warrant (mashable.com)
- Twitter: Government user data requests have risen 20 percent (sott.net)
5 Gmail lessons from David Petraeus affair
via POLITICO.com
It’s become the email equivalent of separating church and state: work email is for official communications while private accounts are for personal — and sometimes inappropriate — messaging.
But as the scandal that has enveloped former CIA director David Petraeus and Gen. John Allen has shown, Gmail and other Web-based email services are not completely safe zones.
The FBI probe into Petraeus — which led to his resignation last Friday — serves as a reminder that even the most private emails sent on commercial online services among people using pseudonyms can be discovered and thrown into the harsh light of scrutiny.
Here are Gmail lessons to be learned from the Petraeus affair:
1. It’s not anonymous.
Petraeus and his biographer Paula Broadwell apparently took steps to protect their communication, such as using pseudonyms to set up an online service account and in communicating with each other. But FBI investigators were able to figure out some information about the account from looking at emails sent from the account to another party. Reportedly this is what led authorities investigating threatening emails to Tampa socialite Jill Kelley from Broadwell.
“Who you are saying it to and where you are saying it from has the least protection under the law,” said Chris Soghoian, principal technologist at the ACLU. “A warrant is needed to find out what you are saying.”
Internet service providers and most websites keep complete records of the Internet Protocol addresses of those who use their services for 18 months, and then slightly blurred records of IP addresses after 18 months. Investigators can obtain that information under the Electronic Communications Privacy Act as long as they have reasonable grounds to believe that it is relevant to an ongoing criminal investigation — less than the probable cause needed to secure a warrant. In the Petraeus case, the FBI reportedly got the necessary court clearances.
The only way that people can use pseudonymous webmail accounts safely is via an anonymizing service like Tor, said Peter Eckersley, technology projects director for the Electronic Frontier Foundation. Tor is installed on a computer and reroutes website visits, instant messages and other communications to other Tor users so it is not possible to identify a single computer, sort of like hiding in a crowd.
2. Government requests for access are increasing and Google and other services play ball.
Google reported Tuesday that law enforcement and courts in the United States made nearly 8,000 requests for user information in the first half of 2012 from all of Google’s products — including Gmail, search, Google Docs, etc. The number of requests from the American law enforcement alone jumped 26 percent from the previous six months, when 6,321 requests were made.
Government officials wanted information on 16,281 accounts, Google said, and Google complied roughly 90 percent of the time.
The report shows governments around the world not only wanted more data for law enforcement purposes but also increased requests to Google to remove content.. “Government surveillance is on the rise,” Dorothy Chou, a senior policy analyst at Google, wrote in a blog post announcing the report.
3. You’re not in cyberspace.
A person’s physical location when sending an email can often be pinpointed from the email they send. Email metadata contains IP addresses of the computers and servers they come in contact with, as well as the unique number associated with the device that sent the emails. Sometimes, the traceable IP of the sender’s device is visible in a sent email — email services such as Yahoo and others reveal information about the sending computer, while messages sent from Gmail’s Web interface do not reveal the information about the sending computer, privacy experts say. Even if it isn’t visible, investigators can obtain it with the use of a subpoena or court order, and determine other accounts accessed from the same location.
MORE . . .
Related articles
- 5 Gmail lessons from Petraeus affair (politico.com)
- How metadata brought down CIA boss David Petraeus (newscientist.com)
- Gmail Location Data Led FBI to Uncover Top Spy’s Affair (wired.com)
- How CIA Director David Petraeus’s Affair Was Traced Through Email (and How to Keep It From Happening to You) (lifehacker.com)
- David Petraeus scandal: The silliness of using Gmail for your affair (telegraph.co.uk)
The spy in your inbox
by Sean Gallagher – Nov 6, 2012 9:10 pm UTC via Ars Technica
Everything on the Internet is monitored in some way. Companies track what you do at work through deep packet inspection to make sure you don’t wander into territory forbidden by company policy, or dump corporate data to a remote server just before you give notice. The Web pages you visit and the HTML-based mass e-mails you open are logged and tracked by advertisers and marketers. And your boss can tell if you’ve ever opened that urgent message or not.
But people usually don’t throw it in your face and shatter whatever remaining illusions of privacy you might have, as someone did to my colleague Andrew Cunningham today.”Oh, man, a PR person was just totally creepy at me,” he interjected over IRC this morning.
The “creepy” was an e-mail that a media representative for a company called ContactMonkey sent on the heels of another one Cunningham had just opened. The second message included information about his location, the e-mail client he had used to open it, and the exact time it had been opened.
The Outlook plug-in toolbar for ContactMonkey’s Bridge.
The message and the data were a demonstration of Bridge, a $5-a-month service that installs a plugin for Microsoft’s Outlook 2010 mail client and for Google’s Chrome browser for use with GMail. Bridge gives anyone the power to know those details for any message they send—or at least any message that lands in the inbox of someone who trustingly opens e-mails without blocking HTML-embedded images.
MORE . . .
Related articles
- The spy in your inbox (arstechnica.com)
- Here’s the e-mail trick Petraeus and Broadwell used to communicate (washingtonpost.com)
