Slashdot Mirror

http://cryptome.org/anc-manual...

"This is an African National Congress manual for covert actions, first published during 1988-90 as a series of articles in 'Umsebenzi', later as a single pamphlet for underground operatives"

peace & love

You could always just use VyprVPN, that way only the FBI would have your information.

@gstoddart: "The problem is there will be a whole bunch of people who will loudly proclaim that having penalties for corporations failing to protect this information is tantamount to socialism."

It isn't down to the corporations that our computing infrastructure is so insecure, but our own Governments. As in order to protect us they need to keep us under constant surveillance. Some of us might still be able to recall when the NSA helped Microsoft secure Skype. See also where your Bitlocker keys are stored safely in the Cloud. The socialist East German Stasi could only dream of such technology :)

I'm sure Airbus cared when the GCHQ snooped on the details of a bidding process and handed over the details to Boeing.

Probably not, since that doesn't appear to be what happened.

Boeing Called A Target Of French Spy Effort

The Boeing Co. was among the targets of a French government plan for a massive spying effort to learn U.S. technological secrets and trade strategies, according to classified documents.

The plan targeted 49 high-tech companies, 24 financial institutions and six U.S. government agencies with important roles in international trade, the French documents show.

The plan focused on research breakthroughs and marketing strategies of leading-edge U.S. aerospace and defense contractors that compete directly with French firms.

The French also sought advance knowledge of the bargaining positions of American negotiators in trade talks involving France. . . .

Among the most coveted U.S. secrets:

-- Research, test results, production engineering and sales strategies for Boeing and McDonnell-Douglas. Both compete against the French-led European conglomerate Airbus Industrie.
 

Why We Spy on Our Allies - By R. James Woolsey, ... former Director of Central Intelligence

The European Parliament's recent report on Echelon, written by British journalist Duncan Campbell, has sparked angry accusations from continental Europe that U.S. intelligence is stealing advanced technology from European companies so that we can -- get this -- give it to American companies and help them compete. My European friends, get real. True, in a handful of areas European technology surpasses American, but, to say this as gently as I can, the number of such areas is very, very, very small. Most European technology just isn't worth our stealing.

Why, then, have we spied on you? The answer is quite apparent from the Campbell report -- in the discussion of the only two cases in which European companies have allegedly been targets of American secret intelligence collection. Of Thomson-CSF, the report says: "The company was alleged to have bribed members of the Brazilian government selection panel." Of Airbus, it says that we found that "Airbus agents were offering bribes to a Saudi official." These facts are inevitably left out of European press reports.

That's right, my continental friends, we have spied on you because you bribe. Your companies' products are often more costly, less technically advanced or both, than your American competitors'. As a result you bribe a lot. So complicit are your governments that in several European countries bribes still are tax-deductible.

When we have caught you at it, you might be interested, we haven't said a word to the U.S. companies in the competition. Instead we go to the government you're bribing and tell its officials that we don't take kindly to such corruption. They often respond by giving the most meritorious bid (sometimes American, sometimes not) all or part of the contract. This upsets you, and sometimes creates recriminations between your bribers and the other country's bribees, and this occasionally becomes a public scandal. ...

For folks who are interested, Cryptome has posted the filing: Case 2:14-cv-02631-JAR-TJJ.

>How effective that encryption is is up for debate.

No, it is not.

Abstract. In this paper we present a very practical ciphertext-only cryptanalysis of GSM (Global System for Mobile communications) encrypted communication, and various active attacks on the GSM protocols. These attacks can even break into GSM networks that use “unbreakable” ciphers. We first describe a ciphertext-only attack on A5/2 that requires a few dozen milliseconds of encrypted off-the-air cellular conversation and finds the correct key in less than a second on a personal computer. We extend this attack to a (more complex) ciphertext-only attack on A5/1. We then describe new (active) attacks on the protocols of networks that use A5/1, A5/3, or even GPRS (General Packet Radio Service). These attacks exploit flaws in the GSM protocols, and they work whenever the mobile phone supports a weak cipher such as A5/2. We emphasize that these attacks are on the protocols, and are thus applicable whenever the cellular phone supports a weak cipher, for example, they are also applicable for attacking A5/3 networks using the cryptanalysis of A5/1. Unlike previous attacks on GSM that require unrealistic information, like long known-plaintext periods, our attacks are very practical and do not require any knowledge of the content of the conversation. Furthermore, we describe how to fortify the attacks to withstand reception errors. As a result, our attacks allow attackers to tap conversations and decrypt them either in real-time, or at any later time. We present several attack scenarios such as call hijacking, altering of data messages and call theft.

Well well. This explains a lot.
http://cryptome.org/2014/07/ns...

Seems a lot of this functionality is deployed via tor.

Why thank you, Amazing Kreskin, for your profound legal insights.

After reviewing the evidence, of the three investigating officers, two (Wassgren and Gehlin) wanted him investigated for what would eventually be five charges (2x rape, 1x unlawful sexual coersion, 2x molestation), and one (Krans) wanted him for four (1x, 1x, 2x). The first prosecutor (Finne) first wanted him investigated for five (1x, 1x, 2x), then reduced it to what would become three (0x, 1x, 2x). An appeal from one of the victims was reviewed and found with merit (not unusual in Sweden, there's a strong victims' rights process), and a new prosecutor (Ny) was brought in, and the investigation resumed for all five (2x, 1x, 2x). A judge charged / anklagad him on all five counts (2x, 1x, 2x). Assange appeled the warrant and the Svea Court of Appeals held a full court hearing, with a jury, a review of all the evidence, and testimony from Assange's lawyers; they upheld four (1x,1x, 2x). He appealed to the Swedish Supreme court; they refused his appeal. The British lower court heard Assange's appeal (arguing malicious prosecution, flaws in the Swedish process, and an invalid EAW). The British lower court ruled against him on all counts. The case was heard by the British high court, which also ruled against him on all counts. And again, the British Supreme Court heard the case, and ruled against him on all counts.

But no no, who needs a pesky legal system when we have Amazing Kreskin here to tell us about how it's all a setup! Screw those lying b****s, right?

Heck, Assange's attorneys have all but admitted that he did it. Check out Emmerson's court statements, where he bloody admits that Assange started F*ing SW unprotected while she was asleep. Let it not be forgotten that the courts have SW's SMS records from that night where she's bitterly complaining about about how Assange keeps trying t F* her unprotected despite her telling him again and again and how annoyed she's getting about that), testimony from a friend and a family member she chatted with right before the event while she was out buying breakfast, and on and on, making it pretty unambiguous that she'd been refusing unprotected sex - something that neither Assange nor his attorneys have contested. Emmerson tries to argue that consent is implied because she didn't immediately push Assange out when she woke up to him F*ing her. But that's of course a nonsense legal claim. One, you can't get "retroactive consent", it has to be present from the beginning. Two, F*ing a sleeping person is explicitly illegal in both Swedish and British law; the fact that it was done in a manner she had been explicitly refusing is merely listed as an aggravating factor. Three, the reason she'd been refusing unprotected sex was paranoia about STDs, and it was already too late, she'd have to go to the hospital either way (just ignoring the "shock" aspect, which I can tell you is *very* real; it was already too late. As her ex boyfriend of 2 1/2 years testified, she was so paranoid about unprotected sex that she not once allowed it in their entire relationship, and *still* made him get an STD test.

His freaking *defense* attorneys are admitting that he did it, so why should anyone be surprised that court after court keeps condemning him? And it's not like this is anything new for Assange. He had allegations of stalking against a 17-year-old before he got famous. Even whistleblowers he's worked with for Wikileaks have accused him of sexual aggression. This is a guy who wrote on his own blog about how womens' brains can't do math and how he's a god to women, and how his ghostwriter who spent months with him documented (with recorded transcripts) an unending litany of creepy sexual behavior,

"Due to the basic design of the Internet (and other means of communication) there is only the illusion of anonymity, privacy or security on the Internet, the world's greatest and easiest spy machine (aka hacker-breeding-insecurity nirvana) facilitated by user-funded RFID-chipped personal devices toted everywhere all the time to report on exactly what who when where and how citizen-gawkers-hawkers are deliriously fingering their Venn diagram of interests into the gaping maw of aggregators (aka data thieves and their credentialled-trustworthy fronts) fattening the spy contractors' paranoia."
http://cryptome.org/2012/03/derek-moore-venn.htm

One time pad, number stations work if used correctly.
After all the news from http://cryptome.org/2013-info/... any generation of computer or international standard is allowed to gain traction.
Once a gov has staff or front companies help set international standards, the plain text just flows for years from most users, most of the time.

Its kind of hard considering how others facing US courts tried to get the press and lawyers to take note. After that using the US legal system showed no "debate" was possible.
http://cryptome.org/2013-info/... Lots of people tried to stay in the US court system with lawyers and still got no traction with the US press.

Except that they also maintain the source database of image scans, not abstracted data. With the image database, you can fairly easily fake fingerprints for all known fingerprint scanners.

                            http://cryptome.org/fake-print...

> Not increased government accountability or transparency, but a hellbent determination to make sure they will never be caught with their pants down again. Sigh.

That was Assange's goal in starting wikileaks.

From an early essay of his:
"The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive "secrecy tax") and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption."
-- The non linear effects of leaks on unjust systems of governance

AC the backdoor aspect is both national and international
"FBI Wants Backdoors in Facebook, Skype and Instant Messaging"
http://www.wired.com/2012/05/f...
".... drafted by the FBI, that would require social-networking sites and VoIP, instant messaging and e-mail providers to alter their code to make their products wiretap-friendly."
Then the world was given more details "Encrypted or not, Skype communications prove Ãoevitalà to NSA surveillance" May 14 2014
http://arstechnica.com/securit...
As for the "nobody on the inside has ever leaked out." aspect try http://cryptome.org/2013-info/...
The "inside" can now be understood by aspects like "Drug Agents Use Vast Phone Trove, Eclipsing N.S.A.Ã(TM)s"
http://www.nytimes.com/2013/09...
..."employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987."
How past "parallel construction" and telco support will respond to any new "peer-to-peer and voice calling" will be interesting.
How did the US and UK get to past bespoke crypto telco hardware in the 1950's and beyond? Plain text always seemed to emerge just in time.

Apologies to you, AC, for hijacking your highly upvoted comment.

We appear to have something rather serious at work here. A registered user (jelIomizer, the second 'L' is actually an 'i' character or some Unicode variant) posted over 28 posts (all MyCleanPC spam) in under 6 minutes on this article--something neither you or I can do. This smacks of a slashcode bug or admin collusion.

For reference...

Oh yeah, hello to all the friendly NSA propaganda operatives out there. Go fuck yourself.

Carrying around, buying or installing another nations signals intelligence equipment is what most nations try to avoid.
Recall GODSURGE, IRONCHEF, IRATEMONKEY, SOMBERKNAVE, VALIDATOR, OLYMPUS, COTTONMOUTH via ANT.
http://cryptome.org/2014/01/ns...
If you like a phone like device you have COTTONMOUTH, CANDYWIRE with some DROPOUTJEEP, TOTEGHOSTLY.
Its not just the hardware as shipped or altered during shipment. Staff turn off a cell phone at a site and then turn it on 'outside' again - even that is interesting.
Other nations understood this risk over years and have the political understanding to push domestic production. A hall with 100's of local whitebox units vs the small. fast, well coded, expensive import.
With your own nations tech you understand the cpu, the motherboard, all cards, the code. With an import you risk a closed source blob on your motherboard as shipped or added.
Local skills and jobs get a boost, tech funding flows. Might even be an export product range.

Re 'The question is, though, what made them decide to release it?"
Its a bit like the EU report on the ECHELON Interception System years ago http://cryptome.org/echelon-ep...
After a while it becomes better to talk openly about the systems due to the constant flow of data out of nations.
More experts, the press and staff can then talk freely as they comment on the induced story in the press.
If they do not comment on it they are seen as tame as a telco, OS firm or the teams who set encryption standards covering for a gov.
Nations might then walk away and form their own international telco groups well outside then UN.
Thats a loss of funding and power.
So they talk, just like telcos, OS firms or the teams who set junk encryption standards about their need to understand more over time.

"Couldn't they just buy a bunch of computers with no network hardware whatsoever?"
The NSA and GCHQ can cover that air gap with some extra hardware added when shipped.
A tiny burst wireless then sends logged text over a short range to a waiting collection device for storage or other networking.
"NSA Spying Includes Wireless Transmitters To Get Data Off 'Air Gapped' Computers" (Jan 14, 2014)
https://www.techdirt.com/artic...
ie the ideas behind RF transceivers eg SPECULATION, HOWLERMONKEY and CONJECTURE
NSA Codenames
http://cryptome.org/2014/01/ns...

http://cryptome.org/2012/07/ge...

(originally titled: The Gentleman's Guide To Forum Spies)

Oh come on now... the guy may be a tea party-aligned rape fugitive who overrode his political party to caucus with the Neo-Nazis, gave the dictator of Belarus an advance on leaks to be used in purges against his enemies, attempted to blackmail aid agencies by threatening to release information that could get their sources killed (including Amnesty International, to the tune of $700k), makes his volunteers sign 7-figure ultra-repressive NDAs, caused the defection of most of Wikileaks's staff due to complaints from authoritarianism to diverting the organization's money to himself, writes on his blog about how he's a god to women and women's brains can't do math, made a fake op-ed in the name of one of his opponents supposedly supporting him and promoted it with a fake twitter account in his name, wanted his book to be called "Ban This Book: From Swedish Whores to Pentagon Bores", wanted it to be full of his sex stories and at one point interrupted his ghostwriter to leer at a couple of 14-year-olds before remarking that one was "fine until I saw the teeth", cyberstalked a 17 year old before he got famous, and so on down the line ad nauseum... ....that's still no reason to wish him ill.

If you look around and see how other people doing "Whistleblowing" ended up http://cryptome.org/2013-info/...
You can talk to your boss - your job is over, your security work is over. No change
You can talk to a cleared US court - your job is over, your security work is over, you face jail. No change.
You can talk to a supportive US political leader and face a security court - your job is over, your security work is over, you face jail. No change.
You can talk to the supportive US press to face spin that your on the far left, right or a unionist, faker, just a contractor ... and just wanted better pay, conditions, advancement, had staff issues, had personal issues... a short human interest story at best. Your job is over, your security work is over, you face jail. No change.
A lot of people have tried the legal system and the cleared legal teams, the political support and US press. No change.
Try something new. No change in the US political or legal system but the individual is now more aware of the brands/crypto/maths/hardware/software that fooled them.
You can now buy/support/code for any different brand, learn about real crypto beyond tame junk gov standards, write about the small brand changes you have made.
Ellsberg showed generations how historical spin works.
Snowden showed generations how junk crypto and tame brands are sold.

Re 'decide his fate by staying in the US and facing the judicial system ? "
At best he would have found some political interest in his case.
He would have faced a sealed court as just a 'contractor' as the gov aspect of his NSA and CIA work would have been carefully hidden.
A 'contractor' may face all the same legal charges as a gov worker but enjoy few of the gov worker only whistleblowers legal protections.
He would have had all the legal protections of a contractor before a sealed court with a very expensive short list of cleared lawyers.
His legal team would not have the clearance to see, question or ask for more evidence that would support his case.
His legal team would not have the clearance to present more facts to any interested cleared political supporter.
After a short, rigged hidden trial the very public spin would begin.
The left of the US main stream media would understand he was a low level private contractor and not worth reporting on.
The right of the US main stream media would understand he was a low level contractor with far left union ideals and not worth reporting on.
For anyone else the hint that he was a limited hangout would make sure they lost interested in the few public fragments of the case.
Knowing what happens to even the most politically powerfully supported US gov whistleblowers within the US legal system the only wise option was to get the information to the press and then be free of the material.
You can more read about other past US whistleblowers and their US court experiences here: http://cryptome.org/2013-info/...
The other good aspect is that great law reform teams can now work with the public information in public courts and slowly bring more media attention to the loss of US rights and freedoms over the past decades.

That isn't the problem. Joe Everyman expected them to be doing this, but don't know why it's A Bad Thing. All they see is "It's to stop the terr'rists / perverts / commies!" and don't see how it can be abused, not by those in power now, but those in the future.

20 years from now, when the bigots finally get a real right-wing guy in power, they'll look back at all this data and say "Ok, fella's; Find me everyone who ever talked to a brown guy and revoke their passport."

Why is it a bad thing that an organization tasked as the primary conductor of electronic surveillance of other nations is conducting electronic surveillance of other countries? And why is it a surprise? You are right: everyone expected them to do this, and they should. It's their job. If you read their charter, this is plainly clear in the first page. And that goes back to 1952, over 60 years ago.

Don't get me wrong, I think the NSA has gone too far with regard to American citizens. But spying on other nations? Who else SHOULD they spy on...they're a spy agency, for fuck's sake. Why is everyone acting like it's news that spies are spying? There are absolutely zero prohibitions with regard to this in our country...not in the Constitution, not in law, not even in policy. And when you really look at the complaints of other nations, it boils down to objections over how damned good the NSA is at it, since the complaining nations either have their own capabilities or are so primitive *cough, Afghanistan, cough* that they couldn't even dream of attempting it at this time, but are hardly squeaky-clean in their behavior in other areas.

Hardly anything's been released so far:

http://cryptome.org/2013/11/sn...

At this rate, half a century before it's all released, if at all.

http://cryptome.org/2014/05/wa...

Come on, if we let one person break ROT-13, then all the Evil Content Pirates® will do it!!!

A lot of people have been very heroic whistelblowers over many years and have faced a lot of court time.
http://cryptome.org/2013-info/...
Re 'He didn't even release it all" - all the material is now in the hands of the press.
Some of the local press will remove all text ourside their local telcos ie for their own countries consumption. Other members of the press relase more per slide/documnet.
re 'wholesale by the NSA" - that limited hangout is always a risk with material like this.
Countries may be expected to make drastic hardware and software, staff changes brining in new junk equipment to replace older somewhat secure bespoke systems.
As for the "mountain" of data - the NSA faces the same issues 1980's Eastern Europe did with a flood of data from diverse informants and connections within their own databases.
You then need hundereds of thousands of new cleared staff to sort millions of new data points per hop of a nations population.
The good news is people/the wider press now know about the brands, the brands tame legal teams, the brands tech 'experts' and the generations of junk encryption they sold/gave away.
The good news is people/the wider press now know about the local telco hardware offering generations of support for 5++ other nations intelligence needs.
The good news is people/the wider press now know about bulk junk encryption been offerend as tested internation 'standards' over deacdes.
The good news is people/the wider press now know closed source encryption can be weak/junk.
The good news is people/the wider press now know open source encryption can be weak/junk.
A lot of the press, mathematics, programmers, cryptographers, telcos, lawyers and users to ponder.
How could so much crypto that is used by so many be so useless with so many smart teams working so hard? A lot of trap doors per generation of brand and product passed a lot of gov/telco//brand/open source testing.

No, actually, and the hubris of your "Next" comment is telling about how you summarily dismissed this without doing any actual research. Have you ever actually tried to do a traffic correlation attack? Do you even know how Tor works?

Tor, in order to defeat traffic correlation attacks (or at least make them much more difficult), re-negotiates its connection to use a different circuit every ten minutes. The NSA themselves in the leaked "Tor Stinks" document even pointed to this as being extremely difficult, if not impossible, to track users through. The NSA admits that even with manual analysis, only a small fraction of tor users can be exposed. Reference.

This was us (the U.S.) getting back at Russia for helping Iran capture that CIA drone by spoofing m-code GPS with GLONASS. Now we have demonstrated capability to disrupt GLONASS globally.

When GLONASS went live just before the drone was downed, we were still in the process of launching new satellites to regain GPS superiority (Russia had GPS superiority for a short time there).

See, e.g., http://cryptome.org/0005/iran-rsa-cipher.htm.

ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research

- Document (PDF): http://cryptome.org/2014/03/ch...
- View PDF online: http://view.samurajdata.se/

Partial quote from 1st page (1/18):

"This paper introduces a complete side channel analysis toolbox inclusive of the analog capture hardware, target device, capture software, and analysis software. The highly modular design allows use of the hardware and software with a variety of existing systems. The hardware uses a synchronous capture method which greatly reduces the required sample rate, while also reducing the data storage requirement and improving synchronization of traces. The synchronous nature of the hardware lends itself to fault injection, and a module to generate glitches of programmable width is also provided. The entire design (hardware and software) is open-source, and maintained in a publicly available repository. Several long example capture traces are provided for researchers looking to evaluate standard cryptographic implementations."

Keywords: side-channel analysis, acquisition, synchronization, FPGA

ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research

- Document (PDF): http://cryptome.org/2014/03/ch...
- View PDF online: http://view.samurajdata.se/

Partial quote from 1st page (1/18):

"This paper introduces a complete side channel analysis toolbox inclusive of the analog capture hardware, target device, capture software, and analysis software. The highly modular design allows use of the hardware and software with a variety of existing systems. The hardware uses a synchronous capture method which greatly reduces the required sample rate, while also reducing the data storage requirement and improving synchronization of traces. The synchronous nature of the hardware lends itself to fault injection, and a module to generate glitches of programmable width is also provided. The entire design (hardware and software) is open-source, and maintained in a publicly available repository. Several long example capture traces are provided for researchers looking to evaluate standard cryptographic implementations."

Keywords: side-channel analysis, acquisition, synchronization, FPGA

ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research

- Document (PDF): http://cryptome.org/2014/03/ch...
- View PDF online: http://view.samurajdata.se/

Partial quote from 1st page (1/18):

"This paper introduces a complete side channel analysis toolbox inclusive of the analog capture hardware, target device, capture software, and analysis software. The highly modular design allows use of the hardware and software with a variety of existing systems. The hardware uses a synchronous capture method which greatly reduces the required sample rate, while also reducing the data storage requirement and improving synchronization of traces. The synchronous nature of the hardware lends itself to fault injection, and a module to generate glitches of programmable width is also provided. The entire design (hardware and software) is open-source, and maintained in a publicly available repository. Several long example capture traces are provided for researchers looking to evaluate standard cryptographic implementations."

Keywords: side-channel analysis, acquisition, synchronization, FPGA

ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research

- Document (PDF): http://cryptome.org/2014/03/ch...
- View PDF online: http://view.samurajdata.se/

Partial quote from 1st page (1/18):

"This paper introduces a complete side channel analysis toolbox inclusive of the analog capture hardware, target device, capture software, and analysis software. The highly modular design allows use of the hardware and software with a variety of existing systems. The hardware uses a synchronous capture method which greatly reduces the required sample rate, while also reducing the data storage requirement and improving synchronization of traces. The synchronous nature of the hardware lends itself to fault injection, and a module to generate glitches of programmable width is also provided. The entire design (hardware and software) is open-source, and maintained in a publicly available repository. Several long example capture traces are provided for researchers looking to evaluate standard cryptographic implementations."

Keywords: side-channel analysis, acquisition, synchronization, FPGA

Re just get "Just get warrants and get the data from the user's ISP" and "codename of the system that does"
Lets say you have members of the US press finding/requesting/sorting/working on/publishing using freedom of information documents, interviews, other documents open to the public...
You cant get a warrant just because the US press is been too smart and working too hard.
For that you need something classic like FIRST FRUITS
http://cryptome.org/nsa-heroes... ".....maintains a database that tracks unofficial and negative articles written about the agency"
So think in terms compartmentalization over decades spread over many different systems, funding is shared, with complex origins in past domestic and foreign hardware and software ideas.

Is really the key idea. From the old cold war NATO access in countries, shared facilities and generations of helpful local staff. Add in the new NATO countries, Asia, South America, Africa - somewhere cheap new communications loops will have a US or US friendly site to tap.
Nations get cheap deals to replace ageing telco tech thats US price peering friendly and very NSA friendly.
Cooperation of the target country can be one site with the skilled locals thinking its their own govs efforts.
Cooperation of the target a few surrounding nations can be sites with the skilled locals thinking its their own govs efforts.
As long as the NSA can have a site thats physically near some trunk line and political cover from the host nations gov.
http://cryptome.org/2014/03/ns... has the hint :
Few staff know, long term, local and other nations get US export grade mil tech as a swap.
Its ECHELON for web 2.0 and the ability to fake a host, break junk standard web encryption and a few other methods.

Snowden intended to reveal his identity, and he initiated contact with Glenn Greenwald and Laura Poitras. He also outed his own location. Or do you suggest Greenwald pushed him to out himself? As for his motivations, he hardly came off as condescending. He was polite, reasonable, and he didn't just dump the documents on the "sheeple" (which is an actual point of contention, though John Young (Cryptome) is extremist). He delivered the goods, and even Obama has been forced to agree that "it's good we're having a debate".

On his stay in Russia... Putin hardly wants Snowden around. They don't share the same values, and the "fuck the U.S." novelty will wear off eventually. And since he's been communicating regularly with the outside world, someone would notice if he was muzzled.

Meeeep, fail! Item 5 on http://cryptome.org/2012/07/ge...

Sure there is interest in thinking about the future, but "futurism" is to that what homeopathy is to medicine.

Genuine training materials can vary from section to section, contractor to contractor, gov to gov, year to year....
Also the idea that you only give a broad overview to all new cleared staff is just good basic security.
It would mostly be for introductions and training i.e. what can be done and might need rushed computer support on varied servers around the world.
e.g. ip locations that seem local, spelling, using the correct free IM for that part of the world, ensuring back dated logs, looked and feel to art work, any fake metadata in images, faked blogs fit the time line of the events and style of been home made 3-5 years ago.., that names used are not too early or late... in some life story to shatter confidence in a person..
vs the ongoing years of legends on a site such as Slashdot
The deeper stuff is for the teams who actually work on the methods day to day. e.g.
A slashdot sock puppet could follow the classic ideas in "The Gentleperson's Guide To Forum Spies (spooks, feds, etc.)"
http://cryptome.org/2012/07/ge...
You would see a picture of name calling, left right rants, trying to save up the mod points by pushing bland science stories. Trying to invoke authority by posting many different links to left/right media all reporting on the same simple media release backs up their world view.
Trying to change the subject to make it all seem so legal.... post as an anonymous coward and then 'jump in' later...

Look at the sock puppets we get on slashdot :)
Pentagon Spokesman: Public Affairs Must Change With Times (Jul. 25, 2013)
http://www.defense.gov/News/Ne...
"We must communicate with the American public in crisp and memorable lines that deliver a clear and accurate message,”"
Expect to see a lot of hints of new options to shape the flow of information and public opinion in the next few years.
Blocking select servers, the turning of online activists into "busy work" or traps
"Jeremy Hammond: FBI directed my attacks on foreign government sites":
http://www.theguardian.com/wor...
All this will require an inner cadre of new people skilled with the slang, memes and culture to enter and thrive in different online communities building trust, spreading disinformation long term.
Why new people? They may know nothing but a constant war on a tactic and may find aspects of 'privacy' i.e. the domestic legal protections are historical/just red tape/understood talking points to them.
Think of it a cyber 'cannon fodder' for 1000's of sites, chatrooms, forums been flooded with 1000's of unique new/old user names to spread disinformation.
"Revealed: US spy operation that manipulates social media" (18 March 2011)
http://www.theguardian.com/tec...
to "From Twitter with love: American spies snooping on our social media feeds" Feb 17, 2014
http://www.mirror.co.uk/news/t...
also see http://cryptome.org/2014/02/ar...

You have the mil NATO side of many EU members who have totally connected their domestic telcos to the storage and computing power of 5 competing nations (and a few more).
Kind of hard for the EU to compete in a global marketplace if the US gov is given all data in realtime :)
Then you have the post WW2 refugee commitments and protection laws.
How does the EU make it all work out after Snowdens EU telco related whistleblowing?
"NSA inquiry: what experts revealed to MEPs" has some hints:
http://cryptome.org/2014/02/eu... shows some of the EU thinking on Snowden, the NSA and tame telco staff in the EU.
page 16 and 17 show a simple overview of what the NSA did in the EU, onto transborder access, lack of encryption.
Page 26 has 'likely to originate from state entities acting on behalf of foreign governments or even from certain EU national governments that support them" i.e. staff been more helpful to the US than protecting their own govs?
In the face of junk encryption and useless open telco networks it seems the EU has a lot to thank Snowden for.
The good news is the crypto and networking information is out, governments and companies can fix their network use.
As for Snowden, Russia is safe. The press has the whistleblowing material. How the EU mil will work to stop any EU privacy reforms or quality encryption work will the fun to watch over time.

Wow, parent god modded to -1 ...

http://cryptome.org/2014/01/nsa-codenames.htm

http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html

http://www.wired.com/threatlevel/2013/12/nsa-hacking-catalogue/

-- Spoiled Onions: Exposing Malicious Tor Exit Relays

(PDF) http://cryptome.org/2014/01/sp...
http://www.cs.kau.se/philwint/...

&

-- What the "Spoiled Onions" paper means for Tor users
https://blog.torproject.org/bl...

&

-- Scientists detect "spoiled onions" trying to sabotage Tor privacy network
Rogue Tor volunteers perform attacks that try to degrade encrypted connections.

http://arstechnica.com/securit...

-- Spoiled Onions: Exposing Malicious Tor Exit Relays

(PDF) http://cryptome.org/2014/01/sp...
http://www.cs.kau.se/philwint/...

&

-- What the "Spoiled Onions" paper means for Tor users
https://blog.torproject.org/bl...

&

-- Scientists detect âoespoiled onionsâ trying to sabotage Tor privacy network
Rogue Tor volunteers perform attacks that try to degrade encrypted connections.

http://arstechnica.com/securit...

Whats wrong with legal side of how we got months of insightful new crypto and tech news? Thanks to the efforts of Snowden the history of US/UK gov computer science spending can be filled in from 199x to ~200x.
http://cryptome.org/2013/11/sn...
Without Snowden Slashdot would have been filled with years of the same old boring sock puppets. Bland, safe, bulk daily posting stories about trivial technical matters as they build mod points.
Now we understand the old talking points of:
Data sets are too big, telcos would never connect to govs, its only for foreign use, no vast surveillance of domestic groups, no parallel construction, the Constitution, private sector legal teams, press, political leaders, no cpu or cooling could cover that kind of sorting...
We now know nothing protected the public from a vast illegal domestic surveillance network over the years.
We now have news Snowden view of US legal protections for US contractors (as in computer specialist) who speak truth to power.
http://cryptome.org/2013-info/... Many people have tried to stay in the US legal system but thats getting expensive and color of law seems to be getting re interpreted per case.

Whats wrong with legal side of how we got months of insightful new crypto and tech news? Thanks to the efforts of Snowden the history of US/UK gov computer science spending can be filled in from 199x to ~200x.
http://cryptome.org/2013/11/sn...
Without Snowden Slashdot would have been filled with years of the same old boring sock puppets. Bland, safe, bulk daily posting stories about trivial technical matters as they build mod points.
Now we understand the old talking points of:
Data sets are too big, telcos would never connect to govs, its only for foreign use, no vast surveillance of domestic groups, no parallel construction, the Constitution, private sector legal teams, press, political leaders, no cpu or cooling could cover that kind of sorting...
We now know nothing protected the public from a vast illegal domestic surveillance network over the years.
We now have news Snowden view of US legal protections for US contractors (as in computer specialist) who speak truth to power.
http://cryptome.org/2013-info/... Many people have tried to stay in the US legal system but thats getting expensive and color of law seems to be getting re interpreted per case.

Yes the list of some of the past people who tired to work in the US system can be found on sites like :
http://cryptome.org/2013-info/...
The Drake case really showed even with political support and a legal team that been a whistleblower facing own bosses in the US gov in any court is not viable anymore.
http://en.wikipedia.org/wiki/T...

By david e. sanger and thom shanker = jan. 14, 2014

= URL: http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html
=Image: http://cryptome.org/2014/01/nsa-quantum-radio.jpg
== Coverage #1: http://news.slashdot.org/story/14/01/15/1324216/nyt-nsa-put-100000-radio-pathway-backdoors-in-pcs
== Coverage #2: http://cryptome.org/2014/01/nsa-quantum-radio.htm
== Coverage #3: http://rt.com/usa/nsa-radio-wave-cyberattack-607/
=== Archive: http://web.archive.org/web/20140116010210/http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html

"WASHINGTON - The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. calls its efforts more an act of "active defense" against foreign cyberattacks than a tool to go on the offensive. But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level.

Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls "computer network exploitation."

"Whatâ(TM)s new here is the scale and the sophistication of the intelligence agencyâ(TM)s ability to get into computers and networks to which no one has ever had access before," said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. "Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a win

By david e. sanger and thom shanker = jan. 14, 2014

= URL: http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html
=Image: http://cryptome.org/2014/01/nsa-quantum-radio.jpg
== Coverage #1: http://news.slashdot.org/story/14/01/15/1324216/nyt-nsa-put-100000-radio-pathway-backdoors-in-pcs
== Coverage #2: http://cryptome.org/2014/01/nsa-quantum-radio.htm
== Coverage #3: http://rt.com/usa/nsa-radio-wave-cyberattack-607/
=== Archive: http://web.archive.org/web/20140116010210/http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html

"WASHINGTON - The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. calls its efforts more an act of "active defense" against foreign cyberattacks than a tool to go on the offensive. But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level.

Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls "computer network exploitation."

"Whatâ(TM)s new here is the scale and the sophistication of the intelligence agencyâ(TM)s ability to get into computers and networks to which no one has ever had access before," said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. "Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a win

By david e. sanger and thom shanker = jan. 14, 2014

= URL: http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html
= Image: http://cryptome.org/2014/01/nsa-quantum-radio.jpg
== Coverage #1: http://news.slashdot.org/story/14/01/15/1324216/nyt-nsa-put-100000-radio-pathway-backdoors-in-pcs
== Coverage #2: http://cryptome.org/2014/01/nsa-quantum-radio.htm
== Coverage #3: http://rt.com/usa/nsa-radio-wave-cyberattack-607/
== Coverage #4: http://arstechnica.com/security/2014/01/nsa-uses-covert-radio-transmissions-to-monitor-100000-bugged-computers/
=== Archive: http://web.archive.org/web/20140116010210/http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html

"WASHINGTON - The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. calls its efforts more an act of "active defense" against foreign cyberattacks than a tool to go on the offensive. But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level.

Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls "computer network exploitation."

"What's new here is the scale and the sophistication of the intelligence agency's ability to get into computers and networks to which no one has ever had access before," said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and Interna

By david e. sanger and thom shanker = jan. 14, 2014

= URL: http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html
= Image: http://cryptome.org/2014/01/nsa-quantum-radio.jpg
== Coverage #1: http://news.slashdot.org/story/14/01/15/1324216/nyt-nsa-put-100000-radio-pathway-backdoors-in-pcs
== Coverage #2: http://cryptome.org/2014/01/nsa-quantum-radio.htm
== Coverage #3: http://rt.com/usa/nsa-radio-wave-cyberattack-607/
== Coverage #4: http://arstechnica.com/security/2014/01/nsa-uses-covert-radio-transmissions-to-monitor-100000-bugged-computers/
=== Archive: http://web.archive.org/web/20140116010210/http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html

"WASHINGTON - The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. calls its efforts more an act of "active defense" against foreign cyberattacks than a tool to go on the offensive. But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level.

Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls "computer network exploitation."

"What's new here is the scale and the sophistication of the intelligence agency's ability to get into computers and networks to which no one has ever had access before," said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and Interna