Slashdot Mirror
NSA Can Spy On Data From Smart Phones, Including Blackberry
An anonymous reader writes with a report from Spiegel Online that the U.S. government "has the capability of tapping user data from the iPhone, [and] devices using Android as well as BlackBerry, a system previously believed to be highly secure.
The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. ... The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been." As a bonus, the same reader points out a Washington Post report according to which "The Obama administration secretly won permission from a surveillance court in 2011 to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases ... In addition, the court extended the length of time that the NSA is allowed to retain intercepted U.S. communications from five years to six years — and more under special circumstances, according to the documents, which include a recently released 2011 opinion by U.S. District Judge John D. Bates, then chief judge of the Foreign Intelligence Surveillance Court."
BES in theory can only be intercepted and cracked with a massive amount of computation time, limiting the functional use of any dragnet attempts.
Journalists never understand the difference between BIS and BES though.
Secret oversight can't be trusted, and anyone who thought it could be trusted was a moron.
Yet again, the extent of government overreaching continues. Lie about what really is really being done, and with a subtle move along, nothing to see here... "Ohh, look over there,Kim Kardashian."
Simply amazing that what is being assured is not being done, is in reality being done.
Are there any projects within the Android realm that can combat this? Given the open nature of the OS, it'd be nice if we could somehow adequately firewall such things.
Not surprising given that the smartphone hardware and software are very much propreitary in nature, and allow for easier exploitation since third party auditing is practically impossible for the entire ecosystem.
At this point nothing except a ground-up freshly designed and built system and either written from scratch software or highly trusted ones like OpenBSD (without installing anything except base system) can be regarded as tentatively safe, and even this security is gone once such system connects to the Internet since once data is beyond the system, NSA can still intercept and crack it.
We need clean engineered hardware, and software, and that's not going to happen anytime soon, so we have to make do with open source software and best security practices and air-gapping sensitive stuff, or not storing it in digital systems in the first place
And now comes Act II where intercepted data can be shown in secret to a judge to obtain convictions without the defense being able to review same.
Then in Act III trials will be held in secret chambers with no defense.
This is not a signature.
Hey Obanaistas, ready to admit your guy is even worse than Bushitler?
No, we'll just accuse you of being a racist. Hope you understand.
NOPE but I'm willing to admit I'll probably never vote Democrat or Republican again.
Obviously if phone traffic is intercepted most of the crimes mentioned in conversations would not relate to terrorism. One wonders how many criminal prosecutions could take place if all crimes detected were subject to prosecution. Murder plots, cases of fraud and tax cheating, drug sales and smuggling and prostitution would all certainly be found with ease. It would quickly become obvious that our local and national government have little interest if stopping most crime.
If you don't believe this or do not want to believe it think about this one simple situation. People leaving bars in the wee hours are often drunks driving home. A smart cop would not want to stop people at closing time as he would be pulling over bar staff leaving work. But almost everyone leaving a bar 3o minutes before closing is legally drunk. So simply sitting at an advantageous spot and pulling over cars leaving the bar would yield a huge amount of good arrests. Yet town discourage cops from using this tactic as it disrupts business. Think about that a bit. Wouldn't we want to catch every drunk driver every time they drive drunk?
Yeah, the guys who jailbreak iPhones and root Android devices. How about the crackers - all those pirated programs on the internet, or DeCSS and the bluray keys that are published. The ones who hack new features into Canon cameras with third party firmware. You know these guys, right?
Great - now go pick the ones who have trained for this and have PhDs in cryptography. Give them a $80-120,000/yr salary and benefits. Tell them they are responsible for keeping the USA safe by ferreting out every plot that gets communicated over any device in the world.
Congratulations, you now know who works for the NSA. And yet, somehow, we're surprised that they've managed to crack (for surveillance) the same devices we crack for entertainment and features.
Is it just my observation, or are there way too many stupid people in the world?
In fact, I don't. How about explaining it to me?
It's all we have left.
I cannot thank you enough for making all this information public, and for giving up your normal life to inform us. I hope that one time you will be recognized by the UN, EU and most hopefully for you the US, so you can return to your own country without being prosecuted.
What is the sentence in the Soviet Union for being convicted of insanity??
Varies depending on who you pissed off.
http://en.wikipedia.org/wiki/Political_abuse_of_psychiatry_in_the_Soviet_Union
From a previous post, here's the collected list of suggested actions people can take to help change the situation.
Have more ideas? Please post below.
Links worthy of attention:
http://anticorruptionact.org/ [anticorruptionact.org]
http://www.ted.com/talks/lawrence_lessig_we_the_people_and_the_republic_we_must_reclaim.html [ted.com]
http://action.fairelectionsnow.org/fairelections [fairelectionsnow.org]
http://represent.us/ [represent.us]
http://www.protectourdemocracy.com/ [protectourdemocracy.com]
http://www.wolf-pac.com/ [wolf-pac.com]
https://www.unpac.org/ [unpac.org]
http://www.thirty-thousand.org/ [thirty-thousand.org]
Join the class action suit that Rand Paul is bringing against the NSA.
Suggestion #1:
(My idea): If people could band together and agree to vote out the incumbent (senator, representative, president) whenever one of these incidents crop up, there would be incentive for politicians to better serve the people in order to continue in office. This would mean giving up party loyalty and the idea of "lessor of two evils", which a lot of people won't do. Some congressional elections are quite close, so 2,000 or so petitioners might be enough to swing a future election.
Let your house and senate rep know how you feel about this issue / patriot act and encourage those you know to do the same.
If enough people let their representivies know how they feel obviously those officials who want to be reelected will tend to take notice. We have seen what happens when wikipedia and google go "dark", congressional switchboards melt and the 180's start to pile up.
Fax is considered the best way to contact a congressperson,especially if it is on corporate letterhead.
Suggestion #2:
Tor, I2dP and the likes. Let's build a new common internet over the internet. Full strong anonymity and integrity. Transform what an
eavesdropper would see in a huge cypherpunk clusterfuck.
Taking back what's ours through technology and educated practices.
Let's go back to the 90' where the internet was a place for knowledgeable and cooperative people.
Someone Added: Let's go full scale by deploying small wireless routers across the globe creating a real mesh network as internet was designed to be!
Suggestion #3:
A first step might be understanding the extent towards which the government actually disagrees with the people. Are we talking about a situation where the government is enacting unpopular policies that people oppose? Or are we talking about a situation where people support the policies? Because the solutions to those two situations are very different.
In many cases involving "national security", I think the situation is closer to the second one. "Tough on X" policies are quite popular, and politicians often pander to people by enacting them. The USA Patriot Act, for example, was hugely popular when it was passed. And in general, politicians get voted out of office more often for being not "tough" on crime and terrorism and whatever else, than for being too over-the-top in pursuing those policies.
Suggestion #4:
What I feel is needed is a true 3rd party, not 3rd, 4th, 5th, and 6th parties, such as Green, Tea Party, Libertarian; we need an agreeable third party that can compete against the two majors without a lot of interference from small parties. We need a consensus third party.
Suggestion #5:
Replace the voting system. Plurality voting will always lead [wikipedia.org] to the mess we have now. The only contribution towards politics I've made in years
That is so obviously unconstitutional that the FISA court is clearly in violation of its oath to uphold the constitution.
The real "Libtards" are the Libertarians!
Are you that blinded by your partisanship or are you just a retard?
The two often go hand in hand.
Blackberry gave up all security years ago... Nobody remembers that UAE demanded access and they rolled over nearly instantly.. They probably handed everything over to the NSA without them even asking.
Do not look at laser with remaining good eye.
How has voting for the major parties worked out for you would be a better question.