Slashdot Mirror
How NSA Spies Stole the Keys To the Encryption Castle
Advocatus Diaboli writes with this excerpt from The Intercept's explanation of just how it is the NSA weaseled its way into one important part of our communications: AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world's cellular communications, including both voice and data.
When you have the money and will technology and people are easy to get
I'm a consultant - I convert gibberish into cash-flow.
Can we all just agree that the NSA is the most nefarious hacking group, the most dangerous and out of control? That they make all the other so called "black hats" look like innocent little babies?
I think we all need to work together to get rid of this terrible, nasty, unpredictable hacker group -- for the sake of national and international security. They represent a clear and present danger to the future of this country.
If telephones are outlawed, then only outlaws will have telephones.
Under what possible interpretation of the law can this be considered the actions of lawful government?
It's not just about SIM cards.
Gemalto makes smart card readers etc. Think not just communications, nor banking. Think secure access. We use things like that to ascertain authenticity and inviolability in signed documents, emails etc.
We used.
Actually it is surprising. Many if not most large government IT projects are appallingly run. Vast amounts of money wasted on useless consultants that end up producing very little if anything at all.
As the NSA's budget grows and grows, I suspect this will happen to them. Lots of MBAs that can only organize their own careers, while the crypto-nerds are pushed into the background.
At what point do we start putting these criminals away? They have broken every law on the books.
Oh, I'm sure they can find something. You can't do anything about it -- you can't sue -- because you don't have standing. You'd have to show they were listening to *you*, just to start with, and then you'd have to have a few million to push it through to the supreme court.
And *then* of course you'd be facing the same idiots that think "shall not infringe" means "infringe", "intrastate" means "interstate", article 3 means article 5, and that "no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized" means "as long as we think it's reasonable, we can search and seize to our heart's content", and " no ex post facto Law shall be passed" means "retroactive punishment is no problem."
The only privacy you have at this point is in your own head. Assuming you haven't spoken, written down, or otherwise "shared" your thoughts.
The system is broken. Badly. And very few care -- we're stuck on this downhill-all-the-way roller coaster ride.
I've fallen off your lawn, and I can't get up.
Yes well they were at war with Germany. Now the government is at war with - the people?
Veterans Today on February 11, 2015
Why the United States Always Loses Its Wars
We are the global village bully that's hated by much of the world.
America loses all its wars because it seems we've always been on the wrong side of history. Morally nor legally should any nation have the right to invade and occupy another sovereign nation, much less believe it can achieve victory in long, protracted wars.
Yet in violation of all ethical precepts and all international laws, the sole global superpower citing its impunity through exceptionalism hypocritically insists it can maintain its moral high ground in its relentless pursuit of regime changes anywhere it so chooses on earth. We are the global village bully that's hated by much of the world.
And it's pure self-aggrandizing bullshit to perpetrate the myth that America is hated because of our "freedom," another rhetorical brainwashing lie. We now live in a fascist totalitarian police state run by a globalized crime syndicate of the central banking cabal. As of last April per a Princeton-Northwestern study the US has officially been designated an oligarchy.
Last year after a group of ethnic Russians living in Crimea voted to become part of Russia, the Russian military claimed control over its own naval base there that the US-NATO had been lusting to steal after the unlawful overthrow of Ukraine's democratically elected sovereign government.
Ever since it's been nonstop lies and propaganda propagated to demonize Putin as the aggressor when in fact all along it's the American Empire that's been recklessly pushing what could end up World War III against nuclear powered Russia. With US-NATO missiles installed on Russia's doorstep in virtually every former Soviet eastern bloc nation, hemming Russia in, who's really the aggressor here?
The WMD lie that was the repeated mantra used as prewar drum beating propaganda to launch a war against humanity in Iraq a dozen years earlier is now being replayed as deja vu all over again to amnesic, dumbed down Americans. Despite defeats in both Iraq and Afghanistan still being dragged out as America's longest running wars in its history, the US-NATO war machine is once again prepping for yet more war raging now in Eastern Ukraine.
The US government's rush to war hit a minor snag the other day when various European nations like France and Germany announced their opposition and refusal to send arms to the Ukraine government, wanting to give peace talks with Russia a chance. Today's headlines state that Obama has been forced to pause in his arms rush, not unlike the world turning against his rush a year and a half ago for air strikes in Syria after the false flag chemical weapons attack that was actually launched by US backed rebels.
So it may not be full speed ahead for US Empire to ship its heavy weaponry to the eastern warfront after all. It is being reported that mercenaries speaking American English, Polish, French and Flemish are fighting for the Kiev government in Eastern Ukraine against ethnic Russians who are fighting for their independence, their home and their very survival. And with their backs up against the wall, recently the eastern Ukrainians have beaten back the Ukrainian government forces. Again, the US has a knack for being on the wrong side of history.
No true victor can emerge from any war on either side. The incessant US aggressor boasting superior firepower as the most deadly, expensive military force on the planet (spending more than the next ten nations combined), America has little to show for itself as it has not won a single war in seventy years!
Neo-colonialism cloaked in imperialism, balkanization, economic exploitation, debtors' theft, indentured servitude and enslavement can never be justified as the spoils of war. It's a losing proposition in every imaginable way, not only for the aggressive American Empire that keeps starting and losing war aft
It's what they'd do.
That's already sort of the case. The NSA and similar agencies in other countries are LOADED with useless incompetent staff and engineers. It has everything to do with their impossible hiring practices combined with it being a shitty unethical job. They don't even pay super well, and anyone competent can make more in the private sector.
This makes the whole thing even more scary to me, because being utterly corrupt and not very bright are pretty much absolute requirements for the job. The fact that they get anywhere at all is because they have a huge budget and federal backing to force companies to play along.
I'm always extremely skeptical of stories that the NSA actually broke something through math. It's way way more plausible that they simply paid someone off on the inside.
I think the points are though, that first, companies do not do a good job of cybersecurity, or security at all for that matter. This is the issue that allowed another party to gain access to the crypto data for the SIM cards and for other security mechanisms in order to defeat them.
And second, while the NSA and the British equivalent might be unweildy bureaucratic monsters where those in-charge might not even know what the appendages are doing, they're well-enough funded that they can afford to buy people off to socially-engineer their way in to places where they wouldn't otherwise have the right to go. That gives them the ability to get into corporate networks or to get data from individuals working for corporations; they buy their way in and the consequences of the actions of the employee are not the NSA's concern. All they want/need is the data, and if they can buy it for cash or buy their way in for cash then they might just do that.
Security is hard. Ultimately it comes down to the individual employee, who has to have access to what he or she works on, but by having that access, also can be a risk. A multimillion dollar system can be compromised by a single technical employee because that employee needs access through those safeguards to do the job. It's really no different than bribing the guards at the castle to get in.
Do not look into laser with remaining eye.
...can we all return the favor by pressuring the government to Grant Snowden Clemency?
If people don't stand up to protect whistleblowers, then there will be no whistle blowers, and government evil will run unchecked.
Sign it.
While I think some of the points, however plausible, are a bit on the side of paranoia, the Libertarians firmly believe that we should have only a defense force and not project power.
The current rational now for IS - or whatever they are called now - is to fight them over there so they don't come over here. They just want control of the Middle East - they are no threat to us. Also, the Arabs, Persians, Kurds, and other people's of the Middle East have been dealing with their ethnic problems for thousands of years. And of course, being there, we the USA are going to fuck things up even more.
Unfortunately, we have a populous who treats our military conquests like a football game. USA! USA! win! It makes small people feel big.
We in the USA are small people who like big guns. We lost the idea of walk softly and carry a big stick.
We bluster, shoot things up and wonder why other peoples hate us.
But this football mentality is how you get people to volunteer to fight in idiotic and unjust wars - get the stupid people to die and get maimed for the elite.
GSM never used end-to-end encryption, so I don't think anyone should have considered it secure.
It is a big deal that the US did this to their European allies.
International corporations owns the US, the corporations want everyone's data so they can destroy their competition. If the US government is actually in charge, all the banks would have been sued after the 2008 financial crisis, but they didn't, the banks and big corps own the US and they own you. That's who the data is for, they want dirt on everyone just in case they one day become a threat to the corps.
Why The NSA Leaks Will Lead To More Economic Espionage Against American Companies
My source.... well... here goes.
Yes, they actively recruit Math and CS majors with high GPAs. That is true. ... probably more steps which I haven't mentioned.
However....
In order to get in you must:
1) Pass a preliminary security interview
2) Pass a polygraph test
3) Pass a drug test (including for marijuana) - this eliminates a LOT of competent people
4) Pass a more in-depth security interview
By the time this is all done, about a year and a half has gone by. A bunch more of their potential recruits will be established at a job they want to stay at at this point. The ones who are still seeking work are unemployed after so much time for a reason - often because they're incompetent.
On top of that, the pool of people morally corrupt enough to even _consider_ working for the NSA is teeny.
GPA is one predictor of competence at work, but it's not a 100% reliable predictor by any means. There are many people who can breeze through academia but who are utterly useless on any real job. People like this _like_ government jobs where they may get a permanent contract and where no one can judge their level of competence.
It REALLY is this way. Every single government security agency on the planet has this same problem and the NSA is no different. Competant people do not work there for long. They will lose their minds or end up the next Edward Snowden.
Actually it is surprising. Many if not most large government IT projects are appallingly run. Vast amounts of money wasted on useless consultants that end up producing very little if anything at all.
As the NSA's budget grows and grows, I suspect this will happen to them. Lots of MBAs that can only organize their own careers, while the crypto-nerds are pushed into the background.
Except that this is not an IT project, but an espionage project. It just happened to have an IT component; one very different than the create a web site / database / payroll system project.
I'm a consultant - I convert gibberish into cash-flow.
And, unlike most of us, Snowden actually did something about it. As a result of his revelations, political pressure is being applied to the government from many different directions to get the situation resolved.
Of course, it cost Snowden his job, and his ability to live in his own country, and might still land him in jail or worse.
You could swallow some of that cynicism and at least try to improve things. Maybe ask the government to grant snowden clemency?
Nah. Why exert the effort to click an online petition when it is so much easier to just bitch about how hopeless things are?
So if somebody breaks into your house, steals your car keys and proceed to run somebody over they should sue you for manslaughter? Because you know you could have put those in a safe inside a vault inside a bunker and not in your spare pair of pants. No, what you describe is pretty much the reason the US legal system is what it is and having a ton of good lawyers on staff is a necessity. And it wouldn't really stop the NSA anyway.
Live today, because you never know what tomorrow brings