Re "would do whatever people in authority tell them."
Also recall the PRISM list from the side of helper brands.
Apps, networks, devices, crypto got opened or was left open. Never looked, found, questioned, had the skills to or noticed splitters, servers and a huge outflow of domestic user data from their own most advanced and most secure internal networks.
If such vast efforts went unnoticed, unreported, who or what else set up an internal hardware location for years:)
With the right paperwork, contractors would walk any devices in for anyone:) Weak or secret court mandated no internal crypto vs the fake warrant a new optical link:)
The interesting part is what the NSA and GCHQ gifted all that the the world for free after the Clipper chip, export issue years https://en.wikipedia.org/wiki/...
The clandestine services seem to want as many people feeling "safe" using trackable cell and mobile computer networks rather than been cautious and not investing in carrying a beacon, voice print recording device around with them all the time.
Any public crypto code did not slow, stop, phase or bother the 5 eye nations, the only fear was that people would not carry a cell phone.
The trick was not in decryption but the magic of people feeling they could not be tracked in a flood of massive new networks.
The "unbreakable" code was the bait, getting malware to read data input and plain text display per phone was easy given the tame and limited big brand product range around the world.
The next step is to do away with any legal cover that worked for a few decades and just read plain text in open courts. The phone OS brand gets named in open court as the informant. The gov conscripted OS will get to data entry before and plain text after any and all free or private sector perfect crypto software app user layer.
Cities and development campuses, research parks around the "free" world will be very attractive for that. Local political leaders will allow crypto exports, tax breaks for new local hi tech jobs with any big brand.
Other nations have enough real human informants, other direct methods and will get all metadata not to have to care about message content for export telco designs. They did not waste all their efforts on contractors and signals intelligence and would still have real human skill sets.
Once the US gov starts conscripting its brands to design with a gov front door, back door, trapdoor as policy it will be interesting to see the international reaction.
Buying a phone with the 5 eyes, US (federal, state, city) law enforcement and any contractors, ex staff and former staff "inside" by default is a huge security risk.
Greek wiretapping case 2004–05 https://en.wikipedia.org/wiki/...
SISMI-Telecom scandal https://en.wikipedia.org/wiki/...
shows what weak turnkey telco products can do to a national telco network. Now add the fun of weak junk US gov conscripted crypto keys been sold to anyone around the world with the cash and connections.
It depends on what DIRECT domestic access would mean to a brand and its obligations?
Government or mil optical and splitters, servers deep in their network after any brand encryption had been removed would be the best win for the gov/mil.
That would show access, support and cooperation at a brand level. Legal, tech, everyone knew and happily helped.
Some other law enforcement operation was used as a domestic cover for years and they got 100% brand cooperation. Other mil and gov networks followed that wide open path in and collected everything. The brands never asked, looked or even understood what was been done to their own networks...
A small amount of brand staff got allowed into a gov program and set up the splitters, servers and that stayed in place, other staff unaware of their own networks status and totally unaware of the mass collect it all outflow of information..
Cooperation or a total lack of understanding of their own staff, secure internal networks...
What feels better?
That staff totally helped the gov with collect it all domestic spying? The staff could not, got prevented from, would not or never had to skills to secure their own networks?
Does domestic spying with insider help from a secure network sound better? Or a private sector network that the gov/mil could keep open and nobody noticed? The staff never looked any deeper as it was as secure as they that the skills to make it?
The brands helped the gov and mil? Or the mil and gov found a way in and never got discovered, even with bulk domestic collect it all for years?
Not one smart person saw an extra splitter, server or wondered about their data outflow, heat, power use? If such hardware freedom over many years was allowed, what else could have made its way deep into the most secure networks? Other govs? Other mils? Anyone with access and a good cover story could walk in and install anything? How does years of hardware access sound?
Direct could be about a server been placed, a new contractor build splitter room? vs a software solution? ie BLARNEY, FAIRVIEW.
This walled garden will be like a game museum that developers will have to code down to and enjoy having their creativity limited.
Welcome back to MSDOS games, this generations 320 or 640 resolutions and a sound card...
Enjoy the bright and colorful world of console safe textures been forced back on a more advanced desktop.
Every game will run real pretty at a nice smooth 60fps just like it did in 2013. Just dont ask too many questions about resolutions or fun. No counting pixels and asking about the total lack of any advancement year after year.
Developers trapped in another decade of low quality games for all Windows users just to keep that console hardware working.
Be what's 2013 and that game will always work.
“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”" was directly from "The Encryption Tightrope: Balancing Americans’ Security and Privacy " from the House Committee on the Judiciary Hearings at the 4h 45 min point. https://www.youtube.com/watch?...
The tool is transportable.
What "paper work" is presented online for the press, media in public as "court order" might not always be the real story. Note what was actually asked for:)
Once the "subject" device is open, the created tool set in gov hands is ready for the case lists at a state and federal level. Welcome to a conscripted GovtOS.
The FBI wants a tool that is ready for a long list of other domestic cases. A tool that is portable, federal support for state law enforcement ready. The domestic, court ready, master key for a generation of phones.
"“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,” "(March 2, 2016) http://nypost.com/2016/03/02/f...
Its not a "one-off" or just for this case tool.
The NSA owns that tool set, missions, contracts, bids, contractors and the wins that result. The funding and fame follow the wins . The no bid contracts and experts gravitate to the NSA ensuring every generation of telco product is wide open to the US gov and mil. Only the NSA can then secure, support or plan any such missions.
When federal and state law enforcement get in on the bids for the same tool sets? Any state contractor, federal contractor can then sell their tools at a low cost and the national publicity goes to the FBI.
Political leaders see new hi tech contractor jobs in FBI support in their states and the contractors that get the new work can the support the local political leaders re election that got them the new FBI contracts.
Everyone is now winning, new federal cash is flowing out, political leaders helped their local hi tech sector with new gov work, the FBI has a flood of new cases in open court and wins.
What was the NSA's missions, fame, role, new experts, no bid contracts, code and skills now in the hands of state officials, local law enforcement, federal gov workers, anyone working with US federal law enforcement around the world. All the ex staff and former staff who got invited in on the methods.
Anyone interesting stops using US branded trapdoor and backdoor ready turnkey network, telco and computer devices.
A few decades of easy tracking, voice prints, effortless decryption is lost in months in open court.
The cults, faith groups, criminals, dealers, embassy "agents" who once had to be seen with a phone just to keep the cover as been a normal person that was always reachable all go dark.
A lot of different ideas have been tried. From Microsoft Chrome https://en.wikipedia.org/wiki/... that allowed the users own computer to produce rich content.
Add more gzip https://en.wikipedia.org/wiki/...?
Give the user the site text or images to get them looking, then load in the ads? Load the ads first, then present the full page?
The problem is all the trackers, ads, super cookies need to be connected. Giving the users a bit of quick up front content to then allow ads to load is fun. Keep the user looking for the seconds as the many complex ads get loaded.
What can a site do? Run a script to detect an ad blocker? Suggest a monthly payment and block the page from that user or request the ad block is removed?
The user can then opt to block scripts and have minimal content or not return to the site.
The "hidden agenda" has always been in public view. Follow the funding and the ability to be seen as having the only role to win missions.
Recall PRISM. The NSA has its way into all the US brands and likes to be the one stop security gatekeeper of all such missions.
The big brands let the US gov in by default, working with the US gov or the US gov found some always open way in that was always kept wide open..
The ability to collect information, act on it and then decide who and how to share it with is what protects a massive mil and gov budget. Moving beyond the very limited support role to getting budgets for setting and winning missions.
No other branch or group within the US gov or mil is going to get the new budget support or to be allowed to be seen as winning the same mission at a lower price or legally in a domestic setting.
The idea that any such methods would leak out in open court under cross examination or end up in front of another Church Committee
https://en.wikipedia.org/wiki/... asking question about a vast network to spy domestically is not going to be allowed.
This is all about the FBI getting the same lists of contractor tools and then not requesting the NSA domestically or for shared international criminal investigations.
Once the FBI shows how easy and cheap getting to US gov mandated trapdoors and backdoors is, thats funding, fame, political access for the FBI. More funding and missions move to the easy, lower cost and very legal FBI and away from the legally complex domestic role of the NSA.
The FBI can also stand before a domestic court, the US press and political leaders and tell of their new efforts and wins. Funding flows and other budgets get reduced.
No bid NSA support contracts are then wide open to FBI tender and real marketplace competition. Skills and brands move in and the funding for new tools is shared domestically. Once secure generations of no bid contracts are lost.
The methods then leak, get sold, mentioned in court, ex and former staff and contractors sell their skills to the world.
Better to keep it all secret, never face any court, push for "privacy" and ensure only the NSA gets funding and keep its role as the main provider of such expensive and expert skill sets.
FBI got look into all the NSA "collect it all" material that held US citizens communications.
No records got kept of what the search was or was for, the amount of searching, no US courts needed.
After been exposed by whistleblowers, secret rule changes did something in secret to restore the missing internal oversight of domestic searching.
Terms like "additional supervisory approval" would point to the same vast domestic access just with more staff and a better domestic bureaucratic paper trail.
ie the "backdoor search provision" stays for domestic spy use but more bureaucrats have to ensure they have the internal, secret powers to reauthorize and log their own staff.
Same vast domestic spying, just better records on what was searched for domestically and who did the search.
Think back to something like MAIN CORE https://en.wikipedia.org/wiki/... now with a secure log in and new logging of all searches.
Yes. The wider community will have to pay for this in terns of "clean up", paper work, loss of reputation or conflicting legal issues.
Embrace, Extend, Extinguish just keeps giving over any open project. Flood with code, new ideas. Extend the project into the busy work realm. Then extinguish as the vast tainted project becomes more work just to keep track of rather than ever been productive again.
Re AC and the "All that has to be done is to repackage the same malware with the new app, or some other app, and it will happen again." issue.
That is the problem. All that can be done by most protective offerings is to look at past reported issues and get that detail out to all users.
Actual understanding of what is been run, what other code an application could download with and then alters is still a missing step in real time.
If the application is not reported, it will pass as clean and can run and so can other included code thats along for the ride.
Patrick Wardle, Synack had a good video on what could be done for OS X and offer more protection.
https://www.youtube.com/watch?...
Equipment sharing, build costs, government standards, ability to track, ability to get text, voice prints, gps.
Every generation was designed, built and sold globally on the expectation that law enforcement and the mil would need total live access or be able to recreate movement maps from standard logs.
The only need was to keep out random people with consumer or more advanced methods from getting to actual voice conversations.
Such thinking would go back to the late 1970's, early 1980's as very early standards got set. No interesting person was going to get a free one time pad and number station to move around the world with. So a lot of standards got set so the mil and govs could get access to almost all the surrounding "billing", "meta", "location" "company" logs. Voice prints was the other emerging fun aspect. Now mil tech is in the reach of local city, parish, state, county law enforcement budgets with historically few or no local or federal court oversight.
The other aspect would be a more easy transfer between any brands tower as a user moves. Less complexity, less math needed to be done, more gov/mil support.
Thats what some nations are doing. Starting again with their own fabs. Lots of secure local jobs, their own hardware and code.
Power use is going to be huge, speed slow, heat will need new engineering solutions but the domestic hardware and software will be more secure.
An imported turn key product with keys floating around, coded back doors, other nations security services... some tech just no worth importing any more.
re 'Governments need to get it through their head that there is no electronic lock that can keep criminals out if the Government can get in."
France has always had very good human informants. Most people in contact with, entering or exiting the French justice system get made an offer to become informants at some point. Refusing that nice request created new issues.
Thats generations of interesting people who get turned into informants. They can go where cell phones would not be allowed or undercover police get detected every time.
So the human side is totally covered. The GCHQ and NSA have been helping parts of the French mil since the early 1970's to have a NSA/GCHQ 5 eye mastery of every aspect of their domestic telco systems.
Having no issues with the human intelligence and signals intelligence, why not just tell the wider public what the new laws will be?
The electronic locks would always open for the gov, its just more legal in open court now:) The other aspect is that any exported turn key software or hardware really has a few court/mil ready keys floating around.
Re 'If anyone really, really want to crack an iPhone, they'd do it"
Its always about the next case and getting US brands staff used to been conscripted by the feds. The NSA does not want their skills listed in open state or federal court.
The next 100 or 200 phones on federal or state AG lists might have some individuals with the ability to hire real legal teams. Questions about evidence and finding their own experts to cross examine in open court are never good new for decades of hidden technical methods and big brand support.
The new ability of a gov official to legally say in open court that the big brand was conscripted to unlocked the phone blocks a lot of the more interesting questions.
The neat part is as the gov forced the workers at the private sector brand to break the encryption, methods, skills can stay a gov secret too:)
What was parallel construction will now be direct to open court with no questions about the origins, methods, fruit of the poisonous tree, color of law or NSA help.
No gov sector expert can talk to the topic as it was a private sector product and service. No private sector staff can ever talk as they are now working for the US gov and that is a secret.
Thats why the demand is for a tool to load onto their (US gov) computers. Its a tool for city, state, county, parish, federal use. Then contractors, other nations, their contractors and anyone who can afford to buy the services of ex staff or former staff.
AC re 'it's just about one iPhone data ". Its about been conscripted to create a portable master key for a generation of US phone products. Once created, a generation of hardware and software is open to anyone who can buy or ask for or use the same keys. A generation of phones are then at risk.
"‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”
http://nypost.com/2016/03/02/f... (March 2, 2016)
That could have been fixed under the Rome Convention, 2005 Protocol but it seems all the big powers only want their own nations mil with big flags flying or a push for ever more UN powers.
The inherent right of individual or collective self defense seems to have been totally blocked by the big powerful nations who could have allowed more protections at any time in the past decades but ensured nothing was useful was done.
All they did was update the forbidden cargo lists to contain nations doing bad exports and the right for a navy to stop them ie more state only policy was added.
The UN and the big powers wanted to keep their monopoly of force with their own govs and mils.
The question of who is a pirate and what another nation can do to any nation harboring pirates gets to be fun. What would be the limits for justifying a counter attack?
Failed state? Lax state? Poor state? Coup in play? Are Western backed freedom fighters pirates? One nations pirates are another nations clandestine services backed, freedom loving, moderate, pro democracy forces:) The US suppression of the trade in drugs going out far over maritime zones?
All that has been done is a call for more naval units, international criminal investigations ie tracking pirates financial and logistical support. The UN and big nations like the proportionate use of their warships. The other neat new trick is to "invite" a nations customs inspectors for trade back to that nation.
Everything has been done to support the US gov, project UN power and nations navy patrol options. The US and UN took great care to shape the scope of any new options and selected the UN, big navy and big gov as the only real option.
Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation https://en.wikipedia.org/wiki/...
AC the "revoke" issue wont work to try and keep it for "one" physical. The request is for code that is on a drive that is given to the US gov. The computer code can then be used to open product lines at a state and federal level.
The code as a method on a computer hard drive is been conscripted for a generation of phones, not one physical phone.
Again the House Committee on the Judiciary Hearings, The Encryption Tightrope: Balancing Americans’ Security and Privacy (Streamed live on Mar 1, 2016) https://www.youtube.com/watch?...
4:44 and onto 4:45 has the details on the request made.
Tool was to be put on a hard drive.
Hard drive with the new tool was to be sent to US gov.
A gov computer would then perform the task. Portable, reusable.
More details at (March 2, 2016) http://nypost.com/2016/03/02/f...
"“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”"
The House Committee on the Judiciary Hearings, The Encryption Tightrope: Balancing Americans’ Security and Privacy (Streamed live on Mar 1, 2016) https://www.youtube.com/watch?...
Try around the 4:05 point in. 200 phones are in line for the same skeleton key needs. As mentioned, that federally demanded, universal "skeleton key" will be ready as an overlap for State and Federal courts:)
Wall each tab or window, browser site just for that set of ads, cookies, tracking per site, only for that site.
As if the user had one clean browser just for that site.
The site can then log that a persons ip loaded their ads, their content, trackers, cookies (flash, super) was set, placed and worked.
For a few seconds just from that site without getting any stats about the user other habits, browser widows, tabs for hours, days, weeks:)
The end user saw nothing of the ads as the the scripts worked, no extra information about browsing habits, other sites got pushed up, collected or leaked.
The site registers ad views, the user sees nothing, the deep cookies only worked for that page or site and then get removed.
AC thats about all it is about. A mil and gov version of the US style Ag gag laws https://en.wikipedia.org/wiki/... to stop public comment on mil spending and shield no bid mil contractors from press comment.
The mentioned list is:
Epidemiology, the almost total lack of advance medical containment for patients per state and reduction in agricultural inspections thanks free trade deals.
Biotechnology: quarantine laws are been removed to allow more international trade deals. No talk in the press, no reports of new outbreaks due to policy changes so the policy is good if no reports are made.
The quantum computer aspect, quantum computers, signal processing is trying to secure dual use mil and civilian communications networks. Every mil base is basically connected to wide open civilian communications networks built by random global contractors. The hope is quantum computers will allow for effortless secure mil communications over the same public and international networks. A huge risk for any military to have to trust civilian communications networks rather than its own networks. A lot of domestic spending on quantum computers will try to solve the lack of any telco network design.
Defence to invest over AU$5b in cyber and IT to rectify under-investment (February 25, 2016) http://www.zdnet.com/article/d...
Satellite sharing and a lack of secure satellite systems is another long term issue that should have been fixed but never was. Some vital mil satellite systems are shared with a few other nations, their govs, mil and contractors:)
Fault-tolerant systems dont exist and never got designed in. The less the wider public and press knows about that the better for the political class. No real fuel reserve policy, a very basic communications backup system.
Australia nearly completely dependent on imported fuel (24 February 2014) http://www.abc.net.au/radionat...
Image processing is basically what generations of staff learned from the "NRO" during staff trips. A huge amount of skilled staff could spot Soviet 1960-80's equipment thanks to US sharing:) A new generation of staff are trying to learn more eg Torus multi-beam antenna, infrared systems.
The Pine Gap project http://nautilus.org/briefing-b...
Robotics is basically drone work and AI for drones. Nothing unique that any other advanced nation can work on given the same levels of funding.
AC re 'but to my knowledge no one has ever found any." did you forget all the interesting PRISM news back in 2013? http://www.dailymail.co.uk/new...
Microsoft handed the NSA access to encrypted messages http://www.theguardian.com/wor...
"encryption unlocked even before official launch"
".. helped the NSA to circumvent its encryption"
"... routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport""
Re "Make it part of core functionality."
http://icab.de/info.html offers that on OS X.
Re "What else can I do?"
Get a game VR ready for Windows. 4K, 90fps.
Re "would do whatever people in authority tell them." :) :) Weak or secret court mandated no internal crypto vs the fake warrant a new optical link:)
Also recall the PRISM list from the side of helper brands.
Apps, networks, devices, crypto got opened or was left open. Never looked, found, questioned, had the skills to or noticed splitters, servers and a huge outflow of domestic user data from their own most advanced and most secure internal networks.
If such vast efforts went unnoticed, unreported, who or what else set up an internal hardware location for years
With the right paperwork, contractors would walk any devices in for anyone
The interesting part is what the NSA and GCHQ gifted all that the the world for free after the Clipper chip, export issue years https://en.wikipedia.org/wiki/...
The clandestine services seem to want as many people feeling "safe" using trackable cell and mobile computer networks rather than been cautious and not investing in carrying a beacon, voice print recording device around with them all the time.
Any public crypto code did not slow, stop, phase or bother the 5 eye nations, the only fear was that people would not carry a cell phone.
The trick was not in decryption but the magic of people feeling they could not be tracked in a flood of massive new networks.
The "unbreakable" code was the bait, getting malware to read data input and plain text display per phone was easy given the tame and limited big brand product range around the world.
The next step is to do away with any legal cover that worked for a few decades and just read plain text in open courts. The phone OS brand gets named in open court as the informant.
The gov conscripted OS will get to data entry before and plain text after any and all free or private sector perfect crypto software app user layer.
Cities and development campuses, research parks around the "free" world will be very attractive for that. Local political leaders will allow crypto exports, tax breaks for new local hi tech jobs with any big brand.
Other nations have enough real human informants, other direct methods and will get all metadata not to have to care about message content for export telco designs. They did not waste all their efforts on contractors and signals intelligence and would still have real human skill sets.
Once the US gov starts conscripting its brands to design with a gov front door, back door, trapdoor as policy it will be interesting to see the international reaction.
Buying a phone with the 5 eyes, US (federal, state, city) law enforcement and any contractors, ex staff and former staff "inside" by default is a huge security risk.
Greek wiretapping case 2004–05 https://en.wikipedia.org/wiki/...
SISMI-Telecom scandal https://en.wikipedia.org/wiki/...
shows what weak turnkey telco products can do to a national telco network.
Now add the fun of weak junk US gov conscripted crypto keys been sold to anyone around the world with the cash and connections.
It depends on what DIRECT domestic access would mean to a brand and its obligations?
Government or mil optical and splitters, servers deep in their network after any brand encryption had been removed would be the best win for the gov/mil.
That would show access, support and cooperation at a brand level. Legal, tech, everyone knew and happily helped.
Some other law enforcement operation was used as a domestic cover for years and they got 100% brand cooperation. Other mil and gov networks followed that wide open path in and collected everything. The brands never asked, looked or even understood what was been done to their own networks...
A small amount of brand staff got allowed into a gov program and set up the splitters, servers and that stayed in place, other staff unaware of their own networks status and totally unaware of the mass collect it all outflow of information..
Cooperation or a total lack of understanding of their own staff, secure internal networks...
What feels better?
That staff totally helped the gov with collect it all domestic spying? The staff could not, got prevented from, would not or never had to skills to secure their own networks?
Does domestic spying with insider help from a secure network sound better? Or a private sector network that the gov/mil could keep open and nobody noticed? The staff never looked any deeper as it was as secure as they that the skills to make it?
The brands helped the gov and mil? Or the mil and gov found a way in and never got discovered, even with bulk domestic collect it all for years?
Not one smart person saw an extra splitter, server or wondered about their data outflow, heat, power use? If such hardware freedom over many years was allowed, what else could have made its way deep into the most secure networks? Other govs? Other mils? Anyone with access and a good cover story could walk in and install anything? How does years of hardware access sound?
Direct could be about a server been placed, a new contractor build splitter room? vs a software solution? ie BLARNEY, FAIRVIEW.
This walled garden will be like a game museum that developers will have to code down to and enjoy having their creativity limited.
Welcome back to MSDOS games, this generations 320 or 640 resolutions and a sound card...
Enjoy the bright and colorful world of console safe textures been forced back on a more advanced desktop.
Every game will run real pretty at a nice smooth 60fps just like it did in 2013. Just dont ask too many questions about resolutions or fun. No counting pixels and asking about the total lack of any advancement year after year.
Developers trapped in another decade of low quality games for all Windows users just to keep that console hardware working.
Be what's 2013 and that game will always work.
“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”" was directly from "The Encryption Tightrope: Balancing Americans’ Security and Privacy " from the House Committee on the Judiciary Hearings at the 4h 45 min point. :)
https://www.youtube.com/watch?...
The tool is transportable.
What "paper work" is presented online for the press, media in public as "court order" might not always be the real story. Note what was actually asked for
Once the "subject" device is open, the created tool set in gov hands is ready for the case lists at a state and federal level. Welcome to a conscripted GovtOS.
The FBI wants a tool that is ready for a long list of other domestic cases. A tool that is portable, federal support for state law enforcement ready. The domestic, court ready, master key for a generation of phones.
"“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,” "(March 2, 2016)
http://nypost.com/2016/03/02/f...
Its not a "one-off" or just for this case tool.
The NSA owns that tool set, missions, contracts, bids, contractors and the wins that result. The funding and fame follow the wins . The no bid contracts and experts gravitate to the NSA ensuring every generation of telco product is wide open to the US gov and mil. Only the NSA can then secure, support or plan any such missions.
When federal and state law enforcement get in on the bids for the same tool sets? Any state contractor, federal contractor can then sell their tools at a low cost and the national publicity goes to the FBI.
Political leaders see new hi tech contractor jobs in FBI support in their states and the contractors that get the new work can the support the local political leaders re election that got them the new FBI contracts.
Everyone is now winning, new federal cash is flowing out, political leaders helped their local hi tech sector with new gov work, the FBI has a flood of new cases in open court and wins.
What was the NSA's missions, fame, role, new experts, no bid contracts, code and skills now in the hands of state officials, local law enforcement, federal gov workers, anyone working with US federal law enforcement around the world. All the ex staff and former staff who got invited in on the methods.
Anyone interesting stops using US branded trapdoor and backdoor ready turnkey network, telco and computer devices.
A few decades of easy tracking, voice prints, effortless decryption is lost in months in open court.
The cults, faith groups, criminals, dealers, embassy "agents" who once had to be seen with a phone just to keep the cover as been a normal person that was always reachable all go dark.
A lot of different ideas have been tried. From Microsoft Chrome https://en.wikipedia.org/wiki/... that allowed the users own computer to produce rich content.
Add more gzip https://en.wikipedia.org/wiki/...?
Give the user the site text or images to get them looking, then load in the ads? Load the ads first, then present the full page?
The problem is all the trackers, ads, super cookies need to be connected. Giving the users a bit of quick up front content to then allow ads to load is fun. Keep the user looking for the seconds as the many complex ads get loaded.
What can a site do? Run a script to detect an ad blocker? Suggest a monthly payment and block the page from that user or request the ad block is removed?
The user can then opt to block scripts and have minimal content or not return to the site.
The "hidden agenda" has always been in public view. Follow the funding and the ability to be seen as having the only role to win missions.
Recall PRISM. The NSA has its way into all the US brands and likes to be the one stop security gatekeeper of all such missions.
The big brands let the US gov in by default, working with the US gov or the US gov found some always open way in that was always kept wide open..
The ability to collect information, act on it and then decide who and how to share it with is what protects a massive mil and gov budget. Moving beyond the very limited support role to getting budgets for setting and winning missions.
No other branch or group within the US gov or mil is going to get the new budget support or to be allowed to be seen as winning the same mission at a lower price or legally in a domestic setting.
The idea that any such methods would leak out in open court under cross examination or end up in front of another Church Committee https://en.wikipedia.org/wiki/... asking question about a vast network to spy domestically is not going to be allowed.
This is all about the FBI getting the same lists of contractor tools and then not requesting the NSA domestically or for shared international criminal investigations.
Once the FBI shows how easy and cheap getting to US gov mandated trapdoors and backdoors is, thats funding, fame, political access for the FBI. More funding and missions move to the easy, lower cost and very legal FBI and away from the legally complex domestic role of the NSA.
The FBI can also stand before a domestic court, the US press and political leaders and tell of their new efforts and wins. Funding flows and other budgets get reduced.
No bid NSA support contracts are then wide open to FBI tender and real marketplace competition. Skills and brands move in and the funding for new tools is shared domestically. Once secure generations of no bid contracts are lost.
The methods then leak, get sold, mentioned in court, ex and former staff and contractors sell their skills to the world.
Better to keep it all secret, never face any court, push for "privacy" and ensure only the NSA gets funding and keep its role as the main provider of such expensive and expert skill sets.
FBI got look into all the NSA "collect it all" material that held US citizens communications.
No records got kept of what the search was or was for, the amount of searching, no US courts needed.
After been exposed by whistleblowers, secret rule changes did something in secret to restore the missing internal oversight of domestic searching.
Terms like "additional supervisory approval" would point to the same vast domestic access just with more staff and a better domestic bureaucratic paper trail.
ie the "backdoor search provision" stays for domestic spy use but more bureaucrats have to ensure they have the internal, secret powers to reauthorize and log their own staff.
Same vast domestic spying, just better records on what was searched for domestically and who did the search.
Think back to something like MAIN CORE https://en.wikipedia.org/wiki/... now with a secure log in and new logging of all searches.
Yes. The wider community will have to pay for this in terns of "clean up", paper work, loss of reputation or conflicting legal issues.
Embrace, Extend, Extinguish just keeps giving over any open project. Flood with code, new ideas. Extend the project into the busy work realm. Then extinguish as the vast tainted project becomes more work just to keep track of rather than ever been productive again.
Re AC and the "All that has to be done is to repackage the same malware with the new app, or some other app, and it will happen again." issue.
That is the problem. All that can be done by most protective offerings is to look at past reported issues and get that detail out to all users.
Actual understanding of what is been run, what other code an application could download with and then alters is still a missing step in real time.
If the application is not reported, it will pass as clean and can run and so can other included code thats along for the ride.
Patrick Wardle, Synack had a good video on what could be done for OS X and offer more protection. https://www.youtube.com/watch?...
Equipment sharing, build costs, government standards, ability to track, ability to get text, voice prints, gps.
Every generation was designed, built and sold globally on the expectation that law enforcement and the mil would need total live access or be able to recreate movement maps from standard logs.
The only need was to keep out random people with consumer or more advanced methods from getting to actual voice conversations.
Such thinking would go back to the late 1970's, early 1980's as very early standards got set. No interesting person was going to get a free one time pad and number station to move around the world with. So a lot of standards got set so the mil and govs could get access to almost all the surrounding "billing", "meta", "location" "company" logs. Voice prints was the other emerging fun aspect. Now mil tech is in the reach of local city, parish, state, county law enforcement budgets with historically few or no local or federal court oversight.
The other aspect would be a more easy transfer between any brands tower as a user moves. Less complexity, less math needed to be done, more gov/mil support.
Thats what some nations are doing. Starting again with their own fabs. Lots of secure local jobs, their own hardware and code.
Power use is going to be huge, speed slow, heat will need new engineering solutions but the domestic hardware and software will be more secure.
An imported turn key product with keys floating around, coded back doors, other nations security services... some tech just no worth importing any more.
re 'Governments need to get it through their head that there is no electronic lock that can keep criminals out if the Government can get in." :) The other aspect is that any exported turn key software or hardware really has a few court/mil ready keys floating around.
France has always had very good human informants. Most people in contact with, entering or exiting the French justice system get made an offer to become informants at some point. Refusing that nice request created new issues.
Thats generations of interesting people who get turned into informants. They can go where cell phones would not be allowed or undercover police get detected every time.
So the human side is totally covered. The GCHQ and NSA have been helping parts of the French mil since the early 1970's to have a NSA/GCHQ 5 eye mastery of every aspect of their domestic telco systems.
Having no issues with the human intelligence and signals intelligence, why not just tell the wider public what the new laws will be?
The electronic locks would always open for the gov, its just more legal in open court now
Re 'If anyone really, really want to crack an iPhone, they'd do it" :)
Its always about the next case and getting US brands staff used to been conscripted by the feds. The NSA does not want their skills listed in open state or federal court.
The next 100 or 200 phones on federal or state AG lists might have some individuals with the ability to hire real legal teams. Questions about evidence and finding their own experts to cross examine in open court are never good new for decades of hidden technical methods and big brand support.
The new ability of a gov official to legally say in open court that the big brand was conscripted to unlocked the phone blocks a lot of the more interesting questions.
The neat part is as the gov forced the workers at the private sector brand to break the encryption, methods, skills can stay a gov secret too
What was parallel construction will now be direct to open court with no questions about the origins, methods, fruit of the poisonous tree, color of law or NSA help.
No gov sector expert can talk to the topic as it was a private sector product and service. No private sector staff can ever talk as they are now working for the US gov and that is a secret.
Thats why the demand is for a tool to load onto their (US gov) computers. Its a tool for city, state, county, parish, federal use. Then contractors, other nations, their contractors and anyone who can afford to buy the services of ex staff or former staff.
AC re 'it's just about one iPhone data ". Its about been conscripted to create a portable master key for a generation of US phone products. Once created, a generation of hardware and software is open to anyone who can buy or ask for or use the same keys. A generation of phones are then at risk.
"‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,” http://nypost.com/2016/03/02/f... (March 2, 2016)
That could have been fixed under the Rome Convention, 2005 Protocol but it seems all the big powers only want their own nations mil with big flags flying or a push for ever more UN powers. :)
The inherent right of individual or collective self defense seems to have been totally blocked by the big powerful nations who could have allowed more protections at any time in the past decades but ensured nothing was useful was done.
All they did was update the forbidden cargo lists to contain nations doing bad exports and the right for a navy to stop them ie more state only policy was added.
The UN and the big powers wanted to keep their monopoly of force with their own govs and mils.
The question of who is a pirate and what another nation can do to any nation harboring pirates gets to be fun. What would be the limits for justifying a counter attack?
Failed state? Lax state? Poor state? Coup in play? Are Western backed freedom fighters pirates? One nations pirates are another nations clandestine services backed, freedom loving, moderate, pro democracy forces
The US suppression of the trade in drugs going out far over maritime zones?
All that has been done is a call for more naval units, international criminal investigations ie tracking pirates financial and logistical support. The UN and big nations like the proportionate use of their warships. The other neat new trick is to "invite" a nations customs inspectors for trade back to that nation.
Everything has been done to support the US gov, project UN power and nations navy patrol options. The US and UN took great care to shape the scope of any new options and selected the UN, big navy and big gov as the only real option.
Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation
https://en.wikipedia.org/wiki/...
AC the "revoke" issue wont work to try and keep it for "one" physical. The request is for code that is on a drive that is given to the US gov. The computer code can then be used to open product lines at a state and federal level.
The code as a method on a computer hard drive is been conscripted for a generation of phones, not one physical phone.
Again the House Committee on the Judiciary Hearings, The Encryption Tightrope: Balancing Americans’ Security and Privacy (Streamed live on Mar 1, 2016)
https://www.youtube.com/watch?...
4:44 and onto 4:45 has the details on the request made.
Tool was to be put on a hard drive.
Hard drive with the new tool was to be sent to US gov.
A gov computer would then perform the task. Portable, reusable.
More details at (March 2, 2016)
http://nypost.com/2016/03/02/f...
"“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”"
The House Committee on the Judiciary Hearings, The Encryption Tightrope: Balancing Americans’ Security and Privacy (Streamed live on Mar 1, 2016) :)
https://www.youtube.com/watch?...
Try around the 4:05 point in. 200 phones are in line for the same skeleton key needs. As mentioned, that federally demanded, universal "skeleton key" will be ready as an overlap for State and Federal courts
Wall each tab or window, browser site just for that set of ads, cookies, tracking per site, only for that site. :)
As if the user had one clean browser just for that site.
The site can then log that a persons ip loaded their ads, their content, trackers, cookies (flash, super) was set, placed and worked.
For a few seconds just from that site without getting any stats about the user other habits, browser widows, tabs for hours, days, weeks
The end user saw nothing of the ads as the the scripts worked, no extra information about browsing habits, other sites got pushed up, collected or leaked.
The site registers ad views, the user sees nothing, the deep cookies only worked for that page or site and then get removed.
AC thats about all it is about. A mil and gov version of the US style Ag gag laws https://en.wikipedia.org/wiki/... to stop public comment on mil spending and shield no bid mil contractors from press comment.
:) :) A new generation of staff are trying to learn more eg Torus multi-beam antenna, infrared systems.
The mentioned list is:
Epidemiology, the almost total lack of advance medical containment for patients per state and reduction in agricultural inspections thanks free trade deals.
Biotechnology: quarantine laws are been removed to allow more international trade deals. No talk in the press, no reports of new outbreaks due to policy changes so the policy is good if no reports are made.
The quantum computer aspect, quantum computers, signal processing is trying to secure dual use mil and civilian communications networks. Every mil base is basically connected to wide open civilian communications networks built by random global contractors. The hope is quantum computers will allow for effortless secure mil communications over the same public and international networks. A huge risk for any military to have to trust civilian communications networks rather than its own networks. A lot of domestic spending on quantum computers will try to solve the lack of any telco network design.
Defence to invest over AU$5b in cyber and IT to rectify under-investment (February 25, 2016)
http://www.zdnet.com/article/d...
Satellite sharing and a lack of secure satellite systems is another long term issue that should have been fixed but never was. Some vital mil satellite systems are shared with a few other nations, their govs, mil and contractors
Fault-tolerant systems dont exist and never got designed in. The less the wider public and press knows about that the better for the political class. No real fuel reserve policy, a very basic communications backup system.
Australia nearly completely dependent on imported fuel (24 February 2014)
http://www.abc.net.au/radionat... Image processing is basically what generations of staff learned from the "NRO" during staff trips. A huge amount of skilled staff could spot Soviet 1960-80's equipment thanks to US sharing
The Pine Gap project
http://nautilus.org/briefing-b...
Robotics is basically drone work and AI for drones. Nothing unique that any other advanced nation can work on given the same levels of funding.
AC re 'but to my knowledge no one has ever found any." did you forget all the interesting PRISM news back in 2013?
http://www.dailymail.co.uk/new...
Microsoft handed the NSA access to encrypted messages
http://www.theguardian.com/wor...
"encryption unlocked even before official launch"
".. helped the NSA to circumvent its encryption"
"... routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport""