A group of people need huge data moving pipes, distant command and control and some link to their safe location to make a long term project work without discovery.
Days, weeks, months to chat, find, forum reading, ability to test the very latest and more expensive tools.
The hope is the same type of ip networks will be used for the final testing and chat as for the "project"
That can be detected.
The feel of anonymity and having privacy can be strong once a small group of skilled people are ready for their "project". Projects that have always been a total success...
Who has the look down power to see or trace the multiple C&C and data dump IPs?
NSA, GCHQ, CIA (outside the USA) with their own networks. Australia, Canada, New Zealand, the United Kingdom would have their own domestic version of Tempora https://en.wikipedia.org/wiki/...
All that multiple C&C is very easy to detect per nation in a domestic setting. Parallel construction can then set up a "chance" meeting on IRC, a forum with a "turned" or undercover individual with matching skills who becomes vey trusted over years. Local police using advanced social engineering in a random IRC room of 100 people is what is presented in open court.
A lot of other nations get the same shared tips on their own citizens.
Think of it as a global version of https://en.wikipedia.org/wiki/... with the numbers of real people per nation been not that huge.
The pool of ip's used have might be huge on a given day or hour but the per person skill sets makes for a short list per city.
Advanced air gapped networks take care of the really vital data in most nations.
Shared lists slow down the flood of ip's per event but most of the work is done via trusted people in chat and getting a short list of interesting people to consider "travel" to a lovely safe fun holiday location ie the reality of extradition or rendition.
Yes it will be hard legal work but what option will any US hardware maker have?
Become just another codec tax collector brand with some price/speed/heat advantage?
Or offer a way out and enjoy safe next gen hardware?
It depends how US courts see the IBM PC compatible https://en.wikipedia.org/wiki/... and Clean room design https://en.wikipedia.org/wiki/... for the movement of images and sound over a server, network to an end device, user.
The problem is the US offered and court protected "codec" is turning US hardware exports into international internet toll booths for expensive codecs.
Hard to sell the next gen "internet" hardware if every user has to pay a fee just for moving their own data (movie, sound) along to their own users.
A codec tax per screen, device, user, connection would hurt global sales just for been connected.
Other nations and their broadcasters, startups will just look to other solutions that are free and will change hardware imports.
If the codec tax part is removed, hardware sales are safe globally. Who will be the first big brand to to offer new compression as a free part of ongoing hardware contracts?
Re "Nothing was physically cut."
In the past any good investigator might notice physical tampering.
That would give courts, police more powers and ensure journalists kept asking questions.
If the story can be altered to difficult conditions, a fast powerful car, a driver who was distracted... and no signs of any other issues
At a certain level local federal law enforcement will interview and walk the life of a cleared official.
People with no real past or roots in a nation tend to stand out after sit down interviews with friends, family and all teachers.
If all you have is a vast domestic SIGINT collection bureaucracy then case studies, projections would always show all Soviet agents in the USA always slip up while using phone, email, fax and routinely book expensive online travel to other international countries.
It was interesting to see terms like "total surveillance", been "loyal" and a "higher level".
"Total surveillance" is great for budget growth and domestic expansion requests.
The German "orders are orders" aspect vs the US constitution is another interesting idea that seems to be well established over decades.
Long term the US is facing the same issues the UK faced in the 1930's -1970's
A flood of staff with skills but no vetting just to get the needed Russian or German or later computer skills worked for the UK short term.
After the 1950-60 UK vetting was found to be vital again and outsourcing was used to fill the skills gap with loyalty been the only new test.
What the US and other nations found is that "loyalty" alone does not bring a fully rounded person, a smart person with life skills for the world stage.
The UK solved the issues by adding more expensive excellence in terms of working conditions, ongoing education, better wages, real advancement options at every level, making every domestic action legal and ensuing only the very best staff where kept long term. The understanding of total compartmentalization also helped the UK.
The US now the huge internal tasks of ensuing every loyal staff member is comfortable with their working around the US constitution domestically, ensuring another Church Committee like report is never made public again and no more whistleblowers.
Constant internal legal reassurance over illegal domestic spying, pay issues, a living wage, spending on further education of loyal staff, the new external contractors testing US gov staff for loyalty with new tests and tracking.
What can be said about US intelligence capabilities long term if the loyal only trend continues? Loyal gov staff with few advancement prospects, rising living costs surrounded by highly paid expert private sector contractors is not a great mix.
Now the US has now funded internal, domestic "total surveillance" as a bureaucratic growth opportunity for its huge numbers of loyal gov staff.
More domestic electronic "total surveillance" will be the only solution available to any issue. Weak domestic crypto, working with big US brands for more trap doors, back doors will ensure total domestic surveillance. The East German issue of bureaucratic surveillance size to population size will become a US budget issue.
A domestic controlled opposition system would have been much more effective and cheaper but the US seems to be sold on public/private/mil total surveillance.
Some insights are:
2.00 in is about 900MHz been useful in the USA, out of the main wifi sniffer app, tool range, a few testing apps for 900MHz.
3.00 "boosting signal" and US cellular services range.
5.00 Line of sight for range beyond the wifi parts.
5.30 Header packets and ip. Tracking radio bearing, hill over a town, 5 miles away 3mb to 6 speed, a good link and line of sight.
7.00 900MHz is good for some tree, building issues.
8.40 FCC limitations? Off-the-shelf 900MHz radio transmitter, normal defaults
10.00 How easy to track 900MHz if looking? Very.
10.30 Use laptop to craft signals, code on laptop, wide band over entire 900MHz, low signal and noise floor.
12.40 Is 900MHz encrypted? Offered in off-the-shelf.
13.40 How to limit risk? Note other devices scanning for outside wifi connections.
15.00 Easy to detect on 900MHz if too powerful.
16.00 Cost savings.
Keep to off-the-shelf parts, know about wifi end, line of sight helps, learn about 900MHz transmission.
Re " It was the product of billions of dollars in government spending, hundreds of the world’s top scientists working in concert, in secret, in a city built from scratch in the desert, and a bygone patriotism united by common, Manichean cause: stop Hitler, defeat the Japanese.""
Japan was defeated, seeking a way to surrender into 1945 and the US had a 2 versions of a new weapon to test on undamaged, populated cities.
The "experiment" part was to find two cities that still remained intact in Japan.
The US "patriotism" was a cover to stop a re emerging France and the helpful UK from placing conditions or laws on US mil and civilian nuclear expansion after 1945.
The US did not want to have to share any control with the UK or be forced to pay some France patent for early nuclear work.
The UK wanted to offer a lot of tech to the US but for that early deal wanted equal say in nuclear use, policy and profits after the war.
The only secret was how the UK was cut of out late design work and had to race to secure its own methods, experts and designs before the US removed UK top staffs clearances.
Thankfully the UK had Frederick Lindemann, 1st Viscount Cherwell https://en.wikipedia.org/wiki/... who was able to secure the UK manufacture, design and raw materials away from the US just in time.
The UK had its MAUD Committee https://en.wikipedia.org/wiki/... later used the Tube Alloys codename https://en.wikipedia.org/wiki/... and with Canadian help was able to break free of US nuclear restrictions.
Churchill's Bomb: A Hidden History of Science, War and Politics (Friday 20 September 2013) http://www.theguardian.com/boo...
The main lesson the UK, Canada, Australia and France learned was that the US would take their early nuclear work and ideas but it was a one way deal.
Another public news source if you want. Italians Detail Lavish CIA Operation (June 26, 2005 ) https://www.washingtonpost.com...
'...and electronic records that enabled Italian investigators to retrace their movements in detail."
"... who reported that by piecing together records of those phones' electronic signals they were able to trace the route of the van as it headed"
The idea is that movement and time fills in the map at that human or car level per city street.
A person of interest walks in a park and sits down. A journalist spends 10 or 20 mins with them, the whistleblower is identified. Overlapping location, maps, logs and time stamps with the right software.
That mapping software was once nation state only but is now within a city or state or county budget per year.
The "to the second" is from the cell tower and a phone been in contact with the billing, location and availability to make or get a call per user quickly. All logged for a long time (months and months and.. longer).
Re "How about trying to employ small companies that build software the way software is supposed to be built in the first place"
The US has fixed that political loophole with trade deals. A US entity has to be considered and should be supported during all and any gov bidding.
If the US was shut of of the UK gov bids by expert domestic brands offering lower cost solutions, trade deals would fix that issue so cash would flow back to the US brand. US cloud commuting products faced the same issues with secure domestic data consideration in some nations. The US offered political talking points to ensure domestic data could flow to "secure" US cloud brands without needing to consider local privacy laws.
"Black Hat 2013 - OPSEC Failures of Spies" https://www.youtube.com/watch?...
6.56 to 9.00 in has the map reconstruction of a cell phone been active.
The "accuracy to 3m" just suggests a road used. Think of a cell log over time and a city map.
"Renditions Case" "October 28, 2009"
http://www.spiegel.de/internat...
"Using special software, that had ironically been given to Megale's antiterror unit by the CIA, the police were able to create movement profiles for each mobile phone user."
"accuracy" was never a problem, only the sorting of the many calls in the area.
Italy did it years ago with the "In Italy, CIA Agents Are Undone by Their Cell Phones" ( 06.26.07) in open court with cell logs. http://archive.wired.com/polit...
"When an Italian prosecutor pulled the records of phones in the area at the time, the plot became apparent. He was able to identify the agents (by alias), where they had stayed, and even calls they made..."
Russia, China, UK military networks do not exist as networks would in the US.
They have sites, factory, base, military or science city. Walled, sealed. If expert staff want data, they request it with paperwork and it is delivered via a big sneaker net to a internal secure server site.
The UK and US sent SIGINT missions (shipping containers) deep into China and found nothing but consumer product lines.
No interesting networks exist in way the US has been sold on massive mil secure networks by contractors.
When the UK was looking at all Irish legal, human rights, banking, funding it did understand one issue in the 1970-80's. Emerging digital networks where a huge part of gathering information. The UK ensued it was more protected from the same methods.
Is it "Maybe they have better security?" More a better understanding of what networks can gather and less pressure from contractors to spend on 'networking'.
Re:these other countries?
The US and UK "are" the networks in other nations. The crypto standards for interconnects, telco equipment, low peering costs and distant pipes.
When a few nations have methods like Quantum Insert http://www.wired.com/2015/04/r... no traditional ip trail exists
Some data about ip, time zone, data storage is found, its probably not the nation of origin anymore with todays more creative data moving methods.
As for some "sophisticated cyber intrusion" been able to "rapidly [gather] massive amounts of data" over gov and mil networks without been noticed and ending up "distributed" over the internet?
The US and UK use all mil/gov internet systems open to the internet as pure honeypots. Disinformation left to be found is created with a trackable "stain" on all network facing systems.
Thats the magic. The trick is letting the people who moved the "data" think its real, their access was productive and lasted a long time.
Russia has placed enough staff within the US and UK military industrial complex over many decades to just stay in place and knows to avoid any such issues.
Tests are often run on new US mil staff, low level staff and new contractors by other more skilled US clandestine services to see how fast they respond, who responds and if faked social media information used by NGO's, front companies, faith groups and charities is still safe globally.
An internal test of an "unclassified" system, "massive amounts" of data been allowed to move over time and "social media" could have been leaked by other staff, contractors to the press as the work of another nation.
To any outsiders watching the data moving out, logs would reads as real but be a US staff loyalty simulation or test. Did they respond with all tools and methods as expected to a network event?
Another everyday secure, cleared US "training operation" was picked up by the US press as a "real" event.
Makes for good 'press' and gets clicks.
The US gov at a federal level has had a lot of success on onion routing due to its design, years of US funding and popularity.
If subscriber records at both ends can be presented thats great for parallel construction in open court.
The "who" is hard to find as a user at first, but working out when, how much data and the entire onion routing path is not hard.
So watch the first hop, the exit node and:)
Metadata and time is another key. Watch the user go online and appear on the other end of onion routing.
A traffic confirmation attack then helps with that drops on the logs..
A digital FOIA request can be very different at a city and state level. Some local officials might offer to do an exhaustive digital search and find nothing.
The search term was not correct or the database was limited by design or the use of obscure line items, perfectly repeated spelling mistakes.
A walk in request for a budget related 'look' or 'read' might show where new federal or state 'grants' went locally.
A lot of private sector groups are now offering to provide services that track web 2.0 users with terms like reach, geo, severity, engagement, influencers, violation, notes per account per city, state.
What was once reserved for national or federal efforts is priced at the local gov level ie State Commissions are back as fully funded intelligence organizations per state or city. The funding part is the only or last visible way for citizen journalists to understand what is been used for surveillance locally.
Expect changes in how and who can access to public records in more states.
eg Freedom of information legislation (Florida) is clear but it can vary from state to state. https://en.wikipedia.org/wiki/...
Thats where https://en.wikipedia.org/wiki/... can help. Why are two ip's swapping neatly formatted random yet standard formatted code blocks?
With anonymity lost, it is then just a race to get to the hardware and plain text as the common computer is often used to create the messages.
Thats the honey pot in modern crypto, making random people reach out and swap keys. If they slip up or can be induced to make a mistake... or the open developer was a gov/mil front?
It depends where a gov has placed its skills. In watching all staff, NGO, embassy workers, tourist visa holders and/or all internet communications.
Can a nation track both people and online code use 24/7?
Re "If I am intercepting their communications, I will know of their scheme"
To ensure privacy and anonymity? A one time pad gives two people, a project or an entire nation privacy. Constant fixed site messages (embassy, political leader, bank) still gets the full privacy and understands the total lack of all anonymity.
The Soviet Union faced this question in the 1950's. They understood that their complex communications networks had no privacy or anonymity.
The UK and US had mapped out their global networks and was been decrypting in real time. The solution was the one time pad in the mid 1950's with total communications discipline to stop network chatter by staff . The networks where again totally private. Speed and scale was lost. Over a short time the Soviet Union returned to more traditional crypto methods and lost all its communications systems to the NSA and GCHQ.
Australia has the same issue after the 1970's. Too many different telcos on its internal networks are near mil networks. Try domestically developed quantum crypto on its different networks so it can secure everything mil on telco grade networks that are shared along networks.
Secure codes and unlimited data flow is the prize but can it be trusted?
So expect to see a lot of US backed brands, efforts, products to ensure other nations ever escape the NSA again.
Nations, people, political leaders, brands now have a real insight into how the NSA worked over decades, the brands the US used and methods to ensure junk global standards.
One time pad, number stations have a role, domestically developed quantum crypto could be be useful if a nation can really "test" it;)
But to trust another nation big brands with domestic crypto beyond low valued shared projects would be difficult.
Follow the funding and new US based systems been suggested. This is more about creating entire new security teams from the ground up that can 'respond'.
A US company would have to rent or buy into the new US security teams and ensure they had the latests products to reach around the world and report back the data was found and removed.
A new product to market with new cash flows. A new US system of cyberwarrants, private license issues from the US gov to cleared US brands only.
Global reach and no established foreign competition with mature products to compete with.
Re "Unless responses include ?" Expensive in country teams?
Any random network can be built to end up in any location short or long term.
Make it a really interesting location and see who drives past a very isolated site. Counter surveillance teams then have options.
A local hired, any undercover tourist visa, NGO staff can be flagged by local officials.
Working in other nations is really tricky, down a random network or physically.
What is the smart US company going to find in this mythical other territory that has super fast computer connections to the internet?
An empty house with optical thats for rent, owners on holiday and another deeper air gapped network? But the fast network has a computer connected 24/7 and is been used to store data... that was copied out hours or days ago..
A small firm with optical networking that has an extra hidden box in its computer room? No storage, just the final hop to sneaker net... CCTV might help?
A sprawling university campus with optical that has one new allowed connection for a day?
Some connection from a network thats active on a building site thats been refurbished?
A nice suburban home with optical that has a new wifi network for a week?
What is the US expecting to find at the end of the network? An apartment building ip?
What can the US do with any tailored hack-back effort? The expected box, device, network, site is virtual over nations, locations. Its not the years of a 28.8 modem user at home with a one desktop computer and one phone line connected to an isp. The final hop is very now very complex.
With todays networks "data" is not on a harddrive on the end of a phone network. The data can be in different locations, physically, globally removed from a network in near real time..
The other aspect it that of national counter surveillance, honey pots to bait, lure and test a US "tailored hack-back".
What about "jurisdiction" surrounding ongoing local investigation and a private sector US tailored hack-back interfered with the local legal investigations?
How will the US even know what its connecting to globally for its private sector "cyberwarrants"? Local staff driving around looking for an ip network at a physical location?
Re: "Unless the zero day flaw was put there intentionally, as back doors are put there intentionally, a zero day flaw is not a back door, it's just some incompetent who should be employed"
The US and UK security services have noted that difference and can shape generations of code, funding, standards, trade and competition policy.
An average company thats incompetent due to hardware and software limitations gets contracts, good press and friendly govs buy in for their own staff, education and clear standards for banking.
Thats a lot of historic power and cash to shape funding to a few US brands globally within the 5 eye nations and other friendly Western powers.
The next method is to set encryption at a level that keeps the press/other users out of a network but is 100% law enforcement friendly.
Over decades that access, funding, standards offers a perfect look down system into wider consumer networks. https://firstlook.org/theinter...
If all that still cannot keep weak networks and plain text access try the Cybersecurity Information Sharing Act, or CISA.
Immunity to share all data with govs and mil looking for "cyber threat indicators". All that strong encryption for the network reverts to plain text at some point in the system and thats where a company will be waiting to sort domestic data.
Re "And yes, "make someone else solve it" is a valid option but only if having the sites apply that solution by making the politicians the "someone else" is also a valid option."
The UK can ask the US banking system, political system and big pipe internet providers to to "fix" the pipes and payment options into the UK.
ie the ".com" just fails to load in the UK and a log is sent to some local UK authority about the access attempt.
If that fails the UK could fund US political leaders who understand the UK's gov internet request. PAC Britannia to reshape the US political landscape with people who are more understanding the UK's position long term.
Map out every.com site of interest and ensure they never get loaded in the UK? An Integrated Cyber Policy. A series of costal super computer centres ensuring no blocked site ever reaches a UK provider under the leadership of a Cyber Supremo.
One Nation under advertising, indivisible, with liberty and CISA for all.
Other parts of the world may want to consider what CISA will be about on any US provided connection.
Cybersecurity Information Sharing Act
"How Big Business Is Helping Expand NSA Surveillance, Snowden Be Damned" (Apr. 2 2015) https://firstlook.org/theinter...
"A government surveillance bill by any other name is just as dangerous" (13 June 2015) http://www.theguardian.com/com...
West Germany needed a powerful tool to stop documents from walking that could embolden any local fascist, communist or cults that threatened emerging fragile post 1945 "democracy".
So any material could could walk out from the West/German bureaucracy or military has some powerful sanctions with none of the US wisdom with
"... free press is the duty to prevent any part of the government from deceiving the people "
Upset West/German democracy and the gov has a huge bureaucracy set up just to correct that.
A group of people need huge data moving pipes, distant command and control and some link to their safe location to make a long term project work without discovery.
Days, weeks, months to chat, find, forum reading, ability to test the very latest and more expensive tools.
The hope is the same type of ip networks will be used for the final testing and chat as for the "project"
That can be detected.
The feel of anonymity and having privacy can be strong once a small group of skilled people are ready for their "project". Projects that have always been a total success...
Who has the look down power to see or trace the multiple C&C and data dump IPs?
NSA, GCHQ, CIA (outside the USA) with their own networks. Australia, Canada, New Zealand, the United Kingdom would have their own domestic version of Tempora https://en.wikipedia.org/wiki/...
All that multiple C&C is very easy to detect per nation in a domestic setting. Parallel construction can then set up a "chance" meeting on IRC, a forum with a "turned" or undercover individual with matching skills who becomes vey trusted over years. Local police using advanced social engineering in a random IRC room of 100 people is what is presented in open court.
A lot of other nations get the same shared tips on their own citizens.
Think of it as a global version of https://en.wikipedia.org/wiki/... with the numbers of real people per nation been not that huge.
The pool of ip's used have might be huge on a given day or hour but the per person skill sets makes for a short list per city.
Advanced air gapped networks take care of the really vital data in most nations.
Shared lists slow down the flood of ip's per event but most of the work is done via trusted people in chat and getting a short list of interesting people to consider "travel" to a lovely safe fun holiday location ie the reality of extradition or rendition.
Yes it will be hard legal work but what option will any US hardware maker have?
Become just another codec tax collector brand with some price/speed/heat advantage?
Or offer a way out and enjoy safe next gen hardware?
It depends how US courts see the IBM PC compatible https://en.wikipedia.org/wiki/... and Clean room design https://en.wikipedia.org/wiki/... for the movement of images and sound over a server, network to an end device, user.
The problem is the US offered and court protected "codec" is turning US hardware exports into international internet toll booths for expensive codecs.
Hard to sell the next gen "internet" hardware if every user has to pay a fee just for moving their own data (movie, sound) along to their own users.
A codec tax per screen, device, user, connection would hurt global sales just for been connected.
Other nations and their broadcasters, startups will just look to other solutions that are free and will change hardware imports.
If the codec tax part is removed, hardware sales are safe globally. Who will be the first big brand to to offer new compression as a free part of ongoing hardware contracts?
Re "Nothing was physically cut."
In the past any good investigator might notice physical tampering.
That would give courts, police more powers and ensure journalists kept asking questions.
If the story can be altered to difficult conditions, a fast powerful car, a driver who was distracted... and no signs of any other issues
At a certain level local federal law enforcement will interview and walk the life of a cleared official.
People with no real past or roots in a nation tend to stand out after sit down interviews with friends, family and all teachers.
If all you have is a vast domestic SIGINT collection bureaucracy then case studies, projections would always show all Soviet agents in the USA always slip up while using phone, email, fax and routinely book expensive online travel to other international countries.
It was interesting to see terms like "total surveillance", been "loyal" and a "higher level".
"Total surveillance" is great for budget growth and domestic expansion requests.
The German "orders are orders" aspect vs the US constitution is another interesting idea that seems to be well established over decades.
Long term the US is facing the same issues the UK faced in the 1930's -1970's
A flood of staff with skills but no vetting just to get the needed Russian or German or later computer skills worked for the UK short term.
After the 1950-60 UK vetting was found to be vital again and outsourcing was used to fill the skills gap with loyalty been the only new test.
What the US and other nations found is that "loyalty" alone does not bring a fully rounded person, a smart person with life skills for the world stage.
The UK solved the issues by adding more expensive excellence in terms of working conditions, ongoing education, better wages, real advancement options at every level, making every domestic action legal and ensuing only the very best staff where kept long term.
The understanding of total compartmentalization also helped the UK.
The US now the huge internal tasks of ensuing every loyal staff member is comfortable with their working around the US constitution domestically, ensuring another Church Committee like report is never made public again and no more whistleblowers.
Constant internal legal reassurance over illegal domestic spying, pay issues, a living wage, spending on further education of loyal staff, the new external contractors testing US gov staff for loyalty with new tests and tracking.
What can be said about US intelligence capabilities long term if the loyal only trend continues? Loyal gov staff with few advancement prospects, rising living costs surrounded by highly paid expert private sector contractors is not a great mix.
Now the US has now funded internal, domestic "total surveillance" as a bureaucratic growth opportunity for its huge numbers of loyal gov staff.
More domestic electronic "total surveillance" will be the only solution available to any issue.
Weak domestic crypto, working with big US brands for more trap doors, back doors will ensure total domestic surveillance. The East German issue of bureaucratic surveillance size to population size will become a US budget issue.
A domestic controlled opposition system would have been much more effective and cheaper but the US seems to be sold on public/private/mil total surveillance.
Some insights are:
2.00 in is about 900MHz been useful in the USA, out of the main wifi sniffer app, tool range, a few testing apps for 900MHz.
3.00 "boosting signal" and US cellular services range.
5.00 Line of sight for range beyond the wifi parts.
5.30 Header packets and ip. Tracking radio bearing, hill over a town, 5 miles away 3mb to 6 speed, a good link and line of sight.
7.00 900MHz is good for some tree, building issues.
8.40 FCC limitations? Off-the-shelf 900MHz radio transmitter, normal defaults
10.00 How easy to track 900MHz if looking? Very.
10.30 Use laptop to craft signals, code on laptop, wide band over entire 900MHz, low signal and noise floor.
12.40 Is 900MHz encrypted? Offered in off-the-shelf.
13.40 How to limit risk? Note other devices scanning for outside wifi connections.
15.00 Easy to detect on 900MHz if too powerful.
16.00 Cost savings.
Keep to off-the-shelf parts, know about wifi end, line of sight helps, learn about 900MHz transmission.
Re " It was the product of billions of dollars in government spending, hundreds of the world’s top scientists working in concert, in secret, in a city built from scratch in the desert, and a bygone patriotism united by common, Manichean cause: stop Hitler, defeat the Japanese.""
Japan was defeated, seeking a way to surrender into 1945 and the US had a 2 versions of a new weapon to test on undamaged, populated cities.
The "experiment" part was to find two cities that still remained intact in Japan.
The US "patriotism" was a cover to stop a re emerging France and the helpful UK from placing conditions or laws on US mil and civilian nuclear expansion after 1945.
The US did not want to have to share any control with the UK or be forced to pay some France patent for early nuclear work.
The UK wanted to offer a lot of tech to the US but for that early deal wanted equal say in nuclear use, policy and profits after the war.
The only secret was how the UK was cut of out late design work and had to race to secure its own methods, experts and designs before the US removed UK top staffs clearances.
Thankfully the UK had Frederick Lindemann, 1st Viscount Cherwell https://en.wikipedia.org/wiki/... who was able to secure the UK manufacture, design and raw materials away from the US just in time.
The UK had its MAUD Committee https://en.wikipedia.org/wiki/... later used the Tube Alloys codename https://en.wikipedia.org/wiki/... and with Canadian help was able to break free of US nuclear restrictions.
Churchill's Bomb: A Hidden History of Science, War and Politics (Friday 20 September 2013)
http://www.theguardian.com/boo...
The main lesson the UK, Canada, Australia and France learned was that the US would take their early nuclear work and ideas but it was a one way deal.
Another public news source if you want. Italians Detail Lavish CIA Operation (June 26, 2005 ) .. longer).
https://www.washingtonpost.com...
'...and electronic records that enabled Italian investigators to retrace their movements in detail."
"... who reported that by piecing together records of those phones' electronic signals they were able to trace the route of the van as it headed"
The idea is that movement and time fills in the map at that human or car level per city street.
A person of interest walks in a park and sits down. A journalist spends 10 or 20 mins with them, the whistleblower is identified. Overlapping location, maps, logs and time stamps with the right software.
That mapping software was once nation state only but is now within a city or state or county budget per year.
The "to the second" is from the cell tower and a phone been in contact with the billing, location and availability to make or get a call per user quickly. All logged for a long time (months and months and
Re "How about trying to employ small companies that build software the way software is supposed to be built in the first place"
The US has fixed that political loophole with trade deals. A US entity has to be considered and should be supported during all and any gov bidding.
If the US was shut of of the UK gov bids by expert domestic brands offering lower cost solutions, trade deals would fix that issue so cash would flow back to the US brand. US cloud commuting products faced the same issues with secure domestic data consideration in some nations. The US offered political talking points to ensure domestic data could flow to "secure" US cloud brands without needing to consider local privacy laws.
"Black Hat 2013 - OPSEC Failures of Spies"
https://www.youtube.com/watch?...
6.56 to 9.00 in has the map reconstruction of a cell phone been active.
The "accuracy to 3m" just suggests a road used. Think of a cell log over time and a city map.
"Renditions Case" "October 28, 2009" http://www.spiegel.de/internat...
"Using special software, that had ironically been given to Megale's antiterror unit by the CIA, the police were able to create movement profiles for each mobile phone user."
"accuracy" was never a problem, only the sorting of the many calls in the area.
Italy did it years ago with the "In Italy, CIA Agents Are Undone by Their Cell Phones" ( 06.26.07) in open court with cell logs. ..."
http://archive.wired.com/polit...
"When an Italian prosecutor pulled the records of phones in the area at the time, the plot became apparent. He was able to identify the agents (by alias), where they had stayed, and even calls they made
Russia, China, UK military networks do not exist as networks would in the US.
They have sites, factory, base, military or science city. Walled, sealed. If expert staff want data, they request it with paperwork and it is delivered via a big sneaker net to a internal secure server site.
The UK and US sent SIGINT missions (shipping containers) deep into China and found nothing but consumer product lines.
No interesting networks exist in way the US has been sold on massive mil secure networks by contractors.
When the UK was looking at all Irish legal, human rights, banking, funding it did understand one issue in the 1970-80's. Emerging digital networks where a huge part of gathering information. The UK ensued it was more protected from the same methods.
Is it "Maybe they have better security?" More a better understanding of what networks can gather and less pressure from contractors to spend on 'networking'.
Re:these other countries?
The US and UK "are" the networks in other nations. The crypto standards for interconnects, telco equipment, low peering costs and distant pipes.
When a few nations have methods like Quantum Insert http://www.wired.com/2015/04/r... no traditional ip trail exists
Some data about ip, time zone, data storage is found, its probably not the nation of origin anymore with todays more creative data moving methods.
As for some "sophisticated cyber intrusion" been able to "rapidly [gather] massive amounts of data" over gov and mil networks without been noticed and ending up "distributed" over the internet?
The US and UK use all mil/gov internet systems open to the internet as pure honeypots.
Disinformation left to be found is created with a trackable "stain" on all network facing systems.
Thats the magic. The trick is letting the people who moved the "data" think its real, their access was productive and lasted a long time.
Russia has placed enough staff within the US and UK military industrial complex over many decades to just stay in place and knows to avoid any such issues.
Tests are often run on new US mil staff, low level staff and new contractors by other more skilled US clandestine services to see how fast they respond, who responds and if faked social media information used by NGO's, front companies, faith groups and charities is still safe globally.
An internal test of an "unclassified" system, "massive amounts" of data been allowed to move over time and "social media" could have been leaked by other staff, contractors to the press as the work of another nation.
To any outsiders watching the data moving out, logs would reads as real but be a US staff loyalty simulation or test. Did they respond with all tools and methods as expected to a network event?
Another everyday secure, cleared US "training operation" was picked up by the US press as a "real" event.
Makes for good 'press' and gets clicks.
The US gov at a federal level has had a lot of success on onion routing due to its design, years of US funding and popularity. :)
If subscriber records at both ends can be presented thats great for parallel construction in open court.
The "who" is hard to find as a user at first, but working out when, how much data and the entire onion routing path is not hard.
So watch the first hop, the exit node and
Metadata and time is another key. Watch the user go online and appear on the other end of onion routing.
A traffic confirmation attack then helps with that drops on the logs..
A digital FOIA request can be very different at a city and state level. Some local officials might offer to do an exhaustive digital search and find nothing.
The search term was not correct or the database was limited by design or the use of obscure line items, perfectly repeated spelling mistakes.
A walk in request for a budget related 'look' or 'read' might show where new federal or state 'grants' went locally.
A lot of private sector groups are now offering to provide services that track web 2.0 users with terms like reach, geo, severity, engagement, influencers, violation, notes per account per city, state.
What was once reserved for national or federal efforts is priced at the local gov level ie State Commissions are back as fully funded intelligence organizations per state or city. The funding part is the only or last visible way for citizen journalists to understand what is been used for surveillance locally.
Expect changes in how and who can access to public records in more states.
eg Freedom of information legislation (Florida) is clear but it can vary from state to state.
https://en.wikipedia.org/wiki/...
Thats where https://en.wikipedia.org/wiki/... can help. Why are two ip's swapping neatly formatted random yet standard formatted code blocks?
With anonymity lost, it is then just a race to get to the hardware and plain text as the common computer is often used to create the messages.
Thats the honey pot in modern crypto, making random people reach out and swap keys. If they slip up or can be induced to make a mistake... or the open developer was a gov/mil front?
It depends where a gov has placed its skills. In watching all staff, NGO, embassy workers, tourist visa holders and/or all internet communications.
Can a nation track both people and online code use 24/7?
Re "If I am intercepting their communications, I will know of their scheme" ;)
To ensure privacy and anonymity? A one time pad gives two people, a project or an entire nation privacy. Constant fixed site messages (embassy, political leader, bank) still gets the full privacy and understands the total lack of all anonymity.
The Soviet Union faced this question in the 1950's. They understood that their complex communications networks had no privacy or anonymity.
The UK and US had mapped out their global networks and was been decrypting in real time. The solution was the one time pad in the mid 1950's with total communications discipline to stop network chatter by staff . The networks where again totally private. Speed and scale was lost. Over a short time the Soviet Union returned to more traditional crypto methods and lost all its communications systems to the NSA and GCHQ.
Australia has the same issue after the 1970's. Too many different telcos on its internal networks are near mil networks. Try domestically developed quantum crypto on its different networks so it can secure everything mil on telco grade networks that are shared along networks.
Secure codes and unlimited data flow is the prize but can it be trusted?
So expect to see a lot of US backed brands, efforts, products to ensure other nations ever escape the NSA again.
Nations, people, political leaders, brands now have a real insight into how the NSA worked over decades, the brands the US used and methods to ensure junk global standards.
One time pad, number stations have a role, domestically developed quantum crypto could be be useful if a nation can really "test" it
But to trust another nation big brands with domestic crypto beyond low valued shared projects would be difficult.
Follow the funding and new US based systems been suggested. This is more about creating entire new security teams from the ground up that can 'respond'.
A US company would have to rent or buy into the new US security teams and ensure they had the latests products to reach around the world and report back the data was found and removed.
A new product to market with new cash flows. A new US system of cyberwarrants, private license issues from the US gov to cleared US brands only.
Global reach and no established foreign competition with mature products to compete with.
Re "Unless responses include ?" Expensive in country teams?
Any random network can be built to end up in any location short or long term.
Make it a really interesting location and see who drives past a very isolated site. Counter surveillance teams then have options.
A local hired, any undercover tourist visa, NGO staff can be flagged by local officials.
Working in other nations is really tricky, down a random network or physically.
What is the smart US company going to find in this mythical other territory that has super fast computer connections to the internet? ..
An empty house with optical thats for rent, owners on holiday and another deeper air gapped network? But the fast network has a computer connected 24/7 and is been used to store data... that was copied out hours or days ago
A small firm with optical networking that has an extra hidden box in its computer room? No storage, just the final hop to sneaker net... CCTV might help?
A sprawling university campus with optical that has one new allowed connection for a day?
Some connection from a network thats active on a building site thats been refurbished?
A nice suburban home with optical that has a new wifi network for a week?
What is the US expecting to find at the end of the network? An apartment building ip?
What can the US do with any tailored hack-back effort? The expected box, device, network, site is virtual over nations, locations. Its not the years of a 28.8 modem user at home with a one desktop computer and one phone line connected to an isp. The final hop is very now very complex.
With todays networks "data" is not on a harddrive on the end of a phone network. The data can be in different locations, physically, globally removed from a network in near real time..
The other aspect it that of national counter surveillance, honey pots to bait, lure and test a US "tailored hack-back".
What about "jurisdiction" surrounding ongoing local investigation and a private sector US tailored hack-back interfered with the local legal investigations?
How will the US even know what its connecting to globally for its private sector "cyberwarrants"? Local staff driving around looking for an ip network at a physical location?
Re: "Unless the zero day flaw was put there intentionally, as back doors are put there intentionally, a zero day flaw is not a back door, it's just some incompetent who should be employed"
The US and UK security services have noted that difference and can shape generations of code, funding, standards, trade and competition policy.
An average company thats incompetent due to hardware and software limitations gets contracts, good press and friendly govs buy in for their own staff, education and clear standards for banking.
Thats a lot of historic power and cash to shape funding to a few US brands globally within the 5 eye nations and other friendly Western powers.
The next method is to set encryption at a level that keeps the press/other users out of a network but is 100% law enforcement friendly.
Over decades that access, funding, standards offers a perfect look down system into wider consumer networks.
https://firstlook.org/theinter...
If all that still cannot keep weak networks and plain text access try the Cybersecurity Information Sharing Act, or CISA.
Immunity to share all data with govs and mil looking for "cyber threat indicators". All that strong encryption for the network reverts to plain text at some point in the system and thats where a company will be waiting to sort domestic data.
Re "And yes, "make someone else solve it" is a valid option but only if having the sites apply that solution by making the politicians the "someone else" is also a valid option."
.com site of interest and ensure they never get loaded in the UK?
The UK can ask the US banking system, political system and big pipe internet providers to to "fix" the pipes and payment options into the UK.
ie the ".com" just fails to load in the UK and a log is sent to some local UK authority about the access attempt.
If that fails the UK could fund US political leaders who understand the UK's gov internet request. PAC Britannia to reshape the US political landscape with people who are more understanding the UK's position long term.
Map out every
An Integrated Cyber Policy. A series of costal super computer centres ensuring no blocked site ever reaches a UK provider under the leadership of a Cyber Supremo.
One Nation under advertising, indivisible, with liberty and CISA for all.
Other parts of the world may want to consider what CISA will be about on any US provided connection.
Cybersecurity Information Sharing Act
"How Big Business Is Helping Expand NSA Surveillance, Snowden Be Damned" (Apr. 2 2015)
https://firstlook.org/theinter...
"A government surveillance bill by any other name is just as dangerous" (13 June 2015)
http://www.theguardian.com/com...
West Germany needed a powerful tool to stop documents from walking that could embolden any local fascist, communist or cults that threatened emerging fragile post 1945 "democracy".
So any material could could walk out from the West/German bureaucracy or military has some powerful sanctions with none of the US wisdom with "... free press is the duty to prevent any part of the government from deceiving the people "
Upset West/German democracy and the gov has a huge bureaucracy set up just to correct that.