nsa
Latest
Telecoms win immunity in wiretapping case, US court approves separate suit against the government
Looks like a case of good news-bad news for the Electronic Frontier Foundation in its fight against warrantless wiretapping. A US appeals court upheld a 2008 ruling, granting telecoms such as AT&T, Verizon and Sprint immunity for cooperating with the government in its surveillance activities. Still, Judge Margaret McKeown of the 9th US Circuit Court of Appeals insists that immunity only applies to telecoms, not the government, and that "the federal courts remain a forum to consider the constitutionality of the wiretapping scheme and other claims." Indeed, while the 9th Circuit upheld immunity for telecoms, it also gave the go-ahead for a separate suit against the NSA, former president George W. Bush, senior members of the Bush administration and President Obama for using AT&T's network to conduct "an unprecedented suspicionless general search," according to the filing. The court's decision to allow this suit to proceed marks a reversal of an earlier ruling, in which a lower court said the plaintiffs did not have legal standing to pursue the case. [Image courtesy PBS]
US Cyber Command completes major cyber attack simulation, seems pleased with the results
The US Cyber Command is barely out of its infancy, but it's already crossed one milestone off its to-do list, with the successful completion of its first major test run. The exercise, known as Cyber Flag, was carried out over the course of a single week at Nellis Air Force Base in Nevada, where some 300 experts put their defense skills to the test. According to Col. Rivers J. Johnson, the participants were divided into two teams: "good guys," and "bad guys." The latter were delegated with the task of infiltrating the Cyber Command's networks, while the former were charged with defending the mock cyberattack and keeping the government's VPN free of malware. The idea, according to the agency, was to simulate a real-world attack on the Department of Defense, in order to better evaluate the Command's acumen. "There were a variety of scenarios based on what we think an adversary would do in real world events and real world time," Johnson explained. "It was a great exercise." The Colonel acknowledged that the good guys weren't able to defend against all of the attacks, but pointed out that the vast majority were recognized and mitigated "in a timely manner." All told, Cyber Flag was deemed a success, with NSA Director and Cyber Command chief Gen. Keith Alexander adding that it "exceeded" his own expectations.
ITT unveils GhostRider encryption device capable of securing US Army smartphones
That may look like a Motorola Atrix Dell Venue, but it's actually something known as the GhostRider -- a new encryption device that could go a long way toward securing the Army's smartphones. Developed by defense company ITT, this revamped handset would allow military personnel to transmit secure text messages and phone calls over the Army's network, even if they're out on the battlefield. All they'd have to do is place their personal phones next to the GhostRider, tap and hold its touchscreen to activate the security features and begin texting away. When another GhostRider user receives an SMS, he or she would have to enter a pass code before reading it. The phone's security mechanisms, meanwhile, have been certified by the cryptographers at the NSA, which would certainly help justify its $1,500 price tag. The handset's display, meanwhile, looks awfully similar to the Army's Nett Warrior platform -- an Android-based OS that features a host of mapping functions designed explicitly for war zones. Officials unveiled the latest incarnation of Nett Warrior at the recent Association of the US Army gala in DC, though the platform's creators are still looking for the appropriate commercial device to host it -- unless, of course, GhostRider's software replaces it altogether. "We think Nett Warrior should be something like this," ITT vice president Richard Takahashi told Wired. "This can be the smart device." March past the break for more information, in ITT's jargon-laced PR. Update: Thanks to readers who spotted it's a Venue rather than an Atrix. Our eyes must have been temporarily scrambled by the enemy. Just to be clear -- it's not the handset that's different, only the peripheral.
Robert Morris, man who helped develop Unix, dies at 78
We have some somber news to bring you this morning: Robert Morris, the cryptographer who helped create Unix, has died at the age of 78. Morris began his work on the groundbreaking OS back in 1970 at AT&T's Bell Laboratories, where he played a major role in developing Unix's math library, password structure and encryption functions. His cryptographic exploration continued into the late 1970s, when he began writing a paper on an early encryption tool from Germany. But the paper would never see the light of day, thanks to a request from the NSA, which was concerned about potential security ramifications. Instead, the agency brought Morris on board as a computer security expert in 1986. Much of what he did for Uncle Sam remains classified, though he was involved in internet surveillance projects and cyber warfare -- including what might have been America's first cyberattack in 1991, when the US crippled Saddam Hussein's control capabilities during the first Gulf War. Morris stayed with the NSA until 1994, when he retired to New Hampshire. He's survived by his wife, three children and one, massive digital fingerprint. [Image courtesy of the New York Times]
NSA wants $896.5 million to build new supercomputing complex
The federal government may be cutting corners left and right, but that hasn't stopped the NSA from requesting nearly $900 million to help beef up its supercomputing capabilities. According to budget documents released by the Department of Defense yesterday, the NSA is looking to construct a massive new High Performance Computing Center in Maryland, designed to harness plenty of supercomputing muscle within an energy efficient framework. As with many other data centers, the NSA's $896.5 million complex would feature raised floors, chilled water systems and advanced alarm mechanisms, but it would also need about 60 megawatts of power -- the same amount that powers Microsoft's gargantuan, 700,000 square-foot data center in Chicago. According to the DoD, however, the NSA would use that juice judiciously, in the hopes of conserving enough water, energy and building materials to obtain LEED Silver certification. Another chunk of the funding, not surprisingly, would go toward fortifying the facility. The NSA is hoping to pour more than $35 million into building security and perimeter control, which would include a cargo inspection facility, advanced surveillance, and systems designed to detect any radiological, nuclear, or chemical threats. If all goes to plan, construction would wrap up by December 2015.
Perfect Citizen: secret NSA surveillance program revealed by WSJ
Do you trust your government? Do you just support it like an obedient Britney Spears, steadfast to your faith that it will do the right thing? Your answer to those questions will almost certainly predict your response to a Wall Street Journal exposé of a classified US government program provocatively dubbed, "Perfect Citizen." Why not just call it "Big Brother," for crissake! Oh wait, according to an internal Raytheon email seen by the WSJ, "Perfect Citizen is Big Brother," adding, "The overall purpose of the [program] is our Government...feel[s] that they need to insure the Public Sector is doing all they can to secure Infrastructure critical to our National Security." Histrionics aside, according to the WSJ, the "expansive" program is meant to detect assaults on private companies and government agencies deemed critical to the national infrastructure. In other words, utilities like the electricity grid, air-traffic control networks, subway systems, nuclear power plants, and presumably MTV. A set of sensors deployed in computer networks will alert the NSA of a possible cyber attack, with Raytheon winning a classified, $100 million early stage contract for the surveillance effort. Now, before you start getting overly political, keep in mind that the program is being expanded under Obama with funding from the Bush-era Comprehensive National Cybersecurity Initiative. The WSJ also notes that companies won't be forced to install the sensors. Instead, companies might choose to opt-in because they find the additional monitoring helpful in the event of cyber attack -- think of Google's recent run-in with Chinese hackers as a potent example. Like most citizens, we have mixed emotions about this. On one hand, we cherish our civil liberties and prefer to keep the government out of our personal affairs. On the other, we can barely function when Twitter goes down, let alone the national power grid.
Congressional record states the iPad is "wonderful"
In giving testimony at a Congressional hearing as to whether he will lead the U.S. Cyber Command, Lieutenant General Keith B. Alexander, current Director of the NSA, mentioned that he owned an iPad. Is that relevant to his his future role of defending America from cyber terrorists? Nope. But how cool is it that the freakin' Director of the NSA loves his iPad so much he brings it up at a Congressional hearing, unprompted? Pretty damn cool. As a matter of fact, when the Lieutenant General brought up that he had an iPad, national security took a slight sideline when a congressman returned to the subject of the iPad moments later. According to the actual Congressional Record: Congressman: I'm tempted to get a critical review of the iPad, but perhaps we can do that-- Director of the NSA: [It's] Wonderful. Congressman: "Wonderful." I will put that on -- for the record. So there you go folks: not only is the iPad "magical" and "revolutionary," it's also now officially a "wonderful" device, too.
NSA-approved smartphones give Obama some ugly choices
Next week's US presidential inauguration of Barack Obama will have one sour note for the Illinois senator. Sure, he's gonna be the leader of the free world, but the notorious BlackBerry addict will have to give up his smartphone -- and frankly, if given the choice, we'd probably choose cellphone over country. There is hope, however, as CNET outlines two Windows Mobile devices that met the NSA's seal of approval for governmental use back in 2007: General Dynamics' Sectera Edge and L-3 Communications' Guardian. Unfortunately, both options look about as dated as the Treo 650, with exceptionally large antennas to boot. Hey NSA, any chance we can get something a bit sexier on the approval list?
NSA-approved smartphones leaves Obama with some ugly choices
Next week's US presidential inauguration of Barack Obama will have one sour note for the Illinois senator. Sure, he's gonna be the leader of the free world, but the notorious BlackBerry addict will have to give up his smartphone -- and frankly, if given the choice, we'd probably choose cellphone over country. There is hope, however, as CNET outlines two Windows Mobile devices that met the NSA's seal of approval for governmental use back in 2007: General Dynamics' Sectera Edge and L-3 Communications' Guardian. Unfortunately, both options look about as dated as the Treo 650, with exceptionally large antennas to boot. Hey NSA, any chance we can get something a bit sexier on the approval list?
General Dynamics' Sectera Edge approved by NSA
We know, you probably forgot that a certain smartphone from General Dynamics was even in the running for NSA approval earlier this year, but lo and behold, the Q4 estimate was actually met and the coveted thumbs-up was given to the (totally unfashionable) Sectera Edge. The National Security Agency has reportedly "awarded a contract to General Dynamics C4 Systems enabling military and government users to order" the mobile, and just in case you weren't aware of how lucrative an indefinite delivery / indefinite quantity agreement could be, this particular one has a "potential value of $300 million over five years." Folks that end up with one of these things will have handheld access to the US government's Secret Internet Protocol Router Network (SIPRNet) and Non-classified Internet Protocol Router Network (NIPRNet), but oddly enough, we're not told whether top secret agencies will be kosher with third-party applications.[Via CNET]
Secure your Mac: Do as the Federales do
More security notes from the underground TUAW vault. Up until Mac OS X 10.4 Tiger, you could see your tax dollars at work very readily, as the National Security Agency published OS-specific guidelines for hardening your OS X installation -- mostly commonsense items like "use strong passwords" and "turn off unneeded services," but it was nice to have a document with the imprimatur of the US Government's most professional paranoids that you could show to your spouse/boss/Russian friends and say "See, it's secured!"As of Tiger, however, the NSA has handed over the security stick to Apple and endorsed the vendor guides to securing both OS X and OS X Server as "[tracking] closely with the security level historically represented in the NSA guidelines." You can download the Server version of the PDF from the NSA's website, but oddly the client version seems to hang on download (spies! saboteurs!), so you can grab that one directly from the mothership. Between the two guides you have over 500 pages of security reading, so save the whole weekend.Oops, thanks Derek!
NSA nearing approval of two uber-secure handhelds
If fingerprint readers and eight layers of passwords aren't secure enough for you (or your employer), the National Security Agency is reportedly nearing the end of the approval process for a duo of "secure handheld voice and data communications devices." General Dynamics, more commonly know for its array of laptops, is eagerly awaiting the thumbs-up to be given to its Sectera Edge (pictured), while L-3 Communications' Guardian should actually be available in Q4 of this year. With the coveted NSA seal of approval, "the Defense Department will be cleared to buy the devices under an indefinite-delivery, indefinite-quantity contract," but judging by the unsightly designs we're seeing on these things, don't bet on employees lining up to snag one.
Verizon denies data sharing with NSA after hefty lawsuit
While T-Mobile and Verizon Wireless have both stated all along that they aren't supplying phone records to the NSA, it took a $50 billion lawsuit to pull Verizon (the landline provider) out of the woodwork. The suit, which was filed last Friday, is claiming $1000 per customer for turning over phone records, as per the Telecommunications Act of 1934. Its allegations are based on a USA Today story that ran on Thursday and which claimed that BellSouth, AT&T and Verizon had been forking over records of millions of phone calls to the government ever since 9/11. Now Verizon and BellSouth have gone on record to state that they have done no such thing, and that the NSA hasn't even requested such records. This calls into questions the USA Today piece, which cited anonymous sources, and (for now at least) should hopefully help those customers sleep a little bit sounder knowing that the NSA probably doesn't have proof of how infrequently they call their mothers. Or do they?Read - Verizon hit with $50 billion suitRead - Verizon denies NSA data sharing
Warning to reporters: "Get new cellphones -- now!"
In yet another twist to the unfolding telephone spying story, two reporters from ABC News were apparently told by a "senior law enforcement official" that their cellphones were being tapped so that the government could track down their confidential sources. The reporters were warned to get new cellphones as quickly as possible if they wanted to maintain their sources' anonymity. We, of course, follow that advice and get new cellphones all the time. Not because we think anyone is listening in, but because we just have this compulsion we can't shake. However, if the Feds want to listen in on our calls and find out who's been leaking all of that juicy Treo info, they can feel free. Trust us, they'll be very surprised by what they learn.
T-Mobile and Verizon Wireless not supplying data to NSA
If you make most of your calls via cellphone, there's a good chance your call records aren't being provided to the National Security Agency -- if, that is, you're using Verizon Wireless or T-Mobile and most of your calls are between you and other cellphone users. Both companies say they haven't supplied data to the government, with T-Mob specifically stating that it was not involved "in any NSA program for warrant-less surveillance and acquisition of call records, and T-Mobile has not provided any such access to communications or customer records." If you're a Cingular or Sprint Nextel customer, well, it looks like you're in the same boat as the vast majority of landline users: those companies refused to deny participation in the NSA program.
