Your Source for Leaks Around the World!

Archive for December 11th, 2013|Daily archive page

How to See What Government Agency is Spying on Your Phone

In Archive, Britain, DINSO, DoD, GCHQ, NSA, Surveillance on December 11, 2013 at 6:24 PM

uk-defence-phone-spying

12/11/2013

21WIRE:

In our post-Snowden world, everyone almost accepts that some gov’t agency or another will be scanning their phone calls and data transmissions. Most people just accept this, and hope for that it’s not really happening.

Here’s a way to check, and see for yourself (instructional video below).

When blogger Alex Heid performed this simple check from his location in the United States, he quickly discovered that his phone was being routed through a British Ministry of Defence, most likely being analysed by GCHQ. Alex was using a pre-paid mobile/cell phone carrier.

Phone companies do not seem to be bothered at all about this. According to officials, because no ID is required upon purchase, then pre-paid mobile/cell phone users should have “no expectation of privacy”. Call your carrier and ask them for yourself. If you are on a contract phone, you can also do this same diagnostic and check who’s watching you.

To any customers who might challenge the phone companies on this, the party line they give you will be: “Nothing to fear. We are rerouting your traffic using ‘unused bandwith’ – like the DOD, or the Ministry of Defence – all to improve your user experience”. Of course they are.

Hat tip to Susan Duclos for this post

WereAreChange‘s Luke Rudkowski is joined by Alex Heid of HackMiami and FederalJack, who is a security consultant, to inform everyone how to determine what government agency is spying on your cell phones’ unique IP address. Amazingly, using his own Android phone, going through his settings and status he finds out who his phone is “talking to,” so to speak and looks it up to determine his phone is talking to DINSO, Ministry of Defence in the United Kingdom. Watch, learn, and use the knowledge to be aware of who is spying on your cell phone…

One reader, Walter, tested out this procedure himself, and quickly reported that, “SPRINT routing me through:

DoD Network Information Center
Org ID: DNIC
Address: 3990 E. Broad Street
City: Columbus
State: OH
Postal Code: 43218
Country: US

Mandela signing dude – fake?

In Archive, Mandela, News on December 11, 2013 at 12:43 PM

The Nelson Mandela Memorial Service will be remembered for yet another faux celebrity gate crasher in the form of the “signing dude”.

It seems that the gentleman who was signing for the hearing impaired was…making it all up.

Signin Bro...-small

Enjoy the video …edited for your amusement…

A type of enquiry is under way as it seems this is not the first time ‘signing dude” has made such an appearance.

UPDATE

It seems that signing dude was suffering some type of schizophrenic episode…

And…

 

Terminal Cornucopia: Weapons Made With Items Bought AFTER Going Through Airport Security

In Archive, Technology, TSA on December 11, 2013 at 11:28 AM

Evan Booth, a computer programmer from Greensboro, said he decided to start his Terminal Cornucopia project, creating weapons using common items purchased in airport stores, after the TSA introduced body scanners, which he believes violate travelers’ privacy.

In an exclusive interview with BenSwann.com journalist Kristin Tate, Booth said, “People who understand security understand that the current screening procedures exist primarily to put passengers at ease — ‘security theater,’ if you will. They also know that, given enough time, a persistent attacker will succeed to some degree.”

Some have wearily hypothesized that Booth’s creations could only prompt the TSA to make airport security more strict, but Booth claims his project should have the opposite effect. He said, “I hope it helps people understand that trying to ban everything is simply not going to keep people safe at the end of the day.”

Related Links:

Fake Bomb Gets Past Magnetometer and TSA Pat-Down at Newark Airport

GAO Report: TSA’s Behavioral Analysis Program (SPOT) Ineffective, Should Limit Future Funding

Former TSA Screener: “A LOT of What We Do is Make-Believe, Most Screeners Know Job is a Complete Joke”

Abolish the TSA: Government Agency is Unpopular and Unnecessary

CIA Internal Review Confirms Fmr. Director Panetta Revealed Top Secret Bin Laden Raid Info to Zero Dark Thirty Scriptwriter

In Archive, Bin Laden, CIA on December 11, 2013 at 8:54 AM

12/10/2013

JudicialWatch:

Judicial Watch announced today that it has obtained more than 200 pages of documents from the Central Intelligence Agency (CIA), including a previously unreleased CIA internal report confirming that former CIA Director Leon Panetta revealed classified information at a June 24, 2011, bin Laden assault awards ceremony attended by “Zero Dark Thirty” filmmaker Mark Boal. The documents were produced in response to a June 21, 2013, Freedom of Information Act (FOIA) lawsuit against the Central Intelligence Agency (CIA).

Significantly, the entire transcript of the Panetta speech provided to Judicial Watch by the CIA is classified “Top Secret.”  More than 90 lines are redacted for security reasons, further confirming that significant portions of the speech should not have been made in front of the filmmaker who lacked top security clearance.

At the conclusion his speech, the transcript shows Panetta told the audience at the ceremony, “You have made me proud of the CIA family. And you have made me proud as an Italian to know that bin Laden sleeps with the fishes.”

During the speech, according to a draft Pentagon inspector general’s report released earlier this year, “Director Panetta specifically recognized the unit that conducted the raid and identified the ground commander by name.” Subsequent to the ceremony, Rep. Peter King (R-NY) said, “CIA was very sloppy and the administration was very sloppy in enforcing security procedures when it came to Hollywood. It almost seems as if they were star-struck.” Significantly, for some reason, the final IG report omitted any reference to Panetta’s disclosure of “TOP SECRET” and other sensitive information at an event.”

Also, included in the documents provided to Judicial Watch is an October 22, 2012, internal  “Review of UBL Awards Ceremony Attendance” written by the CIA Office of Security (OS) concluding that, “The Agency’s Security policy and administrative procedures were not followed in allowing Mr. Boal, a member of the media, access to the classified Bin Ladin Operation Award Ceremony.” The three-page Review also states, “The review conducted by OS leads to the conclusion that the failure to follow stipulations in ARs [redacted] resulted in the disclosure of classified information to a member of the media, without benefit of any documentation to reflect a waiver to the above policies.”

Highlights of the newly released documents also include:

  • A letter from the Director of Operations of the Joint Chiefs of Staff to the Department of Defense Inspector General stating: “It is my determination, as the Original Classification Authority, that both of these transcripts [from the ceremony] contain SECRET / [REDACTED] information. The information in each transcript was classified at the time each incident occurred.”
  • Information revealing that there were actually two classification reviews conducted by the Original Classification Authority (OCA) because the original transcript of Panetta’s speech provided by the CIA to the DOD Inspector General was inaccurate and incomplete: “ISPA [Intelligence and Special Program Assessments] discovered proof of inconsistencies and lack of information on the original transcript received by the CIA in comparison to the video recording. As a result of the inaccurate transcript, OGC determined the OCAs determination are not valid and must been resubmitted for another OCA determination to include the verbatim information.”
  • A CIA Review reference suggesting that former CIA Chief of Staff (then DOD Chief of Staff) Jeremy Bash as the individual responsible for directing the CIA’s Office of Public Affairs to allow Boal to attend the ceremony: “… OS [Office of Security] did speak with an OPA [Office of Public Affairs] representative who was involved in the ceremony, who advised that the ODCIA [Office of the Director of the Central Intelligence Agency] directed Mr. Boal to attend the ceremony.”  This appears to confirm information provided in the DOD IG report: “[T]he CIA PAO contacted the DOD PAO to state that efforts failed and the ‘Chief of Staff’ directed that the Hollywood executive be given access to the event.”

The inclusion of Boal at the CIA ceremony was not the only instance of the Obama administration apparently attempting to influence the production of the “Zero Dark Thirty” movie. In August 2012, Judicial Watch released records it obtained from the CIA and the Department of Defense pursuant to Freedom of Information Act (FOIA) lawsuit regarding meetings and communications between government agencies, Boal, and film director Kathryn Bigelow, as they prepared to shoot “Zero Dark Thirty.” According to a June 15, 2011, email from Benjamin Rhodes, Deputy National Security Advisor for Strategic Communications, the Obama White House was intent on “trying to have visibility into the UBL (Usama bin Laden) projects and this is likely a high profile one.”

“The new CIA internal documents obtained confirm conclusively that former CIA Director Panetta breeched national security in order to curry favor with Hollywood filmmakers who the Obama administration hoped would make a pro-Obama film,” said Judicial Watch President Tom Fitton. “The sensitivities about classified leaks from this administration don’t seem to extend to top level officials like Mr. Panetta.  This new information suggests that a criminal probe of this dangerous leak is appropriate.”

AP:

Panetta said through a spokesman that he didn’t know Boal was in the room.

“I had no idea that individual was in the audience,” Panetta said in a statement. “To this day, I wouldn’t know him if he walked into the room.” Panetta spokesman Jeremy Bash said Panetta assumed everyone in the audience had the proper clearance to hear the speech.

CIA spokesman Dean Boyd said the CIA has since “overhauled its procedures for interaction with the entertainment industry after an extensive internal review.” He said the agency now maintains “a centralized record-keeping system for entertainment industry requests and, earlier this year, issued detailed guidance on contact with the industry and support for entertainment-related projects,” to make sure classified material is protected.

Boal declined to comment.

UPDATE: Pentagon Probing Leakers of “Zero Dark Thirty” Reports, While Panetta/Vickers Go Unpunished

Related Links:

Zero Dark Thirty Wins Oscar for Best Propaganda Picture

Zero Dark Thirty, CIA and Film Critics Have a Very Bad Evening

The New Propaganda is Liberal, The New Slavery is Digital

NSA Using Advertising Data for Surveillance: Cookies to Identify Hacking Targets, Mobile Apps to Track Locations

In Archive, GCHQ, Hacking, NSA, NSA Files, SSO, Surveillance, TAO on December 11, 2013 at 6:47 AM

12/10/2013

Ashkan Soltani/Andrea Peterson/Barton Gellman/WashingtonPost:

The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using “cookies” and location data to pinpoint targets for government hacking and to bolster surveillance.

The agency’s internal presentation slides, provided by former NSA contractor Edward Snowden, show that when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government. The slides also suggest that the agency is using these tracking techniques to help identify targets for offensive hacking operations.

According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files or “cookies” that advertising networks place on computers to identify people browsing the Internet. The intelligence agencies have found particular use for a part of a Google-specific tracking mechanism known as the “PREF” cookie. These cookies typically don’t contain personal information, such as someone’s name or e-mail address, but they do contain numeric codes that enable Web sites to uniquely identify a person’s browser.

In addition to tracking Web visits, this cookie allows NSA to single out an individual’s communications among the sea of Internet data in order to send out software that can hack that person’s computer. The slides say the cookies are used to “enable remote exploitation,” although the specific attacks used by the NSA against targets are not addressed in these documents.

The NSA’s use of cookies isn’t a technique for sifting through vast amounts of information to find suspicious behavior; rather, it lets NSA home in on someone already under suspicion – akin to when soldiers shine laser pointers on a target to identify it for laser-guided bombs.

Given the widespread use of Google services and widgets, most Web users are likely to have a Google PREF cookie even if they’ve never visited a Google property directly.

That PREF cookie is specifically mentioned in an internal NSA slide, which reference the NSA using GooglePREFID, their shorthand for the unique numeric identifier contained within Google’s PREF cookie. Special Source Operations (SSO) is an NSA division that works with private companies to scoop up data as it flows over the Internet’s backbone and from technology companies’ own systems. The slide indicates that SSO was sharing information containing “logins, cookies, and GooglePREFID” with another NSA division called Tailored Access Operations, which engages in offensive hacking operations. SSO also shares the information with the British intelligence agency GCHQ.

This isn’t the first time Google cookies have been highlighted in the NSA’s attempts to identify targets to hack. A presentation released in October by the Guardian called “Tor Stinks” indicates that the agency was using cookies for DoubleClick.net, Google’s third-party advertising service, in an attempt to identify users of the Internet anonymization tool Tor when they switched to regular browsing.

Separately, the NSA is also using commercially gathered information to help it locate mobile devices around the world, the documents show. Many smartphone apps running on iPhones and Android devices, and the Apple and Google operating systems themselves, track the location of each device, often without a clear warning to the phone’s owner. This information is more specific than the broader location data the government is collecting from cellular phone networks, as reported by the Post last week.

Another slide indicates that the NSA is collecting location data transmitted by mobile apps to support ad-targeting efforts in bulk. The NSA program, code-named HAPPYFOOT, helps the NSA to map Internet addresses to physical locations more precisely than is possible with traditional Internet geolocation services.

Many mobile apps and operating systems use location-based services to help users find restaurants or establishments nearby. In fact, even when GPS is disabled, most smart phones silently determine their location in the background using signals from Wi-Fi networks or cellular towers.

And apps that do not need geo-location data may still collect it anyway to share with third-party advertisers. Just last week, the Federal Trade Commission announced a settlement for a seemingly innocuous flashlight app that allegedly leaked user location information to advertisers without consumers’ knowledge.

Apps transmit their locations to Google and other Internet companies because ads tied to a precise physical location can be more lucrative than generic ads. But in the process, they appear to tip off the NSA to a mobile device’s precise physical location. That makes it easier for the spy agency to engage in the sophisticated tracking techniques the Post described in their Dec. 4 story.

These specific slides do not indicate how the NSA obtains Google PREF cookies or whether the company cooperates in these programs, but other documents reviewed by the Post indicate that cookie information is among the data NSA can obtain with a Foreign Intelligence Surveillance Act order. If the NSA gets the data that way, the companies know and are legally compelled to assist.

Related Link: “Golden Nugget! The Mobile Surge”: NSA/GCHQ Target Smartphone Apps to Collect Personal Data/Location Info

%d bloggers like this: