/realnews/ - REAL NEWS

The NSA relies on several major telecom companies and their permission to direct backbone access, AT&T just happens to be the biggest contributor. This, in fact, was revealed long before Snowden by an AT&T technician named Mark Klein:

https://en.wikipedia.org/wiki/Room_641A

https://cpunks.org/pipermail/cypherpunks/2015-August/008872.html

The NYT-Propublica is an informative and impressive release,

in many ways better than previous. It expands on the earlier

revelations (as the narratives state) with some overlap and filling

in gaps. A good sign the holders of the balance of the Snowden

dump are digging deeper and learning how convey a fuller picture

or at least a more enthralling one for the public while techologists

twiddle thumbs awaiting useful data to devise defenses. (A hint

from some Snowden withholders there may be handoffs to

technologists separate from the public. Schneier, Matthew

Green, a few other comsec wizards aiding publishers have

said as much.)

Hardly complete to be sure, with about 10% of the dump

published, with plenty of gaps indicated by jumps in narratives

and still too many redactions – presumably the result of

consulting with officials as heretofore disclosed, or due to

Snowen's instructions about what to withhold, either to

"avoid national security harm" or in expectation US prosecutors

might be mollified in the negotiations for his return to the

US.

Most frustratingly, details of the spying technology are

missing with emphasis still on slide shows and textual

summaries – most likely to satisfy the public rather than

technologists at home and national opponents.

Jacob Appelbaum's and a few others releases of the

technology are the exception, civil liberties and lawful

issues remaining in the forefront of released documents

and much more so for the journalistic accounts.

It might be surmised that staying away from technology

disclosures and featuring 5-Eyes and partners prowess

and comprehensiveness of slides and text serves to

warn the enemy of what's in store without disclosing

information to defend against it.

In particular, Snowden's and associates harping on the

need for widespread, strong encryption use, even though

the documents show how the spies bypass it, undermine it,

use it for deception, implant backdoors in it (as well as in

chips, OSes, routers, nodes, cable stations, server farms,

teleco hubs, virtually everywhere in the global system as

shown in this latest release) should be taken as a warning

encryption is not the magic cape its proponents claim.

This suggests reliance upon encryption may be a decoy to

divert attention from other comsec protection, the old

CryptoAG ploy: The most trusted comsec the most

likely not.

The tremendous rush to market cybersecurity means and

methods for public consumption, combined with 5-Eyes

outreach to industry for means and methods to defeat

cybersecurity, is a wonderful paradox, albeit powerfully

stenching with treachery.

Whether Snowden is more of a hero to the public than to

5-Eyes and its partners is up for future historical debate.

Say 25-30 years ahead, about the time required for

full disclosure of the Snowden dump at the current rate of

release (to the public, not clear which wizards getting

early access are developing products, sales and industries

to capitalize on cybersecurity alarm, some most assuredly

are based on their inability to avoid bragging about being

consulted by government, industry, NGOs,, vulture capitalists,

and the usual speaker bureaus where wizards flog their

skills.)

The EFF provided evidence in two of its cases that it was not just AT&T that helped the NSA collect phone records for millions of Americans, but also Verizon Wireless and Sprint. This information was not previously given by the government, which claimed that it was a state secret.

Despite all the revelations in the media from Snowden’s documents and other sources that the U.S. government is collecting citizens’ information, the administration is still claiming that either individuals or organizations such as the EFF have “no standing” to sue because they can’t prove that they were spied upon.

Of course, this kind of argument quickly turns into circular logic, because such evidence is often secret and can’t be easily given away via FOIA requests either (the released documents are often heavily redacted to the point of being useless). Therefore, you can’t prove you were spied upon because that information is typically classified.

Still, this time the EFF managed to get some evidence that AT&T, Verizon Wireless and Sprint were involved in helping NSA with the mass collection of phone records, from filings made to the secret Foreign Intelligence Surveillance Court (FISC) that were recently made public.

The EFF also got a letter sent from the DoJ to the FISC that was released in a FOIA lawsuit started by the New York Times, where the names “AT&T,” “Verizon,” “Verizon Wireless,” and “Sprint” are mentioned in regards to phone records collection. From a previously-released document by the Office of the Director of National Intelligence, the EFF learned that the letter is indeed about the mass collection of phone records.

The U.S. government’s tactics to either convince the judges to reject mass spying cases or at least delay them have worked rather well so far, but the EFF hopes this new evidence will put the focus back on the government’s violations of the First Amendment’s right of association and the Fourth Amendment’s protection against both unreasonable searches and seizures.

The EFF is now using this evidence in two of its cases: Smith vs. Obama, where both the EFF and ACLU are providing the legal aid to Anna Smith, who is suing the U.S. government over its bulk collection of telephone records, and First Unitarian Church of Los Angeles v. NSA where 22 organizations are suing the NSA for their First Amendment right of association.

https://archive.is/tj98E

THE INTERCEPT HAS OBTAINED a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States.

The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before.

The Intercept obtained the catalogue from a source within the intelligence community concerned about the militarization of domestic law enforcement.

https://cryptome.org/2015/12/cellphone-spy-equip.pdf

https://theintercept.com/document/2015/12/17/government-cellphone-surveillance-catalogue/

A few of the devices can house a “target list” of as many as 10,000 unique phone identifiers. Most can be used to geolocate people, but the documents indicate that some have more advanced capabilities, like eavesdropping on calls and spying on SMS messages. Two systems, apparently designed for use on captured phones, are touted as having the ability to extract media files, address books, and notes, and one can retrieve deleted text messages.

Above all, the catalogue represents a trove of details on surveillance devices developed for military and intelligence purposes but increasingly used by law enforcement agencies to spy on people and convict them of crimes. The mass shooting earlier this month in San Bernardino, California, which President Barack Obama has called “an act of terrorism,” prompted calls for state and local police forces to beef up their counterterrorism capabilities, a process that has historically involved adapting military technologies to civilian use. Meanwhile, civil liberties advocates and others are increasingly alarmed about how cellphone surveillance devices are used domestically and have called for a more open and informed debate about the trade-off between security and privacy — despite a virtual blackout by the federal government on any information about the specific capabilities of the gear.

“We’ve seen a trend in the years since 9/11 to bring sophisticated surveillance technologies that were originally designed for military use — like Stingrays or drones or biometrics — back home to the United States,” said Jennifer Lynch, a senior staff attorney at the Electronic Frontier Foundation, which has waged a legal battle challenging the use of cellphone surveillance devices domestically. “But using these technologies for domestic law enforcement purposes raises a host of issues that are different from a military context.”

MANY OF THE DEVICES in the catalogue, including the Stingrays and dirt boxes, are cell-site simulators, which operate by mimicking the towers of major telecom companies like Verizon, AT&T, and T-Mobile. When someone’s phone connects to the spoofed network, it transmits a unique identification code and, through the characteristics of its radio signals when they reach the receiver, information about the phone’s location. There are also indications that cell-site simulators may be able to monitor calls and text messages.

https://archive.is/zfPdX

https://archive.is/8fqtV

https://theintercept.com/2015/12/17/a-secret-catalogue-of-government-gear-for-spying-on-your-cellphone/

http://www.infowars.com/whistleblower-leaks-secret-catalog-of-cell-phone-surveillance-devices/