Meltdowns at NSA spy data center destroy equipment, delay opening

NSA struggling to identify cause of explosions that delayed facility for a year. 
by Jon Brodkin

The NSA's Utah Data Center.

Swilsonmc

A massive data center being built by the National Security Agency to aid its surveillance operations has been hit by "10 meltdowns in the past 13 months" that "destroyed hundreds of thousands of dollars worth of machinery and delayed the center's opening for a year," the Wall Street Journalreported last night.

The first of four facilities at the Utah Data Center was originally scheduled to become operational in October 2012, according to project documents described by the Journal. But the electrical problems—described as arc fault failures or "a flash of lightning inside a 2-foot box"—led to explosions, failed circuits, and melted metal, the report states:

The first arc fault failure at the Utah plant was on Aug. 9, 2012, according to project documents. Since then, the center has had nine more failures, most recently on Sept. 25. Each incident caused as much as $100,000 in damage, according to a project official.

It took six months for investigators to determine the causes of two of the failures. In the months that followed, the contractors employed more than 30 independent experts that conducted 160 tests over 50,000 man-hours, according to project documents.

The 1 million square foot data center, filled with supercomputers and storage equipment to maintain surveillance information, is slated to cost $1.4 billion to construct. One project official told the Journalthat the NSA planned to start turning on some of the computers at the facility this week. "But without a reliable electrical system to run computers and keep them cool, the NSA's global surveillance data systems can't function," the newspaper wrote.

Project officials are still trying to determine the cause of the meltdowns, and they disagree about whether proposed fixes will work. Backup generators have failed repeated tests, cooling systems "remain untested," and "there are also disagreements among government officials and contractors over the adequacy of the electrical control systems."

The Army Corps of Engineers is overseeing construction and promised to make sure the data center is "completely reliable" before allowing it to go online.

By: Unknown On 8:04 AM

Continue Reading

How the NSA might use Hotmail or Yahoo cookies to identify Tor users

"Quantum cookie" attacks are plausible but only in highly limited cases. 
by Dan Goodin

An image taken from documents former NSA contractor Edward Snowden provided to The Guardian newspaper.

The Guardian

One of the more intriguing revelations in the most recent leak of NSA documents is the prospect that the spy agency is using browser cookies from the Google-owned DoubleClick ad network, Yahoo, or Hotmail to decloak users of the Tor anonymity service.

One slide from a June 2012 presentation titled "Tor Stinks" carried the heading "Analytics: Cookie Leakage" followed by the words "DoubleclickID seen on Tor and nonTor IPs." The somewhat cryptic slide led to rampant speculation on Twitter and elsewhere that the NSA and its British counterpart, the Government Communications Headquarters (GCHQ), are able to bypass Tor protections by somehow manipulating the cookies Google uses to track people who have viewed DoubleClick ads. Principal volunteers with the Tor Project believe such a scenario is "plausible," but only in limited cases. Before explaining why, it helps to discuss how such an attack might work.

As documented elsewhere in the "Tor Stinks" presentation, the spy agencies sometimes use secret servers that are located on the Internet backbone to redirect some targets to another set of secret servers that impersonate the websites the targets intended to visit. Given their privileged location, the secret backbone nodes, dubbed "Quantum," are able to respond to the requests faster than the intended server, allowing them to win a "race condition." Government spies can't track cookies within the Tor network, because traffic is encrypted during its circuitous route through three different relays. But if the spies can watch the Internet backbone, they may be able to grab or manipulate cookies once the data exits Tor and heads toward its final destination.

A slide later in the deck refers to something called "QUANTUMCOOKIE," which purportedly "forces clients to divulge stored cookies." There are multiple ways to interpret such a vague bullet point. One of the more plausible is that the Quantum backbone servers can be used to serve cookies not just from DoubleClick or Google, but from Yahoo, Hotmail, or any other widely used Internet service.

Significant constraints

For dissidents of repressive governments, corporate or government whistleblowers, investigative journalists, and other Tor users, the prospect of being outted by a tracking cookie sounds scary. But based on the details included in the slides, it appears there are significant constraints on such attacks.

For one thing, as a separate slide instructed: "Use cookies to identify Tor users when they are not using Tor." Bullet points immediately below read:

• Current: preliminary analysis shows that some cookies "survive" Tor use. Depends on how target is using Tor (Torbutton/Tor Browser Bundle clears out cookies).
• Goal: test with cookies associated with CT targets
  —Idea: what if we seeded cookies to a target?
  — Investigate Evercookie persistence

"Torbutton" is a reference to a Firefox extension that Tor developers haven't used this way in almost 18 months. The feature allowed users to click a button to choose whether to funnel their traffic through the anonymous Tor network or over their regular Internet connection. By mid 2011, developers warned that the Torbutton could leak cookies or other data from regular Internet connections into Tor traffic, a behavior that could allow eavesdroppers to correlate users' public profiles or viewing history with Tor activities that were presumed private. The Torbutton's "toggle model" was formally purged from the Tor Browser Bundle in May 2012.

The effect of this change, as well as additional improvements that more carefully deleted all cookies when the Tor Browser Bundle is closed, is that the described attacks using cookies from DoubleClick or other services are in most cases not possible.

"The key point here is that it doesn't matter now if you can trick the browser into revealing its cookie anymore," Roger Dingledine, the lead Tor developer who often goes by the handle arma, wrote in an e-mail to Ars. "Back when we used the 'toggle' model, you might have a cookie on your browser that was created when you were in 'not using Tor' mode. That cookie is really dangerous if they can get a hold of it while you're using Tor, because it links you to your 'non-Tor' identity. Now that the toggle model is gone, and Tor Browser is really good about clearing cookies when you close it, then tricking Tor Browser into telling you about its (temporary, session-only, only gotten over Tor) cookies is much less dangerous."

One possible exception that Tor users should be aware of is the risk that comes when they log in to Hotmail, Gmail, or another service, even when running the most recent version of the Tor Browser Bundle. Until users log out and either close the browser or enable the "new identity" function, an attack mounted by a Quantum node might be able to redirect them to an imposter site that's able to retrieve a cookie set by the currently logged-in service.

To recap, here's how a cookie-based attack might work against someone using the old Tor software, based on a scenario offered by Dingledine:

Let's say there's a website, http://guardian.co.uk/, and the adversary wants to learn the identities of users who visit it over Tor and ask for a certain document.

Let's also suppose that the adversary can install their "Quantum" box on the Internet quite close to the Guardian webserver.

And we have Alice, our anonymous Tor user who uses Firefox and Torbutton in the old "Tor enabled" mode.

She clicks on the URL for her document, and her request is tunneled through the Tor network. Her Tor exit relay makes a Web request on her behalf to the Guardian website, but Quantum sees the Web request and answers it before the real Guardian website can answer.

Quantum's answer consists of an http redirect that makes Alice's browser think the website has asked her to load Hotmail and Yahoo. So she does, over Tor.

But in the old toggle model, what if she still had some old cookies lying around, back from when she had Tor disabled and was browsing normally? If she's a Yahoo user or a Hotmail user, then when her browser connects to those sites it will happily send her login cookie. The adversary then goes to whichever one(s) worked and asks them for subscriber information about the user they originally gave that login cookie to. Bad news for Alice.

Still a lot work to do

The bottom line is this: there's nothing in the slides that suggests the cookie attacks are a threat to Tor users who run up-to-date software and follow best-practice advice repeatedly offered by Tor volunteers. Of course, it's possible the NSA and GCHQ have techniques. Chief among them is the use of Quantum servers to redirect Tor users to sites that exploit security vulnerabilities to surreptitiously install malware on their computers. Such attacks have long been recognized as a risk, but they come at a cost to spy agencies since success requires the availability of a vulnerability in a current version of the software that can be exploited with no indication to the end user. That requirement makes it harder for agents to carry out the attacks against large numbers of targets.

"Looking over the rest of the slides, they seem to be asking some of the right questions, but they don't seem to have any more answers than we do in the academic research community—and in many cases the papers at http://freehaven.net/anonbib/ provide significantly better answers than these slides do," Dingledine wrote. "Or said more clearly, we still have a lot of work to do to make Tor both safe and usable, but we don't have any new work based on these slides."

By: Unknown On 11:35 AM

Continue Reading

US Intelligence Chief Defends Attempts to Break TOR Anonymity Network

by Arik Hesseldahl

The National Security Agency may have attempted to penetrate and compromise a widely used network designed to protect the anonymity of its users, but it was only because terrorists and criminals use it too.

That’s the explanation from Director of National Intelligence James Clapper about the recently disclosed attacks by the NSA and its companion agency in the UK against The Onion Router or TOR, a network that uses a constantly changing list of specially configured servers to relay and anonymize the Internet traffic of its users.

In a statement posted to the DNI’s blog, Clapper acknowledged NSA’s “iterest in tools used to facilitate anonymous online communication.” However media coverage of the work fails to point out “that the Intelligence Community’s interest in online anonymity services and other online communication and networking tools is based on the undeniable fact that these are the tools our adversaries use to communicate and coordinate attacks against the United States and our allies.”

And that’s the traffic that the NSA is hoping to capture and analyze. Clapper argues in the post that intelligence agencies are interested only in “…communication related to valid foreign intelligence and counterintelligence purposes.”

New attention has come to TOR and its users in part because of the arrest Wednesday by the FBI of the alleged operated of Silk Road, an online marketplace for the sale and distribution of illicit drugs that existed in the so-called Dark Web, reachable only by a TOR-enabled browser.

In a slide presentation leaked by Edward Snowden, the NSA discussed its struggles to defeat the anonymity that Tor provides. As of the time of the presentation, which is dated June of 2012, it hadn’t had much luck. “We will never be able to de-anonymize all Tor users all of the time,” the presentation says. Using what it calls “manual analysis,” it had had some success in “de-anonymizing” a small fraction of people using Tor. The deck also shows that the NSA sought to collaborate with the Government Communications Headquarters, the United Kingdom’s signals intelligence agency on its efforts.

It was all legal and appropriate, Clapper argues because “Within our lawful mission to collect foreign intelligence to protect the United States, we use every intelligence tool available to understand the intent of our foreign adversaries so that we can disrupt their plans and prevent them from bringing harm to innocent Americans. …Our adversaries have the ability to hide their messages and discussions among those of innocent people around the world. They use the very same social networking sites, encryption tools and other security features that protect our daily online activities.”

The ironic part is that TOR was invented at the US Naval Academy as a project meant to help activists overseas evade surveillance by officials of repressive regimes. A good amount of its funding has come from the NSA’s parent agency, the US Department of Defense.

 

By: Unknown On 10:36 AM

Continue Reading

Why the NSA Hates Tor, the Network That Protects Internet Anonymity

by Arik Hesseldahl

If you know anything about it, then it probably doesn’t come as much of a surprise that the National Security Agency really dislikes Tor, a.k.a. The Onion Router.

As I described yesterday, Tor is an open-source network that provides people connected to it a pretty strong, though not perfect, method for browsing the Internet anonymously. You have to be using it in order to access the so-called “Dark Web,” which is where Silk Road, the online bazaar of illicit drugs and other things, existed until its operator was arrested in San Francisco on Wednesday. The case has cast new attention on both the Dark Web and on Tor itself.

Given its roots as a project born at the U.S. Naval Academy, it’s a tad ironic that the NSA dislikes it so much, but it’s pretty clear from a slide deck on the subject leaked by former NSA contractor Edward Snowden and published by The Guardian today that its opinion is clear. The title of the deck is “TOR Stinks.”

The presentation shows that the agency struggled to defeat the anonymity that Tor provides. As of the time of the presentation, which is dated June of 2012, it hadn’t had much luck. “We will never be able to de-anonymize all TOR users all of the time,” the presentation says. Using what it calls “manual analysis,” it had had some success in “de-anonymizing” a small fraction of people using Tor.

The deck shows that the NSA sought some inspiration from the Government Communications Headquarters, the United Kingdom’s signals intelligence agency. Under a program called Remation II, the two sought to combine their resources to figure out some new methods for attacking Tor. The idea appears to be to operate a network of Tor-enabled relay servers and get access to others. It’s unclear how far the attack might have progressed by now.

The GCHQ also sought to peel back the onion — sorry, couldn’t resist — on the identity of Dark Web sites like Silk Road. These are the sites that operate in the hidden space on the Web, and which have weird, difficult-to-remember Web addresses that end in .onion. The goal of the efforts was to “harvest and enumerate .onion URLs,” the presentation says.

Another line of inquiry involved seeking information on .onion sites that happen to be running on Amazon Web Services, the commerce giant’s cloud computing service. The presentation says that the GCHQ set up its own Tor servers on AWS as part of the Remation II program.

One other idea: Poison the Tor network itself. In the penultimate slide, the presentation asks if it would make sense to set up a network of Tor nodes, advertise them as running at high speeds, while in fact they would run slowly. The point, the slide reads, would be “to degrade the overall stability of the network.” In the end the presentation seems to argue against that approach. “A critical mass of targets use TOR. Scaring them away from using it might be counterproductive.”

As with any technology providing anonymity, Tor can be used for good things and for bad things. Political activists in countries with repressive regimes use it to communicate securely when the likelihood of government surveillance is high, and in fact it was for this purpose that Tor was created. (It’s a pretty sure bet that Syrian rebels are using it, for example.) The development work is partially funded by the U.S. Department of Defense, which is the NSA’s parent agency, which is sort of awkward.

Anyway, the existence of the presentation is probably good news if you’re someone who has a non-criminal reason for protecting your anonymity on the Web. It means that even the powerful NSA has trouble coping with Tor, which means you can probably still use it with a reasonable amount of confidence, provided you’re doing it right. That doesn’t mean they won’t figure out a way to compromise it. But it will probably take some time.

By: Unknown On 11:58 AM

Continue Reading

NSA repeatedly tries to unpeel Tor anonymity and spy on users, memos show

Analysts grudgingly hail Tor as "king of high-secure, low-latency" anonymity. 
by Dan Goodin

Wikipedia

The National Security Agency and its UK counterpart have made repeated and determined attempts to identify people using the Tor anonymity service, but the fundamental security remains intact, as top secret documents published by Friday revealed.

The classified memos and training manuals—which were leaked by former NSA contractor Edward Snowden and reported by The Guardian, show that the NSA and the UK-based Government Communications Headquarters (GCHQ) are able to bypass Tor protections, but only against select targets and often with considerable effort. Indeed, one presentation slide grudgingly hailed Tor as "the king of high-secure, low-latency internet anonymity." Another, titled "Tor Stinks," lamented: "We will never be able to de-anonymize all Tor users all the time."

Enter EgotisticalGiraffe

The documents go on to reveal a panoply of covert technologies with names like FoxAcid, Quantum, Stormbrew, Fairview, and Turbulence. The goal of some is to exploit software bugs in the Firefox browser and other software applications used by individual Tor users. Another program uses Tor servers operated by the NSA to redirect user requests or spot patterns in Internet traffic that enters or exits the Tor network. NSA and GCHQ agents also discussed efforts to "shape" or influence future developments of the Tor software and network.

One prominent technique for monitoring terrorists and other people using Tor was dubbed EgotisticalGiraffe. It involves exploiting vulnerabilities contained in the software bundle that Tor makes available to users. One attack targeted a serious bug in a Firefox component known as the ECMAScript for XML (E4X), according to cryptographer Bruce Schneier, who authored this technical analysis for The Guardian. The vulnerability was "inadvertently" fixed when Firefox developers updated the E4X library. Tor users who don't update their software, of course, remained susceptible.

A "less complex exploit" in the NSA's arsenal was the same one used in July to decloak a man suspected of using Tor to run a child porn service. The attack relied on malicious JavaScript that's embedded in a website the Tor user is visiting. The vulnerability has also been fixed in recent versions of Firefox.

According to Schneier, NSA agents were able to use secret servers located on the Internet backbone to redirect some users to another set of secret servers that were codenamed FoxAcid to infect users' computers. Because some of the servers were located on the high-speed links that connect end users to websites, NSA nodes dubbed Quantum were able to respond to requests faster than the server the end user intended to visit. Schneier cited this top-secret diagram as evidence of a Quantum server impersonating Google in such an attack.

Schneier provided additional technical details:

According to various top-secret documents provided by Snowden, FoxAcid is the NSA codename for what the NSA calls an "exploit orchestrator," an internet-enabled system capable of attacking target computers in a variety of different ways. It is a Windows 2003 computer configured with custom software and a series of Perl scripts. These servers are run by the NSA's tailored access operations, or TAO, group. TAO is another subgroup of the systems intelligence directorate.

The servers are on the public internet. They have normal-looking domain names, and can be visited by any browser from anywhere; ownership of those domains cannot be traced back to the NSA.

However, if a browser tries to visit a FoxAcid server with a special URL, called a FoxAcid tag, the server attempts to infect that browser, and then the computer, in an effort to take control of it. The NSA can trick browsers into using that URL using a variety of methods, including the race-condition attack mentioned above and frame injection attacks.

FoxAcid tags are designed to look innocuous, so that anyone who sees them would not be suspicious. An example of one such tag is given in another top-secret training presentation provided by Snowden.

There is no currently registered domain name by that name; it is just an example for internal NSA training purposes.

Schneier said FoxAcid was a general system operated under the NSA's computer network exploitation program and is used for many types of attacks other than the Tor attacks described in his analysis. It has a modular design, so it can be used with a variety of exploits and in a variety of settings.

What's encouraging in Friday's report is the absence of any vulnerability in Tor itself. That may be reassuring to journalists, political dissidents and, yes, Internet criminals and terrorists—who all rely on the service to keep their location and identities secret. The recent takedown of Silk Road—a Tor-protected website that arranged $1.2 billion in sales of heroin, cocaine, and other illicit goods and services—has only ramped up concern that there might be obscure flaws that allowed the government or anyone who discovered them to unmask users. Of course, no proof of crippling vulnerabilities isn't the same thing as proof that none exist, but it's better than some of the scenarios users have drawn in recent months.

"The good news is they went for a browser exploit, meaning there's no indication they can break the Tor protocol or do traffic analysis on the Tor network," Roger Dingledine, the president of the Tor Project told The Guardian. "Infecting the laptop, phone, or desktop is still the easiest way to learn about the human behind the keyboard. Tor still helps here: you can target individuals with browser exploits, but if you attack too many users, somebody's going to notice. So even if the NSA aims to surveil everyone, everywhere, they have to be a lot more selective about which Tor users they spy on."

By: Unknown On 11:54 AM

Continue Reading

Ex-NSA chief jokes about putting Snowden on a hit list, advocates “targeted killings”

"Assassinations are forbidden by executive order—we don't do assassinations." 

by Cyrus Farivar

A former National Security Agency director joked at a cybersecurity conference on Thursday that NSA-leaker Edward Snowden should be put on a kill list rather than a human rights award list.

"I must admit, in my darker moment[s] over the past several months, I'd also thought of nominating Mr. Snowden, but it was for a different list," Gen. Michael Hayden said at the Washington Post-sponsored event, according to The Hill.

Hayden later fielded a question about an upcoming investigation by journalists Glenn Greenwald and Jeremy Scahill into alleged NSA involvement with assassinations. He dismissed the idea and said that while the US does not conduct assassinations, it does conduct “targeted killings.”

"Yes, we do targeted killings, and I certainly hope they make full use of the capacities of the National Security Agency when we do that," he said. "Assassinations are forbidden by executive order. We don't do assassinations."

Hayden later articulated this further. As opposed to the policy of no assassinations, he said the US does authorize and conduct "targeted killings against enemy combatants" because the nation is at war. Such killings likely also include drone strikes, which have even killed American citizens in the past.

US targeted killings have been the object of much speculation recently. Just last year, Iran pointed the finger directly at the US and Israel after a number of nuclear scientists were assassinated within the country. (The killings came during the ongoing disagreement over Iran's attempt to grow its nuclear program.) Both the US and Israel denied the accusations, but "the official reaction in Israel appeared to be more cryptic," the New York Times reported.

Courtesy: arstechnica

By: Unknown On 9:17 PM

Continue Reading

How a telecom helped the government spy on me

Some personal reasons to doubt US ISPs, telecoms commitment to customer privacy. 

by Raymond Bonner, ProPublica

Over the past several months, the Obama Administration has defended the government's far-reaching data collection efforts, arguing that only criminals and terrorists need worry. The nation's leading Internet and telecommunications companies have said they are committed to the sanctity of their customers' privacy.

I have some very personal reasons to doubt those assurances.

In 2004, my telephone records, as well as those of another New York Times reporter and two reporters from the Washington Post, were obtained by federal agents assigned to investigate a leak of classified information. What happened next says a lot about what happens when the government's privacy protections collide with the day-to-day realities of global surveillance.

The story begins in 2003 when I wrote an article about the killing of two American teachers in West Papua, a remote region of Indonesia where Freeport-McMoRan operates one of the world's largest copper and gold mines. The Indonesian government and Freeport blamed the killings on a separatist group, the Free Papua Movement, which had been fighting a low-level guerrilla war for several decades.

Owen Blacker

I opened my article with this sentence: "Bush Administration officials have determined that Indonesian soldiers carried out a deadly ambush that killed two American teachers."

I also reported that two FBI agents had travelled to Indonesia to assist in the inquiry and quoted a "senior administration official" as saying there "was no question there was a military involvement.''

The story prompted a leak investigation. The FBI sought to obtain my phone records and those of Jane Perlez, the Times bureau chief in Indonesia and my wife. They also went after the records of theWashington Post reporters in Indonesia who had published the first reports about the Indonesian government's involvement in the killings.

As part of its investigation, the FBI asked for help from what is described in a subsequent government report as an "on-site communications service" provider. The report, by the Department of Justice's Inspector General, offers only the vaguest description of this key player, calling it "Company A.''

"We do not identify the specific companies because the identities of the specific providers who were under contract with the FBI for specific services are classified,'' the report explained.

Whoever they were, Company A had some impressive powers. Through some means—the report is silent on how—Company A obtained records of calls made on Indonesian cell phones and landlines by the Times and Post reporters. The records showed whom we called, when, and for how long—what has now become famous as "metadata."

Under DOJ rules, the FBI investigators were required to ask the attorney general to approve a grand jury subpoena before requesting records of reporters' calls. But that's not what happened.

Instead, the bureau sent Company A what is known as an "exigent letter'' asking for the metadata.

A heavily redacted version of the DOJ report, released in 2010, noted that exigent letters are supposed to be used in extreme circumstances where there is no time to ask a judge to issue a subpoena. The report found nothing "exigent'' in an investigation of several three-year-old newspaper stories.

The need for an exigent letter suggests two things about Company A. First, that it was an American firm subject to American laws. Second, that it had come to possess my records through lawful means and needed legal justification to turn them over to the government.

The report disclosed that the agents' use of the exigent letter was choreographed by the company and the bureau. It said the FBI agent drafting the letter received "guidance" from "a Company A analyst.'' According to the report, lawyers for Company A and the bureau worked together to develop the approach.

Not surprisingly, "Company A" quickly responded to the letter it helped write. In fact, it was particularly generous, supplying the FBI with records covering a 22-month period, even though the bureau's investigation was limited to a seven-month period. Altogether, "Company A" gave the FBI metadata on 1,627 calls by me and the other reporters.

Only three calls were within the seven-month window of phone conversations investigators had decided to review.

It doesn't end there.

The DOJ report asserts that "the FBI made no investigative use of the reporters' telephone records." But I don't believe that is accurate.

In 2007, I heard rumblings that the leak investigation was focusing on a diplomat named Steve Mull, who was the deputy chief of mission in Indonesia at the time of the killings. I had known Mull when he was a political officer in Poland and I was posted there in the early 1990s. He is a person of great integrity and a dedicated public servant.

The DOJ asked to interview me. Of course, I would not agree to help law enforcement officials identify my anonymous sources. But I was troubled because I felt an honorable public servant had been forced to spend money on lawyers to fend off a charge that was untrue. After considerable internal debate, I decided to talk to the DOJ for the limited purpose of clearing Mull.

It was not a decision I could make unilaterally. The Times also had a stake in this. If I allowed myself to be interviewed, how could the Times say no the next time the government wanted to question a Timesreporter about a leak?

The Times lawyer handling this was George Freeman, a journalist's lawyer, a man Times reporters liked having in their corner. George and the DOJ lawyers began to negotiate over my interview. Eventually, we agreed that I would speak on two conditions: one, that they could not ask me for the name of my source; and two, if they asked me if it was ‘X,' and I said no, they could not then start going through other names.

Freeman and I sat across a table from two DOJ lawyers. I'm a lawyer, and I prided myself on being able to answer their questions with ease, never having to turn to Freeman for advice.

Until that is, one of the lawyers took a sheaf of papers that was just off to his right and began asking me about phone calls I made to Mull. One call was for 19 minutes, the DOJ lawyer said, giving me the date and time. I asked for a break to consult with Freeman.

We came back and answered questions about the phone calls. I said that I couldn't remember what these calls were about—it had been more than four years earlier—but that Mull had not given me any information about the killings. Per our agreement, the DOJ lawyers did not ask further questions about my sources, and the interview ended.

I didn't know how the DOJ had gotten my phone records, but I assumed the Indonesian government had provided them. Then, about a year later, I received a letter from the FBI's general counsel, Valerie Caproni who wrote that my phone records had been taken from "certain databases" under the authority of an "exigent letter,'' (a term I had never heard).

Caproni sent similar letters to Perlez, to the Washington Post reporters, and to the executive editors of the Post and the Times, Leonard Downie and Bill Keller, respectively. In addition, FBI Director Robert Mueller called Downie and Keller, according to the report.

Caproni wrote that the records had not been seen by anyone other than the agent requesting them and that they had been expunged from all databases.

I'm uneasy because the DOJ report makes clear that the FBI is still concealing some aspect of this incident. After describing Caproni's letters, the report says, "However, the FBI did not disclose to the reporters or their editors that [BLACKED OUT]." The thick black lines obliterate what appear to be several sentences.

If you were to ask senior intelligence officials whether I should wonder about those deletions, they'd probably say no.

I'm not so sure.

The government learned extensive details about my personal and professional life. Most of those calls were about other stories I was writing. Some were undoubtedly to arrange my golf game with the Australian ambassador. Is he now under suspicion? The report says the data has been destroyed and that only two analysts ever looked at it.

But who is this 'Company A" that willingly cooperated with the government? Why was it working hand in glove with the FBI? And what did the FBI director not tell the editors of the Times and theWashington Post when he called them acknowledging that the government had improperly obtained reporter's records?

Raymond Bonner, a lawyer and former New York Times reporter, is the author of Anatomy of Injustice: A Murder Case Gone Wrong. This story originally appeared on ProPublica.

Courtesy: arstechnica

By: Unknown On 9:09 PM

Continue Reading

What the NSA Might Have Wanted to Learn From Tracking Your Phone

Add this to the list of creepy things the National Security Agency has done to spy on you via your mobile phone. During a series of experiments in 2010 and 2011, the agency gathered up location data.

The latest disclosure came yesterday from the New York Times, which obtained a draft of written answers to expected questions prepared for James Clapper, the U.S. director of intelligence ahead of congressional hearings.

The NSA never took the program to an operational phase, and Clapper’s answer said it was intended to see how the location data would work with the its existing systems. The question is, had the agency taken it operational, what did it expect to learn?

Probably a lot, and there’s been a lot of academic work on the subject with which I’m certain the NSA’s analysts would have been familiar.

The NSA’s experiment reminded me of some other experiments done by researchers at MIT and elsewhere using calling and location data gathered en masse from phones. The research had gotten a lot of attention in the media, well before all these new disclosures about the NSA’s various collection programs, like PRISM. The Wall Street Journal’s Robert Lee Hotz took a look at some of it in 2011. I even wrote about some of it in 2008 for Businessweek magazine.

In 2005, professor Sandy Pentland and Nathan Eagle, then a Ph.D. candidate at MIT, handed out 100 Nokia 6600 smartphones to a bunch of students and faculty, and tracked their every move for nine months — collecting call logs, Bluetooth devices in proximity, the cell towers they were closest to, application usage and phone status. They collected data on some 45,000 hours of human activity in the process.

Tracking how often the phonse came close enough to other people’s phones turned out to an excellent predictor of whether or not a user was friends with another person. “Workplace colleagues, outside friends, and people within a user’s circle of friends were identified with over 90 percent accuracy,” the paper says.

Elsewhere in the paper is the meat of their findings: “By continually logging and time-stamping information about a user’s activity, location, and proximity to other users, the large-scale dynamics of collective human behavior can be analyzed. … Furthermore, a dataset providing the proximity patterns and relationships within large groups of people has implications within the computational epidemiology communities, and may help build more accurate models of airborne pathogen dissemination, as well as other more innocuous contagions, such as the flow of information.”

In short, tracking your phone is pretty good way to figure out who you know, where you’ve been, who you may have talked to. (Pentland and Eagle published a paper about this in the Journal of Personal and Ubiquitous Computing, which you can read here.)

There’s more. In August 2005, Eagle and two other researchers, with the cooperation of wireless and landline phone companies, collected data on 99 percent of wireless phones and 99 percent of home and business landline phones in the U.K. (They published their findings in the journal Science in 2010, and you can read that here.) Their aim this time was to determine if there’s a connection between your economic status, the diversity of your social network, and how much you communicate by phone.

The findings here were a little less conclusive. People in prosperous and less-prosperous communities made about the same number of calls, but people in the prosperous ones tended to have more diverse social networks.

But there’s also a potential social benefit to tracking your phone’s location that has a lot less to do with spying. If you’re sick or have been exposed to someone who is, your phone will have data showing who you’ve been close to. During a public-health emergency, say the outbreak of a bird flu, phone data could be a treasure trove for epidemiologists and public-health officials.

Again, Eagle, this time working with six other researchers published a paper in Science (it’s from 2012, and you can read it here.) For a year, starting in June of 2008 and ending in June of 2009, they tracked the locations of nearly 15 million mobile phones in Kenya. They logged every call and text message, and cross-referenced that with their proximity to each of the 11,920 cell towers in the country.

They used the data on human movements to track the probability of the spread of malaria parasites. (I didn’t know this: Mosquitos carry and spread malaria, but humans do, too.) The result: “The high spatial resolution of our mobility data allowed us to pinpoint particular settlements that are expected to receive or transmit an unexpectedly high volume of parasites compared with surrounding regions.” In short, tracking the movements of people was a good way to track the spread of malaria.

I talked to Eagle for a few minutes yesterday, and asked him what he thought of revelation of the NSA’s research, and what he thought the data might be used for. While he’s intimately familiar with the kind of data the NSA would have been working with — Call Detail Records, or CDRs — he declined to guess as to the NSA’s motivation. “I know the data they would have been working with very well. But I wouldn’t care to speculate about why they wanted it,” he said.

Courtesy: allthingsd

By: Unknown On 8:45 AM

Continue Reading