Riseup, a tech collective that provides security-minded communications to activists worldwide, sounded the alarm last month when a judge in Spain stated that the use of their email service is a practice, he believes, associated with terrorism.
Javier Gómez Bermúdez is a judge of Audiencia Nacional, a special high court in Spain that deals with serious crimes such as terrorism and genocide. According to press reports, he ordered arrest warrants that were carried out on December 16th against alleged members of an anarchist group. The arrests were part of Operation Pandora, a coordinated campaign against “anarchist activity” that has been called an attempt “to criminalize anarchist social movements.” The police seized books, cell phones, and computers, and arrested 11 activists. Few details are known about the situation, since the judge has declared the case secret.
Tag Archives | Security
via First Look:
When Apple and Google unveiled new encryption schemes last month, law enforcement officials complained that they wouldn’t be able to unlock evidence on criminals’ digital devices. What they didn’t say is that there are already methods to bypass encryption, thanks to off-the-shelf digital implants readily available to the smallest national agencies and the largest city police forces — easy-to-use software that takes over and monitors digital devices in real time, according to documents obtained by The Intercept.
We’re publishing in full, for the first time, manuals explaining the prominent commercial implant software “Remote Control System,” manufactured by the Italian company Hacking Team. Despite FBI director James Comey’s dire warnings about the impact of widespread data scrambling — “criminals and terrorists would like nothing more,” he declared — Hacking Team explicitly promises on its website that its software can “defeat encryption.”
via Wikileaks Spy Files:
In early September 2014 WikiLeaks released its last batch of leaked Spy Files – which it had started releasing in 2011. To mark this anniversary, data journalist Alice Corona cleaned and structured the data to build an interactive database combining the three Spy Files releases.
Currently, there are 559 leaked company documents, and 15 location tracking reports from WikiLeaks Counter Intelligence Unit (WLCIU). The 559 files disclose to the public internal documents from more than 100 companies specialized in intelligence and (mass) surveillance technologies.
… Read the rest
These technologies are sold both to Western governments and to dictators, and have been used by the Syrian government. The 15 documents from WLCIU reveal the timestamps and locations of 20 members of these companies, whose whereabouts WikiLeaks has decided to track in order to show where the main surveillance contractors are sending its people. But what does the Spy Files database actually contain?
You can check to see if yours was leaked here: https://isleaked.com/en.php (or you could just change your password for good measure!) Note that you will probably get a Bad Gateway error, but I think that’s because so many people are checking. If you keep trying, you will eventually get through.
I checked mine and it was leaked, but the password is an old one that I haven’t used in awhile (which seems to be the case for a lot of people).
via The Mary Sue:
… Read the rest
Almost 5 million Gmail addresses and their passwords have been compromised and leaked on a Russian Bitcoin forum. Admins on the forum have removed the passwords from the text file, but the Internet is forever, so if your username is among those that have been hacked, you should change your password immediately.
Luckily, there’s a quick tool you can use to figure out if your account information was leaked.
From The Register:
“It’s not as bad as you thought – it’s much worse.”
A leaked NSA cyber-arms catalog has shed light on the technologies US and UK spies use to infiltrate and remotely control PCs, routers, firewalls, phones and software from some of the biggest names in IT.
The exploits, often delivered via the web, provide clandestine backdoor access across networks, allowing the intelligence services to carry out man-in-the-middle attacks that conventional security software has no chance of stopping.
And if that fails, agents can simply intercept your hardware deliveries from Amazon to install hidden gadgets that rat you out via radio communications.
And here I thought I was a centrist. Nafeez Ahmed writes at the Guardian:
… Read the rest
Over the last year, a mass of shocking evidence has emerged on the close ties between Western government spy agencies and giant energy companies, and their mutual interests in criminalising anti-fracking activists.
Activists tarred with the same brush
In late 2013, official documents obtained under freedom of information showed that Canada’s domestic spy agency, the Canadian Security Intelligence Service (CSIS), had ramped up its surveillance of activists opposed to the Northern Gateway pipeline project on ‘national security’ grounds. The CSIS also routinely passed information about such groups to the project’s corporate architect, Calgary-based energy company, Enbridge.
The Northern Gateway is an $8 billion project to transport oil from the Alberta tar sands to the British Columbia coast, where it can be shipped to global markets. According to the documents a Canadian federal agency, the National Energy Board, worked with CSIS and the Royal Canadian Mounted Police to coordinate with Enbridge, TransCanada, and other energy corporations in gathering intelligence on anti-fracking activists – despite senior police privately admitting they “could not detect a direct or specific criminal threat.”
Now it has emerged that former cabinet minister Chuck Strahl – the man appointed by Canadian prime minister Stephen Harper to head up the CSIS’ civilian oversight panel, the Security Intelligence Review Committee (SIRC) – has been lobbying for Enbridge since 2011.
(TSA) isn’t as effective at detecting suspicious characters as one might think. The Government Accounting Office (GAO) has reviewed the TSA’s Screening Passengers by Observation Techniques (SPOT) program was evaluated at being “the same or slightly better than chance.”
The SPOT program since 2007 cost $900 million. The TSA has failed to collect consistent data to prove the effectiveness of the behavioral detection program; worse yet, the SPOT program was initiated without any scientific validation. For reason, the GAO has recommended that Congress cut off funding to this program, something that the Department of Homeland Security disagrees with.
You think that’s bad? That’s only the tip of the damning iceberg.
Anti-TSA activist Johnathan Corbett, who filed a lawsuit against the agency on the faulty nature of their body scanners found a particularly revealing document that declares the probability of terrorists hijacking planes in the United States.
… Read the rest
Jonathan Corbett, a long-time vocal critic of TSA body scanners, has been engaged in a lawsuit against the government concerning the constitutionality of those scanners.
… Read the rest
I. What’s Going On
Corporations are taking advantage of these times by changing their privacy policies so that they can track us, use us, and sell us whatever their algorithms decide that we need or want based on data they have acquired about our movements, contacts, desires, fantasies, or kinks. Governments on the other hand are using our data to make sure that we will never acquire enough power to change any policies that we deem to be a threat to our happiness, livelihood, or survival. In essence, we are at war with these organizations and we should act as such:
“…this is truly unprecedented in history. And what we’re seeing is secrecy and surveillance are completely subverting security and liberty, not just in the United States, but for many, many citizens around the world.”
This corporate misconduct and government surveillance is threatening the internet (2, 3), the original purpose of which was to create an “open architecture networking” system where “a globally interconnected set of computers” would allow “everyone” to “quickly access data and programs from any site”.
The Chaos Computer Club on why authorities are in love with biometrically unlockable devices:
… Read the rest
“It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token”, said Frank Rieger, spokesperson of the CCC. “The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.” Fingerprint biometrics in passports has been introduced in many countries despite the fact that no security gain can be shown.
iPhone users should avoid protecting sensitive data with their precious biometric fingerprint not only because it can be easily faked, as demonstrated by the CCC team. You can easily be forced to unlock your phone against your will when being arrested. Forcing you to give up your passcode is much harder under most jurisdictions than just casually swiping your phone over your handcuffed hands.
Via the MIT Technology Review, the security expert on staying free from the NSA:
… Read the rest
My five tips suck. They are not things the average person can use. One of them is to use PGP [a data-encryption program]. But my mother can’t use PGP. Maybe some people who read your publication will use my tips, but most people won’t.
Basically, the average user is screwed. You can’t say “Don’t use Google”—that’s a useless piece of advice. Or “Don’t use Facebook,” because then you don’t talk to your friends, you don’t get invited to parties, you don’t get laid. It’s like libertarians saying “Don’t use credit cards”; it just doesn’t work in the real world.
The Internet has become essential to our lives, and it has been subverted into a gigantic surveillance platform. The solutions have to be political. The best advice for the average person is to agitate for political change.