Showing posts sorted by relevance for query NSA. Sort by date Show all posts
Showing posts sorted by relevance for query NSA. Sort by date Show all posts

Friday, February 11, 2022

What Do We Really Know About The National Sheriffs Association?

The Association’s funding sources and political affiliations are suspect. That hasn’t stopped them from lobbying Congress and tanking police reforms.

BY JESSICA PISHKO
FEB 11, 2022
JURISPRUDENCE
Pinal County Sheriff Mark Lamb speaks at the Rally to Protect Our Elections sponsored by Turning Point Action at the Arizona Federal Theatre in Phoenix, July 24, 2021. 
USA TODAY NETWORK via Reuters Connect

This week, the National Sheriffs Association held their Winter Conference in Washington, D.C. The meeting is held in the nation’s capital every year, but this year a new event was added to the agenda: a “Hill Day,”in which the NSA arranged meetings between county sheriffs and their congressional representatives to discuss issues that are “meaningful to Sheriffs,” ranging from policing issues to medical care.

Since the summer of 2020, when the nation erupted into protest over police violence, police unions have been hard at work using their immense political power to thwart reform efforts. While police unions generally operate locally, there are state-wide and nation-wide organizations that purport to represent the interests of various law enforcement groups: police chiefs, police captains, and sheriffs. Sheriffs, in particular, have displayed immense resistance to efforts to change policing. Yet the national association that ostensibly represents their interests, and lobbies Congress on their behalf, remains under-examined and under-studied.

Last fall, for example, after every major national law enforcement lobbying group agreed to a set of modest, bipartisan policing reforms hashed out by Sens. Tim Scott and Corey Booker, the sheriffs refused to budge from their hardline position, especially when it came to reforming qualified immunity, the legal doctrine that makes it near-impossible to hold rogue and criminal law enforcement officers liable in civil suits.

Since then, sheriffs, under the leadership of the National Sheriffs Association (NSA), have gone on the warpath, pushing false narratives about a “war on cops” and whipping up unsubstantiated panic about increasing crime. In one instance, Louisiana Sheriff Vernon Stanforth, the President of the NSA, went on a local news station to call for federal support in arresting alleged shoplifters because they were “terrorizing their communities.” His request was backed up by a general NSA call for an action by the Biden administration on retail theft (which isn’t a federal crime).

The next day, Executive Director and CEO of the NSA Jonathan Thompson – who is a paid employee of the organization and not an elected sheriff – went on Fox News to complain about the NFL’s discretionary donations to groups engaged in criminal system reform through the “Inspire Change” initiative. Thompson topped his complaints with a veiled threat that players should “spend one night in a cruiser or a jail to see the horrendous effects of runaway crime.”

The sheriffs even went so far as to slam a leaked draft executive order, purportedly from the Biden administration, that appeared to address a variety of federal law enforcement reforms and provide additional funding for certain programs. (Biden seems to be walking back this plan based on recent meetings with law enforcement.)

How did the sheriffs come to be such a unified front against policing reform? Through the work of the National Sheriffs Association, a big-tent organization that nominally represents the interests of county sheriffs. Part of that representation requires the creation and reiteration of a mythology about sheriffs that serves to secure their place in the American pantheon of law enforcement organizations. This objective is even written into their “constitutional charter.” They mean it. When the county commissioners of Loudoun County, Virginia, considered reducing the role of the county sheriff by creating a police force (that would be under the control of the mostly Democrat county government), the NSA was there to argue forcefully against it. They claimed that sheriffs were more cost-efficient and better at patrol and policing than county-run police forces, and called the county government “political hacks.”

While the NSA claims to be nonpartisan, its leadership has proven to be less so, with the most recent slate of leaders leaning further to the right than past leadership. At least one member of the Executive Committee – Sheriff Chris West of Oklahoma — was at the Capitol on Jan. 6. At least three others are members of Protect America Now, a far-right sheriff’s organization, or the Constitutional Sheriffs and Peace Officers Association, a group that believes sheriffs are the ultimate arbiters of the constitution. The current chair of the Government Affairs Committee is Collin County, Texas, Sheriff Jim Skinner, who was responsible for the high-profile jail death of Marvin Scott III, whom deputies killed by restraining him, placing a hood over his head, and dousing him with pepper spray. As part of the committee, Skinner is tasked with developing the NSA’s policy positions on law enforcement and homeland security in addition to representing the Association before Congress and the White House. The NSA has also consistently lobbied in favor of civil asset forfeiture, which, despite bipartisan opposition, remains the law in Texas.

These political affiliations have only become more tangled with the rise of the constitutional sheriffs movement. The NSA has yet to disavow the growing number of sheriffs who have refused to enforce vaccination orders, expressed anti-government rhetoric, or spread disinformation about election fraud. In fact, spokesperson for the NSA praised Pinal County Sheriff Mark Lamb, who formed a far-right sheriffs group and has ties to Donald Trump and Michael Flynn, the ex-government official who we now know was pushing a plan for the military to seize voting machines to overturn the 2020 election. The spokesperson praised Lamb as a “unicorn” during an interview in October of 2021, adding that Lamb was simply standing up for the office of the sheriff.

While the NSA officially disavows connections between corporate sponsors and their policies, the degree of corporate funding is shadowy and belies their alleged neutrality. The Association is a 501(c)(4) organization, which is not required to disclose its donor and lobbying expenditures publicly. What we do know is that the NSA manages to raise in the neighborhood of $8 million in “dark money” every year. (A spokesperson from the NSA says the money is a mix of member dues, government grants, and corporate sponsorships). The available public information about funding indicates that the NSA is beholden to the corporations that have built the prison industrial complex and produce billions of dollars in profits off the backs of people in cages. Such for-profit industries, which include telecommunications companies like Verizon, GTL, PayTel and correctional health care companies as well as more anodyne corporations like Airbnb and The Home Depot can purchase access to sheriffs. For top donors their purchase includes a “reception” with NSA leadership as well as a “Private Dinner with Members of NSA’s Executive Committee and Headquarters’ Leadership.”

These sponsorships are really the tip of the iceberg of the many troubling alliances that betray the nominally nonpartisan spirit of the NSA.

For example, this year, ex-police officer named Matthew Griffin, who wrote a book about mental health for law enforcement, gave the keynote speech and was made an “honorary sheriff.” Griffin, who has never been a sheriff, served as a police officer in New Hampshire, but left after he was added not once, but twice, to a statewide list of officers who committed misconduct. According to one news source, Griffin at one point claimed to be a “reserve officer” for an unincorporated New Hampshire town and worked as a police trainer. His speech was sponsored by Axon,the company that makes body cameras and Tasers, and, according to a 2021 Washington Post article, was also a police trainer .

There is further evidence that the NSA courts corporate sponsorship in exchange for sheriff sponsorship. In 2016, the NSA took $350,000 from Purdue Pharma, which it used to distribute naloxone overdose kits and train deputies to reverse overdoses. The Association also took an undisclosed amount from Alkermes, Inc, the manufacturer of Vivitrol, an overdose prevention drug, to “raise awareness among law enforcement of the alarming opioid epidemic.” (ProPublica reported that Alkermes has heavily marketed Vivitrol to law enforcement and judges because, while less effective than methadone and Suboxone, the shot blocks the ability of people to feel the pleasurable high of opiates.) The NSA also spent over $500,000 to air televisions ads featuring sheriffs voicing their opposition to imported prescription drugs, which was the subject of a bipartisan proposal to bring down the costs of medicines in the U.S.

In the past few years, the NSA has pushed surveillance technology by channeling federal grants and promoting private industry, making them a major player in the public-private partnerships that have promoted surveillance cameras and AI-driven technologies. One such push is eye scanning technology from a corporation called B12 Technologies that has been implemented in some jails with federal funding. Another includes a partnership with Clearview AI, a corporation that markets facial recognition technology used by law enforcement, which has increased its contracts under the Biden administration.

A final plank of the NSA’s political strategy involves the filing of numerous amicus briefs in various cases across the country in which they take troubling positions that oppose the Constitutional rights of individuals. Many in the public are already familiar with the entanglement between the National Rifle Association and sheriffs; the NSA has joined other gun organizations in amici that argue in favor of invalidating gun restrictions. In 2015, the NSA filed a brief opposing DACA alongside FAIR and Center for Immigration Studies, another Tanton group. The NSA has also filed amici briefs supporting the seizure of hotel guests lists without a warrant, qualified immunity in a case where sheriffs’ deputies killed a suspect during arrest while city officers watched, warrantless searches even where there has been an error on the part of law enforcement, and application of a negligence standards for liability in jail deaths.

But the troubling fusion of private industry money, lobbying activities, and mass surveillance makes the public comments and inaction of the NSA more suspect when considering the overall landscape for police reform. It’s true that the structure of the NSA is legal and one used by groups on the left and the right. But, communities have a right to know about the corporate (and individual) funders who profit from additional policing, especially organizations that appear to tolerate wrong-doing. The NSA should be seen as part of the network of dark money groups who are influencing legislation and grants rather than a nonpartisan general interest group.

Another path is possible. In California, district attorneys have split away from the state prosecutor’s association because of its retrograde positions, which is a first step towards disentangling dark money, corporate interests, and an industry that has profited from caging people. It’s time for sheriffs to do the same.

Wednesday, October 28, 2020

NSA COVER UP
Spy agency ducks questions about ‘back doors’ in tech products








PUBLISHED WED, OCT 28 2020






KEY POINTS


The U.S. National Security Agency is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place so-called back doors into commercial technology products, in a controversial practice that critics say damages both U.S. industry and national security.

The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products.

These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant.



Paul Nakasone, director of the National Security Agency, arrives to a Senate Armed Services Committee confirmation hearing in Washington.

Bloomberg | Bloomberg | Getty Images


The U.S. National Security Agency is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place so-called back doors into commercial technology products, in a controversial practice that critics say damages both U.S. industry and national security.


The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others.

These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant. Agency advocates say the practice has eased collection of vital intelligence in other countries, including interception of terrorist communications.

The agency developed new rules for such practices after the Snowden leaks in order to reduce the chances of exposure and compromise, three former intelligence officials told Reuters. But aides to Senator Ron Wyden, a leading Democrat on the Senate Intelligence Committee, say the NSA has stonewalled on providing even the gist of the new guidelines.

“Secret encryption back doors are a threat to national security and the safety of our families – it’s only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security,” Wyden told Reuters. “The government shouldn’t have any role in planting secret back doors in encryption technology used by Americans.”

The agency declined to say how it had updated its policies on obtaining special access to commercial products. NSA officials said the agency has been rebuilding trust with the private sector through such measures as offering warnings about software flaws.

“At NSA, it’s common practice to constantly assess processes to identify and determine best practices,” said Anne Neuberger, who heads NSA’s year-old Cybersecurity Directorate. “We don’t share specific processes and procedures.”

Three former senior intelligence agency figures told Reuters that the NSA now requires that before a back door is sought, the agency must weigh the potential fallout and arrange for some kind of warning if the back door gets discovered and manipulated by adversaries.

The continuing quest for hidden access comes as governments in the United States, the United Kingdom and elsewhere seek laws that would require tech companies to let governments see unencrypted traffic. Defenders of strong encryption say the NSA’s sometimes-botched efforts to install back doors in commercial products show the dangers of such requirements.

Critics of the NSA’s practices say they create targets for adversaries, undermine trust in U.S. technology and compromise efforts to persuade allies to reject Chinese technology that could be used for espionage, since U.S. gear can also be turned to such purposes.

In at least one instance, a foreign adversary was able to take advantage of a back door invented by U.S. intelligence, according to Juniper Networks, which said in 2015 its equipment had been compromised. In a previously unreported statement to members of Congress in July seen by Reuters, Juniper said an unnamed national government had converted the mechanism first created by the NSA. The NSA told Wyden staffers in 2018 that there was a “lessons learned” report about the Juniper incident and others, according to Wyden spokesman Keith Chu.

“NSA now asserts that it cannot locate this document,” Chu told Reuters.

NSA and Juniper declined to comment on the matter.

Juniper’s compromise

The NSA has pursued many means for getting inside equipment, sometimes striking commercial deals to induce companies to insert back doors, and in other cases manipulating standards -- namely by setting processes so that companies unknowingly adopt software that NSA experts can break, according to reports from Reuters and other media outlets.

The tactics drew widespread attention starting in 2013, when Snowden leaked documents referencing these practices.

Tech companies that were later exposed for having cut deals that allowed backdoor access, including security pioneer RSA, lost credibility and customers. Other U.S. firms lost business overseas as customers grew wary of the NSA’s reach.

All of that prompted a White House policy review.

“There were all sorts of ‘lessons learned’ processes,” said former White House cybersecurity coordinator Michael Daniel, who was advising then-president Barack Obama when the Snowden files erupted. A special commission appointed by Obama said the government should never “subvert” or “weaken” tech products or compromise standards.

The White House did not publicly embrace that recommendation, instead beefing up review procedures for whether to use newly discovered software flaws for offensive cyber operations or get them fixed to improve defense, Daniel and others said.

The secret government contracts for special access remained outside of the formal review.

“The NSA had contracts with companies across the board to help them out, but that’s extremely protected,” said an intelligence community lawyer.

The starkest example of the risks inherent in the NSA’s approach involved an encryption-system component known as Dual Elliptic Curve, or Dual EC. The intelligence agency worked with the Commerce Department to get the technology accepted as a global standard, but cryptographers later showed that the NSA could exploit Dual EC to access encrypted data.

RSA accepted a $10 million contract to incorporate Dual EC into a widely used web security system, Reuters reported in 2013. RSA said publicly that it would not have knowingly installed a back door, but its reputation was tarnished and the company was sold.

Juniper Networks got into hot water over Dual EC two years later. At the end of 2015, the maker of internet switches disclosed that it had detected malicious code in some firewall products. Researchers later determined that hackers had turned the firewalls into their own spy tool by altering Juniper’s version of Dual EC.

Juniper said little about the incident. But the company acknowledged to security researcher Andy Isaacson in 2016 that it had installed Dual EC as part of a “customer requirement,” according to a previously undisclosed contemporaneous message seen by Reuters. Isaacson and other researchers believe that customer was a U.S. government agency, since only the U.S. is known to have insisted on Dual EC elsewhere.

Juniper has never identified the customer, and declined to comment for this story.

Likewise, the company never identified the hackers. But two people familiar with the case told Reuters that investigators concluded the Chinese government was behind it. They declined to detail the evidence they used.

The Chinese government has long denied involvement in hacking of any kind. In a statement to Reuters, the Chinese foreign ministry said that cyberspace is “highly virtual and difficult to trace. It is extremely irresponsible to make accusations of hacker attacks without complete and conclusive evidence. At the same time, we also noticed that the report mentioned that it was the U.S. intelligence agency - the National Security Agency - that created this backdoor technology.”

Nervous companies


Wyden remains determined to find out exactly what happened at Juniper and what has changed since as the encryption wars heat up.

This July, in previously unreported responses to questions from Wyden and allies in Congress, Juniper said that an unidentified nation was believed to be behind the hack into its firewall code but that it had never investigated why it installed Dual EC in the first place.

“We understand that there is a vigorous policy debate about whether and how to provide government access to encrypted content,” it said in a July letter. “Juniper does not and will not insert back doors into its products and we oppose any legislation mandating back doors.”

A former senior NSA official told Reuters that many tech companies remain nervous about working covertly with the government. But the agencies’ efforts continue, the person said, because special access is seen as too valuable to give up.

Thursday, September 10, 2020

 

FISA Court Decides FBI, NSA Surveillance Abuses Should Be Rewarded With Fewer Restrictions On Searching 702 Collections

from the hey-we've-got-terrorists-to-catch-and-whatnot dept

A heavily-redacted opinion has been released by the FISA Court. Even with the redactions, it's clear the NSA and FBI have continued to abuse their Section 702 privileges. But rather than reject the government's arguments or lay down more restrictions on the use of these collections, the court has decided to amend the rules to make some of these abuses no longer abuses, but rather the new normal. This means there are now fewer protections shielding Americans from being swept up by the NSA collections or targeted using this data by the FBI.

Elizabeth Goitein of the Brennan Center has a good rundown of the abuses and the court's response. She points out in her Twitter thread that some of this can be traced back to the reforms enacted by the USA Freedom Act, which codified some restrictions but didn't go far enough to prevent future abuses or mandate better reporting of rule breaking by these agencies.

The opinion [PDF] notes the NSA found it too difficult to comply with a Section 702 requirement that at least one end of targeted communications involve someone outside of the United States. When faced with following this requirement and possibly losing access to communications it wanted, it simply chose to ignore the requirement.

On some prior occasions when NSA had tasked apparently [redacted] it violated its current targeting procedures [redacted] apparently in order to avoid loss of foreign-intelligence information. See Preliminary Notice of Compliance Incident Regarding [redacted] Certain Upstream Acquisitions, Feb. 21, 2019. Of course, the proper course would have been to seek amendment of the procedures earlier, rather than unilaterally deciding to deviate from them. Indeed, the Court's October 3, 2019, Order required the government to provide additional information about the disposition of information that was improperly acquired as a result of that incident.  

That's the problems with the "upstream" collection. The "downstream" collection has similar problems.

The Notice filed on August 23, 2019, explains that [redacted] post-tasking checks for selectors for certain [redacted] would not result in useful information regarding the location of the targets who use those facilities. See August 23, 2019, Notice, at 2-3. In anticipation of tasking such facilities, the proposed NSA targeting procedures have been revised to require [redacted] post-tasking checks only "in those cases in which [NSA]is technically capable of' performing them.

The courts says all of this is fine. It doesn't want the NSA to lose access to foreign intelligence information by tossing out stuff it can't be sure originated outside of the United States. It also doesn't want the NSA to lose similar information on the downstream side by tossing out anything whose origin can't be determined. So the court says it's the thought that counts and allows the NSA to disregard these requirements whenever they pose problems to analysts.

The Court expects that [redacted] post-tasking checks will be employed whenever feasible. On that understanding, and in view of the increased frequency with which acquired communications will be reviewed for indications that a target is in the United States when the [redacted] checks are not feasible, this revision does not impede the Court's finding that the 2019 NSA Targeting Procedures are "reasonably designed to ... ensure" that acquisitions are "limited to targeting persons reasonably believed to be located outside the United States."

The court also addresses the NSA's information sharing with the FBI. And it comes to the conclusion that in close cases, the FBI should just get the info and determine on its own whether it's been legally acquired.

Under these provisions, NSA has some discretion in determining what information is "reliable" or "useful," and therefore must be passed to the FBI. The Court expects NSA to make such determinations on an individualized, case-by-case basis, by assessing the totality of information available about a particular target or selector. In close cases, the Court expects NSA to err on the side of providing information to the FBI, rather than withholding it, so that the FBI is better able to make informed and accurate decisions under its targeting procedures.

The FISA court notes this could result in abuse by the FBI but says that risk is worth taking since it would result in more efficient surveillance efforts.

One can conceive of circumstances in which omitting an FBI [redacted] under this provision could result in erroneous approval [redacted]. On the other hand, it seems likely that, in the vast majority of the situations in which the provision would be relied upon, the FBI would simply be avoiding duplicative effort that would not yield relevant new information.

This permission slip by the FISA Court is being handed out despite the FBI reporting recent violations of its Section 702 privileges.

In July 2019, an oversight review of [redacted] discovered 87 queries of raw FISA-acquired information in [redacted] that were not reasonably likely to retrieve foreign-intelligence information or evidence of a crime, including:

- queries of college students participating in a "Collegiate Academy"; and

- queries of individuals who had visited the FBI office (e.g., for maintenance).

The court says the FBI also abused access to run searches on a person filing a complaint and to vet potential informants.

The FBI also reported searching unminimized Section 702 collections 16,000 times -- all supposedly considered likely to "return foreign-intelligence information or evidence of a crime." The court says the FBI can really only justify seven of the 16,000 searches.

There's even more violations listed in the order, but at the end of it, all Judge James Boasberg has to say is that everyone involved did a pretty good job and just needs to try a bit harder in the future. And since trying hard is hard, he's made things easier by loosening a few restrictions. This obviously won't stop the never ending run of surveillance abuses. But it will designate fewer of them as "abuses," so things will at least look like they're improving, even if nothing has really changed.


GO HERE TO SEE PDF POSTED FISA DOCUMENT

https://www.techdirt.com/articles/20200907/14044545258/fisa-court-decides-fbi-nsa-surveillance-abuses-should-be-rewarded-with-fewer-restrictions-searching-702-collections.shtml

Wednesday, April 14, 2021

NSA alerts Microsoft to "critical vulnerabilities" in email app

Olivia Gazis 
AP
4/13/2021

The National Security Agency (NSA) said Tuesday that it had alerted Microsoft to "a series of critical vulnerabilities" in the Microsoft Exchange email application, prompting the company to issue a new patch.

© Omar Marques / SOPA Images/Sipa USA via AP Images ap21051160570564.jpg

In a blog post, Microsoft said it had "not seen" the vulnerabilities used against its customers, but urged users to install timely updates.

"[G]iven recent adversary focus on Exchange, we recommend customers install the updates as soon as possible to ensure they remain protected from these and other threats," the company said, in a reference to an earlier disclosure, made in March, that suspected Chinese hackers had exploited different Exchange server flaws to spy on thousands of U.S. organizations.

Deputy national security adviser for Cyber and Emerging Technology Anne Neuberger, who has been leading the U.S. government's response to both the prior Exchange hack and the SolarWinds cyber espionage campaign attributed to Russia, said in a statement that all federal agencies were being required to "immediately patch" their Exchange servers.

"Should these vulnerabilities evolve into a major incident, we will manage the incident in partnership with the private sector, building on the Unified Coordination Group processes" that were established to deal with the earlier Exchange hack, Neuberger said.

Lawmakers and private cybersecurity experts have been urging the administration to take swifter action to shore up the country's cyber infrastructure and defenses. On Monday the Biden administration named two senior-level cyber officials – both NSA veterans – to new posts.

Former NSA Deputy Director Chris Inglis was nominated to serve as the country's first national cyber director and Jen Easterly, a former intelligence officer at the NSA, to head the Cybersecurity and Infrastructure Security Agency, which is housed in the Department of Homeland Security.

Disclosing software flaws is a relatively new practice for the NSA, which in the past would collect and keep secret vulnerabilities for its own use in intelligence gathering. But in January 2020, the agency identified a critical vulnerability in Microsoft Windows 10; it said at the time that its disclosure was an effort to "build trust" with its partners and the public.

"NSA values partnership in the cybersecurity community," an NSA spokesperson said Tuesday. "We are continuing the partnership by urging application of the patches immediately."

Rob Joyce, who recently replaced Neuberger as the director of the NSA's Cybersecurity Directorate, likewise urged entities using the Exchange application to patch as soon as possible.

"Cybersecurity is national security," Joyce said. "Network defenders now have the knowledge needed to act, but so do adversaries and malicious cyber actors."

"Don't give them the opportunity to exploit this vulnerability on your system," he said


Government agencies must update Microsoft Exchange as feds warn of 'unacceptable' security risk

Jordan Novet 
CNBC

4/13/2021

Microsoft on Tuesday issued new patches for the 2013, 2016 and 2019 versions of Exchange.

CISA ordered all federal agencies to deploy the patches by Friday, saying the vulnerabilities pose an "unacceptable" risk.

Unlike patches issued in March, which fixed gaps that had been exploited by Chinese hackers, Microsoft said it is not aware of exploits of these new vulnerabi
lities.

© Provided by CNBC

Microsoft on Tuesday released patches for three versions of its Exchange Server email and calendar software that companies use in on-premises data centers, and the federal government has ordered all agencies to install them, warning that the vulnerabilities being patched "pose an unacceptable risk to the Federal enterprise and require an immediate and emergency action."

The updates come a month after Microsoft took action to respond to attacks on other flaws in Exchange Server, which the company said had been exploited by Chinese hackers. But unlike last time, Microsoft said in a blog post it has not yet observed exploits of the newly discovered holes.

Nonetheless, the widespread usage of Exchange, and the importance of email in general, has spurred the federal government to sound the alarm.

In a Tuesday directive, the U.S. Cybersecurity and Infrastructure Security Agency noted that these vulnerabilities are "different from the ones disclosed and fixed in March 2021" and ordered all government agencies to deploy the patches before Friday.

"Given the powerful privileges that Exchange manages by default and the amount of potentially sensitive information that is stored in Exchange servers operated and hosted by (or on behalf of) federal agencies, Exchange servers are a primary target for adversary activity," CISA wrote. "This determination is based on the likelihood of the vulnerabilities being weaponized, combined with the widespread use of the affected software across the Executive Branch and high potential for a compromise of integrity and confidentiality of agency information."

The new patches apply to the 2013, 2016 and 2019 versions of Exchange Server.

The company said organizations using the cloud-based Exchange Online service included in Microsoft 365 subscription bundles is already protected.

Microsoft gave credit to the U.S. National Security Agency for reporting the new vulnerabilities.

Sunday, January 01, 2006

Amerika


Fascism comes quietly in the night, and knocks at your door, when you answer you are swept away never to be heard from again. Your neighbours murmur and shut their curtains, thanking their god that it was not them.

Others are heard to say, 'they must have done something wrong' or perhaps 'you have nothing to worry about if you are innocent'.

Is this the 1930's? Or 1948? Or even the dreaded 1984? Nope its 2006 and you should be afraid, very afraid if you live in Amerika today.

Fascism the police state, the security state is invoked because of a mythical enemy, in Germany it was the Jews in Amerika it is Terrorists.

Daschle: Congress Denied Bush War Powers in U.S.

By Barton Gellman
Washington Post Staff Writer

The Bush administration requested, and Congress rejected, war-making authority "in the United States" in negotiations over the joint resolution passed days after the terrorist attacks of Sept. 11, 2001, according to an opinion article by former Senate majority leader Thomas A. Daschle (D-S.D.) in today's Washington Post.

Daschle's disclosure challenges a central legal argument offered by the White House in defense of the National Security Agency's warrantless wiretapping of U.S. citizens and permanent residents. It suggests that Congress refused explicitly to grant authority that the Bush administration now asserts is implicit in the resolution.

The Justice Department acknowledged yesterday, in a letter to Congress, that the president's October 2001 eavesdropping order did not comply with "the 'procedures' of" the law that has regulated domestic espionage since 1978. The Foreign Intelligence Surveillance Act, or FISA, established a secret intelligence court and made it a criminal offense to conduct electronic surveillance without a warrant from that court, "except as authorized by statute."

EXCLUSIVE: Nuclear Monitoring of Muslims Done Without Search Warrants

In search of a terrorist nuclear bomb, the federal government since 9/11 has run a far-reaching, top secret program to monitor radiation levels at over a hundred Muslim sites in the Washington, D.C., area, including mosques, homes, businesses, and warehouses, plus similar sites in at least five other cities, U.S. News has learned. In numerous cases, the monitoring required investigators to go on to the property under surveillance, although no search warrants or court orders were ever obtained, according to those with knowledge of the program. Some participants were threatened with loss of their jobs when they questioned the legality of the operation, according to these accounts.

Spy Court Judge Quits In Protest

Jurist Concerned Bush Order Tainted Work of Secret Pane

A federal judge has resigned from the court that oversees government surveillance in intelligence cases in protest of President Bush's secret authorization of a domestic spying program, according to two sources.


According to One Blog, The New York Times, quoting unnamed government sources: "The volume of information harvested from telecommunication data and voice networks, without court-approved warrants, is much larger than the White House has acknowledged....As part of the program approved by President Bush for domestic surveillance without warrants, the N.S.A. has gained the cooperation of American telecommunications companies to obtain backdoor access to streams of domestic and international communications...."

Wiretaps said to sift all overseas contacts

Vast US effort seen on eavesdropping

''Long before 9/11, the NSA gathered from the ether mountains of [overseas] phone calls and e-mail messages on a daily basis," said Columbia Law School professor Deborah Livingston. ''If you have such an extensive foreign operation, you'll gather a large amount of phone traffic and e-mails involving Americans. That's something we've lived with for a long time."

But Bush's order cleared the way for the NSA computers to sift through Americans' phone calls and e-mails.

According to a New York Times report last week, Bush authorized the NSA's human analysts to look at the international messages of up to 500 Americans at a time, with a changing list of targets.

Hayden, now the deputy director of national intelligence, told reporters this week that under Bush's order, a ''shift supervisor" instead of a judge signs off on deciding whether or not to search for an American's messages.

The general conceded that without the burden of obtaining warrants, the NSA has used ''a quicker trigger" and ''a subtly softer trigger" when deciding to track someone.

Justice Dept. to probe leak of spy program

Bush had called disclosure a ‘shameful act’; N.Y. Times reported NSA story

Bush Presses Editors on Security

President Bush has been summoning newspaper editors lately in an effort to prevent publication of stories he considers damaging to national security.

The efforts have failed, but the rare White House sessions with the executive editors of The Washington Post and New York Times are an indication of how seriously the president takes the recent reporting that has raised questions about the administration's anti-terror tactics.



And the Right Wing is all indignant not over the authoritarian illegal actions of Bush but by their expose. So much for Freedom that these whingnutters proclaim they believe in.

FBI and Justice Department Finally Investigate a Real Leak

Jim Kouri, CPP

The US Department of Justice has directed the Federal Bureau of Investigation to conduct an in-depth investigation in order to determine who disclosed a secret National Security Agency intelligence operation to a reporter from the New York Times.

"We are opening an investigation into the unauthorized disclosure of classified materials related to the NSA," said DOJ spokesperson Trent Duffy during a press conference earlier today.

When the New York Times suddenly broke the story about the NSA top secret operation Bush conceded that he indeed authorized the program. He called its disclosure to The New York Times "a shameful act." He said he expected a Justice Department leak investigation into who disclosed the National Security Agency eavesdropping operation would be conducted.

According to the Bush White House, the DOJ and FBI began the investigation without consulting with White House staff, but the President approved of their investigation to find the leaker whose actions are believed to have caused severe damage to national security and homeland security. Now with Republican and Democrat liberals poking their noses into the NSA program, some intelligence and law enforcement officials fear there will be even more leaks of classified information -- including information on methods and sources.

tags







Thursday, May 11, 2006

I Spy

Canada needs to do more spying: Day

No we don't we do enough already thank you very much. Since we are involved in the supersecret Echelon Project of global spying.

As this 1999 story shows;
Canada a key snooper in huge spy network
which was by the same reporter who did the story above; Jim Bronskill.

The Echelon project is run in Canada by the super secret: Communications Security Establishment Canada's National Cryptologic Agency

The Communications Security Establishment (CSE) is Canada's national cryptologic agency. We provide the Government of Canada with two key services: foreign signals intelligence in support of defence and foreign policy, and the protection of electronic information and communication.


But since it is so secret (complete with its own web page) no wonder Public Security Minister Stockwell Day doesn't know about it. He probably doesn't have the neccasary security clearance. Since it is operated by the Department of Defense and he is only the Security Minister. They probably didn't tell him we are already spying hand in glove with the American NSA.

Except that it is public knowledge. It is known to Parliament. And it to the rest of the world thanks to CBS Sixty Minutes. But I guess it isn't known to the Stockwell Day.




Paper 1: Echelon and its role in COMINT
In a May 1995 report, the Canadian Parliamentary Security and Intelligence committee stated "Canada collaborates with some of its closest and long-standing allies in the exchange of foreign intelligence... These countries and the responsible agencies in each are the U.S. (National Security Agency), the U.K. (Government Communications Headquarters), Australia (Defence Signals Directorate), and New Zealand (Government Communications Security Branch (sic – Communications Security Establishent))" Canada has also published a number of official statements confirming basic aspects of the five power relationship. According to the Auditor-General, "CSE [the Communications Security Establishment] has access to allied SIGINT through reciprocal sharing agreements … Intelligence products, including analyses and assessments are exchanged, and technical assistance is provided by each to the others. These, and other relationships, provide Canada with information and technological resources that would otherwise be unobtainable with current resources".

CBS News | Ex-Snoop Confirms Echelon Network | February 12, 2001
Everywhere in the world, every day, people's phone calls, emails and faxes are monitored by Echelon, a secret government surveillance network. No, it's not fiction straight out of George Orwell's 1984. It's reality, says former spy Mike Frost in an interview broadcast on 60 Minutes on Sunday, Feb. 27, 2001 It's not the world of fiction. That's the way it works. I've been there," Frost tells CBS News 60 Minutes Correspondent Steve Kroft. "I was trained by you guys," says the former Canadian intelligence agent, referring to the United States' National Security Agency. The NSA runs Echelon with Canada, Britain, Australia and New Zealand as a series of listening posts around the world that eavesdrop on terrorists, drug lords and hostile foreign governments. But to find out what the bad guys are up to, all electronic communications, including those of the good guys, must be captured and analyzed for key words by super computers.


SOMEONE IS LISTENING
The computers in stations around the globe are known, within the network, as the ECHELON Dictionaries. Computers that can automatically search through traffic for keywords have existed since at least the 1970s, but the ECHELON system was designed by NSA to interconnect all these computers and allow the stations to function as components of an integrated whole. The NSA and GCSB are bound together under the five-nation UKUSA signals intelligence agreement. The other three partners all with equally obscure names are the Government Communications Headquarters (GCHQ) in Britain, the Communications Security Establishment (CSE) in Canada, and the Defense Signals Directorate (DSD) in Australia.


ECHELON - Wikipedia, the free encyclopedia



However all this is moot. The real facts are simple, CSIS wants more moola for its failed operations of domestic spying. They have botched every attempt made to do domestic anti-terrorist spying begining with Air India and more recently with the Arar case. And so in order to expand its bueruacratic power base CSIS is using well placed news stories on the threat of Osama bin Laden to get more money and more power. Al Qaida assault on Canada 'probable,' warns CSIS

Most international spying is controled by the NSA in the USA which is now in the hands of private companies. And for good reason because most international spying has nothing to do with Osama bin Laden perse but more to do with bin Laden INC.

It's all about other corporate spying. The new warfare is about expanding global capitalism, cyberwarfare is about corportate secrets, knowledge has become a commodity under the WTO agreements on intellectual property. Commercial spying is about profit , and spying has become the ultimate Public Private Partnership (P3) which is why NARUS was hired to update the electronic survelliance capabilities of the NSA under Bush.
Potential Evidence Surfaces of Bush's Illegal Spying

There is money to be made in the private business of spying. As government spies contract out to private companies. What the CIA once offered to corporate America during the Cold War has now become the business of warfare in the new market state.


Under Groundbreaker, the NSA will outsource much of its nonmission-related information technology support in four areas: networks, telephony, enterprise management and distributed computing.

ECHELON: America's Secret Global Surveillance Network
Commercial espionage: Since the demise of Communism in Eastern Europe, the intelligence agencies have searched for a new justification for their surveillance capability in order to protect their prominence and their bloated budgets. Their solution was to redefine the notion of national security to include economic, commercial and corporate concerns. An office was created within the Department of Commerce, the Office of Intelligence Liaison, to forward intercepted materials to major US corporations. In many cases, the beneficiaries of this commercial espionage effort are the very companies that helped the NSA develop the systems that power the ECHELON network. This incestuous relationship is so strong that sometimes this intelligence information is used to push other American manufacturers out of deals in favor of these mammoth US defense and intelligence contractors, who frequently are the source of major cash contributions to both political parties.

CorpWatch : Science Applications International Corporation


US: In The Company Of Spies



Also See:

CIA Front Companies Exposed


The Privatization of Torture


Big Brother Bush


Russia's Army of Slaves


Globalization=Contracting Out


The End of State Monopoly Internet


RCMchumPs

Fascists were CSIS Front

CSIS vs. CUPW

Not Your Daddies Conservative Party, well...


Find blog posts, photos, events and more off-site about:
, , , , , , , , , , , , , , , , ,