onsdag 18 september 2013

Snowden: NSA använder phishing - utger sig för att vara Google på falska webbsajter

NSA använder samma teknik som internetbedragare och kriminella hackare använder för att lura av vanliga internetanvändare lösenord och andra personliga uppgifter. Detta för att kunna spionera ostört dygnet om på intet ont anande människor...  

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.[1][2] Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware.[3] Phishing is typically carried out by email spoofing[4] or instant messaging,[5] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users,[6] and exploits the poor usability of current web security technologies.[7] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. [...]

NSA masqueraded as Google to spy on web users - report

RT 2013-09-13

The NSA used ‘man in the middle’ hack attacks to impersonate Google and fool web users, leaks have revealed. The technique circumvents encryption by redirecting users to a copycat site which relays all the data entered to NSA data banks.

Brazilian television network Globo News released a report based on classified data divulged by former CIA worker Edward Snowden on Sunday. The report itself blew the whistle on US government spying on Brazilian oil giant Petrobras, but hidden in amongst the data was information the NSA had impersonated Google to get its hands on user data.

Globo TV showed slides from a 2012 NSA presentation explaining how the organization intercepts data and re-routes it to NSA central. One of the convert techniques the NSA uses to do this is a ‘man in the middle’ (MITM) hack attack.

This particular method of intercepting internet communications is quite common among expert hackers as it avoids having to break through encryption.

- Essentially, NSA operatives log into a router used by an internet service provider and divert ‘target traffic’ to a copycat MITM site, whereupon all the data entered is relayed to the NSA.

- The data released by Edward Snowden and reported on by Globo News suggests the NSA carried out these attacks disguised as Google.

When the news broke about the NSA gathering information through internet browsers, tech giants such as Google and Yahoo denied complicity, maintaining they only handover data if a formal request is issued by the government.

"As for recent reports that the US government has found ways to circumvent our security systems, we have no evidence of any such thing ever occurring. We provide our user data to governments only in accordance with the law," said Google spokesperson Jay Nancarrow to news site Mother Jones.

Google, along with Microsoft, Facebook and Yahoo, has filed a lawsuit against the Foreign Intelligence Surveillance Court (FISA) to allow them to make public all the data requests made by the NSA.

“Given the important public policy issues at stake, we have also asked the court to hold its hearing in open rather than behind closed doors. It's time for more transparency," Google’s director of law enforcement and information security, Richard Salgado, and the director of public policy and government affairs, Pablo Chavez, wrote in a blog post on Monday.

The tech giants implicated in NSA’s global spying program have denied criticism that they could have done more to resist NSA spying. Marissa Mayer, CEO of Yahoo, claimed that speaking out about the NSA’s activities would have amounted to ‘treason’ at a press conference in San Francisco on Wednesday.

In Yahoo’s defense, she argued that the company had been very skeptical of the NSA’s requests to disclose user data and had resisted whenever possible. Mayer concluded that it was more realistic to work within the system,” rather than fight against it.
Snowden: NSA använder phishing - utger sig för att vara Google på falska webbsajter

4 kommentarer:

  1. -The NSA Is Also Grabbing Millions Of Credit Card Records-

    September 16, 2013

    Source: Techdirt 

    In addition to everything else it’s collecting, the NSA also has millions of international credit card transactions stashed away in its databases, according to documents viewed by Spiegel.


    The information from the American foreign intelligence agency, acquired by former NSA contractor and whistleblower Edward Snowden, show that the spying is conducted by a branch called “Follow the Money” (FTM).

    The collected information then flows into the NSA’s own financial databank, called “Tracfin,” which in 2011 contained 180 million records. Some 84 percent of the data is from credit card transactions.

    On one hand, what the NSA is doing is exactly what the NSA should be doing: tracing the money flow of terrorist organizations.

    Their aim was to gain access to transactions by VISA customers in Europe, the Middle East and Africa, according to one presentation.

    The goal was to “collect, parse and ingest transactional data for priority credit card associations, focusing on priority geographic regions.”


  2. -Supreme Court Weighs When Online Speech Becomes an Illegal Threat-

    September 18, 2013

    Source: Wired

    The Supreme Court is being asked to decide when an online threat becomes worthy of prosecution, in what could be the first internet speech case to reach the high court’s docket for the 2013-2104 term beginning next month.

    The justices are weighing whether to review the prosecution of an Iraq war veteran handed 18 months (.pdf)

    ...in prison for singing in a 2010 YouTube video that he would kill a local Tennessee judge if the judge did not grant him visitation rights to his young daughter.

    “We think its potentially quite a significant case. People say things in the online world that they don’t mean seriously,” said the veteran’s attorney, Chris Rothfeld. “Second, it’s difficult to tell in the online world how a statement is intended. People say things and write things and they are read in an entirely different context.”

    The case comes at a time when it has become routine for adults and juveniles to be prosecuted in federal and state court for their threatening online speech.


    Rothfeld maintains that the federal threats law — which dates to a 1932 statute making extortion illegal and applies to the offline world as well — is unconstitutional. A felony conviction, he said, is based on whether a “reasonable person” would believe the threatening statement was made with the intent to inflict bodily injury and was uttered to achieve some goal through intimidation.

    Rothfeld argues that what should matter is whether the person making the threat was serious, not whether a “reasonable person” would conclude he or she was.


  3. -Declassified files detail blatant violations, abuse of NSA domestic spying program-

    September 10

    For years the National Security Agency has been violating restrictions and misusing the US domestic spying program that collected private data from US citizens, newly released declassified documents show.

    The new information from Intelligence Community Documents Regarding Collection under Section 501 of the Foreign Intelligence Surveillance Act (FISA) shows that the government on a daily basis spied on Americans’ telephone numbers, calling patterns as well as users IP addresses during the surveillance of foreign terror suspects.

    The documents:

    ...show that between 2006 and 2009 the NSA violated the court restrictions by spying on telephone calls and lying to judges about how the data was deployed. The spying agency crossed referenced a selected list of some 16,000 phone numbers against databases which contained millions of records, thus violating the law, two senior intelligence officials told Bloomberg. [...]


  4. -Tor anonymizer network among NSA’s targets, Snowden leaks reveal-

    October 04

    Top-secret national security documents disclosed to the Guardian by Edward Snowden show United States and British intelligence have long attempted to crack the Tor anonymizer network used by human rights workers, journalists, cybercriminals and others.

    On Friday, the Guardian published leaked documents attributed to the former intelligence contractor revealing how the US National Security Agency and Britain’s Government Communications Headquarters, or GCHQ, have worked extensively towards compromising the computers of people who browse the Internet with Tor, a program that routes traffic through multiple nodes in an effort to help mask the identities of its users.

    According to the Guardian’s James Ball, Bruce Schneier and Glenn Greenwald, the NSA’s “current successes against Tor rely on identifying users and then attacking vulnerable software on their computer.”

    “While it seems that the NSA has not compromised the core security of the Tor software or network, the documents detail proof-of-concept attacks, including several relying on the large-scale online surveillance systems maintained by the NSA and GCHQ through internet cable taps,” the writers add.

    The Guardian has so far published three top-secret government slideshows used to discuss the Tor network and possible vulnerabilities that might compromise users if properly exploited.

    In one document, the NSA notes that Tor, or “The Onion Router,” enables anonymous Internet activity to Iranian and Chinese dissidents, terrorists and “other targets too!” The software has become increasingly used around the globe by privacy-minded individuals of all sorts in recent months. However, previous documents disclosed by Mr. Snowden detailed how the intelligence community have made many successful efforts to compromise other would-be secure modes of communicating.

    As RT reported previously, the number of Americans using Tor jumped 75 percent between June 1, just days before the first Snowden leak, and August 27, 2013. [...]




Kommentera helst angående ämnet i artiklarna.
Juridiskt ansvar gentemot slavägarna (myndigheter) ligger helt hos kommentatorn. Uppenbara olagligheter inom hat och hets samt Bullshit & Trollshit plockas bort.