The National Security Agency (NSA) has reportedly turned its focus on Tor and Linux users, having recently shown a keen interest in these users’ online activities.
The NSA has gone as far as calling users of products such as The Amnesic Incognito Live System (Tails) and Tor as extremists. Readers of Linux Journal were also designated as extreme. Users of these products, however, maintain that they are used due to the security and anonymity they provide.
The Tor Project revealed that the NSA flags members of the Tor communityand their related IP addresses for surveillance. And, documentation leaked in connection with Edward Snowden includes information about XKeyscore, asurveillance program that Snowden and anti-surveillance proponents have criticized. Members of the Tor Project gained access to the XKeyscore source code and reviewed it in detail.
XKeyscore flags any IP addresses involved in web searches for the term “Tails” or descriptions of Tails. According to XKeyscore, Tails Linux distribution is, “a comsec mechanism advocated by extremists on extremist forums.”
While many who don’t use Linux may not understand why the operating system is embraced by its proponents, applying the label of “extremists” hascreated a strong backlash in the tech community.
Further, it’s not as if the NSA has never stepped outside the restraints of convention. Just recently a dubiously odd piece of text from a 2013 White House task force report resurfaced. Trevor Timm of the Electronic Freedom Frontier reports on Recommendation #31, section 2:
“Governments should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate financial systems.”
Timm’s finding begs the question: why were these warnings in the report?And:
“Were the authors just anticipating a possible crime? Or were they reflecting the fact that the NSA had already been engaging in the crime?
If this was just a bit of anticipation, why leave it naked in the report? Why not say there was no current evidence the NSA had been manipulating financial systems?
Those systems would, of course, include the stock market, and all trading markets around the world.”
In December 2013, TechDirt had this to say about claims that the NSA is manipulating the financial system:
“While there have been plenty of reports about the US running hundreds of offensive cyberattacks on others, outside of things like Stuxnet, not many have been directly identified. And I’m unaware of any claims suggesting attempts to “manipulate the financial system” of any particular country and/or to “change the amounts held in financial accounts.” It seems a bit odd to come out of the blue like that, and certainly suggests that this particular bullet point likely came as a result of a rather specific thing that came up during the task force’s review.”
Also in 2013, the NSA was accused of spying on Brazilian president, Dilma Rousseff. And then, earlier this month, secret data from the NSA, which was shared with The Intercept via WikiLeaks, indicates the NSA targeted the cell phones and other communication devices of more than a dozen top Brazilian political and financial officials, including the country’s president.
On July 4th, The Intercept reported that, “President Rousseff just yesterday returned to Brazil after a trip to the U.S. that included a meeting with President Obama, a visit she had delayed for almost two years in anger over prior revelations of NSA spying on Brazil.”
Also revealed was the NSA’s mass surveillance of hundreds of millions of Brazilians. Additionally, the country’s state-owned oil company Petrobras and its Ministry of Mines and Energy were targeted, which caused a major schism in relations between the Brazil and the U.S.
The Lawfare Blog has recommended NSA reform that would involve the following:
- “First, subject all NSA surveillance to FISA programmatic review, with the exception of tactical military intelligence.
- Second, limit surveillance of the citizens of democratic countries to international terrorism and other specific security threats – but only if they agree to do the same and adopt credible rules (like judicial review) to enforce them.
- Third, explicitly allow NSA surveillance to be challenged in ordinary federal courts in the expectation that a future Supreme Court may be adopted a more generous view of standing requirements.”
As is pointed out by the Lawfare Blog, the U.S. is the global leader in mass surveillance. But, it is essential that it become the global leader in mass surveillance reform.
Source:https://securityaffairs.co/
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.