Archive for August, 2013


NSA misused PRISM – Spied on Al Jazeera, bugged UN headquarters and used for personal spying

Filed under: UncategorizedLeave a comment
August 31, 2013

NSA+misused+PRISM+-+Spied+on+Al+Jazeera,+bugged+UN+headquarters+and+used+for+personal+spying.jpg
Before NSA said that they has zero tolerance for willful violations of the agency’s authorities, but NSA had violated privacy rules on thousands of occasions.
According to documents seen by SPIEGEL, Arab news broadcaster Al Jazeera was spied on by the National Security Agency. The US intelligence agency hacked into Al Jazeera’s internal communications system. The NSA said these selected targets had high potential as sources of intelligence.
These Documents were provided by the former NSA contractor and whistleblower Edward Snowden. Also NSA was cracking the airline reservation services for Russian airline Aeroflot, accessing “Al Jazeera broadcasting internal communication” was listed as a notable success and the encrypted information was forwarded to the responsible NSA departments for further analysis.
Also, The National Security Agency (NSA) has admitted some of their officers misused the agency’s massive spying powers to keep tabs on their love interests. “NSA takes very seriously allegations of misconduct, and co-operates fully with any investigations responding as appropriate,” the NSA said.

The agency admitted that abuses had taken place over the past decade but did not specify what the nature of those abuses were.

From another document obtained from Edward Snowden, proves that US systematically spied on other states, institutions and NSA bugged the United Nations’ New York headquarters.

According to the documents, the NSA runs a bugging program in more than 80 embassies and consulates worldwide called “Special Collection Service” and Vienna based nuclear watchdog, the International Atomic Energy Agency, was among those targeted by the US.

Snowden’s leaks have embarrassed the United States by exposing the global extent of its spying.

Latest Hacking News Updates

Author details

photo of Mohit Kumar

Mohit Kumar aka ‘Unix Root’ is Founder and Editor-in-chief of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | Google | Email | Facebook Profile

p-89EKCgBk8MZdE.gif

via The Hacker News http://thehackernews.com/2013/08/nsa-misused-prism-spied-on-al-jazeera.html

Comment

Anonymity Tool Tor gains more than 1.2 Million new users since NSA PRISM scandal

Filed under: UncategorizedLeave a comment

Anonymity+Tool+Tor+gains+more+than+1.2+Million+new+users+since+NSA+PRISM+scandal.jpg
Since Snowden came forward with details about the NSA’s PRISM program in June, web users concerned about online privacy are increasingly turning toward privacy tools to protect their online data.

U.S. Government project PRISM allows the government to tap phone calls, email, and web browsing of any citizen without a warrant.

New metrics from The Tor Project show that, the usage of Tor Browser is increasing day by day due to the fact that internet users are getting more and more inclined in keeping their online activity isolated from internet surveillance programs like US Prism.
Tor was launched in 2004 and developed by the U.S. Navy, is used by governments, activists, journalists and dissidents to conceal their online activities from prying eyes.

The TOR online anonymity service has exploded since early June, up more than 100 percent, from just over 500,000 global users to more than 1.2 million. Of those 600,000 new users, roughly ten percent are from the United States.

TOR+gains+more+than+1.2+Million+new+users+since+NSA+PRISM+surveillance+scandal.png
India’s Tor usage also has gone off the charts, jumping from just 7,500 daily users to more than 32,000. While the free-to-use Tor platform remains the most popular way to protect your online identity, many people choose to use commercial Virtual Private Networks (VPNs), primarily because of their faster connection speeds.

As a result, privacy-centered Internet services such as the search engine DuckDuckGo and email provider Hushmail have seen a surge in traffic.

On August 8th, Lavabit and Silent Circle‘s Silent Mail two secure mail servers shut their doors rather than allow access to the U.S. Government.

US intelligence cyber missions include the defense of military and other classified computer networks against foreign attack. US intelligence carried out 231 offensive cyber-ops in 2011, nearly three-quarters of them against key targets such as Iran, Russia, China and N. Korea, as well as nuclear proliferation

This increase doesn’t automatically mean that Internet users are turning to Tor because of the fear of government surveillance. In recent months, botnet operators and other cyber criminals have latched on to Tor as a useful tool to hide command and control servers that manage their armies of infected computers.
Tor isn’t the only anonymity software to seek a spike in interest since Snowden’s revelation. By the end of July, the daily adoption rate for OpenPGP (Pretty Good Privacy) encryption software had tripled.

Latest Hacking News Updates

Author details

photo of Mohit Kumar

Mohit Kumar aka ‘Unix Root’ is Founder and Editor-in-chief of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | Google | Email | Facebook Profile

p-89EKCgBk8MZdE.gif

via The Hacker News http://thehackernews.com/2013/08/NSA-PRISM-Tor-users-privacy-tool-surveillance.html

Comment

Hacked Feature Phone Can Block Other People’s Calls

Filed under: att, c118, c119, c123, firmware, gsm, mobile phone, motorola, sms, t-mobile1 Comment
August 26, 2013

Swapping software can give one GSM phone the power to prevent incoming calls and text messages from reaching other phones nearby.

By David Talbot on August 26, 2013

WHY IT MATTERS

Most of the world’s phones use the GSM standard.

By making simple modifications to common Motorola phones, researchers in Berlin have shown they can block calls and text messages intended for nearby people connected to the same cellular network. The method works on the second-generation (2G) GSM networks that are the most common type of cell network worldwide. In the U.S., both AT&T and T-Mobile carry calls and text messages using GSM networks.

The attack involves modifying a phone’s embedded software so that it can trick the network out of delivering incoming calls or SMS messages to the intended recipients. In theory, one phone could block service to all subscribers served by base stations within a network coverage area known as a location area, says Jean-Pierre Seifert, who heads a telecommunications security research group at the Technical University of Berlin. Seifert and colleagues presented a paper on the technique at the Usenix Security Symposium in Washington, D.C., last week. An online video demonstrates the attack in action.


Seifert’s group modified the embedded software, or “firmware,” on a chip called the baseband processor, the component of a mobile phone that controls how it communicates with a network’s transmission towers.

In normal situations, when a call or SMS is sent over the network, a cellular tower “pages” nearby devices to find the one that should receive it. Normally, only the proper phone will answer—by, in effect, saying “It’s me,” as Seifert puts it. Then the actual call or SMS goes through.

The rewritten firmware can block calls because it can respond to paging faster than a victim’s phone can. When the network sends out a page, the modified phone says “It’s me” first, and the victim’s phone never receives it.

“If you respond faster to the network, the network tries to establish a service with you as an attacker,” says Nico Golde, a researcher in Seifert’s group. That’s enough to stall communications in a location area, which in Berlin average 200 square kilometers in size. The group didn’t design the hack to actually listen to the call or SMS but just hijacked the paging process.

Traditionally, the details of how baseband processors work internally has been proprietary to makers of chips and handsets. But a few years ago, baseband code for a certain phone, the Vitelcom TSM30, leaked out. That enabled researchers to understand how baseband code works and spawned several open-source projects to study and tweak it.

The Berlin group used that open-source baseband code to write replacement software for Motorola’s popular C1 series of phones (such as the C118, C119, and C123). Those devices all use Texas Instruments’ Calypso baseband processor.

The researchers tested their attack by blocking calls and messages just to their own phones. However, they calculate that just 11 modified phones would be enough to shut down service of Germany’s third-largest cellular network operator, E-Plus, in a location area. “All those phones are listening to all the paging requests in that area, and they are answering ‘It’s me,’ and nobody in that cell will get an SMS or a phone call,” Seifert explains.

Jung-Min Park, a wireless-security researcher at Virginia Tech, says that although devising the attack requires detailed technical knowledge, once it is created, “if someone had access to the same code and hardware, repeating the attack should be possible for an engineer.”

Although carriers today mostly tout their 3G and 4G services, most networks around the world still use GSM networks. Around four billion people worldwide use GSM networks for calls, and carriers also use them for some machine-to-machine applications.

The problem could be fixed, but that would require changing GSM protocols to require phones to prove their identity through an additional exchange of encrypted codes. “The defense is expensive to deploy,” says Victor Bahl, principal researcher and manager of the mobility and networking research group at Microsoft. “I can only speculate that the cell network providers are reluctant to invest in mitigation strategies in the absence of an immediate threat.”

Seifert says the research of his group and others shows that basic aspects of mobile communications can no longer be assumed to be safe from hacking. “The answer of the carriers is: ‘It’s illegal—you are not allowed to do it,’” he says, “However, the implication is that the good old times, where you can assume that all the phones are honest and following the protocol, are over.”

Comment