The EXSUM (Executive Summary) is produced by Sam Culper, Senior Editor of Guerrillamerica.com and III Magazine. He began producing EXSUMS in December of 2013 and we will be reposting them as they are issued for the benefit of The American Redoubt Network at RadioFreeRedoubt.com. -JJS
Read more from Sam Culper at www.Guerrillamerica.com
01 JAN 14 Executive Intelligence Summary.
(AC is Analyst Comment.)
Tailored Access Operations.
Tech geeks were up in digital arms this week as German newspaper Der Spiegel reported about new, previously undisclosed NSA capability and program information. As much as these programs are newsworthy, the peripheral questions must also be considered. One, what level of cooperation did tech companies (Apple, Microsoft, AMD, Intel, among others) give NSA in order to install backdoor channels into computer software/hardware? Two, what will these companies do in order to protect the privacy of their customers (AC: potential for class action lawsuits)? And three, which companies (USPS, FedEx, UPS) allowed the diversion and tampering of personal property, which violated federal law, and how will they be prosecuted?
Perhaps the biggest news story of the week identified an NSA program called Tailored Access Operations (TAO), through which NSA is able to intercept computer packages through the mail and install spy software before delivery. According to Der Spiegel, hardware intercepts consisted of its “most productive operations”. The NSA TAO mission is “getting the ungettable”, which includes other various forms of surreptitious collection.
Additionally, through a tool called DROPOUTJEEP, NSA has complete backdoor access to Apple’s iPhone.
An NSA program called DROPOUTJEEP allows the agency to intercept SMS messages, access contact lists, locate a phone using cell tower data, and even activate the device’s microphone and camera.
Former NSA-head Michael Hayden on recent revelations:
It will take years, if not decades, for us [NSA] to return to the position that we had prior to his [Snowden] disclosures.
(AC: Of additional interest is that Glen Greenwald, who aided Edward Snowden in leaking previous NSA information, this week claimed that the Der Spiegel article was not based on information that he and Snowden released. So, is this the result of a second leak or just Greenwald disinformation?)
Source: Der Spiegel
Link: Interactive NSA Catalog
Link: NSA and the iPhone
The future of biometrics.
The Christian Science Monitor is reporting that advances in biometric technology now allow scientists to identify individuals based on their buttocks (with 98% accuracy), heartbeat patterns, position of veins in your fingers, and the shapes of your ears.
On the topic of biometric identification on the iPhone:
Some have also voiced concerns about government agencies demanding the fingerprints of certain customers. Apple says such seizures would be impossible. The encrypted data stays locked up within the device, not on any of Apple’s servers.
(AC: It’s certainly not impossible, in light of NSA TAO capabilities. For as many attempts to develop biometric countermeasures, there will be new ways of identifying humans through other unique characteristics.)
Advances in thermal camo.
In the past two years, we’ve seen around a half dozen attempts to build thermal-shielding clothing and camouflage. The makers of Gore-Tex are working with another company in order to produce what they call a “turkey suit”, which covers the whole body. The turkey suits comes in at $2,900, although that price is expected to drop.
(AC: See Max Velocity’s thermal shield product as well.)
If you’re traveling overseas, across borders or anywhere you’re afraid your laptop or other equipment might be tampered with or examined, you’ve got a new secret weapon to improve security. Glitter nail polish.
Security researchers… highlighted the power of nail polish – along with metallic paints and even crappy stickers – to help people know when their machines have been physically tampered with and potentially compromised.
The idea is to create a seal that is impossible to copy. Glitter nail polish, once applied, has what effectively is a random pattern. Once painted over screws or onto stickers placed over ports, it is difficult to replicate once broken. However, reapplication of a similar-looking blob (or paint stripe, or crappy sticker) might be enough to fool the human eye. To be sure, the experts recommend taking a picture of the laptop with the seals applied before leaving it alone, taking another photo upon returning and using a software program to shift rapidly between the two images to compare them. Even very small differences – a screw that is in a very slightly different position, or glitter nail polish that has a very slightly different pattern of sparkle – will be evident. Astronomers use this technique to detect small changes in the night sky.
Although TAO is likely reserved for the highest payoff targets, anytime you lack positive control over a sensitive machine, you run the risk of potential tampering. (AC: The tamper threat isn’t just from the government. Several heavy-hitting online poker players reported that their computers were modified, which included a screenshot capability in order for an opposing player to view the target’s cards. Pro-Liberty political candidates should absolutely concern themselves with espionage, as well.)
Alongside pre-packaged exploits that allowed control over iOS devices (AC: iPhones) and any phone communicating through GSM (AC: AT&T, T-Mobile, among many others), Appelbaum detailed a device that targets computers through packet injection, seeding exploits from up to 8 miles away. He even speculated the exploits could be delivered by drone, although he conceded that in most cases, an unmarked van would likely be more practical.
(AC: Those particular exploits target computers through Wi-Fi networks, which means that time-sensitive operations can be carried out more quickly because of the greater distance to target. The source document for this information is 2007, so we expect that the capabilities have advanced.)
Source: The Verge
Risk of border seizures.
A federal judge today upheld a President Barack Obama administration policy allowing authorities along the U.S. border to seize and search laptops, smartphones and other electronic devices for any reason.
Alarmingly, the government contends the Fourth-Amendment-Free Zone stretches 100 miles inland from the nation’s actual border.
(AC: The risk of search and seizure of computing devices remains high for all outspoken FreeFor and pro-Liberty individuals transiting through border areas.)
1) We’re still developing our analysis of new NSA programs. 2) If you come across an interesting article, please send it in.