Share This

Showing posts with label Edward Snowden. Show all posts
Showing posts with label Edward Snowden. Show all posts

Friday, March 25, 2016

Chinese hacker pleads guilty, deserves respect whether guilty or innocent


A Chinese national named Su Bin pleaded guilty in the US on Wednesday to conspiring to hack into the computer networks of several major US defense contractors to obtain sensitive information, according to a US Department of Justice statement. The information allegedly includes technical files about F-22 and F-35 fighter jets and C-17 military transport aircraft.

The statement says "Su Bin admitted to playing an important role in a conspiracy, originating in China," where he has two accomplices. Some US media have conjectured that the two accomplices must be Chinese military personnel.

Su was arrested in Canada in July 2014, and was handed over to the US this February. The Chinese government has denied any involvement in Su's case, and the Chinese Ministry of Foreign Affairs has asked the US to ensure the privacy and legal rights of Chinese citizens on US soil.

Plea bargaining is a common US judicial practice. Defendants can plead guilty in exchange for softer punishments. The disadvantage of this practice is that it is hard to know what the defendants truly think, and whether there might be any wrongs in the judgments.

Every country is gathering intelligence. The largest and most well-known information-collecting agencies are the CIA and FBI in the US. The FBI has even listed China as their top target. Recent years have seen the FBI arresting quite a few "Chinese spies," but most of them proved to be innocent. In the meantime, China has kept a low profile in reporting the exposure of US spies out of various considerations.

In most cases, governments won't acknowledge these spies after they have been caught. For example, whenever China intercepted spies from Western countries, the governments they served routinely denied any connection and even mobilized the Western media to attack China's human rights and win over sympathy.

We have no reliable source to identify whether Su has stolen these secrets and transferred them to the Chinese government. If he has, we are willing to show our gratitude and respect for his service to our country. On the secret battlefield without gunpowder, China needs special agents to gather secrets from the US. As for Su, be he recruited by the Chinese government or driven by economic benefits, we should give him credit for what he is doing for the country.

If Su was wronged and forced to plead guilty, he should have our sympathy. As the "war of information" between China and the US continues, there will probably be more Chinese framed as spies and jailed in the US. This is a tragedy of the times, and we hope the Chinese working in sensitive professions in the US can protect themselves.

At the helm of international public discourse, the US is able to define whether certain activities are espionage or not. When US espionage is exposed, the US media will try to divert public attention and tone down the case. But when the CIA or FBI catches suspects, hyperbole about these cases makes headlines in US media.

The most infamous case is that of Edward Snowden, who revealed the global US surveillance program PRISM. The whistleblower is wanted by the US government, which refuses to reflect on its behavior, but keeps criticizing China for espionage without solid proof.

China lags behind the US in technology. The existence of US cyberspace military forces is openly known to the public, and its capability is way higher than Chinese "hackers." But it doesn't mean that China cannot fight back in the face of ill-founded US accusations of Chinese spies. China should uncover Washington's brazen hypocrisy with concrete evidence. - Global Times

Related posts:
 
Jun 23, 2013 ... Revelations about PRISM, a US government program that harvests data on the ... against the US Internet surveillance program of the NSA, PRISM, .... US Spy Snowden Says U.S. Hacking China Since 2009 ... Labels: civil liberties , Computer hackers , Cyber Attacks , Edward Snowden , Espionage , FBI ...

May 21, 2014 ... Documents leaked by former Central Intelligence Agency contractor Edward Snowden detailed the National Security Agency's (NSA) ...

May 20, 2014 ... After the Prism program leaked by Edward Snowden, the United States was accused by the whole world. However, it has never made ...
Oct 31, 2013 ... ... intelligence whistleblower Edward Snowden.A top secret map dated August 13 , 2010 lists nearly a hundred surveillance facilities worldwide, ...


Jun 4, 2014 ... In June 2013, Edward Snowden, a former US National Security Bureau contractor, revealed US intelligence agencies were conducting ...
May 22, 2014 ... ... charging five Chinese nationals of alleged commercial espionage, citing Edward Snowden's revelations of US spying operations worldwide.

A spokesperson for China's State Internet Information Office on Monday published the latest data of U.S. cyber attack, saying that Chinese... 


As the most notorious surveillance country, the U.S. indictment of Chinese military officers seems almost insolent in a world still reeli...

Thursday, May 1, 2014

Better Internet governance, keys for Internet governance: standards and benchmarks


A series of non-obligatory international norms promoted at a recent Internet conference in Brazil will be helpful to the establishment of global Internet governance, but it remains urgent that some specific rules be worked out to ensure cyberspace is not used as a means for some countries to target others.

The United States National Security Agency's PRISM program disclosed by the Edward Snowden has aggravated the concerns of countries worldwide about cyberspace security and accelerated the push for better Internet governance.

In March, the US government announced that it will turn over the Internet Corporation for Assigned Names and Numbers, known as ICANN, which manages the core functions of the Internet, to a "global multi-stakeholder community". This, if implemented, would be a positive step toward improving global Internet governance. Nevertheless, the better management of cyberspace depends more on how to build a safe, open, equitable and orderly network environment for countries across the world, says an online article of People's Daily.

For the better governance of the Internet, the UN Charter and the universally recognized norms of international relations should be abided by, and the cyberspace sovereignty of each country, including the laws, regulations and policies each country has adopted regarding the Web should be respected.

All countries should be empowered to manage their information facilities and conduct Internet activities within their territory in accordance with their laws, and their information resources should be free from any external threats.

An Internet governance framework should also be built on the principles of tolerance, equality and extensive participation from multiple parties. All countries, big or small, rich or poor, should be allowed to participate in Internet governance and equally share the opportunities brought by booming information technologies. The making of relevant Internet standards, rules and policies should be based on openness, transparency and fairness, and developed countries should help developing ones to develop their network technologies.

And while enjoying their own Internet rights and freedom, countries should not compromise the information freedom and privacy of other countries.

To promote better Internet governance, the voices of all countries should be respected and their coordination is needed to make cyberspace rules acceptable to all.

- China Daily

The key for Internet governance: standards and benchmarks

A global Internet governance conference in Brazil concluded last Tuesday with a strong demand for building an effective worldwide legislative framework, while a series of Internet-related optional standards had been drafted.

The Internet has spread its influence into every aspect of life around the world. But while people enjoy the conveniences that the Internet brings, they are also starting to worry about security and privacy issues and the possible negative impacts of the Internet. Last year, revelations about the American “Prism” program triggered global concerns about surveillance, resulting in calls for protecting the individual, and strengthening Internet governance

Last month, the U.S. announced its plans to turn over the Internet Corporation for Assigned Names and Numbers, known as ICANN, to a “global multi-stakeholder community”, which sent a positive message to the world. But the obligations of Internet governance should go beyond IP address allocation into control of Internet technical standards and a focus on how countries can build a secure, open, transparent, and ordered web environment.

Internet governance should admit and respect a self-regulated space free of government interference in all countries, subject to a country’s level of technology, language, and culture, and people’s wishes in terms of relevant legislation. A country should also be able to supervise its information infrastructure, information resources, and online activities in accordance with laws designed to protect the interests of its people.

Internet governance should focus on extensive cooperation among all stakeholders against a backdrop of a tolerant and fair attitude. Any country, big or small, rich or poor, should have both the obligation to participate in Internet governance, and the right to enjoy opportunities created by IT development.

Internet governance should uphold open, transparent, and win-win principles for general cooperation. The decision-making on Internet standards, rules, and policy should be open and transparent; developed countries should be encouraged to help developing countries in improving network techniques and narrowing the information gap.

Internet governance should insist on both rights and obligations. A country should uphold the right to privacy by ensuring the effective implementation of all obligations under human rights law. Everyone should be able to enjoy the right to and freedom of the Internet, subject to not damaging the interests of other people or the country, and not breaking the law or damaging social morality.

The key for global Internet governance is to promote close cooperation among countries, and build a practical network of international Internet-related rules and standards. All opinions and proposals from all countries should be heard with equal importance while defining rules suitable for all countries.

- The article is edited and translated from 《互联网治理,规范和标准是关键》, source: People's Daily

Related posts:

USA Spying, the Super-Snooper ! Get pay from spying?
 US, Britain spying on virtual world, agents pose as gamers
 NSA's secret MYSTIC system is capable ...
 US Spy Snowden Says US Hacking China Since 2009
 US, UK, India among 'Free World' Governments ...
2013 the year of Internet innovation
 No privacy on the Net ! 
 NSA secretly hacks, intercepts Google, Yahoo daily

Friday, March 14, 2014

US, UK, India among 'Free World' Governments Worst for online spies

WASHINGTON: US' National Security Agency, India's Centre for Development of Telematics, and the UK's GCHQ have been named among the worst online spies by a non-profit group for implementing censorship and surveillance.

Three of the government bodies designated by Reporters Without Borders as 'Enemies of the Internet' are located in democracies that have traditionally claimed to respect fundamental freedoms, a report by the Reporters Without Borders said.

PARIS - Shady agencies at the service of democratically elected governments are among the worst online spies in the world, media watchdog RSF said Wednesda

In the latest instalment of the "Enemies of the Internet" report, wholesale spying by "free world" services -- much of it exposed by US intelligence contractor Edward Snowden --- is offered no distinction from the unabashed surveillance carried out by the world's worst dictatorships. 

To RSF, agencies such as the US National Security Agency, Britain's GCHQ and the Centre for Development Telematics in India embrace the worst methods of snooping in the name of governments that purportedly hold freedom of speech as a national priority. 

They have "hacked into the very heart of the Internet" and turned a collective resource "into a weapon in the service of special interests" that flout the "freedom of information, freedom of expression and the right to privacy". 

"The NSA and GCHQ have spied on the communications of millions of citizens including many journalists," the report by Reporters Sans Frontieres (RSF, Reporters Without Borders) said. 

The methods used, many of which NSA contractor Snowden revealed to the world last year before going into hiding in Russia, "are all the more intolerable" because they are then used by authoritarian countries such as Iran, China, Turkmenistan and Saudi Arabia, the report said. 

Also singled out by RSF are private companies that provide their most up-to-date powers of snooping at trade fairs that have become giant spying bazaars selling the best that technology can offer. 

It is at these shows hosted regularly around the world that profit-driven spy-ware firms link up with government agents or nervous multinationals that are in search of the newest ways to observe and control the Internet. 

RSF argued that the censorship carried out by the Enemies of the Internet "would not be possible without the tools developed by the private sector companies to be found at these trade fairs." 

With these tools, spies can track journalists anywhere in the world, RSF said. 

Governments keen to impose censorship also help one another. 

Iran has asked China to help it develop a local version of the electronic Great Wall that cuts off billions of Chinese from the Internet as seen by the rest of the world. China is active in Africa and central Asia too. 

To stop this proliferation of snooping, RSF said a whole new legal framework to govern surveillance was "essential" with states needing to embrace transparency regarding the methods being used. 

The fight for human rights, it warned, "had spread to the Internet".

Related posts:

1. 2013 the year of Internet innovation
2. You are being snooped on, Malaysia views US-NSA spying seriously!
3.US, Britain spying on virtual world, agents pose as gamers..
4. Educate public on changes in e-technology, CAP urg…
5..USA Spying, the Super-Snooper !
6. NSA secretly hacks, intercepts Google, Yahoo daily…
7. Abusing intelligence is stupid
8. Brazil attacks US over spying issue
9. US Spy Snowden Says U.S. Hacking China Since 2009
10. Upset over US cyber spying! 
11. No privacy on the Net !
12. US building new spy wing to focus on Asia 

Saturday, December 21, 2013

2013 the year of Internet innovation


As the year comes to a close, we need to reflect on what are the most important things that have affected our lives in 2013.

The Internet continues to transform our world. The most significant Internet event in 2013 was not the listing of Facebook, which priced the company at $104 billion (almost Bt3.4 trillion), but Edward Snowden's July revelations of Internet surveillance, which revealed that Big Brother, friend or foe, is really watching. Since my smartphone is smart enough to track me even in the toilet, there is really no privacy left in this world.

On the plus side, Singles Day - November 11 - garnered 35 billion yuan (Bt187 billion) in online sales on one day in China. Since China already accounts for one-third of the smartphones in the world, and they can make and sell smartphones at one-third the price of Apple or Samsung, it is not surprising that e-commerce in the Middle Kingdom is set to overtake even the US in volume next year.

Online business is here to stay.

What the combination of the Internet and smartphone means is that a person in the remotest part of Indonesia can sell his or her product to buyers worldwide, and collect over the smartphone, which was impossible to imagine even 20 years ago.

Amazing also are the apps downloaded in their millions to maximise personal efficiency. Ease of personal communication, meanwhile, has been taken to a new level with apps like WeChat. Such free Internet services are rising so fast that even revenue from SMS text messages is slowing down.

On the other side, after Snowden, what must consider the proper role of the government in the Internet and how it should behave to encourage Web innovation and growth?

Nobel Laureate economist Joseph Stiglitz was one of the first to tackle the subject, in "The Role of Government in a Digital Age" (2000), with Peter and Jonathan Orzag. Their report recommended 12 principles. The first three cover the state's proper role in the affairs of the Internet:

1. Provide public data and information.

2. Improve efficient government services.

3. Support basic research.

The next six principles are areas where the government should exercise caution. These include:

4. Adding specialised value to public data and information.

5. Providing private goods only under limited circumstances.

6. Providing services online where private services are more efficient.

7. Ensuring that mechanisms exist to protect privacy, security, and consumer protection online.

8. Promoting network externalities only with great deliberation and care.

9. Maintaining proprietary information or exercising rights under patents or copyright.

The report also signalled "red light" areas of state intervention in the Internet:

10. Governments should exercise substantial caution in entering markets in which private sector firms are active

11. Governments (including government corporations) should generally not aim to maximise net revenues or take action that would reduce competition.

12. Government should only be allowed to provide goods or services for which appropriate privacy and conflict-of-interest protections have been erected.

The Stiglitz-Orzag report was written for the US market, but the general principles are useful guides for all states. The trouble is that Snowden showed that the US government might have failed to follow some of these guidelines. We do know that governments are becoming increasingly intrusive on the Internet, and that such intrusion inhibits competition and innovation.

Because the Internet is evolving very fast, the role of government in Web affairs also needs to evolve. Businesses are becoming even more service and information-oriented, with increasing numbers going digital and in the "Cloud". This means that governments are struggling with three major issues: protecting private privacy, ensuring a level playing field in competition, and taxing online activities.

Governments must also sort out jurisdictional duties and powers, because the Cloud is global, and taxation and regulation is not only national, but departmental. It is as if each small part of the bureaucracy is trying to regulate the whole Cloud. We can all touch and feel its power, but there is no overall central authority that can control the Cloud.

An island nation in the Pacific might pass a law on the Cloud, but could it enforce it?

Individual privacy is being threatened by the practice of hacking, and the biggest hackers are not bedroom-bound nerds, but governments everywhere.

The second problem of a level playing field is a serious one. If Google has maps and can monitor everything I do through my smartphone, does that information belong to Google or to me? If it belongs to the large platforms, does that not confer a huge informational advantage on them? How can governments ensure that there is a level playing field between these massive online platforms and the small businesses that have no such information or may have to pay the platform for it?

The third area is taxation. Online commerce has escaped the tax radar because it is new. In contrast, bricks-and-mortar shops have rents, create jobs and pay value-added taxes. If everything moves online, the government loses the ability to tax, and bricks-and-mortar retail shops will complain they are losing out to larger and larger platforms. Bookshops around the world are closing in droves now that everyone can order through Amazon.

There are no easy answers to these tough questions. The interdependent and interconnected nature of the Internet means that regulatory or government action in one part may affect the system as a whole. In other words, government action or non-action creates a shadow system - the business moves offline, offshore or into cyberspace.

What we need is better transparency, better education, wider access and also some key principles of fair competition that should be enforced for online business to innovate.

Finally, a year-end reminder: use your smartphone in the toilet, and someone (not Snowden) can hear you flush. Merry Xmas and Happy New Year to all.

Contributed by Andrew Sheng, President of the Fung Global Institute.

Related posts:
1. You are being snooped on, Malaysia views US-NSA spying seriously!
2.US, Britain spying on virtual world, agents pose as gamers..
3. Educate public on changes in e-technology, CAP urg...
4..USA Spying, the Super-Snooper !
5. NSA secretly hacks, intercepts Google, Yahoo daily...
6. Abusing intelligence is stupid
7. Brazil attacks US over spying issue
8. US Spy Snowden Says U.S. Hacking China Since 2009
9. Upset over US cyber spying! 
10. No privacy on the Net !
11. US building new spy wing to focus on Asia

Wednesday, December 11, 2013

US, Britain spying on virtual world, agents pose as gamers

Real life James Bond's operating in a virtual world online: American and British spies have been revealed to be posing online on games such as World of Warcraft (pictured) and Second Life

 
View of the National Security Agency in the Washington suburb of Fort Meade, Maryland

Freshly leaked documents by former US intelligence contractor Edward Snowden on Monday revealed spies disguised as fantasy characters prowled online games hunting terrorists.

Elves, orcs or other fictional characters happened upon by players in the popular realm of World of Warcraft may have been US and British spies, according to documents released through ProPublica, the Guardian, and the New York Times.

There were also indications that intelligence agents went undercover in online multi-player shooter games, particularly on Microsoft's Xbox Live Internet community for players.

"GVEs (games and virtual environments) are an opportunity!" concluded 'top secret' National Security Agency documents dating back about five years.

"We know that terrorists use many feature rich Internet communications media for operational purposes, such as email, VoIP, chat, proxies and web forums, and it is highly likely they will be making use of the many communications features offered by games and virtual environments."

The report depicted online game worlds as private meeting places that could be used by groups for planning and training.

Examples used to back the reasoning included an "America's Army" shooter game made by the US military and given away as a free download at its recruiting website.

"The game is so good at identifying candidates that it is now used for training," the document said.

It went on to tell of Hezbollah creating a shooter game for recruitment and training, with the ultimate goal of play being to be a suicide martyr.

"While complete military training is best achieved in person, complete perfection is not always required to accomplish the mission," the report argued, noting that some 9/11 attackers were taught piloting with flight simulation software.

Spies have created characters in fantasy worlds of Second Life and World of Warcraft to carry out surveillance, recruit informers and collect data, The New York Times said

"It wasn't enough that they were snooping on email conversations; able to tap phone calls; weaken encryption standards; use sophisticated hacking techniques to install spyware on targeted computers… they needed to extend their range to Middle Earth and Xbox Live as well," computer security specialist and author Graham Cluley said in a blog post reacting to the news.

"How about all these people playing 'Draw Something' who might be doodling secret messages to fellow criminals or conspirators?" he added facetiously.

Microsoft and WoW maker Blizzard Entertainment released independent statements saying they knew nothing of spies snooping in their online worlds.

The report came as eight leading US-based technology companies called on Washington to overhaul its surveillance laws following months of revelations of online eavesdropping from the former National Security Agency (NSA) contractor.

"Fearing that terrorist or criminal networks could use the games to communicate secretly, move money or plot attacks, the documents show, intelligence operatives have entered terrain populated by digital avatars that include elves, gnomes and supermodels," the Times said.

It added: "Because militants often rely on features common to video games -- fake identities, voice and text chats, a way to conduct financial transactions -- American and British intelligence agencies worried that they might be operating there, according to the papers."

The documents do not give any examples of success from the initiative, the report said.

Apple, Facebook, Google, Microsoft, Twitter, Yahoo, AOL and LinkedIn meanwhile wrote an open letter to President Barack Obama and the US Congress calling on Washington to lead the way in a worldwide reform of state-sponsored spying.

"We understand that governments have a duty to protect their citizens. But this summer's revelations highlighted the urgent need to reform government surveillance practices worldwide," the letter said.

Sources: Washington (AFP)

US and UK 'spy on virtual games like World of Warcraft'

 
National security officials are said to have extracted World of Warcraft account data to identify terrorist activity (file photo)

US and British spies have reportedly infiltrated online games such as World of Warcraft in an effort to identify terrorist threats, according to media reports.

The undercover agents reportedly operated in virtual universes to observe messaging and payment systems.

The NSA allegedly warned that such online games could allow intelligence targets to hide in plain sight.

Virtual universe games draw millions of players from around the globe.

News of the operation was broken by the New York Times, the Guardian and ProPublica on Monday using leaked confidential government information obtained by whistleblower Edward Snowden.

The media reports allege US and UK spies spent years investigating online games including Second Life for potential terrorist activity.

One leaked document published by the New York Times claims such video games could be used for recruitment or to conduct virtual weapons training.

'Without our knowledge'
  The NSA is said to have extracted World of Warcraft account data and attempted to link it to Islamic extremism and arms deals, according to the Guardian.

The popular online fantasy game, which at one point boasted upwards of 12 million subscribers, has reportedly attracted users such as embassy employees, scientists and military and intelligence officials.

At one point during the investigation, so many national security agents were reportedly playing video games that a "deconfliction" group was created to ensure they were not inadvertently spying on one another.

However, the documents obtained by former NSA contractor Mr Snowden and cited by the media did not specify if any terrorist plots had been foiled by the effort.

A spokesman for World of Warcraft's parent company Blizzard Entertainment told the Guardian they were not aware any surveillance had been conducted.

"If it was, it would have been done without our knowledge or permission," the spokesman said. - BBC

American and British spies posed as 'orcs and elves' on World of Warcraft to infiltrate terror cells according to new NSA revelations

  • Latest revelations from Edward Snowden reveal the NSA has been using agents to pose as players on World of Warcraft
  • Up to 50 million people worldwide play the popular virtual game
  • NSA and Britain's GCHQ became concerned the game and those like it could be used as clandestine forums for terrorists to plan attacks
  • Online operatives even tried to recruit gamers as informants
  • More evidence of mass surveillance on civilian population by intelligence service
By James Nye

The NSA document, written in 2008 and titled Exploiting Terrorist Use of Games & Virtual Environments expresses the NSA's worry that despite their wide-reaching PRISM clandestine surveillance of hundreds of millions of people online, terrorists could evade their wide reaching snooping.

New revelations: NSA whistleblower Edward Snowden speaking in October - the former defense contractor has revealed that American intelligence operatives operated online in World of Warcraft and Second Life to try and catch terrorists
New revelations: NSA whistleblower Edward Snowden speaking in October - the former defense contractor has revealed that American intelligence operatives operated online in World of Warcraft and Second Life to try and catch terrorists 

The Guardian has reported that QCHQ, the British counterpart of the NSA even sent operatives into Second Life in 2008 and infiltrated a criminal ring that was selling stolen credit card information in that virtual world.

The Snowden files reveal that the real-life sting in a virtual world was named Operation Galician and was helped by a recruited online informer who 'helpfully volunteered on the target group's latest activities.'

Citing the documents disclosed by Edward Snowden, the report also says agencies 'have built mass-collection capabilities' against Microsoft's Xbox Live online network.

Important details — such as how much data was gathered, or how many players' information was compromised — were not clear, the reports said.

Blizzard Entertainment, the producer of World Of Warcraft, told the Guardian: ‘We are unaware of any surveillance taking place. If it was, it would have been done without our knowledge or permission.’

Online games such as World of Warcraft and Second Life are huge business as players adopt avatars of different people or indeed, orcs, goblins and elves.

NSA HQ: Reports say British and American intelligence officers have been spying on gamers across the world, deploying undercover officers to virtual universes and sucking up traffic from popular online games such as World of Warcraft
NSA HQ: Reports say British and American intelligence officers have been spying on gamers across the world, deploying undercover officers to virtual universes and sucking up traffic from popular online games such as World of Warcraft


The 2008 NSA report claims that if the intelligence garnered from the spying on these online games was used correctly, then pictures of ordinary citizen's and potential terrorist social networks could be built up.

The NSA document reportedly claims to suggest that such infiltration 'continues to uncover potential Sigint value by identifying accounts, characters and guilds related to Islamic extremist groups, nuclear proliferation and arms dealing.'
Second Life especially intruiged the NSA and GCHQ, because of its plans to introduce voice calls and anonymous texts - that terrorists could utilize.

However, the document revealed by Snowden details no clear indication that the widespread surveillance ever discovered any terrorists or even foiled any attacks - raising serious issues over the privacy of online gaming.

Microsoft declined to comment on the latest revelations, as did Philip Rosedale, the founder of Second Life.

Monitoring: The NSA and Britain's GCHQ have neither confirmed nor denied that they have been spying on the personal details of up to 50 million virtual gamers
Monitoring: The NSA and Britain's GCHQ have neither confirmed nor denied that they have been spying on the personal details of up to 50 million virtual gamers

The NSA declined to comment on the surveillance of games. 

A spokesman for GCHQ told The Guardian the agency did not 'confirm or deny' the revelations but added: 'All GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee.'

Indeed, so rife was the spying online of Second Life by the FBI, CIA, and the Defense Humint Service that a memo was sent to try and 'deconflict' their work - i.e. make sure that they weren't treading on each other's toes.

However, the British credit card fraud bust aside, there are no other examples of the surveillance of these popular virtual worlds yielding any results in terms of anti-terrorism.

The agencies did have concerns beyond simple money laundering and planning though.
The NSA thought that games played online could be used to 'reinforce prejudices and cultural stereotypes' - pointing out that Hezbollah had produced their own game called Special Forces 2.

According to the document, Hezbollah's 'press section acknowledges the game is used for recruitment and training', serving as a 'radicalizing medium' with the ultimate goal of becoming a 'suicide martyr'.

Despite the game's disturbing connotations, the 'fun factor' of the game cannot be discounted, it states. 

As Special Forces 2 retails for $10, it concludes, the game also serves to 'fund terrorist operations.'

Related posts:
1.  You are being snooped on, Malaysia views US-NSA spying seriously!
2. You are being snooped on, Malaysia views US-NSA spying seriously!
3.  Rightways Technologies: USA Spying, the Super-Snooper !
4.  Brazil attacks US over spying issue
5.  US Spy Snowden Says US Hacking China Since 2009
6.  Brazil attacks US over spying issue

Related Stories:

Wednesday, December 4, 2013

Educate public on changes in e-technology, CAP urged



Warn kids against revealing personal information on FB, Govt urged

THE Consumers Association of Penang (CAP) has urged the Government to take pro-active measures in raising awareness consumers on the rapid changes in electronic technology.

“If Malaysia is truly to become a knowledge society, the citizens must be knowledgeable and be aware of the dangers and risks that come with new technology.

“It can easily be done if a part of the tax revenue from the profits of technology companies is used to educate consumers on the right use of the technology that most people have become dependent on today,” CAP president S.M. Mohamed Idris said in a statement yesterday.

“Children must also be informed on the dangers of revealing personal details on social networking sites such as Facebook and others,” he said.

Mohamed Idris said the Government should also provide facilities for encryption and decryption of data, and make mandatory for mobile phones, tablets and computers to be equipped with them.

“Encryption is the only way of communication secured enough for the military or banking, where a high level of security is de-sired,” he said.

Mohamed Idris was commenting on press reports that Singa-pore was a key partner of the 5-Eyes intelligence group that allegedly tapped telephones and monitored communication networks in Kuala Lumpur.


Is The Five Eyes Alliance watching you?

Based on information leaked by intelligence whistleblower Edward Snowden, Dutch daily NRC Handelsblad reported that Singapore was a key ‘third party’ providing the United States, Britain, Canada, Australia and New Zealand access to Malaysia’s communication channel.

Australia’s Sydney Morning Herald cited documents leaked by Snowden alleging that Singapore military intelligence was helping the US, British and Australian spy agencies tap data passing through a major undersea cable that is partly owned by Singapore Telecommunications Ltd

Sources: The Star/Asia News Network

Related posts:
1.  USA Spying, the Super-Snooper !
2.  You are being snooped on, Malaysia views US-NSA spying seriously!
3.  Brazil attacks US over spying issue
4.  US Spy Snowden Says US Hacking China Since 2009

Sunday, July 14, 2013

Play safe on the mobile, secure your devices!


All a sinister person needs to do to spy on you is to simply penetrate your smartphone or tablet.

OF late, spying has been a household word after revelations of Prism, a clandestine mass electronic surveillance programme operated by the United States National Security Agency (NSA), by former NSA contractor Edward Snowden. 

But one does not need an entire state programme to spy on someone.

All that a sinister person needs to do is to penetrate their intended victim’s smartphone or tablet. Which is quite an easy thing to do, actually. One of the common methods used is spyware.

Such spyware can easily be found by searching on Google although they are usually not free.

There is a possibility that consumers might download spyware from an identified party or an unknown source accidentally. - Goh Chee Hoh

This is what happened when a husband in Singapore suspected his wife of having an affair. On the pretence that his phone was not working, he borrowed his wife’s phone to make a call but instead installed a spyware app.

The husband was then able to see the calls made (but not hear the actual conversation), messages sent and her location at that point, from a computer using a Web-based application that communicated with the app.

When the information confirmed that she was having an affair, he continued to monitor her phone for some time before posting the information online, including the messages she sent to her “lover”. He did not reveal any personal details about themselves but this is how the news became public.

However, many have questioned the authenticity of the story, with some brushing it off as a publicity stunt to sell the spyware app.

Nevertheless, it pays to be safe, as there are apps that can do such things and they are easily obtainable from the Web.


“Mobile phones are an integral part of consumers’ lives, with two thirds of adults worldwide reporting that they use a mobile device to access the Internet,” says David Hall, senior manager of regional product marketing for Norton at Symantec Corporation.

“As we use our mobile phones in new and innovative ways, we’re also putting sensitive information at risk.”

“Spyware is a type of malware (malicious software) that logs information and then forwards that information from your device,” explains Rob Forsyth, director for Asia Pacific at Sophos Ltd.

Usually, such spyware is capable of operating quietly in the background so it can easily go unnoticed by an unsuspecting device owner.

“For a regular user, it is very difficult to figure out that they’ve been infected,” says Goh Su Gim, security advisor for Asia Pacific at F-Secure (M) Sdn Bhd. “There’s no obvious signs.”

In fact, it may surprise you to know that such threats could actually come from a source that’s known to you.

“There is a possibility that consumers might download spyware from an identified party such as their spouse, friends, colleagues, business associates or from an unknown source accidentally,” says Goh Chee Hoh, managing director for South-East Asia at Trend Micro Inc.

As an example, he describes a mobile phone monitoring service which uses Nickispy, a family of viruses that attacks Android devi­ces). It is said to be capable of monitoring a mobile user’s activities and whereabouts. The Chinese website which offers this service charges subscribers fees costing US$300 to US$540 (RM900 to RM1,620).

“This spyware sends MMS to the victim’s mobile device. Once the MMS is downloaded, the cybercriminal is granted access to your line of communications,” Chee Hoh says.

This security issue is further compounded in cases where a consumer uses the same device for both work and personal purposes.

“From a personal user’s standpoint, one can experience loss of privacy whereas from a business perspective, an organisation may lose sensitive data which can lead to loss of revenue,” he explains.

Had such an act been committed in Malaysia, it would go against Section 231 of the Communications and Multimedia Act 1998. Using an app to obtain information from another person’s phone can land the offender a RM50,000 fine or a prison term not exceeding two years if convicted.

The Malaysian Communications and Multimedia commission (MCMC), our multimedia industry nurturer and regulator, also said that it does not act alone when pursuing offenders.

“We look at each case individually and help other agencies like the police, for example, when upholding the law,” said Sheikh Raffie Abd Rahman, MCMC head of strategic communications.



Simple safeguards to keep your devices secure

While the mobile security and privacy threats remain very real and imminent, the steps to prevent such problems are really quite straightforward and easy to do.

Following are some practical tips, courtesy of security specialists Symantec Corporation, Sophos Ltd, Trend Micro Inc and F-Secure (M) Sdn Bhd, that you should take note of:

1. Use your device’s built-in security features 

Configure your security settings so that functions such as location sharing are disabled and passwords are not saved but need to be manually keyed in each time.

You can also make your device more secure by activating its lock function and requiring an identification action such as a fingerprint scan, keystroke pattern, numeric PIN or alphanumeric password in order to access the device.

2. Use strong passwords and secure Internet connections

Unique and strong passwords will help prevent valuable information from being stolen from your device. Using a different password for each and every app would be best but you would need to ensure that you have a good way of remembering those passwords if you choose to go this route.

Avoiding open and unsecured Internet connections such as free public WiFi will also reduce risk of online threats on your mobile device.

3. Never jailbreak or root your device 

Use your device as recommended by the manufacturer instead of modifying the version of the iOS or Android operating system that has been installed. This is usually done to install pirated games and apps for free but this makes it easier for spyware to operate on your device.

4. Be cautious when choosing and installing apps

It’s a vast universe out there in the World Wide Web and, at times, it’s hard to tell the good guys from the bad ones. It therefore pays to be extra careful when downloading apps from the Internet. If something is too good to be true, it probably is. Do background checks on developers if you need to be sure, and scrutinise an app’s ratings and reviews as well.

It’s also a better idea to download apps directly from the Google Play Store for Android devices rather than from third party websites since downloads from some of these sources may contain malware.

Do have a close look at the Terms and Conditions as well as permissions requested by an app prior to installing it, as you don’t want to unknowingly allow developers to track and collect personal data which is unnecessary for running the app.

5. Scrutinise notifications and services running on your device 

Stay alert whenever you receive any notification on your device. Some may contain malicious links or cleverly trick you into submitting personal information to cybercriminals.

Also, pay special attention to services running in the background on your device that seem unfamiliar or strange. You will have to refer to online guides on how to check, as it differs among devices.

The principle of “when in doubt, throw it out” could help save you a great deal of trouble later on.

6. Log out immediately

This is especially crucial for social media apps where the chances of your data being misused are higher. Make it a habit to log out of such apps and re-enter login information each time you use them.

7. Stay up-to-date

Take time to pick out a preferred mobile security software and install it on your device. Make sure to constantly update it, and don’t forget to check for updates for all your apps and to install any available patches for your device’s operating system as well. Set up routine scans for your device, and review the logs each time a scan is concluded.

Sunday, June 23, 2013

No privacy on the Net !

Revelations about PRISM, a US government program that harvests data on the Internet, has sparked concerns about privacy and civil rights violations. But has there ever been real privacy and security on the WWW?

 Demonstrators hold posters during a demonstration against the US Internet surveillance program of the NSA, PRISM, at Checkpoint Charlie in Berlin, Germany, ahead of US President Barack Obama’s visit to the German capital.

IMAGINE a time before email, when all your correspondence was sent through the post. How would you feel if you knew that somebody at the post office was recording the details of all the people you were corresponding with, “just in case” you did something wrong?

I think quite a few of you would be upset about it.

Similarly, some Americans are furious over revelations made about a system called PRISM. In the last few weeks, an allegation has been made that the US government is harvesting data on the Internet by copying what travels through some of its Internet Service Providers.

The US Director of National Intelligence has said that PRISM “is not an undisclosed collection or data mining program”, but its detractors are not convinced that this doesn’t mean no such program exists.

I think there are mainly two kinds of responses to this revelation: “Oh my God!” and “What took them so long?”.

The Internet has never really been secure. Because your data usually has to travel via systems owned by other people, you are at their mercy as to what they do with it. The indications are that this is already being done elsewhere.

Countries such as China, India, Russia, Sweden and the United Kingdom allegedly already run similar tracking projects on telecommunications and the Internet, mostly modelled on the US National Security Agency’s (unconfirmed) call monitoring programme. For discussion, I’ll limit myself for the moment to just emails – something that most people would recognise as being private and personal.

I find many people are surprised when I tell them that sending email over the Internet is a little bit like sending your message on a postcard. Just because you need a password to access it, doesn’t mean it’s secure during transmission.

The analogy would be that your mailbox is locked so only you can open it, but those carrying the postcard can read it before it reaches its final destination. Of course, there are ways to mitigate this. One has to be careful about what one put in emails in the first place. Don’t send anything that would be disastrous if it were forwarded to someone else without your permission.

You could also encrypt your email, so only the receiver with the correct password or key could read it, but this is difficult for most end users to do. (For those interested in encrypting emails, I would recommend looking at a product called PGP.)

The analogy holds up for other Internet traffic. It’s easy to monitor, given enough money and time. And as easy as it is for the Good Guys to try to monitor the Bad Guys, it’s just as easy for the Bad Guys to monitor us hapless members of the public.

But who do we mean by the Bad Guys? Specifically, should the government and law-enforcement agencies be categorised as ‘Bad Guys’ for purposes of privacy? Generally, the line oft quoted is “if you have nothing to hide, then you have nothing to worry about”.

Yet, I think we all accept that there should be a fundamental right to privacy, for everybody from anybody. An interesting corollary to being able to express your thoughts freely is that you should also be able to decide when and how you make them public.

The fault in relying on organisations that say “trust us” isn’t in the spirit of their objectives, but in how the humans in them are flawed in character and action.

An example quoted regularly at the moment is how the FBI collected information about Martin Luther King because they considered him the “most dangerous and effective Negro leader in the country”.

One way of defining the boundaries are by codifying them in laws. For example, the Malaysian Personal Data Protection Act prohibits companies from sharing personal data with third parties without the original owner’s consent.

However, this law explicitly does not apply to the federal and state governments of Malaysia. Another clause indicates that consent is not necessary if it is for the purpose of “administration of justice”, or for the “exercise of any functions conferred on any person by or under any law”.

In relation to the revelations of PRISM, several questions come to mind: Can Internet traffic (or a subset of it) be considered “personal data”? Is it possible for government agencies to collect and store such data without your consent?

And if so, what safeguards are there to ensure that this personal data is accurate, is used correctly and is relevant for storage in the first place?

This should be a sharp point of debate, not just in terms of which of our secrets the government can be privy to, but also of which of the government’s information should be readily accessible by us.

True, there is so much data out there that analysing it is not a trivial task. However, companies such as Google are doing exactly that kind of work on large volumes of unstructured data so that you can search for cute kittens. The technology is already on its way.

Perhaps I am being over-cautious, but it seems a bit fantastical that people can know your deepest and darkest secrets by just monitoring a sequence of 1’s and 0’s. But, to quote science fiction author Phillip K. Dick, “It’s strange how paranoia can link up with reality now and then”.

Contradictheory
By DZOF AZMI

> Logic is the antithesis of emotion but mathematician-turned-scriptwriter Dzof Azmi’s theory is that people need both to make sense of life’s vagaries and contradictions. Speak to him at star2@thestar.com.my.

Related post:

US Spy Snowden Says U.S. Hacking China Since 2009