Skip to content

Amnesty International takes UK to European Court over mass surveillance

https://www.amnesty.org/en/articles/news/2015/04/amnesty-international-takes-uk-government-to-european-court-of-human-rights-over-mass-surveillance/

Amnesty International, Liberty and Privacy International have announced today they are taking the UK Government to the European Court of Human Rights over its indiscriminate mass surveillance practices.

The legal challenge is based on documents made available by the whistle-blower Edward Snowden which revealed mass surveillance practices taking place on an industrial scale.

The UK government’s surveillance practices have been allowed to continue unabated and on an unprecedented scale, with major consequences for people’s privacy and freedom of expression. No-one is above the law and the European Court of Human Rights now has a chance to make that clear.
Nick Williams, Amnesty International’s Legal Counsel.

The organizations filed the joint application to the Strasbourg Court last week after the Investigatory Powers Tribunal (IPT), which has jurisdiction over GCHQ, MI5 and MI6, ruled that the UK legal regime for the UK government’s mass surveillance practices was compliant with human rights.

Legal flaws

During 12 months of litigation between the government and the NGOs significant flaws in the UK’s legal regime have been exposed. They include:

  • Previously secret “arrangements” which allow the UK intelligence service to obtain access to bulk data from foreign intelligence agencies like the US National Security Agency without a warrant whenever it would “not be technically feasible” for the government’s agencies to obtain it themselves.
  • UK law also allows for the intelligence services to obtain general warrants authorizing indiscriminate mass surveillance, approved by the Secretary of State and renewed on a rolling basis.
  • The UK government considers it justifiable to engage in mass surveillance of every Google, Facebook, Twitter and YouTube user in the country, even if there is no suspicion that the user is involved in any offence, by secretly redefining the UK’s use of them as “external communications”
  • The new legal action follows recent developments in the cases brought by Amnesty International and which represent critical setbacks to the UK government’s legal position:
  • On 6 February, the IPT found that UK intelligence services acted unlawfully in accessing millions of people’s personal communications collected by the US National Security Agency. The decision was the first time ever that the IPT ruled against the UK intelligence and security services.
  • On 18 February, the UK Government conceded that the regime governing the interception, obtaining and use of legally privileged material violates the Human Rights Act.

The code war: Russia plans to free itself from iOS and Android

http://www.theguardian.com/technology/2015/may/18/russia-ios-android-sailfish-os

According to Russia’s RBC financial newspaper, the country’s ministry of communications instigated the project to replace Android and iOS, meeting with Finnish developer Jolla to discuss the creation of a new mobile operating system based on Jolla’s open-source Sailfish OS.

Russia’s minister of communications and mass media, Nikolai Nikiforov, told RBC that he wants to see the use of non-Russian mobile operating systems drop to just 50% by 2025. Android alone accounts for 81% of the country’s OS market share, according to analysts at Gartner, while iOS picks up another 15%.

Sailfish OS has just 0.5% of the market in Russia at present, below even Windows Mobile and Blackberry. But the open-source nature of the operating system, which lets any interested party use it as the basis of their own software, as well as the lack of ties to the US (unlike Android, which, while also open-source, is heavily controlled by Google), makes it a strong contender for a future Russian open system.

The company is formed around a core of former Nokia employees, who left after Nokia decided to abandon its fledgling MeeGo operating system in favour of working exclusively with Microsoft on smartphones. The core components of MeeGo were open source and Jolla’s new employees built Sailfish around it.

In the long run, Nikiforov hopes to expand Sailfish into a fully international effort. Shortly after the meeting with Jolla, he tweeted that the operating system “creates a Finnish-Russian-Chinese company”, which could one day include “India, Brazil and South Africa”, involving all members of the Brics group of developing nations. To that extent, he hopes to involve IT companies from other Brics nations, he told RBC, encouraging their employees to give 20% of their time, paid for by the state, to work on pan-Brics initiatives like the new operating system.

*****

If Finland/Russia manage to release these apps, I would immediately sign up.  Sad, as it is to admit this, but we need Russian open source mobile apps, to combat the NSA.  It’s a sign of the times that European civilians would trust Russia before than America.  Of course, those of us in the UK, have home grown troubles in the form of GCHQ.

‘Logjam’ crypto bug could be how the NSA cracked VPNs

http://www.theregister.co.uk/2015/05/20/logjam_johns_hopkins_cryptoboffin_ids_next_branded_bug/

Johns Hopkins crypto researcher Matthew Green thinks he might have an explanation for how the NSA attacked VPN services: flaws in how TLS implements Diffie-Hellman crytography.

In what’s bound to be the next big branded bug, Green says servers that support 512-key “export-grade” Diffie-Hellman (DH) can be forced to downgrade a connection to that weak level. The server – and therefore the client – will both still believe they’re using stronger keys such as 768-bit or 1024-bit.

Like so many things – including the similar FREAK flaw – the bug is ancient: a 20-year-old SSL bug that was inherited by TLS.

Green has hosted a site discussing what’s being called “Logjam”, Weakdh.org, with a detailed academic paper here (PDF).

Green’s already been in touch with the major browser vendors, and says they’re in the process of implementing a more restrictive policy on the size of Diffie-Hellman groups they will accept.

Logjam is another exploit of the 1990s-era crypto-wars: “To comply with 1990s-era U.S. export restrictions on cryptography, SSL 3.0 and TLS 1.0 supported reduced-strength DHE_EXPORT ciphersuites that were restricted to primes no longer than 512 bits”, the paper notes.

Because “export grade” hangs around in ciphersuites, “a man-in-the-middle can force TLS clients to use export strength DH with any server that allows DHE_EXPORT.”

“The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable,” Green writes at the Logjam site.

logjam test

Where 512-bit keys are supported, after an initial long computation, Green writes that “an academic team can break a 768-bit prime and that a nation-state can break a 1024-bit prime. Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18 per cent of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66 per cent of VPN servers and 26 per cent of SSH servers.”

That’s where the spooks come in: “A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break.”

****

White Paper

https://weakdh.org/imperfect-forward-secrecy.pdf

HTTPS-crippling attack threatens tens of thousands of Web and mail servers

http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/

The vulnerability affects an estimated 8.4 percent of the top one million websites and a slightly bigger percentage of mail servers populating the IPv4 address space, the researchers said. The threat stems from a flaw in the transport layer security protocol that websites and mail servers use to establish encrypted connections with end users. The new attack, which its creators have dubbed Logjam, can be exploited against a subset of servers that support the widely used Diffie-Hellman key exchange, which allows two parties that have never met before to negotiate a secret key even though they’re communicating over an unsecured, public channel.

SERVER TEST – Enter the www address to test a site

https://weakdh.org/sysadmin.html

logjam test

The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad. The regime was established by the Clinton administration so the FBI and other agencies could break the encryption used by foreign entities. Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material. Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties.

“Logjam shows us once again why it’s a terrible idea to deliberately weaken cryptography, as the FBI and some in law enforcement are now calling for,” J. Alex Halderman, one of the scientists behind the research, wrote in an e-mail to Ars. “That’s exactly what the US did in the 1990s with crypto export restrictions, and today that backdoor is wide open, threatening the security of a large part of the Web.”

SERVER TEST – Enter the www address to test a site

https://weakdh.org/sysadmin.html

In the short term, the researchers recommend all server administrators disable support for the DHE_EXPORT ciphersuites that allow Diffie-Hellman connections to be downgraded. The researchers have provided a guide with step-by-step instructions for securely deploying Diffie-Hellman in TLS. And of course, they also strongly encourage all end users to install browser and e-mail client patches that enforce minimum restrictions on the primes used to negotiate ephemeral keys. Over the longer term, they say, developers should transition to so-called elliptic curve Diffie-Hellman key exchange, since the scheme is less vulnerable to precomputed attacks.

******

White Papers

https://weakdh.org/imperfect-forward-secrecy.pdf

UK government quietly rewrites hacking laws to give GCHQ immunity

http://arstechnica.co.uk/tech-policy/2015/05/uk-government-quietly-rewrites-hacking-laws-to-grant-gchq-immunity/

The UK government has quietly passed new legislation that exempts GCHQ, police, and other intelligence officers from prosecution for hacking into computers and mobile phones.

While major or controversial legislative changes usually go through normal parliamentary process (i.e. democratic debate) before being passed into law, in this case an amendment to the Computer Misuse Act was snuck in under the radar as secondary legislation. According to Privacy International, “It appears no regulators, commissioners responsible for overseeing the intelligence agencies, the Information Commissioner’s Office, industry, NGOs or the public were notified or consulted about the proposed legislative changes… There was no public debate.”

Privacy International also suggests that the change to the law was in direct response to a complaint that it filed last year. In May 2014, Privacy International and seven communications providers filed a complaint with the UK Investigatory Powers Tribunal (IPT), asserting that GCHQ’s hacking activities were unlawful under the Computer Misuse Act.

On June 6, just a few weeks after the complaint was filed, the UK government introduced the new legislation via the Serious Crime Bill that would allow GCHQ, intelligence officers, and the police to hack without criminal liability. The bill passed into law on March 3 this year, and became effective on May 3. Privacy International says there was no public debate before the law was enacted, with only a rather one-sided set of stakeholders being consulted (Ministry of Justice, Crown Prosecution Service, Scotland Office, Northern Ireland Office, GCHQ, police, and National Crime Agency).

Despite filing its complaint back way back in 2014, Privacy International wasn’t told about the changes to the Computer Misuse Act until last week; until after the new legislation became effective. The UK government is allowed to do this, of course, but it’s a little more underhanded and undemocratic than usual.

According to Privacy International’s legal experts, the amended Computer Misuse Act “grants UK law enforcement new leeway to potentially conduct cyber attacks within the UK.

How to subnet in easy steps – using a Happy chart – CISCO CCNA CCENT Subnetting

Cisco certification questions will normally start with .. “you need 6 subnets” or “you need 25 hosts”, and they expect you to be able to calculate the correct subnets.  The answer to these certiification questions is to calculate a happy chart, when you first enter the exam room, as this will save you time during the exam.

Step 1 – Binary from 128 to 1 –  for the 8 bits

Each octet only has 8 bits.. so this is SIMPLE to do.

128   64   32  16  8   4   2  1

Step 2 – place a 1 above each binary value..

Subnetting is taking host bits and making them network bits.  So place a 1 above each of the binary numbers like this:

1      1     1    1    1    1   1  1

128   64   32  16  8   4   2  1

Step 3 – “ADD” the Mask to your happy chart

Basically this is adding up each set of binary numbers.  This is the “mask” that Cisco exams often give you.

ie 128 + 64 = 192.  Next column we go 192 + 32 = 224.  If you can add up – then the mask is a doddle to calculate.

1      1     1     1      1     1      1     1

128    64     32     16       8       4       2     1    (Basic Binary & the Magic number)

128  192  224  240  248 252 254 255  (MASK)

Step 5 – Calculate the subnets

Here’s the genius step.  Cisco exams will say “you need 2 subnets”.. so here you just put a row from left to right, starting at 2, and doubling in each column.  This tells you how many subnets you’ll get.

2     4     8    16    32                     (Number of subnets you want)

1      1     1     1      1     1      1     1

128   64   32     16      8    4      2     1    (Basic Binary & the Magic number)

128  192  224  240  248 252 254 255  (MASK – just add it up)

Step 6 – Calculate the number of hosts.

Sometimes the cisco exam will only say that you want 25 hosts.  Therefore you duplicate the doubling of the number 2 – but this time from Right to Left – to get a number of hosts required.  You can do this happy chart before the exam starts.. and then whizz through your exam.

2     4     8    16    32                     (Number of subnets you want)

1      1     1     1      1     1      1     1

128   64   32     16      8    4      2     1    (Basic Binary & the Magic number)

128  192  224  240  248 252 254 255  (MASK – just add it up!!)

*********************32    16     8    4     2  (number of hosts asked for in the exam)

If Cisco want 25 hosts, then you’ll have to go for 32 hosts.  The first ip is always the network id  The last ip is always the broadcast Id, ie 255.  “Usable” IP’s, are IP’s that can be assigned to hosts – this is the range of ip minus 2 Basically the rule is the number of Binary value less 2.  So 16 -2 = 14 usable IP’s.  32 -2 = 30 usable IP’s.  Easy right?

Step 7 – The magic number gives us the RANGE of a subnet.

When you put in the initial binary values, we called this the “magic number”.  This is your increment number – that you use to calcuate the ranges of each subnet.  This gives us the RANGE of IP’s in a subnet.

With a magic number of 64, the subnets will be:

a. b.c.0

a.b.c. 64

a.b.c 128

a.b.c. 192

You “jump” in increments of the magic number.  If you’re given a mask of /240 – then the happy chart says the magic number is 16 – so you’ll jump in increments of 16.

a.b.c.0

a. b.c 16

a. b. c. 32

Step 8 – the RANGE of IP’s.

Most Cisco exam questions will want you to work in a range of IP’s.

If the magic number is 16… then we’re jumping in 16’s.

Cisco want you to understand that within each RANGE..

Network IP = a.b.c.0

Broadcast IP = a. b. c. 15 (broadcast is always the LAST IP).

last usable ip = Broadcast Ip – 1  = a.b. c. 14

first uable ip = Network IP +1 = a. b. c. 1… (now, was that so hard to do?)

Remember your magic number will tell you the number to increment or JUMP in.  If the magic number is 64 – then the usable IP range is  64 – 2 = 62 usable IP’s. 

We increment in 64’s, from .0, .64, .128, .192.

a.b.c 0

a.b.c. 64

a.b.c 128

a.b.c. 192

The question will be phrased in several different ways, and they expect you to KNOW how to navigate these different angles of subnetting.

The key is to practice calculating the range of IP’s from the /26 or .240 mask, the number of subnets eg 4 subnets or the number of hosts eg 126 hosts – as that’s how cisco will examine you.

Security researcher tells FBI he took control of a commercial airliner – even making it fly sideways – by hacking into the entertainment system

http://www.dailymail.co.uk/news/article-3084856/Security-researcher-admits-FBI-hacked-commercial-airline-s-entertainment-took-control-plane-making-climb-fly-sideways.html

A prominent hacker and security researcher who was kicked off a United Airlines flight last month had previously admitted to the FBI that he had taken control of a plane and made it fly sideways.

Chris Roberts told a special agent earlier this year that he had repeatedly hacked planes’ in-flight entertainment systems while aboard the aircraft, a search warrant application by the FBI states.

In one case, he also reportedly claimed to have overwritten the plane’s Thrust Management Computer code, allowing him to issue a climb command and make the plane serve sideways.

Following the interviews with the FBI agent on February 13 and 23 and March 5 – and another in April – Roberts had two of his laptops confiscated, along with several hard drives and USB sticks.

However, the founder of security firm One World Labs was never charged in relation to his claims.

After removing the cover to the SEB… he would use a Cat6 ethernet cable with a modified connector to connect his laptop computer to the IFE system while in flight,’ the affidavit states.

In one instance, after ‘hacking’ the IFE system and connecting to ‘other systems on the airplane network’, Roberts then apparently overwrote code on the plane’s Thrust Management Computer.

‘He stated that he successfully commanded the system he had accessed to issue the “CLB” or climb command,’ the affidavit says. ‘He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights.’

The document adds: ‘He also stated that he used Vortex software after compromising/exploiting or “hacking” the airplane’s networks. He used the software to monitor traffic from the cockpit system.’

****

At least he’s telling us the exploits exist… that makes him the good guy as he’s acting for the greater good.   The FBI won’t agree with that “greater good” defense though.

Ars picks the UK’s safest Internet provider – Surveillance Studies

http://arstechnica.co.uk/business/2015/05/ars-technica-the-uk-safest-isp/

In a surveillance society, it’s important to pick an ISP that values your safety and privacy.

This Ars Techinca article is amazing for several reasons.  Firstly it echoes the mantra “treat your ISP as the enemy”.  This mantra first appeared to my knowledge, when the inventor of OpenVPN was travelling in Russia and China.  He knew that he was being tracked by his Russian ISP, so he invented OpenVPN to combat surveillance.  OpenVPN treats the ISP as the enemy.   Since the Conservative election, we will find May trying to re enact the Snoopers Charter again.  Therefore the big UK ISP’s are now the enemy.  Ars has gained quotes from them regarding privacy and surveillance.  Look at the weasel words being used regarding “black boxes” on the network.  Of course BT is on the hook here.

Ars have come up with a solution that I agree with.. use smaller ISP’s, that protect your privacy and use a VPN.

Out of the “big 4″ ISP’s, only Virgin Media has confirmed that it DOES NOT have black boxes installed.

Counterpoint: A small UK ISP

Now that we’ve looked at the four largest UK ISPs, let’s consider a small UK ISP as a counterpoint.

Andrews & Arnold


Andrews & Arnold

In the UK, due to Openreach’s mandate to provide fair and equal access to all communications providers, there are a large number of smaller, nationwide ISPs. These ISPs provide their own core network but otherwise use Openreach’s telephone lines, cabinets, and exchanges. Because the UK ISP market is so open, there’s a lot of competition—and as you probably know, competition is really good for the consumer. Case in point: Andrews & Arnold.

A&A is what you might call an enthusiast’s ISP. A&A was one of the first ISPs to offer a native (non-tunnelled) IPv6 connection to the Internet, and today it is enabled by default for all broadband customers. A&A also guarantees that it has no black boxes on its network, no adult content filtering, and no court-ordered site blocks.

A&A isn’t the cheapest or the fastest ISP in the UK, but we’ve included it in this list as an example of how hard some ISPs are fighting for the safety and privacy of their customers. It goes beyond the scope of this story, but it’s also worth considering giving a smaller UK ISP your custom if you’re looking for better support and service with a smile; for the most part, smaller ISPs are far more responsive and sympathetic to your cause than the big four.

Surveillance Studies – Surveillance Self Defense – EFF

https://ssd.eff.org/

The EFF Surveillance Self Defense website offers good tutorials on the latest “Anti Surveillance” and “Anti Forensics” tools.

If the state wants to break into your house and install a keylogger, that requires a court order.  Make sure that they HAVE to break in, in order to HAVE to get a court order.  Letting them acquire data from Google or Bing is just asking for trouble.

You “lock” your car.  Now you need to understand that you need to “lock” your data.

eff tutorials

Surveillance studies takes us into the arena of the past history of the surveillance state, such as the Stasi in East Germany.   The state starts to profile people based on race, religion, sexual orientation, and then uses that profile to apply pressure to the people they love or bribe elected officials.  How would the knowledge of such surveillance affect you? The answer from the East German people is they were scared.. all the time.  Understand surveillance studies.  Understand, this is protecting the things and people you love most.

Surveillance studies is a living, breathing subject that is truly fascinating.

****

Do you leave your car unlocked at night?  Why not?

The answer to that, is the reason you need to put a lock on your data. You lock your house, you lock your garage, you lock your car.  So what’s different about putting a lock on data?

https://ssd.eff.org/

How To Keep NSA Computers From Turning Your Phone Conversations Into Searchable Text – The Intercept

https://firstlook.org/theintercept/2015/05/08/keep-nsa-computers-turning-phone-conversations-searchable-text/

As soon as my article about how NSA computers can now turn phone conversations into searchable text came out on Tuesday, people started asking me: What should I do if I don’t want them doing that to mine?

The Intercept’s Micah Lee wrote about this in March, in an article titled: “You Should Really Consider Installing Signal, an Encrypted Messaging App for iPhone.”

(Signal is for iPhone and iPads, and encrypts both voice and texts; RedPhone is the Android version of the voice product; TextSecure is the Android version of the text product.)

As Lee explains, the open source software group known as Open Whisper Systems, which makes all three, is gaining a reputation for combining trustworthy encryption with ease of use and mobile convenience.

Nobody – not your mobile provider, your ISP or the phone manufacturer — can promise you that your phone conversations won’t be intercepted in transit. That leaves end-to-end encryption – using a trustworthy app whose makers themselves literally cannot break the encryption — your best play.

As Lee writes:

Signal’s code is open source, meaning it can be inspected by experts, and the app also supports forward secrecy, so if an attacker steals your encryption key, they cannot go back and decrypt messages they may have collected in the past.

Using Signal and Red Phone means your voice conversations are always full scrambled. As Lee wrote:

Other apps with encryption tend to enter insecure modes at unpredictable times — unpredictable for many users, at least. Apple’s iMessage, for example, employs strong encryption, but only when communicating between two Apple devices and only when there is a proper data connection. Otherwise, iMessage falls back on insecure SMS messaging. iMessage also lacks forward secrecy and inspectable source code.

Signal also offers the ability for power users to verify the identity of the people they’re talking to, confirming that the encryption isn’t under attack. With iMessage, you just have to take Apple’s word for it.

The big announcements by Apple and Google last fall were about encrypting data on users’ phones, not the calls made by those phones.

Although regular phone calls on the iPhone are not encrypted, Apple’s extremely popular FaceTime service is encrypted by default, as is iMessage. So when you’re using those services (with another Apple user) your conversations are encrypted whether you knew it or not.

There are of course some caveats, as Lee writes:

It’s important to keep in mind that no technology is 100 percent secure, and an encrypted messaging app can only be as secure as the device you install it on. Intelligence agencies and other hackers can still exploit security bugs that have not been fixed, known as zero day exploits, to take over smartphones and bypass the encryption that privacy apps employ. But apps like Signal go a long way to making mass surveillance of billions of innocent people infeasible.

Follow

Get every new post delivered to your Inbox.

Join 193 other followers