The security researcher Bruce Schneier, who is now helping the Guardian newspaper review Snowden documents, suggests that more revelations are on the way.
Bruce Schneier, a cryptographer and author on security topics, last month took on a side gig: helping the Guardian newspaper pore through documents purloined from the U.S. National Security Agency by contractor Edward Snowden, lately of Moscow.
In recent months that newspaper and other media have issued a steady stream of revelations, including the vast scale at which the NSA accesses major cloud platforms, taps calls and text messages of wireless carriers, and tries to subvert encryption.
This year Schneier is also a fellow at Harvard’s Berkman Center for Internet and Society. In a conversation there with David Talbot, chief correspondent of MIT Technology Review, Schneier provided perspective on the revelations to date—and hinted that more were coming.
Continue reading by clicking the source link below.
Source: MIT Technology Review
AT&T provides the US Drug Enforcement Administration (DEA) with records of Americans’ phone calls dating back to 1987 as part of a surveillance program that goes beyond the scope of the National Security Agency’s (NSA) call collection, the New York Times reported Sunday.
Besides covering a longer time span, the program is unlike the NSA’s data collection because it “includes information on the locations of callers,” the report said.
“For at least six years, law enforcement officials working on a counternarcotics program have had routine access, using subpoenas, to an enormous AT&T database that contains the records of decades of Americans’ phone calls—parallel to but covering a far longer time than the National Security Agency’s hotly disputed collection of phone call logs,” the Times wrote. “The government pays AT&T to place its employees in drug-fighting units around the country. Those employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987.”
Read More by following the source link below.
Source: Ars Technica
Using online anonymity services such as Tor or sending encrypted e-mail and instant messages are grounds for US-based communications to be retained by the National Security Agency even when they’re collected inadvertently, according to a secret government document published Thursday.
The document, titled Minimization Procedures by the NSA in Connection with Acquisitions of Foreign Intelligence, is the. latest bombshell leak to be dropped by UK-based newspaper The Guardian. It and a second, top-secret document detail the circumstances in which data collected on US persons under foreign intelligence authority must be destroyed or can be retained. The memos outline procedures NSA analysts must follow to ensure they stay within the mandate of minimizing data collected on US citizens and residents.
While the documents make clear that data collection and interception must cease immediately once it’s determined a target is within the US, they still provide analysts with a fair amount of leeway. And that leeway seems to work to the disadvantage of people who take steps to protect their Internet communications from prying eyes. For instance, a person whose physical location is unknown—which more often than not is the case when someone uses anonymity software from the Tor Project- “will not be treated as a United States person, unless such person can be positively identified as such, or the nature or circumstances of the person’s communications give rise to a reasonable belief that such person is a United States person,” the secret document stated.
And in the event that an intercepted communication is later deemed to be from a US person, the requirement to promptly destroy the material may be suspended in a variety of circumstances. Among the exceptions are “communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.”
Other conditions under which intercepted US communications may be retained include when it is “reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed.”
The document, dated July 28, 2009, bears the signature of US Attorney General Eric Holder.
Supporters of the recently exposed NSA surveillance program have frequently argued that it is narrowly tailored so that it doesn’t track the communications of ordinary US citizens and residents. Rules requiring inadvertently collected US communications to be destroyed once the error is discovered would appear to be key in supporting that view. The exceptions to that requirement may give critics new ammunition. Tor is a staple of many human rights advocates who want to prevent repressive governments from tracking their location or intercepting and reading their e-mail and instant messages. Encrypted e-mail, while by no means easy to use, remains a core practice among lawyers, corporate executives, and privacy advocates.
It’s hard to read the documents and not be struck by the irony that use of these services may subject people on US soil to a much higher likelihood that their communications will be retained by an agency that’s supposed to focus on foreign targets.
Source: Ars Technica