Category Archives: The Intercept

Latest Snowden dump reveals NSA discussed Russian civil targets

Posted on by

The National Security Agency discussed Russian civil targets, including Russia’s gas and oil sectors, with the Norwegian Intelligence Service (NIS) in 2005, according to the latest release from The Intercept’s SIDToday project. The project, an archive that details some of the documents leaked by former NSA contractor Edward Snowden, reveals that during their annual policy conference that April, the NSA and NIS came to a decision to work on nonmilitary Russian targets. “One highlight of the conference was a decision to begin, in earnest, cooperation on Russian civil targets,” the newsletter, dated June of 2005, reads. “Much of the first day of the [conference] focused on the Russia target, with briefings on the Russian Ministry of Foreign Affairs, Oil and Gas Developments, Leadership, and Strategic Highlights form the Northern Region.” A month prior to the conference, then-NSA Director Gen. Mike Hayden, had provided Norwegian spies details on U.S. capabilities in targeting […]

The post Latest Snowden dump reveals NSA discussed Russian civil targets appeared first on CyberScoop.

Continue reading Latest Snowden dump reveals NSA discussed Russian civil targets

Former NSA analyst charged in leak of classified documents to reporter

Posted on by

A former National Security Agency analyst has been charged and arrested for illegally obtaining classified national defense information, including files on drone warfare, and disclosing it to a reporter. The charges, which were filed originally in March of this year in federal court in Alexandria, Virginia, include obtaining, retaining, transmitting, and causing the communication of national defense information, disclosure of classified communications intelligence information, and theft of government property. The Department of Justice unsealed the charges against the former analyst, Daniel Hale of Tennessee, Thursday. Some of the documents that Hale illegally obtained and shared with the reporter detailed top secret information the NSA gathered on specific named targets, several counterterrorism operations, an overseas military campaign targeting al-Qaeda, and the effects of that operation. At least one document revealed classified technical capabilities of the U.S. military. Hale served in the U.S. Air Force from 2009-13, during which he was assigned […]

The post Former NSA analyst charged in leak of classified documents to reporter appeared first on CyberScoop.

Continue reading Former NSA analyst charged in leak of classified documents to reporter

Activist Publishes 11,000 Private DMs Between Wikileaks and Its Supporters

Posted on by

Emma Best, a freedom of information activist, has published a large cache of Twitter direct messages between Wikileaks and some of its most fervent supporters, including ones showing antisemitic sentiment from Wikileaks. Continue reading Activist Publishes 11,000 Private DMs Between Wikileaks and Its Supporters

Alleged NSA leaker seeks to subpoena major cybersecurity companies, intel agencies

Posted on by

A 26-year old former NSA contractor accused of leaking classified documents is now looking to subpoena some of the largest cybersecurity firms in the industry as part of her legal defense against the government. Reality Winner was arrested in June 2017 for allegedly removing a top-secret report on Russian hacking activity connected to the 2016 election from an NSA facility where she worked at Fort Gordon in Augusta, Georgia, and sending it to The Intercept.  Winner’s lawyers are also seeking to subpoena several state governments and U.S. intelligence agencies. According to Politico, the requested subpoenas, filed Friday, target representatives of the states formally notified by the Department of Homeland Security last September that they were targeted by hackers the U.S. government says were acting on behalf of the Russian government. In total, 21 states, five government agencies, and 11 cybersecurity firms — including TrendMicro, FireEye, Eset, CrowdStrike, Volexity, F-Secure Corporation, ThreatConnect, Secureworks and Fidelis […]

The post Alleged NSA leaker seeks to subpoena major cybersecurity companies, intel agencies appeared first on Cyberscoop.

Continue reading Alleged NSA leaker seeks to subpoena major cybersecurity companies, intel agencies

NSA has been tracking bitcoin users since 2013

Posted on by

The National Security Agency has been spying on bitcoin users around the world beginning as early as March 2013, according to a story published by The Intercept. Classified documents leaked by whistleblower Edward Snowden show the NSA used a secret data source that “leveraged the NSA’s ability to harvest and analyze raw, global internet traffic while also exploiting an unnamed software program that purported to offer anonymity to users.” The NSA reportedly tracked bitcoin users by collecting sensitive information from their computers, including passwords, internet activity, and unique identifiers assigned to devices known as MAC addresses. Documents also suggested that the agency used XKeyScore, the NSA’s formerly secret global internet data analysis program, to monitor targets tied to bitcoin. According to the documents, the tracking of bitcoin users as of 2013 was done through OAKSTAR, a program that consisted of a “collection of covert corporate partnerships enabling the agency to monitor communications, including […]

The post NSA has been tracking bitcoin users since 2013 appeared first on Cyberscoop.

Continue reading NSA has been tracking bitcoin users since 2013

Russians can hijack satellites in order to launch cyberattacks, documents show

Posted on by

Russian intelligence services have been capable of hijacking satellite signals to launch stealthy cyberattacks since at least 2013, according to a newly published cache of classified documents belonging to Canada’s Communications Security Establishment and obtained by The Intercept. Because the innovative hacking technique is believed to be limited to a small number of operators, the revelation highlights the Kremlin’s longstanding effort to develop highly sophisticated cyber espionage capabilities on par with other world powers. The Intercept shared these sensitive documents in a story Wednesday, which sought to disprove U.S. President Donald Trump’s assertion that Russian hackers are so skilled that they cannot be tracked or accurately attributed — an opinion that was also recently voiced by Russian President Vladimir Putin. In part, The Intercept’s story underlines how a series of simplistic but critical operational security mistakes by a skilled hacking group, codenamed MakersMark or Turla, eventually allowed Canadian intelligence officials […]

The post Russians can hijack satellites in order to launch cyberattacks, documents show appeared first on Cyberscoop.

Continue reading Russians can hijack satellites in order to launch cyberattacks, documents show

How The Intercept Outed Reality Winner

Posted on by

Today, The Intercept released documents on election tampering from an NSA leaker. Later, the arrest warrant request for an NSA contractor named “Reality Winner” was published, showing how they tracked her down because she had printed out the documents and sent them to The Intercept. The document posted by the Intercept isn’t the original PDF file, but a PDF containing the pictures of the printed version that was then later scanned in.

As the warrant says, she confessed while interviewed by the FBI. Had she not confessed, the documents still contained enough evidence to convict her: the printed document was digitally watermarked.

The problem is that most new printers print nearly invisibly yellow dots that track down exactly when and where documents, any document, is printed. Because the NSA logs all printing jobs on its printers, it can use this to match up precisely who printed the document.

In this post, I show how.

You can download the document from the original article here. You can then open it in a PDF viewer, such as the normal “Preview” app on macOS. Zoom into some whitespace on the document, and take a screenshot of this. On macOS, hit [Command-Shift-3] to take a screenshot of a window. There are yellow dots in this image, but you can barely see them, especially if your screen is dirty.

We need to highlight the yellow dots. Open the screenshot in an image editor, such as the “Paintbrush” program built into macOS. Now use the option to “Invert Colors” in the image, to get something like this. You should see a roughly rectangular pattern checkerboard in the whitespace.

It’s upside down, so we need to rotate it 180 degrees, or flip-horizontal and flip-vertical:

Now we go to the EFF page and manually click on the pattern so that their tool can decode the meaning:

This produces the following result:

The document leaked by the Intercept was from a printer with model number 54, serial number 29535218. The document was printed on May 9, 2017 at 6:20. The NSA almost certainly has a record of who used the printer at that time.

The situation is similar to how Vice outed the location of John McAfee, by publishing JPEG photographs of him with the EXIF GPS coordinates still hidden in the file. Or it’s how PDFs are often redacted by adding a black bar on top of image, leaving the underlying contents still in the file for people to read, such as in this NYTime accident with a Snowden document. Or how opening a Microsoft Office document, then accidentally saving it, leaves fingerprints identifying you behind, as repeatedly happened with the Wikileaks election leaks. These sorts of failures are common with leaks. To fix this yellow-dot problem, use a black-and-white printer, black-and-white scanner, or convert to black-and-white with an image editor.

Copiers/printers have two features put in there by the government to be evil to you. The first is that scanners/copiers (when using scanner feature) recognize a barely visible pattern on currency, so that they can’t be used to counterfeit money, as shown on this $20 below:

The second is that when they print things out, they includes these invisible dots, so documents can be tracked. In other words, those dots on bills prevent them from being scanned in, and the dots produced by printers help the government track what was printed out.

Yes, this code the government forces into our printers is a violation of our 3rd Amendment rights.

While I was writing up this post, these tweets appeared first:

oh wow, @knowtheory just pointed out the microdots on the first and late page of the intercept’s docs. printer dots kill puppies, folks. pic.twitter.com/w8qxJ9zvhf

— Quinn’s internet 👻 (@quinnnorton) June 6, 2017

The date in the microdots is 6:20 2017/05/09 from a printer with serial number #5429535218, according to https://t.co/PVVm7AAjlL pic.twitter.com/6BY7Y3MFhL

— Tim Bennett (@flashman) June 6, 2017

Comments:
https://news.ycombinator.com/item?id=14494818

Continue reading How The Intercept Outed Reality Winner