Category Archives: Excessive Surveillance

Farkas? New York Times?

While yesterday, the video of Evelyn Farkas appearing on MSNBC having rather lots to say about the Obama officials surveiling Trump transition team, today we have Snopes claiming nothing is new here.  Hmmmm.

Then there’s the New York Times story in January.  Admits that intercepted Russian communications were being saved to investigate the Trump administration.

Just how on earth are we to surmise under the circumstances that the Obama administration did nothing illegal or “inappropriate” in surveiling the current president?  Why does he get cover and his wrong doing is ignored by media?

Where is this story in the WaPo, and why has the New York Times not revisited this story, published in it’s own pages?

 

Another Softwar revelation!

Occasionally, I’ll post something exactly from Softwar.net, because it’s critical information, and everyone should wake up about encryption.

——————————

ALT SHIFT KILL

 

A MESSAGE FROM OUR FOUNDER AND CEO –

The Wikileaks disclosure of CIA espionage software is supposed to be about Big Brother. They are defensive in nature designed to monitor and tap into our computers and communications. However, these programs have more than just a passive surveillance function. They also can kill.

Quietly embedded in the latest Wikileaks disclosure of CIA exploits is a cute little program called NightSkies. NightSkies is one in a series of Apple malware programs under a project called Triton. These programs are designed to monitor and “beacon” back information stolen from infected Apple computers. NightSkies has one nice little feature in its arsenal of functions… it can also execute any other program downloaded secretly from a remote CIA “Listening Post”.

<click image to see Wikileaks document>

At first, this feature seems logical and more or less harmless. It is not. It is this feature that murder by software is enabled.

If the infected computer is used in an industrial, internet of things, military or medical application it can be turned into an assassination machine. While Apple computers are not often used in the military, industrial or Internet of Things fields, they are frequently found inside hospitals and they communicate with other critical systems as well – all of which can be the difference between life and death for a patient.

Clearly, the NightSkies design is not the only such program in the CIA arsenal. Similar features will be found embedded within other CIA exploit programs designed for the other major operating systems such as Android, Windows and Linux.

For example, a computer monitoring the condition of a patient can be told to ignore signs of a heart attack and not alert the staff. Other medical computers control more than just monitoring a patient, for example computers often control blood filtering for kidney dialysis. In fact the medical industry is filled with computers that perform a wide variety of life critical functions, diagnosis of brain tissues, X-ray controls, chemotherapy control, and delivery of intravenous medicines.

It is this remote code execution feature and payload delivery of the CIA NightSkies design that is of greatest concern. It could range from a subtle change in the dosage of medicine that becomes lethal, deliver a series of lethal X-Ray or radiation therapy treatments, or perform miss-diagnosis of a condition so that medical staff delivers lethal treatment. The computers involved could show the operators that they are performing flawlessly while at the same time dosing a patient with a massive amount of radiation.

NightSkies design also combines itself with embedded clock timers, to install itself and execute at a specific data/time and then de-install and delete itself at another pre-designated time. Thus, making it possible for the program to execute its prime function, kill and then delete itself, leaving no evidence behind. In addition, the NightSkies design exploits are built to be ignored and accepted by Anti-Virus programs; therefore they are almost invisible to current defenses. Finally, the NightSkies design programs communicate with their host Listening Post (LP) using encrypted communications so when they do “beacon” the data transmission is undecipherable. All these features combine to make NightSkies designs the perfect assassination tool.

The myriad of devices that we rely on for critical life functions that use any of the major operating systems are vulnerable to this kind of attack. These operating systems function aboard airliners, automobiles, in water plants, sewage facilities, oil pipelines, traffic control, police, fire, and rescue and are even present inside the controls for nuclear weapon systems. For example, the British force of nuclear tipped Trident submarines run a variant of Windows XP.

It is now clear exactly how dangerous the CIA exploits are. They are not simple defensive surveillance tools if they can download other programs unseen and then execute them. They become offensive weapons designed to kill.

CHARLES R. SMITH

CEO FOUNDER OF

SOFTWAR INC.

Contact Us:

We Warned the American People about Naked Surveillance.

We Warned the American People about Naked Surveillance.

But No One Listened…

I’m from a small town in Indiana, where we often passed on knowledge with this simple bit of farmland wisdom:  “If you plant onions, you’ll pretty much get onions.”  Another way of stating it, perhaps more eloquently, is “You reap what you sow.”

Still another fitting bit of wisdom in the context of what we are witnessing today would be found in “Live by the sword, die by the sword.”

 Over a decade and a half ago, the NSA Four (Bill Binney, Ed Loomis, Tom Drake, and myself), together with HPSCI Senior Staffer Diane Roark pleaded for surveillance that protected the innocent in order to prevent the destruction of individual privacy guaranteed us all by the U.S. Constitution.

Nobody listened.  No one cared.  No one took corrective action.

Today, we see unfolding before our very eyes a Constitutional crisis of monumental proportions, one that threatens the very foundations of our nation’s system of governance.

People hidden in the bowels of the United States Intelligence Community are leaking classified information taken from the private phone calls of innocent people – people who have not been accused of committing any crime – to the press for purely political reasons, reasons that include an attempt to take down our duly elected administration.

Had the approach we advocated over 16 years ago been used – one that featured a built-in capability that prevented the kind of access to, and disclosure of, private information we are seeing in the news – we would not be witnessing the abject abuse of authority that is unfolding before us.  President Obama’s order just before departing the White House that spread access to NSA’s intercepts to hundreds of additional people across all 17 agencies of the Intelligence Community would not have mattered. Innocent people’s private information would have been protected.

The questions remain – is anyone listening? Does anyone care? Indeed, Albert Einstein once said, “The world is a dangerous place to live; not because of the people who are evil, but because of the people who don’t do anything about it.”

Is anyone taking corrective action to prevent such leaks, even in the absence of identifying the individuals who are continuing to break the law?

It might take a week, maybe two, maybe even three, depending on the IT architecture involved, to put the data protections in place.

For the American People.  For the nation…

Kirk Wiebe
Former NSA Senior Analyst and NSA Whistleblower