11.12.13

Gemini version available ♊︎

New Evidence of Criminality in Spying Agencies, Going as Far as Exploiting FOSS Sites to Spread Malware

Posted in Action, Deception, Free/Libre Software at 6:53 am by Dr. Roy Schestowitz

John McLusky illustration
An illustration of James Bond by artist John McLusky for the Daily Express newspaper.

Summary: The job of spooks in the US and the UK is anything but sexy and professional, new leaks continue to reveal

Bombshells regarding the NSA and its British offshoot GCHQ just can’t help coming. There is so much dirty laundry and Snowden et al. bring it out by the bucketload (to be attributed to Snowden). Techrights might have an exclusive story of its own pretty soon. We are still trying to ascertain/verify the facts in a case involving Arizona’s corrupt authorities (we asked for court documents to support the claims and to potentially publish). If the claims are true, then not only the NSA and FBI inject malware into people’s computers (e.g. CIPAV) but local authorities too are trying to do this, completely against the law. They spy without warrants, crack computers, and also pass new laws as means of revenge against people whom they are desperate to prosecute (but can’t). It sounds like a movie plot, but it sure seems to be real.

The big story in the news this week is that Slashdot got used by GCHQ to inject malware. This is criminal. When one is hijacking, infecting and distributing malware it is a serious crime — well, typically a crime when done by entities not connected to the government. The NSA-subsidised operations base known as GCHQ sure is damaging the British software industry [1] and the British “information commissioner” sure misses the point [2]; the real issue here is the illegal spying, not those who expose the illegal spying (whistleblowing/reporting). The British press which covers this the most is promoting Darkmail right now [3] and the ‘British Snowden’ explains to us how serious a problem we are dealing with [4]. Over 80% of US citizens are not satisfied with NSA oversight [5]. The NSA basically collects everything quite indiscriminately [6] and even phones that are switched off (powered off) are believed to be tracked by the NSA [7]. Services that require one’s real identity to use are getting more aggressive [8], the surveillance is being used for an expanding number of purposes (drug enforcement, taxes, etc.) [9], and even NIST turns out to be somewhat of a fraud with fake (moles-based) peer review [10].

Finally, for those who don’t know, Microsoft allegedly puts Windows back doors for the NSA [11]. What we know for sure is that Microsoft does tell the NSA how to remotely crack Windows PCs. Microsoft and the NSA are in bed together, so anyone who values his/her privacy should avoid everything from Microsoft and Microsoft-owned companies like Facebook. Now is a good time to move to Free/libre software. It’s never too late.

Related/contextual items from the news:

  1. GCHQ data snooping has “destroyed trust in British tech”

    GCHQ’s online surveillance has destroyed trust in British technology companies and irrevocably damaged the nation’s information security industry, according to a cryptography expert.

  2. Information commissioner voices fears over scale of NSA surveillance

    Liberty’s director, Shami Chakrabarti, asked about the impact of the Snowden revelations on the security services’ attempts to tackle terrorism, said: “I’m sure it creates challenges and irritations [but] any challenges are probably overblown. The serious bad boys know all about the technological possibilities.”

    Chakrabarti said Snowden had revealed “not just blanket surveillance and intrusion of privacy [but] that we got taken for mugs.

    “There was a big debate in this country about a snooper’s charter. That bill was dropped and now we find out they were doing this stuff anyway. That is not just a breach of privacy it is a fundamental breach of the rule of law, contempt for people, parliament and contempt of the law.

  3. Darkmail opens: New email encryption standard aims to keep government agencies out

    Silent Circle and Lavabit hope to respond to Snowden leaks with service stopping ‘state snoopers’ accessing email metadata

  4. The spies are called to account

    As the Snowden-related dis­clos­ures con­tinue to flow, each new one refut­ing the last dis­sem­bling state­ments of the des­per­ate spies, dip­lo­mats around the world must be curs­ing the over­ween­ing ambi­tions of the NSA and it vassals.

    Amer­ican ambas­sad­ors are being summoned from their for­ti­fied embassies to account for US mal­feas­ance in coun­try after coun­try: Brazil, Spain, France and, of course, Germany.

    In this last coun­try there has been scan­dal after scan­dal: first the hoover­ing up of bil­lions of private com­mu­nic­a­tions; the rev­el­a­tion that the Ger­man intel­li­gence agency, the BND, had been an enthu­si­astic part­ner of the NSA in devel­op­ing the XKey­Score pro­gramme and more; then, des­pite this, humi­li­at­ingly to learn that Ger­many is only con­sidered a 3rd Party intel­li­gence part­ner by the Yanks — put­ting them on a par with coun­tries like Iran, China and Russia.

  5. Less Than 20% Of Americans Believe That There’s Adequate Oversight Of The NSA

    One of the key responses from the NSA and its defenders to all of these Snowden leaks is that there is “rigorous oversight” of the NSA by the courts and Congress. Of course, that talking point has been debunked thoroughly, but NSA defenders keep trotting it out. It appears that the public is not buying it. At all. A recent poll from YouGov found that only 17% of people believe that Congress provides “adequate oversight” on the spying of Americans. A marginally better 20% (though, within the 4.6% margin of error, so meaningless difference really) felt that Congress provides adequate oversight of the NSA when it comes to collecting data on foreigners. Basically, that part of the NSA story just isn’t particularly believable in light of everything that’s come out. Oh, and people are paying attention to the news. A full 87% had heard something about the spying on foreign countries — with only 14% thinking that such a program has helped US interests abroad.

  6. Dan Geer Explains the Government Surveillance Mentality
  7. Samsung, Nokia say they don’t know how to track a powered-down phone

    Privacy International still awaits answers from Apple, BlackBerry, and others.

  8. Your Face and Name Will Appear in Google Ads Starting Today
  9. NSA’s Vast Surveillance Powers Extend Far Beyond Counterterrorism, Despite Misleading Government Claims
  10. Post-NSA Revelations, NIST Opens Review of All Crypto Standards
  11. Chrome Clamps Down, Bitcoin Vulnerability & More…

    Back when the Eric Snowden brouhaha first began, we said that this was going to have serious repercussions on the tech sector here in the United States, especially after it became evident that Microsoft was actively working with the spooks by allegedly designing back doors into their operating system and keeping federal intelligence agents informed about unpatched security holes that could be used against foreign governments and “terrorist,” which now days seems to be everyone who doesn’t work for the NSA, FBI or CIA.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

A Single Comment

  1. Needs Sunlight said,

    November 12, 2013 at 8:16 am

    Gravatar

    These injection MITM attacks only work on Web 2.0 sites. Secure sites, which work with javascript disabled, can’t do anything to a non-Windows machine if javascript is disabled. With all these revelations or confirmations, it almost looks like insecurity is a motivating factor in the spread of Web 2.0.

    SSL MITM is a related problem, but it is the javascript which is the real enabler to mischief.

DecorWhat Else is New


  1. IRC Proceedings: Thursday, December 02, 2021

    IRC logs for Thursday, December 02, 2021



  2. Links 3/12/2021: Nitrux 1.7.1 and Xen 4.16 Released

    Links for the day



  3. Links 2/12/2021: OpenSUSE Leap 15.4 Alpha, Qt Creator 6

    Links for the day



  4. The EPO's “Gender Awareness Report”

    There’s a new document with remarks by the EPO’s staff representatives and it concerns opportunities for women at the EPO — a longstanding issue



  5. IRC Proceedings: Wednesday, December 01, 2021

    IRC logs for Wednesday, December 01, 2021



  6. EPO Staff Committee Compares the Tactics of António Campinos to Benoît Battistelli's

    The Central Staff Committee (CSC) of the EPO talks about EPO President António Campinos, arguing that “he seems to subscribe to the Manichean view, introduced by Mr Battistelli…”



  7. Prof. Thomas Jaeger in GRUR: Unified Patent Court (UPC) “Incompatible With EU Law“

    The truth remains unquestionable and the law remains unchanged; Team UPC is living in another universe, unable to accept that what it is scheming will inevitably face high-level legal challenges (shall that become necessary) and it will lose because the facts are all still the same



  8. Links 1/12/2021: LibrePlanet CFS Extended to December 15th and DB Comparer for PostgreSQL Reaches 5.0

    Links for the day



  9. EPO Cannot and Will Not Self-Regulate

    The term financialisation helps describe some of the activities of the EPO in recent years; see Wikipedia on financialisation below



  10. [Meme] Germany's Licence to Break the Law

    Remember that the young Campinos asked dad for his immunity after he had gotten drunk and crashed the car; maybe the EPO should stop giving diplomatic immunity to people, seeing what criminals (e.g. Benoît Battistelli) this attracts; the German government is destroying its image (and the EU’s) by fostering such corruption, wrongly believing that it’s worth it because of Eurozone domination for patents/litigation



  11. EPO Dislikes Science and Scientists

    The EPO's management has become like a corrupt political party with blind faith in money and monopolies (or monopoly money); it has lost sight of its original goals and at this moment it serves to exacerbate an awful pandemic, as the video above explains



  12. Links 1/12/2021: LibreOffice 7.3 Beta, Krita 5.0, Julia 1.7

    Links for the day



  13. Links 1/12/2021: NixOS 21.11 Released

    Links for the day



  14. IRC Proceedings: Tuesday, November 30, 2021

    IRC logs for Tuesday, November 30, 2021



  15. Links 1/12/2021: Tux Paint 0.9.27 and WordPress 5.9 Beta

    Links for the day



  16. [Meme] EPO Administrative Council Believing EPO-Bribed 'Media' (IAM Still Shilling and Lying for Cash)

    IAM continues to do what brings money from EPO management and Team UPC, never mind if it is being disputed by the patent examiners themselves



  17. The EPO's Mythical “Gap” Has Been Found and It's Bonuses for People Who Use Pure Fiction to Steal From Patent Examiners

    The phony president who has the audacity to claim there's a budget gap is issuing millions of euros for his enablers to enjoy; weeks ahead of the next meeting of national delegates the Central Staff Committee (CSC) tells them: "Events show that the delegations’ concerns about functional allowances have materialised. The lack of transparency and inflation of the budget envelope gives rise to the suspicion that high management is pursuing a policy of self-service at the expense of EPO staff, which is difficult to reconcile with the Office’s claimed cost-saving policy, and to the detriment of the whole Organisation."



  18. Video: Making the Internet a Better Place for People, Not Megacorporations

    Following that earlier list of suggested improvements for a freedom-respecting Internet, here's a video and outline



  19. Links 30/11/2021: KDE Plasma 5.23.4, 4MLinux 38.0, Long GitHub Downtime, and Microsoft's CEO Selling Away Shares

    Links for the day



  20. A Concise Manifesto For Freedom-Respecting Internet

    An informal list of considerations to make when reshaping the Internet to better serve people, not a few corporations that are mostly military contractors subsidised by the American taxpayers



  21. Freenode.net Becomes a 'Reddit Clone' and Freenode IRC is Back to Old Configurations After Flushing Down Decades' Worth of User/Channel Data and Locking/Shutting Out Longtime Users

    Freenode is having another go; after “chits” and “jobs” (among many other ideas) have clearly failed, and following the change of daemon (resulting in massive loss of data and even security issues associated with impersonation) as well as pointless rebrand as “Joseon”, the domain Freenode.net becomes something completely different and the IRC network reopens to all



  22. Jack Dorsey's Decision is a Wake-up Call: Social Control Media is Just a Toxic Bubble

    The state of the World Wide Web (reliability, preservation, accessibility, compatibility etc.) was worsened a lot more than a decade ago; with social control media that’s nowadays just a pile of JavaScript programs we’re basically seeing the Web gradually turning into another Adobe Flash (but this time they tell us it’s a “standard”), exacerbating an already-oversized ‘bubble economy’ where companies operate at a loss while claiming to be worth hundreds of billions (USD) and generally serve imperialistic objectives by means of manipulation like surveillance, selective curation, and censorship



  23. IRC Proceedings: Monday, November 29, 2021

    IRC logs for Monday, November 29, 2021



  24. Links 29/11/2021: NuTyX 21.10.5 and CrossOver 21.1.0

    Links for the day



  25. This Apt Has Super Dumbass Powers. Linus Sebastian and Pop_OS!

    Guest post by Ryan, reprinted with permission



  26. [Meme] Trying to Appease Provocateurs and Borderline Trolls

    GNU/Linux isn’t just a clone of Microsoft Windows and it oughtn’t be a clone of Microsoft Windows, either; some people set themselves up for failure, maybe by intention



  27. Centralised Git Hosting Has a Business Model Which is Hostile Towards Developers' Interests (in Microsoft's Case, It's an Attack on Reciprocal Licensing and Persistent Manipulation)

    Spying, censoring, and abusing projects/developers/users are among the perks Microsoft found in GitHub; the E.E.E.-styled takeover is being misused for perception manipulation and even racism, so projects really need to take control of their hosting (outsourcing is risky and very expensive in the long run)



  28. Links 29/11/2021: FWUPD's 'Best Known Configuration' and Glimpse at OpenZFS 3.0

    Links for the day



  29. President Biden Wants to Put Microsofter in Charge of the Patent Office, Soon to Penalise Patent Applicants Who Don't Use Microsoft's Proprietary Formats

    The tradition of GAFAM or GIAFAM inside the USPTO carries on (e.g. Kappos and Lee; Kappos lobbies for Microsoft and IBM, whereas Lee now works for Amazon/Bezos after a career at Google); it's hard to believe anymore that the USPTO exists to serve innovators rather than aggressive monopolists, shielding their territory by patent threats (lawsuits or worse aggression) and cross-licensing that's akin to a cartel



  30. Microsoft GitHub Exposé — Part VIII — Mr. Graveley's Long Career Serving Microsoft's Agenda (Before Hiring by Microsoft to Work on GitHub's GPL Violations Machine)

    Balabhadra (Alex) Graveley was promoting .NET (or Mono) since his young days; his current job at Microsoft is consistent with past harms to GNU/Linux, basically pushing undesirable (except to Microsoft) things to GNU/Linux users; Tomboy used to be the main reason for distro ISOs to include Mono


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts