Bonum Certa Men Certa

New Evidence of Criminality in Spying Agencies, Going as Far as Exploiting FOSS Sites to Spread Malware

John McLusky illustration
An illustration of James Bond by artist John McLusky for the Daily Express newspaper.



Summary: The job of spooks in the US and the UK is anything but sexy and professional, new leaks continue to reveal

Bombshells regarding the NSA and its British offshoot GCHQ just can't help coming. There is so much dirty laundry and Snowden et al. bring it out by the bucketload (to be attributed to Snowden). Techrights might have an exclusive story of its own pretty soon. We are still trying to ascertain/verify the facts in a case involving Arizona's corrupt authorities (we asked for court documents to support the claims and to potentially publish). If the claims are true, then not only the NSA and FBI inject malware into people's computers (e.g. CIPAV) but local authorities too are trying to do this, completely against the law. They spy without warrants, crack computers, and also pass new laws as means of revenge against people whom they are desperate to prosecute (but can't). It sounds like a movie plot, but it sure seems to be real.



The big story in the news this week is that Slashdot got used by GCHQ to inject malware. This is criminal. When one is hijacking, infecting and distributing malware it is a serious crime -- well, typically a crime when done by entities not connected to the government. The NSA-subsidised operations base known as GCHQ sure is damaging the British software industry [1] and the British "information commissioner" sure misses the point [2]; the real issue here is the illegal spying, not those who expose the illegal spying (whistleblowing/reporting). The British press which covers this the most is promoting Darkmail right now [3] and the 'British Snowden' explains to us how serious a problem we are dealing with [4]. Over 80% of US citizens are not satisfied with NSA oversight [5]. The NSA basically collects everything quite indiscriminately [6] and even phones that are switched off (powered off) are believed to be tracked by the NSA [7]. Services that require one's real identity to use are getting more aggressive [8], the surveillance is being used for an expanding number of purposes (drug enforcement, taxes, etc.) [9], and even NIST turns out to be somewhat of a fraud with fake (moles-based) peer review [10].

Finally, for those who don't know, Microsoft allegedly puts Windows back doors for the NSA [11]. What we know for sure is that Microsoft does tell the NSA how to remotely crack Windows PCs. Microsoft and the NSA are in bed together, so anyone who values his/her privacy should avoid everything from Microsoft and Microsoft-owned companies like Facebook. Now is a good time to move to Free/libre software. It's never too late.

Related/contextual items from the news:



  1. GCHQ data snooping has "destroyed trust in British tech"
    GCHQ's online surveillance has destroyed trust in British technology companies and irrevocably damaged the nation’s information security industry, according to a cryptography expert.


  2. Information commissioner voices fears over scale of NSA surveillance
    Liberty's director, Shami Chakrabarti, asked about the impact of the Snowden revelations on the security services' attempts to tackle terrorism, said: "I'm sure it creates challenges and irritations [but] any challenges are probably overblown. The serious bad boys know all about the technological possibilities."

    Chakrabarti said Snowden had revealed "not just blanket surveillance and intrusion of privacy [but] that we got taken for mugs.

    "There was a big debate in this country about a snooper's charter. That bill was dropped and now we find out they were doing this stuff anyway. That is not just a breach of privacy it is a fundamental breach of the rule of law, contempt for people, parliament and contempt of the law.








  3. Darkmail opens: New email encryption standard aims to keep government agencies out
    Silent Circle and Lavabit hope to respond to Snowden leaks with service stopping 'state snoopers' accessing email metadata




  4. The spies are called to account
    As the Snowden-related dis­clos­ures con­tinue to flow, each new one refut­ing the last dis­sem­bling state­ments of the des­per­ate spies, dip­lo­mats around the world must be curs­ing the over­ween­ing ambi­tions of the NSA and it vassals.

    Amer­ican ambas­sad­ors are being summoned from their for­ti­fied embassies to account for US mal­feas­ance in coun­try after coun­try: Brazil, Spain, France and, of course, Germany.

    In this last coun­try there has been scan­dal after scan­dal: first the hoover­ing up of bil­lions of private com­mu­nic­a­tions; the rev­el­a­tion that the Ger­man intel­li­gence agency, the BND, had been an enthu­si­astic part­ner of the NSA in devel­op­ing the XKey­Score pro­gramme and more; then, des­pite this, humi­li­at­ingly to learn that Ger­many is only con­sidered a 3rd Party intel­li­gence part­ner by the Yanks — put­ting them on a par with coun­tries like Iran, China and Russia.


  5. Less Than 20% Of Americans Believe That There's Adequate Oversight Of The NSA
    One of the key responses from the NSA and its defenders to all of these Snowden leaks is that there is "rigorous oversight" of the NSA by the courts and Congress. Of course, that talking point has been debunked thoroughly, but NSA defenders keep trotting it out. It appears that the public is not buying it. At all. A recent poll from YouGov found that only 17% of people believe that Congress provides "adequate oversight" on the spying of Americans. A marginally better 20% (though, within the 4.6% margin of error, so meaningless difference really) felt that Congress provides adequate oversight of the NSA when it comes to collecting data on foreigners. Basically, that part of the NSA story just isn't particularly believable in light of everything that's come out. Oh, and people are paying attention to the news. A full 87% had heard something about the spying on foreign countries -- with only 14% thinking that such a program has helped US interests abroad.








  6. Dan Geer Explains the Government Surveillance Mentality


  7. Samsung, Nokia say they don’t know how to track a powered-down phone
    Privacy International still awaits answers from Apple, BlackBerry, and others.


  8. Your Face and Name Will Appear in Google Ads Starting Today


  9. NSA's Vast Surveillance Powers Extend Far Beyond Counterterrorism, Despite Misleading Government Claims
  10. Post-NSA Revelations, NIST Opens Review of All Crypto Standards


  11. Chrome Clamps Down, Bitcoin Vulnerability & More…
    Back when the Eric Snowden brouhaha first began, we said that this was going to have serious repercussions on the tech sector here in the United States, especially after it became evident that Microsoft was actively working with the spooks by allegedly designing back doors into their operating system and keeping federal intelligence agents informed about unpatched security holes that could be used against foreign governments and “terrorist,” which now days seems to be everyone who doesn’t work for the NSA, FBI or CIA.




Recent Techrights' Posts

Real Life Should be Offline, Not Online, and It Requires Free Software
Resistance means having the guts to say "no!", even in the face of great societal burden and peer pressure
 
Links 26/09/2023: KDE, Programming, and More
Links for the day
Mozilla Promotes the Closed Web and Proprietary Webapps That Are Security and Privacy Hazards
This is just another reminder that the people who run Mozilla don't know the history of Firefox, don't understand the Web, and are beholden to "GAFAM", not to Firefox users
Debian More Like an Exploitative Sweatshop Than a Family
Wiltshire is riding a high horse in the UK, talking down to Indians who are "low-level" volunteers in his kingdom of authoritarians, guarded by an army of British lawyers who bully bloggers
Small Computers in Large Numbers: A Pipeline of Open Hardware
They guard and prioritise their "premiums", causing severe price hikes due to supply/demand disparities.
Microsoft Deserves a Medal for Being Worst at Security (the Media Deserves a Medal for Cover-up)
There are still corruptible/bribed publishers that quote Microsoft staff like they're security gurus
10 Reasons to Permanently Export or Liberate Your Site From WordPress, Drupal, and Other Bloatware
There are certainly more more advantages, but 10 should suffice for now
About 200,000 Objects in Techrights Web Site
This hopefully helps demonstrate just how colossal the migration actually is
Good Teachers Would Tell Kids to Quit Social Control Media Rather Than Participate in It (Teaching Means Education, Not Misinformation)
Insist that classrooms offer education to children rather than offer children to corporations
Twitter: From Walled Gardens to Paywalls and/or Amplifiers of Fascism
There's moreover a push to promote politicians who are as scummy as Twitter's owner
The World Wide Web is Being Confiscated From Us (Like Syndication Was Withdrawn About a Decade Ago) and We Need to Fight Back
We're worse off when fewer people promote RSS feeds and instead outsource to social control media (censorship, surveillance, manipulation)
Next Up: Restoring IRC Log Pipelines, Bulletins/Full Text RSS, Wiki (Archived, Static), and Pipelines for Daily Links
There are still many tasks left ahead of us, but we've progressed a lot
An Era of Rotting Technology, Migration Crises, and Cliffhanging
We've covered examples from IBM, resembling the Microsoft world
First Iteration of Techrights as 100% Static Pages Web Site
We want to champion another decade or two of positive impact and opinionated analysis
Links 25/09/2023: Patent News and Coding
some remaining links for today
Steam Deck is Mostly Good in the Sense That It Weakens Microsoft's Dominance (Windows)
The Steam Deck is mostly a DRM appliance
SUSE is Just Another Black Cat Working for Proprietary Giants/Monopolies
SUSE's relationship with firms such as these generally means that SUSE works for authority, not for community, and when it comes to cryptography it just follows guidelines from the US government
IBM is Selling Complexity, Not GNU/Linux
It's not about the clients, it's about money
Birthday of Techrights in 6 Weeks (Tux Machines and Techrights Reach Combined Age of 40 in 2025)
We've already begun the migration to static
Linux Foundation: We Came, We Saw, We Plundered
Linux Foundation staff uses neither Linux nor Open Source. They're essentially using, exploiting, piggybacking goodwill gestures (altruism of volunteers) while paying themselves 6-figure salaries.
Security Isn't the Goal of Today's Software and Hardware Products
Any newly-added layer represents more attack surface
Linux Too Big to Be Properly Maintained When There's an Incentive to Sell More and More Things (Complexity and Narrow Support Window)
They want your money, not your peace of mind. That's a problem.
Modern Web Means Proprietary Trash
Mozilla is financially beholden to Google and thus we cannot expect any pushback or for Firefox to "reclaims the Web" a second time around
Godot 4.2 is Approaching, But After What Happened to Unity All Game Developers Should be Careful
We hope Unity will burn in a massive fire and, as for Godot, we hope it'll get rid of Microsoft
GNU/Linux Has Conquered the World, But Users' Freedom Has Not (Impediments Remain in Hardware)
Installing one's system of choice on a device is very hard, sometimes impossible
Another Copyright Lawsuit Against Microsoft (or its Proxy) for Misuse of Large Works by Chatbot
Some people mocked us for saying this day would come; chatbots are a huge disappointment and they're on very shaky legal ground
Privacy is Not a Crime, Reporting Hidden Facts Is Not a Crime Either
the powerful companies/governments/societies get to know everything about everybody, but if anyone out there discovers or shares dark secrets about those powerful companies/governments/societies, that's a "crime"
United Workforce Always Better for the Workers
In the case of technology, it is possible that a lack of collective action is because of relatively high salaries and less physically-demanding jobs
Purge of Software Freedom and Its Voices
Reprinted with permission from Ryan Farmer
GNOME and GTK Taking Freedom Away From Users
Reprinted with permission from Ryan Farmer
GNOME is Worse Today (in 2023) Than When I Did GTK Development 20+ Years Ago
To me it seems like GNOME is moving backward, not forward, mostly removing features and functionality rather than adding any
HowTos Are Moving to Tux Machines
HowTos (or howtos) are very important in their own right, but they can easily distract from the news and howtos are usually quite timeless or time-insensitive
Proprietary Panda: Don't Be Misled by the Innocent Looks of Ubuntu (and Microsoft Canonical)
Given the number of disgruntled employees who leave Canonical and given Ubuntu's trend of just copying whatever IBM does in Fedora, is there still a good reason to choose Ubuntu?
Debian GNU/Linux is a Fine Operating System, But What if People Die Making It for Somebody's Corporate/Personal Gain?
Will companies that exploited unpaid volunteers ever be held accountable for loss of life, caused by burnout, excessive work, or poverty?
Links 24/09/2023: 5 Days' Worth of News (Catchup)
Links for the day
Leftover Links 24/09/2023: Russia, COVID, and More
Links for the day
Forty Years of GNU and the Free Software Movement
by FSF
Gemini and Web in Tandem
We're already learning, over IRC, that out new site is fully compatible with simple command line- and ncurses-based Web browsers. Failing that, there's Gemini.
Red Hat Pretends to Have "Community Commitment to Open Source" While Scuttling the Fedora Community (Among Others)
RHEL is becoming more proprietary over time and community seems to boil down to unpaid volunteers (at least that's how IBM see the "community")
IBM Neglecting Users of GNU/Linux on Laptops and Desktops
Reprinted with permission from Ryan Farmer
Personal Identification on the 'Modern' Net
Reprinted with permission from Ryan Farmer
Not Your Daily Driver: Don't Build With Rust or Adopt Rust-based Software If You Value Long-Term Reliance
Rust is a whole bunch of hype.
The Future of the Web is Not the Web
The supposedly "modern" stuff ought to occupy some other protocol, maybe "app://"
YouTube Has Just Become Even More Sinister
The way Google has been treating the Web (and Web browsers) sheds a clue about future plans and prospects
Initial Announcement of GNU (for Gnu's Not Unix) on September 27, 1983
History matters
Upgrade and Migration Status
Git is working, IPFS is working, IRC is working, Gemini is working
Yesterday in the 'Sister Site', Tux Machines (10 More Stories)
Scope-wise, many stories fit neatly into both sites, but posting the same twice makes no sense logistically
The New Techrights Will be Much Faster
A prompt response to FUD is important. It's time-sensitive.