Reuters reported that several researchers discovered a tool called “Extended Random” that would allow them to crack RSA’s Dual Elliptic Curve software tens of thousands of times faster than normal.
The Dual Elliptic Curve was a cryptographically random number generator found in most computer programs. In December, Reuters reported that the NSA paid RSA (owned by EMC Corp) $10 million to make Dual Elliptic Curve common across security programs. Additionally, the system had a back-door that allowed the NSA to decrypt the code.
Sam Curry, Chief Technologist at RSA, did not comment to Reuters on if the government paid them to include Extended Random in their BSafe security kit.
The group of academic researches published their findings online at www.dualec.org.
Turkish telecom regulator TIB has blocked YouTube after unverified audio of Turkish officials discussing military operations in Syria was uploaded to the popular video site.
Prime Minister Erdogan implicitly confirmed that the leaked audio was true at a campaign rally. ”They even leaked a national security meeting… This is villainous, this is dishonesty… Who are you serving by doing audio surveillance of such an important meeting?” said Erdogan.
Some users in Turkey are still able to access the site, however Google has confirmed that some users have been blocked. The hashtag #youtubeblockedinturkey has trended throughout the day on Twitter, which was also blocked last week. A court in Turkey demanded the TIB to lift the ban on Twitter but a decision won’t be decided for several weeks.
Photo by jm3 on Flickr
Over the past decade, the US government has viewed Chinese telecom giant Huawei as a potential security threat to the country, fearing that the company has close affiliations with the Chinese government.
NSA documents provided by Edward Snowden show that the NSA created back-doors into Huawei servers and devices in order to discover if there existed ties between Huawei and the People’s Republic of China (PRC). The operation fell under the codename “Shotgiant” which started in 2007. Hacking into Huawei had the additional opportunity to gather intel other targets such as Iran, Afghanistan, and Pakistan – countries to whom Huawei distributed their technology.
The US government has been proactive in preventing Huawei from entering the US market. In 2008, they blocked Huawei from purchasing 3com and in 2012, the House Intelligence Committee released a report which recommended that “The Committee on Foreign Investment in the United States (CFIUS) must block acquisitions, takeovers, or mergers involving Huawei and ZTE given the threat to U.S. national security interests. Legislative proposals seeking to expand CFIUS to include purchasing agreements should receive thorough consideration by relevant Congressional committees.” [Page 45]
via The New York Times (paywall)
Photo by John Karakatsanis on Flickr
Two days following Edward Snowden’s appearance on TED, deputy director of the NSA Richard Ledgett made a live stream appearance and was interviewed by Chris Anderson on Thursday.
Like many, Ledgett didn’t know Snowden was going to appear on Tuesday. ”The actions he took were inappropriate because he put people’s lives at risk in the long run”, said Ledgett. He argued that Snowden shared crucial tools and capabilities of the NSA with potential adversaries who will circumvent surveillance. He noted that many terrorists and targets have moved away from channels that the NSA can track. Ledgett later explained that the PRISM program was hugely vital to the prevention of targeted attacks on the US.
When Anderson brought up the issue of transparency with the public on their activities, Ledgett responded, “I think people have legitimate concerns about transparency and secrecy”. He admitted that the NSA haven’t done a good job with transparency. Although he held firm on his stance that internal capabilities shouldn’t be shared publicly .
On the topic of the privacy of every day citizens, Ledgett indicated that the NSA have minimization procedures to protect them and that they make sure their privacy is protected. ”If you’re not connected to one of the targets you’re not of interest to us”, said Ledgett.
“Learn the facts… don’t rely on headlines, don’t rely on sound-bytes, don’t rely on one-sided conversations… Look at the data”, said Ledgett in closing.
The full interview is available for viewing from TED below:
photo by Gisela Giardino on Flickr
Documents provided by Edward Snowden and direct sources acquired from the Washington Post indicate that the NSA was capable of recording entire foreign telephone calls. The videos were able to be re-watched for up to 30 days after recording.
Voice surveillance was a part of the MYSTIC program started in 2009 by the NSA. RETRO – short for ‘retrospective retrieval’ was one of many tools in the program which was used to against key targets.
Spokeswoman of the NSA, Caitlin Hayden, did not comment on the specific allegations but said that threats are “often hidden within the large and complex system of modern global communications, and the United States must consequently collect signals intelligence in bulk in certain circumstances in order to identify these threats.”
Many of the bulk collection programs revealed since last summer consisted solely of meta-data, making this program particularly unique.
via The Washington Post