yasha levine has a good new piece about how a lot of funding for privacy/'hacktivist' software projects is not just coming from the USG but actually being channeled through Radio Free Asia
http://pando.com/2015/03/01/internet-privacy-funded-by-spooks-a-brief-history-of-the-bbg/ posted:Here’s a small sample of what the Broadcasting Board of Governors funded (through Radio Free Asia and then through the Open Technology Fund) between 2012 and 2014:
- Open Whisper Systems, maker of free encrypted text and voice mobile apps like TextSecure and Signal/RedPhone, got a generous $1.35-million infusion. (Facebook recently started using Open Whisper Systems to secure its WhatsApp messages.)
- CryptoCat, an encrypted chat app made by Nadim Kobeissi and promoted by EFF, received $184,000.
- LEAP, an email encryption startup, got just over $1 million. LEAP is currently being used to run secure VPN services at RiseUp.net, the radical anarchist communication collective.
- A Wikileaks alternative called GlobaLeaks (which was endorsed by the folks at Tor, including Jacob Appelbaum) received just under $350,000.
- The Guardian Project — which makes an encrypted chat app called ChatSecure, as well a mobile version of Tor called Orbot — got $388,500.
- The Tor Project received over $1 million from OTF to pay for security audits, traffic analysis tools and set up fast Tor exit nodes in the Middle East and South East Asia.
In 2014, Congress massively upped the BBG’s “Internet freedom” budget to $25 million, with half of that money flowing through RFA and into the Open Technology Fund. This $12.75 million represented a three-fold increase in OTF’s budget from 2013 — a considerable expansion for an outfit that was just a few years old. Clearly, it’s doing something that the government likes. A lot.
HenryKrinkle posted:has anyone come up w/ a good rebuttal to "the internet was built with US military funding too"?
yeah when they flew planes into the wtc
swampman posted:HenryKrinkle posted:has anyone come up w/ a good rebuttal to "the internet was built with US military funding too"?
yeah when they flew planes into the wtc
lol
the serious answer is that the DOD funded the early development of the internet but the protocols are all open, there is by all accounts nothing nefarious built in because they are simply a set of platform-agnostic communication standards, and they have been administered by an independent international organisation since 1993 http://en.wikipedia.org/wiki/Internet_Engineering_Task_Force
gyrofry posted:
well yeah, NSA involvement in the crypto group is kind of a separate issue tho.
Petrol posted:swampman posted:HenryKrinkle posted:has anyone come up w/ a good rebuttal to "the internet was built with US military funding too"?
yeah when they flew planes into the wtc
lol
the serious answer is that the DOD funded the early development of the internet but the protocols are all open, there is by all accounts nothing nefarious built in because they are simply a set of platform-agnostic communication standards, and they have been administered by an independent international organisation since 1993 http://en.wikipedia.org/wiki/Internet_Engineering_Task_Force
well sure yes no one is saying "TCP is 0wned by nsa!!11", i think it's more that it seems preposterous to think that a decentralized communication system which was inspired by cold-war-era nuclear war fears didn't catch the full attention of cold-war-era spooks immediately once it became a reality. it would have been prohibitive to do any surveillance right out of the gate but the eye of the establishment would have been on it through its entire development. even the FBI, which seems to be the fumbling clown of the intelligence agencies, had its own surveillance systems in place by at latest the early 90s. internet techs were coming to fruition at the same time as all sorts of crazy shit, counterintelligence was fucking everywhere. i would find it very difficult to believe there hasn't been some usg arm fucking around in the back wires of the internet for decades
i think this is where the hard drive firmware hack story broke out of. is worth it just for the project names
Bablu posted:http://www.spiegel.de/media/media-35661.pdfi think this is where the hard drive firmware hack story broke out of. is worth it just for the project names
this is relevant to the firmware thing but the solid proof of firmware hacks was from a kaspersky report on actual malware they had disassembled ( http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/Equation_group_questions_and_answers.pdf ). this doc basically just shows that nsa was soliciting interns to produce these hacks as a project five years ago or whatever
e. to be clear this was def nsa i just read this stuff obsessively and like to understand Context
Edited by cutie ()
Bablu posted:http://www.spiegel.de/media/media-35661.pdfi think this is where the hard drive firmware hack story broke out of. is worth it just for the project names
wow, i haven't seen this before. phew
also, KIRKBOMB
Petrol posted:e:
yasha levine has a good new piece about how a lot of funding for privacy/'hacktivist' software projects is not just coming from the USG but actually being channeled through Radio Free Asia
http://pando.com/2015/03/01/internet-privacy-funded-by-spooks-a-brief-history-of-the-bbg/ posted:
Here’s a small sample of what the Broadcasting Board of Governors funded (through Radio Free Asia and then through the Open Technology Fund) between 2012 and 2014:
Open Whisper Systems, maker of free encrypted text and voice mobile apps like TextSecure and Signal/RedPhone, got a generous $1.35-million infusion. (Facebook recently started using Open Whisper Systems to secure its WhatsApp messages.)
CryptoCat, an encrypted chat app made by Nadim Kobeissi and promoted by EFF, received $184,000.
LEAP, an email encryption startup, got just over $1 million. LEAP is currently being used to run secure VPN services at RiseUp.net, the radical anarchist communication collective.
A Wikileaks alternative called GlobaLeaks (which was endorsed by the folks at Tor, including Jacob Appelbaum) received just under $350,000.
The Guardian Project — which makes an encrypted chat app called ChatSecure, as well a mobile version of Tor called Orbot — got $388,500.
The Tor Project received over $1 million from OTF to pay for security audits, traffic analysis tools and set up fast Tor exit nodes in the Middle East and South East Asia.
In 2014, Congress massively upped the BBG’s “Internet freedom” budget to $25 million, with half of that money flowing through RFA and into the Open Technology Fund. This $12.75 million represented a three-fold increase in OTF’s budget from 2013 — a considerable expansion for an outfit that was just a few years old. Clearly, it’s doing something that the government likes. A lot.
read this article
Petrol posted:http://pando.com/2015/03/01/internet-privacy-funded-by-spooks-a-brief-history-of-the-bbg/ posted:Here’s a small sample of what the Broadcasting Board of Governors funded (through Radio Free Asia and then through the Open Technology Fund) between 2012 and 2014:
- Open Whisper Systems, maker of free encrypted text and voice mobile apps like TextSecure and Signal/RedPhone, got a generous $1.35-million infusion. (Facebook recently started using Open Whisper Systems to secure its WhatsApp messages.)
haha glennnnn greenwald's blog just pimped the new version of signal. nary a word about where moxie & co get their money from https://firstlook.org/theintercept/2015/03/02/signal-iphones-encrypted-messaging-app-now-supports-text/
c_man posted:if the control rooms in modern DoD/intel communities are based on star trek i cant wait to see the ones based off of zero wing
you won't be laughing anymore when you see CATS, the covert anti-terrorist surveillance system
Urbandale posted:.custom274628{color:#000000 !important; background-color:#EB9BA8 !important; }Petrol posted:e:
yasha levine has a good new piece about how a lot of funding for privacy/'hacktivist' software projects is not just coming from the USG but actually being channeled through Radio Free Asia
http://pando.com/2015/03/01/internet-privacy-funded-by-spooks-a-brief-history-of-the-bbg/ posted:
Here’s a small sample of what the Broadcasting Board of Governors funded (through Radio Free Asia and then through the Open Technology Fund) between 2012 and 2014:
Open Whisper Systems, maker of free encrypted text and voice mobile apps like TextSecure and Signal/RedPhone, got a generous $1.35-million infusion. (Facebook recently started using Open Whisper Systems to secure its WhatsApp messages.)
CryptoCat, an encrypted chat app made by Nadim Kobeissi and promoted by EFF, received $184,000.
LEAP, an email encryption startup, got just over $1 million. LEAP is currently being used to run secure VPN services at RiseUp.net, the radical anarchist communication collective.
A Wikileaks alternative called GlobaLeaks (which was endorsed by the folks at Tor, including Jacob Appelbaum) received just under $350,000.
The Guardian Project — which makes an encrypted chat app called ChatSecure, as well a mobile version of Tor called Orbot — got $388,500.
The Tor Project received over $1 million from OTF to pay for security audits, traffic analysis tools and set up fast Tor exit nodes in the Middle East and South East Asia.
In 2014, Congress massively upped the BBG’s “Internet freedom” budget to $25 million, with half of that money flowing through RFA and into the Open Technology Fund. This $12.75 million represented a three-fold increase in OTF’s budget from 2013 — a considerable expansion for an outfit that was just a few years old. Clearly, it’s doing something that the government likes. A lot.
read this article
it is actually entirely possible that the us gov cares more about regime change than internal US security and funding these things makes sense. it is hypocritical of the people running these services tho and scary, but i would still say them receiving gov funding doesn't mean theres a CIA backdoor. anyone using tor already knows that the CIA could put effort in and setup a malicious onion or whatever to man-in-the-middle them
chickeon posted:malicious onion is the name of my piece of shit band, and yes we do wear diapers
cars posted:not a lot of people know this but russia passed a law recently saying russians' digital personal data has to live on servers within russia's borders, directly following what morozov says about going against the Brussels line and establishing centers that can be controlled before you try to control them. the reason not a lot of people know about that is because it will be a cold day in hell before an american internet company cares what the government of russia says it can or can't do.
followup:
Smartphone users in Russia can no longer download the LinkedIn app on iPhone or Android devices, following a similar move in China to block The New York Times app on iPhones.
The demand by Russian authorities to remove LinkedIn in Apple and Google app stores comes weeks after a court blocked the professional networking service for flouting local laws that require internet firms to store data on Russian citizens within the nation’s borders.
the next paragraph in this article is so dogshit crazy even for the NYT that i'm not going to post it here because people will think i'm trying to rip off tpaine's article edits.
cars posted:the next paragraph in this article is so dogshit crazy even for the NYT that i'm not going to post it here because people will think i'm trying to rip off tpaine's article edits.
i was going to give you shit about having to make me/everyone click through but you weren't exaggerating. the distance between that paragraph and the one preceding is amazing lol
also
“Apps are the new choke point of free expression,” said Rebecca MacKinnon, who leads a project on open internet tracking at New America.
What a bunch of pandering horseshit, who the fuck are these New America dweebs?
$1,000,000+ donors include the Ford Foundation, notorious spook vehicle.
$250,000–$999,999 donors is a long list including Google, Microsoft, a grab bag of neoliberal vanity Foundations and think tanks, Radio Free Asia, and oh yeah the United States Agency for International Development and US Department of State.
So New America, is in fact, just America.
https://meduza.io/feature/2016/09/15/roskomnadzor-zablokiroval-moy-lyubimyy-sayt-chto-delat
shriekingviolet posted:notorious spook vehicle
great username
“Apps are the new choke point of free expression,” said Rebecca MacKinnon, who leads a project on open internet tracking at New America.
https://www.theregister.co.uk/2017/11/10/cia_kaspersky_fake_certs_ploy/ posted:The CIA wrote code to impersonate Kaspersky Labs in order to more easily siphon off sensitive data from hack targets, according to leaked intel released by Wikileaks on Thursday.
Forged digital certificates were reportedly used to "authenticate" malicious implants developed by the CIA. Wikileaks said:
Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.
Eugene Kaspersky, chief exec of Kaspersky Lab, sought to reassure customers. "We've investigated the Vault 8 report and confirm the certificates in our name are fake. Our customers, private keys and services are safe and unaffected," he said.
Hackers are increasingly abusing digital certs to smuggle malware past security scanners. Malware-slinging miscreants may not even need to control a code-signing certificate. Security researchers from the University of Maryland found that simply copying an authenticode signature from a legitimate file to a known malware sample – which results in an invalid signature – can result in antivirus products failing to detect it.
Independent experts reckon the CIA used Kaspersky because it's a widely known vendor.
Martijn Grooten, security researcher and editor of industry journal Virus Bulletin, said: "The CIA needed a client certificate to authenticate its C&C comms, couldn't link it to CIA and used 'Kaspersky', probably just because they needed a widely used name. No CA hacking or crypto breaking involved. Clever stuff, but not shocking. Not targeted against Kaspersky."
that last part is a rather generous interpretation tho lol
aerdil posted:i got viciously dragged recently on facebook because i called pussy riot a bunch of spooks and all the younger millennials only associate it with the racist connotation or stirner lol oops
i dont really think of todays youth as being 'into' stirner to be honest