nsa – Page 4 – Stilgherrian

11 July 2013

Talking NSA and spying on The Project

Screenshot from The Project, 8 July 2013 The revelation that the US National Security Agency (NSA) was engaged in such comprehensive spying of American citizens and their allies, some of it possibly unconstitutional, continues to make headlines.

The focus has not narrowed to the manhunt for Edward Snowden as I’d feared. Instead, there’s a steady stream of mainstream news stories as new details emerge — including my third appearance on Channel TEN’s The Project on Monday night.

On the previous two occasions, when I was talking about cyberwar and crimefighting smartphones respectively, I was chatting with the presenters. Since they’re in Melbourne, that involved sitting in front of a green screen and looking down the barrel of a camera as if it’s your best friend.

But this time my comments were to be included in a stand-alone “package”, as they’re called, along with comments from Fairfax journalist Philip Dorling and others. So a videographer came to my hotel room on Friday afternoon to shoot me at my desk, while the Melbourne-based journalist asked me questions via speakerphone — and I looked toward a yellow piece of paper that indicated where the journalist might have been standing had he actually been there.

Ah, the magic of television!

The video of the three-and-a-half minute segment, including comments fore and aft by the presenters, is over the fold.

Continue reading “Talking NSA and spying on The Project”

30 June 201311 July 2013

Weekly Wrap 160: Black dog, black sky and more NSA

My week Monday 24 to Sunday 30 June 2013 was rather complicated, at least emotionally.

As will be explained ~~tomorrow~~ on ~~Tuesday~~ Thursday.

Nevertheless, I managed to create some media objects along the way. And here they are.

Podcasts

I’m very pleased to have launched my new podcast and website, Corrupted Nerds.

Corrupted Nerds: Conversations 1, a conversation with Eugene Kaspersky, founder and CEO of Kaspersky Lab. If we’re going to be accurate, then this was really published in the previous week. But I forgot. So sue me.
Corrupted Nerds: Extra 1, being Senator Brett Mason’s “corrupted nerds” speech in the Australian Senate from 21 August 2012, which inspired the title. This was published last week too.
Corrupted Nerds: Conversations 2, a chat with Sean Richmond, senior technology consultant from Sophos Australia and New Zealand, about personalised malware, defense in depth, and why advanced persistent threats (APTs) and cyberwar are over-hyped.

I have yet to arrange any funding for this podcast, so I’ll be seeking that soon — and I’d be more than happy to hear your suggestions.

Articles

Remember the NSA? Snooping is the real story, Crikey, 25 June 2013, in which I point out that the global hunt for Edward Snowden is in fact a distracting narrative.
Beyond Conroy: Australia’s future internet politics, ZDNet Australia, 28 June 2013, in which I look at the issues that will need to be tackled by any future Australian communications minister.
Schneier joins EFF board in wake of NSA scandal, CSO Online, 28 June 2013. Bruce Schneier’s EFF move sends a powerful message.

Media Appearances

None.

Corporate Largesse

Since Saturday 8 June I’ve been using Vodafone’s new 4G network while in Sydney, and their existing 3G network while in the Blue Mountains, with a Samsung Galaxy S4 handset that they’ve loaned me. ~~I’ll be writing about my experiences on Monday.~~ [Update 2 July 2013: I’ve just posted my write-up of my experiences. Yeah, it’s Tuesday.

The Week Ahead

The new financial year starts on Monday, so I daresay the morning will be full of administrivia. I’ll then be heading down to Sydney, because…

On Tuesday morning I’m attending a discussion on data sovereignty and the cloud, hosted by data centre firm NEXTDC, along with financial services company Aon and law firm Baker & McKenzie. That will be followed at the same event by the launch of the University of New South Wales’ report Data Sovereignty and the Cloud — A Board and Executive Officers’ Guide. I’ll be reporting this for someone, but as yet I don’t know who that will be.

I’ll be in Sydney again later in the week, probably Thursday, for a medical appointment, but that’s not confirmed yet. When it is, I’ll arrange my writing and media production schedule around that. There’s definitely stories to write for ZDNet Australia and CSO Online, plus an episode of Corrupted Nerds, and there’ll certainly be things that pop up along the way.

And then the weekend is unplanned.

[Photo: Sydney under the clouds, photographed from the Rydges Camperdown hotel in Sydney on 25 June 2013.]

18 June 2013

Weekly Wrap 158: NSA and all the cybers, mostly

My week Monday 10 to Sunday 16 June 2013 was dominated by the US National Security Agency (NSA). Well, by the news pertaining thereto. Funny world.

I can’t be arsed writing about that any further today. Here’s the links, and you can ask me questions and initiate conversation in the comments. Which I may ignore.

You post your comments, you take your chances.

Articles

Australia’s quiet role in the NSA spying scandal, Crikey, 11 June 2013.
How to keep the NSA out of your email, Crikey, 12 June 2013.
Google versus the NSA, choice versus trust, ZDNet Australia, 14 June 2013.

Media Appearances

None.

Corporate Largesse

On Wednesday I attended the Sydney launch of Intel’s 4th Generation Core processors at the Museum of Contemporary Art. There was food and drink.

[Photo: NSA’s Decipher Dog character, part of the agency’s kids outreach program.]

08 June 201326 August 2020

Hillary’s mangoes, no NSA involved

[I was in a bit of a mood on Thursday, so when The Guardian broke the news that the NSA has been collecting the phone records of American citizens, my tolerance for political arsehattery was nonexistent. Calls for street protests? Bah! My countermove was to tweet a bunch of nonsense, which is posted here as prose.]

Maybe if we all run around like headless chooks, Mr Obama will say “Oh, sorry” and disband the NSA. And then Mr Obama will mount his trusty cyberpig and fly to the Moon, leaving behind a chemtrail of glitter and Bitcoins.

But look, headless chooks are the important bit. The more rushing around and screeching you can manage, the sooner the cyberpig lifts off. And quite frankly, Obama’s first term was a big disappointment as far as glitter showers go.

By comparison, I imagine that on weekends Hillary Clinton pumps out a steady stream of glitter. Like a Queen Ant, kinda.

Nyan Cat was DARPA’s prototype for that. DARPA’s main challenge was making it come out as glitter. When Hillary gets steam up, there’s no telling what it’ll be. Hummus, sometimes. Whipped cream.

One day it was just mangoes. Whole mangoes. Three a second, hour after hour. Secret Service guys took the whole weekend to clear the mess.

Then they had to figure out a cover story. Why were there mangoes smeared all the way down Pennsylvania Avenue? Eventually they decided just to tell everyone it was Madeleine Albright’s fault, so the press corps obviously bought that.

There’s a reason trams never took off in Washington.

[Photo: Mangoes by Flickr user umstwit, used under a Creative Commons Attribution 2.0 Generic license.]

26 May 201326 May 2013

AusCERT 2012 and the militarisation of cyberspace

I didn’t make it to information security conference AusCERT 2013 this year. I’m about to read what’s been written and compile a list — but first, a reflection on what happened in 2012.

When I look back two years to what I wrote from AusCERT 2011, I’m reminded that we were just getting our head around the implications of the Stuxnet worm. Not only was malware being written by organised criminals, and we were facing an explosion of anti-banking malware and mobile malware, and looking ahead to when an angry child might deploy malware against their neighbours — we were now made well aware that malware was also being written by nation states with budgets in the millions of dollars and beyond.

But looking through the list (below) for AusCERT 2012, what jumps out is the emphasis on the militarisation of information security, as well as the emphasis in the scale of criminal activities. I won’t expand on that, because the conversation with AusCERT general manager Graham Ingram speaks for itself.

Articles from AusCERT 2012

AusCERT 2012: DNS poisoning the ‘thin end of a wedge’, ZDNet Australia, 17 May 2012.
AusCERT 2012: Russian crims evade transaction profiling, ZDNet Australia, 17 May 2012.
AusCERT 2012: NSA, FBI split on comms intercepts, ZDNet Australia, 21 May 2012.
The dawn of the cyber posse, ZDNet Australia, 28 May 2012.

Podcasts from AusCERT 2012

Patch Monday episode 139, “War talk dominates AusCERT 2012”, the first of two episodes based on material recorded at the information security conference. The overall theme is that infosec is becoming militarised. We no longer talk about “information assurance” but “defensive cyber operations”. Click through for the full list of speakers.
Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Bonus Extra Video

After the conference, my flight back to Sydney was delayed. With the need to kill some time, this video was the result.

5 Conference Tips for PR Professionals, an impromptu video message from Gold Coast airport.

~~My compilation of reports from AusCERT 2013 will be posted later today.~~ My compilation of reports from AusCERT 2013 is now online.

27 October 201226 August 2020

ASIO’s got it easy, says terrorism expert

“ASIO don’t seem to realise how privileged they are compared to intel orgs in other Western democracies,” tweeted terrorism researcher Andrew Zammit (pictured) yesterday.

Zammit is a researcher at the Global Terrorism Research Centre (Monash University) and Australian Policy Online (Swinburne University), and he was responding to my blog post from yesterday, â€œInsulted, ASIO? That’s not really the problem, surely?â€ and the attached podcast.

Here are his subsequent tweets, turned into continuous prose:

CIA for example has ongoing congressional oversight (of actual operations) as opposed to our occasional parl[iamentary] inquiries, people can FOI CIA docs only a few years old (ASIO has 20-30 year exemption) and some of the CIA’s analytical roles are transparent, as in analysts will have CIA business cards whereas even an ASIO kitchen hand’s identity will be kept secret. And CIA isn’t even a domestically-focused agency. So yes, ASIO needs to be less precious about being asked questions.

I agree. From the perspective of the United States I’m a foreign national, yet I’ve spoken with officers from the FBI, NSA and the Secret Service — all of whom had business cards with their full names. The closest I’ve gotten in Australia is chatting briefly with a DSD chap, one of two attending Linux.conf.au in January this year — given names only, and I suspect that those given names were really in scare quotes.

The excuse always given is “operational security”, but I do think the world has changed. The tools and methods are surely not so different from SEKRIT agencies to private-sector security companies and even analysis in non-security realms, given that so much technology is now available off the shelf to all comers.

Surely these days OPSEC is more about protecting sources and the specific operations that are or are not being conducted?

Of course I really don’t know this stuff. I’ve never worked in this field. I’ve never even held a security clearance. I’m just an interested bystander mouthing off. But I am intrigued.