“Many scientists are concerned that we face an imminent digital dark age in which decades of taxpayer-funded observations and scientific research are deleted or buried,” Matthew Huber, a professor and climate scientist at Purdue University, told me in an encrypted email. “The main mechanisms currently used for dissemination of climate data (such as NASA, EPA or NOAA websites) tend to have single points of failure.”

If you’re an American scientist who’s worried that your data might get censored or destroyed by Trump’s radically anti-science appointees, here are some technologies that could help you preserve it, and preserve access to it.

• You can use a file-sharing technology called BitTorrent to ensure that your data always remains available to the public, with no simple mechanism for governments to block access to it.
• You can use Tor onion services — sometimes referred to as the dark web — to host websites containing your data, research, and discussion forums that governments can’t block access to — and that keep your web server’s physical location obscure.
• And you can use OnionShare, an open source tool that I developed, to securely and privately send datasets to your colleagues to hold onto in case something happens to your copy, without leaving a trace.

About BitTorrent

The BitTorrent peer-to-peer file-sharing protocol was invented in 2001, and people quickly began using it to illegally swap music, movies, and software — as well as legally distribute large files such as Linux operating systems. While the copyright industry waged a successful war against file-sharing services like Napster, LimeWire, and KaZaA, it failed to shut down BitTorrent, which as of 2012 had an estimated quarter of a billion users, with no signs of slowing down.

Why is it that some of the world’s wealthiest corporations failed to bring down BitTorrent? Because it’s decentralized. With traditional file-sharing services, one computer on the internet hosts data, and all other computers connect to that host to download the data. If governments want to censor that data, all they have to do is bring down one host — and they have the technical, legal, and economic tools at their disposal to do this.

But with BitTorrent, data is hosted in swarms. If you want to download some data, you join the swarm and become a peer. You download pieces of the data that you need from other peers in the swarm, and in return, you upload pieces of data you already have to peers who need it. Once you have all of the data, you can choose to remain in the swarm and continue sharing with peers, which makes you a seed. The more popular the data, the bigger the swarm, the faster the downloads. Traditional means of censoring access to this data become unwieldy. It’s hard to block access to every computer in a swarm (they can grow to have tens of thousands of peers), and nothing stops more peers from joining. There’s no single entity to sue or pressure financially. And swarms often consist of computers distributed around the world, so national laws can’t actually achieve the censorship they might hope to.

There is nothing illegal about using BitTorrent to share files that you’re legally allowed to share (in fact, companies like Blizzard Entertainment have adopted the technology themselves to distribute large video games they make). If you work for a university or government agency that distributes scientific datasets, BitTorrent is an excellent option to distribute them. Not only will it make the data harder to censor, it will also allow researchers to download it quicker, and it will reduce your organization’s bandwidths costs because bandwidth will be shared throughout the BitTorrent swarm.

How to use BitTorrent to share your data with the public

To get started, you need to install a BitTorrent client. There are many options, and I like Transmission because it’s open source and minimalist, but you can use whichever one you like best — the instructions are similar no matter what client you use.

Open Transmission, and click File > Create Torrent File. Then browse your disk until you find the data you’d like to share (for this example, I’m sharing a folder with over 5 gigabytes of climate data that I downloaded from the National Oceanic and Atmospheric Administration). Then you’ll need to cut and paste some trackers, which are odd-looking URLs that help facilitate peers finding one another in a swarm. There are many public trackers out there, but I’m using the ones suggested by OpenBitTorrent to paste into the trackers box.

Click Create to make a “.torrent” file. This will create a relatively small file, basically an index of the data you’re sharing. Then, open the torrent file in Transmission. That begins the seeding process, which makes it possible for your data to be widely distributed and available. Once you’ve created and started seeding a torrent, the next step is to publicize it. Email the torrent file to your colleagues and share it on social media. To download your data, they’ll need to install their own BitTorrent client.

Until enough people download your data — and in doing so become distributors themselves — you’ll need to keep your BitTorrent client open and your computer on as much as possible, so that others can download copies of it from you. Ask colleagues in science-friendly countries if they’re willing to download your data and continue to host it, too. You can also rent servers on the internet called seedboxes to do this, so that your data will always be available to others even when your computer isn’t online.

You might also be interested in using Academic Torrents to share your research and datasets.

About Tor onion services

Tor is a decentralized network of servers, run by volunteers around the world, that helps people bypass internet censorship, evade internet surveillance, and access websites anonymously. Most people use Tor to hide their identity from websites that they visit, but Tor also allows websites themselves to hide their identities from the public — or, more accurately, to hide their IP addresses, and by extension exactly where they’re hosted. These are called Tor onion services, also known as hidden services. You also might have heard this type of website referred to as the “dark web.”

Whatever you call it, onion services are perfect for hosting websites that you don’t want to be censored, such as sites that host scientific datasets, research papers, and discussion forums. It’s impossible for governments or ISPs to block access to specific onion websites — the best they can do is follow China’s lead and try to block access to the entire Tor network itself. Even then, there are ways to bypass the Great Firewall of China to connect to Tor.

Tor Browser is a web browser, like Chrome or Firefox, but all of its internet traffic goes over the Tor network. If you type in the URL https://www.whitehouse.gov/ in your normal web browser, the White House will be able to see that your IP address is visiting its website. But if you type that URL into Tor Browser, an encrypted copy of your web request will bounce around the world through multiple Tor servers before finally exiting the Tor network, and the White House will only know that an anonymous Tor user visited its website.

Similarly, if you type the URL of a Tor onion service into Tor Browser, it will also bounce an encrypted copy of your request around the world, but this time through twice as many Tor servers, and your request will never exit the Tor network. Instead, it will end up directly at the onion service, completely encrypted, and completely anonymous. For example, The Intercept’s SecureDrop server, which you should use if you’d like to blow the whistle on the Trump administration’s war on science, is a Tor onion service with the URL https://y6xjgkgwj47us5ca.onion/. That URL is only accessible through Tor Browser — it’s impossible to connect to it using your normal browser. The Intercept can’t tell the real IP addresses of anyone who visits it, the public doesn’t know its real IP address either, and the government can’t tell when someone visits it, and can’t block access to it without blocking access to the entire Tor network.

Finally, no software is perfect. The FBI has successfully discovered where onion services are hosted, and who is behind them, in the past. If you’re hosting a website with scientific datasets and you’re concerned that the U.S. government might try to censor you, it’s safest to choose a hosting company, or host your website at a university, that’s physically outside of the United States.

How to host hidden websites using Tor onion services

This one’s a bit more complicated, because you need to set up a new web server first. Many scientists, of course, already have their own web servers and know how to do that, but you might need to find a friend who can do it for you. You can find instructions that systems administrators can follow for setting up and configuring a Tor onion service here. After you’ve set up your onion service, it’s a good idea to scan it with OnionScan, a tool that helps you weed out human errors you might have made that could help an attacker discover the true IP address, or other identifying information, about your website.

About OnionShare

I developed OnionShare to help journalists share sensitive documents with one another and to help sources leak documents to journalists. Investigative journalists at The Intercept use it on a regular basis. But anyone can use it anytime to securely send files over the internet. If you have data that’s not ready to publish, or otherwise isn’t public, but you want to preserve it in case someone forces you to destroy it, OnionShare can help you send it to a trusted colleague, potentially in another country.

OnionShare works by hosting what is essentially a temporary website directly on your own computer that contains nothing but a download link to the files you’re sharing, and then it makes this website accessible as a Tor onion service, giving you a URL that looks something like http://ulytjzbc4gk3tye2.onion/shout-ongoing.

Your colleague loads this URL in Tor Browser — loading the website hosted directly on your computer — and downloads the file. As soon as the download finishes, OnionShare immediately shuts down the website, making that URL disappear from the dark web forever.

Because it uses Tor onion services, sending very large files could take several hours. But despite that speed, it has some benefits over traditional ways that people often send large files, such as using services like Dropbox or Google Drive. Like BitTorrent, OnionShare is decentralized. There’s no central service or third party company or anyone else that has access to any files you share. If someone is actively monitoring your or the recipient’s internet access, all they can tell is that you’re doing something on Tor — not that you’re using OnionShare to send a file.

How to use OnionShare to securely share private data with colleagues without leaving a trace

To get started, download and install Tor Browser and OnionShare onto your computer. Open Tor Browser — you need it to be open in the background so that OnionShare can use its connection to the Tor network. Then open OnionShare and drag the data you’d like to share into the window (for this example, I’m sharing the Center for Disease Control’s 2014 National Immunization Survey dataset). Then click Start Sharing.

OnionShare will give you an onion URL to share. The next step is to send this URL to your trusted colleague. If you’re trying to do this without leaving a trace, it’s safest to talk to your colleague about this using an encrypted messaging app, like Signal — in fact, this would be a good time to use Signal’s disappearing messages features, so that your communication about preserving your data will automatically get deleted from both of your phones.

When your colleague receives your message, they need to open up Tor Browser on their own computer and go to that URL. They’ll connect directly to the website hosted on your computer. Note that if your computer isn’t on, your colleague won’t be able to load the website until you wake it up and connect to the internet again, so you need to agree on when to send your data.

As soon as your colleague finishes downloading the data, it will disappear from the internet, without anyone besides the two of you knowing that you sent this data at all.

Top photo: Equipment aboard a DC-8 jet used by NASA as a flying laboratory to study the impact of air pollution on the Arctic’s atmospheric chemistry and changing climate.

The post How Scientists Can Protect Their Data From the Trump Administration appeared first on The Intercept.

An IP address is a set of numbers that identifies a computer, or a network of computers, on the internet. Each time someone loads my website, it logs their IP address. So I searched my web server logs for the suspicious IP addresses, and I was shocked to discover over 80,000 web requests from IPs used by the Russian hackers in the last 14 months! Digging further, I found that some of these Russian hackers had even posted comments (mostly innocuous technical questions)! Even today, several days after publication of the report (which used a codename for the Russian attack, Grizzly Steppe), I’m still finding these suspicious IP addresses in my logs — although I would expect the Russians to stop using them after the U.S. government exposed them.

What is happening? Are elite Russian hackers regular readers of my blog? Am I under cyber attack?

I found out, after some digging, that of the 876 suspicious IP addresses that the Department of Homeland Security and the Department of National Intelligence put on the Russian cyber attacker list, at least 367 of them (roughly 42%) are either Tor exit nodes right now, or were Tor exit nodes in the last few years. I have a lot of regular readers who are Tor users, and I’m pretty sure they’re not all Russian hackers. So the quick answer to the mystery of my website apparently being attacked by nefarious IP addresses listed in the U.S. report is that the Russians, along with many thousands of others, just happened to use the Tor IP addresses that my regular readers used (and still use).

Tor is a decentralized network of servers, called nodes, that help people bypass internet censorship, evade internet surveillance, and access websites anonymously. Today, there are over 7000 nodes in the Tor network (about 1000 of those are “exit nodes”), distributed geographically around the world, and run by volunteers (I run a few myself). Tor Browser is a web browser, like Chrome or Firefox, but all of its internet traffic goes over the Tor network. If you type in the URL https://www.fbi.gov in your normal web browser, the IP address of your current internet connection will end up in the FBI’s web server logs. But if you type that URL into Tor Browser, an encrypted copy of your web request will bounce around the world through multiple Tor nodes before finally exiting the Tor network, and the IP address of a Tor exit node will end up in the FBI’s logs, rather than the network you’re currently connected to.

Since nearly half of the IP addresses in the Grizzly Steppe report are actually just Tor exit nodes, this means that anyone in the world — not just Russian hackers — can use the internet from those IP addresses. In fact, if you open Tor Browser and visit a website right now, there’s a pretty decent chance that you’ll be using the internet from one of those suspicious IP addresses.

It’s plausible that Russian hackers use Tor to hide their real IP addresses when they do attacks, and this is likely why these IP addresses ended up in the Grizzly Steppe report. But finding these IPs in your web server logs (like I did for my website) does not mean that the Russians are attacking you. Tor has over 1.5 million daily users around the world — about a third of a million of them are in the United States. If you see a Tor IP address in your logs, you know that a Tor user visited your website, and that’s it.

In other words, if you’re a network administrator and you discover one of the suspicious IP addresses used by Russian hackers on your network, it likely doesn’t mean anything at all. It certainly isn’t proof that the same elite Russian hackers who compromised the Democratic National Committee and John Podesta’s email are also targeting your company. (For example, Russian hackers did not penetrate the U.S. electricity grid through a utility company in Vermont, even though a company laptop made a connection to an IP address in the Grizzly Steppe report.)

But before I figured all of this out, I really wanted to know what the Russians were (apparently) doing on my blog. After digging, I discovered this in my logs:

93.115.95.202 - - [09/Mar/2016:16:19:07 -0500] "GET /files/tmp/fingerprints.txt.asc HTTP/1.1" 200 13141 "-" "PycURL/7.21.5 libcurl/7.47.0 GnuTLS/3.4.9 zlib/1.2.8 libidn/1.32 libssh2/1.5.0 nghttp2/1.8.0 librtmp/2.3"

The first part of this log is an IP address, “93.115.95.202,” followed by the date that the request was made, March 9, 2016, followed by the URL that was being requested, in this case https://micahflee.com/files/tmp/fingerprints.txt.asc, and finally followed by a complicated user agent string that isn’t important right now. I knew exactly what that web request was because I’m the one who made it, using Tor. I put that file, “fingerprints.txt.asc,” on my web server, to help me test out a piece of software I was developing. No one else could have made that web request, because no one else knew that temporary URL.

It turns out, when I downloaded that file from my own website while using Tor, I came from the IP address “93.115.95.202.” But, according to the Grizzly Steppe report, if I find this IP address in my logs, that’s evidence that I’m a target for Russian cyber attacks. Does this mean that I’m an elite Russian hacker and I just didn’t realize it?

I set out to figure out exactly how many of the suspicious IP addresses listed in the Grizzly Steppe report actually just belong to Tor exit nodes. All Tor nodes that make up the Tor network are completely public. You can visit this page to see a list of the current Tor exit node IP addresses. But since the Tor network is run by volunteers, the list of nodes constantly changes — people running old nodes decide to shut them down, and other people start up new nodes. So I used the Internet Archive’s Wayback Machine to download each historical list of Tor exit nodes available, beginning in September 2014.

I found a total of 7,854 IPs that were, in recent years, Tor exit nodes, and I compared it to the list of 876 IPs that were published with the Grizzly Steppe report. I found 367 IP addresses in common — in other words, at least 367 of the suspicious IP addresses are, or were, Tor exit nodes. And after this story was posted, I was alerted to an even better data set, assembled by the Tor Project’s CollecTor, that showed more Tor nodes: it turns out that 426 of the IP addresses in the Grizzly Steppe report are historical Tor nodes, so it’s actually 49% rather than 42%.

It’s plausible, and in my opinion likely, that hackers under orders from the Russian government were responsible for the DNC and Podesta hacks in order to influence the U.S. election in favor of Donald Trump. But the Grizzly Steppe report fails to adequately back up this claim. My research, for example, shows that much of the evidence presented is evidence of nothing at all.

If Vladimir Putin, the Russian leader, is truly responsible for manipulating the U.S. election, and if the Obama administration wishes to prove its case, it needs to publish actual smoking-gun proof, such as intercepted emails or phone calls from within the Kremlin, or more complete technical details that connect dots directly to the Russian government, rather than to a Tor node that thousands of people use.

Of course it’s unlikely the Obama administration will do this. But if you have access to any of this evidence, please share it with us using SecureDrop.

Update: January 5, 2017

This piece was updated with new information from CollecTor on the number of Tor nodes in the Grizzly Steppe report.

The post The U.S. Government Thinks Thousands of Russian Hackers May Be Reading My Blog. They Aren’t. appeared first on The Intercept.

By the first half of 2004, the National Security Agency was drowning in information. It had amassed 85 billion phone and online call records and cut the ribbon on a new hacking center in Hawaii — but it was woefully short on linguists who could make sense of captured communications and lacked enough network analysts to effectively monitor all the systems it had hacked.

The signals intelligence collected by the agency was being used for critically important decisions even as NSA struggled to understand it. Some bombs in Iraq were being targeted based entirely on signals intelligence, a senior NSA official told staff at the time — with decisions being made in a matter of “minutes” with “less and less review.”

Information overload is just one of several themes running through 262 articles from the NSA’s internal news site, SIDtoday, which The Intercept is now releasing after careful review. The documents also detailed an incident in which the Reagan administration appears to have leaked classified intelligence to the press for political purposes, described in an accompanying article by reporter Jon Schwarz.

SIDtoday articles published today also describe how the NSA trained FBI agents, enabled U.S. intervention in Latin America, and, with the help of a gifted analyst at the Defense Intelligence Agency, learned the value of simply reading information that was already public. One document even suggests that NSA personnel routinely got dangerously chatty at restaurants near headquarters. These stories and more are described in the highlights reel below. The NSA declined to comment.

Dropping Bombs in Iraq “With Less and Less Review”

A top NSA official disclosed in a January 2004 SIDtoday column that U.S. forces were “dropping bombs” based entirely on signals intelligence, the type of intelligence collected by the agency. He then implied that the American officers involved risked prosecution for war crimes.

Charles Berlin, chief of staff in the Signals Intelligence Directorate, recounted an anecdote about a former commander of his who, in one session in the winter of 1995-96, personally reviewed more than 100 possible airstrike targets in the Balkans. The commander’s motivation, Berlin said, was to protect his underlings from being prosecuted for war crimes, and his actions “really brought home the concepts of responsibility and accountability.”

“For us today this lesson is especially important,” he added. “The planning cycle for dropping a bomb has compressed from a day to minutes and the criterion for the aiming point has less and less review.”

“As many of you know, our forces in Iraq are dropping bombs on the strength of SIGINT alone. We are proud of their confidence in us, but have you ever considered the enormous risk the commanders are assuming in this regard? Are you ready to share that risk?”

An Iraqi family looks out the front gate of their home following a car bomb on Nov. 19, 2004, in Baghdad.

Photo: Marwan Naamani/AFP/Getty Images

Inside the NSA’s Call-Logging Machine

Among the ways the NSA identified potential terrorists was through a practice known as “information chaining,” which uses communications metadata to draw a social graph. And there’s no question the agency had lots of metadata: As of 2004, the NSA had amassed a database of more than 85 billion metadata records related to phone calls, billing, and online calls — and was adding 125 million records a day, according to a January 2004 SIDtoday article titled “The Rewards of Metadata.”

The database, known as FASCIA II, would at some unspecified point in the future begin processing 205 million records a day and storing 10 years of data, the article added. One of the world’s largest Oracle databases at the time, FASCIA II held metadata records from telephone calls, wireless calls, billing, the use of media over the internet, and high-powered cordless phones, with plans to add email metadata in the future.

The article explained that metadata is used by the agency in the process of “information chaining,” in which analysts spy on relationships between people. It further claimed that two senior al Qaeda operatives had been captured with the help of such techniques. A March 2004 SIDtoday article said a chaining tool called MAINWAY helped a counterterrorism analyst uncover six new “terrorist-related numbers.”

Short on Linguists, NSA Struggled to Understand Targets

It’s one thing to collect phone calls, email messages, and other signals intelligence. It’s quite another to make sense of it. Several SIDtoday articles from the first half of 2004 made clear that the NSA was falling far short in its attempts to process communications conducted in languages other than English.

Only half of the agency’s more than 2,300 “language missions” worldwide had qualified personnel, according to a June 2004 SIDtoday article by an NSA “senior language authority.” The author declared that “this shortcoming must be rectified.” An NSA report to an oversight council, quoted in the article, said that the lack of qualified language analysts was particularly acute in the “Global War on Terrorism.”

Exacerbating the situation was the fact that captured communications require a high level of linguistic proficiency to understand. “The cryptologic language analyst must be able to read and listen ‘between the lines’ to unformatted, unpredictable discourse,” as the article put it. Only a quarter of military cryptologic linguists, who formed the vast majority of the workforce, could work at this level, known as “level 3” proficiency, while barely half of the civilian cryptologic linguists could, according to a follow-up SIDtoday article. The military’s language training institute offered “virtually no existing curriculum” above level 2.

NSA’s plan to address the problem included reforms to the training institute and on-site instruction to bring existing linguists up to higher levels. The agency planned to invest about $80 million per year in training over five years. Other efforts included an internal online language training tool, an evaluation of redundant Arabic machine translation projects underway in various government agencies, and the formation of a language technology team within the NSA.

How the NSA Over-Hacked

Sometimes metadata isn’t enough and the NSA decides it needs to compromise targets’ computers to collect much more data. The first half of 2004 saw a ramp-up of NSA’s hacking capabilities. In March, SIDtoday reported, the agency’s elite hacking team Tailored Access Operations approved Kunia Regional Security Operations Center in Hawaii — the same facility where Edward Snowden later worked — as the first NSA field office to conduct “advanced” Computer Network Exploitation. Other facilities conduct the first stage of hacking, “target mapping,” but the Kunia facility began doing “vulnerability scanning” all the way through to “sustained SIGINT collection.”

Another March SIDtoday article said that an advanced network analysis division used to help “exploit targets of interest” had “played an instrumental part” in capturing alleged al Qaeda operative Husam al-Yemeni, had developed a “more complete understanding of the Pakistani Army Defense Network (ADN) infrastructure,” and had assisted with the hacking of “an important digital network associated” with the leader of Venezuela at the time, referred to erroneously as “Victor Chavez.”

The NSA was so successful at hacking networks that the agency was overwhelmed with information. “We simply do not have enough network analysts to effectively monitor these targeted networks,” an NSA division chief wrote in an April 2004 SIDtoday article. To solve the problem, the agency began prototyping an automated monitoring system.

“Outstanding” Bookworm Spy Doesn’t Need to Really Spy

Even as the NSA made enormous efforts to collect vast quantities of private communications, a lone SIDtoday article extolled the value of publicly available data. The piece, from May 2004, gushed about a Defense Intelligence Agency analyst who dug up leads by poring over Russian material that was “open source.” The DIA bookworm searched in newspapers, government documents, and “obscure websites” for information that aided the NSA in collecting intelligence, including names, telephone numbers, and addresses. The article, co-authored by an NSA director with responsibility for Russia, praised the analyst’s “outstanding language and research skills.” It turned out that “critical lead information” on Russian underground facilities, including a mysterious and widely discussed site at Yamantau Mountain in the Urals, was “often only available in open source literature, such as the Internet.”

Cuba’s President Raul Castro whispers in Venezuelan President Hugo Chavez’s ear during the South America and the Caribbean Summit in Sauipe, Brazil, on Dec. 16, 2008.

Photo: Antonio Scorza/AFP/Getty Images

How the NSA Secures — and Routinely Puts at Risk — Sensitive Information

Knowing how much intelligence value could be reaped from openly circulated information, the NSA worked to encourage discretion among members of its workforce. NSA employees practiced poor operational security on a “monthly” basis by disclosing too much information in restaurants and other public settings near the agency’s Fort Meade headquarters, an agency security manager indicated in a tutorial on operational security that ran in SIDtoday in April 2004.

The article used a hypothetical scenario to explain why operational security, or OPSEC, was important for everyone. The author, OPSEC manager for the NSA’s Signals Intelligence Directorate, wrote: “You’re at a luncheon at a local restaurant to bid farewell to Sue, a co-worker who is moving on to a new office.” Your boss makes a toast to Sue, describing her contributions against organized crime and offering various details of her work. Sue then gives a toast thanking some of the gathered individuals.

“Sound familiar?” the OPSEC manager asked. “Then you’ve witnessed (or perhaps participated in) a demonstration of poor OPSEC. … Have you ever stopped to consider what your unclassified public discussions might be giving away? Take the scenario, for instance. This is a scene that is played out monthly in the Fort Meade area.” The article went on to list the pieces of information that an adversary, who could have been listening in from a nearby table, would have learned.

OPSEC turned out to be a recurring theme for SIDtoday — OPSEC training is, after all, mandatory for all NSA personnel. A January 2004 article, written by the author of the April 2004 piece, listed some tips to help personnel to apply OPSEC to their day-to-day activities: Identify your critical information, analyze the threat, identify vulnerabilities, assess risk, and apply countermeasures.

NSA employees aren’t the only ones trained to practice good OPSEC. A March 2005 article reported that the leaders of Venezuela and Cuba practiced OPSEC successfully. President Bush considered Venezuelan President Hugo Chavez a “threat to democracy in the region and a threat to U.S. interests in particular.” But “from a SIGINT perspective, Venezuela poses a particularly difficult challenge. With Castro as his mentor, Chavez has learned the importance of communications security and has made sure that his subordinates understand this as well.”

Law & Order & the NSA

Various 2004 SIDtoday articles highlight the NSA’s behind-the-scenes work on behalf of federal law enforcement.

One detailed a two-week training course on “intelligence reporting” given by NSA staff to FBI officers working on terrorism cases. The course, which had a component dubbed “SIGINT Reporting 101,” aimed to provide “insight into the complexity and difficulty of our business” and to dispel “Hollywood myths about the NSA.”

Another SIDtoday article showed how the U.S. Coast Guard was able to interdict a boat carrying 3.2 metric tons of cocaine thanks to the NSA’s monitoring of VHF radio signals, which carried voice communications of narcotraffickers. An official Coast Guard history of the incident elides the NSA’s role. The same SIDtoday article also disclosed that the Colombian air force carried out a strike against a suspected trafficker aircraft after a tip-off from the NSA.

NSA vs. FARC

Colombian guerrillas holding American hostages evaded massive NSA surveillance, according to a February 2004 SIDtoday article.

One year after three American contractors, who had been on a surveillance mission for the U.S. military, were captured by the Revolutionary Armed Forces of Colombia, a Marxist guerilla group, the U.S. “has not been able to determine with high confidence the exact location and status of the hostages,” wrote an NSA account manager for the military’s Southern Command. This despite “hundreds” of U.S. government personnel having worked to gain their release. U.S. efforts were stymied when FARC’s leadership ordered that personnel cease mentioning hostage operations directly in their communications; the best the NSA could achieve at the time of the SIDtoday article was to monitor calls between two radio operators, “Paula and Adriana,” who in turn were connected to the FARC leaders “we strongly suspect are linked to the hostages.”

The author of the SIDtoday article added that the agency continued to try and get a fix on the location of the hostages. Yet their captors eluded the Americans for another four years. The three Americans were freed by Colombian commandos in July 2008.

A March 2004 SIDtoday article noted a success against FARC, bragging that the arrest of FARC financial leader Anayibe Rojas Valderrama, known as “Sonya,” and a number of her associates a month earlier “resulted from years of monitoring. … Accurate geolocational data as to where she was and when, allowed a vetted Colombian team to capture them by surprise and without any loss of life.” Valderrama was extradited to the United States where she was tried and convicted on drug trafficking charges in 2007.

Former guerrilla hostage Oscar Tulio Lizcano and his wife, Martha, look at pictures of the FARC hostages released during the army’s Jaque Operation, in Cali, Colombia, on Oct. 31, 2008.

Photo: Luis Robayo/AFP/Getty Images

Internal NSA Criticism of Political Groups and the News Media

A national intelligence officer gave a top-secret “issue seminar” to NSA staff on the question of “where political action fades into terrorism,” according to a seminar announcement published in June 2004. The announcement suggested that the line between “legitimate political activity” and “activity that is the precursor to, or supportive of, terrorism” is fuzzy. The course used the Vienna-based organization Anti-Imperialist Camp as a case study, describing it as “ostensibly a political organization” but noting that “its many ties to terrorist organizations — and its attempts to collaborate with Muslim extremists — raise questions about where political action fades into terrorism.” No further details were given to substantiate the alleged ties; the group’s website remains online. A spokesperson for the group, Wilhelm Langthaler, told The Intercept that the group was targeted for such accusations for political reasons, including its opposition to the war in Iraq and “our public support for the resistance against occupation which we have compared with the antifascist resistance against German occupation.”

Another seminar announcement said the news media helped stymie U.S. intelligence collection. “A day hasn’t gone by that our adversaries haven’t picked up a newspaper or gone on the Internet to learn something new about how the US intelligence gathering system operates and what its capabilities or limitations are,” the course overview explained. “And in response, a day hasn’t gone by that our adversaries haven’t modified their operations and activities to avoid being detected and collected against by the US intelligence gathering system.”

NSA’s Role in the Failed Iran Hostage Rescue Attempt

In an anecdote about signals intelligence during the 1980 Iranian hostage rescue mission, a SIGINT staffer recalled the night of April 24 of that year, when he was told he was monitoring the ongoing “Operation Ricebowl.” In a May 2004 SIDtoday article, the staffer wrote: “We knew the parameters of the Iranian Air Defense system because it was U.S. equipment and installed by U.S. contractors while the Shah of Iran was still in power. We knew exactly where the gaps in coverage were and we exploited it during the rescue attempt.” The author went on to describe his shock the next morning when he saw on TV news at home that the mission had ended with a disastrous helicopter crash.

Top photo: American soldiers from the 1st Cavalry Division 2nd Battalion 7th Cavalry run through a smoke screen as they try to avoid sniper fire during an offensive operation on Aug. 16, 2004, in Najaf, Iraq.

The post Drowning in Information: NSA Revelations From 262 Spy Documents appeared first on The Intercept.

Riseup, which began in Seattle in 1999, is one of the most privacy-friendly and anti-surveillance service providers online today. “We believe it is vital that essential communication infrastructure be controlled by movement organizations and not corporations or the government,” the collective’s website states. “Riseup does not log IP addresses and has not done so since the early ’00s,” the collective member told me in an encrypted email. “We work hard to minimize the amount of data (and metadata) stored as [much as] possible. The only way to protect the information of activists around the world is by not having the information in the first place.” Riseup’s privacy policy promises that the service will log as little as possible and never share user data with any third party.

Riseup publishes a warrant canary, a statement that the collective has never received a secret government subpoena, has “never placed any backdoors in our hardware or software and has not received any requests to do so,” and has “never disclosed any user communications to any third party.” If riseup ever does get such a government request, and if the request comes with a gag order that prohibits the collective from informing its users, it won’t update its warrant canary, and from this users can infer that something is wrong.

Riseup’s warrant canary is supposed to get updated “approximately once per quarter.” The last update was from August 16, 2016 — nearly two weeks past the last three-month deadline. Some users have noticed that riseup’s canary seems to have died, and they inferred that something is wrong. Users have also noticed that some of riseup’s recent tweets appear to contain hidden messages, like this screenshot from the policies section of its website where it promises to shut down its service before submitting to “repressive surveillance by any government”:

we have no plans on pulling the plug https://t.co/7Bm0KrEnKA pic.twitter.com/MvEu6itTX6

— riseup.net (@riseupnet) November 21, 2016

The warrant canary’s apparent expiration, together with riseup’s tweets apparently full of hidden meaning, caused some people to speculate publicly that riseup had been compromised, or at the very least, had received a secret national security order and was currently fighting it in court. This speculation started right before the Thanksgiving holidays.

“Due to Thanksgiving and other deadlines, our lawyers were not available to advise us on what we can and cannot say,” the collective member told me. “So in the interest of adopting a precautionary principle, we couldn’t say anything. Now that we have talked to [counsel], we can clearly say that since our beginning, and as of this writing, riseup has not received a NSL, a FISA order/directive, or any other national security order/directive, foreign or domestic.”

On November 24, riseup tweeted that there was no need to panic:

1. There is no need for panic.
2. Our systems are fully under our control.
3. We will provide additional information at a later date.

— riseup.net (@riseupnet) November 24, 2016

4. Our prior tweets did not have any hidden subtext.

— riseup.net (@riseupnet) November 24, 2016

To be fair, since riseup began publishing a warrant canary, it has updated it 10 times, and not at regular intervals. The shortest amount of time between updates was just over two months and the longest was more than four months. Technically, the August 16 canary update could still fall within the precedented window — which is to say that not enough time has passed to infer that it has expired. When I pointed this out, the collective member told me, “Yes, this is a bad system, we should have a specific date. The ambiguity is no fun for anyone.”

And yet, when I asked if riseup had received any request for user data since August 16, the collective did not comment. Clearly, something happened, but riseup isn’t able to talk about it publicly.

However, the spokesperson did provide some context: “There are a lot of conspiracy theories going around because people think that this is something bigger than it actually is,” he said. “The reality is that these theories are way out of proportion to the truth. It isn’t something that people should freak out about, or be scared, or burn their computer, and run for the hills.”

In short, riseup is asking its users to trust it. “It’s annoying that we can’t detail why people should believe us when we say that, but people have put their trust in us for over 16 years, so we hope you would believe us when we say that you should continue to do that.”

The spokesperson also pointed out that some people might think that the government could be forcing them to say that, “but the reality is that compelled speech by the government is incredibly rare, and really only done for consumer protection (such as requiring warning labels on cigarettes) or other safety regulations.” He pointed to the Electronic Frontier Foundation’s warrant canary FAQ and blog posts about Apple’s fight against the FBI for detailed information about compelled speech law in the United States.

The riseup collective is currently having internal discussions about when it will be able to update its warrant canary.

In December, riseup is launching a new feature called personally encrypted storage. All messages and metadata of email users will be encrypted with the users’ passwords so that the collective itself won’t have access to that data and therefore can’t be compelled to hand it over to any government. Riseup will publish all of the code that makes this possible as an open source project, so that other service providers can use it as well. “It is designed to protect the service provider from ever being able to comply with a subpoena or warrant,” the spokesperson told me. While the new system isn’t perfect, “this will help us all breathe a lot easier.”

In the meantime, riseup has published tips for how users can reduce the amount of data stored on their servers. “These are uncertain times for all service providers,” the collective member said. “Technology won’t solve social problems, but in this specific case we believe that new technology under development will dramatically improve the outlook for service providers.”

Top photo: Illustration from the activist technology collective riseup

The post Something Happened to Activist Email Provider Riseup, but It Hasn’t Been Compromised appeared first on The Intercept.

Trump has repeatedly shown utter disrespect for the rule of law. He doesn’t believe in freedom of religion. He advocates torture. He has said he’ll instruct his Justice Department to investigate Black Lives Matter activists, and it’s likely he’ll appoint Rudy Giuliani, of New York City’s racist and unconstitutional “stop-and-frisk” fame, as his attorney general to do the investigating. The New York Times also reports that “Mr. Trump still privately muses about all the ways he will punish his enemies after Election Day.”

With Trump eager to misuse his power and get revenge on his perceived enemies, it’s reasonable to conclude there will be a parallel increase in abuse of power in law enforcement and the intelligence community. Activists who put their bodies on the line trying to protect basic rights — freedom of religion, freedom of speech, civil rights, reproductive rights, voting rights, privacy rights — will face the brunt of it.

Thanks to 16 years of relentless and illegal expansion of executive power under Presidents Bush and Obama, Trump is about to have more tools of surveillance at his disposal than any tyrant ever has. Those preparing for the long fight ahead must protect themselves, even if doing so can be technically complicated.

The best approach varies from situation to situation, but here are some first steps that activists and other concerned citizens should take.

Encrypt Your Phone

If there is a risk you will be detained on the street, the best way to protect the information in your phone is to encrypt it and require a strong password to unlock it. (Also, check out EFF’s detailed technical and legal advice for protecting your phone while protesting, and what to do if you get arrested at a protest.)

All iPhones are encrypted by default, but the encryption is only useful if you use it correctly. Make sure you set a long, random passcode — it should be at least 6 digits, and it should be 11 digits if you think an agency like the FBI may invest resources into breaking into it (see this article for details and rationale behind this iPhone passcode strategy). As inconvenient as it is, don’t use Apple’s fingerprint technology Touch ID to unlock your phone; law enforcement can force you to use your finger, but they can’t force you to give up your passcode.

If you use Android, go into your Settings app, navigate to the Security section, and encrypt your phone from there. Before you can encrypt your phone, you need to set a strong pattern, numeric PIN, or password for unlocking it.

It may be annoying at first to have to type something complicated just to unlock your phone, but once you get started, your muscle memory will quickly take over, and this is the only way to truly protect the data stored on your phone. And an important note: If you forget your passcode and can’t unlock your phone, there’s no way you will ever recover the data on it (that’s kind of the point of encryption), and you’ll have to factory reset your phone to keep using it. So when you first switch to a strong passcode, write it down on a piece of paper and keep it in your wallet until you’re sure you’ve committed it to memory, and then destroy the paper.

Ditch Your Phone at Sensitive Moments

Even if you take steps to secure your phone, you shouldn’t trust it too much. If you’re having an activist meeting where you might discuss secret plans, such as organizing nonviolent direct action, everyone should leave their phones somewhere outside of earshot of the meeting. If one phone has been hacked, it could be recording the entire conversation without anyone knowing.

And while phones are indispensable tools for organizing and secure communications, they unfortunately are also tracking devices. If you need to hide your location while you do especially high-risk work, such as whistleblowing, it might be better to leave your phone at home.

Switch From Facebook Groups to End-to-End Encrypted Groups

If you’re part of an activist organization or affinity group that has internal strategy and planning discussions over Facebook (or any other non-encrypted service), you should stop immediately. All of the members of your group, and everything that anyone posts to it, are just a legal request away from being used against you.

Instead, you should get everyone in your activist Facebook groups to switch to an end-to-end encrypted group-messaging app, such as Signal, WhatsApp, or Semaphor.

To create a Signal or WhatsApp group, you need to have the phone numbers of everyone in your group in your phone. Semaphor is kind of like an end-to-end encrypted version of Slack or HipChat — you need to create a new Semaphor team and invite everyone else to join it, and then within that team you can create different channels and send private messages.

All of the messages you send to groups of people using these apps will be end-to-end encrypted. No one, not even the app developers who have access to the servers these apps use, will be able to read the plaintext of your messages, except for the other members of your group.

But while the messages are encrypted, the list of members of the group might not be, and this is also important information to protect. WhatsApp and Semaphor might be able to hand over group membership information if the government comes knocking.

On the other hand, the developer of Signal, Open Whisper Systems, is way ahead of the game here. The one time they received a request for data about a Signal user, all they were technically able to hand over to the FBI was the account creation time and the last date that the user connected to the Signal server — they didn’t have the user’s contacts, they didn’t have a list of groups the user was in or members of those groups. The company also successfully fought a gag order designed to keep it from publicizing the request. That said, Signal groups can be buggy, have scaling issues when groups get too big, and at the moment, there are far fewer people using Signal than there are using WhatsApp.

(If you’re using Signal, you might also be interested in these Signal security tips — most of the information is current, but there are some recent features that are not covered, including “safety numbers” now used to verify the privacy of your conversations, disappearing messages, and desktop support for iPhone users.)

Also, be careful who you trust. The FBI has a long history of recruiting informants to spy on activists. Since law enforcement can’t spy on your group conversations by asking these companies to hand over your messages, like they can with Facebook groups, their next easiest move is to infiltrate your group.

Prioritize Security When Building Activist Sites

A lot of activists set up web-based forums to communicate. If you’re responsible for setting up such a forum, make sure you take special care to secure it. Always make sure you use the latest version of the software that powers your website, as well as any plugins you’re using, and apply security updates promptly.

Turn on the web encryption technology HTTPS, and follow all of the best practices like strong cipher suites and HTTP Strict Transport Security. The certificate authority Let’s Encrypt makes this simple and free. Refuse to use forums on websites that still use HTTP, since the U.S. government spies on everything you post to those, including your password, when you log in, and makes it searchable in databases like XKEYSCORE.

Even with HTTPS, your group can still be spied on. At the very least, the government can see exactly which people are visiting your website. You might consider making this much more difficult by taking your website off the open internet completely and making it only accessible as a Tor onion service. Everyone in your group will need to use Tor Browser to access it, but this will make eavesdropping on you, or even realizing that you’re part of a group, much more difficult. The activist tech collective Riseup has published a best-practices guide for running Tor onion services.

Secure Your Accounts and Computer

Improve your password habits: I recently wrote some email security tips for the Clinton campaign, but these tips also apply to everyone. Use strong passwords, use a password manager so you can use a unique password for each site without having to memorize them all, and turn on two-factor authentication for applications that support it.

Turn on full disk encryption: If someone gets physical access to your computer and you aren’t using disk encryption, they can very easily steal all of your files. It doesn’t matter if you have a good password or not because they can simply remove your hard drive to access all of your data. Follow these instructions for encrypting your laptop in Windows, Mac OS X, and Linux.

Install all updates promptly: Updates fix security bugs, so every day you haven’t installed them is a day you’re vulnerable to attack. People all too quickly dismiss windows that tell them their software is out of date — don’t ignore these. Update all of your software, and it will be much, much harder for anyone to hack you.

Use virtual machines to compartmentalize: You can get hacked by installing the wrong program or opening the wrong email attachment, and if that happens the attacker can access all of your files, log your keystrokes, take screenshots, and even listen to your microphone and watch through your webcam. It’s possible to isolate the most risky files and programs from other parts of your computer using technology called virtual machines. This article explains how to use them.

Use Qubes to Protect Your Computer

If your activism involves handling secrets — planning nonviolent direct action campaigns, gathering evidence for a lawsuit, trafficking in leaked documents — and it’s conceivable that you might be targeted by the FBI, CIA, or NSA, you should be using the open source operating system called Qubes.

Qubes is not the simplest to switch to if you’re coming from Windows or a Mac, but if you have secrets to protect it’s absolutely worth it. With Qubes, you can compartmentalize your computer to work exactly as you want, so that if one part of it gets hacked, the rest of it remains secure. Here are some of the things you can do with Qubes that you can’t do with Windows, Mac OS X, or normal Linux distributions:

• It’s the only operating system that can protect you from vulnerabilities in your computer’s drivers and from malicious USB sticks that you plug into your computer.
• With Qubes, you can easily open any untrustworthy document, such as all of your email attachments, using “disposable VMs,” or virtual machines. If the document contains malicious software, the software will be contained, and it will be completely gone as soon as you close the window.
• You can convert PDF files to “trusted PDF” files, which uses the Qubes sandbox technology to remove any potential malware from a PDF before you open it or send it to your friends.
• You can create “vaults” on your computer, special components that are isolated from the rest of your computer and never have access to the internet. This is perfect for storing sensitive documents — if your web browser gets hacked, the attacker won’t be able to access them — and also for storing secrets such as password databases.
• You can use Tor Browser more securely than you can in other operating systems, so that even if someone manages to exploit a Tor Browser bug and hack you, like the FBI has done in the past, they still won’t be able to deanonymize you.

Qubes is a relatively new operating system and usability isn’t yet its strongest point. It requires a lot of typing commands into terminal windows if you want to be a power user, so it’s not for everyone. If you’d like to learn more about Qubes, you might be interested in watching this half-hour video tour explaining how it works.

But if you’re looking to invest time and energy into securing your computer from hackers (and you should, if you’re taking a big risk with your activism), Qubes is absolutely the place to start.

The post Surveillance Self-Defense Against the Trump Administration appeared first on The Intercept.

The gist of the Slate article is dramatic — incredible, even: Cybersecurity researchers found that the Trump Organization used a secret box configured to communicate exclusively with Alfa Bank, Russia’s largest privately-held commercial bank. This is a story that any reporter in our election cycle would drool over, and drool Foer did:

The researchers quickly dismissed their initial fear that the logs represented a malware attack. The communication wasn’t the work of bots. The irregular pattern of server look-ups actually resembled the pattern of human conversation — conversations that began during office hours in New York and continued during office hours in Moscow. It dawned on the researchers that this wasn’t an attack, but a sustained relationship between a server registered to the Trump Organization and two servers registered to an entity called Alfa Bank.

These claims are based entirely on “DNS logs,” digital records of when one server looks up how to contact another across the internet. The logs, first gathered by an anonymous researcher going by the moniker “Tea Leaves” (an irony that should be lost on no one) and shared with a small group of academics, were provided to The Intercept and a handful of other news organizations. The New York Times, the Washington Post, Reuters, the Daily Beast, and Vice all examined these materials to at least some extent and did not publish the claims.

You can think of DNS like a phone book that maps people’s names to their phone numbers. For example, every time Alice wants to call Bob, she first looks up Bob’s phone number in the phone book, and then she dials the number into her phone. However, it’s possible that Alice might look up Bob’s phone number and not call him on the phone. It’s even possible that she might look up Bob’s phone number over and over on a regular basis, over the course of months, without actually calling him. The DNS look-ups that The Intercept and others (including Slate) reviewed are similar to records of Alice looking up Bob’s phone number in the phone book, but to call that evidence of sinister collusion between the two is, politely, a stretch. These DNS records alone simply cannot prove that any specific messages were sent at those times. In fact, they can’t really prove anything at all, and certainly not “communication” between Trump and Alfa. This cannot be overstated: No one, not Tea Leaves, not his academic peers, and not Franklin Foer, can show that a single message was exchanged between Trump and Alfa.

Inconsistencies

Putting aside how little there actually is to read in these tea leaves, the information we reviewed was filled with inconsistencies and vagaries. The Intercept (and other outlets) were presented with three documents: an academia-style white paper about the server, an analysis of that white paper, and a sprawling dossier on Alfa Bank. The author of the analysis paper refused to comment on the record or allow his name to be published. Both Tea Leaves and the analysis author said they did not know who wrote the other documents, and would not say how they obtained them. Professor L. Jean Camp, an esteemed computer scientist quoted at length in the Slate piece and also interviewed by The Intercept, said she knew the author of the Alfa Bank document — compiled with the exhaustive detail of a political oppo team, not a university researcher — but would not reveal who it was. Tea Leaves himself told The Intercept that he had to keep his identity and methods secret because “I run a cybersecurity company and I do not want DDOS and never have we been DDOS, nor do I want other attention.”

Looking at the documents themselves provided further oddities and errors. The white paper contends the following:

The Spectrum Health IP address is a TOR exit node used exclusively by Alfa Bank, i.e., Alfa Bank communications enter a Tor node somewhere in the world and those communications exit, presumably untraceable, at Spectrum Health. There is absolutely no reason why Spectrum would want a Tor exit node on its system.

This is simply untrue and easy to disprove using publicly available information: The Intercept confirmed that the IP address in question, and all other IP addresses on Spectrum Health’s network, did not host a Tor node during the time period.

On Tea Leaves’ WordPress site, he claimed that “only two networks resolved the mail1.trump-email.com host.” This is contradicted by the very works of analysis furnished by Tea Leaves’ collaborators: The author of the white paper found that at least 19 IP addresses, all belonging to different networks except for the two that belong to Alfa Bank, had looked up Trump’s server. And these are only the 19 the author was able to observe in a short time period — it can’t be ruled out that there were many more, which quickly deflates the portrait of a shady Russian backchannel.

The white paper included DNS look-up data, but not nearly enough to reproduce the results. Rather than the 19 IP addresses we expected to see, the data only included three, and the DNS look-ups were not for the same time period that the paper described. Tea Leaves published a different set of data on the dark web, which we also looked at, but this set of data only included a total of four IP addresses. When we pressed Tea Leaves for the complete set of data so we could attempt to reproduce the analysis, he gave us a new, more comprehensive set of data, but still that included a total of only eight IP addresses, and it was missing an IP address belonging to a VPN service in Utah that accounted for a significant portion of the DNS look-ups described in the paper.

What percentage of DNS look-ups for Trump’s email server could Tea Leaves and his colleagues observe, out of all DNS look-ups for that server on the whole internet? How can they be sure that the majority of DNS look-ups for Trump’s email server originated from Alfa Bank, when much of the data they collected didn’t even include DNS look-ups from IPs described in their own paper? What’s their margin of error? None of the analysis that we (and other journalists) obtained answered these questions.

The Simplest Explanation

Although the Slate article mentions Occam’s Razor, Foer never actually takes seriously the simplest plausible explanation for all of this: The Trump Organization owns a bunch of expensive, obnoxious spam servers that churn out marketing emails for its expensive, obnoxious hotels. Spectrum Health, an entity in this story whose presence never made any sense, provided the following statement:

Our experts have conducted a detailed analysis of the alleged internet traffic and did not find any evidence that it included any actual communications (no emails, chat, text, etc.) between Spectrum Health and Alfa Bank or any of the Trump organizations. While we did find a small number of incoming spam marketing emails, they originated from a digital marketing company, Cendyn, advertising Trump Hotels.

Spectrum also provided us with something not even Tea Leaves could: a copy of an email sent from the mail1.trump-email.com server. Did it contain a Cyrillic cipher? Not quite:

Spectrum was kind enough to include the email’s header data, which shows its origin:

Alfa Bank provided the same:

Now, these emails are from outside the time period observed by Tea Leaves et al. and only represents one data point. On the other hand, we now have one checkmark in the “this is just some dumb spam server” column, and zero in the “this is a hotline to Putin’s bedroom” column. Mandiant, a cybersecurity firm Alfa Bank hired to investigate the DNS logs once reporters came knocking, provided another deeply plausible explanation: All of the look-ups were the result of Alfa’s mail servers trying to figure out who was spamming them so much.

The information presented is inconclusive and is not evidence of substantive contact or a direct email or financial link between Alfa Bank and the Trump Campaign or Organization. The list presented does not contain enough information to show that there has been any actual activity opposed to simple DNS look-ups which can come from a variety of sources including anti-spam and other security software.

Security researcher Rob Graham points out that it’s a stretch to even claim that this server is truly “Trump’s”:

The evidence available on the internet is that Trump neither (directly) controls the domain “trump-email.com,” nor has access to the server. Instead, the domain was setup and controlled by Cendyn, a company that does marketing/promotions for hotels, including many of Trump’s hotels. Cendyn outsources the email portions of its campaigns to a company called Listrak, which actually owns/operates the physical server in a data center in Philadelphia. …

… When you view this “secret” server in context, surrounded by the other email servers operated by Listrak on behalf of Cendyn, it becomes more obvious what’s going on. In the same internet address range of Trump’s servers you see a bunch of similar servers, many named [client]-email.com. In other words, trump-email.com is not intended as a normal email server you and I are familiar with, but as a server used for marketing/promotional campaigns.

Paul Vixie, quoted throughout the Slate story, is a legendary figure in the history of the internet whose expertise is near unparalleled when it comes to DNS. But even Vixie conceded to The Intercept that Tea Leaves’ evidence was conclusive of nothing: “It’s a perfect he-said, she-said situation. … Mandiant is guessing no. I am guessing yes. Neither of us has direct evidence.”

There are other, non-technical issues with the Foer piece. For one, the political connections between Trump and Alfa Bank are presented to the reader by highlighting the relationship between Trump and Richard Burt, a consultant who drafted a Trump campaign speech. Burt, Foer charges, “serves on Alfa’s senior advisory board.” Burt has indeed worked for years as an adviser to Alfa Bank and its founder, Mikhail Fridman. But he no longer serves on the board of Alfa Capital Partners, the Moscow-based fund associated with Alfa Bank. That company closed shop over a year ago. Foer made the same allegation in another piece published by Slate in July.

Could it be that Donald Trump used one of his shoddy empire’s spam marketing machines, one with his last name built right into the domain name, to secretly collaborate with a Moscow bank? Sure. At this moment, there’s literally no way to disprove that. But there’s also literally no way to prove it, and such a grand claim carries a high burden of proof.

Without more evidence it would be safer (and saner) to assume that this is exactly what it looks like: A company that Trump has used since 2007 to outsource his hotel spam is doing exactly that. Otherwise, we’re all making the exact same speculation about the unknown that’s caused untold millions of voters to believe Hillary’s deleted emails might have contained Benghazi cover-up PDFs.

Given equal evidence for both, go with the less wacky story.

Top photo: The logo of Alfa Bank is visible on a building in Minsk, Belarus, on June 19, 2016.

Update: November 1, 2016 This article has been updated to clarify Alfa Bank’s status as the largest private commercial bank.

The post Here’s the Problem With the Story Connecting Russia to Donald Trump’s Email Server appeared first on The Intercept.

So as a public service to Podesta and everyone else on Clinton’s staff, here are some email security tips that could have saved you from getting hacked, and might help you in the future.

Use a strong password

There’s a method for coming up with passwords that are mathematically unfeasible for anyone to ever guess by brute force, but that are still possible for you to memorize. I’ve written about it before, in detail, including an explanation of the math behind it.

But in short: You start with a long list of words and then randomly select one (by rolling dice), then another, and so on, until you end up with something like: “slinging gusty bunny chill gift.” Using this method, called Diceware, there is a one in 28 quintillion (that is, 28 with 18 zeros at the end) chance of guessing this exact password.

For online services that prevent attackers from making very many guesses — including Gmail — a five-word Diceware password is much stronger than you’ll ever need. To make it super easy, use this wordlist from the Electronic Frontier Foundation.

Do not use a weak password

So if that’s a strong password, what does a weak password look like? “Runner4567.”

How did the 3l33t h4x0r5 figure out Podesta's super secure password?https://t.co/QSEntXWhGj pic.twitter.com/qMsM9UEXge

— Phil Kerpen (@kerpen) October 12, 2016

Use a unique password for each application

The same day that WikiLeaks published Podesta’s email, his Twitter account got hacked as well. How do you think that happened? I have a guess: He reused a password that was exposed in his email, and someone tried it on his Twitter account.

Even if you use a strong password, it quickly becomes worthless if you use it everywhere. The average person has accounts on dozens of websites. For those who reuse passwords, all it takes is for any one of those sites to get hacked and your password to get compromised, and the hacker can gain access to your accounts on all of them.

You can avoid this by using different strong passwords for every account. The only way this is possible is by using a password manager, a program that remembers all your passwords for you (in an encrypted database) so you don’t have to. You should secure your password manager with an especially strong password. I recommend a seven-word Diceware passphrase.

There are many password managers to choose from: KeePassX, LastPass, 1Password, and more. Shop around for whichever one fits your organization the best. It doesn’t so much matter which you use, so long as you use strong, unique passwords for each account. Password managers also help you generate secure random passwords.

Turn on two-factor authentication

Last year, when I asked National Security Agency whistleblower Edward Snowden what ordinary people could do to improve their computer security, one of the first pieces of advice he gave was to use two-factor authentication. If Podesta had enabled it on his Gmail account, you probably wouldn’t be reading his email today.

Google calls it “2-Step Verification” and has an excellent website explaining why you need it, how it works, and how it protects you. In short: When you log in to your account, after you type in your password you’ll need one more piece of information before Google will allow you to proceed. Depending on how you set it up you might receive this uniquely generated information in a text message, a voice call, or a mobile app, or you could plug in a special security key into your USB port.

Once you start using it, hackers who manage to trick you into giving up your password still won’t be able to log in to your account — at least not without successfully executing a separate attack against your phone or physically stealing your security key.

Do it right this second

Google handles all of the email for hillaryclinton.com. If you’re a Clinton staffer, you should immediately stop what you’re doing and make sure you’ve enabled 2-Step Verification for your email. You should also enable two-factor authentication for all of the many other services that support it, including Twitter, Facebook, Slack, and Dropbox, to name just a few. (If Podesta had enabled it on his Twitter account, that probably wouldn’t have gotten hacked either.)

Watch out for phishers

How did these prominent political figures get their emails hacked in the first place? It appears that Russian hackers used “spear-phishing” attacks against many high-profile political targets, and some of them bit.

Spear-phishing works like this: The attacker sends a target a carefully crafted email, something that looks legitimate but is actually a fake. The target clicks a link in the email and ends up at what looks like a login page for their bank, or an online store, or, in this case, the Google login page. But it’s not. If they carefully examined the URL of the website, they would see that it doesn’t begin with https://accounts.google.com/ and therefore isn’t a real Google login page.

But they don’t notice, so they go ahead and enter their username and password. Without realizing it, they just gave their Google password to the attacker. Now the attacker can use this password to log in to the target’s Gmail account and download all of their email (assuming they are not using two-factor authentication, that is).

Well-crafted spear-phishing emails can be incredibly hard to spot, but if you ever end up on a website asking you for a password, you should be skeptical. Check the URL and make sure you’re at a legitimate login page before typing in your password, or navigate to the login page directly.

Encrypt your email

All of the previous tips are aimed at keeping your email account secure. But even if you follow all of the security best practices, it’s still possible that your email could get compromised. For example:

• You could fall for an incredibly sophisticated spear-phishing attack that tricks you into giving up your password as well as your two-factor authentication token
• Your Google Apps administrator could get hacked, giving the hacker the ability to reset the email passwords of everyone in your organization
• A hacker could find a fundamental security flaw in Gmail itself and use that to gain access to your account
• A state-level actor could find a way to exploit the infrastructure of the internet to spy on all of your data held by Google

Or maybe you just don’t trust Google, or anyone who can compel the company with legal requests for data, with the contents of your email.

For any or all of those reasons, it’s probably worth using encrypted email.

Using encrypted email is more complicated than using a strong password and using two-factor authentication — which are really easy — but it’s simple enough that everyone at The Intercept, including all of the non-nerds, uses it. An important caveat is that everyone needs to be ready to use encrypted email before you can start using; you can’t send an encrypted email to someone who doesn’t have an encryption key yet. (You can find our encryption keys on our staff profiles if you want to send us encrypted emails.)

To get started, check out the Electronic Frontier Foundation’s Surveillance Self-Defense guide for using email encryption for Windows, Mac OS X, and Linux. If enough people in your organization use encrypted email, consider using our newly released tool GPG Sync to make it somewhat simpler.

Had Podesta, or anyone in the Democratic National Committee — or really anyone who’s had their email leaked in recent years — used encrypted email, a lot more of the emails would look something like this:

What an encrypted email looks like from Gmail’s perspective.

If a hacker steals all of your encrypted email and then wants to decrypt it, they’ll need to hack into your computer and steal your secret encryption key. That is a whole level of difficulty higher than just getting your password. If you choose to keep your secret encryption key on a physical USB device, such as a Yubikey, the hacker has even more hoops to jump through before they have any hope of decrypting your emails.

Alternately, use an encrypted messaging app instead of email

If encrypting your email sounds too hard, it might make sense to just use email less, in favor of easy-to-use encrypted message apps such as Signal. The Clinton campaign is reportedly already using Signal for its mobile communications about Donald Trump. Now the iPhone version of the app has desktop support, too. So if you need to send a quick, but sensitive, message to a colleague, why not type it into the Signal app instead of sending an email?

Don’t listen to the wrong people

Hillary Clinton’s policy on encryption is dubious, even to the point of calling for the government to commission a “Manhattan-like project” to figure out how to create strong, unbreakable encryption that nevertheless has a back door for law enforcement to access. This idea is firmly in the realm of fantasy, because a back door is definitionally a weakness.

And no matter what U.S. policy is in the future, the email encryption I described above will not contain a backdoor and will be available to everyone in the world, because it’s open source software developed largely outside of the United States.

The obvious conclusion is that Clinton simply doesn’t understand cybersecurity, in theory or in practice.

On the practical level, she needs better in-house technical expertise.

On the theoretical level, she should listen to the unanimous consensus of cryptography experts and take a firm stance in support of strong encryption without back doors. This will improve the cybersecurity of both government and private businesses, protect the constitutionally protected privacy rights of Americans — and maybe even save herself from similar embarrassments in the future.

Top photo: A cellphone case featuring an image of Hillary Clinton.

The post Dear Clinton Team: We Noticed You Might Need Some Email Security Tips appeared first on The Intercept.

Early in the fight against al Qaeda in Afghanistan and insurgents in Iraq, the National Security Agency was blindsided by enemy fighters’ frequent use of rudimentary wireless communications devices known as “high–powered cordless phones,” according to documents among 263 published today by The Intercept.

The documents, drawn from the agency’s internal news site, SIDtoday, and provided by NSA whistleblower Edward Snowden, date mostly to the latter half of 2003, and show the NSA was at the time rapidly expanding its internet monitoring. But even as its digital surveillance grew more sophisticated, the agency saw its targets increasingly adopting crude forms of communications like shortwave radio, SMS cellphone messaging and, most vexingly, high-powered cordless phones. The “poor man’s cell phones,” as the cordless devices were called, spread through Afghan borderlands and along Iraqi roadsides. Meanwhile, the NSA was scrambling to fill what one SIDtoday article referred to as an “intelligence gap” around the devices. The agency assembled more than 500 people at Fort Meade, including foreign intelligence partners and contractors, in order to understand, and plan how to crack into, a type of communication “increasing exponentially worldwide,” as an internal bulletin put it.

The NSA’s scramble to monitor cordless phones helps illustrate how the agency, despite its best efforts to predict the future, can end up blindsided. Just as the military after the Cold War continued to buy sophisticated weapons for use against conventional forces, leaving it poorly prepared for guerilla warfare, so too did the NSA’s state-of-the-art mass internet surveillance leave it unprepared for enemies in rural areas with crude radios.

The NSA documents about cordless phones are among many highlights from The Intercept’s second release of SIDtoday postings, made available for download starting today. As detailed in the roundup below, SIDtoday articles from the second half of 2003 also outline how the NSA obtained credit card information from the Secret Service, fed intelligence to the FBI, requested investigations of suspected leakers, spied on diplomats to advance the U.S. war in Iraq, exposed a purported terrorist computer as much less menacing than U.S. news media had reported, and cooperated extensively with the 9/11 Commission.

A SIDtoday article from the period also discloses that the NSA spied on non-governmental organizations, or NGOs, in order to collect information to feed into the U.S.’s extensive medical intelligence apparatus. Using this and other Snowden documents, Intercept reporter Jenna McLaughlin filed a story about the NSA’s “medical SIGINT” operation and other ways the U.S. collects so-called medical intelligence.

A new NSA data-collection center sits behind a neighborhood in Bluffdale, Utah in 2015.

Photo: George Frey/Getty Images

Millions of Ordinary People Caught In NSA Internet Taps

A July 2003 SIDtoday article by the “deputy director for data acquisition” noted how, amid a rapid growth in digital networking, the NSA increasingly found itself sifting through the communications of ordinary people. The article said that “our targets are moving from fixed narrowband transmissions to shared, re-routable, extremely wideband, multiplexed, multi-formatted transmissions.”

Lots of other people were jumping onto the internet as well so “our targets communications are increasingly buried by millions of non-target communications.”

Another article explained the successes of FAIRVIEW and STORMBREW – codenames for NSA’s partnerships with AT&T and Verizon to conduct unconstitutional surveillance of internet traffic passing through America’s largest telecom providers. These programs, part of NSA’s “upstream” collection, were later used to feed unimaginable amounts of surveillance data into XKEYSCORE to be processed and searched by analysts. In September 2003, FAIRVIEW, the AT&T surveillance program, captured “several trillion metadata records – of which more than 400 billion were selected for downstream processing or storage.” That same month, the program launched a new collection capability, allowing it to collect “more than one million emails a day.”  (This document was published last year by the New York Times and ProPublica.)

As it monitored more and more internet traffic, the NSA also aimed to grow its own use of networks for collaboration. One SIDtoday article heralded a new tool called InfoWorkSpace, available to all Five Eyes intelligence agencies and boasting secure video and audio conferencing, text chat, whiteboards, and screen sharing —impressive, by 2003 standards. But using the cutting-edge the technology could be tricky. Three months after announcing InfoWorkSpace, SIDtoday reported that signals intelligence directors from each Five Eyes agency held their first virtual meeting using the system, but “GCHQ was unable to attend due to a computer failure.”

People who struggle to stay secure online can take comfort in the fact that even the digital spies at the NSA have trouble installing basic encryption, at least judging from two SIDtoday articles dating to July 2003. They described the NSA’s move to an internal online security system built around Public Key Infrastructure, or PKI. Such infrastructure comes into play every time you visit a website using the secure HTTPS protocol; it involves encryption keys that can be openly distributed in public as well as a system of certificates to help ensure the correct keys are distributed.

Within the NSA, nearly every employee was required to create their own PKI certificate, a process that was cumbersome and confusing. It involved 11 steps, including requiring employees to go to the nearest “kiosk room” for a machine to generate and print a password for them. “Just accept that this process might be a little confusing, a little frustrating, a little time-consuming,” an article consoled, “but just sit down, take a deep breath and do it! It really isn’t that bad!!!!”

Anther SIDtoday article announced SID’s new policy on “secure telecommuting,” for employees that needed to leave the Washington, D.C. area but wanted to continue their classified work. “Many of the skills resident among the workforce do not exactly grow on trees,” the author said, “and it is of critical importance that SID find a way to retain those skills.” All telecommuting must happen from a “suitable remote secure government facility” – working from home violates Defense Department policy, and “approval for telecommuting is given on a case-by-case basis.”

A U.S. Army soldier in Afghanistan watches a screen showing the detonation of an Improvised Explosive Device during a route-clearance mission in July 2010.

Photo: Justin Sullivan/Getty Images

Simple, Rugged Technology Catches NSA Off Guard

Even as the NSA ramped up cutting-edge surveillance of the internet, it also grew its efforts to monitor the use of high-powered cordless phones, an unsophisticated wireless technology known as a “poor man’s cell phone,” as a September 2003 SIDtoday article put it. Such devices were common in remote areas with handsets that could range 50 miles from the radio base station.

The article said HPCPs were potentially in use by “Usama bin Laden and his associates. … Thousands of networks are operating along the [Afghanistan/Pakistan] border region, particularly in regions of known terrorist activity.”

But such devices represented an “intelligence gap” and their use by enemies could result in an analyst “missing some of your target’s communications.” Another SIDtoday article published at the same time said use of HPCPs was “increasing exponentially worldwide” and that the NSA still needed to work to “understand this technology,” in part to “provide force protection in Iraq.” In Iraq, high-powered cordless phone technology was frequently used to detonate roadside bombs, Wired reported in 2011.

In late 2003, NSA had so much to learn about HPCP technology that the agency hosted a top-secret “Worldwide HPCP Conference” at NSA’s campus. More than 500 people attended the event, including representatives from all Five Eyes spy agencies, all branches of the U.S. military, and private contractors. “Being able to collect [from] communication devices such as HPCP phones can literally spell the difference between life and death,” an assistant director for central intelligence said at the conference. “Life for us, death for would-be terrorists.”

The U.S. military eventually acquired a variety of devices capable of monitoring or locating HPCP communications, several of which were disclosed by The Intercept last year as part of the publication of secret, internal U.S. government catalogue of surveillance gear targeting wireless communications.

While it struggled with cordless phones, the NSA had more luck tapping into another primitive radio platform, the nearly 100-year-old technology known as high-frequency, or shortwave, radio. A SIDtoday article from July 2003 said that “the market for HF continues to grow. … HF requires no terrestrial or spaceborne infrastructure to communicate globally and is capable of surviving the effects of a nuclear blast.” The technology was also relatively cheap and the radios were “mobile, rugged, and require minimal manpower and training to operate” making them “ideal for use by terrorists and third-world military organizations.”

But those weren’t the NSA’s only targets using HF: Important participants in negotiations at the United Nations utilized shortwave, too. “As the United States was considering its options regarding a Security Council resolution on Iraq,” the July article explained, “intelligence derived from HF collection provided the position and voting intentions of several key players.”

Another simple communications medium the NSA found itself increasingly monitoring in 2003 was SMS, the text-messaging protocol built into even the most basic of cellphones. In the 18 months through July, SMS use spiked among Islamic extremists, according to an article in SIDtoday. “They believe that SMS is more secure than both voice calls and E-mail,” the piece stated. But the NSA was clearly able to access plenty of SMS messages, as the article described how the extremists used SMS “to arrange instant messaging or chat sessions … to warn of security problems, especially after raids… to coordinate financial transfers” and “to pass new E-mail addresses, telephone numbers, and passwords”

FBI file photos of the Lackawanna Six.

Photo: Ho/AFP/Getty Images

NSA Feeds Information To Domestic Law Enforcement

A series of 2003 SIDtoday articles described support to the NSA’s partners at various U.S. government agencies. The agency’s work is traditionally driven by these partners, which it frequently refers to as “customers.” As the examples below make clear, customers both request and supply information to the signals intelligence directorate, and some are kept at a further remove than others, whether for legal reasons or due to turf wars.

NSA and the Secret Service

An August 2003 SIDtoday article described the NSA’s relationship with the U.S. Secret Service, including the NSA’s work gathering signals intelligence to help protect the president and other executive branch members when they travel abroad.

In return, the article said, the Secret Service provided the agency access to, and a copy of, its financial crimes division database of credit card information, giving NSA analysts “the ability to do real-time, on-line pulls and determine if a particular credit card was issued by a foreign bank.”

NSA and the FBI

One SIDtoday article seemed to exaggerate the NSA’s role in identifying a group of Yemeni American men who eventually pleaded guilty to providing material support for al Qaeda, a group known as the Buffalo Six or Lackawanna Six. The newsletter says information from the NSA was used to identify members of the group, although this version of events contradicts other reports.

The initial lead in the case, which included the names of the men eventually arrested, has repeatedly been attributed to an anonymous tip to the FBI from a member of the local Muslim community. Additional evidence allegedly came from the interrogation of a jihadist at Guantánamo Bay, after which updates on the investigation became a regular part of President George W. Bush’s daily intelligence brief, the New York Times reported.

­

The SIDtoday article said the arrest of the Buffalo Six stemmed from a partnership between the FBI and an NSA signals-intelligence cell focused on counterterrorism. The two parties worked together to develop new communications sources from which to extract intelligence, a process referred to as “SIGDEV.” “The Cell has further expanded its existing SIGDEV partnerships throughout the community to help locate specific terrorist targets,” the article stated. “This increased collaboration resulted in the arrests of six individuals in Buffalo, New York — [signals intelligence] reporting provided key leads and valuable information which enabled FBI analysts to identify the terrorist cell and advance their investigative efforts.”

Although the FBI seems to have identified the six men prior to any wiretapping, contrary to the SIDtoday article, federal authorities did reportedly begin monitoring the communications of the Lackawanna men using a FISA warrant after the Guantánamo interrogation and after White House interest in the case. A cryptic email referring to a “big meal” led them to interrogate the member of the Lackawanna Six who eventually confessed that the men had trained in an al Qaeda camp in Afghanistan and met Osama bin Laden prior to the Sept. 11 attacks, the Times has said.

NSA Helps Coast Guard Find $197 Million in Cocaine

The NSA’s signals intelligence directorate began supplying intelligence to the U.S. Coast Guard starting in approximately 1989, according to the directorate’s “Coast Guard Account Manager.” An August 2003 SIDtoday article by the manager said the Coast Guard used signals intelligence in “domestic and law enforcement missions,” including for missions related to “counterterrorism, alien smuggling, counternarcotics, maritime tracking of vessels and/or high-interest cargos and international civilian maritime activities.” For example, in June 2003, SID helped the Coast Guard and British intelligence agency GCHQ track a cargo ship off the Venezuelan coast. After it was seized by the UK vessel HMS Iron Duke, it was found to contain “3,930 kilos of pure cocaine with a New York City street value of $196,500,000.”

NSA and the CIA

SIDtoday articles from 2003 detailed the changing relationship between the NSA and the Central Intelligence Agency. In a July post, NSA Signals Intelligence Director Richard Quirk described a new policy that, he wrote, “defines how we will provide NSA-collected, unminimized SIGINT to CIA for them to use in direct support of certain aspects of their mission.” Generally speaking, unminimized SIGINT is signals intelligence that may include the communications of American citizens and permanent residents, including inadvertently acquired communications not relevant to the authorized purposes of the collection.

An article from the CIA’s in-house journal Studies in Intelligence, declassified in 2014 as a result of a lawsuit from a former CIA employee, described a joint “Counterproliferation Fusion Cell,” located at CIA headquarters in Virginia but headed by an NSA officer, to “help focus SIGINT collection and reporting on high-priority proliferation targets.” A November 2003 SIDtoday article shed further light on this cell, saying that the team was focused on the nuclear proliferation network led by A. Q. Khan in Pakistan and was also intended to become the center for reporting on the International Atomic Energy Agency and the Organization for the Prohibition of Chemical Weapons.

Intelligence for Air Force “Space Campaign Planning”

The NSA also was providing the U.S. Strategic Command at Offutt Air Force Base in Nebraska with “intelligence on space control and surveillance operations, information operations, computer network operations, and space campaign planning,” according to another SIDtoday article. The command, whose traditional mission is to monitor missile deployments in Russia, China, and other countries, had recently expanded to also play a role in the global war on terrorism at the time the article was published, in August 2003.

Domes cover satellite dishes in Waihopai Valley, in the Marlborough region of New Zealand.

Photo: Getty Images/Lonely Planet Image

NSA Official Suggests Bypassing Elected Officials for Military

In addition to sharing information within the U.S. government, the NSA also provides extensive signals intelligence to its allies.

The NSA’s closest foreign collaborators are known as “Second Party” partners or the “Five Eyes:” spy agencies from the world’s English-speaking nations, including the United Kingdom, Canada, Australia, and New Zealand. According to one SIDtoday article, the term “Five Eyes” was derived from the classification marking, “US/UK/CAN/AUS/NZ EYES ONLY.”

In Australia’s small capital city of Canberra, there was an office known as the Special U.S. Liaison Office Canberra with, as of October 2003, a staff of 16 Americans, according to a SIDtoday article. The office served as the hub for the NSA’s relationship with Australia’s Defence Signals Directorate (DSD) (today known as the Australian Signals Directorate, or ASD), and New Zealand’s Government Communications Security Bureau (GCSB).

The article, first described in a 2014 New York Times story, outlined an NSA-DSD training effort: “NSA integrees mentor both cryptomathematicians and engineers while tackling the encrypted Very Small Aperture Terminal (VSAT) network used by the Papua New Guinea Defence Force, a goal mentioned in the DSD Director’s business plan.”

To help share NSA surveillance data between Second Party allies while keeping collection sources secret, NSA’s data acquisition team established the TICKETWINDOW information-sharing project in 1999. Initial coverage in SIDtoday did not make clear precisely what sort of system TICKETWINDOW was or what sort of technology powered it.

The NSA’s Third Party relationships differ from its Second Party relationships in that information sharing is confined to particular missions and, even within those missions, only certain types of information are shared, according to a SIDtoday article by Charlie Meals, the deputy director of the NSA signals intelligence directorate.

In the article, Meals made the case for ramping up NSA’s Third Party partnerships: “If we can’t deal with the civilian authorities in a certain country, can we establish a military-to-military agreement? Can we deal with countries that aren’t necessarily our close allies when it’s mutually advantageous to do so? … Let’s look into it!”

Another SIDtoday article described Third Party information sharing agreements with Turkey, Japan, South Korea, and Jordan, saying that those partners were second only to certain European allies in the extent of sharing. It said the NSA shared information with Turkey and Japan on terrorism and with South Korea and Jordan on Iraq.

Computer Crack Exposes Sketchy Intelligence

A September 2003 SIDtoday article threw cold water on an October 2002 Time Magazine story. The Time story reported that photos of American trains were found on a hard drive recovered during a raid of a purported al Qaeda cell by Kuwaiti authorities. The article also said that the photos, along with statements of senior al Qaeda operatives under CIA and FBI interrogation, led counterterrorism officials to worry that terrorists might have been planning an attack against U.S. railroads. The NSA’s “SIGINT Forensics Lab,” which extracts data from seized computing devices, sometimes getting past encryption in the process, examined the photos and concluded that they were “taken from a 1980’s commercially produced clip art CD.”

NSA Staff Compare Sources To Traitors, Hunt Media Leaks

In the summer of 2003, in San Antonio, Texas, Jim Miklaszewski, Pentagon correspondent for NBC News, spoke to a class full of senior executives in the intelligence community about newsgathering. According to SIDtoday, Miklaszewski received some antagonistic questioning on the subject of leaks; one student even compared journalists to spies, asking how he “differentiated reporter recruitment of U.S. intelligence sources from recruitment of foreign Humint sources when the US sources are committing a felony by ‘leaking information’ to reporters who are accessories after the fact.”

Weeks later, SIDtoday published a two-part series of articles on media leaks – or “cryptologic insecurities,” as the NSA referred to them. The first article listed several examples of “damaging media leaks” from reports from CBS News and other media organizations and the “unfortunate consequences” of them, claiming that in two cases al Qaeda heightened its security and changed its tactics. Some leaks resulted in NSA requesting an FBI investigation.

The second article in the series briefly described the steps taken when a new leak is discovered, including potentially opening a Department of Justice investigation.

But “media leaks are rarely prosecuted,” the article said, often because “they are hard to prove, but in some cases officials are reluctant to prosecute for fear that the case will attract even more attention than the original disclosure.”

U.S. Army soldiers sweep into a house during an cordon-and-search operation in Fallujah, Iraq in October 2003.

Photo: Scott Nelson/Getty Images

Unexpected Iraq Insurgency Rallies NSA

As in the early part of 2003, summarized in The Intercept’s last SIDtoday roundup, the NSA found itself in the last half of the year on a wartime footing in Iraq as fighting there failed to die down as anticipated. In Baghdad, NSA signals intelligence provided “the majority of intelligence briefed to Ambassador [Paul] Bremer and the senior staff” of the Coalition Provisional Authority, according to an agency staffer deployed to the former presidential palace and writing in SIDtoday. NSA staff was also on the ground in support of special operations teams hunting “High Value Targets” and “Special Collection Service” teams.

Although “major hostilities” in Iraq officially ended on May 1, as SIDtoday put it, echoing the official administration position, and the U.S.’s “post-war reconstruction” had begun, a fierce insurgency was brewing. On August 6, the NSA signals intelligence director, Richard Quirk, put the “Iraq Issue Management Team” back in action, saying in SIDtoday that:

“Conditions in Iraq remain extremely dangerous. … It is essential that Signals Intelligence resurrect the support and level of effort that were so pronounced when bombs were falling.”

By mid-September, a dedicated group of 40 analysts at Fort Meade was formed as the “Iraq Terrorism Development Center” to perform target discovery against attacks by terrorists and former regime members.

In October, the United Nations Security Council was considering a draft, U.S.-authored resolution providing international participation and financial backing for military forces in Iraq and the reconstruction of the country. The stakes were high, and, as a SID national intelligence officer wrote in SIDtoday, Germany and France continued to “express their displeasure” and U.N. Secretary General Kofi Annan did not want to put U.N. personnel at risk unless the organization was in charge of reconstruction.

But on October 16, the resolution passed unanimously and “was at heart a triumph of SIGINT support” according to a SIDtoday article co-authored by the NSA’s representative to the U.S. Mission to the U.N.

“NSA played a key role in keeping U.S. policy makers in New York and Washington abreast (or ahead) of the many twists and turns in the marathon negotiations,” the SIDtoday article stated. “Reporting from across SID … provided a window into the planning and intentions of the principal players on the Council – and may have even provided … the key information needed to ensure the unanimous vote.”

Top photo: A helicopter view of the National Security Agency headquarters in Fort Meade, Maryland earlier this year.

Sign up for The Intercept Newsletter here.

The post Iraqi Insurgents Stymied the NSA and Other Highlights from 263 Internal Agency Reports appeared first on The Intercept.

Syrian forces may have found Colvin by tracing her phone, according to a lawsuit filed by Colvin’s family this month. Syrian military intelligence used “signal interception devices to monitor satellite dish and cellphone communications and trace journalists’ locations,” the suit says.

In dangerous environments like war-torn Syria, smartphones become indispensable tools for journalists, human rights workers, and activists. But at the same time, they become especially potent tracking devices that can put users in mortal danger by leaking their location.

National Security Agency whistleblower Edward Snowden has been working with prominent hardware hacker Andrew “Bunnie” Huang to solve this problem. The pair are developing a way for potentially imperiled smartphone users to monitor whether their devices are making any potentially compromising radio transmissions. They argue that a smartphone’s user interface can’t be relied on to tell you the truth about that state of its radios. Their initial prototyping work uses an iPhone 6.

“We have to ensure that journalists can investigate and find the truth, even in areas where governments prefer they don’t,” Snowden told me in a video interview. “It’s basically to make the phone work for you, how you want it, when you want it, but only when.”

Huang made a name for himself by using a technique known as reverse engineering to hack into Microsoft’s Xbox and other hardware devices locked down using various forms of encryption, and Snowden said he’s been an invaluable research partner.

“When I worked at the NSA, I worked with some incredibly talented people,” Snowden said, “but I’ve never worked with anybody who had such an incredible outpouring of expertise than I have with Bunnie.”

Snowden and Huang presented their findings in a talk at MIT Media Lab’s Forbidden Research event today and published a detailed paper.

Location Privacy and Smartphones

Smartphones come with a variety of different types of radio transmitters and receivers: cellular modems (for phone calls, SMS messages, and mobile data), wifi, bluetooth, and others. But using any of these radios could leak your physical location to an adversary who is watching the airwaves.

Journalists and activists use their phones to communicate with sources and colleagues, post updates and livestream to social media, and accomplish countless other networked tasks. If they need to keep their location secret, for example in a war zone, they need to turn off all of the radios within their phones. Even so, phones can still be vital tools even when offline; internet access is not needed to take photographs, record video or audio, take notes, use certain maps, or manage schedules.

Snowden and Huang have been researching if it’s possible to use a smartphone in such an offline manner without leaking its location, starting with the assumption that “a phone can and will be compromised.” After all, journalists and activists are often under-resourced and face off against well-funded intelligence services. They also, necessarily, use their phones to talk to, and open documents from, a wide variety of sources, leaving them especially vulnerable to targeted phishing, or “spearphishing,” attacks, where an attacker baits a victim into opening an enticing document that actually contains an exploit.

The research is necessary in part because the most common way to try to silence a phone’s radio — turning on airplane mode — can’t be relied on to squelch your phone’s radio traffic. “Malware packages, peddled by hackers at a price accessible by private individuals, can activate radios without any indication from the user interface,” Snowden and Huang explain in their blog post. “Trusting a phone that has been hacked to go into airplane mode is like trusting a drunk person to judge if they are sober enough to drive.”

Concept art for the Introspection Engine.

Image: Andrew Huang

Introspection Engine

Since a smartphone can essentially be made to lie about that state of its radios, the goal of Snowden and Huang’s research, according to their post, is to “provide field-ready tools that enable a reporter to observe and investigate the status of the phone’s radios directly and independently of the phone’s native hardware.” In other words, they want to build an entirely separate tiny computer that users can attach to a smartphone to alert them if it’s being dishonest about its radio emissions.

Snowden and Haung are calling this device an “introspection engine” because it will inspect the inner-workings of the phone. The device will be contained inside a battery case, looking similar to a smartphone with an extra bulky battery, except with its own screen to update the user on the status of the radios. Plans are for the device to be able to sound an audible alarm and possibly also to come equipped with a “kill switch” that can shut off power to the phone if any radio signals are detected. “The core principle is simple,” they wrote in the blog post. “If the reporter expects radios to be off, alert the user when they are turned on.”

The introspection engine also must fit a number of design goals, including: It should be entirely open source, with open hardware, to make it easy for experts to inspect; it should operate in a separate “security domain” than the phone. Basically, the introspection engine should work even if the phone is hacked and actively lying to you; it should have a simple and intuitive user interface and require no special training to use; it should be usable on a daily basis with minimal impact on workflow.

Introspection engines don’t exist yet, and the research Snowden and Huang presented today is only the beginning. In order to begin work on a prototype, the pair needed to pick a specific model of smartphone to target. They chose the 4.7-inch iPhone 6, based on their understanding of “the current preferences and tastes of reporters.” However, introspection engines could be designed for any model phone.

Jacking Into the iPhone

Huang, an American who currently lives in Singapore, traveled to the metropolis of Shenzhen, China to explore the electronics markets of Hua Qiang, which he described as “ground zero for the trade and practice of iPhone repair.” While there, he bought spare parts and repair manuals that contained detailed blueprints of the target device.

Testing the electrical signals from the iPhone 6.

Photo: Andrew Huang

Snowden and Huang discovered 12 test points that could be used to monitor the status of the cellular radios, the GPS radio, and the wifi and bluetooth radios. While they didn’t find a test point to monitor the Near Field Communication chip, the part that makes Apple Pay possible, they discovered that they could disconnect its antenna, vastly reducing its range.

They don’t think that modifying an iPhone 6 to install an introspection device could be done by just anyone, but “any technician with modest soldering skills can be trained to perform these operations reliably in about 1-2 days of practice on scrap motherboards.”

Supply Chain

The next step is to develop a working prototype, which Snowden and Bunnie hope to complete over the next year. Their blog post says that the project is currently operating on a “shoestring budget” and “donated time.”

If it proves successful, they may seek funding through the Freedom of the Press Foundation to develop and maintain a supply chain. The nonprofit, of which both Snowden and I are board members, could then distribute iPhones that have been modified to include introspection devices to journalists who work in dangerous environments to use in the field.

Sign up for The Intercept Newsletter here.

The post Edward Snowden’s New Research Aims to Keep Smartphones From Betraying Their Owners appeared first on The Intercept.

It also has open source code, meaning it can be inspected to verify security. You can download Signal from the Android Play Store and the iPhone App Store.

Although Signal is well-designed, there are extra steps you must take if you want to maximize the security for your most sensitive conversations — the ones that could be misinterpreted by an employer, client, or airport security screener; might be of interest to a snooping government, whether at home or abroad; or could allow a thief or hacker to blackmail you or steal your identity.

I discuss these steps at length below, in order of importance. If you wish to jump ahead to a specific section, you can click the appropriate link:

• Lock down your phone
• Hide Signal messages on your lock screen
• Verify that you’re talking to the right person
  • via Phone
  • via Text
• Archive and delete messages

Lock Down Your Phone

Signal uses strong end-to-end encryption, which, when properly used, ensures that no one involved in facilitating your conversation can see what you’re saying — not the makers of Signal, not your cellphone or broadband provider, and not the NSA or another spy agency that collects internet traffic in bulk.

But Signal’s encryption scheme can’t stop someone from picking up your phone and opening the app to read through your conversations. You have to take additional precautions.

If you’re using Android:

• Set up screen lock, which requires you to draw a pattern, type a numeric PIN, or type a password to unlock your phone. You can do this from the Settings app under Security > “Screen lock.” Try to make it random, and avoid using anything obvious such as birthdates. Don’t tell anyone how to unlock your phone unless you’re OK with them reading all of your encrypted messages.
• Encrypt your phone’s storage. A screen lock is not much use if a thief can copy your phone’s data to a different device. Encrypting the flash memory on your phone blocks such an attack by scrambling your data so that it can only be unlocked using the same pattern, PIN, or password used to unlock your phone. You can do this from the Settings app under Security > “Encrypt phone.” Note that you need to have a full battery before Android lets you encrypt your phone, and you may have to wait up to an hour while your phone is encrypting.
• Install all updates promptly. Updates fix security bugs, so every day you haven’t installed them is a day you’re vulnerable to attack. You can check for Android updates by opening the Settings app, and under System tap “About phone” > “System updates.” You should also update all of your apps from the Play Store promptly.

If you’re using an iPhone:

• Set a strong passcode. iPhones automatically have encrypted storage, but this encryption only protects your data if you lock your device with a passcode. Everyone should use at least a six-digit passcode, and you should up that to 11 digits if you’re concerned that your phone might fall into the hands of a powerful attacker like a government. Avoid using anything obvious such as birthdates. I wrote about this in detail in February — skip to the bottom of that article for instructions on changing your passcode, and for considerations about using Touch ID.
• Install updates promptly. Updates fix security bugs, so every day you haven’t installed them is a day you’re vulnerable to attack. You can check for iPhone updates in the Settings app under General > Software Update. You should also update all of your apps in the App Store app under the Updates tab.

Hide Signal Messages on Your Lock Screen

Signal’s powerful encryption won’t necessarily help you if other people can see incoming Signal messages displayed on your lock screen. Displaying messages on the lock screen is Signal’s default behavior, but you should change this if your phone is frequently in physical proximity to people who shouldn’t see your Signal messages — roommates, coworkers, or airport screeners, for example.

Left: Signal notification on locked Android phone. Right: Signal notification on locked iPhone.

Here’s how to lock down your Signal notifications.

If you’re using Android:

• Open the Settings app, and under “Device” > “Sound & notification” select “When device is locked.”
• The options are “Show all notification content,” “Hide sensitive notification content,” or “Don’t show notifications at all.” I recommend you choose “Hide sensitive information content” — this way you’ll still be notified when you get a Signal message, but you’ll have to unlock your phone to see who it’s from and what it says.

If you’re using an iPhone:

• Open the Signal app and click the gear icon in the top-left to get to Signal’s settings. Under “Notifications” > “Background Notifications,” tap “Show.”
• The options are “Sender name & message,” “Sender name only,” or “No name or message.” I recommend you choose “No name or message” — this way you’ll still be notified when you get a Signal message, but you’ll have to unlock your phone to see who it’s from and what it says.
• To completely remove Signal notifications from your iPhone’s lock screen, open the Settings app, tap “Notifications,” scroll down to the list of apps, and tap Signal. From here you can turn off “Show on Lock Screen.”

Left: Hidden Signal notification on locked Android phone. Right: Hidden Signal notifications on locked iPhone.

Verify That You’re Talking to the Right Person

I said earlier that Signal ensures your communications stay private when it is properly used. Using Signal properly involves verifying that your communications are not subject to a “man-in-the-middle attack.”

A man-in-the-middle attack is where two parties (Romeo and Juliet, for example) think they’re speaking directly to each other, but instead, Romeo is speaking to an attacker, Juliet is speaking to the same attacker, and the attacker is connecting the two, spying on everything along the way. In order to fully safeguard your communications, you have to take extra steps to verify that you’re encrypting directly to your friends and not to impostors.

Most messaging apps don’t provide any way to do this sort of verification. Signal provides two: one for verifying voice calls and one for verifying text conversations.

Verify Your Phone Contacts

It’s easy to verify the security of phone calls on Signal, but you have to verify every call.

For each call, the Signal app displays two words on the callers’ phone screens. In the screen shot below, for example, each screen shows the words “shamrock paragon.” Juliet and Romeo read these words to one another; if the words are the same, and they recognize one another’s voices, the call is secure. If the words are different, someone is attacking the encryption in the call and you should hang up and try calling again, but this time from a different internet connection.

It’s not required, but a popular convention is for the receiver to answer the phone by reading the first word, as in, “Shamrock?” And the caller to respond with the second word, as in, “Paragon.”

Left: Encrypted Signal voice call in Android. Right: Encrypted Signal voice call on an iPhone.

I admit that this sounds like magic, but I assure you that it’s only mathematics. Here’s how it works: When Juliet calls Romeo using Signal, her app communicates with his app and comes up with a shared secret that no one else can possibly learn, even if they’re spying on this exchange — watch this five-minute video if you want to get some information about how this works. The Signal app on each phone takes this shared secret and converts it into the two-word authentication string. As long as the shared secret is exactly the same, the authentication string will be exactly the same as well.

Verify Your Text Contacts

It’s more complicated to verify the security of Signal text chats, but once you’ve verified a text chat correspondent, you won’t have to re-verify them again until they get a new phone or re-install Signal.

Each person you text with in Signal has something called an identity key. When Juliet sends Romeo a message for the first time, her Signal app downloads a copy of his identity key and stores it on her phone and visa versa. So long as these identity keys are valid — the key that Juliet has stored for Romeo is actually Romeo’s real key and not some attacker’s key — then the messages they send to each other are secure.

Because it’s unlikely that anyone is trying to attack your encrypted messages the very first time you send a contact a message, Signal automatically trusts the identity key that it downloads. This makes Signal easy to use: All you need to do to have an encrypted conversation is send someone a message, and that’s it. But if you discuss anything sensitive, you still might want to confirm.

To verify the identity key, you first navigate to the verification screen.

If you’re using Android:

• Open the Signal app and tap on a conversation to open it
• Tap the contact’s name and phone number at the top of the screen
• Tap “Verify identity”

If you’re using an iPhone:

• Open the Signal app and tap on a conversation to open it
• Long-press the contact’s name at the top of the screen until the verification screen appears

Left: Signal identity verification in Android. Right: Signal identity verification on an iPhone.

Next, you want to confirm you have the correct identity key for your contact. You can do this either by scanning “QR codes,” which work similarly to the bar codes used to ring up groceries, or by comparing “fingerprints,” which are 66-character blocks of text.

Verifying a Text Contact in Person

If you’re able to meet up in person, here’s how you verify identity keys using QR codes:

If you’re using Android:

• To be verified, tap the barcode icon in the top-right of the verification screen and select “Display your QR code” (you may be prompted to install the Barcode Scanner app the first time you do this; it is safe to install).
• To verify someone else, tap the barcode icon on the verification screen and choose “Scan contact’s QR code,” and then point your camera at the contact’s QR code.

If you’re using an iPhone:

• To be verified, tap the QR code icon on the verification screen.
• To verify someone else, tap the camera icon on the verification screen, and then point the iPhone camera at the person’s QR code.

When you successfully verify a contact, Signal should pop up a message that says, “Verified!”

Verifying a Text Contact Remotely

If you can’t meet up in person, you can still verify that you have the right identity key by comparing fingerprints — however, it’s kind of annoying.

You need to share your fingerprint with your contact using some out-of-band communication channel — that is, don’t share it in a Signal message. Instead, share it in a Facebook message, Twitter direct message, email, or phone call. You could also choose to share it using some other encrypted messaging app, such as WhatsApp or iMessage. (If you’re feeling paranoid, a phone call is a good option; it would be challenging for an attacker to pretend to be your contact if you recognize their voice.)

Once your contact gets your fingerprint, they need to navigate to the verification screen and compare, character by character, what you sent them with what they see. If they match, your conversation is secure.

Your contact should share their fingerprint with you in the same way, and you should confirm that what they sent you matches what’s on your verification screen as well.

If you’re using Android, unfortunately there’s no way to copy your own fingerprint to your phone’s clipboard to paste into another app. If you want to share it using another app on your phone, you’ll have to manually type it.

If you’re using an iPhone, you can copy your own fingerprint to your phone’s clipboard like this: Open the Signal app and click the gear icon in the top-left to get to Signal’s settings. Tap Privacy, then tap Fingerprint.

Verifying a Text Contact Who Gets a New Phone

From time to time, you might see a warning in a Signal conversation that says “Identity key changed. Tap to verify new key.” This can only mean one of two things:

1. Your Signal contact switched to a new installation of Signal, most likely because they bought a new phone, or,
2. An attacker is trying to insert themselves into your Signal conversations.

The latter is less likely, but the only way to rule it out completely is to again go through one of the verification processes for text contacts described above.

Archive and Delete Messages

After Juliet sends a message to Romeo using Signal, copies of this message exist in only two locations: on Juliet’s phone and on Romeo’s phone. Unlike other messaging apps, Signal doesn’t store a copy of your messages on internet servers (“in the cloud”). Still, if you have a sensitive conversation, it may be a good idea to delete it when you no longer need it.

You can also archive conversations that you want to keep around but don’t want cluttering your Signal app. Here’s how to delete and archive Signal conversations.

When you open the Signal app, you will see a list of your conversations — your inbox, essentially. You can swipe a conversation to the right to archive it, which moves it out of your inbox and into an “archived conversations” list. Deleting a message or conversation varies depending upon your phone’s operating system:

If you’re using Android:

To delete a message, open the conversation, pick the message you’d like to delete, and long-touch it. This will select the message and give you the option to delete it. Similarly, to delete a conversation, pick a conversation from your inbox and long-touch it. This will select the conversation and give you the option to delete it.

If you’re using an iPhone:

To delete a message, open the conversation, pick the message you’d like to delete, long-touch it, and choose “Delete.” To delete a conversation, pick the conversation you’d like to delete from your inbox and swipe to the left to delete it.

Deleting messages is permanent. If you delete a message from your Signal app, and the person you’re talking to deletes it from their Signal app, the message will be completely gone.

Sign up for The Intercept Newsletter here.

The post Security Tips Every Signal User Should Know appeared first on The Intercept.

Making the news even better from a privacy standpoint is that both WhatsApp and Allo use a widely respected secure-messaging protocol from Open Whisper Systems, the San Francisco-based maker of the messaging app Signal.

To recap, there are now at least three different instant-message services that implement robust encryption: WhatsApp, Signal, and Allo. How is someone who cares about their privacy and security to choose between them?

In this article, I’m going to compare WhatsApp, Signal, and Allo from a privacy perspective.

While all three apps use the same secure-messaging protocol, they differ on exactly what information is encrypted, what metadata is collected, and what, precisely, is stored in the cloud — and therefore available, in theory at least, to government snoops and wily hackers.

In the end, I’m going to advocate you use Signal whenever you can — which actually may not end up being as often as you would like.

What’s up, WhatsApp?

With more than 1 billion users, WhatsApp is the world’s most popular messaging app. Which is why it was huge news among encryption advocates when the company a year and a half ago announced a partnership with Open Whisper Systems to integrate the Signal protocol into its product. The rollout was gradual, starting only on the Android version of WhatsApp and only for one-on-one text communication, but by this past April, WhatsApp was able to announce it was using the Signal protocol to encrypt all messages, including multimedia messages and group chats, for all users, including those on iOS, by default.

So if a government demands the content of WhatsApp messages, as in a recent case in Brazil, WhatsApp can’t hand it over — the messages are encrypted and WhatsApp does not have the key.

But it’s important to keep in mind that, even with the Signal protocol in place, WhatsApp’s servers can still see messages that users send through the service. They can’t see what’s inside the messages, but they can see who is sending a message to whom and when. And according to the WhatsApp privacy policy, the company reserves the right to record this information, otherwise known as message metadata, and give it to governments:

WhatsApp may retain date and time stamp information associated with successfully delivered messages and the mobile phone numbers involved in the messages, as well as any other information which WhatsApp is legally compelled to collect.

A WhatsApp spokesperson told the Committee to Protect Journalists, “WhatsApp does not maintain transaction logs in the normal course of providing its service.” However, the company makes no promises and could easily record and hand over metadata in response to a government request without violating its own policy.

When you first set up WhatsApp, you’re encouraged, but not required, to share your phone’s contact list with the app. This helps the WhatsApp service connect you with other users quickly and easily. A WhatsApp spokesperson confirmed to me that the company retains contact list data, which means that WhatsApp could also hand over your contact list in response to a government request.

Finally, online backups are a gaping hole in the security of WhatsApp messages. End-to-end encryption only refers to how messages are encrypted when they’re sent over the internet, not while they’re stored on your phone. Once messages are on your phone, they rely on your phone’s built-in encryption to keep them safe (which is why it’s important to use a strong passcode). If you choose to back up your phone to the cloud — such as to your Google account if you’re an Android user or your iCloud account if you’re an iPhone user — then you’re handing the content of your messages to your backup service provider.

By default, WhatsApp stores its messages in a way that allows them to be backed up to the cloud by iOS or Android. WhatsApp does let you remove your chats from these cloud backups if you go out of your way to do so, which I recommend you do, if you use WhatsApp to discuss anything sensitive.

Allo, World

Google's decision to disable end-to-end encryption by default in its new #Allo chat app is dangerous, and makes it unsafe. Avoid it for now.

— Edward Snowden (@Snowden) May 19, 2016

The first thing to understand about Google’s forthcoming Allo app is that, by default, Google will be able to read all of your Allo messages. If you want end-to-end encryption via the Signal protocol, you need to switch to an “incognito mode” within the app, which will be secure but include fewer features.

It’s 2016. We should be moving toward a future where the conversations we have on our phones are private, but Allo’s lack of default encryption is clinging to the past. Google releasing a new messaging app without default end-to-end encryption is like Tesla announcing a brand new model that only lets you use the airbags when you’ve disabled the entertainment system. As NSA whistleblower Edward Snowden put it, Allo’s defaults are “dangerous” and “unsafe.”

On the other hand, Google is trying something brand new, applying so-called machine learning techniques directly to your conversations. Allo hooks into an artificial intelligence called Google Assistant, which will read all of your messages and offer suggested responses, in your own slang, that it thinks you would likely write yourself. It also brings Google search directly into your conversations — you and your friends could, for example, search for a restaurant, pick one out, and make a reservation without having to leave the app.

Allo’s machine learning features prevent Google from turning on end-to-end encryption for all messages, since Google needs to be able to ingest the content of messages for the machine learning to work, a Google spokesperson told me. The spokesperson also said Google isn’t ready, until Allo is released later this summer, to make any promises about where user data will be stored or for how long.

The technology behind Allo looks very cool, but it’s moving in the wrong direction with regard to privacy. If privacy is important to you, you should use a messaging app that encrypts messages by default instead.

Along with Allo, Google is also releasing a new video calling app called Duo. Unlike Allo, all video calls in Duo will be end-to-end encrypted by default. Google isn’t releasing details — how the encryption works, if it’s possible for users to independently verify that it’s secure, or if metadata of the calls will be retained on Google’s servers — until it’s publicly released.

Allo and Duo will both be covered under Google’s privacy policy. Unfortunately, this policy doesn’t break out details about specific Google products.

Signal in the Noise

The first thing that sets Signal apart from WhatsApp and Allo is that it is open source. The app’s code is freely available for experts to inspect for flaws or back doors in its security. Another thing that makes Signal unique is its business model: There is none. In stark contrast to Facebook and Google, which make their money selling ads, Open Whisper Systems is entirely supported by grants and donations. With no advertising to target, the company intentionally stores as little user data as possible.

Like WhatsApp, all messages sent over Signal are end-to-end encrypted, and Open Whisper Systems doesn’t have the keys to decrypt them. What about message metadata, your phone’s contact list, and cloud backups?

Signal’s privacy policy is short and concise. Unlike WhatsApp, Signal doesn’t store any message metadata. Cryptographer and Open Whisper Systems founder Moxie Marlinspike told me that the closest piece of information to metadata that the Signal server stores is the last time each user connected to the server, and the precision of this information is reduced to the day, rather than the hour, minute, and second.

Signal users must share their contact list with the app in order to find other users — in WhatsApp, this is optional but recommended. But Signal doesn’t directly send your contact list to the server. Instead, it uses what’s known as a cryptographic hash function to obfuscate phone numbers before sending them to the server. (It also truncates the hashed phone numbers, if we’re being precise about things.) The server responds with the contacts that you have in common and then immediately discards the query, according to Marlinspike.

If you back up your phone to your Google or iCloud account, Signal doesn’t include any of your messages in this backup. WhatsApp’s gaping backup issue simply doesn’t exist with Signal, and there’s no risk of accidentally handing over your private messages to any third-party company.

Really happy with the Signal anti-forensics architecture: encrypted database excluded from backup, key in keychain. https://t.co/URipYdxnnI

— Frederic Jacobs (@FredericJacobs) February 24, 2016

Of course, this also means there’s no way to back up your Signal data to the cloud — a feature that some users find useful. If you lose your phone and restore a new one from backup, you simply lose all of your chat history. The Android version of Signal lets users locally export and import app data, for example if you’re switching to a new phone but still have your old one, but the iOS version of Signal does not support this.

In short, if a government demands that Open Whisper Systems hand over the content or metadata of a Signal message or a user’s contact list, it has nothing to hand over. And that government will have just as little luck requesting backups of Signal messages from Google or Apple.

From a user privacy perspective, Signal is the clear winner, but it’s not without its downsides.

Compared to WhatsApp’s 1 billion users, Signal’s user base is minuscule. Marlinspike said that they don’t publish statistics about how many users they have, but Android’s Google Play store reports that Signal has been downloaded between 1 and 5 million times. The iPhone App Store does not publish this data.

This means that if you install the Signal app, chances are you’ll have to convince your friends, family, and colleagues to install it as well before you can benefit from Signal’s top-grade privacy protection. If you install WhatsApp, chances are a lot of your contacts are already using it, and you can begin having encrypted conversations with minimal effort.

Signal also has fewer features and gets improved at a slower pace than its corporate competitors. For example, an early version of Signal Desktop has been available since the end of 2015, but it’s only available for Android users — iPhone support has not yet been developed, and it’s unclear when it will be finished. WhatsApp has a desktop version that works regardless of the type of phone you use.

Marlinspike told me that Open Whisper Systems has three full-time staff: two software developers and one person who handles user support and project management. With such incredibly limited resources, it’s surprising that they’ve accomplished as much as they have.

Sign up for The Intercept Newsletter here.

The post Battle of the Secure Messaging Apps: How Signal Beats WhatsApp appeared first on The Intercept.

In the early months of 2003, the National Security Agency saw demand for its services spike as a new war in Iraq, as well as ongoing and profound changes in how people used the internet, added to a torrent of new agency work related to the war on terror, according to a review of 166 articles from a restricted agency newsletter.

The Intercept today is releasing the first three months of SIDtoday, March 31 through the end of June 2003, using files provided by NSA whistleblower Edward Snowden. In addition, we are releasing any subsequent 2003 installments of SIDtoday series that began during this period. The files are available for download here.

We combed through these files with help from other writers and editors with an eye toward finding the most interesting stories, among other concerns.

SIDtoday was launched just 11 days into the U.S. invasion of Iraq by a team within the NSA’s Signals Intelligence Directorate. SID is arguably the NSA’s most important division, responsible for spying on the agency’s targets, and SIDtoday became, as Peter Maass documents in an accompanying article, an invaluable primer on how the NSA breaks into and monitors communications systems around the world.

At the outset, SIDtoday declared that its mission was to “bring together communications from across the SIGINT Directorate in a single webpage” and that one of its key areas of focus would be providing “information on the Iraq Campaign and Campaign Against Terrorism.” And, indeed, the first issues of SIDtoday document how the agency paved the way for the Iraq War with diplomatic intelligence, supported the targeting of specific enemies in Iraq, and continued servicing existing “customers” like the Department of the Interior and the Department of Agriculture, whose appetite for signals intelligence grew sharply after the Sept. 11 attacks.

While the agency was helping in Iraq, NSA personnel were also involved in interrogations at Guantánamo Bay, SIDtoday articles show, working alongside the military and CIA at a time when prisoners there were treated brutally. The Intercept’s Cora Currier describes the NSA’s involvement with the interrogations in a separate story, one that also documents how the agency helped with the capture and rendition to Guantánamo of a group of Algerian men in Bosnia.

Other highlights from this set of documents follow below, alongside links to the relevant originals.

U.S. Marines from the 2nd Battalion, 8th Regiment enter the southern Iraqi city of Nasiriyah, March 23, 2003.

Photo: Eric Feferberg/AFP/Getty Images

Shock and Awe: The Iraq War in SID

In the first months of the Iraq War, SIDtoday articles bragged about the NSA’s part in the run-up to the invasion and reflected the Bush administration’s confidence that Saddam Hussein had hidden weapons of mass destruction.

At the United Nations, readers were told, “timely SIGINT played a critical role” in winning adoption of resolutions related to Iraq, including by providing “insights into the nuances of internal divisions among the five permanent members of the U.N. Security Council.”

When the military deployed to Iraq, SIGINT came too. Maj. Gen. Richard J. Quirk III, then a deputy director of SID, put out an “urgent” call for additional SIGINT analysts to volunteer for 90- to 120-day field deployment, stressing that “SIGINT is wired into our military operations as never before.” NSA’s Iraq War tasks would include “researching possible locations of stockpiled WMD material.” The Geospatial Exploitation Office, placed on 24/7 watch, provided “near-real-time tipping of communications associated with Iraqi leadership and other high-value targets.”

POW Pfc. Jessica Lynch being loaded into a military helicopter on her way out of Iraq, April 2, 2003.

Photo: CENTCOM/Getty Images

Just three days into the campaign, on March 23, 2003, Pfc. Jessica Lynch and five others were taken prisoner after their convoy from the 507th Maintenance Company went off course near Nasiriyah, Iraq, and lost 11 soldiers in the ensuing attack. On April 1, Special Operations commandos rescued Lynch from her bed at the Saddam Hussein General Hospital in Nasiriyah, swooping down in Black Hawk helicopters and firing explosive charges. (It later emerged that Iraqi forces had previously left the hospital.)

In “SID Support to POW Rescue,” Chief of Staff Charles Berlin revealed that the Lynch rescue was aided by blueprints from the Japanese construction firm that originally built the hospital, blueprints rounded up as the rescue was being planned and sent “as digital files” to the commandos “literally minutes before the aircraft departed with the strike team” on April 1. Information about the hospital had been collected by a dedicated Underground Facility Support Cell created by the NSA in 2002 as part of an interagency effort to assess “the infrastructure and vulnerabilities of underground facilities used by hostile governments or military forces.”

Even before President Bush declared an end to major combat operations in Iraq on May 1, 2003, NSA was preparing its history of the war. Record management officers were given guidance on how to preserve records from the operation, and the general staff was told how to preserve even “seemingly mundane things.”

Soon after the president’s “Mission Accomplished” victory speech, some NSA staff returned from deployment. But the role of signals intelligence in Iraq was not over. The NSA provided “time-sensitive SIGINT” support, including a “summary of contacts,” to aid the May 22, 2003, capture of a top Baathist official, Aziz Sajih Al-Numan, “king of diamonds” in the deck of playing cards that featured U.S. Central Command’s wanted Iraqis. Al-Numan was caught within 25 hours after the Army contacted NSA to request support. “Well done to all involved in his capture!” a SIDtoday article declared.

In June, the “ace of diamonds,” Saddam’s secretary Abid Hamid Mahmud al-Tikriti, was captured thanks to “near-real-time tipping [of geospatial intelligence] to the Special Operations Forces engaged in the hunt,” along with rapid translation of intercepted conversations, SIDtoday bragged.

As the end of the quarter approached, SIDtoday reported on portents of continued resistance and warned, “The scope of hostilities is greater than many may realize,” and, separately, that “Iraq is still a troubled environment and much work needs to be done.”

Additional SIDtoday articles about Iraq are available here.

Hunting a Russian Mobster, “Mr. Kumarin”

In an example of highly targeted intelligence gathering, the NSA spent “many months” acquiring the phone number of a Russian organized crime figure and began intercepting his calls, according to a May 2003 article. The intelligence work was sparked by the State Department, which in 2002 requested information on the leader of the Tambov crime syndicate in Russia, referred to only as “Mr. Kumarin,” and about any links between the syndicate and Russian President Vladimir Putin.

In 2009, the Russian authorities tried and convicted Vladimir Kumarin, who had changed his name to Vladimir Barsukov, for fraud and money laundering. The New York Times compared him to a “Russian John Gotti.” He was sentenced to 14 years in prison.

A North Korean soldier looks south through binoculars at the truce village of Panmunjom in the demilitarized zone dividing North and South Korea on April 9, 2009.

Photo: Jung Yeon-Je/AFP/Getty Images

Uncovering North Korean Nuclear Efforts

As previously shown, NSA signals intelligence was used to inform negotiations over U.N. resolutions against Iraq in early 2003. But that wasn’t the only time the agency influenced diplomacy: In 2002, signals intelligence ignited a confrontation between North Korea and the U.S., according to a SIDtoday article from April 2003. NSA eavesdroppers discovered that North Korea was developing a uranium enrichment capability in violation of an agreement with the U.S. When the State Department presented the evidence at a meeting in Pyongyang that October, the North Koreans admitted it was true, the article said, setting off the clash.

“The ONLY source of information on this treaty violation was SIGINT derived from North Korean external communications,” an NSA manager wrote in SIDtoday. “This is both a SIGINT success story and an example of how cross-organizational collaboration can produce key intelligence. Hats off to everyone involved!”

Orbital Signals Intelligence

For more than 30 years, one SIDtoday article from June 2003 explained, the NSA had tapped into communications from foreign satellites. Though the program associated with this monitoring, FORNSAT, has been previously disclosed, this document adds important context. For example, it made FORNSAT sound like an intelligence gold mine, having “consistently provided … over 25 percent of end product reporting.” It also explained what sorts of information the NSA gleaned from satellites — “intelligence derived from diplomatic communications … airline reservations and billing data … traffic about terrorists, international crime, weapons of mass destruction … international finance and trade.”

The problem, at the time the article was written, was that FORNSAT was in “dire need of upgrade” because it was “primarily engineered for voice” communications and needed to shift to intercepting more digital communications, including digital video. It also needed to be expanded to tap into mobile satellite phone systems, which “use hundreds of spot beams. Our 13 fixed FORNSAT sites cannot provide the necessary access.”

Leaks Included in 5,000 “Insecurity Records”

Ten years before Edward Snowden gave a trove of NSA documents to journalists Glenn Greenwald and Laura Poitras, a “chief” within SID’s Communications and Support Operations organization described in SIDtoday the great lengths the agency went to in order to track leaks. In a profile of the Intelligence Security Issues office within CSO, this person said that ISI scanned 350 press items daily for “cryptologic insecurities” and maintained a database called FIRSTFRUIT with “over 5,000 insecurity-related records” ranging from “espionage damage assessments” to “liaison exchanges.” This ISI profile ran as part of a broader SIDtoday series on the CSO organization.

Technology Pushed NSA Into the Tablet Era — and Tons of Gear Went Missing

One theme that emerges from early 2003 SIDtoday installments is that the NSA was grappling with how to handle advances in information technology, particularly the proliferation of mobile devices and online networks.

One article in the “Customer Relations” series described several “dynamic dissemination products” to help SID “change with … our customers,” including an initiative to distribute “secret-level information” to wireless devices, a technique for disseminating “NSA product” to tablet computers, and a system to view secret documents on unclassified computers over the internet, bypassing the need for a high-security enclosed area known as a SCIF. These efforts foreshadowed Hillary Clinton’s controversial use, as secretary of state, of a BlackBerry device to traffic in sensitive government information after the NSA reportedly rebuffed her request for a special secure device from the agency.

Another article highlighted that the NSA was a heavy user of mobile devices even four years before the release of the first iPhone, calling on staffers to help catalogue all computers, including “laptops, palmtops/PDAs, etc.,” for an annual inventory.

The document also stated that $27 million worth of equipment remained “unaccounted for” after the prior year’s audit, which ended just two months earlier.

In addition to making secret information accessible to more people, SID was developing new systems to solve long-standing problems. The JOURNEYMAN program, described in another article, aimed to develop a system for distributing SIGINT reports to many different recipients at once across different networks with different formatting requirements. Another system, PATENTHAMMER, collected cellular, fax, and pager signals for the Special Operations Command and also allowed users to access information collected in the past.

SID was also still exploring the rapidly evolving internet. One article described how the NSA was improving its integration with the public internet via a program called OUTPARKS. Another touted the NSA’s annual SIGDEV conference, a major event in which analysts from the “five eyes” intelligence agencies in Australia, Canada, New Zealand, the United Kingdom, and the United States share techniques for developing new SIGINT. The article noted that the 2003 SIGDEV would include workshops on “social network analysis,” “internet research,” and “wireless LANs,” that is, wifi networks.

Other NSA staff apparently required more basic forms of training. “Do you know you can make SIDtoday your browser homepage?” asked a June 2003 article, with instructions on changing the default homepage in the web browsers popular at the time: Netscape and Internet Explorer.

Sept. 12, 2001, shows an area of white dust and smoke at the location where the 1,350-foot towers of the World Trade Center once stood in New York City.

Photo: Spaceimaging.com/Getty Images

Demand for NSA Intelligence Became “Voracious”

The Signals Intelligence Directorate is full of expert spies, but they don’t choose who to spy on themselves. In the corporate lingo of SID, the “customer” decides, customers “including all departments of the executive branch,” according to the agency’s website. And the demand from customers exploded in 2003, judging from a series of SIDtoday articles about the Customer Relationships Directorate, an office focused on ensuring that NSA’s customers get what they need.

One driver of this demand was the war on terror; inbound SIGINT requests to the NSA’s National Security Operations Center went from 300 in the two weeks after the Sept. 11 attacks to 1,700 by the end of the year, according to one SIDtoday article. Existing customers like the Department of the Interior and the Department of Agriculture “suddenly became voracious consumers” of signals intelligence, as one article from April 2003 put it, and brand new customers appeared on the scene, such as the newly created Department of Homeland Security. SID also increased its interaction with domestic law enforcement agencies like the FBI and the Bureau of Alcohol, Tobacco, Firearms, and Explosives.

Another driver of heightened SIGINT demand was the war in Iraq. According to the document describing the NSA’s role in war-related U.N. Security Council resolutions, “The number of timely SIGINT tippers delivered to [the U.S. Mission to the United Nations] during key points in the negotiations increased by a factor of four.”

Creating a “Plausible Cover” for Sensitive Intelligence Sources

Amid strong demand for intelligence, the NSA sometimes needed to alter sensitive information so it could be shared more widely. As part of SIDtoday’s explainer series “ConSIDer This,” one unknown author from the SIGINT communications team explained how to lower the classification level of intercepted communications, or COMINT, a process known as “downgrading.” The process could involve some subterfuge. “In order to downgrade COMINT, a plausible cover (i.e., collection from a less sensitive source) must exist,” the article stated.

Changing of the Guard at SID

As SIDtoday launched in 2003, the Signals Intelligence Directorate was in the midst of a leadership change as Director Maureen Baginski moved to a new position as the FBI’s head of intelligence and Maj. Gen. Quirk replaced her. Several other new managers and technical directors introduced themselves in the online newsletter’s series “Getting to Know the SID Leadership Team.” Also in that series: A senior technical leader complained that “voice dominates our reporting today, yet [digital information] is much more prolific in the global net” and explored reasons for this shortcoming.

The radar domes of RAF Menwith Hill in North Yorkshire dominate the skyline, Oct. 30, 2007, Harrogate, England.

Photo: Christopher Furlong/Getty Images

Life Stationed Abroad for SID Staffers

Throughout the second half of 2003, employees of the Signals Intelligence Directorate contributed articles to the series “SID Around the World,” a sort of collective travelogue on their tours outside the Fort Meade, Maryland, headquarters of the NSA. SID staffers seemed to most enjoy local cuisine: beer, strawberries, chocolates, and ramen, although one touted the possibility of “less than a four-hour drive” from the NSA’s U.K. Menwith Hill site for a “Taco Bell or Cinnabon fix.” Interspersed with recommendations for Rhineland wineries, Japanese communal hot baths, and winter sports in Colorado were some interesting facts about NSA’s global reach in 2003. The majority of signals processed at the Kunia operations center in Hawaii were collected on Okinawa. Some of the NSA’s representatives in Mons, Belgium, worked in an underground bunker. The Misawa base in Japan had just 25 civilian NSA personnel, while Menwith Hill had several hundred.

SIDtoday’s “Around the World” to Guantánamo Bay is part of a larger story on the NSA’s role in interrogations.

Office Space: NSA Edition

SIDtoday’s “A Day in the Life” series provided first-person accounts of the various jobs within the Signals Intelligence Directorate. For example, one “Day in the Life” described the work of a mathematician in the field of “diagnosis,” that is, studying encryption systems in order to understand their weaknesses. “During the course of a normal day,” the mathematician wrote, “I run cryptanalytic routines on UNIX desktop workstations, supercomputers, and special-purpose devices using available software tools. The routines employ standard cryptanalytic tests which search for patterns and non-random properties in data.”

The series also included an article written by Maj. Gen. Quirk’s executive assistant — the “conscience” of a “senior leader” — and another by a senior operations officer whose work involved entertaining Fox News personality Tony Snow before he became White House press secretary.

Peer Review for Spies: NSA’s Learned Organizations

For an academic, there is no better way to improve your career than to get published in prestigious journals and to win prestigious awards. But what if your research is classified and you can’t ever get the public recognition you deserve without betraying state secrets? If you work for the NSA, you look to one of the agency’s Learned Organizations to receive your academic accolades.

SIDtoday included a series of articles that shines a spotlight on NSA’s Learned Organizations, including the cryptanalysis-focused KRYPTOS Society; the Crypto-Linguistic Association, focused on language analysis, with events that in 2002 included a luncheon with the director of the Klingon Institute; the Collection Association, whose membership evolved from spies gathering intelligence via antennas to also include the monitoring of satellites and internet sleuthing; the Crypto-Mathematics Institute, NSA’s oldest Learned Organization, founded in 1957, whose activities included an essay contest; and the International Affairs Institute.

Related Stories:

• Snowden Archive — The SIDtoday Files
• The Intercept Is Broadening Access to the Snowden Archive. Here’s Why
• What It’s Like to Read the NSA’s Newspaper for Spies
• NSA Closely Involved in Guantánamo Interrogations, Documents Show

Sign up for The Intercept Newsletter here.

The post The Most Intriguing Spy Stories From 166 Internal NSA Reports appeared first on The Intercept.

Cook wrote that the backdoor, which removes limitations on how often an attacker can incorrectly guess an iPhone passcode, would set a dangerous precedent and “would have the potential to unlock any iPhone in someone’s physical possession,” even though in this instance, the FBI is seeking to unlock a single iPhone belonging to one of the killers in a 14-victim mass shooting spree in San Bernardino, California, in December.

It’s true that ordering Apple to develop the backdoor will fundamentally undermine iPhone security, as Cook and other digital security advocates have argued. But it’s possible for individual iPhone users to protect themselves from government snooping by setting strong passcodes on their phones — passcodes the FBI would not be able to unlock even if it gets its iPhone backdoor.

The technical details of how the iPhone encrypts data, and how the FBI might circumvent this protection, are complex and convoluted, and are being thoroughly explored elsewhere on the internet. What I’m going to focus on here is how ordinary iPhone users can protect themselves.

The short version: If you’re worried about governments trying to access your phone, set your iPhone up with a random, 11-digit numeric passcode. What follows is an explanation of why that will protect you and how to actually do it.

If it sounds outlandish to worry about government agents trying to crack into your phone, consider that when you travel internationally, agents at the airport or other border crossings can seize, search, and temporarily retain your digital devices — even without any grounds for suspicion. And while a local police officer can’t search your iPhone without a warrant, cops have used their own digital devices to get search warrants within 15 minutes, as a Supreme Court opinion recently noted.

The most obvious way to try and crack into your iPhone, and what the FBI is trying to do in the San Bernardino case, is to simply run through every possible passcode until the correct one is discovered and the phone is unlocked. This is known as a “brute force” attack.

For example, let’s say you set a six-digit passcode on your iPhone. There are 10 possibilities for each digit in a numbers-based passcode, and so there are 10⁶, or 1 million, possible combinations for a six-digit passcode as a whole. It is trivial for a computer to generate all of these possible codes. The difficulty comes in trying to test them.

One obstacle to testing all possible passcodes is that the iPhone intentionally slows down after you guess wrong a few times. An attacker can try four incorrect passcodes before she’s forced to wait one minute. If she continues to guess wrong, the time delay increases to five minutes, 15 minutes, and finally one hour. There’s even a setting to erase all data on the iPhone after 10 wrong guesses.

This is where the FBI’s requested backdoor comes into play. The FBI is demanding that Apple create a special version of the iPhone’s operating system, iOS, that removes the time delays and ignores the data erasure setting. The FBI could install this malicious software on the San Bernardino killer’s iPhone, brute force the passcode, unlock the phone, and access all of its data. And that process could hypothetically be repeated on anyone else’s iPhone.

(There’s also speculation that the government could make Apple alter the operation of a piece of iPhone hardware known as the Secure Enclave; for the purposes of this article, I assume the protections offered by this hardware, which would slow an attacker down even more, are not in place.)

Even if the FBI gets its way and can clear away iPhone safeguards against passcode guessing, it faces another obstacle, one that should help keep it from cracking passcodes of, say, 11 digits: It can only test potential passcodes for your iPhone using the iPhone itself; the FBI can’t use a supercomputer or a cluster of iPhones to speed up the guessing process. That’s because iPhone models, at least as far back as May 2012, have come with a Unique ID (UID) embedded in the device hardware. Each iPhone has a different UID fused to the phone, and, by design, no one can read it and copy it to another computer. The iPhone can only be unlocked when the owner’s passcode is combined with the the UID to derive an encryption key.

So the FBI is stuck using your iPhone to test passcodes. And it turns out that your iPhone is kind of slow at that: iPhones intentionally encrypt data in such a way that they must spend about 80 milliseconds doing the math needed to test a passcode, according to Apple. That limits them to testing 12.5 passcode guesses per second, which means that guessing a six-digit passcode would take, at most, just over 22 hours.

You can calculate the time for that task simply by dividing the 1 million possible six-digit passcodes by 12.5 per seconds. That’s 80,000 seconds, or 1,333 minutes, or 22 hours. But the attacker doesn’t have to try each passcode; she can stop when she finds one that successfully unlocks the device. On average, it will only take 11 hours for that to happen.

But the FBI would be happy to spend mere hours cracking your iPhone. What if you use a longer passcode? Here’s how long the FBI would need:

• seven-digit passcodes will take up to 9.2 days, and on average 4.6 days, to crack
• eight-digit passcodes will take up to three months, and on average 46 days, to crack
• nine-digit passcodes will take up to 2.5 years, and on average 1.2 years, to crack
• 10-digit passcodes will take up to 25 years, and on average 12.6 years, to crack
• 11-digit passcodes will take up to 253 years, and on average 127 years, to crack
• 12-digit passcodes will take up to 2,536 years, and on average 1,268 years, to crack
• 13-digit passcodes will take up to 25,367 years, and on average 12,683 years, to crack

It’s important to note that these estimates only apply to truly random passcodes. If you choose a passcode by stringing together dates, phone numbers, social security numbers, or anything else that’s at all predictable, the attacker might try guessing those first, and might crack your 11-digit passcode in a very short amount of time. So make sure your passcode is random, even if this means it takes extra time to memorize it. (Memorizing that many digits might seem daunting, but if you’re older than, say, 29, there was probably a time when you memorized several phone numbers that you dialed on a regular basis.)

Nerd tip: If you’re using a Mac or Linux, you can securely generate a random 11-digit passcode by opening the Terminal app and typing this command:

python -c 'from random import SystemRandom as r; print(r().randint(0,10**11-1))'

It’s also important to note that we’re assuming the FBI, or some other government agency, has not found a flaw in Apple’s security architecture that would allow them to test passcodes on their own computers or at a rate faster than 80 milliseconds per passcode.

Once you’ve created a new 11-digit passcode, you can start using it by opening the Settings app, selecting “Touch ID & Passcode,” and entering your old passcode if prompted. Then, if you have an existing passcode, select “Change passcode” and enter your old passcode. If you do not have an existing passcode, and are setting one for the first time, click “Turn passcode on.”

Then, in all cases, click “Passcode options,”  select “Custom numeric code,” and then enter your new passcode.

Here are a few final tips to make this long-passcode thing work better:

• Within the “Touch ID & Passcode” settings screen, make sure to turn on the Erase Data setting to erase all data on your iPhone after 10 failed passcode attempts.
• Make sure you don’t forget your passcode, or you’ll lose access to all of the data on your iPhone.
• Don’t use Touch ID to unlock your phone. Your attacker doesn’t need to guess your passcode if she can push your finger onto the home button to unlock it instead. (At least one court has ruled that while the police cannot compel you to disclose your passcode, they can compel you to use your fingerprint to unlock your smartphone.)
• Don’t use iCloud backups. Your attacker doesn’t need to guess your passcode if she can get a copy of all the same data from Apple’s server, where it’s no longer protected by your passcode.
• Do make local backups to your computer using iTunes, especially if you are worried about forgetting your iPhone passcode. You can encrypt the backups, too.

By choosing a strong passcode, the FBI shouldn’t be able to unlock your encrypted phone, even if it installs a backdoored version of iOS on it. Not unless it has hundreds of years to spare.

The post Upgrade Your iPhone Passcode to Defeat the FBI’s Backdoor Strategy appeared first on The Intercept.

McKim was convicted in part based on the testimony of a local medical examiner, who claimed that the presence of petechiae on a dead body — small spots on the skin or the whites of the eyes where capillaries have hemorrhaged — is proof that a person was suffocated. But a toxicology report — completed after Wagnon’s cause of death had already been determined as asphyxiation — revealed that Wagnon had lethal levels of methamphetamine in her system when she died. Among the witnesses Bukowsky planned to call at the hearing were five different pathologists who would testify that the state’s medical examiner was wrong when he claimed Wagnon was suffocated — and that evidence pointed to a meth overdose instead. (A sixth pathologist, retained as an expert by the state, also agreed that Wagnon died of an overdose, not of suffocation.)

“It was a really big time, and a crucial time, for his case,” Bukowsky recalls. As she prepped witnesses and decided who else should take the stand, she shared her strategy with McKim via lengthy phone calls — calls understood to be protected by attorney-client privilege. Unlike calls between prisoners and their family or acquaintances, which are routinely monitored, conversations with lawyers are not to be recorded. During these calls, says Bukowsky, “I’m telling him my concerns about calling this or that person — that is crucial information that should be private between us.”

The hearing took place in August 2013. The following spring, a circuit court judge ruled against McKim, upholding his conviction and saying that even if Wagnon was not suffocated, McKim and his co-defendant could have killed her another way — by intentionally forcing her to overdose on meth, a theory the state had never previously argued, for which there was no supporting evidence.

Bukowsky was confounded by the ruling, but remained undeterred — she is convinced of McKim’s innocence and knows from experience that in a system that favors finality, undoing an unjust conviction can be frustrating work. “It takes a lot of grit & it makes me angry,” she wrote in an email.

Last fall, Bukowsky received an unexpected phone call related to McKim’s case. The call came from The Intercept, following our November 11, 2015, report on a massive hack of Securus Technologies, a Texas-based prison telecommunications company that does business with the Missouri Department of Corrections. As we reported at the time, The Intercept received a massive database of more than 70 million call records belonging to Securus and coming from prison facilities that used the company’s so-called Secure Call Platform. Leaked via SecureDrop by a hacker who was concerned that Securus might be violating prisoners’ rights, the call records span a 2 1/2-year period beginning in late 2011 (the year Securus won its contract with the Missouri DOC) and ending in the spring of 2014.

Although Securus did not respond to repeated requests for comment for our November report, the company released a statement condemning the hack shortly after the story was published. Securus insisted there was “absolutely no evidence” that any attorney-client calls had been recorded “without the knowledge and consent” of the parties to each call.

The Intercept’s analysis, to the contrary, estimated that the hacked data included at least 14,000 records of conversations between inmates and attorneys. In the wake of the story’s publication, we informed Bukowsky that her phone number had been found among the records and provided her a spreadsheet of the calls made to her office — including the name of the client and the date, time, and duration of the calls. In turn, Bukowsky searched her case files for notes and other records, ultimately confirming that at least one call with McKim — which was prearranged with the Missouri DOC to be a private attorney call — was included in the data. The privileged call, more than 30 minutes long, was made at the height of Bukowsky’s preparations for McKim’s hearing. A unique recording URL accompanied each of Bukowsky’s calls included in the data, suggesting that audio had been recorded and stored for more than two years — and ultimately compromised by the unprecedented data breach.

The discovery was distressing. “I was in the thrust of litigating with the state attorney general’s office a very hotly disputed habeas petition, and I was acting under good faith that they were not recording,” she said. “And,” it appears, “they were.”

THE ABILITY OF COUNSEL and client to communicate confidentially is a cornerstone of the American legal system. The recording, monitoring, or storage of such legally protected communications not only chills the attorney-client relationship, but may also run afoul of constitutional protections — including the right to effective assistance of counsel and access to the courts.

The mass recording of inmate calls is itself a fairly recent practice, sold by private telecommunications companies, like Securus, to jails and prisons as a security measure — a way to thwart violent uprisings, for example, or curb the introduction of contraband into a facility. This bulk surveillance — the recording and long-term storage of millions and millions of routine communications — raises serious concerns about the privacy rights of incarcerated persons and their loved ones, says David Fathi, director of the ACLU’s National Prison Project. And indeed, while incarceration may compromise some individual rights, a detainee’s right to confidential communication with an attorney is not one that can be trampled by the state — or a private company. In criminal cases, the attorney-client privilege bars defense attorneys from disclosing, or prosecutors from using, any case-related information obtained in confidence. It is, says Fathi, “the oldest privilege of confidentiality known in our legal system.”

After The Intercept exposed the Securus hack, numerous defense attorneys contacted us to find out whether the database contained any of their call data. As we previously reported, the data contained 1.3 million unique telephone numbers; to determine if the 70 million call records contained attorney-client calls, we did a reverse lookup of each number, finding that at least 14,000 calls were made to attorneys. But because the reverse lookup was limited to a commercial directory, and because we searched only for business listings that included the words “attorney,” “law,” or “legal,” we concluded that we were likely missing thousands of additional calls — including those made to attorney cellphone numbers, which would not necessarily be listed in a commercial directory.

The attorneys who contacted The Intercept helped advance our investigation into the data by identifying additional phone numbers as belonging to lawyers, which were not previously included in our estimate. We have now identified at least 43,000 additional records of attorney-client communications — including both attempted and completed calls — contained within the hacked data. (But again, because the subsequent searches were done only for attorneys who reached out to The Intercept, we suspect there are still many more attorney-client call records not yet identified in the data.)

Among these additional records are more than 33,000 calls that detainees placed to lawyers working for Missouri’s state public defender office, and more than 1,000 made to the Midwest Innocence Project, which handles wrongful conviction cases in Missouri and four other states. That the hack contained so many calls to the MIP is distressing to the nonprofit’s executive director, Oliver Burnette. “It really gave us pause, and I think it can really hinder how we try to do business for the most vulnerable among us, those people … who are in jail and may be innocent,” he said.

As with Bukowsky’s calls, some of these additional records correspond to phone conversations arranged with prison officials to be confidential attorney-client communications, which never should have been recorded.

After a detailed review of several specific fields contained within the hacked records, The Intercept has been able to narrow the geographical scope of the recorded calls, tracing all of the detainee call records to Missouri prison facilities. Although, as we previously reported, the database reflects calls to at least 37 states, the vast majority — 85 percent — were made to phone numbers in Missouri. An additional 5 percent were placed to numbers with Kansas and Illinois area codes — states that border Missouri’s largest cities, Kansas City and St. Louis. Each phone record includes the name of the prisoner making the call, an acronym for a location that maps to a correctional facility in Missouri, as well as an identification number that appears to correspond with Missouri DOC prisoner IDs. The records do not include the number from which each phone call originated.

For Bukowsky — who founded her eponymous firm in Columbia in 2010 — the potential for damage was vast. At the August 2013 hearing in McKim’s case, the state called to the stand a woman, Melissa McFarland, who was with Wagnon just before her death and then implicated McKim in that death, a circumstance Bukowsky would have discussed with McKim. “So for them to hear me — if they’re listening to me, which I don’t know if they did — but were they to, they would know all the different things that I’m saying to my client that I think are problems for McFarland that I’m going to cross-examine her on [and] they could then prep her accordingly.”

In an email response to The Intercept, a spokesperson for the Missouri attorney general said that its office did not have access or listen to any phone calls between Bukowsky and McKim.

Bukowsky notes that violating attorney-client confidentiality in the manner that appears to have happened — and could still be happening, whether in Missouri or any of the jurisdictions where Securus operates, which include 47 states and the District of Columbia, as well as Canada and Mexico — is just another way the odds are stacked in favor of the state in criminal prosecutions.

IN OUR INITIAL REPORT, the ACLU’s Fathi described the hack as potentially representing the “most massive breach of the attorney-client privilege in modern U.S. history.” Upon learning The Intercept was able to confirm that the data included prearranged, privileged communications between lawyers and their clients, Fathi was even more troubled: “It’s very disturbing that calls that were explicitly set up as attorney-client calls were also recorded,” he said. “There’s no excuse for recording attorney-client calls, and there’s certainly no excuse for indefinitely retaining those recordings.”

Securus’ first public statement following our November report characterized the breach as an inside leak. In a subsequent press release on November 13, the company dropped the language about the hack being an inside job, declaring that it was “working on multiple fronts to fully investigate … and to prevent future criminal attacks.” The company said it had hired a forensic data analysis firm to determine how the hack happened and “to confirm that it happened outside of the Securus network and systems.” Securus has not publicly released any additional information related to the breach, nor responded to our requests for additional information and comment for this story.

Securus previously contested The Intercept’s conclusions about the recording of potentially privileged calls. “While The Intercept reports that they matched call data from the stolen data with phone numbers attached to attorneys’ offices,” it said in its second release regarding the hack, “no evidence has been provided that any of these calls were actually recorded, and if so, whether any of them would actually constitute privileged communications,” In addition, Securus said that its calling systems contain “multiple safeguards to prevent attorney-client recordings from occurring,” and pointed out that “licensed attorneys are able to register their numbers or a specific call to exempt them from recording.”

Although specific procedures differ depending on the state or locality involved, it is commonly the responsibility of lawyers to verify and register their numbers with jail or prison officials — ostensibly to ensure that legal calls are not recorded or monitored.

“While it is possible that not all of these safeguards were followed by the callers in some cases,” the company continued, “we have seen no evidence to date of recorded calls that would fall under that category.”

But criminal defense lawyers in Missouri told The Intercept that, unlike other jurisdictions in which Securus provides inmate calling services, the Missouri DOC does not allow attorneys to provide individual phone numbers to the agency or to individual facilities for inclusion in a standing do-not-record list. In an email, Missouri DOC Communications Director David Owen said the DOC “respects the right of offenders to have privileged communications with their attorneys” and explained that in order to guarantee a call is private, “attorneys must demonstrate, in written form, they are a licensed attorney, and request to have a privileged telephone call with an incarcerated offender.” Once scheduled, such calls are “set to private,” he explained, adding that lawyers “must make this request every time they wish to have a privileged telephone conversation with an incarcerated offender.”

But, after reviewing call record information provided by The Intercept, five attorneys in Missouri confirmed that contained in the hacked data were calls that were prearranged with the DOC to be private communications. “How can a client feel safe sharing information with his attorney when he suspects that the opposing party is listening to the call? How can an attorney expect to share legal strategy with their client if she suspects the same?” asks Jennifer Merrigan, a defense attorney who has represented Missouri death row prisoners for more than a decade, including as a former staff attorney and director of the Death Penalty Litigation Clinic in Kansas City. “A critical foundation of trust and confidence in the process has been destroyed.”

“It’s a little bit disconcerting,” says Missouri criminal defense attorney Kent Gipson, who discovered three calls made to him by three different clients that he could confirm were set up in advance, through prison authorities, as privileged calls that were not to be recorded. Each call record he identified also contained a unique recording URL. At the same time, Gipson notes, the allegation that all calls, including attorney calls, are routinely recorded or monitored is not a new one among attorneys or inmates. “Nothing much surprises me anymore,” he said. 

AFTER REVIEWING RECORDS found in the hacked data for calls made to public defender offices across Missouri, Michael Barrett, director of the Missouri State Public Defender System, said in an email that his office’s “initial finding” did not reveal any call records that match up with calls known to have been prearranged by system attorneys. “Not to say it didn’t happen,” he wrote, “just that we cannot identify a prearranged call that was recorded.”

But Barrett is among those The Intercept interviewed who suggest that the recording of any attorney-client communications can hinder the effectiveness of counsel. “Confidentiality is at the heart of what we do, and if a client feels as if what they say is being compromised, to whatever degree, he or she may not be sufficiently forthcoming with counsel so that the most effective defense can be presented on their behalf,” Barrett wrote. The best approach, he suggests, is to have a policy of never recording phone calls between lawyers and their clients. This would also mean “the risk of confidential information being leaked is zero.”

Tricia Bushnell, the MIP’s legal director, said that while review of the call data is not yet complete, so far she has been able to locate within the records The Intercept provided three calls that were prearranged in the manner the Missouri DOC has said is required.

Still, that may not necessarily reflect the true number of calls within the data that were intended to be privileged — indeed, despite the Missouri DOC’s insistence that only prearranged calls would be considered privileged, one Missouri attorney told The Intercept that policies governing how attorney-client calls are handled vary from facility to facility within the system, which makes it difficult to determine exactly how many privileged call records are contained within the leaked data.

“Every place is different,” Burnette agrees. “Perhaps that’s part of the problem, is that there’s no standardization.” But Burnette says the volume of legal calls included in the hack suggests that the Securus-Missouri DOC call system simply doesn’t work — and isn’t meeting its duty to protect prisoner rights. “Neither of those organizations are above the law afforded to everyone,” he says.

In response to a list of additional questions The Intercept emailed to the Missouri DOC, a spokesperson reiterated the agency’s initial response — that privileged calls must be prearranged — but added a caveat: “If a requested private call goes past its scheduled time that has been entered into the vendor software, the telephone software system will begin recording the call. At this time, the users will be [given] a notification that the call is being recorded.”

AFTER THE INTERCEPT reported on the Securus hack, the company said there was no evidence that any confidential attorney-client calls were actually recorded. However, the hacker had provided The Intercept with several audio files — recordings of actual conversations — that had been downloaded by clicking on the recording URLs within the call records, leading us to draw the logical inference that the other live links were also connected to audio files. Subsequently, Securus appears to have moved the more than 70 million calls in question to a new server, severing further access to the audio files through the links in the data.

Even if an audio file was not available for each of the calls identified by lawyers as confidential, the collection of metadata on those calls is a problem, says the ACLU’s Fathi. The database includes names and locations for individual detainees, the date, time, and duration of their calls, as well as the number called and data that appears to indicate how the call was paid for. “You can imagine all kinds of cases where the metadata would itself reveal confidential information,” says Fathi.

Burnette agrees that even collecting metadata on attorney-client calls is concerning. “We’ve talked about this on calls for private citizens — we know what they can glean from metadata,” he said. “We know the danger of it — and the value of it. If it wasn’t a valuable resource, there wouldn’t be Google, right? [With] metadata they know a lot about us.”

Among prisoners, it is an open secret in Missouri (and, indeed, throughout the criminal justice system) that calls intended to be confidential are monitored and/or recorded by the state. Defense attorney Gipson says that “a lot” of his clients suspect that all of their calls are monitored and/or recorded — despite official assurances to the contrary. “They think that even though it’s supposed to be a confidential call, they put [attorney calls] on a line that can be monitored — and then do, I think.”

One woman whose husband is housed in a Missouri prison told The Intercept that he and his fellow inmates consider it common knowledge that all calls — including privileged communications — are monitored and recorded. According to her husband, she said, at least one fellow inmate related that, while in a court proceeding, prosecutors demonstrated knowledge of information they couldn’t possibly have obtained without being privy to communications between the man and his attorney.

This isn’t an isolated allegation: In Austin, Texas, a federal lawsuit alleging that privileged calls have been recorded by Securus in the county’s jail facilities is currently pending against the company. The lawsuit claims that lawyers there have received copies of their privileged conversations from prosecutors during the evidence discovery process.

The Missouri prisoner’s wife also said that it wasn’t until December 14, 2015 — more than a month after our initial story was published, but just days after we emailed the DOC a series of questions for this story — that prison officials informed her husband and other inmates of the hack, telling them only that “the system was breached and everyone needed a new PIN” in order to place calls. The Intercept obtained a copy of the letter prison officials provided to inmates, which says that the data hacked was “historical call detail records” and did not include any compromising information, such as credit card information or social security numbers. Moreover, the letter reiterated Securus’ previous press statements regarding the hack, insisting that there is “no evidence” that attorney-client calls were recorded. “The system has been verified and is working properly,” the letter reads.

THE BREACH OF Securus’ data in Missouri suggests something larger not only about the mass recording and storage of inmate calls but also about the perils of privatizing core state responsibilities — as is often the case in corrections, where health care, food service, phone service, and even some prison facilities have been privatized. “These are … services for a population that has very little political power,” said Fathi. “So there’s not really a lot of care being put into oversight and monitoring and making sure that this service is being provided correctly,” he continued. “It continues to be incredible [to me] the sheer scale of what has happened here … and I think it shows what happens when technological advances and lax oversight come together to produce a bad result of very large proportions.”

In fact, the scale of recording and storage of inmate calls by Securus — as well as by its competitors, including industry leader Global Tel*Link — is infinitely larger than represented by the hacked data leaked to The Intercept. As of 2012, Securus alone was processing more than 1 million calls per day, from 1,700 facilities serving 850,000 detainees. According to company data provided to International Business Times, which ran a friendly profile of Securus CEO Rick Smith last month, the company has now grown to serve more than 1.2 million inmates in 3,450 facilities. The article did not include data on how many calls are currently processed each day, though logic would dictate that the call volume has increased in proportion to the company’s expanded reach, from significantly less than 1 million detainees in fewer than 2,000 facilities three years ago to 1.2 million across 3,450 facilities today.

And there is no reason to think that thousands of attorney-client calls, including clearly privileged communications, were improperly recorded only in Missouri and only over a 2 1/2-year period. “Absolutely,” says Fathi. “I am 100 percent certain that this is just the tip of the iceberg.”

Research: Joshua Thayer

The post Lawyers Speak Out About Massive Hack of Prisoners’ Phone Records appeared first on The Intercept.

During the “crypto wars” of the ’90s, the National Security Agency developed an encryption backdoor technology — endorsed and promoted by the Clinton administration — called the Clipper chip, which it hoped telecom companies would use to sell backdoored crypto phones. Essentially, every phone with a Clipper chip would come with an encryption key, but the government would also get a copy of that key — this is known as key escrow — with the promise to only use it in response to a valid warrant. But due to public outcry and the availability of encryption tools like PGP, which the government didn’t control, the Clipper chip program ceased to be relevant by 1996. (Today, most phone calls still aren’t encrypted. You can use the free, open source, backdoorless Signal app to make encrypted calls.)

The fact that new Windows devices require users to backup their recovery key on Microsoft’s servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts (you can skip to the bottom of this article to learn how) — something that people never had the option to do with the Clipper chip system. But they can only delete it after they’ve already uploaded it to the cloud.

“The gold standard in disk encryption is end-to-end encryption, where only you can unlock your disk. This is what most companies use, and it seems to work well,” says Matthew Green, professor of cryptography at Johns Hopkins University. “There are certainly cases where it’s helpful to have a backup of your key or password. In those cases you might opt in to have a company store that information. But handing your keys to a company like Microsoft fundamentally changes the security properties of a disk encryption system.”

As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it. Or Microsoft itself could get hacked, or could have hired a rogue employee with access to user data. Or a law enforcement or spy agency could send Microsoft a request for all data in your account, which would legally compel it to hand over your recovery key, which it could do even if the first thing you do after setting up your computer is delete it.

As Green puts it, “Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees.”

Of course, keeping a backup of your recovery key in your Microsoft account is genuinely useful for probably the majority of Windows users, which is why Microsoft designed the encryption scheme, known as “device encryption,” this way. If something goes wrong and your encrypted Windows computer breaks, you’re going to need this recovery key to gain access to any of your files. Microsoft would rather give their customers crippled disk encryption than risk their data.

“When a device goes into recovery mode, and the user doesn’t have access to the recovery key, the data on the drive will become permanently inaccessible. Based on the possibility of this outcome and a broad survey of customer feedback we chose to automatically backup the user recovery key,” a Microsoft spokesperson told me. “The recovery key requires physical access to the user device and is not useful without it.”

After you finish setting up your Windows computer, you can login to your Microsoft account and delete the recovery key. Is this secure enough? “If Microsoft doesn’t keep backups, maybe,” says Green. “But it’s hard to guarantee that. And for people who aren’t aware of the risk, opt-out seems risky.”

This policy is in stark contrast to Microsoft’s major competitor, Apple. New Macs also ship with built-in and default disk encryption: a technology known as FileVault. Like Microsoft, Apple lets you store a backup of your recovery key in your iCloud account. But in Apple’s case, it’s an option. When you set up a Mac for the first time, you can uncheck a box if you don’t want to send your key to Apple’s servers.

This policy is also in contrast to Microsoft’s premium disk encryption product called BitLocker, which isn’t the same thing as what Microsoft refers to as device encryption. When you turn on BitLocker you’re forced to make a backup of your recovery key, but you get three options: Save it in your Microsoft account, save it to a USB stick, or print it.

To fully understand the different disk encryption features that Windows offers, you need to know some Microsoft jargon. Windows comes in different editions: Home (the cheapest), Pro, and Enterprise (more expensive). Windows Home includes device encryption, which started to become available during Windows 8, and requires your computer to have a tamper-resistant chip that stores encryption keys, something all new PCs come with. Pro and Enterprise both include device encryption, and they also include BitLocker, which started to become available during Windows Vista, but only for the premium editions. Under the hood, device encryption and BitLocker are the same thing. The difference is there’s only one way to use device encryption, but BitLocker is configurable.

If you’re using a recent version of Windows, and your computer has the encryption chip, and if you have a Microsoft account, your disk will automatically get encrypted, and your recovery key will get sent to Microsoft. If you login to Windows using your company’s or university’s Windows domain, then your recovery key will get sent to a server controlled by your company or university instead of Microsoft — but still, you can’t prevent device encryption from sending your recovery key. If you choose to not use a Microsoft or a domain account at all and instead create a “local only” account, then you don’t get disk encryption.

BitLocker, on the other hand, gives you more control. When you turn on BitLocker you get the choice to store your recovery key locally, among other options. But if you buy a new Windows device, even if it supports BitLocker, you’ll be using device encryption when you first set it up, and you’ll automatically send your recovery key to Microsoft.

In short, there is no way to prevent a new Windows device from uploading your recovery key the first time you log in to your Microsoft account, even if you have a Pro or Enterprise edition of Windows. And this is worse than just Microsoft choosing an insecure default option. Windows Home users don’t get the choice to not upload their recovery key at all. And while Windows Pro and Enterprise users do get the choice (because they can use BitLocker), they can’t exercise that choice until after they’ve already uploaded their recovery key to Microsoft’s servers.

How to delete your recovery key from your Microsoft account

Go to this website and log in to your Microsoft account — this will be the same username and password that you use to log in to your Windows device. Once you’re in, it will show you a list of recovery keys backed up to your account.

If any of your Windows devices are listed, this means that Microsoft, or anyone who manages to access data in your Microsoft account, is technically able to unlock your encrypted disk, without your consent, as long as they physically have your computer. You can go ahead and delete your recovery key on this page — but you may want to back it up locally first, for example by writing it down on a piece of paper that you keep somewhere safe.

If you don’t see any recovery keys, then you either don’t have an encrypted disk, or Microsoft doesn’t have a copy of your recovery key. This might be the case if you’re using BitLocker and didn’t upload your recovery key when you first turned it on.

When you delete your recovery key from your account on this website, Microsoft promises that it gets deleted immediately, and that copies stored on its backup drives get deleted shortly thereafter as well. “The recovery key password is deleted right away from the customer’s online profile. As the drives that are used for failover and backup are sync’d up with the latest data the keys are removed,” a Microsoft spokesperson assured me.

If you have sensitive data that’s stored on your laptop, in some cases it might be safer to completely stop using your old encryption key and generate a new one that you never send to Microsoft. This way you can be entirely sure that the copy that used to be on Microsoft’s server hasn’t already been compromised.

Generate a new encryption key without giving a copy to Microsoft

Update: After this article was published, Ars Technica wrote about a method for preventing the recovery key you sent to Microsoft from being able to unlock your disk that doesn’t require upgrading from Windows Home to Pro or Enterprise. However if you already have a Pro or Enterprise edition, following the rest of the steps in this article might be simpler.

In order to generate a new disk encryption key, this time without giving a copy to Microsoft, you need decrypt your whole hard disk and then re-encrypt it, but this time in such a way that you’ll actually get asked how you want to backup your recovery key.

This is only possible if you have Windows Pro or Enterprise. Unfortunately, the only thing you can do if you have the Home edition is upgrade to a more expensive edition or use non-Microsoft disk encryption software, such as BestCrypt, which you have to pay for. You may also be able to get open source encryption software like VeraCrypt working, but sadly the open source options for full disk encryption in Windows don’t currently work well with modern PC hardware (as touched on here).

Go to Start, type “bitlocker,” and click “Manage BitLocker” to open BitLocker Drive Encryption settings.

From here, click “Turn off BitLocker.” It will warn you that your disk will get decrypted and that it may take some time. Go ahead and continue. You can use your computer while it’s decrypting.

After your disk is finished decrypting, you need to turn BitLocker back on. Back in the BitLocker Drive Encryption settings, click “Turn on BitLocker.”

It will check to see if your computer supports BitLocker, and then it will ask you how you want to backup your recovery key. It sure would be nice if it asked you this when you first set up your computer.

If you choose to save it to a file, it will make you save it onto a disk that you’re not currently encrypting, such as a USB stick. Or you can choose to print it and keep a hard copy. You must choose one of them to continue, but make sure you don’t choose “Save to your Microsoft account.”

On the next page it will ask you if you want to encrypt used disk space only (faster) or encrypt your entire disk including empty space (slower). If you want to be on the safe side, choose the latter. Then on the next page it will ask you if you wish to run the BitLocker system check, which you should probably do.

Finally, it will make you reboot your computer.

When you boot back up your hard disk will be encrypting in the background. At this point you can check your Microsoft account again to see if Windows uploaded your recovery key – it shouldn’t have.

Now just wait for your disk to finish encrypting. Congratulations: Your disk is encrypted and Microsoft no longer has the ability to unlock it.

Sign up for The Intercept Newsletter here.

The post Recently Bought a Windows Computer? Microsoft Probably Has Your Encryption Key appeared first on The Intercept.

This time around, Snowden’s anonymity was gone; the world knew who he was, much of what he’d leaked, and that he’d been living in exile in Moscow, where he’s been stranded ever since the State Department canceled his passport while he was en route to Latin America. His situation was more stable, the threats against him a bit easier to predict. So I approached my 2015 Snowden meeting with less paranoia than was warranted in 2013, and with a little more attention to physical security, since this time our communications would not be confined to the internet.

Our first meeting would be in the hotel lobby, and I arrived with all my important electronic gear in tow. I had powered down my smartphone and placed it in a “faraday bag” designed to block all radio emissions. This, in turn, was tucked inside my backpack next to my laptop (which I configured and hardened specifically for traveling to Russia), also powered off. Both electronic devices stored their data in encrypted form, but disk encryption isn’t perfect, and leaving these in my hotel room seemed like an invitation to tampering.

Most of the lobby seats were taken by well-dressed Russians sipping cocktails. I planted myself on an empty couch off in a nook hidden from most of the action and from the only security camera I could spot. Snowden had told me I’d have to wait awhile before he met me, and for a moment I wondered if I was being watched: A bearded man wearing glasses and a trench coat stood a few feet from me, apparently doing nothing aside from staring at a stained-glass window. Later he shifted from one side of my couch to the other, walking away just after I made eye contact.

Eventually, Snowden appeared. We smiled and said good to see you, and then walked up the spiral staircase near the elevator to the room where I would be conducting the interview, before we really started talking.

It also turns out that I didn’t need to be quite so cautious. Later, he told me to feel free to take out my phone so I could coordinate a rendezvous with some mutual friends who were in town. Operational security, or “opsec,” was a recurring theme across our several chats in Moscow.

In most of Snowden’s interviews he speaks broadly about the importance of privacy, surveillance reform, and encryption. But he rarely has the opportunity to delve into the details and help people of all technical backgrounds understand opsec and begin to strengthen their own security and privacy. He and I mutually agreed that our interview would focus more on nerdy computer talk and less on politics, because we’re both nerds and not many of his interviews get to be like that. I believe he wanted to use our chats to promote cool projects and to educate people. For example, Snowden had mentioned prior to our in-person meeting that he had tweeted about the Tor anonymity system and was surprised by how many people thought it was some big government trap. He wanted to fix those kinds of misconceptions.

Our interview, conducted over room-service hamburgers, started with the basics.

Micah Lee: What are some operational security practices you think everyone should adopt? Just useful stuff for average people.

Edward Snowden: [Opsec] is important even if you’re not worried about the NSA. Because when you think about who the victims of surveillance are, on a day-to-day basis, you’re thinking about people who are in abusive spousal relationships, you’re thinking about people who are concerned about stalkers, you’re thinking about children who are concerned about their parents overhearing things. It’s to reclaim a level of privacy.

• The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.]
• You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.]
• Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]
• The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that. [If you enable two-factor authentication, an attacker needs both your password as the first factor and a physical device, like your phone, as your second factor, to login to your account. Gmail, Facebook, Twitter, Dropbox, GitHub, Battle.net, and tons of other services all support two-factor authentication.]

We should not live lives as if we are electronically naked.

Micah Lee and Edward Snowden, Moscow, Russia.

Photo: Sue Gardner

Lee: What do you think about Tor? Do you think that everyone should be familiar with it, or do you think that it’s only a use-it-if-you-need-it thing?

Snowden: I think Tor is the most important privacy-enhancing technology project being used today. I use Tor personally all the time. We know it works from at least one anecdotal case that’s fairly familiar to most people at this point. That’s not to say that Tor is bulletproof. What Tor does is it provides a measure of security and allows you to disassociate your physical location. …

But the basic idea, the concept of Tor that is so valuable, is that it’s run by volunteers. Anyone can create a new node on the network, whether it’s an entry node, a middle router, or an exit point, on the basis of their willingness to accept some risk. The voluntary nature of this network means that it is survivable, it’s resistant, it’s flexible.

[Tor Browser is a great way to selectively use Tor to look something up and not leave a trace that you did it. It can also help bypass censorship when you’re on a network where certain sites are blocked. If you want to get more involved, you can volunteer to run your own Tor node, as I do, and support the diversity of the Tor network.]

Lee: So that is all stuff that everybody should be doing. What about people who have exceptional threat models, like future intelligence-community whistleblowers, and other people who have nation-state adversaries? Maybe journalists, in some cases, or activists, or people like that?

Snowden: So the first answer is that you can’t learn this from a single article. The needs of every individual in a high-risk environment are different. And the capabilities of the adversary are constantly improving. The tooling changes as well.

What really matters is to be conscious of the principles of compromise. How can the adversary, in general, gain access to information that is sensitive to you? What kinds of things do you need to protect? Because of course you don’t need to hide everything from the adversary. You don’t need to live a paranoid life, off the grid, in hiding, in the woods in Montana.

What we do need to protect are the facts of our activities, our beliefs, and our lives that could be used against us in manners that are contrary to our interests. So when we think about this for whistleblowers, for example, if you witnessed some kind of wrongdoing and you need to reveal this information, and you believe there are people that want to interfere with that, you need to think about how to compartmentalize that.

Tell no one who doesn’t need to know. [Lindsay Mills, Snowden’s girlfriend of several years, didn’t know that he had been collecting documents to leak to journalists until she heard about it on the news, like everyone else.]

When we talk about whistleblowers and what to do, you want to think about tools for protecting your identity, protecting the existence of the relationship from any type of conventional communication system. You want to use something like SecureDrop, over the Tor network, so there is no connection between the computer that you are using at the time — preferably with a non-persistent operating system like Tails, so you’ve left no forensic trace on the machine you’re using, which hopefully is a disposable machine that you can get rid of afterward, that can’t be found in a raid, that can’t be analyzed or anything like that — so that the only outcome of your operational activities are the stories reported by the journalists. [SecureDrop is a whistleblower submission system. Here is a guide to using The Intercept’s SecureDrop server as safely as possible.]

And this is to be sure that whoever has been engaging in this wrongdoing cannot distract from the controversy by pointing to your physical identity. Instead they have to deal with the facts of the controversy rather than the actors that are involved in it.

Lee: What about for people who are, like, in a repressive regime and are trying to …

Snowden: Use Tor.

Lee: Use Tor?

Snowden: If you’re not using Tor you’re doing it wrong. Now, there is a counterpoint here where the use of privacy-enhancing technologies in certain areas can actually single you out for additional surveillance through the exercise of repressive measures. This is why it’s so critical for developers who are working on security-enhancing tools to not make their protocols stand out.

Lee: So you mentioned that what you want to spread are the principles of operational security. And you mentioned some of them, like need-to-know, compartmentalization. Can you talk more about what are the principles of operating securely?

Snowden: Almost every principle of operating security is to think about vulnerability. Think about what the risks of compromise are and how to mitigate them. In every step, in every action, in every point involved, in every point of decision, you have to stop and reflect and think, “What would be the impact if my adversary were aware of my activities?” If that impact is something that’s not survivable, either you have to change or refrain from that activity, you have to mitigate that through some kind of tools or system to protect the information and reduce the risk of compromise, or ultimately, you have to accept the risk of discovery and have a plan to mitigate the response. Because sometimes you can’t always keep something secret, but you can plan your response.

Lee: Are there principles of operational security that you think would be applicable to everyday life?

Snowden: Yes, that’s selective sharing. Everybody doesn’t need to know everything about us. Your friend doesn’t need to know what pharmacy you go to. Facebook doesn’t need to know your password security questions. You don’t need to have your mother’s maiden name on your Facebook page, if that’s what you use for recovering your password on Gmail. The idea here is that sharing is OK, but it should always be voluntary. It should be thoughtful, it should be things that are mutually beneficial to people that you’re sharing with, and these aren’t things that are simply taken from you.

If you interact with the internet … the typical methods of communication today betray you silently, quietly, invisibly, at every click. At every page that you land on, information is being stolen. It’s being collected, intercepted, analyzed, and stored by governments, foreign and domestic, and by companies. You can reduce this by taking a few key steps. Basic things. If information is being collected about you, make sure it’s being done in a voluntary way.

For example, if you use browser plugins like HTTPS Everywhere by EFF, you can try to enforce secure encrypted communications so your data is not being passed in transit electronically naked.

Lee: Do you think people should use adblock software?

Snowden: Yes.

Everybody should be running adblock software, if only from a safety perspective …

Lee: Nice. So there’s a lot of esoteric attacks that you hear about in the media. There’s disk encryption attacks like evil maid attacks, and cold-boot attacks. There’s all sorts of firmware attacks. There’s BadUSB and BadBIOS, and baseband attacks on cellphones. All of these are probably unlikely to happen to many people very often. Is this something people should be concerned about? How do you go about deciding if you personally should be concerned about this sort of attack and try to defend against it?

Snowden: It all comes down to personal evaluation of your personal threat model, right? That is the bottom line of what operational security is about. You have to assess the risk of compromise. On the basis of that determine how much effort needs to be invested into mitigating that risk.

Now in the case of cold-boot attacks and things like that, there are many things you can do. For example, cold-boot attacks can be defeated by never leaving your machine unattended. This is something that is not important for the vast majority of users, because most people don’t need to worry about someone sneaking in when their machine is unattended. … There is the evil maid attack, which can be protected against by keeping your bootloader physically on you, by wearing it as a necklace, for example, on an external USB device.

You’ve got BadBIOS. You can protect against this by dumping your BIOS, hashing it (hopefully not with SHA1 anymore), and simply comparing your BIOS. In theory, if it’s owned badly enough you need to do this externally. You need to dump it using a JTAG or some kind of reader to make sure that it actually matches, if you don’t trust your operating system.

There’s a counter to every attack. The idea is you can play the cat-and-mouse game forever.

Lee: What sort of security tools are you currently excited about? What are you finding interesting?

Snowden: I’ll just namecheck Qubes here, just because it’s interesting. I’m really excited about Qubes because the idea of VM-separating machines, requiring expensive, costly sandbox escapes to get persistence on a machine, is a big step up in terms of burdening the attacker with greater resource and sophistication requirements for maintaining a compromise. I’d love to see them continue this project. I’d love to see them make it more accessible and much more secure. [You can read more about how to use Qubes here and here.]

Something that we haven’t seen that we need to see is a greater hardening of the overall kernels of every operating system through things like grsecurity [a set of patches to improve Linux security], but unfortunately there’s a big usability gap between the capabilities that are out there, that are possible, and what is attainable for the average user.

Lee: People use smartphones a lot. What do you think about using a smartphone for secure communications?

Snowden: Something that people forget about cellphones in general, of any type, is that you’re leaving a permanent record of all of your physical locations as you move around. … The problem with cellphones is they’re basically always talking about you, even when you’re not using them. That’s not to say that everyone should burn their cellphones … but you have to think about the context for your usage. Are you carrying a device that, by virtue of simply having it on your person, places you in a historic record in a place that you don’t want to be associated with, even if it’s something as simple as your place of worship?

Lee: There are tons of software developers out there that would love to figure out how to end mass surveillance. What should they be doing with their time?

Snowden: Mixed routing is one of the most important things that we need in terms of regular infrastructure because we haven’t solved the problem of how to divorce the content of communication from the fact that it has occurred at all. To have real privacy you have to have both. Not just what you talked to your mother about, but the fact that you talked to your mother at all. …

The problem with communications today is that the internet service provider knows exactly who you are. They know exactly where you live. They know what your credit card number is, when you last paid, how much it was.

You should be able to buy a pile of internet the same way you buy a bottle of water.

These are research questions that need to be resolved. We need to find a way to protect the rights that we ourselves inherited for the next generation. If we don’t, today we’re standing at a fork in the road that divides between an open society and a controlled system. If we don’t do anything about this, people will look back at this moment and they’ll say, why did you let that happen? Do you want to live in a quantified world? Where not only is the content of every conversation, not only are the movements of every person known, but even the location of all the objects are known? Where the book that you leant to a friend leaves a record that they have read it? These things might be useful capabilities that provide value to society, but that’s only going to be a net good if we’re able to mitigate the impact of our activity, of our sharing, of our openness.

Lee: Ideally, governments around the world shouldn’t be spying on everybody. But that’s not really the case, so where do you think — what do you think the way to solve this problem is? Do you think it’s all just encrypting everything, or do you think that trying to get Congress to pass new laws and trying to do policy stuff is equally as important? Where do you think the balance is between tech and policy to combat mass surveillance? And what do you think that Congress should do, or that people should be urging Congress to do?

Snowden: I think reform comes with many faces. There’s legal reform, there’s statutory reform more generally, there are the products and outcomes of judicial decisions. … In the United States it has been held that these programs of mass surveillance, which were implemented secretly without the knowledge or the consent of the public, violate our rights, that they went too far, that they should end. And they have been modified or changed as a result. But there are many other programs, and many other countries, where these reforms have not yet had the impact that is so vital to free society. And in these contexts, in these situations, I believe that we do — as a community, as an open society, whether we’re talking about ordinary citizens or the technological community specifically — we have to look for ways of enforcing human rights through any means.

That can be through technology, that can be through politics, that can be through voting, that can be through behavior. But technology is, of all of these things, perhaps the quickest and most promising means through which we can respond to the greatest violations of human rights in a manner that is not dependent on every single legislative body on the planet to reform itself at the same time, which is probably somewhat optimistic to hope for. We would be instead able to create systems … that enforce and guarantee the rights that are necessary to maintain a free and open society.

Lee: On a different note — people said I should ask about Twitter — how long have you had a Twitter account for?

Snowden: Two weeks.

Lee: How many followers do you have?

Snowden: A million and a half, I think.

Lee: That’s a lot of followers. How are you liking being a Twitter user so far?

Snowden: I’m trying very hard not to mess up.

Lee: You’ve been tweeting a lot lately, including in the middle of the night Moscow time.

Snowden: Ha. I make no secret about the fact that I live on Eastern Standard Time. The majority of my work and associations, my political activism, still occurs in my home, in the United States. So it only really make sense that I work on the same hours.

Lee: Do you feel like Twitter is sucking away all your time? I mean I kind of have Twitter open all day long and I sometimes get sucked into flame wars. How is it affecting you?

Snowden: There were a few days when people kept tweeting cats for almost an entire day. And I know I shouldn’t, I have a lot of work to do, but I just couldn’t stop looking at them.

Lee: The real question is, what was your Twitter handle before this? Because you were obviously on Twitter. You know all the ins and outs.

Snowden: I can neither confirm nor deny the existence of other Twitter accounts.

Disclosure: Snowden and I are both directors of Freedom of the Press Foundation.

Sign up for The Intercept Newsletter here.

The post Edward Snowden Explains How To Reclaim Your Privacy appeared first on The Intercept.

Particularly notable within the vast trove of phone records are what appear to be at least 14,000 recorded conversations between inmates and attorneys, a strong indication that at least some of the recordings are likely confidential and privileged legal communications — calls that never should have been recorded in the first place. The recording of legally protected attorney-client communications — and the storage of those recordings — potentially offends constitutional protections, including the right to effective assistance of counsel and of access to the courts.

“This may be the most massive breach of the attorney-client privilege in modern U.S. history, and that’s certainly something to be concerned about,” said David Fathi, director of the ACLU’s National Prison Project. “A lot of prisoner rights are limited because of their conviction and incarceration, but their protection by the attorney-client privilege is not.”

The blanket recording of detainee phone calls is a fairly recent phenomenon, the official purpose of which is to protect individuals both inside and outside the nation’s prisons and jails. The Securus hack offers a rare look at this little-considered form of mass surveillance of people behind bars — and of their loved ones on the outside — raising questions about its scope and practicality, as well as its dangers.

Securus markets itself to government clients as able to provide a superior phone system — its Secure Call Platform — that allows for broad monitoring and recording of calls. The company also promotes its ability to securely store those recordings, making them accessible only to authorized users within the criminal justice system. Thus, part of the Securus promise is not only that its database is vast, but also that it meets rigorous standards for security. “We will provide the most technologically advanced audio and video communications platform to allow calls with a high level of security,” reads the company’s Integrity Pledge. “We understand that confidentiality of calls is critical, and we will follow all Federal, State, and Local laws in the conduct of our business.”

But the fact that a hacker was able to obtain access to over 70 million prisoner phone call records shows that Securus’ data storage system is far more vulnerable than it purports to be.

More broadly, the Securus leak reveals just how much personal information the company retains about prisoners and the countless people to whom they are connected. It is information that, in the narrow context of incarceration, may not be considered private, but in the larger world raises serious questions about the extent to which people lose their civil liberties when their lives intersect, however briefly, with the criminal justice system.

Illustration: Alexander Glandien

SECURUS IS A TELECOMMUNICATIONS company based in Dallas, Texas, owned by a private equity firm. Its primary business is providing phone and video visitation services to incarcerated people — ostensibly offering a meaningful way for them to keep in touch with loved ones on the outside, as well as to communicate with attorneys. Until now, Securus was probably best-known for the incredibly high rates it has traditionally charged for phone calls, a burden borne almost exclusively by the very people who are the least able to afford it. (The Federal Communications Commission in October voted to cap calling rates and fees, a move that Securus and other industry leaders had fought, claiming the change would have a “devastating effect” on their businesses.)

It isn’t just Securus whose business model has relied on gouging people caught up in the criminal justice system. The industry’s other players, including the leading prison telecom company, Global Tel*Link, largely do the same. Prison and jail communications is a $1.2 billion a year business, whose handsome profits come from serving a captive and inelastic market. According to public relations materials, Securus provides communications platforms used by more than 1.2 million inmates across the country, who are confined in more than 2,200 facilities; by 2012 the company was processing more than 1 million calls each day. In 2014, Securus took in more than $404 million in revenue.

Securus does business with local and county governments (which operate the nation’s jails) and with state departments of correction (which, with some exceptions, run the nation’s prison systems). A key selling point to its clients is that the company not only installs and maintains phone systems at little to no cost to the government, but also that it agrees to pay back to its clients generous “site commissions,” a kickback that comes from revenue generated by inmate calls — on average 42 percent of the revenue from its state contracts, according to research done by Prison Legal News. (The FCC rate caps threaten the industry’s ability to keep revenues large enough to fund the exorbitant kickback scheme it created. Lowering and capping the rates and fees charged for calls means at least some industry players could be forced to dip into company coffers in order to comply with contracted payoff schedules, unless they renegotiate existing contracts. How the new rate caps will impact these payoffs remains to be seen.)

“OMG … this is not good!” reads an internal Securus email discussing phone calls hacked in 2014.

In addition to the sweetheart deal it offers clients, Securus also touts the technology of its Secure Call Platform, which allows recording and monitoring, with few exceptions, of all calls made by prisoners. The superior technology, it claims, ensures that its database is well-protected, and only accessible to authorized users — among them corrections workers, police investigators, and prosecutors. Law enforcement personnel are particularly important to the company: Securus promises it can provide recordings on demand to investigators across jurisdictions, promoting its system as a powerful crime-solving tool.

But the scale of the Securus hack shows the company has failed to fulfill its own promises on security. The more than 70 million phone call records given to The Intercept include phone calls placed to nearly 1.3 million unique phone numbers by more than 63,000 inmates. The original data was contained in a 37-gigabyte file and scattered across hundreds of tables, similar to spreadsheets, which The Intercept merged into a single table containing 144 million records. A search for duplicates reduced this figure to more than 70 million records of individual phone calls.

The database contained prisoners’ first and last names; the phone numbers they called; the date, time, and duration of the calls; the inmates’ Securus account numbers; as well as other information. In addition to metadata, each phone call record includes a “recording URL” where the audio recordings of the calls can be downloaded.

The vast majority of the calls appear to be personal in nature; downloaded audio files leaked alongside the larger database of recordings include one in which a couple has an intimate conversation; in another, relatives discuss someone whose diabetes is worsening. In a third, a couple discusses Dancing With the Stars, TV dinners, and how much money is available to pay for their regular phone conversations — versus how much should instead be spent on food. But a subset of the recordings — a minimum of roughly 14,000 — were made by detainees to attorneys, in calls that range from under a minute to over an hour in length.

To arrive at this figure, The Intercept looked up each of the nearly 1.3 million phone numbers that inmates called in a public directory of businesses to find out whether a law firm or attorney’s office is associated with that number. We found that Securus recorded more than 14,000 phone calls to at least 800 numbers that clearly belonged to attorneys. That 14,000 figure, however, is likely an underestimate because it does not include calls to attorney cellphone numbers. In other words, the 14,000 attorney calls are potentially just a small subset of the attorney-client calls that were hacked.

In short, it turns out that Securus isn’t so secure.

In fact, this doesn’t seem to be the first time that Securus’ supposedly impenetrable system has been hacked. According to documents provided to The Intercept by a Texas attorney, the company’s system was apparently breached just last year, on July 18, 2014, when someone hacked three calls made by an inmate named Aaron Hernandez, presumably the former player for the New England Patriots, who was awaiting trial for killing a friend. In an email thread from July 21, 2014, two Securus employees discuss the breach — the system was accessed by someone in South Dakota, they discover, though they don’t have that person’s name. “OMG……..this is not good!” reads one email contained in the document. “The company will be called to task for this if someone got in there that shouldn’t have been.”

There is no indication the 2014 hack has previously been made public. Securus did not respond to numerous requests for comment for this story. [Editor’s note: See update below for a statement from Securus in response to publication of this story.]

PRISONERS DO NOT GENERALLY ENJOY a right to privacy while incarcerated — a fact that is emphasized in the course of virtually any communication with the outside world. Like other jail and prison telecoms, Securus inserts a recorded message at the beginning of each prisoner-initiated phone call, reminding recipients that “this call is from a correctional facility and may be monitored and recorded.” In this context, anyone who hears the warning and still chooses to use the phone has effectively waived a right to privacy during that call, a condition all too familiar to people with incarcerated loved ones. Still, it is hard to imagine that people on either end of the line would ever anticipate that their conversations would be stored for years, in a manner that could potentially expose their intimacies to the larger public. By failing to prevent hackers from accessing the calls, Securus appears to have done just that.

This is troubling to the ACLU’s Fathi, because “waivers of rights are not meant to be all or nothing. Waivers are meant to be only as extensive as necessary to accomplish the goal underlying the waiver,” he said. If the goal for recording and monitoring detainee phone conversations is to enhance safety both inside and outside a facility that’s one thing — but those conversations should not be stored indefinitely, once they’re determined to be free of intelligence that would aide the institutional goal.

The mass recording of detainee calls was originally rationalized as improving safety within a facility — a way to hedge against contraband being brought in, to ferret out escape attempts or potentially violent uprisings, and to curb the possibility of witness tampering or intimidation. But if the goal is to see if a “person is smuggling drugs [or] plotting an escape,” said Fathi, “it doesn’t mean that the prisoner and the … outside person they’re talking to has forever waived all privacy rights and that any conceivable use of that recording is OK.”

The implications are especially alarming for calls that are understood to be the exception to the record-everything rule. Securus’ phone systems are supposed to be set up to allow certain phone numbers to be logged and flagged so that calls to those numbers are exempt from being recorded — let alone stored.

Indeed, that a criminal defendant or inmate should be able to speak frankly and honestly with a lawyer is a cornerstone of the criminal justice system — inherent in a defense attorney’s ethical obligations, and firmly rooted in the Sixth Amendment right to competent and effective legal counsel. A review of contracts and proposals completed by Securus in a handful of states reflects the company’s understanding of this right. In a 2011 bid to provide phone service to inmates in Missouri’s state prisons, Securus promised that each “call will be recorded and monitored, with the exception of privileged calls.” But the database provided to The Intercept shows that over 12,000 recordings of inmate-attorney communications, placed to attorneys in Missouri, were collected, stored, and ultimately hacked.

Illustration: Alexander Glandien

The lawsuit was brought by the Austin Lawyers Guild, four named attorneys, and a prisoner advocacy group, and alleges that, despite official assurances to the contrary, privileged communications between lawyers and clients housed in the county jails have been taped, stored, “procured,” and listened to by prosecutors. The plaintiffs say that while some prosecutors have disclosed copies of recordings to defense attorneys as part of the regular evidential discovery process, other prosecutors have not, choosing instead to use their knowledge of what is in individual recordings to their “tactical advantage” in the courtroom “without admitting they obtained or listened to the recordings.” (None of the recordings provided to The Intercept appear to be connected to any of the Austin attorneys named in the suit.)

The Austin attorneys argue that the intrusion into their communications with clients undermines their ability to effectively represent them. And those most disproportionately impacted are often clients who are the most disadvantaged: those who can’t afford bail and have to stay in jail awaiting prosecution. Austin defense attorney Scott Smith, who discovered this summer that an intern in the prosecutor’s office had inadvertently listened to a portion of a phone call he had with a jailed client, points out that it rigs the adversarial legal process in favor of the state. “How do you plan your strategy? It’s like being at the Superbowl and one team gets to put a microphone in the huddle of another team.”

Challenging the lawsuit, Securus notes that government intrusion into the attorney-client relationship could be a violation of the Sixth Amendment. But the company insists it has abided by its policy of not recording privileged phone calls — while at the same time maintaining that any existing tapes were voluntarily turned over by the state to defense attorneys during discovery. What’s more, Securus argues that the plaintiffs have not proved that “such recordings” had any adverse effects on their cases. “Securus acknowledges that Plaintiffs have alleged that recorded attorney-client calls have been shared with prosecutors, but they have failed to articulate a single instance where they have been harmed or prejudiced,” Securus said.

Exactly who is to blame for the recording of attorney calls is unclear. In many jurisdictions — including in Austin — the onus is on lawyers or their clients to give phone numbers to prison officials so that they can be placed on a do-not-record list. Failing to provide up-to-date contact information would make any inadvertent recordings the attorney’s or inmate’s fault. But properly logging these numbers is the government’s responsibility. And the secure storage of these is squarely up to Securus — particularly given that it markets itself as providing a service to do exactly that.

IT WASN’T ALWAYS THE CASE that detainee phone calls were recorded in bulk. The practice really took hold in the 1990s, says Martin Horn, a lecturer at John Jay College of Criminal Justice in New York, who previously served as commissioner of the New York City Department of Correction and, before that, as secretary of corrections in Pennsylvania. When Horn went to Pennsylvania in 1995, the state did not allow for the recording of inmate calls. But that decade saw “numerous horror stories,” he said, of inmates “perpetrating crimes” from within prison, “continuing to run their criminal enterprises” from behind bars, or “threatening witnesses, and so on.” At the same time, telephone technology had evolved significantly, making monitoring, recording, and storage of call data possible.

Until the mid-1980s, inmate phone services were provided by AT&T via operator-assisted collect calls from pay phones. But after the breakup of AT&T the market became more competitive — and less regulated — and companies such as Securus, originally known as the Tele-Matic Corporation, entered the market to offer equipment and, ultimately, sophisticated monitoring systems.

Today, Horn regards call monitoring as an important correctional tool. And while Horn said he was never made aware of any recording of attorney-client communications during his time in corrections, he said to the extent that a privileged communication is either monitored or recorded, there isn’t necessarily a harm — “if in the course of listening to it you become aware that it’s a conversation with a privileged party, such as an attorney, you stop listening,” he said. “So the fact that it was recorded, while unfortunate, you know, isn’t necessarily damaging.”

The hacked database also includes records of calls between prisoners and prosecutors — including 75 calls to a U.S. attorney’s office in Missouri.

But the massive amount of data provided to The Intercept suggests that the scope of surveillance within the system goes far beyond what the original goals might have been. A 2012 Securus contract with the Illinois Department of Corrections describes an optional product called Threads, branding it “one of the most powerful tools in the intelligence community.”

“Securus has the most widely used platform in the industry, with approximately 1,700 facilities installed, over 850,000 inmates served, literally petabytes of intelligence data, and over 1 million calls processed per day,” the company bragged to Illinois officials. “This valuable data is integrated directly into Threads and could be available at [Department of Correction]’s and [Department of Juvenile Justice]’s fingertips.”

Today those numbers are even higher. Securus’ website says that the Threads database contains the billing names and addresses of over half a million people who are not incarcerated, as well as information about more than 950,000 inmates from over 1,900 correctional facilities, and includes over 100 million call records. The amount of data sold to corrections and law enforcement investigators “continues to grow every day.”

As Adina Schwartz, a professor at John Jay College, points out, when you consider that these recordings can be stored “forever, with no supervision,” the potential for abuse increases. “I think any criminal defense attorney who wasn’t worried by that prospect is basically somebody who doesn’t do his or her job.”

And the recordings with known attorneys are not limited to calls with defense lawyers. The hacked database also includes records of calls between prisoners and prosecutors — including 75 calls to a United States attorney’s office in Missouri. These, too, are potentially problematic, particularly if they include conversations with cooperating witnesses who could be vulnerable if the details of their dealings with the government were exposed.

The attorney-client privilege is “the oldest privilege of confidentiality known in our legal system,” said Fathi. In a criminal case it prohibits defense attorneys from divulging, or prosecutors from using, any case-related information that was obtained in confidence. But the reality is that keeping conversations with incarcerated defendants confidential is a challenge. Experts point out that the recorded notice embedded within phone calls initiated inside jails and prisons means that there should be no real expectation of privacy. “If a client is making an out-of-prison call to an attorney, the attorney-client privilege, arguably, doesn’t apply,” said Michael Cassidy, a professor of law at Boston College Law School, because by consenting to speak over a phone line that is subject to recording, the client and attorney should expect that is happening. But that isn’t the end of it: Even if the privilege doesn’t apply, “the Sixth Amendment right to counsel applies and the government can’t interfere with it,” he said. “So even if you could argue that notifying a prisoner that their calls are being recorded negates the privilege, it doesn’t negate the Sixth Amendment right to not have the government interfere with counsel.” And monitoring, recording, and potentially using information gleaned from attorney-client calls would do just that.

That’s why prison calling systems, such as Securus’ Secure Call Platform, are set up to log numbers that should not be recorded. “But that’s a technological issue and sometimes it doesn’t work,” said Cassidy.

But Schwartz argues that the logging of attorney phone numbers provides a “recognition that there is attorney-client privilege” and that it is “incumbent on the government to follow through” in protecting that privilege. When attorneys learn that their calls have been recorded, it shakes the foundation of trust, inevitably impinging on their Sixth Amendment obligations. “Once people know there is trickery, there is a chilling of attorney-client communications — because how do you know it won’t happen again?” Schwartz asked.

Indeed, that is precisely the risk that Fathi sees arising from the breach of Securus’ database. “Going forward, prisoners will have very good cause to question whether their phone calls with their attorneys are confidential. And that undermines that very core and fundamental purpose of the attorney-client privilege, which is to allow persons consulting an attorney to give a full and frank account of their legal problem,” he said.

Still, challenging the recording could be tricky, says Cassidy, even if there is clear evidence of taped communications. If a call was recorded because the attorney or client failed to put a phone number on the do-not-record list, he says, then the state is off the hook — a prisoner can’t sue for damages, or seek to have his or her criminal charges dismissed (although the government would still be prohibited from listening to or using the content of the call). However, if one can “show a regular and systemic practice” of recording such calls, a case could be made that “the company is violating multiple prisoners’ Sixth Amendment rights,” which could have more of an impact, perhaps prompting systemwide reforms.

And Fathi believes a case could also be made that the recording and storing of non-attorney calls is unconstitutional. “Prisoners do retain some privacy rights and certainly people on the outside who just happen to be talking to prisoners retain privacy rights. And, again, the fact that you’re passively consenting that the call can be monitored for security purposes doesn’t mean you’re consenting to all conceivable uses of that recording for all time,” he said. “I think even with the non-attorney calls there may be a case to be made that this is just so spectacularly overbroad that it is unconstitutional.”

Indeed, Austin attorney Scott Smith believes that, at least in the nation’s jails — where the majority of inmates are awaiting prosecution and have not yet been found guilty of anything — the blanket recording of phone calls should be stopped. If there are specific detainees worth monitoring, that can be accomplished in a far less intrusive manner, he said. “You can say safety mandates a reduction of civil liberties all the time. And that’s essentially the old debate — how much do you have civil liberties and how much do you need to get rid of them in order to be safe?”

Fathi agrees that the practice of recording detainee phone conversations should be reined in and limited. “It is another manifestation of the exponential growth of the surveillance state. Obviously that’s been noticed and commented upon in other contexts, but if we’re talking about [more than 70] million [calls], even if some of those are repeat calls between the same people, that’s a lot of people — including non-prisoners whose privacy has been compromised by a private company that is acting as an agent of the government,” he said.

Update: November 12, 2015

After this story was published, Securus emailed the following statement:

Securus is contacting law enforcement agencies in the investigation into media reports that inmate call records were leaked online. Although this investigation is ongoing, we have seen no evidence that records were shared as a result of a technology breach or hack into our systems. Instead, at this preliminary stage, evidence suggests that an individual or individuals with authorized access to a limited set of records may have used that access to inappropriately share those records.

We will fully support law enforcement in prosecution of any individuals found to have illegally shared information in this case. Data security is critically important to the law enforcement and criminal justice organizations that we serve, and we implement extensive measures to help ensure that all data is protected from both digital and physical breaches.

It is very important to note that we have found absolutely no evidence of attorney-client calls that were recorded without the knowledge and consent of those parties. Our calling systems include multiple safeguards to prevent this from occurring. Attorneys are able to register their numbers to exempt them from the recording that is standard for other inmate calls. Those attorneys who did not register their numbers would also hear a warning about recording prior to the beginning of each call, requiring active acceptance.

We are coordinating with law enforcement and we will provide updates as this investigation progresses.

Research: Margot Williams, Joshua Thayer

Sign up for The Intercept Newsletter here.

The post Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege appeared first on The Intercept.

In any advanced civilization, there is only a “small period in the development of their society when all of their communications will be sent via the most primitive and most unprotected means,” Snowden said. And that if we pick up signals emanating from that civilization’s homeworld, such as television shows, phone calls, or satellite communication, it will most likely be encrypted because “all of their communications [would be] encrypted by default.” Because of how encryption works, those encrypted messages would be “indistinguishable to us from cosmic microwave background radiation.”

Snowden was right about encrypted content looking like noise, but he was wrong about what scientists can tell by looking for alien metadata. Whether or not aliens use encryption, we can tell the difference between signals sent through space using transmitters and natural sources of radio signals — such as the radiation left over from when the universe first cooled down enough for photons to decouple themselves from the rest of matter, shortly after the Big Bang.

The media coverage of this conversation has mostly been abysmal nonsense (“Snowden says aliens could be trying to get in touch right now” on CNET, “Edward Snowden Has A Depressing Theory About Aliens” on Huffington Post, “Snowden Re-Emerges from Russian Isolation With Alien Encryption Theories” on Digital Trends) with some sprinkles of evidence-based coverage from Live Science, also carried by Scientific American.

Today I’m going to dive into the science of searching for extraterrestrial life in our galaxy, communicating across interstellar distances, and the role that encryption and information theory play in all of this.

Are aliens real?

“If you want to think the Earth is the only one that has intelligence, there’s no way to prove that that’s wrong,” says Seth Shostak, senior astronomer at the SETI Institute, a scientific and educational nonprofit devoted to the search for extraterrestrial life. “But that’s a really remarkable statement that suggests that there’s something extraordinarily unusual about this world. And that strikes me as maybe not such a reasonable assumption.”

We have never found any direct evidence of alien intelligence, but personally, I’m betting on the aliens. Our home galaxy, the Milky Way, is a big place, and as far as we know, all it takes for life to evolve is the right environment. Exoplanets that could support life are extremely abundant in our galaxy. “We believe that the number of planets out there that could be habitable, just in the Milky Way, is tens of billions,” says Shostak. “It might be as many as a hundred billion.”

In 1952, Stanley Miller, under the supervision of Harold Urey, conducted a groundbreaking experiment that proved that you can take a primordial soup of the basic molecules that made up Earth’s pre-life environment (water vapor, methane, ammonia, and hydrogen), add some electricity — the same stuff that comes from lightning — and you get the amino acids that are a main component of the stuff of life.

Once life exists on a planet, given enough time, it might evolve the kind of intelligence that will let it communicate with radios, like it did on Earth.

Are aliens trying to communicate with us?

You might think browsing the web with the privacy-enhancing Tor Browser is slow, but the latency of bouncing your signals around Earth a few times is nothing at all compared to interstellar communication — sending signals between the stars. If aliens send us a signal, or if we’re sending a signal out to aliens, the signal will only be moving at the speed of light, the fastest speed that nature allows.

If aliens in that star system right now are monitoring our star for evidence of intelligence, all of the signals they are receiving from humans left Earth in the year 1015. At that time, the Vikings had recently founded small settlements in North America; the Byzantine Empire was conquering the First Bulgarian Empire; and Iraqi scientist Alhazen, regarded as humanity’s first theoretical physicist, wrote the Book of Optics while under house arrest in Egypt.

Communication with alien civilizations should be possible as long as we can receive their signals and they can receive ours, however it will be very slow. Proxima Centauri, our nearest stellar neighbor, is over 4 light-years away from us. If we’re lucky enough to find an alien civilization there that’s alive and detectable at the same time as our civilization is looking for life — and that’s an enormous, unlikely if — then it may be possible to communicate with them. Sending a message and receiving a response will take over eight years, though, so it might take many human lifetimes’ worth of communication before coming up with a common language that we both understand.

So are aliens trying to communicate with us? If they are, we haven’t noticed yet. Discovering the metadata — the fact that aliens exist and are using radios to send messages — is the first barrier that we must tackle before we even attempt to look at the content — what the aliens are saying.

SETI is monitoring for metadata, not content

Can we tell the difference between messages sent from extraterrestrial civilizations and natural sources of radiation? “Galaxies make a lot of radio noise. Quasars make a lot of radio noise. Black holes makes some radio noise, and centers of galaxies,” Shostak told me. “All these things make radio noise. But it’s different than a transmitter. A transmitter tends to be on one spot on the radio dial. It’s a narrow-band emission.”

The Allen Telescope Array

Photo: SETI

In fact, in the process of looking for evidence of alien metadata, the content itself, whether it’s encrypted or not, gets destroyed. Shostak says that SETI’s radio experiments “average the incoming signals, if there are any, for at least seconds, and usually for minutes,” which will lose any information in the message. We would need much bigger instruments than we’re currently using if we want to record the content of signals from interstellar space.

“It’s like the ‘on the air’ sign you might see in a radio studio doesn’t tell you what the content is,” Shostak explains. “The content might be Top 40, it might be talk radio, who knows what it is? But you at least know they’re on the air.”

Indistinguishable from random

Scientists aren’t going to confuse an encrypted signal from aliens with cosmic microwave background radiation, or other natural sources of radio noise that we understand, because they’re searching for how the signal was transmitted, not what the signals says. But once we start looking at the content of signals from space, Snowden was entirely right when he said, “You can’t distinguish a properly encrypted communication […] from random noise.”

This property of cryptosystems, that encrypted messages are indistinguishable from random data, is known as ciphertext indistinguishability and is necessary to prevent things like the known-plaintext attack from working. The Nazi Enigma machines were vulnerable to known-plaintext attacks, which is how Alan Turing and his team at Bletchly Park defeated their encryption during World War II.

Ciphertext indistinguishability only refers to the scrambled message. In practice, you can often easily tell if a piece of information is encrypted because of its protocol. For example, if you see a block of random-looking characters that begins with “—–BEGIN PGP MESSAGE—–” there’s a good chance that’s an encrypted message. But without having the right key, you can’t actually confirm that the scrambled message part of it isn’t just random noise.

Most everyday encryption loudly proclaims not only that it’s encrypted, but exactly how it’s encrypted. Otherwise, legitimate recipients who hold the decryption keys won’t understand how they’re supposed to decrypt it. This isn’t true of deniable encryption, and it also wouldn’t be true if we recorded a piece of an encrypted message from aliens mid-stream, failing to record any protocol information associated with the message.

Check out this short video from Khan Academy‘s free online cryptography class explaining one-time pads, which Snowden describes to Tyson. One-time pads are the only type of encryption that have been proven to be perfect and uncrackable so long as they’re used correctly and the attacker cannot steal the key.

When we do receive an alien signal, how do we know what it says?

Picture this: You’re at the headquarters of the SETI Institute in Mountain View, California, USA, Earth, Solar System, the Milky Way. It’s the hopefully-not-too-distant future, and for the first time SETI has just recorded the content of a message from an extraterrestrial civilization. We are not alone.

Now that you have an alien message, how are you going to know what it says? Is it encrypted, or is it perhaps an alien Golden Record, full of information about their history, culture, and technology? We don’t speak their language, and we have never communicated before. All we have is a stream of data to work from, but we know that it came from extraterrestrial intelligence.

In order to learn how much information is in the message, you can do “a statistical analysis on the signal and see if it has what’s called low entropy,” Shostak tells me. “If it has patterns in it, if it has repetitions in it at all, even though you don’t understand a single word of what they’re saying, you can determine that there’s information in it.”

This measurement of entropy is similar to how you might measure the strength of a password. Entropy is random noise. Entropy is essential for encryption — for example, if you’re encrypting something with a one-time pad, you want your key to be made of pure entropy, to have zero patterns, to be entirely random and uncertain. Information resolves uncertainly. A message that contains information will be at least somewhat predictable.

If you have 10 minutes to spare, watch this intriguing video from Khan Academy‘s free online information theory class. It describes SETI’s early work in measuring the entropy of signals by recording baby humans in their “babbling phase,” when they’re just learning to speak, and comparing that to the entropy present in adult human speech — and also comparing this to baby and adult dolphin communications. Based on how much entropy is in dolphin communication — that is, how much of it is entirely random versus how much of it is predictable — it appears that dolphins, like humans, communicate in a structured language. Without knowing anything about the aliens who sent us this signal, you can tell if their message, too, is structured.

Of course, if this message is properly encrypted — if it’s an alien television show or phone call from a civilization where everything is encrypted by default — the content will be indistinguishable from random, which means it will appear to be full of entropy. Although we might be confident that the signal was produced by aliens, we wouldn’t be able to glean any information from the content of the message.

“I don’t doubt that they use encryption technology, at least for their internal communications,” Shostak told me. But if aliens were trying to communicate with us, there’s no way that they would encrypt that message. Instead, they would use “anti-encryption,” encoding their message so that it’s as easy as possible for us to understand. “They would try and make it simple,” Shostak says. “They would send you pictures.”

Encryption is only useful if the recipient can decrypt the messages. Earth scientists listening to the stars can’t make sense of a random signal from space any more than they can break the encryption of a one-time pad — they simply can’t, because it’s not possible.

Caption: Radio telescopes of the Allen Telescope Array are seen Tuesday, Oct. 9, 2007, in Hat Creek, Calif.

Update: Changed wording of Live Science / Scientific American article links to point out that they’re the same article.

The post How Scientists Search the Cosmos for Encrypted Alien Signals (And Other Ones Too) appeared first on The Intercept.

The malware, called XcodeGhost, works by corrupting Apple’s Xcode software, which runs on Mac computers and compiles source code into apps that can run on iPhones, iPads, and other devices, before submitting them to the App Store. If a developer has XcodeGhost installed on their computer, apps that they compile include malware without the developer realizing it.

Although XcodeGhost is the first malware to spread this way in the wild, the techniques it uses were previously developed and demonstrated by Central Intelligence Agency researchers at the CIA’s annual top-secret Jamboree conference in 2012. Using documents from NSA whistleblower Edward Snowden, The Intercept‘s Jeremy Scahill and Josh Begley described the CIA’s Xcode project in a story published in March.

Security firm Palo Alto Networks has published detailed technical analyses of the malware. At least 50 apps have made it into the App Store with this malware, including WeChat, one of the world’s most popular messaging apps, with hundreds of millions of users, primarily in Asia. Apps infected with XcodeGhost malware are capable of popping up fake alerts asking for credentials, such as the user’s iCloud password; reading what has been copied to the clipboard, such as passwords from password manager apps; and exploiting other parts of iOS. It’s not clear who is behind the malware or if they are based in China.

The CIA’s campaign to attack the security of Apple devices included creating a malicious version of Xcode to sneak malware into apps, without the developer realizing. As we reported in March:

The researchers boasted that they had discovered a way to manipulate Xcode so that it could serve as a conduit for infecting and extracting private data from devices on which users had installed apps that were built with the poisoned Xcode. In other words, by manipulating Xcode, the spies could compromise the devices and private data of anyone with apps made by a poisoned developer — potentially millions of people.

Today, Apple has published instructions for developers to verify that the version of Xcode they have installed is the official one.

The post Apple’s App Store Got Infected With the Same Type of Malware the CIA Developed appeared first on The Intercept.

If that attacker gets the ability to run programs of their choice on your computer, as they often aim to do, they have access to all of your files. They can start logging your keystrokes, taking screenshots, and even listening to your microphone and watching through your webcam.

But it’s possible to isolate the most risky files and programs from other parts of your computer. Using virtualization software, the same technology that powers much of so-called cloud computing, it’s possible for you to protect your system even as you open attachments that might be sketchy, visit websites that you’re not too sure about — porn sites, torrent sites, pirated TV and sports sites — or test out software downloaded from random websites. You can also use this technology to ensure that your anonymous online activity remains anonymous, safeguarding the privacy protections offered by Tor by ensuring that absolutely all internet traffic gets routed through it — even if your software, like Tor Browser or Pidgin, gets hacked specifically to bypass Tor.

In this column, I’m going to start with a simple primer on virtual machines, including how to install the Ubuntu distribution of Linux in one of them, and I encourage you to follow along. Then I’m going to outline a handful of ways you can use virtual machines to reduce your risk of getting hacked, and go over some security caveats. Then I’m going to show off Whonix, an operating system you can run in a virtual machine to maximize your online anonymity; it’s ideal for maintaining a secret identity. And finally I’m going to give a brief overview of Qubes, an operating system that’s more secure than most anything currently available, and takes isolation security to its logical limits.

Virtual machines 101

A virtual machine (VM) is a fake computer running inside your real computer. Each VM gets to use a chunk of your computer’s memory while it’s running and has its own virtual hard drive, which is just a file on your real hard drive. You can install operating systems in them and you can install and run software in them. You can save snapshots before you do something potentially dangerous and restore the snapshot when you’re done, returning your VM to its previous state.

In virtualization lingo, the operating system that you’re running right now is called your “host,” and every VM that you run is a “guest.” If a guest VM gets hacked, your host remains safe. For this reason, security researchers often use VMs to study viruses: They unleash them on their guest VMs to safely monitor what they’re trying to do and how they work, without risking their host computer. They “isolate” the viruses from the rest of their computer.

Courtesy XKCD

For this article I’m going to be using virtualization software called VirtualBox. It’s open source and free to download. VirtualBox is available for Windows, Mac OS X, and Linux. Go ahead and download and install a copy if you’d like to follow along.

I’m using a Mac host, and I’m going to start by installing the Ubuntu operating system, version 15.04 to be precise, in my VM. Generally speaking, it’s simpler to start off by installing a Linux distribution in your virtual machine, since Linux is free software. You can install as many Linux virtual machines as you want, wherever you want — an easy setup to deal with.

If you want to test a piece of software for Windows or Mac OS X inside a virtual machine to see if it’s malicious, you can also install those operating systems inside of a VM. But there are legal restrictions. For example, while OS X can be installed on up to two virtual machines for free, you have to be on a Mac when you do so. On Windows, you’ll likely need to buy separate Windows licenses for each VM. Here are instructions for installing Mac OS X in a VM and for installing Windows 10 in a VM.

While the steps below are written and illustrated using an Ubuntu virtual machine on a Mac, you can still follow along if you’re running Windows or Linux. And don’t worry about breaking anything; you can always delete your VM and start over. That’s the beauty of VMs: You get infinite lives, in the parlance of videogames, so it’s a great way to experiment and learn.

Creating a VM and installing Ubuntu

Hopefully you’ve already downloaded and installed VirtualBox as instructed above. Next, hop on over to Ubuntu’s website and download a copy of Ubuntu.

Now open VirtualBox and click “New” to create a new VM. I’m calling my VM “ubuntu-test.”

You get to choose how much memory your new VM will have and you get to create a new virtual hard disk for it. Whatever resources you allocate to your VM will not be available to other programs on your computer. I’m sticking with the defaults, 768MB of memory and an 8GB hard drive. You can just click through with all of the default options too if you want, or you can give your VM more resources. Finally, click “Create” to create your new VM.

The next step is to install Ubuntu. With my “ubuntu-test” VM selected, I click “Start” to boot it up. Since the virtual machine is brand new, it prompts me to insert an operating system installation disk. Of course, I don’t actually need a “disk.” Instead I can just find and select the disk image file (in this case, “ubuntu-15.04-desktop-amd64.iso”) and click “Start.”

Now the VM begins to boot to the Ubuntu disk. Notice that if you click in the virtual machine window, VirtualBox will warn you that the VM will “capture” your mouse and keyboard input, which means that when you move the mouse and type on your keyboard you’ll be doing this inside your guest VM rather than on your host machine. You can press the “host key” to make your mouse and keyboard control your regular computer again. On a Mac, the host key is the left “Command” key, and on Windows and Linux, it’s the right “Ctrl” key.

The Ubuntu disk has finished booting. I’m going to click “Install Ubuntu” and follow the simple instructions. I’m choosing “Erase disk and install Ubuntu” (don’t worry, I’m only erasing the virtual machine’s virtual disk, not my actual hard drive). I’m going to make up a username and password to log in to this VM, and then I’m going to let it finish installing. When it’s finally done, the VM will reboot into my freshly installed operating system. (After installing Ubuntu, my VM failed to shut down all the way while it was rebooting. If that happens to you as well, click the Machine menu and choose Reset to force your VM to restart.)

Updating software inside the VM

Now that I’ve booted up and logged in to my Ubuntu VM, I’m going to update all of the software. Always keep your software up to date, even in VMs!

To update all of the software in Ubuntu, I’m running the “Software Updater” program, typing my password, and letting it do its thing. Since I just installed this operating system and have never done updates, it might take a while to download and install everything.

Installing “Guest Additions”

When it’s finally done updating the existing software, it’s time to install VirtualBox “Guest Additions.” Guest Additions aren’t required, but they allow you to do some nice things, like resize your VM window, share your clipboard between your host machine and your guest machine, and set up shared folders so that your guest VM can access specific files on your host.

In order to install Guest Additions you need to insert a virtual CD, which contains the software, into your VM. You can do this by clicking the “Devices” menu at the very top of the screen, from within the VirtualBox program, and choosing “Insert Guest Additions CD image.” It will pop up a dialog asking for permission to install. Click “Run” on the pop-up dialog, and VirtualBox will open a new window showing the install progress. When it’s finished, reboot your VM. You can do this by clicking the gear in the top right, clicking Shut Down, and then clicking Restart.

With “Guest Additions” installed in my VM, I can resize the window like any other windows on my host machine.

I can also share the clipboard between the host and guest VM by clicking the “Devices” menu at the top of my screen, from within the VirtualBox program, and going to “Shared Clipboard.” The choices are “Disabled,” “Host to Guest,” “Guest to Host,” or “Bidirectional.” It’s best to keep this set to “Disabled” unless you need to copy and paste between your guest VM and your host. You can always temporarily enable clipboard sharing and then disable it again when you’re done.

Sharing folders

Sharing files is slightly more complex. First, you need to add your user to the “vboxsf” group in your VM (don’t worry if you don’t understand what this means). Click on the Ubuntu logo in the top left, type “terminal,” and click on the Terminal icon to open a terminal in your VM. Then type:

sudo usermod -a -G vboxsf $(whoami)

You’ll also have to type the password for your user account in Ubuntu in the VM, the one you set up earlier. Then shut down your VM all the way.

In the VirtualBox window, choose your VM and click “Settings,” and move to the “Shared Folders” tab. Click the “+” icon to add a folder to share with your VM. I’m sharing a folder called vbox_share in my Documents folder. This way, if I need to copy files to or from my VM, I have a place to drop those files.

Inside my Ubuntu VM, I can access the shared folder by viewing “/media/sf_vbox_share.” I can get to that by opening the Files app (there’s a launcher icon for it on the left), clicking Computer in the left panel, double-clicking the “media” folder, then double-clicking the “sf_vbox_share” folder. Inside my OS X host machine I can access the same folder by viewing “vbox_share” in my “Documents” folder.

Isolating risky behavior inside of VMs

Now that we have a VM, let’s start doing some things that might be risky if we weren’t isolating them.

Before doing something that you think might break your VM, or might infect it with malware, you might want to save a snapshot of it so you can restore it when you’re done. You can save a snapshot by clicking VirtualBox’s “Machine” menu at the top of your screen, and choosing “Take Snapshot.”

Below are just a few examples of some ways you can use VMs to increase the security of your computer. In the end, virtualization is a tool that has many different uses, so feel free to be creative.

Opening documents that you don’t trust

One of the easiest ways to get hacked is by opening a malicious document. Attackers might email you a booby-trapped “document” hoping that you’ll open it. If you do, the file would exploit a flaw in your operating system or in software like Adobe Reader or Microsoft Word, thus allowing the attacker to take over your computer.

It’s not always clear which documents are safe and which are malicious. A clever attacker could pretend to invite you to a conference that you’re interested in, and attach a malicious file masquerading as the schedule to that conference, or they could pretend to recruit you for your dream job, and attach something that looks like a job description — or they could entice you in any number of other ways. It’s safest simply not to open any attachments or click on any links in emails, but this isn’t feasible, especially for journalists or activists who are actively soliciting sources.

These attacks are not theoretical. My colleague Morgan Marquis-Boire pointed out a few real-world examples that he helped analyze: Vietnamese democracy activist Ngoc Thu‘s computer was hacked when she opened malware she found in her email; the Committee to Protect Journalists’ executive director, Joel Simon, was also emailed malware, though he didn’t install it; the Moroccan news website Mamkafinch.com received an enticing tip through its contact form that included a link that, when opened, took over the journalist’s computer using Hacking Team malware; and a report from 2014 showed that journalists from 21 of the world’s top 25 news organizations were likely emailed malware by state-sponsored hackers.

You might also find files online that you’d really like to look at but aren’t sure are safe. For example, documents in the Hacking Team email archive. You probably shouldn’t trust those, but you might want to look at them anyway.

Here’s an email where Hacking Team employees appear to be discussing giving a demo of their hacking services to an Egyptian defense contractor. I don’t speak Italian so I don’t entirely understand what this email thread is about, but the attachment is called “Exploit.docx.” Seems legit (*cough*).

If I try opening this dubious file in Chrome, my browser throws a security warning, and for good reason! Any attachments downloaded from the Hacking Team archive might try to, ahem, hack you.

Instead, I’m going to right-click on the document and save it to my vbox_share folder (clicking through Chrome’s warning, because I plan to view this documents in isolation).

Now, back in my VM, I can see the document.

To be extra safe, before opening this documents I’m going to disconnect my VM from the internet. I click the “Devices” menu at the top of the screen, choose “Network,” and uncheck “Connect Network Adapter.” This way, when I open the document, if it tries to hack my VM and connect to a command and control server, or even just phone home to alert the document owner that it’s been opened, it won’t be able to. It’s a good idea to do this whenever you open a suspicious document inside a VM.

Here it is. The document actually appears just to be an email thread pasted into Word. Regardless, I’m glad I didn’t open it on my host machine.

Visiting sketchy websites

On your regular computer, for day-to-day use, it’s always a good idea to harden your web browser. Installing browser add-ons that block ads and malware, and making Flash click-to-play, goes a long way toward blocking software that might try to take over your computer through your web browser.

But even doing all of these things, there’s no guarantee that you won’t get hacked just by loading a website. If you’re going to visit a website that you think might put you at higher risk of getting hacked, you might want to visit that website inside of a VM. You can even set up a dedicated VM just for this purpose. (If you turned networking off in the previous step, you can enable it again by clicking the “Devices” menu, going to “Network,” and checking “Connect Network Adapter.”)

Inside my VM I decided to search for “Mr. Robot streaming” and found myriad pirated streaming websites. Here’s a screenshot of one of them. See that box that’s telling me my Flash Player is out of date, with a helpful link to update it? That’s not actually a real Flash update, that’s malware.

When I clicked through to install this “Flash update,” it ended up installing a Firefox add-on called “Free Games Zone” that changed my browser’s search engine to Ask.com. When I pulled this add-on apart to see how it works I discovered code that injects JavaScript into web pages that I load, and code that tries to prevent me from uninstalling it.

In the scheme of things, this malware is on the tame side — it’s not trying to read my email or watch through my webcam, but it’s still nothing that anyone would ever actually want installed on their computers. But even if it were way worse, it would first have to escape from the VM that it’s trapped in before it could do those things. To completely get rid of it I can restore my VM from a snapshot, or I can delete the VM altogether and create a new one.

Running vulnerable software that you rely on

All programs contain bugs, and these bugs can get exploited to take over our computers. The easiest way not to get hacked is not to use computers, but that’s not an option; we still have to run programs.

Some programs have much bigger attack surfaces than others. For example, libpurple, the underlying code that powers the encrypted chat programs Pidgin and Adium, has been heavily criticized for its old, bloated, and likely buggy source code that was originally written in 1998 (many critical libpurple bugs have been fixed in recent years, so it’s currently in much better shape than it used be). Yet if you want to have encrypted chat conversations on a computer, you don’t have a lot of options but to use it.

If there’s a piece of software that you depend on, but you think running it on your host machine will increase your chances of getting hacked, you can set up a dedicated VM for running that program.

If your dedicated chat VM gets hacked through a Pidgin exploit, for example, the attack will be contained. The attacker will be able to spy on the encrypted chat conversation you have in Pidgin, but that’s it. They won’t be able to access other files on your computer. They won’t be able to see what passwords you’ve saved in your web browser, or listen through your microphone, or read your email, or anything else.

You still have to be careful

All software has bugs, and this includes virtualization software. While isolating dangerous activity inside of a VM considerably reduces the chance of getting your regular computer system hacked, it doesn’t make it impossible.

If your VM gets hacked, it’s feasible that the attacker could then escape your VM in order to run and alter programs freely on your host machine. In order to do this, your attacker must have an exploit against your virtualization software. These bugs are rare but do happen.

You should also be careful with how you use the VirtualBox clipboard sharing and file sharing features I described above. For example, if someone has hacked a VM that has Shared Clipboard set to “Host to Guest” or “Bidirectional,” the attacker could spy on what you’ve copied to your clipboard on your host machine — for example, a password.

Staying anonymous with Whonix

Whonix is an operating system that you can install on your existing computer inside VirtualBox, which forces all network traffic to go over the anonymity network Tor.

Tor’s flagship product, Tor Browser, does an excellent job of hiding your IP address from websites you visit and hiding what websites you’re visiting from anyone monitoring your internet activity.

But Tor Browser, like all other software, has bugs. If you visit a website in Tor Browser, the website could hypothetically exploit a severe bug to force your computer to make an internet connection to the attacker outside of the Tor network, letting them learn your real IP address and identity. This is exactly how the FBI deanonymized Tor Browser users who visited websites hosted by Freedom Hosting in September 2013. The FBI exploited a bug that was present in older versions of Tor Browser (it didn’t work against users who promptly update their software) in order to hack them and ultimately deanonymize them. (In this case, the FBI was attempting to attack people who allegedly had links to child pornography, but it also presented Tor Browser-hacking malware to users of legitimate websites hosted by Freedom Hosting, including the free anonymous email service TorMail.)

Whonix uses two VMs, called Whonix-Gateway and Whonix-Workstation, to maximize anonymity protections. The gateway VM acts as the upstream internet provider for the workstation VM, and it forces all network traffic to go over the Tor network. The workstation VM is where you use Tor Browser, as well as any other software that you wish to use anonymously. If you get hacked, for example with a Tor Browser exploit like the one that the FBI used, not only is the attacker contained inside of this VM and unable to access your host machine, but the attacker can’t deanonymize you either. All network connections that the attacker makes will go through the gateway VM, which forces them to go through Tor.

Whonix is great because you can be confident that everything you do in the workstation VM is anonymously going through the Tor network. That means that hackers won’t be able to deanonymize you, unless they can escape from your VM. You can use chat software like XChat to connect to IRC servers anonymously, or Pidgin to connect to Jabber servers for anonymous encrypted chats, or Icedove and Enigmail to send anonymous, encrypted email.

But keep in mind that Whonix, like other virtual machine-based security, can’t protect you if your host machine gets hacked or seized. If you are using Whonix to anonymously send documents to a journalist, and you become a suspect in a leak investigation, your Whonix VMs might contain evidence that can be used against you.

Installing and configuring Whonix

It’s slightly complicated to get started with Whonix, but there’s a lot of documentation on the Whonix website, and if you have questions feel free to post them in the comments. Let’s get started!

Head over to the Whonix VirtualBox download page and download a copy of Whonix-Gateway and Whonix-Workstation (a total of 3.1GB, so it might take some time). It’s also a good idea to verify the PGP signatures, but that’s outside the scope of this post.

Once you’ve downloaded them, open VirtualBox, click the “File” menu at the top, and click “Import Appliance.” Browse for the Whonix-Gateway file you just downloaded, and click “Continue.”

Now click “Import,” read the warnings, and click “Agree.” Your Whonix gateway VM will automatically get set up. Repeat these same steps with the Whonix-Workstation. When you’re done, you’ll have two new VMs in VirtualBox.

Start both Whonix-Gateway and Whonix-Workstation. You need to leave the gateway VM open in the background or else the workstation VM won’t have internet access, but you’ll do most of your work in the workstation.

When the gateway VM has finished booting for the first time, you’ll need to configure it. Click through the “Whonix Setup Wizard” to enable Tor and automatic updates.

Click through the “Whonix Setup Wizard” in the workstation VM as well. And in both VMs, change the default password and update the software.

Now it’s time to starting using Whonix. In the workstation VM, go ahead and open Tor Browser. It will automatically download and install it the first time you try opening it. Once it opens, you can browse the web anonymously, and remain anonymous even if Tor Browser gets hacked.

Qubes: Taking isolation security to its logical limits

Since all software has bugs, wouldn’t it be safest to isolate each program in its own VM? Qubes is an operating system that does just that, and does it in a way that’s much more usable and more secure than is possible using virtualization software like VirtualBox or VMWare in a traditional operating system.

In Qubes, your host machine runs a graphical desktop environment, and that’s just about it — your host machine doesn’t even have internet access. You run all of the rest of your software inside of Linux or Windows VMs. Qubes also has great support for Whonix. If you use Whonix inside of Qubes, your host machine has a much smaller attack surface than if you were using a traditional operating system.

Qubes makes it easy to manage separate VMs for your different “security domains.” For example, you can create a work VM that you use to check your work email and log in to work-related accounts, and a separate personal VM that you use to log in to Facebook and keep track of your photos. You can create an untrusted VM that you use for everyday web surfing, and a vault VM (that doesn’t have networking enabled) that you use to store sensitive files like your password database, or secret documents that you’re working on. And you can right-click on any document to open it in a “disposable VM,” a VM that gets created simply to view this document, and then deleted again when you close the document.

I’ve written about Qubes in the past, and I encourage you to read more about it if you’re interested. But it’s not for the faint of heart. Not yet, at least. For one thing, you can’t test it in a VM like you can most operating systems because it needs to run VMs of its own, and you don’t want to accidentally break the universe (just kidding; it just doesn’t work).

And while it has an active development community and a growing user base, Qubes is not easy to use for non-power users. I don’t recommend you switch to it yet unless you’re already comfortable troubleshooting Linux problems from the command line. In Qubes, simple problems like how to install a new program or take a screenshot can have steep learning curves for the uninitiated. But all that said, if you are using Qubes, you can turn your computer into an incredibly intricate and secure fortress unlike anything that’s possible with a traditional operating system.

Finally, all software has bugs, and this includes Qubes as well as Xen, the virtualization software that powers Qubes. Even if you’re running Qubes, and promptly update all your software, and carefully isolate everything, and only open documents in disposable VMs, and do all of your browsing in Tor Browser inside of a Whonix workstation, it’s still possible for your host machine to get hacked if your attacker has lots of resources, patience, and zero day exploits.

Conclusion

Normally it’s cheap and easy for an attacker to take over your computer. But by isolating the parts of your computer that get attacked within VMs, you can make taking over your computer difficult, expensive, and, with any luck, not worth it.

The post With Virtual Machines, Getting Hacked Doesn’t Have to Be That Bad appeared first on The Intercept.