A Week of News from the Western World; White People Behaving Badly (mostly)
The Free Software Movement will save your sad ass when the NSA's malware comes calling ...but only if you know it, support it and use it.
0314 OR Jackson official: Local GMO ban would cost $200,000 a year to enforce
Ore. — A local ban on genetically modified crops could cost Jackson County more than $200,000 a year to enforce, according to a report the county commissioners asked for.
The report delivered Wednesday by County Administrator Danny Jordan also said the ban could put a stop to medical marijuana crops grown from seed to increase its DNA and yield and could bar strains of lawn grass that are genetically modified, the Medford Mail Tribune (http://bit.ly/1kPkVC1) reported.
Advocates of the measure on the May ballot disputed the estimates, saying costs should be minimal, at most, because the county has discretion in enforcement efforts.
"We've already heard the opponents trying to scare people by claiming the Family Farms measure would have high enforcement costs, but this is pure political fiction," said Elise Higley, the director for Our Family Farms Coalition.
Organic farmers who fear their crops will be tainted through cross-pollination have backed the measure.
If voters approve it, the measure would be unique among Oregon's 36 counties. The Legislature has since voted to pre-empt local regulation of genetically modified crops, allowing the Jackson County measure to be grandfathered.
Jordan said the estimate was based on having a full-time code inspector, a hearings officer's time, the cost of a testing contractor and administrative expenses.
The measure has "undefined terms and vague terminology" that will give county officials trouble, Jordan said.
"In order to enforce the proposed ordinance, the county is going to have to make policy/legal judgments on the various terms that are not defined, increasing the risk of litigation," he said.
The report also said the costs of cleaning up fields could run to thousands of dollars an acre, depending on whether soil was removed and dumped in a landfill or whether the fields were chemically fumigated and heated.
0314 WA FBI won't conduct marijuana-license background checks for Washington state
The FBI is refusing to run nationwide background checks on people applying to run legal marijuana businesses in Washington state, even though it has conducted similar checks in Colorado — a discrepancy that illustrates the quandary the Justice Department faces as it allows the states to experiment with regulating a drug that's long been illegal under federal law.
Washington state has been asking for nearly a year if the FBI would conduct background checks on its applicants, to no avail. The bureau's refusal raises the possibility that people with troublesome criminal histories could wind up with pot licenses in the state — undermining the department's own priorities in ensuring that states keep a tight rein on the nascent industry.
It's a strange jam for the feds, who announced last summer that they wouldn't sue to prevent Washington and Colorado from regulating marijuana after 75 years of prohibition.
The Obama administration has said it wants the states to make sure pot revenue doesn't go to organized crime and that state marijuana industries don't become a cover for the trafficking of other illegal drugs. At the same time, it might be tough for the FBI to stomach conducting such background checks — essentially helping the states violate federal law.
The Justice Department declined to explain why it isn't conducting the checks in Washington when it has in Colorado. Stephen Fischer, a spokesman for the FBI's Criminal Justice Information Services Division, referred an Associated Press inquiry to DOJ headquarters, which would only issue a written statement.
"To ensure a consistent national approach, the department has been reviewing its background check policies, and we hope to have guidance for states in the near term," it said in its entirety.
In Washington, three people so far have received licenses to grow marijuana — without going through a national background check, even though the state Liquor Control Board's rules require that that they do so before a license is issued.
"The federal government has not stated why it has not yet agreed to conduct national background checks on our behalf," Washington state Liquor Control Board spokesman Brian Smith said in an email. "However, the Liquor Control Board is ready to deliver fingerprints as soon as DOJ is ready."
0313 US How the NSA Plans to Infect 'Millions' of Computers with Malware
By Ryan Gallagher and Glenn Greenwald12 Mar 2014, 9:19 AM EDT235
One presentation outlines how the NSA performs "industrial-scale exploitation" of computer networks across the world.
Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.
The classified files - provided previously by NSA whistleblower Edward Snowden - contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware "implants." The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
The covert infrastructure that supports the hacking efforts operates from the agency's headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target's computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer's microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.
The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system - codenamed TURBINE - is designed to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."
In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the "Expert System," which is designed to operate "like the brain." The system manages the applications and functions of the implants and "decides" what tools they need to best extract data from infected machines.
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations "disturbing." The NSA's surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
"When they deploy malware on systems," Hypponen says, "they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties."
Hypponen believes that governments could arguably justify using malware in a small number of targeted cases against adversaries. But millions of malware implants being deployed by the NSA as part of an automated process, he says, would be "out of control."
"That would definitely not be proportionate," Hypponen says. "It couldn't possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance."
The NSA declined to answer questions about its deployment of implants, pointing to a new presidential policy directive announced by President Obama. "As the president made clear on 17 January," the agency said in a statement, "signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes."
"Owning the Net"
The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to secretinternal records, the agency was managing a small network of only 100 to 150 implants. But over the next six to eight years, as an elite unit called Tailored Access Operations (TAO) recruited new hackers and developed new malware tools, the number of implants soared to tens of thousands.
To penetrate foreign computer networks and monitor communications that it did not have access to through other means, the NSA wanted to go beyond the limits of traditional signals intelligence, or SIGINT, the agency's term for the interception of electronic communications. Instead, it sought to broaden "active" surveillance methods - tactics designed to directly infiltrate a target's computers or network devices.
In the documents, the agency describes such techniques as "a more aggressive approach to SIGINT" and says that the TAO unit's mission is to "aggressively scale" these operations.
But the NSA recognized that managing a massive network of implants is too big a job for humans alone.
"One of the greatest challenges for active SIGINT/attack is scale," explains the top-secret presentation from 2009. "Human 'drivers' limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture)."
The agency's solution was TURBINE. Developed as part of TAO unit, it is described in the leaked documents as an "intelligent command and control capability" that enables "industrial-scale exploitation."
TURBINE was designed to make deploying malware much easier for the NSA's hackers by reducing their role in overseeing its functions. The system would "relieve the user from needing to know/care about the details," the NSA's Technology Directorate notes in one secret document from 2009. "For example, a user should be able to ask for 'all details about application X' and not need to know how and where the application keeps files, registry entries, user application data, etc."
In practice, this meant that TURBINE would automate crucial processes that previously had to be performed manually - including the configuration of the implants as well as surveillance collection, or "tasking," of data from infected systems. But automating these processes was about much more than a simple technicality. The move represented a major tactical shift within the NSA that was expected to have a profound impact - allowing the agency to push forward into a new frontier of surveillance operations.
The ramifications are starkly illustrated in one undated top-secret NSA document, which describes how the agency planned for TURBINE to "increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants." (CNE mines intelligence from computers and networks; CNA seeks to disrupt, damage or destroy them.)
Eventually, the secret files indicate, the NSA's plans for TURBINE came to fruition. The system has been operational in some capacity since at least July 2010, and its role has become increasingly central to NSA hacking operations.
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence community's top-secret "Black Budget" for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named "Owning the Net."
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass "a wider variety" of networks and "enabling greater automation of computer network exploitation."
The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.
One implant, codenamed UNITEDRAKE, can be used with a variety of "plug-ins" that enable the agency to gain total control of an infected computer.
An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer's microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer's webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.
The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That's because the NSA's malware gives the agency unfettered access to a target's computer before the user protects their communications with encryption.
It is unclear how many of the implants are being deployed on an annual basis or which variants of them are currently active in computer systems across the world.
Previous reports have alleged that the NSA worked with Israel to develop the Stuxnet malware, which was used to sabotage Iranian nuclear facilities. The agency also reportedly worked with Israel to deploy malware called Flame to infiltrate computers and spy on communications in countries across the Middle East.
According to the Snowden files, the technology has been used to seek out terror suspects as well as individuals regarded by the NSA as "extremist." But the mandate of the NSA's hackers is not limited to invading the systems of those who pose a threat to national security.
In one secret post on an internal message board, an operative from the NSA's Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator's computer, the agency can gain covert access to communications that are processed by his company. "Sys admins are a means to an end," the NSA operative writes.
The internal post - titled "I hunt sys admins" - makes clear that terrorists aren't the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any "government official that happens to be using the network some admin takes care of."
Similar tactics have been adopted by Government Communications Headquarters, the NSA's British counterpart. As the German newspaper Der Spiegel reported in September, GCHQ hacked computers belonging to network engineers at Belgacom, the Belgian telecommunications provider.
The mission, codenamed "Operation Socialist," was designed to enable GCHQ to monitor mobile phones connected to Belgacom's network. The secret files deem the mission a "success," and indicate that the agency had the ability to covertly access Belgacom's systems since at least 2010.
Infiltrating cellphone networks, however, is not all that the malware can be used to accomplish. The NSA has specifically tailored some of its implants to infect large-scale network routers used by Internet service providers in foreign countries. By compromising routers - the devices that connect computer networks and transport data packets across the Internet - the agency can gain covert access to monitor Internet traffic, record the browsing sessions of users, and intercept communications.
Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform "exploitation attacks" against data that is sent through aVirtual Private Network, a tool that uses encrypted "tunnels" to enhance the security and privacy of an Internet session.
The implants also track phone calls sent across the network via Skype and other Voice Over IP software, revealing the username of the person making the call. If the audio of the VOIP conversation is sent over the Internet using unencrypted "Real-time Transport Protocol" packets, the implants can covertly record the audio data and then return it to the NSA for analysis.
But not all of the NSA's implants are used to gather intelligence, the secret files show. Sometimes, the agency's aim is disruption rather than surveillance. QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target's file downloads. These two "attack" techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for "defensive" purposes - to protect U.S. government networks against intrusions.
"Mass exploitation potential"
Before it can extract data from an implant or use it to attack a system, the NSA must first install the malware on a targeted computer or network.
According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a "back-door implant" infects their computers within eight seconds.
There's only one problem with this tactic, codenamed WILLOWVIXEN: According to the documents, the spam method has become less successful in recent years, as Internet users have become wary of unsolicited emails and less likely to click on anything that looks suspicious.
Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called "man-in-the-middle" and "man-on-the-side" attacks, which covertly force a user's internet browser to route to NSA computer servers that try to infect them with an implant.
To perform a man-on-the-side attack, the NSA observes a target's Internet traffic using its global network of covert "accesses" to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency's surveillance sensors alert the TURBINE system, which then "shoots" data packets at the targeted computer's IP address within a fraction of a second.
In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target's computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.
The documents show that QUANTUMHAND became operational in October 2010, after being successfully tested by the NSA against about a dozen targets.
According to Matt Blaze, a surveillance and cryptography expert at the University of Pennsylvania, it appears that the QUANTUMHAND technique is aimed at targeting specific individuals. But he expresses concerns about how it has been covertly integrated within Internet networks as part of the NSA's automated TURBINE system.
"As soon as you put this capability in the backbone infrastructure, the software and security engineer in me says that's terrifying," Blaze says.
"Forget about how the NSA is intending to use it. How do we know it is working correctly and only targeting who the NSA wants? And even if it does work correctly, which is itself a really dubious assumption, how is it controlled?"
In an email statement to The Intercept, Facebook spokesman Jay Nancarrow said the company had "no evidence of this alleged activity." He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.
Nancarrow also pointed out that other services besides Facebook could have been compromised by the NSA. "If government agencies indeed have privileged access to network service providers," he said, "any site running only [unencrypted] HTTP could conceivably have its traffic misdirected."
A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.
This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers.
The man-in-the-middle tactic can be used, for instance, to covertly change the content of a message as it is being sent between two people, without either knowing that any change has been made by a third party. The same technique is sometimes used by criminal hackers to defraud people.
A top-secret NSA presentation from 2012 reveals that the agency developed a man-in-the-middle capability called SECONDDATE to "influence real-time communications between client and server" and to "quietly redirect web-browsers" to NSA malware servers called FOXACID. In October, details about the FOXACID system were reported by the Guardian, which revealed its links to attacks against users of the Internet anonymity service Tor.
But SECONDDATE is tailored not only for "surgical" surveillance attacks on individual suspects. It can also be used to launch bulk malware attacks against computers.
According to the 2012 presentation, the tactic has "mass exploitation potential for clients passing through network choke points."
Blaze, the University of Pennsylvania surveillance expert, says the potential use of man-in-the-middle attacks on such a scale "seems very disturbing." Such an approach would involve indiscriminately monitoring entire networks as opposed to targeting individual suspects.
"The thing that raises a red flag for me is the reference to 'network choke points,'" he says. "That's the last place that we should be allowing intelligence agencies to compromise the infrastructure - because that is by definition a mass surveillance technique."
To deploy some of its malware implants, the NSA exploits security vulnerabilities in commonly used Internet browsers such as Mozilla Firefox and Internet Explorer.
The agency's hackers also exploit security weaknesses in network routers and in popular software plugins such as Flash and Java to deliver malicious code onto targeted machines.
The implants can circumvent anti-virus programs, and the NSA has gone to extreme lengths to ensure that its clandestine technology is extremely difficult to detect. An implant named VALIDATOR, used by the NSA to upload and download data to and from an infected machine, can be set to self-destruct - deleting itself from an infected computer after a set time expires.
In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency's hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. "If we can get the target to visit us in some sort of web browser, we can probably own them," an agency hacker boasts in one secret document. "The only limitation is the 'how.'"
The TURBINE implants system does not operate in isolation.
It is linked to, and relies upon, a large network of clandestine surveillance "sensors" that the agency has installed at locations across the world.
The NSA's headquarters in Maryland are part of this network, as are eavesdropping bases used by the agency in Misawa, Japan and Menwith Hill, England.
The sensors, codenamed TURMOIL, operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet.
When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or "tips" to TURBINE, enabling the initiation of a malware attack.
The NSA identifies surveillance targets based on a series of data "selectors" as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique "cookies" containing a username or other identifying information that are sent to a user's computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.
Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.
What's more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.
Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance - the United Kingdom, Canada, New Zealand, and Australia.
GCHQ, the British agency, has taken on a particularly important role in helping to develop the malware tactics. The Menwith Hill satellite eavesdropping base that is part of the TURMOIL network, located in a rural part of Northern England, is operated by the NSA in close cooperation with GCHQ.
Top-secret documents show that the British base - referred to by the NSA as "MHS" for Menwith Hill Station - is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant "exploitation" attacks against users of Yahoo and Hotmail.
In one document dated 2010, at least five variants of the QUANTUM hacking method were listed as being "operational" at Menwith Hill. The same document also reveals that GCHQ helped integrate three of the QUANTUM malware capabilities - and test two others - as part of a surveillance system it operates codenamed INSENSER.
GCHQ cooperated with the hacking attacks despite having reservations about their legality. One of the Snowden files, previously disclosed by Swedish broadcaster SVT, revealed that as recently as April 2013, GCHQ was apparently reluctant to get involved in deploying the QUANTUM malware due to "legal/policy restrictions." A representative from a unit of the British surveillance agency, meeting with an obscure telecommunications standards committee in 2010, separately voiced concerns that performing "active" hacking attacks for surveillance "may be illegal" under British law.
In response to questions from The Intercept, GCHQ refused to comment on its involvement in the covert hacking operations. Citing its boilerplate response to inquiries, the agency said in a statement that "all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight."
Whatever the legalities of the United Kingdom and United States infiltrating computer networks, the Snowden files bring into sharp focus the broader implications. Under cover of secrecy and without public debate, there has been an unprecedented proliferation of aggressive surveillance techniques. One of the NSA's primary concerns, in fact, appears to be that its clandestine tactics are now being adopted by foreign rivals, too.
"Hacking routers has been good business for us and our 5-eyes partners for some time," notes one NSA analyst in atop-secret document dated December 2012. "But it is becoming more apparent that other nation states are honing their skillz [sic] and joining the scene."
Gov. Jan Brewer of Arizona Will Not Seek Re-election
Gov. Jan Brewer of Arizona said Wednesday that she would not run for re-election, ending speculation about her plans.
Even though the Arizona Constitution limits governors to two terms, Ms. Brewer had talked lately about trying to find a way around it. Her first term came by appointment, after the governor at the time, Janet Napolitano, left to become President Obama’s Homeland Security secretary, and Ms. Brewer could make a case in court that although she has served two terms, one of them was not an elected term, so it should not count.
0314 US White House withholds thousands of documents from Senate CIA investigation
from the Kansas City Star
BY JONATHAN S. LANDAY, ALI WATKINS AND MARISA TAYLOR
McClatchy Washington Bureau
WASHINGTON — The White House has been withholding for five years more than 9,000 top-secret documents sought by the Senate Select Committee on Intelligence for its investigation into the now-defunct CIA detention and interrogation program, even though President Barack Obama hasn’t exercised a claim of executive privilege.
In contrast to public assertions that it supports the committee’s work, the White House has ignored or rejected offers in multiple meetings and in letters to find ways for the committee to review the records, a McClatchy investigation has found.
The significance of the materials couldn’t be learned. But the administration’s refusal to turn them over or to agree to any compromise raises questions about what they would reveal about the CIA’s use of waterboarding and other harsh interrogation techniques on suspected terrorists in secret overseas prisons.
The dispute indicates that the White House is more involved than it has acknowledged in the unprecedented power struggle between the committee and the CIA, which has triggered charges that the agency searched the panel’s computers without authorization and has led to requests to the Justice Department for criminal investigations of CIA personnel and Senate aides.
“These documents certainly raise the specter that the White House has been involved in stonewalling the investigation,” said Elizabeth Goitein, the co-director of the Brennan Center for Justice’s Liberty and National Security Program at the New York University Law School.
The committee and the CIA declined to comment.
In a statement to McClatchy, the White House confirmed that “a small percentage” of the 6.2 million pages of documents provided to the committee were “set aside because they raise executive branch confidentiality interests.”
The White House also said that it had worked closely with the committee “to ensure access to the information necessary to review the CIA’s former program.”
Speaking to reporters earlier during a White House event, Obama said that the administration has worked with the committee to ensure that its study is “well informed” and that he was committed to seeing the report declassified once a final version is completed. He said it wouldn’t be proper for him to comment directly on the battle between the CIA and the committee, except to say that CIA Director John Brennan had referred the issues to the “appropriate authorities and they are looking into it.”
The Democrat-controlled committee has largely kept silent about the tussle with the White House, even as some members have decried what they contend has been the CIA’s refusal to surrender key materials on the agency’s use under the Bush administration of interrogation methods denounced by the panel chairwoman as “un-American” and “brutal.”
The chairwoman, Sen. Dianne Feinstein of California, made no mention of the White House documents during a blistering floor speech Tuesday in which she charged that the CIA may have undermined the Constitution and violated the law by searching computers used by her staff to compile the study. Brennan has denied her allegations and the White House has expressed continued confidence in his leadership of the CIA.
In question are some 9,400 documents that came to the committee’s attention in 2009, McClatchy has learned. It’s unclear whether the CIA first gave the committee staff access to the materials before the White House withheld them.
Obama, however, still hasn’t formally decreed that the documents are protected by executive privilege, McClatchy learned. Although the doctrine isn’t mentioned explicitly in the Constitution, the Supreme Court in 1974 recognized a limited power by the White House to withhold certain communications between high officials and close aides who advise and assist them.
The withholding of the documents “may not be a smoking gun” proving White House obstructionism, said Goitein, a former Senate Judiciary Committee legal adviser.
Among the other explanations: The White House might have determined that the documents are not relevant to the inquiry or that they are indeed covered by executive privilege but that the president has not yet been forced to assert the claim, she said.
“The most nefarious explanation is that they are not privileged and the White House simply doesn’t want to hand them over,” Goitein said. “Executive privilege is generally asserted after negotiations and brinksmanship behind the scenes. People put on paper what they want to be formalized, and these negotiations by their very nature are very informal.”
The committee, the CIA and the White House have held periodic talks on the materials since 2009. Their apparent failure to resolve the standoff prompted Feinstein to write several letters last year to Obama’s chief legal adviser, Kathryn Ruemmler, seeking a resolution, McClatchy has learned.
A White House official, who declined to be further identified as a matter of administration policy, said that Ruemmler responded to Feinstein’s letters, although information obtained by McClatchy indicated that she hadn’t.
It was not known if the materials came up during a visit that Ruemmler and White House Chief of Staff Denis McDonough paid to Feinstein and the committee’s vice chairman, Sen. Saxby Chambliss, R-Ga., on Tuesday after Feinstein delivered her speech.
To date, the most explicit public reference to documents being withheld by the White House appears to have been made last August by Sen. Mark Udall, D-Colo., an Intelligence Committee member who has led calls for a full disclosure of the CIA interrogation program.
In written questions that he submitted for the confirmation process of former CIA General Counsel Stephen W. Preston to be the Pentagon’s top lawyer, Udall asked Preston what role he’d played in an agency decision to withdraw documents that initially had been provided to the committee staff.
“During the CIA’s document production of more than six million pages of records, the CIA removed several thousand CIA documents that the CIA believed could be subject to executive privilege claims by the president,” Udall wrote. “While the documents represent an admittedly small percentage of the total number of records produced, the documents – deemed responsive – have nonetheless not been provided to the committee.”
Preston responded that “a small percentage of the total number of documents was set aside for further review. The agency (CIA) has deferred to the White House and has not been substantially involved in subsequent discussions about the disposition of those documents.”
In a related episode in 2010 as described by Feinstein in her speech on Tuesday, the committee staff discovered that it was no longer able to access hundreds of documents that it previously had been able to read.
“This was done without the knowledge or approval of committee members or staff and in violation of our written agreements,” she said.
CIA personnel initially accused computer technicians of removing the documents and then asserted that they were pulled on the White House’s orders, Feinstein said. The White House denied issuing such orders, she said, and “the matter was resolved” with renewed administration and CIA pledges that there would be no further intrusions into the staff’s database.
Feinstein, however, did not say what happened to the documents.
The records being held by the White House are separate from materials generated by an internal CIA review of some 6.2 million pages of operational cables, emails and other top-secret documents made accessible to committee staff in a secret CIA electronic reading room in Northern Virginia. The committee approved a final draft of the $40 million, 6,300-page study in December 2012.
In his first significant comments on the scandal, Chambliss took to the Senate floor late Wednesday afternoon to launch an apparent counterattack on Feinstein’s speech.
“Although people speak as though we know all the pertinent facts surrounding this matter, the truth is, we do not,” said Chambliss, who pointed out that the committee’s Republican staff didn’t participate in investigating the detention and interrogation program.
“We do not have the actual facts concerning the CIA’s alleged actions or all of the specific details about the actions by the committee staff regarding the draft of what is now referred to as the Panetta internal document,” Chambliss said. “Both parties have made allegations against one another, and even speculated (on) each other’s actions, but there are still a lot of unanswered questions that must be addressed.”
“No forensics have been run on the CIA computers . . . at the CIA facility to know what actually happened either regarding the alleged CIA search or the circumstances under which the committee came into possession of the Panetta internal review document.”
And then comes this on the LA Times Tech page:
0314 US NSA posed as Facebook to infect computers with malware, report says
Complete with an ardent denial from the NSA:
[Updated 1:25 p.m. PDT March 13: The NSA has said that the report by the Intercept is inaccurate.
"NSA does not use its technical capabilities to impersonate U.S. company websites," the agency said in a statement. "Nor does NSA target any user of global Internet services without appropriate legal authority."]
The NSA has reportedly been using an automated system codenamed TURBINE to infect computers and networks with malware. (Patrick Semansky / Associated Press / June 6, 2013)
'Angry Birds' used for NSA, British spying efforts, documents say
Silicon Valley's reaction to Obama's NSA reforms: Not enough
Apple Gotofail bug: Simple mistake or NSA conspiracy?
By Salvador Rodriguez This post has been updated, as indicated below.
March 12, 2014, 11:34 a.m.
The National Security Agency has reportedly used automated systems to infect user computers with malware since 2010, according to a Wednesday report. And at times the agency pretended to be Facebook to install its malware.
The NSA has been using a program codenamed TURBINE to contaminate computers and networks with malware "implants" capable of spying on users, according to the Intercept, which cited documents provided by whistleblower Edward Snowden.
Between 85,000 and 100,000 of these implants have been deployed worldwide thus far, the report said.
ALSO: Will Flappy Bird fly again? Developer is 'considering it'
To infect computers with malware, the NSA has relied on various tactics, including posing as Facebook.
The federal agency performed what is known as a "man-on-the-side" attack in which it tricked users computers into thinking that they were accessing real Facebook servers. Once the user had been fooled, the NSA hacked into the user's computer and extracted data from their hard drive.
Facebook said it had no knowledge of the NSA"s TURBINE program, according to the National Journal. However, the social network said it is no longer possible for the NSA or hackers to attack users that way, but Facebook warned that other websites and social networks may still be vulnerable to those types of attacks.
"This method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year," Facebook told the National Journal. "If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected."
Other ways the NSA infects malware onto computers include sending out spam emails.
The NSA is capable of installing different kinds of malware, each capable of performing different tasks. According to the report, certain malware can:
Use a computer's microphone to record audio
Use a computer's webcam to take photos
Record a computer's Internet browsing history
Record login details and passwords use for Web services
Log users' keystrokes
Extract data from flash drives when they are plugged into infected computers
Block users from accessing certain websites
Corrupt files that computers attempt to download
When the NSA first began infecting computers with malware in 2004, it would do so manually, according to the report. At that time, only between 100 and 150 implants had been deployed.
Tony Benn: the establishment insider turned leftwing outsider
The upper-middle class nonconformist radical had a tireless reformist zeal who was loved and loathed in equal measure by both the right and the left
Tony Benn former Labour MP, cabinet minister, writer, and a much-admired hate figure Photograph: Murdo Macleod for the guardian
Tony Benn was one of the most mesmerising and divisive figures in the mainstream of postwar British politics. An establishment insider who became a rebellious leftwing outsider, a cabinet minister turned street protester and reviled prophet of capitalism's demise, he nonetheless managed in old age to become something of a national treasure. "It's because I'm harmless now," he would explain.
In the course of a 60-year career in public life which left a more lasting impact on the constitution than on the direction of governments or their policies – first as Anthony Wedgwood Benn, briefly as Viscount Stansgate, and from 1973 as plain Mr Benn – he was both loved and loathed in equal measure by countless voters who had never met him.
As such Benn stood in a long line of upper-class, nonconformist radicals with a moral crusader's unsettling zeal, as recognisably English as a character out of Anthony Trollope or even PG Wodehouse. His former Oxford tutor, later his Notting Hill neighbour and cabinet colleague, the cerebral Tony Crosland, was devoted to him even though he accused Benn – known to some intimates as "Jimmy" – of working so hard that "he creates endless crises". Crosland would say affectionately: "Nothing the matter with him except he's a bit cracked."
It was a lack of any direct dealings with their troublesome, often self-righteous colleague which characterised many of "Jimmy's" more ardent admirers in the opinion of detractors less forgiving than Crosland. To them he symbolised disastrous and rancorous splits in the 1970s and 80s, a decade of unrealistic self-indulgence made worse when fellow-leftwingers, Michael Foot and Neil Kinnock led the party. Between the left and Roy Jenkins's rightwing SDP split, it cost them power for 19 years.
Benn outside parliament in 1961. Photograph: Philip Jones Griffiths
Surviving Bennites and their leftwing allies in the unions and grassroots labour movement were quick to counter criticism with praise for his far-sighted warnings against globalisation or unaccountable corporate power and his resilient optimism, after Benn's death at 88 was announced on Friday. With the possible exceptions of Aneurin Bevan and Arthur Scargill on the left and Margaret Thatcher or Enoch Powell on the radical right, no mainstream postwar political figure aroused such partisan loyalty – or fear.
- Length: 66:09 minutes (60.57 MB)
- Format: MP3 Mono 44kHz 128Kbps (CBR)