TOPs Site Index

Tuesday, July 20, 2010

The WaShInGtOn PoSt ReVeAlS 'ToP $eCrEt AmErIcA' Thank You WP (3)

By Max Fisher July 19, 2010 - The Washington Post

The Washington Post has unveiled its comprehensive, alarming, and much-anticipated report on "Top Secret America." The dedicated site details the billions of dollars in private, for-profit intelligence operations that have emerged since Sept. 11, 2001, which the Post calls our "fourth branch" of government. Led by reporters William Arkin and Pulitzer Prize-winner Dana Priest, the investigation was two years in the making and shook up the vast U.S. intelligence community even before it was released. The "Top Secret America" website includes articles, videos, interactive features, and maps all begging to be explored. But here's the executive summary.

* The Intelligence-Industrial Complex Priest and Arkin write, "This is not exactly President Dwight D. Eisenhower's 'military-industrial complex,' which emerged with the Cold War and centered on building nuclear weapons to deter the Soviet Union. This is a national security enterprise with a more amorphous mission: defeating transnational violent extremists. Much of the information about this mission is classified. That is the reason it is so difficult to gauge the success and identify the problems of Top Secret America, including whether money is being spent wisely. ... the Bush administration and Congress gave agencies more money than they were capable of responsibly spending. ... In all, at least 263 organizations have been created or reorganized as a response to 9/11. Each has required more people, and those people have required more administrative and logistic support. ... With so many more employees, units and organizations, the lines of responsibility began to blur."

* Our Fourth Branch The introductory video states, "In response to 9/11, a fourth branch has emerged. It is protected from public scrutiny by overwhelming secrecy. ... It has become so big, and the lines of responsibility so blurred, that even our nation's leaders don't have a handle on it. Where is it? It's being built from coast to coast, hidden within some of America's most familiar cities and neighborhoods. In Colorado, in Nebraska, in Texas, in Florida, in the suburbs of Washington, DC. Top Secret America includes hundreds of federal departments and agencies operating out of 1300 facilities around this country. They contract of nearly 2,000 companies. In all, more people than live in our nation's capital have top secret security
clearance." The screen flashes "850,000 Americans with top secret clearance."

* Why This Is Dangerous The Post's editors write in an introductory note, "When it comes to national security, all too often no expense is spared and few questions are asked - with the result an enterprise so massive that nobody in government has a full understanding of it. It is, as Dana Priest and William M. Arkin have found, ubiquitous, often inefficient and mostly invisible to the people it is meant to protect and who fund it. ... Within a responsible framework, our objective is to provide as much information as possible, so readers gain a real, granular understanding of the scale and breadth of the top-secret world we are describing."

* 5 Points on the Private Spy Industry's Huge Size Priest and Arkin write, "(1) Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States. (2) An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances. (3) In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings - about 17 million square feet of space. (4) Many security and intelligence agencies do the same work, creating redundancy and waste. For example, 51 federal organizations and military commands, operating in 15 U.S. cities, track the flow of money to and from terrorist networks. (5) Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year - a volume so large that many are routinely ignored."

* How This Size Makes National Security Impossible Priest and Arkin explain:

Underscoring the seriousness of these issues are the conclusions of retired Army Lt. Gen. John R. Vines, who was asked last year to review the method for tracking the Defense Department's most sensitive programs. Vines, who once commanded 145,000 troops in Iraq and is familiar with complex problems, was stunned by what he discovered.

"I'm not aware of any agency with the authority, responsibility or a process in place to coordinate all these interagency and commercial activities," he said in an interview. "The complexity of this system defies description."

The result, he added, is that it's impossible to tell whether the country is safer because of all this spending and all these activities. "Because it lacks a synchronizing process, it inevitably results in message dissonance, reduced effectiveness and waste," Vines said. "We consequently can't effectively assess whether it is making us more safe."

"And Ye Shall Know The Truth And The Truth Shall Set You Free"

WAKE UP AMERICA....ITs OUR COUNTRY!!!

Love "Light" and Energy

_Don

References:

[What They Know About You] Oh My God!

Hidden World, Growing Beyond Control

Note From the Editors

The Ominous Parallels Report

Saturday, July 10, 2010

ThReAt of 'CyBeRwAr' Ha$ BeEn HuGeLy HiyPeD

Saturday, July 10, 2010

By Bruce Schneier

Editor's note: Bruce Schneier is a security technologist and author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain World.

It's about who is in charge of cyber security, and how much control the government will exert over civilian networks. And by beating the drums of war, the military is coming out on top.

"The United States is fighting a cyberwar today, and we are losing," said former NSA director -- and current cyberwar contractor -- Mike McConnell. "Cyber 9/11 has happened over the last ten years, but it happened slowly so we don't see it," said former National Cyber Security Division director Amit Yoran. Richard Clarke, whom Yoran replaced, wrote an entire book hyping the threat of cyberwar. 

General Keith Alexander, the current commander of the U.S. Cyber Command, hypes it every chance he gets. This isn't just rhetoric of a few over-eager government officials and headline writers; the entire national debate on cyberwar is plagued with exaggerations and hyperbole.

Googling those names and terms -- as well as "cyber Pearl Harbor," "cyber Katrina," and even "cyber Armageddon" -- gives some idea how pervasive these memes are. Prefix "cyber" to something scary, and you end up with something really scary.

Cyberspace has all sorts of threats, day in and day out. Cybercrime is by far the largest: fraud, through identity theft and other means, extortion, and so on. Cyber-espionage is another, both government- and corporate-sponsored. Traditional hacking, without a profit motive, is still a threat. So is cyber-activism: people, most often kids, playing politics by attacking government and corporate websites and networks.

These threats cover a wide variety of perpetrators, motivations, tactics, and goals. You can see this variety in what the media has mislabeled as "cyberwar." The attacks against Estonian websites in 2007 were simple hacking attacks by ethnic Russians angry at anti-Russian policies; these were denial-of-service attacks, a normal risk in cyberspace and hardly unprecedented. 

A real-world comparison might be if an army invaded a country, then all got in line in front of people at the DMV so they couldn't renew their licenses. If that's what war looks like in the 21st century, we have little to fear.

Similar attacks against Georgia, which accompanied an actual Russian invasion, were also probably the responsibility of citizen activists or organized crime. A series of power blackouts in Brazil was caused by criminal extortionists -- or was it sooty insulators? China is engaging in espionage, not war, in cyberspace. And so on.

One problem is that there's no clear definition of "cyberwar." What does it look like? How does it start? When is it over? Even cybersecurity experts don't know the answers to these questions, and it's dangerous to broadly apply the term "war" unless we know a war is going on.

Yet recent news articles have claimed that China declared cyberwar on Google, that Germany attacked China, and that a group of young hackers declared cyberwar on Australia. (Yes, cyberwar is so easy that even kids can do it.) Clearly we're not talking about real war here, but a rhetorical war: like the war on terror.

We have a variety of institutions that can defend us when attacked: the police, the military, the Department of Homeland Security, various commercial products and services, and our own personal or corporate lawyers. The legal framework for any particular attack depends on two things: the attacker and the motive. Those are precisely the two things you don't know when you're being attacked on the Internet. We saw this on July 4 last year, when U.S. and South Korean websites were attacked by unknown perpetrators from North Korea -- or perhaps England. Or was it Florida?

We surely need to improve our cybersecurity. But words have meaning, and metaphors matter. There's a power struggle going on for control of our nation's cybersecurity strategy, and the NSA and DoD are winning. If we frame the debate in terms of war, if we accept the military's expansive cyberspace definition of "war," we feed our fears.

We reinforce the notion that we're helpless -- what person or organization can defend itself in a war? -- and others need to protect us. We invite the military to take over security, and to ignore the limits on power that often get jettisoned during wartime.

If, on the other hand, we use the more measured language of cybercrime, we change the debate. Crime fighting requires both resolve and resources, but it's done within the context of normal life. We willingly give our police extraordinary powers of investigation and arrest, but we temper these powers with a judicial system and legal protections for citizens.

We need to be prepared for war, and a Cyber Command is just as vital as an Army or a Strategic Air Command. And because kid hackers and cyber-warriors use the same tactics, the defenses we build against crime and espionage will also protect us from more concerted attacks. But we're not fighting a cyberwar now, and the risks of a cyberwar are no greater than the risks of a ground invasion. We need peacetime cyber-security, administered within the myriad structure of public and private security institutions we already have.

"And Ye Shall Know The Truth and The Truth Will Set You Free"

WAKE UP AMERICA.....IT(s) OUR COUNTRY!!!

Love "Light" and Energy

_Don

References:

Related:

The use of third party advocates or front groups for the dissemination of US government propaganda is well documented: JSOU: Covert Blogs & Military Information Strategy

[Cyber War]

[$enators ramp up cyberwar rhetoric]

[$o-called Cyberattack Was Overblown]

[Chinese Cyberattacks: Myth or Menace?]

[‘Cyberwar’ and Estonia’s Panic Attack]

[No line between cyber crime and cyber war]

[Cyberwar: China Declares War On Western Search Sites]

[Georgia Cyberattacks Linked to Russian Organized Crime]

[Mike McConnell on how to win the cyber-war we're losing]

[Georgia Cyber Attacks From Russian Government? Not So Fast]

LOL [Cyberattacks an 'existential threat' to U.S., FBI says] LOL

[Top Officer Fears Cyberwar, Hearts Karzai, Tweets With Help]

[Brazilian Blackout Traced to Sooty Insulators, Not Hackers]

[Mike McConlol, the WashPost & the dangers of sleazy corporatism]

[Cyber Command: We Don’t Wanna Defend the Internet (We Just Might Have To)]

[NSA Must Examine All Internet Traffic to Prevent Cyber Nine-Eleven, Top Spy Says]  

[Pentagon Networks Targeted by ‘Hundreds of Thousands’ of Probes (Whatever That Means)]

[Fearing 'Cyber Katrina,' Obama Candidate for Cyber Czar Urges a ''FEMA for the Internet']

Wednesday, July 7, 2010

MiCrOsOfT AcCuSeS ApPle, GoOlEnSa of AtTeMpTeD PrIvAcY MuRdER

Wednesday, July 7, 2010 - Thanks to the 'Senator' for this link ;)

By Ms. Smith

A Microsoft identity guru bit Apple and smacked Google over mobile privacy policies. Once upon a time, before working for Microsoft, this same man took MS to task for breaking the Laws of Identity.

Kim Cameron, Microsoft's Chief Identity Architect in the Identity and Security Division, said of Apple, "If privacy isn’t dead, Apple is now amongst those trying to bury it alive." What prompted this was when Cameron visited the Apple App store to download a new iPhone application. When he discovered Apple had updated its privacy policy, he read all 45 pages on his iPhone. Page 37 lets Apple users know:

======> Collection and Use of Non-Personal Information 

[Google’s DNA ‘Bio-Piracy’ & Federal DNA Databanks]

We also collect non-personal information - data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:

We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.

======> Collection and Use of Non-Personal Information

The MS identity guru put the smack down not only on Apple, but also on Google, writing in his blog, "Maintaining that a personal device fingerprint has 'no direct association with any specific individual' is unbelievably specious in 2010 - and even more ludicrous than it used to be now that Google and others have collected the information to build giant centralized databases linking phone MAC addresses to house addresses. And - big surprise - my iPhone, at least, came bundled with Google’s location service."

MAC in this case refers to Media Access Control addresses associated with specific devices and one of the types that Google collected. Google admits to collecting MAC addresses of WiFi routers, but denies snagging MAC addresses of laptops or phones. Google is under mass investigation for its WiFi blunder.

Apple's new policy is also under fire from two Congressmen who gave Apple until July 12th to respond. Reps. Edward J. Markey (D-Mass.) and Joe Barton (R-Texas) sent a letter to Apple CEO Steve Jobs asking for answers about Apple gathering location information on its customers.

As far as Cameron goes, Microsoft's Chief Identity Architect seems to call out anyone who violates privacy. That includes Microsoft. According to Wikipedia's article on Microsoft Passport:

======> Microsoft Passport

"A prominent critic was Kim Cameron, the author of the Laws of Identity, who questioned Microsoft Passport in its violations of those laws. He has since become Microsoft's Chief Identity Architect and helped address those violations in the design of the Windows Live ID identity meta-system. As a consequence, Windows Live ID is not positioned as the single sign-on service for all web commerce, but as one choice of many among identity systems."


======> Microsoft Passport

Cameron seems to believe location based identifiers and these changes of privacy policies may open the eyes of some people to the, "new world-wide databases linking device identifiers and home addresses."

"And Ye Shall Know The Truth and The Truth Will Set You Free"

WAKE UP AMERICA.....IT(s) OUR COUNTRY!!!

Love "Light" and Energy

_Don

References:

[Countermeasures]

[Windows Live ID]

[The Laws of Identity]

[Apple Privacy Policy]

[Letter to Apple CEO Steve Jobs]

[Microsoft's Chief Identity Architect]

[Update to iTunes comes with privacy fibs]

[The Consumerist says “Apple is Watching”]

[What Could Google Do With the Data It's Collected?]