NSA whistleblower William Binney: Bulk data collection costs lives

News roundup: NSA whistleblower William Binney testifies in the U.K. against bulk data collection, a new Snowden revelation, Windows 10 snooping revealed, JavaScript ransomware, and more.

Bulk surveillance data collection makes citizens more vulnerable to terror attacks and costs lives, according to...

former NSA whistleblower William Binney.

Testifying before the U.K. government's Joint Select Committee reviewing the controversial draft Investigatory Powers Bill (IP Bill), Binney argued that bulk data collection has already cost lives in the United States, and that it tends to swamp intelligence analysts with too much information rather than allow them to be more selective about what information they gather.

Binney said that if they had been using a more targeted approach to data collection, French intelligence "could have had the opportunity to stop them before the attack" in the November 2015 terror actions in Paris. Binney also said that the U.K.'s Government Communications Headquarters (GCHQ) should not do bulk data collection given that the law to allow it is currently still in draft form.

When the committee asked whether bulk data collection would give the GCHQ another tool "to find needles in haystacks," Binney answered: "It's not helpful to make the haystack orders of magnitude bigger, because it creates orders of magnitude more difficulty in finding the needle," adding that "using a targeted approach would give you the needles and anything closely associated to the needles right from the start."

Speaking about NSA's bulk data collection program, Binney said it "has made their analysts fail, and they have failed consistently since 9/11, and even before that." Binney testified that using a more targeted approach to data collection "will give privacy to everybody in the world."

Unredacted Snowden disclosure

The NSA targeted "the two leading encryption chips used in Virtual Private Network and Web encryption devices," reported Glenn Greenwald of The Intercept this week. That information had been redacted in earlier reports from The Intercept about NSA activity revealed in the Snowden leaks in 2013, due to concerns that terrorists might be able to use the information to identify and avoid using encryption products that had been subverted by NSA.

Greenwald revisited the original leaked documents in light of the recent disclosures about backdoors in Juniper Networks firewalls, and decided that it was in the public interest to publish the unredacted sentence.

Speaking to The Intercept, Matthew Green, a cryptography expert at Johns Hopkins, declined to speculate on which manufacturers the NSA document references. But Green told The Intercept that "the damage has already been done," and that he believes foreign companies are increasingly concerned about working with encryption technology from U.S. companies.

Windows 10 knows what you've been doing

Microsoft is also making privacy inroads -- but not the good kind. The software giant collected a lot of what some users may consider private information through Windows 10. To celebrate the success of the newest version of Windows, Microsoft released some of the data they had collected from the 200 million systems on which Windows 10 has already been installed.

For example, Microsoft reported that 82 billion photos had been viewed with the Windows 10 Photo app, and gamers spent over 4 billion hours playing PC games on Windows 10. Speculation was rife over how much detail on this type of data Microsoft has acquired and stored.

The revelations should be worrisome, according to Martin Brinkmann, founder of Ghacks.net: "While it is unclear what data is exactly collected, it is clear that the company is collecting information about the use of individual applications and programs on Windows at the very least."

In other news

  • Ransom32, the first JavaScript ransomware, was reported this week by Fabian Wosar of antimalware vendor Emsisoft. While at first glance Ransom32 appears similar to many other malware campaigns, according to Wosar, the key difference is that it is a JavaScript program, delivered in a self-extracting WinRAR archive. So far, Ransom32 has only been seen attacking Windows systems, but there is no reason it could not be repackaged to attack Linux or Mac OS X. Ransom32 is "built entirely on JavaScript, something which has not been seen before," according to Will Gragido, head of threat intelligence research at Digital Shadows. "It's cross-platform applicable, meaning that it can be effectively used on Windows, Mac, and Linux devices," Gragido told SearchSecurity.
  • The Netherlands is the latest nation to weigh in on the issue of strong encryption and backdoors -- but they are bucking the trend toward less privacy. The Dutch government moved to endorse the use of strong cryptography, without backdoors, in a government position paper (Dutch language) released this week. The paper stated: "The government believes that it is currently not appropriate to adopt restrictive legal measures against the development, availability and use of encryption within the Netherlands," according to a report by The Register. Unlike in the U.S. or China, the Dutch approach recognizes that providing access to encrypted data to law enforcement would make systems more vulnerable to criminals, terrorists and foreign intelligence agencies.
  • Entering the cybersecurity education field this week is CyberVista, a wholly owned subsidiary of SAT test preparation giant Kaplan Inc., and sister company Graham Holdings Company. "We see an enormous opportunity in cybersecurity education and workforce development," said Timothy O'Shaughnessy, president and CEO of Graham Holdings Company, in a press release. "There is a documented cyber workforce shortage that continues to grow. With the strength of our company coupled with the world-class education expertise gleaned from Kaplan, CyberVista is well-equipped to meet this critical need in the market."
  • Adobe closed last year off with a set of critical patches for Flash, but this week, zero-day exploit seller Zerodium began soliciting exploits that defeat the patched Flash. Zerodium tweeted: "Adobe added isolated heap to Flash. This month we pay $100K (with sandbox) and $65K (without sandbox) per #exploit bypassing this mitigation."
  • Internet of things users should be aware: A list of default root/admin passwords for over 100 ICS/SCADA devices has been published on GitHub, including device models, vendors, and source of the default login information. Also included are the port and protocols by which access is made available.

Next Steps

Read more about what the U.K.'s Investigatory Powers Bill will mean for the telecommunications industry.

Find out more about William Binney's argument against bulk data collection.

Learn how recent NSA revelations could point to the potential for creating a police state.

Dig Deeper on Information Security Laws, Investigations and Ethics

PRO+

Content

Find more PRO+ content and other member only offers, here.

Related Discussions

Peter Loshin asks:

Do you believe that unlimited bulk data collection will aid or hamper anti-terror efforts by government agencies? Will the resulting loss of privacy be worth it?

0  Responses So Far

Join the Discussion

2 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close