NSA ends spying on messages Americans send about foreign surveillance targets

Today, a spokesperson for the National Security Agency announced that the agency would end the practice of “upstream” collection of messages sent by American citizens—messages that were not directed to targets of NSA intelligence collection but referred to “selectors” for those targets in the body of the communications. According to the statement, the NSA has put an end to that practice, which has been authorized since 2008 under the agency’s interpretation of Section 702 of the Foreign Intelligence Surveillance Act (FISA).

The announcement posted today states:

After a comprehensive review of mission needs, current technological constraints, United States person privacy interests, and certain difficulties in implementation, NSA has decided to stop some of its activities conducted under Section 702. These changes are designed to retain the upstream collection that provides the greatest value to national security while reducing the likelihood that NSA will acquire communications of U.S. persons or others who are not in direct contact with one of the Agency’s foreign intelligence targets.

The changes have been made part of a new Federal Intelligence Surveillance Court order that has narrowed the authorized scope of NSA surveillance.

Read 11 remaining paragraphs | Comments

Why is Microsoft trying to turn its Surface business into the next Nokia?

Microsoft’s third-quarter financial results were published yesterday, and they had many high points: cloud revenue is growing well (though we have some misgivings about how the numbers are reported), Windows outperformed the PC market, and Office 365 passed 100 million corporate seats. But there were a couple of significant black marks: Phone revenue has dropped to effectively zero, and Surface revenue was down sharply year on year, with a 26-percent drop in revenue.

The phone revenue is no big surprise: Microsoft has all but abandoned the market, and the last phones to sport a Microsoft logo—the Lumia 950 and 950 XL—are no longer sold. The company has been winding down its phone operation, writing off the entire value of the phone business it bought from Nokia and laying off thousands of former Nokia employees in the process.

But the story with Surface is more unsettling. In its analyst call, Microsoft ascribed the drop in Surface revenue to “product end-of-lifecycle dynamics,” whatever that means. The company’s 10Q filing used rather clearer language: Microsoft simply didn’t sell as many Surface systems.

Read 22 remaining paragraphs | Comments

Russian spy ship sunk by sheep barge; sheep (and sailors) unhurt

A veteran of the Cold War and a recent participant in Russian operations off Syria has been sent to the bottom of the Black Sea by a boat full of sheep. The 47-year-old Russian intelligence collection ship, the Liman, sank on April 27 after a collision in the Black Sea with a Togo-flagged livestock carrier carrying sheep from Romania to Jordan. The sheep-carrying Youzarsif H suffered only slight damage to its bow, but the Liman suffered a rupture in its hull below the waterline.

Designated by the Russian Navy as a “medium reconnaissance ship” (“Средний разведывательный корабль”), the Liman was smaller than more recently constructed, purpose-built intelligence ships like the Leonov (the spy ship that traveled up the US East Coast in February). Originally built as a hydrographic survey ship in 1970, it was converted in 1989 into a signals-intelligence collection ship, a class of vessels known in US naval parlance as AGIs (auxiliary, general intelligence). The conversion added passive underwater acoustic sensors along with electronic warfare equipment for collecting radio and radar signals.

Read 4 remaining paragraphs | Comments

Google Fiber building in Louisville despite lawsuit from AT&T and Charter

Google Fiber is getting ready to build a long-awaited network in Louisville, Kentucky despite recent layoffs at the ISP and lawsuits filed against Louisville’s local government by AT&T and Charter.

“Great news today, with Google Fiber saying they now officially are coming to Louisville. We’ve been working on this for years,” Louisville Mayor Greg Fischer said Wednesday in a video. Google Fiber could use both fiber and wireless technologies to connect customers.

Fischer made a nearly identical statement in September 2015 when he said Louisville was “announced as [the] next Google Fiber city.” But there have been a few complications since then.

Read 8 remaining paragraphs | Comments

Microsoft 3Q17: Cloud, Office, Windows strong, Surface slumps

In its third quarter of its 2017 financial year, Microsoft posted revenue of $22.1 billion, up 8 percent year-on-year, with an operating income of $5.6 billion, up 6 percent on a year ago, net income of $5.7 billion, up 28 percent, and earnings per share of $0.61, an increase of 30 percent over the same quarter a year ago.

As ever, Microsoft also offered alternative figures that book Windows 10 revenue up front instead of amortized over several years, and which hold exchange rates constant to remove the impact of rate fluctuations year-on-year (which gives some indication of year-to-year changes in actual sales transactions, if not of money in the bank). This quarter the currency differences are for the most part small, with an impact of only about 1 percent (the dollar was weaker than Microsoft expected), but Windows revenue deferral continues to be significant. Under these adjusted figures, revenue was $23.6 billion, up 7 percent, operating income was $7.1 billion, up 5 percent, net income was $5.7 billion, an increase of 16 percent, and earnings per share were $0.73, a 19 percent increase.

Microsoft currently has three reporting segments: Productivity and Business Processes (covering Office, Exchange, SharePoint, Skype, and Dynamics), Intelligent Cloud (including Azure, Windows Server, SQL Server, Visual Studio, and Enterprise Services), and More Personal Computing (covering Windows, hardware, and Xbox, as well as search and advertising).

Read 12 remaining paragraphs | Comments

Throttling of websites and online services might help customers, FCC says

You can now start filing public comments on the Federal Communications Commission plan to eliminate net neutrality rules.

The FCC today opened the docket, titled “Restoring Internet Freedom.” Clicking “New Filing” takes you to a form for uploading documents, while an “Express” filing lets you write a brief comment without uploading a document. FCC Chairman Ajit Pai also released the draft text of a Notice of Proposed Rulemaking (NPRM) that will be voted on at the May 18 FCC meeting. There will be another three months for public comments after that preliminary vote, and the FCC will make a final decision sometime after that.

It’s already pretty clear where this is going, though: Pai intends to overturn the 2015 net neutrality order, and the only question is whether anything will replace it. While previous FCC leaders decided that home Internet providers and mobile carriers shouldn’t be allowed to throttle websites and online services, Pai’s proposal suggests that the current ban on throttling hurts customers.

Read 12 remaining paragraphs | Comments

Russian-controlled telecom hijacks financial services’ Internet traffic

On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications.

Anomalies in the border gateway protocol—which routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks—are common and usually the result of human error. While it’s possible Wednesday’s five- to seven-minute hijack of 36 large network blocks may also have been inadvertent, the high concentration of technology and financial services companies affected made the incident “curious” to engineers at network monitoring service BGPmon. What’s more, the way some of the affected networks were redirected indicated their underlying prefixes had been manually inserted into BGP tables, most likely by someone at Rostelecom, the Russian government-controlled telecom that improperly announced ownership of the blocks.

“Quite suspicious”

“I would classify this as quite suspicious,” Doug Madory, director of Internet analysis at network management firm Dyn, told Ars. “Typically accidental leaks appear more voluminous and indiscriminate. This would appear to be targeted to financial institutions. A typical cause of these errors [is] in some sort of internal traffic engineering, but it would seem strange that someone would limit their traffic engineering to mostly financial networks.”

Read 8 remaining paragraphs | Comments

Punching holes in nomx, the world’s “most secure” communications protocol

This article was originally published on Scott Helme’s blog and is reprinted here with his permission.

I was recently invited to take part in some research by BBC Click, alongside Professor Alan Woodward, to analyze a device that had quite a lot of people all excited. With slick marketing, catchy tag lines and some pretty bold claims about its security, nomx claims to have cracked e-mail security once and for all. Down the rabbit hole we go!


You can find the official nomx site at nomx.com and right away you will see how secure this device is.

“Everything else is insecure.”

Read 88 remaining paragraphs | Comments