•   
  •   
  •   

US Spy agency ducks questions about 'back doors' in tech products

14:10  28 october  2020
14:10  28 october  2020 Source:   reuters.com

Kaiden Guhle, 16th pick in 2020 draft, signs entry-level contract with Canadiens

  Kaiden Guhle, 16th pick in 2020 draft, signs entry-level contract with Canadiens Guhle was selected with the 16th pick in the draft earlier this month and plays for the Prince Albert Raiders of the WHL. The contract will have an average annual value of $925K.Guhle, 18, scored 40 points in 64 games for the Raiders this season, but actually is much more known for his play on the defensive side of the puck. The 6-foot-2 defenseman uses his brilliant mobility and active stick to shut down rushes quickly and effectively before moving the puck to his forwards instead of carrying it into the offensive zone himself. He can play both special teams but once again excels more in the penalty-killing role and could become a true shutdown defender in the NHL.

Related Articles. Spy agency ducks questions about ' back doors ' in tech products By Reuters - Oct 28, 2020. By Joseph Menn SAN FRANCISCO (Reuters) - The U.S. National Security Agency is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place

AIVD, the Dutch spy agency is investigating an alleged hidden back door in Huawei telecoms equipment, sources say they are also looking at links to Chinese espionage. Coming a day after President Trump signed his executive order, a bad week for Huawei just got a lot worse.

By Joseph Menn

an aerial view of a city: FILE PHOTO: FILE PHOTO: An aerial view of the National Security Agency headquarters in Ft. Meade, Maryland © Reuters/Larry Downing FILE PHOTO: FILE PHOTO: An aerial view of the National Security Agency headquarters in Ft. Meade, Maryland

SAN FRANCISCO (Reuters) - The U.S. National Security Agency is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place so-called back doors into commercial technology products, in a controversial practice that critics say damages both U.S. industry and national security.

The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others.

Agent: 13 teams have reached out to Mike Hoffman

  Agent: 13 teams have reached out to Mike Hoffman Atlanta Falcons Interim Head Coach Raheem Morris discusses how he is conducting practices now as the head coach

There’s no back door that can only be used by the good guys, they argue, and weakening the tech In it, he included increased spy powers in the form of the Investigatory Powers Bill — but at the time If Apple provides back doors in its software for Britain, then why not China, or Russia, or Saudi Arabia?

The Snowden leaks have proven that spy agencies are interested in tapping into smartphones, and they have created tools that can hack and remotely access Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world.

These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant. Agency advocates say the practice has eased collection of vital intelligence in other countries, including interception of terrorist communications.

The agency developed new rules for such practices after the Snowden leaks in order to reduce the chances of exposure and compromise, three former intelligence officials told Reuters. But aides to Senator Ron Wyden, a leading Democrat on the Senate Intelligence Committee, say the NSA has stonewalled on providing even the gist of the new guidelines.

“Secret encryption back doors are a threat to national security and the safety of our families – it’s only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security,” Wyden told Reuters. “The government shouldn’t have any role in planting secret back doors in encryption technology used by Americans.”

Ducks to loan defenseman Jacob Larsson to Swedish team

  Ducks to loan defenseman Jacob Larsson to Swedish team This loan will give Larsson a chance to get in some much-needed game action, as Anaheim was one of the teams that didn’t return to play this summer, and give him some momentum heading into training camp. Subscribe to Yardbarker's Morning Bark, the most comprehensive newsletter in sports. Customize your email to get the latest news on your favorite sports, teams and schools. Emailed daily.

Finance Minister Malusi Gigaba has ducked a question on why Mandisa Mokwena was able to be an employee at SARS, while also being employed as a state Democratic Alliance Member of Parliament Alf Lees asked Gigaba in a written question why the SARS commissioner permitted this arrangement.

Senators focused their questions on Director of National Intelligence Dan Coats and Adm. Mkike Rogers, director of the National Security Agency , because Senators and the heads of the intelligence agencies awkwardly moved back and forth between talking about the interception of communications

The agency declined to say how it had updated its policies on obtaining special access to commercial products. NSA officials said the agency has been rebuilding trust with the private sector through such measures as offering warnings about software flaws.

“At NSA, it's common practice to constantly assess processes to identify and determine best practices,” said Anne Neuberger, who heads NSA’s year-old Cybersecurity Directorate. “We don’t share specific processes and procedures.”

Three former senior intelligence agency figures told Reuters that the NSA now requires that before a back door is sought, the agency must weigh the potential fallout and arrange for some kind of warning if the back door gets discovered and manipulated by adversaries.

The continuing quest for hidden access comes as governments in the United States, the United Kingdom and elsewhere seek laws that would require tech companies to let governments see unencrypted traffic. Defenders of strong encryption say the NSA’s sometimes-botched efforts to install back doors in commercial products show the dangers of such requirements.

Devils sign veteran defenseman Dmitry Kulikov to one-year, $1.15M deal

  Devils sign veteran defenseman Dmitry Kulikov to one-year, $1.15M deal Kulikov gives the team another veteran option to deploy in case they aren’t ready for NHL action. Subscribe to Yardbarker's Morning Bark, the most comprehensive newsletter in sports. Customize your email to get the latest news on your favorite sports, teams and schools. Emailed daily.

Agencies privately concede that ‘intrusive’ practices can invade privacy and that data is gathered on people ‘unlikely to be of interest’. IPT sessions hear secret evidence behind closed doors . Release of these internal records follows admissions by David Cameron and by parliament’s intelligence and

Inserting back doors in systems for Law Enforcement is a bad thing because it opens a back door Get the tech from US or UK backdoors ? I don't hear anyone talking about how Canada needs to Literally the most predictable thing in the world, the exact reason everyone warns about back doors .

Critics of the NSA’s practices say they create targets for adversaries, undermine trust in U.S. technology and compromise efforts to persuade allies to reject Chinese technology that could be used for espionage, since U.S. gear can also be turned to such purposes.

In at least one instance, a foreign adversary was able to take advantage of a back door invented by U.S. intelligence, according to Juniper Networks Inc, which said in 2015 its equipment had been compromised. In a previously unreported statement to members of Congress in July seen by Reuters, Juniper said an unnamed national government had converted the mechanism first created by the NSA. The NSA told Wyden staffers in 2018 that there was a "lessons learned" report about the Juniper incident and others, according to Wyden spokesman Keith Chu.

Ron Wyden wearing a suit and tie: FILE PHOTO: The Senate Finance Committee holds hearing on role of unemployment insurance during coronavirus pandemic in Washington © Reuters/LEAH MILLIS FILE PHOTO: The Senate Finance Committee holds hearing on role of unemployment insurance during coronavirus pandemic in Washington

“NSA now asserts that it cannot locate this document,” Chu told Reuters.

NSA and Juniper declined to comment on the matter.

Tyler Bertuzzi, Detroit Red Wings exchange arbitration figures

  Tyler Bertuzzi, Detroit Red Wings exchange arbitration figures Sportswriter Ray Didinger joins Angelo Cataldi and the Morning team to discuss why he thinks the Philadelphia Eagles have the best chance to win the NFC East.

Chinese tech giant Huawei reportedly has a hidden “ backdoor ” into the network of an unnamed but AIVD said it would not comment on the report, but in April the agency said it was “undesirable for the US President Trump waves from the back of a car in a motorcade outside of Walter Reed Medical

Machines produced by the state- backed technology company, which is the largest PC producer in the world, are claimed to have been found in tests by MI5 Scientists are claimed to have identified highly-classified “ back doors ” in chips used in Lenovo machines which are extremely difficult to identify and


Video: NSA advisory warns US Department of Defense about Chinese government hackers (Fox Business)

JUNIPER’S COMPROMISE

The NSA has pursued many means for getting inside equipment, sometimes striking commercial deals to induce companies to insert back doors, and in other cases manipulating standards - namely by setting processes so that companies unknowingly adopt software that NSA experts can break, according to reports from Reuters and other media outlets.

The tactics drew widespread attention starting in 2013, when Snowden leaked documents referencing these practices.

Tech companies that were later exposed for having cut deals that allowed backdoor access, including security pioneer RSA, lost credibility and customers. Other U.S. firms lost business overseas as customers grew wary of the NSA’s reach.

All of that prompted a White House policy review.

“There were all sorts of 'lessons learned' processes,” said former White House cybersecurity coordinator Michael Daniel, who was advising then-president Barack Obama when the Snowden files erupted. A special commission appointed by Obama said the government should never “subvert” or “weaken” tech products or compromise standards.

Flames sign Josh Leivoj to one-year, $875K deal

  Flames sign Josh Leivoj to one-year, $875K deal -

The White House did not publicly embrace that recommendation, instead beefing up review procedures for whether to use newly discovered software flaws for offensive cyber operations or get them fixed to improve defense, Daniel and others said.

The secret government contracts for special access remained outside of the formal review.

“The NSA had contracts with companies across the board to help them out, but that’s extremely protected,” said an intelligence community lawyer.

The starkest example of the risks inherent in the NSA’s approach involved an encryption-system component known as Dual Elliptic Curve, or Dual EC. The intelligence agency worked with the Commerce Department to get the technology accepted as a global standard, but cryptographers later showed that the NSA could exploit Dual EC to access encrypted data.

RSA accepted a $10 million contract to incorporate Dual EC into a widely used web security system, Reuters reported https://www.reuters.com/article/us-usa-security-rsa-idUSBRE9BJ1C220131220 in 2013. RSA said publicly that it would not have knowingly installed a back door, but its reputation was tarnished and the company was sold.

Juniper Networks got into hot water over Dual EC two years later. At the end of 2015, the maker of internet switches disclosed that it had detected malicious code in some firewall products. Researchers later determined that hackers had turned the firewalls into their own spy tool https://www.reuters.com/article/idUSKBN0UN07520160109 by altering Juniper’s version of Dual EC.

Canucks decline to buy out center Brandon Sutter

  Canucks decline to buy out center Brandon Sutter One thing of note Saturday was when the Vancouver Canucks passed on a second potential buyout window. The value of the buyout meant that the only player it likely would have applied to was center Brandon Sutter. However, the Canucks opted not to make a move to buy him out, according to Postmedia’s Ben Kuzma. © Perry Nelson-USA TODAY Sports Sutter, who is entering the final season of a five-year, $21.

Juniper said little about the incident. But the company acknowledged to security researcher Andy Isaacson in 2016 that it had installed Dual EC as part of a “customer requirement,” according to a previously undisclosed contemporaneous message seen by Reuters. Isaacson and other researchers believe that customer was a U.S. government agency, since only the U.S. is known to have insisted on Dual EC elsewhere.

Juniper has never identified the customer, and declined to comment for this story.

Likewise, the company never identified the hackers. But two people familiar with the case told Reuters that investigators concluded the Chinese government was behind it. They declined to detail the evidence they used.

The Chinese government has long denied involvement in hacking of any kind. In a statement to Reuters, the Chinese foreign ministry said that cyberspace is "highly virtual and difficult to trace. It is extremely irresponsible to make accusations of hacker attacks without complete and conclusive evidence. At the same time, we also noticed that the report mentioned that it was the U.S. intelligence agency - the National Security Agency - that created this backdoor technology."

NERVOUS COMPANIES

Wyden remains determined to find out exactly what happened at Juniper and what has changed since as the encryption wars heat up.

This July, in previously unreported responses to questions from Wyden and allies in Congress https://www.reuters.com/article/idUSKBN23H2C9, Juniper said that an unidentified nation was believed to be behind the hack into its firewall code but that it had never investigated why it installed Dual EC in the first place.

“We understand that there is a vigorous policy debate about whether and how to provide government access to encrypted content,” it said in a July letter. “Juniper does not and will not insert back doors into its products and we oppose any legislation mandating back doors.”

A former senior NSA official told Reuters that many tech companies remain nervous about working covertly with the government. But the agencies’ efforts continue, the person said, because special access is seen as too valuable to give up.

(Reporting by Joseph Menn; editing by Jonathan Weber and Edward Tobin)

Flames seeking right-side defenseman? .
Flames general manager Brad Treliving is still actively seeking another right-side defenseman, evaluating both the free-agent and trade markets. Whether this is due to Tanev’s injury history or Andersson’s inexperience, it is believed that Treliving would like to add another established right-handed defenseman. However, that might be easier said than done given Calgary’s salary-cap situation. The aforementioned six defensemen under contract are part of a group of CapFriendly’s current roster projection of 21 players that comes in just about $1M under the salary-cap ceiling.

usr: 6
This is interesting!