What are /r/NSALeaks' favorite Products & Services?

From 3.5 billion Reddit comments

"Never let a perfectly good crisis go to waste."

See also: Naomi Klein's The Shock Doctrine as establishment's go-to response to any crisis to push unpopular measures onto a panicked populace.

>WikiLeaks releases today the "Investment Chapter" from the secret negotiations of the TPP (Trans-Pacific Partnership) agreement. The document adds to the previous WikiLeaks publications of the chapters for Intellectual Property Rights (November 2013) and the Environment (January 2014).

>The TPP Investment Chapter, published today, is dated 20 January 2015. The document is classified and supposed to be kept secret for four years after the entry into force of the TPP agreement or, if no agreement is reached, for four years from the close of the negotiations.

>Julian Assange, WikiLeaks editor said: "The TPP has developed in secret an unaccountable supranational court for multinationals to sue states. This system is a challenge to parliamentary and judicial sovereignty. Similar tribunals have already been shown to chill the adoption of sane environmental protection, public health and public transport policies."

>Current TPP negotiation member states are the United States, Japan, Mexico, Canada, Australia, Malaysia, Chile, Singapore, Peru, Vietnam, New Zealand and Brunei. The TPP is the largest economic treaty in history, including countries that represent more than 40 per cent of the world´s GDP.

>Download the PDF for Secret Trans-Pacific Partnership Agreement - TPP, Investment chapter.

>Full Press Release here

Click thru for further analysis and coverage. Visit Wikileaks for their coverage of other chapters of the TPP.

And, thanks much to /u/AltThink for submitting a link to the above PDF!

Anyone taking this class want to come back here and provide a running series of posts highlighting the classes? We'll give high priority to your reviews and if you're interested, perhaps a Moderator slot (if your regular posting history isn't Crazy-Pants and if you contribute to our Sub afterwards)

>Stanford Law School instructor Jonathan Mayer's idea is a simple one: teach surveillance law online, for free. On the deep web, if you want.

>Mayer told me the Stanford surveillance law course is designed for two audiences. If a student would like to understand the big picture of government surveillance, there will be online readings, quizzes, and a forum designed for that ambition. But, if they would prefer a quick background on a particular issue—say, Ronald Reagan's Executive Order 12333, which authorized the NSA's mass data collection—then students can “pop in” for just that lecture.

Click thru for more.

And, please reply to this if you're considering taking this course. Even if you're not considering becoming a /r/NSALeaks columnist. :)

>Until now, I haven’t written about my modest role in the Snowden leak, but with the release of Poitras’s documentary on him, “Citizenfour,” I feel comfortable connecting the dots. I think it’s helpful to show how privacy technologists can work with sources and journalists to make it possible for leaks to happen in a secure way. Securing those types of interactions is part of my job now that I work with Greenwald and Poitras at The Intercept, but there are common techniques and general principals from my interactions with Snowden that could serve as lessons to people outside this organization.

An excellent earlier article on Micah Lee is here. Warning: includes photos of Micah's incredibly cute tabby cats!

There are forks, like this.
The original devs "claimed" that TC is not secure, so I guess for many people that would cause enough of a doubt to not trust it.
Also, users need to trust devs of a fork, and we have no idea who they are (not that we knew original devs).
I personally don't see any reasons not to use 7.1a, if I needed encryption.

> Getting secure encryption

Let's not put the cart before the horse here. Microsoft offers a huge amount of "encryption" with their data services, but Microsoft does all of the encrypting and has multiple backdoors into their encrypted data (even though they publically claim not to).

I'm interested to see how Yahoo! architects this solution before I take any credence in it's ability to thwart surveillance. It's likely explicitly designed with law enforcement backdoors. Do you think that Yahoo! really wants people peddling encrypted child pornography via their web services? Are they really going to turn around and tell the FBI and local law enforcement that they can't do anything? I doubt it.

In addition, you can already use Yahoo! Mail with Thunderbird's PGP plug in. I would recommend doing that long before attempting to use their "encryption" system.

[Edit:] This already in place: https://www.mailvelope.com

Note this is a blog from a partially commercial provider. This post isn't an official endorsement of their products or services. But this announcement is great news.

>We have released version 3.0 of OpenPGPjs, an open source OpenPGP library

>We’re happy to announce a major new version of OpenPGPjs, the world’s most widely used JavaScript PGP encryption library. Version 3.0 brings many enhancements to the hundreds of applications and millions of users who rely on OpenPGPjs.

>At ProtonMail, a big part of our mission is to make strong encryption and privacy accessible to every single person. While the ProtonMail and ProtonVPN services go a long way towards doing that, we also allocate a lot of resources into the research and development of better cryptographic tools and processes. The goal of the OpenPGPjs project is to make public-key cryptography not only available to users, but also to the global developer community. Simply put, the widespread availability of open-source and secure cryptography libraries is a prerequisite of the privacy revolution. As maintainers of the OpenPGPjs project, this is our priority. You can learn more about OpenPGPjs here and here.

Click thru for more.

unquestionably the worst privacy guide I've ever read.

If you think installing this app is going to enhance your privacy, you're out of your mind.

Total bullshit. Proof that the iOS was announced a day after the NSA slides.

http://i.imgur.com/VZb0uoS.png

Found by Martin Bower over at TechCrunch:

http://techcrunch.com/2013/12/31/apple-says-it-has-never-worked-with-nsa-to-create-iphone-backdoors-is-unaware-of-alleged-dropoutjeep-snooping-program/

>you mention the date of 10/1/2008. what of the date of 20070108 at the bottom of the document, ie Jan 8th 2007, ie a day before Jobs even unveiled iOS for the first time. this could mean that either the NSA hacked into Apple's internal dev. of iOS over the previous 3 years, or that Apple invited them into their internal security kingdom. This is really what Apple should be answering: how could the NSA work on hacking an OS that is still under internal dev. and strong lockdown, still quite buggy and unknown to the outside world... without Apple knowing it?

PSA: a 3-word Diceware phrase or an 11-digit passcode is all it takes to make any brute force hacking attempt of any version of your iPhone passphrase moot. All the Kewl Kids do it – you can too!

Interesting.

So is Mr. Schneier's Update:

>EDITED TO ADD (6/25): To me, more interesting than the intercepts is the spreadsheet of NSA surveillance targets. That spreadsheet gives us a glimpse into the US process of surveillance: what US government office initially asked for the surveillance, what NSA office is tasked with analyzing the intelligence collected, where a particular target is on the priorities list, and so on.

Oh, invite /u/markovmaniac to join in. Drafts and specs, too, if s/he's comfortable with that.

There might be people interested in how the creative process works, and it'd be good experience for Markovmaniac. Having 1,000 clients all screaming for something different delivered yesterday is all part of the wonderful agency experience! :D

FYA (For Your Amusement), here's the brief I gave:

>Okay. First, themes. Do we want serious or whimsical, hard new-ish or sardonic? I think, given our serious tone, a bit of levity can be expressed in our logo to offset the sober tone our Sub has. We should reference spying. It should be timeless (thus no dated Austin Powers, say). This leads me to a riff off of Spy vs. Spy, only powered by Snoo. If we could pull it off, an animated one (maybe simple like The Terminator’s red eye glowing behind the glasses, or upon mouse-hover pulling out a ACME type cannonball bomb with a fuse, or even a wry grin inching across one half his face). It should borrow enough from Antoni Prohías’ work but with enough Snoo-ness to make it Fair Use and to make it our (and Reddit’s) own.

>Here are some images for reference.

>Past that, I want to give as much latitude so the artist has enough fun with it to make it enjoyable for them.

>Does everyone agree? Is it something that /u/markovmaniac is comfortable with? How much of a time hit would animation be (if too much than a static image would be great!)?

>INSURGE INTELLIGENCE, a new crowd-funded investigative journalism project, breaks the exclusive story of how the United States intelligence community funded, nurtured and incubated Google as part of a drive to dominate the world through control of information. Seed-funded by the NSA and CIA, Google was merely the first among a plethora of private sector start-ups co-opted by US intelligence to retain ‘information superiority.’

Part II is available in the above article, or you can click here

Apple's response:

TechCrunch: Apple Says It Has Never Worked With NSA To Create iPhone Backdoors, Is Unaware Of Alleged DROPOUTJEEP Snooping Program

The Guardian: Apple insists it did not work with NSA to create iPhone backdoor program | Tech giant denies knowledge of DropoutJeep tool to retrieve information and insists it 'cares deeply about customers' privacy'

The news articles that covers project results:

TechCruch: Stanford Researcher Proves NSA Can Probably Identify Individuals From Phone Records

The Atlantic: Stanford Researchers: It Is Trivially Easy to Match Metadata to Real People

As you've been ~~politely informed~~ warned, our sidebar says,

>We are NSALeaks. We cover primary-source news of Edward Snowden interviews and original leaked NSA materials. We favor broader coverage of these governmental abuses from The Guardian, First Look, Der Spiegel, NYT, WaPo and select Op/Eds that are especially compelling.

As I noted in a different context in a different Sub,

>It's funny.

>An old, trite PR technique to mitigate a damaging story being exposed is, rather than focus on the important points, an agency will focus on minutia, then argue that to death. It's a great way to sidetrack the conversation, shift blame and get people away from discussing what the offending company (and their PR minions) don't want people thinking about.

>It's elementary, and fun to spot, once you're aware of it.

>So… What about the meat of the story? What important aspects of the story do you find inaccurate?

We've already counseled you after you unpersuasively asserted that a story that Snowden, Poitras, Greenwald, et al., felt was worth covering didn't meet your exacting standards for a Subreddit which you do not moderate.

We haven't banned anyone yet and would prefer to keep our record clean in this. Please work harder to ensure that when you participate in discussions in /r/NSALeaks, your comments focus on the issues raised by articles covering Snowden's whistleblowing. That's what he wants. Why don't you want the same thing?

PS: "Mate" isn't derogatory. It's complementary. And coming from the ~~lips~~ fingertips of /u/kulkke, it's a bloody honor. At least in my book.

/r/onions seems to be having a discussion on some minor tweaks that you might want to visit before actually trying.

/r/onions' sidebar links to The Tor Project's Hidden Service Guide here, as well. Also worth the read for those curious about how this feature works.

>It's just that I used to have the exact same thought process as used.

That's ironic. I evolved in the other direction. I realized that the initiation of force is immoral, which is why as a Libertarian I subscribe to the Non Agression Principle. Interesting that you once believed in the NAP, but no longer.

>The State collecting taxes and providing public services is the only way we're going to accomplish anything positive as a group.

You will have to forgive me if I do not share you faith in the religion of the state. Voluntary cooperation between members of society is what we need more of, not less.

>I definitely think there needs to be tons of reform, but it is completely unrealistic to think you're going to be part of any society without some form of taxation.

Like I said, minimal taxation is an acceptable evil. We would need it to maintain a military and functioning government. In my vision, the government would be involved in a whole lot less.

>That said, what horrible place do you live in that only has toll roads, no library, and are banned from having a vegetable garden?

Things like this are not isolated. Florida city uproots couple’s 17-year-old garden, over new ordinance

I travel on an interstate both to and from work. I cross bridges which levy additional tolls. Libraries across the nation are closing.

I use Tresorit, AES-255 client side encryption, same as Spideroak, but based in Europe. Clients for all major OSs and devices as well.

https://tresorit.com

Referral link for anyone interested, gets both of us bonus storage space https://register.tresorit.com/download?mode=1&ref=NKyCEv

“Shadow brokers” wrote up a new statement on their release rationale and future intentions:

> In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? "75% of U.S. cyber arsenal" TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup "all your bases are belong to us". TheShadowBrokers is not being interested in stealing grandmothers' retirement money. This is always being about theshadowbrokers vs theequationgroup.

[...]

> In May, No dumps, theshadowbrokers is eating popcorn and watching "Your Fired" and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays.

> In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

> TheShadowBrokers Monthly Data Dump could be being:

>- web browser, router, handset exploits and tools >- select items from newer Ops Disks, including newer exploits for Windows 10 >- compromised network data from more SWIFT providers and Central banks >- compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs