NSA classifies Linux Journal readers, Tor and Tails Linux users as "extremists"

Are you a Linux Journal reader or use software such as Tor and Tails Linux? If so, you've probably been flagged as an "extremist" by the NSA. Leaked documents related to the XKeyscore snooping program reveal that the agency is targeting anyone who is interested in online privacy, specifically those who use the aforementioned software and visit the Linux user community website.

XKeyscore is a collection and analysis software that was among a number of surveillance programs revealed by Edward Snowden last year.

Its source code (basically a rule file), which has been obtained and analyzed by members of the Tor project and security specialists for German broadcasters NDR and WDR, identifies two German Tor Directory Authority servers as being under surveillance by the NSA. The code also cites a number of specific IP addresses of the Tor Directory Authority.

"Months of investigation by the German public television broadcasters NDR and WDR (ARD), drawing on exclusive access to top secret NSA source code, interviews with former NSA employees, and the review of secret documents of the German government reveal that not only is the server in Nuremberg under observation by the NSA, but so is virtually anyone who has taken an interest in several well-known privacy software systems," said the ARD report.

Countries like Canada, the UK, New Zealand, Australia, and the US, also known as the "Five Eyes", are exempt from surveillance, however.

The program marks and tracks the IP addresses of those who search for 'tails' or 'Amnesiac Incognito Live System' along with 'linux', ' USB ',' CD ', 'secure desktop', ' IRC ', 'truecrypt' or ' tor '. It also refers to the Tails Linux distribution as "a comsec mechanism advocated by extremists on extremist forums".

Aside from the Linux Journal, other monitored websites include privacy.li, FreeProxies.org, HotSpotShield, MegaProxy, FreeNet, Centurian, and an anonymous email service called MixMinion.

While there is no word about how the source code was obtained, security experts aren't sure whether it was leaked by Snowden. "I don't believe the TAO catalog came from the Snowden documents. I think there's a second leaker out there", said security specialist Bruce Schneier.

Meanwhile, reacting to the new revelations, the NSA released an official statement saying, "In carrying out its mission, NSA collects only what it is authorized by law to collect for valid foreign intelligence purposes". The statement also said that tools like XKeyscore "have stringent oversight and compliance mechanisms built in at several levels".

archive.is/lYPWm

Are you ready for the party vans Holla Forums?

Other urls found in this thread:

forums.linuxmint.com/viewtopic.php?t=225054
archive.is/HLI92
twitter.com/AnonBabble

Welcome to 2 years ago, newfag

Actually the NSA analysts said we were "radical" and the journalists misunderstood.

Honestly I'm not worried about it. Eventually, junk data will overwhelm them, and they will have to be more selective in their assessments to target actual extremists. Of course, the solution would be not to have the NSA at all.

...

OP either posted this same 2 year old article on Reddit or he's from there. Put the title into a search engine and 2nd link is a post on Reddit from yesterday. Either way go back

so using tools that where made for freedom is xtreme....
man those who use the constitution to defend themselves must be at Guantanamo bay by now.

What is the point of an anonymous browser if I cant use it on any forums? 4chan blocked the exit nodes I tried, and other forums have blocked me from registering with Tor. The worst part is they wait until you finish the captchas and registration to tell you your IP is on their blacklist. I cant even post new threads here because tor isnt allowed to post images here.

Holla Forums lets you make threads without images for that reason.

browse tor exclusive chans and forums

and with tor exclusive i mean exclusive to tor

ancient news OP

get over yourself. the whole internet is made of people posting shit they saw elsewhere. that's just how information propagates

tfw I become this leet by downloading tor and pressing install

You are literally too dumb to shit, use a not well known webproxy first dip shit

Go back to reddit, cuck.

maybe he saw it posted on the mint forums an hour before it went on reddit
forums.linuxmint.com/viewtopic.php?t=225054

reddit is full of fucktards whining about reposts. seems you'd fit right in

what does this even mean anymore?

cuck, abbreviation of "cuckold":
Anyone who does anything I don't do, because everything I do is good (otherwise I wouldn't do them, right?), and anything else must therefore be part of a jewish conspiracy to exterminate the white race.

As long as we're posting old shit

VPN decryption capabilities

“Documents show that Edgehill’s initial aim was to decode the encrypted traffic certified by three major (unnamed) internet companies and 30 types of Virtual Private Network (VPN) – used by businesses to provide secure remote access to their systems. By 2015, GCHQ hoped to have cracked the codes used by 15 major internet companies, and 300 VPNs.”
1. It seems that the NSA can almost certainly readily decrypt PPTP (with MS-CHAPv2 authentication), a protocol that is still in common use throughout the business world, and that was heavily relied upon by VPN providers in the past. That the NSA has cracked PPTP is hardly surprising, given that its insecurity has been known about for years, but it does mean that the NSA can easily decrypt older VPN traffic.
2. More alarming is the fact that it seems highly possible the L2TP/IPsec VPN protocol may also be compromised. L2TP/IPsec is much more secure than PPTP, and is generally considered to ‘strong encryption’. However, as outlined in this post by John Gilmore (security specialist and founding member of the Electronic Frontiers Foundation), IPsec has likely been deliberately weakened by the NSA.
3. “Another program, codenamed Cheesy Name, was aimed at singling out encryption keys, known as ‘certificates’, that might be vulnerable to being cracked by GCHQ supercomputers.”
That these certificates can be ‘singled out’ strongly suggests that 1024-bit RSA encryption (commonly used to protect the certificates) is weaker than previously thought, and can be decrypted much more quickly than expected by the NSA and GHCQ. Once a certificate key has been decrypted, then all exchanges past and future will be compromised if non ephemeral key exchange is used.
This means that many forms of encryption which rely on certificates using non ephemeral keys must be regarded broken, including SSL and TLS. This has huge implications for all HTTPS traffic.
The good news is that OpenVPN, which uses ephemeral (temporary) key exchanges, should not be affected. This is because with ephemeral key exchanges a new key is generated for each exchange, and there is therefore no reliance on certificates to establish trust. Even if an adversary were to obtain the private key of a certificate, they could not decrypt the communication. It is possible that a man in the middle (MitM) attack could target an OpenVPN connection if the private key has been comprised, but this have to be specifically targeted attack.
The other good news is that solving this problem (even for SSL and TLS connections) is not difficult if websites implement perfect forward secrecy (i.e. use ephemeral key exchanges). Unfortunately, as we discuss in our article about just this subject, the only major internet company to implement PFS so far is Google (although this will hopefully now begin to change).
One final thought here is that if more companies start to implement PFS using the Diffie-Hellman exchange protocol, it would be good to see the protocol beefed up from the commonly used 1028-bits to at least 2048-bits to ensure that it cannot be cracked by the NSA (who, it seems, can crack 1048-bit RSA).
4. The MPLS routers used by some VPN providers may be compromised.
5. No VPN provider based in the United States or the United Kingdom can be completely trusted. With the NSA and GHCQ deliberately targeting VPN providers it seems foolhardy to believe that any VPN provider in these counties has not been ‘paid a visit’. That secure email service Lavabit recently closed its doors rather than comply with NSA demands to secretly let it spy on Lavabit’s customers’ serves to demonstrate this point.


It seems that the NSA has indeed succeeded in breaking or otherwise decrypting a great deal of VPN traffic. However OpenVPN, remains largely secure., as do strong encryption such as the AES (or even Blowfish). Combined with these, OpenVPN remains highly effective against any form of brute force attack, and as noted above, its use of ephemeral key exchanges means that dragnet surveillance of OpenVPN traffic should be impossible.
OpenVPN is also free and open source, which means its code is subject to peer review. While the truly paranoid might note that if the NSA can strong-arm commercial software developers, then there is nothing to stop them infiltrating open source software development groups without anyone noticing it, the fact remains that use of free and open source software (FOSS) is the best possible defense available.

archive.is/HLI92

Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar
Stallman ackbar

...

Thanks for the reminder, OP

Why live though?

you need to get >>>/out/

It's become so diluted in meaning that it's essentially newspeak at this point. It used to refer to a specific concept but now it just means double plus ungood.


you have to go back