This page has been archived and commenting is disabled.
Are You Ready For The e-PATRIOT Act?
Submitted by Mark Nestmann via nestmann.com,
Earlier this month, news emerged that the US government had suffered its worst cyberattack ever.
On June 4, the Office of Personnel Management (OPM) revealed that hackers had penetrated its networks, possibly for many months. The data thieves stole personal information of up to 18 million current and former federal government applicants and employees.
There’s a good chance the attack is even worse than what you’ve read about. The OPM hack included a database holding security clearance information on hundreds of thousands of federal employees and contractors. This database contains details of applicants’ financial and investment records, family members, and even names of neighbors and close friends.
Another database that may have been breached includes criminal history, psychological records, and information about past drug use. The hackers might even have acquired detailed personal and sexual profiles obtained through lie detector tests.
With all the talk of Edward Snowden and the supposed “irreparable” damage he did to US interests, this theft is a lot worse. While OPM doesn’t hold personnel records for the CIA, it does for other US intelligence agencies. The hackers now know the identity of hundreds of thousands of federal employees with security clearances. Not only that, they also have sensitive background information on each of them, which they could easily use for blackmail.
Oh, and get this – the breach wasn’t actually discovered by the OPM. It was only uncovered during a sales demonstration by a security company named CyTech Services.
So what does the Obama administration want to do to solve the problem?
For starters, it’s proposed “economic sanctions” against China, which it holds responsible for the attack. We’ve seen how effective those were against Russia after the US imposed them last year in the wake of its takeover of Crimea. There’s no reason to think that sanctions against China will be any more effective.
Obama administration officials, led by the FBI, also want to force US companies to insert “back doors” into their encryption products that the government can unlock with the appropriate key. That’s a horrible idea, because strong encryption is really the only certain way to protect sensitive databases from this type of attack. And of course, there’s a very real prospect that hackers might discover the back door. That’s happened on numerous occasions in the past.
And Obama wants Congress to pass a bill to strengthen federal cybersecurity legislation. In April, the House passed its version of the bill and sent it to the Senate. Only a few days after the OPM hack, Senate leaders tacked on the Cybersecurity Information Sharing Act (CISA) to a defense bill to avoid debate on the measure. It didn’t work – the Senate failed to advance the legislation.
It’s no wonder they didn’t want a debate. CISA provides liability protection for businesses that voluntarily share “cyberthreat” data with the government. But it also creates a back-door channel for government agencies to retrieve, analyze, and store enormous volumes of personal data. And since information sharing would be voluntary, the government would be able to obtain all of this information without a warrant. Think of it as an “e-PATRIOT Act.”
Is there a better way? Yes.
The biggest change needed is that both private companies and the feds should encrypt all data – everything. And they should use strong, peer-reviewed encryption protocols – not the watered-down variety with back doors that the Obama administration wants them to adopt.
Sure, this will make life more difficult for the likes of the NSA and other spy agencies to carry out domestic surveillance. But investigators can still seize domestic phone records, email header data, and much more, without a warrant. Encrypting everything won’t affect access to this data.
In the meantime, what can you do to protect your own data from cybersecurity breaches? As is often the case, some of the best solutions are outside the politically charged atmosphere of the US.
First, subscribe to a robust virtual private network (VPN) to encrypt the data stream on your smartphone and your PC. I use one called “Cryptohippie.” The company’s only US presence is to authenticate connections to Cryptohippie servers in other countries. None of Cryptohippie’s servers are in the United States.
Second, use an email program that facilitates transmission of encrypted messages. My personal choice is Thunderbird, along with a free plug-in called Enigmail. Once you exchange encryption keys with the people you correspond with, Enigmail automatically encrypts and decrypts your messages.
Third, if you use webmail services, ditch US providers such as Gmail and the online version of Microsoft Outlook (formerly Hotmail). Use a non-US service that is serious about security and encryption. I use a company called Century Media, which has its servers in Switzerland, for this purpose, but there are many other choices.
A good time to begin securing your electronic life would be today. The US government certainly isn’t going to do it for you.
»
- 23444 reads
- Printer-friendly version
- Send to friend
- advertisements -
“(OPM) revealed that hackers had penetrated its networks,”
How do you spell E-BS?
..just like false flag, but it didn’t happen
which creates a back-door channel for government agencies to retrieve, analyze, and store enormous volumes of personal data
Uh, I hate to break it to you but this has been on-going for years already.
The IT department they outsourced to Myanmar or Bangladesh or wherever (India is too expensive now), assured them that it was China doing it. So, definitely, it was China.
proposed “economic sanctions” against China
who's gonna build our trinkets?
sell chinamart stock.
Who's gonna buy our T-Bills?
Guys, and gals, for insight into just how insecure your data really is check into what Hacking Team was up to, and who their customers were. Gigantic hack occured over the weekend, Big news really. The biter bit etc etc.
Linky
Oh, and BTW, Hacking Team had exploits available for monitoring Bitcoin transactions and stealing BTC... apparently... some details still murky... like I said, Huge.
Yippee! Sanctions!
Productive manufacturing infrastructure will be repaitriated back the the US!
Win-Win!
(sarcoffagus)
"Obama administration officials, led by the FBI, also want to force US companies to insert “back doors” into their encryption products that the government can unlock with the appropriate key. .."
Are you still using Public Key tech? For the really important information, Do NOT use PK. All the solutions described toward the end of the article are PK technology. The 3-letter groups are hacking prime numbers with Quantum crypto.
Use symmetric encryption. Plug for Mac users: check out Privacy Envelope. No "keys". No Backdoors.
Here is something correct and to the point:
"A good time to begin securing your electronic life would be today. The US government certainly isn’t going to do it for you."
http://resources.infosecinstitute.com/quantum-cryptography/
Right?! Did people forget that Microsoft has already provided the g0v with their own security key for all windows operating systems? I dont recall if it started with win2k or not, but reader, think back that far - and the g0v has already had that very level of access to hack your OS.
The boys at the NSA went to Wong's Beijing Kitchen for lunch one day. They love the egg drop soup. They found some Chinese IP packets in one of the fortune cookies which offered conclusive proof that the Chinese government was behind the attacks. The boys all laughed when Kyle, the Junior Network Espionage Expert from Dallas, said his fortune read "1001 0110 0111 1000 in bed".
Search "Ptech" and Indira Singh.
Fuck 'em.
I believe what you are really looking for is : EO 11110
did i misread this? someone has access to:
security clearance information on hundreds of thousands of federal employees and contractors. This database contains details of applicants’ financial and investment records, family members, and even names of neighbors and close friends.
i assume this includes addresses. hurry up and publish that shit!!!! when the SHTF this will save me, several ZH readers, and various other "terrorists" and "extremists" a great deal of time.
here's another great tidbit:
Not only that, they also have sensitive background information on each of them, which they could easily use for blackmail.
yeah it could be used for blackmail....but only by extremists or the evil chinese FSB jihadis that are hiding under your bed. trust us though. we, your friendly neighborhood government employees, would never do something like that!
I'm just ready for all this shit to end. Fuck the system, fuck the corrupt evil devil motherfuckers.
They want you to hide shit for some fucking reason. Fuck em. I am going to keep jacking off to Lucy Liu pics on the net until they come and take me away. I think everybody should follow my example.
Okay...give us the link to her best pics.
https://www.youtube.com/watch?v=enisEolQXnw
Just a spooky ghost.
Lucy Liu, the investigative Dr. Watson?
Are you sure she's up to the task in the invest-i-g(ame)?
There was an episode in the series about cyber... Nevermind.
I think I may customize this approach differently for myself. I was going to subscribe to SOF on line when it becomes available but maybe that isn't so rabble rousing. I do have a fascination with cryptography. Maybe sending odious kitten pictures to everyone with juicy items embedded in the picture would have some entertainment but they probably would not have the sophistication to retrieve them.
I will say this is one more reason not to volunteer for a lie detector test.
Miffed;-)
The US government can't secure its own data and socialist ObamaBots far and wide want...government run..."universal healthcare"?
There are no words to define "stupid" anymore.
So, over to you John Roberts ;-)
With new and improved 40% rate hikes! It's the bestest!!
US Government probably attacked itself to manufacture the consent for this political agenda.
Problem. Reaction. Solution.
Where have we seen this before...
Of course. It is always information we don't want exposed, never information we want to get. How is that possible? True hacking would be worth a fortune if they could get the Warren Report, 9-11 Commision files, Hillary's or Lois Lerner's emails, or Obama's records. Hackers can get enough for credit card fraud at retailers. If they want to coerce government officials they can go after Congressmen with money. That always works.
I don't buy it.
This is a true telltale feature.
So, the government has proven they can't protect valuable personal information. And their solution to this is to simply collect and store MORE valuable personal information, in one easy to find, easy to hack place??
You can't make this shit up.
America's new motto I guess - "Lead from behind". Everything this administration touches turns to pure putrid shit. That's not a mistake or from stupidity. It's all being done on purpose.
Their track record is 100% FAIL. If they were simply incompetent, they would succeed half the time just by accident.
One day people will realize the IRS are a bunch of fucking morons who can not possibly audit every Johnny Lunchbucket. People who can not game the system will just resort to cheating or fraud to get by. Not everybody can have Jamie Dimon's cufflinks. Everbody will become a deadbeat....credit...will be something your have on your vintage Ms. Packman game that you keep tossing the same quarter into every 5 minutes.
Interesting how they always have this "legislation" ready to go, so quickly after an "incident"...
Exactly, people need to be a whole lot more savvy. If there were cyber attacks, we would probably never hear about them. The media/government is manipulating us. They want the internet as a market place to make money, NOT to exchange ideas, ideas are dangerous. This is a scam...Of course if you believe 9/11 was committed by a bunch of Muslims, well then this "cyber attack" is for you. But if you have a brain between your ears, you have learned our nation does nothing for the good of the people, just the good of global bankers and corporations.
if you encrypt the terrorists win
Such liars.
So many operations ongoing. Busy little bees, aren't they?
And absolutely, completely unaccountable, from the lowest level to the highest. The only people in danger of losing their jobs or being prosecuted are the whistle-blowers.
And never the people who "accidentally" delete their emails.
Seems to me that, should someone post all of that stolen data - about ALL fed.gov employees, including names, addresses, phone numbers, SSN, etc. - to an open website somewhere, they could all be held to account quite easily.
Let's use the same ObamaCare login website to access the Internet. That should fix the problem.
/sarc
Apple will dispute privacy with fingerprint and eye scan.
Between Apple and Facebook collecting comprehensive, voluntary personal data and turning it over to the government, the NSA doesn't really need to exist, does it?
I think that you meant iPatriot Act
Windows Nein. Err Windows 10. Everyone of these cunts are a cat trying to catch a bird in the cage.
Microsoft HoloLens Parody - GogglePorn! - YouTube
It'll be more like this...
The Big Brother Pizza Shop
Damn the executive legislative and judicial branch to bloody hell.
For starters, it’s proposed “economic sanctions” against China, which it holds responsible for the attack. We’ve seen how effective those were against Russia after the US imposed them last year in the wake of its takeover of Crimea. There’s no reason to think that sanctions against China will be any more effective.
If its the same one from column a and two from column b type of sanctions then yes - they will do nothing.
Slap a 25 to 50% tax on every good originating from China as well as some column a and column b type stuff and yes - it would have an effect. But the unknown is how China responds to that with the ships/planes off their coast as well. An "Accidental" shooting/sinking of a US military ship?
You have to remember that the FSA is dependent on those cheap Chinese goods and the political power in Washington is dependent on the FSA. That tax idea won't be taken seriously until after the TPP is signed and the infrastructure is built in the SE Asia slave labor market to accommodate Walmart and the like.
Didnt say it was going to happen - only that if they actually wanted to make some sanctions that would have an effect that would do it. Myself, I doubt that the US has the balls to pull it off. Too many companies have paid their vig on the congress/politicians so that it wont happen. Apple calls their lobbyist who calls their owned rep and says "Apple takes care of me and I take care of you and you cant do this to me or to Apple". Boom, the bill dies on the floor.
China Newz: The USSA has imposed sanctions upon China. China will not impose sanctions back. However, no Chinese company will henceforth sell products to any individual or entity in the USSA or its territories.
PS: We don't need your paper. You need our stuff. End of story.
Great info. Thanks.
Cancel a half a trillion in Chinese held bonds - tell them if it happens again we cancelling the rest.
The half trillion is a fee for the data they took.
The author really thinks these encryption things work? Not when the operating systems of your computer or smartphone are hacked and are sending every pre-encrypted keystroke to the NSA. All this encryption stuff does is let NSA know who to track.
I could solve all the cyber security issues,especially with critical infrastructure. It would be expensive, and inconvenient, but if they implemened fully air gapped systems, proprietary hardware and software developed onsite with secure code review processes iin place, this would be a non-issue for some critical systems. Others, this may not be realistic, but the fact of the matter is, the only way to prevent network based attack vectors, where most attacks come from, is to remove the network. Might feel 1960s, but our world of convenience and efficiency does come at the expense of security. That said, if we combined that with some of the modern computer security techniques, we could virtually eliminate this threat where it matters most.
1 EMP - target Washington D.C.
Tyannical bastards deserve whatever is coming their way.
Could it be that there where no "cyber attacks" and this is just another attempt to "secure" the internet?
To understand the US government (NOT the citizens of the US) the first thing you need to understand is that Obama is just a figure head, we have not had a President since JFK. The second thing to understand is that everything this government tells us is part of an agenda, they have a goal, the challenge is understanding what that goal is. The last thing to understand is that our government had a hand in 9/11, directly or indirectly, that being said, there are no limits to what they will do to get what they want, no limits what so ever.
If you hate a class of Americans, red necks/people from the south, gays, blacks, old white men, the police, democrats, republicans, the poor, unions...you are being played. The goal has always been to make us place our political identity above our culture or our nationality ("we are a nation of immigrants", they tell us, NO WE ARE NOT). You can hate an idea, or a person, but an entire group of Americans, that is just divisive and playing into the hands of the powerful.
This is mostly likely another scam to move an agenda, perhaps securing the internet away from free thinking, and to consumerism, its obvious intention.
Definitely the cleverest and most concise summation of the world around us.
Google and the filter bubble agenda have done more to segregate people and disrupt communication online than anything else. But it won't be enough to accomplish what the little monsters want.
Building these insecure networks in the first place is the crime. It is like saying, for convenience we are going to use unencrypted CB radios to direct all nuclear missle operations. That is obviously stupid... but it is no more stupid to put into a place a complex network that takes lots and lots of people to setup and maintain with the insecurities not being as obvious.
If I am being spied upon, the people doing the spying are not working for me. Who are they working for?
if attack on gov was possible due to backdoors in computer system
then how are this compulsory backdoors going to prevent attacks on gov?
It seems like a good idea to secure digital assets. I found an unbreakable (really) encryption software that is inexpensive, fast and reliable, besides which it costs $20. I've been using it for two years without a glitch: http://cryptogra.ph -- give it a try.
This Spy vs. Spy thing will go full coircle untill we all end up in the same place counting rocks and exchanging shells and run-down ipads.
Sanctions against China? That seems like a great idea, considering everything we buy comes from there! What a genius move! Obama is clearly far more arrogant than he is educated, and far more of a child than a statesman. How about Obama just stops paying manufacturers to put security holes in everything for the NSA clowns to use? Maybe then we can secure some stuff. Anyone can find those intentional security flaws and exploit them.
So the US government says that China did an immense hack.
Where is the evidence, just government hacks telling us so?
After all their false flags we're supposed to believe them now and get into a war with China?
The insufferable 'indispensable and exceptional' lunatics cannot be trusted for a second.
THEY ALWAYS LIE.