TIME privacy

MIT Researchers Can Spy on Your Conversations With a Potato-Chip Bag

There's eavesdropping, and then there's this

There’s a new threat to privacy lurking in our midst: potato-chip bags, which scientists can watch closely to figure out what you’re saying in conversations.

Researchers from the Massachusetts Institute of Technology (MIT), Microsoft and Adobe can reconstruct intelligible audio of speech by videotaping and analyzing the tiny vibrations of objects — like potato-chip bags — thanks to a new algorithm they’ve developed.

“When sound hits an object, it causes the object to vibrate,” said Abe Davis, an MIT graduate student and the first author of a paper that presents the findings, in a statement. “The motion of this vibration creates a very subtle visual signal that’s usually invisible to the naked eye. People didn’t realize that this information was there.”

In one experiment, researchers were able to reconstruct audio by filming the potato-chip bag from behind soundproof glass 15 ft. away. In another experiment, they were able to gather helpful audio by studying the vibrations of other substances, such as plant leaves, aluminum foil and a glass of water.

The researchers’ methods, which typically require high-speed cameras that can take several thousand frames per second, can gather information about the number of speakers in a room, the gender of the speakers and the identity of the speakers, assuming they are given prior information about speakers’ voices.

Once you pop, the spying don’t stop.

TIME intelligence

Senate NSA Reform Bill Earns Cautious Praise From Privacy Advocates

NSA Surveillance-Privacy Report
The National Security Agency campus in Fort Meade, Md., June 6, 2013. Patrick Semansky—AP

Senator Leahy’s USA Freedom Act carries stronger reforms than a version passed out of the House earlier this year

Advocates for reform of the National Security Agency’s domestic surveillance activities cautiously hailed the USA Freedom Act, put forth in the Senate on Tuesday, as a major step in reforming controversial programs at the agency.

“We commend the Senate Democratic and Republican co-sponsors of this version of the USA Freedom Act, which significantly constrains the out-of-control surveillance authorities exposed by Edward Snowden,” said Laura W. Murphy, director of the legislative office of the American Civil Liberties Union. “While this bill is not perfect, it is the beginning of the real NSA reform that the public has been craving since the Patriot Act became law in 2001.”

Introduced by Senate Judiciary Committee chairman Patrick Leahy, Democrat of Vermont, the USA Freedom Act would impose new restrictions on so-called bulk surveillance of American cell-phone records and Internet traffic, banning the practice of vacuuming up all cell-phone metadata from a particular area or phone-service provider, for instance. The legislation also places restrictions on what business records the government can collect, imposes new transparency requirements on the government, and creates a position of a special privacy advocate to represent civil-liberties interests in the Foreign Intelligence Surveillance Court, the secretive body that oversees NSA surveillance activities.

Many in the technology industry, where business has been threatened by investors skittish at NSA snooping on Internet traffic in the U.S., have joined calls for serious NSA reform. Privacy advocates contend that the exposed surveillance efforts also weaken security protocols of American companies.

The bill “would go a long way toward stemming the costs of the NSA’s spying programs and restoring trust in the American Internet industry,” said Kevin Bankston, policy director with the New America Foundation’s Open Technology Institute. “But ensuring that a strong version of USA Freedom becomes law is only the first step toward repairing the damage that the NSA has done to America’s tech economy, its foreign relationships, and the security of the Internet itself.”

Compared with similar legislation passed in May by the House, also called the USA Freedom Act, the Leahy bill goes significantly further in curbing what civil-liberties groups see as extraconstitutional overreach by the NSA since passage of the 2001 Patriot Act gave the spy agency broad new surveillance powers. Privacy advocates pulled support for the House bill before it came to a vote, after substantial changes to the measure gutted the bill of key reform provisions. It’s unclear if the Senate will take up the Leahy bill before the November midterm elections.

TIME National Security

Government Spying Hurts Journalists and Lawyers, Report Says

A Human Rights Watch and American Civil Liberties Union report suggests NSA snooping prevents sources talking to journalists and compromises the relationships between defense attorneys and their clients

Updated at 4:51 p.m.

National Security Agency surveillance in the U.S. has seriously hurt the ability of journalists to cover national security issues and of attorneys, particularly defense lawyers, to represent their clients, according to a new report out Monday.

Based on interviews in the United States with 46 journalists, 42 practicing attorneys, and five current or former senior government officials, the report seeks to document the tangible impact of NSA surveillance on Americans revealed by former NSA contractor Edward Snowden.

In particular, the report cites the degree to which the Obama administration’s tough crackdown on unauthorized leaks, in combination with revelations about the extent of government surveillance on Americans’ cell phones and online communications, has caused sources to vanish for national security reporters.

“Sources are worried that being connected to a journalists through some sort of electronic record will be seen as suspicious and that they will be punished as a result,” said study author Alex Sinha, a fellow at Human Rights Watch and the American Civil Liberties Union, which jointly issued the report. “As a result sources are less willing to talk to the press about anything, including unclassified matters that could be of significant public concern,” he said.

“I had a source whom I’ve known for years whom I wanted to talk to about a particular subject and this person said, ‘It’s not classified but I can’t talk about it because if they find out they’ll kill me,’ [figuratively speaking]” longtime National Security Correspondent for McClatchy Newspapers Jonathan Landay said for the report.

“It’s a terrible time to be covering government,” Tom Gjelten, a National Public Radio employee for more than 30 years, said. TIME was not listed among the news outlets from which reporters, many of whom chose to remain anonymous, were interviewed for the report.

Defense attorneys, who represent clients charged with a wide variety of offenses including terrorism, drug and financial crimes, among others, described how U.S. government surveillance has forced them to take extraordinary and often cumbersome measures to protect the privacy of sources and clients.

Such measures might include the use of complex encryption technologies, disposable “burner” cell phones, so called “air-gapped” computers, which are never connected to the internet as a precaution against hacking and surveillance, and in some cases abandoning electronic communications entirely.

“I’ll be damned if I have to start acting like a drug dealer in order to protect my client’s confidentiality,” said national security defense attorney Tom Durkin for the report.

“We are fearful that our communications with witnesses abroad are monitored [and] might put people in harm’s way,” said Jason Wright, who has represented terrorism clients as a military defense attorney before the Guantánamo commissions.

A report released earlier this month by The New America Foundation argues the NSA deliberately weakens cybersecurity, making online communications, study authors argue, less secure in general. The NSA has “minimization procedures” designed to limit the exposure of “US Persons”—Americans at home or abroad and others legally inside the United States—to the NSA’s wide-net surveillance programs. Privacy advocates contend they are insufficient and that, in any case, it’s impossible to verify their effectiveness because the details remain secret.

The Office of the Director of National Intelligence told TIME that, contrary to revealing a decrease in press freedom, the Snowden leaks are evidence that journalism in the United States remains robust and unencumbered.

“The Intelligence Community, like all Americans, supports a free and robust press,” said Jeffrey Anchukaitis, spokesperson for Director of National Intelligence James Clapper. “The events of the last year demonstrate that the IC’s foreign intelligence surveillance activities clearly have not prevented vigorous reporting on intelligence activities. U.S. intelligence activities are focused on discovering and developing intelligence about valid foreign intelligence targets to help defend the nation, not on intimidating or inhibiting journalists. Likewise, the IC recognizes the importance of the attorney-client privilege, and has procedures in place to ensure that appropriate protection is given to privileged attorney-client communications.”

To address problems raised in the report, HRW and the ACLU recommend reforming U.S. surveillance practices, reducing state secrecy in general and limitations on official contact with journalists, enhanced whistleblower protections and strengthened minimization procedures.

The report comes just days before the expected unveiling in the Senate of the latest iteration of the USA Freedom Act, a bill to reform NSA surveillance practices. An earlier House version of the bill was significantly gutted of reform measures, leading privacy advocates to pull support for the bill and try instead to get more substantial reforms through the Senate.

TIME National Security

The NSA Shared Sexually Explicit Photographs, Says Edward Snowden

Edward Snowden Gives First Interview In Russia
Former intelligence contractor Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow. Barton Gellman/Getty Images

For some agents, Snowden says, the racy images were one of the "fringe benefits of surveillance positions"

Edward Snowden, the National Security Agency contractor turned whistle-blower, claims that “incredibly weak” oversight of U.S. surveillance programs enabled military personnel to obtain sexually explicit photos of people under surveillance and to sometimes share them with others.

In an interview with the Guardian, Snowden talked about the impact of poor auditing systems within the NSA. He claimed many people sifting through monitored communications were 18 to 22 years old and suddenly put in a position of extraordinary responsibility that was sometimes abused.

“In the course of their daily work they stumble across something that is completely unrelated to their work, for example an intimate nude photo of someone in a sexually compromising situation but they’re extremely attractive,” said Snowden.

“So what do they do? They turn around in their chair and they show a co-worker. And their co-worker says: ‘Oh, hey, that’s great. Send that to Bill down the way,’” he said.

Snowden, who lives in Moscow after being granted temporary asylum last year, added that this information is never reported and nobody knows about it because of inadequate oversight.

He said the interception of intimate images was “routine enough” and described it as “sort of the fringe benefits of surveillance positions.”

He added, “The mere seizure of that communication by itself was an abuse. The fact that your private images, records of your private lives, records of your intimate moments have been taken from your private communication stream, from the intended recipient, and given to the government without any specific authorization, without any specific need, is itself a violation of your rights.”

NSA spokeswoman Vaneé Vines gave a comment to the New York Times on the allegations. The Times paraphrased her as saying that “the agency had zero tolerance for willful violations of authority or professional standards, and that it would respond as appropriate to any credible allegations of misconduct.”

[The Guardian]

TIME intelligence

Privacy Advocates Call for FISA Court Reform

NSA Surveillance-Privacy Report
This Thursday, June 6, 2013, file photo, shows a sign outside the National Security Agency campus in Fort Meade, Md. Patrick Semansky—AP

The Senate version of the USA Freedom Act would reform the process that led to NSA surveillance of five prominent Americans

Privacy advocates renewed their calls for reforms at the Foreign Intelligence Surveillance Court on Tuesday, after a new report revealed documents leaked by Edward Snowden that detail secret intelligence warrants against five American Muslims.

The targeted individuals, found on a list of thousands of mostly foreign targets for court-reviewed surveillance, include a professor at Rutgers University, a former Bush administration official and the executive director of the nation’s largest Muslim civil rights group. Because the Justice Dept. and the FBI refused to comment, it is unknown on what grounds the men were targeted for surveillance, nor is it clear under what precise legal authority the surveillance was conducted.

Civil libertarians say the report shows why the U.S. Congress should introducing a special advocate on the court, whose job it would be to represent civil liberties interests in court proceedings, and establishing a process for declassifying the court’s orders. Those reforms are included in a Senate version of an intelligence reform bill, but not the House version now under consideration.

“It’s been one of the core issues lacking in the debate,” said Mark Jaycox, a legislative analyst with the Electronic Frontier Foundation, about the process by which secret warrants can be obtained from the secret court. To get a FISA warrant, the NSA does have to explain to the court who it wants to spy on and why, as well as what they hope to get from the surveillance, but the bar is significantly lower than in a civilian courtroom. “I would call it a Probable Cause Warrant Light,” Jaycox said. “It’s not the high standard of a probably cause warrant.”

The version of the USA FREEDOM Act that passed in the House in May—which stirred controversy after civil liberties groups dropped support for the watered down legislation in droves—largely eliminated the special advocate position, replacing it instead with an official to consult in case of novel legal situations. The version of the bill championed by Senator Patrick Leahy, a Vermont Democrat, and under consideration in the Senate Judiciary Committee, includes a special advocate who would permanently represent privacy interests on the court.

The secrecy of proceedings in the highly-classified FISC and the question of declassification has been another major point of contention. “The House-passed version of the bill has enormous loopholes to that requirement,” said ACLU Legislative Counsel Neema Singh Guliani.

Whereas the Senate bill establishes a timeline and a process for making FISC decisions public in redacted form, the House version removed that requirement, allowing the FISC to instead declassify decisions “when practical” and to publish only a summary of their legal reasoning, Guliani said.

TIME Surveillance

Snowden Asks Russia to Extend Asylum

Former intelligence contractor Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow.
Former intelligence contractor Edward Snowden in an undisclosed location in Moscow, December 2013. Barton Gellman—Getty Images

NSA leaker wants to stay in Russia another year

Former NSA contractor Edward Snowden has formally asked Russia to extend his asylum there, according to Russian media, as he faces charges in the United States for leaking details of mass government surveillance.

The Russian news service RT quoted a Snowden lawyer, Anatoly Kucherena, in reporting that Snowden had requested another year of asylum, a move he had been expected to make. “We have submitted documents to prolong his stay in Russia,” Kucherena said Wednesday.

Kucherena’s claim couldn’t be immediately confirmed. Kucherena, who has close ties to the Russian security services, has made claims to Russian media that have later been proven false in the past, including a report that Snowden had a job in Moscow and that he had a Russian girlfriend.

Snowden arrived in Moscow on June 24, 2013 after a flight from Hong Kong, and was stranded in the airport for weeks with a voided passport before being granted asylum. That expires on July 31.

The U.S. has been seeking Snowden’s extradition to face espionage charges, but Russia does not have an extradition treaty with the U.S. and has said it has no legal obligation to hand him over.

Snowden became a household name last year when he leaked a treasure trove of files on the NSA’s surveillance activities both at home and around the world, sparking a fierce debate domestically and globally about the scope of American spying.

 

TIME Surveillance

Report: U.S. Spied on Prominent Muslim Americans

Latest report based on documents leaked by Edward Snowden

The NSA and FBI monitored the emails of five well-known Muslim Americans between 2002-2008, according to a new report based on documents leaked by former NSA contractor Edward Snowden.

The Intercept, a news organization started by the journalist who first broke the Snowden story, reports that a government spreadsheet detailing the email addresses of monitored citizens was included in “FISA recap,” which refers to the secretive court that approves wiretapping and other intelligence activities.

Among the 7,485 email addresses listed on the spreadsheet are those of Faisal Gill, who served as an intelligence policy adviser in the Department of Homeland Security under President George W. Bush; Hooshang Amirahmadi, a professor at Rutgers University; Nihad Awad, executive director of the Council on American-Islamic Relations (CAIR), the largest Muslim civil rights organization in the U.S.; Asim Ghafoor, a lawyer who has represented clients in terrorism cases; and Agha Saeed, a former political science lecturer at California State University.

The five have denied any connection with terrorist organizations and do not have criminal records.

The office of the Director of National Intelligence denied the report Wednesday.

“It is entirely false that U.S. intelligence agencies conduct electronic surveillance of political, religious or activist figures solely because they disagree with public policies or criticize the government, or for exercising constitutional rights,” the office said in a statement. “Unlike some other nations, the United States does not monitor anyone’s communications in order to suppress criticism or to put people at a disadvantage based on their ethnicity, race, gender, sexual orientation or religion.”

Faisal Gill, who was accused of falsifying records in the mid-2000s to gain his security clearance but was later cleared by the Department of Homeland Security, found it “troubling” that the NSA was monitoring his Yahoo! and AOL email accounts.

“I just don’t know why. I’ve done everything in my life to be patriotic,” Gill told Intercept. “I think that certainly goes to show how we need to shape policy differently than it is right now,” he added.

Although the ODNI denied the report, the FBI and the Justice Department declined to comment. The Intercept says the reasons why the five were monitored remain unknown.

TIME technology

NSA Spying Hurts Cybersecurity for All of Us Say Privacy Advocates

FILE PHOTO  NSA Compiles Massive Database Of Private Phone Calls
This undated photo provided by the National Security Agency (NSA) shows its headquarters in Fort Meade, Md. NSA/Getty Images

The surveillance debate has focused on the legality of spying on Americans but some say the biggest danger is in the methods the NSA uses

Privacy advocates Monday slammed the National Security Agency for conducting surveillance in a way they say undermines cybersecurity for everyone and harms U.S. tech companies.

“We have examples of the NSA going in and deliberately weakening security of things that we use so they can eavesdrop on particular targets,” said Bruce Schneier, a prominent cryptography writer and technologist. Schneier referenced a Reuters report that the NSA paid the computer security firm RSA $10 million to use a deliberately flawed encryption standard to facilitate easier eavesdropping, a charge RSA has denied. “This very act of undermining not only undermines our security. It undermines our fundamental trust in the things we use to achieve security. It’s very toxic,” Schneier said.

In the year since former NSA contractor Edward Snowden’s first leaks, attention has focused on the Agency’s surveillance itself, fueling debates over whether it is legal and ethical to spy on American citizens or to eavesdrop on the leaders of allied countries. NSA policies that intentionally undermine cybersecurity too often get left out of the debate, said panelists Monday at a New American Foundation event titled “National Insecurity Agency: How the NSA’s Surveillance Programs Undermine Internet Security.”

“If the Chinese government had proposed to put in a backdoor into our computers and then paid a company $10 million to make that the standard we would be furious,” said Joe Hall, chief technologist at the Center for Democracy and Technology. “That’s exactly what the NSA has become: the best hacker in the entire world.”

In a statement to TIME, the NSA denied it had made the Internet less secure.

“While we cannot comment on specific, alleged intelligence-gathering activities, NSA’s interest in any given technology is driven by the use of that technology by foreign intelligence targets. The United States pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected,” spokesperson Vanee’ Vines said. “Our participation in standards development has strengthened the core encryption technology that underpins the Internet. NSA cannot crack much of the encryption that guards global commerce – and we don’t want to.”

The tension arises due to the two competing missions of the National Security Agency: electronic surveillance and protecting U.S. systems from cyberattacks.

Nearly all of our online communications are encrypted in some way against cyberattack, to protect our bank accounts from thieves and our intimate lives from nosy neighbors. This poses a challenge for the NSA as the agency, since September 11, 2001, has focused less on agents of foreign governments and more on ferreting out terrorist threats. Inevitably the data of innocent people gets caught its dragnet. A Washington Post report Sunday estimated that 90 percent of those caught in the agency’s data surveillance net—including intimate communications like family photographs and emails between lovers—are everyday Internet users not suspected of wrongdoing, many of them American citizens.

The agency has sought to install “backdoors,” hardware and software systems with deliberately weakened security, into some of the most commonly used tech products, as it did in the program codenamed PRISM. American tech companies say this hurts their business in the international marketplace, where users aren’t keen to use software that comes bugged by an American intelligence agency. Major tech firms, including Google, supported an amendment to the defense budget in May to prohibit the NSA from using funds for this kind of backdoor surveillance.

“Maybe a year ago this sort of language might have seemed unnecessary,” Google Privacy Policy Counsel David Lieber said, “but now its actually really important to restore trust that these sorts of things are not being requested and/or required of companies.”

Critics, like panelist Amie Stepanovich, senior policy counsel for the web freedom group Access, say NSA has also worked to crack and undermine encryption standards set by the National Institute of Standards and Technology (the body that establishes the security standards that help protect our email accounts, banking websites, etc.), and hoarded indexes of computer bugs the agency uses to hack into machines rather than reveal the vulnerabilities so they can be fixed.

In the wake of apparently unfounded accusations that the NSA knew about the Heartbleed bug and didn’t help fix it, the administration announced this spring it has “re-invigorated” existing policy on how it decides whether or not to disclose or exploit security vulnerabilities it finds. “Building up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest. But that is not the same as arguing that we should completely forgo this tool as a way to conduct intelligence collection,” White House Cybersecurity Coordinator Michael Daniel wrote in April.

At its core the question comes down to a cost benefit analysis. “The fundamental issue,” Schneier said, “is should we compromise the security of everybody in order to access the data of the few.”

TIME National Security

Privacy Board Gives Approval to NSA Snooping

James Cole
Deputy Attorney General James Cole testifies on Capitol Hill in Washington, Thursday, June 5, 2014, before the Senate Intelligence Committee hearing on reforming the practice of bulk collection of telephone records by the National Security Agency and other government agencies. J. Scott Applewhite—AP

But highlights concerns about Americans getting caught in the surveillance net

The privacy oversight panel tasked with reviewing the National Security Agency’s mass surveillance activities says snooping on foreigners is legal and effective, according to a report released on Tuesday.

The Privacy and Civil Liberties Oversight Board ruled unanimously that Section 702 of the Foreign Intelligence Surveillance Act, which the NSA uses to snoop on data centers located inside the U.S.—like Google, for instance—to collect the communications of foreigners “reasonably believed” to be outside the country, “has been subject to judicial oversight and extensive internal supervision.”

The panel found “no evidence of intentional abuse.” Instead, it was deemed “clearly authorized” by Congress, “reasonable” under the Fourth Amendment and “an extremely valuable and effective intelligence tool.” The board added that the program “has led the government to identify previously unknown individuals who are involved in international terrorism, and it has played a key role in discovering and disrupting specific terrorist plots aimed at the United States and other countries.”

The program has been at the center of controversy over NSA documents revealed by former contractor Edward Snowden. The scope of this surveillance can potentially sweep up the communications of Americans, who can also be specifically targeted for surveillance if their communications yield information “about” a foreign target.

Tuesday’s report contrasts sharply with the panel’s earlier report that harshly scolded the agency and comes soon after Sen. Ron Wyden (D-Oregon) slammed the intelligence community for what he called a “huge gap in oversight” of the “backdoor searches.” Wyden had been sent a letter from the Director of National Intelligence that detailed the communications collected by the program in 2013 and revealed the FBI uses the NSA data to conduct surveillance on Americans, though the agency reports it does not keep a record of how many.

TIME intelligence

FBI Doesn’t Know How Many Americans It Spies On

John Brennan CIA Nomination Hearing
Sen. Ron Wyden, D-Ore., listens to U.S. Assistant to the President for Homeland Security and Counterterrorism testify at his nomination hearing to be the next Director of the Central Intelligence Agency before the Senate Intelligence Committee on Feb. 7, 2013. Chris Maddaloni—CQ-Roll Call,Inc.

Intel agencies dished on how many Americans get nabbed in the surveillance dragnet

New details emerged Monday on how many Americans are spied on by the National Security Agency and Central Intelligence Agency, in a letter that also revealed how few records on domestic surveillance are held by the Federal Bureau of Investigations.

A letter to surveillance-reform hawk Sen. Ron Wyden (D—Ore.) from the Office of the Director of National Intelligence made public Monday revealed that the NSA approved searches of the content of communications of 198 “U.S. person identifiers”—a number associated with the phone, computer, etc. of an American citizen or legal immigrant — and 9,500 searches of meta-data for U.S. person identifiers. The Central Intelligence Agency conducted “fewer than 1900″ queries associated with U.S. person identifiers, according to the letter.

But the FBI could present no hard numbers on how many American citizens it spies on, according to the letter. “The FBI does not track how many queries it conducts using U.S. person identifiers,” the letter says. In fulfilling its mandate as a domestic law enforcement agency, the letter says, “the FBI does not distinguish between U.S. and non-U.S. persons for purposes of querying Section 702 collection.”

Wyden slammed what he termed a “huge gap in oversight” in surveillance of American citizens. “When the FBI says it conducts a substantial number of searches and it has no idea of what the number is, it shows how flawed this system is and the consequences of inadequate oversight,” Wyden said in a statement.

The letter from ODNI comes after a June 5 hearing of the Senate Intelligence Committee to discuss the USA FREEDOM Act, a bill to reform domestic surveillance revealed by former NSA contractor Edward Snowden and others, in which Wyden pressed National Security Agency Deputy Director Rick Ledgett to say how many “warrantless searches for Americans’ communications have been conducted” under Section 702 of the Foreign Intelligence Surveillance Act.

Section 702 of FISA regulates the monitoring of foreign communications. Though the NSA is officially prohibited from targeting the communications of innocent Americans, due to the nature of global communication in the 21st century and the scale of the mass collection, American citizens’ communications can be swept up in the surveillance dragnet. Other intelligence and law enforcement agencies can query data collected by the NSA for information about their investigations.

As a vocal proponent of reform legislation to curtail the NSA’s surveillance of Americans, Wyden was displeased with the ODNI’s response to his request. “The findings transmitted to me raise questions about whether the FBI is exercising any internal controls over the use of backdoor searches including who and how many government employees can access the personal data of individual Americans,” Wyden’s statement said. “I intend to follow this up until it is fixed.”

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser