NSA Can Spy On Data From Smart Phones, Including Blackberry

An anonymous reader writes with a report from Spiegel Online that the U.S. government "has the capability of tapping user data from the iPhone, [and] devices using Android as well as BlackBerry, a system previously believed to be highly secure. The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. ... The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been." As a bonus, the same reader points out a Washington Post report according to which "The Obama administration secretly won permission from a surveillance court in 2011 to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases ... In addition, the court extended the length of time that the NSA is allowed to retain intercepted U.S. communications from five years to six years — and more under special circumstances, according to the documents, which include a recently released 2011 opinion by U.S. District Judge John D. Bates, then chief judge of the Foreign Intelligence Surveillance Court."

Let me guess, BIS

[Ferzerp]

BES in theory can only be intercepted and cracked with a massive amount of computation time, limiting the functional use of any dragnet attempts.

Journalists never understand the difference between BIS and BES though.

Re:

[Gr8Apes]

Unless, of course, they cracked the private master key(s). If BB did something as stupidly asinine as RSA and use a single master key to auth all other keys, well, you're in a pickle as soon as the master gets out or cracked. It wouldn't surprise me if that's exactly what has happened.

Re:Let me guess, BIS

[edman007]

Or BES just has an NSA backdoor.

Secret oversight

[Anonymous Coward]

Secret oversight can't be trusted, and anyone who thought it could be trusted was a moron.

Re:Secret oversight

[Anonymous Coward]

The Nazi hunters had to dig thru millions of paper documents. I think it would be the right thing to do to start keeping track of all the people who have thrown our country away. A centralized site where people can upload pictures of the agents and any information they may have on them.

Whether it is federal agents 'only doing their job' or federal judges making it possible all the way down to the DHS agents at airports acting as thugs.

We need a single place where all this information can be consolidated for the future so they can all be held accountable for the damage they contributed to.

Re:Secret oversight

[noh8rz10]

I think it would be the right thing to do to start keeping track of all the people who have thrown our country away.

You mean a list of all voters and nonvoters too?

Re:Secret oversight

[Guinness Beaumont]

You're implying that the voting function changed any outcomes; and that is arguably not true. Further, being so aggressively victim-blaming is a pretty horrid view - and amazingly ironic given your username.

Re:

[fustakrakich]

That's not quite working out as well as planned [wikileaks.org].

But it's not to say we shouldn't do what we can [copwatch.org].

Re:

[Jawnn]

And yet the sheeple just keep bending over and taking it.

Re:

[Anonymous Coward]

Would you lose the idiotic term "sheeple"? It's smug and condescending, and is the sort of expression used by conspiracy nutjobs to distinguish themselves from the unwashed masses who don't understand the Truth as revealed on some guy's blog. In short, it makes you sound like a complete twat.

Re:

[AlphaWoIf_HK]

It's smug and condescending

That's probably intentional. It's not hard to feel superior to people who support this nonsense because they believe it will keep them safe, or people who simply don't care in the least.

Re:

[Jmc23]

Look, it's a , ah, um, a sheerson(?) in the wild.

Re:Secret oversight

[gmuslera]

The worst part of the no trust is that they can't even know if the data they are collecting from is being misused [medium.com]. Not just they are lowering on pourpose your security (weakening crypto, planting backdoors, etc), and syphoning everyone's private information, but is already proved (to the public, with Snowden) that they don't know who access their information and how is or will be using it.

So if tomorrow your bank account shows a pretty rounded zero because the backdoors NSA planted on you was used by one of the employees of one of the companies the NSA hires (he just sold in the black market that backdoor information and someone else did it), don't be sad, the country must be defended from the terrorists.

Re:Secret oversight

[mcgrew]

Secret oversight can't be trusted

Of course not, but posting anonymously won't keep them from knowing who you are.

I just upgraded to an Android phone from my old feature phone and find it annoying when a pre-installed app wants me to turn GPS and Location Services on. Those are supposed to be for my benefit, not doubleclick and the NSA's.

Re:

[davester666]

To be fair, Google Mail does need it to be able to properly fill in the 'from' header field.

Re:

[AlphaWoIf_HK]

Which is exactly why they shouldn't have such sweeping powers to begin with. Even your beloved court admitted it can't even provide oversight.

And the saga continues....

[xystren]

Yet again, the extent of government overreaching continues. Lie about what really is really being done, and with a subtle move along, nothing to see here... "Ohh, look over there,Kim Kardashian."

Simply amazing that what is being assured is not being done, is in reality being done.

Re:And the saga continues....

[ifiwereasculptor]

What amazes me is that there have been no reprisals so far. Not by the US citizens, by US courts nor by other countries. Folks who actually live in the US, please tell me: are people really just shrugging it off or am I just not seeing the repercussions from here?

Things people can do

[Okian Warrior]

From a previous post, here's the collected list of suggested actions people can take to help change the situation.

Have more ideas? Please post below.

Links worthy of attention:

http://anticorruptionact.org/ [anticorruptionact.org] [anticorruptionact.org]

http://www.ted.com/talks/lawrence_lessig_we_the_people_and_the_republic_we_must_reclaim.html [ted.com] [ted.com]

http://action.fairelectionsnow.org/fairelections [fairelectionsnow.org] [fairelectionsnow.org]

http://represent.us/ [represent.us] [represent.us]

http://www.protectourdemocracy.com/ [protectourdemocracy.com] [protectourdemocracy.com]

http://www.wolf-pac.com/ [wolf-pac.com] [wolf-pac.com]

https://www.unpac.org/ [unpac.org] [unpac.org]

http://www.thirty-thousand.org/ [thirty-thousand.org] [thirty-thousand.org]

Join the class action suit that Rand Paul is bringing against the NSA.

Suggestion #1:

(My idea): If people could band together and agree to vote out the incumbent (senator, representative, president) whenever one of these incidents crop up, there would be incentive for politicians to better serve the people in order to continue in office. This would mean giving up party loyalty and the idea of "lessor of two evils", which a lot of people won't do. Some congressional elections are quite close, so 2,000 or so petitioners might be enough to swing a future election.

Let your house and senate rep know how you feel about this issue / patriot act and encourage those you know to do the same.

If enough people let their representivies know how they feel obviously those officials who want to be reelected will tend to take notice. We have seen what happens when wikipedia and google go "dark", congressional switchboards melt and the 180's start to pile up.

Fax is considered the best way to contact a congressperson,especially if it is on corporate letterhead.

Suggestion #2:

Tor, I2dP and the likes. Let's build a new common internet over the internet. Full strong anonymity and integrity. Transform what an
eavesdropper would see in a huge cypherpunk clusterfuck.

Taking back what's ours through technology and educated practices.

Let's go back to the 90' where the internet was a place for knowledgeable and cooperative people.

Someone Added: Let's go full scale by deploying small wireless routers across the globe creating a real mesh network as internet was designed to be!

Suggestion #3:

A first step might be understanding the extent towards which the government actually disagrees with the people. Are we talking about a situation where the government is enacting unpopular policies that people oppose? Or are we talking about a situation where people support the policies? Because the solutions to those two situations are very different.

In many cases involving "national security", I think the situation is closer to the second one. "Tough on X" policies are quite popular, and politicians often pander to people by enacting them. The USA Patriot Act, for example, was hugely popular when it was passed. And in general, politicians get voted out of office more often for being not "tough" on crime and terrorism and whatever else, than for being too over-the-top in pursuing those policies.

Suggestion #4:

What I feel is needed is a true 3rd party, not 3rd, 4th, 5th, and 6th parties, such as Green, Tea Party, Libertarian; we need an agreeable third party that can compete against the two majors without a lot of interference from small parties. We need a consensus third party.

Suggestion #5:

Replace the voting system. Plurality voting will always lead [wikipedia.org] to the mess we have now. The only contribution towards politics I've made in years

Re:

[Guy Harris]

Suggestion #4:

What I feel is needed is a true 3rd party, not 3rd, 4th, 5th, and 6th parties, such as Green, Tea Party, Libertarian; we need an agreeable third party that can compete against the two majors without a lot of interference from small parties. We need a consensus third party.

Sure. Let's try to figure out a party that can provide a consensus between people who support a party whose platform calls for, among other things, "restoration of a federally funded entitlement program to support children, families, the unemployed, elderly and disabled, with no time limit on benefits. This program should be funded through the existing welfare budget, reductions in military spending and corporate subsidies, and a fair, progressive income tax." [gp.org] and people who support a party whose platform

Re:

[gmuslera]

There had been some reprisals [slashdot.org], the EFF sued, requested information, tried to keep public informed. That won't mean that law or the wrongly called Department of Justice will do anything regarding it, or that the information that is requested would be just a bunch of lies (if they lies to the congress, and get promoted after that gets found, then they can lie on everyone).

Also there had been some diplomatic consequences, Germany, Brazil and other countries complained and had some diplomatic answers that if

Re:

[currently_awake]

The NSA spends all its time looking for ways to spy on us. That accumulated man-hours is far greater than what we are dedicating to the counter-attack. If we start spending our time looking for ways to protect our privacy (to counter their efforts) then our accumulated man-hours will be far greater, and we will push them back. This method does not require a united counter attack, only that many of us work at the problem.

Re:

[moteyalpha]

Those who do not study history are doomed to repeat it.
It was a good tactic in the American revolution against the British and seems to work just as well now.
--sheeple analogy--
Sheeple dog guards the sheeple, wolves put on sheeple suits and attack the dog, dog gets frienzied and starts attacking the sheeple, dog runs crazy until it is worn out, Wolves finish off the half dead dog and it is dinner time.
1. Incite madness
2. Wait for them to get tired
3. Profit!
If you watch a nature show about wolves hunt

Re:

[laffer1]

Both parties support this. Members of congress from both sides of the aisle have said they want this. There is no one to vote for.

Re:

[laffer1]

We all know how often other parties win in the US.. seriously this is a non option until the american public gives a shit about what's happening and by then it's going to be too late.

I have tried voting for other candidates in the past and they never win.

Re:

[OldSport]

Do the words "self-fulfilling prophecy" mean anything to you?

Re:

[mean pun]

We all know how often other parties win in the US.. seriously this is a non option until the american public gives a shit about what's happening and by then it's going to be too late.

I have tried voting for other candidates in the past and they never win.

It depends on high you shoot. Don't expect a candidate for president who is not backed by a big party to ever win. That is only common sense: how could such a candidate ever be an effective president, if he has to fight just about every other politician with power?

What can be effective is to start low and build from there. Start a local political party, show that you can run a town, and then two towns, and then an entire state. Then and only then it starts to make sense to meddle in federal politics. It wil

Re:And the saga continues....

[cdp0]

Please tell me what you think I should do to stop it. As an average citizen, I have no power over anything this government does. I am just a victim.

Protest. [wikipedia.org]

Not protesting means you agree with what happens. You can't be neutral on a moving train. [imdb.com]

Re:

[nurb432]

And protesting puts you on the list.

Re:

[cdp0]

And protesting puts you on the list.

When the list is big enough, it won't matter. In fact, when the list is big enough, we might see changes that would make such lists a thing of the past.

Re:

[Anonymous Coward]

And: The temperature in FtMeade is already quite high, believe me on this. They read the comment boards like we do. Actually, they do it 8 hours a day.

So, don't be Chicken Little: Insult them as much as you can. Don't call for violence, just call them traitors. Call them Peeping Toms. Call them Pervers. In plaintext without TOR. Sure as hell they will tally up the "called NSA-traitor list" and when they see the water level rises each day, quite a few of them will simply quit or spill the beans.

The top brass

Re:

[account_deleted]

Comment removed based on user account deletion

Re:And the saga continues....

[BitZtream]

Stop voting for these fucking politicians.

It's not difficult, change the people who make the laws.

Learn what you potential future politicians actually have done in the past and stop listening to the bullshit that spews from their mouths and campaigns.

Vote out these life time politicians.

Stop sitting on your lazy ass and make an actual effort instead of whining that it doesn't matter.

Apathy changes nothing.

The president DOES NOT MAKE LAWS, so stop giving him all your attention and vote for specific people in congress. Next time around, vote them out when the lie to you.

Re:And the saga continues....

[Jeremiah Cornelius]

If voting could change anything, it would be outlawed.

As it is, they just want the numbers to look good enough, to get away with what they want.

That's why they keep so many in jail - and out of the polls.

Re:

[gmuslera]

You don't choose the candidates unless you are called Lester [ted.com]. Explicitely not voting the main parties (voting third parties, voting for no candidate where you can do it, not sure if can get there the pirate or green parties) is something you can do. Not going to vote or buying the don't throw your vote message picking one of the 2 main parties (that are anyway controlled by the same people, and have essentially the same agenda) is not doing something against it . Believing their promises that "this time we

Re:And the saga continues....

[OldSport]

That's the entire problem with this NSA crap. Anyone who bucked the system and made it far along enough in the process would have tons of dirt on him/her already automatically unearthed by the NSA's data centers. The info would be leaked to a complicit media, who would drool over the chance to run another political scandal, and the good politician's career would be over before it even began.

It's sad, but knowing about the extent of the abuse has actually made me *more* worried about protesting the abuse. Panopticon and all that -- we know they can be watching any of us now, with access to basically all our information online (even stuff that's encrypted, like this data, which is being sent over a VPN but who even knows if it's secure?), as well as all the metadata from our phones, which tell them exactly where we have gone. I doubt they are interested in me per se, but say I ran for office under a platform the established powers didn't like -- they might get interested then, and I would be fucked.

This shit is really scary.

Re:

[OldSport]

I was replying to the "better to run for office" part of your post, and what I said relates directly to the "if you want to change the people who make the laws, you gotta step up and volunteer to be one of them." Relax a bit, would you?

The fact of the matter is that at this point, virtually *anything* you do online is no longer private. If you sift through enough email, browsing history, etc. etc. etc. for any given individual you will likely find something, somewhere that could at least be used to intimi

Re:And the saga continues....

[DarkOx]

Yes you do. Keep spreading the word that Government can't be trusted and that you and your fellow citizens should NOT cooperate with agents of government. They ask for info tell them to get a warrant. You see something, say NOTHING. They want to "contribute" to your project attend your conference etc, you respond get lost FED. Start excluding people who work for three letters from social events, etc.

If all of us citizens stand up and just say no; it will make these programs way less effective. If we treat these Constitution shredding collaborators like the criminals they are and black ball them; it will be increasingly hard for government to find people to do this stuff.

We can change this thing but voting in the horse race won't do it. Its gotta be done from the ground. Make working for the NSA something to be embarrassed about.

As long as these methods the military/security complex are working right or wrong the power hungry will use and abuse them. We need to make them no longer work. Make the price tag of this type of signals intelligence the loss of all good human intelligence and being subject to disdainful stairs and "we don't serve your kind here" everytime a badge comes out; things would start to change.

Re:And the saga continues....

[Anonymous Coward]

The only possible outcome of your strategy is to ensure that any remaining well-adjusted people working in government will leave and that there will be new laws making your countermeasures illegal. Both of those outcomes are horrible and directly opposite of what you want. Other than, obviously, voting for third parties, what you need to do is to make genuine connections with people in government and influence them to change their ways - which is the opposite of what you are advocating.

Yelling at people generally doesn't make them see things your way. In fact, I imagine that it is precisely people with your personality in government that are making these horrible decisions - they are looking for a fight and taking whatever measures they feel is necessary to help them win that fight. Did that kind of behavior from them make you more or less likely to work with them in peace? That works the other way too.

Re:

[Windwraith]

>keep spreading the word that the Government can't be trusted
And find yourself being harassed by the powerful party you are against. We don't have that much power as long as laws can be made against us. Just wait until it's as bad as talking negative about the Thai royalty.

Re:And the saga continues....

[gmuslera]

What about supporting the ones trying to do something about it [eff.org]? Raising awareness on the clueless majority of US population (and correcting the one with the wrong clues, like i.e. the ones that buys the shoot the messenger mantra) could help too, you have a voice, use it.

Re:And the saga continues....

[Anonymous Coward]

The authorities' response would be:

A. "Smithers, release the drones!"
B. Abundant supply of tasers and riot gear for law enforcement agents
C. Look! Another sport event on cable!
D. Market yet another manufactured crisis, giving politicians yet another opportunity to divide public opinion
E. All of the above

Re:

[Xicor]

the problem is that most ppl only vote for democrats and republicans, who are two sides of the same coin. the only real way to change anything is to vote for a third party, but only smart ppl do that, and the majority of the population isnt smart

Re:

[whoever57]

the problem is that most ppl only vote for democrats and republicans, who are two sides of the same coin.

Not really. The perties are quite distinct. We have one party that works for the benefit of the 1% and another that works for the benefit of the 0.1% (or is it the 0.01%?)

Re:

[TheGratefulNet]

plus, as bill maher would say, 'one party is a bit more christ-y than the other'.

they are all in the pockets of the rich and corporations; but one is more 'in with god' than the other and wants to make sure you are a member of the only 'correct' religion.

as for privacy rights, they could both care less about your privacy rights. you are not going to get privacy back by asking, sad to say. that ship has long since sailed.

Re:

[Xicor]

shortening "people" to "ppl" has nothing to do with intelligence, and if anything, intelligent people would realize that it is much easier to type "ppl," with no real loss in comprehension and therefore would choose to use it over the long form of the word.

Re:

[I'm New Around Here]

The real kicker here, would be a domestic attack in the wake of all this. If the NSA, CIA, and FBI can't stop an event with the amount of information they seem to be gathering, no more amount of access would allow them to stop it.

Boston just had a domestic attack. The warnings were completely ignored/missed because of usual stupidity and shortsightedness.

Re:

[msobkow]

Speaking of Syria, doesn't Kerry ever STFU?

Re:

[AHuxley]

Is there any proof anymore to these claims? ...
With all Snowden has given and the PR stunts the named brands have had to offer with statements about gov requests and encrypting their backhaul..
GCHQ intercepted mobile phone calls where hinted at around the 1998 Omagh ie terms like monitored live was noted at the time.
The attempt of trying sim card changes and the database of US call history should give another hint.
The ability to collect voice prints over cities via aircraft and compare them to data coll

Open Source Android

[Oysterville]

Are there any projects within the Android realm that can combat this? Given the open nature of the OS, it'd be nice if we could somehow adequately firewall such things.

Re:Open Source Android

[zidium]

The exploits and backdoors on Android devices are put in there by the manufacturers themselves, usually for monetary compensation and / or risk of harm from the agencies doing the threatening. There's no way around them.

Re:

[Nerdfest]

So, the NSA can get Samsung to put a backdoor into all its phones? What about the ones going to Europe? I find it hard to believe the back doors are being built into all of these phones.

Re:

[Nerdfest]

Rooting does not require exploits. A few locked bootloaders do, but they're becoming more rare these days.

Re:

[phantomfive]

Rooting does not require exploits.

Unless you want to do it remotely.

Re:Open Source Android

[pashdown]

Gibbertbot [guardianproject.info] offers OTR XMPP chat for Android, as does ChatSecure for iOS. The DuckDuckGo [duckduckgo.com] app for Androind/iOS offers untracked search over HTTPS. There are a number of PGP/GPG email readers/writers for Android and iOS.

All of this can be precluded by the NSA having a backdoor at the graces of the manufacturer, but we still don't know the extent of that. The article states that their iPhone surveillance required them to hack into the host iTunes computer, which can be prevented with a good firewall.

Re:

[Anonymous Coward]

No, because mobile phone hardware is specifically designed to make sure that user replaceable software like Android is kept inside a sandbox and only a government approved proprietary operating system can directly use the radio hardware.

Re:

[Xicor]

the ubuntu edge WOULD have combated this, but sadly it only recieved 1/3 of the funding it needed. that being said, if they dont have backdoors in the hardware, then the ubuntu phone os will not have backdoors (said by mark shuttleworth of canonical(not an american company and therefore doesnt give a shit))

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Xicor]

well, i was talking specifically the software, not the hardware. as for the ubuntu edge, it would have been custom manufactured and could have possibly been x86

Re:

[AHuxley]

No, your entering of text was the only hardware step needed. What could any later software efforts do as a layer on top of the hardware/design sending/keeping your input... ie safe from the network only.

Re:

[gmuslera]

CyanogenMod [cyanogenmod.org] replaces the bundled Android OS with the published open source version (still could remain the closed source binary drivers, phone BIOS and so on). F-Droid [f-droid.org] gives you a replacement market with open source software. And there are a bunch of good android (and other platforms) security programs and open source alternatives here [prism-break.org].

Also in some point, for some models, will be released Ubuntu Touch [ubuntu.com], and maybe you can install on your phone Firefox OS [mozilla.org] too. Those uses android's boot (open source code, but

Well really...

[santosh.k83]

Not surprising given that the smartphone hardware and software are very much propreitary in nature, and allow for easier exploitation since third party auditing is practically impossible for the entire ecosystem.

At this point nothing except a ground-up freshly designed and built system and either written from scratch software or highly trusted ones like OpenBSD (without installing anything except base system) can be regarded as tentatively safe, and even this security is gone once such system connects to th

And now Act II and Act III

[ehack]

And now comes Act II where intercepted data can be shown in secret to a judge to obtain convictions without the defense being able to review same.
Then in Act III trials will be held in secret chambers with no defense.

Re:

[NettiWelho]

What is the sentence in the Soviet Union for being convicted of insanity??

Varies depending on who you pissed off.

http://en.wikipedia.org/wiki/Political_abuse_of_psychiatry_in_the_Soviet_Union [wikipedia.org]

Belief In Law

[b4upoo]

Obviously if phone traffic is intercepted most of the crimes mentioned in conversations would not relate to terrorism. One wonders how many criminal prosecutions could take place if all crimes detected were subject to prosecution. Murder plots, cases of fraud and tax cheating, drug sales and smuggling and prostitution would all certainly be found with ease. It would quickly become obvious that our local and national government have little interest if stopping most crime.
                If you don't believe this or do not want to believe it think about this one simple situation. People leaving bars in the wee hours are often drunks driving home. A smart cop would not want to stop people at closing time as he would be pulling over bar staff leaving work. But almost everyone leaving a bar 3o minutes before closing is legally drunk. So simply sitting at an advantageous spot and pulling over cars leaving the bar would yield a huge amount of good arrests. Yet town discourage cops from using this tactic as it disrupts business. Think about that a bit. Wouldn't we want to catch every drunk driver every time they drive drunk?

Re:

[AHuxley]

Once you know the bars are been watch and you can expect to be arrested you drink cheap store bought alcoholic beverages at home with friends.
Once you turn your mil grade tech onto internal crime - corrupt cops/lawyers/press find out and sell/pass the details on. Changes are made to lessen the use of telco and the tracking risk.
Large scale fraud and tax cheating, drug sales, smuggling and prostitution always seem once step ahead (protected) or fail long term.

Re:

[Anonymous Coward]

My wife and I were "ambushed" by two police cars after leaving a bar after closing. We only lived about 1000 feet from the bar, but they had to detain us for 30 minutes anyway. At the end of the ordeal they drove us home (yes 1000 feet) and told us that "the next time we get "sloshed' that we should have a way to get home. We weren't even "sloshed". Cops in the US are real bastards.

Re:

[gatkinso]

Yeah, and I have NEVER been in a traffic jam in Europe.

White hat or black hat, they're paid hackers

[Overzeetop]

Yeah, the guys who jailbreak iPhones and root Android devices. How about the crackers - all those pirated programs on the internet, or DeCSS and the bluray keys that are published. The ones who hack new features into Canon cameras with third party firmware. You know these guys, right?

Great - now go pick the ones who have trained for this and have PhDs in cryptography. Give them a $80-120,000/yr salary and benefits. Tell them they are responsible for keeping the USA safe by ferreting out every plot that gets communicated over any device in the world.

Congratulations, you now know who works for the NSA. And yet, somehow, we're surprised that they've managed to crack (for surveillance) the same devices we crack for entertainment and features.

Re:

[AHuxley]

Cryptography PhDs get hired to secure new products by large and small firms. Get that one person early and they have decades of insights per firm/brand over a productive career to report back on.
The ability to set up front companies is also wonderful. The ability to set international standards used for years - basic vote count or a presented paper is also wonderful...
Attacking systems and hiding their tracks works a bit better if another team had a history creating the same systems...
Vulnerabilities la

Re:

[Rich0]

The NSA is not interested in Cryptography PhDs.

The NSA hires plenty of PhDs in mathematics. I know of at least one personally and I am not really involved in math circles. Where else would one get a job? There just aren't nearly as many teaching positions as there are graduates.

Granted today Wall Street hires many. However, many would consider cryptography a more interesting problem. Also, Wall Street hiring PhDs in math is a fairly new phenomenon - they weren't doing that back in the 90s, and yet there was still a glut of PhDs floating around in m

What?

[lennier1]

Blackberry and secure? That's why they're handing out surveillance access to oppressive regimes left and right?

Thank you Edward Snowden

[rvw]

I cannot thank you enough for making all this information public, and for giving up your normal life to inform us. I hope that one time you will be recognized by the UN, EU and most hopefully for you the US, so you can return to your own country without being prosecuted.

Re:Thank you Edward Snowden

[wjcofkc]

It's easy to look at this post as redundant at a glance. The truth is, we cannot say this enough. Here, have my last mod point.

Re:Thank you Edward Snowden

[Oysterville]

You're in luck! By posting to the thread after moderating it, you get your mod point back!

Re:Thank you Edward Snowden

[Qzukk]

Actually, he doesn't get the mod point back, it just disappears.

Also if you mod then post AC from the same IP, it just disappears too, only without the "you're about to undo your moderations" warning.

Re:

[wjcofkc]

Well that's good to know after all these years : \ Why is it that I remember the system giving a warning when you attempt to mod and post? I didn't get one, and when I didn't get a warning, I thought something changed and all was cool. Sigh... Slashdot\code has been doing random strange things over the last few months.

Re:

[steelfood]

Ha! Return to his own country? Maybe in 40, 50 years, when all the dust he kicked up has settled, and only if for the better. And that's assuming the CIA hasn't offed him by then.

Inevitable

[hessian]

Thanks Obama!

All phones?

[SwashbucklingCowboy]

Just because they can crack a four digit password on an iPhone doesn't mean they can quickly crack a 24 character password. A four digit password can be easily brute forced. That's not true with a 24 character password (emphasis on "easily"). Of course, few people have 24 character passwords.

Re:

[gnasher719]

Just because they can crack a four digit password on an iPhone doesn't mean they can quickly crack a 24 character password. A four digit password can be easily brute forced. That's not true with a 24 character password (emphasis on "easily"). Of course, few people have 24 character passwords.

1. Read the article carefully. They can access iPhone data if they have gained control of the computer that is used to sync the iPhone. So basically they cannot actually access iPhone data, but possibly the backups that you made on your computer. The easiest way to avoid this is to have no such computer, and the second easiest way to avoid this is to keep that computer safe (for example by using MacOS X, with full-disk encryption permanently turned on).

2. To crack the encryption on the iPhone by entering

Re:

[gnasher719]

Unless Apple already has backdoors for NSA on OSX and iOS.

And why would Apple allow that?

Re:

[gatkinso]

The crypto is intentionally hobbled.

Well I know that makes ME feel safer anyway.

[scarboni888]

Those of you who it doesn't are probably doing something wrong and need to hide it, right?

FISA court should be impeached

[whoever57]

The Obama administration secretly won permission from a surveillance court in 2011 to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases,

That is so obviously unconstitutional that the FISA court is clearly in violation of its oath to uphold the constitution.

Re:

[fustakrakich]

It's a secret court, with a secret oath, to the government and its masters. You won't find a copy of the constitution anywhere in the room, well maybe in the bathroom, on a roll, by the toilet...

One thing we can do about it

[return 42]

Don't trust politicians to fix things. They won't.

Don't trust government to tell the truth about what they're doing. They won't.

People who care about their privacy must assure it themselves. Use OpenBSD. Use strong crypto. Use Tor and Mixmaster. Use air gaps. Don't cut corners. Make the bastards work for every byte. If they want a police state, at least make it obvious that it is a police state, and let them consider if they can afford to make that obvious, in a country where half the households are armed.

DUH...

[Lumpy]

Blackberry gave up all security years ago... Nobody remembers that UAE demanded access and they rolled over nearly instantly.. They probably handed everything over to the NSA without them even asking.

Re:

[Anonymous Coward]

Hey Obanaistas, ready to admit your guy is even worse than Bushitler?

No, we'll just accuse you of being a racist. Hope you understand.

Re:

[Anonymous Coward]

In fact, I don't. How about explaining it to me?

It's all we have left.

Re:

[gatkinso]

That was sarcasm, in case you missed it.

Re:Happy now?

[Narcocide]

NOPE but I'm willing to admit I'll probably never vote Democrat or Republican again.

Re:

[gatkinso]

How is that working out for you?

Re:

[DMUTPeregrine]

Well, for me, I can at least feel I didn't help contribute to this mess.

Re:

[Anonymous Coward]

How has voting for the major parties worked out for you would be a better question.

Re:

[gmuslera]

The ones that handle the puppet are the same. There is no worse, just kept their original agendas running over 2 different president, and now people start to realize what they have been doing all this time in front of their eyes.

Re:

[phantomfive]

No, he'll have to start an unprovoked war after alienating the international community for that. It might be coming, but it's not here yet.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[AHuxley]

Privacy on their mobile would have been protected by law to be used in an open court. If not, why did so many changes get added to telco laws.
If all the rubber stamp/hidden courts/self written warrants/no warrants needed where working at/apporved 100% and anything used public courts needed a real legal warrant - nobody would have ever found out.
The mess was trying to bring the rubber stamp/hidden courts/self written warrants 'product' into the public courts via extra colour of law efforts.
Every governme

Re:

[Sponge Bath]

Are you that blinded by your partisanship or are you just a retard?

The two often go hand in hand.