NSA 'secret backdoor' paved way to U.S. phone, e-mail snooping

The National Security Agency created a "secret backdoor" so its massive databases could be searched for the contents of U.S. citizens' confidential phone calls and e-mail messages without a warrant, according to the latest classified documents leaked by Edward Snowden.

A report in the Guardian on Friday quoted Sen. Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence Committee, as saying the secret rule offers a loophole allowing "warrantless searches for the phone calls or emails of law-abiding Americans..."

Read the full story here... Source: CNET

Newly leaked NSA program sees 'nearly everything' you do

The National Security Agency has a secret program that allows it to see just about everything a person does on the Internet, according to a new report.

NSA leaker Edward Snowden, who is still holed up in a Moscow airport, has reportedly leaked to The Guardian new details on a high-powered, secret program run by the U.S. government, called X-Keyscore. The Guardian, which obtained slides of a presentation the NSA reportedly gave to employees, claims that the program is the "widest-reaching" intelligence system.

According to Snowden's files on X-Keyscore, NSA employees can, with just a few clicks, obtain everything from phone numbers to e-mail addresses. The agency also can see e-mail content, full Internet activity, browser history, and an IP address. According to the files and Snowden, the NSA can essentially see everything a person is doing on the Internet without the need for a warrant...

Read the full story here. Source: CNET

Facebook's outmoded Web crypto opens door to NSA spying

Secret documents describing the National Security Agency's surveillance apparatus have highlighted vulnerabilities in outdated Web encryption used by Facebook and a handful of other U.S. companies.

Documents leaked by former NSA contractor Edward Snowden confirm that the NSA taps into fiber optic cables "upstream" from Internet companies and vacuums up e-mail and other data that "flows past" -- a security vulnerability that "https" Web encryption is intended to guard against.

But Facebook and a few other companies still rely on an encryption technique viewed as many years out of date, which cryptographers say the NSA could penetrate reasonably quickly after intercepting the communications. Facebook uses encryption keys with a length of only 1024 bits, while Web companies including Apple, Microsoft, Twitter, Dropbox, and even Myspace have switched to exponentially more secure 2,048-bit keys...

Read the full story here. Source: CNET

Google CEO on NSA spy program: We're definitely not involved

Google CEO Larry Page has flatly denied involvement in a secret spy program operated by the National Security Agency, calling into question recent news reports that alleged the company gave spooks a backdoor into its servers.

Google's statement was also signed by David Drummond, the company's top legal officer, who oversees the entire legal department.

PRISM gives the federal government surreptitious access to customer information held by Microsoft, Yahoo, Apple, Google, Facebook, and other Internet companies, according to reports from the Washington Post and The Guardian newspapers yesterday.

The program, code-named PRISM, allegedly allows NSA analysts to peruse exabytes of companies' confidential user data by typing in search terms. PRISM reports have been used in 1,477 items in President Obama's daily briefing last year, according to an internal presentation to the NSA's Signals Intelligence Directorate that the newspapers obtained.

Those allegations about companies' participation in PRISM remain unconfirmed, and thecompanies listed in the supposed presentation have denied any participation. Today's statement from Page, Google's co-founder, is the most detailed to date -- and, crucially, comes from someone who would be in a position to know or investigate rather than an unnamed corporate spokesman who would not be...

Read the full story here. Source: CNET