Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Humour

‘Breakthrough’ NSA spyware shows deep grasp of makers’ hard drives

‘Breakthrough’ NSA spyware shows deep grasp of makers’ hard drives:

The espionage program appears to be fairly targeted, said Chris Parsons, an expert on state surveillance tools with the University of Toronto’s Citizen Lab.“This is what we can count,” a Kaserpsky spokesperson said. “Because of [the] self-destroying function of the malware, the number [of victims] could be much higher.”

“Realistically, that’s a comparatively small number when you look at the global population of computers that are sold,” Parsons said.

Canada was not identified as one of the nations that has been targeted by the tampered hard drives.

What is firmware?

Firmware is software that enables a computer to perform its basic functions, Parsons explained.

“It’s essentially the operating code that runs the devices in your computer,” he said. “Think of it as the base code that’s used to run the hardware. Once the firmware is running … all the pieces of your computer get activated and are able to function.”

Kaspersky’s analysis suggests the spyware could work on popular hard drives manufactured by Western Digital, Seagate Technology, Toshiba, IBM, Micron Technology and Samsung.

“The value of getting in before everything else loads is you can influence what loads, how it loads, when it loads, and the value is much higher than if you waited until the operating system booted up,” Parsons said.

That’s because most anti-virus programs tend to be designed to take action following the loading of firmware. This particular program, however, would be “masked” in the firmware.

Which users might be affected by this?

Parsons points out that so far all the malware collected has been designed to work with Microsoft Windows.

One of the characteristics of this malware was to modify the sensor instructions to make the changes to the firmware “almost impossible to detect,” Parsons explained.

“So by the time you go to boot into Windows, it’s already compromised, and this has been hidden for at least eight to 14 years,” he said.

Parsons anticipates hackers will be emboldened by the report’s findings.

“By now knowing the kinds of attacks possible, you can be certain that other actors will now try to emulate and copy what we’ve seen here,” he said. “The risk of copycats is now much more likely.”

Categories
Links

What Rogers will tell you about the police looking into your account

What Rogers will tell you about the police looking into your account:

… I emailed Rogers to ask if the police had made inquires about my account. Because of a law called the Personal Information Protection and Electronic Documents Act (PIPED) Rogers has to answer my question.

Rogers’ first response, which arrived by registered mail, was:
“A search of our records revealed that no inquiries have been made by Law Enforcement Agencies….and Rogers is not permitted to advise of this disclosure.”

Christopher Parsons from U of T’s Citizen Lab says Rogers’ response should be read, “Nobody asked for your information and if somebody has asked for your information we’re not allowed to tell you.”

After the Star asked for a clarification, a Rogers spokesman said in an email, “We’re also sorry that the letter you received from us dated January 19, 2015 wasn’t more clear.” They promised to update their letters to make it clear to customers “we are restricted from disclosing most information to customers.”

Last May it was revealed that in 2011 law enforcement agencies in Canada made 1,193,630 requests for subscriber information from telecoms, the majority without a warrant. In June the Supreme Court of Canada said police need a warrant to gain accesses to telecom subscriber information. The Star later reported that the police are still making warrantless requests for customer data, because of disagreement on how to interpret the court’s decisions.

Based on letters he’s seen from different telecom companies a few months ago Parsons says “Rogers’ disclosure and TekSavvy’s disclosure are about the best in the industry.” while “Most are less transparent.”

Categories
Links

How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online

How Canadian Spies Infiltrated the Internet’s Core to Watch What You Do Online:

While the locations of EONBLUE sites are not disclosed in the documents, one slide makes reference to the internet’s “core” and describes EONBLUE’s ability to “scale to backbone internet speeds”—implying possible access to telecom operators, data centers, undersea cables and other infrastructure providers worldwide.

Such access would mean that much, if not all of the data, travelling through a location tapped by CSE could be subject to surveillance. Though the agency maintains it cannot legally track Canadians at home or abroad it is hard to fathom how such data could be exempt.

As of November 2010, when the document was dated, EONBLUE had already been under development for ove> r eight years. However, it isn’t clear from the slides for how long EONBLUE has been used, or whether it is still in use today.

“We haven’t seen very much to date that hasn’t been suspected or known about, but it’s the scale and breadth of this activity that is so staggering on a daily basis,” said Christopher Parsons, a postdoctoral fellow at the ​Citizen Lab, an interdisciplinary research group that studies global surveillance issues at the University of Toronto’s Munk School of Global Affairs.

“It’s designed for mass tracking, mass surveillance, on a global level,” Parsons said. ​

 

Categories
Links

Canadian military wants to be ‘main player’ in global intelligence, document shows

Canadian military wants to be ‘main player’ in global intelligence, document shows:

In a written statement, Sullivan said CJOC Intelligence can contribute to domestic operations when a formal request is made through the Department of National Defence.

CJOC was involved in the security operations during the G8 and G20 meeting of world leaders in Huntsville and Toronto in 2010, during the Vancouver Olympics, as well as natural disaster assistance, Sullivan said.

Christopher Parsons, an intelligence and security researcher with Citizen Lab in Toronto, said the planned structure seemed similar to the integrated intelligence operations in Afghanistan. Under the plan, CJOC could function as a “clearing house” for defence intelligence, Parsons said.

“(The plan looked) to be building the infrastructure so it can be used in peace time and in active combat environments, and everything in between,” Parsons said in an interview.

 

Categories
Links

Canadaland, LEVITATION, and Mass Surveillance

Snowden documents reveal that CSE has been surveilling global filesharing: Canada included. Christopher Parsons analyzed the leaks for the CBC, and he joins Jesse to explain what “Project LEVITATION” means.

Categories
Links

Your Government is Spying on Your Downloads

Your Government is Spying on Your Downloads

Categories
Links

Bill C-51 aims to ‘remove terrorist propaganda’ from internet

Bill C-51 aims to ‘remove terrorist propaganda’ from internet :

Disclosing identities

Christopher Parsons, the managing director of the Citizen Lab’s Telecom Transparency Project at the Munk Centre for Global Affairs, says that given the top court’s ruling, he’s concerned about ISPs handing over subscriber information.

Before that happens, he says, some sort of judicial process is needed to ensure that Canadians’ personal information doesn’t get disclosed to government unless they get warrants.

Parsons also expressed worry about how expansive the government’s definition of terrorist propaganda will be, especially at what he calls the margins of political and artistic speech.

Given the extent online of what the government calls terrorist propaganda, there’s also a question about the staffing required to find and remove that content from the internet. Parsons noted the challenge the RCMP has getting the resources to take down the vast quantity of child pornography.

Categories
Links

Mass surveillance program defended by Conservatives

Mass surveillance program defended by Conservatives:

There is nothing in the documents that indicate CSE is intentionally targeting Canadian citizens. But Christopher Parsons, with Citizens’ Lab, said the sheer size of the program makes it unlikely Canadians’ data weren’t caught in the drag net.

“The scope at which they are processing data means it is highly likely that Canadian information is — they would use the term ‘incidentally’ — being collected,” Parsons said.

 

Categories
Links

Canada Agency Monitors File-Sharing, Reports Say

Canada Agency Monitors File-Sharing, Reports Say :

Some Internet privacy experts said they were concerned that the program captures and examines a vast amount of online activity that had no connection to terrorism or extremists.

“It means that these agencies have an immense amount of information,” said Christopher Parsons, an electronic surveillance researcher at Citizen Lab, part of the University of Toronto’s Munk School of Global Affairs. “That raises the prospect that at some point laws could be changed to make it available to other branches of the government.”

The program also suggests that Canada plays a larger role in electronic surveillance than previously thought, he added.

NOTE: This also ran in the print version of the New York Times for January 29, 2015, on page A13, with the headline: Canada Agency Monitors File-Sharing, Reports Say

Categories
Links

Canada’s electronic spy agency takes the lead on internet surveillance

This episode of The Current discuses the Communications Security Establish’s LEVITATION program. The interview is with Dave Seglins, the lead CBC reporter on this story, and Anna Maria. The discussion is intermixed with comments from experts, including myself.