Information has surfaced regarding surveillance software allegedly in use by the NSA that is able to neutralize SSL, or Secure Sockets Layer, and HTTPS, that being one of the internet’s most common ways to encrypt private information.
Details regarding an unsecured
database operated by Parabon Computing that was probed by a user
known via Twitter as “AgentViz” was posted to the website
Encyclopedia Dramatica. Parabon markets sophisticated products
such as Blitz, which allow IT managers to experience dealing with
simulated denial-of-service attacks on their networks.
RT America was approached by Anonymous on Monday with a tip on
the alleged surveillance tool called ‘Locksmith’, and a link to
the Encyclopedia Dramatica entry.
According to the initial information provided, that software
plays a role in the data packet surveillance brought to light by
Edward Snowden’s PRISM leaks, which revealed the existence of a
number of tools employed by American intelligence services to
collect the online information on a grand and unregulated scale.
Encyclopedia Dramatica (or ED) is known within the hacktivist
subculture as a satirical open wiki full of in-jokes, though it
has often held important information as well, such as in the case
of the FBI’s and Scotland Yard’s investigation and arrest of Ryan
Cleary who was involved in the 2011 cyber attack of Sony.
The ED entry RT was directed to on that site entitled ‘Parabon
Leaks’ refers to the Locksmith software, which can allegedly
neutralize the encrypted SSL protocol, which works together with
HTTPS, another common and trusted privacy layer available to
online users for secure payments, instant messaging, and on email
and social networking sites, among others.
In essence, the adoption of HTTPS allows for what websites offer
as “secure” payment online, and is therefore vital to
online commerce. Beyond payment transactions, SSL — which acts
as the virtual “handshake” of security certificates that work
over HTTPS — are also critical to securing online access over
Wi-Fi connections, as well as for the popular Tor anonymity
network tool.
The Locksmith software appears to be a product of AccessData, a
digital forensics company. The entry on the wiki contains
screenshots of product brochures which detail Locksmith’s ability
to scan, monitor and analyze SSL encrypted data.
AccessData bills the software for use within networks by IT
managers, though the allegation is that the same capabilities can
then be employed by Locksmith to parse through the mountains of
data collected by the NSA to decrypt SSL/HTTPs data
indiscriminately.
Though the product’s details are stated so matter-of-fact as to
appear mundane, according to Anonymous the technical hurdles in
truly determining what Locksmith is capable of doing has resulted
in their discovery to be disregarded. Still, the group insists
that Locksmith represents yet another piece of software currently
in use by NSA surveillance operations. Beyond Locksmith, the
ED entry includes a number of other documents, as well as mention
of more software including “Jigsaw.”
The Parabon Leaks entry
mentions that journalist Glenn Greenwald, now a key figure
writing on Edward Snowden’s NSA revelations, was contacted with
links to the information but so far appeared to have disregarded
the potential leak.
According to security expert Mikko Hyppönen of F-Secure Labs, he
was made aware of the ED entry and its information over the
weekend, but has not yet confirmed the veracity of the claims.
The group itself acknowledges that it may take months to
understand what Locksmith represents, though it alleges that the
NSA is attacking its information leak by shutting down links and
editing pages on its open wiki that tells users to disregard
Locksmith as “boring” and “common” IT software with no connection
to PRISM.
Republished from: RT