Thursday, May 29, 2014

Thinking about a new job?


Is your old one ending or maybe you are looking for something better, LinkedIn is the place to show what you have done. And if you work for the NSA on secret spy stuff, no big deal. Reports indicate that LinkedIn is almost as valuable source of spy info as Snowden.
NSA spies need jobs, too. And that is why many covert programs could be hiding in plain sight.

Job websites such as LinkedIn and Indeed.com contain hundreds of profiles that reference classified NSA efforts, posted by everyone from career government employees to low-level IT workers who served in Iraq or Afghanistan. They offer a rare glimpse into the intelligence community's projects and how they operate. Now some researchers are using the same kinds of big-data tools employed by the NSA to scrape public LinkedIn profiles for classified programs. But the presence of so much classified information in public view raises serious concerns about security — and about the intelligence industry as a whole.

“I’ve spent the past couple of years searching LinkedIn profiles for NSA programs,” said Christopher Soghoian, the principal technologist with the American Civil Liberties Union’s Speech, Privacy and Technology Project...

On Aug. 3, The Wall Street Journal published a story about the FBI’s growing use of hacking to monitor suspects, based on information Soghoian provided. The next day, Soghoian spoke at the Defcon hacking conference about how he uncovered the existence of the FBI’s hacking team, known as the Remote Operations Unit (ROU), using the LinkedIn profiles of two employees at James Bimen Associates, with which the FBI contracts for hacking operations.

“Had it not been for the sloppy actions of a few contractors updating their LinkedIn profiles, we would have never known about this,” Soghoian said in his Defcon talk. Those two contractors were not the only ones being sloppy.

The LinkedIn profile cited by Soghoian’s initial tweet mentions classified NSA programs like Nucleon, Dishfire, Octave, Pinwale, Mainway, Banyan and Marina. These were mentioned alongside one program that was revealed in the press only a month later: Trafficthief, a database for storing metadata from specific surveillance targets. Another profile, from Indeed.com, mentions Cultweave, XKeyscore and other previously unidentified programs.
The general public may not know what the names mean, but a proper spy agency, or even a determind individual can find out a shitload of information classified as secret and put it together with other information on hand. Just another example of why privatization is a disaster in government work.

Comments:

Post a Comment

Subscribe to Post Comments [Atom]





<< Home

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]