Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday March 08 2019, @07:18AM   Printer-friendly
from the believe-it-when-you-see-it dept.

Submitted via IRC for chromas

NSA might shut down phone snooping program, whatever that means

The US National Security Agency (NSA) has created a boatload of buzz over the past few days with these two headline-makers:

First, a senior Republican congressional aide suggested over the weekend that the agency might be shuttering its phone metadata slurping program instead of renewing it in December (suppress your glee: the news is less encouraging for surveillance-adverse citizenry than it appears at first blush) and....

...Second, by releasing Ghidra, a free software reverse engineering tool that the agency had been using internally for well over a decade.

First, the political cat-and-mouse game:

News of the NSA potentially killing off its mass phone-spying program – exposed by whistleblower Edward Snowden in 2013 – came on Saturday in the form of a Lawfare podcast interview with Luke Murry, national security advisor to House minority leader Kevin McCarthy.

At 5 minutes in, Murry said that the NSA hasn’t been using its metadata collecting system for spying on US citizens for the past six months, due to "problems with the way in which that information was collected, and possibly collecting on US citizens.” The program is due for Congressional reauthorization in December 2019, but Murry suggested that the administration might not bother:

I’m not actually certain that the administration will want to start that back up given where they've been in the last six months.

[...] On a far more security-crowd-pleasing note, there’s the NSA’s release of Ghidra:

The NSA released Ghidra, a software reverse engineering tool, at the RSA security conference on Wednesday. It marked the first public demonstration of the tool, which the agency has been using internally and which helps to analyze malicious code and malware tracks down potential vulnerabilities in networks and systems.

ZDNet, reporting from the conference, said that the NSA’s plan is to get security researchers comfortable working with the tool before they apply for government cybersecurity positions, be those jobs at the NSA or at the other government intelligence agencies with which the NSA has privately shared Ghidra.

At this point, Ghidra is available for download only through its official website, but the NSA also plans to release its source code under an open source license on GitHub.

The initial reviews have been, overall, positive, in large measure because "free" is a lot cheaper than the alternative tool, IDA Pro. The commercial license for IDA Pro costs thousands of US dollars per year. Here are some early reviews from well-known security pros:


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by DannyB on Friday March 08 2019, @04:27PM

    by DannyB (5839) Subscriber Badge on Friday March 08 2019, @04:27PM (#811582) Journal

    Yea! NSA will stop collecting metadata. (eg, who calls whom and when)

    But secretly they will start collecting the entire conversations and contents of transmissions instead. Who needs metadata when you've got all the actual data.

    --
    People today are educated enough to repeat what they are taught but not to question what they are taught.
    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3