FLYING PIG: GCHQ's TLS/SSL knowledge base

December 17, 2013

Documents from the ICTR-NE (Information and Communications Technology Research - Network Exploitation) organization at the GCHQ show that it operates a program under the name FLYING PIG that provides analysts with information about secure communications over TLS/SSL. The primary motivation for this program was the increasing use of TLS/SSL by GCHQ targets, according to one of the documents.

The documents, originally published by Brazilian TV program Fant√°stico in September, provide an insightful look into the program that allows analysts to query the vast repository of metadata about the world's secure communications. In this article, I describe the program on the basis of some actual screen captures of its interface.

Read more


No, the U.S. Army did not read the emails of a Belgian MP

November 02, 2013

Today, someone pointed me at an article in Belgian newspaper De Standaard in which Karolien Grosemans, a Belgian MP of the New Flemish Alliance (N-VA), claimed the U.S. Army had read one of her emails. In this email she asked an expert for advice on a draft legislation on cyber attacks and security, hence the subject field of the email contained the words "cyberaanvallen" (cyber attacks) and "cyber security".

Read more


No, the NSA was not behind the DigiNotar hack

September 14, 2013

On Tuesday I found that former Dutch certificate authority DigiNotar, known for its security breach in 2011, was briefly mentioned in a Globo video report about NSA spying on Sunday. I documented the finding in a few tweets and put the four frames (of the same slide) that mentioned the name DigiNotar together in an album. Because the slide was only partly visible I had a difficult time making any sense of it. So, I wrote down what I considered to be plausible:

From the part of the text that is visible I suspect at least NSA's 'Flying Pig' was used in some investigation of the security breach.

Koen Rouwhorst on Twitter

Read more


What an e-book watermark looks like

September 07, 2013

In recent weeks, there was some fuss about a new agreement between digital book distribution platform eBoekhuis and connected vendors. This agreement obliges vendors to hand over previously-private customer information to anti-piracy group BREIN, should a purchased e-book at some point turn up on the internet (e.g. BitTorrent, Usenet, file-sharing sites). In order to trace a book back to the customer, a transaction code is watermarked into it. When I noticed one of the eBookhuis-connected vendors (i.e. Bol.com) started selling watermarked e-books, I bought one to see what this watermark would look like.

Read more


A message from Edward Snowden

August 31, 2013

This is the transcript I made of a message from Edward Snowden that was read out by Jacob Appelbaum yesterday at the Whistleblower Award 2013. You can watch the video on YouTube.

Read more


RSS · Atom