NSA loves The Bahamas so much it records all its cellphone calls | Ars Technica

Documents obtained by former National Security Agency contractor Edward Snowden show that the NSA has covertly intercepted and recorded nearly all of the calls made to, from, or between cell phones in The Bahamas. The surveillance, reported by The Intercept, used legal monitoring access obtained by the Drug Enforcement Administration.

via NSA loves The Bahamas so much it records all its cellphone calls | Ars Technica.


Photos of an NSA “upgrade” factory show Cisco router getting implant | Ars Technica

A document included in the trove of National Security Agency files released with Glenn Greenwald’s book No Place to Hide details how the agency’s Tailored Access Operations (TAO) unit and other NSA employees intercept servers, routers, and other network gear being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they’re delivered.

These Trojan horse systems were described by an NSA manager as being “some of the most productive operations in TAO because they pre-position access points into hard target networks around the world.”

The document, a June 2010 internal newsletter article by the chief of the NSA’s Access and Target Development department (S3261) includes photos (above) of NSA employees opening the shipping box for a Cisco router and installing beacon firmware with a “load station” designed specifically for the task.

via Photos of an NSA “upgrade” factory show Cisco router getting implant | Ars Technica.

Air Force, drones

US sends its giant spy drone to look for kidnapped Nigerian girls | Ars Technica

The drone that the United States Air Force sees as the replacement for the venerable U-2 spy plane is now flying surveillance missions over Nigeria as part of the search for 276 schoolgirls kidnapped by the Boko Haram terrorist group. A Northrop Grumman RQ-4 Global Hawk flew a mission over Nigeria on Tuesday, according to an NBC News report.

The Global Hawk, which first flew in 1998, can stay airborne for up to 28 hours and has a range of 8,700 miles. It has a wingspan close to that of a Boeing 747, weighs more than 32,000 pounds, and carries the Hughes Integrated Surveillance and Reconnaissance (HISAR) sensor system, a down-market version of the infrared, optical, and synthetic aperture radar gear Hughes developed for the U-2.

via US sends its giant spy drone to look for kidnapped Nigerian girls | Ars Technica.

drones, Foreign Non-Coalition, Iran, Soutwest Asia

Iran claims to clone US stealth drone, but it looks fake | Ars Technica

The Iranian military claims to have successfully duplicated the RQ-170 Sentinel drone that was captured in Iran in 2011, and it has put the drone on display alongside the original. The home-built version, Islamic Revolutionary Guard officers claim, could be used to attack US Navy ships in the Persian Gulf. But outside observers believe the copy is about as capable of that as the mock-up of a US aircraft carrier Iran built, allegedly for a movie set.

On May 11, Iranian television broadcast a report from an exhibition by the Islamic Revolutionary Guard Corps Aerospace Force in Tehran, where Ayatollah Ali Khamenei was shown the two unmanned aircraft by military officers. “Our engineers succeeded in breaking the drone’s secrets and copying them,” an officer said in the video broadcast. “It will soon take a test flight.”

The RQ-170, built by Lockheed Martin, is a turbofan-powered unmanned aircraft flown by the 30th Reconnaissance Squadron, part of the Air Force’s 432nd Wing (the Air Force’s drone command). The aircraft first gained notoriety as the secretive “beast of Kandahar” during operations in Afghanistan in 2007. The Air Force is believed to have purchased 20 Sentinels.

Little is known about their operational role, though their “flying-wing” airframe appears to have been designed for stealthy reconnaissance and surveillance missions. It’s believed that the aircraft captured in 2011 by the Iranians was being used to conduct surveillance of nuclear facilities.

The Iranians claimed that they were able to jam the Air Force’s data link to the drone and take control of it, bringing it down for an almost soft landing. They also claimed that the drone was recovered nearly intact and that the Revolutionary Guard was able to download data from its onboard systems. While the US government disputed those claims, later reports indicated that it was within the realm of possibility that the Iranians had managed to take over control of the drone.

Just what sort of “secrets” the RQ-170 surrendered to the Iranians is not clear. But aviation industry analysts who saw the footage of the Iranian clone of the RQ-170 have said it appears to be a fake—nothing more than a cheap fiberglass mockup put together for propaganda purposes, similar to the mockup of a stealth fighter the Iranians displayed last year. (Footage of that plane “flying” appeared to actually be of a small radio-controlled model.)

“It seems their fiberglass work has improved a lot,” an industry source familiar with the RQ-170 told US Naval Institute News. “It also seems that if it were a functional copy, versus a detailed replica, it wouldn’t necessarily have the exact same landing gear, tires, etc. They would probably just use whatever extra F-5 parts or general aviation parts they had lying around.”

via Iran claims to clone US stealth drone, but it looks fake | Ars Technica.


NSA routinely tapped in-flight Internet, intercepted exported routers | Ars Technica

In his new book No Place to Hide, Glenn Greenwald revealed a number of additional details on the “craft” and tools used by the NSA and its British counterpart, the GCHQ. While many of the capabilities and activities Greenwald details in the book were previously published in reports drawing from Edward Snowden’s vast haul of NSA documents, a number of new pieces of information have come to light—including the NSA’s and GCHQ’s efforts to use airlines’ in-flight data service to track and surveil targeted passengers in real time.

The systems—codenamed “Homing Pigeon” by the NSA and “Thieving Magpie” by the GCHQ—allowed the agencies to track which aircraft individuals under surveillance boarded based on their phone data.

via NSA routinely tapped in-flight Internet, intercepted exported routers | Ars Technica.


After 17-year march, Army still drags its boots on buying high-tech radios | Ars Technica

The US Army and other military services began development of software-defined radios to replace aging analog systems in 1997—long before Wi-Fi, broadband cellular, and high-definition television were even on the drawing board. The Joint Tactical Radio System (JTRS) program was supposed to revolutionize battlefield communications, turning soldiers and vehicles into nodes in an all-digital network that allowed data and video to flow as easily as voice traffic.

Little did the people working on the JTRS program know that the product of their labors would take 20 years to start being deployed in volume to troops—and how little of the original scope of the program would ever make it into service. The Army just announced this month its roadmap for rolling out JTRS-based Handheld, Man-Pack, and Small Form Factor (HMS) program radio systems in volume—three years from now. That means it may be 2018 before most soldiers see the radios in the field.

On May 2, at Fort Bliss, Texas, the Army’s HMS program team conducted its first “terrain walk-around” test of the AN/PRC-155 Manpack Radio, General Dynamics’ backpack offering for the program. The tests were in advance of a Network Integration Evaluation test at White Sands—the same evaluation exercise where, in 2011, the Ground Mobile Radio program met its Waterloo. The Army cancelled the GMR program after those tests and after an investment of $6 billion.

via After 17-year march, Army still drags its boots on buying high-tech radios | Ars Technica.

State & Local, Tech Goes Wrong

Massachusetts “Romneycare” site killed after rejecting Obamacare transplant | Ars Technica


The Massachusetts Health Connector is getting its plug pulled.

Nevada, Maryland, Massachusetts, Minnesota, and Oregon are members of a club that no one wants to join—all of these states have largely failed at getting their electronic health insurance exchange sites to work properly (or, in some cases, at all). Given the legislatively mandated deadline, the delays in delivery of requirements by the federal government, and the scale of the task that faced states developing their own healthcare exchange sites under the Affordable Care Act, people familiar with government information technology projects might tell you that it’s surprising that any of the websites worked at all.

But if any state had a greater shot at success, it was Massachusetts—the state that served as the model upon which the Affordable Care Act was based. Now, Massachusetts’ health exchange has decided to shutter its own site at least temporarily, switching to the federal exchange to buy time for a better fix.

States running their own exchanges need to be ready by November 15 for the next round of open enrollment for health plans. That has put a number of states with floundering exchange sites in a pinch. Oregon was the first state with its own exchange to completely abandon its own website after spending more than $300 million in federal grants on the project.

Oregon officials have publicly blamed the database giant Oracle, the state’s primary contractor for the site, for its failure. In March, the Government Accountability Office announced that it would conduct an investigation of the Cover Oregon exchange project; last week, The Wall Street Journal reported that the FBI is now conducting its own investigation.

In an official statement in April, an Oracle spokesperson said that “Oracle looks forward to providing any assistance the state needs in moving parts of Oregon’s health care exchange to the Federal system if it ultimately decides to do so.” Last week, the board of the exchange voted to move to the federal exchange.

via Massachusetts “Romneycare” site killed after rejecting Obamacare transplant | Ars Technica.