The data exchange of US intelligence agency and thousands of companies are involved in the Google: Microsoft

2015-06-09 14:26:39 source: BOZHI Soft

According to two people familiar with the matter, the world's largest software company Microsoft will advance to the intelligence agencies to provide information on the operating system vulnerabilities, and then released fixes.

Intro: Bloomberg published today signed Michael Riley (Michael Riley) the article said that the NSA, CIA and the FBI and other intelligence agencies and the United States of thousands of private enterprises to maintain a close working relationship, they will obtain sensitive information from these enterprises, but will also provide confidential information to the enterprises in the cooperation.
Here is the article:
Thousands of technology, finance and manufacturing companies are working closely with the U.S. National Security Agency to provide sensitive information, and as a reward they will receive confidential information from the latter, according to four sources familiar with the matter.
The participating companies are trusted partners, and they are doing far more than those disclosed by the National Security Agency (NSA), the Edward Snowden (Snowden Edward), who works in computer technology. Since Snowden this month to disclose the NSA collection of millions of U.S. residents of the phone records and Internet companies such as Google and other Internet companies to monitor the computer communications between foreigners, those involved in the private sector has been closely concerned by the public.

These four sources said that in addition to the user's private information communication, many Internet and communications companies voluntarily for the U. S. intelligence community to provide additional data, such as equipment specifications.

This kind of extensive cooperation between intelligence agencies and private enterprises is illegal, it exists in all aspects of people's lives, but only a few lawyers, business owners and spies will be cautious about this problem. Private enterprise executives willing to cooperation with the government, winning reputation Defense Assistance. At the same time, the company will benefit from it, according to a source familiar with intelligence agencies and companies between the contents of the agreement.

A person familiar with the process said that most of the agreements are highly confidential, and only a handful of companies are able to access the information. Most of the time, such confidential information only CEO and the person in charge of the business of the company's responsible person knows, other people simply do not know.
"Thank them"

 Hayden, who served as NSA and CIA Michael, described the relationship with the company: "if I were a leader in charge of the information agency and the cooperative enterprise, when my partner provided me with a very valuable information on public defense, I would like to thank them in my way, to make them aware of the necessity and usefulness of their actions."
Hayden added: "as a responsible person you are obligated to do such a thing, few people will keep out of the affair."
According to a slide show disclosed by Snowden, the U.S. Internet Co and NSA Operations Special (Source) group has a secret program named Prism (PRISM), the program is dedicated to collect overseas targets of electronic mail, video and other data information. Each Internet companies monitoring data is different, the specific category by a secret judges will decide.
As global information is exploding, and more and more information is transmitted through the switch / router, cable and other network equipment provided by the Usa Inc, American intelligence agencies are increasingly dependent on this kind of partnership with the private sector.
Equipment specification
In addition to private communication, the information of the equipment supporting the operation of the Internet is also a collection of the United States government and its cooperative enterprises. In theory, there is no contact between the specifications of the equipment and the information of the private communication. But this information is very important for companies, law enforcement officials and the military.
Contact officer
If necessary, the company executives, and intelligence agencies, will be awarded the exemption from the transfer of data and the case of civil proceedings.      Intelligence agencies also regularly contact the company to update them on how they will use the collected data.
One of the sources of the four familiar insider said, Intel's security software business in the McAfee sector, will be regularly with NSA, FBI and CIA. McAfee is a very valuable partner of the United States intelligence agency, because it produces Internet software can master a large number of malicious Internet traffic, including foreign espionage, etc..
The source said the U.S. intelligence agencies and McAfee cooperation process may be: first contact with the CEO McAfee, the latter will assign special staff to provide data to the investigators. He also said that the United States of the United States if that the government should seek so much help, will be surprised. McAfee's firewall can be used to collect data on the use of legitimate servers engaged in espionage, so as to find out the location of the attack. In addition, McAfee is also familiar with the architecture of the global information network, which is very useful for the cooperative information agency.

Corporate executives receive care
McAfee global chief technology officer Michael Faye (Fey Michael) said, McAfee data and related analysis does not involve personal information. "We don't share any type of personal information with the government agencies," he said in a statement. McAfee's mission is to provide security technology, educational information and Threat Intelligence to government agencies. This information includes information about new threats, network attack mode, vector activity trend data, and the analysis of the software system vulnerabilities and the authenticity of the hacker organization."

The source said, as an exchange, the United States security agencies will give a special attention and related information to the cooperation of corporate executives to maintain the relationship. Sometimes, cooperative companies will get ahead of time to get a warning about the threat, which may affect their revenues, such as large-scale cyber attacks and information such as the behind the scenes.

According to a person familiar with the investigation into U.S. government informed sources said, in 2010, after Google from Chinese hackers, Google co-         founder Sergey Brin (Sergey Brin) won the a highly confidential government information, said the attack plotter is Chinese military under a secret                     organization. According to Snowden revealed the information, as the world's largest search engine, Google has been involved in the prism plan for more than a year.
Google CEO Larry - page (Larry Page) this month 7 days in a blog wrote, before Snowden exposed material. He had never heard said "prism" plan, while           Google does not allow the U.S. government direct access to the server, or data center system is "back door". Paige said that Google is only in the case of non violation of the law, to provide the government with user data. Google spokesman Leslie Miller (Leslie Miller) have yet to comment on the report.
Collecting equipment metadata
The information provided by Snowden also exposed a secret program called "Blarney". According to the Washington Post on the "Blarney" program, the U.S. security agencies will collect some of the computer and equipment metadata (Metadata), these computers and devices are used to send e-mail through the main data lines, browse the Internet information.
Millions of devices in the world are using metadata, while the U.S. intelligence agencies can use this information to penetrate the computer or mobile phone to monitor the user. Metadata also includes operating system, browser, and Java software versions. "This is a highly aggressive data," said Chisholm Glenn, a former chief information officer at Corp Telstra, a large telecom operator in Australia ". He said this, in fact, in contrast to the protection and non penetration of      the computer's defensive information.
According to the Washington Post, Snowden said the goal of the "Blarney" program was "access and access to foreign intelligence". It is not clear whether the United States Internet service provider in accordance with the Blarney plan, to provide users with information on the NSA, if there is a matter, they have been approved by the judge.
NSA, a former Baker Stewart, said that if the metadata involved in the communication between the two computers that happened to cross the United States cable, "then it is not too much legal supervision to obtain."
Keep up with the trend of science and technology
Jacob Olkut (Olcott Jacob) said that the members of the U.S. intelligence agencies responsible for the supervision, perhaps it is not clear the importance of the part of the metadata NSA. Orr Kurt is the Senate Commerce Committee Chairman John D. Rockefeller (John D. Rockefeller IV) former network security consultant and is now a security risk management firm good harbor security risk management level.
"This has made it very difficult to monitor such issues," he said. Today, the technology and technology policy is rapidly changing, the majority of elected members and their aides background and expertise has been unable to keep up with this trend." Although U.S. intelligence agencies offer attractive incentives to cooperative companies, many executives are involved in such programs as patriotic sentiment, or the feeling that they are protecting national security, according to people familiar with the matter.
U.S. telecom operators, Internet Co, power companies and other companies, to the U.S. intelligence agencies to provide the details of their system's infrastructure or related equipment, so that the intelligence agencies can analyze potential vulnerabilities. "The government wants to know the country's infrastructure," says Kiss Holm, chief security officer at Cylance, a California data security firm."
Not bear legal responsibility
Even some highly defensive systems, but also to the user's privacy can not bring unexpected consequences. "Einstein 3" is the first by the NSA to develop a huge plan to protect government systems from hackers. At present, the project has been unveiled, is currently in the installation phase, it will be sent each year to the government computer billions of emails for careful analysis, to determine whether they contain spyware tools or malicious software. According to people familiar with the matter, in some cases, the Einstein 3 program may also make the private content of e-mail exposure.
It is reported that in the Verizon, Communications Sprint, Nextel AT&T, Level 3 Communications, CenturyLink and other United States five well-known Internet consent in its network of Einstein 3 system, a few also require the government must ensure that they do not bear the responsibility of violating the laws of the United States, the results they received a letter written in the United States attorney general, the exposure of such information is not consistent with the definition of American law, while giving these companies immunity in civil proceedings.
At & T spokesman Mark Siegel (Mark Siegel) and Verizon spokesman Edward McFadden Edward McFadden, were reluctant to comment on the report, and   sprint spokesman Scott Sloat (Scott Sloat,) and level 3 spokesman Monica Martinez (Monica Martinez), yet in this regard: comment.
Centurylink spokesman Linda Johnson (Johnson Linda) said that the company is involved in the Enhanced (Cybersecurity Services) and the Security Services (Prevention Intrusion) and other two plans, which also include the Einstein 3 project. These two plans are directly responsible for the U.S. Department of homeland security. She said, in addition, Centurylink will not comment on national security issues."