Criminals acquired over 500 DigiNotar digital certificates; Mozilla and Google issue ‘death sentence’
By Gregg Keizer
Computerworld – The tally of digital certificates stolen from a Dutch company in July has exploded to more than 500, including ones for intelligence services like the CIA, the U.K.’s MI6 and Israel’s Mossad, a Mozilla developer said Sunday.
The confirmed count of fraudulently-issued SSL (secure socket layer) certificates now stands at 531, said Gervase Markham, a Mozilla developer who is part of the team that has been working to modify Firefox to blocks all sites signed with the purloined certificates.
Among the affected domains, said Markham, are those for the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter and Microsoft’s Windows Update service.
“Now that someone (presumably from Iran) has obtained a legit HTTPS cert for CIA.gov, I wonder if the US gov will pay attention to this mess,” Christopher Soghoian, a Washington D.C.-based researcher noted for his work on online privacy, said in a tweet Saturday.
Soghoian was referring to assumptions by many experts that Iranian hackers, perhaps supported by that country’s government, were behind the attack. Google has pointed fingers at Iran, saying that attacks using an ill-gotten certificate for google.com had targeted Iranian users.
All the certificates were issued by DigiNotar, a Dutch issuing firm that last week admitted its network had been hacked in July.
The company claimed that it had revoked all the fraudulent certificates, but then realized it had overlooked one that could be used to impersonate any Google service, including Gmail. DigiNotar went public only after users reported their findings to Google.
Criminals or governments could use the stolen certificates to conduct “man-in-the-middle” attacks, tricking users into thinking they were at a legitimate site when in fact their communications were being secretly intercepted.
Google and Mozilla said this weekend that they would permanently block all the digital certificates issued by DigiNotar, including those used by the Dutch government.
Their decisions come less than a week after Google, Mozilla and Microsoft all revoked more than 200 SSL (secure socket layer) certificates for use in their browsers, but left untouched hundreds more, many of which were used by the Dutch government to secure its websites.
“Based on the findings and decision of the Dutch government, as well as conversations with other browser makers, we have decided to reject all of the Certificate Authorities operated by DigiNotar,” Heather Adkins, an information security manager for Google, said in a Saturday blog post.
Johnathan Nightingale, director of Firefox engineering, echoed that late on Friday.
“All DigiNotar certificates will be untrusted by Mozilla products,” said Nightingale, who also said that the Dutch government had reversed its position of last week — when it had asked browser makers to exempt its DigiNotar certificates.
“The Dutch government has since audited DigiNotar’s performance and rescinded this assessment,” Nightingale said. “This is not a temporary suspension, it is a complete removal from our trusted root program.”
On Saturday, Piet Hein Donner, the Netherlands’s Minister of the Interior, said the government could not guarantee the security of its websites because of the DigiNotar hack, and told citizens not to log into its sites until new certificates had been obtained from other sources.
The DigiNotar breach is being audited by Fox-IT, which told the Dutch government that it was likely certificates for its sites had been fraudulently acquired by hackers.
Several security researchers said the move by browser makers puts an end to DigiNotar’s certificate business.
“Effectively a death sentence for DigiNotar,” said Jeremiah Grossman, CTO of WhiteHat Security, in a Friday tweet.
Mozilla was scathing in its criticism of DigiNotar.
Nightingale ticked off the missteps that led Mozilla to permanently block all sites signed with the company’s certificates, including DigiNotar’s failure to notify browser vendors in July and its inability to tell how many certificates had been illegally obtained. “[And] the attack is not theoretical,” Nightingale added. “We have received multiple reports of these certificates being used in the wild.”
Markham went into greater detail on the hack and its ramifications. “It has now emerged that DigiNotar had not noticed the full extent of the compromise,” said Markham in a Saturday post to his personal blog. “The attackers had managed to hide the traces of the misissuance — perhaps by corrupting log files.”
Because the Google certificate that prompted DigiNotar to acknowledge the intrusion was obtained before most of the others, Markham speculated that there had actually been two separate attacks, perhaps by different groups.
“It is at least possible (but entirely speculative) that an initial competent attacker has had access to [DigiNotar’s] systems for an unknown amount of time, and a second attacker gained access more recently and their less-subtle, bull-in-a-china shop approach in issuing the [hundreds of] certificates triggered the alarms,” he said.
Last week, Helsinki-based antivirus company F-Secure said it had found signs that DigiNotar’s network had been compromised as early as May 2009.
Mozilla will update Firefox 6 and Firefox 3.6 on Tuesday to permanently block all DigiNotar-issued certificates, including those used by the Dutch government.
On Saturday Google updated Chrome to do the same.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg’s RSS feed . His e-mail address is gkeizer@computerworld.com.
We are aware that your service has been cooperating with the British to effect Abu Munthir’s removal to Tripoli’
“Our service has become aware that last weekend LIFG deputy Emir Abu Munthir and his spouse and children were being held in Hong Kong detention for immigration/passport violations. We are also aware that your service has been cooperating with the British to effect Abu Munthir’s removal to Tripoli, and that you had an aircraft available for this purpose in the Maldives.
Our understanding is that the Hong Kong special wing (SW) originally denied permission for your aircraft to land in Hong Kong to enable you to assume control of Abu Munthir and his family. However, we believe that the reason for the refusal was based on international concerns over having a Libyan-registered aircraft land in Hong Kong. Accordingly, if your government were to charter a foreign aircraft from a third country, the Hong Kong government may be able to coordinate with you to render Abu Munthir and his family into your custody.
If payment of a charter aircraft is an issue, our service would be willing to assist financially to help underwrite those costs. Please be advised that if we pursue that option, we must have assurances from your government that Abu Munthir and his family will be treated humanely and that his human rights will be respected; we must receive such assurances prior to any assistance being provided.
For your information, the Hong Kong special administrative region is governed by a variety of legal constraints regarding deportation and custody of aliens. Accordingly, we believe that you will need to provide significant detail on Abu Munthir (eg, his terrorist/criminal acts, why he is wanted, perhaps proof of citizenship). It is also our understanding that Hong Kong officials have insisted that prior to turning Abu Munthir over to your custody, they must receive clear assurances from your government that Abu Munthir and his family will be treated humanely and in accordance with human rights.”
Torture policy of MI5 and MI6 outlined in secret document – barrister’s opinion together with original article from The Guardian below:
No trade-off on torture
Now that the secret government policy on overseas torture is laid bare, it is even more imperative that the coalition clean house
Eric Metcalfe
Would you risk someone being waterboarded in a foreign country for a week if you thought it might save 10 British lives? What if you thought it might save only one life, but you were not really sure? What would that be worth? Waterboarding for a day? The secret government policy uncovered in Ian Cobain’s story on Thursday does not set things out in such crude terms, but it is the kind of grotesque utilitarian calculus that is invited by its bland references to “balancing the risk of mistreatment” against “operational imperatives”.
Torture, according to the policy, was something the previous government would never knowingly condone or be complicit in. But when it came to situations in which the government did not know for certain, or did not especially want to, all bets were, apparently, off.
The revelation of the policy, in force until 2010, does not so much shock as confirm what many people had guessed: that the previous government had been prepared to run the risk that its co-operation with foreign intelligence agencies might – in certain, unspecified circumstances – result in people overseas being tortured.
The policy restated, of course, the official position: MI5 and MI6 “do not participate in, solicit, encourage or condone the use of torture or inhuman or degrading treatment” and “will not carry out any action which it is known will result” in such ill-treatment. The more difficult question is what was happening before 2010 in the many cases that didn’t involve such perfect knowledge, ie the real world.
Some things we do know. We know, for instance, that our intelligence services have over the past decade co-operated with a great many countries known to use torture: Jordan, Pakistan and Algeria, to name but a few. The evidence that these countries use torture has long been a matter of public record, amply documented by reports from Amnesty International, Human Rights Watch and the US state department.
But it turns out knowledge is a tricky thing. In 2005, the then head of MI5 gave a witness statement in support of the government’s case before the House of Lords, from which it was clear that MI5 did not care to ask its foreign partners if particular information it received had been obtained using torture. Apparently it feared giving offence and thereby depriving the UK of valuable intelligence. As Lord Bingham noted in his dissenting opinion, “the foreign torturer does not boast of his trade”, and MI5 was content to turn a blind eye in order to keep the information coming in.
The cases in which British officials have been implicated in torture abroad are not just those involving evidence received by fax, however, where knowledge of interrogation techniques is easy enough to deny. In several cases, agents of MI5 and MI6 went to detention centres in places such as Pakistan, stood face to face with the victim of torture, asking questions with the torturers presumably nearby. It beggars belief to suppose that trained intelligence officials were unaware of the circumstances in which suspects were detained.
No doubt there are many qualities that go into making a good MI5 agent but naivety is not one of them. In any event, the previous government’s policy reveals that ministers were prepared to run the risk that torture might be used if the gains to the UK were acceptable enough: in other words, a ghoulish, foolish trade-off between torture and intelligence.
Will the coalition clean house as it promised? Labour’s policy accepted that British officials overseas were bound by our criminal law but not, apparently, our human rights standards. Sadly, the coalition government seems as unwilling as Labour in this regard, something borne out by itsrefusal to comply with article 3 of the European convention on human rights when setting up the Detainee Inquiry. Worst of all, the coalition has given itself the final say on what can and cannot be made public by the inquiry. The irony here is that, but for Thursday’s leak, Labour’s ruinous policy might never have seen the light of day.
Eric Metcalfe is a barrister and the director of human rights policy at Justice
https://www.theguardian.com/law/2011/aug/05/no-trade-off-on-torture, 5 August 2011
Original article by Ian Cobain:
UK’s secret policy on torture revealed
Exclusive: Document shows intelligence officers instructed to weigh importance of information sought against pain inflicted
A top-secret document revealing how MI6 and MI5 officers were allowed to extract information from prisoners being illegally tortured overseas has been seen by the Guardian.
The interrogation policy – details of which are believed to be too sensitive to be publicly released at the government inquiry into the UK’s role in torture and rendition – instructed senior intelligence officers toweigh the importance of the information being sought against the amount of pain they expected a prisoner to suffer. It was operated by the British government for almost a decade.
A copy of the secret policy showed senior intelligence officers and ministers feared the British public could be at greater risk of a terrorist attack if Islamists became aware of its existence.
One section states: “If the possibility exists that information will be or has been obtained through the mistreatment of detainees, the negative consequences may include any potential adverse effects on national security if the fact of the agency seeking or accepting information in those circumstances were to be publicly revealed.
“For instance, it is possible that in some circumstances such a revelation could result in further radicalisation, leading to an increase in the threat from terrorism.”
The policy adds that such a disclosure “could result in damage to the reputation of the agencies”, and that this could undermine their effectiveness.
The fact that the interrogation policy document and other similar papers may not be made public during the inquiry into British complicity in torture and rendition has led to human rights groups and lawyers refusing to give evidence or attend any meetings with the inquiry team because it does not have “credibility or transparency”.
The decision by 10 groups – including Liberty, Reprieve and Amnesty International – follows the publication of the inquiry’s protocols, which show the final decision on whether material uncovered by the inquiry, led by Sir Peter Gibson, can be made public will rest with the cabinet secretary.
The inquiry will begin after a police investigation into torture allegations has been completed.
Some have criticised the appointment of Gibson, a retired judge, to head the inquiry because he previously served as the intelligence services commissioner, overseeing government ministers’ use of a controversial power that permits them to “disapply” UK criminal and civil law in order to offer a degree of protection to British intelligence officers committing crimes overseas. The government denies there is a conflict of interest.
The protocols also stated that former detainees and their lawyers will not be able to question intelligence officials and that all evidence from current or former members of the security and intelligence agencies, below the level of head, will be heard in private.
The document seen by the Guardian shows how the secret interrogation policy operated until it was rewritten on the orders of the coalition government last July.
It also:
• Acknowledged that MI5 and MI6 officers could be in breach of both UK and international law by asking for information from prisoners held by overseas agencies known to use torture.
• Explained the need to obtain political cover for any potentially criminal act by consulting ministers beforehand.
The secret interrogation policy was first passed to MI5 and MI6 officers inAfghanistan in January 2002 to enable them to continue questioning prisoners whom they knew were being mistreated by members of the US military.
It was amended slightly later that year before being rewritten and expanded in 2004 after it became apparent that a significant number of British Muslims, radicalised by the invasion of Iraq, were planning attacks against the UK.
The policy was amended again in July 2006 during an investigation of a suspected plot to bring down airliners over the Atlantic.
Entitled “Agency policy on liaison with overseas security and intelligence services in relation to detainees who may be subject to mistreatment”, it was given to intelligence officers handing over questions to be put to detainees.
Separate policy documents were issued for related matters, including intelligence officers conducting face-to-face interrogations.
The document set out the international and domestic law on torture, and explained that MI5 and MI6 do not “participate in, encourage or condone” either torture or inhuman or degrading treatment.
Intelligence officers were instructed not to carry out any action “which it is known” would result in torture. However, they could proceed when they foresaw “a real possibility their actions will result in an individual’s mistreatment” as long as they first sought assurances from the overseas agency.
Even when such assurances were judged to be worthless, officers could be given permission to proceed despite the real possibility that they would committing a crime and that a prisoner or prisoners would be tortured.
“When, not withstanding any caveats or prior assurances, there is still considered to be a real possibility of mistreatment and therefore there is considered to be a risk that the agencies’ actions could be judged to be unlawful, the actions may not be taken without authority at a senior level. In some cases, ministers may need to be consulted,” the document said.
In deciding whether to give permission, senior MI5 and MI6 management “will balance the risk of mistreatment and the risk that the officer’s actions could be judged to be unlawful against the need for the proposed action”.
At this point, “the operational imperative for the proposed action, such as if the action involves passing or obtaining life-saving intelligence” would be weighed against “the level of mistreatment anticipated and how likely those consequences are”.
Ministers may be consulted over “particularly difficult cases”, with the process of consulting being “designed to ensure that appropriate visibility and consideration of the risk of unlawful actions takes place”. All such operations must remain completely secret or they could put UK interests and British lives at risk.
Disclosure of the contents of the document appears to help explain the high degree of sensitivity shown by ministers and former ministers after the Guardianbecame aware of its existence two years ago.
Tony Blairevaded a series of questions over the role he played in authorising changes to the instructions in 2004, while the former home secretary David Blunkett maintained it was potentially libellous even to ask him questions about the matter.
As foreign secretary, David Milibandtold MPs the secret policy could never be made public as “nothing we publish must give succour to our enemies”.
Blair, Blunkett and the former foreign secretary Jack Straw also declined to say whether or not they were aware that the instructions had led to a number of people being tortured.
The head of MI5, Jonathan Evans, said that, in the post 9/11 world, his officers would be derelict in their duty if they did not work with intelligence agencies in countries with poor human rights records, while his opposite number at MI6, Sir John Sawers, spoke of the “real, constant, operational dilemmas” involved in such relationships.
Others, however, are questioning whether – in the words of Ken Macdonald, a former director of public prosecutions, “Tony Blair’s government was guilty of developing something close to a criminal policy”.
The Intelligence and Security Committee, the group of parliamentarians appointed by the prime minister to assist with the oversight of the UK’s intelligence agencies, is known to have examined the document while sitting in secret, but it is unclear what – if any – suggestions or complaints it made.
Paul Murphy, the Labour MP and former minister who chaired the committee in 2006, declined to answer questions about the matter.
A number of men, mostly British Muslims, have complained that they were questioned by MI5 and MI6 officers after being tortured by overseas intelligence officials in Pakistan, Bangladesh, Afghanistan andGuantánamo Bay. Some are known to have been detained at the suggestion of British intelligence officers.
Others say they were tortured in places such as Egypt, Dubai, Morocco and Syria, while being interrogated on the basis of information that could only have been supplied by the UK.
A number were subsequently convicted of serious terrorism offences or subjected to control orders. Others returned to the UK and, after treatment, resumed their lives.
One is a businessman in Yorkshire, another a software designer living in Berkshire, and a third is a doctor practising on the south coast of England.
Some have brought civil proceedings against the British government, and a number have received compensation in out-of-court settlements, but others remain too scared to take legal action.
Scotland Yard has examined the possibility that one officer from MI5 and a second from MI6 committed criminal offences while extracting information from detainees overseas, and detectives are now conducting what is described as a “wider investigation into other potential criminal conduct”.
A new set of instructions was drafted after last year’s election, published on the orders of David Cameron, on the grounds that the coalition was “determined to resolve the problems of the past” and wished to give “greater clarity about what is and what is not acceptable in the future”.
Human rights groups pointed to what they said were serious loopholes that could permit MI5 and MI6 officers to remain involved in the torture of prisoners overseas.
Last week, the high court heard a challenge to the legality of the new instructions, brought by the Equality and Human Rights Commission. Judgment is expected later in the year.
https://www.theguardian.com/politics/2011/aug/04/uk-allowed-interrogate-tortured-prisoners, 4 August 2011
The Daily Telegraph’s title for the same item:
“We covered up our involvement in torture. Now we must expose it”
Does anyone know what Operation Sunshine is, or was? It is, or was, an MI6 operation in Cyprus back in 1959. The details are revealed in the enlightening research of Stephen Dorril under the title “MI6-Inside the Covert World of Her Majesty’s Secret Intelligence Service.”
The summary is as follows: Cyprus was drawn into ethnic conflict in the late 1950s. Armed, right-wing Greek bands were carrying out attacks against British rule on the island and against Turkish civilians – something that would be named as an attempt at ethnic cleansing in today’s world. In response, Turkey secretly helped an embryonic resistance among Turkish Cypriots, organizing and arming them.
The Brits decided to take effective steps. MI6 started to tap some VIP telephones, relying on the cutting-edge technology of the day in order to prevent further killings and provide a basis for a settlement between Greek and Turkish Cypriots. The names included the Greek leader, Archbishop Marakios III. While eavesdropping on Makarios’ lines in order to obtain some political and military information, they recorded some other stuff by mistake – “Rather unusual homosexual proclivities,” as described by the book.
That was in 1958 and when Makarios resisted signing an agreement with Turkish Cypriots under the guarantee of Britain, Turkey and Greece in 1959 in Zurich, he had a visitor in his hotel room with some information to share. Makarios changed his mind overnight, came down to the hotel lobby where his Turkish counterpart Fazıl Küçük was waiting and signed the first treaty on Cyprus which lead the establishment of the Republic of Cyprus in 1960.
That was Operation Sunshine. That is a part of the background story about how the Republic of Cyprus with Makarios as the president and Küçük as the deputy president was established.
That British-made fragile structure began to fall apart a few years later, ultimately leading to theTurkish military intervention which divided Cyprus into two in 1974.
Being happy with the status quo, Ankara did almost nothing other than support the declaration of the Turkish Republic of Northern Cyprus, of which only Turkey recognizes.
Turgut Özal was the first Turkish leader who talked about a “bi-zonal, bi-communal, federal system” in the 1980s. In the mid-1990s, Turkey silently distanced itself from that formula, which was not adopted by the Greeks anyway.
Under the Justice and Development Party, or AK Parti, Prime Minister Tayyip Erdoğan adopted a U.N.-backed reunification strategy, which was rejected by the Greek Cypriots in 2004. The European Union’s subsequent admittance of the Republic of Cyprus (officially representing the separated Turks in the north as well), made Erdoğan upset, like many of the Turks.
Now Erdoğan is going back to Özal’s federal model and is threatening whomever by starting to support two separate states on the island, risking Turkey’s relations with the EU.
That brings us to the threshold of a series of very interesting events in the coming months in the eastern Mediterranean.
THE British secret service grossly underestimated the resistance of Turkish forces before the disastrous Gallipoli campaign, according to an historian allowed unprecedented access to MI6 archives.
Professor Keith Jeffery has spent the past five years trawling through Secret Intelligence Service (SIS) records from the first half of the 20th century for his book, The History of the SIS 1909-1949.
He said that documents at the SIS, in its infancy at the time, dismissed the ability of the Turks to defend themselves against any reasonably sized army.
And he said the reports demonstrated the “over-optimism which permeated the early days of the Gallipoli campaign”.
“Everybody did (grossly underestimate the Turks),” he told AAP.
“It was one of those classic cases, they didn’t think there was any resistance.
“What little I found simply confirms that view. Absolutely.”
Nearly 9000 Australians were killed and almost 18,000 wounded during the ill-conceived nine-month campaign that ended up costing more than 100,000 lives.
Former chief of the SIS, Sir John Scarlett said the decision to allow Prof Jeffery access to the secret documents was an attempt to provide the British public with a better understanding of the service and mark its 100 years of operations.
The 800-page book provides details on a host of colourful spies, including Biffy Dunderdale who was said to be one of the major inspirations behind the James Bond character.
Suspects arrested in north Wales over packages allegedly addressed to MI6 offices and Downing Street
Two men are being held by police today after two parcel bombs reportedly addressed to 10 Downing Street and MI6 were intercepted last week.
The suspects, aged 52 and 21, were arrested on suspicion of explosive offences at separate addresses in Caernafon, north Wales, on Friday by Metropolitan police officers and local police.
The Met said one package was found at the postal handling centre for MI6 near to its headquarters on the Albert Embankment, in London. It would not confirm or deny that the other, held at a south London sorting office, was addressed to Downing Street.
Police were called at 12.40pm on Wednesday after a suspicious package was found at the MI6 office. The second parcel was discovered at 4.30am on Thursday.
A police spokesman said: “The Metropolitan police service is investigating two suspect packages addressed to premises in central London. Both packages have been recovered by police.”
The last known attack on MI6 HQ was in 2000 when it suffered superficial damage in a rocket attack by dissident Irish republicans.