The NSA Has Inserted Its Code Into Android OS, Or Three Quarters Of All Smartphones

Over a decade ago, it was discovered that the NSA embedded backdoor access into Windows 95, and likely into virtually all other subsequent internet connected, desktop-based operating systems. However, with the passage of time, more and more people went "mobile", and as a result the NSA had to adapt. And adapt they have: as Bloomberg reports, "The NSA is quietly writing code for Google’s Android OS."

Is it ironic that the same "don't be evil" Google which went to such great lengths in the aftermath of the Snowden scandal to wash its hands of snooping on its customers and even filed a request with the secretive FISA court asking permission to disclose more information about the government’s data requests, is embedding NSA code into its mobile operating system, which according to IDC runs on three-quarters of all smartphones shipped in the first quarter? Yes, yes it is.

Google spokeswoman Gina Scigliano confirms that the company has already inserted some of the NSA’s programming in Android OS. "All Android code and contributors are publicly available for review at source.android.com." Scigliano says, declining to comment further.




Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter. NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device. Eventually all new phones, tablets, televisions, cars, and other devices that rely on Android will include NSA code, agency spokeswoman Vanee’ Vines said in an e-mailed statement. NSA researcher Stephen Smalley, who works on the program, says, “Our goal is to raise the bar in the security of commodity mobile devices.”



See, there's no need to worry: the reason the NSA is generously providing the source code for every Google-based smartphone is for your own security. Oh but it's open-sourced, so someone else will intercept any and all attempts at malice. We forgot.

...



http://www.zerohedge.com/news/2013-07-09/nsa-has-inserted-its-code-android-os-bugging-three-quarters-all-smartphones


/puke

GET OUT OF OUR LIVES!!!! Is there anywhere safe? I wish this wasn't a rhetorical question I already knew the answer to.

Conspiracy theory, meet conspiracy fact.



Now please tell me why, with all this shit they couldn't identify two rag heads with pressure cookers?

Oh yeah, that's right...

I wonder what XDA Developers response will be...

So do any of you know what the code actually does? I dont, but its all open source and peer reviewed. Given that I find it hard to believe there would be any back doors in it.

So do any of you know what the code actually does? I dont, but its all open source and peer reviewed. Given that I find it hard to believe there would be any back doors in it.

That's why I'm confused too. Although some say Android isn't as open-source as Linux. I wouldn't know.

If you don't like it, take it out:

http://source.android.com/source/index.html

...

Conspiracy theory, meet conspiracy fact.



Now please tell me why, with all this shit they couldn't identify two rag heads with pressure cookers?

Oh yeah, that's right...

Its not there to take on the people they tell everyone are the terrorists. Its there to take on YOU when we make any headway in taking the power from the Corporations and Banks and putting it back in the hands of the people. Pressure cookers and towel heads they can use to their advantage by promoting even further need to monitor YOU. Eventually we, the supporters of Ron Paul, will find ourselves in our own Concentration Camps. Not because we are terrorists, but because we oppose those who would enslave humanity. And Total Surveillance is one of their greatest assets.

THAT is what it is really there for.

This is just the overt stuff. Its on the up and up. Its largely explaining how to keep your things secure because corporate america is pretty leaky. The NSA is helping with Knox because Android is security swiss cheese. To get an Apple phone up to DoD standard means turning 90% of its functionality off.

The dodgy stuff like prism isn't in this schedule.

What about the undercover NSA operatives employed at Cisco, Juniper, Apple, Facebook, Google, DuckDuckGo, DropBox etc?

Better than putting something in the source, put something in the compilers that adds a backdoor that wasn't in the source.

How many people assemble their own compilers?

Or better yet, put in the CPU and subsystems.

This is just the overt stuff.

What about the undercover NSA operatives employed at Cisco, Juniper, Apple, Facebook, Google, DuckDuckGo, DropBox etc?

Better than putting something in the source, put something in the compilers that adds a backdoor that wasn't in the source.

How many people assemble their own compilers?

Or better yet, put in the CPU and subsystems.

They could put something in the compiler. Ideally, there would be people doing QC to make sure the checksum on the compiler is good, but not every group is that rigorous when they need to get a release out.

Can't trust the OS unless you coded it
Can't trust the code unless you compiled it
Can't trust the executable unless you coded the compiler
Can't trust the compiler unless you wrote the architecture
Can't trust the architecture unless you fabbed the chip

It almost seemed to me to be a test to see how easy it would be for them to insert their code and test the process and that they weren't necessarily adding code that was too malicious THIS TIME.



If you don't like it, take it out:

http://source.android.com/source/index.html

I do a good amount of programming and I am not that comfortable digging into the source and removing or changing things so the amount of people that would be that comfortable doing that would be a low percentage. They know this. It sucks.

It is like if they start building trackers into cars (probably already do) and you don't know much about cars and then you say if you don't like it just figure out how to remove it. You have that option...but it would be easier to buy a car without it if you know next to nothing about cars and electronics like the majority of people.

Isn't Mozilla coming out with an OS?

There seems to be a misconception about what NSA does. Yes, they do intercept everyone's communications, break into computers, bug embassies and crack codes, but there is a flip side to the agency that people rarely talk about. Half their job is defensive. They are the gvmt agency responsible for making sure US computers and communications are secure. A few years ago they even developed and released in source form a secure version of Linux, for example. It didn't have a root account or any root privileges. They also write codes to protect US gvmt communications and other things of a truly defensive nature. For the US gvmt to be able to use android smartphones, they needed to secure services from accessing each other. That's what happened. While you may not feel comfortable reading the source code, some nerd or geek out there is and if they had found anything "funny", they would have screamed about it.

What is more concerning is app policies. About 1/3rd of apps have access to the location service, for example, yet few actually use it. The reason for this is that getting permission to use a service is a pain, so developers ask for more than they currently intend to use so they don't have to go through that again when they develop v2.0 that might use that service. This causes security issues.

-t

Can't trust the OS unless you coded it
Can't trust the code unless you compiled it
Can't trust the executable unless you coded the compiler
Can't trust the compiler unless you wrote the architecture
Can't trust the architecture unless you fabbed the chip

How many of you know the NSA has its own fab?

How many of you know the NSA has its own fab?

I do, but it's limited in how tiny things get. It does do custom circuits, however, and anti-tamper packaging.

-t

Conspiracy theory, meet conspiracy fact.



Now please tell me why, with all this shit they couldn't identify two rag heads with pressure cookers?

Oh yeah, that's right...

It only took what...10 dead people. Look at all the mileage they got out of that. They were able to put a real town under marshal law. They were able to stick another talking point into gun control. They also got to see how everyone reacted. It was a police state bonanza.

How many of you know the NSA has its own fab?

This goes here,,


http://www.youtube.com/watch?v=VlT7F3Hyj48

It is an old video,, but oddly enough,, I had trouble finding a copy of it.

Isn't Mozilla coming out with an OS?

A mobile phone OS, yes.

https://hacks.mozilla.org/wp-content/uploads/2013/01/geeksphone.jpg

https://www.mozilla.org/en-US/firefox/partners/#os (https://www.mozilla.org/en-US/firefox/partners/)

____________________________________________

As is Ubuntu.

http://cdn2.sbnation.com/entry_photo_images/7399419/Xv01-02_18-00-0720_large_verge_medium_landscape.jpg

http://www.ubuntu.com/phone

just the other day... senator mike gravel of alaska was sorta wondering
why our noble & wise senators have not whistleblewn things sky high
prior to edward snowden trying to quiet down his angst and disgust over
d.c politics as usual as the BIG three ohhhhhh looms for him grandly!!!

A mobile phone OS, yes.

Oh, WOW! You mean I can have Bing install itself and resist all attempts to get rid of it on MY PHONE, TOO??!?!!?

SIGN ME UP, NOW!!!!!

:rolleyes:

Oh, WOW! You mean I can have Bing install itself and resist all attempts to get rid of it on MY PHONE, TOO??!?!!?

SIGN ME UP, NOW!!!!!

:rolleyes:

Probably on a Winblows Phone...

Oh, WOW! You mean I can have Bing install itself and resist all attempts to get rid of it on MY PHONE, TOO??!?!!?

SIGN ME UP, NOW!!!!!

:rolleyes:

Mozilla was Netscape, when that closed down shop the company that now makes Firefox bought it up and went with it. Mozilla != M$.

Fun fact of the day: IE was originally called Project Mosiac. Netscape code named their browser project 'Mozilla' as short for 'Mosaic Killa'.

A mobile phone OS, yes.

https://hacks.mozilla.org/wp-content/uploads/2013/01/geeksphone.jpg

https://www.mozilla.org/en-US/firefox/partners/#os (https://www.mozilla.org/en-US/firefox/partners/)

____________________________________________

As is Ubuntu.

http://cdn2.sbnation.com/entry_photo_images/7399419/Xv01-02_18-00-0720_large_verge_medium_landscape.jpg

http://www.ubuntu.com/phone


The future is here.

http://assets.ubuntu.com/sites/ubuntu/499/u/img/devices/converged-device-440x267.jpg

The phone with the heart of a PC

http://www.ubuntu.com/phone

The future is here.

http://assets.ubuntu.com/sites/ubuntu/499/u/img/devices/converged-device-440x267.jpg

The phone with the heart of a PC

http://www.ubuntu.com/phone

I know... That is what I want... a phone that can be a tablet or PC, just by docking it into different devices (like the Asus PadFone2 (http://www.asus.com/Tablets_Mobile/PadFone2), just taking it further to be a full blown PC too). That is their goal.

As long as it affords some control over privacy, that is the caveat for me. Android, iPhone, and Windows Phone don't cut it for me....