
Canada's CSE cyberwarfare toolbox revealed - colinprince
http://www.cbc.ca/news/canada/communication-security-establishment-s-cyberwarfare-toolbox-revealed-1.3002978
======
kefs
The Intercept write-up:

[https://firstlook.org/theintercept/2015/03/23/canada-cse-
hac...](https://firstlook.org/theintercept/2015/03/23/canada-cse-hacking-
cyberwar-secret-arsenal)

One of the documents (PDF, 46 pages):

[https://s3.amazonaws.com/s3.documentcloud.org/documents/1690...](https://s3.amazonaws.com/s3.documentcloud.org/documents/1690224/doc-6-cyber-
threat-capabilities.pdf)

------
nvk
The job of a spy agency is to spy, that will never change. The problem I have
is when it starts infringing the rights and freedoms of it's own citizens (ie
C-51).

~~~
elchief
They don't even have to. The NSA will spy on Canadians and then ship CSE the
data.

~~~
hurin
There needs to be a ban on this practice.

I don't know about Canadian law, but most likely the spirit of:

 _The right of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures_

Was certainly not: Ask the Canadians to seize it for you and then they can
give it back to you without due process.

(This is exactly the kind of Hostile Act the NSA should be protecting
American's against, not cooperating with).

------
dguido
[https://s3.amazonaws.com/s3.documentcloud.org/documents/1690...](https://s3.amazonaws.com/s3.documentcloud.org/documents/1690224/doc-6-cyber-
threat-capabilities.pdf)

This is not a "cyberware toolbox." This is an IDS. For real, I bet they are
using Snort inside one of their codeworded intrusion detection/response
systems. Companies try to defend themselves from hackers by analogous systems.
Is this any different?

------
plg
I see two strategies: (1) fight to restrict how much spy agencies spy. (2)
fight to bolster ordinary citizens' use of technologies like encryption so
that they cannot be spied upon.

I would bet that strategy (2) is the more likely one to gain traction and make
a difference against the infringement of our rights as citizens.

~~~
rainforest
The problem with strategy (2) is that the government can take action to stop
it. For example, in the UK it's a criminal offence to withhold encryption keys
in the face of a warrant.

David Cameron also relatively recently argued that encryption should be banned
or controlled to prevent anyone hiding things from the intelligence services.

Widespread deployment of encryption would probably just result in more
offensive tactics from intelligence agencies.

~~~
middleclick
Key disclosure laws fall into this same category. It doesn't matter if you use
full-disk encryption - you have to turn over the keys when asked else you face
imprisonment. TrueCrypt's plausible deniability feature was really helpful; I
wish dm-crypt has something like this.

[https://en.wikipedia.org/wiki/Key_disclosure_law](https://en.wikipedia.org/wiki/Key_disclosure_law)

And this is what happened in Canada recently:

[http://www.cbc.ca/news/canada/nova-scotia/quebec-resident-
al...](http://www.cbc.ca/news/canada/nova-scotia/quebec-resident-alain-
philippon-to-fight-charge-for-not-giving-up-phone-password-at-
airport-1.2982236)

------
an_d_rew
I'm Canadian, and my initial thought was "Yay! We don't suck at something!
Hooray! We're not irrelevant!" followed quickly by "Oh, $hit..." :-(

The worst part is that if this was part of _evidence-based_ policy, strategy,
or tactics, it would at least be _arguably_ not stupid.

Sigh.

~~~
derptacos
Fellow Canadian, definitely cool we have some bleeding edge stuff, just scares
the hell out of me. Trying to convince fellow non-technical friends of what
this means with C-51.

~~~
blake8086
Have you thought about what "we" means there?

------
at-fates-hands
Are we seeing an arms race now in terms of cyberwarfare? It seems like this is
the next "must have" for any nation state arsenal.

Makes you wonder what will be more powerful in five years. These kinds of
weapons that can attack and bring down parts of a countries infrastructure or
a nuclear bomb?

------
devsd0
Not mobile link

[http://www.cbc.ca/news/canada/communication-security-
establi...](http://www.cbc.ca/news/canada/communication-security-
establishment-s-cyberwarfare-toolbox-revealed-1.3002978)

~~~
ChrisArchitect
thx. dismayed that the urls don't match up (by removing the 'm' or whatever).
Boo.

