Results 1 to 7 of 7
  1. #1
    Thailand Expat
    Albert Shagnastier's Avatar
    Join Date
    Mar 2012
    Last Online
    22-03-2015 @ 09:09 PM
    Location
    City of Angels
    Posts
    7,164

    It's not as bad as you thought, it's much worse

    How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks


    Analysis

    A leaked NSA cyber-arms catalog has shed light on the technologies US and UK spies use to infiltrate and remotely control PCs, routers, firewalls, phones and software from some of the biggest names in IT.
    The exploits, often delivered via the web, provide clandestine backdoor access across networks, allowing the intelligence services to carry out man-in-the-middle attacks that conventional security software has no chance of stopping.


    And if that fails, agents can simply intercept your hardware deliveries from Amazon to install hidden gadgets that rat you out via radio communications.
    The 50-page top-secret document, written by an NSA division called ANT, is part of an information dump sent to German magazine Der Spiegel, and expounded upon by journalist Jacob Appelbaum in his keynote to the 30th Chaos Communication Congress in Germany on Monday. You can watch a clearly furious Appelbaum in the video below.

    The dossier is a glorified shopping catalog of technology for spies in the so-called "Five Eyes" alliance of the UK, the US, Canada, Australia, and New Zealand. It gives the clearest view yet of what the NSA, GCHQ and associated intelligence agencies can do with your private data, and how they manage it. Here's an easy-to-digest roundup of what was discussed.


    Satellite and optic-fiber communications stored


    According to Appelbaum, the NSA is running a two-stage data dragnet operation. The first stage is TURMOIL, which collects data traffic passively via satellite and cable taps and stores it – in some cases for up to 15 years – for future reference. The NSA does not consider this surveillance because no human operator is involved, just automatic systems.
    Der Spiegel gave the example of the SEA-ME-WE-4 underwater cable system, which runs from Europe to North Africa, then on to the Gulf states to Pakistan and India before terminating in the Far East. The documents show that on February 13 this year a tap was installed on the line by the NSA that gave layer-two access to all internet traffic flowing through that busy route.
    However, this passive capability is backed up by TURBINE, the active intervention side of the NSA, run by its Tailored Access Operations (TAO) hacking squad. By using a selection of hardware and software tools, not to mention physical measures as we'll see later on, the NSA promises that systems can be hacked "at the speed of light," and the staffers in Maryland even took time to build a LOLcat picture highlighting the capability:



    Sure they own you, but look at the little kitty. Credit: NSA

    "Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies," the NSA said in a statement on the report, adding that TAO's "work is centered on computer network exploitation in support of foreign intelligence collection."


    Windows crash reports boon for spies


    On the subject of operating systems, Appelbaum said the documents revealed subversion techniques against Windows, Linux, and Solaris. In the case of Microsoft, the NSA is monitoring Windows software crash reports to gain insight into vulnerabilities on a target system and exploit them for its own ends.
    “Customers who choose to use error reports send limited information about, for example, the process, application, or device driver, that may have encountered a problem," a Microsoft spokesperson told El Reg in a statement responding to Der Spiegel's report.
    "Reports are then reviewed and used to improve customer experiences. Microsoft does not provide any government with direct or unfettered access to our customer’s data. We would have significant concerns if the allegations about government actions are true."
    NSA buys up security exploits to attack vulnerabilities

    When it comes to active penetration, the TAO team has a system dubbed QUANTUMTHEORY, an arsenal of zero-day exploits that it has either found itself or bought on the open market from operators like VUPEN. Once inside a computer, software dubbed SEASONEDMOTH is automatically secreted and used to harvest all activity by the target in a 30-day period.
    For computers and networks that have firewalls and other security systems in place, the NSA uses QUANTUMNATION, a tool that will scan defenses using software dubbed VALIDATOR to find an exploitable hole, and then use it to seize control using code dubbed COMMENDEER.
    A system dubbed QUANTUMCOPPER also gives the NSA the ability to interfere with TCP/IP connections and disrupt downloads to inject malicious code or merely damage fetched files. Appelbaum said such a system could be used to crash anonymizing systems like Tor by forcing an endless series of resets – and makes the designers of the Great Firewall of China look like amateurs.


    The website you are visiting is really not the website you want


    But it's a scheme dubbed QUANTUMINSERT that Appelbaum said was particularly concerning. The documents show that if a target tries to log onto Yahoo! servers, a subverted local router can intercept the request before it hits Meyer & Co's data center and redirect it to a NSA-hosted mirror site where all activity can be recorded and the connection tampered.
    It's not just Yahoo! in the firing line: QUANTUMINSERT can be set up to automatically attack any computer trying to access all sorts of websites. The code predominantly injects malware into religious or terrorism websites to seize control of vulnerable web browsers and their PCs.
    But the technology has also been spotted monitoring visits to sites such as LinkedIn and CNN.com, and will work with most major manufacturer's routers to pull off its software injection. (If you think using HTTPS will highlight any of these man-in-the-middle attacks, bear in mind it's believed that the NSA and GCHQ have penetrated the security certificate system underpinning SSL/TLS to allow the agencies' computers to masquerade as legit web servers.)

    According to the catalog, Cisco hardware firewalls, such as the PIX and ASA series, and Juniper Netscreen and ISG 1000 products, can have backdoors installed in their firmware to monitor traffic flowing in and out of small businesses and corporate data centers. A boot ROM nasty exists for the Huawei Eudemon firewalls, we're told; Huawei being the gigantic Chinese telcoms electronics maker. Other BIOS-level malware is available for Juniper and and Hauawei routers, according to the dossier.
    "At this time, we do not know of any new product vulnerabilities, and will continue to pursue all avenues to determine if we need to address any new issues. If we learn of a security weakness in any of our products, we will immediately address it," said Cisco in a blog post.
    "As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products."

    Last edited by Albert Shagnastier; 02-01-2014 at 09:49 PM.

  2. #2
    I am in Jail
    Butterfly's Avatar
    Join Date
    Mar 2006
    Last Online
    01-02-2019 @ 03:12 PM
    Posts
    39,832
    at the end of the day it doesn't really matter,

    real terrorists will use a piece of paper with their instructions using a mule in a mountain for delivery,

    meanwhile, teenagers and soccer mom everyday discussions will be archived for posterity

  3. #3
    Thailand Expat
    Albert Shagnastier's Avatar
    Join Date
    Mar 2012
    Last Online
    22-03-2015 @ 09:09 PM
    Location
    City of Angels
    Posts
    7,164
    ^ I think you are missing the point.

  4. #4
    Thailand Expat
    rawlins's Avatar
    Join Date
    Oct 2007
    Last Online
    02-10-2019 @ 11:46 AM
    Posts
    2,942
    The countries that first developed the internet have control over it. Can't argue with that.

    I have declared that I am not a terrorist or member of the Nazi party to homeland security before on paper so have nothing to fear.

    I like being watched.... It justifies my paranoia.

  5. #5
    Thailand Expat
    Albert Shagnastier's Avatar
    Join Date
    Mar 2012
    Last Online
    22-03-2015 @ 09:09 PM
    Location
    City of Angels
    Posts
    7,164
    ^I think you're missing the point too.

  6. #6
    I am in Jail
    Butterfly's Avatar
    Join Date
    Mar 2006
    Last Online
    01-02-2019 @ 03:12 PM
    Posts
    39,832
    Quote Originally Posted by Albert Shagnastier View Post
    ^ I think you are missing the point.
    we got the point, it's actually a good thing, it lets the real freedom fighters some space to fight back because the NSA is too busy monitoring soccer mom and the average guy

  7. #7
    Member
    Bettyboo's Avatar
    Join Date
    Nov 2009
    Last Online
    Today @ 11:14 AM
    Location
    Bangkok
    Posts
    32,200
    Quote Originally Posted by Butterfly
    NSA is too busy monitoring soccer mom
    What channel is that? Sounds hot!

    If these folks are watching me all day long then they're basically Japanese porn addicts; there's not a lot about Maria Ozawa they won't know...
    How do I post these pictures???

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •