Slashdot Mirror
Meet the Hackers Who Get Rich Selling Spies Zero-Day Exploits
Sparrowvsrevolution writes "Forbes profiles Vupen, a French security firm that openly sells secret software exploits to spies and government agencies. Its customers pay a $100,000 annual fee simply for the privilege of paying extra fees for the exploits that Vupen's hackers develop, which the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word. Those individual fees often cost much more than that six-figure subscription, and Vupen sells them non-exclusively to play its customers off each other in an espionage arms race. The company's CEO, Chaouki Bekrar, says Vupen only sells to NATO governments and 'NATO partners' but he admits 'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'"
The question is...how do "I" get into that??!?
Hacking stuff, and protected by 'NATO' government paying you handsomely for the 'service'.
sweet...
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Norton keeps me safe.
I think it will be interesting to see how the governments of the world start to evolve around this new threat.
Step 1. Paint giant bullseye on the top of your corporate office. Write "Insert bomb here," repeatedlty around the edge.
Step 2. Sell digital goods that can be used by sovereign powers to wage war on each other to both sides.
Step 3. ???
Step 4. Profi--Error: Connection reset by peer
#fuckbeta #iamslashdot #dicemustdie
Oh, they only sell to NATO, right? You know, you can TRY to lie to us, but in the end, lying to the CIA is the same as lying to yourself. They know you sell to Iran, China, and every other regime out there.
You're on a shady enough business not to sell to the best offer.
I mean, aren't there laws against doing things like hacking into computers you don't own? Isn't this aiding in a crime? The last time I checked, even government agencies were obliged not to break laws.
Ezekiel 23:20
... if the government (or a private firm working for the government) does it.
Please remember this the next time a cop kicks you in the face.
I'm a good cook. I'm a fantastic eater. - Steven Brust
Wow. That puts huge incentive on planting moles in projects with wide distribution simply for the aim of writing exploitable code.
"To give arms to all men who offer an honest price for them, without respect of persons or principles: to aristocrat and republican, to Nihilist and Tsar, to Capitalist and Socialist, to Protestant and Catholic, to burglar and policeman, to black man white man and yellow man, to all sorts and conditions, all nationalities, all faiths, all follies, all causes and all crimes." - Undershaft
Spook BackDoors In Cisco Routers
- Older news, but still relevant!!
Please save this story and repost it everywhere
Especially in Security Discussion Forum Sites
- You should use OpenBSD or a hardened Linux distro
For a router, NOT these blackboxes offered with
proprietary hardware & firmware!
http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html
"Special Report
Cisco's Backdoor For Hackers
Andy Greenberg, 02.03.10, 01:45 PM EST
The methods networking companies use to let the Feds watch suspects also expose the rest of us.
ARLINGTON, Va. -- Activists have long grumbled about the privacy implications of the legal "backdoors" that networking companies like Cisco build into their equipment--functions that let law enforcement quietly track the Internet activities of criminal suspects. Now an IBM researcher has revealed a more serious problem with those backdoors: They don't have particularly strong locks, and consumers are at risk.
In a presentation at the Black Hat security conference Wednesday, IBM ( IBM - news - people ) Internet Security Systems researcher Tom Cross unveiled research on how easily the "lawful intercept" function in Cisco's ( CSCO - news - people ) IOS operating system can be exploited by cybercriminals or cyberspies to pull data out of the routers belonging to an Internet service provider (ISP) and watch innocent victims' online behavior.
But the result, Cross says, is that any credentialed employee can implement the intercept to watch users, and the ISP has no method of tracking those privacy violations. "An insider who knows the password can use it without an audit trail and send the data to anywhere on the Internet," Cross says.
Cross told Cisco about his findings in December 2008, but with the exception of the patch Cisco released following the revelation of its router bug in 2008, the security flaws he discussed haven't been fixed. In an interview following Cross' talk, Cisco spokeswoman Jennifer Greeson said that the company is "confident in its framework." "We recognize that security is complicated," she said. "We're looking at [Cross'] findings and we'll take them into account."
Cisco isn't actually the primary target of Cross' critique. He points out that all networking companies are legally required to build lawful intercepts into their equipment.
Special Report
Cisco's Backdoor For Hackers
Andy Greenberg, 02.03.10, 01:45 PM EST
The methods networking companies use to let the Feds watch suspects also expose the rest of us.
ARLINGTON, Va. -- Cisco, in fact, is the only networking company that follows the recommendations of the Internet Engineering Task Force standards body and makes its lawful intercept architecture public, exposing it to peer review and security scrutiny. The other companies keep theirs in the dark, and they likely suffer from the same security flaws or worse. "Cisco did the right thing by publishing this," says Cross. "Although I found some weaknesses, at least we know what they are and how to mitigate them."
The exploitation of lawful intercept is more than theoretical. Security and privacy guru Bruce Schneier wrote last month that the Google ( GOOG - news - people ) hackings in China were enabled by Google's procedures for sharing information with U.S. law enforcement officials. And in 2004 and 2005, a group of hackers used intercept vulnerabilities in Ericsson ( ERIC - news - people ) network switches to spy on a wide range of political targets including the cellphone of Greece's prime minister.
All of that, argues IBM's Cross, means that Internet-related companies need to be more transparent about their lawful intercept procedures or risk exposing all of their users. "There are a lot of other technology companies out there that haven't published their architecture
I wonder if they ever go from providing exploits to "remote controlled product support".
Isn't this a violation of the DMCA?
And not just for their offices, but for their homes and the homes, schools and offices of their families, friends and anyone else they might care about.
It strikes me that these are people you don't want to try to play around with and that some might try to influence you to give a better deal to their side than another side, perhaps using things like pictures of your kids walking to school or your wife gardening.
"'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'""
Or worse!
Zorg: I hate warriors, too narrow-minded. I'll tell you what I do like though: a killer, a dyed-in-the-wool killer. Cold blooded, clean, methodical and thorough. Now a real killer, when he picked up the ZF-1, would've immediately asked about the little red button on the bottom of the gun.
[Scene shifts to Aknot, who is staring in confusion at the little red button. He shrugs and pushes it]
Zorg: [Casually smokes a cigarette as the room with the Mangalores blows up] Bring me the priest.
the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word.
NUUU not my slash!fic!! No touching my pr0n!
Oh wait, Microsoft Word required my first-born for payment, so I downloaded OpenOffice. Not on the list, MY PR0N IS SAFE.
You want to know how to help your kids? LEAVE THEM THE F*&K ALONE. --George Carlin
More on Cisco Building Surveillance into Routers
- http://yro.slashdot.org/story/03/04/22/1656215/More-on-Cisco-Building-Surveillance-into-Routers
"The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form." See our earlier story and the RFC for background."
Cisco Support for Lawful Intercept In IP Networks
- http://yro.slashdot.org/story/03/04/17/0024235/cisco-support-for-lawful-intercept-in-ip-networks
"Scary stuff for the privacy advocates out there. Your Internet telephone conversations may soon be tapped by the government. Anyone else concerned about these intercepts being hacked?"
As long as the government agencies don't use them within their own territories against their own citizens then it's fine.
Now add some Nano bots and highly bio-engineered drugs and we can have are own real life TekWars :P
now i wonder if old willy Shatner would scream copyright infringement!
Let the TEKLords make the world go round :) one exploit at a time!
Perspective: Inside Cisco's eavesdropping apparatus
By Declan McCullagh | April 21, 2003 4:00 AM PDT
- http://news.cnet.com/2010-1071-997528.html?tag=fd_nc_1
"Cisco Systems has created a more efficient and targeted way for police and intelligence agencies to eavesdrop on people whose Internet service provider uses their company's routers.
The company recently published a proposal that describes how it plans to embed "lawful interception" capability into its products. Among the highlights: Eavesdropping "must be undetectable," and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form.
Cisco's decision to begin offering "lawful interception" capability as an option to its customers could turn out to be either good or bad news for privacy.
Because Cisco's routers currently aren't designed to target an individual, it's easy for an Internet service provider (ISP) to comply with a police request today by turning over all the traffic that flows through a router or switch. Cisco's "lawful interception" capability thus might help limit the amount of data that gets scooped up in the process.
On the other hand, the argument that it hinders privacy goes like this: By making wiretapping more efficient, Cisco will permit governments in other countries--where court oversight of police eavesdropping is even more limited than in the United States--snoop on far more communications than they could have otherwise.
Marc Rotenberg, head of the Electronic Privacy Information Center, says: "I don't see why the technical community should hardwire surveillance standards and not also hardwire accountability standards like audit logs and public reporting. The laws that permit 'lawful interception' typically incorporate both components--the (interception) authority and the means of oversight--but the (Cisco) implementation seems to have only the surveillance component. That is no guarantee that the authority will be used in a 'lawful' manner."
U.S. history provides many examples of government and police agencies conducting illegal wiretaps. The FBI unlawfully spied on Eleanor Roosevelt, Martin Luther King Jr., feminists, gay rights leaders and Catholic priests. During its dark days, the bureau used secret files and hidden microphones to blackmail the Kennedy brothers, sway the Supreme Court and influence presidential elections. Cisco's Internet draft may be titled "lawful interception," but there's no guarantee that the capability will always be used legally.
Still, if you don't like Cisco's decision, remember that they're not the ones doing the snooping. Cisco is responding to its customers' requests, and if they don't, other hardware vendors will.
If you're looking for someone to blame, consider Attorney General John Ashcroft, who asked for and received sweeping surveillance powers in the USA Patriot Act, along with your elected representatives in Congress, who gave those powers to him with virtually no debate.
I talked with Fred Baker, a Cisco fellow and former chairman of the Internet Engineering Task Force (IETF), about his work on the "lawful interception" draft.
Q: Why did Cisco decide to build "lawful interception" into its products? What prompted this?
A: Cisco's customers, not just in United States but in many countries, are finding themselves served with subpoenas to mandate lawful intercept functionality. Cisco received requests from its customers for this capability.
When I found out about the project, I asked to be involved because I wanted to ensure that it was done in a manner that was as close to balanced as I could get. From an engineering perspective, the easiest thing is to give everything to law enforcement and let them sort it out. But I wanted to d
Might Vupen have been the ones that discovered the exploits used by Duqu & Stuxnet? If they were, then they might know who created Duqu & Stux.
I admit it's good enough for one security researcher, or maybe 1.5, but it's not rich.
If we are talking about millions of dollars then we are talking rich.
And not just for their offices, but for their homes and the homes, schools and offices of their families, friends and anyone else they might care about.
It strikes me that these are people you don't want to try to play around with and that some might try to influence you to give a better deal to their side than another side, perhaps using things like pictures of your kids walking to school or your wife gardening.
There is no easy way for hackers to make money. You'll have to sell to the spies or you don't make money at all because the spies are the ones with the money to pay for security researchers.
As far as them trying to influence for a better deal or exclusive deal this much is obvious.
When you're extorting, don't get greedy. At some point it's cheaper to just get rid of you than to pay you.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
This is true, but "report[ing] it to the appropriate military authority" will nearly always land the reporting person in deep doo doo. I know that from experience. A junior person's word against the CO and the system that is designed to protect the CO.
In practice, when on the field, your commanding officer can kill you on the spot for refusing to follow orders (legal or otherwise). Of course, he will have to answer for doing so, but he can make up any accusation he wants since, you know, dead men tell no tales.
America is known as the land of the free because of the
2nd Amendment. The right to bear arms.
Because guns kill people, they are evil. Those who make guns
are evil. They should be arrested for 'thought crimes.'
What is the logical solution, those of lesser intelligence?
The government (maybe the U.S. is a leader?) should
pay MORE THAN GOOGLE for exploits. Pay a decent salary
to 'security researchers.' Encourage a STRONG WHITE MARKET,
not a gray or black market.
What is the present situation? The French Company is NOT to blame.
They are a 'gray market.' The Black market is allegedly crime organizations.
By PAYING MORE than the 'gray market', the WHITE MARKET accomplishes
the following goals:
1.)render null the zero day vulnerability
2.)encourage needed expertise to the area
yes, that includes even teenagers who do NOT speak English and
write in obscure languages like OCAML.
3.)transparency, which spurs innovation and research.
4.)avoid similarities of the war on illegal drugs.
The war on illegal drugs.
Many articles, including Rolling Stone seem to indicate that WE, the
people, ALL OF US have lost in the war on drugs.
1.)plenty of innocent people kidnapped in Mexico .
2.)price of illegal drugs keeps dropping. The seizures (according to
government numbers) keep getting SUPER-LARGE.
3.)Prohibition of Alcohol worked well in America and we in the USA should
BRING BACK PROHIBITION OF ALCOHOL.
4.)the 'drug cartels' seem to be getting stronger and even more vicious.
There are plenty of automobile accidents in the USA. Auto manufacturers
kill people. Ban all auto manufacturers!
The present situation:
1.)US gets the worst of both worlds. All the expertise goes to FRENCH COMPANY.
Obiviously, they are our allies and would NEVER, NEVER, NEVER spy on our companies.
Airbus competes directly against Boeing. But there are no temptations, right?
2.)US companies including INNOCENT BYSTANDERS are afraid of being sued under the
DCMA or 'Hollywood copying laws.' This is the BEST AND FASTEST WAY TO STOP
small company innovation! RIAA copyright infringement lawsuits.
3.)SONY rootkit is an example of a 'gun maker.' Double standard of justice. SONY spies
via rootkit on INTERNATIONAL BASIS? Who cares? The French company is open and honest,
it appears. Obviously, here the FRENCH are evil. Yes, that includes the Italians are they are
close to France.
Summary: The U.S. is an ANTI-leader or even 'reactionary' in this area. Establish ongoing competitions,
with BIG PRIZES, open even to ELEMENTARY SCHOOL STUDENTS, and yes with REAL CASH MONEY.
Pay for real experts, not the 'fake ones' that seem to be prevalent. Publish the OPEN information about
vulnerabilities and allow fellow citizens to protect themselves.
LASTLY, stoopahs. This INTERNATIONAL TREND is important. Even 'honest security coders' may be
tempted to GET PAID BY A FRENCH COMPANY. Go to France on a 'business expense.' Enjoy
the chocolate and champaign and the company of FRENCH LADIES - ooh, la la! And do good
for NATO, our ally and do LEGAL INTERNATIONAL BUSINESS.
You make plenty of good points. You need to be modded up.
Check out this company: Siege Technologies (http://www.siegetechnologies.com/). I had never heard of them before and have no idea how big they are. But they openly advertise that they have a "Vulnerability Discovery Incentive Plan" in their benefit package (http://www.siegetechnologies.com/careers).
They claim to do work for private companies and the U.S. government. They advertise a "Five year contract awarded to provide DoD with training material on Offensive/Defensive Windows Kernel Security and Development" and are advertising for jobs looking for Reverse Engineers.
As corporations are here for profit, I'm actually suprised something like this exists as companies could "leak" bugs and collect the fees themselves.
Sounds like a good reason for the existence of Napalm to me. I wonder how their browser exploits would work against that?
Terrorist. Why do you hate this county and our freedoms so much? ;-)
Many OS's from an unnamed vendor have carefully crafted exploits coded in for enterprising governments.
It's only when they're discovered that they're patched - too quickly if anyone notices...
I'm the COO of Netragard, one of the companies mentioned in this article. I recommend reading http://pentest.netragard.com/netragards-eap/, and if there's interest, I'd be happy to go into as much detail as I can about how EAP functions, and what to expect from the program.
Nonsense. Steve Ballmer had unilaterally decided that the .Net languages are far too safe (gotta give the Security Services division something to do / the increased revenue should help prop up that stock price...), and has decided that mandating C++ development is the way to go.
I am John Hurt.
BTW, if you want to be taken seriously, you should fix you hyper links, many point to snosoft.com
Figures, they're surrendering before it even becomes an issue.
Vote monkeys into Congress. They are cheaper and more trustworthy.
Government agencies, political officials, corporate CEOs, board members, and banksters all make lots of money off of us, at our expense (in many ways), and it is unethical and illegal in many cases, yet they go unpunished.
Anybody that finds a way to rip them off I say good for you.
You left out your implicit premise that living as a worthless amoral shitheel is better than dying honestly. Without that premise the logic is entirely invalid.
Not everyone thinks life is more important than honor. People willingly sacrifice their lives for their principles all the time.