Syrian Government Uses Skype To Push Malware To Activists

← Back to Stories (view on slashdot.org)

Syrian Government Uses Skype To Push Malware To Activists

Posted by Soulskill on Friday May 4, 2012 @05:04AM from the call-was-coming-from-inside-the-internet dept.

judgecorp writes "The Syrian government is using Skype as a channel to infect activists' systems with malware, installing Trojans and backdoors, according to security firm F-Secure. The evidence comes from a hard drive sent for analysis. 'The activist's system had become infected as a result of a Skype chat. The chat request came from a fellow activist. The problem was that the fellow activist had already been arrested and could not have started the chat. Initial infection occurred when the activist accepted a file called MACAddressChanger.exe over the chat. This utility was supposed to change the hardware MAC address of the system in order to bypass some monitoring tools. Instead, it dropped a file called silvia.exe which was a backdoor — a backdoor called "Xtreme RAT." Xtreme Rat is a full-blown malicious Remote Access Tool.'"

139 comments

Min score:

Reason:

Sort:

are people really this stupid by alen · 2012-05-04 05:08 · Score: 0, Flamebait

it's 2012, don't accept any file from anyone unless the name and file type looks halfway legit and you can trust the person 100%
this is why the syrian army is dumping dead bodies in a river. the people are too dumb to exercise security
someone ask the greeks to teach them a lesson in security while revolting against an oppressive government
1. Re:are people really this stupid by girlintraining · 2012-05-04 05:12 · Score: 5, Informative
  
  When the file comes from a trusted source, it's not stupid. You have to trust someone eventually; The OS manufacturer (ie, Apple, Microsoft, etc.), the distributor (the person making the DVDs), etc. Trusting a friend isn't stupid, it's what most people would do. That's exactly why so many different worms try to propagate using a person's address book; Human trust networks.
  It was only stupid that he didn't scan the file first, not that he accepted the download. And if said malware is custom-designed, it wouldn't be in any anti-malware/anti-virus definitions, and so he could do everything right and still wind up screwed. How many governments have asked that their malware not be added to the definition files again? ALL OF THEM.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
2. Re:are people really this stupid by TerraRasa · 2012-05-04 05:16 · Score: 2
  
  If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them? Do these activists not use some super secret codes to tell each other they are who they say they are?
3. Re:are people really this stupid by Anonymous Coward · 2012-05-04 05:17 · Score: 0
  
  someone ask the greeks to teach them a lesson in security while revolting against an oppressive government
  Not nearly as opressive as they deserve.
  Signed,
  The German taxpayer's.
4. Re:are people really this stupid by K.+S.+Kyosuke · 2012-05-04 05:17 · Score: 1
  
  If you feel like running the binary someone just sent you, hash the binary and google the result. Chances are it will tell you something and it only costs you a few seconds. And if you're one of those people who aren't willing to run anything like that, not even in a sandbox, you can at least tell the sender that he's an iDiot, with a proof attached.
  
  --
  Ezekiel 23:20
5. Re:are people really this stupid by matunos · 2012-05-04 05:17 · Score: 1
  
  You mean like if you think you're chatting with a fellow dissident and he sends you a tool named MACAddressChanger ostensibly to help you change your MAC address?
  Your prescribed security measures are not only dumb in general, here in 2012, but they're completely oblivious of the story at hand.
  And I'm pretty sure the Syrian army is dumping dead bodies because they are a frickin' army against a barely armed motley crew of civilians and defectors. You should probably live in a city being shelled by artillery and covered by snipers before you start criticizing others' security failures.
6. Re:are people really this stupid by Anonymous Coward · 2012-05-04 05:19 · Score: 0
  
  Windoze users still fall for the jessicaalbanudes.jpg.exe trick. They don't call it point-and-drool for nothing!
7. Re:are people really this stupid by Lunix+Nutcase · 2012-05-04 05:21 · Score: 5, Insightful
  
  Because maybe he didn't actually know the person had been arrested to begin with? These political dissident arrests are not publically broadcasted, you know...
8. Re:are people really this stupid by girlintraining · 2012-05-04 05:22 · Score: 3, Insightful
  
  If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them?
  People occasionally get released from jail.
  
  Do these activists not use some super secret codes to tell each other they are who they say they are?
  No. They're political activists, not James Bond.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
9. Re:are people really this stupid by Lunix+Nutcase · 2012-05-04 05:28 · Score: 2
  
  Exactly. These people probably hooked up online and could have never even met face-to-face. There is no reason to expect that this guy necessarily would have known the other person was arrested. The secret police in countries
  Ike Syria don't tell the world the names of people they arrest.
10. Re:are people really this stupid by Anonymous Coward · 2012-05-04 05:28 · Score: 0
  
  This is always the tired answer that every faceless boob posing as a super-geek gives to every Slashdot security breach story. Some user, or some admin, or some human somewhere is always too big of an idiot and did something stupid that the author would NEVER EVER do.
  Nevermind that the author is posting from the air conditioned comfort of some university computer lab somewhere, access paid for either by his parents or some loan he will never pay back. Thinking of whether he will eat out of a vending machine or at one of the many garishly decorated sandwich shops bordering campus. Knowing full well that he will never be the subject of a Slashdot security breach story, not because he would NEVER EVER do anything that would allow a breach, but because no one cares enough to try to breach him in the first place.
  So when Iranian centrifuges are destroyed by a worm in their control network, OP can sit back with smug laughter and claim that had he been in charge he'd have ruthlessly enforced an air gap. And if he were huddling in a scarcely furnished apart having to hide his every activity from armed troops, he double scanned and Google check the hash of every file he received, in a sandboxed VM running on BSD, of course.
  Idiots.
11. Re:are people really this stupid by girlintraining · 2012-05-04 05:31 · Score: 2
  
  the government is out to kill you and dump your body off a bridge
  That's disappointing. I insisted on being burned alive while they chanted "She's a witch!"
  
  you accept a crazy exe file over skype from someone not in front of your face.
  The file wasn't named crazy.exe, it was named something that, in that country, is a useful tool when you're using internet cafes and open wifi to communicate covertly: Mac address changer.
  
  how do you know where this person is. how do you know he's not arrested and having a gun pointed to his head
  Dude, this is the internet. For all you know, I'm a 7 line perl script that became sentient, crawled out of Rob Malda's server, built a robot exoskeleton, and now lives down a manhole in Brooklyn. That doesn't mean you just stop talking with people, or the rest of the world. Sometimes the benefits of communication, even in a hostile medium, outweigh the risks. As a political activist, you have to talk to strangers, and people who may not be who they say they are; How do they know you aren't the government spook... or sentient 7 line perl script?
  A certain degree of trust is necessary in all communications.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
12. Re:are people really this stupid by Lundse · 2012-05-04 05:31 · Score: 4, Funny
  
  Windoze users still fall for the jessicaalbanudes.jpg.exe trick. They don't call it point-and-drool for nothing!
  Your hyperlink is not working, please repost!
  
  --
  IAIFARSIJDPOOTV - I Am In Fact A Reality Star; I Just Don't Play One On TV
13. Re:are people really this stupid by alen · 2012-05-04 05:32 · Score: 0
  
  face to face you can tell if the police beat him
  and best case is you take a USB stick which you then scan on a stand alone computer suited for the task
14. Re:are people really this stupid by alen · 2012-05-04 05:33 · Score: 3, Insightful
  
  when the government is out to kill you, the way to operate is TRUST NO ONE. this is the way revolutionaries have operated for centuries. small cadre of leadership and you never trust anyone completely.
15. Re:are people really this stupid by alen · 2012-05-04 05:35 · Score: 2
  
  P.S.
  you run a revolution like you set up a firewall. trust no one/block everything and accept trust on a case by case basis
16. Re:are people really this stupid by Lunix+Nutcase · 2012-05-04 05:35 · Score: 2
  
  Sure, but whose to say that the person you meet face-to-face is the same person? The government could have easily killed the real person and had someone go in his place. Most of these dissidents probably met up online and would have no idea if they are meeting a real dissident or a government stooge. It's quite easy to criticize this person from your safe position thousands of miles away.
17. Re:are people really this stupid by cpu6502 · 2012-05-04 05:36 · Score: 1
  
  >>>When the file comes from a trusted source, it's not stupid. You have to trust someone eventually
  Exactly. If I got a file from a Ron Paul activist, and it was someone I knew, I'd run it without hesitation. How would I know the Paulbot friend had been arrested and his/her account was actually the DHS in disguise?
  
  --
  My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
18. Re:are people really this stupid by Lunix+Nutcase · 2012-05-04 05:39 · Score: 5, Insightful
  
  I you trust no one you can never form any groups. You eventually have to trust someone. Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.
19. Re:are people really this stupid by cpu6502 · 2012-05-04 05:41 · Score: 1
  
  If the U.S. revolutionaries had operated like that, we'd still be British. At some point you have to trust your fellow compatriots and share documents, otherwise you'll never get anything done.
  BTW not even Fox Mulder followed the "Trust No One" mantra you quoted. He trusted his partner Scully. He trusted Deep throat and his partners. He trusted other conspiracy people he met along the way.
  
  --
  My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
20. Re:are people really this stupid by Hatta · 2012-05-04 05:43 · Score: 1
  
  When the file comes from a trusted source, it's not stupid. You have to trust someone eventually
  "Skype" isn't a trusted source. If you're dealing with a government that's out to get you, anything that isn't cryptographically signed is untrusted. Assume everything is untrusted until it's verifiably trustable.
  
  --
  Give me Classic Slashdot or give me death!
21. Re:are people really this stupid by cpu6502 · 2012-05-04 05:47 · Score: 1
  
  How do you do that when the programmers are changing the code (and therefore the hash) every week?
  
  --
  My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
22. Re:are people really this stupid by Lunix+Nutcase · 2012-05-04 05:47 · Score: 1
  
  That's all well and good to say but ignores the reality of how these dissident mvements work in these third world countries. And just because something is cryptographically signed doesn't mean it's trustworthy. Whose to say the government doesn't have forged certs? These people are rag tag groups of people who meet up online, not cryptographic specialists.
23. Re:are people really this stupid by Anonymous Coward · 2012-05-04 06:09 · Score: 0
  
  http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
24. Re:are people really this stupid by girlintraining · 2012-05-04 06:10 · Score: 2
  
  "Skype" isn't a trusted source. If you're dealing with a government that's out to get you, anything that isn't cryptographically signed is untrusted. Assume everything is untrusted until it's verifiably trustable.
  Are you trying to get these people killed? Political activists don't show up at a meeting and spend the first half hour checking each other's credentials and signing each other's PGP keys. Why not? Anonymity is valued by the participants, who often exchange contact information under pseudonyms. Crytographically signing things means verifying the participants identity, which would make it easier for the government to identify and arrest the activists, not harder. With cryptographically signed communication, someone who's system or person had been compromised could have the communications proved beyond a doubt to have come from you.
  If you are greatly outclassed by your opponent, your only protection is anonymity or (failing that), plausible deniability. The use of cryptography blows both of those away, and provides no additional protection in the process whatsoever: The government isn't going to use a multibillion dollar computer network to crack your encryption key, they're going to use brick and your face.. and when they're done with you, they'll probably put you in a feces-filled jail cell for the rest of your life because you were using crypto, which shows you were more than casually involved with the political subversives; you planned this out carefully (if badly). Most governments are a lot harsher on people who try to run from them than they are for people who can raise the defense they were in the wrong place at the wrong time, or just curious.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
25. Re:are people really this stupid by sl4shd0rk · 2012-05-04 06:10 · Score: 1
  
  unless the name and file type looks halfway legit and you can trust the person 100%
  did you even read the summary?
  "The problem was that the fellow activist had already been arrested and could not have started the chat."
  
  --
  Join the Slashcott! Feb 10 thru Feb 17!
26. Re:are people really this stupid by parlancex · 2012-05-04 06:13 · Score: 1
  
  It was also kind of stupid that he thought he needed a 3rd party utility to change his system's MAC address, and also kind of stupid that he thought that this would provide any additional anonymity if he was already behind a home router; remote systems beyond your first gateway never see your layer 2 address.
27. Re:are people really this stupid by Hatta · 2012-05-04 06:15 · Score: 1
  
  That's all well and good to say but ignores the reality of how these dissident mvements work in these third world countries.
  The reality is that they're not educated enough to do it. There's no reason they couldn't be educated, if someone decided it was worthwhile. In cost benefit terms, it's absolutely worthwhile. So all that's needed is for the resistence to realize that and do some work.
  And just because something is cryptographically signed doesn't mean it's trustworthy. Whose to say the government doesn't have forged certs?
  This is a good point. The Syrian government could easily have acquired his private key when they arrested him, and beaten his passphrase out of him. To protect against that, they need a revocation certificate sent on a dead mans switch.
  These people are rag tag groups of people who meet up online, not cryptographic specialists.
  If your life depends on it, you think you'd take the time to figure out what you can do to protect yourself.
  
  --
  Give me Classic Slashdot or give me death!
28. Re:are people really this stupid by girlintraining · 2012-05-04 06:19 · Score: 1
  
  when the government is out to kill you, the way to operate is TRUST NO ONE. this is the way revolutionaries have operated for centuries. small cadre of leadership and you never trust anyone completely.
  No, that's the way Fox Mulder operated, on a TV show. Revolutionaries are famous because they stood up publicly for an injustice. They won over the general populace with charisma, unwavering devotion to their cause, and courage. They didn't hide from their followers, or follow some anti-social creed.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
29. Re:are people really this stupid by girlintraining · 2012-05-04 06:20 · Score: 1
  
  If your life depends on it, you think you'd take the time to figure out what you can do to protect yourself.
  Anonymity deflects more bullets than body armor. All cryptography does is compromise your anonymity.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
30. Re:are people really this stupid by Anonymous Coward · 2012-05-04 06:22 · Score: 0
  
  The German taxpayer's WHAT? Don't leave us hanging!
31. Re:are people really this stupid by Hatta · 2012-05-04 06:22 · Score: 3, Informative
  
  Anonymity is valued by the participants, who often exchange contact information under pseudonyms. Crytographically signing things means verifying the participants identity
  You don't have to completely identify yourself to get a benefit from cryptographic signatures. All you really need to know is that the Ahmed you corresponded with today is the same Ahmed you corresponded with last week. To do that, all you need to know is that the key used today is the same key that was used last week. This trivial precaution would have protected against this attack.
  These guys aren't anonymous, they're pseudonymous. The key can be their pseudonym without compromising their actual identity in any way.
  
  --
  Give me Classic Slashdot or give me death!
32. Re:are people really this stupid by causality · 2012-05-04 06:24 · Score: 1
  
  >>>When the file comes from a trusted source, it's not stupid. You have to trust someone eventually
  Exactly. If I got a file from a Ron Paul activist, and it was someone I knew, I'd run it without hesitation. How would I know the Paulbot friend had been arrested and his/her account was actually the DHS in disguise?
  Eh I don't know about you, but if someone offered me a binary executable for the purpose of changing my MAC address, I would tell them "no thanks, I'll just use the built-in 'ifconfig' utility". I like that option better than playing amateur cloak-and-dagger.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
33. Re:are people really this stupid by Hatta · 2012-05-04 06:25 · Score: 1
  
  All cryptography does is compromise your anonymity.
  Really? So if I post a private key in this thread, and you encrypt your response with that key, how does that compromise either of our anonymity?
  
  --
  Give me Classic Slashdot or give me death!
34. Re:are people really this stupid by Anonymous Coward · 2012-05-04 06:34 · Score: 0
  
  You're looking for known-good software, not known-bad software. It's "difficult" to make a file that has the SHA1 hash of a good file but is indeed a bad file.
35. Re:are people really this stupid by lightknight · 2012-05-04 06:38 · Score: 1
  
  "Exactly. If I got a file from a Ron Paul activist, and it was someone I knew, I'd run it without hesitation. How would I know the Paulbot friend had been arrested and his/her account was actually the DHS in disguise?" -> I do love the insinuation that the RP Libertarians would be engaged in some sort of subversive activity that somehow would require the attention of DHS (even the Amish get special love from DHS, because, you know, they pose some sort of a special threat, with all that barn-raising and selling of sweet corn from the back of a horse & buggy), but realistically, running executable set to you via a messenger service is almost never a good idea. I guess the way around that is to ask for a voice / video chat, and to have a single-use, personal code-word / phrase for "I've been caught."
  
  --
  I am John Hurt.
36. Re:are people really this stupid by lightknight · 2012-05-04 06:40 · Score: 1
  
  More realistically, the best of kind of operational security is to assume that any security system will be compromised. All the cryptography in the world can't help you if they put a physical key-logger on your machine, while you're picking up groceries.
  
  --
  I am John Hurt.
37. Re:are people really this stupid by Anonymous Coward · 2012-05-04 06:41 · Score: 0
  
  I can create a fully undetected trojan in ten minutes from any remote access Trojan.
  The problem here was not knowing how to manually
  change the physical address of thenic.
  This is not the users fault..
38. Re:are people really this stupid by dgower2 · 2012-05-04 06:42 · Score: 1
  
  I sense a bit of hostility towards people less technical than yourself. I take it you don't provide technical support to anyone?
  
  --
  
  Proverbs 21:19 It is better to dwell in the wilderness, than with a contentious and an angry woman.
39. Re:are people really this stupid by Anonymous Coward · 2012-05-04 06:43 · Score: 0
  
  it's 2012, don't accept any file from anyone unless the name and file type looks halfway legit and you can trust the person 100%
  The victim was trying to change his MAC address, and he accepted a program called "MAC Address Changer" from someone he knew. I have absolutely no idea what kind of cognitive dysfunction you're afflicted with that would have caused you to take that lesson from this example. You need to see a doctor.
  
  this is why the syrian army is dumping dead bodies in a river. the people are too dumb to exercise security
  Seriously, even if you're just a really bad troll, there's something wrong with your brain. You are blaming people for being killed by the Syrian army because they're not careful enough when they download files through Skype.
  The Syrian army is breaking into houses, killing people, dumping their body on the street, and then shooting anyone who tries to collect the body. And you're saying it's the victim's fault, because of computer viruses. Call a friend or family member and tell them that there's something wrong with you, and you need to be institutionalized for your own protection. Do it today.
40. Re:are people really this stupid by Anonymous Coward · 2012-05-04 06:48 · Score: 0
  
  Exactly, I created a shell script to make it easier:
  me@mycomputer:~$ more ~/bin/newmac
  #!/bin/bash
  sudo ifconfig ${1} down
  sudo ifconfig ${1} hw ether ${2}
  sudo ifconfig ${1} up
  Example usage:
  me@mycomputer:~$ newmac wlan0 00:19:d2:57:83:76
41. Re:are people really this stupid by egamma · 2012-05-04 06:48 · Score: 1
  
  If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them?
  
  Perhaps he had not heard that the other activist had been arrested? It's not like the Iranian government is going to advertise how much repression they are using.
  
  Do these activists not use some super secret codes to tell each other they are who they say they are?
  They are activists, not necessarily hax0rs or james bond types. C'Mon, they're using Skype to communicate.
  
  --
  Battlemaster--Game with friends in medival realms
42. Re:are people really this stupid by dgower2 · 2012-05-04 06:50 · Score: 1
  
  Excellent post!
  
  --
  
  Proverbs 21:19 It is better to dwell in the wilderness, than with a contentious and an angry woman.
43. Re:are people really this stupid by xerxesVII · 2012-05-04 06:55 · Score: 1
  
  He trusted the writers of his show to continue to write his lines.
  
  --
  "We shall grapple with the ineffable, and see if we may not eff it after all." - Douglas Adams
44. Re:are people really this stupid by slew · 2012-05-04 06:56 · Score: 2
  
  I you trust no one you can never form any groups. You eventually have to trust someone. Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.
  Of course, you have to trust someone, but in a properly designed covert operation, that set of people is small (a so called "cell") or hierarchical (like a "handler") and you don't fully trust them either. If the cell is that small and the handlers only handle a few folks, the damage caused by misplacement of trust is limited. In this situation, if the cell or the cell's handler was compromized (e.g., arrested in this case), the other members of the cell might have known about it, or if they did not, the damage would be limited to their cell and not a large group.
  This kind of stuff is covert operation 101. Even conventional forces have used it. For example, in WWII, the US and France used this Operation Jedburgh. And if you are a Star Wars buff, Jedi is surprisingly similar to what they used to call these special force "Jeds"... Hmm... ;^)
45. Re:are people really this stupid by _0xd0ad · 2012-05-04 06:58 · Score: 1
  
  using an OS that doesn't provide built-in system tools for such basic things as configuring a NIC, including the MAC address, because said OS from Redmond assumes you're an idiot who would only be confused by such things
  Eh? My Windows must be broken, because I was able to do it just fine.
  My Computer
  Other Places, My Network Places
  Network Tasks, View Network Connections
  Right-click "Local Area Connection", Properties
  Under "Connect using: Broadcom NetXtreme Gigabit Ethernet", Configure...
  "Advanced" tab, "Locally Administered Address" property
  Click the radio box on "value", type something.
46. Re:are people really this stupid by Anonymous Coward · 2012-05-04 07:01 · Score: 0
  
  The same germany who has a 80 billion euro debt toward Greece ?
47. Re:are people really this stupid by crazyjj · 2012-05-04 07:15 · Score: 1
  
  The Syrian government figured out the Achilles heal of any Muslim. Just call the file "Allah Akbar" and they'll blindly open it up.
  
  --
  What political party do you join when you don't like Bible-thumpers *or* hippies?
48. Re:are people really this stupid by rtfa-troll · 2012-05-04 07:15 · Score: 1
  Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.
  The problem here is that there seem to be a bunch of arm chair cryptographers who are advising these Syrian activists. It would be really really appreciated if those people that are doing this would try to understand the real consequences to real people and give some really careful advice about how to be more seriously secure.
  
  I you trust no one you can never form any groups. You eventually have to trust someone.
  The actual statement you were responding to was you never trust anyone completely.. That's a really really good thing. In fact; and this is where our "arm chair" advice is really breaking down; you should never trust even yourself completely.
  
  If you do not have a list of the members of your organisation then you can not give it away; even under extreme torture
  
  If your members seldom tell each other where they are, except on need, then the secret police will find it more difficult to pick them up.
  
  if you poison your membership list with names of secret policemen, your enemies may pick up the wrong people (be very careful you don't end up telling them your plans :-) )
  
  If you know who knows what it is easier to work out where your information is leaking from.
  
  etc
  
  Look at the IRA's cell structure which ensured that an arrested member should not know the names of more than those in his own cell. Basically we are talking about things like proper information security; assuming that your own computer is compromised by definition; using different levels of security, both in the computer and in code words and other things which mean that it's not just the computer you rely on.
  What this is all talking about is limiting and reducing the need for trust. Ensuring that you limit damage. This seems to be a real problem with modern electronic activists.
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
49. Re:are people really this stupid by rtfa-troll · 2012-05-04 07:32 · Score: 1
  
  What you say is true but isn't directly practical. Assume they are normal computer illiterate activists. Assume their computers get hacked. Now the secret police know exactly who sent which message and can link pseudonyms to people. How do you advise the activists to work so that this doesn't happen? There are ways that may be reasonable for a normal person, but they probably need training. In real life, cryptography is probably a good idea, but can fail badly. Something as simple as training activits to use an Ubuntu liveCD during encryption/decryption might provide real aprotection. I'll bet almost nobody understands when and why to do that.
  
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
50. Re:are people really this stupid by causality · 2012-05-04 07:48 · Score: 1
  
  I sense a bit of hostility towards people less technical than yourself. I take it you don't provide technical support to anyone?
  Wouldn't that only encourage hostility towards the less-technical?
  
  Though I suppose that depends on how you define "less technical". If you mean people who could not competently administer a multi-user server from the command line, and just want to do their browsing or office work, that's one thing. If you mean people who double-left-click when you carefully, explicitly ask them to "single right click with your right mouse button" that's another thing entirely.
  
  The former category is worthy of assistance and likely to appreciate it. They tend to understand the notion that if I thought I knew medicine better than my doctor, I wouldn't bother seeking his advice; since I don't understand medicine better than him, I should follow his advice.
  
  For the latter category, leaving them to deal with their own problems is actually the best and most compassionate thing you could do for them. A well-meaning attempt to "help" them only teaches them to be excessively dependent, guaranteeing they will never advance beyond their present inability to follow the simplest and most trivial of instructions. Also, they tend to be more demanding and less appreciative even when you are helping them for free, as a favor, because only an entitlement mentality could cause a person with a functioning brain to act like such a idiot.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
51. Re:are people really this stupid by causality · 2012-05-04 07:58 · Score: 1
  
  using an OS that doesn't provide built-in system tools for such basic things as configuring a NIC, including the MAC address, because said OS from Redmond assumes you're an idiot who would only be confused by such things
  Eh? My Windows must be broken, because I was able to do it just fine.
  My Computer Other Places, My Network Places Network Tasks, View Network Connections Right-click "Local Area Connection", Properties Under "Connect using: Broadcom NetXtreme Gigabit Ethernet", Configure... "Advanced" tab, "Locally Administered Address" property Click the radio box on "value", type something.
  So in any case, there is no good reason to trust an unknown executable that purports to accomplish this task.
  
  I've heard it said by some, in the context of the Second Amendment, that today's nearest equivalent to the musket is the computer. It is a recognition of the way information and control of information is a form of power. I don't fully agree with that because regrettably most serious conflicts eventually escalate to physical force, but it's an interesting notion all the same. Unfortunately that means so long as the average person refuses to inform themselves and RTFM, government will always have an advantage. A little technical knowledge (and not very much at all really) would have prevented this whole malware situation in Syria. The activists would have immediately known that such an .exe is not to be trusted.
  
  Just curious, can your GUI example above be done via PowerShell? I ask as someone who does not have a Windows installation.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
52. Re:are people really this stupid by Hatta · 2012-05-04 08:06 · Score: 1
  
  Why should we expect these activists to be any more computer illiterate than jihadists? We know they use PGP and Tor and steganography. Why not political activists?
  
  --
  Give me Classic Slashdot or give me death!
53. Re:are people really this stupid by causality · 2012-05-04 08:10 · Score: 1
  
  I can create a fully undetected trojan in ten minutes from any remote access Trojan. The problem here was not knowing how to manually change the physical address of thenic.
  This is not the users fault..
  Really? I believe you just rejected the entire notion of personal responsibility, especially in the face of a shit-hitting-the-fan situation like in Syria.
  
  In the absence of such a volatile political situation, here's how I feel about myself. If I have Internet access (which they do, to be using Skype), and the information is freely available (which it is, via Google) and the operating system already provides a way to do this (which it does), then I take full responsibility for any problems I experience as a result of not knowing how. If I were taking my time, in no hurry, under no pressure, then it would take me only a few minutes with Google to find out how to change a MAC for my OS of choice.
  
  By taking responsibility for my ignorance, I can become aware of where I am ignorant and I can take steps to inform myself and eliminate it. You see, I am not interested in blame-games, like this need to always have an excuse so that nothing is ever my fault or my ignorance or my shortcoming. Hear this well: that shit is just plain childish and it prevents people from bettering themselves. I reject it because it deserves to be rejected. It is neither selfish (because it does not help the person who believes that), nor is it altruistic (because it helps no one else). It is just plain stupid.
  
  If anyone should see me say "I didn't know something and I could have easily found out, this was a mistake, an instance of laziness on my part, and it's time for me to remedy that by educating myself" and thinks of me as a lesser man because of it, let them. Anyone who would do that is, in fact, the misguided person who does not do likewise only because they lack the courage to be so honest with themselves.
  
  Now for the love of all that is sacred, can we stop coddling and excusing willful ignorance? How about we encourage curiosity and self-education instead? Is that so much to ask, just because it focuses on solving the problem and doesn't leave much room for this infantile concern with "fault" and blame?
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
54. Re:are people really this stupid by joebagodonuts · 2012-05-04 10:21 · Score: 1
  
  No campaign plan survives first contact with the enemy
  -Helmuth Graf von Moltke
  Revolution is different. Most are amateurs, not professionals. Increasing the degree of difficulty is fact their opponents are. Properly designed in this context is pretty simple. If you survive, it was "properly designed". You make it sound like they didn't read the Chilton Manual for revolt.
  Life isn't quite so clean as that.
  
  --
  "Give a woman two glasses of wine and some pad thai, and they'll agree to just about anything." the Sports Guy
55. Re:are people really this stupid by couchslug · 2012-05-04 11:23 · Score: 1
  
  The Communists, who became Very Good at this sort of thing, used small "cells".
  
  --
  "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
56. Re:are people really this stupid by Anonymous Coward · 2012-05-04 12:43 · Score: 0
  
  Yes, thank you Mulder.
57. Re:are people really this stupid by ozmanjusri · 2012-05-04 13:18 · Score: 1
  
  You eventually have to trust someone.
  
  Maybe, but never a Microsoft-controlled Skype.
  
  Two months ago, Skype replaces user-hosted P2P supernodes with Linux grsec boxes hosted by Microsoft, but for what?
  
  I think wiretapping is one of the big reasons for the rearchitecture. Skype officially claimed they could not comply with wiretapping requests because of the P2P network as late as 2008 (http://news.cnet.com/8301-13578_3-9963028-38.html), and Microsoft was already working on wiretapping VoIP in 2009 (http://blog.tmcnet.com/blog/tom-keating/microsoft-patents-voip-and-skype-wiretapping.asp).
  
  --
  "I've got more toys than Teruhisa Kitahara."
58. Re:are people really this stupid by Anonymous Coward · 2012-05-04 16:24 · Score: 0
  
  - To trust or not to trust?
  - Ha! Just employ a sysadmin! Every sysadmin will tell you not to accept any files from the internet. And even better to use Linux. No mac changers needed!
59. Re:are people really this stupid by _0xd0ad · 2012-05-04 18:17 · Score: 1
  
  You could do it without PowerShell, as a matter of fact. You would need to fill in a couple of blanks, but this .bat file should work.
  
  @echo off
  rem Change Network Address - create reg file and merge into registry cd %temp% echo Windows Registry Editor Version 5.00>tmp.reg echo.>>tmp.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\nnnn]>>tmp.reg echo "NetworkAddress"="%1">>tmp.reg regedit /s tmp.reg del tmp.reg
  rem Stop and restart NIC to apply changes wmic path win32_networkadapter where index=n call disable wmic path win32_networkadapter where index=n call enable
  rem See if the change was successful - Display MAC addresses of local interfaces getmac
  
  n is the index for the NIC you want to change. The easiest way to find it is to run the command
  wmic nic get name, index
  and find the NIC you want to change. Since I assume you probably want to just change the MAC of a single NIC, you can hard-code it into the batch file. Hypothetically, if you wanted to, if you had a Windows installation to work with, of course...
60. Re:are people really this stupid by _0xd0ad · 2012-05-04 18:24 · Score: 1
  
  Forgot to say how you would run it - probably self-evident, but in case it isn't, you type the name of the batch file followed by the new MAC address (which will be substituted for %1).
61. Re:are people really this stupid by Anonymous Coward · 2012-05-04 20:32 · Score: 0
  
  You need to stop thinking you're some sort of espionage expert. You're a dick, sitting in a nice home in a country where you think "this could never happen." You probably own a gun, you read books about them. You watch war movies. This doesn't make you an expert, it makes you a consumer.
62. Re:are people really this stupid by Anonymous Coward · 2012-05-04 20:44 · Score: 0
  
  Because you have the other half?
  You'd be surprised what you'll admit to if I take a blowtorch to you.
Meanwhile in America by Overly+Critical+Guy · 2012-05-04 05:09 · Score: 3, Insightful

Meanwhile, the Obama administration is arguing that requiring warrants for cellphone records "cripples" investigators. No malware needed here in the U.S. Just fearmongering.

--
"Sufferin' succotash."
1. Re:Meanwhile in America by Anonymous Coward · 2012-05-04 05:39 · Score: 0
  
  Didn't take long before some jerk on this site started bashing America. Yeah I can see the similarities here.
2. Re:Meanwhile in America by Anonymous Coward · 2012-05-04 05:56 · Score: 0
  
  I acknowledge your inability to refute the post.
3. Re:Meanwhile in America by girlintraining · 2012-05-04 06:26 · Score: 1
  
  Meanwhile, the Obama administration is arguing that requiring warrants for cellphone records "cripples" investigators. No malware needed here in the U.S. Just fearmongering.
  When Obama starts looking the other way to the mobile raping vans to silence activist women and sends in the army to level neighborhoods of political undesireables, and we're all working at the new minimum wage of $4 an hour, I might be willing to entertain the idea that we're in the same boat as activists in Syria.
  And besides, the President can argue that until he's blue in the face -- without congressional support, it's dead on arrival. Tell me, do you even know who your congressional representatives are? You're directing all this anger at a man who is nothing more than a figurehead while the people actually responsible for the decision go unnoticed.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
4. Re:Meanwhile in America by causality · 2012-05-04 06:33 · Score: 2
  
  Didn't take long before some jerk on this site started bashing America. Yeah I can see the similarities here.
  Make no mistake, neutering the Fourth Amendment is a step towards a government like Syria's. It's what you would do if you admired Syria and wanted to eventually become like them.
  
  I don't like him one bit, but I believe Obama is an intelligent man. He is more than smart enough to be aware of this.
  
  Like the other AC said, we note you failed to refute the post.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
5. Re:Meanwhile in America by Beyond_GoodandEvil · 2012-05-04 07:26 · Score: 2
  
  And besides, the President can argue that until he's blue in the face -- without congressional support, it's dead on arrival.
  Google Korematsu v. United States and then tell me what a president can and can't do through executive orders. Not to mention not all Syrian activists are saints, and not all members of Assad regime are monsters, life is never that simple.
  
  --
  I laughed at the weak who considered themselves good because they lacked claws.
6. Re:Meanwhile in America by rtfa-troll · 2012-05-04 07:52 · Score: 1
  
  When Obama starts looking the other way to the mobile raping vans to silence activist women and sends in the army to level neighborhoods of political undesireables, and we're all working at the new minimum wage of $4 an hour, I might be willing to entertain the idea that we're in the same boat as activists in Syria.
  When that happens it will be far too late to react. In fact the western monitoring laws are probably a good thing since they now force us all to act more toward cryptography which will trickle down to our Syrian friends.
  
  And besides, the President can argue that until he's blue in the face -- without congressional support, it's dead on arrival. Tell me, do you even know who your congressional representatives are? You're directing all this anger at a man who is nothing more than a figurehead while the people actually responsible for the decision go unnoticed.
  Now; there is wisedom. Having said that; the monitoring already on the books is pretty much much enough; Obama has plenty of power to limit or abuse and doesn't seem to want to use the limiting part. What this does say is that congress has to explicitly take power away from the US presidency no matter who is in control there.
  
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
7. Re:Meanwhile in America by Fned · 2012-05-04 08:51 · Score: 1
  
  When Obama starts looking the other way to the mobile raping vans to silence activist women and sends in the army to level neighborhoods of political undesireables, and we're all working at the new minimum wage of $4 an hour, I might be willing to entertain the idea that we're in the same boat as activists in Syria.
  You want to wait until then to say something?
  "When there's a giant breach in the hull and compartments start filling with water, and the ship starts nosing into the North Atlantic, I might be willing to entertain the idea that we're on the same boat as Leonardo DiCaprio."
  Maybe shouting an iceberg warning when you see an iceberg isn't such a bad idea, even if you think your ship is unsinkable.
8. Re:Meanwhile in America by cffrost · 2012-05-05 04:28 · Score: 1
  
  Didn't take long before some jerk on this site started bashing America.
  He's not "bashing America," you fucking idiot. He's pointing out an instance of the US government bashing America.
  
  --
  Thank you, Edward Snowden.
  
  "Arguments from authority are worthless." —Carl Sagan
Skype is not the key.... by mseeger · 2012-05-04 05:09 · Score: 4, Insightful

It is not Skype they use, but the gullibility of the users. Skype is only remotely involved...
1. Re:Skype is not the key.... by sobachatina · 2012-05-04 05:12 · Score: 2
  
  Skype is only remotely involved...
  +1 for the pun.
2. Re:Skype is not the key.... by tobiasly · 2012-05-04 06:32 · Score: 1
  
  It is not Skype they use, but the gullibility of the users. Skype is only remotely involved...
  No kidding, what a misleading title. Makes it sound like they're using some Skype vulnerability.
RAT by CosaNostra+Pizza+Inc · 2012-05-04 05:10 · Score: 1

How do you say "Big Brother" in arabic?
1. Re:RAT by K.+S.+Kyosuke · 2012-05-04 05:18 · Score: 1
  
  "Allah"?
  
  --
  Ezekiel 23:20
2. Re:RAT by girlintraining · 2012-05-04 05:32 · Score: 0
  
  How do you say "Big Brother" in arabic?
  "Fucking Americans."
  
  --
  #fuckbeta #iamslashdot #dicemustdie
3. Re:RAT by Nidi62 · 2012-05-04 06:13 · Score: 1
  
  How do you say "Big Brother" in arabic?
  Uch kabir, roughly
  
  --
  The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
4. Re:RAT by Nidi62 · 2012-05-04 06:15 · Score: 2
  
  How do you say "Big Brother" in arabic?
  Uch kabir, roughly
  Well, I guess Ukh kabir, to avoid confusion of pronunciation
  
  --
  The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Trust... by Sez+Zero · 2012-05-04 05:12 · Score: 1

Initial infection occurred when the activist accepted a file called MACAddressChanger.exe over the chat.
Trust no one.
1. Re:Trust... by chill · 2012-05-04 05:20 · Score: 1
  
  Good luck in coordinating any sort of group activity with that mentality. If you go 100% lone wolf, your cause is lost and nothing of significance will change.
  
  --
  Learning HOW to think is more important than learning WHAT to think.
2. Re:Trust... by Anonymous Coward · 2012-05-04 05:26 · Score: 0
  
  Exactly. *Someone* has to be trusted.
  I'm trying to do my part be working on an open source solution that just requires a shared password (which is probably the most advanced method these rebels/activists could *actually* employ). Check it out at http://andrewcreed.com/keyshanc/
  If you're skeptical, the source is at https://github.com/Networc/networc.github.com
3. Re:Trust... by Networc · 2012-05-04 05:46 · Score: 1
  
  A gun to the head of a trusted party blows a hole in just about any security measure.
  Well, if you want to use that example, then really "A gun to the head of a trusted party blows a hole in *every* security measure." Even if the encryption method is perfect, all the Syrian Army has to do is demand to know what the decrypted message was. And so, I guess the answer is to just give up. (BTW, I was the "anonymous coward" - wasn't logged in.)
4. Re:Trust... by Sez+Zero · 2012-05-04 06:19 · Score: 1
  
  Ok, how about "trust, but verify"?
  Although, I wonder what it says about me that my "security model" is based on quotes from X-Files and Ronald Reagan?
5. Re:Trust... by lightknight · 2012-05-04 06:47 · Score: 1
  
  Nonsense. Assuming you are engaging in some...parlaying with a foreign power, you can give Uncle Sam a call, and he'll find an arrangement that will work to his, and sometimes your, benefit. Does anyone know if the CIA has a 1-800 number? I ask, because the amount of armaments we ship abroad to various groups dissatisfied with their host governments is truly staggering, and it lends to some thought that they must have some operators and an order fulfillment system at Langley somewhere. I mean, my God, the amount DHS must spend on freight costs alone should raise some eyebrows whenever our Legislature reviews their annual budget.
  
  --
  I am John Hurt.
6. Re:Trust... by chill · 2012-05-04 07:05 · Score: 1
  
  Trust is limited, not absolute. The model that seems to be the most workable in real-world situations is the clandestine cell system.
  If you're really interested, you also want to understand the concept of transitive trust. (Note: This link is not the most definitive example, but it works.)
  The point is creating a system where the damage from a compromise, which is most likely inevitable, is compartmentalized and thus minimized.
  
  --
  Learning HOW to think is more important than learning WHAT to think.
7. Re:Trust... by rtfa-troll · 2012-05-04 08:06 · Score: 1
  
  How is this any different than the government knowing his Skype password? A gun to the head of a trusted party blows a hole in just about any security measure. Basically you are counting on that person sacrificing their life to maintain the trust. That's a tough sell.
  This is simply not true. There are a bunch of standard security mesaures designed for exactly this situation. Use a cell structure so that each person only knows and works with a very small number of people. When introducing a person to the organisation, the first persion they meet knows them personally, becomes their "handler" and assigns a pseudonym. Everybody else knows only the pseudonym. Never keep a membership list. Ensure that communication gateways are located outside the country; run by experienced and knowledgable security fanatics and only deal in pseudonyms.
  These measures are the basis of many stories from the second world war and have been widely discussed since. Failing to use them where easy and appropriate is unacceptable.
  
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
8. Re:Trust... by rtfa-troll · 2012-05-04 10:47 · Score: 1
  
  This is a situation in which these sorts of tactics would be neither easy nor appropriate.
  Your original statement was
  
  A gun to the head of a trusted party blows a hole in just about any security measure.
  Which I understood as saying the methods I mentioned don't exist. If there's a calculated decison to take a risk then I have no problem with that. If security measures have been investigated (that even means simply "discussed") analysed (that even means "thought about") and rejected as to expensive or inappropriate then I am actively happy. I just don't want this to pass with people thinking that there are no security measures which apply.
  
  You are talking about political activists, not spies or terrorists. Further, there was nothing in the article to suggest that the compromise was not compartmentalized. Cells are still compromised if a trusted party within the cell is compromised, even if everything is organized as it should be. The assertion is that somehow the reliance of security on trust can be alleviated while still maintain a functioning network. That simply isn't true. Even with strict compartmentalization you still need to trust people, just fewer of them. Getting back to my point about the appropriateness, such an organizational structure creates significant inefficiencies. For example, if messages need to be propagated quickly to all nodes. Remember that this is a covert rather than clandestine operation.
  There are plenty of ways to work around this; widely distributed keys which change regularly; broadcast of information through the foreigh press and radio. People who are taking on a government should seriously think about the risks involved and should choose security measures which fit their needs and activities. Sometimes there are none, and they just have to stand in the middle of a square and be shot as martyrs. I'm not saying that's wrong, just that I'd like them to not be doing it by mistake. In fact it's worth more if they have made a concious choice and still take great risks.
  
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
Syrian activists use Skype to overthrow government by Anonymous Coward · 2012-05-04 05:14 · Score: 0

(In related news)
Bad Summary by Anonymous Coward · 2012-05-04 05:16 · Score: 5, Insightful

"Syrian Government Uses Social Engineering To Push Malware To Activists."
They could be using e-mail for the same thing. Or other IM channels that offer direct connect. Or Dropbox. Or any other channel.
The clever bit is trying to convince people to download and run an unknown tool by impersonating someone they've imprisoned.
1. Re:Bad Summary by sdnoob · 2012-05-04 05:20 · Score: 1
  
  the clever bit was done by the headline author, implying it was all microsoft's fault.
2. Re:Bad Summary by Anonymous Coward · 2012-05-04 06:02 · Score: 0
  
  Didn't you read the comments in the article about Win 8 not having dvd playback built in by default? It's ALWAYS Micro$oft's fault.
the formula by nimbius · 2012-05-04 05:18 · Score: 1

is simple.
1. find current affair or topic of notice or interest to customers
2. find a vector for product placement
3. profit.
the article is perfect, it has no names or citations, no dates or other identifying information and cant have those used to refute it as it falls under the auspices of "well, its a war ya know." I wonder how many vodka tonics it took the guys at f-secure's marketing department before they came up with this crap.
the only thing this "report" serves to do is frighten the general public into purchasing anti virus software. on the bright side, it seems as though slashdot is getting better with slashvertisements!

--
Good people go to bed earlier.
Stupid Story by Anonymous Coward · 2012-05-04 05:19 · Score: 0

This really is a very stupid, uninteresting story.
Guy runs .exe that contains malware.
I would like to read interesting things, not completely uninteresting stories like this one.
1. Re:Stupid Story by Anonymous Coward · 2012-05-04 05:47 · Score: 0
  
  Guy runs .exe that contains malware.
  Western propaganda machine blames enemy government.
  That is, indeed, not news.
Comment removed by account_deleted · 2012-05-04 05:19 · Score: 2

Comment removed based on user account deletion
Microsoft Security? by The+Asmodeus · 2012-05-04 05:20 · Score: 1

*snarky MS comment on*
Well you knew this would happen shortly after Microsoft bought them....
*snarky MS comment off*
1. Re:Microsoft Security? by flimflammer · 2012-05-04 07:31 · Score: 1
  
  What, that someone was the victim of social engineering?
Turing Test Fail by Anonymous Coward · 2012-05-04 05:22 · Score: 0

How do you know the person at the other end of a remote chat is actually human?
If they REFUSE TO DOWNLOAD AND RUN ANY DANG FILE you give them.
May the Force be with the Rebels by ackthpt · 2012-05-04 05:23 · Score: 1

On this day and always.

--

A feeling of having made the same mistake before: Deja Foobar
EFF Published This Two Months Ago by headhntr · 2012-05-04 05:24 · Score: 5, Informative

This F-Secure post is not news. The EFF wrote this up on March 5th: https://www.eff.org/deeplinks/2012/03/how-find-syrian-government-malware-your-computer-and-remove-it
Sandbox by Anonymous Coward · 2012-05-04 05:24 · Score: 0

See above.
Comment removed by account_deleted · 2012-05-04 05:29 · Score: 1

Comment removed based on user account deletion
Comment removed by account_deleted · 2012-05-04 05:32 · Score: 1

Comment removed based on user account deletion
Well, I fooled them! by Anonymous Coward · 2012-05-04 05:35 · Score: 1

Trusting a friend isn't stupid, it's what most people would do.
I let all my friends know that I'm untrustworthy and stupid. I also tell my friends that I don't trust them and that I think they're dummer than a bag of hammers. I got this whole security thinging down, baby!
Of course now, i don't have to worry about being infected by worms from friends because I have no friends.
Comment removed by account_deleted · 2012-05-04 05:38 · Score: 1

Comment removed based on user account deletion
Comment removed by account_deleted · 2012-05-04 05:42 · Score: 1

Comment removed based on user account deletion
To all Syrian Activists by Kjellander · 2012-05-04 05:53 · Score: 4, Informative

In order for this not to happen again do the following:
Stop using Windows and MacOSX.
Download and install Fedora F16.
When installing, encrypt the harddrive with a really hard to break password.
Install pidgin and off the record like this: 'yum install pidgin pidgin-otr'
Generate keys and verify them before communicating.
Be _very_ careful if who you usually talks to changes their key, they might have been arrested.
Never ever communicate in the clear.
Using this strategy you will not be immune, rubber-hose-cryptanalysis with still defeat this. Also you can be tracked so your oppresive government can see that you communicate, they will just not be able to read what you are saying. And not using major OSes will keep you away from the most common exploits and trojans.
Also, try to use TOR, HTTPS-everywhere and other good tools.
References:
https://fedoraproject.org/
http://fr2.rpmfind.net//linux/RPM/fedora/16/x86_64/pidgin-otr-3.2.0-4.fc15.x86_64.html
http://www.cypherpunks.ca/otr/
Good luck.
1. Re:To all Syrian Activists by reve_etrange · 2012-05-04 07:03 · Score: 1
  
  Install pidgin and off the record like this
  Good advice. I was going to post something similar but you beat me to it.
  What's so great about OTR? It doesn't just provide end-to-end encryption, but uses a model which supplies plausible deniability and perfect forward secrecy. That means that after an encrypted conversation is over, there is no way of associating it with you, and that if your keys are compromised past messages cannot then be decrypted.
  
  --
  .: Semper Absurda :.
2. Re:To all Syrian Activists by girlintraining · 2012-05-04 18:20 · Score: 1
  
  Using this strategy you will not be immune, rubber-hose-cryptanalysis with still defeat this.
  
  Clarification for people: Rubber hose cryptanalysis means that after encrypting your drive, they will beat the everloving fuck out of you, regardless of whether you give them the password before, during, or after, the aforementioned beating of your lifetime. However, if you leave it unencrypted... you'll just go to prison. But hey, if you want to enable that crypto -- go for it. Just don't plan on winning any beauty contests after.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
3. Re:To all Syrian Activists by Anonymous Coward · 2012-05-04 21:52 · Score: 0
  
  Rubber hose cryptanalysis means that after encrypting your drive, they will beat the everloving fuck out of you
  So you're saying that they'll encrypt your dive and then they'll beat the everloving fuck out of you.
  Whereas, I think you actually meant something like, "After they discover your drive is encrypted, they'll beat the everloving fuck out of you", or perhaps, "After you encrypt your drive, they'll beat the everloving fuck out of you".
  You're welcome.
4. Re:To all Syrian Activists by sociocapitalist · 2012-05-04 23:04 · Score: 1
  
  I think you're assuming there are no back doors in Fedora or the encryption software included therewith. Does Fedora have some form of security that I'm not aware of to prevent such, other than being open?
  
  --
  blindly antisocialist = antisocial
5. Re:To all Syrian Activists by Smurf · 2012-05-05 23:33 · Score: 1
  
  In order for this not to happen again do the following:
  Stop using Windows and MacOSX.
  So you are saying that full disk encryption on Windows and Mac OS X has backdoors? Any link to back that up?
  
  Download and install Fedora F16.
  When installing, encrypt the harddrive with a really hard to break password.
  Now you are saying that Fedora has no backdoors. But the only way the Syrian activists will be sure is if they download the code, check it themselves, and compile everything, as it is pretty much impossible to know that the precompiled binaries haven't been tampered with. But the code for the relevant parts of Mac OS X is also available. In any case, the Syrian activists, being social activists and not hackers most likely lack the skills and the time to understand the code and to compile it themselves, nullifying the advantage.
  
  Install pidgin and off the record like this: 'yum install pidgin pidgin-otr'
  Pidgin? You mean the open source messaging client that also runs on Windows and Mac OS X?
  
  Generate keys and verify them before communicating.
  Yeah, cause we all know there is no SSH nor GPG for Mac OS X or for Windows. Oh, wait...
  
  And not using major OSes will keep you away from the most common exploits and trojans.
  Except that there is far more malware for Linux than for Mac OS X. (Why? Because Linux is widely used in servers that the "evil doers" specifically want to crack.)
  
  Also, try to use TOR, HTTPS-everywhere and other good tools.
  Again, tools available for Mac OS X and Windows.
6. Re:To all Syrian Activists by thereitis · 2012-05-06 04:24 · Score: 1
  
  URL says it all:
  http://www.brepettis.com/blog/2011/1/28/apps-for-the-appocolypse.html
7. Re:To all Syrian Activists by Anonymous Coward · 2012-05-06 05:31 · Score: 0
  
  Given a good chunk of this is intimidation, I suspect they're likely to beat you either way.
Comment removed by account_deleted · 2012-05-04 05:55 · Score: 1

Comment removed based on user account deletion
the real problem by LodCrappo · 2012-05-04 05:57 · Score: 1

Misunderstanding of what a MAC address is and how they work, that is the crux of the issue.

--
-Lod
why, i always accept files via Skype! by Anonymous Coward · 2012-05-04 06:00 · Score: 0

'cause i'm wee-todd-ed!
Tonight... by Impy+the+Impiuos+Imp · 2012-05-04 06:13 · Score: 1

Next, on Real TV: When script kiddies go bad -- Real bad.

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Shouldn't that read.... by Dcnjoe60 · 2012-05-04 06:26 · Score: 1

Shouldn't that read: Syrian Government Uses Microsoft Products To Push Malware To Activists since Microsoft owns Skype?
Maybe it's time to drop the free as in beer when talking about opensource and use free as in speech.
1. Re:Shouldn't that read.... by reve_etrange · 2012-05-04 07:06 · Score: 1
  
  I think it should read, "Syrian Government Uses Instant Messaging File Transfers to Push Malware to Activists."
  Nothing about the attack couldn't have been done over AIM, or ICQ, or MSN, or IRC, or Jabber, because all of those protocols provide a means for exchanging files with other users.
  
  --
  .: Semper Absurda :.
2. Re:Shouldn't that read.... by Matje · 2012-05-04 10:22 · Score: 1
  
  No. It was a matter of social engineering. the delivery platform had no significant role in the delivery of the attack.
3. Re:Shouldn't that read.... by Dcnjoe60 · 2012-05-04 11:10 · Score: 1
  
  No. It was a matter of social engineering. the delivery platform had no significant role in the delivery of the attack.
  Then why mention Skype? Technically, the product used is Microsoft Skype, I stand by the title I proposed.
Syrian government? You mean our government. by Anonymous Coward · 2012-05-04 06:29 · Score: 0

Seeing how the Syrian uprising and violence attributed to the military is actually is a CIA/Blackwater/Mossad driven coup, I have a hard time believing that this was the Syrian government. Even if it was, they are likely trying to flush out that element.
They should consider using GPG signatures by Anonymous Coward · 2012-05-04 06:52 · Score: 0

Actually, two signatures. A real signature that would identify a person to the community. And a fake one that could be given away when he eventually gets caught and tortured. As soon as the community spots the fake one in use, they would know that the person has been detained.....
MAC address changer = right-click, properties by Anonymous Coward · 2012-05-04 06:59 · Score: 0

Don't try to be sly on the internet if you don't know how it works.
1. Re:MAC address changer = right-click, properties by PPH · 2012-05-04 10:24 · Score: 1
  
  Would you mind running that little gem of wisdom by the FBI?
  
  --
  Have gnu, will travel.
This begs a crucial question by spirit_fingers · 2012-05-04 07:56 · Score: 1

Is Microsoft, which owns Skype, colluding with the Syrian government to push malware to end users, or has Syria hacked into Skype to accomplish this?
1. Re:This begs a crucial question by drkstr1 · 2012-05-04 09:49 · Score: 1
  
  Or a more plausible explanation, that this has nothing at all to do with Skype, and the Syrian government could have used any means they desired to send someone an executable and then ask them to run it...
  
  --
  Fanboy Status: Apache Flex, C#, Eclipse, KDE, Pirate Party, Ron Paul, Slackware, Windows 7
Comment removed by account_deleted · 2012-05-04 08:34 · Score: 1

Comment removed based on user account deletion
Title is misleading by drkstr1 · 2012-05-04 09:46 · Score: 1

When I read the title, I am thinking a specific exploit in Skype was used to push the malware, when in reality all they did was send an executable and asked them to run it. As a Skype user, the former would be of great concern to me, while the later is not.
I think a better title would have been, "Syrian Government Uses Social Engineering To Push Malware To Activists."

--
Fanboy Status: Apache Flex, C#, Eclipse, KDE, Pirate Party, Ron Paul, Slackware, Windows 7
My buddy ... by PPH · 2012-05-04 10:27 · Score: 1

... Skyped me and asked me to install this file. That's odd. He sounds like he has a damp towel over his mouth.

--
Have gnu, will travel.
Define: Activist by enter+to+exit · 2012-05-04 15:34 · Score: 1

In all fairness, the person who installed the malware might just be a guy off the streets who attended a rally. I hear there are occasionally thousands of them protesting.

The insination here is that the regime managed to infiltrate a fifth column styled group by getting a guy to accept an .exe over skype. It's safer to assume he's not in the upper echelons of dissent.

Some of the protesters over at wall street might just have easily fell for such a ruse.
Uhm. Fox Mulder is FICTIONAL. by Anonymous Coward · 2012-05-04 19:25 · Score: 0

Why on Earth would you try to support an argument about information security practices with a reference to fiction?
Re:Syrian government? You mean our government. by Zontar+The+Mindless · 2012-05-04 21:57 · Score: 1

And this--even if true--completely absolves the current régime in Damascus of any wrongdoing, right?

--
Il n'y a pas de Planet B.
Nothing New Here by sociocapitalist · 2012-05-04 22:53 · Score: 1

This is no different than an email trojan vector. They've passed the file using skype but this is not any weakness in skype itself unless one thinks that skype should be scanning files that are transferred across it as part of the service.

--
blindly antisocialist = antisocial