Confirmed: CBS News Reporter's Computer Compromised

← Back to Stories (view on slashdot.org)

Confirmed: CBS News Reporter's Computer Compromised

Posted by timothy on Friday June 14, 2013 @11:11AM from the all-the-cool-kids-have-their-lines-tapped dept.

New submitter RoccamOccam writes "Shortly after the news broke that the Department of Justice had been secretly monitoring the phones and email accounts of Associated Press and Fox News reporters (and the parents of Fox News Correspondent James Rosen), CBS News' Sharyl Attkisson said her computer seemed like it had been compromised. Turns out, it was. 'A cyber security firm hired by CBS News has determined through forensic analysis that Sharyl Attkisson's computer was accessed by an unauthorized, external, unknown party on multiple occasions late in 2012. Evidence suggests this party performed all access remotely using Attkisson's accounts. While no malicious code was found, forensic analysis revealed an intruder had executed commands that appeared to involve search and exfiltration of data.'"

176 comments

Min score:

Reason:

Sort:

Yawn... by Anonymous Coward · 2013-06-14 11:15 · Score: 1, Insightful

Leave an embassador to die, no one bats an eye.
Spy on some reporters, everyone looses their minds....
Yawn....
1. Re:Yawn... by Anonymous Coward · 2013-06-14 11:32 · Score: 3, Insightful
  
  Leave an embassador to die, no one bats an eye.
  Spy on some reporters, everyone looses their minds....
  Yawn....
  The Slashdot audience is either retarded or full of partisan idiots.
  The quoted comment is quite relevant to the level of attention the media and the public pay to seriously important failings based on party politics of the government and of course is modded down.
  While this fluff nonsense gets modded up.
  
  Maybe they just wanted hot pics of her (Score:2)
  by Spy Handler (822350) on Friday June 14, 2013 @07:19PM (#44012213) Homepage Journal
  She's a nice looking lady... sure she's like 50 now, but around the year 2000 I was unemployed and watching late night TV, and she used to be a regular on CBS late late night news (like past midnight). I remember thinking hey she's really cute.
  I'm sick of it, and reading the comments is a waste of time here. All you libtards can congratulate yourselves on your partisanship and continue doing so as America becomes a banana republic.
  And while you are at it, quit thinking of your selves as the technical elite, you're not, you're more like kiddie Hax0rs competing for attention by being idiot smartasses.
2. Re:Yawn... by gmuslera · 2013-06-14 11:43 · Score: 4, Insightful
  
  Spy on basically everyone on the planet, no one bats an eye. Spy on a public person, everything is crazy now.
3. Re:Yawn... by Anonymous Coward · 2013-06-14 13:01 · Score: 1
  
  Actually that post is currently at 0, 'Offtopic'.
  Quit having a hissy fit just because someone trotted out a couple sockpuppet account to bump up some bullshit post.
  And last I checked, people in general are getting pretty pissed about the whole NSA deal. It's a far cry from "nobody batting an eye" like you claim.
  And since that particular person is a reporter for a major Press Organization, you probably shouldn't be so shocked that Press Organizations are shouting extra loud about that particular example. People can work together for a cause easier when there's some kind of symbol to rally to.
4. Re:Yawn... by cold+fjord · 2013-06-14 13:54 · Score: 4, Informative
  
  The best thing to do if you want to change people's minds is to find facts and present them reasonably, politely, logically, in a factual manner, and possibly with a reference link. Flames and insults seldom change peoples minds, and rarely snark, but facts sometimes do. Note that I wrote "sometimes." And it is often a long process. Being in the minority on Slashdot often means having to ignore insult, bad moderation, harassment, trolls, the occasional doppelganger trying to discredit you, silly arguments against you being highly moderated while you get mod bombed, the occasional death threat or wish for your injury, and all manner of other nonsense. And you have to live with the fact that vehement statements that are uninformed, silly, completely wrong, and often inflammatory, will be highly moderated as long as they are from the proper politically correct perspective. There are people from all around the world that post here with all manner of ideas, including: liberals, socialists, progressives, libertarians, conservatives, communists, Nazis, Islamists, Christians, atheists, the occasional Jedi, programmers, sys admins, engineers, doctors, lawyers, soldiers, students, mathematicians, physicists, and I'm going to stop because the full list is so long, seemingly unbounded. It can be frustrating, but try to be salt, if you care to.
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
5. Re:Yawn... by ShooterNeo · 2013-06-14 14:41 · Score: 4, Interesting
  
  Think back to the 1960s. Many of the complaints the "radicals" had were in fact legitimate. The Vietnam war was poorly managed and ultimately a colossal waste of lives and resources. Agent Orange really was a horrible toxin, causing permanent injuries. Drafting people to send them to a pointless war really was an evil act (and the draft dodgers were making a decision that in retrospect was a smart one)
  Marijuana really was a drug with low potential for harm, black people really were being oppressed, and nudism and free love must have been pretty fun.
  The point is, what did mainstream culture have to say then? What did all those protests do to affect the decisions made by The Man? Fuck-all, that's what. Doesn't seem any different now.
6. Re:Yawn... by icebike · 2013-06-14 15:21 · Score: 1
  
  Unfortunately that doesn't really work in the modern polarized world.
  Especially when it is posted br ACs.
  We've seen years worth of facts and figures and reasonable presentation be marginalized and ignored.
  
  --
  Sig Battery depleted. Reverting to safe mode.
7. Re: Yawn... by Anonymous Coward · 2013-06-14 15:25 · Score: 1
  
  The best way to make people change their mind is confuse then with conflicting stories then hit them with an FUD weapon. The predictable reaction a surrender to the colective and those interests backed by the misconception that everyone can't be wrong and strength in numbers. Herd mentality...
  Don't kid yourself, logic and reason are not the equivalent of truth regardless of how politically correct it may appear to be. In fact it is the perfect proverbial carrot collectivists use to "encourage" the final sell of their agenda.
  Take a look at the development of the Snowden situation, ignore the merits of each position and look at the patterns of information dispassionately.
  The truth is normally the first victim in any conflict. I'll give the alphabet agency one point simply because they don't lie about being liers [through omission]. They admit they are keepin secrets and imposing confidentiality about their activities. Can't get any more politically correct than that.
8. Re:Yawn... by Anonymous Coward · 2013-06-14 15:37 · Score: 0
  
  The best thing to do if you want to change people's minds is to find facts and present them reasonably, politely, logically, in a factual manner, and possibly with a reference link.
  So you are saying Fox News has it wrong with fear mongering their subset of people against another subset of people? They seem wildly successful.
9. Re: Yawn... by Anonymous Coward · 2013-06-14 15:45 · Score: 0
  
  You sir, are an optimist. You are right, nothing really changes. We are all out of Martin Luther Kings and even if we had one, there is no force that acts to unite us so we may stand as one.
  We are all scrounging for the crumbs left in the wake of what we want to believe is the American dream. That is why we accept the idea that national security is an end in itself and worth "perpetual indentureship" [or its equivalent, the wooden yoke].
  To admit otherwise would mean needing to surrender everything we ever invested to become who we are.
  Regardless, we never stop to ask ourselves, "Who are we?" Because it's just easier to presume and to hope.
10. Re:Yawn... by Anonymous Coward · 2013-06-14 16:03 · Score: 0
  
  yea doing a flyover with jets would have done a whole fucking lot of good, other than that whacha got, nothing, fuck off
11. Re:Yawn... by Anonymous Coward · 2013-06-14 16:13 · Score: 1
  
  Spy on basically everyone on the planet, no one bats an eye. Spy on a reporter, everything is crazy now.
  
  FTFY
12. Re:Yawn... by tripleevenfall · 2013-06-14 16:29 · Score: 3, Insightful
  
  I think /. is showing it's biased, but it's mostly biased on things other than tech issues. On tech issues like online privacy, everyone has the same opinion here.
  On something like Benghazi or Guantanamo Bay or (whatever), for most people it's ok when their guy does it, not ok when the other guy does it.
  We will all be a lot better off if this president's (remaining) defenders admit they were sold a bill of goods.
  (from a 3rd party voter)
13. Re:Yawn... by Anonymous Coward · 2013-06-14 17:35 · Score: 0
  
  That use to work no longer. Everyone has there heads so far up their own ass that you would think the clock revireted to 1400's or something.
  Billionaires buying the news to tell the story how they want no matter the fiction the viewers believe it.
  The religious pour their morrows marching orders on womens health but strangely silent in their business and politics.
  Religion used like a whore for politics and you think reason will win the day. How child like.
  You know what wins the day money nothing else.
14. Re:Yawn... by Anonymous Coward · 2013-06-14 18:36 · Score: 0
  
  Creating a sockpuppet and pretending that it's someone impersonating you is pretty lame, dude. Get some help.
15. Re:Yawn... by davester666 · 2013-06-14 19:01 · Score: 1
  
  This would never work on the Internet, Nazi Scum.
  
  --
  Sleep your way to a whiter smile...date a dentist!
16. Re:Yawn... by techno-vampire · 2013-06-14 19:56 · Score: 1
  
  and the draft dodgers were making a decision that in retrospect was a smart one
  
  Oh, I don't know if it was smart or not. I served. I came back and used my GI Bill benefits to learn what I needed to have a better career. Now that I'm retired, I get all of my health care from the VA, and don't have to worry about whether or not Obamacare is good or not because it doesn't apply to me, unlike lots of the draft dodgers who are now worrying, very loudly in a few cases, about how they're going to pay their ever-increasing medical bills.
  
  --
  Good, inexpensive web hosting
17. Re:Yawn... by eulernet · 2013-06-14 20:35 · Score: 1
  
  The best thing to do if you want to change people's minds is to find facts and present them reasonably, politely, logically, in a factual manner, and possibly with a reference link.
  No, no and no !
  And I'll explain why.
  First, look at yourself.
  How do you think you can change ?
  Do you think that integrating a new idea changes you ?
  Do you think that change is an incremental process, and that you can change after accepting a few ideas ?
  You are totally wrong !
  Change is always here, it happens naturally, and you can accept or refuse this natural change.
  Nobody really wants to change, because they are in a local optimum, so they put all their efforts to remain in this local optimum because any immediate change will worsen their situation.
  Perhaps a small change could lead to a better local optimum, who knows ?
  In fact, your problem is that you believe that you can change yourself with your thinking process.
  And you also think that since you are able to change yourself, you can change other people.
  But I can assure you that you cannot change anybody, even yourself !
  Reason or passion don't change people, but it makes them react.
  So how can you change yourself ?
  Let the change happen !
  And stop dreaming about changing others, you can just accept them, in the hope that they'll change one day.
18. Re:Yawn... by Anonymous Coward · 2013-06-14 20:47 · Score: 0
  
  ... it is often a long process ...
  
  Somethings simply can't be mentioned: teenagers in adult situations, women not being victims, the arbitrariness of American policy to 'enemy' countries, the right of said countries to defend against American aggression.
19. Re:Yawn... by hairyfeet · 2013-06-14 21:52 · Score: 1
  
  If you think anybody whose name isn't Dupont or Gates will be able to do jack shit about any of this you REALLY haven't been paying attention. It doesn't matter if you choose left or right because THERE IS NO left or right here, its just right and farther right.
  And while I agree those that actually give a shit about this whole kayfabe "left/right" lie is just deluding themselves but short of a full on armed insurrection you can give it the hell up, you can wave your little sign in your free speech zone and watch as the elite laugh and send some pitbull cop or PMC to crack your skull.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
20. Re:Yawn... by Anonymous Coward · 2013-06-15 00:10 · Score: 1
  
  unlike lots of the draft dodgers who are now worrying, very loudly in a few cases, about how they're going to pay their ever-increasing medical bills.
  At least they're alive to complain about it. How many pals did you lose to the VC?
21. Re:Yawn... by amaurea · 2013-06-15 00:25 · Score: 1
  
  Wow, that was a remarkably defeatist post. Basically, your message is: It is not only possible to persuade people, but also impossible to learn something and change your mind. Only as time goes can these things change through some undefined vague process. Did I get that right?
  Do you have any evidence to back up this model of learning and opinion forming? Well, actually, I guess presenting such evidence would go against the hypothesis you are presenting here - after all, you're claiming that evidence and rational arguments can't change people's minds - only time can, apparently. But then, isn't your post itself pointless according to your hypothesis?
  Perhaps my sarcasm-meter is broken today. Should I have heard a "whoosh" here?
22. Re:Yawn... by lxs · 2013-06-15 01:08 · Score: 2
  
  If you think anybody whose name isn't Dupont or Gates will be able to do jack shit about any of this you REALLY haven't been paying attention
  Congratulations! You haven't even tried and you have lost. In the former Eastern Bloc there was a phenomenon called the inner policeman. The citizens had the rules of the state drummed in them so solidly that it didn't occur to the majority to rise up. Any rebellious thoughts were quashed by their own minds. Your defeatism is just as effective.
23. Re:Yawn... by eulernet · 2013-06-15 02:25 · Score: 1
  
  Yes, you got that right, but I don't see any defeatism.
  It would be defeatist only if you believe that you can change people.
  I have no evidence to back my arguments, only my personal experience and feelings.
  But I doubt you'll ever find an evidence to prove the contrary, because change is a natural process.
  The change is so natural that you are not even conscious that you change, only others can tell you.
  And the change is so subtle that only close friends may notice it after a long time.
  But hey, prove me that there is a method to change, and I'll gladly hear your arguments.
  Rational or emotional arguments can only provoke some reaction, but it won't last in the long term.
  An evidence for that is dieting.
  People believe that taking some diet will make lose some weight, and when they realize that they cannot sustain it, they blame their own willpower ("I didn't try hard enough").
  By the way, it's very easy to notice when people stopped the flow of change.
24. Re:Yawn... by nospam007 · 2013-06-15 03:09 · Score: 1
  
  "(and the draft dodgers were making a decision that in retrospect was a smart one)"
  Think of it as evolution in action.
25. Re:Yawn... by Anonymous Coward · 2013-06-15 03:14 · Score: 0, Troll
  
  Interesting, considering that the banana republic part started way before Obama, and way before even his idiot know nothing predecessor who really kicked it into high gear. Obama seems to have continued the things that Bush did, but I've not seen evidence that anything actually new has been done on his watch--just more of the same.
  Of course, pointing out that the alleged liberal in the White House isn't personally responsible for absolutely every single one of the too-many-to-list things that are wrong with the US right now is just liberal partisanship in your book. Obama, by the way, is not a liberal or he's the worst one ever--but in a country where politicians are center right, right, or batshit crazy it's easy to throw that word around like you know what it actually means. Distrust in law enforcement and oppressive regimes are liberal ideals, not conservative ones. Now, I get that the relatively few Tea Party members who aren't corporate shills also believe that, so you might call them American ideals, but the founders of this country were liberal and not conservative. Go check their writings.
  As to partisanship, I've about given up trying to argue with know nothings who are proud of knowing nothing. Obama is a huge disappointment for actual liberal enlightened people who put humans above corporations and the military/law enforcement complex, and I've admitted that to conservatives I've debated with. They in turn admit--nothing. They defend to the death every lie, every deceit, every illegal act, every un-American thing every conservative ever did, and they never, ever admit that anything anybody ever on their side did was wrong. Push them on the lies that led to junior's second Iraq War and they hide behind UN resolutions which were passed under threats and more outright lies. Then they go and bash the UN without a shred of irony, they gripe about international laws and introduce and pass useless bullshit measures to prevent Sharia law from being used in the US, even though there's absolutely no evidence that it is or was. Of course, those same people then try every last loophole to get their own faiths introduced into all levels of government and they complain when they get shot down for doing plainly unconstitutional and more un-American things. My brain would overheat from the illogic of it all, but none of that matters to true believers. So I've stopped debating conservatives because there is no debate with them.
  That, by the way, is unfortunate because as one last admission I'll say this: liberals are wrong about a great many things too. Gun control, for example. Just about anything that ends with "think of the children" as another. All humans fall into the trap of believing they should force others to behave like them, even when the behavior in question does no direct harm to anybody (War on Drugs, anyone?). We need reasoned opposition in this country to prevent stupid stuff from becoming law, and we don't have it. We haven't had it since the worst president in history (Reagan) was elected. That's what's wrong with our society right now, and other than a massive miraculous influx of education and critical thinking skills I don't know what's going to solve it.
26. Re:Yawn... by Phrogman · 2013-06-15 04:26 · Score: 1
  
  I think you have hit the nail on the head, only I am thinking of those who blindly accept the loss of privacy, rights of free speech, right to assemble in protest etc in order to permit the Authorities to fight "Terrorism". Yes, detecting terrorist plots before they become terrorist events is a good thing but there needs to be some transparency in *how* they are being detected and some dialog concerning how far rights of privacy can be violated and under what circumstances, rather than the NSA just sucking up everything they want whenever they deem it necessary.
  As well of course, people need to be able to disagree with the government and its actions, and that same government having complete access to all our secrets means it can, should it choose to do so (and currently we would never know) use that ability to blacklist anyone who disagrees with it.
  Just blindly accepting that the powers that be know what they are doing seems incredibly stupid to me, but perhaps thats this "inner policeman" taking over in some minds...
  
  --
  "The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
27. Re:Yawn... by ShooterNeo · 2013-06-15 05:52 · Score: 1
  
  That's like saying "playing cards at the casino was a smart decision for me". Just because you were lucky and came out ahead doesn't mean the house doesn't win overall.
  You were lucky, and if somehow you had to play another round (suppose some medical treatment existed that could make you 20 again, and the government started drafting everyone for a land war with China) it would still be a bad idea.
28. Re:Yawn... by techno-vampire · 2013-06-15 06:33 · Score: 1
  
  How many pals did you lose to the VC?
  
  None. First off, the VC was smashed in the Tet Offensive, before I joined up and second, I was in the Navy in Tonkin Gulf bombarding NVA positions in '72. AFAIK, nobody I knew in school was killed or even wounded in 'Nam.
  
  --
  Good, inexpensive web hosting
29. Re:Yawn... by Anonymous Coward · 2013-06-15 07:56 · Score: 0
  
  If you're trying to get people to stop paying attention to libtards, STOP QUOTING THEM.
30. Re:Yawn... by LandGator · 2013-06-15 12:16 · Score: 1
  
  The ambassador was a professional representative of the nation, and was mourned and honored. However, his stock in trade was not being a watchdog on the organs of state, as is hers. Reporters are on the front line of truth for the American people; representative government will fail without truth. We need reporters and tampering with them is Bad for the Republic.
  
  --
  There is nothing wrong with yr Internet. Do not attempt to adjust the picture. We are controlling the transmission - NSA
31. Re:Yawn... by hairyfeet · 2013-06-15 14:26 · Score: 1
  
  Ya know what? if your fat overweight ass gets into the ring against the heavyweight champ, do you REALLY think you can win just because you are such a fucking wonderful human being? Really? Because if so i have some swamp land you would be interested in.
  You have an entire system built around the concept of giving a handful of elites ever more money, do you HONESTLY think your dumb ass is gonna come up with some brilliant fucking plan they haven't already thought of? there is brave and then there is fucking retarded, you sir are the latter. What are you gonna do, wave you little sign? Who is gonna see it, they own the stations moron! Fuck look at Ron Paul, even with all his net celebrity he was "He who shall not be named" by the MSM, Jon Stewart, who like me doesn't even care for libertarians, made a video of clips just showing how many tapdances they did to make sure nobody said his name, even so far as saying the first, second, and FOURTH place finishers and for the entire broadcast making God damned sure the world never knew there was a third place, much less who won it!
  So unless you are ready to go full bore armed insurrection? You are just wasting your fucking time, you will do exactly jack and shit. Hell BOTH PARTIES are for fascism, what the fuck are you gonna do, third parties have NEVER done shit in this country and the MSM beats the peasants with the "third parties are wasted votes" meme so much most would NEVER vote for a third party, so already you have no fucking way to even get somebody in a position to do diddly fuck, okay?
  Maybe you should watch a helpful educational video to see how all you will be doing by trying to work with a corrupted system is to HELP ENABLE that system, why will it never work? Because its fucking corrupted, duh! Your argument is NO DIFFERENT than if you play enough hands of three card monty you will come out ahead...no you won't, because you can't win a rigged game by playing more rigged games!!
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
32. Re:Yawn... by ravenshrike · 2013-06-15 19:19 · Score: 1
  
  Really? What, pray tell, were Bush's Fast and Furious, Bhengazi, James Rosen, IRS targeting and now this hacking attempt equivalents. I'll note that Iraq is nowhere in this discussion as Obama is rapidly gearing up for his own Iraq in Syria.
Better security might help by gweihir · 2013-06-14 11:19 · Score: 4, Insightful

A good example why reporters (and others) need to care about IT security.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
1. Re:Better security might help by masdog · 2013-06-14 11:23 · Score: 4, Insightful
  
  I'm not sure better security would help in this case. It's not like the government has compromised the major OS vendors/projects. In fact, I think there's no such agency dedicated to that task.
  
  --
  My Sysadmin Blog
2. Re:Better security might help by gweihir · 2013-06-14 11:34 · Score: 4, Insightful
  
  While it is known that MS has given vulnerabilities to the NSA before patching them, it is highly doubtful the same is going on with Linux or the free BSDs. The risk of being discovered would just be too big.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
3. Re:Better security might help by monkeyhybrid · 2013-06-14 11:38 · Score: 1
  
  While it is known that MS has given vulnerabilities to the NSA before patching them
  Citations?
4. Re:Better security might help by monkeyhybrid · 2013-06-14 11:43 · Score: 3, Interesting
  
  Please excuse my sceptism. I just googled the topic and it seems there's some evidence they've been doing this along with contributing to PRISM. Very enlightening to say the least!
5. Re:Better security might help by AxemRed · 2013-06-14 11:45 · Score: 5, Informative
  
  It's all over the internet. Here for one:
  
  http://arstechnica.com/security/2013/06/nsa-gets-early-access-to-zero-day-data-from-microsoft-others/
6. Re:Better security might help by Anonymous Coward · 2013-06-14 11:48 · Score: 0
  
  While it is known that MS has given vulnerabilities to the NSA before patching them
  Citations?
  Bloomberg
7. Re:Better security might help by Anonymous Coward · 2013-06-14 11:54 · Score: 3, Interesting
  
  There's no need to insert vulnerabilities into Linux. The Linux kernel is riddled with vulnerabilities.
  If you've ever wondered to yourself, "how the heck do those Linux developers commit such huge changes between minor versions without introducing bugs", well I have some news for you....
  If you want to run a secure system, try OpenBSD or NetBSD. Development occurs at a slower, more conservative pace, particularly with OpenBSD. And there are virtually none of the "dump and run" feature submissions that are so common with Linux.
  The application and server software you run should be developed similarly--slow and conservative, with a large number of the developers having a good comprehension of all or most of the subsystems, so that they can readily critique changes instead of deferring to the single guy who, alone, understands that subsystem.
  Remember, it's all about the eyeballs. But not all eyeballs are created equally, and not all projects make the most efficient use of the eyeballs available to them. Linux long ago past the point where bugs were spotted and quashed efficiently.
8. Re:Better security might help by erroneus · 2013-06-14 11:55 · Score: 2
  
  You don't need "malware" when you've got Windows.
9. Re:Better security might help by gweihir · 2013-06-14 12:09 · Score: 3, Insightful
  
  When you are talking about local exploits, maybe. But this is about remote exploits. When you have compromised an user account, you do not need privilege escalation to spy on them, you just need to get in as said user. That limits the scope of what needs to be looked at rather dramatically.
  Also, for security critical operation, a vanilla Linux is not a good idea. Use AppArmor or SELinux with custom, restrictive configurations. (Yes, I know that SELinux is from the NSA, but the risk of putting in back-doors is just to big.) Running a server is different. There, the largest risk is from the server software. Things like OpenSSH and Postfix are very secure, Apache2 without modules less so and Apache2 with modules can be a real nightmare, depending on the modules.
  I do agree on the development model though. But you need to take into account that most of the fast development in Linux is the drivers. The rest is done a lot more carefully and with significantly more review.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
10. Re:Better security might help by gweihir · 2013-06-14 12:12 · Score: 1
  
  No problem. I probably saw the same things you found.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
11. Re:Better security might help by meta-monkey · 2013-06-14 12:12 · Score: 2
  
  But who eyeballs the eyeballs?
  
  --
  We don't have a state-run media we have a media-run state.
12. Re:Better security might help by DragonTHC · 2013-06-14 12:31 · Score: 0
  
  just where do you think SELinux came from?
  Just why do you think a secret agency would go through the trouble?
  NSA have a secret API into all 4 major OS platforms.
  
  --
  They're using their grammar skills there.
13. Re:Better security might help by JustOK · 2013-06-14 12:38 · Score: 1
  
  The nose knows.
  
  --
  rewriting history since 2109
14. Re:Better security might help by instagib · 2013-06-14 12:45 · Score: 1
  
  This cooperation between MS and the NSA maybe explains why MS got away in most cases of monopolistic abuses during so many years: it's easier to infiltrate computers worldwide if they all use the same OS.
15. Re:Better security might help by Anonymous Coward · 2013-06-14 13:04 · Score: 1
  
  just where do you think SELinux came from?
  Just why do you think a secret agency would go through the trouble?
  NSA have a secret API into all 4 major OS platforms.
  I don't think you understand what an API is or how it's used. You've done smoked yourself silly, Dragon.
16. Re:Better security might help by Anonymous Coward · 2013-06-14 13:18 · Score: 0
  
  I'm not sure better security would help in this case. It's not like the government has compromised the major OS vendors/projects. In fact, I think there's no such agency dedicated to that task.
  I wish I was registered here just so I could mod you as Funny!
17. Re:Better security might help by Clsid · 2013-06-14 13:26 · Score: 4, Informative
  
  SELinux is not provided by the NSA anymore. It has been incorporated into the kernel and all you have to do is enable stuff that you want to use now. The code has been reviewed and the NSA was not the only entity involved, so I would not worry about that too much.
18. Re:Better security might help by Anonymous Coward · 2013-06-14 14:30 · Score: 4, Interesting
  
  It isn't the operating systems. Too many people pay attention to them. The secret code is in the compilers (where all the NSA fake employees work). It works this way: the compiler itself was compiled by the NSA to add secret code to the compiler source. This way, even if you are compiling from the clean and open source files, you will still get the NSA features. And when the OS is compiled, the NSA features are also added. For all 'hard-copy' operating systems, additional effort is made to ensure that the final copy is compromised. For open source or downloadable operating systems, the NSA runs a program where they swap out bytes at the ISP level while retaining the checksums. I've heard that this program is code named LEYTUNNEL.
  Posted via Tor to protect myself and my source
19. Re:Better security might help by manu0601 · 2013-06-14 14:32 · Score: 1
  
  Yes, NetBSD and OpenBSD are good for security (so are FreeBSD and DragonflyBSD), but there are still points to note:
  First, local security is an issue. The surface attack is so big that if you let an attacker play with remote access to the shell, he will find a security hole, even in NetBSD or OpenBSD
  Second, OpenBSD security emphasis push them to play down vulnerabilities, because they do not want to recognize them as such. OpenBSD errata have many "reliability fixes" that may be vulnerability fixes. And their "Only two remote holes in the default install, in a heck of a long time!" motto could suggest that the system is secure by design. It is not, and the admin still have to apply patches and updates to remain secure.
20. Re:Better security might help by Anonymous Coward · 2013-06-14 14:34 · Score: 0
  
  The NSA has many heads. Some of them are designed to protect computers from attack. Others are designed to attack. SELinux was designed to protect US assets.
21. Re:Better security might help by cffrost · 2013-06-14 14:37 · Score: 1
  
  It's all over the internet. Here for one:
  http://arstechnica.com/security/2013/06/nsa-gets-early-access-to-zero-day-data-from-microsoft-others/
  
  It seems to me that when Microsoft's involved, "responsible disclosure" guidelines should be adjusted to immediate public release, as long as MS is feeding exploits to hackers before fixing them.
  
  --
  Thank you, Edward Snowden.
  
  "Arguments from authority are worthless." —Carl Sagan
22. Re:Better security might help by Anonymous Coward · 2013-06-14 15:13 · Score: 0
  
  This was know already for a long time. It's part of the Microsoft government programs which include delivering source code for inspection and vulnerabilities reporting before public disclosure. It's not limited to US government.
23. Re:Better security might help by __aaltlg1547 · 2013-06-14 16:23 · Score: 2
  
  What do you mean being discovered? Of course the NSA and every other security agency in the world wants early access to zero day information. And the NSA has the budget to pay for them. If you think ordinary citizens and businesses are under attack from the NSA, imagine how much effort is bent on extracting the gigatonnes of Top Secret information such an agency has on file. I'm not saying the NSA is above using the information for nefarious purposes. They are, after all, a spy agency. But they also have a counter-espionage side and those guys are very busy trying to keep their information systems secure against every other spy agency in the world.
24. Re:Better security might help by Anonymous Coward · 2013-06-14 16:55 · Score: 0
  
  And smells a rat.
25. Re:Better security might help by elashish14 · 2013-06-14 17:42 · Score: 2
  
  Funny. So remember everyone - if you find a critical bug in Windows, do what this guy did. Disclosing it confidentially to Microsoft instead would be highly irresponsible.
  
  --
  I have left slashdot and am now on Soylent News. FUCK YOU DICE.
26. Re:Better security might help by Anonymous Coward · 2013-06-14 18:09 · Score: 0
  
  If all you're running is a simple server, with static web pages, SSH access, mail, and you're the only user, then I'll agree that Linux is as good as OpenBSD.
  But if you run any kind of web application (whether in Perl, PHP, Python, Ruby, Java, or whatever) then you _must_ assume that there are vulnerabilities which allow code injection, and thus there's no distinction to me made between remote and local exploits.
  Now, I've run vanilla OpenSSH systems with shell access for thousands of people around the world, as gateways for support systems. I've never had one of these hacked. Twice in 10 years the IT people foolishly convinced the CEO to switch them to Linux (because they couldn't be bothered to understand OpenBSD, or to tailor the hardware appropriately). And each time those servers suffered a series of intrusions. No amount of SELinux, AppArmor, or Grsecurity patches can compensate for the sheer number of local root exploits in modern Linux kernels.
  Do I think OpenBSD is bullet proof? No. Do I think OpenBSD developers are more technically proficient than Linux kernel developers? No. But do I believe OpenBSD is a more robust and hardy system against even local exploits? Abso-fscking-lutely. That may simply be a testament to how crappy Linux has become, as opposed to the brillance or luck of OpenBSD, but I couldn't care less.
27. Re:Better security might help by Zontar+The+Mindless · 2013-06-14 18:53 · Score: 1
  
  Now you know why I'm considering a switch to Red Flag Linux: I'm hoping that the Chinese backdoors will cancel out the ones from the NSA.
  Or at least keep them busy.
  
  --
  Il n'y a pas de Planet B.
28. Re:Better security might help by Anonymous Coward · 2013-06-14 20:40 · Score: 0
  
  Yes, I know that SELinux is from the NSA, but the risk of putting in back-doors is just to big.
  LOL! Nice try, NSA!
  How fuckin' stupid do you think we are?
29. Re:Better security might help by Anonymous Coward · 2013-06-14 22:13 · Score: 0
  
  In Free BSD and all Linux distros the Bugzilla databases are free and open for everybody.
30. Re:Better security might help by Anonymous Coward · 2013-06-14 22:35 · Score: 0
  
  (Yes, I know that SELinux is from the NSA, but the risk of putting in back-doors is just to big.)
  
  Risk of all those eyeballs catching it just because it is open source? Just like they didn't catch serious vulnerabilities for years in one of the most used and critical open sourced programs SendMail?
31. Re:Better security might help by datapharmer · 2013-06-14 23:30 · Score: 1
  
  There is a difference between actively placing backdoors in software and just analyzing it for exploits and not reporting them too... they likely know lots of ways into linux that don't involve tampering with project code.
  
  --
  Get a web developer
32. Re:Better security might help by gweihir · 2013-06-14 23:56 · Score: 2
  
  Very stupid, obviously. SELinux has been intensively scrutinized by others. Remember that it is FOSS, anybody can look. Any hacker finding a planted vulnerability in SELinux would have made a name for life.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
33. Re:Better security might help by gweihir · 2013-06-15 00:00 · Score: 2
  
  Sorry, but sendmail has been known to be insecure and likely unfixable for decades. The architecture just sucks and cannot really be secures. Nobody that wants security cares about it anymore, they just use PostFix instead. Same is true for bind. One vulnerability after the other. A bloated monster with cryptic configuration, even after the redesign.
  Finding bugs is one thing. If the architecture and design is unsound (overly convoluted, complicated and cryptic), no amount of finding of bugs is going to fix that. But for sendmail this is well-known to anybody who cares. There is a reason most distros use a different default MTA.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
34. Re:Better security might help by Impy+the+Impiuos+Imp · 2013-06-15 00:18 · Score: 1
  
  What does Microsoft get out of this trade? The article mentions Microsoft running on a lot of government stuff, but that doesn't say much because it runs on most of most peoples's stuff already.
  Immunity or taking it easy on various anti-trust? (And before you get outraged, recall the cynic's, i.e founding father's, observation that government seeks massive regulation and legislation precisely to have things to lord over people with.)
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
35. Re:Better security might help by Anonymous Coward · 2013-06-15 00:30 · Score: 0
  
  There also also no agencies or corporations involved in astroturfing, manipulating and controlling internet discussions.
36. Re:Better security might help by mcgrew · 2013-06-15 01:23 · Score: 2
  
  It seems to me that when Microsoft's involved, "responsible disclosure" guidelines should be adjusted to immediate public release, as long as MS is feeding exploits to hackers before fixing them.
  It seems to me that ALL vulnerabilities should be disclosed immediately. Vuln in FireFox? No problem, use IE or Opera. Vuln in PDF? Uninstall it until it's fixed or use a different reader or writer. It's not like there's only one OS, spreadsheet, browser, image editor, etc.
  It seems to me that when a white hat finds a vuln there's probably a 50% chance a black hat found it first, but he's not going to disclose it at all, he'll keep it under his hat and use the hell out of it until a white hat discloses it.
  Fuck the company that wrote the software, tell ME, the user, so I can stop using the vulnerable software until it's fixed.
  
  --
  Free Martian Whores!
37. Re:Better security might help by mcgrew · 2013-06-15 01:27 · Score: 1
  
  recall the cynic's, i.e founding father's, observation that government seeks massive regulation and legislation precisely to have things to lord over people with.
  Interesting if true, do you have a citation for that? I've never seen it and would be interested in reading it. I'm a readaholic and love learning.
  
  --
  Free Martian Whores!
38. Re:Better security might help by mcgrew · 2013-06-15 01:36 · Score: 1
  
  You don't think that there are hundreds of thousands of eyeballs scrutinizing the source code right now, especially after Snowden's revelations? It's pretty damned hard to put a back door in an open source OS or app and not have it found fairly quickly, impossible to not have it found sooner or later.
  
  --
  Free Martian Whores!
39. Re:Better security might help by bill_mcgonigle · 2013-06-15 01:42 · Score: 1
  
  tell ME, the user, so I can stop using the vulnerable software until it's fixed.
  Yes, tell you the user that there's a problem in a piece of software, and what part of that software, but also give the vendor some amount of time to fix it before dumping the exploit into metasploit. I once called this Informed Disclosure for lack of a better term.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
40. Re:Better security might help by Vintermann · 2013-06-15 01:48 · Score: 1
  
  This approach is mostly a curiosity. It is not nearly as undetectable as you may think, and once one compiler executable has been exposed to have this backdoor, the cat's out of the bag.
  There's also the problem that
  1. A compiler detecting that it is compiling itself isn't trivial, especially not for an open-source compiler that gets updated constantly.
  2. The back door insertion isn't trivial, for the same reason: the program being targeted may have changed. Not only must you detect it, you must make sure the backdoor is inserted in a way that doesn't break the program. if you do that even once, of course, the cat is out of the bag again.
  
  --
  xkcd is not in the sudoers file. This incident will be reported.
41. Re:Better security might help by Vintermann · 2013-06-15 01:50 · Score: 1
  
  Well, if we are talking about exploits in Microsoft Windows, it's most likely intended to be used offensively. I doubt NSA stores their top secrets on Windows machines.
  
  --
  xkcd is not in the sudoers file. This incident will be reported.
42. Re:Better security might help by s.petry · 2013-06-15 02:42 · Score: 1
  
  SELinux goes well beyond the NSA. Security compliance in Linux goes back well over a decade and ended up being a mix of various technologies. If do not understand SELinux, then the cure for your ignorance is to go learn it. I'm not backing what the NSA has been doing with "The People" mind you, just correcting your ignorant statements here.
  SELinux and the NSA involvement was really to ensure that Linux could be compliant with a very long and stringent set of requirements including protection for auditd and other modules and programs. Protecting the auditing processes was difficult and buggy under LAUS, which was improved by the NSA code and others.
  For SELinux, remember that it was Defense as the primary driver. There are, and have been, thousands of eyes on the source code because this is how we ensure top secret labs running Linux remain secure and/or we can see breaches in security. Nicely, Linux allows that security level to be scalable and flexible. This is why there are lots of requirements that must be followed in DOD, more as you go up in security.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
43. Re:Better security might help by s.petry · 2013-06-15 02:49 · Score: 2
  
  Interesting sci/fi, but how much is true? Personally I can only speak of common things I have used like RHEL and GNU compilers provided by Redhat. If what you said was true, I should be able to see things in a stack. The compiler would have to embed network objects into code it detects as network code. That would take some massive work, and be easily visible in the gcc/g++ source code.
  Potentially an issue, but I think it's pretty far away from the "likely" category. In closed source, of course this could be built in much easier. I still find it unlikely that compilers are tampered with in this manner. Dumping system calls and stack traces you would be able to see the hidden functions and variables. Colluding with every vendor and sabotaging OpenSource in a way to make this feasible (kernel hiding system calls and variables) would be nearly impossible.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
44. Re:Better security might help by RabidReindeer · 2013-06-15 03:10 · Score: 1
  
  (Yes, I know that SELinux is from the NSA, but the risk of putting in back-doors is just to big.)
  Risk of all those eyeballs catching it just because it is open source? Just like they didn't catch serious vulnerabilities for years in one of the most used and critical open sourced programs SendMail?
  Leaving aside the fact that SendMail is a horrible warty conglomeration of modules for mostly-extinct mail-routine systems supporting rules written in a cryptic macro language. SendMail is a mail application, and while secure mail is very important, security is the very purpose of SELinux.
  Where security is one more thing to consider for apps like SendMail, it's the core function of SELinux, and core functions are the most-scrutinized of all, because when they don't work, the app itself is useless.
  Aside from that, the mere fact that a large part of SELinux was created under NSA auspices is enough to get the tinfoil crowd digging into it looking for loopholes and backdoors. "Distrust the NSA" may be in the spotlight right now, but not everyone was complacent before.
45. Re:Better security might help by onyxruby · 2013-06-15 04:03 · Score: 2
  
  I can't argue your point about the need to care about security and raising awareness. However the idea that locking down your box could stop the government is naive. If they can convince a judge they can get a warrant. With a warrant you simply enter the residence and install something like a hardware keylogger (that's a commercial one, they come much smaller) or a pinhole camera.
  Your TrueCyrpt secured hard drive hosting your locked down Operating System behind the firewall of doom that only ever connects to the outside world through a VPN and random proxies means jack when a keyboard logger records your keystrokes or the camera watches you put them in. You can't secure against a warrant and direct physical access in that type of situation. The only thing that you can do is to focus on having a tamper evident system that alerts you.
  Resources would be better spent on shoring up Tripwire like tools for everyday users so that they can know they have been compromised in the first place. There are open source versions of trip wire and I would encourage anyone concerned about these types of issues to work on maturing what is there and bringing it to the masses in a form that they everyday person can effectively use.
46. Re:Better security might help by Anonymous Coward · 2013-06-15 04:12 · Score: 0
  
  Nah, this wouldn't make sense in general, not enough plausible deniability and a big scandal if someone finds out. In reality, a professional intruder will be using whatever exploit or loophole he can find, starting with the least original choices first (e.g. social engineering, Trojans, existing virus kits) and using 0-day exploits or pre-fabricated backdoors only if they cannot be avoided. You don't want to waste your precious "electronic warfare" knowledge in minor targets.
47. Re:Better security might help by Anonymous Coward · 2013-06-15 04:19 · Score: 0
  
  That would take some massive work, and be easily visible in the gcc/g++ source code.
  
  Senior System Engineer/Architect
  You're a "Senior System Engineer/Architect" who's never read Reflections on Trusting Trust, and can't imagine how to backdoor a compiler executable without changing any public source code?
48. Re:Better security might help by gweihir · 2013-06-15 06:40 · Score: 1
  
  Indeed. Well said.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
49. Re:Better security might help by gweihir · 2013-06-15 06:49 · Score: 2
  
  And there is the other thing: The NSA does not only spy on people, they also help securing people against others spying on them. Now, theoretically it is possible to secure a planted backdoor cryptographically so that nobody else can use it. That is however highly obvious in the code. If, on the other hand, they had a backdoor not secured in this fashion in SELinux, the risk of, say, the Chinese fining it would far out-weight any advantage of having access via this backdoor themselves. This is not the first tome they make things more secure. For example, the first DES candidate had a vulnerability that the academic community only found far later. They fixed it and made DES a lot stronger. AFAIK there still is no known fundamental vulnerability in DES. Its key is just too short for today.
  I happen to know a few people that did semi-academic project work for them. Not all the NSA does is bad. It is just an utterly moral-less bureaucracy, and that means the question of ethics does not arise. They will just as happily fix vulnerabilities and make secure designs, as they will do the opposite. And they are far less capable than people commonly assume. They try to do many things with overkill.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
50. Re:Better security might help by cffrost · 2013-06-15 06:50 · Score: 1
  
  I agree with you; I support immediate public disclosure as well.
  The reasons I wrote what I did last night were that a) I didn't want to sidetrack the discussion into one about immediate versus "responsible disclosure" in general, and b) I wanted to make a point that might persuade those in support of "responsible disclosure" that Microsoft has shown that it doesn't deserve whatever benefits it may receive from the practice, since they've been colluding with a known hacker organization that's been violating our constitutional rights for years.
  Further, in my view the software industry (as a whole) has shown that it doesn't genuinely support "responsible disclosure," what with all the cases we've heard about in which white-hats have been thanked with prosecution, intimidation, academic expulsion, etcetera, for trying to "do the right thing." Thus, I support immediate disclosure not as a form of (unjust) collective punishment against software vendors, but as an act of self-preservation, while acting to inform the greatest number of potential victims so that they may take defensive action (as you pointed out).
  
  --
  Thank you, Edward Snowden.
  
  "Arguments from authority are worthless." —Carl Sagan
51. Re:Better security might help by gweihir · 2013-06-15 06:55 · Score: 1
  
  While doable, this is really hard to conceal well. It is also a very old and well-known attack to security experts. Here is the problem: People are actually looking at assembler code from time to time and may well find this. There are not many places a backdoor could be put in. Basically layer 2 or 3 is the only place. That is not so much code. And then there is the problem on how to find where to put it in.
  As to binary deliveries, maybe you have heard of signed code? Like the Linux kernel sources? Or the Debian packages?
  This is basically a bunch of conspiracy theories without factual basis.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
52. Re:Better security might help by gweihir · 2013-06-15 06:56 · Score: 1
  
  Indeed. All it requires for some kernel hacker to do some experiments or try to fix some issues. As soon as things break in suspicious ways, looking at the assembler code is easy.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
53. Re:Better security might help by gweihir · 2013-06-15 06:58 · Score: 1
  
  Indeed. Just my point. And once such a thing is found, they could never do it successfully again.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
54. Re:Better security might help by kumanopuusan · 2013-06-15 07:16 · Score: 1
  
  That would take some massive work, and be easily visible in the gcc/g++ source code.
  The modified compiler is only distributed as a binary. There is no source code available.
  
  The compiler would have to embed network objects into code it detects as network code.
  No, the compiler would only need to add a few instructions that--under certain circumstances--modify calls to libraries that it knows are already being linked into the target executable. A compromised compiler is in the perfect position to determine everything about the executable it's compiling and to compromise it in extremely subtle ways. Think about all of the exploits that require only a single buffer overflow to execute a small stub, but need to make many assumptions about their environment. A compiler wouldn't need make any assumptions about the configuration of the target machine.
  
  Dumping system calls and stack traces you would be able to see the hidden functions and variables.
  You know that a call stack isn't strictly necessary, right? And the maker of malicious code is hardly going to add all his variables to a symbol table. It's easiest to add system calls directly to the malicious code, but it's possible to jump to existing system calls instead. None of this is hypothetical, either.
  
  --
  Use of the words "good", "bad" or "evil" is almost invariably the result of oversimplification.
55. Re:Better security might help by LandGator · 2013-06-15 12:24 · Score: 1
  
  OpenBSD in by no means vanilla, but instead is a much more exotic flavor. Gold Medal Ribbon, maybe? www.baskinrobbins.ca/en/2012/08/01/gold-medal-ribbon
  
  --
  There is nothing wrong with yr Internet. Do not attempt to adjust the picture. We are controlling the transmission - NSA
56. Re:Better security might help by Anonymous Coward · 2013-06-15 14:18 · Score: 0
  
  I've speculated about that from the very minute the court decision was handed down.
57. Re:Better security might help by Anonymous Coward · 2013-06-15 20:19 · Score: 0
  
  None that our leaders see fit for us to know about, that is.
58. Re:Better security might help by s.petry · 2013-06-17 05:35 · Score: 1
  
  I agree with most of your points. To do this with _everything_, as I replied too, becomes a daunting task. Logistically, this is why we see so much Malware/Virus work being done.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
59. Re:Better security might help by s.petry · 2013-06-17 05:38 · Score: 1
  
  I did not say I could not imagine it, I said that it is not feasible on scale. Posible != Plausible
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Oddly specific denial by hawguy · 2013-06-14 11:23 · Score: 5, Interesting

Why is the justice department denial so specific:

To our knowledge, the Justice Department has never compromised Ms. Attkisson’s computers, or otherwise sought any information from or concerning any telephone, computer, or other media device she may own or use.
It sounds like a carefully worded statement that leaves open the possibility that they planted an old fashioned bug to listen to her in her home, or a GPS tracker on her car, or secretly searched her house, or one of the other many ways they can secretly keep someone under surveillance.
Why not a simple "We have never had Ms Attkisson under any surveillance or covertly obtained any information about her"?
Besides, if she used a Verizon Business cell phone, or if the same cell phone meta-data order that was leaked to the press was given to all of the carriers, then the government *did* seek information concerning telephones used by her.
1. Re:Oddly specific denial by Brett+Buck · 2013-06-14 11:31 · Score: 0
  
  Why is the justice department denial so specific:
  Because it wasn't the Justice Department? I would have assumed it was someone associated with the Obama campaign. I am sure there would be no shortage of volunteers.
2. Re:Oddly specific denial by gl4ss · 2013-06-14 11:36 · Score: 1
  
  Why is the justice department denial so specific:
  Because it wasn't the Justice Department? I would have assumed it was someone associated with the Obama campaign. I am sure there would be no shortage of volunteers.
  well that would explain why they say that Justice Department hasn't done it.. rather than just say that they have no information whatsoever on the subject and if she wants feds to investigate she should report the crime to the police..
  
  --
  world was created 5 seconds before this post as it is.
3. Re:Oddly specific denial by larry+bagina · 2013-06-14 11:38 · Score: 5, Insightful
  
  When you have an Attorney General who will, under oath in front of Congress, commit perjury, why are any of their other statements considered credible?
  Not posting anonymously because the DOJ and NSA are tracking us either way.
  
  --
  Do you even lift?
  These aren't the 'roids you're looking for.
4. Re:Oddly specific denial by Anonymous Coward · 2013-06-14 11:40 · Score: 1
  
  Besides, if she used a Verizon Business cell phone, or if the same cell phone meta-data order that was leaked to the press was given to all of the carriers, then the government *did* seek information concerning telephones used by her.
  I think this is exactly why it is so specific. They are saying that they never tried to hook her, not that she has never been caught in a dragnet. Really that is all the specificity they can can readily offer.
5. Re:Oddly specific denial by Nutria · 2013-06-14 11:55 · Score: 2
  
  It sounds like a carefully worded statement that leaves open the possibility ...
  because, as Brett Buck mentioned, it might not have been the DOJ, OR it might have been the DOJ and the people who did it conveniently forgot to pass the information up the chain.
  Plausible deniability, doncha know.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
6. Re:Oddly specific denial by gmuslera · 2013-06-14 12:06 · Score: 1
  
  Not all hacking comes from the government, but as they say, probably a good part do. That was what i read in their denial, "this time, i think that wasn't us"
7. Re:Oddly specific denial by ShanghaiBill · 2013-06-14 12:28 · Score: 4, Insightful
  
  well that would explain why they say that Justice Department hasn't done it.
  That is NOT what they said. Read the quote carefully. It simply says that the speaker has no knowledge of the justice dept doing it, not that they didn't do it. This is a classic example of a bureaucratic waffle. It sounds like they are actually saying something meaningful, but if you parse the sentence, it is basically vacuous.
8. Re:Oddly specific denial by Main+Gauche · 2013-06-14 12:37 · Score: 0
  
  Why is the justice department denial so specific:
  Because they're refuting a specific accusal?
  Seriously, what kind of logic is this? The justice department didn't say that they didn't try to poison her! They must have!
9. Re:Oddly specific denial by hawguy · 2013-06-14 13:17 · Score: 2
  
  Why is the justice department denial so specific:
  Because they're refuting a specific accusal?
  Seriously, what kind of logic is this? The justice department didn't say that they didn't try to poison her! They must have!
  If think it's more like if she was found poisoned, and the Justice department said "I have no knowledge the DoJ had any involvement with poisoning her food or by poisoning her with toxic gas. We have no comment on whether or not we poisoned her with an injection toxin or through a contact poison".
10. Re:Oddly specific denial by s.petry · 2013-06-14 13:48 · Score: 1
  
  Personally I love symbolic logic.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
11. Re:Oddly specific denial by amiga3D · 2013-06-14 15:06 · Score: 2
  
  But he's telling the truth this time. Honest.
12. Re:Oddly specific denial by Bartles · 2013-06-14 17:53 · Score: 1
  
  The DoJ is telling you what they have done with that statement. They issued a denial that only references hardware. They say nothing about email accounts, cloud storage accounts, text messages, voicemail, or anything else that was intercepted going from here to there.
13. Re:Oddly specific denial by jafiwam · 2013-06-15 00:46 · Score: 1
  
  Not all hacking comes from the government, but as they say, probably a good part do. That was what i read in their denial, "this time, i think that wasn't us"
  I'd like to hear a good argument by those that think this was the government, why they would feel it appropriate (as in, best method of completing the task) to use her accounts to log in?
  Compromised account? Sure that wasn't some 50 year old sysadmin that thought she was hot and was looking for pictures of her she might have put on the computer? Like, what girl doesn't have mirror shots taken from her phone once in a while? He wanted to see some of her skin. Not get her work data.
  I am one of the more paranoid assholes concerning Hussain Obama's fuckups, but this just seems like "rogue sysadmin" and not like "government"
  Why would the government use an undisclosed security hole in windows, then log onto her account, and then search for files? Why not just use the hole to search for files? Or fuck, clone the hard drive without leaving any evidence behind besides a SATA cable that's a little more loose than it would be otherwise?
  Occam's Razor and all that.
14. Re:Oddly specific denial by Vintermann · 2013-06-15 01:54 · Score: 1
  
  Why not a simple "We have never had Ms Attkisson under any surveillance or covertly obtained any information about her"?
  Because that lie would be caught already.
  The real weasel words here are "To our knowledge". Of course it's not "to their knowledge", they would deliberately shield themselves from knowledge of the details if they did it. That's plausible deniability 101.
  
  --
  xkcd is not in the sudoers file. This incident will be reported.
15. Re:Oddly specific denial by gmuslera · 2013-06-15 02:35 · Score: 1
  
  As i said, the government said that weren't them.... probably. But could had been, after all, reporters or press in general are the ones that receive leaks to announce them.
  But odds are high that is just another windows intrusion as there are many, i.e. running a trojan or any new worm, or be a new version of something on the lines of Red October that could take years on be detected.
16. Re:Oddly specific denial by CrimsonAvenger · 2013-06-15 04:16 · Score: 1
  
  Why is the justice department denial so specific:
  Because the NSA is NOT part of the Justice Department?
  
  --
  
  "I do not agree with what you say, but I will defend to the death your right to say it"
17. Re:Oddly specific denial by Anonymous Coward · 2013-06-15 06:32 · Score: 0
  
  Come on folks. In this day and age, if a government or private entity denies doing something or being involved in something--they ARE involved, period.
  To what extent may vary, but never believe they are not involved if they deny they are not involved or even involved but to a lesser degree.
  ALL of your software running in an Internet enabled OS probably phones home to the government, or allows them in, the moment an Internet connection is established. Even the anti-virus and firewall software may allow government transmit or access.
PRISM by psymastr · 2013-06-14 11:25 · Score: 1

PRISM?

--
Improve at backgammon rapidly through addictive quickfire position quizzes: www.bgtrain.com
1. Re:PRISM by Anonymous Coward · 2013-06-14 11:34 · Score: 0
  
  Good question. The answer is almost certainly "No". Why, after all, would any government agent need to hack in to an individual computer to steal data when they can simply download it from some cloud provider's server or capture it as it traverses the internet?
hackers by Anonymous Coward · 2013-06-14 11:25 · Score: 0

they need to do way instain hackers, who snoop thier data, becuse these data cant frigth back?
1. Re:hackers by Anonymous Coward · 2013-06-14 11:54 · Score: 0
  
  it was on the news this mroing a president in dc who had snoop his citizens.
tsk tsk.... by arcite · 2013-06-14 11:27 · Score: 4, Funny

Looks like someone didn't renew their Norton Anti-Virus subscription. They warned you!
Welcome to the Botnet by checkitout · 2013-06-14 11:31 · Score: 5, Insightful

Occam's razor would suggest that she got pwned by a drive-by exploit on some site she visits. In the same way anyone else might. She just happened to be of some level of importance.
1. Re:Welcome to the Botnet by gl4ss · 2013-06-14 11:37 · Score: 3, Informative
  
  Occam's razor would suggest that she got pwned by a drive-by exploit on some site she visits. In the same way anyone else might. She just happened to be of some level of importance.
  but it was an attack by someone who knew the user/pass. like, from her mail or whatever..
  
  --
  world was created 5 seconds before this post as it is.
2. Re:Welcome to the Botnet by Mista2 · 2013-06-14 11:49 · Score: 2, Insightful
  
  Drive-by hacking, probably not as it doesnt look like they were after money, or extortion, or attempting ransomware installation. In fact, because it attempted to be stealth, its not even an attack for fun, as most vandals like to let you know you got pwnd.
  It might not be internal domestic spying thug, could be from the UK (The Guardian likes to tap phones and listen to voicemails too) or china - (too many examples to list).
3. Re:Welcome to the Botnet by Anonymous Coward · 2013-06-14 12:40 · Score: 1
  
  Occam's Razor would suggest that if her computer was part of a botnet or other script-kiddie-like attack it would be quite obvious since there is tons of experience finding that type of stuff.
  This was a targeted attack with a different goal than adding a bot to a net.
4. Re: Welcome to the Botnet by Anonymous Coward · 2013-06-14 13:03 · Score: 3, Interesting
  
  Total coincidence that she was the only non-Fox reporter looking into Fast & Furious gun running scandal, and this happened right around when that was heating up.
  Obama's people wanted to know if they'd been caught.
5. Re:Welcome to the Botnet by s.petry · 2013-06-14 13:53 · Score: 1
  
  Of course! We wont let facts about their activities get in the way of our delusional world. If you lose rights to watch that puppet show, the populace will never hear the end of it!
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
6. Re:Welcome to the Botnet by Anonymous Coward · 2013-06-14 14:49 · Score: 0
  
  Occam's razor would suggest that she got pwned by a drive-by exploit on some site she visits. In the same way anyone else might. She just happened to be of some level of importance.
  someone watched Contact
7. Re:Welcome to the Botnet by __aaltlg1547 · 2013-06-14 16:31 · Score: 1
  
  Or it could have been another news organization using her to do their research for them. It's so embarrassing to get scooped.
8. Re:Welcome to the Botnet by Bartles · 2013-06-14 17:56 · Score: 1
  
  You too? I found three last week.
9. Re:Welcome to the Botnet by Anonymous Coward · 2013-06-14 20:51 · Score: 2, Informative
  
  >The Guardian likes to [...] listen to voicemails too
  Are you mixing up the News of the World and The Guardian?
  That's a pretty big mistake to make.
10. Re:Welcome to the Botnet by Impy+the+Impiuos+Imp · 2013-06-15 00:22 · Score: 1
  
  A drive-by would be more interested in leaving a bot, and seriously would not be interested in touching file timestamps to hide their access to them.
  Well, unless it was aitomatic and built into the tool the script spookie was using. Hey, I coined a phrase!
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
11. Re:Welcome to the Botnet by x_t0ken_407 · 2013-06-15 05:31 · Score: 1
  
  Sticking your head in the sand is certainly a plausible way to not think critically about what's going on...whether you believe "big brother is at hand" or not. Kudos to you and other's living in denial :)
12. Re: Welcome to the Botnet by Anonymous Coward · 2013-06-15 15:38 · Score: 0
  
  Just what is it about gun nuts and paranoia. does everyone laughing about your need to compensate cause that much brain damage?
Military Coup? by Anonymous Coward · 2013-06-14 11:32 · Score: 0

Has there been a military coup in the US and nobody bothered to tell anyone?
1. Re:Military Coup? by zeroryoko1974 · 2013-06-14 11:47 · Score: 1
  
  The DOJ and Dept of St are like Obama's own private army.
What data? by dadelbunts · 2013-06-14 11:37 · Score: 5, Interesting

I love how they fail to mention what data was searched. Im sure that would provide alot of information as to who was doing the searching.
1. Re:What data? by __aaltlg1547 · 2013-06-14 16:34 · Score: 2
  
  Perhaps they just copied everything in in her user profile. If I were going to hack somebody's computer, that's what I'd do. Grab it all while you can and sift it later for whatever you're looking for. You never know when she's going to change her password and you lose access.
2. Re:What data? by ArghBlarg · 2013-06-14 16:55 · Score: 1
  
  You mean "meta-data". :p
  
  --
  ERROR 144 - REBOOT ?
Security begins with Linux by seyfarth · 2013-06-14 11:41 · Score: 2

I would not trust a commercial operating system to not be loaded with back doors accessible to the NSA. That's not even considering the history of Windows vulnerabilities. If I were in charge of IT for a foreign government, a news agency, a military or any business I would start by banning the use of Windows. With Linux it should be possible to have a computer which can search the Internet and prepare reports with no open ports for external attack. That should be the first step. Following that there needs to be training in human factors vulnerabilities. A computer for work should be a tool, not a toy, and user preference should not be the highest priority. Security should be first. Linux is clearly good enough for business purposes. I can see a value in Windows for gamers, but not for work computers. OS X is less vulnerable than Windows, but can you really be sure that the NSA can't access all OS X systems?
I would expect that hackers might also discover back doors. They would certainly study the instructions in the OS to try to find the holes.
Now I have been assuming that the computer was not running Linux. Perhaps it was. It is possible to screw up with Linux systems.
Fortunately for me, no one wants me to run their IT operation. It would be so painful trying to educate the users.
Maybe I'm a little too paranoid. Luckily not much is at risk on my home computers. I would not wish to do anything interesting to the NSA.

--
Ray Seyfarth, ray.seyfarth@gmail.com, http://rayseyfarth.blogspot.com
1. Re:Security begins with Linux by DaHat · 2013-06-14 11:53 · Score: 3, Insightful
  
  With Linux it should be possible to have a computer which can search the Internet and prepare reports with no open ports for external attack.
  So you are going to read code line by line to determine that no such exploits exist?
  Anytime you run ANYTHING that you did not build AND control yourself... you run that risk... the best we can do is hope we can trust who we get our OS, router or tank from... and perhaps audit them from time to time (if we have that power) to try to make sure.
  
  --
  Help Brendan pay off his student loans
2. Re:Security begins with Linux by drinkypoo · 2013-06-14 12:23 · Score: 2
  
  So you are going to read code line by line to determine that no such exploits exist?
  It's probably enough just to run an operating system by and for paranoiacs, e.g. OpenBSD. If you really think someone is out to get you, at least take some precautions.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
3. Re:Security begins with Linux by seyfarth · 2013-06-14 12:47 · Score: 1
  
  Yes, you are right - we must hope we can trust the supplier. No, I will not read the code, though it is possible and many people around the world have read the Linux code. It seems like a better bet than an OS where you can't read the code. I also have over 20 years of Linux experience with 1 hacking episode about 18 years ago. I was running a BBS system on a fairly early Linux. No harm was done. My suspicion is that some young person read about an exploit and ended up creating a "schlongg" account with root access. It was not fun for me, so I posted a polite message on the BBS asking for whoever it was to give me a break. Apparently I was fortunate. Now I limit outside connections to ssh. I could be paranoid about limiting the ssh connections, but the potential harm is really not that great. I have several other computers in my home with no open ports and only Windows is a problem. Someone else suggested BSD "for paranoics". That's certainly a good idea. I can't judge whether it is safer than Linux.
  
  --
  Ray Seyfarth, ray.seyfarth@gmail.com, http://rayseyfarth.blogspot.com
4. Re:Security begins with Linux by DaHat · 2013-06-14 13:17 · Score: 0
  
  It's probably enough just to run an operating system by and for paranoiacs, e.g. OpenBSD. If you really think someone is out to get you, at least take some precautions.
  Then you have already lost!
  How did you download that copy of OpenBSD? ISO or sources?
  ISO? Did you check the hash against the web page? How do you know neither were modified
  Sources? Ok... did you read the entire source tree (and understand it)? Yes? Ok... now don't forget to do the same for your entire compiler tool chain! Who knows what the NSA/FBI/CIA/etc may have slipped in there that you missed. Or are you going to build your compiler from ASM that you wrote by hand?
  While there is much anger against things like UEFI's Secure Boot... it has roots in the same place as the SSL system we trust today... assuming that there is a trusted root authority (or 3) that we can defer to in part... and that we can ignore should a user so choose.
  How far up/down the chain are you willing to trust? Here is hoping that the manufacturer of your motherboard didn't slip something in as well!
  
  --
  Help Brendan pay off his student loans
5. Re:Security begins with Linux by MichaelSmith · 2013-06-14 13:48 · Score: 1
  
  Some organisations will audit their code, and when they do so it will be better to start from a small, clean codebase.
  
  --
  http://michaelsmith.id.au
6. Re:Security begins with Linux by drinkypoo · 2013-06-14 15:28 · Score: 1
  
  How did you download that copy of OpenBSD? ISO or sources?
  You can view the fingerprint from an anonymous login, and use it to verify your ISO.
  
  How far up/down the chain are you willing to trust? Here is hoping that the manufacturer of your motherboard didn't slip something in as well!
  Yes, that's a good point. If you are willing to run one of the small handful of motherboards for which coreboot is a simple recipe, that's one answer.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
7. Re:Security begins with Linux by iggymanz · 2013-06-14 15:44 · Score: 1
  
  FUD.
  BSD is a far more mature and tested codebase than Linux + GNU. Exploits and vulnerabilities found are quickly fixed. Compare that to Microsoft. All open source OS that are commonly used have the "thousands of pairs of eyes" going for it at least, way better than a "black box".
  I build my openbsd from source, that's how you patch it anyway. Never been p0wn3d in 12 years of use and I put my server right on the internet without firewall (it is a firewall among other things). Meanwhile, Windows.....
8. Re:Security begins with Linux by __aaltlg1547 · 2013-06-14 16:41 · Score: 2
  
  A computer for work should be a tool, not a toy, and user preference should not be the highest priority. Security should be first.
  For most businesses, first is maintainability via tools that your IT staff knows how to use, then user preference, then productivity, then security.
  For businesses with well-run IT departments, it's either productivity, security, maintainability, preference or security, productivity, maintainability, preference.
  The latter schemes are both valid, depending on what your business's security needs are.
9. Re:Security begins with Linux by Anonymous Coward · 2013-06-14 23:47 · Score: 0
  
  holy shit! You put your firewall on the internet without a firewall? Don't you know you need at least 3 firewalls to be truly safe??
10. Re:Security begins with Linux by myowntrueself · 2013-06-15 02:36 · Score: 1
  
  holy shit! You put your firewall on the internet without a firewall? Don't you know you need at least 3 firewalls to be truly safe??
  yeah but then they come at you through 7 proxies and you're done for.
  
  --
  In the free world the media isn't government run; the government is media run.
Use linux, and ditch the cell phone!! by dalan · 2013-06-14 12:20 · Score: 1

Linux is more secure than Windows, flame on.
Cell phones are, um, monitored, recorded, gps'd, trackable, traceable, uh never mind. This is Slashdot.

--
Cheers! -- Richard
Obamas their puppet by Anonymous Coward · 2013-06-14 12:50 · Score: 1

Democratic Rep. Loretta Sanchez said after Congress on Wednesday was given a classified briefing by NSA officials on the agency's previously secret surveillance activities:
"What we learned in there is significantly more than what is out in the media today. . . . I can't speak to what we learned in there, and I don't know if there are other leaks, if there's more information somewhere, if somebody else is going to step up, but I will tell you that I believe it's the tip of the iceberg . . . . I think it's just broader than most people even realize, and I think that's, in one way, what astounded most of us, too."
I think you have that the wrong way, I think you'll find the political class is the puppet of the military now.
There's quite a good explanation that Glenn provided on how the CIA levered the European politicians to do their bidding despite voter opposition:
http://www.salon.com/2010/03/27/wikileaks/
And on the military propaganda unit:
http://www.salon.com/2008/05/09/cnn_abc/
Whose the boss? Military is the boss!
It is a military coup isn't it, a military coup by stealth. You vote for the candidate the military likes, because they leak and smear the other guys. He gets into power and does their bidding, regardless of what his voters want, because he knows that's the reality. We elected Obama to fix it, he does the opposite in secret. Military 1, Voters 0, another battle lost.
How long? by Ogre332 · 2013-06-14 13:05 · Score: 0

How long before the nude pictures and/or sex video are available in a torrent?

--
Shut up brain or I'll stab you with a Q-Tip. - Homer Simpson
I know.... I KNOW by Anonymous Coward · 2013-06-14 13:20 · Score: 0

I know.... I just KNOW that I can gonna be hit sideways by making this comment...
But if these systems are all holding sensitive data, such as the contact information of inside sources and such....
Why are they even plugged into the internet at all?
ohhh nooos by Anonymous Coward · 2013-06-14 13:36 · Score: 0

that never happens to stupid people...oh wait....
Hold it... by Rick+Zeman · 2013-06-14 14:42 · Score: 2

...why say DOJ? It could be the Chinese.
1. Re:Hold it... by Anonymous Coward · 2013-06-14 14:51 · Score: 1
  
  ...why say DOJ? It could be the Chinese.
  It could be the Jews
2. Re:Hold it... by amiga3D · 2013-06-14 15:07 · Score: 1
  
  It could be Anon.
3. Re:Hold it... by c0lo · 2013-06-14 15:41 · Score: 1
  
  ...why say DOJ? It could be the Chinese.
  (when looked at with the "common sense eyes", both of them behaves in a totally "alien" way. So, what's the difference?)
  
  --
  Questions raise, answers kill. Raise questions to stay alive.
4. Re:Hold it... by Anonymous Coward · 2013-06-14 16:17 · Score: 0
  
  Or...it could be the only entity that has total access to all internet and phone communications: "the phone company".
  http://en.wikipedia.org/wiki/The_President's_Analyst
Re:Maybe they just wanted hot pics of her by amiga3D · 2013-06-14 15:03 · Score: 1

Man, that is so sad.
buyers regret for leftists by Anonymous Coward · 2013-06-14 15:04 · Score: 0

SO now the leftist media wonks finally get bit by the dog they have been cheering for.
"But but... I thot they wer only gonna use it on the ebil republicans and conservatives an biblethumpers !!!"
Whine whine, shriek shriek, bleat bleat ....
Need to read more history arrogant dimbulb leftists. More ruthless leftists have no problem putting other leftists up against the wall and shooting them when those lesser leftists somehow have a notion that power is to be shared.
Protection for me but not for theee.... Hypocrits got what they deserved for enabling/aiding and abetting the freedom stealers
Errrr... China? by Slartibartfast · 2013-06-14 17:31 · Score: 1

Just sayin'. NSA may be bad-boy du-jour, but China's the one who's been hacking accounts on media and technology companies. I'd think NSA would be content to just sit there and sniff your traffic.
1. Re:Errrr... China? by Anonymous Coward · 2013-06-14 22:59 · Score: 0
  
  The NSA does the exact same thing as China.
Re:Gawn... dddd by Anonymous Coward · 2013-06-14 20:06 · Score: 0

I have a thirteen inch penis, I call it "my thirteen incher". I am not a proud man, just a simple and humble servant. The reason I mention this in an unabashedly pubic manner is because James Clapper is my boss. I so wish I didn't have to crudely pound his cellulite ass. Woe is me.
Worse Than You Think by some+old+guy · 2013-06-14 20:32 · Score: 1

I have friends in state-level law enforcement. A great deal of "private personal" data about search phrases, download histories, email, and sites visited, is shared via FBI-CIA-NSA "cooperation" with the NCIS. It then migrates into lexisnexis and the other legal big data houses.
Pro Tip: If you value your job, never, ever access a personal home account from a work client, even to plan a trip, play Angry Birds at lunchtime, or pay a bill. Once the two identities are linked, they're linked forever.
And remember, your employer and the law do not pay damages or apologize for false positives from faulty algorithms. You are guilty until proven dead.

--
Scruting the inscrutable for over 50 years.
Just following orders by nickmh · 2013-06-14 21:24 · Score: 1

I'd be guessing the person infiltrating systems is "Just following orders" Look that up! See where the west is headed! WAKE THE F^&*K UP!
Well, aren't you special by Anonymous Coward · 2013-06-15 02:47 · Score: 0

Lucky for you - you didn't end up dying or losing your mind like the many people my father helped in that war. I bet many of them wished they had gone to Canada as they breathed their last agonizing breath. I know my father wouldn't admit it through his programmed pride, but his life would have been better without that SHIT even though he "survived."
If I were you, I would hang my head in reverence for those not so lucky instead of using your luck as a rhetorical device.
Huh? by Anonymous Coward · 2013-06-15 04:21 · Score: 0

So CBS says "This party also used sophisticated methods to remove all possible indications of unauthorized activity", but also says "forensic analysis revealed an intruder had executed commands".
I don't get it. It seems like these are mutually exclusive.
I guess it's just me by WillyWanker · 2013-06-15 05:01 · Score: 1

But I actually like the idea of the government snooping around, hacking into accounts, and logging everything. If for no other reason it makes people worried and nervous. And when people are worried and nervous they are less likely to do things they know they shouldn't do for fear of being watched and caught.
I like it. Yes indeedy I like it a lot.
Reporter's Windows Computer Compromised .. by dgharmon · 2013-06-15 07:21 · Score: 1

Corrected headline ...

--
AccountKiller
NSA Tyranny by Anonymous Coward · 2013-06-15 08:22 · Score: 0

cf96690f3d3f7476927c6f80d630c821
Spot on, Anonymous Coward in post #44014949 by LandGator · 2013-06-15 12:21 · Score: 1

Very well said.

--
There is nothing wrong with yr Internet. Do not attempt to adjust the picture. We are controlling the transmission - NSA