Confessions of a Cyber Warrior

← Back to Stories (view on slashdot.org)

Confessions of a Cyber Warrior

Posted by Soulskill on Tuesday July 9, 2013 @08:14AM from the he-hacked-the-last-donut dept.

snydeq writes "InfoWorld's Roger Grimes interviews a longtime friend and cyber warrior under contract with the U.S. government, offering a fascinating glimpse of the front lines in the ever-escalating and completely clandestine cyber war. From the interview: 'They didn't seem to care that I had hacked our own government years ago or that I smoked pot. I wasn't sure I was going to take the job, but then they showed me the work environment and introduced me to a few future co-workers. I was impressed. ... We have tens of thousands of ready-to-use bugs in single applications, single operating systems. ... It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.'"

43 of 213 comments (clear)

Min score:

Reason:

Sort:

saber rallying by ThorGod · 2013-07-09 08:18 · Score: 5, Insightful

Does this sound like boasting to anyone else? It's like a more modern version of having the press watch an explosion of their latest bomb.

--
PS: I don't reply to ACs.
1. Re:saber rallying by Crudely_Indecent · 2013-07-09 08:29 · Score: 5, Insightful
  
  Makes sense to me. Software/hardware vulnerabilities are worthless once patched. If this group is tasked with having a way into any system, their main focus is going to be to not-only find exploits, but also to protect those exploits for future use. I have no doubt that such a group exists, and that their collection of exploits is extensive.
  Hopefully those exploits are used against our enemies and not against us, but that's probably just a silly hope.
  
  --
  
  "Lame" - Galaxar
2. Re:saber rallying by stanlyb · 2013-07-09 08:37 · Score: 2
  
  What enemy? China? Don't make me laugh.
3. Re:saber rallying by Intrepid+imaginaut · 2013-07-09 08:39 · Score: 2
  
  I have no doubt that such a group exists, and that their collection of exploits is extensive.
  Oh yeah, and they make big money too.
4. Re:saber rallying by Dan+East · 2013-07-09 08:41 · Score: 5, Interesting
  
  If it's used against "us" then the likelihood of it being detected and disclosed is too high. They can't utilize these exploits carte blanche, but would have to save them only for specific targets, and still they face the risk of compromising an exploit every time it's used. Any evidence collected in this manner is not usable in court either, so it's really only useful for the spy game against high value foreign targets.
  
  --
  Better known as 318230.
5. Re:saber rallying by Anachragnome · 2013-07-09 08:50 · Score: 2, Informative
  
  "Does this sound like boasting to anyone else?..."
  Boasting or not, I think everyone that speaks out about pervasive surveillance techniques should be paid attention. Whether or not their information is accurate, relevant or factual should be decided by ourselves. The NSA has shown us that they cannot be trusted to do anything but lie. If we are to get any accurate information, we have to start taking all perspectives into account, even those of the NSA shills, as they provide contrast.
  And, if anyone is interested, "ThorGod" is an account I suspect of being associated with "Cold Fjord". He seems to like using Northern European references in his user names--there are others following the pattern, but I suspect those accounts are being used to "bank" moderation points. Look at my previous posts if you don't know what I am referring to.
  And, again, please read the document linked in my signature--this is information that every single poster here on Slashdot needs to at least be aware of.
6. Re:saber rallying by jc42 · 2013-07-09 08:51 · Score: 5, Insightful
  
  Hopefully those exploits are used against our enemies and not against us, but that's probably just a silly hope.
  What enemy? China? Don't make me laugh.
  Nah; anyone who has been following security-related news stories for at least a few years understands that the primary enemy of any government is its own citizens. They're nearby, where they can vote against you, take you to court, or shoot at you. None of these threats are easily available to people in other countries.
  Just dig into the histories of the related US agencies (e.g., HUAC or the FBI or even the CIA) in the 1950s, 60s and 70s. How many external "enemies" -- or domestic "subversives" -- did they ever catch and prosecute? Pretty close to none at all. How many citizens did they attack and serious injure (either their reputation, finances, or physical well-being)? Lots and lots of them.
  This story is only news to someone who isn't familiar with the long, documented history of such activities. Fact is, your government considers you more of a threat than pretty much anyone outside its borders. This is especially true if you're involved in any activity that threatens the income (especially under-the-counter income) of anyone in your government.
  
  --
  Those who do study history are doomed to stand helplessly by while everyone else repeats it.
7. Re:saber rallying by jeffmeden · 2013-07-09 08:54 · Score: 4, Interesting
  
  I call BS on that guy. He claims there are 5000 people working there. At $100k/year salaries (and it's probably more), that puts this program up to at least $1 billion dollars per year for payroll and equipment. I would assume there is some accounting for that kind of spending.
  The US spends upwards of $500B on "Defense" each year... Do you really think a missing $1B would get noticed here and there?
8. Re:saber rallying by Garridan · 2013-07-09 09:05 · Score: 2
  
  The majority of theft in grocery stores is committed by employees, after all.
9. Re:saber rallying by gmuslera · 2013-07-09 09:12 · Score: 2
  
  Seems consistent with this story. And that is just the tip of the iceberg. The only thing that you are wrong is assuming accounting for what government "invest" in cyberwar.
10. Re:saber rallying by Crudely_Indecent · 2013-07-09 09:13 · Score: 2
  
  I somehow doubt that the government has secret cisco buffer overflows
  I'm sure someone at Cisco knows all about them.
  
  --
  
  "Lame" - Galaxar
11. Re:saber rallying by rmstar · 2013-07-09 09:35 · Score: 2
  
  By "we" I presume you mean "The People" a separate and distinct class from "The Government".
  Allrighty then. What, then, is the government made of? Green cheese?
12. Re:saber rallying by PopeRatzo · 2013-07-09 09:35 · Score: 2
  
  for society's benefit.
  That's debatable.
  
  --
  You are welcome on my lawn.
13. Re:saber rallying by DamnStupidElf · 2013-07-09 10:04 · Score: 2
  
  It sounds like reality. Do you really think that every month or two when Adobe or Oracle patches a remote exploit that's in 90% of computers it's a bug introduced within the last patch cycle? Of course not. Software is riddled with bugs and they're found incrementally. If you can find bugs faster than the public researchers you will have a database of zero-days, end of story.
14. Re:saber rallying by RoknrolZombie · 2013-07-09 10:35 · Score: 2
  
  I call BS on that guy. He claims there are 5000 people working there. At $100k/year salaries (and it's probably more), that puts this program up to at least $1 billion dollars per year for payroll and equipment. I would assume there is some accounting for that kind of spending.
  LOL, if you're assuming that there's oversight in the government then you haven't been paying attention.
15. Re:saber rallying by RoknrolZombie · 2013-07-09 10:40 · Score: 3, Interesting
  
  From the summary, "They didn't seem to care that I had hacked our own government years ago or that I smoked pot". I call BS on any notion that the federal government intelligence agencies would hire anyone with a background rife with illegal activity. For every Kevin Mitnick, a convicted person now with a felony record, hired there are thousands of applicants rejected because of a small infraction or deviant behavior, including a preference not to socialize outside of the workplace.
  I have a story to tell. (yes, it's relevant).
  
  When I served in the Army I was stationed with an individual that was in the process of getting kicked out. He had been an E4 and had managed to hack into some of NSA's servers (the events took place both before I arrived, and before I knew a damn thing about computers, so I don't know the vector or what his actual abilities are). He created some bogus accounts and used those accounts to send overly critical emails to Generals, signed with a pseudonym, of course. Well, by the time I got there he had already been busted - and like Manning got busted down to an E1 before they kicked him out (dishonorable discharge, of course). Within a month of him getting kicked out NSA directly hired him, paying him far more than he could have ever been paid had he stayed in the service.
  
  The Government ignores laws when it's convenient for them to do so, even when it comes to their own hiring policies.
16. Re:saber rallying by lennier · 2013-07-09 10:42 · Score: 2
  
  I somehow doubt that the government has secret cisco buffer overflows that were over looked by millions of security researchers since the beginning of computing.
  I used to doubt that Windows could be full of thousands of security vulnerabilities that had been overlooked by millions of security researchers so far, and yet. Every month, the privately disclosed 0-days just keep coming.
  And those are just the ones that a) white hats have chosen to disclose to Microsoft rather than the NSA/competitors/Russian Mafia, and b) Microsoft has been given the greenlight from the NSA to patch.
  Cisco's source code is secret and so is their security remediation process, so we've got no independent means of verification. They're also just as deeply in bed with the NSA as all the other big IT firms. What makes you think they're any better / more ethical at finding and fixing bugs than Microsoft?
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
17. Re:saber rallying by cold+fjord · 2013-07-09 11:01 · Score: 4, Informative
  
  Once again we have Anachragnome posting his crackpot conspiracy theories about me. If you bothered reading his post above and find it persuasive, then you should read this post of his, and note this line:
  
  This is East Germany, all over again--the NSA literally has us spying on each other, inadvertently or not.
  Anachragnome seems to think that everyone is spying for the NSA. Who is it doing all this mutual spying? If you stop and think for even a moment you realize that the idea is nonsense. But it does play into his fear inducing agenda, including attempts to make people suspicious and fear me. He is engaging in the very same sort of behavior he is complaining about. By spreading fear he hopes to control people, to stamp out opinions he finds disagreeable, and control discussions. Ask yourself - are you living in fear? I don't. And yet he seems to want you to. Why?
  Anachragnome seems to find great significance, even to the point of it being evidence that I am a government agent, that I have a different viewpoint, a minority viewpoint among the population of posters on Slashdot. For some reason he can't accept that different viewpoints don't constitute a conspiracy. What is the purpose of having civil rights if we all have to believe the same thing? I thought that was what fascism was about.
  Further evidence that his claims are nonsense is the fact that he thinks that I am both an NSA plant and that I have multiple accounts named with a common theme, no doubt including the recently created troll accounts that have been trying to harass me of late (coid fjord, and co1d fjord). That would seem to be pretty pathetic tradecraft if that were the case. His view is just another sad example of a crank seeing a pattern in the noise that doesn't really exist, and thinking it significant. Go ahead and read from the two troll accounts. I don't think you'll find much evidence to support Anachragnome's nonsense view. (If you think you have, read more of the thread and check UIDs.)
  Apparently the only people that disagree with him are spies. Bow to his power, or you may be branded a "shill" and "forum breaker." Submit to his fear. He expects you to inform on each other. Obey him, or you may be branded a traitor too.
  Or maybe he is just a crank full of suspicion and fear that should be ignored. Take your pick.
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
18. Re:saber rallying by stanlyb · 2013-07-09 13:26 · Score: 2
  
  True. Now, lets see, the people are the employer, the government is the employee......
19. Re:saber rallying by davester666 · 2013-07-09 18:17 · Score: 2
  
  Just to follow up, here's how the so-called "oversight" works in the NSA
  http://arstechnica.com/tech-policy/2013/07/5-things-snowden-leaks-revealed-about-nsas-original-warrantless-wiretaps/
  
  Though ultimately more than 3,000 people—mostly within the NSA—were read into the program, the initial secrecy around it was so intense that, notoriously, even the NSA’s own lawyers weren’t allowed to see the legal reasoning justifying it until 2004—something NSA officials themselves found strange.
  That secrecy meant that the NSA’s own Inspector General—the agency’s primary internal watchdog—wasn’t cleared to know about the program until August 2002, nearly a year after it began. Even that appears to have been a reluctant concession; NSA Director Michael Hayden had to “make a case” to the White House for reading the IG in. As a result, it was not until February 2003 that the IG “learned of PSP incidents or violations that had not been reported to overseers as required, because none had the clearance to see the report.” The precise nature of those “incidents or violations” remains unknown.
  
  --
  Sleep your way to a whiter smile...date a dentist!
20. Re:saber rallying by semi-extrinsic · 2013-07-09 19:01 · Score: 2
  
  "You don't actually think they spend $20,000 on a hammer, $30,000 on a toilet seat, do you?"
  
  --
  for i in `facebook friends "=bday" 2>/dev/null | cut -d " " -f 3-`; do facebook wallpost $i "Happy birthday!"; done
Poor Infoworld.... by Anonymous Coward · 2013-07-09 08:19 · Score: 2

Poor Infoworld.... getting left behind in the Snowdon fiasco so has to do a bit of "Me Me Me.. We're still relevant" crap
Literally, if you can name the software or the controller, we have ways to exploit it.
Pacman?? Didnt think so.
1. Re:Poor Infoworld.... by g0bshiTe · 2013-07-09 08:39 · Score: 2
  
  My unnetworked tv remote from 1980.
  
  --
  I am Bennett Haselton! I am Bennett Haselton!
2. Re:Poor Infoworld.... by Synerg1y · 2013-07-09 09:13 · Score: 4, Funny
  
  Exploit = pipe wrench.
True fiction? by intermodal · 2013-07-09 08:22 · Score: 2

I basically believe the information presented here, but the source could be anyone. It could be a complete work of fiction, and even if that is the case, it may still all be accurate. If someone asked me to come up with a laundry list of things that in all likelihood the feds have, I'd have easily come up with everything listed here.

--
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
Re:Adobe by MetalliQaZ · 2013-07-09 08:23 · Score: 2

Oh please. At least half of them are in Java!

--
"Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
fud by Dishwasha · 2013-07-09 08:26 · Score: 2

In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.'
For some reason I doubt that private government workers, let alone government contractors, have discovered (let alone classified and organized) more bugs than the armies of security researchers out there to qualify as "barely scratching the surface". More likely the government is paying private security researchers for bugs and the promise of non-disclosure. Even then with how altruistic many researchers are, it's likely that kind of exchange would be exposed.
1. Re:fud by h4rr4r · 2013-07-09 08:28 · Score: 4, Interesting
  
  Or they would take the money and disclose the vulnerability. Enforcing an NDA in this case would give away that these exchanges are on going.
2. Re:fud by dmt0 · 2013-07-09 08:45 · Score: 2
  
  The whole article is fake. Trying to clean up the mess after Snowden scandal, trying to justify the existence of the whole apparatus...
3. Re:fud by gl4ss · 2013-07-09 08:51 · Score: 2
  
  You have no idea the scale of this operation. They are buying the exploits and bugs by the 100's daily. There is soo many "security" research companies that only do this. They exploit and sell it to the government.
  you got it wrong. there's hundreds of people who will privately imply that they do that - but they do it(implying) only to sell security services to their clients.
  stuxnet as an example, could have used a few better exploits.
  
  --
  world was created 5 seconds before this post as it is.
4. Re:fud by Kjella · 2013-07-09 09:12 · Score: 4, Insightful
  
  There's a lot of boasting yes, but as I understand it a lot of security bugs are discovered because they're being exploited. If you do all your hacking in a test lab and only use it sparingly and targeting specific computers it might take a long time before it ends up in any security researcher's lab. For example, take this recent bug from Microsoft, it affects every IE version back to IE6 - possibly older since they don't test further. Assuming it was in the original IE6 code base that's a bug the cyberwar division might have been sitting on for 12 years. Multiply that with lots and lots of top notch people and a system that don't disclose and (mostly) don't exploit, just hoard for a rainy day and I have no problem believing they have a pretty solid stash.
  However that is also their biggest limitation, if you start using them they'll also become exposed so they're more like deep undercover agents. They're not going to "waste" them trying to catch the odd criminal, even if it's for serious crimes. They're military assets stockpiled for a cyberwar, like being able to crack the Enigma code during WWII. Some of it for espionage but I'm guessing most for being able to strike both physically and electronically at the same time, paralyze or even mislead their systems while you move in.
  
  --
  Live today, because you never know what tomorrow brings
Re:I have to ask... by alen · 2013-07-09 08:28 · Score: 5, Insightful

first the knowledge of the bugs is classified. better to know something that the enemy doesn't
and most of the government's data isn't classified so its not that big a deal
Re:NSA? by damiangerous · 2013-07-09 08:32 · Score: 2

The NSA is under the Department of Defense, which makes it close enough.
If true, a profound disservice by Anonymous Coward · 2013-07-09 08:37 · Score: 5, Insightful

So, if what's being claimed is true (I'm doubtful), by not making these flaws public and giving vendors the chance to fix the issues, they are jeopardizing the domestic infrastructure they are ostensibly tasked to protect?
There's something profoundly inconsistent in this story, or profoundly hypocritical if it is true.
And he plays in a "hardcore rap/EDM band"? Either this person is an idiot for revealing something so specifically identifiable (even among "5000 people on my team", how many others of them are into it that much?), or they're spinning a yarn (misdirection or the whole story is nonsense).
Re:Rings of bullshit. by gl4ss · 2013-07-09 08:41 · Score: 5, Insightful

If a hacker could hack into a megabank, airline, hotel chain, etc, how could you possibly pay them enough to ensure that not one of them makes a nice life for themselves?
well... by keeping them in a surveillance hell I suppose. he could still do it but he couldn't use any of it.
but the article smells like bullshit. tens of thousands of exploits ready to go to any controller(I suppose that means industrial controllers and such, fucking vcr's etc) and cracking any sw ever anywhere. fuck, there's some sw's that don't have enough of an attack vector at all. practically the only way it could be remotely true would be if they counted exploits they didn't even try and they counted platform exploits as exploits for sw on the platform(so, say java applet sandboxing has a hole in it = thousand exploits even if they're all the same). he's even claiming that no patched exploit used by malware authors affected their exploits in any way.
of course, it's infoworld - the bullshit heaven. the weakest defence the magazine had was the journalist. the fucking article starts with 15 year old as head of IT, then 16-17 year old having 100k worth of equipment for "hacking the airwaves" and just leaving it in a shed, it then downgrades to "I was writing buffer overflows and doing fuzzing" and watercooled computers in trucks.
Mr Grimes, go fuck yourself. either the facts are fabricated or the guy outed himself by the few details(15y head of it at federal hospital, spent time abroad with his mom) and the rest are just.. bullshit you could have made up. so where the fuck is the story?

--
world was created 5 seconds before this post as it is.
Re:I have to ask... by gl4ss · 2013-07-09 08:43 · Score: 2

...If they have access to such awesome vulnerability detection software, why don't they run it on all the government's servers and applications?
Sounds like shit.
because they WANT the chinese to have blueprints to their billion dollar jets. you know, that's only way to bankrupt them. also, why don't they hack iran's banking that provides funding for their nuclear program?

--
world was created 5 seconds before this post as it is.
Re:Rings of bullshit. by jeffasselin · 2013-07-09 08:44 · Score: 2

You talk as if the "government" was a monolithic entity. Its left hand very often doesn't even know its right hand even EXISTS, much less care what it does. Even worse, it may very well be that they don't want other government employees to patch those systems so they can spy on them, too!

--
If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
Scary thought by Sperbels · 2013-07-09 08:49 · Score: 2

Literally, if you can name the software or the controller, we have ways to exploit it.
Voting machines?
1. Re:Scary thought by meta-monkey · 2013-07-09 09:06 · Score: 5, Funny
  
  Voting machines?
  Dude could save the country and be a national hero. I can see CNN on election night 2016 now...
  Wolf Blitzer: "In a shocking turn of events, not a single Republican or Democrat, or anyone on the ballot for that matter, won a single national election today. The entirety of the Senate is now made up of 20 random engineers, 15 doctors, 10 accountants, 10 school teachers, 10 construction workers, 5 disabled veterans, the 5 honest cops, and the rest are mexican day laborers. There's not a single lawyer or millionaire among them, and the new President is comedian Doug Stanhope."
  
  --
  We don't have a state-run media we have a media-run state.
Re:Sounds like complete bullshit... by Flere+Imsaho · 2013-07-09 09:07 · Score: 5, Informative

Yeah, a lot of it sounds far-fetched to me as well.
" Most of the software written in the world has a bug every three to five lines of code. " Sure, buddy.
"It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface." Oookaaay, that sounds legit.
"My loft was up near the rafters, so I scooted over into the next storage area, climbed down" No lock-up facility I've been in has access through the roof space to the roof space into other units. Would you keep "$100,000 worth of computers, radio equipment, and oscilloscopes" in such a facility?
This reeks strongly of male bovine excrement.

--
It gripped her hand gently. 'Regret is for humans,' it said.
Re:Adobe by AdamStarks · 2013-07-09 09:41 · Score: 2

Oh please. At least half of them are Java!
FTFY
This bothered me: by gr8_phk · 2013-07-09 10:41 · Score: 2

Most of the software written in the world has a bug every three to five lines of code. It isn't like you have to be a supergenius to find bugs.
Some blend of three options here:
1) He's full of shit
2) I'm delusional in thinking I write code way better than that
3) Most of the world really is barely held together by bubble gum and duck tape

What bothers me is to what extent is #3 actually the answer.
1. Re:This bothered me: by danda · 2013-07-09 11:43 · Score: 3, Funny
  
  duct tape, not duck tape. That's a bug in 1 out of 3 lines. :P
  > Most of the world really is barely held together by bubble gum and duck tape