US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet

An anonymous reader sends this news from the Washington Post: "U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents [from Edward Snowden]. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed 'covert implants,' sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions. ... The implants that [an NSA group called Tailored Access Operations (TAO)] creates are intended to persist through software and equipment upgrades, to copy stored data, 'harvest' communications and tunnel into other connected networks. This year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” or excerpts, according to one budget document. In some cases, a single compromised device opens the door to hundreds or thousands of others."

wow

[alienzed]

that is so cool.

Re:wow

Yeah. And to think that they can't secure their own networks, hence that Snowden got this out.

Sometimes I wonder if the NSA planted some or all of this stuff to impress the hell out of the world and strike fear into the hearts of the Opposition. I mean, this is straight out of a Sci-Fi plot: Homer Simpsonvich brings one infected iPod into his FSB headquarters, and soon the whole goddamned place is full of programs that are listening in on anything in sight, autonomously making cuts to exfiltrate back to Ft. Meade, copying anything that looks interesting, and surviving whatever the Opponents do to the host machines.

Re:wow

[Zaldarr]

Not to mention fucking terrifying.

Re:wow

[MobSwatter]

Yeah, I was wondering how they can get away with charging $100 for a years worth of Norton 360 that is completely worthless against their root kit? Meet the U.S., it's not illegal if it's classified, we're the "good guys" -cough...

Re:wow

[Digital+Ebola]

Yeah. And to think that they can't secure their own networks, hence that Snowden got this out.

Sometimes I wonder if the NSA planted some or all of this stuff to impress the hell out of the world and strike fear into the hearts of the Opposition. I mean, this is straight out of a Sci-Fi plot: Homer Simpsonvich brings one infected iPod into his FSB headquarters, and soon the whole goddamned place is full of programs that are listening in on anything in sight, autonomously making cuts to exfiltrate back to Ft. Meade, copying anything that looks interesting, and surviving whatever the Opponents do to the host machines.

Securing a network is always harder than attacking a network and you can never fully understand a person's intentions when you grant them access. I'm sure a small part of what they publish is a psyop of some kind but for the most part, yes, sci-fi is reality. We are not the only ones doing it and we may not even be the best.

When you start to consider everyone who is "operating" on the Internet, things get really scary, really quick. The new cold war will be one of constant paranoia of an attack that can influence a piece of critical infrastructure. There have been small rumored instances but until the Hiroshima of the online world happens, it will be a constant game of shadows and you never, ever, fully know or understand an operator's capabilities.

Sci-fi, indeed.

Re:wow

This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network. The sluice gates on the dam, the control rods in the reactor, the ventilator machine standing between granny and the reaper—none of that belongs on a network. So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.

Re: wow

[AlephNaut]

Not scary at all to me but I have very low paranoia...

Re:wow

[ron_ivi]

Norton 360 that is completely worthless against their root kit?

For all we know, Norton 360 might *be* their root kit.

Re:wow

[djupedal]

Norton 360 that is completely worthless against their root kit?

For all we know, Norton 360 might *be* their root kit.

Don't look at me - I turned down a job w/Symantec. Some guy named Snowden recommended against it. Wonder what he's doing these days...

Re:wow

[tragedy]

Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.

Re:wow

[thoth]

So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.

But that cuts into profits and corporations have shown repeatedly they'll throw anyone/anything under the bus to maintain their profit margin.

Re:wow

[c0lo]

that is so cool.

GENIE's free from the lamp! And one wonders, were the Chinese showing where this TAO leads to?

Re:wow

[fluffy99]

Norton 360 that is completely worthless against their root kit?

For all we know, Norton 360 might *be* their root kit.

So you use Kaspersky instead? You realize that it's banned by DOD because of "supply chain concerns".

Re:wow

[SGT+CAPSLOCK]

Whether it be Microsoft Security Essentials, Norton, or any other antivirus software, it won't help.

Didn't you read the article? Those kinds of things are only useful against mere computer viruses. These are more sophisticated.

These are "implants"!

Re:wow

[temcat]

Yeah, because it may contain competitor's rootkit instead of their own.

Re:wow

[0111+1110]

an attack that can influence a piece of critical infrastructure.

I welcome such attacks. Bring them on I say. Their "damage" will be very limited and then maybe the idiots that put things like power plants, traffic lights, dams, air traffic control systems, banks, and nuclear reactors on the internet can be fired, sued, and/or prosecuted for gross negligence. I consider such attacks to be healthy if it prevents such idiotic behavior in the future. Once you air gap all critical computer systems then there is no excuse for any of this cyberwar bullshit and morons can stop ranting about it. The internet was never intended for such systems and they have no business being connected to the world wide web. Meanwhile governments around the world can focus on knocking out World of Warcraft servers instead of dropping bombs on people. Works for me.

Re:wow

[AmiMoJo]

Ha! I don't have any anti-virus, so I'm completely safe from US cyber-attack!

Re:wow

[Thor+Ablestar]

OpenBSD?

Re:wow

[rainer_d]

This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network.

Didn't help Iran when STUXNET hit, did it?
The truth is: if you have no network-connection, people start using USB-sticks over and over - which creates a completely different attack-surface.
Air-gapping critical infrastructure isn't a bad idea - but it can't be an excuse to not secure these system at all.

Re:wow

[Proudrooster]

I agree. You know what upsets me the most from these documents is how the USA views the world. The NSA view is USA vs. world. It doesn't matter if they are an ally or declared enemy. Hack, spy, surveil, torture, bomb, do whatever you want because they aren't one of us. Oh, and if they are one of us, catch'em at an airport take their stuff and send them off USA soil so you can do as you please. As for the people that live on USA soil, we are watching you too and we have a secret letter and secret court that will do our bidding and you can't discuss it, or else.

What the hell have we become?

Re: wow

[wmac1]

you seem to be full from paranoia of being safe ad having privacy...

Re:wow

[Rich0]

Securing a network is always harder than attacking a network and you can never fully understand a person's intentions when you grant them access.

Indeed this is a principle true in any form of warfare. The attacker gets to choose where to attack. Inevitably the attackers greatest strength is brought to bear on the defender's greatest weakness. Victory usually goes to whatever side can maintain the initiative.

Re:wow

[cavreader]

Their network wasn't hacked. The guy was a system admin with password lists, administrator level security rights, and physical access. The PRISM information came from a PowerPoint presentation and contained no technical details on how the system described was actually implemented. The PP presentation looked more like a presentation used to garner additional funding. Securing this type of funding always leads to promising a whole host of shit upfront but in reality the promises tend to come up short. The latest claims are based on a budget document that contained no technical or operational details. How much more data can be released about US foreign intelligence service activities is it going to take to move Snowden from a whistleblower hoping to enlighten US citizens to a full fledged traitor. If he keeps it up even Russia won't be able to protect him. If you believe the US should not have any foreign intelligence activities I am sure they will close down the shop as soon as every other country in the world does.

Re:wow

[cheater512]

It is fine to have it on A network, not just THE network.

CAT-6 cable comes in many different colours. Easiest way to implement 2 (or more) networks.
And strictly single use computers attached to the secure networks.

Re:wow

[MobyDisk]

So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.

Unfortunately, it isn't that simple.

As an example, take an ICU ward. There may more than a dozen of pieces of equipment connected to a patient. First problem: there is a lack of skilled people who can read those machines. You would essentially need a highly trained person sitting in the room with them staring at each one. According to a 2009 article there are 100,000 beds so that would be another 100,000 people. Considering the nursing shortage that seems impossible.

Next problem: Humans can't process the amount of information the computer can. The computer will be processing data from all those medical instruments in realtime, and it might make a split-second decision to notify a caregiver that something is wrong. Even a human in the room looking at all those readouts couldn't do what the computers can. Not that a human can watch all those dials and guages for an entire shift without zoning out now and then. If they were making rounds to the rooms, they might miss the critical moment and the patient could be dead before they get back to the room and see. Plus, there might be a machine running a blood culture that is 10 minutes walk away. They can't keep their eyes on that too.

Better to feed that data to a central point, and let the human monitor it from one central point. But that requires a network. Worse yet, perhaps the hospital is in a rural area and they may not have the personnel 24/7. So why not send the data to a more populated area 50 miles away, where there are enough people to monitor. But now we not only have a network, but we need a WAN.

This is the kind of problem hospital administrators have to face every day. There are lives on the line. Don't envy that position, and don't pretend that it is easy.

Re:wow

[Gogo0]

actually that was a DoD initiative in 2007. now there are host-based security system clients on every computer to keep USB mass storage disabled and attempts to use it logged. doesnt help when you boot into a livecd, though.

Re:wow

[gottabeme]

Air-gapping is part of securing critical infrastructure. A major part. Or it should be.

Re:wow

[gottabeme]

Your example is not an example of an ICU ward. An ICU ward is not one nurse watching a screen of heart monitors and going on 10-minute walks across the hospital to pick up lab test results. An ICU ward is a room of patients in critical condition staffed by dedicated personnel who can quickly run to any patient when their monitoring equipment starts to sound a loud alarm.

Worse yet, perhaps the hospital is in a rural area and they may not have the personnel 24/7...

So a hospital with only patients, no staff? That's called Home Health with LifeAlert. Where do you come up with this stuff? You're making no sense at all.

Re:wow

[gottabeme]

Password lists?

Re:wow

[Phroggy]

actually that was a DoD initiative in 2007. now there are host-based security system clients on every computer to keep USB mass storage disabled and attempts to use it logged. doesnt help when you boot into a livecd, though.

Apple no longer makes computers that have optical drives. How long do you think it will be before the rest of the industry follows suit?

(Those who need them can of course still connect external optical drives.)

Re:wow

[Phroggy]

Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.

I wonder if it has occurred to anyone that the NSA's actions in other countries could be construed as acts of war....

Re:wow

[Gogo0]

there is that of course, or plugging another hard drive into the SATA and booting from it, or a million other ways. point being, insider threat cannot ever be 100% mitigated. in the end it all boils down to a level of trust.

Re:wow

[cavreader]

Auto regenerated passwords every day on multiple machines. Write them down. There is your list.

Re:wow

[TheRealLifeboy]

Why the freakin' hell are the all still running Windows??? I'm constantly stupendified by the stupidity of these so called experts that put these systems in place. If I had to run critical infrstructure it would be open source all the way and I would have forensics experts combing the code and comms for leaks, backdoors and vulnerabilities.

<shakes head and walks away>

Re:wow

[EvilSS]

Unlikely, most rootkits would go to great lengths to not impact performance, thus not be noticeable. Norton 360 seems to have been designed with the opposite goal in mind.

Re:wow

[MobyDisk]

An ICU ward is a room of patients in critical condition staffed by dedicated personnel who can quickly run to any patient when their monitoring equipment starts to sound a loud alarm.

Agreed. My point still stands. Those dedicated personnel can't do it all without a computer and a network. In some cases, it is even a WAN.

Yeah, my second example wasn't so great. But I didn't make this up. :-) Here is one example of I am referring to:
Philips EICU

Re:wow

[gottabeme]

Interesting. Do they actually use schemes like that? I don't think I've heard that recommended as a good idea before.

Re:wow

[gottabeme]

You're still generalizing. I think those dedicated personnel could do it just fine without computers (i.e. general purpose computers) or a network. For example, heart monitors with loud klaxons don't need to be hooked up to an aggregating display over a network. In fact, one could argue that it's better to do it this way, because it's a less complex and more compartmentalized system and therefore less prone to failure (especially unnoticed failure).

The eICU Program clinically transforms the ICU, using a proactive care model that provides a solution to growing physician and nurse shortages while dramatically improving quality of care. Through an ideal blend of medicine with technology, this care model leverages clinical expertise, patented processes, and cutting-edge technologies to improve critical care delivery.

...I still don't know what that does, and looking at their "program overview" page was even less informative. I have a feeling that it's mostly mumbo-jumbo designed to sucker hospitals into spending more money, raising the cost of health care and medical insurance, and further depersonalizing medicine by putting more technology between patients and doctors. But I could be wrong.

Allies?

[rtb61]

Allies, "ALLIES", we don't need no stinkin' Allies. All of it, ALL OF IT, ours, we, want it all, exploit it, burn it, the whole world, it's ours, Ours, OURS.

Seriously out of control. Looks like Chinese hardware is the least of the worlds problems. With the US Stupidity Services trying to purposefully break everyone's networks and insert back doors that only they, and their contractors, and anyone who wants to pay those contractors knows about.

Morons there is no such thing as an exclusive back door. Once you broken the security of other countries networks, you leave access for anyone waiting to exploit, bet anything you like those morons did not at all to monitor and ensure those back doors were not exploited by others. I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.

How many attacks have they launched they were designed to do nothing else but increase their budget?

Re:Allies?

[NoKaOi]

Personally, I take comfort in knowing that this will only be used against foreigner's computers, since I am a US citizen. Just like how we were assured the collection of phone data only applied to foreigners. Damn it, why does my CPU usage keep spiking?

Re:Allies?

[cold+fjord]

I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.

I wonder how many attacks by the Chines, Russians, North Koreans, and Iranians you have blamed on the US? Does anyone in the world do disagreeable things besides the US, in your mind?

Re:Allies?

[Zontar+The+Mindless]

I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.

I myself have always regarded Anonymous as perhaps the ultimate expression of the old saying, "When four sit down to conspire, three are fools and the fourth is a government agent."

Re:Allies?

[c0lo]

I wonder how many attacks by the Chines, Russians, North Koreans, and Iranians you have blamed on the US?

Could this be an "argumentum ad micturio praelium" ("pissing contest" argumentation, a lower cousin of ad populum)???
Nah, you are correct: cannot exclude attacks from others, but...

Does anyone in the world do disagreeable things besides the US, in your mind?

Slipping on the trolling side already? The OP didn't say others aren't doing it, just that:
* he sees what others are doing as a smaller concern in comparing with US (see "Looks like Chinese hardware is the least of the worlds problems")
* he cannot rule out false flag operations from the US spooks side.
Feel free to disagree, but... come on, you should be able to do better than building strawmen.

Ah, oh... would this be punishing your ordinary views somehow?
My apologies, I don't intend to curtail your right of free speech, even I don't feel any compulsion to show my commitment to it

Re:Allies?

[cold+fjord]

I'm certain you must be interesting when taken in small enough doses.

Re:Allies?

[erikkemperman]

I wonder how many attacks by the Chines, Russians, North Koreans, and Iranians you have blamed on the US? Does anyone in the world do disagreeable things besides the US, in your mind?

And have you, and other NSA cheerleaders, not bitched and moaned about it every single time anyone suggested they were being hacked from China or Russia? Now that it turns out to be hypocrisy, as in the US are doing much the same on a massive scale, it suddenly serves as an argument in their defense?

Just checking.

Re:Allies?

[c0lo]

I'm certain you must be interesting when taken in small enough doses.

Smaller doses is why it remained so much of me. About 90 kilos.

Re:Allies?

[cold+fjord]

John Bolton has a more nuanced view. No doubt you will disagree.

Re:Allies?

[Tom]

Morons there is no such thing as an exclusive back door. Once you broken the security of other countries networks, you leave access for anyone waiting to exploit, bet anything you like those morons did not at all to monitor and ensure those back doors were not exploited by others.

That's not true.

We know of malware that not only uses keyed and encrypted command channels, but also patches the hole it came through. You see, lots of criminals have also decided that once your computers is theirs, it should stay theirs and not fall to the next competitor coming along.

Re:Allies?

[erikkemperman]

John Bolton [theguardian.com] has a more nuanced view. No doubt you will disagree.

I'm not particularly nuanced, I don't suppose. Point taken. But are you now posting op-eds in support of your claim? By John Bolton, no less... The pinnacle of nuance, to be sure. But all right, rather than shoot the messenger, which would be easy here, let's look at what he wrote. (Note to others, the following quotes are Bolton, not cold fjord)

Snowden initially violated his oath to safeguard the national security secrets entrusted to him by revealing National Security Agency (NSA) programs arguably affecting the privacy of US citizens

Conventiently not mentioning his other, more fundamental, oath to protect the US constitution? Also, "arguably affecting the privacy"... We can omit the "arguably" here, it seems to me; that has been Snowden's main point (which has not been creditably disputed, as far as I know).

Snowden's sympathizers and anti-American activists have so far largely controlled his story line

Cleverly mentioning "Snowden sympathizers" and "anti-American activists" in close conjunction. The implication being, without actually demonstrating, that they are one and the same. Echoes of Al-Qaeda and Iraq, a decade ago. Bolton's statement that these have "controlled the story line" is arguably true, but not for lack of trying.

We do not yet know whether Snowden jeopardized US agents, but vital sources and methods of intelligence gathering and operations are clearly at risk

Hm, that contradicts the point you were making about how thousands of operatives were already in grave danger. Although I suppose you will say that you were talking about UK operatives. Ok, I'll give you that, sort of.

Snowden has given Beijing something it couldn't achieve on its own: moral equivalence. Now, China can portray itself as a victim, besieged by America, and simply trying to defend itself.

Do you really not see the hypocrisy here? For years the West has accused China and Russia of doing exactly what they were themselves doing all along. So the "damage" here is that the falsely claimed moral highground is now exposed as dishonest fiction.

Snowden's initial leaks on NSA programs also caused substantial political harm, above and beyond the intelligence damage. Several European governments which co-operated with the US are now predictably running for the tall grass, endangering the continuity of existing programs and damaging prospects for future co-operation

Again, taking for granted that *of course* the US were spying on allies, this doesn't even need defending in Bolton's world. The damage is in showing the hypocrisy. Bolton thinks this is a wonderful argument, I say that this statement, coming from a senior US (ex)official, just discredits US diplomacy even further.

As with the Bradley Manning/WikiLeaks exposure of thousands of classified State Department and Pentagon cables, Europeans want to know why Washington can't protect sensitive information.

False, Europeans want to know why their supposed partners in Washington are treating them like adversaries. The bulk of the cables, I might add, turned out to be "embarrassing" rather than "dangerous" to the US.

But Beijing does not deserve moral equivalence, given the intensity of its cyber-attacks against America. The key point is that China struck first, developing a pronounced asymmetric advantage.

I don't know who struck first, if that even makes sense, but I notice Bolton doesn't give any argument to support his claim. What has been revealed though, is that the West was striking for a long time while publicly denying it.

Then he does a bit of character assassination, I am in no position to judge either way. My personal impression, though it should not count for much, is that Snowd

Re:Allies?

[c0lo]

John Bolton has a more nuanced view. No doubt you will disagree.

2 wrongs != 1 right (China hacking does not excuse US hacking)

Besides, John Bolton who?!? Do you subscribe to his views?

Re:Allies?

[AmiMoJo]

Maybe some of those foreigners whose rights the US doesn't give a shit about are retaliating. Suddenly all those claims of Chinese state sponsored hacking look like self defence, with ordinary US citizens and businesses on the front line.

Re:Allies?

[Zontar+The+Mindless]

Someone seems to think that comment was funny, but it was not intended as humour.

Re:Allies?

[Will.Woodhull]

The NSA is employing a lot of very clever techies to do all this stuff. In addition to being very clever, these techies also have another common trait: a flexible sense of ethics that allows them to take money (salary, wages) to do stuff that others regard as evil or dirty.

What is preventing these persons from also taking money from criminal organizations or other governments for the products of their expertise? How much is the code for installing a back door that knows how to close itself worth to the Syrian Electronic Army? To the Columbian drug cartel? Just how flexible are their moral fibers?

Does anyone really think that Snowden is the one and only person in the NSA who figured out how to smuggle a copy of highly marketable merchandise out of the NSA? Is it not much more likely that Snowden is just the only one who chose to give the stuff away rather than selling it quietly?

We can set the ethical arguments about what the NSA has been doing aside since there is a very strong pragmatic argument that this nest of vipers should be destroyed. In creating the NSA, the USA has created a monster it cannot control, whose products will be used to attack every USA interest, and every USA corporation, before all is done; if it is left alone. The only possible way the USA can now secure the findings and the code that the NSA develops is to yank every NSA employee off the street and confine the bunch of them in Gitmo, without benefit of due process, for as long as the software they have learned to compromise remains in use. So, like maybe ten or twenty years.

Re:Allies?

[Rich0]

Morons there is no such thing as an exclusive back door. Once you broken the security of other countries networks, you leave access for anyone waiting to exploit, bet anything you like those morons did not at all to monitor and ensure those back doors were not exploited by others.

I get what you're saying, but those back doors wouldn't be there if the OS weren't exploitable in the first place. If anything I suspect that things were left more secure following the intrusion than before. They're just vulnerable to a different form of attack now (one that doesn't really concern the US - these aren't their networks they're messing with).

Re:Allies?

[aaaaaaargh!]

don't toss stones, as EVERY first world nation is doing this. Where you live is no more 'innocent'..

That's complete bullshit: #1 you have no fucking clue what other intelligence agencies are doing or not, and #2 there are good reasons to believe that most other nations don't even remotely have the budget to pull this off, and #3 policies and intel priorities differ vastly from nation to nation.

Re:Allies?

[cold+fjord]

Conventiently not mentioning his other, more fundamental, oath to protect the US constitution?

I don't believe that contractors swear an oath to protect the Constitution, and even if they did, who did Snowden vet his personal interpretation of the Constitution with? Nobody, I expect. Assuming his intentions were actually "good," he just decided he didn't like it and broke the law. As to the constitutionality of the programs, Professor Geoffrey Stone of the University of Chicago Law School has some views on that.

Also, "arguably affecting the privacy"... We can omit the "arguably" here, it seems to me; that has been Snowden's main point (which has not been creditably disputed, as far as I know).

That's something of a philosophical question. If they collect and large amounts of data, which the phone company already has, but only look when they have a warrant, is it an invasion of privacy? Is it collection and storage that is a violation, or is it where there is a person looking at the data? I would say the looking. I can certainly understand how the storing would be an uncomfortable point.

But as to Snowden, it is clear at this point that he went way beyond questions of privacy in what he grabbed. He disclosed information on anti-terrorism operations, such as against Bin Laden and others. That has nothing to do with the privacy of American citizens.

Cleverly mentioning "Snowden sympathizers" and "anti-American activists" in close conjunction. The implication being, without actually demonstrating, that they are one and the same. Echoes of Al-Qaeda and Iraq, a decade ago. Bolton's statement that these have "controlled the story line" is arguably true, but not for lack of trying.

No, it is pretty straight forward that Snowden sympathizers and anti-American activists are overlapping groups, but not the same despite your claim. I don't believe that the US government ever claimed that Iraq was involved in 9/11 as part of the plot. Iraq was a state sponsor of terrorism, that is beyond dispute. There were contacts between the members of the Iraqi government and al Qaida members. Al Qaida members were present in Iraq.

Hm, that contradicts the point you were making about how thousands of operatives were already in grave danger. Although I suppose you will say that you were talking about UK operatives. Ok, I'll give you that, sort of.

Actually I'm completely correct. Bolton was referring to US agents, I referred to British agents. I don't believe the actual number of agents was revealed.

Do you really not see the hypocrisy here? For years the West has accused China and Russia of doing exactly what they were themselves doing all along. So the "damage" here is that the falsely claimed moral highground is now exposed as dishonest fiction.

Was the West, the US, doing it all along? I don't think that has been established. I think it is also highly doubtful that the US or any country in the West has strong human intelligence in either China or Russia, certainly not to the degree they have on the US or Europe. The history seems to indicate that Eastern Block nations and China were pursuing computer espionage much more seriously long before the US or Europe. If you haven't, you should read The Cuckoo's Egg about an early documented case in the 80s. The author had a difficult time getting the gov

Re:Allies?

[ron_ivi]

"When four sit down to conspire, three are fools and the fourth is a government agent."

Far more than that.

One in 4 are FBI informants - and that's just a single agency inside the DOJ. And DHS and DOD spend far more on this kind of work.

When 4 Anons get together, I suspect it's most likely this combo:

1. 1 DoJ (FBI)
2. 1 DHS (United States Cyber Command)
3. 1 DoD (NSA or CIA)
4. 1 Chinese Military.

And once they figure out that they can't bust each other, they recruit some script kiddies instead.

Re:Allies?

[Omestes]

don't believe that contractors swear an oath to protect the Constitution, and even if they did, who did Snowden vet his personal interpretation of the Constitution with? Nobody, I expect. Assuming his intentions were actually "good," he just decided he didn't like it and broke the law. As to the constitutionality of the programs, Professor Geoffrey Stone of the University of Chicago Law School has some views on that [volokh.com].

I don't know about his duty to the constitution, but in my view he acted ethically, if not legally. He saw something that he thought was wrong, and harmful to others, and tried to stop it. To me this is a higher good than merely protecting the Constitution. I would hope that everyone would do the same, if in his shoes, or in like situations. This is especially true in situtations like this, where no one who matters (i.e. not the powers that be) are likely to be harmed.

As for embarrassment... Big whoop. If you don't want to be embarrassed, don't do anything embarrassing. If your action bite you in the ass eventually, that is your own fault, and you don't get my sympathy. Especially when it is a Government operating outside their purview (the will, and welfare of the American people). I don't give a shit if it is "my" government, or a "bad" government like China, the standards of judgement are the same. An act is evil, or good, no matter who commits it. I fail in nationalism, surely, but history has taught me that nationalism is rarely a good thing.

Snowden is likely an asset of Russian intelligence.

If there is any proof of this, then it is worth talking about. If not, it is base speculation and not really worth entertaining. Might as well say that Snowden is working for the greys, to take power from the lizard aliens who control the American government. Both statements are pretty much equivalent at this point, being somewhat meaningless conspiracy theories. That said, their might be more than meets the eye with the Russian connection, but until there is some information it is pointless to speculate. We're also dealing with intelligence communities, so whose to say that most of the information on this tract isn't psyops, or whatever?

I wouldn't rush to judgment that the Snowden leaks are a good thing. The West may come to regret them greatly. These revelations will be playing out in events over the course of years.

My government might regret them. I won't. Even if they are of dubious origin, if they are true, then we deserve the egg in our face. And further, those that permitted this state of affairs should face some consequences. Even if this isn't good for my country, or me personally, I'm find with whatever fallout there may be, since consequences are always deserved for bad behavior. This is probably a rare point of view, but I'll stick with it. Ethics trump power, at least in my book.

Re: Allies?

[c0lo]

Maybe two wrongs don't make a right, but bringing a knife to a gunfight is a good way to end up dead.

In this context, bringing a bullet proof vest might have been more beneficial than bringing an entire arsenal.

Re:Allies?

[nurb432]

Apparently you are the one that lives in a fantasy world, and not myself. But go ahead, the watchers prefer people like you.

Re:Allies?

[Tom]

What is preventing these persons from also taking money from criminal organizations or other governments for the products of their expertise?

How about working for the secret service of a government that has demonstrated that it isn't above killing people without trial if it thinks they're a danger?

I wouldn't want to be on the shitlist of the NSA, not for a year or so worth of salary. Snowden had a motivation that goes way beyond money. You'd need something like that.

Bad USA

[mfh]

Vulgar display of power.

Re:Bad USA

[Jah-Wren+Ryel]

> Vulgar display of power.

These programs are secret. That makes them, by definition, not a display of anything.

Re:Bad USA

[Mitchell314]

Music reference.

Re:Bad USA

[fustakrakich]

They are a display of their secrecy.

Conspiracy theory: Bitcoin crash of April 2013

[elucido]

Who believes the US government had something to do with it?
Suddenly after meeting with regulators the price recovers?
Conclusion: Promote regulation of the Bitcoin network as it's correlated with a rise in the price.

Re:Conspiracy theory: Bitcoin crash of April 2013

[AHuxley]

The entry level job of total real world tracking it is probably worth more as educational exercise than any other actions.
Its global, the crypto glows and now show your teacher you can work with the big data sets in real time....

Re:Conspiracy theory: Bitcoin crash of April 2013

[jon3k]

Why mine bitcoins when they can just login to your computer later and download yours :)

Re:Conspiracy theory: Bitcoin crash of April 2013

[imsabbel]

If the US wanted bitcoin gone, they could have done so.

There exists something called an "51% attack", which means that anybody having more than half the hashrate of the Network is acknowledged as the boss and can do as he wants (stuff like spending the same bitcoin multiple times, manipulate the difficulty of future block mining, etc).

Back in April, before mass ASICS, the US could have trivially gotten that far. Hell, last year anybody willing to spend 5-10 million could have done it with off-the-counter hardware.

For an agencies who have a double digit BILLION black budgets, this is totally peanuts.

Re:Conspiracy theory: Bitcoin crash of April 2013

[elucido]

If the US wanted bitcoin gone, they could have done so.

There exists something called an "51% attack", which means that anybody having more than half the hashrate of the Network is acknowledged as the boss and can do as he wants (stuff like spending the same bitcoin multiple times, manipulate the difficulty of future block mining, etc).

Back in April, before mass ASICS, the US could have trivially gotten that far. Hell, last year anybody willing to spend 5-10 million could have done it with off-the-counter hardware.

For an agencies who have a double digit BILLION black budgets, this is totally peanuts.

Never implied they want it gone, but as a bargaining chip for regulation perhaps they have the kill switch.

holy shit

[Laxori666]

Time for me to destroy my webcam and make sure no device on my computer has a microphone.

Re:holy shit

[wmac1]

Then you shouldn't take and store photos and videos (obviously using and on your computer). You shouldn't use phone (since it has a microphone and possibly camera).. You shouldn't use Windows, ... and Android, ...oh and Linux and almost every connected device and software.

Basically it is a frightening fact that we can hardly run from ubiquitous surveillance since the whole connected electronics devices can be used for spying on us. Unless you leave in a farm, do not have communication devices and spend cash only. But I doubt even that would be enough.

Can we have Orwell's 1984 instead?

Re:holy shit

[antdude]

So you would open your laptops/notebooks to avoid their warranties? Better, just stop using electronics. :)

Re:holy shit

[Barlo_Mung_42]

Still won't work. If you go completely off the grid they'll notice that too. It's best to hide in plain sight. Keep your facebook profile open to the world but full of "TGIF" posts and pictures of your cats/kids. Keep an expected flow of cash going through your credit cards / bank account. Keep your head down. Don't post advice on how to avoid the NSA to semi-popular news sites even if they are well past their prime.

Re:holy shit

[AmiMoJo]

Fighting back seems like the only reasonable option. We are under attack by a military, after all, so as far as I'm concerned it's open season on the US. The problem is that unlike the real world where things take time to escalate in cyber wars one pissed off guy can cyber-nuke in retaliation by taking out some critical infrastructure.

I think the US just assumed it would be a cyber superpower as well, but actually it's probably one of the most vulnerably countries in the world. Predictions of a cyber pearl harbour could be right, but only because the US is provoking it.

Re:holy shit

[wmac1]

I was thinking about it too. If you can produce some product you may even be able to earn some cash and produce enough electricity for non-connected essential electronics.

I still can do my scientific studies and research (the old way), can write books, design electronics circuits and even software (with the condition that it does not require me to be connected) even though I am not connected and that should earn me some money (my PhD field is computer science unfortunately).

And yes, aircon was not even available a few decades ago and people could still live.

I still should think about different aspects of it though.

Re:holy shit

[wmac1]

But even the photos and videos you take deliberately can be used to gather intelligence from you and they may contain totally private information.

Does it work?

[NoKaOi]

Budget documents say the $652 million project...

Most big budget "defense" projects go over budget, over time, and don't perform to expectations. How well does this actually work (yeah, I know it's a rhetorical question)? Of course, by comparison, it's quite a bit less than the cost of a single B-2 bomber, so maybe its budget isn't large scale enough to underperform?

adversaries such as Iran, Russia, China and North

[oheso]

Cold warriors haven't got the memo ...

Now, for the other angle, is this treason?

[elucido]

If Snowden leaked this at this point he's exposing information on operations, methods, everything.
At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?

Re:Now, for the other angle, is this treason?

[oheso]

Whistleblowing on a secret US government agency that's governed (if at all) by secret laws and secret courts, and is clearly out of control? Sorry, that would never cross the line into treason. It's the agency which is breaking the law.

Re:Now, for the other angle, is this treason?

[paenguin]

Since the line for treason gets drawn by the government he is exposing, of course the answer is yes.

The question is, does he care?

Re:Now, for the other angle, is this treason?

[elucido]

Whistleblowing on a secret US government agency that's governed (if at all) by secret laws and secret courts, and is clearly out of control?

Sorry, that would never cross the line into treason. It's the agency which is breaking the law.

So if the identities of operatives were leaked, is that treason? What would be too far even for you?

Re:Now, for the other angle, is this treason?

As a non-american, I think Snowden went far enough for one man. I think we need other Snowdens to stand up and speak the truth. Treason against his government or all of humanity. Tough choice to make.

Re:Now, for the other angle, is this treason?

[elucido]

Since the line for treason gets drawn by the government he is exposing, of course the answer is yes.

The question is, does he care?

I'm asking what line do Snowden supporters draw. Or should Snowden have no limit to what he can leak?

Re:Now, for the other angle, is this treason?

[tragedy]

What operatives? None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.

Re:Now, for the other angle, is this treason?

[bmo]

The schedule for the Two Minute Hate has been adjusted to 13:00 Pacific Time.

Snowden is the new Emmanuel Goldstein.

--
BMO

Re:Now, for the other angle, is this treason?

[elucido]

It is really, really easy to turn a blind eye to the evil one's government perpetrates when that evil is not directed at one's self or one's loved ones, and when in fact these benefit in some way from said evil.

Does all this evil keep our economy strong (possibly at the expense of other economies)? Does it keep stuff cheap at walmart? Does it keep the movies and tv programs flowing? Does it keep most of us basically comfortable in our lives? Then maybe we just won't bother sticking our necks out for a bunch of foreigners who offer nothing to us in return.

What is it that you want people to do exactly? Do you think we have any control over what intelligence agencies do? If we try to stop them then their allies will be in the position to do to us and our loved ones exactly what the US intelligence agencies are capable of doing to people in your country.

You don't seem to understand how things work. The US citizen cannot stop the US government because your government would work with the FBI to stop that. It would be called terrorism. The penalty for terrorism is harsh and can even include death.

If someone in your country tried to take on the intelligence agency of your country, then if your country is allied with the US government then the CIA would destroy those people/terrorists.

The only realistic solutions which aren't suicide or completely insane all take time. Decades. The government agencies can be made less abusive over time, and made to follow the laws of war or at least make it clear to us what rules they follow.

Re:Now, for the other angle, is this treason?

[Princeofcups]

If Snowden leaked this at this point he's exposing information on operations, methods, everything.
At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?

No. Next question.

Re:Now, for the other angle, is this treason?

[elucido]

If Snowden leaked this at this point he's exposing information on operations, methods, everything.
At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?

No. Next question.

Nice dodge to the question.

Re:Now, for the other angle, is this treason?

[c0lo]

If Snowden leaked this at this point he's exposing information on operations, methods, everything. At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?

As a non-US citizen and potentially impacted by the US govt actions, I don't have any incentive to say "this has gone too far".

Re:Now, for the other angle, is this treason?

Let me be candid as a supporter.

There was a point where I would have said "yes, it's gone too far".

However, in response to revelations -- multiple agencies lied before congress, the american public, and the POTUS himself lied to the public.

At this point, I can think of no action short of personally leading an army down Pennsylvania avenue that I would consider treasonous.

The interests of the US Citizen are /no longer/ aligned with the interests of military and government policing and intelligence. That which hampers their ability to function can only immediately strengthen the peaceful citizenry.

Sound radical? All they had to do was own up to democratic process.

Re:Now, for the other angle, is this treason?

[girlintraining]

What operatives? None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.

The people in Wall Street work in cubicles too. Nobody accused them of causing widespread destruction. In other news, the government would like to stop criminals from running botnets... because they hate competition.

Re:Now, for the other angle, is this treason?

So as long as the government puts someones life at risk with an "operation" or claims that it is at risk . . . then it doesn't matter that the "operation" is illegal, immoral and/or unethical and exposing the "operation" is treason?

You can be manipulated trivially.

Re:Now, for the other angle, is this treason?

[cold+fjord]

I'm asking what line do Snowden supporters draw. Or should Snowden have no limit to what he can leak?

Direct observation of the posts in the Slashdot petri dish reveal that for many of them there is apparently no limit, regardless of the consequences.

Re:Now, for the other angle, is this treason?

[ljw1004]

It is NEVER treason to expose government wrongdoing or unconstitutional behavior. It is NEVER treason to expose government coverups or lies. It is NEVER treason to disclose programmes that should have had proper congressional or public oversight but didn't. Everything so far disclosed has fallen into the above categories. If ever disclosing one of these wrongdoings or unconstitutional behaviors or coverups has put an operative or operation in jeopardy - then the blame rests solely on the shoulders of whoever perpetrated that cover up. Otherwise, any wrongdoing could be hushed up simply by entangling it with something else.

At least, that's my view as a Snowden and Manning supporter

Re:Now, for the other angle, is this treason?

[joe_frisch]

As an american citizen it is not easy to figure out how to deal with this. Neither party is running on the "stop being evil" platform. Minor protests don't have much effect in this country and a revolution is clearly worse than what we have now.

Re:Now, for the other angle, is this treason?

[aNonnyMouseCowered]

Or maybe you should be asking: should the government have no limit as to what it can do in the name of protecting the country from supposed foreign conspiracies.

Re:Now, for the other angle, is this treason?

[thoth]

If so, where is the authorization of this activity by Congress, much less the American people?

Authorization is in USC Title 50.

Re:Now, for the other angle, is this treason?

[c0lo]

I'm asking what line do Snowden supporters draw. Or should Snowden have no limit to what he can leak?

Direct observation of the posts in the Slashdot petri dish reveal that for many of them there is apparently no limit, regardless of the consequences.

Pray tell, following Snowden's leaks, what consequences (worse than what US is already doing) may there be for non-US internet users?

Re:Now, for the other angle, is this treason?

[AHuxley]

Historic information filling in the back story to this years cyber comments has consequences....
http://blogs.fas.org/secrecy/2013/08/cyber-offense/
“We believe our [cyber] offense is the best in the world,” - Gen. Keith B. Alexander, director of the National Security Agency and Commander of U.S. Cyber Command.
Lets go down the list cold:
A mission count, the citation needed for the aggressive aspect and the words GENIE and TURBINE.
More people will understand terms like Tailored Access Operations (TAO).
More firms will be careful about their shopping for routers, switches and firewalls from US product lines. That would be nothing new after 30 years of crypto warnings of useless hardware and software been sold world wide from 'trusted' brands.
The harvest aspect is fun ins scope and costing, how is the US getting all that data back without skilled admins at some point working out what their expensive systems are doing :)
The use of sites more within to the US (Georgia, Texas, Colorado) may point to more domestic operations - also not really new.
Overlapping missions notes will be very interesting to US legal teams and law reform groups.
So over all a few new names, terms and a hint that some hardware and software encryption is mostly expensive junk- something books and magazines noted many years ago.

Re:Now, for the other angle, is this treason?

[cold+fjord]

David Miranda, Glen Greenwald's lover, had a list of British agents under Non Official Cover obtained from Snowden, along with about 58,000 other documents, when he was detained by British police. The lives of all of those agents is deemed at risk, and their status gives them no protection. The British assess those documents as being compromised.

Snowden's leaks are a disaster for US, British, and who knows what other intelligence agencies.

Re:Now, for the other angle, is this treason?

[cold+fjord]

Well put, although with what the British found in David Miranda's data, it isn't edging. It is somewhere between a swan dive and a cliff dive. This is way more damaging than most people realize. The British found 58,000 of their documents alone that he was transporting. A former Eastern Block intelligence general office assess Snowden as being a Russian asset.

Defector Describes Russia’s Handling of NSA Leaker Snowden

He explained, “During the Cold War there were hundreds of other self-motivated defectors from the Soviet bloc, and as far as I know, none came out loaded with secret documents. Even the famous KGB archivist Col. Vasili Mitrokhin, who in the 1990s supplied us with some 25,000 pages of highly confidential documents (described by the FBI as ‘the most complete and extensive intelligence ever received from any source’) did not dare to cross the border with documents concealed on him. The British MI6 smuggled them out of Russia.”

Snowden, by contrast, was gathering up classified documents for months, including information disclosed by The Washington Post in its Friday newspaper of the “black budget” of U.S. intelligence agencies. The material was “obtained by The Washington Post from former—intelligence contractor Edward Snowden,” the paper confirmed. This is just the latest disclosure by Snowden, and more have been promised.

Re:Now, for the other angle, is this treason?

[Sabriel]

That's seriously a good question. The ironic answer is that the knowledge that would be sufficient to make an informed decision (as to where the line should be other than an annoyingly vague "whatever doesn't make it worse for humanity") is being withheld from us. Any actual example we could use would be based on what we already know, which isn't going to be whatever the government is still keeping secret - the good _and_ the bad.

Which puts us all between something of a rock and a hard place.

Having read this particular article, it doesn't mention any specific operations, nor any specific methods. I say "specific" because, while it does reveal that the US government is exploiting vulnerabilities in software and hardware (really not a surprise), it does not reveal specifics that would allow an enemy to distinguish between "US government exploit" and "random joe exploit".

I also found this part interesting: "The NSA designs most of its own implants, but it devoted $25.1 million this year to “additional covert purchases of software vulnerabilities” from private malware vendors, a growing gray-market industry based largely in Europe." Apparently, providing 25.1 million dollars of additional demand for unethical behaviour is now within the NSA's newest line in the sand, to go along with global warrant-less electronic surveillance of everyone including its own citizens within its own borders.

Which means here's the thing:

The US government crossed its constitutional line under a veil of secrecy from its own people and then said: I'll keep going.
Edward Snowden crossed his personal line under the orders of the US government and then said: I'm turning whistleblower.

So right now, I'm a lot more worried about the US government's limits than Snowden's.

Re:Now, for the other angle, is this treason?

Cite the authorization for breaking into other countries' systems, installing back doors, destroying their data, and implanting malware.

This kind of handwaving apologetics makes you as guilty as the rest.

Re:Now, for the other angle, is this treason?

Snowden's leaks are a disaster for US, British, and who knows what other intelligence agencies.

I was expecting a statement of something negative occurring to buttress your argument, but mysteriously there's only this very positive outcome notes.

Can you add whatever is missing to your post? I'm confused.

Re:Now, for the other angle, is this treason?

[b4dc0d3r]

that's a rather absolutist perspective. isn't it possible that whistleblowing on a super sensitive program is both necessary and treasonous?

and that if found treasonous, a due process trial should happen?

and that the president could pardon the convict once the impact if that revelation is clear?

not saying that will apply, but it is far closer to reality than "all whistleblowing automatically erases harm from completely unrelated organizations and people", which is how your comment reads.

we are getting summarized information. keep in mind that the actual documents that the guardian and now Der Spiegel have likely contain a lot more detail. I'm betting It's well past treason already

Re:Now, for the other angle, is this treason?

[cold+fjord]

Maybe this will help. Since US and British intelligence agencies have helped to stop terrorist plots around the world in many countries, their disruption may lead to attacks in your country, the deaths of people you hold dear, and destruction of things you treasure.

I wouldn't get too comfortable with the current state of affairs. It hasn't been that long since Snowden began his disclosures, and some problems, such as Islamist terrorism, are not likely to go away any time soon. In fact it is likely to grow much worse in Europe in the coming decades. That same could easily be true in the Pacific regions as well.

Maybe you'll never truly understand until you hear a blast yourself. Some people just never learn.

Re:Now, for the other angle, is this treason?

[fustakrakich]

Snowden's leaks are a disaster for US, British, and who knows what other intelligence agencies.

Absolutely not true. It's a great opportunity to clean house, so to speak. 'Nonproductive' personnel will be thrown under the bus, and the agencies will be getting much bigger budgets, to... uh.. 'rebuild'.. yeah, that's it. To me, this whole affair is brilliant. You know, shake the trees occasionally.

Re:Now, for the other angle, is this treason?

[FuzzNugget]

Da fuck are you smoking and can I have some? Because, damn, that must be some strong shit.

The NSA already crossed that line into treason by violating the most fundamental and sacred legal document in the land. Is it treason to expose treason? Only when they have changed the definition of treason to be any actions or speech against what they're doing, which, as evidenced in the past several weeks, is, "whatever the fuck we want."

Re:Now, for the other angle, is this treason?

[lennier1]

The lives of all of those agents is deemed at risk, and their status gives them no protection.

If you work for something that has turned into criminal organizations of the worst kind (e.g., endangering infrastructure components of other countries), you deserve what's coming your way.

Re:Now, for the other angle, is this treason?

[Error27]

Snowden's insurance file probably contains actual backdoor information, SSL keys, and millions of collected passwords. The internet would have to shut down for weeks... I think even staunch Snowden supporters would be annoyed.

But Snowden would be dead at that point so he wouldn't care.

Re:Now, for the other angle, is this treason?

[cold+fjord]

"Democracy is the theory that the common people know what they want, and deserve to get it good and hard." -- H. L. Mencken

I suppose that can apply to allies and others that US and British intelligence helps to protect as well. Cripple them at your own risk.

Re:Now, for the other angle, is this treason?

[c0lo]

Don't worry sweetie, the life they can't save now could be yours.

I feel a bit freer because of that, you know? Honey... I know, it may sound weird to you, but... I don't crave to be saved by the government spooks, thank you.

Re:Now, for the other angle, is this treason?

[sjames]

That depends of if we decide the NSA has gone far enough to be considered a domestic enemy of the people. It lies to congress, it lies to the citizens, and it may be lying to the president as well. That doesn't sound much like a legit government agency. It spies on Americans and subverts the Constitution. That sounds like something an enemy does.

Re:Now, for the other angle, is this treason?

[cold+fjord]

I suppose you're among those that think 9/11 happened because Islamic countries just decided they "hate our freedom", rather than a long history of being fucked with in a manner that pre-existed that event and continues through today, and will inevitably result in further animosity and eventual blowback.

Here we come to the heart of the issue - you fundamentally fail to understand al Qaida's motivation. Al Qaida wants to continue the Muslim conquests of centuries ago, when invading Muslim armies threatened to conquer Europe, and continue on to the rest of the world. They want to restore what they see as the glory of Islam. They want to restore the Islamic caliphate government dissolved in 1923 with the fall of the Ottoman Empire. They want replace existing government in Muslim countries with strict Islamic governments ruling according to their interpretation of Islamic law. They want to reclaim former Muslim lands, such as Spain, by reconquest. They want to expand the new Islamic empire to all nations, and convert all people to Islam. They are militant and imperialistic.

Do you know what Bin Laden's demands were to the US after 9/11? Convert to Islam, and replace the Constitution with Islamic Sharia law.

They understand this is a long term struggle. They are patient, and will continue it. The problem is likely to get worse before it gets better. Countries facing the threat they pose ignore it to their peril.

Since you are likening intelligence agencies to "children in a clubhouse," that "allows them to play with big, expensive toys," I'm not sure you are really engaging on this at a serious level.
 

Re:Now, for the other angle, is this treason?

[c0lo]

I suppose you're among those that think 9/11 happened because Islamic countries just decided they "hate our freedom", rather than a long history of being fucked with in a manner that pre-existed that event and continues through today, and will inevitably result in further animosity and eventual blowback.

Here we come to the heart of the issue - you fundamentally fail to understand al Qaida's motivation. Al Qaida wants to continue the Muslim conquests of centuries ago, when invading Muslim armies threatened to conquer Europe, and continue on to the rest of the world. They want to restore what they see as the glory of Islam. They want to restore the Islamic caliphate government dissolved in 1923 with the fall of the Ottoman Empire. They want replace existing government in Muslim countries with strict Islamic governments ruling according to their interpretation of Islamic law. They want to reclaim former Muslim lands, such as Spain, by reconquest. They want to expand the new Islamic empire to all nations, and convert all people to Islam. They are militant and imperialistic.

Do you know what Bin Laden's demands were to the US after 9/11? Convert to Islam, and replace the Constitution with Islamic Sharia law.

[Citation needed] (apropos dose sizes).

Re:Now, for the other angle, is this treason?

[erikkemperman]

What was found on Miranda was raw intel -- before being edited. Nothing that made it to press, as far as I know, has identified individuals. Also, how is it Snowden's responsibility that these "non official cover" agents enjoy no protection based on that status?

Finally, can I safely assume that you were vehemently opposed to the pardon of Scooter Libby (and by implication Dick Cheney) for outing an agent -- rather than hang for treason? Which was arguably the more reprehensible in that that leak did not purport to do any public service, but was only out of petty spite (and discouraging dissent) because Wilson wasn't playing along with the massive deception leading up to the illegal war in Iraq?

Re:Now, for the other angle, is this treason?

[cold+fjord]

The Future of Terrorism: What al-Qaida Really Wants

Full text: bin Laden's 'letter to America'

Q2) As for the second question that we want to answer: What are we calling you to, and what do we want from you?

(1) The first thing that we are calling you to is Islam. ...

(2) The second thing we call you to, is to stop your oppression, lies, immorality and debauchery that has spread among you.

(a) We call you to be a people of manners, principles, honour, and purity; to reject the immoral acts of fornication, homosexuality, intoxicants, gambling's, and trading with interest.

We call you to all of this that you may be freed from that which you have become caught up in; that you may be freed from the deceptive lies that you are a great nation, that your leaders spread amongst you to conceal from you the despicable state to which you have reached.

(b) It is saddening to tell you that you are the worst civilization witnessed by the history of mankind:

(i) You are the nation who, rather than ruling by the Shariah of Allah in its Constitution and Laws, choose to invent your own laws as you will and desire. You separate religion from your policies, contradicting the pure nature which affirms Absolute Authority to the Lord and your Creator....

HAMAS Targets Spain

Bonus:
UK: Muslim Gangs Enforce Sharia Law in London
AU: Muslim body wants 'moderate' sharia law but government rejects plan
SE: 'Separate laws for Muslims' idea slammed

Re:Now, for the other angle, is this treason?

[c0lo]

thanks.

Re:Now, for the other angle, is this treason?

[cold+fjord]

Happy to oblige. Enjoy.

Re:Now, for the other angle, is this treason?

[Gavagai80]

Obvious solution: vote for a party that you don't find evil. They don't have to win. If 10% of people voted green and 10% voted libertarian, and the apparent reason was surveillance programs... then democrats and republicans in congress would change their tune in a hurry because picking up those votes would be enough to swing almost every incumbent from a possible loss to a sure win in their next election.

Also, if your congressional representative of either major party happens to be anti-evil -- and there are some -- be sure to cross party lines to vote for them.

Re:Now, for the other angle, is this treason?

[sjames]

The fact that the enemy has infiltrated deeply enough to siphon tax money for their nefarious purposes just makes it worse.

Re:Now, for the other angle, is this treason?

[AHuxley]

Yes two expensive contractors to replace one at the hardware level. Expensive contractors to ride around the USA looking into the past of each and every contractor for real this time.
Personnel who recall past errors/waste and that have the rank/personality to express issues with outside spending and political connections will go.
Expansion in the USA, expect to see the expensive testing of experimental AI and robotic maintenance systems too.
New testing of staff via expensive new experts, profiles created, watching staff internet logs, travel, life, spending habits, non fiction reading.
More trusted foreign linguists and the faith/political issues they bring via their "real" home countries and true loyalties.
The people left will be 'new' and learning, foreign or just know how/when to say yes, dreaming of becoming a contractor real soon.
This is not a disaster, its a generational spending spree.
As for the US and UK intelligence agencies - would they really have lists of their agents in any useful form?
The US and UK have obtained many countries spy lists and know never create their own "walk out" lists.
The Russians would be all over any US personal with that kind of access and the US/UK know that from past efforts.

Re:Now, for the other angle, is this treason?

[flimflammer]

That's not the point he's making. Sure, this particular operation has no undercover operatives, but what if he had leaked information with such individuals? Would it go too far then?

Re:Now, for the other angle, is this treason?

[AHuxley]

The "list of British agents" seems to be all over as a new talking point.
Why would any modern agency would do a 1980's Stasi and make a digital master list?
Considering the CIA got the East German spy list intact.

Re:Now, for the other angle, is this treason?

[0111+1110]

Do you know what Bin Laden's demands were to the US after 9/11?

To get the fuck out of Saudi Arabia. That was his whole beef with us. Period. His aim was not world conquest as you warmongers always like to believe.

They understand this is a long term struggle. They are patient, and will continue it. The problem is likely to get worse before it gets better.

How surprised would you be to discover that your real enemy was not Al Qaeda at all, but your own fellow citizens? The ones who believe in freedom and will resist people like you and your police state policies. People who will fight you in the streets for their freedom if necessary. The misconception is that it takes a majority of the population to revolt. It doesn't. It just takes enough to give the armed forces a good fight.

Libertarian candidate Gary Johnson recieved 1.2 million votes in the last presidential election. A full 1% of the total votes. If every one of those 1.2 million people learned how to shoot and bought themselves some decent weapons and body armor and if the techies among us spent years or decades working on Big Dog esque combat robots to enhance our numbers I think we could give you fascist fucks a decent fight. Especially since it would be all guerrila warfare just like in the war of independence.

Re:Now, for the other angle, is this treason?

[AmiMoJo]

The lives of all of those agents is deemed at risk, and their status gives them no protection. The British assess those documents as being compromised.

Of course they do, otherwise they would have detained him for no reason. Their assumption is that the agents would be at risk if the documents were released, but so far the Guardian has been very careful to redact or not publish anything that could pose danger.

Besides which, arguing that agents of a criminal organization could be at risk if their criminal activity is exposed isn't much of an argument.

Re:Now, for the other angle, is this treason?

[0111+1110]

http://edition.cnn.com/2002/WORLD/asiapcf/south/02/05/binladen.transcript/

Q: Let's get back to what happened in New York and Washington. What is your assessment of the attacks on America? What's their effect on America and the Muslim world?

BIN LADEN: The events of Tuesday, September the 11th, in New York and Washington are great on all levels. Their repercussions are not over. Although the collapse of the twin towers is huge, but the events that followed, and I'm not just talking about the economic repercussions, those are continuing, the events that followed are dangerous and more enormous than the collapse of the towers.

The values of this Western civilization under the leadership of America have been destroyed. Those awesome symbolic towers that speak of liberty, human rights, and humanity have been destroyed. They have gone up in smoke.

...

I tell you freedom and human rights in America are doomed. The U.S. government will lead the American people and the West in general will enter an unbearable hell and a choking life

If you read the whole interview you see that he does briefly mention his earlier demands that the US leave Saudi Arabia, but in this interview he focuses more on Palestine and the death of Muslims from American bombs. He mentions many times that 9/11 was justified as payback for American wars in Muslim countries. Nowhere does he mention annexing North America and imposing Muslim law which would be a ludicrous goal in any case. If that was so important to him I wonder why he left it out in such a high profile interview with Al Jazeera.

Re:Now, for the other angle, is this treason?

[0111+1110]

As a Libertarian like Snowden, I support transparency up to the point of causing specific harm to innocent individuals. If the NYT or Washington Post actually release information that results in anyone being killed or imprisoned by plausible enemies (not by say Canada) that's where I would draw the line. Specific details about military or valid intelligence operations that would be genuinely useful and non-obvious to plausible future enemies may also be crossing the line. For anything else I say bring it on! That information wants to be free. Just saying that the US engages in cyber attacks against certain countries or even mentioning how many such attacks we typically engage in in a year is anything but harmful to Americans and the rest of the world. Mainly because of the hypocrisy. I believe hypocrisy should always be exposed. In order to correct an out of control government the people have to know what is going on.

Re:Now, for the other angle, is this treason?

[lennier1]

It seems more and more like they're using "copyright math" to justify the tools for a police state with the untold trillions of deaths they have already avoided.

Re:Now, for the other angle, is this treason?

[cold+fjord]

I may have more to say at a later time, but the short answer for now is look at the date of the interview: October 2001. The Taliban had been pressuring Bin Laden to deny any involvement to try to forestall or limit any American military action against Afghanistan. Bin Laden still made his demands to the US clear some time later, but still didn't fully and openly admit al Qaida's role in the 9/11 attacks for some time after that.

It is nonsense to try to claim that Bin Laden's direct demands that dovetail with al Qaida's overall goal don't apply because he doesn't explicitly state them in every interview.

I notice that you only seem to quote Bin Laden at the points where he agrees with your apparent belief that the American government is the big enemy but leave out where he states they have taken the battle to inside America, will continue it, and find it permissible to kill innocents.

I don't think that the collapse of the World Trade Center from the attacks in New York, crushing thousands of people to death, resulted in the "Tree of Liberty" growing any stronger from the blood shed. Do you? Do you think they were just not "patriotic enough" to make a difference?

Al Qaida is fighting the long fight. Europe is already in trouble. The birth rate of native Europeans in plunging far below replacement level in most countries. They are making up the difference with immigrants that are not assimilating, and which reject European values. The problem is likely to grow much worse as they start to have children since many of them are being radicalized in Europe. How well do you think that will turn out in the long run? Europe may very well be in a civil war in 50 years.

Re:Now, for the other angle, is this treason?

[cold+fjord]

It's 2013 A., handwriting is illegible and filing physical paper is staff intensive, typewriters are hard to find, and computers are all the rage. ;)

Regular news sources have carried the story about the list of agents.

Re:Now, for the other angle, is this treason?

[AHuxley]

list of agents ... Do you really think any agency with access to the combined history and generational operational knowledge of the CIA/NSA/GCHQ/MI5/6 would make a usable, easy, master list of active agents?
The Russians would find it exists via their many skilled helpers and act on that list in some dramatic long term or short term way.
Overtime the CIA/MI6 would correctly wonder where their useful/top agents went and call in experts to find the problem - ie no simple 'digital' master list like that would last very long.
Why was East Germany so sure a computer list was a really bad idea? They had lost a paper list of their spies in the West too.
It was seen as a stupid idea at the time, warned against and the list was lost to the CIA.
Thats two hints from easy spy history not to make the big paper chart or digital list of active spies.

Re:Now, for the other angle, is this treason?

[joe_frisch]

Not easy to find a party that that I agree with. Also it often possible for a 3rd party candidate to act as a "spoiler", decreasing the chances of the main party candidate with the most similar agenda and helping the candidate with the views with which you most strongly disagree.

Re:Now, for the other angle, is this treason?

[chihowa]

And yet you start this thread by implying that even letting the people know of the extent of the abuse is treason. How well do any of your solutions to make the agencies less abusive over time work if the abuse itself is kept secret from the people that are supposed to be motivating the change?

Re:Now, for the other angle, is this treason?

[Will.Woodhull]

None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.

That is a really scary thought.

So all these people who are accepting money to do black hat programming that most others would consider dirty work-- or even evil-- are out and about, mixing with the common folk. Available for contacting by agents of the Syrian Electronic Army, the Mexican drug cartels, other potential buyers of the kind of stuff these guys can carry around on a thumb drive. And these NSA employees have already demonstrated that their moral fiber is flexible when it comes to money and how the software they produce is used.

But I expect that the NSA keeps these guys on a leash. There are probably other NSA employees whose skills are in surreptitiously following these guys around to keep them out of trouble. There are probably NSA employees whose skills are in pole dancing and keeping a guy interested so he does not rub up against some gal with other allegiances.

The NSA is a dirty little vipers nest. It has no place in the USA; its very existence is a violation of the USA Constitution.

Re:Now, for the other angle, is this treason?

[Will.Woodhull]

The REAL question does not concern Snowden and what he has leaked publicly.

The real question is how many others at the NSA have been selling stuff on thumb drives to agents of other countries, the Syrian Electronic Army, and the Colombian drug cartel?

The NSA is incapable of securing the data it collects and the black hat software it produces. It seems to believe that since the Lockheed Skunkworks program was so successful in the 1950s through the 1970s, the same techniques can be used in today's cyber world. What is wrong with that picture? A big part of it is that you cannot smuggle an SR71 Blackbird out of the Skunkworks on a thumb drive.

Assholes in the upper reaches of the USA government have created a nest of vipers that cannot be contained and whose venomous stings are going to repeatedly damage USA corporations and institutions. The NSA is by its very nature a crime against the USA Constitution. It is like a hand grenade factory where the stuff that comes off the assembly line will go to USA armories, but all the hundreds of assembly line workers can help themselves to as many grenades as they can carry, as often as they want. And who they sell those to, and where they end up being used, is of little concern to the NSA.

Re:Now, for the other angle, is this treason?

[Omestes]

When actions are secret from voters, democracy completely breaks down. How could I make an informed decision based on the actions of the NSA and secrect courts, when I'm not allowed to know about these things? How can I vote on information I'm not permitted to have?

Yes, the usual answer is "Trust us, we're the government", but I'm not even allowed to have enough information to assess this claim. Is the government trustworthy, how the hell should I know. Are they abusing their power, I'm not allowed the tools to assess this either, outside of their say so. Which turns this whole thing into a tautology; I should trust the government because it claims to be trustworthy, and I should trust this claim because the government is trustworthy.

People like Snowden and Manning are the only means I have to be an informed voter. Which is a sad state of affairs, I'm forced to trust these people, acting out of who-knows-what motivations, over my own elected officials.

But then again, this all very naive on my part. Manning didn't matter, things didn't change, why would Snowden make a difference? My government will never change, until the day that it finally, after a slow decline, collapses into irrelevancy dragging the rest of the US with it. But I take some hope that someday, when I'm long dead, the US be the topic of historians who might have a better picture than we will ever be permitted to have. Then, and only then, may we be judged on our merits (and it probably won't be as flattering as we fool ourselves into thinking).

Re:Now, for the other angle, is this treason?

[tragedy]

Oh they can cause plenty of destruction, but they're not undercover operatives who are in danger if their cover is blown.

Re:Now, for the other angle, is this treason?

[elucido]

And yet you start this thread by implying that even letting the people know of the extent of the abuse is treason. How well do any of your solutions to make the agencies less abusive over time work if the abuse itself is kept secret from the people that are supposed to be motivating the change?

I didn't imply, I asked a question. Where should we draw the line? Should the concept of treason even exist?

Re:Now, for the other angle, is this treason?

[elucido]

The lives of all of those agents is deemed at risk, and their status gives them no protection.

If you work for something that has turned into criminal organizations of the worst kind (e.g., endangering infrastructure components of other countries), you deserve what's coming your way.

How would they know what they are working for? Can we apply this to tax payers as well?

Re:Now, for the other angle, is this treason?

[elucido]

The lives of all of those agents is deemed at risk, and their status gives them no protection. The British assess those documents as being compromised.

Of course they do, otherwise they would have detained him for no reason. Their assumption is that the agents would be at risk if the documents were released, but so far the Guardian has been very careful to redact or not publish anything that could pose danger.

Besides which, arguing that agents of a criminal organization could be at risk if their criminal activity is exposed isn't much of an argument.

You assume the agents of the organization know it's criminal?

Re:Now, for the other angle, is this treason?

[elucido]

That depends of if we decide the NSA has gone far enough to be considered a domestic enemy of the people. It lies to congress, it lies to the citizens, and it may be lying to the president as well. That doesn't sound much like a legit government agency. It spies on Americans and subverts the Constitution. That sounds like something an enemy does.

That doesn't mean everyone within or associated with the organization had anything to do with that. They might not know any more than they were told.

Re:Now, for the other angle, is this treason?

[riondluz]

Well said and concur; but:

"Any government that does not plan for the dirty laundry to come out is short sighted or incompetent."

I would have thought so as well, until I realized that "higher" doesn't run on logic, trusting P.R. meisters and lawyers to provide opportunity in the face of any and all positive or negative outcomes.

The network of insiders w/in insiders w/in the privilidged w/in elites.
They're a steamroller and they only need press on, lying and cheating whenever called for. An auto analogy would be a too big, too powerful, forward only (RWD) gas-guzzler with lousy brake system. The American SUV, a GMAC love story.
It's a 'hummer' and the only line is the red one.

Re:Now, for the other angle, is this treason?

[sjames]

I never claimed otherwise. But it would make Snowden a patriot for exposing the wolf in the fold.

Re:Now, for the other angle, is this treason?

[Phroggy]

Those documents were compromised - by the NSA. I understand if you disagree, but I'm willing to give everyone the benefit of the doubt here and assume that Snowden didn't share the list with anyone else and The Guardian wasn't going to publish it. That means that in practical terms the British agents aren't actually at risk, and wouldn't have been at risk, although I certainly understand why the British government believes they are, and they legitimately could have been (if the British police can obtain the list from David Miranda, so can anyone else). Still, I believe their intention was to publish a story that this information had been obtained by the NSA, not publish the information itself.

Re:Now, for the other angle, is this treason?

[chihowa]

Treason is a very useful concept that has a very specific definition and applicability.

Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.

The quintessential US traitor, Benedict Arnold delivered troop strength and locations to the enemy during an actual war. I'd say that is a pretty clear example of treason.

If you use that example to draw your line, nothing Snowden has released to date gets anywhere near it. You could perhaps make a case for espionage, but this doesn't look like treason at all. If Snowden went to Afghanistan and started telling the enemy where US troops were, that would cross your line. Treason involves actually waging war against the US or conspiring with the enemy of the US. Exposing state secrets (of dubious legality, or that are simply embarrassing) is pretty hard to construe as "levying War against [the United States]," and only in the most vague and meaningless way, "adhering to their Enemies, giving them Aid and Comfort."

.

I said that you were implying that he committed treason because your post reads as though you feel he's crossed that line long ago and you're wondering what it will take for his dim-witted supporters to finally reach that conclusion. It seems like "asking a question" in the way that talk radio guy (whose name I can't remember for the life of me right now) "only asks questions".

I'm no Snowden Supporter, but I do appreciate having this dirty laundry aired so that we can finally start making real steps toward having a less abusive government. If we make telling the US citizens what their government is doing treason, then it will take longer than decades for us to leash this beast.

Re:Now, for the other angle, is this treason?

[elucido]

Treason is a very useful concept that has a very specific definition and applicability.

Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.

The quintessential US traitor, Benedict Arnold delivered troop strength and locations to the enemy during an actual war. I'd say that is a pretty clear example of treason.

If you use that example to draw your line, nothing Snowden has released to date gets anywhere near it. You could perhaps make a case for espionage, but this doesn't look like treason at all. If Snowden went to Afghanistan and started telling the enemy where US troops were, that would cross your line. Treason involves actually waging war against the US or conspiring with the enemy of the US. Exposing state secrets (of dubious legality, or that are simply embarrassing) is pretty hard to construe as "levying War against [the United States]," and only in the most vague and meaningless way, "adhering to their Enemies, giving them Aid and Comfort."

.

I said that you were implying that he committed treason because your post reads as though you feel he's crossed that line long ago and you're wondering what it will take for his dim-witted supporters to finally reach that conclusion. It seems like "asking a question" in the way that talk radio guy (whose name I can't remember for the life of me right now) "only asks questions".

I'm no Snowden Supporter, but I do appreciate having this dirty laundry aired so that we can finally start making real steps toward having a less abusive government. If we make telling the US citizens what their government is doing treason, then it will take longer than decades for us to leash this beast.

I'm not implying anything by asking the question. Asking the question allows me to find out where everyone draws the line and where everyone is at. We all draw the line at a difference place. I never said Snowden was guilty of treason but some people think he is. I would say for certain he's guilty of espionage, and he looks like he's passing information to the Russians and Chinese because why else would he place himself in those countries?

That is my opinion. If what he did results in an end to the abuse of NSA power then I will admit that he was right to take the actions he decided to take. I'm skeptical that what he did will end the abuses of power because he hasn't really exposed anything clearly abusive or illegal. The best thing that can come from this is perhaps a deeper congressional and senate investigation which finds actual abuses and then greater oversight on the NSA and on all intelligence agencies around the world.

I will let the outcomes decide whether or not his actions were justified. To me it's not just about the NSA either, it's about all abusive intelligence agencies. They all seem to be allowed to abuse their power over citizens with complete impunity. At this time based on the current outcome I'm very skeptical of Snowdens motives, and he has released a lot of classified information which appears politically motivated which had nothing to do with abuses or crimes.

So at this moment I don't view his actions as justified and cannot consider myself a Snowden supporter. I'm not in a position to know what options he had working for the NSA to report abuses or crimes. It could have been a situation where he had no one to report it to, but even if that were the case he could have released it to congress and senate instead of the media, unless we are to believe that the NSA controls the congress and senate too?

My current conclusion on Snowden is that he's motivated by ideology and politics. It is unclear to me that any abuses have been uncovered and ended or that any civil liberties or rights have been protected by his actions. I don't understand what he is actually accomplishing, but it does not match up with what he claimed he was trying to accomplish to the p

It may be a coincidence

[sandbagger]

But I can't find a single typewriter in any antique shops any more.

Re:It may be a coincidence

[Nyder]

You lack Slack.

Kill Bob.

Re:It may be a coincidence

[wmac1]

I suggest using totally disconnected computers for the purpose. You can even use Windows XP and Word if you like but make sure no network device is attached.

Perhaps even close USB and remove DVD drives (use a second internal hard drive for backups) and print whenever needed.

How is that plan?

Re:It may be a coincidence

[AHuxley]

Applications may drop (now) geolocation, (in the past) serial and user data into every file created.
Some bugs even dropped random user computer data into files until noticed.
Expensive printers seem to have known per page tracking issues too.

Welcome to the 21st Century

[wrackspurt]

Wouldn't it be cool to display it somehow, not just text descriptions, but to watch it virtually rage across the globe. William Gibson wrote a short story called Burning Chrome that graphically in narrative form described the destruction of a virtual domain. Beyond Gibson's talent it would be cool to see what this stuff does in terms of infiltration and damage in some 3d medium.

Re:Welcome to the 21st Century

[AHuxley]

http://www.youtube.com/thejuicemedia (via http://thejuicemedia.com/ has a display in video form :
WHISTLEBLOWER - feat. Edward Snowden:
http://www.youtube.com/watch?v=hnMPQmIPibE
French, Portuguese, German, Czech, Hebrew, Russian, Serbian, Dutch, Spanish, Japanese, Turkish lyrics translations are listed too :)

Re:i thought snowden....

[DrLang21]

He had already leaked it all to the Guardian. The information is out now. He just can't effectively comment on any of it anymore.

Serious question for the Linux community

[Mr_Plattz]

Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:

How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.

Re:Serious question for the Linux community

[Jmc23]

Perhaps you should ask Linus?

Re:Serious question for the Linux community

[caseih]

That's a very good question. But you can also bet that there are a lot of parties around the world who have a strong interest in knowing if this is true or not. They also have access to the source code, and can build it themselves (I don't believe the NSA quite has the influence to propagate a Thomson compiler attack). I bet that if such a backdoor was discovered by China or Russia, that they'd use it as a propaganda weapon and we'd thus know about it.

But in the meantime, we don't know that it's not compromised, but a compromise is not likely. Or at least not as likely as Windows, or any other commercial, closed-source operating system.

Re: Serious question for the Linux community

We don't and its safe to say that from the gov Linux is just as vulnerable as the rest

Re:Serious question for the Linux community

Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:

How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.

I seriously doubt that Linux can hold up against attacks from *ANY* (determined) state-sponsored attackers. Unless you're writing your own obscure OS to run your own programs using a compiler with libraries are that you are sure not compromised.

So.. yeah.

Re:Serious question for the Linux community

[Nyder]

Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:

How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.

Guess it's time to bring up the innovation of AmigaOS? OS that was decades ahead of it's time and NSA free!

=)

Re:Serious question for the Linux community

[currently_awake]

They don't need to backdoor the kernel, they can install stuff in the hardware your os runs on to do the same job.

Re:Serious question for the Linux community

[tftp]

I bet that if such a backdoor was discovered by China or Russia, that they'd use it as a propaganda weapon and we'd thus know about it.

It would be more realistic to expect them to use the backdoor to their advantage, while it lasts.

Some backdoors are very hard to detect because there is no obvious bug or a backdoor in any one place; with the size of the code base as it is, who would be crawling through the source of some USB driver that works just fine? As a crude example:

static int a[MAX_LENGTH];
void ioctl_handler(int i, int d) {
int *p = &a[0] + GetOffset(i, MAX_LENGTH);
*p = d;
}

There is no bug here. Now, elsewhere:

int GetOffset(int i, int len) { return (i < len?) i : (len-1); }

Welcome to poking any RAM location of your choice (limited only by sizeof(int).)

Re:Serious question for the Linux community

[AHuxley]

Everything you connect Linux to is by default compromised. Every packet you send, every search term, every line of code you add or correct.
So in theory and practice the code is safe. The first telco exchange/tower/branded box you connect is not.
The hardware and software used to help Linux as part of a much larger setting maybe junk as the routers, switches and firewalls from multiple product vendor lines comment notes.
You also have the hint of "“harvest” communications and tunnel into other connected networks" - why is this outgoing data not making any admin at that skill level sit up and start thinking?
So the big threat may not be good quality code inspected my a few bright people world wide but the flexibility/power/cast savings/cooling offered by brand name devices on or off site that are the way in and out.
The world needs smarter admins watching more of their kit beyond just the uptime and consumer needs.
A work environment may have very long term guests that have total control over systems.

Re:Serious question for the Linux community

[fluffy99]

Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:

How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.

But, but, aren't there "many eyes" reviewing the code, making it perfectly safe? At least you recognize the fallacy of open source software being more secure. In reality there really isn't an entire community reviewing and proofing the code. Just a handful of hackers pouring through it looking for exploits. It's less likely that it was intentionally compromised, but in some respects the linux kernel and distros are more vulnerable because their code is published.

Re:Serious question for the Linux community

[sjames]

There is no fallacy there. It is *more* secure. That's only natural since it is open to examination by many more people with differing agendas and allegiances and there is no vetting process before they get access.

What it isn't is *perfectly* secure. Nobody I know of is claiming that.

Re:Serious question for the Linux community

[EuclideanSilence]

Were you actually able to compile this? Doesn't the unfinished use of the ternary "?" operator cause an error?

Re:Serious question for the Linux community

[blackest_k]

I'm wondering if many of us have backdoored ourselves with Skype.

It has been reported that it accesses /ect/password and also reads the bookmarks in firefox. While the later seems harmless initially isn't this similar to the meta-data collected from email exchanges that the nsa is known to collect. I'm sure there is value in knowing what people are reading at some point you may become discontent enough to become a radical or terrorist.

Unfortunately Skype is generally installed by giving the skype installer root access. There is no need to find an exploit when the system user installs your trojan willingly.

We already know skype is not secure for communication and has changed from peer to peer communication to running via microsofts servers. However it is still pretty useful, about the best cross platform messenger client out there. I don't use skype to say anything that is likely to warrant any action from the nsa, so its not a real problem right?

However the access that skype has to my machine is bothering me especially the potential access to passwords, am I giving the nsa the equivalent of ssh access to my machine?

I believe its possible to install skype as its own user and without giving skype root at anytime but apart from some instructions on securing skype on arch wiki I can't find anything else.

Is there anyone here who can share how to install skype sandboxed so it has a much more limited access to peoples machines?

As someone who doesn't feel there is any reason for the nsa to want to snoop on him i still see some utility in skype (what is the cross platform alternative) but i really don't like the idea that the nsa already has access to my personal files and my passwords.

It is a bit cocky to be thinking you're secure since you don't run windows, when you may well have welcomed in the nsa giving them the keys to your 'secure' systems.

 

Re:Serious question for the Linux community

[amaurea]

Ah, the problem being that it doesn't check for negative i, allowing you to write before the start of a. That took me a while to see, actually.

Re:Serious question for the Linux community

[jon3k]

run skype in vm problem solved

Re:Serious question for the Linux community

[Bogtha]

It has been reported that it accesses /ect/password

Contrary to popular assumptions, /etc/passwd doesn't contain any passwords these days. What it does contain is a mapping of UIDs to usernames. This means that even such benign utilities such as ls access /etc/passwd. That's how ls -l can show you usernames instead of UIDs. Skype can't get your passwords from /etc/passwd and there are some very ordinary reasons for it to be accessing /etc/passwd.

Re: Serious question for the Linux community

[fluffy99]

You are just repeating the fallacy. Having the code open to the world does little to make that code more secure, particularly when its something as complex as a kernel. The examples of a white hat noticing a vulnerability from reviewing the code and reporting it are very few compared with the number of vulnerabilities found by a black hat and turned into a working exploit. When a white hat reports a vulnerability, it usually found by observing the behavior of the code and then digging through the code, not the other way around.

Re: Serious question for the Linux community

[sjames]

You apparently do not understand relative risk. The black hats will be there in any case. if the software is open you will have the white hats as well. However few, some > none, any 5 year old knows that. So, the risk of getting caught inserting subversive code goes from none for proprietary code where you just extort the producer to some for the Free software. Again, some > none.

It may be like saying juggling running chainsaws is safer than being a suicide bomber, but the statement is not a fallacy. The chances of subversive code going unnoticed in Free software are certainly smaller than in proprietary code.

Re:at what point do illegal, secret acts of war

[Jmc23]

We aren't talking about the beacon of the free world, we're talking about the USA!

Re:How soon before /. is taken down?

[Jmc23]

Do you read slashdot? Lots of US patriots here who've been drinking the kool-aid their whole life.

What is a good system admin to do?

[niftymitch]

What is a good system admin to do when presented with information like this?

Companies large and small need to think long and hard about their responsibility
in the presence of secret orders, nationally funded hackers with agenda.

Data and data compromise by hook, by crook, by truck, by cloud collapse are all possible.

Key management, process management and more need to be understood by managers.

Companies have been coasting and relying on credentials to qualify their employees
to the point that managers near and far only have computer science skills if you add
Excel and Powerpoint to the curriculum.

A good one should memo out to management for legal advice BEFORE the secret documents
show up. Small companies should go in as a modest group splitting the legal fees. The number
of legal counsels that would have a clue on this will be too limited but seek them out. Sadly
the involved parties (legal) at big companies are now poisoned by the paper served on their company.
This will get tangled and the best advice with regard to getting hacked or getting served can only
be discussed before the event. Joseph Heller, George Orwell and Franz Kafka rule.....

Time to dust of Gentoo and backups near and far.

I'm girding for the blowback

[hohosforbreakfast]

I'm in the US, and thanks to the our belligerence, I can now expect to try to defend my networks from the blowback from all this. Lovely.

Re:I'm girding for the blowback

[elucido]

I'm in the US, and thanks to the our belligerence, I can now expect to try to defend my networks from the blowback from all this. Lovely.

What blowback? This isn't something that they didn't know already. Maybe they didn't know details and scope and this confirms it.

Re:I'm girding for the blowback

[0123456]

I'm guessing that, if the US government is doing this, other governments will say 'open season'. They can hardly complain when the Chinese start breaking into computers all over the world and installing malware.

Re:I'm girding for the blowback

[hohosforbreakfast]

Yes, this is what I meant.

Re:I'm girding for the blowback

[AHuxley]

Low cost, fast, new crypto hardware and later software was always very suspect from the 1970's on.
Enigma gave the clandestine services a taste of near realtime information.
Why would a top system admin or cryptographer not warn of past (1970-90's) insights into state sponsored network issues?
The good news for all in the "defend my networks" community is great new books on gap or air wall and good code. Way beyond a chapter of trusted brands or code that 'just works' that the author wrote or likes.

an international agreement

[Max_W]

Could governments to reach an international agreement, a treaty, with verification inspections to stop this network sabotage? I have severe unexplainable problems on my routers periodically.

I could not explain it. I spent years trying to find a reason. Now I have got an idea.

Re:I Oppose the Cyber-War...

[c0lo]

I Oppose the Cyber-War...but I support the hackers.

an ethical US citizen which pays taxes?

It's not like...

[MouseTheLuckyDog]

every major country a lots of small wannabe0major countries aren't doing this. The question who is being successful.

"Persist across software and equipment upgrades"

[Beryllium+Sphere(tm)]

If they have really developed software which can do that, they should share their techniques with the commercial world. Software that can continue to run even after a system upgrade? Sign me up.

It's too general to be a clear breach

[Beryllium+Sphere(tm)]

This leak is analogous to reporting "The US recruits spies". Nobody knows whether their networks are compromised or what to look for.

The kind of leak that hurts a country's covert operations is more like "The US pays Kim Jong Un's barber to make him look ridiculous".

Re:We the people

[wmac1]

As a non-American, every bit of this information makes me puke. Specially since last night when your president unilaterally and illegally announced another war on another middle eastern country, even the word USA makes me feel bad.

Re:How soon before /. is taken down?

[AHuxley]

If we the posters dont have US/UK clearances and are just commenting on press stories that are not behind paywalls..... its just a thought crime for now.

Re:We the people

[Zontar+The+Mindless]

The US government apparently decided that "papers" should be taken literally, and thus it's open season on anything that's stored or transmitted digitally.

Who are these programmers?

[phantomfive]

Who are these programmers doing this, and where does the government find them?

Re:Who are these programmers?

[jon3k]

monster.com? This is no different than any intelligence operative (aka "Spy") working for the US. They're probably hired on as Computer Analysts or something mundane, then slowly brought into the fold once they have the appropriate security clearances.

Who are the terrorists now?

[flyingfsck]

It is all getting so muddied up - who are the terrs now? The NSA and GCHQ are bigger threats to business IT systems than the traditional Romanian hackers. Of course all engineers and computer scientists always suspected as much, but the scope of the problem is rather larger than I ever suspected. I always assumed that these organizations have the capability to do targeted espionage attacks, but never thought that it will grow into blanket surveillance, for the simple reason that more data does not mean more information - it just means more garbage is collected and the NSA must be smothered with garbage data.

Around the world

[AHuxley]

Cheap dual ethernet motherboards see a jump in sales as whitebox testing units are constructed.
A fast new cleanroom OS is loaded and deep packetsniffing code is carefully crafted.
When the boss is home and clerical staff have packed up for the day...
Ex staff and trusted colleagues load up their B2B and B2P machines with exciting new dual use orders from exotic locations.
Will they see a hint of "routers, switches and firewalls from multiple product vendor lines" trying to “harvest” their efforts and phone home?

Cyber Combat: Act of War

[sydneyfong]

Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With Military Force

http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html

Re:Cyber Combat: Act of War

[drinkypoo]

Thanks. I searched this thread for "act of war" to find your comment.

What you didn't say, presumably because you left it up to the masses of asses to figure out, is that we're engaging in acts of war against nation after nation right now, because we are compromising computers in other nations and we ourselves have stated that this is an act of war.

The government of the USA is the greatest criminal conspiracy that has ever been.

So this means

[compucomp2]

that we won't see any more sniveling, whiny, hand-wringing articles about how EVIL RED CHINA is murderously hacking poor innocent USA, and that the USA needs to declare war on them or something because this is an unprecedented and dastardly attack?

Oh wait, oops, nope, that is typical Western sanctimoniousness on display, they will keep tooting the horn with no shame and continue the anti-China hate train, even though they've been revealed now to be total hypocrites.

Re:at what point do illegal, secret acts of war

[lennier1]

War crimes have long since become an integral part of the repertoire of the so-called "free world". You just didn't get the memo.
http://www.thebureauinvestigates.com/2013/08/01/bureau-investigation-finds-fresh-evidence-of-cia-drone-strikes-on-rescuers/

Re:"Persist across software and equipment upgrades

[NettiWelho]

I'm guessing they have already shared their... samples, with the 'commercial world', the commercial world isn't just yet aware of it.

You've Got Mail!

[VortexCortex]

Welcome to the Botnet!

Re:"Persist across software and equipment upgrades

[Tom]

It's not that hard to do. Remember that this is a mainstream media article, so the technical details are dumbed down.

Malware that stores a re-install copy of itself in a hidden location isn't news. That they speak of "implants" to survive equipment upgrades leads me to believe they mean the whole thing, not an individual installation. This could be as easy as the malware instances monitoring each other and re-infecting remotely if one instance goes away. Again, at least conceptually that is 10+ years old. It's a nice feat if they pulled it off in practice, but it's not magic.

All supposedly for catching terrorists, right?

[PapayaSF]

And yet Russia can call us up and say "Hey, there are two Chechen refugee brothers in Boston who we think are terrorists" and NOTHING HAPPENS.

Re:All supposedly for catching terrorists, right?

[jon3k]

Wow, I had completely forgotten about that. I honestly think that preventing attacks isn't as "fun" or "sexy" as computer hacking, so they just ignore or mishandle solid intelligence. You know how much we love to build "weapons", in this case it just happens to be in the form of code.

A lack of trust for my devices..

[GigaBurglar]

So now I can't trust my keyboard, my router, my USB sticks, GPU, BIOS - vendors really need to start hardware locking flash ROMs.

I have also started noticing "NSA proof" products and services as marketing buzzwords. The heat is being turned up - jump out the pot or boil.

Acts of war?

[X.25]

Ok, so US considers attacks on its network 'act of war', but it has no problems conducting acts of war itself, 24/7?

Interesting.

Say again, who are the terrorists we should be afraid of?

Why really l33t hackers don't go to jail

[aNonnyMouseCowered]

It isn't hard to imagine that instead of being sent to jail all those evil hackers, once they're found out, are actually put to good use by the government (good being a very relative term). Puts a whole new dimension to the concept of plea bargain.

As governments become shadier

[santosh.k83]

As governments become shadier, the impetus for people to uphold honesty goes down too. Slowly it becomes a "anything goes" situation. I mean if a common man does X he's branded a cyber criminal and faces years in prison, while if a government does the same, not only are they above legal consequences, but even above moral consequences it seems. The more fanatical a group/government becomes, the more time and money they start spending on stridently insisting they are for the larger good. Watching this over and over again in all parts of the world. In other words, nothing has actually changed, but just that what promised to be a truly revolutionary thing (the Internet) has had it's full potential crippled and poisoned. Now it's almost just another corrupt institution, but even then, it's good still outweighs the bad. Imagine what could have been...

Countermeasure: Type Safety

Many if not most of these "cyber warfare domain" exploits can be traced to the C and C++ languages and the sloppy idioms (such as char* or void* pointers) which are prevalent amongst the users of said languages. Even highly skilled and experienced developers created things like the "ping of death".

Then there is the PHP language, where they try to "make it easier and faster to create software by adding convenience features and removing typing" and the end result is a horrible mess of security-related side effects nobody seems to be able to get a handle onto.

Sometimes I think both C and PHP were invented by people who considered Pascal and Ada as "too secure".

In my opinion as an Applied Computer Scientist and Software Engineer (I do think this is a critical distinction from "programmer"), memory safe/type safe programming languages can significantly reduce the potential for exploitable bugs. So can sandboxing technologies like AppArmor, SE Linux or Sandboxie.

We the computer science community need to do something about it or face the well of our wealth be poisoned by the psychological effects of cyber crime and cyber warfare: "Never store anything critical on a computer, don't you know everything is hackable !".

I created a tailored AppArmor profile for firefox years ago and it cost me about a day. Every software engineer can do that, given determination.

Then I spent serious time on making a memory-safe C++ variant named Sappeur:

http://sourceforge.net/p/sappeurcompiler/code-0/2/tree/trunk/doc/SAPPEUR.pdf?format=raw

http://sourceforge.net/p/sappeurcompiler/code-0/2/tree/trunk/

Re:Time to neutralize Snowden and stop the harm.

[Virtucon]

How is Russia an enemy? The cold war is over and yes there will always be Nation/Nation Spy vs. Spy shit going on. That the nature of governments and regimes as far back as recorded history. Even the Romans used spies as well as Hannibal who effectively had spies inside Rome. http://www.historynet.com/espionage-in-ancient-rome.htm

What Snowden has done here is opened a view into a world that our government doesn't want us to see. Although I think the majority of what's been publicly produced has been damaging, deep down I think we knew our government was doing these kinds of things. Hey, those guys with the AFDBs weren't completely nuts, right?

It's naive for us to believe that spying won't go on and that covert operations will stop after all these documents have finally been released. Governments will do what governments will do and I seriously doubt that there is one government on this planet that doesn't have some sort of covert operations going on somewhere. Hell, I'll even bet that Vatican City and Lichtenstein has some spy scandal in the wings. What's unfortunate about this situation is that we all learn how deep this goes and how our Constitution has been subverted. Snowden is just the messenger and while we're troubled with the message, we shouldn't shoot the one who brought us the message.

Re:We the people

[Cinder6]

Sounds to me that we need to make a mechanical, paper-based computer...

NSA?

[steeleyeball]

We could do the Battlestar thing... No more networks, sneaker net only.

How Embarassing

[riondluz]

We have become such a voyeuristic people. The NSA has been caught upskirting america
looking for bombs everywhere. The risk is real, the probability low, impact high, outcome uncertain.
We are strictly heirarchial, bureaucratic and clinging to law and order to CYA. It does not fit well with
the new now.
I'm engrained as a BSCS student that our industrialization was evolving into a 'knowledge-based' society
that information is knowledge; more is better, faster is best. That we were meant to be mobile, portable.
That our rising tide would trickle down and grow 3rd world economies; create shareholders of us each and all!
Same bullshit on a different day; during 5 decades of a 'get off my lawn' ruling generation raised on
Status quo and certainty, bankers hours and bakers dozens accustomed to getting their own way.

For them, Internetworking opened a pandora's box of surprises; an eternal September.
What started out as high hopes for outsourceing and automation to improve market share and drive a the investor classes
only to ignomiously crawl back under rocks with their 2% of our IRAs and socialized bailouts..
It should have come as no surprise at all when forced to wrap their collective heads around quants warning on risky
asymetric outcomes, convex combinations, false-certainty and determimnistic chaos ...
that its path of least resistance was in one ear and out the other.

Pursuit of scientism and teathered to its tech has left us victims to incomplete information, self-confirmation
bias and latent mind blindness. Our 'leaders' are intoxicated and behind the wheels of what
the DARPA cocoon was always envisioned to become - a skynet, for lack of better words..

Since Our guns don't seem to be effective (recursive COIN/CI failures) data mining and espionage and bots
appears to be our (U.S. gov - any State, generally) only and best defense for long-term survival in a global
economy where the indigenous we've suppressed for so long are now free to want more. Facing foreign competition
lined up to satisfy those needs; the lo-tech and underdogs that seem to always prevail.

Its not about America, its about (mostly) WASPS who, respectfully, believe that family and legacy come first.
That parent has responsibility to provide more for their spawn, generational improvement. Even at the cost of compromises.
That the powerful can cause so much damage when unrestrained and indifferent to the suffering of others is proof
that when all is said and done the American Dream is just that and reality is gated and very private.

Side Rant: all last week long its been MLK this and MLK that and civility being a natural right. Well, even as a dip-shit
HS'er with 1 black student in the body I knew the right thing and coerced self to D.C. OK, it was big. But
I also did the VN protests on D.C streets and witnessed up close the SNIC/SDS/Panther front-lines of activism.
The makings of an worrysome insurgency. I believe rights got civil just about the time people (starting w/blacks)
came back in pieces and with guns and the will to use them to defend their rights.
Sad (CCA/DEA) story continues to this day, but some mention of MalcomX ,hell, the poor schmucks that
are still incarcerated ,... would have been worth a mention.
If MLK represented the wave, X was a surfer who crested the top.
If we (american society) are going to survive we need leaders that surf and can rise to the top of 40' waves.

You advocate terrorism against the United States?

[sethstorm]

How telling.

You'll just have to settle for a mod-bomb caused mushroom cloud from all the Snowden fans who hate this country.

Re:Time to neutralize Snowden and stop the harm.

[sethstorm]

Given Russia's anti-American stance, the Cold War has only gained new actors.

Snowden is simply one of the long line of people who have betrayed the United States, albeit one without a price on his head.

Have some hot Russian tea and get back w/ me.

[sethstorm]

There is a greater respect for the rule of law and individual freedoms in the United States than Russia. Offend Russia enough, you die; offend the US the same amount, the law dictates your fate(even if anti-terrorism law). In addition, Russian gated communities are legion, representing their desires of an above-the-law oligarchy; gated communities in the United States are far fewer given the deeper respect for the rule of law. Finally, Russia is deeply based on the bribery system (~$25k gets you Chaika-lane style access to the roadway, government interaction elsewhere requires bribery, and the private sector does as well); such activities are regularly discouraged and prosecuted in the US.

Think about the country you're defending in comparison to the US. Any freedom you may claim to exist in Russia is only measured by the size of your bank account and the connections you have. In the United States, even the poorest citizen is well-defended.

Re:Time to neutralize Snowden and stop the harm.

[sethstorm]

Russia and China both have much better things to do.

Which has nothing to do to address the fact that he has not released anything on Russia or China, which would be give valuable insight towards truly unfree countries.

I'm not worried about the United States' government, for it is in much better shape than Russia's, but more about those who would rather side with hostile enemies to attack it. Until Snowden (and those that have aided/abetted him - including those that have leaked information) is spending the rest of his life in a supermax, the primary goal is to neutralize him.