Slashdot Mirror
GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware
An anonymous reader writes "Ars Technica reports how a Snowden leak shows British spy agency GCHQ spoofed LinkedIn and Slashdot so as to serve malware to targeted employees. From the article: 'Der Spiegel suggests that the Government Communications Headquarters (GCHQ), the British sister agency to the NSA, used spoofed versions of LinkedIn and Slashdot pages to serve malware to targets. This type of attack was also used to target “nine salaried employees” of the Organization of Petroleum Exporting Countries (OPEC), the global oil cartel.'"
Viral Marketing to Governments.
when the quality of the comments section significantly improved.
I know you're reading this.
You're smart. Smart enough to be able to work out who I am, probably without much trouble.
Why don't you do something productive?
Don't worry, this is the real Slashdot right here. I promise.
If I or any /. reader were to do the same, a pretty harsh sentence would await us.
I've got better things to do tonight than die.
There were no dupes, and all TFS's had perfect spelling and grammar.
I am Slashdot. Are you Slashdot as well?
The idiots around here couldn't be real!
I wonder if it would have been as easy for GCHQ to get away with it if HTTPS on Slashdot weren't a subscriber-only perk. Facebook and Twitter have gone all HTTPS all the time; why can't Slashdot? If ads are the problem, Google recently opened AdSense to HTTPS sites.
I suppose using HTTPS would have helped even a little, if Slashdot ever bothered to do so. The victims might have noticed that the certificates changed, even if they did check out, most especially if they used HTTPS Everywhere. They couldn't just foist off an SSL cert for Slashdot signed by some other CA (or even the same CA) then: the SSL Observatory would have noticed the change in the certificate the way SSH notices that public keys to servers you connect to change. Unless of course Slashdot gave its (non-existent) private keys to GCHQ, in which case all bets are now off. Why browser SSL doesn't automatically cache certs the way SSH does and warn if there's a change that doesn't involve certificate expiry or revocation is something that isn't quite clear to me.
Qu'on me donne six lignes écrites de la main du plus honnête homme, j'y trouverai de quoi le faire pendre.
Assuming the GCHG guys had egos and decided to spoof the site with their own content, instead of settling for a copy, what would the quality of their posts be like? Goofier or more scientific than the Dice Slashdot's? And what about the mods? Would they slip in a self-referential post like this one, or might that be considered too cute?
so they wouldn't HAVE to be productive. All they have to do is listen and let the money roll in.
Wow... I mean Linked In, fair enough, but spoofing Slashdot for nine OPEC employees?
And I'm not feelin' up to par
It increases my paranoia
Like lookin' at my mirror and seein' a police car
But I'm not givin' in an inch to fear
'cause I promised myself this year
I feel like I owe it to someone
I bet a lot of /.ers are mentally running through some of their past posts right about now. Where did I leave that tinfoil?
That's a pretty sophisticated hack. Looks like they've gone as far as setting up an entire site that looks superficially like Slashdot, but is full of grotesquely dull stories apparently designed to warp the minds of unsuspecting IT professionals - obviously some sort of psyop strategy, but to what purpose?:
http://slashdot.org/topic/bi/
Time to start from scratch, and start a large-scale redesign of the Internet and its protocols, to try and better secure users from surveillance/attacks?
Tor and other fringe security protocols/networks won't cut it, and getting people to use very-user-unfriendly encryption tools won't happen - nothing short of a mammoth redesign, far surpassing the resources/scale of the IPv6 changeover, is going to come anywhere close to repairing the damage.
There's no going back now - it's already too late to salvage what we have, because it has already been completely and irrecoverably 'owned' - the NSA broke the Internet.
Sure, that's probably worth a Visa (or whatever the Russian equivalent is).
The Russian equivalent of "visa" is... wait for it... "visa".
The word comes from the Latin "charta (paper) visa (seen)".
If /. had even basic ssl support, at least a possible forged certificate could have been revealed.
Should I now be known as Not-So-Anonymous Coward?
It seems no one even cares about LinkedIn. Instead everyone makes snappy remarks about the /.'s comments section. I guess it's business as usual here.
They are frauds. The NSA perpetrated a fraud with these actions. This helps to clarify that these acts are illegal. Fraud is illegal.
Thanks,
Sent from my ENIAC
The nerve of these guys! As a longtime Slashdot user, I immediately went over there and registered my displeasure: GCHQ
David Cameron is an inbred piece of shit who should be gang raped then put to death for the greater good.
Also he is like AIDS in the middle of EU's butt with his whole country of peasants.
Good luck on exploiting me to all the GCHQ faggots.
then you just serve malware and redirect back, aint govt dns control great
The term "Rogue" is used to denote "dishonest and/or unprincipled".
They used to put USSR, China, North Korea under the "Rogue Government" category.
Both the governments of the United States of American and that of Great Britain have proven to be DISHONEST _and_ UNPRINCIPLED !
IMHO, it's time we should include the government of the United States and that of United Kingdom under the "Rogue Government" category.
And btw, if you see the performance of John McCain, especially how he tried to blame Edward Snowden, you would understand how ludicrously pathetic American politicians have become ...
As an American, I am beyond furious ...
Muchas Gracias, Señor Edward Snowden !
Hm, /. may have a valid case to chase after.
After all, they duplicated the site/logo/etc without the permission of the actual copyright owners.
Wearing pants should always be optional.
The correct way to use https is to write it as protocol
Yet user agents continue to automatically write http as protocol. So how should a server communicate to the user agent that the correct protocol for accessing the server is HTTPS, not HTTP? There is HTTP Strict Transport Security, but not all web sites are popular enough to get into all major browsers' preloaded STS lists for first-visit security.
add some proper authentication and encryption in HTTP2.0 instead of bitching that it's the wrong layer.
The current HTTP 2.0 draft is based on SPDY, which operates in a TLS tunnel. This allows for secure HTTP basic authentication and TLS client certs. It also eliminates the IPv4 exhaustion excuse, as web browsers supporting SPDY will support SNI.
HTTP Strict Transport Security - not very useful
In what way is it "not very useful"? Is it just that browsers' preloaded STS whitelists aren't nearly as big as the HTTPS Everywhere rulesets? (Disclosure: I use HTTPS Everywhere, and when I switched away from Go Daddy for my own web site, I made sure to pick a shared host that supported SNI, so that every visitor has a secure option save Android 2.x users and IE/XP users.)
And if you just enjoy playing god, well, go into the City, or start up your own business. If you're that good, then you can perform in plain sight, can't you?
Speaking from experience here ... it's not that simple
I started to plan for my escape from China way back in the late 1960's because of the social madness created by Mao back then.
Thongs of mindless assholes with red armband parading on the street, waving that little red book and plunged the Chinese society into total darkness.
Those of us with brains knew that the things coming from Mao were bullshit, but those without brains who embraced Mao's bullshit outnumbered us 1000 to 1.
So we ran, and ran, and finally I got to Hongkong.
From Hongkong I ended up in the United States, and at that time, the U. S. of A. was a paradise, a place where brainy people get to do whatever they want to do without having fear of official repression.
Some 40 odd years have passed, and the United States is turning into just like Mao's China ...
Everything coming from Washington D.C. is pure bullshit, and the things I have noticed right now is that the mindless fucktards who bought into Washington D.C.'s bullshit are outnumbering those who know better.
While the society in the United States of American haven't plunged into darkness yet, there is no certainty that it won't.
When the controlling regime got desperate ~ (Mao's reign at that time was in danger of collapsing from within, motivating Mao in his encouragements to the mindless assholes with red armbands creating social havoc), ~ they will do anything to remain in charge.
And if (and when) the regime which is reigning over Washington D.C. (democrats _ and_ republicans) is in danger of collapsing, there is NO TELLING what they would do.
To make the matter worse ... they have a lot of very powerful tools Mao couldn't even begin to dream of 50 years ago.
I am an American now, and I am looking at my adopted country, the United States of America, with the same dismay as Mao's China, back in the 1960's.
Muchas Gracias, Señor Edward Snowden !
...how very long a time the federal government would put me in jail if *I* got caught doing this.
I thought Who was on first, Torchwood was on second, and The Sarah Jane Adventures was on third.
I thought the KGB was a dance school. Otherwise, why would Mary Chapin Carpenter have recommended that people find a two-step partner in the KGB?
Is it "the games"? Is it "the critical apps"? There's a VM for that... there's a separate machine for that. Don't be a sucker. Not saying that Linux can't be targeted, but I will say there is much low-hanging fruit to get to before they get to you. And especially if you're running MSIE? Really? At least go with a browser with NoScript available. Things are getting serious. You should be too.
... Snowden is no more principled than McCain or an investment banker. He released ALL of the intelligence information he gathered at the NSA ...
I am intrigued !
How do you know Edward Snowden has released _*ALL*_ the information he had gathered at the NSA ?
How do you know Edward Snowden does not keep some files to himself, files that pack even *MORE* fire power than what he has released so far ?
As a poker player, I never release my trump card early in the game.
I don't know if Edward Snowden plays poker or not, but judging from what he has done since his days as a security guard ... I suspect the guy has even more juicy things in the pipeline
Muchas Gracias, Señor Edward Snowden !
If there was ever indisputable proof that Slashdot needs to maintain javascript-free functionality in slashcode, this is it. If it were viable to use slashdot with javascript disabled, this sort of impersonation attack would be a lot harder to pull off because NoScipt would have protected from drive-by nsa-ware infections hoisted on the slashdot impersonator site.
Unfortunately, its been years since it was reasonable to use slashdot without javascript. Even if you still use the old style interface, there are too many corners where javascript has crept into the design in a mandatory way rather than just as an enhancement.
When information is power, privacy is freedom.
Snowden has said he does not have any more files.
I think Allies of Evil malware may be better.
Snowden has said he does not have any more files
Two possibilities ...
A. Snowden is not lying, that he has nothing left
B. Snowden is playing NSA back to NSA
As I say, poker players won't reveal their cards until the very end
Muchas Gracias, Señor Edward Snowden !
As a poker player, I never release my trump card early in the game.
Somehow, this reminds me of Zapp Brannigan.
I've read a similar post you made before. You have a powerful point to make, and you make it well.
It would be a service to the country you loved, and freedom in general, if you spent an hour or two to write that up "properly", to spend a few minutes editing it to say exactly what you want to say. I could see such an article being shared quite a bit via social networking, blogs etc.
It does put their actions into a less fear-based perspective, and a more accurate one. At least it seems so to me.
Sent from my ENIAC
Snowden stated that he's released all of the information he had The only thing that is restricting the release of information at this point is the journalists that he released it to. Those journalists have already said that they haven't even released the really juicy stuff yet. That's pretty impressive, if it's true, considering the significant revelations already made.
Are agnostics skeptical of unicorns too?
Good on GHCQ. Doing their job. I thank them for their service.
Go wank about something else.
Due to some perfectly reasonable decisions by Microsoft that failed to predict the future, a reasonably a proficient private hacker could choose an appropriate Trojan to embed. The agencies involved in this sort of thing have libraries of them.
Those exploits are chained much like the normal boot process. The boot sector is 512 BYTES. It can't do much, but it can load the boot loader. The boot loader is quite limited, but it can load the 2MB kernel, which loads the rest of the OS.
Similarly, based on what even _I_ can do to a Windows machine that loads script of my choice, it's pretty clear the intelligence agencies could execute arbitrary code in the sandbox. That limited sandboxed code in turn loads a privilege escalation, which can load a rootkit. Three quick steps to own the machine. With control of the machine, they start looking at network shares and dropping payloads to infect coworkers, probe firewalls from the inside, etc.
It would be a service to the country you loved, and freedom in general, if you spent an hour or two to write that up "properly" , to spend a few minutes editing it to say exactly what you want to say.
Care to spare some examples to illustrate what you mean by "properly" ??
Like you, I've read GP's comments (plural) and to me, GP has/had said what exactly what he has/had wanted to say.
But if you have the time, wouldn't it be wonderful if you can demonstrate in what way "editing" can make GP says the way he says to mean what he has always wanted to say ?
but this whole thing is bullshit lies - oh wait the leaks are on the downlow and far worse than the US will ever know - totally FATAL hahaha you got your ass beat for breaking the LAW and the secrets were stolen from others to begin with which means this piece of shit country has no legal claim to them which means PERFECTLY legal to cripple the US - and the more they try and control the more they hurt themselves - so go fuck yourself incompetent dying nation!
Snowden, your /. user # is LOW buddy
Now you know why ppl wants to join NSA ?
Even /, is beholden to them !
"The consumers machine"? The targets run major network exchanges. Owning their machines, and thereby the network exchanges they administer, is sort of like rooting the internet.
What's the risk? That the admin notices they have some malware? If they notice, they could either a) remove the malware just as admins everywhere do all the time or b) conjecture about a vast government conspiracy. Neither really does any damage - people have been babbling on about government conspiracies to get them approximately since the invention of government.
The risk, as it turned out, was that an insider would go rogue and make the information public _along_with_strong_documentation. I suppose in that business you just have to accept the fact that if one of your own turns against you, it's going to bad.
Gov and large business have proven that ethics take a back seat. Look at Samsung or Microsoft practices. Look at US and GB.
Ita time a new form of capitalism and democracy is created with a new urgency on empathy and ethics.
The people are powerless in the current form of democracy. All this stuff is happening and no one os held accountable
Really. I mean it. It is not that hard.
The complete SPIEGEL story on GCHQ targeting engineers at various companies this way is here.
http://www.spiegel.de/international/world/ghcq-targets-engineers-with-fake-linkedin-pages-a-932821.html
I assume that this qualifies as a violation of various international laws aimed at curbing and combating the unauthorized use of private computer systems/networks. Resultantly, it appears that some of these government agencies have been acting in complete abrogation of the law, and should face statutory criminal consequences for these actions.
. SLASHDOT: Home of the vicious nerd.
Just dump it all out into the public view guys... really... let us the public get to work on it with data mining tools...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
So it has come to this...
As a poker player, I never release my trump card early in the game.
Never? That would make you an easy read then and a pretty lousy poker player.
"As a poker player, I never release my trump card early in the game."
If you were a poker player, you'd know that there are no trumps in poker.
Sorry, I just don't buy it.
Your speech patterns sound too much like a young native. Although I can believe that 40 years residency would leave you flawlessly bilingual, I don't believe you would *want* to sound like an angry 20 something.
You and I are, how should I put it, ripe age ?
Flipping through your message archive I see that you're not as mellowed as you think you are.
Our age may be ripe, but neither you, nor me, have mellowed.
But there's big difference, though - you never experienced the loss have having your loved ones forced to commit suicide, at the hands of those bloody fucktards.
I did .
How do you know Edward Snowden ...
Mr McCain didn't use the word 'know', he used the word 'convinced'. In other words, these are assumptions treated as fact. The real question is should such assumptions be treated as fact? The assumption in this case,being that Snowden gave all his files to Russia. If Mr Snowden can give all his files to a newspaper, why not a government? So it is a reasonable assumption. What Mr McCain quite contrarily implies by defaming Mr Snowden is that "all his files" holds more evidence of American misdeeds in the hand of Russians than it does in the hands of 'The guardian'.
Remembering of course that "the public" includes: China, Russia, Iran, al Qaida, and any other country, group, or even corporation that would want to exploit it against you. What could possibly go wrong?
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
Releasing everything, can both be disruptive, but most likely, will lead to it all being forgotten and stuffed away.
Releasing part by part is a service to society, and ought to be commended.
"Elite GCHQ teams targeted employees of mobile communications companies and billing companies to gain access to their company networks. The spies used fake copies of LinkedIn profiles as one of their tools. .. The victims didn't notice that what they were looking at wasn't the original site but a fake profile with one invisible added feature: a small piece of malware that turned their computers into tools for Britain's GCHQ intelligence service." ref
Does any of this malware work on Linux?
You're either a moron or astroturfing for the security services, either was I don't care.
As a poker player, I never release my trump card early in the game.
We miss you guys! Please come back!
It's quite funny to see all the comments about how the USA and UK are bad, bad people. 1. If it wasn't for snowden, you would not know anything about these activities. 2. Russia, China, Iran are all doing this stuff as well and you're a fool if you think they're programs are for a better purpose.
Not much, really. Freedom or death.
When I made my post, to which you replied, I spent perhaps 40 seconds on it. I suspect you spent a similar amount of time on yours and Taco Cowboy maybe twice as long on his. That's about how long one spends on a Slashdot post - a minute or two. When one is writing an article that is expected will be read by thousands or millions of people, one generally spends an hour or two, as opposed to a minute or two.
As a case in point, I've made posts here regarding the 2nd amendment / gun control. I'll take a minute or two to post some relevant numbers, or at least the approximations I can remember. I'm currently writing a piece on the same topic, mentioning the same numbers, but I'm spending several hours to actually get the numbers write, to be sure I introduce my main point in the first paragraph and support it in the following paragraphs, then reinforce it in the closing paragraph, etc.
The post we're discussing has no paragraphs, or if one sentence per paragraph if you choose to look at it that way.
I suspect that if Taco Cowboy were so inclined, he (she?) could organize it more effectively. In fact, I've read essentially te same post by Taco Cowboy before, but it was more effectively written the last time.
Again, this isn't a criticism of what was written, just an acknowledgement that what was written was a Slashdot post, not an article.
Do you really want anyone who doesn't realize its a spoofed slashdot site to post comments anyway? Its like a public service.
who prays for Satan? Who in 18 centuries has had the humanity to pray for the 1 sinner that needed it most? ~Mark Twain
Excellent strategy holding that trump card! If we can hit that bullseye the rest of the dominoes will fall like a house of cards, checkmate!
Ninjas don't carry tic tacs
...the British are the worst.
As someone that worked and enjoyed technology from my teen years, all this pretty much kills the world wide web for me. I'll admit I do not see a replacement, yet.
Snowden is working with the press to ensure that all released documents are in the public interest, and to ensure that their release won't compromise or otherwise cause risk to any person who is deployed or working in counterintelligence.
Releasing a full set of documents to two trusted journalists to authenticate, review, and redact is *not* the same as releasing them publicly. It's disingenuous to treat those two possibilities as equals.
The people who betray this country are those who assigned to find the traitors. Robert Hanssen. Aldrich Ames. Counterintelligence, traitors.
Everybody goes all sober when these names come up, not for a moment letting their minds play with the idea that there is something natural about that result, something predictable in the nature of all large organizations where a policy of paranoia replaces accountability.
Let us for a moment postulate that somewhere, sometime, the so-called "intelligence services" of some country transgresses its constitution or creeps into a level of power far beyond any level acceptable to the people.
How then, should a moral whistleblower attempt to bring these transgressions into public deliberations without incurring the presumption of treason?
After all, the term "intelligence" is a euphemism for "minimal accountability" and the reason for any specific secret is itself a secret. How not to violate?
There has never been a disclosure that has not been ridiculed with cheap paranoia.
What seems to have gotten him asylum was simply the US backing Putin into a corner by being too demanding. When he first showed up the Russians clearly wanted him somewhere, anywhere, else. The all-out push from the US to keep him from going anywhere else (and refusal to bargain anything the Russians want for him) wound up giving them no choice but to let him stay or lose face.
The public has an extremely short attention span.
Trickling the data keeps the scandal in the spotlight.
This is a reply to you and to Common Joe, as well as to Joss
I am but a very ordinary man
I am no literary figure
My English is at best, remains at the secondary (high school) level - for English is the 5th language I picked up
I write based on what I have experienced, and I suspect (other than the trolls) most people here leave their comments based on their own life experiences
In my entire life I have never written an article before - I never need to
I am a nerd, a geek, a tinker, one who likes to get his hands dirty just to find out how things work, and if all attempts failed, take a step back and starts thinking, and after that, doubling the effort into finding out the answer/solution to whatever problem lies ahead
You want me to code ? No problem. I've done that for decades
You want me to do chip layout design ? No problem
You want me to fix my own car ? Re-design the firmware of the chip that controls my car engine ? No problem
But please ... don't ask me to write a formal article
As user "Areyoukiddingme" has remarked on my use of profanity ... that's the way I am, in my real life, and that's the way it reflects on my writing
Anyone working with me knows that I never minced words - when I am annoyed, all kinds of expletive come out, in all the languages that I ever know
It's not that I do not care for America - I do care, it's MY COUNTRY (eventhough I was not born in America, USA is more important than me than China, the country I was born in), but don't expect me to pen a flowerly worded article so that it could be pasted somewhere as "op-ed"
Muchas Gracias, Señor Edward Snowden !
Nope, we cannot do a revolution, because we have free elections
How sure are you that the elections that you have participated in are truly ***FREE*** ?
Just curious ... what government do you think is principled?
Borrowing a page from Google --- by replacing the word "evil" with "hypocrisy" --- " Do No Hypocrisy ought to be the one principle governments should adhere to
Yes, government in itself lies, cheats and involves in many, shall we say, things that are not-that-nice
No matter it's the government of the former USSR or the current USA or Saudi Arabia or Germany ... what truly differentiates them is the way they try to project themselves as ...
This is not an apology for the many terrible things that the USSR had done, but at the very least, USSR did all those horrible things without telling the world that they are the "protector of human rights"
On the other hand, the government of the United States of America, the one that has been trumpeting "human rights", "equality", "democracy" and all that, is caught red handed doing all sorts of "not-that-nice" things ... and instead of apologizing, they behave just like a 3-year-old toddler, throwing temper tantrums at the people who dare to criticize them
This 800-lb gorilla is almost at the end of its lifespan and still it doesn't realize it
Or do you just enjoy being the "lone wolf" of truth and freedom?
Are you telling us that if all your neighbors eat shit, you will join them and enjoying the act of eating shit?
Taco Cowboy has some novel information. Not only was Ed Snowden a Security Guard (did he mow lawns, as well?), but the Cowboy has a new kind of poker. I've played five and seven card stud, jacks or better to open draw poker, and even lowball. Once or twice I was in a game with deuces wild. I've never seen guys play with trump cards. This is a cat with some new and wild ideas.
This instance has proved that it is possible for have complete control of the representation of all the web sites that you choose to view. Anything that you view over the Internet can now possibly be changed to carry a message or remove specific news from your awareness. Does anything think that GCHQ has [i]only[/i] spoofed LinkedIN and Slashdot?
Some packs have the jokers playing trumpets. Does that count?