Slashdot Mirror
How the NSA Plans To Infect 'Millions' of Computers With Malware
Advocatus Diaboli sends news from The Intercept about leaked documents which show that the NSA is significantly expanding its efforts to build an automated system to compromise computers remotely. From the article:
"The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to 'allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.' In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the 'Expert System,' which is designed to operate 'like the brain.' The system manages the applications and functions of the implants and 'decides' what tools they need to best extract data from infected machines."
Shouldn't somebody go to jail for this?
Is there any way to avoid such a thing short of cutting my net connection?
Generally I am not too worried about the NSA. I think it is BS what they do as far as invasion of privacy. But I personally have nothing to hide.
But this has completely changed the small amount of reluctance I had in becoming a "ZOMG da sky iz fallinz!" type.
Burn these fuckers.
to pull out my old C64, dust it off and find my floppies.
to a happier and simpler time
A feeling of having made the same mistake before: Deja Foobar
I can't believe this claim.
I bet they did this a decade ago, and this article is just a way to make people believe it hasn't actually happened yet ...
- Jesper
My security clearance is so high I have to kill myself if I remember I have it...
Shouldn't somebody go to jail for this?
Apparently, the government is above the law. http://en.wikipedia.org/wiki/Sovereign_immunity When you steal money from someone, it is called a crime called theft but when the government does it, they call it taxes. When you extort money from someone, it is a crime but when the government does it, it is called a fine, levy, duty or fee.
Don't steal, the government hates competition.
If not, we could finally be looking at the year of Linux on the desktop. :)
For me Linux on the desktop came about five years ago.
If I were God, wouldn't I protect my churches from acts of me?
And the implant for Linux is called SystemD!
but isn't turbine a 3d game engine?
Is my Kaspersky Antivirus going to find and remove their viruses? Or even better, perhaps some enterprising hacker will write a tool that that sends its own malware back through the NSA bot net and trashes their servers. When I was a youngster "We Have Met The Enemy and He Is Us" was amusing. Now it it taken as a guiding principle by our intelligence services. It's sad.
20 years ago, when I first started ranting about the NSA it was mostly theoretical. I ranted because there was no proof they were not evil. The stickers on my laptop's mic and camera were a bit of a joke. People would ask about them and it would give me a chance to rant. That's all I really wanted. A chance to rant from time to time.
But, now it is clear that all my rants were too conservative.
Now I am doing IT security for a university. I spend all day attempting to hold off the attacks of foreign governments. Some of those attacks now appear to be my own government. I never really wanted to be this paranoid. And it still appears that I am not paranoid enough.
When will I ever be able to take off this stupid tinfoil hat?
Congress keeps railing against money wasted on social programs. It appears the NSA and the CIA are elaborate social programs for sociopaths. Why can't we defund them?
Presentation is august 2009. 3.5 years is a long time in cyber.
How do we know that the next update on linux is safe?
hehe...becoming harder to hide that strong AI...30 thousand staff...billions of messages per day....
Criminal behaviour rules in USA. Come here criminals, you will be rewarded here. Law abiding citizens and people with integrity will thrown in jails.
Are you implying that the federal government is responsible for roads, power, and drinkable water while also trying to call him an idiot? And what does that, at all, have to do with him being an anarchist, exactly?
Oh. You're trolling. I get it. You say stupid things to incite some harsh reaction. You got me; I'm so angry that someone on the internet is wrong
The government does not provide ("make") roads, power nor drinkable water.
Fuck you, statist twat.
This is from 2009, so they've probably done it by now.
Has my meemaw's computer been compromised?
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
Microsoft beat them to it.
But this DRM is so convenient!
By far the most effective way to fight terrorism these days would seem to be by dismantling the NSA. It's the largest terrorist organization in the world.
And what a lot of money would be saved.
Must be missing something... I can't imagine how one could reasonably intend to infect millions of machines and not expect their stash of 0-days to be discovered and plugged in short order.. unless NSA plans to social engineer all of their victims to run the "fre3 v1agra" installer seems like a great way for NSA to shoot itself in the foot.
Whaddarthey gonna do? Buy Adobe?
Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
Anybody wonder if the plans in these documents (circa 2009?) have maybe adapted and become the recent Linksys worm?
People with nothing to hide can still get wrongfully convicted with planted evidence.
How do we know that the next update on linux is safe?
I thought you said you were going to audit it.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
In civilized countries the government provides all of those. They're all doing fine economically as well.
The government has always been above the law.
The only time people in sufficient positions of power go to jail for crimes is when they governing body been sufficiently embarrassed by the situation they've created that they want to start over with a clean slate, and at least pretend like they never condoned whatever crime was committed Since this is determined by what the *government* actually wants, and not anything constituents may want or choose to do, there is no way that citizens can exercise any control over this.
File under 'M' for 'Manic ranting'
Get in bed with silicon manufacuters.
Get in bed with a well known website such as google.com
Have a trigger code in the website. or something like that.
Have the processor essentially grep everything it sees for that trigger code. Have it execute the malicious instructions and return back in like a and have it replace xxx with some data.
In this way, you can establish two way communication with the processor itself without it knowing anything about higher level protocols.
Be afraid. There are few ways to avoid this.
Developing massive attack tools like that make a global cyber war more likely.
As with the initial ICBM's the first one to strike may believe to win.
Very dangerous, and foolish.
The rest of the world calls this a "botnet".
I'm the leech from above, with consistent employment. If plans pan out at my current place, I may reach the $80,000.00 range by the end of the year. I'm not rich, but I'm far, far away from needing any social assistance. I don't live in a huge city, so cost of living is quite low here. That salary goes a long way, and I'd gladly double my taxes to increase the services everyone here is getting.
The roads here that are privately maintained are garbage, and the tolls aren't automated yet so they're slow as hell, while the city ones are always in considerably better shape.
My hometown has a public energy utility. My current residence has choice of two, both far more expensive than my home, and they both cost the same. Why? I don't know.
I don't have experience with private water (thank god) but in countries that do privatize water, service and cost isn't exactly an outcome.
This isn't even addressing private vs public (when they're properly funded) education, healthcare, public safety, etc. I've never seen a favorable comparison in any of these cases, though.
Don't want to be too serious, on Slashdot though, so here's a joke. Why is my 6 year-old a libertarian? He doesn't understand the world either.
Phone Phreaking (i.e. playing tones into a phone) is a violation of the Computer Fraud and Abuse Act, but installing malware on millons of computers, is not.
Let's examine the language...
(5) (A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss.
A "compromised" computer is by definition a damaged computer, in terms of its original and expected behavior. This damage cannot be considered as anything less than "intentional" in the case of TURBINE.
Oh look the gentry and the elite doing what they tell us not to do. My, how times NEVER change.
While I agree with the fact of the rediculousness of how the government can do crime in many ways that would otherwise be illegal. Equating taxes to it is just plain stupid. Taxes are logical payments for services in which the government can and does provide. IE the roads, the oversight into companies to prove that our food isn't entirely relabeled rat droppings, fire departments etc.. Now is it done perfectly or even well? Not in the least, but no matter what a functioning society is going to need a tax system. Even if a perfect rebuilding of government happened, taxes would absolutely be a necessity.
In a world where 90% of desktops can't even display a JPEG securely, to not have this capability would be dereliction of duty.
Help stamp out iliturcy.
How many Xbox One consoles have sold? Microsoft claims 4 million+. That's 4 million homes that have each willing placed the most sophisticated NSA spy device imaginable in prime position to track the household residents 24/7.
Microsoft and their NSA partners, when considering the change of policy that allows (in theory) people to use the console WITHOUT either Kinect of an online connection (both originally compulsory requirements), found that market research indicated a 95%+ likelihood of users choosing to use the console in an NSA optimal fashion.
Essentially, if a person were thick enough to ignore the clear warnings that Microsoft designed the Xbox One to spy on users, they'd actually take a pride in setting up their console according to the NSA guidelines.
Snowden proves over, and over, and over, and over that the GCHQ and NSA are about every aspect of 'full surveillance', and that those people who don't consider themselves as valid targets are exactly the people the NSA are most interested in hitting. A kid screaming the N-word over and over while playing an online game of 'Call of Duty' may one day be a politician whose vote is sought in support of yet another vile war of aggression. Showing him video of his 'racist' outbursts, and asking him how his electorate might respond to such a 'leak' in the press will gain the vote of 90%+ of all people blackmailed this way.
Yet the Xbox One goes so much further. A 'super computer' (by the definition of less than a decade back) connects to a military grade sensor that actually measures the speed of light at each pixel, providing for unprecedented analysis of movement in the room. The Xbox One can be trivially taught to recognise any common pattern of movement (especially the rhythmic movements associated with sexual activity), and begin recording/uploading when such a trigger happens.
Every Xbox One is continually running facial and voice recognition services. And the result of these calculations is uploaded daily to NSA servers in the cloud. NSA computers, mostly using algorithms designed by Google for this purpose, process the facial photographs and voice samples to extract better identification information. The NSA goal is to know who enters/leaves every room with an Xbox One, and when.
The NSA NEVER, EVER, EVER needs hacking or 'trojans' to control the Xbox One computer system. Microsoft provides the NSA with a copy of every Xbox One encryption/authorisation key, so EVERY single online console 'phones home' to NSA servers, and any one of these consoles can be instantly remotely controlled by an NSA agent.
The NSA has far more than its 'fair' share of paedophiles. These individuals have unlimited access to the camera systems of Xbox One consoles located in the bedrooms of children. The video that flows from these cameras is encrypted on-the-fly, so the NSA sex criminal that chooses to use the NSA facility this way can avoid detection if he has even one working braincell.
Snowden is giving a VERY limited snapshot of NSA/GCHQ behaviour in the distant past- 'distant' in the sense that even 5 years back is an eternity when considering the world of computer based surveillance. The owners of Slashdot emphasis, as much as they can, lesser and obsolete abuses by the NSA.
The Xbox One makes all previous forms of full surveillance look like they belong in the Stone Age, and yet Microsoft/NSA reputation management policies on forums and social networks ensure that, even today, those that warn about Xbox One spying are dismissed as "paranoid nut-cases". Every single tech site, this one included, has the official position that no NSA spying occurs via the Xbox One. Every monster in History has followed the principle "if you operate through lies, make your lies as BOLD as possible- the bigger the lie the better it works".
Wouldn't those things then be provided and nearly free then?
Because even though I'm paying record taxes of *thousands* a single paycheck, it seems shit is just shutting down left and right here in Detroit.
Roads are horrible, schools shutting down and bussing to horrid inner-city schools, power is so spotty people complain that they cannot leave for vacation or pets will die. Recently the water plant notified everyone that they failed to maintain the proper city water testing schedule.
So every time I make a $4800 gross paycheck for 2 weeks..... Where exactly is my $2000 going since I only net $2800 of that as a single white male? Car insurance is record high despite a clean safer driver record for 5+ years. Property values plummiting....
Yet I always hear how millions were stolen from this city thing, or lost to that city contract, or someone sued and got X million from the city...... Where are MY taxes going? Not seeing any of these things you are talking about.
Okay, everybody, stop your whining. I'm pretty sure every one of us reading slashdot has had somewhere near the middle of his or her to-do list something along the lines of "script mass exploit of remote computers in case I ever need to give the entire world a big F-U". There it is, just below "implement monitoring for everything" and just above "stock up for immanent apocalypse" (which fell a few spots in late 2012). It probably won't ever float high enough to actually make much progress on, but we've all though of it. If you could get someone to actually pay you to work on that one in a semi-legitimate fashion (i.e. NOT the mafia or Russian government), wouldn't you jump at the chance?
No, those are something else entirely. The crimes happen when government agencies exceed their mandate or the limits of the Constitution. Of course, that puts the NSA firmly on the wrong side of the law here. I'm just waiting for the announcement that they are merging with the RBN. If they were at all honest, they would have struck the colors and hoisted the Jolly Roger by now.
This is the really scary part. Other nations are doing it and soon criminal organizations will be doing it, if not already. They are destroying the internet as we know it. Purchase something online and have your money routed to elsewhere or have your credit balance jump to new heights as others use your credit information. Here is a possible senario: "You charged me for 10 widgets." "No sir, we charged you for one and you received it. We did not receive money for 10 but only for the one."
I love the Expert System. Was it designed by the Really Clever Person? Is Dr. Evil working on the Really Stupid System to counter it? Go figure, or not, depending on the Really Mathematical System.
On y va, qui mal y pense!
If only the NSA were on their side and not a maverick sovereign terrorist group!
01/01/01
Leave, everyone else did. Someone's gotta pay to keep the pipes under all those empty houses, light all those empty streets, bus all the empty schools. That somebody is the sucker still living there. That somebody is you.
The only thing that can save Detroit is to disincorporate its suburbs. It might be able to survive as a quaint little hamlet of a dozen acres or so. The people living outside of it can then decide whether to move back into town or find their own water and sewers and police.
And what is the point of huge list that says:
John Smith ...
John Smith
Jone Smith
John Smith
wouldn't it be cheaper to just rent an existing botnet army?
As bad, if the NSA can do it, so can others. Either they will hijack the NSA's 'wares, or they will use the same vulnerabilities and methods pioneered by these government agencies. Rather than working to protect the nation's citizenry, businesses and infrastructure, the NSA and others are actively undermining our security. Their mandate is not only to intercept enemy signals but to ensure that those of the country's are not similarly compromised. So not only have they overreached too far in one direction, they have ignored the equally important other part of the job.
Sadly, even if the NSA did start offering secure solutions for people, would anybody trust them enough to take them up on it?
Yup, as suspected, are the "vector" OSs. 'nuff said...
That is why bathroom stalls have doors.
In civilized countries, security agencies watch you sleep.
Just how useful has Microsoft Windows been to the NSA in the ease of remotely compromising these "computers"?
fuck your 6yo
Sounds like something the typically Liber's into.
Government is there to shuffle papers, maintain infrastructure and do the public's bidding. Not imprison and interfere with other people and countries.
If at first you don't feel good.... suffer like the rest of us.
Logical payments would require opting out without penalty, not being force to pay someone else's bills, and not being arbitrarily charged for the collector just wanting more.
"A soft answer turneth away wrath. Once wrath is looking the other way, shoot it in the head."
I've got some moronic friends (around 20 years old) who keep calling themselves anarchists, but they have yet to attempt to assassinate a government official. I keep telling them their not really "hardcore" until they at least TRY to take out some gov dupe, but all they want to do is do drugs and rant at coffee houses.
A society isn't exactly an area that "opting out" is plausible. A police officer can't exactly take the time to determine whether or not someone opted into the "save me if someone is holding a gun to my head" plan, The fire department can't wait for the fire to spread from your proporty before begining to fight it, we can't exactly set up a "food tested to be safe" and "eat at your own risk" sections of the grocery store, A good portion of things that are paid for by taxes, are things that just have to be do it for everyone in the area, or don't do it at all sort of things. Humans have already learned that creating a society with more than 50-100 people, involves some form of infrastructure, and everyone in that society has to chip into that infrastructure. If anarchy worked, there would be a first world country that has an anarchy you could move into. Unfortunately natural selection did not favor such societies, they died out or were invaded and taken over by societies that actually had a functional military etc...
One of them massive government over reaches that y'all need the guns to make sure that it doesn't happen?
There's been shitloads of malware infections since 2009 despite everyone's best efforts and more people moving off XP to win7.
Maybe more like whipped 100 lashes with a horsewhip while tied to a whipping post, then tarred and feathered and locked up in a pillory in a public square for a few days while fed only bread and water. Then when they recover physically from that, about 10 years in a chain gang doing hard labor.
Humans, no. Feudal lords and khans that evolved their propaganda to pretend to be more than mere warlords. Nations run by politicians only recognize nations run by politicians. It's like monotheists with other monotheists vs polytheists, much less atheists. They're assumed out of the power question thus fair game. Society as you're defining it is merely a power game, and taxes are robbery to maintain that power, just like the old tribute days. Most taxes go to propping up malfunctional "social" programs meant to farm sheeple and sheepledogs for the shepherds. Sheepledogs regularly openly violate the pretense of functional "order" to run extralegal enforcement as per TFA. It's not even a coherent system, never was, never will be, barring social engineering and technology eventually giving us the bastard child of Idiocracy and the Borg.
"A soft answer turneth away wrath. Once wrath is looking the other way, shoot it in the head."
hello there nsa covert op. is this the samen advice you gave to marathon bomber? how are your psyop green field studies coming along? have you reached 99% sucess rate in turning legit basement dwellers into mass murderers yet?
Yes, I see that you have. Eeeeeeeeeexcellent...
Oh, but there are many things you COULD opt out in current society with very little trouble, many many more than those you couldn't. You are right about some government functions that are needed to make society work, but as governments grow the vast majority of the tasks it takes for itself are not critical and should not be imposed upon people regardless of their wishes.
Coercion should be applied only where there is no other way.
> Why is my 6 year-old a libertarian? He doesn't understand the world either.
Because even a six year old can see the federal government is beyond repair if it remains a two party system?
I know this comes up in pretty much every single NSA/CIA/whatever discussion but infecting millions of computers so you can listen in on what every single person is doing.. How is that not exactly what is described in 1984? The only difference being is they don't currently have the power to sort through all that information. As soon as they find a way to do so free society is gone.
Just leave the country, if you don't like it.
Go start your own country and see how you fare without taxes (You are borderline retarded if you believe that people will not all 'opt-out').
Any time someone uses that word, you can tell he's part of the Molyneux cult.
Governments in functioning countries do provide all of the things you mention. They also work to keep ensuring the safety and quality of the same.
We weren't supposed to find out about this at all. TURBINE is a codename for a software company front, and the NSA carefully disguised the tool as an MMO that people not only play voluntarily, but pay the NSA for the privilege.
You may have heard of it. It's called "Lord of The Rings Online."
OSX. BAckdoor.Morcut-9 is a government trojan, according to https://www.securelist.com/en/... I suspect it's part of the NSA dropper profgram.. I found it in a file I got in a legitimate gaming circle. It's used to spy on people and can be activated remotely. So yes, the article is true
It's been a two-party system for most of well over two centuries. It may be beyond repair, but I don't see that it's any more broken than it has been for centuries.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
That salary goes a long way, and I'd gladly double my taxes to increase the services everyone here is getting.
In that case, the IRS will not mind one bit if you send them a nice check on April 15th for the extra $20,000 or so. Still want to pay double your current taxes?
If however you meant that you would be glad if the *rest of us* paid double taxes, I'll have to say, "No, thank you."
It's always easy to spend other people's money. Which is why so many politicians have no issues with spending more and more each year.
Since the Attorney General is a pawn of the president, only those laws the president wants to be enforced are enforced. This is a government operation to put all the citizens of this country under government control, and approval of these programs goes all the way to the top. Maybe a private lawsuit would work, funded by deep pockets.
They installed Windows.