Slashdot Mirror
How the NSA Plans To Infect 'Millions' of Computers With Malware
Advocatus Diaboli sends news from The Intercept about leaked documents which show that the NSA is significantly expanding its efforts to build an automated system to compromise computers remotely. From the article:
"The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to 'allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.' In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the 'Expert System,' which is designed to operate 'like the brain.' The system manages the applications and functions of the implants and 'decides' what tools they need to best extract data from infected machines."
Shouldn't somebody go to jail for this?
to pull out my old C64, dust it off and find my floppies.
to a happier and simpler time
A feeling of having made the same mistake before: Deja Foobar
I can't believe this claim.
I bet they did this a decade ago, and this article is just a way to make people believe it hasn't actually happened yet ...
- Jesper
My security clearance is so high I have to kill myself if I remember I have it...
If not, we could finally be looking at the year of Linux on the desktop. :)
For me Linux on the desktop came about five years ago.
If I were God, wouldn't I protect my churches from acts of me?
But I personally have nothing to hide.
Even if You are completely innocent, You have "something to hide". So agree both a defense Attorney and a law enforcement Officer as well as every other law enforcement Officer I have ever met.
Is there any way to avoid such a thing short of cutting my net connection?
Wouldn't do much good. They have a plethora of ways to extract information from your computers even if there is no internet connection.
But I personally have nothing to hide.
Yes you do. I'm not even going to go on about the "the average person commits 3 felonies a day without even knowing it," speech and instead just point out that everything you do in your private life is just that: private. It is yours, and unless they have a warrant, "they" (whoever "they" may be in your country of choice) should not have access to it under any circumstances. That, and even if you don't think you are a valid target, "they" might disagree. There's a number of people out there that thought they were safe and could trust the system, but you know how that turned out. Most recently, Feinstein is finding that she has been bitten by the very same spy machine she's been feeding, or how about Petraeus' mistress that was exposed through the use of so-called "meta-data."
However, you're absolutely right that even if someone perceives themselves to not be a target, they should still move towards securing themselves.
Is there any way to avoid such a thing short of cutting my net connection? Generally I am not too worried about the NSA. I think it is BS what they do as far as invasion of privacy. But I personally have nothing to hide. But this has completely changed the small amount of reluctance I had in becoming a "ZOMG da sky iz fallinz!" type.
The "I have nothing to hide" argument is quite the slippery slope. Do you truly, really, honestly have nothing to hide? Let's put up cameras in every corner of your house, then. Perhaps we can get full copies of your bank statements? You may trust the NSA as a whole, but Snowden already showed that even a single bad apple can ruin a lot of days. What if he leaked compromising information of private citizens as part of his escapades? Would you have something to hide then? Hyperbolic? Sure. But because we've had even just a handful of instances of people having their lives screwed while innocent because surveillance - legal or illegal - uncovered something about them, it's a valid point. Read more. (article about why privacy matters)
Is my Kaspersky Antivirus going to find and remove their viruses? Or even better, perhaps some enterprising hacker will write a tool that that sends its own malware back through the NSA bot net and trashes their servers. When I was a youngster "We Have Met The Enemy and He Is Us" was amusing. Now it it taken as a guiding principle by our intelligence services. It's sad.
20 years ago, when I first started ranting about the NSA it was mostly theoretical. I ranted because there was no proof they were not evil. The stickers on my laptop's mic and camera were a bit of a joke. People would ask about them and it would give me a chance to rant. That's all I really wanted. A chance to rant from time to time.
But, now it is clear that all my rants were too conservative.
Now I am doing IT security for a university. I spend all day attempting to hold off the attacks of foreign governments. Some of those attacks now appear to be my own government. I never really wanted to be this paranoid. And it still appears that I am not paranoid enough.
When will I ever be able to take off this stupid tinfoil hat?
Congress keeps railing against money wasted on social programs. It appears the NSA and the CIA are elaborate social programs for sociopaths. Why can't we defund them?
People with nothing to hide can still get wrongfully convicted with circumstantial evidence.
Not to mention that many people have something they'd like to hide. Perhaps nothing illegal, but something that would be embarrassing were it to become public knowledge. An agency that spies on everyone is one political move away from threatening to reveal these secrets if you don't tow the line.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
By far the most effective way to fight terrorism these days would seem to be by dismantling the NSA. It's the largest terrorist organization in the world.
And what a lot of money would be saved.
The principle is still valid.
"According to your cellphone records, you were in the vicinity of an anti-government protest..."
Anybody wonder if the plans in these documents (circa 2009?) have maybe adapted and become the recent Linksys worm?
People with nothing to hide can still get wrongfully convicted with planted evidence.
How do we know that the next update on linux is safe?
I thought you said you were going to audit it.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
How do we know that the next update on linux is safe?
Nothing is safe, it never was. A "safe" computer is one with no network behind a locked door where the users have to undergo a full body search before entering the locked room.
Everything else is suspect. That's how NSA and their partners have worked for decades, get used to it.
XML is a known as a key material required to create SMD: Software of Mass Destruction
I'm the leech from above, with consistent employment. If plans pan out at my current place, I may reach the $80,000.00 range by the end of the year. I'm not rich, but I'm far, far away from needing any social assistance. I don't live in a huge city, so cost of living is quite low here. That salary goes a long way, and I'd gladly double my taxes to increase the services everyone here is getting.
The roads here that are privately maintained are garbage, and the tolls aren't automated yet so they're slow as hell, while the city ones are always in considerably better shape.
My hometown has a public energy utility. My current residence has choice of two, both far more expensive than my home, and they both cost the same. Why? I don't know.
I don't have experience with private water (thank god) but in countries that do privatize water, service and cost isn't exactly an outcome.
This isn't even addressing private vs public (when they're properly funded) education, healthcare, public safety, etc. I've never seen a favorable comparison in any of these cases, though.
Don't want to be too serious, on Slashdot though, so here's a joke. Why is my 6 year-old a libertarian? He doesn't understand the world either.
Toe the line. TOE THE LINE. Not tow. Toe the line as 'line up over there'.
---- The above post was generated by the Turing Institute. Maybe.
While I agree with the fact of the rediculousness of how the government can do crime in many ways that would otherwise be illegal. Equating taxes to it is just plain stupid. Taxes are logical payments for services in which the government can and does provide. IE the roads, the oversight into companies to prove that our food isn't entirely relabeled rat droppings, fire departments etc.. Now is it done perfectly or even well? Not in the least, but no matter what a functioning society is going to need a tax system. Even if a perfect rebuilding of government happened, taxes would absolutely be a necessity.
How many Xbox One consoles have sold? Microsoft claims 4 million+. That's 4 million homes that have each willing placed the most sophisticated NSA spy device imaginable in prime position to track the household residents 24/7.
Microsoft and their NSA partners, when considering the change of policy that allows (in theory) people to use the console WITHOUT either Kinect of an online connection (both originally compulsory requirements), found that market research indicated a 95%+ likelihood of users choosing to use the console in an NSA optimal fashion.
Essentially, if a person were thick enough to ignore the clear warnings that Microsoft designed the Xbox One to spy on users, they'd actually take a pride in setting up their console according to the NSA guidelines.
Snowden proves over, and over, and over, and over that the GCHQ and NSA are about every aspect of 'full surveillance', and that those people who don't consider themselves as valid targets are exactly the people the NSA are most interested in hitting. A kid screaming the N-word over and over while playing an online game of 'Call of Duty' may one day be a politician whose vote is sought in support of yet another vile war of aggression. Showing him video of his 'racist' outbursts, and asking him how his electorate might respond to such a 'leak' in the press will gain the vote of 90%+ of all people blackmailed this way.
Yet the Xbox One goes so much further. A 'super computer' (by the definition of less than a decade back) connects to a military grade sensor that actually measures the speed of light at each pixel, providing for unprecedented analysis of movement in the room. The Xbox One can be trivially taught to recognise any common pattern of movement (especially the rhythmic movements associated with sexual activity), and begin recording/uploading when such a trigger happens.
Every Xbox One is continually running facial and voice recognition services. And the result of these calculations is uploaded daily to NSA servers in the cloud. NSA computers, mostly using algorithms designed by Google for this purpose, process the facial photographs and voice samples to extract better identification information. The NSA goal is to know who enters/leaves every room with an Xbox One, and when.
The NSA NEVER, EVER, EVER needs hacking or 'trojans' to control the Xbox One computer system. Microsoft provides the NSA with a copy of every Xbox One encryption/authorisation key, so EVERY single online console 'phones home' to NSA servers, and any one of these consoles can be instantly remotely controlled by an NSA agent.
The NSA has far more than its 'fair' share of paedophiles. These individuals have unlimited access to the camera systems of Xbox One consoles located in the bedrooms of children. The video that flows from these cameras is encrypted on-the-fly, so the NSA sex criminal that chooses to use the NSA facility this way can avoid detection if he has even one working braincell.
Snowden is giving a VERY limited snapshot of NSA/GCHQ behaviour in the distant past- 'distant' in the sense that even 5 years back is an eternity when considering the world of computer based surveillance. The owners of Slashdot emphasis, as much as they can, lesser and obsolete abuses by the NSA.
The Xbox One makes all previous forms of full surveillance look like they belong in the Stone Age, and yet Microsoft/NSA reputation management policies on forums and social networks ensure that, even today, those that warn about Xbox One spying are dismissed as "paranoid nut-cases". Every single tech site, this one included, has the official position that no NSA spying occurs via the Xbox One. Every monster in History has followed the principle "if you operate through lies, make your lies as BOLD as possible- the bigger the lie the better it works".
Dough!
I mean...
Do'h!
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
As bad, if the NSA can do it, so can others. Either they will hijack the NSA's 'wares, or they will use the same vulnerabilities and methods pioneered by these government agencies. Rather than working to protect the nation's citizenry, businesses and infrastructure, the NSA and others are actively undermining our security. Their mandate is not only to intercept enemy signals but to ensure that those of the country's are not similarly compromised. So not only have they overreached too far in one direction, they have ignored the equally important other part of the job.
Sadly, even if the NSA did start offering secure solutions for people, would anybody trust them enough to take them up on it?
Logical payments would require opting out without penalty, not being force to pay someone else's bills, and not being arbitrarily charged for the collector just wanting more.
"A soft answer turneth away wrath. Once wrath is looking the other way, shoot it in the head."
A society isn't exactly an area that "opting out" is plausible. A police officer can't exactly take the time to determine whether or not someone opted into the "save me if someone is holding a gun to my head" plan, The fire department can't wait for the fire to spread from your proporty before begining to fight it, we can't exactly set up a "food tested to be safe" and "eat at your own risk" sections of the grocery store, A good portion of things that are paid for by taxes, are things that just have to be do it for everyone in the area, or don't do it at all sort of things. Humans have already learned that creating a society with more than 50-100 people, involves some form of infrastructure, and everyone in that society has to chip into that infrastructure. If anarchy worked, there would be a first world country that has an anarchy you could move into. Unfortunately natural selection did not favor such societies, they died out or were invaded and taken over by societies that actually had a functional military etc...