Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schneier: Either Everyone Is Cyber-secure Or No One Is

Posted by Soulskill on from the nobody's-safe-except-the-amish dept.

Presto Vivace sends a new essay from Bruce Schneier called "The Democratization of Cyberattack." Quoting: When I was working with the Guardian on the Snowden documents, the one top-secret program the NSA desperately did not want us to expose was QUANTUM. This is the NSA's program for what is called packet injection--basically, a technology that allows the agency to hack into computers.Turns out, though, that the NSA was not alone in its use of this technology. The Chinese government uses packet injection to attack computers. The cyberweapons manufacturer Hacking Team sells packet injection technology to any government willing to pay for it. Criminals use it. And there are hacker tools that give the capability to individuals as well. ... We can't choose a world where the U.S. gets to spy but China doesn't, or even a world where governments get to spy and criminals don't. We need to choose, as a matter of policy, communications systems that are secure for all users, or ones that are vulnerable to all attackers. It's security or surveillance.

5 of 130 comments (clear)

  1. Stating the obvious by Anonymous Coward · · Score: 5, Informative

    Its always seemed obvious to me that the system that you *know* grants unauthorised access cannot be considered to be secure. I never thought I was saying anything profound or even worthwhile, but apparently this fact is lost on a good number of people.

    1. Re: Stating the obvious by AHuxley · · Score: 3, Informative

      world wide wiretap AC

      --
      Domestic spying is now "Benign Information Gathering"
  2. Re:someone else can be first by Anonymous Coward · · Score: 4, Informative

    Zero day vulnerability even if you don't visit an infected website.

  3. Re:someone else can be first by kesuki · · Score: 1, Informative

    packet injection for dummies.
    1. user initiates comms
    2. MITM detects comms
    3. MITM rewrited packet headers and sends falsified packets AS user
    4. Computer reads funny joke
    5. computer spits coffee into keyboard
    6. device is fried, user is blamed.
    7. government sells broken device to user
    8. user can't push device sold to them
    9. user wishes it never happened
    10. quantum paradox occurs
    11. server reboots
    12. ???
    13. nuked from orbit
    14. goto step 1.
    15. bitch complains about tight loop.

    --
    https://www.gnu.org/philosophy/free-sw.html
  4. Re:facts please ! by Programming+Ace · · Score: 5, Informative

    The guardian team has spoken before, they raise all of their publications to the Department of Defense and NSA for comment before releasing to the public. This is why some of the information coming from the Guardian is still redacted. They're trying to make sure they're not putting anyone's lives at risk in the process of disclosure.