Slashdot Mirror
CIA Tried To Crack Security of Apple Devices
According to a story at The Guardian passed on by an anonymous reader, The CIA led sophisticated intelligence agency efforts to undermine the encryption used in Apple phones, as well as insert secret surveillance back doors into apps, top-secret documents published by the Intercept online news site have revealed. he newly disclosed documents from the National Security Agency's internal systems show surveillance methods were presented at its secret annual conference, known as the "jamboree."
If i wanted to really know someone, I'd bug the computer in their pocket with the GPS and the microphone.
The big news is, when does the "hey lets go after foreign enemies" change to "well, american, foreign, it's all the same to me"
The hacked compiler is kind of interesting too. Lets insert backdoors into ALL TEH iTHINGs!!!
http://cm.bell-labs.com/who/ken/trust.html
Through their hard work, numerous exploits have been discovered, which has led to Apple patching them, which in the end keeps us all more secure.
I mean honestly , hands up who DIDN'T think this had happened?
Ok , you and you over there - hand in your geek badges at the door on the way out.
Less a yawn, more a "duh, we already knew the NSA is the enemy".
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
You need a government for that?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
CIA Tried To Crack Security of Apple Devices when the NSA already did
should've just asked, bros!
Anons need not reply. Questions end with a question mark.
Ken Thompson was a visionary, but he probably didn't envision it'd be his own government doing the compromising:
Reflections on Trusting Trust
you know that DRAM hack-attack that was just made public? how much you wanna bet the US gov had a hand in making that possible?
Anons need not reply. Questions end with a question mark.
If privacy is dead, then let's put up webcams to NSA HQ. Also, the NSA is, in practice, a military organization. That makes it a much larger concern.
This is my signature. There are many like it, but this one is mine.
The difference is maybe that the fire department can't yell "witch"... sorry, I mean "terrorist" and have someone arrested that isn't to their liking.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Less a yawn, more a "duh, we already knew the NSA is the enemy".
They probably also write some of the more popular free games/apps out there as well. Not a great way of bugging a phone but still a way of getting their malware out there. Or at least it wouldn't hurt...
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
The very act of having an nationalized health care system would put as much personal information in the hands of the US Government any random NSA snoop of Wikipedia or break in on someone's mobile would.
What utter fucking bullshit.
Can my health records determine who I am friends with? Where I go? Where I browse online? Who I communicate with? What investments I have? And 100 other things the gov't could (and have) use as leverage to get information out of me if they wanted.
There are two types of people in the world: Those who crave closure
I really hope no one believe what the article says. The government wants all of us to believe that we're safe and secured by the overreaching NSA. All USA government needs is to ask apple (or any companies) to disclose their encryption scheme. It is far cheaper and more effective than trying to hack or crack anything, don't you think?
I don't think this is a "tried to" at all, just look at the permissions a lot of stuff asks for.
Facebook, a bunch of EA games, Angry Birds, etc all ask for insane permissions ranging from your full contact list, to seeing who you are on a call with to accessing the microphone. It's a spook's wet-dream.
I disagree with your assessment of the comparative threat. All of those things are interesting, to be sure, but were never actually *private*, as in privileged or personal. There was just never a particularly easy to put that information together, but for the most part, none of that is actually personal.
Heath care information is actually personal, and includes a lot of details, including payment details, specific and possibly embarrassing health conditions, and a lot of other things you'd have no other way of obtaining except through attacking straight through doctor patient confidentiality. You don't need much imagination to understand how that is very, very useful information. Not least because it has been harder to come by.
Any old internet provider could choose to give up your data at any time, and they have with relatively minimal fight in many cases. Cracking a more closely held sort of data than that is something that would be an innovation.
What utter fucking bullshit.
Can my health records determine who I am friends with? Where I go? Where I browse online? Who I communicate with? What investments I have? And 100 other things the gov't could (and have) use as leverage to get information out of me if they wanted.
May not. But what if they wanted you out of the picture by inserting a history of mental illness or paranoid schizophrenia into your medical health records. That could be an excuse to confiscate your guns or have you institutionalized. And these are the things off the top of my head, I'm sure the govt. could come up with even more sinister/evil things to do to one's records.
All of those things are interesting, to be sure, but were never actually *private*, as in privileged or personal.
Again, what utter fucking bullshit. Communication is still considered private when done in private. Note I didn't say everything was being done online.
Healthcare is private too, but that doesn't mean everything else isn't.
There are two types of people in the world: Those who crave closure
Under nationalized healthcare, effectively YOU ARE GOVERNMENT PROPERTY!!!! Any activity that can effect the cost of healthcare to the nation can and will be legislated under the auspices thereof.
Under national healthcare, your personal liberties are anything but!
Life is not for the lazy.
Do you think that the US would exist separate from England if the king was able to determine where everyone went and who they communicated with? No, instead the founding fathers would have all been executed and the subjugation of the American people by a tyrannical dictator would have continued. If there is no threat from the people, what will stop the US government from becoming tyrannical?
And 100 other things the gov't could (and have) use as leverage to get information out of me if they wanted.
No to everything before this. Big yes to this.
The Daddy casts sleep on the Baby. The Baby resists!
And neither can the NSA. Technically. Unlike the CIA, the NSA is a signals intelligence organization with no enforcement power and no operational branch to speak of. It's threat is simply that it can provide information very efficiently.
In reality, any government organization has the capability to get you arrested, even the fire department, based on either an interesting interpretation of their powers, or their ability to turn over information to someone who can arrest or otherwise harm you.
I'd also point out that in a certain book, the "firemen" were those who entered areas to burn that which threatened the existing order. The parallel is intentional. The government is what its powers are and how they use them. Labeling something as "fire department" or "police" or "signals intelligence" or "health care" is only valid in the sense that the government maintains that separation or can somehow be forced to do so.
The problem with the NSA is *not* that they collect intelligence on US citizens. Your internet provider accidentally does that every day for troubleshooting purposes. It is that we fear that the NSA can turn into an organization bereft of limitations on what they can *use* the information for and who they can share that information with. The ability to get away with that can affect any agency of the Federal government, from DHS to HHS.
"Using Metadata to find Paul Revere"
http://kieranhealy.org/blog/ar...
Paul B.
Sorry, no. As despised as the IRS is, it performs according to it's charter and the constitution (for the most part).
The NSA is an actual domestic enemy of the people. It's activities are illegal and it is actively damaging everyone's rights and security.
Nationalized health care would NOT give any government agent the ability to know exactly where I am most all of the time like the NSA illegally hacking my phone would. It would not let anyone know who I talk to, when that happens, or what was said like the illegal NSA hacking does.
For the most part, the fire department doesn't drive around stripping off insulation from electrical wires or drilling little holes in gas pipes under your house. Sure they _theoretically_ could, but the CIA is actually at this very moment doing this exact thing.
The biggest part of this story is a poisoned Xcode, and it's not even mentioned in TFS. WTF?
https://firstlook.org/theinter...
What changed under Obama? Nothing Good
I will correct you on one thing. We don't fear the NSA will turn into something evil, we know it will. Power leads to corruption and abuse of authority. 70,000 incidents of NSA operatives spying on their significant others in contravention of the law with NO repercussions to those individuals is proof enough that the NSA will eventually abuse it's authority in a significant and likely very bad way to our democracy.
Damn straight, It's so much better to have a private company of unelected MBAs deciding those things rather than elected representatives.
A charter is a piece of paper to those who have power and know how to get around it.
We're effectively assuming that we can trust some government bureaucrats in a government but not others. What makes the IRS more trustworthy? We have some evidence that at least some of them are not. Do we wait until they've more fully broken our trust before we question their desire to accumulate more and more information?
Candidly, I am not entirely sure I see the difference between what the NSA is collecting, and what we actually give the government every day of our own volition. In the end, I think it is only because we see value in one and not the other. And that's fine, if that is the trade off, but in the end, my original point is simply that the NSA isn't killing privacy, privacy is a false construct outside of the shadows that are increasingly becoming flood lit. I think the sooner we accept that, the sooner we understand how to deal with the implications of it.
You can define your iPhone or Google searches as sancrosanct because you fear the government can use it against you, but that ignores the fact that increased centralization and expansion of government services can create the same information gathering effect without the NSA's involvement.
Yes actually, it is. Democracy is dead. It's now a plutocratic club; once you're in, you're in baby!
Life is not for the lazy.
One can switch insurance companies, companies who compete for business. Government's don't compete for customers. Big difference. I never voted for a single bureaucrat at the HHS, and neither did you. Our congresscritters never read the bill before voting on it. We truly live in a post-constitutional era.
Although I am not as certain as you are, I agree that the NSA could use that power nefariously. I just think the outrage is missing the point. We're piling our dislike on one agency, while calmly ignoring the threat of the whole.
I'm not defending the NSA. Far from it. I just want to clarify that I feel that the NSA is merely on the bleeding edge of that sort of abuse. We could throw every NSA staffer in jail and shut down all its functions, and all we've done is put a finger in an increasingly unstable dyke because we're not addressing the actual problem, just the symptom.
The problem is simply that all of that information is there, whether it is the NSA or the FSB or Google that has it. The NSA isn't some shadowy organization using alien technology hundreds of years ahead of us, it's just slightly ahead of the curve. Until you address that, you're just going to play whack-a-mole with whatever agency decides to overstep its bounds next Tuesday.
I won't claim the IRS is angelic. In fact, I think we need to review what information they collect to be on the safe side.
But the NSA has clearly stepped over the line. It is no longer a possibility to worry about, it is a fact. They aren't just a potential enemy to be watched, they are an actual current enemy to be eliminated.
Would anyone place bets that some operating systems also have government spyware built in? Open source makes it less likely but sealed code such as in Windows products very likely does have built in spy ware. And I would bet that some encryption and compression programs are fishy as well.
The NSA is no more the enemy than the IRS or any other government agency that will keep information on us.
so... they are all the enemy
have you seen my sig? there are many others like it but none that are the same
I will correct you on one thing. We don't fear the NSA will turn into something evil, we know it did.
ftfy
have you seen my sig? there are many others like it but none that are the same
The big news is not that the CIA was trying to break in. Hearing that they were trying means they still needed to get in.
Its when you STOP hearing they are trying. Because the only time they STOP trying is when they have in fact achieved their goal. These are not people who give up when it's too hard. They never quit. Unless they've won.
Sig for hire.
Actually, no. With Google, I can still opt in or out. With gov backed NSA back-dooring every ISP effectively in the world.... I can't opt out without cutting all internet connectivity. See the admittedly minor difference?
The cesspool just got a check and balance.
For the most part, the fire department doesn't drive around stripping off insulation from electrical wires or drilling little holes in gas pipes under your house. Sure they _theoretically_ could, but the CIA is actually at this very moment doing this exact thing.
I think that the firemen had their chance at such a career when they were called out to use their water hoses on protestors during the civil rights movement, which they did a couple of times. Then, there were arsons set which turned out to be sniper attempts to shoot firemen that came to fight the fire. After that, firemen typically will loan their equipment out to police for such things, but refuse to get involved themselves. As pretty much the only uniformed service that people actually like rather than fear, they tend to want to keep it that way.
Re: "They probably also write some of the more popular free games/apps out there as well. Not a great way of bugging a phone but still a way of getting their malware out there. Or at least it wouldn't hurt..." :)
The telco network tracks a person, the soft glowing power down and sealed battery design ensure a device is always network ready, the hardware is mic, text, gps gov wiretap friendly as designed. Games help keep a person wanting to ensure the device is powered and in use during the day and into the night
Domestic spying is now "Benign Information Gathering"
The NSA is no more the enemy than the IRS or any other government agency that will keep information on us.
So, you're defending the NSA by comparing it to the IRS.
Want to come back when you have a better argument to make?
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
As despised as the IRS is, it performs according to it's charter and the constitution (for the most part).
Nope. They routinely violate the fourth and fifth amendments.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Cameras? Who needs cameras when you have Edward Snowden?
Privacy is a problem even for the NSA. It just doesn't manifest in the same way for agencies as it does for people.
If you can take a relatively idealistic employee of an agency and have them be willing to flee the country for nothing other than principle? I'd say that is an issue.
Some people are going to be more effective at protecting themselves than others, but if the NSA can't keep its secrets, just about anyone is vulnerable.
Yeah, except you're not going to opt out. Not really. Oh sure, you might opt out of Google or some specific company for some specific purpose, but you're still going to opt-in everywhere else and they're all collecting your data.
You're more likely to be hit with annoyances like targeted sales calls or social engineering from random non-governmental actors than you ever will be by something like the NSA. The NSA doesn't care about you, it doesn't care about me. Not unless you fit a profile, and that profile isn't going to be "person who doesn't like the US government", because that covers 99.9999% of the non-comatose US population at one point or another.
After that, firemen typically will loan their equipment out to police for such things, but refuse to get involved themselves.
They were snooping around people's property out here in the emerald triangle, too, and then they got shot at and now they aren't doing that any more.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Wow, google IRS fourth and fifth amendment violations. That's one big ball of crazy...
I can understand the fifth amendment, but self incrimination is not the same thing as looking at your paper trail, and the fourth amendment concerns I see are just the same old standard fourth amendment issues we tech people have with all government agencies.
Cheap storage VM.
The NSA has files on everyone. The NSA has files on everybody in power. They are all corrupt. Hence the NSA has blackmail information on everybody in power.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
But you might fit the profile that comes into vogue next week, or next month, or next year. That's the problem with this type of data. Or, worse, you might be associated with someone that fits the profile, and that will be that.
The cesspool just got a check and balance.
How successful or unsuccessful were they?