Group Linked To NSA Spy Leaks Threatens Sale of New Tech Secrets

Hacker group Shadow Brokers, which has taken credit for leaking NSA cyber spying tools -- including ones used in the WannaCry global ransomware attack -- has said it plans to sell code that can be used to hack into the world's most used computers, software and phones. From a report on Reuters: Using trademark garbled English, the Shadow Brokers group said in an online statement that, from June, it will begin releasing software to anyone willing to pay for access to some of the tech world's biggest commercial secrets. In the blog post, the group said it was setting up a "monthly data dump" and that it could offer tools to break into web browsers, network routers, phone handsets, plus newer exploits for Windows 10 and data stolen from central banks. It said it was set to sell access to previously undisclosed vulnerabilities, known as zero-days, that could be used to attack Microsoft's latest software system, Windows 10. The post did not identify other products by name. It also threatened to dump data from banks using the SWIFT international money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programs, without providing further details.

Re:Trolling or stupid?

[mfh]

Either they aren't thinking this through or they are shills for some government to give them an excuse for another scorched earth policy.

Computers can be made secure most of the time with a little anti-stupidity. Firefox/netflix stops 99.999% of malware unless you whitelist some EvilWebsite. Don't open forwarded emails from your computer-challenged friends & family members.

Sure there are some nasty exploits on almost every platform but most of them require a javascript call to execute or some poor sap to open an attachment and run it.

Re:Trolling or stupid?

The NSA knows what the Shadow Brokers have (basically, everything the NSA has). The NSA knows how much damage they can do. Further, the NSA, and ONLY the NSA, are in a position to disclose the remaining weaponized vulnerabilities to Microsoft, to get them fixed, and protect the rest of us from harm.

It's beautiful, you see. The NSA MUST voluntarily surrender the weapons that they have been sitting on, or they will be directly responsible for the use of those weapons against us. And this time, there is no head start...if the NSA doesn't disclose them, Microsoft can't fix them, and the ensuing hacks will make WannaCry look like a preshock.

Re:Trolling or stupid?

[TWX]

One of the things that has bothered me about computing developments over the last 20 or so years is that the push for easier and easier UI should have ended about fifteen years ago, and when the realization that an ever-increasingly-connected Internet was to be the future, the focus should have shifted away from UI and to backend security and testing of software products and protocols. Unfortunately that stuff isn't visual, so it's hard to sell a user on a new version of Windows without changing the look.

In my opinion GUI development peaked sometime around 1996 or 1997. Windows 95 OSR2 with IE4 debuted and integrated the web browser into the filesystem shell in a way that's basically the same as it is today, and most of the elements in Windows that we're used to were implemented. In XWindows the most important elements of each major windowmanager project had been created. Only lagging was Apple, OSX wouldn't debut for another four or five years, but again, there were UI elements similar to Microsoft's or to Common Desktop Environment (CDE) or to KDE, so there wasn't a whole lot that was truly new, and a lot of the OS was borrowed from its predecessor NeXT anyway.

Sure they've changed the colors, they've shifted back and forth between 3D-looking window frames and icons and 2D-looking window frames and icons, and they rearrange the look of the dialogue boxes or replace the Start Menu with a new menu, but the just seem to be reinventing the wheel, not actually creating anything new. But they aren't focusing on security like they should be either, even though with the UI nailed-down they really should be.