Slashdot Mirror

← Back to Stories (view on slashdot.org)

Canada's 'Super Secret Spy Agency' Is Releasing a Malware-Fighting Tool To the Public (www.cbc.ca)

Posted by msmash on from the for-the-greater-good dept.

Matthew Braga, reporting for CBC News: Canada's electronic spy agency says it is taking the "unprecedented step" of releasing one of its own cyber defence tools to the public, in a bid to help companies and organizations better defend their computers and networks against malicious threats. The Communications Security Establishment (CSE) rarely goes into detail about its activities -- both offensive and defensive -- and much of what is known about the agency's activities have come from leaked documents obtained by U.S. National Security Agency whistleblower Edward Snowden and published in recent years. But as of late, CSE has acknowledged it needs to do a better job of explaining to Canadians exactly what it does. Today, it is pulling back the curtain on an open-source malware analysis tool called Assemblyline that CSE says is used to protect the Canadian government's sprawling infrastructure each day. "It's a tool that helps our analysts know what to look at, because it's overwhelming for the number of people we have to be able to protect things," Scott Jones, who heads the agency's IT security efforts, said in an interview with CBC News. On the one hand, open sourcing Assemblyline's code is a savvy act of public relations, and Jones readily admits the agency is trying to shed its "super secret spy agency" reputation in the interest of greater transparency.

66 comments

  1. A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0, Funny

    This looks like it could be a really cool and useful application of the Rust programming language. Rust sounds like just the kind of secure-by-default language to use for writing security software.

    1. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 2, Funny

      Unfortunately the Rust Organization just disbanded after learning that one of the co-founders was a white male. The remaining members were airlifted to a safe space at their local hospital but they may never be able to work on programming languages again.

    2. Re:A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      *barf*

    3. Re:A cool application of the Rust prog lang! by alexo · · Score: 1

      Except that it was written in Python.

    4. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      The gp comment doesn't say this particular software is written in Rust. It just points out that creating this type of software could be a good situation to use Rust in. You need to work on your reading comprehension!

    5. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 1

      they may never be able to work on programming languages again

      All is well that ends well.

    6. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      Unfortunately the Rust Organization just disbanded after learning that one of the co-founders was a white male.

      Boy you white males don't like it so much when your built-in advantages start crumbling and backfiring. How does it feel to be treated unfairly?

    7. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 1

      How does it feel to be treated unfairly?

      We're used to it. We shrug it off, improve ourselves, and step back into the arena!

    8. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      *bwah*bwah**bwah*bwah**bwah*bwah**bwah*bwah**bwah*bwah**bwah*bwah*
      *Shields Up* Republican Hater Detected. Evacuate to Safe Space, drop assortment of rifles and ammo to distract

    9. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      lol, shrug it off indeed.. because it is literally that easy when the entire society is built up in support of white people *can confirm, am white male*

    10. Re:A cool application of the Rust prog lang! by mnemotronic · · Score: 1

      ... it was written in Python

      Python just means there is an unlimited potential for improvement. Maybe the Rusty OP was considering a Rust rewrite.

      --
      The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
    11. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      lol, shrug it off indeed.. because it is literally that easy when the entire society is built up in support of white people *can confirm, am white male*

      Those of us riding the Asian and Nigerian privilege trains laugh at your pitiful "white privilege."
       

    12. Re: A cool application of the Rust prog lang! by Anonymous Coward · · Score: 0

      The liberal welfare polices have done more to destroy the black family(this was 100% by design) unit in poor neighborhoods than crack.
      People raised with a mother and father normally don't think using or slinging crack is a good idea.
      Get off the liberal welfare plantation it is destroying your culture.

      Just a privileged broke white guy's view

  2. The meat by Anonymous Coward · · Score: 0

    Here is the bits that matter, the source.
    https://bitbucket.org/cse-asse...

  3. Terribly sorry. by PsychoSlashDot · · Score: 5, Funny

    As a Canadian, I'd just like to apologize for this.

    Wait. We didn't do anything wrong?

    I'd still like to apologize.

    --
    "Oh no... he found the .sig setting."
    1. Re:Terribly sorry. by beckett · · Score: 1

      sorry

    2. Re:Terribly sorry. by Anonymous Coward · · Score: 0

      As a fellow Canadian, I would like to thank you for your apology.

    3. Re:Terribly sorry. by h33t+l4x0r · · Score: 2

      We all know Canada only does nice things like this to make other countries look bad. Not cool, Canada.

    4. Re:Terribly sorry. by BitterOak · · Score: 1

      As a Canadian, I'd just like to apologize for this.

      As a Canadian, I'd also like to apologize while acknowledging that I am apologizing on land that was once owned by the Huron and Algonquin First Nations.

      --
      If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
    5. Re: Terribly sorry. by Anonymous Coward · · Score: 0

      A simple "eh" would do.

    6. Re: Terribly sorry. by Anonymous Coward · · Score: 0

      The beaver was there long before. I acknowledge the flipper-tailed, buck-tooth little bastards too.

    7. Re:Terribly sorry. by DontBeAMoran · · Score: 2

      We apologize for the fault in the apologies. Those responsible have been sacked.

      --
      #DeleteFacebook
    8. Re:Terribly sorry. by Baron_Yam · · Score: 0

      I can't wait for the current white guilt dad to pass. My kids are getting more native propaganda than actual useful instruction in school right now. Because all the problems with the treaties and reservation system will all be resolved if we just brainwash the white kids enough...

    9. Re:Terribly sorry. by Baron_Yam · · Score: 1

      Err... 'fad', not 'dad'. Posted from my phone and 'helped' by iOS autocorrect.

    10. Re:Terribly sorry. by Anonymous Coward · · Score: 0

      Huron and Algonquin First Nations aren't "first" nations. They ate the nations before them, who ate the nations before them.

      'All those Mesoamerican temple pyramids archaeologists so love? They were built for human heart chow downs and long afternoons of decapitating, not for spelling bees. The "first nations" of Canada had a penchant for de-skinning and removing the top of skulls. Why are Mohawks "warriors"? Because they fought wars .. duh .. and the nations of the Americas had been warring and killing murdering and torturing and human sacrificing and cannibalizing for eons. So while there are some wonderful things that went on among the these nations in the Americas, and some wonderful culture, it wasn't the Shangri-La the alt+Left would have you believe it was.

    11. Re:Terribly sorry. by davester666 · · Score: 2

      Yeah, there were certainly no white tribes that would go around raping and pillaging neighboring villages, killing and/or making slaves of everyone. And we definitely always treated Native American's with respect and kept our word and our treaty responsibilities with them.

      --
      Sleep your way to a whiter smile...date a dentist!
    12. Re:Terribly sorry. by aevan · · Score: 0

      The difference is has anyone ever pretended the old europeans were anything but warmongers? Knights, vikings, centurions, hoplites, Crusades II+, etc. The blood spilt is acknowledge and in arts 'celebrated'.

      Contrast this with the bullshittery of the 'noble defenceless tribes, that came with open arms and were betrayed, for they had no concepts of lying, violence, or theft'. You can make an HBO series of Viking Butchery, but try and make an accurate series about pre-whiteman Americas and see if there isn't some outrage. Amusingly, I only hear the denials from white people, the 'natives' I know eyeroll at it.*

      Caveat: not saying the Canadian government hasn't fucked them over in the past - they have, harshly. I'm saying it wasn't the land of hippies certain people try to pretend they were.

    13. Re:Terribly sorry. by Anonymous Coward · · Score: 0

      Apology accepted. Now about clubbing those baby seals... You've got to get some white men involved!

    14. Re:Terribly sorry. by Anonymous Coward · · Score: 0

      My only issue with that was if you are going to make a living off an animal at least kill it humanly and leave enough for the species to grow or maintain it's numbers.

  4. Exactly what it does? by AHuxley · · Score: 1, Flamebait

    Collect it all.
    Share with other 5 eye nations. https://en.wikipedia.org/wiki/...

    --
    Domestic spying is now "Benign Information Gathering"
    1. Re:Exactly what it does? by o_ferguson · · Score: 1

      Yeah, it's much more likely they've infected some of the more popular OSS compilers for this lang and the point of this op is to encourage more cheap people to use those...

      --
      - In Soviet Korea, only old people loose all their bases to Natalie Portman's petrified hot grits overlords.
    2. Re:Exactly what it does? by AHuxley · · Score: 1

      AC the raison d'etre for 5 eye nations is to collect it all. The big pool of global collection thats shared within 5 eye nations.
      Any efforts at outreach is just for a good news story. Free code, how trendy.
      An esprit de corps with the open source community to ensure collect it all can work at peak efficiency.

      --
      Domestic spying is now "Benign Information Gathering"
  5. huh by Anonymous Coward · · Score: 0

    We have spies ? LOL

    1. Re:huh by Anonymous+Cashews · · Score: 0

      You have a marketing department that exposed Canada's "super secret spy agency" by releasing a product to the general public. Next time don't hire ex-CIA agents.

  6. Reveaking your 'secret weapon' by Rick+Schumann · · Score: 1

    By releasing this to the general public, aren't they just inviting malware authors to reverse-engineer it, so they can write malware that does an end-run around it?

    1. Re:Reveaking your 'secret weapon' by Desler · · Score: 2

      Why would they need to reverse engineer it when they have the code? Secondly, yes it might but at the same time that will help improve the tool.

    2. Re:Reveaking your 'secret weapon' by o_ferguson · · Score: 2

      For the same reason you need to reverse-engineer a competitor's engine even if they give you a complete working one. Just because you don't need to crack it to expose the code, that doesn't mean you understand why it works for free.

      --
      - In Soviet Korea, only old people loose all their bases to Natalie Portman's petrified hot grits overlords.
    3. Re:Reveaking your 'secret weapon' by Anonymous Coward · · Score: 1

      Because it obviously means that this tool is no longer useful to them and that they have something better now?
      Otherwise they are really dumb.

  7. the kaspersky tool by behrooz0az · · Score: 1
    It's @ https://bitbucket.org/cse-asse...

    'Execution'
    The service uses our generic icap interface to send files to the proxy server for analysis and report the results back to the user.

    So, does this mean I hack myself by the russians everytime I use it?

    --
    Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
  8. So what does it DO? by nuckfuts · · Score: 3, Informative

    From the article:

    "Assemblyline is described by CSE as akin to a conveyor belt: files go in, and a handful of small helper applications automatically comb through each one in search of malicious clues. On the way out, every file is given a score, which lets analysts sort old, familiar threats from the new and novel attacks that typically require a closer, more manual approach to analysis".

    1. Re:So what does it DO? by zlives · · Score: 1

      also does some one have a working tool setup where i can test some files through

    2. Re:So what does it DO? by nuckfuts · · Score: 1

      also does some one have a working tool setup where i can test some files through

      Or at least some instructions on how to compile it.

    3. Re:So what does it DO? by kiviQr · · Score: 1

      It sounds like files are distributed across all software equally - so each government agency can get their own copy?

    4. Re:So what does it DO? by jeffasselin · · Score: 4, Informative

      Easy to follow instructions to deploy it:

      https://bitbucket.org/cse-asse...

      Reference manual in PDF:

      https://bitbucket.org/cse-asse...

      --
      If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
  9. First two agents of the CSE were by Anonymous Coward · · Score: 0

    Big Jim McBob and Billy Sol Hurok.

    1. Re:First two agents of the CSE were by boudie2 · · Score: 1

      Blowed up real good!

  10. Remove other agency's malware, insert Canadian mal by Anonymous Coward · · Score: 0

    Like I'm going to trust you. . .

  11. Uh by Anonymous Coward · · Score: 0

    Stuff's about to get 'heavy'!

  12. At least I know the tool works. by Anonymous Coward · · Score: 0

    I ran Windows 10 through it, and most of the files were flagged as viruses.

  13. Gotta Catch Em All by Anonymous Coward · · Score: 0

    git clone https://bitbucket.org/cse-assemblyline/al_ui.git
    git clone https://bitbucket.org/cse-assemblyline/assemblyline.git
    git clone https://bitbucket.org/cse-assemblyline/cart.git
    git clone https://bitbucket.org/cse-assemblyline/assemblyline_client.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_yara.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_virustotal_static.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_virustotal_dynamic.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_unpacker.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_torrentslicer.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_tagcheck.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_sync.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_symantec.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_swiffer.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_suricata.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_sigcheck.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_pefile.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_peepdf.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_pdfid.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_oletools.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_nsrl.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_metapeek.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_metadefender.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_mcafee.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_kaspersky.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_fsecure.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_frankenstrings.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_extract.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_espresso.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_cuckoo.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_crowbar.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_configdecoder.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_cleaver.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_characterize.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_cfmd.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_bitdefender.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_binja.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_beaver.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_avg.git
    git clone https://bitbucket.org/cse-assemblyline/alsvc_apkaye.git

  14. PR stunt by Anonymous Coward · · Score: 0

    These agencies have proven they cannot even keep their own tools secret when they want to. Wikileaks exposed the tools of the CIA in Vault7. If the CIA cannot even protect its tools, odds are the Canadian intelligence agencies also cannot. Maybe they think they are getting ahead of the curve by doing it themselves, making this a big PR stunt. The real question we all have to ask is, if these agencies are unable to protect themselves from leakers and hackers, what makes them think they can protect our data?

    1. Re:PR stunt by Anonymous Coward · · Score: 0

      If the CIA cannot even protect its tools, odds are the Canadian intelligence agencies also cannot.

      Never taken statistics, eh?

  15. Danger Will Robinson by Anonymous Coward · · Score: 0

    Before I got anywhere near this, I would want to get the source from a place like Github, and comb through the code, looking carefully for backdoors. The NSA used to have a project called 'security enhanced linux' which was based on the FLASK system security protocol. The site to get SEL was embedded with cookies that would attempt to read all and sundry from you webserver (chrome/firefox/ie) cache. The mandate of the 5 eyes agency is total information awareness. I would vet heavily the source code before thinking about using it.

  16. In related news by Anonymous Coward · · Score: 0

    The NSA has released a downloadable tool to ensure your privacy.

    1. Re:In related news by TheCycoONE · · Score: 1

      SELinux?

  17. triggered by Anonymous Coward · · Score: 0

    "dad" was right the first time round

  18. straw man by Anonymous Coward · · Score: 0

    the land of hippies certain people try to pretend they were

    No "people" say that. Cite me one that comes even close

    1. Re:straw man by aevan · · Score: 1

      "Though these early travels expanded the realm of European exploration, to many they also marked a time that forever changed the world for the indigenous peoples of North America. Previously unseen disease, devastation, and violence were introduced to their lives ".

      Apparently the Yanomami (to use just one) were pacifists, it's all on Columbus now.

    2. Re:straw man by Anonymous Coward · · Score: 0

      And yes, Yanomami were SOUTH america. But it's not like there weren't tribes wiping out tribes, or mass graves of dismembered corpses found up North either.

    3. Re:straw man by davester666 · · Score: 1

      key phrase: "previously unseen"

      they had seen some diseases, but Europeans brought over new diseases
      they had seen some devastation, but Europeans showed them real devastation
      they had seen some violence, but Europeans brought it to a whole new level. For example, it's one thing to shoot at each other with spears and bow&arrow, it's quite another to mow down everyone in an area with a gatling gun.

      --
      Sleep your way to a whiter smile...date a dentist!
    4. Re:straw man by Anonymous Coward · · Score: 0

      Columbus had gatling guns? Hold the phone ya'll the thanksgiving day play just got a whole heck of a lot more interesting!

    5. Re:straw man by Anonymous Coward · · Score: 0

      This Idea that Natives never fought and killed each other is a laughable some were very aggressive other not.
      Humans fight for resources always have just cause hating your culture is cool does not change human nature.
      If native Americans are infallible why do they run their own tribes so fucking badly in Canada they get huge sums of money and the chiefs and ex chiefs get nearly all of it while people live in poverty.