Slashdot Mirror


User: AHuxley

AHuxley's activity in the archive.

Stories
0
Comments
11,974
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,974

  1. Re:History Lesson:German occupation of Czechoslova on Russians Take Ukraine's Last Land Base In Crimea · · Score: 1

    Bay of pigs?
    "Covert United States foreign regime change actions"
    http://en.wikipedia.org/wiki/C...
    The USA usual backs some band of freedom fighters, military staff or political leader until they win.

  2. Re:Entertaining quote on NSA Hacked Huawei, Stole Source Code · · Score: 1

    You would think the Russian advisors would have warned them about complex US hardware and software exported via no questions asked US front companies :)

  3. Re:Entertaining quote on NSA Hacked Huawei, Stole Source Code · · Score: 1

    Thats the big question - how did the NSA get in...
    China faced years of efforts from the USA, UK and Soviet Union to try and understand its nuclear tests and later rapid mil advances via help from diverse private EU/US/Canadian contractors.
    China knew every longer range radio transmission of any kind was been saved by sites in surrounding nations and via sat efforts.
    China knew to harden all communications surrounding is nuclear tests.
    i.e. British sigint in Hong Kong was a massive undertaking even with the 1997 handover (Chung Hom Kok/Demos-I), later moved to Australia.
    China was well aware of the efforts going back decades and the constant signals attention their embassies got.
    So for the NSA just to get into some "email archive" seems a bit too lucky both from a networking aspect in China or what China expects to flow in from outside networks.
    i.e. staff been turned or hardware changes vs accessing a network all the way in and out to move the data?

  4. Re:Retaliation is fair game on NSA Hacked Huawei, Stole Source Code · · Score: 2

    Why was "military stuff" near any vast fast public networks? What contractor or gov worker would connect a site, factory, base, supply system to a public network for anyone to 'try' for from some competing or hostile distant nation? Thats why most wealthy nations had dedicated hardened networks and very skilled staff. Only poor nations used their own low quality civilian like telco systems for encoded mill use.
    i.e. you get into a typing pool or low security mil network or its a massive well crafted honeypot.
    i.e. after the first few attempts by other nations to 'look' at the more secret networks - would steps be taken to remove or not connect military stuff from easy public networks with suspect international access?
    If the US was so good on the offensive part as we are now understanding via whistleblowers and the US press the hardened/secure parts would have been as impressive over decades?
    So expect the stories of mass 'military stuff' been lost via huge open fast public networks interfacing with fast not secure mil networks to be propaganda, a domestic recruiting tool (get a smart well paying mil job to help save the nations networks), extra funding stories of local political leaders (boondoggles) or junk science that could be lost with no risk.
    The US had a total mastery of getting into other nations networks globally but much less understanding in not connecting its own real data to the same fast open junk public/academic/telco networks?
    Expect honeypots, ended projects, altered work and disinformation to have been found at the end of most "hacking military stuff" - good enough to keep another nation best occupied/spending for years and follow back the hackers networks but not anything too useful.

  5. Re:NSA validated in their concerns? on NSA Hacked Huawei, Stole Source Code · · Score: 1

    More like the NSA did not want kit on the open market that was not as easy as US and EU products for next gen DISCOROUTE, QUANTUM like options.
    "NSA targets sysadmin personal accounts to exploit networks" (March 21, 2014)
    http://www.zdnet.com/nsa-targe...
    i.e. a long list of ways in shared with 5+ other nations, their contractors, ex staff, former staff.
    Anyone able to afford contractors, ex staff, former staff for the methods gets in too :)
    Thats the problem with weak global security in any networking product - too many people know too much via gov and contracting work over the installed lifetime of any telco product.

  6. Learning from the past on Scientists Publish Letter Saying, "We Need More Scientific Mavericks" · · Score: 2

    When was US science great?
    1920's? 1930's? 1950's? 1960's?
    Over every decade stories can be found to show amazing advancements by skilled US scientists working alone or as part of their employment.
    You also see great slowness, monopolies, cartels, red tape, lack of basic funding stopping the advancement on evolutionary or revolutionary ideas or just not keeping up.
    Retooling was no fun and the contracts where politically safe.
    From early radar, jet engines, guidance systems, computing, cryptography, heavy engineering the US was often playing catch up to under funded experts in other countries or new ideas within the USA.
    The massive jump seems to have been 1940's 50's funding of science and education with an influx of German 'experts' and other experts post WW2. That allowed the US to jump ahead and keep the skills going thanks to very well educated later generations. Constant educational testing guided wealthy and poor college scholarships students to the military industrial complex public and private mil,gov sector opportunities.
    A huge supply of US raw material, smart US staff, support of new ideas and never ending US contracts or gov funding. Science was very safe and US education was well looked after.
    The propaganda value of the US been open for diverse arts, all science and religion was also well presented into the early 1990's.
    The magic of jobs for life and never ending science boondoggles stops when the private sectors finds it can use a 100% US front company with a long just in time supply line to other cheap parts of the world. Same end price and maintenance contract, lower production costs. The product is still the same, the US design is secure but fewer costly US jobs and less need for funding for science at the mid and low end.
    Over generations the lack of gov funding finally becomes apparent to the wider US science community.
    The science is now in the magic of gov paper work to ensure a 100% US front company gets the next contract, not in the actual made in the USA part.
    As long as the skill set exists to design and work on any given mil product over its life is ensured, everything else science related can be slowly defunded.

  7. Re:So they are just incompetent? on Officials: NSA's PRISM Targets Email Addresses, Not Keywords · · Score: 1

    Re just get "Just get warrants and get the data from the user's ISP" and "codename of the system that does"
    Lets say you have members of the US press finding/requesting/sorting/working on/publishing using freedom of information documents, interviews, other documents open to the public...
    You cant get a warrant just because the US press is been too smart and working too hard.
    For that you need something classic like FIRST FRUITS
    http://cryptome.org/nsa-heroes... ".....maintains a database that tracks unofficial and negative articles written about the agency"
    So think in terms compartmentalization over decades spread over many different systems, funding is shared, with complex origins in past domestic and foreign hardware and software ideas.

  8. Fishing for IM as an email request? on Judge Tells Feds To Be More Specific About Email Search Warrants · · Score: 1

    Hoping that an email request will be seen by a provider as all data surrounding that account i.e. email, IM and other computer related tasks?
    Great to see the US legal system noting that a vast set of historic data, complex links to other users exists beyond just a classic email accounts data.

  9. The US did not want to see expensive US equipment mandated-by-US laws been frozen out of international markets with new US only costs.
    With some effort the US ensured other telcos would upgrade to equipment of a US interception standard as part of the law enforcement laws/letter/understanding/trade deals.
    No US telco exporter left behind.
    Junk encryption for many telcos, their govs, the US gov, fun for ex staff, other nations spies, criminals with cash from the mid 1990's on :)

  10. From a constitutional standpoint: on NSA Can Retrieve, Replay All Phone Calls From a Country From the Past 30 Days · · Score: 1

    You are fully protected in the USA.
    No color of law, amended law, paragraph, subsection, clause, letter, finding, order, secret order, contract, legal sock puppet, amendment or press talking points can legally get around the Fourth Amendment.
    Good US legal teams have been working hard on this in open court :)
    http://www.freedomwatchusa.org...
    The real fun starts with the next gen technical and legal vision of: 30 days becomes 30 months then 30 years then a lifetime of digital recall before sealed US courts.

  11. Why you need friends on NSA Can Retrieve, Replay All Phone Calls From a Country From the Past 30 Days · · Score: 1

    The need or want the cooperation makes fixing local splitting sites at national exchanges easy.
    Cleared US staff can move in and out guided in by chosen locals to ensure any upgrades or changes do not halt US data collection.
    Infiltrate the communications infrastructure of the world gets tricky due to upgrades, skilled local staff who are not aware of their countries tap points finding sites, rooms and then asking questions.
    Much better for the NSA to work with top locals, have them tell all staff that a site is for their own national security, law enfacement and read in a few top staff about all data flowing to the USA.

  12. Entire communications infrastructure on NSA Can Retrieve, Replay All Phone Calls From a Country From the Past 30 Days · · Score: 1

    Is really the key idea. From the old cold war NATO access in countries, shared facilities and generations of helpful local staff. Add in the new NATO countries, Asia, South America, Africa - somewhere cheap new communications loops will have a US or US friendly site to tap.
    Nations get cheap deals to replace ageing telco tech thats US price peering friendly and very NSA friendly.
    Cooperation of the target country can be one site with the skilled locals thinking its their own govs efforts.
    Cooperation of the target a few surrounding nations can be sites with the skilled locals thinking its their own govs efforts.
    As long as the NSA can have a site thats physically near some trunk line and political cover from the host nations gov.
    http://cryptome.org/2014/03/ns... has the hint :
    Few staff know, long term, local and other nations get US export grade mil tech as a swap.
    Its ECHELON for web 2.0 and the ability to fake a host, break junk standard web encryption and a few other methods.

  13. Re:Plausible deniability on Aussie Attorney General's War On Encrypted Web Services · · Score: 1

    Re one-off sentence protections may not be the same in some countries :
    ASIO in Australia did try a vision of a law to get people detained for seven days, after 7 days you could be re arrested on another new warrant. As long as the security cleared paperwork was in on time, that new 7 day effort would have never been reviewed per person. A construct of hidden 7 day arrests could be used via a flow of multiple warrants.
    So the repeated re arrest option is interesting due to that lack of legal contact over days, weeks, months... every time you are arrested on release you are a new suspect with most rights been unavailable for the next seven days. After seven days a case is expected to be ready (and you get a lawyer) or you are released but if you never make it out of the detention room before re arrest...

  14. Re:How is that supposed to work on Aussie Attorney General's War On Encrypted Web Services · · Score: 1

    It would depend where and how the VPN is found in the wild.
    10 people using IRC, 5 on VPN, 5 on TOR.
    Police can get someone suggesting the others use VPN based in EU?US?UK to stay a member... i.e. that one firm of a list of VPN providers is the only way to be secure.
    Overtime Australian police can get to any Western VPN firm and get evidence on more people as they use their real details/ip or become comfortable and let more trackable aspects slip.
    A firm which communicates with VPN (any Australian connections) would be a plaything of the NSA, Australian Signals Directorate (ASD) and their international crypto friends - crypto and IP changing is useless, expensive and giving a false feeling of security.
    If your firm becomes more interesting to Australia you face the Australian Secret Intelligence Service (~BND/CIA) and SAS like teams (special forces) - they will sneak into your firm- digitally or physically if really needed.
    Australia has a lot of people moving around the world - tourists, people visiting the home country, students or smart people wanting to earn more-friendly, happy, boring and harmless. Australia kept the human side of its clandestine services intact and they blend in perfectly unlike a few other nations efforts.

  15. Re:Knee jerk on Aussie Attorney General's War On Encrypted Web Services · · Score: 1

    They hope to get another aspect to rollover - the needed clean people that can move funds around the world who never asked real questions about amounts, origin, destination.
    Will it work? It has been tried in the UK and the justice system leaked before many big cases could gain traction. The top police then spend more time hunting in their own ranks, the press and within the legal system for who leaked. Then the funding runs out or investigations just stop :)

  16. Re:Snowden on Aussie Attorney General's War On Encrypted Web Services · · Score: 1

    Australia has had a long like for this legal idea. If you cant catch the person, make sure they help catch themselves later.
    In the past it was known as verballing - after a long "interview" you where happy to sign "your" confession.
    Your lawyer would be up against the trust and charm of the police vs the guilty person who had signed a detailed confession.
    This method worked very well in Australia until video and audio recording during interviews was established after law reforms.
    This is a return to the easy policing of the 1970's backed by the contractor spying programs of the web 2.0 age.
    Demand a lawyer :)

  17. Re:Plausible deniability on Aussie Attorney General's War On Encrypted Web Services · · Score: 1

    Re You could claim whatever you like, it wouldn't stop the police keeping you in a small windowless room until they heard what they wanted to hear.
    The view of laws like this is to have a paragraph to get anyone without the need for complex key loggers, OS dependant malware, ongoing law enforcement infiltration to recover/enter/decrypt and then build a case.
    You will hand over the needed information or face a prison term unconnected to any more information found or not found.
    Better to be the first to 'help' vs risking later charges if 'decoded' in later investigations.
    Once handed over, law enforcement can become you, your forum, irc, web 2.0, banking - everything you where digitally to build further cases.
    Where does this fit in with the role of Australian law enforcement? A rapid need for infiltration on the digital edges of vast crime networks.
    Australia hopes to get to the people who make big crime work at an international level by getting to their bankers, lawyers as the cash moves.
    The way around this is to trust your family, gang, tribe, faith/cult, city, province and never allow too many outsiders in ;)

  18. Re:Why not do something constructive? on A Look at the NSA's Most Powerful Internet Attack Tool · · Score: 1

    Its one global network and the same staff on two very different missions. One to use the botnets to reach out and own computers with and one to protect from often the same botnets.
    The US faced the questions in the 1930's with the Army and Navy working on codes (mostly from Japan) - on the same codes with very few US experts ie duplication..
    If the using of the botnets is given to another agency via CIA ....
    If protecting from the botnets is given to another agency via FBI ....
    The other aspect is knowing whats been used in real time and should be left alone as a honeytrap, junk crypto or other operation vs been shown to the press as been shut down or application bugs fixed
    The power to vote/suggest/start offensive cyber operations globally is also very much in play vs just been asked for tech help.
    Now mix in contractors and politics too :)

  19. Re:I wonder on A Look at the NSA's Most Powerful Internet Attack Tool · · Score: 1

    It depends on the country, the mil junta, the party, the telco and the staff.
    Did the connection to the NSA start with 1960's tech? The 1990's optical? Thats a lot of local staff over generations to read into looking after a lot of 'secret' rooms with copper or less with optical.
    What did the local the mil junta, the party, the telco and the staff get back or was the cover story top down from a trusted local leader?
    Some top gov official tells all the telco staff thats its their nations splitter and not to ask questions - that would cover most questions and access.
    The problem is now that next gen local political leader, other members of the mil and opposition parties know their nations crypto, mil, banking and press are at risk .
    Sooner or later changes might have a domestic intelligence group questioning top telco and mil leaders about the selling out of their nations communications to 5+++ other nations over years or decades.
    That link goes to some base, listening station vs a shared facility is really the cover story that has to be kept.... many would trust that information and know never to ask more.
    The other aspect is testing of staff until they are ok with selling out of their nations communications to 5+++ other nations/faiths/cults/mil/ex staff for hire/press/other spies.
    A positive reading in of local staff that spying is great for their nation due to the mil/telco tech thats now shared.

  20. Re:wouldn't it be cheaper on How the NSA Plans To Infect 'Millions' of Computers With Malware · · Score: 1

    An existing botnet army could have a few state and federal informants in its upper levels. Court cases, legal teams on both sides, political leaders and law enforcement press contact can let interesting details become public for many different reasons over time. From state/federal funding, to a job well done, to entrapment, issues with fame, methods, been seeing doing something with hi tech...

  21. Re:How to do this on How the NSA Plans To Infect 'Millions' of Computers With Malware · · Score: 1

    Depends on the funds and creativity of the staff and support they get.
    At a gov level: if you have an embassy revert to onetime pads and physical diplomatic bag/pouch. Make sure your staff understand the country they are working in - stop all political appointees for embassy staff - they are useless, the locals dislike them and don't reflect well on the embassy and its efforts.
    No fancy encryption fax machines, next gen encryption phones or tested encryption computers for fast "important" chats or documents.
    Remember if one nation can read your communications, their intelligence service might have staff with different faiths, in cults, varied politics i.e. a few other nations might get the your communications too :)
    If your a company - make sure your staff travel with clean hardware that never get back to the company after that one trip.
    If your writing some form of memoir find a good typewriter.

  22. Re:Go big or go home on How the NSA Plans To Infect 'Millions' of Computers With Malware · · Score: 1

    The method worked for tested encryption machines for embassies around the world, telcos helped for years without the press or staff really knowing too much... whats a few bugs in closed or open source code - reviews by people with great skills will find it all over time.
    Think of all the domestic and international offices, embassies, banks, govs, telcos, firms, brands, NGO's, police forces, armies, secretaries.. spreadsheets, crypto that has been sold or given as aid or for cooperation that provides a way in over decades.
    Spread wide and have a way in and out as needed i.e. the " installer" is the OS, the daily productivity applications, networking software.
    Why social engineer one firm when you can get a nations firms to install and update mandated junk encryption or OS or applications. Exchanges get an amazing digital upgrade with cheap international peering not national telco can resist...
    So many ways in, so few skilled experts per nation wondering why its all so cheap and they cant test it...

  23. Re:Are the encryption keys for rpms and debs safe? on How the NSA Plans To Infect 'Millions' of Computers With Malware · · Score: 1

    Its as safe as encryption hardware was in the 1950-80's or as good as encryption standards where till 2014....
    With the lists of weak software encryption, junk hardware, telcos splitting - just another way in?

  24. Re:So now we now the NSA's plans for growth... on How the NSA Plans To Infect 'Millions' of Computers With Malware · · Score: 1

    You would need the skills to find the malware, note the ip/systems it reports back and have a history of finding gov backed malware efforts (made by gov or their favoured contractors).
    Some Russian firms have a great track record of finding varied gov backed malware deep in computer systems around the world and then telling the world of their findings.
    US software groups doing the same work might face the reality of national security letters, sealed courts or a gov chat.
    Recall the Magic Lantern, Carnivore and antivirus vendor efforts http://en.wikipedia.org/wiki/M... in the news years ago

  25. Re:Turf war (food fight!) on CIA Accused: Sen. Feinstein Sees Torture Probe Meddling · · Score: 1

    US cryto has had a long and strange history. From a low point in the 1920-30's with funding, massive Army and Navy duplication in code breaking, playing catch up trying to understand Germany and Japan in ww2.
    Korea was a another few years re learning basic interception and plotting (ie having to be helped by the GCHQ/UK).
    Near the end of Vietnam some real amazing efforts in interception, understanding and plotting Soviet tech in Asia seemed to finally be ready.
    Most of the NSA efforts seem to be around selling/setting junk crypto hardware/software standards for decades or listening to the Soviet Union.
    The CIA did great with its overfights and digging under embassy telco efforts.
    As for the post cold war turf war - the NSA seemed to want a real vote on many issues rather than been called in as tech experts when needed. Offensive operations on the NSA terms vs helping the CIA when requested..
    As for the CIA and interrogation reports:
    Whats left will tell of the use of foreign nationals, dual nationals and US contractors, gov workers... medical and legal professionals.
    ie the correct use of US gov experts from the FBI or try other methods in other parts of the world with other expensive contract staff or staff with ideas....
    International conventions and professional standards... its all going to make the US press.
    It really depends how many files where kept.