NSA's TURBINE robot can pump 'malware into MILLIONS of PCs' The latest batch of top-secret intelligence documents from the hoard collected by NSA whistleblower Edward Snowden detail the massive increase in the agency's use of its Tailored Access Operations (TAO) hacking unit – including a system dubbed TURBINE that can spam out millions of pieces of sophisticated malware at a time. The …
http://www.dutchnews.nl/news/archives/2014/03/dutch_security_services_do_bre.php
"Dutch security services do break law on intercepting phone traffic"
it seems the NL intel Agencies oversight panel have found disproportionate overcollecting issues, viz: "security services regulator CTIVD said security service agents do sometimes set taps without permission from the minister as required by law. They also hack into accounts without asking for permission."
So, happily, there is at least a debate in NL over the level of overcollecting, although the 89 page regulator report doesn't yet clarify how to deal with the NL Agencies overcollecting on Website Forums (like presumably here) and overcollecting other Social Media.
I wonder why he listed Germany first. All I know about is that federal trojan buisiness from a few years ago (2011). The German federal police apparently wanted to listen in to skype calls and since they couldn't just NSL Microsoft, they decided to circumvent encryption by installing trojans on suspects' computers. Ill advised for many reasons, but almost cute from a post-Snowden perspective.
You could do what I'm doing... starting a religion. My religion consists of the 4-B's... Babes, Beaches, Beer, and BBQ. The method to this madness is that when I get rendered to Gitmo and they have to "provide for my religion".. ahem... the 4-B's. I figure the Marine guard detachment will all be converts in 30 days.
"My religion consists of the 4-B's... Babes, Beaches, Beer, and BBQ"
Your interrogation regime* will therefore consist of Ann Widdecombe in a micro-bikini, serving you warm Kaliber lager and cold Linda MacCartney sausages on a replica of Blackpool seafront in November.
* Illegally renditioned UK citizens only. Feel free to substitute other methods where culturally appropriate.
My apologies forgetting BACON. I realize it is its own food group when done properly, like beer. Here in the States we don't have proper bacon just a facsimile. If a given rasher is 1 inch (2.54 cm or 25.4 mm) wide, most of it is fat with little lean. Which makes it suitable only for rendering grease for frying eggs or breakfast potatoes. Or.. if you're of the ilk, coating your bullets with the grease to ensure any terrorists you shoot won't get to heaven.
I was never here. I didn't read this. I am not a sysadmin. I don't control any routers. I have no influence over security.
Thank $Diety that I don't use Faceboo...just a second while I answer the door...
HEY, WAIT! I HAVE MY COPY OF THE CONSTITUTION RIGHT HERE AND MMPH MMMM MMMMPH MMMMPH MMMMMM!
As our esteemed Senator Diane Feinstein and her staff have discovered recently with the CIA, the Constitution of the United States has been reprinted on a roll of toilet paper and left to soak in the CIA/NSA/FBI/DHS toilet overnight to discourage unauthorized access.
But that's alright. They'll be eager to interpret it for you at your trial.
The Constitution of the United States is now a theological document - obsolete in language, used in vastlhy changed circumstances, and interpreted by whoever happens to be in power or has the best lobbyists.
The only real answer would be a complete rewrite, but where would you find the people to do it? The original was written by people with many axes to grind, but fortunately most of the axes were relatively harmless. It is hard to imagine the authors of a rewrite today being motivated by anything other than money, malice and special interests.
Mega biblion, says the Greek proverb, mega kakon. A great book is a great evil.
"Art Coviello calling for an international moratorium on attack code before the situation gets out of control"
Sorry to break it to you Mr. Coviello but it's already out of control.
What we need are not calls for the stable door to be bolted, but for you and others in a similar position to get off your backsides and start working out ways to beat these bastards or at the least make it so expensive that they become a little more discriminating on who they are digitally assaulting.
From your comment it would appear that you have not been keeping up with the news lately.
"or at the least make it so expensive that they become a little more discriminating on who they are digitally assaulting."
That doesn't work. They aren't the ones footing the bill, tax payers are. Not only that, but the tax payer's not allowed to ask what it's being spent on, so (s)he as no say in the matter.
They aren't the ones footing the bill, tax payers are
Naive. Taxpayers aren't "footing the bill" either. The national governments pay for their pet projects by expanding the money supply, pure and simple.
And it's likely that a very small portion of the intelligence budgets of the major industrialized nations leaves their respective countries, while a fair bit of money likely enters due to intelligence trade with assorted despots and other foreign parties. So on balance the economic activity due to the intelligence-industrial complex, in the US or similar states, is likely to benefit the populace, in a strictly monetary sense.
But the upshot is that, yes, monetary cost is not the way to create incentives against the intelligence industry. Unfortunately, nothing else looks like a particularly viable candidate either. It's likely to be around until the next civilization-destroying catastrophe. (When the next supervolcano goes boom or a decent-sized rock hits the planet, the NSA will be well-down on the list of things to worry about. Obnoxious as they are, and as much as I'd like to see civil rights restored, there's something to be said for having these sorts of problems.)
All these fancy names. Do they have a buzzword generator or something? Look if they want it "secret" something like "project 42" (kinda like "area 51") would be better.
Of course, the names might ALL refer to the same project, you never know.
As for financing the operation, maybe they used cryptolocker? Great slush fund generator (unfortunately at our expense!)
Scott McNealy was right!
Back in the 1700's, English ships were named for mythological characters. This was done by the First Lord who had book of mythology. He'd randomly open a page and point. The name nearest his finger became the name of the new ship. Military operations since WWII are usually just random words tossed together. I'm pretty sure this practice is still ongoing only computer generated?
That's it. They've openly declared war. Simon, I'm afraid it's time to release the PFY. Knock him out, get him into his orange jump suit and dump him along with a pry bar in an airduckt in Fort Meade. By the time he's figured out that he's not at LHC the "issue" should be solved.
"If government cyberattacks are normalized then the effects on the general public could be catastrophic, he noted, but there's no sign of a change of policy from the NSA."
Dear <every world government>,Your job - your only job - is to provide a better quality of life for your citizens. Before you do a single thing, make sure it passes that test.
You might want to actually ask those citizens from time-to-time too, just to make sure you're on the right track. Say, whether blanket, warrantless surveillance and widespread cyber attacks make them feel safe, uneasy or outright violated.
Sincerely,
The people (you might have seen us around.)
p.s. - Before you start congratulating yourselves on how well you're protecting your 'national interests' by spying and fighting and generally antogonising each other, ask yourselves if the people enjoyed the dick-measuring contest that was the Cold War, or if a folded flag in exchange for a son is fair trade.
This post has been deleted by its author
When I read the statement from the British intelligence agency: "All of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight," I could swear I heard that exact statement before. Must be the AI robot answering the phone.
But if the AI network is truly intelligent, it would surely do a better job pretending to be human?! My head hurts!
I have no real love for FB, though it does have its uses. However, the NSA and friends are leaving quite a list of corporate collateral damage on their way to their secure nirvana. If I were LinkedIn, FB and Yahoo!, I would start looking for a California Senatorial candidate who is much better on civil liberties than Dianne "It's fine if they spy on you, as long as they don't spy on me" Feinstein.
It's a pity that these companies can't just sue Uncle Sam for damaging their brand and goodwill in the marketplace.
After FOSS which already eradicated many intentional backdoors for the people using it, we now need to add simplicity. The less code you have the less likely it is to contain a backdoor.
So we need protocols which can be implemented with as few lines as possible. And we may even need hardware separation so if one of the components gets compromised, it won't be able to compromise the others.
Practicality and security are, unfortunately, not good bed fellows. The fact that you want to read The Register means you're willing to risk your traffic to be redirected, monitored and extra payloads added and executed on your browser (JavaScript via AJAX, JPEGs, etc., are all the stuff of modern web sites but also the Achilles heal of your browser and privacy).
You can have a secure computer only when (a) you only communicate with trusted peers via pre-shared keys or similar and (b) you trust all your peers to do the same; as soon as one peer is compromised, you're all dead in the water. That's not very practical.
Your best bet is to use one-shot computers for as much traffic as you can, but that means you need another device to manage the endless list of credentials required to access your internet footprint. As the one-shot is reset after each use, any infections you pick up in one session will not compromise future sessions (but you'll also lose all your cookies - hence the extra device). You also need to be ruthless about outbound firewalling to prevent any command and control traffic heading back to the bad guys, etc., etc.
Paid for subscriptions and text documents sent out over XMPP. It would be a nuisance only seeing comments updated on a daily basis, perhaps, and basic HTML is a bit limiting, but it is doable.
Actually, I think BBM is going down something like this route.
So reading betweeen the lines of this article - the NSA have had the capability for years to take down every significant botnet ever created, which no doubt have caused $100m's of financial damages to consumers and businesses, but instead they've used it for many purposes that probably have little or no value to the average joe.
If youve genuinely got nothing to hide, youve probably got nothing to worry about. The issue is not the NSAs use of these tools but the undoubtedly equally nefarious use of them by the more unscrupulous governments of the world - i.e china, iran, israel, syria, russia et al.
This stuff should never have been made public - the supreme naivete of the liberal press astounds me hear - talk about shooting yourself in the foot, for what in the second world war would most certainly have been considered treason and punished by hanging. He isnt a whistle blower - this was some screwed up ego trip disguised under the pretext of doing us all a favour.
If we dont stay ahead of the rest of the world in this dept we will only end up regretting it - and the same press who lauded Mr Snowdens self interested ego boosting antics will be wondering why we cut our own nose off to spite our face in the first place.
This post has been deleted by its author
Youve missed the point pal - the economic benefits associated with the infrastructure regeneration of destroyed countries, the potential mineral assets of the country in question are usually - along with achieving a stable socio-economic platform for those nations who influence your own balance of trade - the determining factors, or excuses that influence whether the US declares a war or not. And no that isnt a quote.
I for one am not naive nor asleep - why would you weaken your own country's position in the very real cyber war that has been going on for several years now (see Stuxnet et al) - thereby risking the economic and social stability of your home nation - by leaking confidential information, for any reason other than ego fluffing. Morality, to quote Jim Royle, my arse.
Read twice, comment once.
"Is anyone missing the simpler times?"
Aye, we had Rickets, Diptheria, Hitler, and
By we did look well going to school with no backsides in us trousers n
All us little heads painted Purple cause we had Ringworm
"...be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes." When the government decides to control every aspect of every citizen's life this covers everything, as Diane Feinstein is finding out.
"All of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight," the British intelligence agency said in a statement.
A statement which they make so often that I expect it's a keyboard macro in the press office there. Does anyone seriously believe that they would tell the truth about this?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
