back to article Snowden files confirm Shadow Brokers spilled NSA's Equation Group spy tools over the web

Documents from the Edward Snowden archive prove that the malware and exploits dumped on the public internet on Monday originated from the NSA. Among the files leaked by whistleblower Snowden in 2013 is a draft NSA manual on how to redirect people's web browsers using a man-in-the-middle tool called SECONDDATE. This piece of …

  1. Anonymous Coward
    Pirate

    I'm not worried

    Didn't the NSA assure us that their vault-o'-vulnerabilities would never get "into the wild"? I say we take them at their word and trust the government!

    /sarcasm off

    1. jamesb2147

      Re: I'm not worried

      No, no, you're confused! Our not-backdoor crypto keys would be TOTALLY safe. We promise! We're really good at this stuff. Trust us, because we know.

      Also, we'd ONLY use our tools to hunt down terrorists... err, and drug kingpins! Probably pedophiles, too, because nobody likes them. Oh, and Hoover at the FBI's been wanting access to your email recently, but President Trump has certified that it's only for safekeeping, so we shared it with them, too. We were assured they used good security! :D

      Remember, if you have nothing to hide, you have nothing to fear!

      1. Anonymous Coward
        Big Brother

        Re: I'm not worried

        Anyway, that's all beside the point. We haven't even been allowed to install any backdoors! We keep loudly and publicly asking for them but then those unpadriodic braindead politicians keep loudly and publicly saying "no."

        So there it is. We have no backdoors! Honest! You can trust us. We're a secretive government espionage agency.

        Must be those God dam evil Chinese commies. Can't trust a word they say. It was Huawei routers, right?

        --tEH nsa

    2. james 68

      Re: I'm not worried

      "Didn't the NSA assure us that their vault-o'-vulnerabilities would never get "into the wild"? I say we take them at their word and trust the government!"

      Just like how they recon a built in backdoor in both phone and pc OS's will be perfectly safe in their hands and will never be released into the wild.

    3. Anonymous Coward
      Devil

      Re: I'm not worried

      I can't help wonder what all those people might now be thinking who disagreed with Apple's decision to oppose the FBI some months ago . You know: not creating a backdoor for iOS because of fear that the government was going to abuse it.

      If all this turns out to be true then I'd say it is also one heck of a confirmation that Apple did indeed do the right thing back there.

      1. Anonymous Coward
        Gimp

        Re: I'm not worried

        "I can't help wonder what all those people might now be thinking who disagreed with Apple's decision to oppose the FBI some months ago. You know: not creating a[n FBI] backdoor for iOS because of fear that the government was going to abuse it fanboise would baulk and take their $CUSTOM elsewhere."

        T,FTFY

        You seem to have confused two completely different things:

        1) The recent public push by the US government's "FBI" police service for a public backdoor mechanism for their own use and as a mechanism by which to produce evidence admissible into public criminal court.

        2) The age old ostensibly secret(ish) push by the US government's secret(ish) spook agencies to secret(ish)ly subvert and corrupt US based technology corporations and their products for various quasilegal secret(ish) nefarious purposes. Brought to the fore by the great[ly entertaining] "NIST"(NSA)/RSA crippled elliptic curve pRNG backdoor fiasco of 2014, or the Snowden Prism etc. dump of 2013, or the 2000 EU vs Echelon affair, or the great US vs M$ _NSAKEY brinkmanship spectacle of 1999, or 1976's brazen "you think you're having 128bit security?! Here, have ~56bits and consider yourselves lucky" Lucifer->DES scuttling, or the 1974-1982 demolition of Bell, or whatever - depending how long you've actually been paying attention to the sordid shenanigans.

        If you seriously believe closed & proprietary consumer crApple™ iPrecious™ is any less riddled with the secret(ish) spook's backdoors than, say NSA™ Windows™ is, then I'm sorry to tell you the reality distortion field has sucked out your last neuron.

        It was a PR battle. Nothing more.

      2. Anonymous Coward
        Anonymous Coward

        Re: I'm not worried

        No matter, once HC is in power, the FBI will be counting on her ramming a bill through that gives them access or, you know, new evidence will come to light on that email server.....

  2. jamesb2147
    FAIL

    Good ol' US of A

    I honestly just hope that no one in the top brass thinks they, or anyone else in the USG, is "safe" from foreign nations.

    Hell, I don't consider myself safe, and I work for a po-dunk little company.

    1. This post has been deleted by its author

  3. Destroy All Monsters Silver badge
    Windows

    "It's going to be an ugly summer"

    Seriously?

    ALL the fucking summers since 2001 have been ugly, and there isn't even anyone who wants to actively democratize, liberate, genocidate, extraordinarily rendition, gazaify, ukrainimate or shock-and-awe me (not to mention slap me with surveillance order, ASBO, terror writ, sexual deviance order, looking-cross-at-hallowed-politican oder or what-have-you). As far as I know.

    Seriously.

  4. Destroy All Monsters Silver badge
    Gimp

    Direct from "The Laundry"

    That FOXACID manual is pretty hilarious.

    Hack technician instructions ... I like it ... although the english style is not the best it's more lively than MS prose. And NSA is using ClearCase, it seems.

    I think I will use this as an example to demonstrate technical writing at our place.

    The Intercept forgot to [redact] an example IP 203.99.XX.XX, somewhere in Pakistan...

  5. a_yank_lurker

    NSA = Notably Stupid Agency

    Exploits exist mostly because of coding or testing errors. So the existence of these holes is something any ethical vendor wants to know about and fix before they become customer issues. In fact there are many holes in all major commercial software (including FOSS) that still unknown. So sitting on a cache of exploits is idiotic at best because the imbeciles assume the "bad guys & gals" are not smart enough to find exploits also. This is the epic failure of underestimating your enemy; a well know problem that occurs in military history quite often.

    1. Anonymous Coward
      Childcatcher

      NSA = Narcissistic Security Anathema

      You seem to be assuming that all these backdoors are just queer coding blunders which the "clever" NSA people then quietly exploit, rather than malicious code secretly planted by decree of the secret "courts" of a malignant government.

      I'm not sure I agree.

      1. Brewster's Angle Grinder Silver badge

        Re: NSA = Narcissistic Security Anathema

        You seem to be assuming that all these backdoors are just queer coding blunders which the "clever" NSA people then quietly exploit, rather than malicious code secretly planted by decree of the secret "courts" of a malignant government.

        If that's the case, they won't be able to patch them till the "secret court" orders are revoked. So it will act as an inverse warrant canary: the longer a bug takes to fix, the more likely it was placed there.

        1. Anonymous Coward
          Anonymous Coward

          Re: NSA = Narcissistic Security Anathema

          Interesting thought Grinder... but couldn't/shouldn't the secret "letters" make allowances for emergency coverup repairs in the event of discovery? Besides, the Cisco kit at least is already abandonware... so they have something of a free pass on that front anyway :(

    2. Anonymous Coward
      Anonymous Coward

      Re: NSA = Notably Stupid Agency

      > "So sitting on a cache of exploits is idiotic at best because the imbeciles assume the "bad guys & gals" are not smart enough to find exploits also." Ditto for a software giant to use exploits (sometimes undocumented features) it has created in its OS and programming languages to leverage sales of its productivity software. Not that any software giant has ever done such a thing.

  6. John Smith 19 Gold badge
    Unhappy

    Networking hardware vendors.

    You are also an embedded software developer.

    Please try to act more like the suppliers of infusion pumps and not say in car entertainment companies.

    1. mikie
      Stop

      Re: Networking hardware vendors.

      hahahahahahahaha

      Infusion pumps are spectacularly rubbish in terms of security. All the medical stuff is utterly godawful and has been for years.

      Car companies are having their "industry meets hackers" moment so will improve.

      Medical suppliers haven't really had that yet, especially now that Barnaby Jack has gone.

  7. Pascal Monett Silver badge
    Flame

    "now that the exploits have been released, [..] ordinary criminals will use them [..]."

    Too bad you didn't have such foresight when you created the tools in the first place.

    That is why you do not create malicious tools to subvert common standards. That is also why you do not consider yourself above the hoi-polloi when it comes to the risk of being hacked yourself. Finally, that is why when, despite all the dangers, you do decide to go ahead and create such malware tools, you do not go and put files on an internet-accessible server.

    But sure, it was more practical for the spooks to be able to readily download the latest version from whatever location they are at in the world. And yes, I understand that the tools need to be DevOpped super fast because of the changing nature of the target.

    Unfortunately it was also more practical for the hackers. And now said hackers have offered it to the world, which means the basic scum are going to get access to nuclear-weapons-grade exploits way before they could code it on their own. So the NSA has given a booster shot to all the misguided, money-grubbing lowlifes of the world.

    I guess you can call that job protection, in certain circles. Thank God it's all legal, right ?

    1. Jamie Jones Silver badge

      Re: "now that the exploits have been released, [..] ordinary criminals will use them [..]."

      All very good, apart from the fact the guy you are quoting has sod-all to do withe the NSA or their program.

      1. This post has been deleted by its author

  8. Chris G

    I'm assuming

    If it was state sponsored hackers such as the Russians, then they must have the means to detect and protect against these toys at every level. Otherwise they are shooting themselves in the foot.

    That should make the Alpha Bettys nervous.

  9. Anonymous Coward
    Linux

    Should my Nan be worried ?

    Or can I tell her Linux Mint is unaffected?

    1. Chris G

      Re: Should my Nan be worried ?

      Your Nan and everyone else in the World should be wearing armoured knickers, to prevent strangers from interfering with them.

      1. Anonymous Coward
        Anonymous Coward

        Re: Should my Nan be worried ?

        It is likely your Linux Mint will be penetrated like a hooker on a Friday night in a multicultural neighborhood.

      2. Arachnoid
        Mushroom

        Your Nan and everyone else in the World should be wearing armoured knickers

        Even armoured knickers require making so are open to the installation of back doors during manufacture and once you have access you can modify the product to your desires.

        1. Anonymous Coward
          Anonymous Coward

          Re: Your Nan and everyone else in the World should be wearing armoured knickers

          ..or fiddle with the contents.

          Just sayin!

  10. scrubber
    Facepalm

    Is Security Agency now an oxymoron?

    Maybe now they'll see that by focusing on spying on semi-honest people like us they have actually reduced our security.

    Imagine they actually cared about our security and fixed these exploits as soon as they found them, imagine how little the Chinese or the Russians would know about us, imagine how secure our online banking and commerce could be. But no, they'd rather hack the webcams of yahoo users and intercept US troops emails to family back home.

    1. Anonymous Coward
      Facepalm

      Re: Is Security Agency now an oxymoron?

      I don't think it's quite that clear-cut: We all use the same internet. Seems to me the impudent little cunts presume to fuck up our internet in order to fuck up the other side's internet. Not saying fucking up ourinternet isn't also an objective, of course: Where would our beloved political lords and masters be without their trusty dissent suppression machinery?.. but we're probably just more of a collateral bonus than the primary objective.

      To me, the most mind-bogglingly startling hubris is:

      1) Presuming that those glaringly deliberately god-awful specs, protocols & RFCs they contrive and foist upon us are so awesomely cunning that every other intelligence service in the world, and anyone else who bothers to read them, can't immediately see what they really put in place.

      2) Presuming themselves competent to keep their RECKLESS "secret" toys to themselves.

      So, as for "Maybe now they'll see that by focusing on spying on semi-honest people like us they have actually reduced our security."

      I'm absolutely certain they already fully appreciate that! It's (half) the point!.. and nothing will come of this latest débâcle, other than yet another orgy of god-awful disinformation pantomime.

      Yey! :-|

  11. NozeDive
    Trollface

    Bow to your sensei

    I love that they called their op "Rex Kwon Do". Such an underrated movie.

  12. Ropewash
    Pint

    Open post to the NSA

    HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA.

    Maybe if you'd spent less time trying to jam your finger up your own citizen's arseholes and more time trying to secure the network by fixing exploits instead of hoarding them...

    Here's hoping every single one of your dodgy programs gets used on you in the future. Preferably by your own people.

    Oh.. and don't bitch when folks encrypt their drives and their comms, it's only a natural response to your continued idiocy and egotism.

    Cheers.

    1. Ropewash
      Black Helicopters

      Re: Open post to the NSA

      It's a funny thing but maybe an hour after that post a little lightbulb icon popped up on my Android phone telling me that I should add emergency contact info.

      Now I know it's just Google trying to get me to add my relatives to their database for better ad tracking (we see your son has just died, click here for links to funeral homes with big savings), but the timing could not have been better.

  13. keithpeter Silver badge
    Coat

    Mirroring most large IT based organisations

    Just thinking that 'shadow IT' is a thing in large companies, and reflecting on my own experience that any organisation with 1000+ employees has a management layer that spends most of its time interacting with each other about turf wars and resource allocation.

    I'm guessing that the NSA is no different. Could the Equation Group(*) be a 'devops' shadow IT operation within an organisation mainly oriented to defence and security theatre surveillance of mass communication?

    (*)Equation Group is going to be the name of my Maths homework club next year I think. Superb branding.

    Coat: mine's the one with a dumb phone in the pocket.

    1. Anonymous Coward
      Anonymous Coward

      Re: Mirroring most large IT based organisations

      Supplementary reading: A psychological history of the NSA

      > Maths homework club

      Congrats. In my time, it was "everybody for himself and let the dogs of failure rip into the straggler; profs will pick the bones..."

      1. keithpeter Silver badge
        Windows

        Re: Mirroring most large IT based organisations

        "In my time, it was "everybody for himself and let the dogs of failure rip into the straggler; profs will pick the bones..."

        I'm teaching people on the other tail of the distribution. You would still recognize the scene in some of our more ambitious Universities. Thanks for link.

  14. SeanC4S

    Is it such a bad thing that there are no barriers and that all things can commune? The internet then is a vast Petri dish to grow AI in.

    1. Anonymous Coward
      Anonymous Coward

      AMFM? That you in there? Have you returned to us?

  15. Anonymous Coward
    Anonymous Coward

    Imagine

    Imagine if the NSA and their comrades in the other military and civilian US intelligence services had actually done their jobs and worked to defend their country from exploits, rather than keeping them secret and making us all less safe.

    Those agencies get half a trillion dollars or more a year from the US treasury. Maybe it's time for the citizenry to demand their money back.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like