back to article Leaked NSA point-and-pwn hack tools menace Win2k to Windows 8

The Shadow Brokers have leaked more hacking tools stolen from the NSA's Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8. The toolkit puts into anyone's hands – from moronic script kiddies to hardened crims – highly …

Page:

  1. Anonymous Coward
    Anonymous Coward

    Pays to be running Windows 10

    For once.

    1. Shadow Systems Silver badge

      Re: Pays to be running Windows 10

      Of course it does, there's no need to install any more spyware to rape you of your private data, you're already running the NSA's wet dream of data collection.

      Enjoy your Win10, it's not like you have any privacy left to violate.

      1. Anonymous Coward
        Anonymous Coward

        Re: Pays to be running Windows 10

        The whole advertising industry is based on the idea that there's always more privacy left to violate.

        Even with a camera pointed at your face, algorithmically reading your expression, there's still data missing from their model. Your thoughts are still private.

        It only ends when they can plumb the depths of consciousness itself.

        1. Ian Michael Gumby Silver badge
          Paris Hilton

          Re: Pays to be running Windows 10

          The whole advertising industry is based on the idea that there's always more privacy left to violate.

          That's what she said!

          Wow, it even works here too.

        2. rtb61

          Windows anal probe 10 goes deeper

          Nothing imaginable probes deeper than windows 10, why anal probe, because when you go to the proctologist and windows anal probe 10 is running, M$ right is in there with the windows powered camera that goes where no one wants.

          Go to a dentist with Windows anal probe 10 and M$ is checking out your cavities.

          Go to a lawyer and they use Windows anal probe 10 and M$ is right in there checking you legal brief.

          Doesn't matter what you do, Windows anal probe 10 is right there spying on you, it is truly disgusting and should be banned, it is criminal that it got into an operating system and they should enjoy an extended custodial sentence for the machination especially loading spyware into doctors offices where it is illegal to do so under law.

        3. Bandikoto

          Re: Pays to be running Windows 10

          "On coins, on stamps, on the covers of books, on banners, on posters, and on the wrappings of a cigarette Packet — everywhere. Always the eyes watching you and the voice enveloping you. Asleep or awake, working or eating, indoors or out of doors, in the bath or in bed — no escape. Nothing was your own except the few cubic centimetres inside your skull."

      2. Anonymous Coward
        Anonymous Coward

        Re: Pays to be running Windows 10

        Awwww - does Shadow Systems have a sad about all his Win 7 boxes? Arch is running just fine here, thank you for asking.

        1. jgarbo
          WTF?

          Re: Pays to be running Windows 10

          And for your next non-sequitur? Sponge cake piracy?

    2. bombastic bob Silver badge
      Devil

      Re: Pays to be running Windows 10

      pays to be running FreeBSD or Linux, you mean.

      1. Roland6 Silver badge

        Re: Pays to be running Windows 10

        >pays to be running FreeBSD or Linux, you mean.

        Only while they form a very small minority of enterprise desktops...

        1. Mikel

          Re: Pays to be running Windows 10

          >>pays to be running FreeBSD or Linux, you mean.

          >Only while they form a very small minority of enterprise desktops...

          And 90% of mobile devices, totalling over 1.6 billion active users - More than Windows

        2. Wayland Bronze badge

          Re: Pays to be running Windows 10

          The way into Linux is probably via MS Office which many people run using WINE.

      2. jgarbo
        Linux

        Re: Pays to be running Windows 10

        Yep. A real OS, tight and running only essential services. Twenty yrs, so far no detected intrusions.

    3. Mark 85 Silver badge

      Re: Pays to be running Windows 10

      Pays to be running Windows 10 For once.

      Don't be so sure...I'm sure the NSA has some Win10 hacks at their disposal. It's likely, that other releases will reveal what they have for Win10, Apple, Linux, etc.

      1. chivo243 Silver badge
        Trollface

        Re: Pays to be running Windows 10

        @Mark 85

        Win10 hacks at their disposal? That would be a legal front door into MS as they now have *some* telemetry...

      2. Anonymous Coward
        Anonymous Coward

        Re: Pays to be running Windows 10

        "I'm sure the NSA has some Win10 hacks at their disposal."

        My one regret with turning down the offer of a "free" upgrade to Win10 Pro is that I've missed the opportunity to do penetration testing on it.

        1. Anonymous Coward
          Anonymous Coward

          Re: Pays to be running Windows 10

          I suppose if you're a newbie and thinking of starting in the penetration testing game - good to start with something easy and work up.

          You only have to look back at all the past 200+ critical Windows vunerabilities, you'll soon notice a theme to where they occur, multiple times, over and over again.

    4. DougS Silver badge
      FAIL

      Windows 10 is almost certainly vulnerable

      The exploits were stolen in 2013, before Windows 10 came out, so obviously it wouldn't have been listed as a potential target. But given the range of vulnerable versions from 2K all the way to 8 in some of these, only a fool who smugly posts "it pays to be running Windows 10" would wrongly assume Windows 10 is not vulnerable!

      1. Updraft102 Silver badge

        Re: Windows 10 is almost certainly vulnerable

        Indeed. The Windows 10 kernel is nearly identical to that of 8.1, so if 8.1 is vulnerable, I'd bet that 10 is too. Nearly every time there is a new security patch, it comes in versions from Vista (until support ran out the other day) to 10... the same issue affecting all versions of Windows in current support. I would expect this to be no different.

    5. Anonymous Coward
      Anonymous Coward

      "Pays to be running Windows 10. For once."

      It also pays to avoid making dumb assumptions. Those actively researching and nesting a host of Win-10 zero days salute you!

    6. Anonymous Coward
      Anonymous Coward

      Re: Pays NOT to be running Windows 10

      Maybe there is some obscurity in having a pain the ass, "moving conveyor belt OS" like Windows 10, but boy, it's a complete fcuker to stay at the leading edge.

      For every 1 hour of work, it feels like 10 hours of notifications/distractions, to make sure everything is current. It seems aimed at keeping 'non jobs' busy.

      Maybe there is something to be said to running Insider Builds, Fast Ring, Slow Ring even it's the equivalent of Swiss Cheese (in terms of holes), you and the hackers are both running runtimes that has seen the same amount of daylight, leveling the field somewhat.

      If you want real obscurity though, it seems that choosing a non standard setup (in terms of Firewalls/Routers), Linux based OSs that few people use is probably the best approach, because its just not economical for either the NSA or Hackers to bother targeting/hacking it, until it hits the "McDonalds" mainstream.

      Funding a hacking project always has to be justified, in terms of cost/benefits, even if they do have unlimited deep pockets and do some projects at such scale, most "normal folk" would find incredulous i.e. Massive Data Centres next to Data Centres to monitor social media.

    7. This post has been deleted by its author

    8. Adam Jarvis

      Re: Pays to be running Windows 10

      Looking forward to next Andrew Marr / Amber Rudd's take on this. I'll go by whatever Amber Rudd says and do the complete opposite.

      New Tact/Approach?

      (If you can't win the PR War consensus* after a terrorist attack (she didn't), to get the Public to give up their Encryption/Privacy, maybe the next best approach is to target all those mainstream IT Tech products "with a release of hacking tools in the public domain" to make those products feel as insecure as possible.

      So in effect, "the default", feels like there is no Privacy anymore, so in future you'll feel less likely to argue/stand up for the right to Privacy).

      * We never did get any real clarification/proof that WhatsApp was used, by WhatsApp themselves. It seems to have all gone quiet on that front.

    9. Wayland Bronze badge

      Re: Pays to be running Windows 10

      No not really since the NSA still have the secret tools for hacking Windows 10 which people can't patch whilst they are still secret. These tools that have been exposed will shortly be useless.

  2. Claptrap314 Bronze badge

    Too slow...

    Common, folks. This dump occurs just over ninety days after the theft was announced. How often has m$ managed a patch that fast? And for no-longer-supported OSes? If there is a fix in the next month, we will KNOW that the NSA has been working with m$ on this...

    1. Updraft102 Silver badge

      Re: Too slow...

      What's common?

    2. bombastic bob Silver badge
      FAIL

      Re: Too slow...

      they'll just say "get windows 10" - you KNEW, that, right?

      (then they won't have to fix ANYTHING)

    3. Doctor Syntax Silver badge

      Re: Too slow...

      "If there is a fix in the next month, we will KNOW that the NSA has been working with m$ on this."

      Alternative possibility. Microsoft did a deal with Shadow Brokers some time ago so that fully supported stuff would get patched beforehand leaving W7 users with an incentive to migrate to 10 given that they've resisted everything else so far.

  3. Anonymous Coward
    Anonymous Coward

    So... do you believe that Clinton's Server wasn't hacked?

    "For IT managers and normal folks, the Windows-hacking arsenal, which dates to around 2012, is the most worrying. It contains exploits for vulnerabilities – including at least four zero-day flaws for which no security patches yet exist – that can be used to hack into at-risk Windows systems, from Windows 2000 to Windows 8 and Server 2012. In some cases this can be done across the network or internet via SMB, RDP, IMAP, and possibly other protocols."

    While some claim that there was no evidence of the server being hacked, we have two problems...

    1) The server was compromised by the IT Staff who mishandled it.

    2) These tools show that governments have the sophistication to hack machines at will and leaving little or no trace.

    If the NSA had it ... odds are other governments had similar tools too.

    1. Anonymous Coward
      Anonymous Coward

      Re: So... do you believe that Clinton's Server wasn't hacked?

      ugh, a tip from an AC to an AC - that horse has been dead for a while now. keep flogging it, and you might get suspected of necrophilia.

      1. Anonymous Coward
        Anonymous Coward

        Re: So... do you believe that Clinton's Server wasn't hacked?

        ugh, a tip from an AC to an AC - that horse has been dead for a while now. keep flogging it, and you might get suspected of necrophilia.

        Yes, I'd be careful that you don't get a whip full necrotic tissue. If you want to pay attention to slightly more current affairs, try working out just how much the current orange idiot is raking it in via his ownership of the places that are now deemed "presidential residencies", and how much his shares in military hardware shops have gone up since he discovered how useful a war is to divert attention.

        Blabbing over Hillary is entirely irrelevant - she's not your problem right now.

    2. John Smith 19 Gold badge
      Unhappy

      "If the NSA had it ... odds are other governments had similar tools too."

      And if they didn't they do have now.

    3. This post has been deleted by its author

    4. Bruce Ordway

      Re: So... do you believe that Clinton's Server wasn't hacked?

      None of us can be sure if it was hacked but... wasn't it an Apple server?

      1. Pompous Git Silver badge

        Re: So... do you believe that Clinton's Server wasn't hacked?

        "None of us can be sure if it was hacked but... wasn't it an Apple server?"
        Well, it wasn't hacked as such; it was turned over. Hence it was an Apple Turnover and we hope the miscreants get their just desserts.

  4. Boohoo4u

    So... the NSA has know for quite a while that they've lost control of their toolkit.

    They must have been very busy getting all our counties (govt) computers with Top Secret data upgraded to Windows 10, right? What about our allies?

    Seems like none of this should be zero day, if someone was doing their jobs...

    If I remember (reading) correctly much of our countries servers/systems run on old computers.

    This is a colossal F up to end all F up's.

    The govt/business partnership to keep our country safe seems nonexistent. What is it going to take to reevaluate our priorities...

    1. Anonymous Coward
      Anonymous Coward

      "What is it going to take to reevaluate our priorities..."

      A mega class action law suit comprising the Top 500 corporations who sue the dangerously incompetent NSA / government to the tune of countless tens or hundreds of billions for all the additional security measures they need to take, loss of data, loss of revenues due hacks ?

      It probably won't happen, they are easily leaned on by the spooks if necessary, but it's nice to imagine it happening one day, perhaps.

      1. Mark 85 Silver badge

        A mega class action law suit comprising the Top 500 corporations who sue the dangerously incompetent NSA / government to the tune of countless tens or hundreds of billions for all the additional security measures they need to take, loss of data, loss of revenues due hacks ?

        Funny thing about the US Government.... they have the right of refusal to lawsuits. You can sue them only if they say you can... on an individual basis. It is a lovely idea though.

  5. David Pearce

    Anything with Top Secret data on it shouldn't be anywhere near the Internet anyway

    1. Roland6 Silver badge

      >Anything with Top Secret data on it shouldn't be anywhere near the Internet anyway

      Agree, but these "highly secure" systems are the sorts of systems that most probably don't get regular updates:

      "We have a sneaking suspicion that Uncle Sam's foreign espionage targets aren't exactly the types to keep all their systems bang up to date."

  6. Marketing Hack Silver badge
    Black Helicopters

    You'd hope that as soon as the toolkit was leaked, the NSA started working with relevant vendors

    To patch the vulnerabilities that were coming out. After all the NSA is also oversees America's cybersecurity command.

    But I wouldn't be surprised if they did nothing, rather than have a series of embarrassing "OK NSA, we know you've exploited THESE vulnerabilities, but what else are you not telling us?" conversations with each vendor.

    1. Anonymous Coward
      Anonymous Coward

      Re: You'd hope that as soon as the toolkit was leaked, the NSA started working with relevant vendors

      Microsoft (according to the update to the article) are saying they haven't been contacted by the NSA.

      Disclosed, in true warrant canary style.

    2. Fatman
      Joke

      Re: """conversations with each vendor."""

      Such conversation might consist of:

      vendor: <quote>"OK NSA, we know you've exploited THESE vulnerabilities, but what else are you not telling us?"</quote>

      NSA: "Sorry, but that information is classified!"

  7. Nolveys Silver badge

    Damn it NSA,

    you had one job.

    So there's the honourable Mr. Snowden, who went public. Then there's the not so honourable Shadow Brokers...who went public.

    I would think that most people, were they to take the time and risk to smuggle stuff out of the NSA, would want to sell their plunder as quickly and quietly as possible. Kind of makes me wonder how many other NSA care packages are out there.

    Also, any theories as to the weird and broken English in the SB messages? You'd think they would have someone who could string a sentence together.

    1. Anonymous Coward
      Anonymous Coward

      Re: Damn it NSA,

      Also, any theories as to the weird and broken English in the SB messages? You'd think they would have someone who could string a sentence together.

      Why would they want to? It is easy enough to identify the writer by his/her choices of words, the grammatical preferences, the rhetorical devices, and even the spelling mistakes. It does not take too much text either. If you just happen to have samples of public writings from all, or nearly all computer-literate humans alive, you might be tempted to do a bit of correlation analysis.

      It is much safer to run your messages through a few (obviously, off-line) machine translation systems, taking care to use different vendors so that the underlying semantic representation is not the same on each translation stage. This way, the correlation analysis will only pick up signatures from the last few translation algorithms used in the process.

      This only shows that the SB are not complete idiots, but then we already knew this.

      1. Pompous Git Silver badge

        Re: Damn it NSA,

        "It is easy enough to identify the writer by his/her choices of words, the grammatical preferences, the rhetorical devices, and even the spelling mistakes. It does not take too much text either."
        I seem to recall we did that with Peter Gleick's fake memo. It only took us a day. No computering involved.

      2. GrapeBunch Bronze badge

        Re: Damn it NSA,

        Yeah, sure, multiple machine translations, "Chinese Whispers" or "Telephone" style with a check at the end to see that the message isn't just too garbled. However, it could be that they want people to think that their native language is not English. That it is, for example, Russian. When comedian Jessica Holmes does a Russian character, it sounds just like those excerpts. Easter, of course, they want you to think they're favouring Orthodox countries which calculate Easter (holidays) on a different basis. Although I looked it up, and in 2017, both Easters fell on the same day. Maybe there's a message in that, too. They probably didn't want to wait until Christmas.

    2. Doctor Syntax Silver badge

      Re: Damn it NSA,

      "you had one job."

      That's the problem. They have two and they're contradictory.

    3. Primus Secundus Tertius Silver badge

      Re: Damn it NSA,

      @Nolveys

      Mr Snowden is not due to inherit an English lordship. Therefore he is not entitled to be addressed as "The honourable..."

      1. Anonymous Coward
        Anonymous Coward

        Re: Damn it NSA,

        Mr Snowden is not due to inherit an English lordship. Therefore he is not entitled to be addressed as "The honourable..."

        Whether Mr. Snowden is honourable or not, is something each of us can decide for ourselves.

        I do not believe he is presently entititled to the title of "Honourable" (or "Honorable", if you are a left-pondian), but given the enormously long list of occupations and hereditary qualifications for claiming it, it would not be easy to be completely sure.

        Personally, I also would not exclude a possibility of the honourable Mr. Snowden acquiring the right to be referred to as Hon. Mr. Snowden at some point in the future, however unlikely it might seem now.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019