Yep - I'm one
Posting AC naturally - Anonymous Comrade
"I would be surprised if all major intel agencies didn't have people embedded in Google, Amazon, Apple, Facebook and major cloud provers," infosec guru Mikko Hyppönen told a packed audience at BSides conference in London on Wednesday. Hyppönen, chief research officer at security firm F-Secure, made the comment during a well- …
This is Russia we're talking about. Greenbacks are not something they currently have a large surplus of. It's mostly sitting in offshore trust multi-layered, multi-jurisdictional shell companies. If you have a look at the Putin doctrine over the last 18 years and the way the "entrepreneurial' groups, teams, departments, bureaus and whatnot develop their semi-detatched autonomous operations, you;ll notice an innovative disinterest in expensive stealth measures. Consider the notorious troll factory, for instance -- they weren't highly trained FSB or SVR officers, they were 20-something unemployed graduates who just wanted a job and had reasonable English. Same with the myriad of evidence trails thrown off by dozens of people in the Trump set-up. I suspect the notion is that it's a cheap win/win tactic. If the op's not blown, win, you get a puppet into the White House. If the op's blown and disclosed that''s also fine, because by the time the last shady "businessman' has been perp-walked into the Black Marias the public's trust in the institutions of the state and government has been massively eroded, the pro- and antio- camps have hardened their positions to quasi-religious state of ecstatic ingroup/outgroupery, where none of the Trump base will ever believe it's anything other than a coup by the deep state or the UN black helicopters etc etc when he's finally jailed. (Remind anyone of events closer to home?)
In that ops mode, cheapness has a double virtue.
The NATO Handbook is a very good read. http://www.ndc.nato.int/news/news.php?icode=995
The embedded spooks can attack from the inside, and steal that data to pass to their bosses.
Of course, Facebook is immune to such concerns - why would you need to plant a spy inside them when they will apparently sell personal data on their users to anyone that comes along!
So auditors meeting untimely deaths due to usual but rare workplace accidents might actually be ... wetwork?
Jobs in network and sysadmin roles would be key targets for such infiltration, Hyppönen told El Reg, adding that he knows Apple and other tech giants are hip to the threat.
This probably means they are demanding cash from deep-throated people in underground garages before HR emits a positive grunt.
.. have you read 'The Cuckoos Egg' by Clifford Stoll? He's a sysadmin at an American Unversity, and what starts out as a simple accounting discrepancy throws him into a world of espionage. Oh, and it's a true story. https://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg
So, go check your acct is set up properly,.... you could find something interesting.
The Cuckoos Egg' by Clifford Stoll?
Fuck ... Melancholy.
Those were the days. Actual telephony switching relays. Tymnet. Some dude accessing faked SDI info (hacked together in near-real time, enormous troll award should be forthcoming) from the DDR!
The world back then has enormous DISTANCE. Just getting over the Atlantic was an adventure. Documentation was sparse. Comms were bad. Telephones were in use. Screens were green. JPGs were nowhere to be seen.
And summers were just better.
Tech is like a new religion to many.
And if many nations tell the Antivirus companies don't find our hacker shit, then you can get an idea of if they would stack the decks elsewhere. and i would not cost that much as they would earn $ from their job.
It wasn't long ago that 2IC in Linux Kernel team was spitting chips about all the interference. I always thought the spooks would be lurking there, building in the next hole, in case some nation tries to develop an independent operating system.
Problems arise when Tech is over commercialised and people are complacent, not just spooks.
but "sleepers', those that are totally unaware to the effect of what they do and those that just don't care.
that's why Bill Gates dooms day threat had so much weight. and why their has been a venting thru obscure sources of material....
The failure to prosecute Microsoft and Bills exit from MS and seemingly service to US State or other Dept overseas as punishment, they then let him back in under a founder's role. When they figured he's got them something they wanted, might give a clue to that. Now many internal defense depts build their own systems, completely different of anything known.
Honestly, something this obvious would escape most bean counters. Plus SMB-vector attacks would still mean both machines would probably need to be network-segmented somehow. Personally, I do all critical dev on Air-Gapped machines. Its too much dead-time otherwise trying to keep up. Plus, so many slurpy Apps & OS want to phone hone constantly for no real benefit. My work doesn't have Github / Gitlab / Perforce dependencies tho...
this is way over the top
I would call it absolutely pedestrian.
This is how it works, dontcha know.
And sometimes the cleaner needs to come.
I have had a couple of instances of suspiciously mole-y events during my career. Probably just crims and the competitors though.
Information was somewhat critical but sadly Israeli, US or Russians hailing each other on the servers would not even have been noticed. The pressure of competition, ROI and utter IT ignorance, eh!
Whether you subscribe to this 'sounds-like-a-conspiracy theory' or not. Its interesting how calm Zuckerberg was during the hours of 'test-of-mony' in front of EU/US lawmakers. It was like someone had guaranteed him safety / gave him a get-out-of-jail-free-card, while so many wanted him beheaded!
Biting the hand that feeds IT © 1998–2019