LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 03-12-2014, 01:53 PM   #1
metaschima
Senior Member
 
Registered: Dec 2013
Distribution: Slackware
Posts: 1,374

Rep: Reputation: Disabled
Ready yourselves, the cyberter ... I mean NSA wants to hack/infect your computers


https://firstlook.org/theintercept/a...uters-malware/
Quote:
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”

In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the “Expert System,” which is designed to operate “like the brain.” The system manages the applications and functions of the implants and “decides” what tools they need to best extract data from infected machines.

Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.

...

Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.

The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”

The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”

...
Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform “exploitation attacks” against data that is sent through a Virtual Private Network, a tool that uses encrypted “tunnels” to enhance the security and privacy of an Internet session.
...
In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency’s hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. “If we can get the target to visit us in some sort of web browser, we can probably own them,” an agency hacker boasts in one secret document. “The only limitation is the ‘how.’”
Do read the whole article, because it's a lot of stuff.

Also, do not think that they only have the authority to do foreign-only surveillance:
http://www.theguardian.com/world/201...es-email-calls

Last edited by metaschima; 03-12-2014 at 02:14 PM.
 
Old 03-12-2014, 02:04 PM   #2
Smokey_justme
Member
 
Registered: Oct 2009
Distribution: Slackware
Posts: 399

Rep: Reputation: 111Reputation: 111
Holly mother of...

This is however the best part:
Quote:
Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.
IPhone5 or (soon to be free) Windows, anyone?
 
Old 03-12-2014, 06:47 PM   #3
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,402

Rep: Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131
Well, since NSA is part of the United States Government, it can basically instruct hardware and software manufacturers ... particularly including cell-phone manufacturers ... to include whatever-it-wants into whatever-it-wants. At least within the United States. More elaborate techniques would be reserved for special cases.

My main concern in all of this is that, well, "the cat's away." Particularly since 9/11, anything that any Defense Contractor could think to ask for "in the name of Homeland (tah dahhhhh) Security" was like rubbing on a magic lamp. There was no oversight, no controls, no one questioning: "is this really a necessary and prudent use of public funds?" Billions(!) of dollars were being spent every day, and all of it was TOP $E¢RET. (Ka-ching!!)

Over 100 years ago now, Maj. Gen. Smedley Butler, USMC (who was the most-decorated military officer of his day) said that "War is a Racket." A decade later, we find that "Homeland Security" is truly a racket, as well.

I, for one, want to know why we're being told that "we can't afford" to do so many important things for the citizens of the United States, when we "have to" spend #CLASSIFIED# dollars on (just to name a few ...) #CLASSIFIED#, #CLASSIFIED#, and, leave us not forget, especially... #CLASSIFIED#.

I am of the considered opinion that, not only are we getting ripped off, but we also are not being made "safer" by it. Indeed, quite the opposite.

"The Public purse," as well as "The Public interest," is the legitimate concern of every "ordinary" member of: The Public. (And, especially in this case, of: The World. We're all on this blue rock together.)
 
Old 03-13-2014, 09:06 PM   #4
weirdwolf
Member
 
Registered: Jun 2007
Location: 1 AU from a G2V star
Distribution: PCLinuxOS LXDE
Posts: 117

Rep: Reputation: 176Reputation: 176
President Eisenhower warned the U.S. about the "military–industrial complex" as well.
 
Old 03-16-2014, 07:34 AM   #5
maples
Member
 
Registered: Oct 2013
Location: IN, USA
Distribution: Arch, Debian Wheezy
Posts: 424

Rep: Reputation: 104Reputation: 104
I'm willing to bet that Linux isn't affected...

It seemed that the malware part of it was Windows-specific...and for the Internet, all we have to do is set up one central server per state/region, and everyone use an SSH tunnel, and then they can't trace IP addresses! Only problem: Who's gonna pay for the server and the Google-Fiber-class Internet speeds that it will need? That can't be cheap...
 
Old 03-16-2014, 08:02 AM   #6
odiseo77
Senior Member
 
Registered: Dec 2004
Location: London, UK
Distribution: Debian Sid, OpenSUSE 13.1
Posts: 1,013

Rep: Reputation: 308Reputation: 308Reputation: 308Reputation: 308
Here's an inspiring thought for you all:

Last edited by odiseo77; 07-31-2014 at 03:53 PM.
 
Old 03-16-2014, 08:26 AM   #7
maples
Member
 
Registered: Oct 2013
Location: IN, USA
Distribution: Arch, Debian Wheezy
Posts: 424

Rep: Reputation: 104Reputation: 104
Quote:
Originally Posted by odiseo77 View Post
Here's an inspiring thought for you all:
That just gives me a warm and fuzzy feeling inside...Of course, someone's going to open some Windows sooner or later and let a draft in...
 
Old 03-16-2014, 11:23 AM   #8
metaschima
Senior Member
 
Registered: Dec 2013
Distribution: Slackware
Posts: 1,374

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by maples View Post
I'm willing to bet that Linux isn't affected...
I wouldn't bet on it. I would act as if they could. Don't let your guard down and stay up-to-date.

I think there may be a lot of boasting on the NSA's part. Oh they can do everything, and I'm sure they can do a lot, but I think a good amount of it is boasting.
 
Old 03-30-2014, 12:21 AM   #9
xyzone
LQ Newbie
 
Registered: Jun 2010
Posts: 10

Rep: Reputation: Disabled
Didn't the NSA develop SELinux?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Secret NSA technology that can hack computers not connected to the Internet LXer Syndicated Linux News 0 01-15-2014 06:12 PM
LXer: Windows users click on advert offering to infect PC for free LXer Syndicated Linux News 0 05-20-2007 10:16 PM
NTFS trojen to infect other computers on the network? soundwave Linux - Networking 2 11-17-2006 04:25 AM
LXer: Virus proof of concept can infect both Windows and Linux systems LXer Syndicated Linux News 0 04-08-2006 04:21 PM
LXer: New PoC malware can infect both Windows and Linux LXer Syndicated Linux News 0 04-08-2006 04:54 AM


All times are GMT -5. The time now is 06:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration