Major new bombshells on NSA blackhat techniques at CCC 30c3

Leave a comment

This is part 2 of “To Protect and Infect” about the militarization of the Internet, where Jacob Applebaum aka ioerror talks about specific techniques used by the NSA for surveillance, exploitation and overt attack of individual targets as well as the dragnet collection of data on everyone.   I’m kind of surprised at some of the “low-tech” methods used and also at some of the ingenuous uses of combinations of vectors.  If you’re a target, there’s only so much you can do before they get ya.  As has been hinted at before in previous disclosures of this kind, it’s not impossible to stop or at least severely hamper a lot of these techniques.

The most surprising of these techniques, to me anyway because I thought of it a few weeks back after having ordered some headphones from Newegg during one of those Black Friday/Cyber Monday sales (shipping took over 2 weeks which is surprising for normally rapid Newegg, even with the holiday rush – also, UPS tracker was showing some unusual delays and weird routes), is simply intercepting a postal shipment for computer hardware and infecting it with some kind of modified firmware or even a low-tech bug like a GPS transponder or mic.  I say surprising because I just dismissed this as the meandering of my paranoid imagination, but in the case of someone who might actually be a significant target, it’s not so unrealistic after all and now we know that it’s indeed a reality.  I mean, if I were the Bad Guys, I’d try it as an attack vector, especially if I had the kind of technical, financial and political resources the Bad Guys in question certainly do have.  I first thought of this when I started buying OpenBSD media and having it shipped to me rather than installing from online mirrors – wouldn’t it be easy to intercept the envelope, steam it open and swap out a compromised set of the software?  Especially considering it’s an international shipment since they send it from Canada; I’m guessing the laws are a bit more lenient in such case…   This method and legally using the Patriot Acts to “blackbag” (break into) a target’s residence to gather intel and install backdoors of all kinds are the 2 that bother me the most because I have the least control over them.

In fact, if I recall correctly, Applebaum was just in the news recently for getting his residence in Germany infiltrated, with 3 of the 4 physical security systems he had set up bypassed and lots of items inside were obviously disturbed.  Not surprised, since the context of the news recently has been that of Snowden speaking with German media and subsequently most of the content in this CCC talk were just disclosed to Der Spiegel (and thankfully rapidly reported on by Matt Drudge and other diverse news outlets) and the source had to have been Snowden given the multitude of codenames for various techniques discussed in this talk – surely the NSA and CIA were not very pleased about this data getting disclosed.

Another important point that Applebaum constantly drives home is that the access to most of these techniques is not exclusive to the NSA – once known by the general populace, they can be exploited by *anyone* which is very irresponsible and should give you an idea about this agency’s moral compass.  Who’s to say that SCADA infrastructure, the kind that was (and continues to be! no one has closed that Pandora’s box because… it can’t be) used by the STUXNET worm, won’t accidentally trigger a disaster like a nuclear plant meltdown after accidental infection?

Anyway, an interesting highlight was Applebaum’s meeting with a political dissident from Angola who complained of a possible trojan on his MacBook and sure enough Applebaum discovered a lame background task that was doing screenshots on a regular interval.  I guess it didn’t bother to check if there was Internet connectivity since there were about 8GB of screenshots in his user directory that probably weren’t even queued up to be sent at a later point when there was connectivity.  Unfortunately, this Angolan ended up getting arrested and detained.

Part 1 is here

Advertisements

USENIX gives the finger to Volkswagen’s attempt to silence disclosure

2 Comments

The High Court of Justice in the UK judged that researchers who found potential weaknesses in the Megamos cryptography that car maker Volkswagen and many luxury car makers use for their wireless key entry systems could not publish their research.

Since this court does not have jurisdiction here in the USA and such a judgment would be a violation of our Constitutions’ 1st Amendment anyway, the Advanced Computing Systems Association aka USENIX decided they would allow the researchers to present their findings at the next USENIX “HotSec” information security conference later this month on August 13 in the District of Criminals  Washington, DC.

Good on them!  I am definitely proud to be a long-time member of USENIX and even more so after hearing of this news.

On a more sardonic note, lots of people note that Volkswagen was a product of a Nazi organization as a direct result of a fervent request by Hitler himself to produce a car that everyone (in Germany) could afford.

For those that argue against full disclosure and for security by obscurity alone, particularly the kind enforced by crony capitalism and its thuggish protection rackets, this is what happens when you try to hide the truth.

Photo credits: GDF – S2 – 2011

Huge data leak at Swiss government intel agency

1 Comment

Schweitz
A “European security source” has told Reuters about a technician at Switzerland’s Nachrichtendienst des Bundes (NDB) that made off with a large amount of classified data related to information sharing about counter-terrorism. He was arrested last summer after being observed for some time. Apparently data used by the UK and USA are at particular risk.

This could also be a signal of a retaliatory leak. You never know with these spook types, especially with something as nebulous as “counter-terrorism” which is a daily reality in politically polarized countries like Israel but hardly anything to worry about in the US and UK. The anticipated leaks (look for Wikileaks to publish something about Iran giving “WMDs” to Syria and the intent to use them) could have deflecting disinformation in them that reinforce existing propaganda such as the NIST report on 9/11. Note that the Obama administration was depicted in the mainstream media yesterday as talking tough to Syria about WMDs.

Take into account that Assange buys the conventional 9/11 story, which along with the Warren Commission report on JFK’s assassination is fictional and not even entertaining fiction at that. Also, while the State Dept leaks put out by Wikileaks was certainly embarrassing for Hillary Clinton, there was really nothing shocking in the cable disclosures. Mostly the stuff of gossip and soap opera scandal. Arguably much of that was disinfo, too.

Anon cracks DEBKAfile

Leave a comment

anon-debka

For quite some time now, various personalities in the alternative media have opined that the Israeli news site DEBKAfile is a thinly-veiled Mossad propaganda mouthpiece or something to that effect. Crackers claiming affiliation to Anonymous have announced that they have cracked DEBKA’s website and a subsequent dox-drop with email addresses and (typically weak) passwords shows that there may be some truth to this. Not surprisingly, there are some duplicates with the Stratfor dump. Kind of a “Who’s Who” of AIPAC supporters and US Zionists.

Skiptracing of the recently released DEBKA subscribers list.

Done by: Flipside, aka Robert Goodwin at http://www.contextflexed.com (I don’t need to be anonymous).

Provenance of data: Cryptome, Spokeo, Pastebin, Scany, Google, Intelius, Whois, DeepWhois, LinkedIn, Facebook, PDFs, Webboar.com, actual homepages, Website/Staff pages.

Caveats:
1) Some names were not found.
2) Items listed “(Spokeo)” only have Spokeo as a source, which is error prone.
3) Items marked “(Guess)” are educated guesses. I made 6 of these, based on general similarity to other profiles and links to Israel.
4) I don’t believe Anonymous is correct in their opinion that every subscriber is an Israel supporter. Some might just want access beyond the DEBKA paywall. I almost subscribed once.
5) This is all public source information designed to educate, and alter politics lawfully.

Why did I do this?: I am an anti-Hasbara writer who does not want to go to war against Iran simply because it is lucrative and appealing to some companies and some ethnic and religious nationalists. I have also had my distaste of being farmed for profit by the anti-terrorism roadshow and by fake investment firms. The DEBKA dump was a boon. I hope any of this information stops war racketeering and reduced human suffering.

Observations: By and large, DEBKA readers tend to be Financial Brokers, Lawyers and Real Estate Agents, wannabe guardians of the realm, exchequers, peddlers of mumbo-jumbo business services, a good deal of hustlers from Boca Raton, Palm Beach, war profiteers, and at least three certified insider trading swindlers. There are also Rabbis, aliyah steerers, some entrepreneurs and academics. One guy professes a love for hive minds, and another is running Infragard and defending America from flammable paper balloons.

hat tip to Cryptome!

Anon hits RFID-using school district’s website

Leave a comment

In an interesting and viral turn of events, a twitter user named @RemainSilentz has claimed to disable the website of San Antonio’s Northside Independent School District, who recently expelled a student of one of its high schools named Andrea Hernandez. I covered NISD RFID situation in an earlier, typically meandering I admit, post about my thoughts on RFID after having attended a protest at NISD in late September where I met Andrea and her father and a diverse number of other very lively and erudite activists wanting to outflank this phalanx of the globalists wanting total control of everything and everyone.

Anyway, it just a simple DDOS most likely and the site appears to have been going up and down, responsive as of this writing. I’m pleasantly surprised mostly at the fact that this issue is gaining global traction. It’s nice to see mention of this while doing my daily perusal of tech websites (in this case, a UK one) while I’m in a more vocational state of mind.

How to jack someone’s Skype account if you just know their email address

Leave a comment

Multiple people are posting about a very trivial “vulnerability” in Skype that allows you to take over anyone’s Skype account if you just know their email address. For some reason, when you go to reset a password for your own account or a dummy account you create, if you put in the victim’s email address for the password reset (assuming you already set your own email address for your own or dummy account), you can take over their account.

From there, you can see their chat and call history and everything else. There is apparently no known defense except to change your email address to something that is relatively unknown, like create a new gmail account or something. Might want to change your account password after that.

Step-by-step instructions here.

This is massive fail on the part of Skype, which is used by loads of people globally.

Update: Skype has disabled that password reset feature.

“cyber” attack to be trotted out for a false-flag against Iran (or maybe China)?

Leave a comment

From an email I just got:

Announcing a Webinar/Teleconference on
Why “Cyber Pearl Harbor” Won’t Be Like Pearl Harbor At All…

Wednesday, October 24, 2012
2:00 to 3:30 p.m. ET
Exclusively avaialable via web or teleconference

Featuring

Lawrence Husick, Senior Fellow, FPRI
Edward Turzanski, Templeton Fellow, FPRI

On October 12, 2012, Secretary of Defense Leon Panetta
warned that the United States could face a “cyber Pearl
Harbor” as cyber actors launch simultaneous attacks on our
critical infrastructure, in combination with a physical
attack. Mr. Panetta’s warning was both embarrassingly late
and stunningly lacking in both reality and imagination.
Lawrence Husick, FPRI’s co-chair the Center for the Study of
Terrorism, and a patent attorney and self-described computer
hacker, will address the threat that faces the nation, and
why both public and private sector perceptions of the threat
and reactions to it give little hope that we will be able to
avert serious consequences of disruption and violence in the
cyber domain. Mr. Husick’s June 2011 briefing on this topic
was described by former National Security Advisor Robert
“Bud” McFarlane as, “the best I’ve heard from anyone
anywhere.” Join FPRI on October 24, 2012 at 2:00p EDT to
learn more about this critical issue in national security.

Edward Turzanski is Co-Chairman of FPRI’s Center for the
Study of Terrorism and he is FPRI’s first Templeton Fellow.
He has extensive experience in service to the US
intelligence community in the Middle East and Central Asia.
He regularly appears on air, offering commentary on CNN, CNN
Headline News, Fox News Channel, MSNBC, and assorted
international media organizations. During the Bush (43)
Administration, he was a member of the U.S. Department of
Justice Anti-Terror Advisory Committee for Region III and
the Department of Homeland Security Port Security Committee
for the Port of Philadelphia.

To register for the free webinar/teleconference visit:
https://cc.readytalk.com/r/pg01470bkf5s

Listeners may submit questions online or via email.
Email your questions to questions@fpri.org.

For more information and updates visit:
http://www.fpri.org/events/2012/20121024.webinar.cyberwar.html

or contact Harry Richlin at
(215) 732-3774, ext 102 or
Email: hr@fpri.org

mmkay. P.S. nobody but the government and its various “think” tanks uses “cyber” any more.

Older Entries