Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Privacy United States

The Startling Array of Hacking Tools In NSA's Armory 215

Posted by samzenpus from the pick-your-poison dept.
littlekorea writes "A series of servers produced by Dell, air-gapped Windows XP PCs and switches and routers produced by Cisco, Huawei and Juniper count among the huge list of computing devices compromised by the NSA, according to crypto-expert and digital freedom fighter Jacob Applebaum. Revealing a trove of new NSA documents at his 30c3 address (video), Applebaum spoke about why the NSA's program might lead to broader adoption of open source tools and gave a hot tip on how to know if your machines have been owned."
This discussion has been archived. No new comments can be posted.

The Startling Array of Hacking Tools In NSA's Armory More

The Startling Array of Hacking Tools In NSA's Armory

Comments Filter:

  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Monday December 30, 2013 @04:02PM (#45821355)
    Comment removed based on user account deletion

  • Cisco and Huawei (Score:4, Interesting)

    by icebike ( 68054 ) on Monday December 30, 2013 @04:17PM (#45821493)

    Given all the US lobbying against Huawei gear [forbes.com] being used in critical infrastructure [businessweek.com], it seems odd that the NSA is claiming they have managed to penetrate these routers.

    Perhaps while NSA was powning Huawei routers they discovered they were already compromised.

    Seems far more likely that in doing so, the NSA penetration was in turn detected and prevented by Huawei, or they haven't been able to penetrate to the extent they have with Cisco routers, and therefore they need to keep these out of critical infrastructure.

  • Re:Open source? (Score:2, Interesting)

    by Anonymous Coward on Monday December 30, 2013 @04:17PM (#45821505)

    I disagree. The code is out, anybody can review patches, etc. At least if it is developed in an open manor (ie truecrypt is a fine example of an application we shouldn't rely on as while its code is available its development is not transparent). If something is published that's nefarious you have to make some sort of effort to conceal it, and if its developed transparently as well all the more so. If it is proprietary you have to make zero effort to conceal it.

  • Re:Open source? (Score:5, Interesting)

    by noh8rz10 ( 2716597 ) on Monday December 30, 2013 @04:42PM (#45821717)

    NSA does SIGINT, or signals intelligence, and it doesn't matter what computer solution you think you found, they will own you. The only solution is to avoid all computers. Have something important to say? do so in person. An important thing to record? Write it down. Heck, even the USPS or FedEx seems to be less compromised - they record the address info (metadata) but I haven't seen anything to imply they've been opening the letters.

    CIA and FBI do HUMINT, or old-school spying, but from what I've heard their skills here have withered as they've focused on SIGINT themselves.

    inb4 encryption - I assume that they can crack any encrypted files, or they wrote the specs in the first place.

Slashdot Top Deals

If you have a procedure with 10 parameters, you probably missed some.

Close