The Startling Array of Hacking Tools In NSA's Armory 215
littlekorea writes "A series of servers produced by Dell, air-gapped Windows XP PCs and switches and routers produced by Cisco, Huawei and Juniper count among the huge list of computing devices compromised by the NSA, according to crypto-expert and digital freedom fighter Jacob Applebaum. Revealing a trove of new NSA documents at his 30c3 address (video), Applebaum spoke about why the NSA's program might lead to broader adoption of open source tools and gave a hot tip on how to know if your machines have been owned."
2013 (Score:5, Informative)
Re: (Score:3)
The person who can figure out how we can have all our tech toys and our privacy too will earn a fortune
They'll earn some money for sure, but not a fortune. The public & the bean counters are more interested in low prices than privacy. If your 'private' device is $100 more, everyone will buy the cheaper device.
Re: (Score:2)
It will be made illegal. In many ways it already is. You must submit the key to encrypted material if proper law enforcement asks. Your lines are allowed to be tapped. Your locks are allowed to be broken.
The problem is not the agency, but the paranoid and ruthless people who abuse it. There are many people in law enforcement/intelligence communities who are honest law abiding citizens! There are a few who are not. The question becomes how do we watch the watchers? How do we catch the abusers? I am
Re: (Score:2)
The person who can figure out how we can have all our tech toys and our privacy too will earn a fortune.
Given how the majority of the population is trying to share every piece of information about themselves that they can online, I doubt that would be true. Security/privacy is too inconvenient.
Re: (Score:2)
There's no quick tech fix for this. Mostly because the problem is partially cultural. Qualitative trust webs have to be academically validated, then essential behaviors to support them have to be installed in the population. It will take at least decades and most of the work will go completely unrewarded, because our monetary/compensation system is hopelessly corrupt, being that it also needs said fix.
Spy tools (Score:5, Insightful)
The debate is not whether the spy tools should exist, but how they should be used. The NSA was originally meant to be a support organization that assisted the CIA and other federal agencies in protecting national security interests globally; Hence the name National Security Agency.
What it has become lately, thanks to the Department of Homeland Security and our idiot congresscritters, are lackies for the FBI. The FBI has a terrible record going all the way back to the Prohibition of doing whatever it wants and generally running rough-shod over civil rights. It has long shown signs of institutional corruption and rot. This is the source of the rot in our judiciary at the federal level... and like Midas, everything the FBI touches turns to sh*t.
Re: (Score:3)
J Edgar dreamed of having files on congress like the NSA does.
Re: (Score:2)
Exactly, the NSA has more power than any branch of government ever had. Any Judge or political official that opposes them will be blackmailed into submission immediately.
Re: (Score:2)
My one hope is Snowden got those files. But I doubt it.
The files on Congress, federal judges and the executive branch are the keys to the kingdom. They will never see the light of day.
Dumping those files would complete the Herculean task of cleaning the DC stables.
Re: (Score:2)
The NSA has always been like this. The only difference between now and the 70s and earlier is their better tools. The NSA has been an abusive, corrupt organization since its outset. The very things they are doing now is what the Church Committee and FISA was meant to prevent. FISA was not meant to be a rubber stamping of any and all actions of the NSA as it has become.
Re: (Score:2)
What it has become lately, thanks to the Department of Homeland Security and our idiot congresscritters, are lackies for the FBI.
Wrong on two counts.
NSA is not part of DHS.
The FBI is the foot soldier and sock puppet of the NSA, not the other way around.
Re: (Score:2)
Actually, it's better to say that the NSA is a support organization of the Department of Defense. And as such are often at odds with Langley since both are competing for the same budget dollars.
Re: (Score:2)
Not quite. The tools would be invented by someone, eventually. And that someone will have just the same accountability issues as the NSA. So you are guaranteed tools of this power being used by some megalomaniac or diabolical mastermind. So they cannot be factors in the equation.
The first question is how to upgrade security to the point that no such tool can ever work. Future tools, who knows, but this grade of attack must be permanently beyond anyone's capability.
I can picture ways of making it very, very
Comment removed (Score:5, Interesting)
Re:This is not what should outrage us (Score:5, Insightful)
I'd go a step further. It shouldn't just be legally inadmissible, it shouldn't be collectable at all. If it's accidentally collected, it should immediately be purged and the responsible parties prosecuted. If the FBI wants to develop their own NSA-like capabilities for domestic law enforcement, they can do so in a targeted fashion with warrants, but the NSA should be focused entirely on overseas operations, just like the CIA, just like the military. Mixing foreign and domestic all up in one agency is a very bad idea, (I hope) for obvious reasons.
Re:This is not what should outrage us (Score:5, Insightful)
You may be not outraged that your country have weapons. But you should be very outraged that they are using them, in all the world to every innocent people (stripping basically every human of a fundamentan human right), in all the country, and in particular, in you.
If you think that what they are doing is not a crime, try to do the same and get caught, the sun will be a white dwarf by the time you can get out of jail, considering how they are punishing minor ofenses [mmajunkie.com]. If any other country would be doing the same to US, at the same level and deepness, probably a lot of nukes would be flying right now.
Re: (Score:2)
Re: (Score:2)
Hyperbole won't get you anywhere.
Quite frankly, the internet was a U.S. creation. Thus the keys to the internet always lay in the hands of the U.S. If there was anyone capable of containing the internet, it would be the U.S. That was not supposed to be. Things were not supposed to be this way.
What we understood up to two, three years ago was that the U.S. was a bastion of freedom and free speech, and thus the internet would be free from such censorship and threats of censorship. What we realize now, today,
Re: (Score:2)
No, the NSA needs to be dismantled and a new constitutional amendment explicitly outlawing this sort of wiretapping on anyone, us citizen or not unless they have a REAL warrant from a REAL judge. Like the man said, They've even compromised Solaris. Which group of Terrorists is using Solaris? This has nothing to do with protecting us, and everything to do with controlling us.
Re: (Score:2)
We already have the 4th amendment. What we need are judges that will uphold the laws we already have and not subvert them to serve the government's own interests. More laws won't fix this mess.
Re: (Score:2)
The real illusion is to believe in the paradigm of hierarchy and security clearances. The social class system is based on the level of information made available. The ones on top are liberated, and they most likely want to keep it that way. The funny thing is that it's all based on nothing, because everybody can act however one likes regardless. The system is build with sand, which can be blown away without any effort. The scariest thing is how much real iron the illusionary system has accumulated for prot
Re: (Score:2)
Not every country is as bad as the US/UK. Don't try to excuse what they are doing by claiming everyone else is at it. Germany didn't try to tap Obama's phone, and I doubt they would try because among allies there are lines, and crossing them is a good way to get yourself excluded from intelligence sharing agreements. Plus, it's just a dick move.
Cisco and Huawei (Score:4, Interesting)
Given all the US lobbying against Huawei gear [forbes.com] being used in critical infrastructure [businessweek.com], it seems odd that the NSA is claiming they have managed to penetrate these routers.
Perhaps while NSA was powning Huawei routers they discovered they were already compromised.
Seems far more likely that in doing so, the NSA penetration was in turn detected and prevented by Huawei, or they haven't been able to penetrate to the extent they have with Cisco routers, and therefore they need to keep these out of critical infrastructure.
Re: (Score:2)
In the Huawei case, it's entirely possible that Huawei's competitors were better at lobbying than Huawei. See also Apple vs Samsung.
Re: (Score:2)
They know the Chinese have managed to penetrate them precisely because they have penetrated them the same way.
Silly me (Score:2)
Silly me, I thought the reason for NSA's existence was to make it HARDER for the bad guys to attack our infrastructure, not easier. Shows how little I know about how Washington "works" for us.
at the risk of sounding paranoid (Score:4, Insightful)
Re: (Score:2)
so who else owns my electronic toys?
If you have an iPhone/iPad/iPod, Apple.
If you have an Android phone/tablet, Google, and likely Samsung/HTC/Hawei/LG.
If you have a Windows Phone/tablet, Microsoft, and likely Nokia/HTC/Samsung.
If you watch movies on your phone, the MPAA.
If you play music on your phone, the RIAA.
If you have a data plan on your device, then AT&T/Verizon/Sprint/T-Mobile, or your regional MVNO.
Re: (Score:2)
In some cases, the weakening of encryption standards done by the NSA, and various backdoors they've managed to install in systems used by everyone, there may be foreign and criminal organizations that are simply riding the NSA's coattails to compromise your security in the exact same manner.
But you're right, if the NSA has been doing this, so has everyone else. The NSA is just better funded.
Re: (Score:2)
Re: (Score:2)
It's irrelevant if others are doing it. We have proof the NSA is doing it. They need to stop. We can worry about everyone else after we get our federal government to obey the law.
Re: (Score:2)
Its hard for any one nation to reach around the world into domestic local telco optical loops unless they risk placing their own region hardware.
The NSA and GCHQ really have the 'only' global solution to that domestic or regional problem - the old/new Commonwealth countries, many new/old shared bases, invites into countries to 'help' by new nations, failed cou
Remote BIOS flash? (Score:2)
Re: (Score:2)
Likely they either:
Paid the company that designed it
Bribed someone working for that company
Simply got their own NSA agents hired at the company with the sole purpose of having them write exploits into the code (most likely)
Re: (Score:2)
So basically no online banking platform can be safe once these exploits are released into the public? I do wonder though how they do it though.
I'm not quite sure I understand your question. I would rearrange the ideas this way- No online banking platform will be safe until these exploits are known publicly, and defended against technicly. As to your title- makes you long for the days of flash-write-protect jumpers and dipswitches doesn't it...
There goes the economy. Thanks NSA. (Score:2)
Nevermind "thanks Obamacare", now nobody is going to buy *any* technology from a US vendor because it's likely compromised by the NSA.
Just like you don't want to buy from a purely Chinese vendor because it's reporting back to the Chinese version of the NSA.
So, thanks to the NSA and China having a dick-measuring contest on why can spy more, the internet is essentially fucked. No privacy, no e-commerce, hell, no commerce (thanks Target), unless it's all cash.
So the only place you can trust is (ironically), Cr
Congress should require NSA to reveal exploits (Score:2)
If Congress required the NSA to reveal exploits of US made products within 30 days it could boost US sales.
Windows error reports (Score:2)
Talk about a lot of data
The entire catalog can be viewed here: (Score:2)
Can't even trust Santa (Score:2)
From TFA:
intercept the hardware in transit, and take it to a secret workshop where it could be discretely fitted with espionage software before being sent on its way.
I blame it all on bad elves.
I'll admit it ... (Score:2)
This stuff goes far, quite far, and to quote Jacob Applebaum: "I can't remember voting on any of this stuff, or even having seen a public debate on it".
How about you?
If your machines have been owned .. (Score:2)
Where could the code be hiding
heh! (Score:2)
The sooner I get my PhD in computer engineering, the sooner I can do something about there being fewer stories like this.
Re: (Score:3)
Did you see that compromised on board network adapter or the USB cable? Those things were amazing pieces of tech.
The network adapter really just looked like a big RJ45 jack with some hardware on the back. That's what the non compromised version looks like. It does all the layer 1 stuff right there so you don't need to worry about things like impedance matching. The NSA added an extra chip which is invisible from the outside that acts as a second layer 2/3 controller. A simple single component replaceme
Ladies and Gentlement ... (Score:2)
All hail the New World Order and our masters at NSA. I was not a true believer in the NSA NWO but then I watched the 30c3 vid mentioned in the summary. Holy crap. No wonder Charlie Stross gave up on his next novel. I am now beyond horrified and simply in awe of our new Overlords.
How cute! (Score:2)
Re:Open source? (Score:5, Insightful)
What sort of straw man is that? No one has claimed that it is impossible to sabotage open source software. But the fact that the saboteur would at least have to try to hide it, which is not the case with secret source software, puts them at a huge disadvantage.
Do you leave your front door unlocked because you're not 100% sure that your lock can't be picked?
Re: (Score:2, Insightful)
At the end of the day, you have to trust someone either way. Saying "It's open source, and therefore more trustworthy," is bullshit--because unless you or someone you trust has went through it line by line, it's functionally little different than trusting a closed-source binary. It's just a false sense of security most of the time.
It comes down to who you trust, not whether their software is open or closed source.
Re: (Score:2, Interesting)
I disagree. The code is out, anybody can review patches, etc. At least if it is developed in an open manor (ie truecrypt is a fine example of an application we shouldn't rely on as while its code is available its development is not transparent). If something is published that's nefarious you have to make some sort of effort to conceal it, and if its developed transparently as well all the more so. If it is proprietary you have to make zero effort to conceal it.
Re: (Score:2)
If it is proprietary you have to make zero effort to conceal it.
Well, you should at least probably ensure you turned on the right compiler options to strip the NSA_BACKDOOR_PASSWORD identifier out of the binary.
Re: (Score:2)
All that only helps if you're comparing checksums and compiling your own binaries.
If you're not paranoid enough to do that, you're trusting that the compiler/packager/distributor of the binaries didn't amend the source or have a compromised compiler toolset.
If I were to go about attempting to compromise all the (pick-a-Linux-variant) systems out there, I wouldn't submit my "improved" code to kernel.org, but I might attempt to load a compiler at (distributor of selected Linux variant) with a surreptitious pa
Re:Open source? (Score:5, Insightful)
Open source is no more secure than closed source, for a host of reasons, but at least with closed source, you know where the code came from and can judge it based on that.
You have absolutely no idea where the code came from with closed source. Could be from anyone. Not much different from open source except for the fact that with open source you can at least theoretically examine the code itself even though in most cases that will never happen.
Re: (Score:2)
The company selling the closed source software is where the code came from. It's their responsibility, it's their business and reputation on the line, and if they're using libraries they didn't develop in-house, it's their job to know how those work too. If they do something bad (and really, it's not that hard to tell if some software is leaking data or accessing files it shouldn't), they'll be the ones held responsible.
By its very nature, open source code can be manipulated by anyone, with potentially ulte
Re: (Score:3)
Free Software folks have their reputation too, and often that is the only thing motivating them.
Re: (Score:2)
That closed-source company may _want_ to stand on their reputation. But they can be ordered to backdoor the software against their will and in secrecy. This is no longer a hypothetical argument, and it _is_ harming the reputation of businesses.
This is a great time for competitors of US tech companies.
Re: (Score:2)
If they do something bad (...), they'll be the ones held responsible.
Let's review every single EULA I've ever read going back 35 years or so...
The software is provided "as is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose
They may be responsible, but they're probably not liable and I'm the one who is likely to get injured.
Re: (Score:2)
What percentage of computer users in the world are capable of finding security issues by looking through the code. How many semi competent application programmers are capable of the same thing? Operating System level code has very little in common with application level code and unless you have a lot of real world experience good luck on finding any undiscovered weaknesses by looking at the source code. The majority of hacks today involve social engineering targeted towards tricking the average user into do
Re: (Score:3, Insightful)
You may know where the binary came from, but you have no idea where the code came from. And for all you know, neither did the person who signed the binary.
Re: (Score:2, Informative)
Seeing as how it's the binary you're running, what's the difference? If a company is compromised, they're screwed. People won't buy their software again, they'll know to stop using it. This should make companies careful, and if they're not, they'll get in trouble soon enough. Some anonymous party puts up a clever back door in a patch, what is a user to do then? Whose reputation is damaged?
I am by no means claiming closed source is more secure than open source, I'm saying they're equally insecure. I'm also s
Half a straw man (Score:3, Insightful)
You see, there is a big flaw in your point. _IF_ the only developers were in the US, you may have a better point. OpenSource is not just coded in the US, and the eyes looking at the code are all over. I think for a while you had a level of trust among OpenSource crowds that everyone was equally altruistic and freedom loving. I am pretty sure that when the leaks came out a few years ago about the NSA jacking encryption that trust evaporated pretty quickly.
What you may want to believe is that all of these
Re: (Score:2)
You are extrapolating way too much to be coherent. We can break down your point into 2 categories. Hardware and Software. For the sake of debate, let us assume that a BIOS, Firmware, PROM, etc.. is Hardware. Why we can do that is because "normally" you can't edit PROM or firmware on a machine that's running. ILO/LOM/ILOM/ALOM/DRAC, etc.. today give some level of access to that software. Personally I'm not a fan of those systems without in depth analysis of what they are, how they are built, etc... Th
Re: (Score:2)
Network effect works. They would hate to put an encryption key in plain text or the channel they use to send the data, or the destination name/address, so putting in a souce code that anyone could eventually see is a big no. Regarding binary packages, if well some distributions could be compromised by secret laws (RedHat at least resides in US) the code release that they must do ensures that other projects can pick the source, recompile it and use them instead (i.e. Centos), and if you trust the distributio
Re: (Score:3)
No, nor should you need to.
For anything sufficiently widely used you will have several competing groups looking at it...
With american commercial software you likely only have the vendor and the nsa looking at it...
For something like linux you have not only the nsa, but also several foreign governments looking at it too. While you may not be able to trust a single party, the chance of error decreases when you have multiple parties who have no reason to collude together.
Re: (Score:2)
One problem here is that the "multiple parties" are looking for holes to take advantage of, not to fix.
Another problem is that for example Linux is generating more holes per week than it is fixing, and the attitude sucks (https://lwn.net/Articles/538600/, https://lwn.net/Articles/313621/ [lwn.net], etc).
If OSS were serious about security they would immediately use grsecurity and managed runtimes (JVM and like). I don't expect either happening anytime soon.
Re: (Score:2)
Re:Open source? (Score:5, Insightful)
Better check your compiler while you're at it, and your hardware.
Re:Open source? (Score:5, Informative)
You don't trust your compiler (and compiler vendor)?
http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]
Re:Open source? (Score:4, Informative)
You should be pointing people to this instead:
"Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers"
http://www.dwheeler.com/trusting-trust/ [dwheeler.com]
Re:Open source? (Score:5, Interesting)
NSA does SIGINT, or signals intelligence, and it doesn't matter what computer solution you think you found, they will own you. The only solution is to avoid all computers. Have something important to say? do so in person. An important thing to record? Write it down. Heck, even the USPS or FedEx seems to be less compromised - they record the address info (metadata) but I haven't seen anything to imply they've been opening the letters.
CIA and FBI do HUMINT, or old-school spying, but from what I've heard their skills here have withered as they've focused on SIGINT themselves.
inb4 encryption - I assume that they can crack any encrypted files, or they wrote the specs in the first place.
Re:Open source? (Score:5, Insightful)
They do photograph every single letter and parcel, as well as x-ray scan everything that goes through their facility.
Is that "safe"? I don't know.
Can they discern written text inside a letter in an envelope, through x-ray scanning? I don't know.
Are they photographing every letter under extreme bright lights, making the container effectively transparent?
Not sure, but it's worth exploring every single one of those questions.
Re: (Score:2)
while we're investigating things, I wonder how secure a one-time pad is. obv you would need to decode the message by hand.
Re: (Score:2)
Or hash it with a strong algorithm and use along, non-entropic, unpredictable, rotated salt.
Re: (Score:2)
...use "a long", not "along", damn Mac keyboard! :)
Re: (Score:2)
A truly random OTP does not require any further coding. There is not even any point in trying brute-force. Any text of the same length of the cyphertext is a potential plaintext without any way of telling if this is the correct one.
Re: (Score:3)
No. I think you've misunderstood one-time padding (or brute-forcing).
Brute forcing is when you try (almost) every possible key, which is significantly shorter than the message, to see what the message will turn out with said key hoping to find the right one. If the message turns out to make sense (contain english words or ascii alphabet for example) it is likely to be correct.
With OTP the key and the message are of equal length. Going through every key is the same as going through every possible message. So
Re: (Score:3)
Re: (Score:2)
I think there's a "how to make a tinfoil hat for your written correspondence" instructable out there.
Re: (Score:3)
.. Maybe I missed some context here, but as a former FedEx employee with frequent contact with current FedEx employees, I've not heard of every fedex package being subject to x-rays or picture collection, although I wouldn't be surprised at the latter since I believe they've installed state-of-the-art OCR for QR reading on the airbills. The closest thing to x-rays I know of are the laser scanners used for calculating dimensions/weight (dimweight) for appropriate billing (people marking "1 pound" on their L
Re: (Score:2)
I imagine there's not a need to image the Fedex packages because it all goes into your DB anyway, which they undoubtedly have access to (if you know it or not). I agree that x-ray is implausible.
Re: (Score:3)
They do openly state on their website that they randomly x-ray scan packages however:
http://www.fedex.com/gh/shippingguide/terms/#11 [fedex.com]
Re: (Score:3)
That's fine, my handwriting is strong enough a cipher as it is.
Re: (Score:2)
inb4 encryption - I assume that they can crack any encrypted files, or they wrote the specs in the first place.
Go back to 4chan, and don't forget your tinfoil hat.
Re: (Score:2)
The article and another one like it I saw on the Guardian indicates that the NSA will intercept your mail (called an interception! ) and "configure" any hardware you ordered then send it on its way.
Re: (Score:2)
You overestimate their abilities. They couldn't even detect when Snowden was operating inside their network, and have been unable to determine what he took out prevent it being published. They know who had copies of the material, who is working on it, and for all their targeted hacking and exploits they can't do shit about it.
They have some scary tech, sure, but if you are careful there are limits to what they can do. For example this story states that they intercept computers being delivered and bug them.
Re: (Score:2)
And what about the applications the undercover NSA employees take? They are quite active in the open source community.
Re:significant intel? (Score:5, Insightful)
There is some indication that the NSA is a rampant bureaucracy run by geeks with an unlimited budget who do things just to see if they can, but that doesn't mean they haven't gotten useful information or accomplished anything significant. I'd say the destruction of Iranian centrifuges was a master stroke, personally.
Now, as for their domestic surveillance operations, I'd say it's pretty fair that they've not prevented any terrorist attacks whatsoever. That's the problem with broad collection of data, it's all the harder to sort through for anything useful. It's unfortunate that they're going to keep trying, instead of returning to targeted intelligence gathering.
Re:significant intel? (Score:4, Insightful)
If they had prevented any terrorist attacks, they'd be shouting it from the rooftops right now in an attempt to win more political support and counter any representatives who question their broad spying progams.
Re: (Score:2)
Well, in fact they did claim they stopped terrorist attacks, but that was later determined to be a complete fabrication.
Re: (Score:2)
In short, neither Microsoft nor Yahoo fought the issue and didn't require a court order. The information is consistent with what we've learned about the operations of the NSA involving those companies. You also overlook that it is CNN that labels it as NSA, not me. Even given NSA's involvement they clearly have wanted to stay out of the spotlight and would likely have handed the information to the FBI which has liaisons with overseas law enforcement agencies. At the end you are still stuck trying to exp
Re:significant intel? (Score:5, Insightful)
I'd say the destruction of Iranian centrifuges was a master stroke, personally.
Why? Because the same people that destroyed their infrastructure told you that Iran is "evil"? Does "Iran = evil" mean that we should act in an evil fashion? Is Iran as evil as people tell you? Personally I no longer believe that line of rhetoric (30 years ago I did). I believe that two wrongs don't make a right. I also believe that we should treat people equally, regardless of Religion, Race, or gender.
For the duration of my life, which is longer than most people on this site, I have heard about how Iran is "evil" and plans to take over the world. I heard about how they hate Israel, but have never seen them do anything outside of their borders. They yelled a lot when Mossad allegedly destroyed infrastructure, but I have not seen the Republican guard blow shit up in Israel or even be accused. How "bad" or "good" the treatment of their own people is becomes subjective to the people that live there, not my opinion, and that treatment is based on their Religion. The US denounces Iran and their beliefs, yet we have no problem with Talmud Jewish beliefs that much of Israel follows (not to be confused with Rabbinical Jewish beliefs).
I'm not claiming that Iran does not do wrong things, but as a whole and in comparison to the US it's not even close. We went to war with Iraq on a completely fabricated premise killing millions. We helped a revolt in Libya, Egypt, are helping in Syria. We give arms to some 'terrorists' and launch Hellfire missiles at others. We have soldiers that will tell you stories about how the poppy growth in Afghanistan has boomed under US control, yet under the Taliban it was outlawed and production was virtually stopped. Today world wide heroine use/production/trafficking is killing more people than the Taliban ever did.
I'm also not claiming that Israel is "bad" because I don't live there so only have 2nd hand knowledge.
The point is, that the US is not some "justice" force out there righting wrongs and correcting injustice. Quite the contrary, we are causing more harm than helping in numerous countries. We, the intellectuals, really need to challenge handed down propaganda. Instead of accepting it, try to question it.
Our founding fathers had a mountain of quotes I could refer to, but I won't. We were supposed to be the example for Free Society, Republican Government, and tolerance. We were not supposed to be a thug.
Re: (Score:2)
Killing a bunch of wageslave (or just regular slave) engineers in the process. When the innocent become expendable, no matter how valid the cause, when murder and terror become alternatives to diplomacy, the aggressor is not fit even to be spat upon. You know why William Gibson's Neuromancer was so wrong? Technology is progressing far faster, sure, but that's normal in sci-fi. No, William Gibson's mistake was in not foreseeing how degenerate humanity can get.
Re: (Score:2)
... not foreseeing how degenerate humanity can get.
Foreseeing? Humanity is at its least degenerate today, at least in the developed world. It's not long ago when things we now consider totally depraved were considered normal. Just think about the world wars of last century, then consider what was done in the age of colonialism, and things just get more grisly the farther back you go.
Getting some engineers of enemy tribe killed is nothing in the grand history of humanity.
Re: (Score:2)
Yeah, except your Cisco-and-NSA-compromised router with the "if pktaddress=nsa.gov then allow" rule hidden and permanently on will just pass it and not log or tell you anything... As a plus, your Microsoft-and-NSA-compromised systools won't show the traffic, either.
Re: (Score:2)
I got myself a handful for christmas, which should in combination with a MCU give a known-good network tap.
Problem NSA?
Re: (Score:2)
Re: (Score:2)
A lot of these names probably come off of random word lists, to help disguise the purpose in case foreign agents learn of a code name.
Re: (Score:2)
hope and change already happened. Hope peaked and reverted to the mean. Change happened but was largely a downward trend.
Re: (Score:2)
Is this one of those fabricated scandals like Benghazi, Fast and Furious, the IRS going after conservatives, the President lying about the AHA, Holder lying in front of congress repeatedly..
Not at all like those ones, With those ones they just denied it even happened or blames things that had nothing to do with the issues. With this they admit that its happening and dont even pretend to care that they are abusing their power
Re: (Score:2)
Probably it was in the video, because people seem to think everyone has time to watch oodles of video without a posted transcript to skim over, and nobody cares to actually associate their hyperlinks to the text they attach the href to.
Re: (Score:2)
It is in the video which is definitely worth taking the time to watch. He mentions several things to look for, pictures of lots of the hardware they slip into people's computers, and specifically mentions looking for UDP packets encrypted with RC6.
Not posting anonymously because I want those fuckers at the NSA to know what I think of them.
-AndrewBuck