[Crypto-chi] NSA to infect millions and bypass crypto
Dan Massoglia
dmassoglia at gmail.com
Thu Feb 19 01:54:10 CST 2015
It's totally concerning (esp because, beyond the heart of this user's
group, attacks on crypto standards/sitting on weaknesses diminishes the
security of the web in general). Dual_EC_DRBG too. (great resource
http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html;
http://blog.cryptographyengineering.com/2015/01/hopefully-last-post-ill-ever-write-on.html;
and see
http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/
)
Leaks made this happen so an important takeaway is transparency. (though
that doesn't happen overnight)
On Thu, Feb 19, 2015 at 1:42 AM, joe fuentes <joseph.fuentes at live.com>
wrote:
> hi everybody
>
> Whilst it's true that a lot of the stuff that the Feds are trying to do
> is not new like keylogging and there's a lot of going over stuff that's
> been done previously even by crime grade baddies (see
> https://blog.bit9.com/2015/02/18/equation-group-report-reveals-something-we-already-knew/)
> there are some disturbing topics with this new malware. And other dubious
> tactics adopted by the g-men to defeat crypto which is germane to the
> heart of this users group.
>
> In addition to the tried and true webcam captures and all this stuff, the
> firmware in HDs is compromised which defeats at first appearance a lot of
> wot we're doing in the cryto space.
>
> http://www.pcworld.com/article/2884952/equation-cyberspies-use-unrivaled-nsastyle-techniques-to-hit-iran-russia.html
>
> As a corollary , there's Fanny worm which cloaks itself a regular common
> crook malware whilst hiding its real nefarious deeds. To do reconnaissance.
>
> http://www.pcworld.com/article/2885192/fanny-superworm-likely-the-precursor-to-stuxnet.html
>
> And the show doesn't stop there. NSA has purportedly defeated crypto
> technologies with Google, Facebook etc by undermining SSL, VPNs, TLS.
>
> http://arstechnica.com/security/2013/09/nsa-attains-the-holy-grail-of-spying-decodes-vast-swaths-of-internet-traffic/
>
> Stay with me on this.
>
> Intel allegedly weakened its RdRand processor instruction used to generate
> random numbers to make them cryptographically weak. Even Bruce Schneier
> weighs in on this.
> https://www.schneier.com/blog/archives/2013/09/surreptitiously.html
>
> Which caused Linus Torvald of Linux fame to discard call not to use RdRand
> in Linux. And give the camera the finger. Funny pic.
> http://www.theregister.co.uk/2013/09/10/torvalds_on_rrrand_nsa_gchq/
>
> Now, as correctly pointed out we're not living in foreign countries
> (though I have), all of these tenebrous techniques can be turned against
> ordinary netizens like us. Some of us may indeed by members of an NGO. Or
> have interests that may trigger review. If viewed suspicious by the feds
> for WOTEVER the reason we could be targets. See for instance that readers
> of Linux Journal - I am one of them - has been flagged by the NSA for extra
> monitoring (
> http://www.linuxjournal.com/content/nsa-linux-journal-extremist-forum-and-its-readers-get-flagged-extra-surveillance).
> Tor users become Fed targets.
> http://www.theregister.co.uk/2014/09/19/fbi_overseas_hacking_powers/
>
> Aside from having a good lawyer defend us, we rely on crypto technology to
> defend our privacy and help keep us safe from prying eyes. Thanks goodness
> we have folks like the Tor project team and Linus Torvald who said NO when
> approached by the Feds to implement back doors so they can get in.
>
> The point is all this technology we rely on is under attack. And heaven
> forbid this malware falls into the hands of cyber criminals. Our bank
> accounts, medical records - all that stuff - would be at high risk.
>
> That is wot is so concerning about these hacks and malware. Don't you
> think?
> -Joe
> > Date: Wed, 18 Feb 2015 10:09:56 -0600
> > From: brian at fiberoverethernet.com
> > To: cryptoparty-chi at groups.sshchicago.org
> > CC: joseph.fuentes at live.com
> > Subject: Re: [Crypto-chi] NSA to infect millions and bypass crypto
>
> >
> > There is a key sentence in the article: " [...] targeted computers and
> > to siphon out data from foreign Internet and phone networks."
> >
> > You are not the specific target. The NSA is not your enemy. You don't
> > live in a foreign country, or run a foreign network that is used by
> > foreign governments, advocate groups, NGOs, or open source projects
> > intended to safeguard people like the Tor Project.
> >
> > Key logging is nothing new. Webcam or Microphone monitoring is nothing
> > new. TAO is nothing new. This article rehashes everything we already
> > know.
> >
> > The USG and others are trying to circumvent encryption in so many ways,
> > why you ask? Because strong encryption WORKS and they CAN'T defeat it.
> >
> > -Brian
> >
> >
> > On 17-02-2015 23:20, joe fuentes wrote:
> > > Hello everyone!
> > >
> > > Whilst this isn't surprising to read about the NSA - and its brit
> > > lackey dog, the GCHQ - is up to its old bag of tricks, wot is a bit
> > > disturbing is how it plans to get around crypto by utilizing implants
> > > and enable keylogging, webcam and microphone captures and other
> > > dastardly and diabolical shenanigans. The first part of the article is
> > > standard stuff though very interesting read but pay close attention to
> > > the section beginning with CIRCUMVENTING ENCRYPTION.
> > >
> > > Now I pose a question to the group; whilst we use crypto tools to
> > > guard our privacy _how in the heck do we cope with wot these
> > > intelligence agencies are doling out as described in this article
> > > _(which wuz based on the Snowden leaks)??
> > >
> > > Thoughts?
> > >
> > >
> https://firstlook.org/theintercept/2014/03/12/nsa-plans-infect-millions-computers-malware/
> > > [1]
> > >
> > > -Joe
> > >
> > >
> > >
> > > Links:
> > > ------
> > > [1]
> > >
> https://firstlook.org/theintercept/2014/03/12/nsa-plans-infect-millions-computers-malware/
> > >
> > > _______________________________________________
> > > cryptoparty-chi mailing list
> > > cryptoparty-chi at groups.sshchicago.org
> > > http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20150219/f2929b5f/attachment-0001.html>
More information about the cryptoparty-chi
mailing list