Wikileaks how CIA is spying. every Operative System

24 risposte [Ultimo contenuto]
albertoefg
Offline
Iscritto: 04/21/2016
GNUbahn
Offline
Iscritto: 02/18/2016

No, it's good. Real good - that it is exposed.

And the content is no worse than what was expected...

albertoefg
Offline
Iscritto: 04/21/2016

Well it is good and bad.
It is bad because all those tools are out there on the wild.

Waiting for someone with even worst intentions than CIA.

Because even if all the vulnerabilities get fixed.... most devices won't get patched so the vulnerabilities will not go away..

albertoefg
Offline
Iscritto: 04/21/2016

I wonder what are stats730 thoughts about this..

SuperTramp83

I am a translator!

Offline
Iscritto: 10/31/2014

>I wonder what are stats730 thoughts about this..

I bet it has to do with the verb "destroy"

IrishUSA
Offline
Iscritto: 12/03/2016

This is what I found most interesting:

https://en.wikipedia.org/wiki/Vault_7#UEFI

>>UEFI
Copy-and-paste code was included in the leaks which allow for the exploitation of UEFI-based boot systems by altering the operating system's kernel which is loaded into memory before exiting the UEFI boot sequence. The copy-and-paste code allows for an attacker to insert a custom hook which can be used to arbitrarily alter the operating system's kernel in memory immediately before execution control is handed to the kernel."<<

As I understand it, this makes even an OS with a fully free kernel, such as Trisquel (which uses Linux-libre), vulnerable as long as it is running on a standard boot system. As of now Libreboot is the only way out.

SuperTramp83

I am a translator!

Offline
Iscritto: 10/31/2014

yea, mr Irish, it's scary shit.

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.

hack and hack
Offline
Iscritto: 04/02/2015

Not to loosen the dramatic impact of the subject at hand, but I liked that one: https://www.xkcd.com/1808/

Geshmy
Offline
Iscritto: 04/23/2015

There is a whole lot of other bad actors doing the same thing but WikiLeaks isn't shining a light on them

“If that escalates into a cyberwar, Korea is still not capable of blocking the attack with its current capacity and personnel,” he added.
Currently, China has around 100,000 personnel for its cyber control tower while South Korea has around 600.
http://www.koreaherald.com/view.php?ud=20170309000792

Chinese retaliatory actions against the deployment of a U.S. anti-missile system in South Korea are expanding into the virtual world as alleged Chinese cyberattacks on Korean websites are increasing.
http://www.koreatimes.co.kr/www/tech/2017/03/133_225311.html

South Korea's Defense Ministry confirmed that classified materials from its computer network were leaked allegedly by North Korean intruders.
http://english.yonhapnews.co.kr/search1/2603000000.html?cid=AEN20161208000800320

US law enforcement is reportedly investigating a fresh wave of cyberattacks hitting progressive and liberal groups, with the hackers demanding tens of thousands of dollars in hush money after breaking into computer networks and pilfering sensitive data.
http://www.ibtimes.co.uk/russian-hackers-accused-fresh-cyber-extortion-spree-against-us-liberal-targets-1610011

Norwegian security officials have revealed a cyberattack by suspected Russian intelligence operatives that is strikingly similar to what occurred during the U.S. presidential election.
http://www.huffingtonpost.com/entry/trump-sanctions-norway-russian-cyberattack_us_58950db4e4b0406131371177?utm_hp_ref=cyber-security

The majority of cyber attacks on northern European targets come from machines in Russia, while China is the number one source of threats aimed at the US, according to new honeypot data collected by Alert Logic.
https://www.infosecurity-magazine.com/news/europe-bombarded-cyber-attacks/

France says it was the subject of 24,000 cyber-attacks against defence targets last year.
http://www.bbc.co.uk/news/world-europe-38546415
http://english.yonhapnews.co.kr/search1/2603000000.html?cid=AEN20161208000800320

IrishUSA
Offline
Iscritto: 12/03/2016

That's a very legitimate point. Wikileaks is looking more and more like an arm or tool of Russian intelligence. Has it EVER posted anything embarrassing to the Kremlin or damaging to Putin's interests? Instead it and Assange seem intensely motivated by animus against the mainstream, big Western democracies in general and the USA in particular.

Spying is the job of a spy agency, and there could well be legitimate need to break into a criminal or terrorist's device, with a court order if he's American, and preparing the tools to do so is not ipso facto immoral. So I can't really blame the CIA for at least seeking the capability to crack security. Companies producing products that have more such flaws than would otherwise exist because of the inherent nature of unfree software and un-documented hardware is a different issue.

I'm also basically indifferent to US government spying on foreigners. What I'm most annoyed by is mass surveillance, warrantless metadata-gathering, etc., of Americans, which is why I've become more and more as strong supporter of strong crypto and fully free software for ordinary people in the USA and other Western democracies. Even that would probably not keep the NSA or CIA out of an individual suspect's device or data should such agencies focus and concentrate their immense resources on cracking an INDIVIDUAL target, and I'm fine with that since I'm no crypto-anarchist and with a warrant for probable cause I think it's appropriate to be able to do that. There really are bad guys out there and breaking crypto was a major reason the Allies won World War 2. But with widespread strong crypto, mass surveillance, data dragnets, of ordinary citizens etc. become much more difficult if not impossible - reducing the ability helps reduce the temptation.

hack and hack
Offline
Iscritto: 04/02/2015

The shit the CIA did with their "not ipso facto immoral" tools is what matters: https://en.wikipedia.org/wiki/CIA#History

I'm not saying Russia, China, or basically any government and powerful enough company are saints though. Speaking of France 'I've seen the subject twice I think), the abusive state of urgency wasn't mainly targeting terrorists. It's surfing on the fear created by the fucked up terrorist attacks and enforcing more and more mass surveillance on the inner territory. With the abuse that comes with that, which has very little to do with state security.

So when you write that you're OK with spying foreigners, as long as Americans (US) are not, it makes me cringe. You know, maybe, just maybe, there might be good people in those "foreign menacing countries". But who cares, right? It's for your security (sure...).

For better or worse, free software and a sound browsing attitude is for nearly everyone.

jorgesumle
Offline
Iscritto: 06/01/2016

> big Western democracies in general and the USA in particular.

The USA is not a democracy.

Geshmy
Offline
Iscritto: 04/23/2015

But we can still change our laws and our government if we are united enough. But we certainly are not united. Instead we are growing more deeply divided and splintered every day.

Russia, for one, is waging a very effective campaign to destroy our unity and trust and exploit our resulting vulnerability. I just put the term 'Russia's new warfare' in searx.me because I remembered reading of a Russian general who had outlined much of this new type of warfare (Hybrid Warfare). I haven't yet found that reference (possibly, Vladislav Surkov) but the amount of information searx brought up is substantial and illustrative. Destroying the people's trust in their govenment and institutions is one of the objectives in this type of warfare. Assange seems to assist, President Trump too. It remains to be seen if either Assange or Trump are consciously serving Russian interests or just playing into their hands. But change is in the air like a storm right now and the landscape can change in the blink of an eye. The death of democracy could certainly be upon us here in America and the same trends appear to be at work in Europe as well. Would that not be the end of free software. Therefore, which is more important?

I read most of the Wikipedia article 'hack and hack' mentioned. It sure isn't flatterring to the CIA's image. The CIA losing more credibility is a negative turn of events to me. Take the CIA out and where is our first line of defense?

I think today's tech industry must share blame for pourous security. Maybe it's on Samsung if their TV's can be turned into listening devices; on Apple if their phone is hackable; on Microsoft if ransomware attacks us; on Google if Android devices are subject to insecure apps maybe even made by Cozy Bear, some eastern European mafia or the Chinese military; and finally, maybe it's on the society that doesn't care enough to take up guard and demand these parties be held accountable. Last I knew, Apple, Google and Microsoft had huge cash reserves. (see: http://www.economicshelp.org/blog/21282/business/cash-reserves/ "The largest cash reserves are found amongst major US IT companies, such as Apple, Microsoft and Google.") Didn't they in part amass all those riches while putting the security of nations and their infrastucture as well as the security of individuals at risk. Shouldn't they be made to spend more of their cash to make their products and services secure? Perhaps some of their fortunes should be nationalized since they seem to only view the world through 'dollar sign' goggles.

I agree that right now, free software is more secure but it does have at least one weakness, because it's free it is harder to develop. Lots of money is needed to build major advancements in pretty much any endeavor. One of the articles I cited above says that China has 100,000 people employed in their 'cyber command tower,' I don't know if that's true but China has a phenomenal amount of manpower.

How many people in total do you think are working full time on free software? I don't know but I doubt if it's enough to be the complete answer in the time of all out cyber war.

Re 'shadow' or 'double' government, I'll definitely look at the links posted (Glennon, etc). Here is one scary group to me: http://www.alecexposed.org/wiki/ALEC_Exposed but I'm sure there are others with their own agendas. But the insistence on 'standing on principle' on the extreme conservative side has had success breaking our representative form of government by causing obstructionism to be the new norm in congress. I think the ALEC group's agenda supports a lot of that.

jorgesumle
Offline
Iscritto: 06/01/2016

Russia, for one, is waging a very effective campaign to destroy our unity and trust and exploit our resulting vulnerability. I just put the term 'Russia's new warfare' in searx.me because I remembered reading of a Russian general who had outlined much of this new type of warfare (Hybrid Warfare). I haven't yet found that reference (possibly, Vladislav Surkov) but the amount of information searx brought up is substantial and illustrative. Destroying the people's trust in their govenment and institutions is one of the objectives in this type of warfare.

Which unity? The USA always tries to find new enemies. Before it was communism, and now it's Russia. The trust in the governments is not destroyed by an external "enemy" (as some people say), it is detroyed becouse the government doesn't serve the people, but the corporations.

Assange seems to assist, President Trump too.

If Assange was in the USA, they would kill him. Assage is against the oligarchy that Trump and Hilary represent; Wiki Leaks serves transparency to the public, nothing more. Why do you say that Assange seems to assist Trump?

Geshmy
Offline
Iscritto: 04/23/2015

re "Why do you say that Assange seems to assist Trump?" I don't think I said that.

One might suppose both Trump and Assange are related to Russia which idea is being talked about much on the nightly news. For example: http://hosted.ap.org/dynamic/stories/U/US_TRUMP_RUSSIA_KEY_PLAYERS?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2017-03-14-03-26-58

re "Which unity?" That is a good question. A good form of government exists in our constitution. I think we have to fight hard and I'm not sure how to demand no one is above constitutional law.

re "The USA always tries to find new enemies. Before it was communism, and now it's Russia."

There is a ploy to direct the attention of the public to an 'eminent danger' as a means to tighten the grip on power. I honestly fear that.

President Trump talks big on eminent dangers. Puzzling is his silence about possible threats from Russia. Every security agency agrees there were extensive Russian efforts to interfere in our election process. Those same patterns are being seen throughout the EU as well.

re "government doesn't serve the people, but the corporations." I agree that is often the case (see the link re ALEC i posted earlier).

Maybe Paul was right, "The love of money is the root of all evil."

Just a note explaining my concern...
Where I live in the last few weeks we are seeing mosques, synagogues and Hindu temples alike graffitied, burned or vandalized. A man wearing a turban was shot by someone yelling 'go back to your country.' Another was shot during a protest outside a neo-nazi's (actually called alt-right) talk at the University of Washington where Nazi like posters have begun to pop up also. None of my friends and neighbors are involved in this violent bigotry, so who is?

re Assange He would most likely end up in prison.

Pyraman
Offline
Iscritto: 06/05/2014

Sorry but Associated Press is a Fake News, heavily influenced by its liberal ideology and contributors. Better not to watch TV at all, it is a zombie box - waste of time

Geshmy
Offline
Iscritto: 04/23/2015

re "It is strange that so many people voted for Drumpf"

Yeah, what's happening? It seems like anti-globilization may be a big part of it, but what's with the Nazism and violence. Where I live, "mosques, synagogues and Hindu temples alike graffitied, burned or vandalized." This is Seattle for heaven's sake, don't tell me Seattle stands for bigotry because I've lived here all my life and it ain't so. The city isn't perfect but I've never heard of a chapter of the Ku Klux Klan located here.

Hey this thread should have started out in the troll hole, no?

bcs
bcs
Offline
Iscritto: 05/28/2010

That's capitalism. A few winners determine what computers you can use. The workings of mechanical computation from start to halt is black magic known not even to the monopolist who decides what parts your computer is made from, but does not know from what grains of sand and ceramic those parts will be composed and arranged, and can not verify even a bourgeois "libre" chip is what is claims to be.

The private property of the few winners requires for its privileges
the servicing of authority able to guarantee the strangle-hold of property in spite of what you may will.

Pay no heed to those who will whine for "managed capitalism",
they are not revolutionary, for they demand the preservation of a system that has out-lived its usefulness.

Pay no heed to those who will only gasp in horror that terrible things can happen to them. Capitalism is horror without end.

After 100 years, if it is not clear to you what must be done... get out of the way. Stop making it seem that the tiny minority of capitalists possess god-like power, instead of showing that the source of that power is in the ownership of production under the bourgeois class, a minority that thrives on labor, and employs labor only when it is profitable. A class that uses its ownership to decide who is a celebrity. A rotten system that imposes its conditions of appropriation for profit. A system where no lives matter. A system of endless uncertainty and fear.

Capitalism has collapsed. The bourg class are afraid of you, but also in loathing of your absence of directive. Your inability to cast the first stone, to pull the trigger, to get blood on your hands for the sake of your emancipation, the salvation of your planet, and the your responsibility to future generations.

If you can only whine, then throw away your computer. Take your pills, and stay out of our way.

"Nice capitalism" is not an option.
The choice facing humankind is that of either socialism or barbarism.

Soon.to.be.Free
Offline
Iscritto: 07/03/2016

When exactly did capitalism "outlive its usefulness"? I totally agree with you that the application of capitalism to certain fields of endeavor- such as politics, healthcare, or innovation (copyright, patents, etc.)- is a disastrous failure on the behalf of the people to uphold the liberties we were granted. whether by choice or by ignorance. "Nice capitalism" is even worse- deciding to discard individual liberties in favor of businesses being "socially responsible" is destined to be a problem.

However, I don't see why pure socialism or pure anarchy are the only options. As far as I can tell, capitalism still does a wonderful job at producing innovation, *but* only when it's controlled. The problem seems to be less with the system and more with how it's applied to the very system that stops it from breaking down. When mega-corporations can buy their way out of legislative attacks on their power, they do so. If we can control the outlets available to them for cheaply maximizing profits, however, then (in theory) they should stop trying to find loopholes and start doing something of value. Maybe I'm wrong- I often am- but, with democracy cleaned up, citizens should be able to avoid being left at the feet of the CEOs regardless. In any case, I don't think it even needs to be said we can all agree the current system needs a significant overhaul.

Also, I agree this belongs in the Troll Hole.

hack and hack
Offline
Iscritto: 04/02/2015

The choice facing humankind is that of either socialism or barbarism.
Uh... You mean like when they were one and the same? https://en.wikipedia.org/wiki/Joseph_Stalin
Not necessarily throwing the baby out with the bathwater, but still, this happened.

Nice use of the anaphora btw. And vocabulary like "Your inability to cast the first stone, to pull the trigger, to get blood on your hands (...)". WTF?
Also, sometimes socialist governments were starting and leading colonization wars, being super xenophobic...

I'm not necessarily defending capitalism, but what you suggest (and the way you suggest it) is kinda worrisome.

Geshmy
Offline
Iscritto: 04/23/2015

Drone strikes - Afghanistan I understood after 9/11 but Iraq was a huge mistake. Now drones are killing people in other countries because some shadow court has declared them an enemy. We have a right to defend ourselves from our enemies but to whom are they that control the drones accountable? Most Americans hear very little about it.

re Capitalism, I fairly agree with Soon.to.be.Free. But Capitalism belongs in the marketplace, not so much in the halls of government. Also, to provide social services, individual and corporate wealth maybe should be shared by taxation which in turn would foot the bill for no cost continuing education, universal health care and such. So maybe that makes me a socialist too.

People made a mistake thinking a business background was what the country needed in a president. The business of business is business, the business of government is the welfare of it's citizens. Least that's what Ive been thinking.

Pyraman
Offline
Iscritto: 06/05/2014

Government is just a huge business with a huge number of customers! Customers vote with their vallets, citizens vote with their ballots. Countries are having the negotiations and making deals, businesses are doing the same. Business should care about their customers or eventually they will lose them, government should care about their people or eventually it will be replaced. President is like a CEO, and his Cabinet is like the upper management of this huge business

Soon.to.be.Free
Offline
Iscritto: 07/03/2016

The setup of government is like a business (as you say), but trying to operate it like one is a recipe for disaster. The thing is that businesses don't always lose customers by going against those customers' wills. Monopolies, subtly misleading advertising, secret violations of the law, and shady deals plague unconstrained capitalism like nothing else. This is problematic enough when applied to trade in everyday goods. When the law falls victim to these, as many would argue it already has, the damage is orders of magnitude higher.

Soon.to.be.Free
Offline
Iscritto: 07/03/2016

I'm not quite sure if it quite came through, but I do agree with your views in regards to capitalism. Government and access to basic human rights (healthcare, education, access to sufficient nutritious food/water, legal representation, etc.) should be made available to everyone, funded by taxation of wealth, and in a way which ensures prejudice is minimized. The free marketplace might be able to operate with all of these (except government), but should not provide an excuse for public services to be merely 'cheap alternatives' or limited in availability. They shouldn't be funded using public taxes either, unless where the funds are specifically for offering services to the government (which is best avoided in most cases),

Geshmy
Offline
Iscritto: 04/23/2015

It made it to the trole hole! troll holl.

https://www.wired.com/2017/03/yahoo-hack-russia-indictment/
They say it went Yahoo > DNC > WikiLeaks.

Now yahoo says the same group is going after iphones via Macs. https://www.yahoo.com/tech/russians-hacked-dnc-now-steal-iphone-backups-mac-184216276.html

I guess we still don't know how Russians have gone after Linux.

Business works for profit and that encourages it's culture to be short sighted.

Government should be free to work for higher ideals, be future minded and promote a better sense of well being for all people.

Last administration was trying to help the world move towards cleaner air. Now we have a businessman running things and he seems bent on destroying environmental protection. The first was a community activist, the second a real estate tycoon.