Índice del Foro RevoluciónAlDía.org ¡Chávez Vive! RevoluciónAlDía.org ¡Chávez Vive!

La "MUD" obtuvo un crédito, que no lo despilfarre! RAD MÁS CHAVISTAS QUE SIEMPRE!! "Los guerreros ante la derrota: se repliegan, reorganizan, reflexionan y vuelven a la ofensiva" Miguel R.Torres

 
 F.A.Q.F.A.Q.   BuscarBuscar   Lista de MiembrosLista de Miembros   Grupos de UsuariosGrupos de Usuarios   RegístreseRegístrese 
 PerfilPerfil   Identifíquese para revisar sus mensajesIdentifíquese para revisar sus mensajes   ConectarseConectarse 

Bareback riding the Internet with the NSA

 
Publicar Nuevo Tema   Responder al Tema    Índice del Foro RevoluciónAlDía.org ¡Chávez Vive! -> Up-to-date with the Revolution
Ver tema anterior :: Ver siguiente tema  
Autor Mensaje
bolchevique
Usuari@ Expulsad@


Registrado: 31 Mar 2008
Mensajes: 1721
Ubicación: Caracas

MensajePublicado: Mie Ene 01, 2014 5:20 am    Título del mensaje: Bareback riding the Internet with the NSA Responder citando

NSA's hacking


"That which the government is allowed to do that you are not, this is a tyranny."
Jefferson



iTech NSA is using to spy the World:
  • Dragnet surveillance
  • Data retention for at least 15 years
  • Tasking, exploitation
  • "QUANTUM theory"
  • Man-on-the-side quantum insertion
  • PRISM, "upstream" and many other programs



Meet QFIRE and its Minions TURBINE and TURMOIL

The NSA data collection collective falls under a massive surveillance effort called "TURMOIL". That means that every American's data is sitting in a treasure trove, just waiting to be compromised or exploited by criminals or future political regimes. The NSA says it only temporarily (15 years) stores the metadata it collects from American networks and does not spy on Americans.


NSA Uses Foreign Servers to Attack Americans, Collect Their Data

Most of this data also passes through foreign servers, as the NSA uses (perhaps for legal reasons) foreign servers for much of its attacks on U.S. citizens.

TURMOIL is complemented by "TURBINE". While TURMOIL uses deep packet inspection, TURBINE is active, using deep packet injection. Turbine allows the NSA to use ultra-fast communications lines to take your internet requests, grab the requested data, and pass it to you beating the normal provider data so it doesn't even appear the NSA is monitoring the network.

Together TURMOIL and TURBINE form QFIRE, a complete universal hacking and surveillance system used by the NSA. This system still remains heavily classified and denied by the NSA.


The NSA Really is Watching Some of us

The NSA's QUANTUM THEORY program has effectively automated TURMOIL and TURBINE to scan the plaintext that it's harvesting off the internet and automatically initiated attacks on networks of interest -- sort of like a SkyNet in the real world. This data set is currently performed by traditional search, but in the long term the NSA wants to use quantum computers to gain instant search access to the data set, as the name of the program implies.

Such "untasked targeting" does not specifically target individuals, but rather runs automated attacks on anyone who visits certain sites, such as websites affiliated with Islamic religion, culture, or thought. Mr. Appelbaum says this system is sort of like internet carpet-bombing.


The Ultimate Cybersquatter

In its data collection efforts, the NSA reportedly regularly monitors and cracks password-protected citizen networks using the growing army of domestic drones or a surveillance van, using powered antennas to boost faint signals. Basically, the NSA is only limited by budget in its data collection, and it's been quite clever in making sure even budget does not stop it from harvesting most of the world's meaningful data.


Unmatched Penetration

The NSA has zero day vulnerabilities on hand that allow it to penetrate virtually any Wi-Fi router, Windows PC, external storage device, server, tablet, or smartphone.

Rather than give this data to private sector firms to offer increased security to users, the NSA turns around and exploits these flaws to spy on everyone -- sort of a digital equivalent of "sometimes you have to burn a village to save it."

Based in a speech by Jacob Appelbaum at Germany's (in)famous Computer Chaos Club http://www.dailytech.com/Tax+and+Spy+How+the+NSA+Can+Hack+Any+American+Stores+Data+15+Years/article34010.htm

_________________
"... Ustedes saben qué hacer. ¡Simplemente tomen el poder en toda Venezuela, absolutamente todo, barran a la burguesía de todos los espacios políticos y económicos y profundicen la revolución!"


Ultima edición por bolchevique el Mie Ene 01, 2014 2:13 pm; editado 1 vez
Volver arriba
Ver perfil del usuario Enviar mensaje privado
bolchevique
Usuari@ Expulsad@


Registrado: 31 Mar 2008
Mensajes: 1721
Ubicación: Caracas

MensajePublicado: Mie Ene 01, 2014 5:24 am    Título del mensaje: Responder citando

The NSA attacks Tor with Quantum and atacks Firefox users with FoxAcid

The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.
According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identifies Tor users on the Internet and then executes an attack against their Firefox web browser.

The first step of this process is finding Tor users. To accomplish this, the NSA relies on its vast capability to monitor large parts of the Internet. This is done via the agency's partnership with US telecoms firms under programs codenamed Stormbrew, Fairview, Oakstar and Blarney.
The NSA creates "fingerprints" that detect HTTP requests from the Tor network to particular servers. These fingerprints are loaded into NSA database systems like XKeyscore, a bespoke collection and analysis tool that NSA boasts allows its analysts to see "almost everything" a target does on the Internet.
Using powerful data analysis tools with codenames such as Turbulence, Turmoil and Tumult, the NSA automatically sifts through the enormous amount of Internet traffic that it sees, looking for Tor connections.

After identifying an individual Tor user on the Internet, the NSA uses its network of secret Internet servers to redirect those users to another set of secret Internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems.
Once the computer is successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information back to the NSA.

Exploiting the Tor browser bundle

Tor is a well-designed and robust anonymity tool, and successfully attacking it is difficult. The NSA attacks we found individually target Tor users by exploiting vulnerabilities in their Firefox browsers, and not the Tor application directly.
This, too, is difficult. Tor users often turn off vulnerable services like scripts and Flash when using Tor, making it difficult to target those services. Even so, the NSA uses a series of native Firefox vulnerabilities to attack users of the Tor browser bundle.

    The Quantum system

    To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the Internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target's browser to visit a Foxacid server.
    In the academic literature, these are called "man-in-the-middle" attacks, and have been known to the commercial and academic security communities. More specifically, they are examples of "man-on-the-side" attacks.

    The NSA uses these fast Quantum servers to execute a packet injection attack, which surreptitiously redirects the target to the FoxAcid server.

    The FoxAcid system

    According to various top-secret documents provided by Snowden, FoxAcid is the NSA codename for what the NSA calls an "exploit orchestrator," an Internet-enabled system capable of attacking target computers in a variety of different ways.

    The servers are on the public Internet. They have normal-looking domain names, and can be visited by any browser from anywhere; ownership of those domains cannot be traced back to the NSA.
    However, if a browser tries to visit a FoxAcid server with a special URL, called a FoxAcid tag, the server attempts to infect that browser, and then the computer, in an effort to take control of it. The NSA can trick browsers into using that URL using a variety of methods, including the race-condition attack mentioned above and frame injection attacks.
    FoxAcid tags are designed to look innocuous, so that anyone who sees them would not be suspicious.



Source http://www.dailytech.com/Tax+and+Spy+How+the+NSA+Can+Hack+Any+American+Stores+Data+15+Years/article34010.htm
_________________
"... Ustedes saben qué hacer. ¡Simplemente tomen el poder en toda Venezuela, absolutamente todo, barran a la burguesía de todos los espacios políticos y económicos y profundicen la revolución!"


Ultima edición por bolchevique el Mie Ene 01, 2014 4:42 pm; editado 1 vez
Volver arriba
Ver perfil del usuario Enviar mensaje privado
bolchevique
Usuari@ Expulsad@


Registrado: 31 Mar 2008
Mensajes: 1721
Ubicación: Caracas

MensajePublicado: Mie Ene 01, 2014 5:28 am    Título del mensaje: Responder citando

The NSA's TAO hacking unit is considered to be the intelligence agency's top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

    In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn't budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410.

    Fault for the error lay with the United States' foreign intelligence service, the National Security Agency, which has offices in San Antonio. Officials at the agency were forced to admit that one of the NSA's radio antennas was broadcasting at the same frequency as the garage door openers.

It was thanks to the garage door opener episode that Texans learned just how far the NSA's work had encroached upon their daily lives. For quite some time now, the intelligence agency has maintained a branch with around 2,000 employees at Lackland Air Force Base, also in San Antonio. In 2005, the agency took over a former Sony computer chip plant in the western part of the city. A brisk pace of construction commenced inside this enormous compound. The acquisition of the former chip factory at Sony Place was part of a massive expansion the agency began after the events of Sept. 11, 2001.

Source http://www.dailytech.com/Tax+and+Spy+How+the+NSA+Can+Hack+Any+American+Stores+Data+15+Years/article34010.htm

FoxAcid servers are run by the NSA's tailored access operations, or TAO, group. TAO is another subgroup of the systems intelligence directorate.

According to Snowden, FoxAcid is a general CNE system, used for many types of attacks other than the Tor attacks described here. It is designed to be modular, with flexibility that allows TAO to swap and replace exploits if they are discovered, and only run certain exploits against certain types of targets.

The most valuable exploits are saved for the most important targets. Low-value exploits are run against technically sophisticated targets where the chance of detection is high. TAO maintains a library of exploits, each based on a different vulnerability in a system. Different exploits are authorized against different targets, depending on the value of the target, the target's technical sophistication, the value of the exploit, and other considerations.

FoxAcid payloads are updated regularly by TAO.

TAO additionally uses FoxAcid to exploit callbacks -- which is the general term for a computer infected by some automatic means -- calling back to the NSA for more instructions and possibly to upload data from the target computer.
_________________
"... Ustedes saben qué hacer. ¡Simplemente tomen el poder en toda Venezuela, absolutamente todo, barran a la burguesía de todos los espacios políticos y económicos y profundicen la revolución!"
Volver arriba
Ver perfil del usuario Enviar mensaje privado
Mostrar mensajes anteriores:   
Publicar Nuevo Tema   Responder al Tema    Índice del Foro RevoluciónAlDía.org ¡Chávez Vive! -> Up-to-date with the Revolution Todas las horas están en GMT - 4.5 Horas
Página 1 de 1

 
Saltar a:  
No puede crear mensajes
No puede responder temas
No puede editar sus mensajes
No puede borrar sus mensajes
No puede votar en encuestas




Powered by phpBB © 2001, 2005 phpBB Group