Jon88

Pro Bowler
Messages
19,523
Reaction score
0
nsa.jpg

The National Security Agency (NSA) has apparently able to hack the iPhone since 2008, according to a Der Spiegel interactive report that looks at the NSA’s various tools used for spying purposes. One particularly interesting tool, codenamed “DROPOUTJEEP,” is an implant that was first used to compromise the first-generation iPhone and was able to send various data stored on the phone to the agency, including text messages, address book contacts, geolocation and voicemail. Furthermore, the software could activate the microphone of the iPhone, turn on the camera and take pictures and retrieve cell tower location.

All NSA-iPhone communications would be “covert and encrypted,” meaning that the target would likely be unaware of what’s going on. According to the document obtained by Der Spiegel, “command, control and data exfiltration can occur over SMS messaging or a GPRS data connection.” Furthermore, the initial DROPOUTJEEP would “focus on installing the implant via close access methods” with remote installations to be “pursued for a future release.” The documents presented by the publication do not specify whether following iPhone models were similarly hacked by the agency.

However, the leaked materials show that the NSA had various other mobile-related spying “products” that worked with other smart devices:
•GOPHERSET – an implant for GSM SIM cards to pull phone book, SMS and log files for incoming and outgoing calls
•MONKEYCALENDAR – attack software that forces a SIM card to transmit geolocation data via covert SMS messages
•TOTECHASER – an implant hidden in a satellite phone running Windows CE that transmits data via hidden SMS messages
•TOTEGHOSTLY – an implant that enables full remote control on Windows Mobile phones offering data download and upload capabilities
•PICASSO – modified GSM handsets that collect user data, audio data while also tracking the location of the handset

These are only a few of the NSA’s smart spying programs that can be used to spy on targets. In similar reports, Der Spiegel mentioned a 50-page catalog of such digital tools developed by the NSA, and revealed that the NSA can intercept laptops and other products mid-shipping to install spy malware on them. Furthermore, the NSA can reportedly hack a wireless network from eight miles away.

An image of the document that reportedly describes DROPOUTJEEP follows below.
 

JBond

UDFA
Messages
2,667
Reaction score
2
It's a lot more than Apple. They have hacked everything and built in back doors to almost every hard drive.

How the NSA hacks PCs, phones, routers, hard disks 'at speed of light'

A leaked NSA cyber-arms catalog has shed light on the technologies US and UK spies use to infiltrate and remotely control PCs, routers, firewalls, phones and software from some of the biggest names in IT.

The exploits, often delivered via the web, provide clandestine backdoor access across networks, allowing the intelligence services to carry out man-in-the-middle attacks that conventional security software has no chance of stopping.

And if that fails, agents can simply intercept your hardware deliveries from Amazon to install hidden gadgets that rat you out via radio communications.

The 50-page top-secret document, written by an NSA division called ANT, is part of an information dump sent to German magazine Der Spiegel, and expounded upon by journalist Jacob Appelbaum in his keynote to the 30th Chaos Communication Congress in Germany on Monday. You can watch a clearly furious Appelbaum in the video below.

The dossier is a glorified shopping catalog of technology for spies in the so-called "Five Eyes" alliance of the UK, the US, Canada, Australia, and New Zealand. It gives the clearest view yet of what the NSA, GCHQ and associated intelligence agencies can do with your private data, and how they manage it. Here's an easy-to-digest roundup of what was discussed.

Satellite and optic-fiber communications stored

According to Appelbaum, the NSA is running a two-stage data dragnet operation. The first stage is TURMOIL, which collects data traffic passively via satellite and cable taps and stores it – in some cases for up to 15 years – for future reference. The NSA does not consider this surveillance because no human operator is involved, just automatic systems.

Der Spiegel gave the example of the SEA-ME-WE-4 underwater cable system, which runs from Europe to North Africa, then on to the Gulf states to Pakistan and India before terminating in the Far East. The documents show that on February 13 this year a tap was installed on the line by the NSA that gave layer-two access to all internet traffic flowing through that busy route.

However, this passive capability is backed up by TURBINE, the active intervention side of the NSA, run by its Tailored Access Operations (TAO) hacking squad. By using a selection of hardware and software tools, not to mention physical measures as we'll see later on, the NSA promises that systems can be hacked "at the speed of light," and the staffers in Maryland even took time to build a LOLcat picture highlighting the capability:

Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies," the NSA said in a statement on the report, adding that TAO's "work is centered on computer network exploitation in support of foreign intelligence collection."

Windows crash reports boon for spies

On the subject of operating systems, Appelbaum said the documents revealed subversion techniques against Windows, Linux, and Solaris. In the case of Microsoft, the NSA is monitoring Windows software crash reports to gain insight into vulnerabilities on a target system and exploit them for its own ends.

“Customers who choose to use error reports send limited information about, for example, the process, application, or device driver, that may have encountered a problem," a Microsoft spokesperson told El Reg in a statement responding to Der Spiegel's report.

"Reports are then reviewed and used to improve customer experiences. Microsoft does not provide any government with direct or unfettered access to our customer’s data. We would have significant concerns if the allegations about government actions are true."

NSA buys up security exploits to attack vulnerabilities

When it comes to active penetration, the TAO team has a system dubbed QUANTUM THEORY, an arsenal of zero-day exploits that it has either found itself or bought on the open market from operators like VUPEN. Once inside a computer, software dubbed SEASONEDMOTH is automatically secreted and used to harvest all activity by the target in a 30-day period.

For computers and networks that have firewalls and other security systems in place, the NSA uses QUANTUMNATION, a tool that will scan defenses using software dubbed VALIDATOR to find an exploitable hole, and then use it to seize control using code dubbed COMMENDEER.

A system dubbed QUANTUMCOPPER also gives the NSA the ability to interfere with TCP/IP connections and disrupt downloads to inject malicious code or merely damage fetched files. Appelbaum said such a system could be used to crash anonymizing systems like Tor by forcing an endless series of resets – and makes the designers of the Great Firewall of China look like amateurs.

The website you are visiting is really not the website you want

But it's a scheme dubbed QUANTUMINSERT that Appelbaum said was particularly concerning. The documents show that if a target tries to log onto Yahoo! servers, a subverted local router can intercept the request before it hits Meyer & Co's data center and redirect it to a NSA-hosted mirror site where all activity can be recorded and the connection tampered.

It's not just Yahoo! in the firing line: QUANTUMINSERT can be set up to automatically attack any computer trying to access all sorts of websites. The code predominantly injects malware into religious or terrorism websites to seize control of vulnerable web browsers and their PCs.

But the technology has also been spotted monitoring visits to sites such as LinkedIn and CNN.com, and will work with most major manufacturer's routers to pull off its software injection. (If you think using HTTPS will highlight any of these man-in-the-middle attacks, bear in mind it's believed that the NSA and GCHQ have penetrated the security certificate system underpinning SSL/TLS to allow the agencies' computers to masquerade as legit web servers.)

According to the catalog, Cisco hardware firewalls, such as the PIX and ASA series, and Juniper Netscreen and ISG 1000 products, can have backdoors installed in their firmware to monitor traffic flowing in and out of small businesses and corporate data centers. A boot ROM nasty exists for the Huawei Eudemon firewalls, we're told; Huawei being the gigantic Chinese telcoms electronics maker. Other BIOS-level malware is available for Juniper and and Hauawei routers, according to the dossier.

"At this time, we do not know of any new product vulnerabilities, and will continue to pursue all avenues to determine if we need to address any new issues. If we learn of a security weakness in any of our products, we will immediately address it," said Cisco in a blog post.

"As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products."

http://www.theregister.co.uk/2013/12/31/nsa_weapons_catalogue_promises_pwnage_at_the_speed_of_light/
 

JBond

UDFA
Messages
2,667
Reaction score
2
NSA Reportedly Hacks Americans Via Facebook, YouTube, Twitter, LinkedIn

At a rate of about 50 percent accuracy, the NSA reportedly hacks into the computers of Americans when Americans click to enter Facebook, Yahoo, Twitter, YouTube, LinkedIn and other websites.

Tailored Access Operations (TAO) is a division of the NSA that allegedly takes on the NSA’s most important hacks. The most common method used by TAO to hack into computers is a program reportedly called, QUANTUM.

QUANTUM is the name of a system of tools. QUANTUM mainly focuses on popular social media sites that are visited frequently by Americans. Reportedly, when TAO’s target clicks to visit a site, that target’s computer sends an information request to that site. QUANTUM allegedly alerts designated hackers and hackers try to race a malware infection in before the desired website can send its information reply. This method is effective for the NSA about 50 percent of the time when the target accesses Facebook, Yahoo, Twitter, YouTube and LinkedIn.

Google services, although reportedly accessible by Britain’s GCHQ intelligence service, has been found to be currently inaccessible to TAO.

Microsoft Windows internal problem messages are reportedly, also a point of entry for TAO. When TAO is monitoring the IP address of a target, any time that target’s computer crashes or displays a prompt to report the problem to Microsoft, TAO is automatically notified. This operation gives TAO passive access, allowing TAO to view outbound information from the computer. The outbound information allegedly provides TAO with insights into security holes because it tells TAO where the computer is having problems.

When TAO is unable to hack its target with QUANTUM, the NSA reportedly have other tactics, such as intercepting mail-order computers and installing malware or hardware at NSA facilities called “load stations” and continue their shipment to the doors of Americans or international consumers. This method is referred to as “interdiction.”

Another infiltration method allegedly involves using informants and spies. The NSA can garner information from spies on security systems to gain access to computers that are not connected to the internet. Spies can then, reportedly, be flown in and out for short missions to gather information.

TAO is the alleged highly specialized hacking department of the NSA, and its focus targets are usually top-level individuals and groups, such as suspected terrorists, national leaders and large companies.

For larger-scale targets, such as networks and network providers, the NSA, reportedly, has tapped the information from fiber optic cables that cross the oceans floors, connecting internet users. One such transcontinental cable that was successfully hacked by the NSA was the SEA-ME-WE-4 cable system that connects Europe and Malaysia and all points between, including North Africa, the Persian Gulf, Pakistan, India and Thailand.

TAO has been able to hack into encryption that was before thought secure, such as Blackberry’s BEO, in addition to Microsoft, Cisco and Huawei.

In 2011, almost 100 million computers were sold in the U.S. North America is the second biggest e-commerce consumer, after the Asia-Pacific region. By 2017, 10 percent of U.S. retail sales will take place online. Mobile devices account for 15 percent of current U.S. online retail. That 15 percent is part of a total 22 percent for electronics and appliances.

Washington’s budget for U.S. intelligence provides for 85,000 computers worldwide to reportedly be hacked by the NSA in 2013, including those of Americans who are targeted through Facebook, Twitter, YouTube, Yahoo and LinkedIn.
 

JBond

UDFA
Messages
2,667
Reaction score
2
Shopping for Spy Gear: Catalog Advertises NSA Toolbox

When it comes to modern firewalls for corporate computer networks, the world's second largest network equipment manufacturer doesn't skimp on praising its own work. According to Juniper Networks' online PR copy, the company's products are "ideal" for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company's special computers is "unmatched" and their firewalls are the "best-in-class." Despite these assurances, though, there is one attacker none of these products can fend off -- the United States' National Security Agency.

Specialists at the intelligence organization succeeded years ago in penetrating the company's digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.

A 50-Page Catalog

These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives -- from computing centers to individual computers, and from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA's specialists seem already to have gotten past them.

This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.

In the case of Juniper, the name of this particular digital lock pick is "FEEDTROUGH." This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive "across reboots and software upgrades." In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH "has been deployed on many target platforms."

Master Carpenters

The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet.

Some of the equipment available is quite inexpensive. A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an "active GSM base station" -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.

'Persistence'

The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.

This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.

Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of the latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.




Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are "remotely installable" -- in other words, over the Internet. Others require a direct attack on an end-user device -- an "interdiction," as it is known in NSA jargon -- in order to install malware or bugging equipment.

There is no information in the documents seen by SPIEGEL to suggest that the companies whose products are mentioned in the catalog provided any support to the NSA or even had any knowledge of the intelligence solutions. "Cisco does not work with any government to modify our equipment, nor to implement any so-called security 'back doors' in our products," the company said in a statement. Contacted by SPIEGEL reporters, officials at Western Digital, Juniper Networks and Huawei also said they had no knowledge of any such modifications. Meanwhile, Dell officials said the company "respects and complies with the laws of all countries in which it operates."

Many of the items in the software solutions catalog date from 2008, and some of the target server systems that are listed are no longer on the market today. At the same time, it's not as if the hackers within the ANT division have been sleeping on the job. They have continued to develop their arsenal. Some pages in the 2008 catalog, for example, list new systems for which no tools yet exist. However, the authors promise they are already hard at work developing new tools and that they will be "pursued for a future release."

http://www.spiegel.de/international...back-doors-for-numerous-devices-a-940994.html
 

Jon88

Pro Bowler
Messages
19,523
Reaction score
0
Yet they can catch a single damn terrorist.

Exactly, and we all suffer from it.

Absolutely unbelievable

But hey, probably shouldn't say too much. I know someone somewhere is reading this.
 

VTA

UDFA
Messages
2,668
Reaction score
594
And fools will still stand on line to buy these inane over-hyped, over priced products.

Entertaining ourselves to death.
 

JBond

UDFA
Messages
2,667
Reaction score
2
Funny how none of this stuff makes the nightly news here in the US. British papers are the ones publishing most of the details. CNN, MSNBC, ABC, and CBS have pretty much ignored the dismantling of the 4th Amendment.
 

dbair1967

Administrator
Messages
58,640
Reaction score
9,108
Funny how none of this stuff makes the nightly news here in the US. British papers are the ones publishing most of the details. CNN, MSNBC, ABC, and CBS have pretty much ignored the dismantling of the 4th Amendment.

That's because their fearless leader wants them ignoring this stuff, so they comply
 
Top Bottom