NSA Prepares For Future Techno-Battles By Plotting Network Takedowns 81
Advocatus Diaboli (1627651) writes According to top secret documents from the archive of NSA whistleblower Edward Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the Internet will play a critical role, with the aim of being able to use the net to paralyze computer networks and, by doing so, potentially all the infrastructure they control, including power and water supplies, factories, airports or the flow of money. Also check out — New Snowden documents show that the NSA and its allies are laughing at the rest of the world.
Re: (Score:2)
Re:... because they are too lazy to work ! (Score:5, Insightful)
Or they have a felony conviction for pot on their record and every job application asks if they have ever been convicted of a felony. The background check companies are allowed to do will reveal those that lied.
Let's face it, the system of denial because of legal issues is huge in the US which also happens to have the largest prison population in the world. Convicted felons, whether they served their time honorably or not, are denied a job, a home, the right to participate in our political system and in general to be considered "rehabilitated". In short, they are stigmatized from the first arrest for the rest of their lives.
Re: (Score:3, Funny)
The US is Pinky. The UK is Brain.
Re: (Score:3)
Assholes like you shame reasonable people like me out of expressing patriotism.
Schneier on Security (Score:5, Informative)
If NSA thinks they are so great ... (Score:1)
... why don't they shut off the power supply in North Korea, or the water pump in Mosul, Iraq?
I mean, if they laugh at the rest of the world at our 'backwardness', go shut off the power supply, water supply, telecommunication network which feeds the terrorists in Iraq/North Korea/Syria/Northern Nigeria
Instead of laughing at the rest of the world, show us, NSA, show us how capable you are!
Re: (Score:2)
Because that would mostly hurt poor innocent people, and make more people hate the US.
If instead they could provide those people with reliable water, food, etc, it would become harder to radicalize them.
Re: (Score:3)
As much as the Iraq war has cost, we could have dropped the cash all over the country and solved the whole problem with nobody hating us.
Re: (Score:1)
For comparison:
Re: (Score:2)
oh only if it was that simple to pay the sum to each and not have it go into local chieftains.
helping afghans and many other similar situation countries. the problem has a root it not being a country as such but a country with 10000 mini countries. majority of the violence is small group vs. another small group and none of them like losing grip on their local small "country".
I'm rather amazed that they manage to keep 30 million people alive tbh.. natural environment must not be too unfriendly to life.
Re: (Score:2)
If NSA thinks they are so great ... why don't they shut off the power supply in North Korea, or the water pump in Mosul, Iraq?
Because North Korea and Mosul are probably more technologically advanced than we, using things called 'mechanical switches and controls' and 'operators'.
In the early days of infrastructure there existed in this country an elite class of operators whose job was to personally attend to the various modern contrivances that make our way of life possible. They worked in shifts around the clock, played cards and listened to the radio, but they were not surrounded by indicators, dials and levers. Every now and t
Re: (Score:2)
I found your comment interesting since I work with industrial control systems used in refineries and pipeline operations. I work with the applications that interface with the HMI's, Plc's, and Omni flow control systems. I find the work very interesting and after designing and implementing software for 28 years that is saying something. So far the security aspects of the systems is being handled pretty well with all the network infrastructure buried behind firewalls and using VPN services to handle all the t
Put everything important on the Internet (Score:5, Funny)
Connect everything to the Internet, even crucial things. All hail the Internet of Things! What could possibly go wrong?
Re: (Score:2)
Ha ha... You ain't seen nuttin' yet. Just wait until they take the steering wheel out of your car and remove the pilot from the airliners. Then it will get interesting. And now I wonder why building elevators haven't gone nuts yet. They would be good targets, and it will be funny to see the people coming out all squished flat, just their hats with feet, and that silly music when they walk
Re: (Score:3)
Yeah, Kim's Killer Kids could conceivably make the elevator ascend in bumpy six inch steps for an hour while playing 'You Light Up My Life", but that's about as scary as it gets.
Re: (Score:1)
> Connect everything to the Internet, even crucial things. All hail the Internet of Things!
> What could possibly go wrong?
"We could drink your milk shake but we won't. It's past its expiration date and your fridge temperature is set 5.7 degrees too high anyway..."
What did you EXPECT? (Score:3)
Seriously, the two probable behaviors of voyeurs are either (1) laughter, or (2) heavy breathing.
Somehow I hoped (Score:5, Insightful)
Militarize It (Score:2)
Look, if there's a need for cyberwarfare (let's assume the premise) then bring it under the Pentagon and let the NSA get back to purely defensive infrastructure stuff. There should not be a rogue civillian agency making War, if for no other reason than that the real Generals need full situational awareness.
You've just crossed over into the Twilight Zone .. (Score:4, Insightful)
Did I just slip through a crack in the universe, to a place where the past decades of computer intrusions didn't take place. If so, then that would explain why people are still connecting their critical infrastructure directly to the Internet.
Re:You've just crossed over into the Twilight Zone (Score:4, Insightful)
More simply explained. People's bosses aren't willing to pay for properly isolating their infrastructure because
a) they don't understand
b) they don't care
and c) they want direct access to their stuff from wherever they are, just like the vendor promised.
Re: (Score:2)
You forgot it is too expensive to duplicate the internet for your factory or plant.
Re:You've just crossed over into the Twilight Zone (Score:5, Insightful)
Did I just slip through a crack in the universe, to a place where the past decades of computer intrusions didn't take place.
In every past intrusion, the intruders were always held to be 100% to blame.
No manager ever went to jail for gross negligence after a million credit card numbers were stolen, or a control system was attacked.
No major company that was breached ever got sued for all they have by customers whose personal information and privacy were compromised due to the company's gross negligence --- again the intruders were held to have all the blame.
The most serious breaches happen every day by most every business large and small.... you can bet your bottom dollar, that the vast majority of breaches are swept under the rug, and we never learn about them. Unless the breach becomes severe enough or something happens where the company can no longer hide it.... I suspect 90% of small and medium businesses are not disclosing this kind of stuff properly, not even if customers are at risk
When was the last time you got a letter from your grocery store?
Businesses are having workstations on their LAN infected with random malware all the time.
Just about any service provider you do business with has your information and has Windows workstations, and that should make the public scared as hell
But by and large, the public is unaware, even "security experts" are unaware.
Re:You've just crossed over into the Twilight Zone (Score:5, Insightful)
The intruders are 100% to blame.
False dichotomy, moron. There can be multiple people at fault for different things. The intruders for an obvious reason, and the company for not using reasonable levels of security.
If someone smashes a window and burglarizes your home is it your fault because you didn't put bars over your windows?
There is such a thing as negligence, and in this context, it occurs when even multi-million (or billion!) dollar companies fail to use even a minimal level of security. You seriously can't tell the difference between a reasonable level of security and absolutely perfect security? Yes, I'm going to put forth the *outrageous* idea that companies should protect data with a reasonable level of security, and that they shouldn't ignore reality and put everyone's data at risk with absolutely laughable security practices. Wow, the poor babies!
And Snowden must enjoy living in Russia because he is digging his own hole everytime he release information on the US counter intelligence services that have nothing to do with the average US citizen.
As a US citizen, I care very much about things like ethics and justice; those are things which the US is supposed to aspire to, but doesn't, and no thanks to ignorant fools like yourself. Someone isn't subhuman just because they're born outside the US, and they deserve protections from indiscriminate surveillance as well. An organization like the NSA which has committed so many wrongs does not deserve any sympathy from anyone.
and obscuring the fact that the US is by no means the only country on the planet with espionage and counterintelligence operations across the globe.
"Everybody else is doing it, so it must be okay!" If we're such an excellent country, then maybe we should set an example for other countries by not doing evil things. Seriously, you people spew forth this nonsensical justification almost every time it comes out, and it gets tiring pointing out the fallacy.
Re: (Score:3)
If someone smashes a window and burglarizes your home is it your fault because you didn't put bars over your windows?
Your remark is a false analogy. You are missing an important concept called duty of care in regards to companies that require you to provide them sensitive information in order to purchase a service from them. Try this one: you go to the jewelry store, and secure into their care a $100,000 jeweled necklace for repairs. Overnight, a burglar smashes a window in the store and swipes your
Re: (Score:1)
If someone smashes a window and burglarizes your home is it your fault because you didn't put bars over your windows?
Let's suppose you ask me to store your bike in my house, for a small amount of money, because I say that your bike will be safer than in your own.
Let's suppose a burglar smashes my window and steals your bike, as you say.
Should I be held accountable, refund you your money, pay you for the stolen bike, possibly a bit more because the bike was special or whatever? Or should I just say "Shit happens, get over it. Blame the burglar"?
Do you see the problem now, fscking troll?
Re: (Score:1, Insightful)
Re:Leak-value is worthless (Score:4, Informative)
Re: (Score:2)
Sorry but it crossed the line. Everyone with half a brain about computer and network security knows that is order to prepare to break another countries network system security you must prepare for it before had by specifically breaking a countries network and system security, an act of war. As for the five eyes, why they fuck would they trust each other based upon they way they behave. Based upon those repeated patterns of behaviour the last people you would trust would be the other members of the five eye
Re:Leak-value is worthless (Score:5, Informative)
Dear leaker community: please stop shitting in your own nest. You have no idea what you're doing, or what kind of world you're trying to create.
They could be like the roman senators who assasinated Julius Caesar, because they feared growing power would result in Caesar being crowned king and crush the republican form of government, but after the dirty deed was done, the senate lost legitimacy and Rome became a dictatorship, so their actions had the opposite of the intended affect.
With all that has been leaked so far.... if the general public has not yet become outraged enough with the NSA to have politicians driving for change, then probably nothing they have left will be able to meet that threshold.
Re:Leak-value is worthless (Score:4, Insightful)
Sometimes, when you overthrow a repressive dictator, the first thing you get is a look at what he was repressing.
Re: (Score:2)
Insightful
Re: (Score:2)
I wish I had points to mod you up. Sadly the herd mentality of "USA evil, everyone else good" is too strong here.
Re: (Score:1)
Dear intel community: Please stop shitting where you eat. I don't know what's worse - that you don't know what kind of world you're inadvertently creating, or that you've adopted the methods of the Chinese and Russian surveillance states as ends in and of themselves, not merely means to some pre-9/11-American end.
Re: (Score:2)
Here, it's just a bunch of idiots who hate the West in general (and the United States in particular), trying to give the Western security apparatus a black eye. I fail to see how leaking our game plans to enemies and competitors is going to make us any safer.
No it won't make us safer. It may make us better.
Like it or not, the West is the light on the hill for the whole world. People who believe otherwise should imagine the whole world being run along Chinese, Russian or Islamist lines... The West does a lot of bad shit, but we are choir boys, compared to the rest of the world.
And what keeps us choir boys? Think about it this way sometimes pragmatism does force us to do things that we nominally consider against or characters. Sometimes we may think we need an internment camp, or a gitmo, or a mass surveillance program, or to allow our officals to operate above or outside our law, etc. Sometimes we may think there is a need to relax or strip away a protections like our bill of rights. I offer no statement on if the ends justified the means in any specific case; I will say its the slipperiest of slopes or the most difficult of lines to walk.
If you want us to remain the chior boys than ONLY transparency and a vigorous and rigorous public debate about these choices their merit at the time and their on going merit will keep us free, or offer us any chance of returning to our core values after we (hopefully) temporarily abandon them. So yes the public has a right to know, and there is a public interest, there is always a public interest.
Network Security 101 (Score:5, Insightful)
Don't want your infrastructure paralyzed? Don't connect it to a global public network.
Afraid the NSA has compromised the infrastructure of your nation? Pull the plug to the rest of the world, isolate your network, reload everything including firmware and have that firmware analyzed byte by byte for potential vulnerabilities. Or buy silent typewriters and use them in soundproof roofs that have been swept for bugs.
These guys have compromised the planet all the way down to the equipment manufacturers. They have themselves endangered national security by injecting such vulnerabilities for the black hat community to discover and enjoy. This has become less about national security and more about manipulation/control of the populace/world. They have overstepped their bounds greatly to the point of being dangerous to the liberty of every man, woman and child on the face of this Earth potentially and very little is being done to put a leash on them.
Seriously, what hasn't the NSA illegally pwned yet? They are conducting organized crime basically and our government has told us to shove it. I'd laugh too. Hell, I might even die laughing. I don't think I'd be able to stop.
Re: (Score:3)
If a dedicated hardened network requests random fault inducing commands real staff on site can make calls at 4am.
Just as other nations can revert to the typewriter and one time pad staff can revert to systems that worked over generations.
Networks are great for tracking vast systems but local vetted staff can be trusted with the more vital network wide vital commands.
That would
Re: (Score:2)
And you're doing what, exactly? What's *YOUR* glorious plan for rebuilding the republic and "doing something about it"? Don't have one? Didn't think so.
And I didn't vote for any of these clowns.
natural paralysis (Score:1)
Ripping out a couple of fibre optic cables has the same effect, as happened with severe storms in Australia.
I'm sure one disenfranchised pleb could easily create the same mayhem, US corporations have the most to loose.
And if a few plebs got organised ???
The rest of the world is laughing at the NSA.
Re: (Score:2)
A huge coal supply, cooling water and the staff can keep the lights on if the nation is ready and fully understands its own internal networks. Teams can work on error messages induced by national networks or just focus on the networking they can support.
Most nations should have kept the internet, a companies external email and billing networks away from critical infrastructure.
If a comp
Stop using (Score:1)
Someone ID This Prick (Score:4, Interesting)
The agent responsible for what happens in these pages could be a good start to slutshaming these assholes.
http://www.spiegel.de/media/me... [spiegel.de]
Oversight (Score:2)
Until these agencies have properly mandated oversight at a level that allows them to dismiss or bring criminal charges against the offended then this situation will never improve. Realistically there has to be some sort of intelligence gathering operations for nation states and if governments are going to crack down on whistle blowers in these organizations then they have to balance it with proper legal oversight.
It is clear the issue of Quality Assurance and control within these organizations is somethin
Why bother with software? (Score:2)
Why bother with software tools?
If I were they, I'd just use the explosive devices they've almost certainly already pre-positioned.
We know that they've tapped in to quite a number of underwater fibre-optic cables, which is the reason that Google started encrypting traffic on their private fibre. Google originally made the incorrect assumption that dedicated fibre didn't need to be encrypted.
Since they went to the trouble to tap the lines, why would they NOT have left explosives after doing the surgery?
Well DUH.... (Score:2)
Well DUH....
All the more reason to bug Micro$oft to fix bugs.
As the single largest vector of system infections Micro$oft
seem to be playing loosie goosie and we are all at risk for it.
Fix them bugs ladies and gents.
The astounding bit is the astounding parade of tuesday patches
mostly the bugs are stupid blunder but not all.
At this point all the TLAs and near and far nations and corporations
have copies of WindowZ and it is a simple race to find exploit or find
and plug. For microsoft to take 90+ days to fix a
The first thing about Spying (Score:1)
Is to know its a Magic Trick.. and what you see.. is not really whats going on