US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet 367
An anonymous reader sends this news from the Washington Post:
"U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents [from Edward Snowden]. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed 'covert implants,' sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions. ... The implants that [an NSA group called Tailored Access Operations (TAO)] creates are intended to persist through software and equipment upgrades, to copy stored data, 'harvest' communications and tunnel into other connected networks. This year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” or excerpts, according to one budget document. In some cases, a single compromised device opens the door to hundreds or thousands of others."
wow (Score:5, Funny)
Re:wow (Score:5, Insightful)
Re: (Score:2)
Re:wow (Score:5, Insightful)
Norton 360 that is completely worthless against their root kit?
For all we know, Norton 360 might *be* their root kit.
Re: (Score:2)
Norton 360 that is completely worthless against their root kit?
For all we know, Norton 360 might *be* their root kit.
Don't look at me - I turned down a job w/Symantec. Some guy named Snowden recommended against it. Wonder what he's doing these days...
Re:wow (Score:4, Funny)
Norton 360 that is completely worthless against their root kit?
For all we know, Norton 360 might *be* their root kit.
So you use Kaspersky instead? You realize that it's banned by DOD because of "supply chain concerns".
Comment removed (Score:4, Insightful)
Re: (Score:3)
Ha! I don't have any anti-virus, so I'm completely safe from US cyber-attack!
Re: (Score:3)
OpenBSD?
Re:wow (Score:5, Insightful)
Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.
Re: (Score:3)
Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.
I wonder if it has occurred to anyone that the NSA's actions in other countries could be construed as acts of war....
Re: (Score:2)
that is so cool.
GENIE's free from the lamp! And one wonders, were the Chinese showing where this TAO leads to?
Re:wow (Score:5, Interesting)
Yeah. And to think that they can't secure their own networks, hence that Snowden got this out.
Sometimes I wonder if the NSA planted some or all of this stuff to impress the hell out of the world and strike fear into the hearts of the Opposition. I mean, this is straight out of a Sci-Fi plot: Homer Simpsonvich brings one infected iPod into his FSB headquarters, and soon the whole goddamned place is full of programs that are listening in on anything in sight, autonomously making cuts to exfiltrate back to Ft. Meade, copying anything that looks interesting, and surviving whatever the Opponents do to the host machines.
Securing a network is always harder than attacking a network and you can never fully understand a person's intentions when you grant them access. I'm sure a small part of what they publish is a psyop of some kind but for the most part, yes, sci-fi is reality. We are not the only ones doing it and we may not even be the best.
When you start to consider everyone who is "operating" on the Internet, things get really scary, really quick. The new cold war will be one of constant paranoia of an attack that can influence a piece of critical infrastructure. There have been small rumored instances but until the Hiroshima of the online world happens, it will be a constant game of shadows and you never, ever, fully know or understand an operator's capabilities.
Sci-fi, indeed.
Re:wow (Score:5, Insightful)
This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network. The sluice gates on the dam, the control rods in the reactor, the ventilator machine standing between granny and the reaper—none of that belongs on a network. So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.
Re:wow (Score:4, Insightful)
So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.
But that cuts into profits and corporations have shown repeatedly they'll throw anyone/anything under the bus to maintain their profit margin.
Re:wow (Score:5, Insightful)
This is why the critical infrastructure, whose failure could cost lives and fortunes, doesn't belong on the network.
Didn't help Iran when STUXNET hit, did it?
The truth is: if you have no network-connection, people start using USB-sticks over and over - which creates a completely different attack-surface.
Air-gapping critical infrastructure isn't a bad idea - but it can't be an excuse to not secure these system at all.
Re: (Score:3)
Air-gapping is part of securing critical infrastructure. A major part. Or it should be.
Re: (Score:3)
So what if you have to pay someone to get off his ass and check an inconvenient readout manually: at least that's a job created in an otherwise machine-driven economy.
Unfortunately, it isn't that simple.
As an example, take an ICU ward. There may more than a dozen of pieces of equipment connected to a patient. First problem: there is a lack of skilled people who can read those machines. You would essentially need a highly trained person sitting in the room with them staring at each one. According to a 2009 article [acphospitalist.org] there are 100,000 beds so that would be another 100,000 people. Considering the nursing shortage that seems impossible.
Next problem: Humans can't process t
Allies? (Score:4, Insightful)
Allies, "ALLIES", we don't need no stinkin' Allies. All of it, ALL OF IT, ours, we, want it all, exploit it, burn it, the whole world, it's ours, Ours, OURS.
Seriously out of control. Looks like Chinese hardware is the least of the worlds problems. With the US Stupidity Services trying to purposefully break everyone's networks and insert back doors that only they, and their contractors, and anyone who wants to pay those contractors knows about.
Morons there is no such thing as an exclusive back door. Once you broken the security of other countries networks, you leave access for anyone waiting to exploit, bet anything you like those morons did not at all to monitor and ensure those back doors were not exploited by others. I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.
How many attacks have they launched they were designed to do nothing else but increase their budget?
Re:Allies? (Score:5, Interesting)
Personally, I take comfort in knowing that this will only be used against foreigner's computers, since I am a US citizen. Just like how we were assured the collection of phone data only applied to foreigners. Damn it, why does my CPU usage keep spiking?
Re: (Score:3)
Maybe some of those foreigners whose rights the US doesn't give a shit about are retaliating. Suddenly all those claims of Chinese state sponsored hacking look like self defence, with ordinary US citizens and businesses on the front line.
Re: (Score:3)
I wonder how many times now the US government has blatantly lied about cyber attacks they launched that have been discovered and then blamed on other countries and pseudo organisation like Anonymous.
I myself have always regarded Anonymous as perhaps the ultimate expression of the old saying, "When four sit down to conspire, three are fools and the fourth is a government agent."
Re: (Score:2)
I wonder how many attacks by the Chines, Russians, North Koreans, and Iranians you have blamed on the US?
Could this be an "argumentum ad micturio praelium" ("pissing contest" argumentation, a lower cousin of ad populum [wikipedia.org])???
Nah, you are correct: cannot exclude attacks from others, but...
Does anyone in the world do disagreeable things besides the US, in your mind?
Slipping on the trolling side already? The OP didn't say others aren't doing it, just that:
* he sees what others are doing as a smaller concern in comparing with US (see "Looks like Chinese hardware is the least of the worlds problems")
* he cannot rule out false flag operations from the US spooks side.
Feel free to disagree, but
Re: (Score:2)
I'm certain you must be interesting when taken in small enough doses.
Smaller doses is why it remained so much of me. About 90 kilos.
Re: (Score:2)
I wonder how many attacks by the Chines, Russians, North Koreans, and Iranians you have blamed on the US? Does anyone in the world do disagreeable things besides the US, in your mind?
And have you, and other NSA cheerleaders, not bitched and moaned about it every single time anyone suggested they were being hacked from China or Russia? Now that it turns out to be hypocrisy, as in the US are doing much the same on a massive scale, it suddenly serves as an argument in their defense?
Just checking.
Re:Allies? (Score:5, Insightful)
John Bolton [theguardian.com] has a more nuanced view. No doubt you will disagree.
I'm not particularly nuanced, I don't suppose. Point taken. But are you now posting op-eds in support of your claim? By John Bolton, no less... The pinnacle of nuance, to be sure. But all right, rather than shoot the messenger, which would be easy here, let's look at what he wrote. (Note to others, the following quotes are Bolton, not cold fjord)
Snowden initially violated his oath to safeguard the national security secrets entrusted to him by revealing National Security Agency (NSA) programs arguably affecting the privacy of US citizens
Conventiently not mentioning his other, more fundamental, oath to protect the US constitution? Also, "arguably affecting the privacy"... We can omit the "arguably" here, it seems to me; that has been Snowden's main point (which has not been creditably disputed, as far as I know).
Snowden's sympathizers and anti-American activists have so far largely controlled his story line
Cleverly mentioning "Snowden sympathizers" and "anti-American activists" in close conjunction. The implication being, without actually demonstrating, that they are one and the same. Echoes of Al-Qaeda and Iraq, a decade ago. Bolton's statement that these have "controlled the story line" is arguably true, but not for lack of trying.
We do not yet know whether Snowden jeopardized US agents, but vital sources and methods of intelligence gathering and operations are clearly at risk
Hm, that contradicts the point you were making about how thousands of operatives were already in grave danger. Although I suppose you will say that you were talking about UK operatives. Ok, I'll give you that, sort of.
Snowden has given Beijing something it couldn't achieve on its own: moral equivalence. Now, China can portray itself as a victim, besieged by America, and simply trying to defend itself.
Do you really not see the hypocrisy here? For years the West has accused China and Russia of doing exactly what they were themselves doing all along. So the "damage" here is that the falsely claimed moral highground is now exposed as dishonest fiction.
Snowden's initial leaks on NSA programs also caused substantial political harm, above and beyond the intelligence damage. Several European governments which co-operated with the US are now predictably running for the tall grass, endangering the continuity of existing programs and damaging prospects for future co-operation
Again, taking for granted that *of course* the US were spying on allies, this doesn't even need defending in Bolton's world. The damage is in showing the hypocrisy. Bolton thinks this is a wonderful argument, I say that this statement, coming from a senior US (ex)official, just discredits US diplomacy even further.
As with the Bradley Manning/WikiLeaks exposure of thousands of classified State Department and Pentagon cables, Europeans want to know why Washington can't protect sensitive information.
False, Europeans want to know why their supposed partners in Washington are treating them like adversaries. The bulk of the cables, I might add, turned out to be "embarrassing" rather than "dangerous" to the US.
But Beijing does not deserve moral equivalence, given the intensity of its cyber-attacks against America. The key point is that China struck first, developing a pronounced asymmetric advantage.
I don't know who struck first, if that even makes sense, but I notice Bolton doesn't give any argument to support his claim. What has been revealed though, is that the West was striking for a long time while publicly denying it.
Then he does a bit of character assassination, I am in no position to judge either way. My personal impression, though it should not count for much, is that Snowd
Re: (Score:3)
don't believe that contractors swear an oath to protect the Constitution, and even if they did, who did Snowden vet his personal interpretation of the Constitution with? Nobody, I expect. Assuming his intentions were actually "good," he just decided he didn't like it and broke the law. As to the constitutionality of the programs, Professor Geoffrey Stone of the University of Chicago Law School has some views on that [volokh.com].
I don't know about his duty to the constitution, but in my view he acted ethically, if not legally. He saw something that he thought was wrong, and harmful to others, and tried to stop it. To me this is a higher good than merely protecting the Constitution. I would hope that everyone would do the same, if in his shoes, or in like situations. This is especially true in situtations like this, where no one who matters (i.e. not the powers that be) are likely to be harmed.
As for embarrassment... Big whoop.
Conspiracy theory: Bitcoin crash of April 2013 (Score:4, Informative)
Who believes the US government had something to do with it?
Suddenly after meeting with regulators the price recovers?
Conclusion: Promote regulation of the Bitcoin network as it's correlated with a rise in the price.
holy shit (Score:4, Interesting)
Re:holy shit (Score:5, Insightful)
Then you shouldn't take and store photos and videos (obviously using and on your computer). You shouldn't use phone (since it has a microphone and possibly camera).. You shouldn't use Windows, ... and Android, ...oh and Linux and almost every connected device and software.
Basically it is a frightening fact that we can hardly run from ubiquitous surveillance since the whole connected electronics devices can be used for spying on us. Unless you leave in a farm, do not have communication devices and spend cash only. But I doubt even that would be enough.
Can we have Orwell's 1984 instead?
Re: (Score:2)
So you would open your laptops/notebooks to avoid their warranties? Better, just stop using electronics. :)
Does it work? (Score:3)
Budget documents say the $652 million project...
Most big budget "defense" projects go over budget, over time, and don't perform to expectations. How well does this actually work (yeah, I know it's a rhetorical question)? Of course, by comparison, it's quite a bit less than the cost of a single B-2 bomber, so maybe its budget isn't large scale enough to underperform?
adversaries such as Iran, Russia, China and North (Score:2)
It may be a coincidence (Score:5, Funny)
But I can't find a single typewriter in any antique shops any more.
Re: (Score:2)
I suggest using totally disconnected computers for the purpose. You can even use Windows XP and Word if you like but make sure no network device is attached.
Perhaps even close USB and remove DVD drives (use a second internal hard drive for backups) and print whenever needed.
How is that plan?
Re: (Score:2)
You lack Slack.
Kill Bob.
Serious question for the Linux community (Score:4, Interesting)
Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:
How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.
Re: (Score:2)
Re: (Score:3)
That's a very good question. But you can also bet that there are a lot of parties around the world who have a strong interest in knowing if this is true or not. They also have access to the source code, and can build it themselves (I don't believe the NSA quite has the influence to propagate a Thomson compiler attack). I bet that if such a backdoor was discovered by China or Russia, that they'd use it as a propaganda weapon and we'd thus know about it.
But in the meantime, we don't know that it's not comp
Re:Serious question for the Linux community (Score:5, Informative)
I bet that if such a backdoor was discovered by China or Russia, that they'd use it as a propaganda weapon and we'd thus know about it.
It would be more realistic to expect them to use the backdoor to their advantage, while it lasts.
Some backdoors are very hard to detect because there is no obvious bug or a backdoor in any one place; with the size of the code base as it is, who would be crawling through the source of some USB driver that works just fine? As a crude example:
static int a[MAX_LENGTH];
void ioctl_handler(int i, int d) {
int *p = &a[0] + GetOffset(i, MAX_LENGTH);
*p = d;
}
There is no bug here. Now, elsewhere:
int GetOffset(int i, int len) { return (i < len?) i : (len-1); }
Welcome to poking any RAM location of your choice (limited only by sizeof(int).)
Re:Serious question for the Linux community (Score:4, Interesting)
I'm wondering if many of us have backdoored ourselves with Skype.
It has been reported that it accesses /ect/password and also reads the bookmarks in firefox. While the later seems harmless initially isn't this similar to the meta-data collected from email exchanges that the nsa is known to collect. I'm sure there is value in knowing what people are reading at some point you may become discontent enough to become a radical or terrorist.
Unfortunately Skype is generally installed by giving the skype installer root access. There is no need to find an exploit when the system user installs your trojan willingly.
We already know skype is not secure for communication and has changed from peer to peer communication to running via microsofts servers. However it is still pretty useful, about the best cross platform messenger client out there. I don't use skype to say anything that is likely to warrant any action from the nsa, so its not a real problem right?
However the access that skype has to my machine is bothering me especially the potential access to passwords, am I giving the nsa the equivalent of ssh access to my machine?
I believe its possible to install skype as its own user and without giving skype root at anytime but apart from some instructions on securing skype on arch wiki I can't find anything else.
Is there anyone here who can share how to install skype sandboxed so it has a much more limited access to peoples machines?
As someone who doesn't feel there is any reason for the nsa to want to snoop on him i still see some utility in skype (what is the cross platform alternative) but i really don't like the idea that the nsa already has access to my personal files and my passwords.
It is a bit cocky to be thinking you're secure since you don't run windows, when you may well have welcomed in the nsa giving them the keys to your 'secure' systems.
Re: Serious question for the Linux community (Score:2, Insightful)
We don't and its safe to say that from the gov Linux is just as vulnerable as the rest
Re: (Score:2)
Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:
How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.
Guess it's time to bring up the innovation of AmigaOS? OS that was decades ahead of it's time and NSA free!
=)
Re: (Score:2)
Re: (Score:2)
So in theory and practice the code is safe. The first telco exchange/tower/branded box you connect is not.
The hardware and software used to help Linux as part of a much larger setting maybe junk as the routers, switches and firewalls from multiple product vendor lines comment notes.
You also have the hint of "“harvest” communications and tunnel into other
Re: (Score:2)
Like everyone else on slashdot, I only run Debian and must say I smile when I see reports such as country sponsored malware strikes like this. But it does make me ask an honest question:
How can we be sure that the Linux kernel isn't compromised? I don't really have the time to go through all lines of code and I doubt my security analysis and development skills are up to the task anyway.
But, but, aren't there "many eyes" reviewing the code, making it perfectly safe? At least you recognize the fallacy of open source software being more secure. In reality there really isn't an entire community reviewing and proofing the code. Just a handful of hackers pouring through it looking for exploits. It's less likely that it was intentionally compromised, but in some respects the linux kernel and distros are more vulnerable because their code is published.
Re: (Score:3)
There is no fallacy there. It is *more* secure. That's only natural since it is open to examination by many more people with differing agendas and allegiances and there is no vetting process before they get access.
What it isn't is *perfectly* secure. Nobody I know of is claiming that.
What is a good system admin to do? (Score:2)
What is a good system admin to do when presented with information like this?
Companies large and small need to think long and hard about their responsibility
in the presence of secret orders, nationally funded hackers with agenda.
Data and data compromise by hook, by crook, by truck, by cloud collapse are all possible.
Key management, process management and more need to be understood by managers.
Companies have been coasting and relying on credentials to qualify their employees
to the point that managers near and
an international agreement (Score:2)
I could not explain it. I spent years trying to find a reason. Now I have got an idea.
"Persist across software and equipment upgrades" (Score:4, Insightful)
If they have really developed software which can do that, they should share their techniques with the commercial world. Software that can continue to run even after a system upgrade? Sign me up.
Re: (Score:3)
Who are these programmers? (Score:2)
Who are the terrorists now? (Score:2)
Around the world (Score:2)
A fast new cleanroom OS is loaded and deep packetsniffing code is carefully crafted.
When the boss is home and clerical staff have packed up for the day...
Ex staff and trusted colleagues load up their B2B and B2P machines with exciting new dual use orders from exotic locations.
Will they see a hint of "routers, switches and firewalls from multiple product vendor lines" trying to “harvest” their effo
Cyber Combat: Act of War (Score:4, Insightful)
Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With Military Force
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html [wsj.com]
All supposedly for catching terrorists, right? (Score:4, Insightful)
And yet Russia can call us up and say "Hey, there are two Chechen refugee brothers in Boston who we think are terrorists" and NOTHING HAPPENS.
Re: (Score:2)
> Vulgar display of power.
These programs are secret. That makes them, by definition, not a display of anything.
Re: (Score:2)
Re:Now, for the other angle, is this treason? (Score:5, Insightful)
Re: (Score:2, Interesting)
Whistleblowing on a secret US government agency that's governed (if at all) by secret laws and secret courts, and is clearly out of control?
Sorry, that would never cross the line into treason. It's the agency which is breaking the law.
So if the identities of operatives were leaked, is that treason? What would be too far even for you?
Re:Now, for the other angle, is this treason? (Score:5, Insightful)
What operatives? None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.
Re: (Score:2)
What operatives? None of the people involved in this are working undercover, they're working in cubicles in office blocks in the US.
The people in Wall Street work in cubicles too. Nobody accused them of causing widespread destruction. In other news, the government would like to stop criminals from running botnets... because they hate competition.
Re: (Score:3)
If you work for something that has turned into criminal organizations of the worst kind (e.g., endangering infrastructure components of other countries), you deserve what's coming your way.
Re: (Score:3)
What was found on Miranda was raw intel -- before being edited. Nothing that made it to press, as far as I know, has identified individuals. Also, how is it Snowden's responsibility that these "non official cover" agents enjoy no protection based on that status?
Finally, can I safely assume that you were vehemently opposed to the pardon of Scooter Libby (and by implication Dick Cheney) for outing an agent -- rather than hang for treason? Which was arguably the more reprehensible in that that leak did not pur
Re: (Score:2)
Maybe this will help. Since US and British intelligence agencies have helped to stop terrorist plots around the world in many countries, their disruption may lead to attacks in your country, the deaths of people you hold dear, and destruction of things you treasure.
I wouldn't get too comfortable with the current state of affairs. It hasn't been that long since Snowden began his disclosures, and some problems, such as Islamist terrorism, are not likely to go away any time soon. In fact it is likely to gro
Re: (Score:2)
I suppose you're among those that think 9/11 happened because Islamic countries just decided they "hate our freedom", rather than a long history of being fucked with in a manner that pre-existed that event and continues through today, and will inevitably result in further animosity and eventual blowback.
Here we come to the heart of the issue - you fundamentally fail to understand al Qaida's motivation. Al Qaida wants to continue the Muslim conquests of centuries ago, when invading Muslim armies threatened to conquer Europe, and continue on to the rest of the world. They want to restore what they see as the glory of Islam. They want to restore the Islamic caliphate government dissolved in 1923 with the fall of the Ottoman Empire. They want replace existing government in Muslim countries with strict Isla
Re: (Score:2)
Don't worry sweetie, the life they can't save now could be yours.
I feel a bit freer because of that, you know? Honey... I know, it may sound weird to you, but... I don't crave to be saved by the government spooks, thank you.
Re:Now, for the other angle, is this treason? (Score:5, Insightful)
That depends of if we decide the NSA has gone far enough to be considered a domestic enemy of the people. It lies to congress, it lies to the citizens, and it may be lying to the president as well. That doesn't sound much like a legit government agency. It spies on Americans and subverts the Constitution. That sounds like something an enemy does.
Re: (Score:3)
that's a rather absolutist perspective. isn't it possible that whistleblowing on a super sensitive program is both necessary and treasonous?
and that if found treasonous, a due process trial should happen?
and that the president could pardon the convict once the impact if that revelation is clear?
not saying that will apply, but it is far closer to reality than "all whistleblowing automatically erases harm from completely unrelated organizations and people", which is how your comment reads.
we are getting summa
Re: (Score:2)
Since the line for treason gets drawn by the government he is exposing, of course the answer is yes.
The question is, does he care?
Re: (Score:2, Interesting)
Since the line for treason gets drawn by the government he is exposing, of course the answer is yes.
The question is, does he care?
I'm asking what line do Snowden supporters draw. Or should Snowden have no limit to what he can leak?
Re: (Score:2)
The schedule for the Two Minute Hate has been adjusted to 13:00 Pacific Time.
Snowden is the new Emmanuel Goldstein.
--
BMO
Re:Now, for the other angle, is this treason? (Score:4, Insightful)
Or maybe you should be asking: should the government have no limit as to what it can do in the name of protecting the country from supposed foreign conspiracies.
Re:Now, for the other angle, is this treason? (Score:5, Insightful)
That's seriously a good question. The ironic answer is that the knowledge that would be sufficient to make an informed decision (as to where the line should be other than an annoyingly vague "whatever doesn't make it worse for humanity") is being withheld from us. Any actual example we could use would be based on what we already know, which isn't going to be whatever the government is still keeping secret - the good _and_ the bad.
Which puts us all between something of a rock and a hard place.
Having read this particular article, it doesn't mention any specific operations, nor any specific methods. I say "specific" because, while it does reveal that the US government is exploiting vulnerabilities in software and hardware (really not a surprise), it does not reveal specifics that would allow an enemy to distinguish between "US government exploit" and "random joe exploit".
I also found this part interesting: "The NSA designs most of its own implants, but it devoted $25.1 million this year to “additional covert purchases of software vulnerabilities” from private malware vendors, a growing gray-market industry based largely in Europe." Apparently, providing 25.1 million dollars of additional demand for unethical behaviour is now within the NSA's newest line in the sand, to go along with global warrant-less electronic surveillance of everyone including its own citizens within its own borders.
Which means here's the thing:
The US government crossed its constitutional line under a veil of secrecy from its own people and then said: I'll keep going.
Edward Snowden crossed his personal line under the orders of the US government and then said: I'm turning whistleblower.
So right now, I'm a lot more worried about the US government's limits than Snowden's.
Re: (Score:2)
I'm asking what line do Snowden supporters draw. Or should Snowden have no limit to what he can leak?
Direct observation of the posts in the Slashdot petri dish reveal that for many of them there is apparently no limit, regardless of the consequences.
Pray tell, following Snowden's leaks, what consequences (worse than what US is already doing) may there be for non-US internet users?
Re: (Score:2)
http://blogs.fas.org/secrecy/2013/08/cyber-offense/ [fas.org]
“We believe our [cyber] offense is the best in the world,” - Gen. Keith B. Alexander, director of the National Security Agency and Commander of U.S. Cyber Command.
Lets go down the list cold:
A mission count, the citation needed for the aggressive aspect and the words GENIE and TURBINE.
More people will understand terms like Tailored Access Ope
Re: (Score:2, Interesting)
As a non-american, I think Snowden went far enough for one man. I think we need other Snowdens to stand up and speak the truth. Treason against his government or all of humanity. Tough choice to make.
Re: (Score:2)
If Snowden leaked this at this point he's exposing information on operations, methods, everything.
At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?
No. Next question.
Re: (Score:2)
If Snowden leaked this at this point he's exposing information on operations, methods, everything.
At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?
No. Next question.
Nice dodge to the question.
Re:Now, for the other angle, is this treason? (Score:5, Insightful)
If Snowden leaked this at this point he's exposing information on operations, methods, everything. At what point does it cross the line and become treason? Is there a line which gets crossed where every Snowden supporter would say "this has gone too far"?
As a non-US citizen and potentially impacted by the US govt actions, I don't have any incentive to say "this has gone too far".
Re:Now, for the other angle, is this treason? (Score:4, Interesting)
It is NEVER treason to expose government wrongdoing or unconstitutional behavior. It is NEVER treason to expose government coverups or lies. It is NEVER treason to disclose programmes that should have had proper congressional or public oversight but didn't. Everything so far disclosed has fallen into the above categories. If ever disclosing one of these wrongdoings or unconstitutional behaviors or coverups has put an operative or operation in jeopardy - then the blame rests solely on the shoulders of whoever perpetrated that cover up. Otherwise, any wrongdoing could be hushed up simply by entangling it with something else.
At least, that's my view as a Snowden and Manning supporter
It's too general to be a clear breach (Score:2)
This leak is analogous to reporting "The US recruits spies". Nobody knows whether their networks are compromised or what to look for.
The kind of leak that hurts a country's covert operations is more like "The US pays Kim Jong Un's barber to make him look ridiculous".
Re: (Score:2)
Da fuck are you smoking and can I have some? Because, damn, that must be some strong shit.
The NSA already crossed that line into treason by violating the most fundamental and sacred legal document in the land. Is it treason to expose treason? Only when they have changed the definition of treason to be any actions or speech against what they're doing, which, as evidenced in the past several weeks, is, "whatever the fuck we want."
Re: (Score:2)
Snowden's insurance file probably contains actual backdoor information, SSL keys, and millions of collected passwords. The internet would have to shut down for weeks... I think even staunch Snowden supporters would be annoyed.
But Snowden would be dead at that point so he wouldn't care.
Re:at what point do illegal, secret acts of war (Score:5, Insightful)
Re: (Score:2)
War crimes have long since become an integral part of the repertoire of the so-called "free world". You just didn't get the memo.
http://www.thebureauinvestigates.com/2013/08/01/bureau-investigation-finds-fresh-evidence-of-cia-drone-strikes-on-rescuers/ [thebureaui...igates.com]
Re: (Score:3)
As an american citizen it is not easy to figure out how to deal with this. Neither party is running on the "stop being evil" platform. Minor protests don't have much effect in this country and a revolution is clearly worse than what we have now.
Re: (Score:3)
Obvious solution: vote for a party that you don't find evil. They don't have to win. If 10% of people voted green and 10% voted libertarian, and the apparent reason was surveillance programs... then democrats and republicans in congress would change their tune in a hurry because picking up those votes would be enough to swing almost every incumbent from a possible loss to a sure win in their next election.
Also, if your congressional representative of either major party happens to be anti-evil -- and there a
Re:Now, for the other angle, is this treason? (Score:4, Insightful)
It is really, really easy to turn a blind eye to the evil one's government perpetrates when that evil is not directed at one's self or one's loved ones, and when in fact these benefit in some way from said evil.
Does all this evil keep our economy strong (possibly at the expense of other economies)? Does it keep stuff cheap at walmart? Does it keep the movies and tv programs flowing? Does it keep most of us basically comfortable in our lives? Then maybe we just won't bother sticking our necks out for a bunch of foreigners who offer nothing to us in return.
What is it that you want people to do exactly? Do you think we have any control over what intelligence agencies do? If we try to stop them then their allies will be in the position to do to us and our loved ones exactly what the US intelligence agencies are capable of doing to people in your country.
You don't seem to understand how things work. The US citizen cannot stop the US government because your government would work with the FBI to stop that. It would be called terrorism. The penalty for terrorism is harsh and can even include death.
If someone in your country tried to take on the intelligence agency of your country, then if your country is allied with the US government then the CIA would destroy those people/terrorists.
The only realistic solutions which aren't suicide or completely insane all take time. Decades. The government agencies can be made less abusive over time, and made to follow the laws of war or at least make it clear to us what rules they follow.
Re: (Score:2)
If so, where is the authorization of this activity by Congress, much less the American people?
Authorization is in USC Title 50.
Re:i thought snowden.... (Score:4, Informative)
Re: (Score:2, Flamebait)
Re: (Score:2)
Re: (Score:2)
I'm in the US, and thanks to the our belligerence, I can now expect to try to defend my networks from the blowback from all this. Lovely.
What blowback? This isn't something that they didn't know already. Maybe they didn't know details and scope and this confirms it.
Re: (Score:2)
I'm guessing that, if the US government is doing this, other governments will say 'open season'. They can hardly complain when the Chinese start breaking into computers all over the world and installing malware.
Re: (Score:2)
Enigma gave the clandestine services a taste of near realtime information.
Why would a top system admin or cryptographer not warn of past (1970-90's) insights into state sponsored network issues?
The good news for all in the "defend my networks" community is great new books on gap or air wall and good code. Way beyond a chapter of trusted brands or code that 'just works' that the author wrote or likes.
Re: (Score:3)
I Oppose the Cyber-War...but I support the hackers.
an ethical US citizen which pays taxes?
Re: (Score:3)
As a non-American, every bit of this information makes me puke. Specially since last night when your president unilaterally and illegally announced another war on another middle eastern country, even the word USA makes me feel bad.
Re: (Score:2)
The US government apparently decided that "papers" should be taken literally, and thus it's open season on anything that's stored or transmitted digitally.
Re: (Score:2)
WHISTLEBLOWER - feat. Edward Snowden:
http://www.youtube.com/watch?v=hnMPQmIPibE [youtube.com]
French, Portuguese, German, Czech, Hebrew, Russian, Serbian, Dutch, Spanish, Japanese, Turkish lyrics translations are listed too