The Inner World of Gov-Sponsored White-Hat Hacking

romanval writes "Anonymous leaked emails of white-hat hacker firm HBGary shows how it develops and markets products to government agencies. From the article: 'In 2009, HBGary had partnered with the Advanced Information Systems group of defense contractor General Dynamics to work on a project euphemistically known as "Task B." The team had a simple mission: slip a piece of stealth software onto a target laptop without the owner's knowledge. They focused on ports—a laptop's interfaces to the world around it—including the familiar USB port, the less-common PCMCIA Type II card slot, the smaller ExpressCard slot, WiFi, and Firewire. No laptop would have all of these, but most recent machines would have at least two.'"

Black hat not White

[Anonymous Coward]

A 'White Hat' hacker is someone who aims to improve security; HBGary are aiming to take advantage of exploits in order to hack into computers, for mining personal information. They are most definitely 'Black Hat'.

Re:Black hat not White

[Purist]

The work was being done for a government agency. White Hat.

:-)

Re:Black hat not White

[phunster]

Richard Nixon said "If the President does it, it is legal." We all know how that worked out for him. It sounds like you are substituting "government agency" for "President." No one is above the law, not a President, and not a government agency. Black Hat is Black Hat no matter who is doing it, or who they are doing it for.

Re:

[Securityemo]

So hacking into the government systems of an oppressive government in order to cause it damage somehow as part of a larger campaign to topple it without invading and killing lots of people would be "evil"?

Re:Black hat not White

[Divide By Zero]

It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.

White Hat can be "evil", Black Hat can be "good". Value judgments are independent of the definition - are you there to improve bad security or exploit it?

Re:Black hat not White

[Corbets]

It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.

Not quite. If they REQUEST that you "hack" them and you do so, you're a white hat. If you do it without being asked, then you're a black hat. Walking through the door later is a CYA technique only.

Re:

[Securityemo]

From a cynical perspective, yes, but it could also just be a person who is naive about not being considered a threat or a target of a lawsuit regarding cleanup fees.

Re:

[lostthoughts54]

It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.

Not quite. If they REQUEST that you "hack" them and you do so, you're a white hat. If you do it without being asked, then you're a black hat. Walking through the door later is a CYA technique only.

i have to agree here. HBgary seems black hat to me.
The way i have always understood it: Black hat: exploits security flaws.
Whi

Wrong again.

[elucido]

If you break the law period, you're a Black Hat.
If you follow the law period, you're a White Hat.

What HBGaryFederal did was not against the law. If they were contractors for federal agencies, they have the authority of the FBI which means they have the legal authority to do these types of searches.

I don't necessarily like it. The Patriot Act and many other Bush era laws were set in place that we don't like. But the law specifically says the government can do practically anything it wants to us in a time of

Re:

[eggled]

Yes. Albeit the lesser of two evils, and infinitely preferable in the scenario you propose.

White hat hackers tend to work "for the good of all". Black hats exploit weaknesses to subvert protective measures for their own (or their organization's) benefits. The goal of white hats is to close security loopholes. Black hats exploit those loopholes.

Re:Black hat not White

[Jeremiah Cornelius]

HBGary is Black Hat. And Mercenary. They are a boot on the neck of the American people.

Is torture "White Hat Interrogation" when done by the US, as opposed to the former DDR?

No. Only if your name is Rumsfeld, Gonzalez or Yoo, would you disagree.

HBGary is a fascist tool - more akin to the "Ministry of Information" of Brazil [wikimedia.org], than any recognisable "White Hat" group - say Rapid7 [wikimedia.org].

HBGary trades in 0-Days for profit, to organisations which act without regard to Constitutional provisions. They advertise tools and methodology to conduct PsyOps and openly advocate methods to subvert the democratic properties of modern public communications channels.

HBGary colludes with insiders to use Government power to cement corporate advantage over the interests of the citizens and tax-payers of the United States, in the name of "national security".

They are a fraud and a blight on the purported claims of a free and open society. Like in the movie "Brazil", the methods of Mr. Barr have identified individuals in error. In the age of Abdulrahman Zeitoun [guardian.co.uk] and Bradley Manning, the consequences are quite possibly as dire for those individuals, as they were for Mr. Buttle and Sam Lowery.

That would make the US Gov Black Hat.

[elucido]

If HBGaryFederal is Black Hat and working in the interest of protecting the security of the US Government, then the US Government is also Black Hat. Correct?

Re:

[Jeremiah Cornelius]

Black is 3 shades lighter and brighter, than the colour of the US hat.

Anyone who operates "Delta Forces" and runs "Black Sites" and commits the horrors of a Guernica, on a daily basis?

The answer is not that the US wears a "Black Hat". It is that the US has a Black Heart.

Re:

[russotto]

So hacking into the government systems of an oppressive government in order to cause it damage somehow as part of a larger campaign to topple it without invading and killing lots of people would be "evil"?

No, but it would be "black hat" by the computer security definition.

HBGary seems to me to be in the same ethical position as any weapons manufacturer.

Re:

[ogl_codemonkey]

Yes - maliciously interfering with the infrastructure of a sovereign nation is an act of war. Doing it surreptitiously through civilian channels makes it terrorism.

Re:

[Securityemo]

I didn't say it necessarily was the US government who'd run the campaign.

Re:Black hat not White

[tick-tock-atona]

Richard Nixon said "If the President does it, it is legal." We all know how that worked out for him. It sounds like you are substituting "government agency" for "President." No one is above the law, not a President, and not a government agency. Black Hat is Black Hat no matter who is doing it, or who they are doing it for.

Actually, in the US today, the President and government agencies *are* above the law [salon.com].

Yesterday, in South Carolina, an Obama-appointed federal judge dismissed a lawsuit brought by Padilla against former Bush officials Donald Rumsfeld, John Ashcroft, Paul Wolfowitz and others. That suit alleges that those officials knowingly violated Padilla's Constitutional rights by ordering his due-process-free detention and torture. In dismissing Padilla's lawsuit, the court's opinion relied on the same now-depressingly-familiar weapons routinely used by our political class to immunize itself from judicial scrutiny: national security would be undermined by allowing Padilla to sue; "government officials could be distracted from their vital duties to attend depositions or respond to other discovery requests"; "a trial on the merits would be an international spectacle with Padilla, a convicted terrorist, summoning America's present and former leaders to a federal courthouse to answer his charges"; the litigation would risk disclosure of vital state secrets; and "discovery procedures could be used by our enemies to obtain valuable intelligence."

In other words, our political officials are Too Important, and engaged in far Too Weighty Matters in Keeping Us Safe, to subject them to the annoyance of the rule of law. It's much more important to allow them to Fight The Terrorists without restraints than to bother them with claims that they broke the law and violated the rights guaranteed by the U.S. Constitution.

Fortunately, other countries are not so squeamish about prosecuting war crimes, which is why Bush et al. will likely never set foot in the EU again [salon.com].

Goodbye, leaders of the free world. It was nice while it lasted.

Re:

[sznupi]

I assume that by "while it lasted" you mean "while the concept had great PR"? (which included also comparative advantage with many more places - but such advantage doesn't mean much in general, especially considering the mode of creation of some lesser [chomsky.info] places [wikipedia.org] in particular; but places populated with lesser people, so the PR could work well... comparably)

Nixon

[ThatsNotPudding]

He was just ahead of his time. Now, honesty is a vice and expediency is a virtue.

Re:

[gmuslera]

So if that activities ended in a blood bath somehow, would end being called Red Hat?

Still, probably from which government was that agency will change the color of the hat too.

Re:

[Securityemo]

Or a Redcap [wikipedia.org]

Re:

[AftanGustur]

The work was being done for a government agency. White Hat.

:-)

By that definition the Chinese hackers that were involved in Operation NightDragon [infosecisland.com] were probably also "Wiite hats"

Re:

[elucido]

The work was being done for a government agency. White Hat.

:-)

By that definition the Chinese hackers that were involved in Operation NightDragon [infosecisland.com] were probably also "Wiite hats"

To the Chinese yes they'd be the White Hats. To the rest of the world they'd be something else.

Re:

[WorBlux]

The owners authorization is what's relevant, not the government's (Government being nothing more than a group of men and women who do business at the barrel of a gun)

The government owns America.

[elucido]

Which is why if they give themselves permission to wiretap and hack all of our computers and networks, they have the permission.

The FCC gave them that legal authority a long time ago.

Re:

[rtb61]

Your countries espionage White hats would be other countries Black Hats as there are always many more other countries and you would also consider other countries White Hat espionage agents as Black Hats, the numbers are definitely for Black Hats as the appropriate nomenclature.

Time of course to point out the stupid. You also would be giving away dangerous technology that once discovered could and would be used against you. Now to make that even worse, you can not defend against the attack without alertin

Exactly.

[elucido]

Your countries espionage White hats would be other countries Black Hats as there are always many more other countries and you would also consider other countries White Hat espionage agents as Black Hats, the numbers are definitely for Black Hats as the appropriate nomenclature.

Time of course to point out the stupid. You also would be giving away dangerous technology that once discovered could and would be used against you. Now to make that even worse, you can not defend against the attack without alerting others to it thus defeating it's value, what can you say but, "the stupid, oh my God, it burns". So not only Black hats but really bloody stupid Black Hats.

The White Hats can and must aggressively hack. This is the only way they can hack Al Qaeda.

I find it funny this site at one time will claim they can't wait for the US Cyber Command and wants the USA to win the Cyber War, but then gets angry at HBGaryFederal. I don't agree with or understand why HBGaryFederal was hacking American citizens and in specific hacking some of the people they chose, but I also am not President Obama.

Before we judge what they were doing, we ought to wait until the full story comes o

Re:

[rtb61]

The basic principle still stands, to hack a network you basically must exploit a weakness. The ultimate goal of all security experts is to close all weaknesses. You can not exploit what you close, you can not secure what you leave weak. Any security organisation that knowingly leaves citizens exposed to security holes, in order to pursue personal promotions via committing crimes in other countries is in fact acting in a treasonous manner.

The white hate chooses honour and integrity and secures networks, t

Re:

[elucido]

The basic principle still stands, to hack a network you basically must exploit a weakness. The ultimate goal of all security experts is to close all weaknesses. You can not exploit what you close, you can not secure what you leave weak. Any security organisation that knowingly leaves citizens exposed to security holes, in order to pursue personal promotions via committing crimes in other countries is in fact acting in a treasonous manner.

The white hate chooses honour and integrity and secures networks, the black hat chooses personal success and leaves discovered security weakness in place so that they can exploit them, for what ever reason and in which ever location the choose.

So international terrorist groups like Al Qaeda cannot be hacked? That to me is ridiculous.
How do you have a cyber war if there are no offensive capabilities?

Actually you are correct.

[elucido]

The White Hat and Black Hat divide was invented entirely by and for the government so that the government could categorize the hacker community. In essence the only difference between White Hat and Black Hat is that the White Hat follows the law when conducting their hacks. Despite what you think, the federal government had legal authority under the patriot act and other previsions to wiretap. The government still can get a search warrant and once a search warrant is obtained then any group of contractors c

Re:

[Securityemo]

Terms, no matter how loaded with power and prestige, are irrelevant generalizations. Life is not a game of Shadowrun, just something very similar.

Re:they take knolwedge form black hats

[Jeremiah Cornelius]

Ahhh... Let's cook-up another "Twitter Revolution".

"But for a defense contractor with ties to the federal government, Hunton & Williams, DOD, NSA, and the CIA - whose enemies are labor unions, progressive organizations, journalists, and progressive bloggers, a persona apparently goes far beyond creating a mere sockpuppet.

According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated "persona management" software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online."

http://www.dailykos.com/story/2011/02/16/945768/-The-HB-Gary-Email-That-Should-Concern-Us-All [dailykos.com]

Re:

[GerardM]

The original story at Ars Technica is called "Black ops: how HBGary wrote backdoors for the government". The person who submitted the story is not colour blind...
Thanks,
          GerardM

Re:Black hat not White

[Blue Stone]

I guess here at /. the 'editorial' policy is to provoke discussion regardless of the intellectually dishonest manner that's used. Summaries and titles that distort the original article seem to be more and more prevalent in order, I'd take a wild guess at, to provoke comments.

Ladies and gentlement, we are being trolled by the management.

A sad state of affairs.

Re:

[Securityemo]

As long as it's consistent it isn't so troublesome. This is a discussion site after all.

99.7% of stories by samzenpus are overhyped...

[denzacar]

That's his "style". Why do they let him out of "idle" section is beyond me.

Pretty soon all "editors" will concentrate more on hype than on anything else, and summaries will have all the quality and integrity of io9 posts.
Just wait and see... Soulskill is already somewhat of a samzenpus-lite.

Re:

[mug funky]

more enticing headline = more ads clicked (maybe).

they don't do it too badly here, compared to even the most respected online newspapers.

Re:Black hat not White

[Anonymous Coward]

No HBGary belongs to a completely new category of hackers. Neither 'black hat' not 'white hat', but 'ass hat'

Re:

[Securityemo]

It could be Aaron Barr himself using a "persona" to "spark a verbal braul" to "bring the discussion into the public eye"? :3

Re:

[chris_7d0h]

A 'White Hat' hacker is someone who aims to improve security

That statement leaves the definition up to a point of view.
From the US PoV this could well be seen as a white hat activity as the aim is to serve USGov interests, while from the targets PoV it would be deemed black hat. A Russian counterpart of this company would by your reasoning be a black-hat company from a US perspective but a white-hat (good) from Medvedev's, since it poses a threat to the USGov agenda and serves the RusGov's.

Re:

[Anachragnome]

"They are most definitely 'Black Hat'."

"The work was being done for a government agency. White Hat. "

Actually, it doesn't really matter anymore. What matters is the fact that, more then likely, ANONYMOUS now has these tools. We have to assume the entirety of HBGary's data were compromised--The Ars Technica article seems to imply a greater knowledge of these tools then the emails alone would impart. Hmm. The only reason I could see Anonymous not getting these tools after the caper they pulled off is if HBGar

A white hat doesn't break the law.A black hat does

[elucido]

The government is the one who invented this white hat black hat division.

White hats are the hackers who refuse to break the law. They can write offensive programs, they can be investigators, they can hack terrorists, because they have a search warrant and it's not illegal.

Grey hats are the hackers who will break the law in the name of research, science, security and or improvement. They wont break just any law, but the minor laws that nobody will arrest them for.

Black hats will break any and every law becau

Re:

[Anonymous Coward]

It's very simple. Once you discover an exploit in someones code, you can choose to either inform them so they can fix it (White Hat) or withhold the discovery for personal gain (Black Hat).

black, white, gray...

[DEmmons]

It was my understanding, gleaned from sources including the good old Jargon File, that one of the most agreed upon standards for hat color definition is a combination of permission and intention:

• White Hats are hired or are granted permission to attempt to crack a system's security by the owner(s), usually for the purpose of auditing security, discovering vulnerabilities, and understanding how to fix or minimize them.
• Gray Hats crack security without authorization, but have no ill intentions once they succee

Re:

[Anonymous Coward]

For most, (I was one) this is a decision which is made in an instant, and the only guidance is how you were brought up.
I was faced with whoops I have root. I quickly noticed there was NO FIREWALL and all files were open and exposed and nobody had been logged on for a month or more. There were numerous binaries, after fighting everything off, getting a firewall up, and doing a virus scan, I couldn't find a rootkit. (Although I didn't have authorization, I fixed the problem because I knew the owner on a per

Re:

[ciabs]

Shred like Yngwie Malmsteen with truth
and restore the dialog

(fixed it)

Re:

[elucido]

As far as I know, that would make HBGaryFederal White Hats.
In specific they did not break any laws.
In specific they were building tools, strategies and software for cyber warriors or may even be the cyber warriors.
In specific they are honest about what they are doing, they call themselves HBGaryFederal, they use their real names.

It does not seem to me that there is anything Black Hat about them. If they are Black Hat then they don't seem to know a damn thing about opsec. I mean first of all they don't have

Re:

[elucido]

yes, they are a security firm, and as such need to maintain a white hat / ethical hacker image. I'd judge their actions individually, though, and I'm thinking in this case they weren't wearing a hat at all - they were only creating tools and strategies. of course, internally such tools must be tested, and doing so is pure white-hat. using the same tools against another party without their knowledge and permission, for a purpose other than improving their security, would not constitute a white hat operation even if they maintain a normally clean reputation. I don't think they did that, though, and even if they did, it doesn't say whether they are good guys or bad guys or evil or anything. the convention of hats is about something else entirely.

I don't think White Hat = Pacifist. If there is a legitimate cyber war, then you'd know that there would be White Hats who would have the legal authority or responsibility to fight the cyber war.

These White Hats would be cyber warriors first.
White Hats in specific would be improving the national security of the United States in this context, and as long as no laws are broken I don't see any problem with it.

Now if they broke the law to enforce the law then I have a problem. If they abuse human rights to def

Re:

[DavidTC]

Actually, the distinctions are:

white hat - attacks with permission(Or attacks own computer.), informs target/manufacturers afterward of security holes and how to fix, if they see a way
gray hat - attacks without permission, informs target of hole and how to fix afterward. Often, these are hackers who noticed a security flaw by accident in someone else's system and were unable to get them to fix it, so does this to force them to, often by causing them public embarrassment but little or no damage.
black hat

Re:

[ciabs]

attacks != oop's I have root; your use of the base word "attack" is false terror

Re:

[DavidTC]

What the hell are you talking about? I didn't say that 'attacks == oops I have root'.

Someone who accidentally has root is not an attacker or a hacker in any sense.

If, after accidentally getting root, and being unable to get the server owner to do anything about it, he replaced the original web page with one explaining how the server was insecure, he'd be a 'gray hat hacker'.

Although, strictly speaking, if he ends up 'exploiting' a security flaw entirely by accident, he isn't really a 'hacker' at all, any

Re:

[Securityemo]

Hair-splitting it like that amounts to using what should be a label of moral/ethical behavior as a title of prestige.

Re:

[ciabs]

Someone who accidentally has root is not an attacker or a hacker in any sense.

Actually, I think your full of it now. Enough lies.

Re:

[ciabs]

u persist using the word attack

Re:

[ciabs]

that's right sleep mode

Re:

[ciabs]

You used the word attacks in all options
I know you "can't remove it" on slashdot.

But get what I'm saying here.
I get if you would want to retract it.

The description sucks.
But so does fear

Re:

[DavidTC]

ciabs, you are retarded, and I suspect your problem is that you think I responded to you in my original post.

I did not. I responded to a post that said 'It's very simple. Once you discover an exploit in someones code, you can choose to either inform them so they can fix it (White Hat) or withhold the discovery for personal gain (Black Hat).'

That was the post. You, in response to that, told a stupid little story about getting root. Likewise, I responded to that with a clarification of the terms.

You took m

Re:

[Securityemo]

Not really, it's still intrusion. Complexity and aggressiveness of the attack doesn't matter much, not to non-tech people at the least. Just look at McKinnon.

Re:

[Securityemo]

Okay, so you can be a black hat and still a good guy then. Problem is, the descriptions are not used in an amoral sense, so it becomes a bit contradictory.

Re:

[Securityemo]

I trust my own morals. But it evidently becomes complicated when "I" becomes "We". I think I'm the kind of person who has a really limited or absent sense of "we", though, but I seem to get along fine by just cooperating with people in life. Why do people have to complicate things such that a "group" becomes "social"? It might sound crazy, but I can't explain it better.

Re:

[schwinn8]

Still, the question above applies... why do you think your morals are necessarily "good"? For all we know, you could be a terrorist who thinks that what he/she is doing is "good" (you do realize they think they are doing a good thing, according to their morals). But, as you can see, your moral basis doesn't mean that it is good for anyone else or society as a whole. For this reason, good/bad MUST be considered socially / as a group, or as all of human-kind/earth-kind. Bottom line, just because you (or the h

Re:

[Securityemo]

Certainly, but what I consider "good" or "bad" or "just" is just what my "moral neurocircuitry" tells me is. Therefore there is no true universal morality, and what we can call "morality" on a societal level becomes something very different from what is everyday experienced as such, and probably shouldn't be called that. The closest thing to universal morality would probably be "suffering" and the empathic reaction to this in others, but even this has limits - what if I suffer so long as I cannot take venge

Why "White hat"?

[Goglu]

Why would this qualify as "white hat"? Because they sell their solutions to corporations? Corporations are often no better than the mafia: check how well established and still active corporations helped bring Hitler to power.

What would it be called if they sold their solutions to the "legitimate" government of Saudi Arabia? Or to Hamas (who was elected as the representatives of the Palestinian people)? Would it still be "White hat"?

I propose that "White hat hacking" be reserved only to those who use their skills for the good of the community as a whole. Just my 2 cents.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Good Thing

[Wicked Zen]

~Well, it's a good damn thing they're developing these products for the government, and not like, someone we can't trust to use them responsibly.~

White-hat? I don't think so

[moonbender]

White-hat? Hacking doesn't automatically get a white hat just because it's done for your favorite government (or other organisation). Developing malware and rootkits destined for actual use is black hat hacking, plain and simple. HBGary did both black and white hat stuff.

Re:

[Securityemo]

You could argue that "Hats" is a bad construct, and that if you understand the consequences of your actions conventional moral terms serve much better. The only reason the terms are used, I think, is because of the fact that it's so easy to get away with things. There's no external moral reinforcement because there's really no effective law enforcement and the anonymity is total. I think this is why all the security people I've met IRL have been "neurotic" or "twitchy".

Re:

[gstrickler]

In fact, I would assert that if it's being done by/for a government, that makes it suspect. Doesn't mean it's automatically black hat or white hat, but any government hacking of citizens should be viewed with great skepticism. There are legitimate reasons, but it's up to the people/agency performing the hacking that it's actually in the public interest and for legitimate law enforcement purposes.

Re:

[elucido]

If they just get a search warrant then thats the legitimate reason.

Re:

[gstrickler]

Agreed, but lately, many times they don't have a search warrant. Also, how do you control the distribution and installation of viral malware as proposed in the article? There is no search warrant that can legitimately cover that.

Re:

[Securityemo]

"Good? Bad? I'm the one with the 0day." /
"The only law on the internet is assembly and RFCs."

Re:

[Securityemo]

Yeah, it would have been "mercenary" if they where contracted to do actual "computer espionage" but here they only built the tools. Maybe there are other firms that do that sort of stuff though? And I believe most mercenary firms would not hire out their services indiscriminately. Blackwater (now Xe) is considered to be "trash" by other mercs from what I've read, and it certainly fits the alleged cocaine parties and shooting wildly in the air.

Re:

[DavidTC]

HBGary are not 'mercenaries', they are 'weapon suppliers'.

Mercenaries are 'people paid to fight a war who are not in the armed services'. That's all that means.

Some of the DoD contractors are, indeed, mercenaries, although they really dislike being called that, thanks to our quite legitimate dislike of mercenaries.

"Greg Hoglund" not "HBGary"

[Securityemo]

Greg Hoglund is a leading expert on rootkits, and per the article it was he who did all the developement and research. If the article tells the truth, the firm sold advanced rootkits to the US government, and the latest iteration would have been one that used advanced memory management techniques to jump around in process memory and do it's thing without using any OS-managed structures, thus evading detection. I don't grok this at all, but it sounds like an advanced version of a technique I read about where the malware extracted the code from DLL files and ran things without having to go through the OS. So that part was entirely llegit, but the social networks part (which the government apparently wasn't at all interested in, presumably because they already got a contract with those Palantir guys) was evidently a catastrophe in the making.

Re:

[Securityemo]

Actually it was founded by Hoglund, and it sounded like the core of the company was Hoglund and Hoglunds wife (as a manager of some sort).

explains much

[bugi]

They spend so much time dicking around with my laptop at airports and borders so it's not so suspicious when they also dick around with your laptop. Now if they'd just hire somebody with a clue to fondle my ports, I could get through the line much much faster.

Re:

[Securityemo]

That's just stupidity and people performing tasks without understanding the reasons behind them. But from what we've seen, "US intel" would evidently take advantage of the situation of confusion, I.E. install malware onto targets during border checks. They probably already are.

Re:

[Securityemo]

I suppose they have to deal with stupidity as well as anyone else. Wonder how they handle it, what with their "saving face" culture? Or maybe their military/police has a different internal culture?

Re:

[Anonymous Coward]

I pop in a separate hard drive when I travel. when I arrive, i swap it with the real one (which is encrypted of course).

Re:

[Securityemo]

Malware can be explained away as malware, especially if it logs to a "dead drop" of some sort that can't be linked back to the intruder. A hardware computer bug, if found, would be much harder to explain away. Especially if found en masse by people who's only link in space and time is crossing the US border.

Re:

[Arancaytar]

fondle my ports

Dude, TMI.

submitter here

[romanval]

I was gonna put quotes (") around "white hat" but I was out of space. Slashdot needs to accept longer titles.

This title for was difficult to make because the TFA has subject matter that's all over the map: Collections of 0-day unpublished exploit vectors, rootkits with keyboard loggers disguising payload as ad click tracking data, and social network tracking via bot accounts. Tough to summarize in just 50 characters.

Re:

[penguin_punk]

Don't worry. Just be content that your story made it to the front page. Some people will bitch about articles regardless.

Re:

[Securityemo]

"Inner World of Government Sponsored Hacking: Effectively Recognizing the Signs of Paranoid Schizophrenia in the Information Age - A Primer w/Case Studies".

funny name (sort of )

[roman_mir]

It's sort of ironic that another product with the same name (Plan B) is used to get rid of unwanted 'intrusion', not promote it...

Pedants ruined this discussion

[Anonymous Coward]

I'd read TFA earlier. I decided to read the discussion here to see what interesting thoughts people might have on the topic, only to find page after page of arguments about hat colors. WTF? Pedants very rarely ever add to the discussion. Their comments seem mostly intended to inflate their own sense of superiority, and sadly often derail the discussion here as so many readers seem inclined to try to prove they are smarter. I'm sure someone will post a snarky reply that I must be new here. I'm not. I learn s

Re:

[Securityemo]

This is because the only ones that can really contribute to this discussion is those who have technical knowledge of computer security and those who have experience with government or IT security contracting. You should probably be happy that anyone here can contribute at all to the discussion.

Re:Pedants ruined this discussion

[mug funky]

the HBGary sockpuppets are all over /.

didn't you know?

btw, how much do labour unions suck? OMG i like totally need to tweet some fox news links right now.

i like BP. i think the government is being overly harsh.

Obama is a muslim and wasn't born in america

AGW is a myth perpertrated by the illuminati and terrorists to make us give up our guns. think about it.

Re:

[Rick17JJ]

I was also hopping for some discussion of more substance, than just arguing about hat colors. Below are several things from article that I would have liked to have seen discussed:

1. Near the end of the article, it mentioned that HBGary had been hacked by Anonymous. If experts like HBGary can not protect themselves from hackers, how can the rest of us mere mortals ever defend ourselves? There was also another recent article on the Ars Technia website that focused on the hacking of HBGary by Anonymous.

2. The

Re:

[Securityemo]

1. It was an act of social engineering against their admin. They got their hands on the SSH password - not superhuman hacking skills. And it was a 16-year old girl that did it, to boot.

2. Yeah, I'd think so. But you need to know the limitations and proper use of that sort of software at least, to avoid getting caught.

3. The rootkits I've seen are mostly for windows, though there are a lot of *nix rootkits around. Traditionally, rootkits where the domain of *nix servers - they where as far as I know no

Re:

[Securityemo]

Elaborating: I assume these rootkits (I don't think HBGary have knowingly participated in industrial espionage mind, but there are a lot of malware authors out there) are sold as packages designed for use in spear phishing or usb key schemes. In order for the attacking party to avoid liability when the software exfiltrates data from the target network, no matter how good steganography it uses, it would need to dump the data onto a "bulletproof" system or lease a botnet. Such systems are (currently) found in

Re:

[Securityemo]

And no, you could not use open HTTP/Socks proxies or TOR assuming they where not blocked, not if you wanted to use steganography. Which you would want to, since you want to present an "advanced persistent threat", i.e., you want to monitor the target systems for a long time without getting caught.

Police States of America

[cosm]

So is it just me, or is it fucking police state of America week on Slashdot?

Re:

[Securityemo]

It's Horrible Hour! All drinks at the bar cost their base price plus a random amount of cash between 10% and 90%. If you pay too little, you get fondled. If you pay too much, you get fondled. If you get caught bringing in liquor into the establishment, you are shot.

/. news editors

[Magada]

A day late and a dollar short, as ever.

ports and more ports

[Eil]

They focused on portsâ"a laptop's interfaces to the world around itâ"including the familiar USB port, the less-common PCMCIA Type II card slot, the smaller ExpressCard slot, WiFi, and Firewire. No laptop would have all of these

Funny, my Thinkpad does.

Re:

[somersault]

But look good sir, he is short and stout! Behold his handle.. and there his spout!

Re:

[Securityemo]

Just not on my carpet; on my neighbors carpet if you will. I have work and guests to attend to, and he's a sorry old man-crone, not to mention poor. And I suspect he steals my newspaper on Saturdays sometimes. Just don't tell him I said that, or our many affairs and conspiracies will go sour.

Modified.

[elucido]

White hats don't break the law. If it's legal then it's okay.
Grey hats break some laws, but only to do their jobs and not any really important laws.
Black hats will use any means necessary, including abuse of human rights and breaking the law.