Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Government Security

Crypto Legend Quisquater Targeted - But NSA May Not Be To Blame 57

judgecorp writes "Reports that the NSA and/or Britain's GCHQ deliberately targeted Belgian cryptography professor Jea-Jacques Quisquater may be jumping to conclusions, the professor has said. Investigation of an apparent NSA/GCHQ hack of Belgian ISP Belgacom uncovered evidence that Quisquater's PC had been infected with malware and had data extracted. However the two incidents might be coincidence: similar malware is used by Asian attackers, he said."
This discussion has been archived. No new comments can be posted.

Crypto Legend Quisquater Targeted - But NSA May Not Be To Blame

Comments Filter:
  • by 3.5 stripes ( 578410 ) on Monday February 03, 2014 @08:58AM (#46139901)

    Now the NSA has shown its willingness to do such things, and then deny even having the ability, they're going to get the finger of blame pointed at them a lot more, regardless of whether they deserve it, and now in a much more credible way.

    • by Anonymous Coward

      If you lie often enough I can't believe anything you say anymore. That's the way trust works.

      • by Anonymous Coward

        The intel agencies prefer to say nothing, not to lie. Some people won't trust them regardless of what they say anyway. That's the way it works.

        It isn't uncommon for the people to call them liars to be lying themselves.

        • by Anonymous Coward on Monday February 03, 2014 @10:33AM (#46140731)

          Clapper lied to Congress. No ifs, ands or buts about it. That's enough for me. If he'll lie under oath why on earth should we ever expect him to tell the truth?

          • by Anonymous Coward

            He lied during the open session of Congress. My understanding is that during a classified, closed door session with committeee members, the actual truth came out.

            Sometimes, you are required by law to lie, even to Congress. That doesn't make it right however.

            • > My understanding is that during a classified, closed door session
              > with committeee members, the actual truth came out.

              How would you know? The members of the Intelligence Committees are clueless/corrupt, and even less reliable sources of information than the intel brass.

              > Sometimes, you are required by law to lie, even to Congress

              No. Just, no. Clapper has on numerous occasions refused to answer questions in open sessions while providing the information in closed session (to the same Congressmen, n [techdirt.com]

            • by HiThere ( 15173 )

              No. You can say that you can only reveal infromation related to that topic in a closed session. You don't have to lie.

              Of course, if you only reveal things in a closed session, people will doubt that you said them. So, perhaps, his intent was to use the testimony in open session to lie to the public, and to the non-cleared members of Congress. He still lied to Congress under oath, and that makes him a criminal. One who remains curiously unprosecuted.

    • Re: (Score:3, Insightful)

      by Opportunist ( 166417 )

      Problem is, when pointing the finger blindly at the NSA, your chance to be right is surprisingly high...

    • by Xest ( 935314 )

      The most amusing thing I find about it is how we had weekly, almost daily stories about China hacking this, China hacking that, how China was engaging in a cyber war and so on and so forth.

      Since the Snowden revelations I don't think I've seen a single story on the issue.

      The NSA has caused the US to lose all credibility in complaining about hacking from foreign nations, which doesn't mean it's not happening, but is a result of the fact that anything even China was or still is doing is small fry compared to t

  • by rvw ( 755107 ) on Monday February 03, 2014 @08:59AM (#46139909)

    How about this? Edward Snowden Reveals 'Quantum Insert': NSA And GCHQ Used Fake LinkedIn And Slashdot Pages To Install Spyware [ibtimes.com]?!?!

    German newspaper Der Spiegel reported that documents leaked by Snowden show that the GCHQ used a method called “quantum insert” to redirect employees of Belgacom, Belgium’s largest telecommunications company, to fake websites that contained spyware. The program targeted higher-level employees that had “good access” to Belgacom’s infrastructure.

    • And we still don't have SSL with PFS on /.

      • by fatphil ( 181876 )
        And if we did, there would have been another slide with a little arrow pointing to Dice and saying "this is where we remove SSL". With a smiley, of course.
    • The prof is simply not jumping to conclusions. Doesn't mean anyone in particular is or is not involved.
      Presumably the researchers he contacted know enough to say if this did not look like the NSA job. The quantum insert looks like they don't need hosting in Asia, where these attacks were hosted.
      NSA ate not the only people who have heard of LinkedIn, and it is the obvious attack vector for people who use it. It could be fricken anyone, and pointing to one party in particular is just click bait given the fact

  • TFA doesn't tell much about the setup on the professor machine and network. I couldn't even find which OS he was running...

  • by Anonymous Coward

    Enlarge ur ......linkedin profile size! Click Here!

  • Thats may point to a local support network of staff knowing when to turn the malware or make it become passive again.
  • by PopeRatzo ( 965947 ) on Monday February 03, 2014 @09:16AM (#46140043) Journal

    The NSA is responsible for the hacking of Jean-Jacques Quisquater whether or not they actually did it.

    They're the ones who created this ugly labyrinth of snoops and upskirters who obsessively have to possess every atom of extant human dignity by owning their information, they're very meaning.

    God, I hope Edward Snowden is only the beginning. I hope that dozens, hundreds, thousands of Edward Snowdens reveal every single detail of every single stinking perverted notion of what a government and corporation is to do until we know exactly what kind of chlamydia medicine the wife of the head of the NSA takes and how often he spits in the shower.

    These NSA revelations have left me absolutely disgusted and incensed. They've changed my politics, they've changed my behavior, they've changed my view of my innocent corner of the world.

    And worse, for the corporations who thought this was going to bring some great future of control over the metrics of our lives, it's changed my consumption habits. Now, I've become leery of every request for my zip code. My willingness to use a real email address anywhere is just about gone and I'll pay cash just because fuck them.

    I don't think the backlash has even started over this Surveillance State. Or rather, I hope it hasn't because if there's not an effective backlash then our only hope is a solar flare that wipes everything with an EMP, and that would mess up my saved games.

    Damn you to hell, NSA! and the corporate trojan horse you rode in on.

    • The problem I have with the NSA is not just the violation of my (and others') privacy. That's pretty bad but let's face it, that seems to be the direction the world is heading. As our technology matures, we are going to be under observation more and more often, be it from the government, corporations, other organizations (such as religions) or just each other.

      As bad as this is, the real issue I have with the NSA is the complete imbalance of power this creates between the people and the government that is no

      • That's pretty bad but let's face it, that seems to be the direction the world is heading.

        Yeah, so just give up on things like "freedom" and "privacy."

    • by Gr8Apes ( 679165 )
      Then you're going to love this story [cnn.com]
      • Re: (Score:2, Insightful)

        by PopeRatzo ( 965947 )

        Then you're going to love this story [cnn.com]

        Thanks a lot. It's bad enough that it's below zero outside and I'm still hungover and haven't gotten over the cold that I caught last week, but now I've got Total Surveillance in the WorkplaceTM to worry about.

        And my cat just threw up. I'm going back to bed.

      • by fatphil ( 181876 )
        I am reminded of /Lex Nokia/.

        Presumably my most recent NDA would prevent me from mentioning if I've been reminded of /Lex Nokia/ other times recently, were it to be the case that those reminders were while I was within there workplace. I walked out of that job after only a couple of months...
        • /Lex Nokia/

          The Wikipedia entry is in Finnish and does not translate well. Is this law still in effect in Finland? People really live like that?

          • by fatphil ( 181876 )
            It's still active. It still gives Finns, and those who work there, much more privacy than US/UK workers. Sure, they used to have more, but it could be a lot worse.

            Where are you comparing to?
            • OK, I have to try to work through that Wiki article again. I guess I just don't understand the law at all.

              I've got a neighbor who's a recently-arrived Finn, and I'm going to ask for her help. (Plus, she's really good-looking).

  • May not be to blame? Well, they very specifically seem to aim for that don't they?

    They use injection systems that masquerade as legitimate systems. They use preliminary infections to probe and gauge user sophistication, then they choose their attacks based on threat of detection.

    so the attack that most looks like them is one that doesn't look like them. So any intrusion, unless its just lame (like the one Jake Applebaum talked about in his recent talk where it was litterally just using a script to upload s

  • by stenvar ( 2789879 ) on Monday February 03, 2014 @09:40AM (#46140185)

    You can be pretty much certain that the NSA is trying to get its hands on the private data of anybody relevant to their interests and work: cryptographers, big data scientists, other related fields of computer science. This is simply so that they can make sure that they are ahead of what's out there in the public domain and academia.

    And in addition, you can also be certain that any administration is going to be using the NSA and other spy agencies to keep track of potential dissidents, critics, and leakers: economists, social scientists, political opponents, political activists, members of the military, etc. And they are going to use that data to warn the administration of political attacks and silence opponents through leaks of unflattering personal information, as well as selective prosecution of actual wrongdoing.

    That's not a question of whether this or any other administration is particularly bad or dishonest, it's simply what happens when you give any organization and any government the kind of power that the NSA has given to recent administrations.

  • This guy's Wikipedia page [wikipedia.org] basically only mentions that he's famous for being the victim of the alledged attack. So he's been chosen as a target because he is famous for being the target of the same attack? I'd assume a garden variety mass phising attempt is more likely.

  • cryptography professor Jea-Jacques [...] Quisquater's PC had been infected with malware and had data extracted.

    ...including the letter N from his first name!

  • When are people going to understand: the NSA targets all, at all times. Satellite and space/radar capability monitor all souls regardless. Who the fuck cares if they targeted him one pathetic way or not, when everyone is being monitored regardless in other more invasive and secretive ways?

    Total global surveillance method exposed by Dr. Robert Duncan, a DOD/CIA/US DOJ systems architect: http://www.oregonstatehospital... [oregonstatehospital.net]

    NSA is 90% air wave and radiation intelligence. 10% lower tech shit.

The truth of a proposition has nothing to do with its credibility. And vice versa.

Working...