How the NSA Plans To Infect 'Millions' of Computers With Malware

Advocatus Diaboli sends news from The Intercept about leaked documents which show that the NSA is significantly expanding its efforts to build an automated system to compromise computers remotely. From the article: "The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to 'allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.' In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the 'Expert System,' which is designed to operate 'like the brain.' The system manages the applications and functions of the implants and 'decides' what tools they need to best extract data from infected machines."

crime?

[BlazingATrail]

Shouldn't somebody go to jail for this?

Re:crime?

[Anonymous Coward]

Hah. The elite get in trouble for doing something illegal? Was that a joke?

However, since you pointed out their wrong-doing, you have a chance of being locked up. There is no greater law in these lands than embarrassing or exposing those in power.

Re:crime?

[davester666]

also, not sure why the article is using the future tense, as this relating to plans the NSA made in 2009. I find it hard to believe they haven't been implemented yet.

Re:

[guises]

Oh for gods' sake, it's Keith Alexander. Any idiot can look that up. Where did this idea come from that the president is lord of all things governmental?

Re:

[guises]

I'm not bumping responsibility down, I'm just not bumping it up. I'm not claiming that Keith Alexander is lord of the NSA any more than Obama is, and I certainly don't want him to be held responsible for everything that the NSA does either. That's just another cop-out. I would like Keith Alexander to be held responsible for the decisions that he makes and the responsibilities that fall to him and no more than that.

I know there's this idea that a good leader should take responsibility for everything that

Re:

[blueg3]

Only if they actually do it, and only if someone with authority ends up considering it illegal.

Re:crime?

[mwvdlee]

I'm pretty sure Snowden will, at some point in the future.

Re:crime?

[Jason Levine]

Unfortunately, the people most likely to go to jail for this are the people who are letting us know about these abuses of power instead of the people abusing power. The latter will simply cry "TERRORISTS!" at the next Congressional hearing and get (at worst) a sternly worded speech directed at them.

Re:crime?

[TheGratefulNet]

to send someone to jail, you have to take them to court (part of the process).

and there is the problem: you and I can't show 'standing' (it will always, ALWAYS be denied us and we can't prove we have been tapped, so there you go!).

therefore, they are untouchable via usual legal means.

they know the system and they use it to keep themselves in power.

nothing short of a full revolution is going to unseat, them either. and given americans' apathy and blind trust in continually voting against their own best interests, this won't be solved in our lifetime.

Re:crime?

[hackus]

Jail?

Oh, I am sorry...you are thinking of JUSTICE. No no...laws apply to YOU..thats JUST US.

JUSTICE is for anybody not you, and it works this way:

1) Eric Holder runs guns for the mexican cartels in a act of subverting the law of the land, the constitution by orchestrating heavy arms into very violent people on the Mexican border hoping the chaos that will inevitably follow through with the subversion of law abiding citizens right to bear arms.

You know, because, if you have border incidents, they don't want people able to defend themselves.

While this is going on, DHS is plotting to kill every man women and child in the USA through the acquisition of ludicrous amounts of ammo.

HOLLOW POINT BULLETS AND SNIPER AMMO, not pistol ammo. MILITARY GRADE AMMO.

I mean, ammo in the BILLIONS OF ROUNDS. You would need hundreds of MILLIONS of terrorists to justify that sort of purchase.

Do I need to draw anyone a picture or is it just a coincidence that the population of the USA is about 280 Million?

280 Million terrorists.

Yeah, terrorists because you don't like having your money confiscated when the banker cronies come and take it all.

2) Look at these lawless people and the BANKS THAT SUPPORT THEM.

New data centers that are funded for criminal industrial espionage, which is the primary activity of the NSA, with PRINTED dollars, because the economy could never afford to build any of this stuff.

From the NSA data centers to the really outrageous F35 program, which cost about 2 trillion to maintain a world wide fighter force of F35's when fully deployed.
(Probably more and if they can ever deliver it because they can't get the thing to work.)

Does anyone know what we collect in taxes? It's about 2 trillion. No really, go look it up. ALL of the collected tax revenue for one year, would go JUST for maintaining a fleet of F35's world wide on all of those bases we have.

Meanwhile these BANKERS print money and destroy the dollar value and as a result creates mischief. If you spend 2 trillion on air planes, you logically have to print the rest of the money to pay for everything else.

The SAME MISCHIEF THAT IS GOING ON IN THE UKRAINE right now. Did you see who they hired?

A Banker. A nice London Banker!

These people are everywhere and where they go lawlessness follows.

3) Have you noticed our youth have no where to go? You know why? Well, for one thing the economy is totally managed by the federal reserve.

The whole thing is rigged. LIBOR. Rigged. Silver Gold Prices, Rigged. Stock Market...

RIIIIIIIIGGGGGGEEEEEEEDD!

You tell me how the stock market can be so high when there is virtually no growth ANWYHERE IN THE WORLD, let alone the United States, which has like 35% unemployment.

You know once upon a time we had laws in place so Bankers couldn't control everything through monopolies. We use to have like a huge number of banks in the USA. Laws were put there so that the banks could not combine and do a EPIC meltdown, or forge any mischief. What do we have now?

5 banks controlling like 85% of the market? What happens when one of them goes titsup?

Yeah, remember the Anti Trust laws? Remember the glass steagall laws?

Yeah they got rid of them. You know why?

Because they want to steal it ALL that is why, and they don't want to be held accountable for ANYTHING.

Justice is for JUST US, NOT THEM.

I am not even going to go into OBAMA CARE, because at this point I am really freaking ticked off at all of this banker mishief and the hollowed politicians from our so called TWO PARTY, really ONE PARTY system.

ONE PARTY to SCREW YOU.

Two Party so they can laughably claim you have a choice when you vote.

Re:

[ImprovOmega]

Okay, generally insightful and well put. But I need to point out that the Hague Convention prohibits hollow point bullets in warfare and as such they are certainly not military rounds. Also, vastly more rounds of ammo are expended in practice, training, and re-certification exams than will ever be shot at live targets. I would be surprised if DHS and all its agents used less than a billion rounds of ammo a year - 99+% of which would be shot at paper targets.

Re:

[antdude]

What about the independent parties?

Re:

[hackus]

The whole NSA mischief is directly related to what the banks are doing.

The banks fund all of this stuff, or it is funded through black projects, through illegal means because they do this sort of thing to avoid the laws put in place by the GAO.

It isn't off topic, it is bulls eye on topic. Look if you can print money you can fund just about anything, and most of what is happening is very very BAD.

I didn't pay much attention when these bankers started invading Mali because they have a huge infestation of GOLD

Re:crime?

[PolygamousRanchKid]

Armed insurrection is our only option at this point. We need to form something like the "Molly Maguires": http://en.wikipedia.org/wiki/M... [wikipedia.org]

It's not mentioned in the article, but they used to lop off the heads of mine managers who were exploiting destitute immigrant miners in the late 1800's. The Maguires obviously couldn't strike back at the Robber Barons who owned the mines, so they attacked the henchmen of the Robber Barons. They would drop the heads off on the doorsteps of other ruthless mine managers to give them a message. My high school history teacher attended a funeral in Eastern Pennsylvania, and the funeral parlor manager said that they still had some unidentified heads in jars in the basement.

So post the names of NSA employees publicly, and let's start collecting heads. The NSA is an enemy of the United States of America now, and all the values of the Founding Fathers. The system of checks and balances has been destroyed by a rogue branch of the US government.

Re:

[ObsessiveMathsFreak]

So post the names of NSA employees publicly, and let's start collecting heads.

Why bother with the hassle, effort and expense. The best way to deal with the NSA is to cut their ludacrious budget. Then watch the outrageous sci-fi super surveillance software projects subsequently implode.

Re:

[mark-t]

The government has always been above the law.

The only time people in sufficient positions of power go to jail for crimes is when they governing body been sufficiently embarrassed by the situation they've created that they want to start over with a clean slate, and at least pretend like they never condoned whatever crime was committed Since this is determined by what the *government* actually wants, and not anything constituents may want or choose to do, there is no way that citizens can exercise any co

Re:crime? Sovereign Immunity.

[Riceballsan]

While I agree with the fact of the rediculousness of how the government can do crime in many ways that would otherwise be illegal. Equating taxes to it is just plain stupid. Taxes are logical payments for services in which the government can and does provide. IE the roads, the oversight into companies to prove that our food isn't entirely relabeled rat droppings, fire departments etc.. Now is it done perfectly or even well? Not in the least, but no matter what a functioning society is going to need a tax system. Even if a perfect rebuilding of government happened, taxes would absolutely be a necessity.

Re:

[Nephandus]

Logical payments would require opting out without penalty, not being force to pay someone else's bills, and not being arbitrarily charged for the collector just wanting more.

Re:crime? Sovereign Immunity.

[Riceballsan]

A society isn't exactly an area that "opting out" is plausible. A police officer can't exactly take the time to determine whether or not someone opted into the "save me if someone is holding a gun to my head" plan, The fire department can't wait for the fire to spread from your proporty before begining to fight it, we can't exactly set up a "food tested to be safe" and "eat at your own risk" sections of the grocery store, A good portion of things that are paid for by taxes, are things that just have to be do it for everyone in the area, or don't do it at all sort of things. Humans have already learned that creating a society with more than 50-100 people, involves some form of infrastructure, and everyone in that society has to chip into that infrastructure. If anarchy worked, there would be a first world country that has an anarchy you could move into. Unfortunately natural selection did not favor such societies, they died out or were invaded and taken over by societies that actually had a functional military etc...

Re:

[fredprado]

Oh, but there are many things you COULD opt out in current society with very little trouble, many many more than those you couldn't. You are right about some government functions that are needed to make society work, but as governments grow the vast majority of the tasks it takes for itself are not critical and should not be imposed upon people regardless of their wishes.

Coercion should be applied only where there is no other way.

Re:

[sjames]

No, those are something else entirely. The crimes happen when government agencies exceed their mandate or the limits of the Constitution. Of course, that puts the NSA firmly on the wrong side of the law here. I'm just waiting for the announcement that they are merging with the RBN. If they were at all honest, they would have struck the colors and hoisted the Jolly Roger by now.

Re:crime? Sovereign Immunity.

[Somebody Is Using My]

As bad, if the NSA can do it, so can others. Either they will hijack the NSA's 'wares, or they will use the same vulnerabilities and methods pioneered by these government agencies. Rather than working to protect the nation's citizenry, businesses and infrastructure, the NSA and others are actively undermining our security. Their mandate is not only to intercept enemy signals but to ensure that those of the country's are not similarly compromised. So not only have they overreached too far in one direction, they have ignored the equally important other part of the job.

Sadly, even if the NSA did start offering secure solutions for people, would anybody trust them enough to take them up on it?

Re:crime? Sovereign Immunity.

[Anonymous Coward]

I'm the leech from above, with consistent employment. If plans pan out at my current place, I may reach the $80,000.00 range by the end of the year. I'm not rich, but I'm far, far away from needing any social assistance. I don't live in a huge city, so cost of living is quite low here. That salary goes a long way, and I'd gladly double my taxes to increase the services everyone here is getting.

The roads here that are privately maintained are garbage, and the tolls aren't automated yet so they're slow as hell, while the city ones are always in considerably better shape.

My hometown has a public energy utility. My current residence has choice of two, both far more expensive than my home, and they both cost the same. Why? I don't know.

I don't have experience with private water (thank god) but in countries that do privatize water, service and cost isn't exactly an outcome.

This isn't even addressing private vs public (when they're properly funded) education, healthcare, public safety, etc. I've never seen a favorable comparison in any of these cases, though.

Don't want to be too serious, on Slashdot though, so here's a joke. Why is my 6 year-old a libertarian? He doesn't understand the world either.

Re:

[LF11]

In civilized countries, security agencies watch you sleep.

Re:

[l0n3s0m3phr34k]

I've got some moronic friends (around 20 years old) who keep calling themselves anarchists, but they have yet to attempt to assassinate a government official. I keep telling them their not really "hardcore" until they at least TRY to take out some gov dupe, but all they want to do is do drugs and rant at coffee houses.

All the more reason...

[ackthpt]

to pull out my old C64, dust it off and find my floppies.

to a happier and simpler time

Re:

[Adam Colley]

You could afford a 1541?

Most of us couldn't, cost more than the computer itself!

Re:

[ackthpt]

You could afford a 1541?

Most of us couldn't, cost more than the computer itself!

I upgraded to an Indus GT. =]

Re:

[H0p313ss]

to pull out my old C64, dust it off and find my floppies.

to a happier and simpler time

I was a VIC 20 guy myself. (Because no matter how many times we explained it to our parents they had no clue why what we really wanted was an Apple][...)

As much as I miss those days, you'll have to pry my modern hardware from my cold dead hands, I rather like living in the 21st century where I can deploy applications to servers around the world with a click of a mouse and read books, watch movies and manipulate my entire music collection from a super computer in the palm of my hand.

Re:

[Anubis IV]

Shh, or the NSA_BOT will document your suspicious activities for review.

Re:

[rvw]

to pull out my old C64, dust it off and find my floppies.

to a happier and simpler time

You remember PEEK and POKE? What is this discussion about? Peeking and poking!

Re:

[antdude]

Um, NSA can still install malwares onto it. It will be slower and more complex for that to happen. ;)

Gotta be a red herring

[SplatMan_DK]

I can't believe this claim.

I bet they did this a decade ago, and this article is just a way to make people believe it hasn't actually happened yet ...

- Jesper

Re:

[pr0fessor]

'Expert System,' which is designed to operate 'like the brain.

This is the point where it started sounding like a syfy.... Maybe they have malware but I doubt it operates like the brain.

Re:

[AmiMoJo]

Well, it shows they were planning it back in 2009, so presumably they already have done it. We need to focus on detection.

Linux version?

[Capt.DrumkenBum]

If not, we could finally be looking at the year of Linux on the desktop. :)
For me Linux on the desktop came about five years ago.

Re:

[BasilBrush]

Right. Because it's not as if they found a bug in GnuTLS security the other week, that compromises HTTP security in many Linux apps. A bug that may or may not have been planted by the NSA, but either way has been undiscovered for 9 years.

There is nothing about Linux that makes it safer from government hacking. In fact the openness that allows many people, who's actual identities are not know to anyone, to contribute code makes it more vulnerable than a closed commercial OS.

At least with a closed commercial

Re:Linux version?

[mspohr]

Linux is more secure.
Also, Linux is less of a target.
I'm glad that I use Linux. I'm also happy that most people don't use Linux.

Re:

[noh8rz10]

"more secure" != secure. I'm sure a lot of the backbone goodness is on linux servers, and it's like swiss cheese to them. at least you feel more secure.

Re:

[mspohr]

If you read through TFA, you'll see that many of their exploits take place by exploiting MITM (and similar) attacks on the Internet communication. However, most of these exploits use some type of malware installed on the machines and that is where Windows is particularly vulnerable. It's much harder to compromise a Linux machine.
(And please spare me the "But Linux does has bugz too" rant. Security is not absolute. It is a game of making it difficult to get to your data. Windows makes it easy. Linux makes i

Re:

[BasilBrush]

Neither.

Neither one is intrinsically more secure as a desktop OS than the other. That Linux has had less malware is only because the market share is smaller.

Re:

[forgottenusername]

That's not real security. That's the same as security through obscurity.

Linux and open source software has always had the security benefit of the code being distributed. No matter if specific components are properly audited or bugs exist for years before being discovered, it's still a powerful weapon you don't get with M$ / OSX et al.

The more people who used Linux, the more eyes would be on the code. So yeah, it'd be more of a target, but the power of open ideals would also scale.

Re:

[aralin]

Their original name bdlinux was too obvious, so the NSA renamed it selinux for "side entrance".
 

Re:

[Burz]

Securely run Linux or Windows to your hearts' content:
http://qubes-os.org/ [qubes-os.org]

So now we now the NSA's plans for growth...

[Are You Kidding]

Is my Kaspersky Antivirus going to find and remove their viruses? Or even better, perhaps some enterprising hacker will write a tool that that sends its own malware back through the NSA bot net and trashes their servers. When I was a youngster "We Have Met The Enemy and He Is Us" was amusing. Now it it taken as a guiding principle by our intelligence services. It's sad.

Re:

[BasilBrush]

Is my Kaspersky Antivirus going to find and remove their viruses?

It seems like a good idea to avoid American make anti-virus software, as they may be working in cooperation with the NSA. But going for a Russian one doesn't seem like a terribly good idea, as you'll just get spied on by their security services instead. (Recently Russia gave out goodie bags to G20 representatives which contained spyware in USB drives and power supplies.)

Likewise British and Israeli anti-virus would be a bad choice given their history of surveillance and cooperating with the US.

So which country that we trust a bit more has an anti-virus company?

Re:

[AHuxley]

You would need the skills to find the malware, note the ip/systems it reports back and have a history of finding gov backed malware efforts (made by gov or their favoured contractors).
Some Russian firms have a great track record of finding varied gov backed malware deep in computer systems around the world and then telling the world of their findings.
US software groups doing the same work might face the reality of national security letters, sealed courts or a gov chat.
Recall the Magic Lantern, Carnivore

Re:

[bug1]

Antivirus programs wouldnt even find and remove the sony rootkit.
If you want to pay to be secure then you are not.

When am I going to get rid of this tinfoil hat?

[dweller_below]

So, now it turns out that the NSA really was attacking me. Just because I ran the routers and a few other critical things.

20 years ago, when I first started ranting about the NSA it was mostly theoretical. I ranted because there was no proof they were not evil. The stickers on my laptop's mic and camera were a bit of a joke. People would ask about them and it would give me a chance to rant. That's all I really wanted. A chance to rant from time to time.

But, now it is clear that all my rants were too conservative.

Now I am doing IT security for a university. I spend all day attempting to hold off the attacks of foreign governments. Some of those attacks now appear to be my own government. I never really wanted to be this paranoid. And it still appears that I am not paranoid enough.

When will I ever be able to take off this stupid tinfoil hat?

Congress keeps railing against money wasted on social programs. It appears the NSA and the CIA are elaborate social programs for sociopaths. Why can't we defund them?

Re:

[FudRucker]

I physically removed the camera and microphone from my laptop, cant hack what does not exist anymore.

its not that i do anything wrong, even if i am typing up chocolate cake recipes it is still none of their fucking business what i am doing, maybe i am using a cad program to build custom motorcycle parts i dont want those fascist pigs to steal it and give it to their criminal friends on wallstreet

Re:

[noh8rz10]

that's the way to go. I covered my laptop camera with a sticker. haven't had the balls to do the mike yet. it's a very convoluted process on a macbook.

Re:

[Anonymous Coward]

I am a fat old dude, I just moon my computer every day -- A moon a day keeps the NSA away.

Re:

[Burz]

Qubes systems [qubes-os.org] can keep things like cameras and mics effectively beyond the reach of remote attackers while running Linux and Windows apps.

The core of the system is a pairing of Xen and X11/Linux which isolates the graphics, network and other risky services into less trusted domains. The result is that the trusted X11 can always show you what security context a window or other graphical element represents, even if the untrusted X11 in a VM becomes compromised-- You can't be tricked into thinking a malware el

Plans to?

[mosb1000]

This is from 2009, so they've probably done it by now.

Re:

[ArcadeMan]

This is from 2009, which means it was already done in 2004.

Fight terrorism!

[Anonymous Coward]

By far the most effective way to fight terrorism these days would seem to be by dismantling the NSA. It's the largest terrorist organization in the world.

And what a lot of money would be saved.

Go big or go home

[WaffleMonster]

Must be missing something... I can't imagine how one could reasonably intend to infect millions of machines and not expect their stash of 0-days to be discovered and plugged in short order.. unless NSA plans to social engineer all of their victims to run the "fre3 v1agra" installer seems like a great way for NSA to shoot itself in the foot.

Re:

[BasilBrush]

Well the following may well have been the NSAs work, and they got away with it for 9 years.

http://arstechnica.com/securit... [arstechnica.com]

Re:

[AHuxley]

The method worked for tested encryption machines for embassies around the world, telcos helped for years without the press or staff really knowing too much... whats a few bugs in closed or open source code - reviews by people with great skills will find it all over time.
Think of all the domestic and international offices, embassies, banks, govs, telcos, firms, brands, NGO's, police forces, armies, secretaries.. spreadsheets, crypto that has been sold or given as aid or for cooperation that provides a way i

Infect millions?

[mandark1967]

Whaddarthey gonna do? Buy Adobe?

LinkSys TheMoon worm?

[NuAngel]

Anybody wonder if the plans in these documents (circa 2009?) have maybe adapted and become the recent Linksys worm [sans.edu]?

Cyber war preparation

[Framboise]

Developing massive attack tools like that make a global cyber war more likely.
As with the initial ICBM's the first one to strike may believe to win.
Very dangerous, and foolish.

Duty

[symbolset]

In a world where 90% of desktops can't even display a JPEG securely, to not have this capability would be dereliction of duty.

It's called the Xbox One

[Anonymous Coward]

How many Xbox One consoles have sold? Microsoft claims 4 million+. That's 4 million homes that have each willing placed the most sophisticated NSA spy device imaginable in prime position to track the household residents 24/7.

Microsoft and their NSA partners, when considering the change of policy that allows (in theory) people to use the console WITHOUT either Kinect of an online connection (both originally compulsory requirements), found that market research indicated a 95%+ likelihood of users choosing to use the console in an NSA optimal fashion.

Essentially, if a person were thick enough to ignore the clear warnings that Microsoft designed the Xbox One to spy on users, they'd actually take a pride in setting up their console according to the NSA guidelines.

Snowden proves over, and over, and over, and over that the GCHQ and NSA are about every aspect of 'full surveillance', and that those people who don't consider themselves as valid targets are exactly the people the NSA are most interested in hitting. A kid screaming the N-word over and over while playing an online game of 'Call of Duty' may one day be a politician whose vote is sought in support of yet another vile war of aggression. Showing him video of his 'racist' outbursts, and asking him how his electorate might respond to such a 'leak' in the press will gain the vote of 90%+ of all people blackmailed this way.

Yet the Xbox One goes so much further. A 'super computer' (by the definition of less than a decade back) connects to a military grade sensor that actually measures the speed of light at each pixel, providing for unprecedented analysis of movement in the room. The Xbox One can be trivially taught to recognise any common pattern of movement (especially the rhythmic movements associated with sexual activity), and begin recording/uploading when such a trigger happens.

Every Xbox One is continually running facial and voice recognition services. And the result of these calculations is uploaded daily to NSA servers in the cloud. NSA computers, mostly using algorithms designed by Google for this purpose, process the facial photographs and voice samples to extract better identification information. The NSA goal is to know who enters/leaves every room with an Xbox One, and when.

The NSA NEVER, EVER, EVER needs hacking or 'trojans' to control the Xbox One computer system. Microsoft provides the NSA with a copy of every Xbox One encryption/authorisation key, so EVERY single online console 'phones home' to NSA servers, and any one of these consoles can be instantly remotely controlled by an NSA agent.

The NSA has far more than its 'fair' share of paedophiles. These individuals have unlimited access to the camera systems of Xbox One consoles located in the bedrooms of children. The video that flows from these cameras is encrypted on-the-fly, so the NSA sex criminal that chooses to use the NSA facility this way can avoid detection if he has even one working braincell.

Snowden is giving a VERY limited snapshot of NSA/GCHQ behaviour in the distant past- 'distant' in the sense that even 5 years back is an eternity when considering the world of computer based surveillance. The owners of Slashdot emphasis, as much as they can, lesser and obsolete abuses by the NSA.

The Xbox One makes all previous forms of full surveillance look like they belong in the Stone Age, and yet Microsoft/NSA reputation management policies on forums and social networks ensure that, even today, those that warn about Xbox One spying are dismissed as "paranoid nut-cases". Every single tech site, this one included, has the official position that no NSA spying occurs via the Xbox One. Every monster in History has followed the principle "if you operate through lies, make your lies as BOLD as possible- the bigger the lie the better it works".

   

Re:

[dbIII]

I was very impressed with the above post until I got to this bit:

connects to a military grade sensor that actually measures the speed of light at each pixel,

At that point I despaired at how someone that obviously received a decent education in english was very badly shortchanged with their school science education. IMHO that decline goes hand in hand with acceptance that those in power know what's best, instead of what should happen with the people administering a nation merely being in place to be servant

Like you haven't though of that for years

[pseudorand]

Okay, everybody, stop your whining. I'm pretty sure every one of us reading slashdot has had somewhere near the middle of his or her to-do list something along the lines of "script mass exploit of remote computers in case I ever need to give the entire world a big F-U". There it is, just below "implement monitoring for everything" and just above "stock up for immanent apocalypse" (which fell a few spots in late 2012). It probably won't ever float high enough to actually make much progress on, but we've all

The destruction of the Internet?

[PineHall]

“Hacking routers has been good business for us and our 5-eyes partners for some time,” notes one NSA analyst in a top-secret document dated December 2012. “But it is becoming more apparent that other nation states are honing their skillz [sic] and joining the scene.”

This is the really scary part. Other nations are doing it and soon criminal organizations will be doing it, if not already. They are destroying the internet as we know it. Purchase something online and have your money

Re:

[PPH]

The Rest Of The World should be working on hacking BGP to make paths between the NSA and the world unroutable.

The Expert System

[hughbar]

I love the Expert System. Was it designed by the Really Clever Person? Is Dr. Evil working on the Really Stupid System to counter it? Go figure, or not, depending on the Really Mathematical System.

Probably already happened

[dbIII]

There's been shitloads of malware infections since 2009 despite everyone's best efforts and more people moving off XP to win7.

Re:Skynet?

[BrianPRabbit]

But I personally have nothing to hide.

Even if You are completely innocent, You have "something to hide". So agree both a defense Attorney and a law enforcement Officer [youtube.com] as well as every other law enforcement Officer I have ever met.

Re:Skynet?

[Anonymous Coward]

Is there any way to avoid such a thing short of cutting my net connection?

Wouldn't do much good. They have a plethora of ways to extract information from your computers even if there is no internet connection.

But I personally have nothing to hide.

Yes you do. I'm not even going to go on about the "the average person commits 3 felonies a day without even knowing it," speech and instead just point out that everything you do in your private life is just that: private. It is yours, and unless they have a warrant, "they" (whoever "they" may be in your country of choice) should not have access to it under any circumstances. That, and even if you don't think you are a valid target, "they" might disagree. There's a number of people out there that thought they were safe and could trust the system, but you know how that turned out. Most recently, Feinstein is finding that she has been bitten by the very same spy machine she's been feeding, or how about Petraeus' mistress that was exposed through the use of so-called "meta-data."

However, you're absolutely right that even if someone perceives themselves to not be a target, they should still move towards securing themselves.

Re:

[jodido]

The real point is not whether you think you have anything to hide or if you have inadvertantly committed your daily three felonies. When it suits the police, you will get caught up in a net. The evidence will appear, or else they will convince you that they have so much evidence against you anyway (whether you believe it's real or made up) that you will end up pleading guilty. An excellent film that shows how this works is "Sins of the Father." It takes place in the UK but happens here--and there, and a

Re:

[TheRealMindChild]

It is one of those theoretical things like being able to predict the number of a psuedo-random number generator. Apparently they "can" eves drop on you computer by listening to the fluctuation of your power supply. But like predicting the next psuedo-random number relies that you know what every single thing is doing, how many processes, what network traffic is incoming, etc, this relies on the fact that they can filter out with absolutely perfect certainty every other electronic device around the computer.

Re:Skynet?

[The_Human_Diversion]

Is there any way to avoid such a thing short of cutting my net connection? Generally I am not too worried about the NSA. I think it is BS what they do as far as invasion of privacy. But I personally have nothing to hide. But this has completely changed the small amount of reluctance I had in becoming a "ZOMG da sky iz fallinz!" type.

The "I have nothing to hide" argument is quite the slippery slope. Do you truly, really, honestly have nothing to hide? Let's put up cameras in every corner of your house, then. Perhaps we can get full copies of your bank statements? You may trust the NSA as a whole, but Snowden already showed that even a single bad apple can ruin a lot of days. What if he leaked compromising information of private citizens as part of his escapades? Would you have something to hide then? Hyperbolic? Sure. But because we've had even just a handful of instances of people having their lives screwed while innocent because surveillance - legal or illegal - uncovered something about them, it's a valid point. Read more. (article about why privacy matters) [chronicle.com]

Re:Skynet?

[WormholeFiend]

People with nothing to hide can still get wrongfully convicted with circumstantial evidence.

Re:Skynet?

[Jason Levine]

Not to mention that many people have something they'd like to hide. Perhaps nothing illegal, but something that would be embarrassing were it to become public knowledge. An agency that spies on everyone is one political move away from threatening to reveal these secrets if you don't tow the line.

Re:Skynet?

[sandbagger]

Toe the line. TOE THE LINE. Not tow. Toe the line as 'line up over there'.

Re:Skynet?

[Jason Levine]

Dough!

I mean...

Do'h!

Re:

[Jason Levine]

True, but what Rob Ford only admitted to it because a video was obtained of him doing it. Before that, he denied everything. I'm not an expert on Canadian politics, but depending on the political climate, he might weather the storm and keep his job. Or not. Still, I'm sure he'd much rather this all stayed quiet. An NSA that listens to everyone all the time (even if not actively but storing data for future possible analysis) can - either for the purposes of the NSA retaining their power or for other pol

Re:

[LinuxIsGarbage]

True, but what Rob Ford only admitted to it because a video was obtained of him doing it. Before that, he denied everything. I'm not an expert on Canadian politics, but depending on the political climate, he might weather the storm and keep his job. Or not. Still, I'm sure he'd much rather this all stayed quiet. An NSA that listens to everyone all the time (even if not actively but storing data for future possible analysis) can - either for the purposes of the NSA retaining their power or for other political purposes - look up information on anyone and leak or threaten to leak information on people who don't sit down and keep quiet. The mere threat of doing this will be enough to silence some critics who would have something to lose (wives, children, family, jobs, etc.).

People line up around the block to buy a Rob Ford Bobblehead. He admits he smokes crack and his popularity goes up. Unfortunately it looks like he will probably weather the storm and get re-elected.

Re:

[Jason Levine]

Of course, for every Rob Ford, there's a dozen other politicians whose scandals destroy their political career. If you're a politician and know you have something that's best not divulged (a partner on the side, drug use, visiting prostitutes, etc), you aren't going to want to take the chance that you can survive the scandal. Especially if the scandal involves something you've declared evil in the past. (Insert any of the very conservative Republicans who railed about how "the gays" were destroying Ameri

Re:

[lister king of smeg]

Well, this may be an interesting talking point, but really is a matter of attitude. Remember when Rob Ford admitted to smoking crack? I don't live in Toronto, but I applaud his honesty. The same goes for every other scenario on earth. If I cheat my wife, it's brought up, and I admit to it, I'll gain far more respect than if I deny, deny, deny.

say that when you are framed for downloading CP.

Re:

[compro01]

Honesty schmonesty. Deny, deny, deny is what Ford did, until the actual video was basically on the national news, then, and only then, did he admit to anything.

More to the terrifying point

[ThatsNotPudding]

People with nothing to hide can still get wrongfully convicted with planted evidence.

Re:

[jodido]

Or no evidence at all beyond what the cops invent. http://www.nytimes.com/2014/03... [nytimes.com]

Re:

[compro01]

Continuous monitoring makes it easier to manufacture a plausible source of the falsified evidence.

Re:

[bob_super]

Write your own OS and browser, run it on an eval board for some mil-spec chip.

Every common architecture, OS, and browser has known (and undisclosed) attack vectors. The only truly safe approach is to not use them.
Then you can browse the web in full knowledge that your machine is safe, and only every single one of your actions will be tracked.

Re:

[gIobaljustin]

But I personally have nothing to hide.

Nonsense. [slashdot.org]

But really, desiring privacy is not wrong. There's nothing wrong with having something to hide.

Re:

[gmuslera]

Even having nothing to hide, and guilty of nothing, you are still target to confirmation bias [aljazeera.com]. And a private joke [theblaze.com] could put you in deep troubles.

Re:

[cant_get_a_good_nick]

But I personally have nothing to hide.

A form of this I like is "I have nothing to hide from people I trust". The NSA is way past the trust range now.

And just because I'm not doing anything illegal, doesn't mean I don't have things I don't want private. Medical things, pr0n habits (which the NSA does use against you). I don't want them with leverage they're not entitled to.

I forgot if it was the NSA or the CIA that investigated ex-gfs for no reason.

Re:

[WormholeFiend]

The principle is still valid.

"According to your cellphone records, you were in the vicinity of an anti-government protest..."

I'm sure Linus reviews everything. right?

[Thud457]

How do we know that the next update on linux is safe?

I thought you said you were going to audit it.

Re:

[ArcadeMan]

How do you know the current Linux is safe? How about last month? Last year? Five years ago? One hundred years ago?

I'm not saying aliens wrote Linux, but... aliens created Linus.

Re:Are the encryption keys for rpms and debs safe?

[H0p313ss]

How do we know that the next update on linux is safe?

Nothing is safe, it never was. A "safe" computer is one with no network behind a locked door where the users have to undergo a full body search before entering the locked room.

Everything else is suspect. That's how NSA and their partners have worked for decades, get used to it.

Re:

[AHuxley]

Its as safe as encryption hardware was in the 1950-80's or as good as encryption standards where till 2014....
With the lists of weak software encryption, junk hardware, telcos splitting - just another way in?

Re:

[canadiannomad]

Read up on sovereign immunity [wikipedia.org]. We need pitchforks.

Re:

[ObsessiveMathsFreak]

And the implant for Linux is called SystemD!

I always thought it was called SELinux.

Re:

[AHuxley]

Depends on the funds and creativity of the staff and support they get.
At a gov level: if you have an embassy revert to onetime pads and physical diplomatic bag/pouch. Make sure your staff understand the country they are working in - stop all political appointees for embassy staff - they are useless, the locals dislike them and don't reflect well on the embassy and its efforts.
No fancy encryption fax machines, next gen encryption phones or tested encryption computers for fast "important" chats or documen

Re:

[AHuxley]

An existing botnet army could have a few state and federal informants in its upper levels. Court cases, legal teams on both sides, political leaders and law enforcement press contact can let interesting details become public for many different reasons over time. From state/federal funding, to a job well done, to entrapment, issues with fame, methods, been seeing doing something with hi tech...