This page has been archived and commenting is disabled.
The NSA's 50-Page Catalog Of Back Door Penetration Techniques Revealed
While the world may have become habituated to (and perhaps revels in, thank you social media exhibitionist culture) the fact that the NSA is watching anyone and everyone, intercepting, recording, and hacking every electronic exchange regardless if it involves foreign "terrorists" or US housewives, the discoveries from the Snowden whistleblowing campaign continue. The latest revelation from the biggest wholesale spying scandal since Nixon, exposed by Germany's Spiegel which continues the strategy of revealing Snowden leaks on a staggered, delayed basis, involves a back door access-focused NSA division called ANT, (which supposedly stands for Access Network Technology), described by Spiegel as "master carpenters" for the NSA's TAO (Tailored Access Operations, read more about TAO here). The ANT people have "burrowed into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell." More importantly, thanks to Spiegel (and Snowden of course), the NSA's 50-page catalog of "backdoor penetration" techniques has been revealed.
The details of how the NSA can surmount any "erected" walls, via Spiegel:
These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives -- from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA's specialists seem already to have gotten past them.
This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.
Nothing quite like an extensive, taxpayer funded catalog listing back-door entry strategy imaginable. Say you wanted to have some backdoor fun with Juniper Networks, the world's second largest network equipment manufacturer (which claims the performance of the company's special computers is "unmatched" and their firewalls are the "best-in-class.")
In the case of Juniper, the name of this particular digital lock pick is "FEEDTROUGH." This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive "across reboots and software upgrades." In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH "has been deployed on many target platforms."
It gets better, because when simple penetration is not enough, the NSA adds "implants."
In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet.
So what exactly is to be found in the 50-page catalog?
Some of the equipment available is quite inexpensive. A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an "active GSM base station" -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.
The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.
This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.
Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.
Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are "remotely installable" -- in other words, over the Internet. Others require a direct attack on an end-user device -- an "interdiction," as it is known in NSA jargon -- in order to install malware or bugging equipment.
The conclusion here is an easy one, and one we have repeated ever since before the Snowden revelations: Big Brother is bigger and badder than ever, he knows exactly what you've been doing, and the second the NSA wants to nuke your computer out of orbit and/or destroy your digital life, it can do so in a millisecond. What is more amusing is that with each passing disclosure, it is increasingly clear that the NSA has gotten its inspiration for its dealings with the US public from a Danielle Steel book at best, or a Vivid Video bootlegged tape at worst.
»
- 51378 reads
- Printer-friendly version
- Send to friend
- advertisements -
Nice take by Webster Tarpley here on how to spot a Limited Hangout (@ ~ 19:30)...and yes Ed Snowden, he's talking about you...something to consider
http://www.youtube.com/watch?v=oEmbmfgbo_M&feature=youtu.be
http://www.youtube.com/watch?v=Aae_RHRptRg
Tarpley's O.K., I suppose.
I have always thought of him as a crypto-socialist, however.
He is 'stuck in the molasses' of the training he recieved as a younger man in his 'edumacation', I have always believed. Check his 'higher education' for further understanding. Realize that Italy, when he was younger, was (and STILL IS) a Catholic socialist state. You see how well THEY are doing right now, don't you?
http://en.wikipedia.org/wiki/Webster_Tarpley
He has seen the totality of what those in the so-called west call 'free market capitalism' (actually, bankster-controlled totalitarianism, but who's looking, or even aware?). He's pretty 'smart' and 'well-informed', but lacks a spiritual 'rudder' (so to speak); in order to guide his statements (other than blatant communications of naked, hopeless reality). He fails to realize the duplicity, and total complicity, of all other 'disciplines', as they are being used against the population of the Earth by their so-called 'masters', and as such, lacks the ability to critically analyze the information facets that he DOES know in the larger picture of what most would consider 'reality' (if they could or would hang up their I-phones and turn off their televisions and STOP letting OTHERS do their thinking for them).
The term 'stuck in the molasses' was first brought to my attention back in 1976, when I read about the sailors aboard the U.S.S. Eldritch that were subjected to massive timed attenuated EMP, in an experiment in 'practical invisibility', as recorded during 1944 in the Philadelphia Naval Yards. I read a BOOK, you see, that quoted interviews with several members of the crew. CRAZY SHIT, I think (like the H.A.A.R.P. 'experimental station' in Gakona, Alaska, or the Russian 'Woodpecker' stuff).
Tarpley is still trying to graduate from Third Grade.
Go , Go N - S - A
Record my data feed today!
Goooo spooky, goooo spoooky
Yay!
Disclaimer : I give neither implicit nor explicit authority for the spooks to invalidate my 4th amendment rights.
Get America out of our faces. Screw the state machine - you owe it to yourselves.
Fork and dangle for chrissakes, nothing else will do it.
I feel "back door penetrated" alright. Right thru my Constitution and right into my Bill of Rights.
"Happiness is a warm head in a basket."
I will mention again that it is no accident that Apple and other laptops permit remote access to the camera and microphone without the user's knowledge.
You can do wonders, in this regard, with handy household items.
Small tab of masking tape over camera.
Tape with a layer of foil, a layer of tissue and another layer of tape over the mic.
Yes, I'm paranoid.
Yes, I know they are out to get anyone who steps too far out of line.
Cell phone? Are you fucking crazy. Pay someone to put a tracking device in your pocket??? WTF?
By placing tape over the lens, you are assuming that the only signal is visible light, while the fact of the matter is that IR and other regions are impinging on it. The missing piece is the translator, and I wouldn't assume anything about what's in your laptop's camera. (P.S. the translator needn't be in your laptop. In fact it would make little sense to put it there. A record of the signals is the only thing that anyone needs, then the remaining activity is remote)
Foil, tissue, and tape will dampen but will not eliminate the 20-20kHz 'audible' portions of of your speech. Don't assume that when you talk to your wife the only signal you emit is in the ~ 20-20KHz band. You emit more than that and the emisions correlate with the words you speak. All you've accomplished is to slightly 'encrypt' your words to someone who 'listens' only to that region of the spectrum.
You need to think out of the box; they do. For a few decades public science has been trying to correlate brain activity to specific thoughts. That's already been accomplished such that "blue" or "ball", for example, have been identified. One issue is (or at least was) that your activity for blue differs from mine. Consider, however, that via your years of viewing your tv and pc you've already potentially established a catalog of "Bob's brain reads like this when he sees a dog, and like this when he sees a naked lady, and like this when he's frightened, and like this when he's angry, and...." And we all would have established that personal catalog.
We're rarely told of such things in the Big Brother world until they're old hat for the spooks*. If we all know that 'blue' can be read via direct contact, then I'll assume that it can be read remotely too.
* the first we heard of Global Hawk successfully flying a passenger jet by remote control from CA to HI was around March 2001. How is it that Operation Northwoods in the early 60's detailed plans to remote control fly a dummy passenger airliner (duplicate of a real one) and shoot it down over the Gulf of Mex and claim that Russian MIGS from Cuba did it and killed all of the passengers (who'd already been diverted elsewhere while the dummy resumed their flight plan). Ironically, the first time the DOD admitted to the existence of Operation Northwoods was also in 2001. A few months later we had 9/11. Global Hawk + Operation Northwoods = 911
just look up CCD's and see what they are ready to do. Special CCD's are made for infrared, for x-ray, etc., and normal cheap mass-production laptop CCD's don't go very far into it, aren't meant to operate there.
Cover with clear plastic, cloth, foil, tape, in that order.
How is it that the NSA ensures that only non-American citizens end up being spied on with these infected devices?...
Or have they stopped trying to maintain that particular lie?
Boboman is coming in through the back door with his equipmunk
You are living in an Orwellian novel. What are you doing?
Masturbating to a lot of internet porn.
NSA TAO ANT COTTONMOUTH
http://cryptome.org/2013/12/nsa-tao-ant.pdf
http://cryptome.org/2013/11/snowden-tally.htm
Now that is what I call "jobs creation." Journalists going for years, keeping magazines and editors in material.
Awesome link, that second one, thanks! I had been wondering whether such a tally with a global view existed.
I'm almost pissed enough to.........yeah, that. America is dead, long live 'merica (land of the fat, lazy, apathetic, emasculated, fucking morons). How fucking low can we go...........??!?
We RE- elected Barry. That was the sign it was over.
The machines re-elected Barry.
Yet another sign that government is just too big. Infinite money enables infinite government.
One of the few peaceful avenues left is to call a Convention to Consider Amendments and to redefine the role and powers of the federal government. Mark Levin's book is just one roadmap for such a convention. Up until now, many people have worried that a Convention would endanger their rights. It is becoming more clear how many rights are endangered by the present trajectory not only of the political side of government, but by the entrenched bureaucracy like the NPS and EPA.
One thing that is certain to me is that a government that can print its own money is a government that doesn't need to ask for the taxpayer's permission for a new law or a new takeover of something else, like airboat operations or like health care.
A constitutional convention would simply erase what is left of the Bill of Rights. Nothing wrong with the Constitution. It's just that all three branches of government are inhabited almost exclusively with traitorous, evil assholes. Just look at this federal district judge Pauley. How is a convention going to fix that?
there is nothing wrong with our constitution now.....as long as we abide by it.
Q. How is a convention going to fix that?
1. Enact an amendment that narrowly defines the commerce clause to allow only for actual interstate commerce, not imagined commerce, to be regulated by the federal government.
2. Enact term limits for CONgress. 2 terms for Senators. 3 terms for Representatives.
3. Repeal the 17th amendment (ie. the direct election of Senators).
4. Enact an amendment that allows the state legislatures to directly amend The Constitution with a 2/3 majority without any involvement of CONgress.
5. Enact an amendment that specifically prohibits the federal government from regulating or giving any money directly or to states for education.
6. Enact an amendment that specifically prohibits the federal government from regulating health insurance or any medical practice or commerce.
7. Enact an amendment that prohibits the continuation of or creation of a new central bank (ie. it abolishes the Fed), and that specifically allows savings and commerce using competing currencies without any negative tax consequences.
Does anyone have a copy of the 50 page catalog?
I think it is on Vivid's website.
Looking for that as well. Call it professional curiosity.
On ZH recently - The Internet Is Now Weaponized, And You Are The Target - can't find the link right now, but definitely worth the read.
I'm sure someone can help with that.
Very informative.
http://www.dwavesys.com/en/dev-tutorial-intro.html
any email, text, kiddy porn can be placed on your computer so "law enforcement" can find it and claim through parallel evidence construction that you are guilty of a crime. Best to keep quiet, pay your taxes, and oh, be sure to contribute to your local police association when you receive those flyers. Or else.
You're assuming you operate from a fixed internal disc. Bad assumption. No hacker uses an internal bootable disc or a standard operating system like those from microsoft. If you don't know the operating system you are trying to hack you have no hope to control it as the command you issue will be meaningless to your machine. So, you use systems that are at least a decade old. Always boot an independent external media which can be hidden separating from the computer. And encrypt it using truecypt with a hidden (invisible) file directory for an extra layer of security if found.
If you want the ultimate in security just disconnect your ethernet cable.
An amusing aspect of all the NSA efforts is that all their plans (and the internet itself) fail with one good coronal mass ejection (CME). Then you'll be glad you have cash, fuel and food stored up.
Alex Jones you are not crazy.
INSTEAD IT IS WE DUMB SHEEP.
Alex just sounds crazy.
If the government would only hire super hot cheerleader women to monitor us, I think I could learn to like being stalked.
They paid to have those backdoors coded in. It isn't like talent was involved. Now all the Chinese have to do is find them. Which I think they already did. If you look at their military equipment, it looks exactly like ours. The NSA screwed us by making us less secure.
The Duck Dynasty guy was right. Back door penetration is outlawed in the Bible, and should not be encouraged by the Gaystappo.
If 'security' agencies start stuffing people's computers, there's nothing better than a concrete cutter to relieve them of their high-bandwidth connections.
Major telco installations are easy to target...everything that goes in has to come out somewhere. open manhole cover, start your stihl, and chop away at the cables. 20 to 30 locations will cause enough of a commercial problem that the agencies will be reigned in to keep the money flowing. Imagine if you get major bank cables in the process. oops. disgruntled payment infrastructure is not what they want. but it is a lovely policy-change lever.
Remember that most western governments are as dependent on I.T. as individuals...and as we know, they aren't great at security. with virtualization, you only need one or two passwords to DELETE VM a few hundred times and oops, they haven't done restore/DR drills in how long? years probably. wait for that sysop to go home, then put a gun to his head and get him to log in remotely.
how long does it take to restore 200 VM's when you only have 1 or 2 tape library? OOPS.
meanwhile, huge chunks of interdependent systems don't function because they all have to share information. anyone around who remembers how to do paperwork/manual systems? oh they've all retired. shame.
if you want to add to the chaos, merely take out a power station or two. nothing a few chains and steel rods won't fix...throw into substation using catapault and fry , baby fry. chain reaction?
But none of this really matters. the real issue is that so called intelligence and security agencies, with the exception of those in russia, china, iran and israel, are completely out of touch with HUMINT and consistently hire the wrong people as analysts. two or three major personality types all following instructions and lacking imagination. shit left on someone's computer is quite irrelevant when a real OP is being conducted. we don't use email, txt, phones, or anything so easily tracked. one-time pads and a few kids on bicycles or a letter to grandma with a dot somewhere on the envelope is as good as you need. walkbys. blue shirt/red shirt/striped shirt . draw curtains in lounge @ 4pm. signal signal signal out in the open and totally undecodeable without massive resources.
so where are the rebels going to strike first? emergency-services microwave backbones? power stations? cables accidentally dragged up? tie a chain around the satellite antenna and drive off with it attached to their F250? and with each successive neutralization the resources to prevent others are diminished. and with each up-guarding the target is advertised.
I could conclude that there is no enemy at all and places like the alphabet soup agencies are just a way to soak up sociopaths and perverts and give them something to do, because with so many open easy targets, the lack of attacks(over time) makes the risk profile absurdly low, such that massive spying on citizens with nothing useful to say can only give a negative ROI.
Anyhoo. encryption is worthless . why hide what you can imply openly without discovery?
And Bob, I know you're reading me; meet me at midnight in the usual place...and don't forget to bring the money.
And as a side-bonus that would prove that bitcoin can't survive rebellion either since rebellion needs to go off-grid & survival of good people requires rebellion.
..." it appears the US intelligence agency is compromising the technology and products of American companies."
Oh, so American companies fuck over American workers and the NSA fucks over American companies.
This must be a patriotic effort!
Obviously the NSA brainiacs never messed with CH1 and his TOR network. Or, "Satoshi Nakamoto" and his double hash.
The implanted interception software in the Cisco and Juniper switches isn't malware. NSA paid these companies to include this interception software, just like the NSA paid RSA to sell deliberately weakened security software.
Only a matter of time before the US tech sector implodes and once companies like Google begin massive layoffs, we'll learn more from disgruntled ex-employees, which will even further accelerate the downfall. In the meantime, focus on open source platforms and if you can't monitor the source code yourself, then hope it's not monitored by NSA drones. Wonder how long before "NSA Code Free" labels take hold?
In the meantime, enjoy Firefox with NoScript, AdBlock, and Yandex.com as your default search engine. Although not completely NSA free, it makes it a little more inconvenient for the NSA bugs to track you.
This reminds me of a situation I ran into in a company I worked for.
We had one PC that was was acting strangely on the network. sending out netBIOS packets in a way that looked malicious. We suspected a virus or malware. This was a DELL optiplex, totally identical to the other hundreds of DELL PCs on the network.
So, my workmate and I took the PC, wiped the drive and reinstalled windows. After Plugging it back into the network, It STILL kept doing the same thing.
We ended up scrapping it.
It seems likely NSA will eventually render US equipment manufacturers parias on the world market. When "full spectrum domination" is the goal, no price is too high to remain "secure", even if it is destruction of a major industry.