The NSA Has A Way To Intercept Computers Mid-Shipment And Install Spyware On Them
Source: Business Insider
The NSA Has A Way To Intercept Computers Mid-Shipment And Install Spyware On Them
Steve Kovach
Spiegel Online has a lengthy new report out today detailing the exploits of an elite and secretive NSA hacking unit called Tailored Access Operations, or TAO. The group is tasked with gaining access to electronic devices by any means necessary.
According to the report, TAO dabbles in a lot of spying activities, but there are a few that stand out as especially invasive.
First, the TAO program can intercept hardware like laptops before they're shipped to a user and install malware on the devices that let spies track the owner. The process is called "interdiction" and allows the NSA to divert shipments of consumer devices to secret workshops where agents carefully open the packing so it looks like nothing was tampered with before installing the malware.
TAO agents can also use bugs in Microsoft's Windows operating system to look for potential holes in a suspect 's machine. For example, whenever a Windows user gets a pop-up window with an error message, TAO can get a look at what data the user is sending over the Internet. That data can help TAO exploit holes in Windows and potentially install malware on machines.
Read more: http://www.businessinsider.com/nsa-tao-2013-12#ixzz2ouGVkxot
cantbeserious
(13,039 posts)cantbeserious
(13,039 posts)Laelth
(32,017 posts)-Laelth
WhoWoodaKnew
(847 posts)Just curious.
caraher
(6,278 posts)you'll probably find the shipment was delayed due to unforeseen circumstances.
savalez
(3,517 posts)Last edited Sun Dec 29, 2013, 09:07 PM - Edit history (1)
when you're not home...
This sounds like something from Apple's evil PR firm. I call BS. Paranoia big distroya!
DeSwiss
(27,137 posts)[center]
[/center]
Habibi
(3,598 posts)Rather than just individual orders, I mean.
RC
(25,592 posts)Otherwise you are looking at random unknowns, which is very inefficient for what the NSA is actually doing.
jakeXT
(10,575 posts)I wonder if we will see something like this from other countries in the future.
Prophet 451
(9,796 posts)The open-source nature of Linux means that anything added by the NSA (for example) would likely be spotted and removed PDQ. And I've been building my own hardware for about fifteen years now. I think, if people knew how easy it is to build your own PC, the majority of people would do so.
jakeXT
(10,575 posts)We wonder if anyone expected this, but we suppose Intel had to drop a bomb at some point. And what better way to secure your spot on the enterprise 2-in-1 laptop, tablet and mobile workstation market, than by giving all of those PCs 3G support?
Hilariously enough, Intel has created one of the most sought after technologies without letting anyone know about it. Basically, all Intel vPro CPUs (which include new mobile Core i5 and Core i7 chips) have an undocumented 3G chip inside. That chip is visible to the 3G network, even when the PC is not powered on.
Freelancer Jim Stone has just discovered the secret (or so he says), and according to him, the 3G is part of a second physical processor embedded within the main one. Said second CPU has its own embedded operating system and can be woken up at any time because the phantom power of the system is always there to draw upon.
...
http://news.softpedia.com/news/Secret-3G-Radio-in-Every-Intel-vPro-CPU-Could-Steal-Your-Ideas-at-Any-Time-385194.shtml
Prophet 451
(9,796 posts)Creating your own processor is beyond my skills.
olddad56
(5,732 posts)Prophet 451
(9,796 posts)Ghost Dog
(16,881 posts)and build a parallel-processing array 'cpu' out of a bunch of those...
cprise
(8,445 posts)You are already having to trust Intel or AMD to a very great extent, and non-Vpro CPUs have large amounts of microcode and logic gates that can't be audited anyway.
IOW, you trust them not to be in cahoots with spies whether or not you have the remote provisioning capability.
Without a 3G link (and mind you, I ordered my Vpro-capable system without a WWAN/3G antenna) a CPU or other chip in the system could send encrypted data to an innocuous / non-existent Internet address and an organization like the NSA could easily intercept it. That is... IF the chips are compromised.
--
I have switched to using a hypervisor-based desktop OS called Qubes which employs advanced hardware features to provide strong system security. Its based on XEN and Linux and can run Windows too. The subject about hardware trust arises from time to time in Qubes discussions, and the consensus on the subject is pragmatic:
Since Qubes can isolate not just software but also hardware while in use, at least the number of companies/chips we have to trust are brought down to a bare minimum. You could get a Lenovo laptop with an Intel SSD, for instance, and only have to trust Lenovo + Intel (CPU, BIOS and hard drive).
A similar pragmatism gets people to use the HTTPS Everywhere browser addon these days. Even if the corporate world has made it possible for the NSA to spy on HTTPS links, it still takes a lot of effort on their part so using it is like throwing sand in the gears of mass surveillance.
BTW, I do think core hardware components probably *are* trustworthy... or else why would the NSA need to intercept devices to change them?
DeSwiss
(27,137 posts)...you vet your hardware as well.
reACTIONary
(5,770 posts)...makes it easier for the NSA (or other national security agencies) to put exploitable code in place. And they know how to do it.
Our security standards will not allow open source code to be used in military systems. It would make them vulnerable.
VanillaRhapsody
(21,115 posts)then I think your new laptop is safe.
rhett o rick
(55,981 posts)allows them to define Occupy as terrorists. If only everyone was as honest as you think they are. Dont you even think about the possibility that Gen Clapper and GEn Alexander would like the next president to be a Republican?
VanillaRhapsody
(21,115 posts)as some people are...
rhett o rick
(55,981 posts)That's a strawman. They can spy on anyone they choose. And the naive among us believe they will only use that power to spy on bad people. Not realizing that who the conservatives think are bad may not be who liberals think are bad.
Wouldnt you object to unlimited power to spy by the NSA if Bush were president? They can spy on political enemies. Hello!
VanillaRhapsody
(21,115 posts)malware on them!
HELLO yourself!
rhett o rick
(55,981 posts)that are willing to sacrifice their liberties for a PROMISE of security. The NSA is run by CONSERVATIVES.
VanillaRhapsody
(21,115 posts)they seem to think the NSA is now intercepting all computers to put malware on them to spy on private citizens.
why would they even need to do that in the first damn place....
its just silly.
rhett o rick
(55,981 posts)What they are saying is that the NSA has a method of intercepting computers (those that they choose to intercept). But you choose to live in the blissful bubble of denial. "The NSA would never do anything except what's best for the country."
Do you realize that the intelligence agencies have the same programs, the same personel, that they had under Bush. Doesnt that seem a little strange to you? Why didnt Obama make any changes? Either he likes the Bush guys and Bush programs or maybe he does not have the power to change them. But I am guessing it's all lost on those that live with blind FAITH.
Clapper and Alexander, two conservative Republicans, will do what's best for the country without any oversight.
VanillaRhapsody
(21,115 posts)Do you think that Bush fired everyone and hired all new guys? Is that what you are saying? Please prove that!
Richard Clarke worked for multiple administrations...just sayin' dude. This train of thought is ridic.
reACTIONary
(5,770 posts)You mean like the National Weather Service? Why didn't Obama make any changes!!!! Something is wrong here; very, very wrong!
rhett o rick
(55,981 posts)Bush. Either he approves or he is incapable of making changes.
Progressive dog
(6,905 posts)and not necessarily fact. Which particular spying was "started under Bush" and how would you know it's still going on?
rhett o rick
(55,981 posts)And the programs that have been revealed so far were all started under Bush. But of course he made have convinced Clapper and Alexander to change their programs but I doubt it. Obama has a propensity to appoint conservatives.
Progressive dog
(6,905 posts)some of the same people still work there. LOL
I can imagine you just keep doing what your last boss told you when someone else has taken over the firm.
The people Obama appoints operate under his direction and the Congress oversees the agencies.
rhett o rick
(55,981 posts)going to change their ways when a Democrat becomes president? If Obama didnt like the Bush spy program why didnt he appoint someone other than hard line conservatives. It doesnt make sense to appoint hard line conservatives and then force them to act different than their ideologies. You appoint people that understand and believe in what you want.
Progressive dog
(6,905 posts)In my world they either do or they're gone. I'll bet that is what President Obama thinks too.
What ideology would conservatives have that prevents them from obeying the law or the person who can fire them?
When it comes to spy agencies and the military, I want the President to choose those who will do the best job. I can't see how being conservative or liberal has much to do with those jobs.
Elizabeth Warren used to be a Republican, so obviously the President shouldn't have appointed her to set up the CPSC. I think Hillary might have been too and she got Secretary of State.
JDPriestly
(57,936 posts)liberal left-wing people at the NSA. Now there are only two categories -- one on the right and one on the left. Which category do you think is represented in the highest numbers at the NSA? specifically in the NSA employees and contractors who work on surveillance?
Do you think that right- and left-wing people are about equal at the NSA?
What is your guess on this?
VanillaRhapsody
(21,115 posts)reACTIONary
(5,770 posts)... so you are right, they don't just spy on known terrorists. They spy on Russians. They spy on Chinese. They spy on all legal targets that would support the safety, security and interests of the people of the United States.
LeftyMom
(49,212 posts)Absolutely certain.
Maedhros
(10,007 posts)Who knew?
olddad56
(5,732 posts)VanillaRhapsody
(21,115 posts)are you a member of any of them? Because this was what the question was about putting malware on computers enroute to customers wasn't it?
olddad56
(5,732 posts)VanillaRhapsody
(21,115 posts)olddad56
(5,732 posts)maybe not to your government, but definitely to the citizens of this country.
VanillaRhapsody
(21,115 posts)hmmm?
Do 2 wrongs make a right? Do you believe the ends justify the means?
2banon
(7,321 posts)it to make it so". That's exactly your problem. You aren't THINKING. You just throw out extremely lame responses, defending NOT THINKING. Sheesh!
VanillaRhapsody
(21,115 posts)but he is too much of a coward to face that fact.
I am defending the fact that I don't have to "think" about that law...that law IS the law of the land. Which you would know if you actually read what I said.
No amount of twisting my words can change the law can it?
rexcat
(3,622 posts)I didn't know that he was convicted in a United States court of law! His crimes are alleged until he is indicted by a grand jury and then convicted by a jury of his peers.
As far as laws it would also appear what he exposed our government of doing was needed and has opened up the debate in our country. We are a much more informed people because of his actions. If you are on the US government's side I would take exception to anything you say here.
VanillaRhapsody
(21,115 posts)is it or not? Can anyone who works for the govt just leak anything they want to the public? Is that legal these days?
rexcat
(3,622 posts)Looks like he is guilty of his crimes according to you without benefit of a jury trial. I don't agree with the secret courts or some of the other shenanigans that government has/is doing therefore if I were to sit on a jury of his peer I might not convict him based on the concept of whistleblower or my disagreement of the law(s) he would be charged violating. I am a firm believer in jury nullification, especially when the government uses secrecy as a defense.
VanillaRhapsody
(21,115 posts)or do you deny he stole secret govt documents....that he even took the job to do said stealing.
Is it a crime or not?
rexcat
(3,622 posts)You made an incorrect statement and were called out on it but is seems you are blinded by your dislike for Snowden. There is no proof whatsoever that he took the job just to steal the information. His motives have been aired extensively and your absurd argument was never brought forth. Your absurd argument being:
I am not concerned about his admission that he took the information. In my opinion he is a hero for what he did. If he broke the "law" so be it. Maybe the law should be changed and just maybe our government officials should also be accountable to the law and our Constitution, a concept I believe you don't understand. The other issue is his life at stake for exposing the wrongs that our government officials have and are doing. I would say yes. Would he get a fair trial? I am not so sure of that!
VanillaRhapsody
(21,115 posts)which he did....
Yes we know you worship him as a hero....on level now with 3 Founding Fathers...Rosa Parks and finally recently Jesus was added (today) to the growing list...
Can God be far off now?
rexcat
(3,622 posts)with you is hopeless. I don't worship anyone as a hero. All Snowden did was expose the NSA of spying on American citizens. The only ones who could justify this type of behavior by the government would be a traitor to the Constitution and, therefore, to the US. And as far as Jesus and God give it a break. One was a fraud and the other is a figment of your imagination.
You have not countered anything I have stated in my past threads other than personal attacks.
Good bye!
VanillaRhapsody
(21,115 posts)2banon
(7,321 posts)If the law required you to jump off a cliff, you'd say Oky doky, the law is the law after all.
Nevermind that the fucking "law(s)' is blatantly and wholly UNCONSTITUTIONAL. and should have ALWAYS been regarded as such by anyone with a brain of the size of pea..
it's exactly the same kind of thinking that allowed for slavery. just because it was once LEGAL to be a SLAVE holder does not make it RIGHT, or Constitutional.
Your notion of what constitutes as a "coward" is deplete with any level of critical thought as your notion of justice.
Something in the kool aid perhaps?
DeSwiss
(27,137 posts)K&R
All the others, even those who resembled ourselves, were cowards and hypocrites. The German Nazis and the Russian Communists came very close to us in their methods, but they never had the courage to recognize their own motives. They pretended, perhaps they even believed, that they had seized power unwillingly and for a limited time, and that just around the corner there lay a paradise where human beings would be free and equal.
We are not like that. We know that no one ever seizes power with the intention of relinquishing it. Power is not a means; it is an end. One does not establish a dictatorship in order to safeguard a revolution; one makes the revolution in order to establish the dictatorship. The object of persecution is persecution. The object of torture is torture. The object of power is power. Now you begin to understand me. ~George Orwell, 1984
Psephos
(8,032 posts)Spot on, DeSwiss.
Great post.
awoke_in_2003
(34,582 posts)1984 quote ever. It sums everything up in 3 paragraphs.
rhett o rick
(55,981 posts)harmless, AND look over there at Snowden, his girlfriend is a pole dancer.
Sadly in our fight to preserve our freedoms and liberties, not only do we have to fight the fascists, we also have to fight the naive Democrats living in their denial bubbles.
VanillaRhapsody
(21,115 posts)on new computers...
rhett o rick
(55,981 posts)problem. They use one stupid rationalization after another. Those that think the NSA will only use their power for the goodness of humankind, are naive. No it's worse, they are blinded by the FAITH.
It's bad enough we have to fight the corporate fascists and their Republican minions, but we also have to fight those among us that are so naive they think that conservatives like Clapper and Alexander are looking out for them.
VanillaRhapsody
(21,115 posts)you must not if you think putting malware on a computer is for the purpose of collecting "metadata".
rhett o rick
(55,981 posts)to use the term "meta-data" as if that's all the NSA has access to. I was being facetious because the NSA apologists keep trying to say that the NSA only has access to meta-data. That's BS.
VanillaRhapsody
(21,115 posts)"the NSA will only use their power for the goodness of humankind"
would love to have a link to that!
good luck finding it!
rhett o rick
(55,981 posts)If you wont, please explain why not.
I am saying that the NSA apologists are willing to give up their liberties because they trust the NSA to be looking out for their best interests.
VanillaRhapsody
(21,115 posts)Just because we object to Snowden doesn't mean we are "aplogists" ....the perjorative you keep applying with no evidence
Ash_F
(5,861 posts)Snowden is just one person. If it wasn't him it would have been someone else.
Government policies affect millions. The NSA is out of control, dominated by right wing republicans like Clapper and Alexander, and has no respect for the Democratic majority Senate nor the office of the president.
They do not need to be placated by democrats. They are not friends or allies.
rhett o rick
(55,981 posts)The apologists first started off by flatly denying that the NSA was spying on anyone. They tried to deflect the attention away from the NSA by calling Snowden names. Then the apologists stated that well maybe the NSA was collecting data on all Americans but it was ok because they werent really looking at it all. And it was meta-data and everyone knows that is harmless. My question is why do some people want so badly to believe that the NSA is only looking out for our best interest? I say they are living in the authoritarian denial bubble that is so typical of the conservatives. Put blind FAITH in your authoritarian leaders.
pothos
(154 posts)mkultra, cointelpro, the tuskegee syphilis experiment, the iraq war, room 641A... why do people so badly want to give the NSA the benefit of the doubt?
rhett o rick
(55,981 posts)They have been taught from childhood that they should blindly follow their authoritarian leaders. Dont look behind the curtain. Dont say the emperor has no clothes. Life is so much easier if you blindly trust your leaders.
Indi Guy
(3,992 posts)http://about.usps.com/securing-the-mail/mailtampering.htm
C'mon NSA backers -- what'cha got to defend Spook Central on this one???
thesquanderer
(11,990 posts)or possibly, buy a Mac?
Indi Guy
(3,992 posts)cprise
(8,445 posts)(...)
Qubes lets the user define many security domains, which are implemented as lightweight Virtual Machines (VMs), or AppVMs. For example, the user can have personal, work, shopping, bank, and random AppVMs and can use the applications within those VMs just as if they were executing on the local machine. At the same time, however, these applications are well isolated from each other. Qubes also supports secure copy-and-paste and file sharing between the AppVMs, of course.
http://qubes-os.org/trac/wiki/QubesArchitecture
jeff47
(26,549 posts)Realize that most of the "NSA IS SPYING ON US" is an interesting case of American Exceptionalism.
(The documents actually leaked by Snowden include "targeting" that throws out US persons. That's frequently ignored by people upset by the NSA, because the NSA must be spying on us because we're the important ones.)
awoke_in_2003
(34,582 posts)but I am under no illusion that the NSA doesn't a have Apple, Microsoft, and Open Source (Linux) infiltrated.
loudsue
(14,087 posts)I feel like we're so doomed.
riderinthestorm
(23,272 posts)The NSA is "only " tampering with the US mail!! Snowden traitor!!! Look over there at "comrade Eddie" not at the illegal NSA!!! 1111#!!!
pothos
(154 posts)snowden is a traitor! glenn greenwald is a traitor! he revoked his citizenship and is now a russian! no wait, i mean a brazilian! wait, he moved because he owes taxes! and defended a porno company!! everything the NSA does is for our own good, to protect us!!!
VanillaRhapsody
(21,115 posts)ever say that "everything the NSA does is for our own good to protect us"
Link please!
Newsjock
(11,733 posts)VanillaRhapsody
(21,115 posts)it is so bad as to be comical!
merrily
(45,251 posts)Cameras and sound recording equipment every few blocks in our cities?
VanillaRhapsody
(21,115 posts)but people are this damn paranoid....unbelievable.
merrily
(45,251 posts)Government has given people plenty of reason to be "paranoid."
VanillaRhapsody
(21,115 posts)you thought the Internet was private? Since when?
merrily
(45,251 posts)Google is not government. It cannot obligate me by law to do anything, including to pay it taxes. It cannot jail me. It never promised me that it would not spy on me without reason. So, I have no right to say what Google does. I do have a right--a bill of them in fact against government.
But, I asked you a question.Why do you reply to a question by asking another question?
VanillaRhapsody
(21,115 posts)you have proof YOU have been spied on? So far the only ones i have heard that have been spied on are world leaders. If you have other evidence that proves otherwise...please present it. Ability is not the same thing has HAS is it?
merrily
(45,251 posts)If you still want to pretend that there is no difference between government spying and an advertiser spying, I have no patience for that kind of posting game. Besides, the fact that something has been done does not mean that it was consistent with the Constitution.
So far the only ones i have heard that have been spied on are world leaders
If that is true, you simply have not been paying close enough attention.
If you have other evidence that proves otherwise...please present it.
On that, no, and for these reasons. First, it has been all over the news that data has been collected on millions of people. That, whether you choose to admit it or not, is spying. It has also been all over the news that NSA has spied on whoever it has chosen to spy on, like wives and lovers. And that is only what we know about. So, either you should google or you should be more explicit. Second, the point of secret programs is to make producing evidence difficult. Third, there are cameras and sound equipment all over city streets. There are listening devices that can pick up conversations inside your home (and have been for some time. You are me to prove that they have never been abused, when such things are top secret?
Ability is not the same thing has HAS is it?
Well, my original post was about ability. And you chose to pretend that it said something other than it said. But I think I have already responded some to your point about ability. And why develop the ability the ability if you don't want to use it at will.
But again, read the Bill of Rights.
VanillaRhapsody
(21,115 posts)I have read the Bill of Rights.
I think it is mighty rude of you to think I haven't. Are you saying I am unAmerican?
merrily
(45,251 posts)If you read it, then you should be able to know what government is doing that is wrong. You should also have gotten that spying on the internet by google was never the concern of the bill of rights.
Also, plenty of people who are not un-American have never read the Bill of Rights. So, that is another posting game. That is at least the sixth one I've identified for you..
Sorry, I have no patience for them. I consider them bullshit.
VanillaRhapsody
(21,115 posts)otherwise it is just the ability. Don't you understand that? Where is that...when are your heroes Greenwald and Snowden going to prove it? If they have so much evidence why don't they show it to us? What are they waiting for? A rainy day perhaps?
Bring it! I say!
merrily
(45,251 posts)VanillaRhapsody
(21,115 posts)why in the world would this be necessary if they can read everything in the first place.
You guys will believe anything....
VanillaRhapsody
(21,115 posts)Who did do you suppose?
Look up Arapanet you might then understand...
http://en.wikipedia.org/wiki/ARPANET
P.S.
You're swimming in it.
rhett o rick
(55,981 posts)power to do it to anyone they choose, including political enemies. A lot of people in high places didnt like Occupy. I bet the NSA has a lot of personal data on anyone they think was important in that movement.
merrily
(45,251 posts)He was referring to the amount of money Al Qaida could cause the US to spend, just be engaging in "chatter."
I always thought he won because of that and also because he gave the country an excuse to take our Constitutional rights with the blessings of too many. The Bill of Rights is what made us who we are were.
So, our giving government permission to eliminate as many of the protections of the Bill of Rights as it cares to with any given person or group of people changed who who we are were.
Of course, not many people are leaping up to say, "Give me liberty or give me death." Too many are saying instead, "Do whatever ya gotta do to keep me alive." So, I do not put all the blame on government.
However, they are not doing this to keep us alive. They are doing this, in part, to keep us in line and, in part, to get convictions after we are dead, but that is another issue.
When will too much be enough?
blackspade
(10,056 posts)or rather the world of the computer literate, there could be serious economic damage to the company's participating in this.
It's like a lot of these kinds of programs, the information is out there but when the details finally are revealed, that is when the action starts.
I really have a feeling that a lot of changes are going to start happening in the next few years and they are going to happen fast.
Progressives need to work to place themselves ahead of the wave.
blkmusclmachine
(16,149 posts)ifyousayso
(19 posts)Does this mean I can contact the NSA for computer support?
polynomial
(750 posts)Thank you for posting the clip by Glenn Greenwald Video Keynote. All this time never really knew the man but heard a lot about him by the all-star journalist of mainstream hate radio and cable liars avoid such length in an honorable debate. Especially this weekend in Chicago, the master of boring commentaries of the political left Dick Kay finally giving his condemnation on the Snowden issue.
It really struck me that a women caller into the hate radio talk show condemned Snowdens action as a traitor because he broke the law. I agree he broke the law, however, in this case it likely is worth every new story Greenwald decides to put out. From my view it will correspond to the politics of the next election. America now knows the face of these agencies, NSA, OSHA are represented or the face of the Congress and the Senate. This exposure is showing what America has been hiding for a long time.
My view does have a slant but not unfair because activities in my daily work with the Union Pacific rail road in a legal way gives me the opportunity to exercise what is called a whistle blower clause about safety and OSHA. The OSHA claim for me has been filed or is in progress. However, if nothing transpires in my favor I will certainly write a book to document the corruption in management and training that has been going on in the rail road industry for decades. The law firm that took the case said they only take cases they know they will win. So, here goes to see our regulation government and legal people in action.
wildbilln864
(13,382 posts)olddad56
(5,732 posts)Last edited Mon Dec 30, 2013, 09:37 PM - Edit history (1)
with failure to comply being a federal offense punishable by life in an internment camp, or death. (your choice)
olddad56
(5,732 posts)which is America spelled backwards. Because when you consider the principals that this once great nation was founded on, it seems to be running completely backwards. No coincidence that LIVE spelled backwards is EVIL. We have a lot of elected officials who are living their political lives completely backwards.
hexola
(4,835 posts)Installing spyware is easier than that...no interception necessary!