Posted on 05/15/2015 1:18:02 PM PDT by zeugma
From my book Data and Goliath:
...when I was working with the Guardian on the Snowden documents, the one top-secret program the NSA desperately did not want us to expose was QUANTUM. This is the NSA's program for what is called packet injection -- basically, a technology that allows the agency to hack into computers. Turns out, though, that the NSA was not alone in its use of this technology. The Chinese government uses packet injection to attack computers. The cyberweapons manufacturer Hacking Team sells packet injection technology to any government willing to pay for it. Criminals use it. And there are hacker tools that give the capability to individuals as well. All of these existed before I wrote about QUANTUM. By using its knowledge to attack others rather than to build up the Internet's defenses, the NSA has worked to ensure that *anyone* can use packet injection to hack into computers.
And that's true. China's Great Cannon uses QUANTUM. The ability to inject packets into the backbone is a powerful attack technology, and one that is increasingly being used by different attackers.
I continued:
Even when technologies are developed inside the NSA, they don't remain exclusive for long. Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools.
I could have continued with "and the next day's homework assignment," because Michalis Polychronakis at Stony Book University has just assigned building a rudimentary QUANTUM tool as a homework assignment. It's basically sniff, regexp match, swap sip/sport/dip/dport/syn/ack, set ack and push flags, and add the payload to create the malicious reply. Shouldn't take more than a few hours to get it working. Of course, it would take a lot more to make it as sophisticated and robust as what the NSA and China have at their disposal, but the moral is that the tool is now in the hands of anyone who wants it. We need to make the Internet secure against this kind of attack instead of pretending that only the "good guys" can use it effectively.
End-to-end encryption is the solution. Nicholas Weaver wrote:
The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.
Encryption doesn't just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.
There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but it's one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.
Yes.
And this is true in general. We have one network in the world today. Either we build our communications infrastructure for surveillance, or we build it for security. Either everyone gets to spy, or no one gets to spy. That's our choice, with the Internet, with cell phone networks, with everything.
QUANTUM
http://www.theguardian.com/world/2013/oct/04/...
http://www.wired.com/2014/03/quantum
https://medium.com/@botherder/...
http://www.spiegel.de/fotostrecke/...
http://www.spiegel.de/fotostrecke/...
Chinese government use of packet injection:
http://www.icir.org/vern/papers/...
Hacking Team sells packet injection:
https://citizenlab.org/2014/08/...
https://firstlook.org/theintercept/2014/08/15/...
https://firstlook.org/theintercept/2014/10/30/...
Packet injection hacker tool:
http://airpwn.sourceforge.net/Airpwn.html
China's Great Cannon:
https://www.schneier.com/blog/archives/2015/04/...
Packet injection homework assignment:
https://www3.cs.stonybrook.edu/~mikepo/CSE508/hw/...
Nicholas Weaver:
http://www.wired.com/2013/11/...
The democratization of cyberattack:
https://www.schneier.com/blog/archives/2015/03/...
Who else here actually understood this sentence?
I did but then again, I am an internet engineer (CCIE) and have patents in cryptography.
The bigger question is...why do we have to expend so much effort to protect ourselves from a country with Most Favored Nation status, the beneficiary of 3 decades of us laying down in the road so they can run over us?
Well at least they did give us back the P-3.
Big of them.
How ‘bout we just tell them the next container ship of crap goes down in Long Beach harbor and that’s the end of that?
Bookmark
“How ‘bout we just tell them the next container ship of crap goes down in Long Beach harbor...”
It would be very interesting to know the true percentage of that “crap” our nation has become dependent upon, that we no longer can obtain or produce, in sufficient quantity, here at home or from other sources. I suspect they have us between a rock and a hard place at this point.
Eunuchs, I mean Unix people.
Probably true, but that's a little pain we gotta go thru to get back to the independence we once had.
Now Now
Mustn’t be catty
It's partially unix-speek and network speak. If you're interested in playing with this stuff it would probably take you about half an hour to learn enough to be pretty dangerous given the step-by-step instructions available for a lot of this.
you could be notty.
A couple of weeks ago, I was looking at my syslogs on my primary workstation and saw a bunch of error messages the looked 'interesting' that had references to something "notty".
I'm like "notty"? What the hell is that. A little searching found the term. What they are talking about was that there was "no tty" available for a process. (A "tty" goes way back to the days of hard-wired dumb terminals and accoustic couplers it's another way of saying "terminal", be it a network terminal, or a physical console)
If they'd bothered to include the space, or an "_" between the 'no' and the 'tty', I'd have known what it was talking about immediately. Perhaps I should have anyway, because there is a process called "getty" relates to a process that spawns console processes. Learn something new every day I guess...
Since it's silly time on Friday, I have a conundrum for the nerds here...
Why is it that when you kill a process, it's the opposite from when you execute it?
:-)
Hack them?
bkmk
LOL
That’s OK, completely understand the perplexion! (is that a word?!)
And I’m from the days of _TTY’s ...so it’s .NOT. shocking...:^)
Aka “man in the middle” (or something similar)
I don't know. Sometimes you just need to shutdown and take a kernel dump.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.