NSA plays chess, the rest checkers Edit
See Sasecurity_Wiki#MI6 and NSA elected Trump Putin mandated that mechanical typewriters be used in respect of top secret data for a reason: it is impossible to escape NSA interception when using electronic devices. They have decrypted access of all VPN, I2P and Tor activity but are not busting every possible crime or revealing it to the FBI(silkroad was an exception). Both Tor and I2P use SSL which is an unreadalble mess numbering 300,000 lines full of obfuscated c code, actively maintained by a Canadian intelligence agent.(he spends days of his life every week trying to convince other coders to incorporate his hacks on github). And yes the lead developers of I2P are NSA agents because they fob off any objections to java being used and never a word about the openssl issue.
The narrative surrounding the capture of Ulbricht was Plausible deniability. Some plausible story had to be concocted to make it seem that it was solely an FBI bust. The NSA knows who every single drug purchaser was but won't reveal such data for the same reason Churchill could not let the Germans know their Enigma code was broken. Churchill allowed German bombing runs on British cities for the sole reason of making the Germans think their Enigma code was safe. Enigma's subterfuge should have been kept a secret for ever, because now we can infer that the same type of misdirection is taking place with our present and future technology.
All our evening conversations around the kitchen table, torrenting, everything we do and say on an electronic device is known both to our domestic and NSA spy agencies. Cellphones can transmit all sound and data by remote NSA activation. see FaradayCage , HardWare. Place your cellphone inside of a box spray painted with copper if you want some privacy. Everything you have ever said on a telephone/cell/voip line is recorded. People get fired for their indiscretions, if these recordings were to ever be released as a torrent, then the entire South Africa will have to be fired.
Tensorflow neural network is embedded inside the Intel CPU and Nvidia GPU, they know for example what images you are looking at. The Defcon NSA speakers hacking tools are misdirection, with chip level cpu access the NSA doesn't need hacking tools.
A recent story on "Anonymous" described how they managed to penetrate the Chinese milatary hacking complex and prevent a US company from being hacked by them. Anonymous is the NSA, their magical abilities to hack is but another WWII Enigma misdirection. The Intel/AMD chipsets the Chinese military uses has a NSA backdoor. By conjuring up "anonymous" misdirection the NSA is able to fulfill its mandate of protecting US companies. The NSA can't just phone a US company targeted for their trade secrets by China. By having "anonymous" hack with seeming Thor like abilities, the NSA generates plausible deniability that they weren't infact behind the hacking or tip off. Isis twitter accounts weren't sabotaged by "anonymous" but by Twitter themselves, "anonymous" provides plausible deniability. Just the fact that Anonymous has an official Youtube and Facebook presence should be seen in the same vane as a bank account hacker for hire risking life in federal prison by having an official Facebook presence. Anonymous has no i2p presence. Shuttleworth's Ubuntu project does not include i2p as part of the standard download and neither insists that the http://www.mofolinux.com releases their source code as per the GPL license, because it is an NSA distribution.
I2p uses port 4444 and for all we know every router could have an NSA backdoor listening and decrypting data inside the router from this port. The decryption is embedded in the silicon of the router itself.
- http://gizmodo.com/i2p-the-super-anonymous-network-that-silk-road-calls-h-1680940282 Here's how underground I2P still is: The Electronic Frontier Foundation, a leading advocate of online privacy, hasn't really bothered investigating the 12-year-old anonymizing service yet."I haven't found anyone who has taken an in-depth look at I2P yet," EFF media relations director Rebecca Jeschke told me in an email. "In general, folks here think I2P is a promising project. It's really important to have a variety of strong solutions for anonymity, privacy, and security online. However, folks did say that for practical use today, Tor is far ahead in terms of implementation and reliability."
This quote by the EFF is very interesting, Tor is utterly hacked, it was DOD project from the start but not i2p. If i2p does somehow provide a means of escaping NSA interception, then NSA fronts would be inclined to keep us away from i2p. The fact that the EFF pushes the NSA C-code obfuscated PGP from EFF program for email , that they even recommend using email at all for anonymous communication, means they are an NSA front. It is impossible to get your own website and pay with bitcoins without providing an email address. If these hosting providers were really this keen on setting up anonymous websites then they would at least provide a means of i2p or tor chat contact. Email is designed by the NSA for De-anonymization
https://www.privacytools.io/ Yet another NSA honeypot site, the NSA VPN providers they list insists on an email contact or uses bitpay a joint Goldman Sachs, NSA project. You do not need bitpay.com to send bitcoins to anybody, this is how the NSA gets your real identity because the transaction uses java script, which reveals the end user's ip address, whether over Tor or clearnet. The US federal government will only allow VPN providers if they know precisely who is using the service. It is for example impossible to connect to any VPN provider over I2P ... why does it seem that the NSA is desperate that nobody uses i2p?
- http://gizmodo.com/anonymous-just-leaked-a-trove-of-nsa-documents-511854773 Update: As several have pointed out below, the papers Anonymous "leaked" were already publicly available. It's since been reported that the US does, in fact, share PRISM information with UK intelligence officials. https://pad.riseup.net/p/opnsa_is_reborn_also_cocks_and_all_that , https://twitter.com/AnonymousOpNSA , https://www.anonops.com/opnsa/
Jo Biden met with his supporters in what he thought would be a private meating to contest the US presidential race. CNN got hold of the secret recording where Biden said: " we have access to every inch of Iran". Netanyahu played his part in this game of misdirection by dramatically addressing congress, opposing the deal, because Iran had to be provided with a face saving means by having Israel not support the official agreement. Unofficially though , Iran has provided full access. Iran's clerics believe in the return of the 12 Imam and that this will occur with fire raining down on Israel.
Anonymous is an Iraq style PSYOP operation. Psyop teams placed placards that says"Terrorism kills children" in Arabic on retail outlet, signed by an insurgent group they were targeting. The terrorists would reveal themselves when they confronted the shop owner about the placards.
The NSA knew about everything LulzSec did from the start, but had to find some way of busting them with the FBI in such a way that it wouldn't be too obvious the NSA knew who they were. LulzSec most likely was a NSA psyops. Our Russian friends engage in the same type of misdirection. Encryption#Qubes_linux is a KGB(FSB) project that attempts to insert backdoored Linux into US corporations. The lead developer is a Russian citizen and she concocts highly plausible stories about how Linux is compromised and why here Qubes system will solve this. Eric Raymond's reaction to the Snowden leaks hasn't been with the same gusto as say Applebaum .... And obviously the NSA would never have allowed Torvalds to be the lead Linux developer if he wasn't working for them, right? NSA agent Applebaum gave a sterling performance at Defcon of "outrage" over the Snowden leaks ...yawn ... nobody pawns the NSA. Kaspersky labs has the full support of the Russian government.
Both Mount Gox and now Bitfinex were hacked by the NSA because the NSA won't allow bitcoin money laundering operations outside the ambit of https://bitpay.com/, domiciled in the US. Systemd was forced into adoption by the NSA/Redhat alliance, Torvalds and the other NSA agents maintaining the kernel did what their paymasters told them to do. Even Kali linux used for penetration testing has been intimidated into systemd. Kali linux uses deb packages for which no source is available to hack Wi-fi connections. This allows the NSA to keep a tab on hackers.
Server side bandwidth costs will never come down, the NSA won't allow it because then they can't control the narrative. They are so proficient in directing the debate that not a single news outlet asks the obvious question: who does the NSA, CIA support, Hillary or Trump?
Snowden Psyops operation Edit
(much of the following is bemused speculation, very little is provable) The NSA, MI6 alliance has the entire Internet as a free media propaganda platform, they finance both sides of the debate , paying the journalists or installing their own agents for the process of fabricating consent in such a way that nobody notices the shifting narrative vector.(Chomsky on the left, http://http://www.breitbart.com/ on the right. Bannon is on the board of Cambridge Analytica). Intimidating Facebook is trivial. MI6 Cambridge Analytica got Trump elected using Opencv AI machine learning to target for example the Haitian voters with Facebook ads that the Clintons stole the money they were supposed to give to Haiti. See Cambridge Analytica background research
In the coming water wars with China and sharia law across Europe we will face the attempted overthrow of the Pax Americana that has prevented mayhem on a far greater scale then we have witnessed. Snowden said that Tor and strong enrcyption works ... knowing full well that it doesn't work. Wikileaks advocates Tor and nothing about I2P ..... Bill Schneier got a "reward" from Apple in a ceremony for his work on encryption: he has not said a stitch about I2P and advocates Tor, knowing just like Snowden and Wikileaks that Tor doesn't work because he is an NSA agent channeling the narrative. Most of the comments on his blog are AI chat bots and NSA agents themselves creating both a narrative echo chamber and honeypot. All his posts about compromised algorithms is misdirection, the NSA injects microcode into computers and have borked the onboard encryption chip, no matter what algorithm is used. zcash compiles to machine code that is detected by preprogrammed cpu's and microcode injection, thus the NSA can trace all transactions and they still don't have an i2p implementation.
Snowden's cover story about being disenchanted with the sheer level of privacy intrusion and that he was all for the constitution and raised these concerns is doubtful because if he had actually raised these concerns he would have been dismissed form the NSA. The NSA won't allow somebody with Snowden's libertarian beliefs to hang around the complex , this should be obvious. And downloading with Wget all that data and walking out of the NSA with a usb stick, is that really plausible because you won't be able to do this at Raytheon.
Every single media outlet and journalist that interviewed Snowden is a NSA agent or front such as https://theintercept.com. Glen Greenwald, Chomsky and Snowden interview with NSA front https://cdt.org/. See http://glenngreenwald.net/.
- Update June 2017 NSA contractor by the name of "Reality Winner" hasn't been reading this wiki. As far back as Dec.2016 it was pointed out that theintercept.com was an NSA honeypot site, to which she revealed NSA secrets. The NSA took somebody who is mentally unstable (calling yourself "reality"), knowing in advance that she would betray her country to make an example out of her? Or is something else going on. For an intelligence contractor to be so stupid as to reveal secrets to a website, is difficult to believe. She has pretty impressive muscles and will probably be able to defend herself in jail .... could be another one of those "spy who came in from the cold" events. lionel nation on the issue
Using AI bots and vast swaths of blogs the NSA attempts to tune the resonant frequency, to nudge the narrative so subtly, that nobody notices. Before Snowden we had the Bill Binney "whistleblower" also revealing things that would get any agent liquidated. The very FPGA, ARM chipset inside Irans missile technology will just "jam" should Israel attack. This "nuclear option" , that the NSA can shutdown the entire computing network of any country is something they have now simply revealed or is this what they want us to believe?
- ".... became part of an intimate group of four NSA whistleblowers. They included Ed Loomis and Kirk Wiebe, senior officials at SARC who worked alongside Binney, and Thomas Drake, who was part of the NSA's Defense Intelligence Senior Executive Service. Between them they had chalked up 144 years experience in the NSA. ..." Are any of these gentleman in jail or dead? The charges against Drake was dismissed in 2011 ....
Sean Hannity is the NSA plant at Fox news, he handles all the interviews with NSA agents like "whistleblower" Binney doing damage control trying to show how the NSA spies on everybody so that their support for the Republican party and Trump isn't to obvious.
Wikileaks, Assange, Snowden is a "spy who came in from the cold" honeypot trap but also something much bigger: an attempt at warning Iran not to engage in covert nuclear arms development. If this means that the NSA has to reveal just how compromised computers are, then so be it: what trade secrets would you be willing to reveal to prevent the third world war?
It is impossible to contact Wikileaks via I2P, because the Wikileaks NSA agents wants you to use TOR, by actively promoting Wikileaks via Nytimes etc. , the NSA is also preventing any type of alternative and gets first read access to any documents, allowing them to take appropriate action and prevent sensitive intelligence from being released. Because the NSA caches the entire Internet in real time they are able to trace any email communication to Wikileaks from anywhere in the world, whether encrypted or not. This fact alone that Wikileaks would be so brazen as to have you email them over clearnet or Tor proves that they are a NSA honeypot.
Much of the "leaks" are just fluff. Another effect is that more US citizens comply with their tax code instead of setting up offshore companies. The NSA dictates the narrative. Just the fact that http://www.wikileaks.org isn't DDOS tells us that it is a NSA honeypot. https://wikileaks.org/berats-box/ "... day, Monday 5 December 2016, WikiLeaks publishes an authoritative, searchable archive of 57,934 emails from the personal email address of Berat Albayrak, who is President Recep Tayyip Erdoğan's son-in-law and Turkey's Minister of Energy..." The NSA releasing these emails should be seen in the context of the proxy war between Saudi Arabia and Iran.
http://www.zerohedge.com also can't be reached via I2P, they insist on being emailed ..... and Zerohedge changed the narrative against the Democrats and for Trump! The whole Russian hacking thing is misdirection, Hillary was hacked by the NSA. http://nymag.com/daily/intelligencer/2013/06/naomi-wolf-edward-snowden-false-flag-conspiracy.html and https://www.facebook.com/notes/naomi-wolf/my-creeping-concern-that-the-nsa-leaker-is-not-who-he-purports-to-be-/10151559239607949. CIA's damage control about this is at Zerohede once CIA always CIA
Wolf begins by wondering about the neatness of Snowden’s plan: "...He is super-organized, for a whistleblower, in terms of what candidates, the White House, the State Dept. et al call ‘message discipline.’ He insisted on publishing a power point in the newspapers that ran his initial revelations. I gather that he arranged for a talented filmmaker to shoot the Greenwald interview. These two steps — which are evidence of great media training, really ‘PR 101″ — are virtually never done (to my great distress) by other whistle blowers, or by progressive activists involved in breaking news, or by real courageous people who are under stress and getting the word out. They are always done, though, by high-level political surrogates......"
During the second world war the Allies would send agents to their death, with false information extracted from them. One of the strongest psycological criteria an agent must have is a willingness to sacrifice himself for his country: one life for the lives of millions. Two lives holed up in apartments until a Republican transition for the lives of millions.
https://popularresistance.org/tag/glenn-greenwald/ Agent Greenwald "attacks" the NSA in a psyops where people who feel like victims need to have an object of blame appropriation, then two paragraphs down there is a hit piece on nbc news why viewers can't trust them, consent engineering that left wing narratives are intellectual fluff. This results in the strong Hillary edge voter, either not voting at all or voting Greenpeace and the centrist Hillary voter either not voting at all or voting Trump. Voting Greenpeace is a de facto Trump vote.
- https://www.youtube.com/watch?v=qofqmWXNkYA interview before trump election, goading edge voters into Trump
- http://therealnews.com/t2/ probably another nsa narrative vectoring front, who knows? Can they really generate content on donations and advertising alone.
- https://www.youtube.com/watch?v=Uy332d-liqU Prof. Dershowitz on trump.
Energy independence Edit
The Democratic party and the atrophied cognites who vote for them prevent Pebble bed nuclear reactors from desalinating sea water and hydrocarbon extraction. Without energy we are seeing a demographic implosion of consumer based economies in the West, choking export based economies such as China and preventing its transition to a consumer society. See agent Friedman from CIA front Stratfor on China's export dependence on Walmart. China has capital flight, 1.7% return on exports and rising wages. George Bush's invasion of Iraq was to break the stranglehold of the oil cartels, oil which is unlimited would now be above $100 instead $50, bankrupting South Africa and much of the developing world. Shale production under Bush makes the US energy independent , better able to handle the eventual showdown with China. America is at war and you can't fight without energy, they have half their own population trying to destroy and enslave its people from within. Faced with such, the NSA figures out how everybody thinks so they can fabricate consent, which is the actual reason they have planted back doors into all computing devices.
The CIA considers the EU project in the words of agent Friedman a "..systemic social failure ...". Democracy will annihilate all life on earth as rational actors aren't being allowed to created unlimited energy using thorium. China has 200mil people in their middle class that must support the other one billion plastic collectors. Chomsky pointed out that China remains nothing else but a vast assembly plant and robotics is making even slave labor anywhere in the world redundant.
The "American Dream" wasn't destroyed by Bill Clinton, but by Mao Zedong who instigated a population explosion. Clinton had no choice but to give China "most favored nation" trading status, taking jobs away from the US middle class. He threw China a life line, staving off a crises that nobody knows how we will eventually handle. If China defaults on china debt crisis(stuff.nz) $31trillion,w hen the eventual meltdown comes it could force the Fed to take rates to -5%. Its easy to kick the Greeks in the teeth but 1.2billion hungry plastic recyclers armed with nukes is everybody's problem. Pakistan for example extorts $2bil out of the US every year for its army, the US cannot allow a nuclear armed state to implode.
We have to raise these issues against the backdrop of the eventual invasion of Africa for its water and land by either China, India or Pakistan or a combination of such. How much longer before 1.2billion people refuse to choke on smog and eat cadmium laced pork? China has not forgotten the British Opium wars and Japanese occupation. Thirty percent of Chinese state controlled television consists of anti-Japanese bafoonish killing sprees, desensitizing the Chinese against violence.
Steve Bannon nationalistic movement, biggest shift since Reagan described himself as the Thomas Cromwell of American politics and having engineered the republican takeover for next 50 years. Bannon interviews Thomas Williams soundcloud linked from usatoday banon article Trump's administration will lift the banking restrictions allowing Goldman to provide housing for Latinos and Blacks backed by strong Fanny May guarantees , winning their political vote.
Joe Biden's son Hunter Biden attempt to develop Black see oil in Ukraine will have to take a backseat as Trump pivots towards Russia. We will need Russia's help in the coming water wars with China. Putin's choice between China or west
Historically it was intelligent agents who intervened and twharted calamities such as Hitler. One marvels at how smart the NSA really is. With China, we now have the same type of WWII threat, US intelligence are positioning the chess pieces as China only have fifteen years of water left. India and Pakistan's Indus water treaty is under strain. The geopolitical threat we are facing the next twenty years is that of water. Already in South Africa there was an attempt to make it a colonial outpost of India with the firing of finance minister Nene. The sole commercial Indian bank's activities on SA soil can only be described as the financing of an ongoing attempted Coup. Egypt has a jungle warfare unit and is concerned with Ethiopia's attempt at damming the Nile. Pakistan has committed widespread environmental destruction with its exploding populationPakistan Timber Mafia. US democracy doesn't allow the US army to intervene with thousands of drones to protect these trees. Obhama considers Pakistan as the worlds number one nation at risk for implosion.
Pressure point inversion Edit
Iran used Strait of Hormuz as a pressure point to terrorize the west and Israel. Now with the glut in oil this becomes the US pressure point: with a single sortie the US can take out Iran's terminals at Kharg island stopping Iran's oil exports for years. The Democrats chose a policy of identity politics with the white working class having to bear the brunt of it. Now that robotics, Tensorflow neural networks, EPA rules and Democrat red tape have finally reduced the white working class to penury, the pressure point leverage is now in the hands of the Republicans.
Henry Kissinger, who is an advisor to Trump, stated in a recent interview that the condescending rhetoric towards Russia will now finally come to an end. Agent Chomsky expressed his relief that under Trump at least Hillary's war mongering with a nuclear armed state will cease. It was Hillary who toppled Gaddafi against Obhama's wishes, uncorking the barrier between Africa Europe migration. All Gore's bank balance went from two million to a hundred million dollars with his Global warming nonsense. Water vapor constitutes 95% of all greenhouse gases, carbon and methane is only 5% of which forest and volcanoes provide a fair share. A few hundred years ago there was a drought in the jungle of South America. The climate changes and will always change as the sun's rays ebb and flow influence cloud creation. The more clouds you have the more the sun is blocked and temperature decline. Ted Cruz interrogates Sierra club on global warming
Hillary Clinton's Syrian war was payback for bribes from Qatar who wants to build a gas pipeline across Syria to Europe. Russia has to stop this to protect their cash flow from their Ukraine pipeline. Wikileaks,like NSA front Stratfor allows the NSA to release all sorts of reports and information, they wouldn't have been able to do otherwise. For example eu military refugees , UN confidential report.
Snowden and wikileaks false flag operation gave http://www.breitbart.com and http://www.zerohedge.com pixel fodder , to dicate the narrative and channel thinking away from Democrat Fascism. Republican control has been regained by positing Trump as an outsider who had nothing to do with NSA hacking , who was never in on the whole thing:). By using Snowden as a lightning rod for discontent, the vote for Trump was secured, a brilliant Psycops feat. Snowden and Assange will be come in from the cold, "cutting a deal" with the NSA to return to the US in exchange for no further "leaks ", while Trump will weasel word some phrases and Assange will finally be able to go home. Assange just somehow managed to get "hacked" and "decrypted" video footage of the Airforce engaging in unjustified killing. The footages certainly seemed like excessive force was used and the airforce would be able to identify the pilots from their voices alone, why were they not court martialed by JAG?
People giddy with excitement, wanting to be part of 'something bigger' in their drab lives uploaded some juicy info to www.anonfiles.com(note that the website was removed after I pointed out it was an NSA honeypot site). China is socking away a million barrels of oil daily from Venezuela and Nigeria and its eventual invasion of Africa is a far greater danger to both the NSA and mankind's existence then having the details of NSA surveilance released. The NSA doesn't care that its surveillance techniques are known, only Putin has reverted to mechanical typewriters.
That the NSA got internally hacked is exactly what they want you to believe, Hillary is witless. If the NSA had wished to prevent emails from being leaked they could have easily done so, they were after all reading them. What is striking in both the Anonymous targeting of the Scientology headquarters (those Guy Fawkes masks prevented the NSA agents faces from being identified) and the Lulszec case is that nobody went to jail. Lulszec might have been just another false flag operation. Lulszec was to trick people into using Tor "properly", by showing how "obvious" mistakes should be avoided.
Trump twittered his frustration with the continual leaks from the CIA and NSA. The leaks isn't because agent Steve Bannon want's to undermine Trump but because they have to engage in "leaks" under all administrations so that they can claim Plausible deniability that they aren't backing Republican administrations. stratfor intelligence is a NSA front giving us the news from a nonCNN perspective. Like a good soldier Flynn was expected to fall on his sword, by throwing him under the bus a smokescreen is created away from NSA narrative vectoring in its fight for mankind's future.
"...The authenticity of the files cannot be confirmed but appear to be legitimate, according to security researchers who have studied their content. Their release comes on the heels of a series of disclosures of emails and documents belonging mostly to Democratic officials, but also to Republicans. Security researchers believe those breaches were perpetrated by agents thought to be acting on behalf of Moscow...." from NSA front foreignpolicy.com shadowbrokers
- UPDATE: 20 May 2017. I have put forth the view weeks before the shadawbrokers story materialized that all the hacking leaks is an NSA attempt at warning Iran to stop their nuclear program. Finally we get this today 20 May "....The hacking group known as 'The Shadow Brokers' is pushing a monthly subscription service offering members top secret information including "compromised network data" from the nuclear and ballistic missile programs of Russia, China, North Korea and Iran....."(http://www.zerohedge.com/news/2017-05-19/shadowbrokers-hacking-group-launches-subscription-service-selling-nuclear-secrets)
democracynow.org is another NSA front that regularly "interviews" Chomsky. All the people that have held "interviews" with Chomsky from various organizations(EFF etc.) were engaging in carefully scripted narrative vectoring based on psychological profiling the public after machine AI mining their conversations, recorded by their mobile and PC microphones. The NSA leverages the entire media establishment as they fight for the survival of mankind.
- https://www.youtube.com/watch?v=jY1MiNfwcRg interview with agent Glen Greenwald
- https://www.youtube.com/watch?v=J7XMmYPef0I Greenwald: Empowering the "Deep State" to Undermine Trump is Prescription for Destroying Democracy . CIA agent Greenwald states around 3min how much the CIA supported Hillary, which is the inverse.
At around 6min agent Greenwald can't contain his enthusiasm anymore and comes out in support of Trump, this psycops where a seemingly Trump negative Chomsky is interviewed(previous programs) and then a pro Trump narrative befuddles the edge voters. It pushes the vacillating Hillary voter into Greenpeace, securing Trump's next electoral college victory in 2021.
- https://www.youtube.com/watch?v=--WXZdMMFCQ Fox interview.
- https://www.youtube.com/watch?v=MB-itn_LJuM Greenwald and Maher interview.
NSA funding model Edit
https://en.wikipedia.org/wiki/James_Harris_Simons and Siegel claim that their neural network wizardry allows them to beat the market. This might be so, but a more plausible explanation is that the NSA has realtime insider trading access to what all traders are thinking and doing, running Tensorflow on that will give them an edge. The NSA would have to use some sort of cover to execute their trades. Fact is that the market is random, nobody can consistently beat the market with high volume transactions, unless they machine mine what every trader is about to do, mining it with https://github.com/CSAILVision. Overdeck is smarter than Terence Tao, the brightest mathematician in academia. The NSA made Overdeck an offer he couldn't refuse, fabricate a plausible cover story about how his genius is allowing him to predict the markets and become rich in the process. Israel forces those with the proper mental and physical dexterity to become fighter pilots, they don't have a choice in the matter.
Why do you think it is nearly impossible to get a linux based forex and stock market client side trading terminal? Run netstat -ano on your windows machine, scroll down to the bottom where you will see a TCP link to a microsoft server. The NSA knows who is trading and can either intercept your MT4 data or run neural network code inject via microcode right on your laptop cpu.
NSA nuclear option Edit
https://www.youtube.com/watch?v=E7t5zbKnvQk NSA agent John McAfee explain why the Russians could not have implanted the virus.... which is true, the NSA planted it. The NSA wrote the viruses and then McAfee's company "found" them through the years, generating a stream of revenue and planting back doors. The NSA is revealing its trade secrets through its Wikileaks and Snowden Psyops because they would rather send a warning then have to actually use the nuclear option and crash Iran, India, Pakistan and China's computing infrastructure.
Recent stories about trojans wiping entire company hard drives is the NSA's warning to Iran that all flash drives will be Bleachbitted if they don't stop their secret nuclear enrichment under Zayanderud river, the one they think Israel doesn't know about. As we move to a cashless society, the NSA gains unprecedented power, able to annihilate entire economies. For example all the android , ipad phones are programmed to brick if they were to ever detect a wide scale cellphone signal loss. Or they can be made to brick by receiving a coded message via their PCB tracks tuned to 900Mhz. This would be the trigger that Israel has had enough and won't risk "fire raining down on them".
Github's NSA release(https://github.com/x0rz/EQGRP) of their hacking tools is so that if they destroy every computer in Iran, they have plausible deniability, even to the point where "Anonymous" could be roped in to take the blame. The NSA controls all computers directly at the CPU level, I think the AMD Opteron was about the last PC NSA proof and they are no longer available. By releasing the EQGRP they try to deflect knowledge about how they really control all computers.
NSA media Psyops Edit
Various links by MI6, NSA agents directing the narrative vector.
- http://www.conflictsforum.org/ Alastair Crooke is a former British diplomat(MI6) who was a senior figure in British intelligence and in European Union diplomacy. He is the founder and director of the Conflicts Forum. The site is does not allow comments is more calm, calculated and sedate than the NSA other more rabid zerohedge.com.
- http://russia-insider.com/en/politics/hard-hitting-russian-analyst-us-russia-detente-wont-happen-trump-will-try-break-sino NSA allows comments and injects its own with AI machine learning bots(Opencv), at certain places it panders more to those infatuated with the mammalian reproductive and excretory system, but not as obnoxious as with 4chan.org . Our popular culture has degenerated to the point where every argument has to involve references to defecating dogs. Even the Economist has succumbed to this. The NSA has to unfortunately adapt its style of discourse to this mental aberration as the responses to the entry on Anonymous being NSA on Reddit suggests. One can't accuse the NSA of being responsible for the Keiser report on RT news, but if you actually can stand just five minutes of that grating sarcastic infantility then you have a mental health problem.
- In this video political economy of the mass media chomsky part2 note who is asking the questions. There is one female student most likely not NSA, speaking only in her personal capacity who is so swooned by Chomsky that she gave us a foretaste of the virtue signaling behavior we have to endure. But the other questions are NSA front organizations, their tenor reflecting a honed message discipline. The decline in cognitive assertion allows widespread beliefs in unfalsifiable "chem trails" and 911 conspiracy theories. The most straightforward explanation are that the fragmented security services before 911 weren't allowed to make arrests and act preemptively and installing thermite would have been impossible as it would be detected by all the people working at the towers. Israel warned the US for years to seal off the cockpits, there wasn't any conspiracy by not doing it, merely the usual act after a crises hits behavioral weakness akin to mankind in general. We tend to wait for disaster to strike before taking precautionary measures. https://www.metabunk.org/why-didnt-the-wtc-fires-ignite-ae911s-supposed-nanothermite.t8644/
- https://consortiumnews.com/2017/02/02/trump-veers-off-course-with-iran-threats/ , trump and putin , consortiumnews
- https://motherboard.vice.com/en_us/article/how-our-likes-helped-trump-win Psychologist Michal Kosinski developed a method to analyze people in minute detail based on their Facebook activity. Did a similar tool help propel Donald Trump to victory? ...SCL, or Strategic Communication Laboratories. Kosinski Googled the company: "[We are] the premier election management agency," says the company's website. SCL provides marketing based on psychological modeling. One of its core focuses: Influencing elections. ...Who exactly owns SCL and its diverse branches is unclear, thanks to a convoluted corporate structure ..... Some of the SCL offshoots have been involved in elections from Ukraine to Nigeria, helped the Nepalese monarch against the rebels, whereas others have developed methods to influence Eastern European and Afghan citizens for NATO.
- https://www.youtube.com/watch?v=n8Dd5aVXLCc In a 10 minute presentation at the 2016 Concordia Summit, Mr. Alexander Nix discusses the power of big data in global elections. Cambridge Analytica’s revolutionary approach to audience targeting, data modeling, and psychographic profiling has made them a leader in behavioral microtargeting for election processes around the world
- https://www.youtube.com/watch?v=mmZpMqMxo2Q Agent Snowden on his new boss, Trump. https://www.youtube.com/watch?v=rM-WpZ0ZO4Y NSA Anonymous on trump. The last fifth of the video shows how much the NSA supports Trump.
Airgapped systems Edit
Airgapping two computers is done by transferring data from an internet connected computer to another pc which is never connected to the internet. The data or passwords on the isolated pc are written to the USB, on a memory location not detectable by any operating system. When the USB is inserted back to the internet connected pc, it is then extracted by magic black box instructions from this secret memory location. To at least detect this BEFORE inserting the USB back into the internet connected pc, physically record every high low transition on the usb port/stick with a logic analyzer and compare this with the data you thought you transferred. The wikipedia https://en.wikipedia.org/wiki/Air_gap_malware article specifically does not mention any of this.
One possible hack is to use OCR software and a camera to read the relevant text you want to transfer between two computers directly of a monitor. Some edits on wikipedia that werer deemed OR: https://en.wikipedia.org/w/index.php?title=Air_gap_malware&oldid=627656639 The converted malicious code is passed through ultrasonic waves from one device to other devices using Speakers and Microphones. Speaker in the system emits the converted malicious code and the microphone in the other device receives it and the virus is injected to that device.In a covert acoustical mesh network, more than two computing systems in a shared physical environment (i.e. within the physical communication range between two connected nodes) can be connected to the mesh network and computing systems are able to communicate indirectly by following routing paths over multiple hops.
Thus the NSA can extract your keystrokes via your Android, IPhone communicating with ultrasonic waves. The speaker "feature" on RC drone autopilots uploads the GPS map to your cellphone and NSA.
NSA dictates OS development Edit
The seemingly irrational Linux decisions and Windows decisions were orchestrated by the NSA so that a huge attack vector of API's , Nvidia binary blobs and entropy weakened hardware encryption could be created. Many non-NSA BSD developers couldn't understand what was going on with the Linux developers with commit rights to the Linux kernel tree. Theo Raath was at his wits end, it seemingly didn't occur to anybody that the Linux mess was deliberate(this assumes that Raath isn't an NSA agent). One can presume that the development trajectory of all Unix derivatives were influenced by key coders on the payroll of the NSA.
There is no reason why any computation must be broken up into millions of human-unintelligible instructions before a machine can execute it. Not only is it possible to build a CPU which understands a high-level programming language directly, but such devices were in fact created – many years ago – and certainly could be produced again. It is also eminently possible to build a computer which can be halted by pressing a switch, and made to reveal – in a manner comprehensible to an educated operator – exactly what it is doing and why it is doing it. Can you buy such a computer at your local electronics store? Of course not, the NSA will never allow it. http://www.loper-os.org/?p=55
“Windows Update” is a remote back-door and “Accidental” bugs, of which there is a seemingly-inexhaustible supply, make for just as effective – and, more importantly, deniable back-doors(https://en.wikipedia.org/wiki/Plausible_deniability).
Keystroke logging Edit
http://cluborlov.blogspot.co.za/2012/05/making-internet-safe-for-anarchy.html You think you are safe. But wait! Are you running a commercial operating system, like Windows or Mac OS? If so, it has a back door, added by the manufacturer based on a secret request from the US government. The back door allows someone (not necessarily the government, but anybody who knows about it) to install a keystroke logger that captures all your keystrokes and periodically uploads them to some server for analysis. Now all of your communications, and username/password combinations, are known to a third party.
One possible workaround is to click on a grid with a mouse, inserting the numbers. All keystrokes are logged by custom hardware chips on the motherboard itself and funneled over IP6 to the NSA. Under windows open the cmd terminal window and type netstat -ano. Scroll down to the bottom to find scvhost.exe funneling all your data over the IP6 protocol over UDP to the NSA. SCVHOST.exe is part of the windows OS and cannot be removed.
The NSA's http://keepass.info/ password utility attempts to gain direct memory access and has a frequent "bug fixes" release cycle so as send back the passwords. Somewhere on github is a python program that scans memory for keystroke loggers. Rufus is a potent NSA weapon, it is a windows USB boot utility that plants a trojan on any pc with any operating system. The usb copies and and inserts files on the usb stick without either windows or linux giving any indication. This is how air-gapped systems are breached. Attach a logic analyzer to the usb port to detect data this unreported data transfer.
Digitizing files Edit
https://www.encrypteverything.ca/index.php?title=Uploading_photos_privately_%28removing_EXIF_data%29 ......When you take a picture with your cell phone or a digital camera information called EXIF data is stored inside it. EXIF data can contain information that reveals personal details about you (e.g. GPS location, camera type, etc.). ..... Book liberator.
- https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html Evil maid attack.
- http://fiddler2.com/ , http://www.wireshark.org/download.html , http://www.snort.org/start/download
The traffic is coming from inside the target's machine. Thus, you would have to have complete logs, like through Fiddler or equivalent, and cross-reference that to a Snort or Wireshark session running on another machine. When you see traffic that doesn't match normal system or user traffic, then you have a suspect.
Since this is based on two things: (1) a BIOS component, and (2) a hardware transmitter component, working together.... one way to defeat it is to wipe out the BIOS and upgrade it to your own compiled fully free and open source variant, like http://www.coreboot.org/. This could possibly disable the attack even if the hardware transmitter were hard to spot and physically remained.
Note how tor must be config on vm , win7 can be bypassed
Obfuscated C-code Edit
- http://cm.bell-labs.com/who/ken/trust.html The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.
http://www.peereboom.us/assl/assl/html/openssl.html openssl deliberately made unreadable by NSA agents part of the core coding team. See http://web.archive.org/web/20140414023227/https://www.peereboom.us/assl/assl/html/openssl.html as peereboom.us warns on fake certificates. Before the the Snowden release , read somewhere that the NSA has its agents as core openbsd,freebsd,linux etc. kernel coders with commit rights to the source tree. I thought this was just to conspiratorial , after Snowden computing from inside a faraday cage should be standard. Using obfuscated C-code the NSA can hack any linux, ssl system at will.
- http://www.thehiddenwiki.net/breaking-half-of-tor-sites-compromised-including-tormail/ Java script compromises tor. Running flash youtube videos over tor provides Google with your IP address, since the flash video must have the IP address of the client side pc.
https://cpunks.org/pipermail/cypherpunks/2014-July/005183.html Recently a high profile talk on de-anonymization Tor users was pulled from Blackhat due to legal issues. Their talk outlined with a budget of $3000 with some powerful servers and multiple gigabit links they were able to de-anonymize hundreds of thousands of users in ‘a couple of months’. Exodus decided to pick up where this talk left off by letting the community know that there are many other vectors for de-anonymization. The vulnerability we have found is able to perform remote code execution with a specially crafted payload. This payload can be customized to unmask a user and show the public IP address in which the user connected from within ‘a couple of seconds’. http://blog.exodusintel.com/2014/07/23/silverbullets_and_fairytails/
NSA antics Edit
http://www.truecrypt.org is NSA software that uses Intel hardware encryption chipsets which the NSA agents with the complicity of Intel(according to various news outlets) has compromised so that the random key generator is not truly entropic and can be decrypted with specialized custom made ASIC chipsets. (Raspberry PI should not be used as web server, its hardware encryption isn't entropic(random) enough.) The max allowable password length is only 32 chars long, because not even the NSA can decrypt a 100 character password. They are not so stupid as to place any software backdoors in truecrypt itself, this would eventually be detected with a software audit, they did something that nobody even thought about: designed their very own chipset and then forced Intel to adopt it. All Truecrypt encrypted code is decrypted by the NSA when uploaded anywhere unto the Internet. The NSA can track down any person uploading to http://thepiratebay.org by comparing the file on piratebay with their cached copy of the same file that had to traverse an NSA controlled router, gateway, ISP etc. somewhere in this world. The NSA caches the entire Internet in realtime and especially homes in on encrypted files. Only by encrypting(not using truecrypt) a file before uploading to a torrent sharing site is some measure of protection provided. And even then this must start with i2p -> Tor -> clearnet. It seem that there aren't any file uploading sites that allows for encrypted upload or that allows for Tor based uploads. Tor itself is compromised, begin with i2p and then hop unto Tor.
In South Africa the uploader of the Mandela movie was caught because he rented the DVD with his ID number. It was trivial to contact all the ISP's , with this ID and extract the unencrypted cached copy on their servers linked to him. Had he torrented it over i2p to a Russian contact, it would have at least been encrypted. The NSA will not help decrypt this because they like the British during WWII didn't want the Germans to know their Enigma code was broken, don't want to make it obvious that all i2p, torrent traffic is decrypted.
Fact is - the US authorities were confronted with the following situation: 1. It proved politically impossible to force all creators/distributors of encryption software to implement a backdoor in their products (via law). See a good overview about the history here: http://www.newyorker.com/online/blogs/elements/2013/08/hard-to-crack-the-governments-encryption-conundrum.html 2. However, government and/or government agencies were absolutely convinced that the only way to guarantee security is for the authorities to be able to read the content of encrypted communications. See the document from the US Department of Justice from 1998 quoted above: https://web.archive.org/web/20040529211445/http://www.justice.gov/criminal/cybercrime/cryptfaq.htm Note the conclusion: "At bottom, it is important to recognize that society has an important choice to make. On the one hand, it can promote the use of unrecoverable encryption, and give a powerful tool to the most dangerous elements of our global society. On the other hand, it can promote the use of recoverable encryption and other techniques, achieve all of the benefits, and help protect society from these criminals. Faced with this choice, there is only one responsible solution."
So what were the US authorities supposed to do? Just do nothing and watch how "Open Source" encryption programs "take over" the market, because they are free and trustworthy, and where it won't be possible to force the creators to install backdoors like they exist in "Bitlocker"? (yes, Bitlocker is backdoored, which is well know in the law enforcement community)
Well, one possible and perfectly reasonable solution for the authorities could be: Take part in the "open source" community, offer the best program, and then dominate the market! Make a program which will be used all over the world, and which includes a very well concealed backdoor. And that's exactly what they did. They used a cover which was barely credible, as it had the elements of an international, well funded organization with considerable funds, personnel, lawyers etc., but it worked for about 10 years. In the future, we all should just be more careful, and, as I said before, should not ignore the obvious warning signs.
Chat sessions are not encrypted; Pigeon, Aim, Skype etc. You need to encrypt all text with a custom AtmelMicro attached to an RS-232 port with a diode that blocks the read signal. The NSA cannot defy the physics of a diode. This encrypted text is then inserted into the skype session, the person at the other end must have a decrypting AtmelMicro attached and the read the text from the LCD display of the micro. Anything in software on a pc is compromised.
Torvalds and NSA Edit
http://cryptome.org/2013/07/intel-bed-nsa.htm ....n 2013-07-13 12:20 AM, Eugen Leitl [forwarding Matt Mackall <mpm[at]selenic.com>] wrote: It's worth noting that the maintainer of record (me) for the Linux RNG quit the project about two years ago precisely because Linus decided to include a patch from Intel to allow their unauditable RdRand to bypass the entropy pool over my strenuous objections. Is there a plausible rationale for bypassing the entropy pool? How unauditable is RdRand? Is RdRand unauditable because it uses magic instructions that do unknowable things? Is it designed to actively resist audit? Has Intel gone out of its way to prevent you from knowing how good their true random generation is?
The naïveté of bean-counters and bureaucrats may be excusable; that of seasoned academics and engineers isn’t. Mr. Torvalds eagerly hitched the security of the Linux kernel to Intel’s Trojaned wagon. http://www.loper-os.org/?p=1299
FreeBSD10 has reverted recent commits to their source on using Intel compromised chip sets back to random key generation in software only. All Lenovo motherboards have chip sets implanted that "phones home" to China. NSA has so compromised the Android system that no bitcoin wallet is safe on it. Plastic rocks, thrown over the wall, embedded with electronic signal sniffing equipment that can detect keyboard presses, this was how the Iranian nuclear computer systems were penetrated. Faraday cages, lined with tin-foil is posb. solution to this. http://inertiawar.com/microcode/ Undocumented microcode updates from Intel. Any type of encryption can be bypassed. http://web.archive.org/web/20130727071418/http://inertiawar.com/microcode. The NSA could not have forseen something like i2p and tor, by injecting microcode etc. and controlling probably 95% of all i2p nodes they know what anybody is doing on i2p. Java's source code is not available and is obviously so NSA compromised that any magic can be performed on a program written in Java. Appelbaum is most like the narrative vector CIA agent to honeypot the sophisticated hacker. Why are the coders of i2p lives not being made difficult? Why have they chosen Java , knowing that not having the source code makes it compromised way more than Python. How are they financially able to commit themselves full time to the project .....?
NSA/FBI honeypots Edit
- http://silkroaddrugs.org/silkroad-drugs-complete-step-by-step-guide/ This is most probably a FBI honeypot site. Installing VPN software will reveal to the feds the ip address of the PC connecting to Tor. Every single VPN provides a direct stream of all activity to security services.
Password footprint Edit
https://www.schneier.com/blog/archives/2007/01/choosing_secure.html What's happening is that the Windows operating system's memory management leaves data all over the place in the normal course of operations. You'll type your password into a program, and it gets stored in memory somewhere. Windows swaps the page out to disk, and it becomes the tail end of some file. It gets moved to some far out portion of your hard drive, and there it'll sit forever. Linux and Mac OS aren't any better in this regard.
Encrypt the entire hdd and run the operating system from a usb stick, see the NSA linux distribution at http://www.mofolinux.com for more info on this.
https://www.schneier.com/blog/archives/2007/01/choosing_secure.html .....Even so, none of this might actually matter. AccessData sells another program, Forensic Toolkit, that, among other things, scans a hard drive for every printable character string. It looks in documents, in the Registry, in e-mail, in swap files, in deleted space on the hard drive ... everywhere. And it creates a dictionary from that, and feeds it into PRTK. 50% success rate cracking password.
Qubes linux Edit
Xorg or similar X-based server as your GUI server, and this is what nearly all Linux, and most of the other non-Windows OSes use, then you don't have any form of GUI-level isolation. http://theinvisiblethings.blogspot.com/2012/09/how-is-qubes-os-different-from.html Second, all mainstream desktop OSes, such as Windows, Linux, BSD, even OSX, are all based on a monolithic kernels, which present a significant security problem. This is because a typical monolithic kernel of a contemporary desktop OS contains tens of millions of lines of code, and to make it worse, most of this code is reachable from (untrusted) applications via all sorts of APIs, making the attack surface on the kernel huge. And it requires just one successful kernel exploit to own the whole system, bypassing any security mechanisms that might have been built on top of it, such as SELinux, LXC, etc.
http://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html Now, for the best, start another terminal window, and switch to root (e.g. using su, or sudo). Notice how the xinput running as user is able to sniff all your keystrokes, including root password (for su), and then all the keystrokes you enter in your root session. Start some GUI app as root, or as different user, again notice how your xinput can sniff all the keystrokes you enter to this other app! http://invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf
- http://motherboard.vice.com/read/finally-a-reasonably-secure-operating-system-qubes-r3 "...Rutkowska wants to work with a few companies and pick two or three specific models that can be "Qubes Certified" laptops. She wrote that Qubes has been in talks with two vendors over the last month, but declined to reveal their names as negotiations are ongoing...."
How would one prevent theses vendors from installing chip backdoors on detecting the Qubes operating system as the NSA has done to detect I2P activity on a pc?
NSA password software Edit
http://keepass.info/download.html Attempts to make TCP/IP connections the whole time. All downloads are probably a man in the middle attack, nobody is really connecting to sourceforge, but to an NSA proxy server. The .exe sourceforge file is obviously NSA compromised. Even compiling the code from source won't reveal the hidden obfuscation http://cm.bell-labs.com/who/ken/trust.html
NSA forum trolls Edit
- blog.thinkst.com/p/if-nsa-has-been-hacking-everything-how.html"...It isn't actually that difficult to create logic testers to verify proper operation of hardware... they're used for troubleshooting, and by factories for QC before a product even goes out the door. What seems important, now, is that these tests be made available to the public with open APIs. That would, at least, allow researchers to identify infections in the wild, and from there potentially develop software-based identification techniques....'
This quote is a typical attempt at misinformation by NSA forum posters, the rest of his post shows that he has a high level of knowledge and would therefore know that 'APIs' won't help: NSA has 5G tracking embedded inside every Microcontroller, which is why not a single high impact drone attack has been pulled off.
- http://www.roboform.com , http://www.agoradrugs.com/agora-market-guide/ advice on using VPN is laughable, all VPN's are controlled by the NSA or the VPN operators provide data. Anonymity doesn't exist anymore.
- http://www.agoradrugs.com/agora-marketplace-url/ provides the following hubris:
- Download your VPN. Download Tor. Start your VPN. Start Tor. Enter in the Agora Marketpalce URL that is above.
FINISHED! You are at the registration page for Agora.
Any VPN .exe file to download is an obvious scam, the exe file provides the authorities direct access to your TOR activities.
- http://darkwebnews.com/dark-web-market-list/ "...Remember that anonymity should be your MAIN FOCUS. You should use a VPN along with Tor browser so your ISP wont know you are using Tor to access darknet markets. ISP’s can tell you are using Tor and they are logging your use. A VPN will hide this from the..."
And VPN software installed will send the decrypted data back to the NSA, http://www.darkwebnews.com is a front for the NSA providing false information(the .com domain is the first warning flag, why not .cr? ). There is not much anybody can do about their ISP figuring out TOR usage , maybe https://www.torproject.org/docs/bridges will help.
The thing is that a number of us have been on top of them quite well. We've continually pushed for the larger INFOSEC industry to see and act on these risks. They were called speculative, impractical, overly paranoid, nonexistent, and so on. My own framework called for everything from custom firmware to strong TCB's to covert channel mitigation at the cache level. The industry just doesn't listen or learn ***** compared to many other fields.
A great, recent example was the covert channel attack on cloud services that used a covert channel published years before and predicted over a decade before. Why didn't we see those coming since we figured them out over a decade ago? Why do people keep rediscovering this same issue that attackers at NSA's level actually know how to use? This applies to too many things in INFOSEC.
A few were interested in how a high assurance security engineer would look at these points. So, let's have a look. :)
1. Adherence to classification/secrecy.
Yes, this is the norm rather than the exception. I predicted that anything this risky would be in SAP's with dedicated personnel, paperwork, host systems, networks, and so on. The information would be behind guards with people deciding what could be released at what level. People doing these SAP's are *highly* vetted people. Summaries of their results could be released under certain clearances and to certain people. It would be highly compartmentalized with few seeing the big picture or how it was used in practice.
The leaks showed the technologies were developed in SAP's with selective release under codeword. Easy prediction given it's the black program M.O. I've even posted their public security guides here. The surprise was that so much access was concentrated at Booz with so little security and monitoring. I expected at least a little more given the Manning leaks. Especially since the data is so close to SAP's. The expectation that did pass is that the Snowden leaks aren't SAP's that I can see: just summaries and briefings without the full data and tech that's still compartmentalized. That system works so long as the personnel aren't infiltrators (esp Chinese and Russian).
2. You thought they were someone else.
We all do that. Proxies, black hat attack tools, strategies copied out of [good] hacking guides... anything to blend in. The NSA has it better given the huge number of both organized crime and nation states involved in hacking. If I were them, I'd use their vast monitoring systems and partnership with groups like Mandiant to obtain exact MO + toolset of these organizations. Then, their own people can use them.
Another possibility was that the tools are becoming standardized enough that it's hard to tell who is who. These range from all-in-one kits on hacker forums to professional tools sold by the likes of Finfisher. We know both types are sold to a broad customer base of people committing espionage. This might lead their attacks to look a bit similar with the customization aspects, originating IP's, and behavioral profiles being the identifier.
3. You were looking at the wrong level.
I proved this by posting my own framework in a discussion on secure code vs secure systems. Most developers were satisfied if it ran a NIX with enhanced security "features," some crypto protocols, code audits of app, and maybe things like Stackguard. The TCB concept dictates security must be baked in ground up and the common standard was bogus. Extra nails in the coffin came from defense contractors and NSA classifying those as for "inadvertant and casual attempts to breach security." They then rated the whole market at that level (or below!) of security minus a few exceptions that mainly sold to them.
So, we've been saying it a while now. INFOSEC pro's were stubborn, industry just pushes nonsense customers want, and customers didn't want to sacrifice legacy for real security. Result was predictable.
4. Some beautiful misdirection.
That's really just 2 with less incompetence. This might include planting evidence on the system for pro's to find that point in a different direction. Smokescreens abound with professionals.
5. They were playing chess and you were playing checkers.
I love this one: it's absolutely true. NSA themselves already defined the Orange Book A1 and C.C. EAL6+ High Robustness requirements that determine when they will *start* to trust something against software attacks by High Strength Attackers. Their own pentesters often couldn't beat such systems. Instead, they worked to come up with more clever integrations of those with legacy systems and ways to apply such rigorous methods more cheaply to *defense systems*. Their teams also leverage all that security engineering expertise to identify and hit anything not developed to such criteria.
Which brings us to most proprietary and FOSS technologies: low to medium robustness through and through. These are build by so many people doing systems development who don't know how to do covert channel analysis, what a trusted path is, the importance of secure SCM, how precise security/design specs + simplified implementation can mitigate developer subversion, the benefits of non-x86 hardware, and so on. Even most smart people doing mainstream INFOSEC are so far removed from true security engineering that it's like they're playing a different, amateur game altogether. Pro tip: pro attackers can only be defeated by pro defenses. Security has no amateur league [that wins].
6. Your "experts" failed you miserably.
This builds on 5 actually. I've had to explain to top, press-making people in this field why a user-mode driver is better than a kernel-mode driver, how their idea is full of covert channels, and even that secure systems can't be built on OS's with megabytes of privileged code. The field inherently has trouble maintaining and passing on the wisdom learned from prior generations who designed or fielded highly secure systems. We need to work on that. I've done my part at evangelizing high assurance design but it will take a large, organized effort to actually succeed. Specifics of that are still an open question.
The other part of this issue is the "experts." These are people who are believed to be experts due to possessing certifications, references from clueless companies, and references from INFOSEC companies. As they're all doing low assurance, the expert is guaranteed to be clueless on building highly robust systems. However, he or she might be quite knowlegeable on what the industry focuses on. Industry and its experts are another issue though: pushing fake or ineffective solutions is profitable so they do that pervasively. Combine these effects, you probably have most of the professionals in the field and their collective voices drown out naysayers like myself promoting the strong stuff.
Answer is No 7: all of the above. The problems all feed into each other to become quite a vicious circle. The good news is that high assurance security engineering and practical approximations of it are still around. Lots of different companies and projects are working on the strong stuff: crash-safe.org's SAFE processor; CHERI capability processor; DARPA secure fabrication work; new networking designs like MinimaLT; easy, strong crypto like NaCl; stronger virtualization like HAVEN and SKPP kernels; driver synthesis with Termite2; fundamentally better OS architecture like GenodeOS, EROS, or JX OS. The list goes on.
Moreover, such methods have more funding and publicity than ever before. Still a blip on the larger IT and INFOSEC radar. However, the methods aren't lost, many pro's are focused on secure endpoints, and some are even compatible with legacy software. World's always getting darker but future for widespread high assurance is at least a little brighter. Meanwhile, study on what's known about building highly robust systems and *apply it* in every component you can.
jdgalt • February 12, 2015 12:19 AM
What jumped out at me from the first article was that PBXes (private telephone exchanges) are one of the targets. No wonder the industry is resisting measures that would defeat people who use a PBX to fake their caller ID when they spam -- the government uses those loopholes, so it wants them to remain open.
Securing the phone network would be a much harder job than securing the internet. Fortunately it isn't necessary. VOIP and similar services are fast making traditional phones completely unnecessary.
Paul Henning Kamp Edit
- https://www.openbsd.org/innovations.html OpenSSH including ssh(1), scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), sshd(8), sftp-server(8): Started by Aaron Campbell, Bob Beck, Dug Song, Markus Friedl, Niels Provos, and Theo de Raadt as a fork of SSH 1.2.12 by Tatu Ylonen. Imported September 26, 1999 and first released with OpenBSD 2.6. Now maintained by Markus Friedl, Damien Miller, Darren Tucker, and Theo de Raadt
Theo claims that he can support himself solely by his bsd coding, any of the contributions your living expenses form the NSA perhaps? For somebody who complains about the coding mess in linux, isn't it perturbing that he insists on five levels of indirection to open a text file in openssl using (if(0)) statements?
https://fosdem.cu.be/2014/Janson/Sunday/NSA_operation_ORCHESTRA_Annual_Status_Report.webm by https://en.wikipedia.org/wiki/Poul-Henning_Kamp How close is Kamp to Snowden, did KMP release first time information, that nobody else had access to? If so then he is NSA all the way, because nobody pawns the NSA. He discusses NSA Operation Orchestra, the fudging of SSL. The API is confusing, documentation deficient and defaults misleading. Kamp seems to have very intimate knowledge about just how ssl was corrupted. In the video he informs us that Glen Greenwald(http://glenngreenwald.net/) won't release damaging Snowden leaks, how well does Kamp know Greenwald? Everybody is assuming that the NSA got hacked, actually the NSA is releasing all this info, desperately trying to prevent Israel from attacking Iran, by convincing Iran the NSA can crash their computing infrastructure.
If Iran is attacked, it will result in a depression forcing the Fed to take rates down to -5%. The 2008 crises necessitated a stimulus package of $15trillion. China already represents a systemic risk with $31 trillion in debt, they functioned as a shock absorber spending trillions in stimulus as seen with their empty cities. To put $31 trillion into perspective, it was $3.7trillion 10 years ago with the start of the financial crises. Greece has shown us how people can stop having kids, with negative demographics we have a vicious spiral we cannot pull out of.
All our growth has been a leverage on China. Oil prices, iron ore, copper, real estate, and today’s global cyclical recovery are all directly tied back to China. And this can all continue for a time. Or end abruptly and it probably will with their negative demographics. See energy China economica , why the world economy will eventually implode. But they won't be able to create such massive credit again if world growth collapses as it will with an attack on Iran. If Fed rates go down to -5% , it won't ever recover leading to a pension crises. Snowden is an NSA act of desperation. Iran must stop their nuclear program, Israel isn't going to allow it.
Imagine that only three people are left on earth, one in the USA, Europe and Japan and they each have debts of $50tril, $40tril and $20tri: what are these figures then even supposed to mean? If energy were ever to become free and abundant via some solar breakthrough, then all debt which is a claim on energy production, will have their yields turn negative. Solar energy is held back by the inability to produce a cheap tracking device that can give 1/10 of a degree resolution. Since tracking devices which can produce 1/10 are expensive , it necessitates larger structures which have a qubic cost relationship.
- Zerohedge articles on China shadowbanking ponzi scam.
- http://maliceafterthought.com/ NSA agent who insists on GPG and email contact only. All Defcon speakers are NSA agents, allowing narrative vectoring.
- https://www.youtube.com/watch?v=TdWceehRt9I Narrative vectoring between agent Friedman and Tucker.
- https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Kamkar , https://twitter.com/samykamkar , https://github.com/samyk. NSA agent Sammy(ytbe vid) doesn't state that https SSL is NSA borked and supports the EFF, an NSA front. As an NSA agent he wrote a worm that got him arrested and banned from using computers for three years, this was to establish his hacker image so that the EFF's profile could be boosted by associating with Samy. he did not go to jail. The hacking tools released by Agent Sammy and Defcon leaves specific signatures detected by the cpu, allowing the NSA to track hackers and use hackers as a cover for their own activity.
- Charlie Miller and Chris Valasek
- http://www.irongeek.com/ NSA agent and Defcon speaker, all these counter measures are misdirection away from how the NSA really controls all computing devices: direct Intel cpu access. The NSA can brick all computers anywhere at any time.
- http://www.irongeek.com/i.php?page=videos/bloomcon2017/100-strange-times-we-live-in-alexander-muentz Lawyer and security expert from Leviathan Security .... now who does he really work for? Anybody who claims to be secure communications expert, etc. must show us his version of SSL on Github, a version that won't attempt to open a file via five attempts of indirection or contain code such as If(0)
- https://www.youtube.com/watch?v=4kX90HzA0FM HAK5
- https://www.youtube.com/watch?v=h5PRvBpLuJs 45 hack everything.
- https://www.youtube.com/watch?v=K2ZJDZVeheU garage door hacking
- https://bsnews.info/propaganda-noam-chomsky-media-manipulation-democracy/ probably another nsa front.
- https://www.pastemagazine.com/articles/2016/07/edward-snowden-is-a-russian-agent.html misdirection
- https://veracrypt.codeplex.com/ ".....Veracrypt is the top software for file system encryption. It has great features and performance, able to encrypt drives and directries, even hiding them from detection. Encryption is even better than its predecessor, Truecrypt, and the user interface is much improved. Ecryptfs is an encrypted filesystem with support built into the Linux Kernel. It is fast, strong, and efficient enough to keep users' files safe from unwanted access. Ecryptfs is the principal means of encrypting the home directory and other storage volumes in Linux. It is suggested that users run MOFO Linux from a flash drive and keep a separate flashdrive partition for encrypted files. Another option is to use a separate drive and encrypt its entire contents, accessing it through Veracrypt. Doing that, it is possible to carry a large volume of data which is quite difficult to detect and even more difficult to decrypt. In theory, a well-arranged encrypted volume should be secure for centuries. Be careful to create strong passwords. Do not allow any secret keys to be compromised....."
Veracrypt and http://www.mofolinux.com , yet another NSA front (the .com is first problem, .com allows the NSA easier man-in-the middle attack vector then say .cr that kat uses). Sure you can probaly use this to upload journal papers to Libgen dot info, by first sending the encrypted file to a contact in Russia and have the Russian upload it to libgen. Over some encrypted link (tor chat), micro with diode blocking the password to decrypt the file in Russia is sent. Anything uploaded over clearnet is cached, by comparing the copies on the routers, the NSA can figure out who uploaded what.
- ECC is uncrackable , why the NSA does not want its adoption away from RSA. Their quantum computer solving elyptic is a redherring as a QM of 30bits cannot solve a 31 bit encrypted system and isn't on the horizon.
- http://zqktlwi4fecvo6ri.onion/wiki/Main_Page Hidden wiki, http://www.thehiddenwiki.net/access-the-hidden-wiki/ ( uses outdated flash).
- https://www.neomailbox.com/ Webmail
- https://pravokator.si/index.php/2014/06/02/on-mobile-phone-security/ explains why any type of blackphone (no NSA access) is impossible.
- https://www.anonymousspeech.com/registration.aspx#registration Webmail, email
- http://www.hushmail.com email, sign in every 3 weeks.
- http://www.keepassx.org/screenshots/ http://underhanded.xcott.com/
- http://blog.thinkst.com/p/if-nsa-has-been-hacking-everything-how.html ....Case in point: why did they use "=" instead of "^=" when they added the FIPS PRNG to GPG? Infiltration is staring everyone in the face, and people do shout about it... Nobody notices or cares though. They've been trained to think everyone who points this stuff out is a hysterical conspiracist, and ignore......... https://www.gnupg.org/
- https://www.comodo.com/ NSA controlled Comodo firewall is free because the NSA whishes to install Geekbuddy allowing the NSA to take remote control of you pc and siphon of company information. This information is shared with the Fortune 500 companies once a year under the ruse of 'cyber security'. The NSA is an industrial espionage machine under the cover of national security. Putin mandated that mechanical typewriters be used for top secret classified information: what does he know that we don't?
- http://networkfilter.blogspot.com/2015/01/be-your-own-vpn-provider-with-openbsd.html openbsd VPN , openBSD on install downloads NSA binaries .... sigh .... privacy ?
- https://anonfiles.com/ NSA honeypot, any uploads of say corporate trade secrets will be shared with said corporation and identity easily revealed but the uploader not necessarily arrested. Like the British during WWII with the Germans, they cannot make it too obvious that encryption is sabotaged. The .com domain instead of say .cr , .io domain is a give away.
- http://darkwebnews.com/help-advice/dark-web-beginners-security-guide/ NSA site, good info interspersed with nonsense.
- http://invisible.im/ Probably another NSA project. The NSA is creating these "brilliant" projects in order to prevent alternative solutions, they control the project by obfuscated c code, trojaned intel chips etc. https://ricochet.im/ wrote:"..You should support The Tor Project, EFF, and run a Tor relay....". Ricochet is an NSA project to deceive people into using Tor, i2p should be used or should it? Putin uses a mechanical typewriter, maybe homing pigeons ?
- http://linux.slashdot.org/story/15/11/06/132209/linuss-thoughts-on-linux-security NSA forum trolls lamenting on how difficult true security is .... Linux, BSD,(unix whatever) is insecure because no US citizen working on the Linux, BSD kernel tree cannot thwart the NSA and expect a normal family life ... Torvalds loves his kids way more than those thinking they have a secure linux.
- https://www.dashlane.com/security Nsa password manager
- https://www.dashlane.com/security why did they not remain with .ch domain? .com domains are under the direct control of the NSA. No secure email service exists.
- https://forums.gentoo.org/viewtopic-t-934678.html in this thread see if you can identify the NSA forum trolls(hint they are for Systemd) http://kmuto.jp/debian/hcl/ , http://kernel-seeds.org/ , http://web.archive.org/web/20120112022111/http://kernel-seeds.org/ ,
https://www.gadgetdaily.xyz/a-linux-conspiracy-theory/ Beyond just GNOME apps and tools being stripped of options, Red Hat employee and lead GNOME developer William Jon McCann was caught opening a bug report on the independent Transmission BitTorrent client telling the developers that its panel notification feature should be removed. Why? Merely because GNOME 3 no longer supports a panel: “Transmission has an option in the Desktop tab of the preferences to ‘Show Transmission icon in the notification area’. This should probably be removed.” Transmission developer Charles replied, “So now we can have three builds of Transmission that decide at compile time whether to use AppIndicator, GtkStatusIcon or nothing at all… Removing it altogether, as you suggest, will hurt Xfce users.” McCann replied, “I guess you have to decide if you are a GNOME app, an Ubuntu app, or an Xfce app unfortunately… And I have no idea what Xfce is or does, sorry. It is my hope that you are a GNOME app.” Charles’s reply to this: “*speechless*”.
- https://www.youtube.com/watch?v=BGJzG7BnYb0 Agent Friedman, next 100 years.