Daily Archives: March 18, 2015

Is High Tech Talking Barbie An NSA Spy?
Is High Tech Talking Barbie An NSA Spy? Is the new Barbie that #39;talks #39; and #39;listens #39; to your conversations an NSA spy? Consider that this new High Tech Barbie is actually Internet aided...

By: Zennie62

Continue reading here:
Is High Tech Talking Barbie An NSA Spy? - Video

Pastor Mike Online 03-12-15, NSA Spy Apps, Hillary Has Horns, And Ferguson Update
Visit http://PastorMikeOnline.com - In today #39;s show, Pastor Mike Hoggard discusses topics that include: NSA using IOS and Android apps to spy on Americans, Hillary Clinton has horns, an update...

By: MikeHoggardVideos

Excerpt from:
Pastor Mike Online 03-12-15, NSA Spy Apps, Hillary Has Horns, And Ferguson Update - Video

Everyone #39;s a Target, NSA #39;s Mass Surveillance and Cyber Warfare in the Middle East
Since the revelations of Edward Snowden, there has been a great deal of discussion about NSA and domestic eavesdropping. But except for Germany, there has been very little examination of NSA #39;s...

By: American University of Beirut

See more here:
Everyone's a Target, NSA's Mass Surveillance and Cyber Warfare in the Middle East - Video

CURRUPT NSA withholding(7)

By: Daniel Gartzman

See the rest here:
CURRUPT NSA withholding(7) - Video

Want to know something odd? Its 2015 and all the top anti-virus products for Mac OS X use insecure lines to transmit their software to Apple Apple machines. Download files, known as .dmg files,for products including Kaspersky, Symantec Symantec, Avast, Avira, Intego, BitDefender, Trend Micro, ESET and F-Secure are all sentover unencrypted HTTP lines, rather than the more secure HTTPS. There is method in their madness, as they trust Apples Gatekeepersecurity technology to recognise the digital signatures they sign their software with that should guarantee the authenticity of the download.

But a former NSA and NASA staffer Patrick Wardle, who now heads up research at security start-up Synack, believes he has found a new way to abuse such insecure downloads and bypass protections in Apple Macs without getting caught. Normally, anyone who intercepts a download to turn it nasty wont get away with it, as Mac Gatekeeperwill see that the vendors original signature has been altered or taken away entirely, and the software tampered with, meaning its no longer trusted.

Yetthe Gatekeeper software doesnt check all components of Mac OS X download files, according to Wardle. He believes he can sneak a malicious version of whats known as a dylib file into legitimate downloads done over HTTP to infect Macs and start stealing data.These dylibs (short for dynamic libraries) are designed to be re-used by different applications; they might be used for actions such as compressing a file or using native graphics capabilities of the operating system. Theyre supposed to make apps work more efficiently.

If an attacker can hijack the dylib processes used by Mac apps, however, they can carry out nasty attacks and send user data to their own servers, the researcher explained. Such an attack would not be trivial, Wardle admits. First, the attacker would have to get on the same network as a target, either by breaching it or simply logging on to the same public Wi-Fi. They would also have to injecta legitimate yet vulnerable application into the downloadand shuffle around the content of the .dmg so thatthe injected legitimate softwareis shown to the user. The latter is not so tricky:the attacker can set the name and icon of thisvulnerable app so nothing looks suspicious, said Wardle.

Finding vulnerable apps shouldnt be too hard either.Wardle created a scanner that looked for applications that would use his naughty dylibs. He found around 150 on his own machine, including hugely popular software likeMicrosoftWord and Excel,Apples own iCloud Photos and Dropbox. The list also includedApples developer tool XCODE and email encryption key management software GPG Keychain, both of which he abused in his proof of concept attacks. According to a recent article in The Intercept, Snowden files showed researchers were demonstrating how amodified version of XCODEcould be used to siphon off targets passwords and other data. Wardle said it was 100 per cent coincidence that his former employer had also targeted XCODE.

Wardled noted that apps from Apples Mac App Store are not vulnerable.

Apps vulnerable to dylib attacks slide from Patrick Wardle

Despite the barriers to successful exploitation, his techniques have provided him with a novel way to bypass Gatekeepers draconian detection mechanism (its also not too dissimilar from DLL attacks of yore on Windows).It is, he added, a cunning way to bypass Mac OS X Gatekeeper protections and allow hackers to go back to their old tricks.

When the injected legitimateapplication is launched the unsigned malicious dylib is loaded or executed(even if the user sets his machine to accept only all apps from the Mac App Store) before theapps main code. At this point the dylib can do anything. I see it a)kicking off the legitimate application that the user was downloading sonothing seems amiss, and b) installing the implant component which will then complete the rest of the attack, persistently infecting the userscomputer. He noted theattack should also work on downloaded .zip filesthat contain applications.

Mac OS X dylib hijacking attacks slide from Patrick Wardle

See original here:
Ex-NSA Researcher Finds Sneaky Way Past Apple Mac's Gatekeeper

Critics say a crisis of transparency surrounds modern spying methods in Canada after revelations that a close ally the U.S. National Security Agency has been looking at the communications traffic of at least two Canadian corporations.

There are people from the NSA working inside of CSE as we speak, said NDP defence critic Jack Harris, referring to U.S. intelligence analysts embedded inside the Communications Security Establishment, the NSAs Canadian counterpart.

Mr. Harris said he has many questions about the extent of Canadas close surveillance partnerships with the United States, but Parliamentarians are not authorized to get answers.

Were reaching a crisis point on this, he said in an interview, pointing out that the Conservative government faces several spying controversies.

The Globe and Mail reported on Tuesday that a leaked NSA document from 2012 includes Royal Bank of Canada and Rogers Communications Inc. on a list of global firms whose private communication networks the U.S. agency appeared to be interested in mapping.

The document which The Globe obtained from a confidential source suggests the agency was describing efforts to identify and analyze computer networks controlled by corporations.

Markings on the document, a presentation for intelligence officers, indicate it may have been shared with Ottawa nearly three years ago. Rogers and RBC told The Globe they had no idea the NSA had any interest in their networks, which they insist are secured against intruders.

The NSA has said it will not discuss allegations about its intelligence activities.

There is no indication the NSA went as far as getting at any data inside individual computers or reading communications related to the Canadian companies. However, the presentation suggests the agency went further in using its mapping techniques to look at the computer systems controlled by a Chinese telecom giant.

The name of Huawei Technologies Co. Ltd. appears in the presentation, and the NSA appears to have had a keen interest in isolating the corporations data channels. These links are likely to carry Huawei traffic, reads one slide.

Here is the original post:
Reports of NSA spying on Canadian companies fuel calls for more transparency

Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says.

The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers.

The interception campaign was revealed last May.

Speaking at a Cisco Live press panel in Melbourne today, Stewart says the Borg will ship to fake identities for its most sensitive customers, in the hope that the NSA's interceptions are targeted.

"We ship [boxes] to an address that's has nothing to do with the customer, and then you have no idea who ultimately it is going to," Stewart says.

"When customers are truly worried ... it causes other issues to make [interception] more difficult in that [agencies] don't quite know where that router is going so its very hard to target - you'd have to target all of them.

There is always going to be inherent risk."

Stewart says some customers drive up to a distributor and pick up hardware at the door.

He says nothing could guarantee protection against the NSA, however. "If you had a machine in an airtight area ... I stop the controls by which I mitigate risk when I ship it," he says, adding that hardware technologies can make malicious tampering "incredibly hard".

Cisco has poked around is routers for possible spy chips, but to date has not found anything because it necessarily does not know what NSA taps may look like, according to Stewart.

Original post:
Cisco posts kit to empty houses to dodge NSA chop shops