Everyone #39;s a Target, NSA #39;s Mass Surveillance and Cyber Warfare in the Middle East
Since the revelations of Edward Snowden, there has been a great deal of discussion about NSA and domestic eavesdropping. But except for Germany, there has be...
By: American University of Beirut
See the rest here:
Everyone's a Target, NSA's Mass Surveillance and Cyber Warfare in the Middle East - Video
NSA : Documentary on the Secret Intelligence Agency NSA | GERMAN TV SHOWS
NSA : Documentary on the Secret Intelligence Agency NSA . ...
By: GERMAN TV SHOWS
Read more:
NSA : Documentary on the Secret Intelligence Agency NSA | GERMAN TV SHOWS - Video
CURRUPT NSA withholding(7)
By: Daniel Gartzman
Go here to see the original:
CURRUPT NSA withholding(7) - Video
Want to know something odd? Its 2015 and all the top anti-virus products for Mac OS X use insecure lines to transmit their software to Apple Apple machines. Download files, known as .dmg files,for products including Kaspersky, Symantec Symantec, Avast, Avira, Intego, BitDefender, Trend Micro, ESET and F-Secure are all sentover unencrypted HTTP lines, rather than the more secure HTTPS. There is method in their madness, as they trust Apples Gatekeepersecurity technology to recognise the digital signatures they sign their software with that should guarantee the authenticity of the download.
But a former NSA and NASA staffer Patrick Wardle, who now heads up research at security start-up Synack, believes he has found a new way to abuse such insecure downloads and bypass protections in Apple Macs without getting caught. Normally, anyone who intercepts a download to turn it nasty wont get away with it, as Mac Gatekeeperwill see that the vendors original signature has been altered or taken away entirely, and the software tampered with, meaning its no longer trusted.
Yetthe Gatekeeper software doesnt check all components of Mac OS X download files, according to Wardle. He believes he can sneak a malicious version of whats known as a dylib file into legitimate downloads done over HTTP to infect Macs and start stealing data.These dylibs (short for dynamic libraries) are designed to be re-used by different applications; they might be used for actions such as compressing a file or using native graphics capabilities of the operating system. Theyre supposed to make apps work more efficiently.
If an attacker can hijack the dylib processes used by Mac apps, however, they can carry out nasty attacks and send user data to their own servers, the researcher explained. Such an attack would not be trivial, Wardle admits. First, the attacker would have to get on the same network as a target, either by breaching it or simply logging on to the same public Wi-Fi. They would also have to injecta legitimate yet vulnerable application into the downloadand shuffle around the content of the .dmg so thatthe injected legitimate softwareis shown to the user. The latter is not so tricky:the attacker can set the name and icon of thisvulnerable app so nothing looks suspicious, said Wardle.
Finding vulnerable apps shouldnt be too hard either.Wardle created a scanner that looked for applications that would use his naughty dylibs. He found around 150 on his own machine, including hugely popular software likeMicrosoftWord and Excel,Apples own iCloud Photos and Dropbox. The list also includedApples developer tool XCODE and email encryption key management software GPG Keychain, both of which he abused in his proof of concept attacks. According to a recent article in The Intercept, Snowden files showed researchers were demonstrating how amodified version of XCODEcould be used to siphon off targets passwords and other data. Wardle said it was 100 per cent coincidence that his former employer had also targeted XCODE.
Wardled noted that apps from Apples Mac App Store are not vulnerable.
Apps vulnerable to dylib attacks slide from Patrick Wardle
Despite the barriers to successful exploitation, his techniques have provided him with a novel way to bypass Gatekeepers draconian detection mechanism (its also not too dissimilar from DLL attacks of yore on Windows).It is, he added, a cunning way to bypass Mac OS X Gatekeeper protections and allow hackers to go back to their old tricks.
When the injected legitimateapplication is launched the unsigned malicious dylib is loaded or executed(even if the user sets his machine to accept only all apps from the Mac App Store) before theapps main code. At this point the dylib can do anything. I see it a)kicking off the legitimate application that the user was downloading sonothing seems amiss, and b) installing the implant component which will then complete the rest of the attack, persistently infecting the userscomputer. He noted theattack should also work on downloaded .zip filesthat contain applications.
Mac OS X dylib hijacking attacks slide from Patrick Wardle
Read more:
Ex-NSA Researcher Finds Sneaky Way Past Apple Mac's Gatekeeper
The National Security Agency needs to establish a broader dialogue across the nation in order to better strike a balance between an individuals rights to privacy and the need to intelligently secure our nation, said Admiral Michael Rogers, NSA director and U.S. Cyber Command commander.
Its not me as director of the NSA that ought to be making that decision [to find a balance]. We as a nation need to decide what are we comfortable with, whats the right balance, he said.
Admiral Rogers, who has been in command since April 2014, spoke to an audience of students, faculty, and community members in a conversation titled Challenges and Opportunities in an Interconnected World in Alexander Hall at Princeton University on Tuesday.
He opened the conversation with an introduction to the missions of the NSA and Cyber Command, and his expectations for the organizations core priorities: obeying the rule of law, being accountable to the citizens they defend, acknowledging mistakes, and not cutting corners.
In the end, NSA is a group of highly motivated men and women who are trying to do the right thing the right way, but they are men and women. They will sometimes make mistakes, Admiral Rogers said. So we say, hey, if we make a mistake, we stand up, we tell the court we made a mistake, we tell Congress we made a mistake, we tell the attorney general that we made a mistake.
During the subsequent question and answer session, Admiral Rogers emphasized the need for the NSA to create more public confidence in its mission.
If were honest with each other, what is our confidence in Congress and the world were living in right now? Admiral Rogers asked. Not as high as we all wish it were.
He noted that after Senate investigation into intelligence community abuses of the rights of citizens, Congress passed the Foreign Intelligence Surveillance Act of 1978, which created a new legal framework of oversight for the NSA yet national confidence in the NSA remains low.
The very mechanisms, almost 40 years ago, that we put in place to try to generate confidence are now questioned by our citizens. Its not a criticism, its just a fact, he said. What are the mechanisms we can create that will engender greater confidence?
In response to a question about cyberspace deterrence, Admiral Rogers advocated for a proportional and specific response. He also noted that much of the current research about deterrence is done in the private academic sector and called on the Princeton community to help address these difficult questions for the nation.
Go here to read the rest:
PRINCETON: NSA director says better balance needed between individual privacy and national security