2 January 2014
Jacob Appelbaum on Der Spiegel NSA/GCHQ Reports
Date: Fri, 03 Jan 2014 00:37:45 +0000
From: Jacob Appelbaum <jacob[at]appelbaum.net>
To: "liberationtech[at]lists.stanford.edu"
<liberationtech[at]mailman.stanford.edu>,
cpunks
<cypherpunks[at]cpunks.org>
Subject: Recent Der Spiegel coverage about the NSA and GCHQ
Hi,
I wanted to write to highlight some important documents that have
recently been released by Der Spiegel about the NSA and GCHQ. We worked very
hard and for quite some time on these stories - I hope that you'll enjoy
them.
Inside TAO: Documents Reveal Top NSA Hacking Unit:
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
Part 1: Documents Reveal Top NSA Hacking Unit:
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
Part 2: Targeting Mexico:
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-2.html
Part 3: The NSA's Shadow Network:
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-3.html
NSA's Secret Toolbox: Unit Offers Spy Gadgets for Every Need:
http://www.spiegel.de/international/world/nsa-secret-toolbox-ant-unit-offers-spy-gadgets-for-every-need-a-941006.html
Shopping for Spy Gear: Catalog Advertises NSA Toolbox:
http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
Interactive Graphic: The NSA's Spy Catalog:
http://www.spiegel.de/international/world/a-941262.html
Neue Dokumente: Der geheime Werkzeugkasten der NSA:
http://www.spiegel.de/netzwelt/netzpolitik/neue-dokumente-der-geheime-werkzeugkasten-der-nsa-a-941153.html
NSA-Programm "Quantumtheory": Wie der US-Geheimdienst weltweit Rechner
knackt:
http://www.spiegel.de/netzwelt/netzpolitik/quantumtheory-wie-die-nsa-weltweit-rechner-hackt-a-941149.html
Der Spiegel 1 / 2014:
https://magazin.spiegel.de/digital/index_SP.html#SP/2014/1/124188114
http://www.spiegel.de/spiegel/index-7629.html
TAO slides:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326.html
NSA QUANTUM Tasking Techniques for the R&T Analyst:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329.html
Yahoo! user targeting and attack example with QUANTUM:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-5.html
QUANTUMTHEORY and related QUANTUM programs:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-24.html
If you'd like to detect the QUANTUM INSERT, I suggest reading about the race
condition details:
http://www.spiegel.de/fotostrecke/qfire-die-vorwaertsverteidigng-der-nsa-fotostrecke-105358-15.html
Details about the Man-On-The-Side with QUANTUM:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-3.html
QFIRE (NSA-Geheimdokumente: "Vorwärtsverteidigung" mit QFIRE),
TURMOIL,
TURBINE, TURBULENCE:
http://www.spiegel.de/fotostrecke/qfire-die-vorwaersverteidigng-der-nsa-fotostrecke-105358.html
MARINA:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-15.html
More MARINA details:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-21.html
Catalog of equipment covering around ~50 programs:
http://www.spiegel.de/netzwelt/netzpolitik/interaktive-grafik-hier-sitzen-die-spaeh-werkzeuge-der-nsa-a-941030.html
Other slides covering FOXACID and more:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-2.html
NSA QUANTUMTHEORY capabilities list:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-11.html
GCHQ QUANTUMTHEORY capabilities list:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-12.html
OLYMPUSFIRE:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-13.html
An overview of all of these articles is available in German:
http://www.spiegel.de/netzwelt/netzpolitik/quantumtheory-wie-die-nsa-weltweit-rechner-hackt-a-941149.html
Earlier this week, I also recently gave a talk titled "To Protect and Infect:
part two" at CCC's 30C3. In the talk I explain a number of these topics -
the video is a reasonable complement to the above stories:
https://www.youtube.com/watch?v=b0w36GAyZIA
There are quite a few news articles and most of them have focused on the
iPhone backdoor known as DROPOUTJEEP - they largely miss the big picture
asserting that the NSA needs physical access. This is a misunderstanding.
The way that the NSA and GCHQ compromise devices with QUANTUMNATION does
not require physical access - that is merely one way to compromise an iPhone.
Generally the NSA and GCHQ compromise the phone through the network using
QUANTUM/QUANTUMNATION/QUANTUMTHEORY related attack capabilities.
An example of a vulnerable Apple user is shown:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-24.html
"note: QUANTUMNATION and standard QUANTUM tasking results in the same
exploitation technique. The main difference is QUANTUNATION deploys a state
0 implant and is able to be submitted by the TOPI. Any ios device will always
get VALIDATOR deployed."
They're not talking about Cisco in that slide, I assure you.
Details on VALIDATOR:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-13.html
Welcome to 2014!
The truth is coming and it can't be stopped,
Jacob
Date: Thu, 2 Jan 2014 17:01:56 -0800
Subject: Re: [liberationtech] Recent Der Spiegel coverage about the NSA and
GCHQ
From: coderman <coderman[at]gmail.com>
To: liberationtech <liberationtech[at]mailman.stanford.edu>
Cc: cpunks <cypherpunks[at]cpunks.org>
On Thu, Jan 2, 2014 at 4:37 PM, Jacob Appelbaum
<jacob[at]appelbaum.net> wrote:
> ...
> I wanted to write to highlight some important documents that
have
> recently been released by Der Spiegel about the NSA and GCHQ. We
worked
> very hard and for quite some time on these stories - I hope that
you'll
> enjoy them.
second only to BULLRUN drop; thank you!
> ...
> OLYMPUSFIRE:
>
>
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-13.html
off by one error; this is "VALIDATOR"
the OLYMPUSFIRE doc is at:
http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-14.html
> ...
> There are quite a few news articles and most of them have focused on
the
> iPhone backdoor known as DROPOUTJEEP - they largely miss the big
picture
> asserting that the NSA needs physical access. This is
a
>misunderstanding. The way that the NSA and GCHQ compromise devices
with
> QUANTUMNATION does not require physical access - that is merely one
way
> to compromise an iPhone. Generally the NSA and GCHQ compromise the
phone
> through the network using QUANTUM/QUANTUMNATION/QUANTUMTHEORY
related
> attack capabilities.
thank you as well for this clarification. keep it up :)
Date: Fri, 03 Jan 2014 01:12:21 +0000
From: Jacob Appelbaum <jacob[at]appelbaum.net>
To: liberationtech[at]mailman.stanford.edu
Subject: Re: [liberationtech] Recent Der Spiegel coverage about the NSA and
GCHQ
Cc: cpunks <cypherpunks[at]cpunks.org>
coderman:
[Message above omitted.]
Whoops - thanks!
I'm curious if anyone has yet spotted which well known programs are tied
to OLYMPUSFIRE? I'd guess you probably figured it out, if it is possible
to link it?
The QUANTUM programs are extremely powerful but largely because our systems
are so weak. Imagine if the NSA informed Apple and helped them to fix their
products rather than sabotaging American companies?
All the best,
Jacob
|
