11 votes

Details On NSA-QUANTUM Advanced Targeting Through Hacking Program

https://medium.com/p/bb8816e88d86

We’ve learned a bit more about the NSA’s QUANTUM program, their technique that turned the Internet backbone into a weapon. The agreement with Sweden to test QUANTUM attacks has formalized the terms somewhat: a “tip” is a redirection, while a successful “shot” is an exploitation. Out of 100 tips in their experimental deployment, this generated only 5 shots. Now either this experiment didn’t use a very good exploit, so only 5% of attempted victims were vulnerable, or tips represented just preliminary targeting, and only 5% of the possible victims were deemed worthy of attack.

The Internet is now a very dangerous place: all unencrypted traffic is a potential attack vector! The NSA, by their broad hacking, has painted a huge target on our backs. Targets that, for anyone who wants to, they can illuminate and attack.



Trending on the Web

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Desensitized

I keep feeing our entire society is extremely de-sensitized. To the point that unless highways get shutdown, there are Fed thugs with machine guns & killer dogs going door to door, they won't wake up from a slumber. Wait, they already did that in Watertown-Boston & people cheered with "USA! USA!! USA!!!".

What's next, until all ATM machines get shutdown they won't wakeup from a slumber? And till then keep throwing out misguided insults like "racist Teabaggers", "Teatards" to people who're trying to rein in NSA, out of control debt, Obamacare & fascist state?

I might be in a pessimistic mood as I write this. But I feel this society has become so de-sensitized like the Romans, that it doesn't make a difference how many more incremental NSA stories keep getting released. The heathens will line up outside Walmarts on Black Fridays to buy spyware XBox devices on debt & say "I don't care if they spy thru XBoxes to keep the country safe. I have nothing to hide & just want to play my NFL game on XBox."

Immoral funding of Military Industrial Complex by Federal Reserve and US taxation system must stop!!!! End illegal/unconstitutional wars! Preserve US currency!
http://facebook.com/NoPropagandaZone
http://twitter.com/the_chiefe71

> all unencrypted traffic is

> all unencrypted traffic is a potential attack vector!

More like, all traffic is a potential attack vector!

I've seen exploitable vulnerabilities in encryption software itself. Multiple times!

First they need to acquire position on the network to inject traffic to you. Or they can lure you to something they control. There are numerous indirect ways to mess with infrastructure protocols such as BGP and DNS to accomplish this without having to trick you into taking action such as clicking on their link.

Then they can identify the exact version of software you're using, and respond with an exploit for some unpatched or non-public vulnerability.

Then you're owned. The vulnerability could very well be in your VPN client or SSL library.

Ive seen apps and programs

Ive seen apps and programs out there that has the capability, for instance, that can change the user agent of a browser, so barring that they dont have other means to identify the browser(not limited to browsers i think), that is not known AND patched, potent8ally, you could for instance, try and trick them into using exploits for a, lets say, windows version, when in actual fact your using a linux version......i dont see this a end all be all to security, but more of LAYERS of security, one i hope we see more devs get into.......ohce these things get applied, and well distributed and many users, i think, defensive security, wise, it would improve, with versions, with better understandings, once you get to a point after the frenzy to try and plug every hole, we'd finally get a robust security, hopefully, then after that, i think devs would be on the alert for signs of breaches or unintended behaviours, nsa and other agencies have had years to create dozens of programs/exploits etc etc, if we manage to plug them, they become obsolete, and we give our selves a better ppaying field, as it seems unlikely that they'd magicly find the same amount of xploits over those years, in the space of lets say weeks maybe months, not when the public COULDCbe prepared for them, obviously im discounting very clever hacks and xploits that could go undetectable...........i really wish to see dev mentality go in this direction, those that sniff and understand traffic on their network, those who can view logs and see something both unexpected and suspicious, you know what i mean

Anyway, thankyou for the most welcomed post, i always like to see technicalities explained in laymans terms, we get a better understanding as time goes on, you kinda educate, and thats really appriated mini ron :)

Version detection by bebavior is very robust

There is a well established technique to passively fingerprint operating systems by looking at the subtle behavior of the TCP/IP stack. It can be spoofed, but boy is it a lot more difficult than you'd think.

Browser version string can be changed, but preventing someone from who can query your DOM with Javascript is neigh impossible. And if you don't let remote sites run Javascript in your browser you can't use the modern web.

> Anyway, thankyou for the most welcomed post, i always like to see technicalities explained in laymans terms

Always happy to share!

> nsa and other agencies have had years to create dozens of programs/exploits etc etc, if we manage to plug them

NSA probably has *tens of thousands* of ready exploits. The scope of the field is so vast, the layman sees a single snowflake on the tip of an enormous iceburg. The layman literally cannot comprehend the size and scope of this problem. It's like when astronomers speak of billions of years and millions of light years. It's meaningless to us.

I'm not a top researcher in the field or anything, but I've followed it and worked in it for almost 20 years now. I know quite a number of the people who are the real leaders and through them I learn of many things that are never reported. I've personally seen state sponsored malware, known about the internet surveillance infrastructure *first hand* for more than a decade. We are in serious trouble.

I really hope the intelligence guys running this stuff think past how awesome it is to own stuff... think past that amazing rush of seeing your code execute on the compromised system for the first time... and really think through the long term consequences that follow.

Canada, .....i like your

Canada, .....i like your style(literacy).

Its like reading a favorite book, to the point, and subjects i am very interested in
i look forward to hearing your perspective in this god forsaken situation, should you be inclined offcourse........hhhmm ......be inclined :)

edit
P.S sorry you had to suffer through that original reply, once again i am reminded WHY, i constantly remind, myself......that i need to, PROOF READ ........um......myyyyyyyyy.....???mmmmm?...sss--elf(i did good, yes?!:), nah
need to get a keyboard methinks

edit 2
edits up the wazzooo on this one, kinda feels like i made up for the last one.........yep, definatly feels like i made up for the last one
Still, its all probably a cluster fuck of sentences and letters to most except me, i feel obligated to apoligize to the grammer folks out there :)!

Thank you gomez

It's nice to hear that you find my opinion worth reading! I've noticed your posts on technology issues as well.

As a native English speaker who can't carry a real conversation in any other language, I feel obliged to do my best. If you want to improve try using Google to double check words you're not sure of and use the edit feature to correct mistakes after saving. There's no need to announce edits unless the edit is substantial. I view spelling and grammar edits after the fact as a courtesy to the reader.

Vulny List

When can we start a running list of known sec vulnies?

Is there a list started somewhere already? (besides the obvious ones...)

Oh, and if you'd like to get

Oh, and if you'd like to get a sense of what it is to test an application, check out Common Criteria.

Asking for a vuln list is kind of equivalent to a cave man asking for the list of parts to a fighter jet. No offense. It's just a realistic comparison of the scope of the capability gap.

cve.mitre.org is the most

cve.mitre.org is the most complete. The spooks are rumored to have tens of thousands that they privately know about.

You know... MITRE.

"The MITRE Corporation is a not-for-profit company that operates multiple federally funded research and development centers (FFRDCs).

We take on some of our nation's most critical challenges and provide innovative, practical solutions."

Sweden

Also see:

http://www.dailypaul.com/307765/explosive-documentary-about-...

Immoral funding of Military Industrial Complex by Federal Reserve and US taxation system must stop!!!! End illegal/unconstitutional wars! Preserve US currency!
http://facebook.com/NoPropagandaZone
http://twitter.com/the_chiefe71