50 votes

Ever buy a laptop computer online? Prepare to be shocked.

As reported by Der Spiegel, via The Verge

According to a new report from Der Spiegel based on internal NSA documents, the signals intelligence agency's elite hacking unit (TAO) is able to conduct sophisticated wiretaps in ways that make Hollywood fantasy look more like reality. The report indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access.

While the report does not indicate the scope of the program, or who the NSA is targeting with such wiretaps, it's a unique look at the agency's collaborative efforts with the broader intelligence community to gain hard access to communications equipment. One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it's a USB "hardware implant" that secretly provides the NSA with remote access to the compromised machine

Continue at The Verge



Trending on the Web

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

I'll be the first to say it.

If they're doing this, then what's stopping them from putting this "malware" in the computers in-stores? It's the same concept.

First thoughts: Re-install Windows on your new computer when you get it, but that won't protect against hardware implementation unless you switch OSs that the hardware was intended for.

I could very easily detect (by sight) foreign hardware on a desktop, but not on a laptop.

ABOLISH the NSA

Dismantle the COG system altogether. Abolish FEMA , DHS, TSA

Abolish Washington

The whole place is evil.

Ok, so what do we do about it?

Two simple statements...

Technology is great, but itself, making more advancement possible than anyone ever dreamed of not that long ago.

The governments of the world are co-opting it in their favor, making the latest tech into a conundrum.

So, do I stop using the technology or do I stop them from these evil games? I prefer the latter, although I don't have a workable solution to it yet. Any help?

build your own (or have someone build it for you that you trust)

desktop that is.

as far as laptops. use older ones? or buy them in stores?

I always wondered

why they won't give you a copy of the OS with your machine.

I guess so you can't wipe the disk and start over.

Next they will require MSFT to include a virus and threaten them with jail if they tell anyone.

For our safety - yeah.

Richard Stallman's laptop

http://www.lemote.com/en/products/Notebook/2010/0310/112.html

Looks to be quite slow but with a open/free BIOS.

Check out http://ronpaulforums.com for activism and news.

Build your own computer

I reccommend to everyone with a little bit of know-how to build your own computer. That way, you can replace parts as they break or become too outdated. It'll save you money. The same could be done for laptops, but it's much more complicated because most people don't interchange parts for them the way they do desktops and they don't follow as strict of hardware standards.

The article says that even if you build it in parts

the ordering online is the problem. That is where they start messing with people's systems by hacking and messing with their computer parts.

The more this keeps happening the more I dont' want to be online

I think I will need a second, totally offline, computer for most personal stuff. God these NSA jerks are really screwing up the world and driving me to want to go back to the good old days where I only need to worry about phone wiretaps.

The NSA Can Hack Offline Computers Too

http://dailycaller.com/2014/01/15/report-nsa-uses-radio-wave...

The latest secret National Security Agency Surveillance program leaked by former contractor Edward Snowden reveal the agency has infected nearly 100,000 computers with software that allows them to hack and conduct cyber attacks via radio waves.

The New York Times reports the agency installs the majority of its software by infiltrating computer networks, but also makes use of a secret technology that gives the agency the ability to manipulate data on computers not connected to the Internet.

A hardware program called ANT uses small circuit boards and USB devices physically inserted into computers by manufacturers, spies or unwitting users to send and receive signals on a secret radio channel to and from briefcase-size transmitters from miles away.

Read the rest at:
http://dailycaller.com/2014/01/15/report-nsa-uses-radio-wave...

"laptops or other computer

"laptops or other computer accessories" o_o

Thanks VU!

If you are a criminal and

If you are a criminal and have tons of resources, you will develop many ways to steal property from the house: 1) duplicate keys 2) entry through basement 3) breaking the window 4) impersonation of service man. Opportunities are limitless if you have imagination.

NSA and many more organizations act the same way. They have so called "legal" avenues to get your data. They also have illegal avenues to get your data.

It is a key principle in the intelligence business: if you manage information flow you, then, want it to come via multiple independent channels.

Engage in Secure Exchange

This is nothing

If you are NOT running Linux, you should assume ALL of your computer's files and info historically are stored with the NSA. I work with technology. I don't know it's that bad for sure, but I can say it's quite possible, so imagine the worst. Secret NSA keys have been found embedded in the Windows operating system:

http://www.zerohedge.com/news/2013-07-09/nsa-has-inserted-it...

It has been shown by Snowden companies like Microsoft and Google basically bend over for the NSA. The only way to really protect your privacy, where you know your info is safe is use completely open source software like Linux, and strong encryption for communications if/when necessary. Here is a DP Linux thread to get you started:

http://www.dailypaul.com/306264/the-power-of-linux

Open source, encrypted software

sure worked great for that dork from Harvard....not

http://www.businessinsider.com/harvard-student-used-tor-for-...

When a true genius appears in the world, you may know him by this sign: that the dunces are all in confederacy against him. ~J. Swift

They didn't

break any encryption or software in this case.

Similar to the reason "Dread Pirate Roberts" the Silk Road operator got caught was not due to tracking Bitcoin or breaking Tor. They caught him using old fashioned police work (he left prior forum posts that linked his identity). If you read the article you'll see Harvard SAW that the suspect entered the Tor network using Harvard's wireless network in the time leading up to the threatening emails, that's what put investigators on his heels.

You have to KNOW HOW TO USE the technology I mentioned correctly. I should have probably said that, but when you do it works.

No, this is actually

No, this is actually something.

The article describes secret hardware modifications during travel to the point of delivery. Hardware, not software. Hardware you may be unable to detect. I think your trust in Linux is misplaced. These organizations are embedded in the open source communities also. Do not kid yourself.

My trust

in Linux is not misplaced. In fact Snowden himself gave similar advice to what I did. He says things like encryption and Tor do work when used correctly.

What I'm saying is the way software works, for the NSA to get it to do what they want they have to manipulate the software. With closed source software, like Windows for example, that's pretty easy. They can insert secret code which nobody will discover (actually somebody DID discover a secret NSA Windows key). With open source code the chance somebody will discover malicious code is practically guaranteed given enough time (typically less than a yr depending what it is).

I'm talking about blanket surveillance. If the NSA is after you directly, then yes if they infiltrate your bedroom and can access any of your hardware directly anything is possible, all bets are off then.

EDIT: here is a NSA article from a security expert, basically saying what I did http://www.theguardian.com/world/2013/sep/05/nsa-how-to-rema...

Online only? Doubt it.

Assume that all MS Windows machines have software backdoors and all laptop hardware since about 2000 has hardware direct from the factory.

This story makes it sound like there's a limit. Assume there is none.

Why do people continually ignore or discount History?

Leaders' spying on their own population is never for public safety. It's for crushing dissent.

Former head of one of the more infamous departments of the infamous East German secret police, the Stasi, Wolfgang Schmit says “It is the height of naivete to think that once collected this information won’t be used.”

http://www.mcclatchydc.com/2013/06/26/195045/memories-of-sta...

When a true genius appears in the world, you may know him by this sign: that the dunces are all in confederacy against him. ~J. Swift

I know! How people can even

I know! How people can even dare to think this is ok is inexcusable. I'm really tired of the "oh, I got nothing to worry about. Who cares if someone sees my porn viewing history? hee yuck yuck hehehe" statements I'm seeing from people. Why we assume the government should be trusted to not abuse power is beyond me. Our government is awesome because it gives us so much power to keep it in check. Unfortunately, at some point in our history we started thinking our government could do no wrong and we stopped exercising our authority over it.

Insane.

I just finished reading the story at Der Spiegel

http://www.spiegel.de/international/world/the-nsa-uses-power...

Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

Holy Fack!

Fack is right! Wonder how the

Fack is right!

Wonder how the courts will rationalize this.

Same way they rationalize anything.

9/11

They hate us for our freedoms, so, if we don't have any freedoms, they won't hate us anymore. No Freedom = No Hate = No Terrorism!

:) That was a bit of a

You know, that's beautiful.

I can't wait for the next time I am in a discussion about why terrorists attack us to use that as a counter.

That was my reaction also.

That was my reaction also.