The U.S. software weapon would have allowed the spy agency’s hackers to break into potentially millions of Windows computers by exploiting a flaw in how certain versions of Windows implemented a network protocol commonly used to share files and to print.
Source: Leaked NSA Malware Is Helping Hijack Computers Around the World
From: Security Update for Microsoft Windows SMB Server (4013389)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
A security audit of TrueCrypt has determined that the disk encryption software does not contain any backdoors that could be used by the NSA or other surveillance agencies. A report prepared by the NCC Group for Open Crypto Audit Project found that the encryption tool is not vulnerable to being compromised.
via TrueCrypt doesn’t contain NSA backdoors.
The NSA also has “major” problems with Truecrypt, a program for encrypting files on computers. Truecrypt’s developers stopped their work on the program last May, prompting speculation about pressures from government agencies. A protocol called Off-the-Record (OTR) for encrypting instant messaging in an end-to-end encryption process also seems to cause the NSA major problems. Both are programs whose source code can be viewed, modified, shared and used by anyone. Experts agree it is far more difficult for intelligence agencies to manipulate open source software programs than many of the closed systems developed by companies like Apple and Microsoft. Since anyone can view free and open source software, it becomes difficult to insert secret back doors without it being noticed.
via Inside the NSA’s War on Internet Security – SPIEGEL ONLINE.
I do not know precisely what this means, as I have no contact with the developers anymore: but this is what was agreed upon.
They should no longer be trusted, their binaries should not be executed, their site should be considered compromised, and their key should be treated as revoked. It may be that they have been approached by an aggressive intelligence agency or NSLed, but I don’t know for sure.
While the source of 7.2 does not appear to my eyes to be backdoored, other than obviously not supporting encryption anymore, I have not analysed the binary and distrust it. It shouldn’t be distributed or executed.
via TrueCrypt Website Says To Switch To BitLocker – Slashdot.
From: TrueCrypt Final Release Repository
TrueCrypt’s formal code audit will continue as planned. Then the code will be forked, the product’s license restructured, and it will evolve. The name will be changed because the developers wish to preserve the integrity of the name they have built. They won’t allow their name to continue without them. But the world will get some future version, that runs on future operating systems, and future mass storage systems.
There will be continuity . . . as an interesting new chapter of Internet lore is born.
The letter follows new revelations, including photos, published in a book based on documents leaked by former NSA contractor Edward Snowden alleging that the NSA intercepted equipment from Cisco and other manufacturers and loaded them with surveillance software. The photos, which have not been independently verified, appear to show NSA technicians working with Cisco equipment. Cisco is not said to have cooperated in the NSA’s efforts.
via In Letter to Obama, Cisco CEO Complains About NSA Allegations | Re/code.
But while American companies were being warned away from supposedly untrustworthy Chinese routers, foreign organisations would have been well advised to beware of American-made ones. A June 2010 report from the head of the ‘s Access and Target Development department is shockingly explicit. The NSA routinely receives – or intercepts – routers, servers, and other computer network devices being exported from the US before they are delivered to the international customers.
via Glenn Greenwald: how the NSA tampers with US-made internet routers | World news | The Guardian.
William Plummer, a senior Huawei executive in the United States, said the company had no idea it was an N.S.A. target, adding that in his personal opinion, “The irony is that exactly what they are doing to us is what they have always charged that the Chinese are doing through us.”
via N.S.A. Breached Chinese Servers Seen as Security Threat – NYTimes.com.
Rather than go through the bureaucratic fight to move the attack logic into “system low” (and co-located on the wiretap), the NSA sought to work around it in the case of QUANTUMHAND. Instead of targeting just any web connection for exploitation, it targeted persistent “push” connections from Facebook, where a user’s browser would leave an idle connection open, waiting for a command from the server.
This way, even the slow, broken, classified architecture could exploit Facebook users. Sadly for NSA and GCHQ (and FSB, and DGSE, and every other spy agency), Facebook turned on encryption a few months ago, which should thwart this attack.
via A Close Look at the NSA’s Most Powerful Internet Attack Tool | Wired Opinion | Wired.com.
The biggest limitation on QUANTUM is location: The attacker must be able to see a request which identifies the target. Since the same techniques can work on a Wi-Fi network, a $50 Raspberry Pi, located in a Foggy Bottom Starbucks, can provide any country, big and small, with a little window of QUANTUM exploitation. A foreign government can perform the QUANTUM attack NSA-style wherever your traffic passes through their country.
The RFI has been posted to the Federal Business Opportunities site that lists federal government procurement opportunities. The government is looking for information on whether commercially available services can, among other things, provide secure storage and high availability to U.S. telephone metadata records for a sufficient period of time, and ensure that there are no unauthorized queries of the database and no data is provided to the government without proper authorization.
via US seeks information on industry ability to hold bulk phone data | ITworld.
As I know many of you know Huawei were investigated by the American Congress and we were given a “clean bill of health”. Well as journalists and analysts said “lots of ifs buts and maybe’s but no evidence of wrongdoing”, or my favourite “a report for vegetarians, no meat”, so in my definition no evidence of wrongdoing is a clean bill of health. Based on this lack of evidence of any wrongdoing, the American Congress said that Huawei should not be allowed into America, so based on all of these revelations, and there will be many more on America, should all other Governments ban American technology companies, especially Cisco and Juniper given their position in critical infrastructures?
via PRISM: Backtracking, justifications, and the shitty shoe shuffle, but how will the world respond? – John Suffolk.