DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 19th January 2015
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,583
Default The Digital Arms Race: NSA Preps America for Future Battle

From http://www.spiegel.de/international/...a-1013409.html :

Quote:
The NSA's mass surveillance is just the beginning. Documents from Edward Snowden show that the intelligence agency is arming America for future digital wars -- a struggle for control of the Internet that is already well underway.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 23rd January 2015
shep shep is offline
Real Name: Scott
Arp Constable
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 1,325
Default

In the above article there are links to a report on a backdoor in the portable version of OpenSSH. It would be interesting from the standpoint of the validity of the document to see if the exploit of 2007 (date of report) has since been recognized/corrected.
Reply With Quote
  #3   (View Single Post)  
Old 23rd January 2015
ibara's Avatar
ibara ibara is offline
Brought VNs to OpenBSD
 
Join Date: Jan 2014
Posts: 721
Default

What you linked to is nothing more than a hacked binary on one single machine. Someone would have to go install that hacked binary on your machine. There is nothing to "recognize" or "correct."

Please see:
http://marc.info/?l=openbsd-misc&m=142153459330039&w=2
https://news.ycombinator.com/item?id=8905581
Reply With Quote
  #4   (View Single Post)  
Old 23rd January 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,865
Default

shep, please take a few minutes to read the actual report (as published in Der Spiegel) describing the steps taken to create the modified daemon. It wasn't simple, as there were many double-checks that had to be bypassed or evaded.

Note that this was intended for use by Tailored Access Operations (TAO), who are focused on specific targets. Whether it was deployed in the field is not mentioned in this particular SIGINT report.

Hope that helps.
Reply With Quote
  #5   (View Single Post)  
Old 24th January 2015
shep shep is offline
Real Name: Scott
Arp Constable
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 1,325
Default

I did not mean to imply that OpenSSH had been compromised. What impressed me was the time line, from 2007, the targets and lastly, the reporting employees account about how much fun New Zealand and Tasmania were.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Chrome only future for Flash on Linux J65nko News 7 24th February 2012 12:53 AM
Applied Micro leaps ahead in ARM server race J65nko News 0 30th October 2011 01:51 AM
UNIVAC: the troubled life of America's first computer J65nko News 0 19th September 2011 10:53 PM
ARM vet: The CPU's future is threatened J65nko News 0 20th August 2011 08:53 PM
FreeBSD 8.1/7.3 vm.pmap kernel local race condition bryn1u FreeBSD Security 0 7th September 2010 08:12 PM


All times are GMT. The time now is 10:02 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick