Tag Archive: BackDoor Access


This Malware Can Hijack A Drone In Seconds

 

 

 

 

 

” If the White House wants to keep drones off the lawn, they might want to give Rahul Sasi a call. He’s developing malware that can hijack a drone in just a few short seconds.

  He calls his malware (fittingly enough) Maldrone, and it doesn’t gain control over its victims the way that previously-demonstrated attacks do. Most others have leveraged the APIs — like the one provided by Parrot for developers who want to tinker with their AR Drones — to do the hijacking.

  But a “Parrot drone is a toy,” Rahul says, and he went to work on an attack that was a bit more generic, able to wreak havoc on multitudes of drones regardless of whether or not the manufacturer exposes anything via an API. Maldrone is the result, and it’s impressive even though it’s very much a work in progress.”

 

    Read more about Maldrone here . In other drone news , DJI has upgraded their firmware creating a 15.5 mile radius no-fly zone around Washington DC .

 

 

 

 

 

 

 

 

 

 

 

 

 

Protect Firefox Browser From The U.S. Government, Says Mozilla Exec

 

 

” Among the issues that President Obama did not address in his lukewarm call for “reform” of NSA spying practices are allegations that U.S. government officials have used their clout to compromise encryption technology and strongarm companies into inserting backdoors into their technology. That’s not a small issue, because it gives the NSA and other agencies access to vast quantities of information at least as sensitive as what they gather from sucking up phone meta data. Last week, even before the president’s speech, Brendan Eich, the Chief Technology Officer of Mozilla, the organization behind the Firefox Web browser, called on the public to help resist such threats.

Wrote Eich in a blog post:

As a result of laws in the US and elsewhere, prudent users must interact with Internet services knowing that despite how much any cloud-service company wants to protect privacy, at the end of the day most big companies must comply with the law. The government can legally access user data in ways that might violate the privacy expectations of law-abiding users. Worse, the government may force service operators to enable surveillance (something that seems to have happened in the Lavabit case).”

 

 

 

 

 

 

 

 

Spying On Americans Before 9/11: NSA Built Back Door In All Windows Software By 1999

 

 

” In researching the stunning pervasiveness of spying by the government (it’s much more wide spread than you’ve heard even now), we ran across the fact that the FBI wants software programmers to install a backdoor in all software.

Digging a little further, we found a 1999 article by leading European computer publication Heise which noted that the NSA had already built a backdoor into all Windows software:

A careless mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA “help information”trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren [an expert in computer security]. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.”

 

 

 

 

 

 

Government Says Secret Court Opinion on Law Underlying PRISM Program Needs to Stay Secret

 

 

 

” In a rare public filing in the secret Foreign Intelligence Surveillance Court (FISC), the Justice Department today urged continued secrecy for a 2011 FISC opinion finding government surveillance to be unconstitutional.  Significantly, the activities at issue were carried out under the controversial legal authority that underlies the National Security Agency’s recently-revealed PRISM program.

EFF filed a suit under the Freedom of Information Act in August 2012, seeking disclosure of the FISC ruling.  Sens. Ron Wyden and Mark Udall revealed the existence of the opinion, which found that collection activities under FISA Section 702  “circumvented the spirit of the law” and violated the Fourth Amendment’s prohibition on unreasonable searches and seizures. But, at the time, the Senators were not permitted to discuss the details publicly. Section 702 has taken on new importance this week, as it appears to form the basis for the extensive PRISM surveillance program reported recently in the Guardian and the Washington Post.”

 

 

 

 

 

 

 

 

 

 

 

 

U.S., British Intelligence Mining Data From Nine U.S. Internet Companies In Broad Secret Program

 

 

 

 

” The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

London’s Guardian newspaper reported Friday that GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA.

According to documents obtained by The Guardian, PRISM would appear to allow GCHQ to circumvent the formal legal process required in Britain to seek personal material such as emails, photos and videos from an internet company based outside of the country.”

 

 

Despite the spate of corporate denials it would appear that they are all willing participants … shame .

 

 

In exchange for immunity from lawsuits, companies such as Yahoo and AOL are obliged to accept a “directive” from the attorney general and the director of national intelligence to open their servers to the FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA. In 2008, Congress gave the Justice Department authority for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company “to comply.”

In practice, there is room for a company to maneuver, delay or resist. When a clandestine intelligence program meets a highly regulated industry, said a lawyer with experience in bridging the gaps, neither side wants to risk a public fight. The engineering problems are so immense, in systems of such complexity and frequent change, that the FBI and NSA would be hard pressed to build in back doors without active help from each company.

 

The money quote …

 

As it is written, there is nothing to prohibit the intelligence community from searching through a pile of communications, which may have been incidentally or accidentally been collected without a warrant, to deliberately search for the phone calls or e-mails of specific Americans,” Udall said.

 

 

 

Related:

Google CEO Larry Page On PRISM: ‘What The…?’

Apple: ‘We Have Never Heard Of PRISM’

Dissecting Big Tech’s Denial of Involvement in NSA’s PRISM …

Google and Facebook Double Down on Prism Denials

PRISM’s NSA fallout: Apple, Google, Facebook issue denials …

Evolution Of The PRISM Denials: This May Be Why They Seem …

Apple, Google, Facebook, Yahoo, Microsoft, Paltalk, AOL issue …

Liberal England: PRISM: Should we believe the internet companies …

 

 

 

 

 

 

 

 

—-