

 Inside TAO: Documents Reveal Top NSA Hacking Unit - Suraj-Sun
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html

======
tptacek
For whatever it's worth it to any of you to know this, TAO is one of the worst
kept secrets in infosec. As I understand it, there are several active, well-
regarded software security experts on Twitter that come from TAO. There are
even conspiracy theories that some of them still work for TAO as industry
sleepers. If you had asked a software security person 5 years ago to name an
NSA hacking program, there's a decent chance some of them would have said
"TAO".

~~~
rl3
Out of curiosity, do you ever give pause when looking to hire people with that
type of background? If they are hired, are some projects off-limits to them?

I know those sound like loaded questions, but they seem relevant if you have
clients that are adverse to being targeted by the NSA. These days, mainstream
companies like Google and Yahoo would arguably qualify.

On the other hand, I imagine employees with that type of background would be
very beneficial in context of government and defense industry contracts.

------
malandrew
This information now justifies having shipments sealed in a way that shows
that they have been tampered with. Any foreign entity ordering goods from
these companies now has an incentive to visit the shipping location and place
their own identifying tape (that is frequently changed) on the packaged
equipment and possibly GPS tracking devices on the shipment as well to be able
to determine if they are diverted away from a reasonable shipping path to make
unscheduled stops.

I would love to see someone start performing a large scale analysis of
shipping paths using GPS tracking devices to create algorithms that flag
certain shipping paths as anomalous. Offering services and creating products
that guarantee shipping security is now a legitimate market to create a
startup for.

~~~
a3n
> I would love to see someone start performing a large scale analysis of
> shipping paths using GPS tracking devices to create algorithms that flag
> certain shipping paths as anomalous.

And maybe that will be the nature of the first solutions or mitigations for
this breakdown. Not tamper-proof, but tamper-evident, in the physical and
digital worlds. You could then at least judge whether you should continue to
trust the delivered item and/or its delivery path.

Total Information Awareness for the little guy.

------
vxxzy
They actually use the their sniffing capabilities to capture error reports
sent by windows... Then use that info to target the machine. What an
advantage.

~~~
caf
Yes, I think this must be the most interesting part of the report:

    
    
      In one internal graphic, they replaced the text of 
      Microsoft's original error message with one of their own 
      reading, "This information may be intercepted by a 
      foreign sigint system to gather detailed information and 
      better exploit your machine."
    

Does Microsoft's error reporting mechanism even use SSL?

~~~
MacsHeadroom
Do you think the NSA doesn't either have Microsoft's private certs or has
broke then already? I can't be bothered to find a source right now, but they
already have all MS source code- so there's that too.

~~~
caf
Why would I ask the question if I thought that they certainly _didn 't_ have
those private keys?

It is an interesting question regardless - can anyone at my ISP read these
error reports, too?

------
caf

      The technique can literally be a race between servers, one
      that is described in internal intelligence agency jargon
      with phrases like: "Wait for client to initiate new
      connection," "Shoot!" and "Hope to beat server-to-client 
      response."
    

It would be interesting to build a tool that watches out for duplicate-but-
different SYN/ACK and DNS answers.

~~~
X4
What would be much much more interesting is to see the wall ONE of the HN
members has made, that connects all the tiny pieces of leaks to a grand
picture. Using the same tools they use to track us, "maths", or topological
data analysis to precisely reveal who, what and how things connect.

If the one amongst us is ready, please post what you collected, I am sure
everybody is as curious to see what there is. It's not just journalists who
study the NSA revelations, but there are also hobbyists or simply some curious
and innocent computer scientists (let's not say hackers here).

~~~
MacsHeadroom
Are you calling someone out, specifically?

If the answer or "yes," don't reply.

------
us0r
UPS, Fedex, DHL and Dell have some explaining to do.

~~~
CamperBob2
"We got a National Security Letter. End of explanation."

~~~
us0r
That has not worked too well for the Internet companies. These guys are just
as guilty in this.

~~~
poolpool
Not worked too well how? No revenue loss. No government penalties. Allowed to
freak out at government spying with righteous anger on behalf of the customer.

I dunno, looks like as a business everyone has made it through a-ok.

~~~
us0r
[http://www.bloomberg.com/news/2013-09-10/nsa-spying-seen-
ris...](http://www.bloomberg.com/news/2013-09-10/nsa-spying-seen-risking-
billions-in-u-s-technology-sales.html)

Clearly your unfamiliar with the rest of the world. They have all pretty much
said your screwing up our business.

~~~
CamperBob2
And you expected them to say...?

~~~
us0r
I don't know but the more billion dollar businesses that are complaining the
more likely something is going to be done (let's not forget who funds
elections). Maybe they gamed Google and Yahoo so well cause their "new"
computers from Apple, Dell or whoever are being routed by UPS or Fedex to them
first. Nothing would be too surprising at this point. Either way they should
and hopefully will get a proper outing and when their names start getting ran
through the press that's going to be xx more pissed off corporations.

~~~
elithrar
> (let's not forget who funds elections)

Defence contractors? Telcos? Hollywood? Pharmaceutical companies?

The big tech companies most of us talk about here are in the minority when it
comes to lobbying, from what I understand.

------
zby
And now Amazon also loses some customers.

~~~
a3n
I think a few defectors from Amazon Prime would be more than made up for by
Amazon's CIA contract(s).

------
codex
It is reassuring to see that the US is not falling behind in the spy vs spy
arms race. Technology is making it easier and easier to conceal conspiracies
or national security initiatives. If applied judiciously, this is a valuable
asset. There is the danger of misuse, as with many US government assets:
nukes, chemical weapons, and guns, to name a few.

~~~
hobs
Maybe someone would espouse this opinion if they were in the military? There
has been no evidence that the USA is falling behind in any spy related
activities, and the article starts with examples of how they were disrupting
residential garage door openers and then goes on to things like exploiting
individuals at a belgium based corp, or the mexican government, a supposed
ally.

Why does this make you reassured?

The potential for misuse when it comes to nukes and chemical weapons also have
the distinct and likely possibility that someone would catch them, this means
that they generally will only use those weapons when it is actually needful.

This technology is very likely impossible to detect by all but the biggest
actors, and therefore has a HUGE potential for abuse. I am NOT reassured.

------
pjaun
Where is the link to the documents?

~~~
rdl
[http://cryptome.org/2013/12/nsa-tao-ant.pdf](http://cryptome.org/2013/12/nsa-
tao-ant.pdf)

------
blahbl4hblahtoo
I don't guess that all of this has been corroborated?

Maybe I'm missing something but all of the stuff in the article and several
things in these threads aren't in the cryptome pdf listed below.

