
Visit the Wrong Website, and the FBI Could End Up in Your Computer (2014) - sndean
https://www.wired.com/2014/08/operation_torpedo/
======
tdy721
The FBI "Could" be in my computer? Imagine that world, one where the man
"might" be spying on you.

~~~
tdy721
To be clear, "The Man" in this case means software.

------
denova
I think I'm totally fine with this. The only issue I can see is whether or not
the warrants to hack these servers are justified. Warrants should be issued
when there's good reason to suspect criminal activity, and if they're issued
to search obviously innocent people then that's wrong, just like all other
warranted searches or spying that don't involve computers or hacking.

~~~
dogma1138
The reason why drive by attacks are so effective is that often you don't even
have to visit the site intentionally. One "trusted" site with some malware can
be used to attack people that never actually intentionally visit it, whether
be by normal content syndication or by the same attackers using exploits in
other sites (content injection) or spamming links, embedding HTML content in
emails etc.

What also is important to note that drive by attacks in most cases exploit
browser vulnerabilities unless the FBI is really stooping so low to basically
run "download codec" or "update flash player" type of phishing attacks that
actually depend on the user downloading and running an executable they'll also
have to maintain a large enough repository of zero day attacks that target
browsers.

Now the problem with "cyber warfare" is that it's basically return to the old
days of throwing rocks, one of the reasons we've switched from rocks to
bullets is not only because bullets are more effective but because the enemy
can't pick up a bullet and shoot it back at you.

When you distribute malware to attack your targets you giving them a rock that
can be just as easily turned on you or anyone else, and considering that at
least some substantial portion of their intended targets are individuals with
sufficient knowledge in computer security to be able to pick up that rock you
are now having the FBI handing out zero days to criminals.

~~~
emmab
> One "trusted" site with some malware can be used to attack people that never
> actually intentionally visit it

The only thing that bothers me about this is that someone could deliberately
embed an iframe of the bugged website similar to a SWATTING attack. So far
that doesn't seem to be happening though?

~~~
dogma1138
It does, or did, browsers are better protected against iframe injection and
various click jacking attacks but it still can happen.

If the FBI has a zero day that doesn't need anything but the content being
loaded by the browser to execute code on the target you can easily spread it
to anyone you like via content injection, email phishing, old school simply
via social media "hey look at this
[http://goo.gl/P!shing"..](http://goo.gl/P!shing"..).

Also since many zero days affect things like flash or the rendering engine it
self and thus could be simply exploited via images or any other embedded
object you could even do it easier by simply adding that png or webm with the
exploit to every forum, blog post, tweet etc.

------
dogma1138
OWASP 2019 A7: cross-site framing.

