The NSA and its cohorts set up fake Facebook websites, spoof security certificates, secretly record webcam streams, vacuum up everything they can lay their hands on etc.
Meanwhile the CIA coolly wipes hundreds of documents from the machines of those who are investigating it, and when caught, threaten their overseers with criminal charges.
Given the scale of their operations, tens of billions of dollars in budgets and how many years they've been at it (this article essentially talks about what the NSA was doing in 2009), is it now futile to think that govt. agencies around the world can ever be expected to turn the clock back?
I mean, really, is there any possible reality that involves the NSA/GCHQ deleting the mountains of data they have surreptitiously recorded? And unplugging or reversing the hundreds of traps, backdoors, viruses, intercepts, decoys that are aimed at common citizens?
The key to effective political action is getting all the other existing politically active groups to realise that they don't want to do politics under surveillance either. Everyone from the NRA to the NAACP should oppose this.
Talk about guns on the internet? It's trivial to keyword match make and model names, and the NSA can presumably correlate this back to home addresses. They already have the database of who the gun owners are if they were to want to confiscate them.
Remind nonwhite people about the FBI's attempts to blackmail MLK. http://www.theguardian.com/world/2014/jan/07/fbi-office-brea...
Everyone should understand that this infrastructure can and will be used to interfere with domestic politics, not to mention being used to attack democracy abroad (see 20th century South American history). You cannot support a system that is unjust to your enemies and assume smugly that it will never be turned around on you (Diane Feinstein passim).
But, as Huxley was so keen to point out, that's not going to happen when people are staring at Honey Boo Boo and Hollyoaks.
When the Berlin Wall fell, the Stasi began burning and shredding everything they could. German citizens stormed their buildings and much of the documents were saved, so that the crimes of the Stasi could be documented for prosperity.
(And remember in your home and biz life, if you do whole disk encryption, you need to hibernate or shut down to get your disk/data back into its encrypted state.)
The only way to take out a TLA and seize the incriminating data is swiftly and without warning. With warning times on the order of minutes, I don't think this is possible politically or otherwise.
The best we can hope for is to shut them down, and the best we can do afterwards is punish those responsible in absence of specific evidence against them (but I don't think that we have the guts necessary to do that. However as a real-world example of that sort of response, consider the show trial and execution of Nicolae Ceaușescu: http://en.wikipedia.org/wiki/Nicolae_Ceau%C8%99escu)
----->[ good times ]---->[ hard times ] ---> [fascism] --\
We're stuck in a pretty long loop at the moment just verging on hard times.
Edit: the "good times" above is optional.
If you were to start an armed insurrection, the government would be totally justified in ending you. Not a smart decision given today's level of technology. It was through sheer luck that the American revolution worked at all: the British commanders were so incredibly incompetent that they checkmated themselves.
What you have today is an illusion of the freedom and the "equal and impartial justice under the law".
Nope, it's meaningless. What else are they going to say?
"It's exactly what it looks like! We just don't give a fuck about you or your rights, and in fact, we're an important part of the police state springing up all around you. When you're thinking of rebelling, remember we know where you live, where you are, and pretty much everything else about you! Stay in line, peasant!"
That would be fairly accurate, but they're not going to say it. Doesn't the propaganda just keep going anyway, even in North-Korea?
Genuine question: why do hackers and obviously smart persons believe in this cargo-cult "founding fathers" concept? As if some guidelines set by some 18th century guys are the be all end all in running a state or even mean much after centuries of "interpretation" and changing conditions (including technology).
Case in point 1: most of the things people now enjoy, from women's voting to the abolishment of child labor, to work safety laws, to the end of seggregation, were achieved by long, hard, struggles, protests and even martyrs (just like in Europe, for example), and not by some "founding fathers" decree.
Case in point 2: an armed population then was a major counterbalance against a corrupt government, being effective almost at the same level as the government's forces (as evident in tons of revolutions and stuggles around Europe for example). Today? Not so much. So this naive belief on the "right to bear guns" for this purpose is mostly BS cargo-cult.
However this idea of restrictions placed on a democracy to keep the majority from oppressing minorities is worthless without actual rules. How do you perform the initial population of this set of specially privileged rules then?
Think of it like a problem of bootstrapping trust. A pure democracy cannot be trusted (as a pure democracy trivially allows/enables the oppression of minorities), but non-pure democracies must be conceived and implemented somehow. Can you trust a constitutional democracy that was created by a pure democracy? Arguably no, since the pure democracy cannot be trusted. Can you trust a constitutional democracy that was created by a small set of arbitrary people? Again arguably no, since arbitrary people pulled from the general population wouldn't be any more trustworthy than a pure democracy. Can you trust a constitutional democracy created by a small set of particular people? If you trust those particular people, then perhaps you can trust the constitutional democracy created by them.
People want to trust their government, which leads to them wanting to trust in broad terms the general concepts and ideas that this particular founding group had.
Personally I think it's all shit. A constitutional democracy does not resolve the tyranny of the masses, it only pretends to. Democracy itself is nothing more than "might makes right" combined with a primitive notion of MAD (with anarchy and civil war being the boogieman, rather than nuclear war). Constitutional democracy is good for little more than lying to ourselves to make ourselves feel better about democracy.
I view the current situation as not unlike being locked in a hotel room. In the main room is a hungry tiger. In the bathroom, is a pissed off cobra. You're locked in there so you have to pick your poison, but the last thing you want to do is mistake "the worst choice, but better than the alternative" with a satisfactory situation. I don't have a better suggestion than democracies, but that sure as hell doesn't mean that I trust democracies. I'll sleep with the cobra (with one eye open), but I sure as hell won't praise the merits of sleeping with a cobra just because that tiger looks hungry.
When a "geek" or systemically-thinking person wakes up politically, having realized that much is going deeply wrong, the first thing he or she is likely to do is to consult the founding documents which most of us were taught in civics class or for our various merit badges comprise the guide and inspiration for our civil governance. Seeing obvious departures from the design, it is not hard to seize onto the idea that to correct things we merely need to return to the design and follow the rules. Indeed that might improve things.
The difficulty of the various struggles to implement substantial changes is hardly an indictment of the system laid out by the founding fathers. Conservatism is the rule. It is wise to temper the passions of the people for radical changes which they may press to address temporary needs. The ultimate success of campaigns to extend suffrage, abolish child labor, end slavery and segregation, and even to rollback prohibition testify to the effectiveness of the system devised. It presumably worked as intended in those instances. It failed to prevent a war between the states, the death of 600,000 men, and much other injustice in more recent times.
One can find much wisdom and value in the writings, thinking and dialog that went on at the founding of the United States and surely a measure of nonsense too. It seems clear however leaders of that time sought to grapple with the problems of governance and cooperation sincerely and with a great deal of intellect and ability. They treated these issues as matters of vital importance in a way that seems quaint and removed from our decadent era -- that is unless you live in one of the many countries lacking material comforts, safety and political stability.
The problems they sought to address have not changed much since then. Human beings are what they are, technology not withstanding.
America is and remains an experiment on many levels. Ben Franklin's remark coming out of the constitutional convention about "A republic, madam, if you can keep it" is relevant today. This surveillance business could be the end of it. So could imperial overstretch and fiscal profligacy precipitating a collapse. Its also possible that the very different demographics of the country two and a half centuries after its founding render it simply ungovernable in the way or fashion imagined by the founders.
With particular regard to the Constitution and its merits, I believe I paraphrase Lysander Spooner in saying, it either has failed to prevent tyranny or in fact provides for it. If it is so, then the verdict would be the same either way. I am not certain I have better proposition but I do not have a blind faith that in order to cure our ills all we need to do is exhibit greater fidelity to the Constitution.
And we all know how effective that technology is at ending all those pesky terrorists with their zip guns and IEDs...
A key problem I see, that I used to have, and learned from my mistake, is that the checks and balances system works.
Yes, you see the executive branch overstepping its bounds. Lots of people getting picked up. However, the judicial branch is finding the charges untenable.
It's not easy nor automatic, and costs a lot of time and research and arguing, but those amendments are still pretty damn strong. Arguments directly to them are handled in the Supreme Court all the time.
There are some dings against the 4th as of late, but don't give up and invest the time and research and arguments. Put your focus on the judicial branch and increase their power to put down bad behavior by the executive branch.
also, Brennan was sworn in on the consitutions without the bill of rights
Those people have been indoctrinated since birth to see us as evil invaders. Some of their religions have baked in the idea that it's good to die in order to kill invaders. And we've sometimes acted like an evil invader. (See Blackwater atrocities, etc.) It's an invalid comparison because our population isn't motivated in the same way.
It's easy to become disheartened with the current state of affairs, but history has shown that ignoring reality doesn't work. Setting aside the question of ethics, the reality is that an armed revolution in America probably can't happen. And besides, there are plenty of other options to explore.
It doesn't take religion or "indoctrination since birth" for people to see an invading army as evil - it just takes an invasion.
If your country were occupied by foreign armies, you might want to fight back too - or at least you shouldn't be surprised if others do.
Blackwater!? That we were there at all was an invasion based on a lie and a tragedy of convenience. 9/11, strong connection to Afghanistan and a Saudi/Yemen family ... let's invade Iraq! I think we're still searching for the real weapons of mass destruction in Iraq.
There is no terrorist. The system, the agents of the USG have won the coup on freedom.
They now exist only to preserve their power, and this is the reason why apologists for the deep state are worse than fools
Consider Mr. Putin's past as an example.
If you work with government, you'll observe this first hand. The second echelons of management that are "professional" staff run the day to day operations, and can often bend or break political directives.
Poison the routing tables.
Jam the wireless.
Take out root DNS.
I cringe slightly at quoting Firefly but it's similar in nature: "If your quarry goes to ground, leave no ground to go to."
How do you know r0h1n is doing this for free?
 Such as it is physically impossible or prohibitively expensive.
For now it's probably useful to concentrate upon emphasising how illegal/unconstitutional all of the above activity is and that the buck has to stop somewhere. Someone has to be held accountable.
Also, they don't "vacuum up everything they can lay their hands on." According to this article, they exploit on the order of tens of thousands of systems and have a control system to pull data and recordings from targeted users.
Though I disagree with some of their methods, they are not vacuuming up everything they can get their hands on by a long shot, and spreading ggp's view distracts from solving the problems with what they are doing.
Cut the crap.
* XKeyscore: NSA tool collects 'nearly everything a user does on the internet' 
* NSA collecting phone records of millions of Verizon customers daily 
* NSA taps Skype chats, newly published Snowden leaks confirm 
* NSA collects millions of text messages daily in 'untargeted' global sweep 
* Optic Nerve: millions of Yahoo webcam images intercepted by GCHQ 
> Sweeps up emails, social media activity and browsing history
XKeystore isn't a data collection program. It is a system for retrieving data and metadata already collected through data collection programs like PRISM.
I mentioned the Verizon program in my previous post. As I said, it is one of only two NSA domestic bulk collection programs that Snowden's documents have revealed, and it's the only one that is ongoing.
* The Skype chat collection is targeted, not bulk, according to Snowden's documents.
* The SMS program neither contains domestic data nor contains SMSes written by people. According to the document, it contains only automated SMSes. You're right about this one being bulk collection. I meant to write "bulk domestic data collection," and I didn't, so you are right that what I said was wrong. I didn't mean to mislead, only to correct the lunatics who continue to assert the government is doing things it is not, making the rest of us US privacy advocates look crazy by association.
* Optic Nerve is neither an NSA program nor does it contain domestic data. It contains data from Yahoo webcam traffic passing through the UK's borders according to the documents.
You'll note the NSA statement on this program was very carefully worked:
The NSA declined to respond to specific queries about its access to the Optic Nerve system, the presence of US citizens' data in such systems, or whether the NSA has similar bulk-collection programs.
However, NSA spokeswoman Vanee Vines said the agency did not ask foreign partners such as GCHQ to collect intelligence the agency could not legally collect itself.
A suspicious person might wonder why the spokesperson said the NSA "did not ask foreign partners" for intelligence it could not legally collect itself. Perhaps it is because they don't need to ask? We already know that intelligence sharing between the five eyes is very open (eg GCHQ used XKeystore to run the Yahoo program somehow), so it seems likely that the NSA has access to GCHQ intelligence on US citizens without asking for it.
I'm not entirely sure why your acknowledgement of the phone metadata tapping program makes it less of an issue, either!
Pointing out that I already mentioned the call log collection doesn't make that collection any less of an issue, but that's not why I pointed it out. The context is earlier in the thread.
They will: it costs a lot of money to keep data alive.
And it is a shame, NSA data for research purpose should be put under the UNO protection:
- it holds lower bits of informations interlaced with the "big data" like how flu is propagating;
- we could analyse causality chains and propagation of ideas (the impact of culture);
- we could see corruptions effects, measure it and decide if it worths the price;
- we can record the variation and evolution of natural langage/style;
These data are a treasure, the should be opened after X years, but for economic reason, they will be deleted.
Ah, so that's the NSA's game.
Every single one of these vulnerabilities could be seen as a backdoor, except Microsoft can have plausible deniability, since they are not actually putting a backdoor in the OS themselves - they're "just telling NSA about the vulnerabilities that exist".
If something like CISPA passes, which NSA keeps pushing for, this capability will expand dramatically, as all companies will be forced to give these vulnerabilities to NSA, but not to "protect us" and for cyber "security", as they keep claiming when they try to promote laws like these, but for offense. They will hoard every single one of them, and then use them in such automated systems to infect millions of computers.
Microsoft gets information about vulnerabilities from the same sources as everyone else. They outspend every other software vendor by something like 4:1 on outside software security consultants. If they are in a privileged position regarding WinAPI software vulnerabilities at all, it is a marginally privileged position. No security person working at Microsoft would tell you they were confident that outsiders weren't holding severe, exploitable vulnerabilities back.
NSA, meanwhile, is as competent at sourcing vulnerabilities as any organization on the planet. They have internal research teams that generate them that are presumably competitive with any private research team, and they apparently purchase vulnerabilities like everyone else --- not from Microsoft, but from research teams that sell vulnerabilities.
Microsoft gives pre-release information about vulnerabilities to lots of different organizations; for instance, the IDS and network security vendors get pre-release info to create signatures. This program is, IIRC, over a decade old.
NSA is a dual-role organization; it also houses the USG's center for defensive technology expertise. It is the opposite of surprising that NSA would have the same relationship with Microsoft as, say, Symantec would.
Finally, CISPA does nothing resembling what you claimed it does. CISPA is opt-in; it cannot be used to force a company to disclose anything. CISPA is about incident data, not vulnerabilities. It is already lawful to share vulnerability information with the government. The gray area in data sharing is non- anonymized incident data, which can be covered by any of 10+ different regulations that make even IP-level metadata risky to share for collaborative defense.
CISPA is an extraordinarily short bill; you can simply read it instead of taking my word for it.
This is a publicly disclosed, publicly available program. Implying that it's somehow a government conspiracy is lying.
The original email text is unavailable as far as I can see. It of course makes perfect sense that, at least under certain circumstances, and this was the sense of limit inferable from the email, that government agencies should be given the opportunity to assess whether the item being notified about has some security implication.
The claim is made by Bloomberg, by reference to "two unnamed government officials", that Microsoft is aware that such information might be applied for reasons not primarily connected to domestic defensive security. But this is only an unsubstantiated assertion.
The number of potential exploits that are known only to Microsoft at the time of notification to those agencies would be, at a lazy guess, somewhat proportional to their exploit assessment man hours, compared to the overall exploit discovery effort. I would think that would be the much smaller proportion.
"Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;" 
Your message is a red herring; I could debate your conclusions, but what would be the point? I'm sure you've got 10 more red herrings up your sleeve.
To be fair, there is not much daylight between: 'The root comment suggests that Microsoft arranges to provide NSA with vulnerabilities that they deliberately do not patch' and what the Guardian reported about Outlook. At least to me, but I'm not a security expert. Is it not considered a 'vulnerability' if Microsoft hands over the keys so to speak?
Also on a side note, it is rude to call me out like you did. I don't have herrings up my sleeves. I don't care about internet points. I just wanted to contribute more information to the discussion.
I don't doubt it happens, so much as I expect extraordinary claims be backed with extraordinary evidence.
Very frustrating as I work with a Microsoft-oriented company at the moment. Any mention of this to their architectural team results in nothing short of "mwuhahaha you're talking shit". There is some weird universal trust there that really makes no sense at all.
To add insult to injury they don't log, don't have an IDS and don't have a clue stick to hit themselves with.
You can spin it as a secret NSA-program, but I don't think that's very useful as this program does legitimately help a ton of users.
(Not that it really would excuse things, but I'd be very surprised if intelligence agencies don't have people inside companies like Microsoft anyways.)
I've worked for a few large European financial orgs over the years and MS will not disclose issues early to them despite begging and piles of money. We're talking 50k+ employees here.
However DoD connected companies like Lockheed Martin, Boeing and Raytheon are right in there without an invite.
You just get the feeling there's something off when relationships are made like that.
Also, mwuhahaha you're talking shit.
Not impossible for NSA to get in but a lot more difficult.
None, unless you install them and activate them? What sort of desktop distro comes with pre-configured webservers?
It's a lot easier to attack the website running on the server and escalate from there then attack the OS directly.
So the vulnerability would have to be in something that both servers and desktops have in common.
And there's enough people with such a key to choose from: https://www.archlinux.org/master-keys/.
(I run Arch as well, but I have no such illusions of security.)
Edit: not to discredit Linux of FLOSS, at least there is the possibility to analyse the source code.
Where there's a will there's a way especially if you have billions of dollars in funding and the freedom to do so i just aim to make it as difficult as possible.
There's a lot of things you can do to protect you privacy but it all starts with a good choice of OS and hardware.
If the foundation is compromised there's no point in anything else you do to protect your privacy.
Edit: Yes Arch it's not particularly security conscious I choose to compromise some security to stay on the bleeding edge now that could mean that I get some bad code sometimes but that also means that it gets fixed sooner too.
Having a rolling release system that you can mold to your needs is worth it for me.
So it runs on i686 and amd64 only. How do you select "good" hardware?
However since there's no such thing you will have to choose who you trust.
No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.
Perhaps if research were to show that "soldier" could be more broadly interpreted to mean "agent of security," you could really get some momentum going for this line of though. After all, we aren't required to keep other pieces of security enforcement in our homes, such as turrets on the roof controlled by the government.
Keep it up.
Who fights wars on behalf of their governments...
Ok, reasoning is a bit simplistic and technically inaccurate depending on your definition of "war" (congress approved etc.) but I do like hoisting by own petards.
Nowadays, especially from the start of the "War on terror", this distinction has been artificially demolished; one of the consequences is that there is way more leverage to wark around laws (and to do many other nasty things).
So, is the USA at war or not? I suspect (but I'm only 52% certain) that we're not at war.
The follow-on questions (after "are we at war or not?"):
In what state are we? What are the legal ramifications of this half-at-war-state? Why hasn't the US Congress declared war since WW2? Is there some consequence to declaring war or not declaring war that they're trying to avoid?
In particular, Section 2(b)(1): SPECIFIC STATUTORY AUTHORIZATION- Consistent with section 8(a)(1) of the War Powers Resolution, the Congress declares that this section is intended to constitute specific statutory authorization within the meaning of section 5(b) of the War Powers Resolution.
This has been tested under law. Notably, that the US was in a state of war wasn't even considered worth arguing, just if that state of war provided justification for indefinite detention.
Under a certain perspecive, paradoxically, an informal state of war is worse than a formal one, because it's more subtle - it goes under the radar.
There has been a big shift in mindset towards accepting offensive practices as normal, which would not be accepted in a clear state of peace, or at least, which would force a much stronger opposition.
Mass surveillance? It's accepted, we're at war.
Unaccounted (mass) murder of foreign civilians? It's accepted, we're at war.
Torturing suspects? It's accepted, we're at war.
Except, we're not at war.
> Why hasn't the US Congress declared war since WW2? Is there some consequence to declaring war or not declaring war that they're trying to avoid?
Its an outdated concept.
How do you mean "outdated concept"? Are there no more wars? Are their no different legal penalties or obligations during war any more? Because I'm told that the USA has been in wars since 2001 at least. What are the consequences to me, and to my government of outdating an official declaration of war?
Given that the constitution explicitly gives congress "the power to declare war", I'm not sure this is entirely reasonable. That said, I don't think it's unreasonable to say the AUMF count, either.
Seems to be that what's described -- fake servers to watch traffic, turning on a mic to listen, turning on a camera to watch -- are all in spirit extensions of an intel agent sitting at an AT&T operator's switch and plugging into a line to listen to a conversation. Particularly that mic one.
My contention was simply that it doesn't track that malware on a computer is anything like a soldier demanding to use someone's home as a bunk house.
I don't disagree, and IANAL, but there is a case to be made here that the spirit of the Third Amendment is to prevent military, or military-esque actors, from commandeering civilian property. On the other hand, in writing that, I realized there is something called commandeering and there are probably interesting relevant cases to go over to find whether or not that has any sense.
Will all the conspiracy theorists come out of the woodwork, please. We need your help.
1: More efficient representations probably exist. Maybe we are all uniquely indexed in some database cluster in Utah. I'd call it BACON-BINLADIN.
Fuckin' hell. I think we can consider the internet more than owned. More like bent over and pounded.
Wow, finally a limit on what GCHQ thinks that they are allowed to do! Now can the NSA be prosecuted for these actions when done in the UK? #notgonnahappen
I'd welcome that in general! Make the switch open up the camera app directly, and a similar one for the mics; binding it to your phone or recording app, depending on what you prefer.
Make each switch a LED which -if they are- signals ON-state as the screen is turned on or off.
Edit: And incoming call screen would have to reflect the mic being off, in which case flicking the switch would accept the call.
See http://time.com/10115/google-project-ara-modular-smartphone/ and similar projects.
"When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive."
Where is the security hole? My network card? OS? Browser? But then there are so many layers in there. Is it a specially malformed ICMP packet? Or is it a vulnerability in the OS's RPC functions? It's one thing to exploit a vulnerability in Java or Flash, but just using "malicious packets"?
What interests me more, and what the above poster may be asking about is this part: "By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer".
This implies a true drive-by exploit - one not requiring any user interaction. Most of the Windows malware is actually installed by the user - they're tricked into clicking something, thinking it's anti-virus, funny video, "accelerate your internet" or some other innocuous thing. The no-user-action exploits generally have been workable only for plugins, particularly Flash or Java, which the user has allowed to run without any filters.
Like I said in my post and which you echo in your third paragraph, it's one thing to trick users into downloading and running binaries or to exploit a plugin, but it's another thing to imagine malformed packets breaking the security of an entire system.
If 100 people are searching for <insert bad thing here>, the government has actionable surveillance data. If 100 thousand or 10 million are searching for it in ways that are indistinguishable from a human, then that data becomes unreliable and is no longer actionable.
Adding email to this would strike a fatal blow. Someone could figure a way to create a secure layer to inform a client when a given email being sent was fake, and thus suppress it visually. Soon from the government perspective everyone would be cheating on their spouses and spouting extremist views and plotting this or that.
This would result in an increase in liberty by proving to the government that it should fear its people, if only because its sophisticated surveillance tools now confirm that all the people are evil.
a) The breadth of the spying, including many, many innocent people.
b) The long-term storage of data, likewise.
c) Deliberate weakening of security standards we all rely upon.
d) The fact it's all happening without democratic debate.
If instead of the above, they threw innocent people's data away, targeted their intrusions, engaged with the democratic mechanisms, and used their expertise to improve internet security, a lot of people would be much happier.
“If we can get the target to visit us in some sort of web
browser, we can probably own them,” an agency hacker boasts
in one secret document. “The only limitation is the ‘how.’”
Can anyone explain why they need to conceal it as a Facebook server? Why is that essential to infecting your computer? Why can't it just send you the malware, and then redirect you to the real Facebook (since their mission is accomplished anyway)?
"TURMOIL", really? Honestly, is this just an elaborate setup for a new bond film or something, this is getting ridiculous.
I've been seeing this pattern a lot in nontechnical news recently, and have always been baffled as to what other kind of server there is (short of some basic network service implemented purely in logic gates, I guess).
In this fast-breaking story, the expression "computer servers" has joined "software program" and "underground tunnel" at the Department of Redundancy Department.
I'm only half joking.
Wake up, sheeple.
My only comfort is knowing that this one will be buried, and this will be my punishment.
Really, how does that work Mikko? You don't even have a copy of any malware to make that statement.
All the hyperbole about how this is somehow unique is really getting old. Exploit kit authors have had shitty PHP web applications that accomplish the same task for ages: manage thousands of bots by grouping them together with a point and click management interface. It sounds like, prior to TURBINE, NSA had a single person tasked to oversee every action taken by hand, which is kind of inefficient if you ask me, so it stands to reason they would try to manage that process with technology.
How do you cool yourself First Look when you're reporting on this in 2014? Jeez.
>All the hyperbole about how this is somehow unique is really getting old.
The issue isn't that the spooks have developed some superweapon. The issue is that they've signaled intent and means to do mass espionage on citizens, not just at the network level, but at the machine level. This is as if your local law enforcement handed out burglars tools to all their officers so they could get into everyone's homes "to check for drugs". "Eh, burglars tools are nothing special" totally misses the point.
The big news is that the most powerful people on the planet are now using the same script-kiddie techniques against the rest of the world, in secret, without oversight, on an industrial scale.
EDIT: Judging from your github account, you appear to be a developer working on a open-source whistleblower platform. Given that the NSA's efforts would likely be focused on the users applications such as yours, do you not find these revelations to be directly relevant to your goals in developing this software?
Unless you're asserting that adding back doors makes a system more secure.
Simple: every process running on a system is a process that can be exploited, especially those processes that involve network communication. The NSA's exploits are processes running on the system they are attacking. They utilize network communications. These processes are open to exploitation by third parties, just like all the other legitimate processes.
"Having or showing the capacity to develop into something in the future"
"Having possibility, capability, or power."
Or in Merrium-Webster:
"expressing possibility ; specifically : of, relating to, or constituting a verb phrase expressing possibility, liberty, or power by the use of an auxiliary with the infinitive of the verb (as in “it may rain”)"
I can see no difficulty in the authors expression of the idea of possibility.
When phones are found to have close 'relationships' with phones that have at least at one point been used by 'baddies', sometimes the computer decides that the phone must be executed. It prints out an order, which is passed up the line to the President. The President rubber stamps the order. The order goes back down the line and eventually finds it's way back to the computer. The computer, using the before mentioned drones, locates that phone and informs a drone operator. The drone operator then tells the drone to execute that phone, and any people who may happen to be in the area with it. The drone carries out the execution.
Nothing but a bureaucratic skynet.