User Tools

Site Tools


nsa_and_gchq

NSA And GCHQ

(via @ioerror and Der Spiegel)

Inside TAO: Documents Reveal Top NSA Hacking Unit:

http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html

Part 1: Documents Reveal Top NSA Hacking Unit:

http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html

Part 2: Targeting Mexico:

http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-2.html

Part 3: The NSA's Shadow Network:

http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-3.html

NSA's Secret Toolbox: Unit Offers Spy Gadgets for Every Need:

http://www.spiegel.de/international/world/nsa-secret-toolbox-ant-unit-offers-spy-gadgets-for-every-need-a-941006.html

Shopping for Spy Gear: Catalog Advertises NSA Toolbox:

http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html

Interactive Graphic: The NSA's Spy Catalog:

http://www.spiegel.de/international/world/a-941262.html

Neue Dokumente: Der geheime Werkzeugkasten der NSA:

http://www.spiegel.de/netzwelt/netzpolitik/neue-dokumente-der-geheime-werkzeugkasten-der-nsa-a-941153.html

NSA-Programm “Quantumtheory”: Wie der US-Geheimdienst weltweit Rechner knackt:

http://www.spiegel.de/netzwelt/netzpolitik/quantumtheory-wie-die-nsa-weltweit-rechner-hackt-a-941149.html

Der Spiegel 1 / 2014:

https://magazin.spiegel.de/digital/index_SP.html#SP/2014/1/124188114 http://www.spiegel.de/spiegel/index-7629.html

TAO slides:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326.html

NSA QUANTUM Tasking Techniques for the R&T Analyst:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329.html

Yahoo! user targeting and attack example with QUANTUM:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-5.html

QUANTUMTHEORY and related QUANTUM programs:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-24.html

If you'd like to detect the QUANTUM INSERT, I suggest reading about the race condition details:

http://www.spiegel.de/fotostrecke/qfire-die-vorwaertsverteidigng-der-nsa-fotostrecke-105358-15.html

Details about the Man-On-The-Side with QUANTUM:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-3.html

QFIRE (NSA-Geheimdokumente: “Vorwärtsverteidigung” mit QFIRE), TURMOIL, TURBINE, TURBULENCE:

http://www.spiegel.de/fotostrecke/qfire-die-vorwaersverteidigng-der-nsa-fotostrecke-105358.html

MARINA:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-15.html

More MARINA details:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-21.html

Catalog of equipment covering around ~50 programs:

http://www.spiegel.de/netzwelt/netzpolitik/interaktive-grafik-hier-sitzen-die-spaeh-werkzeuge-der-nsa-a-941030.html

Other slides covering FOXACID and more:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-2.html

NSA QUANTUMTHEORY capabilities list:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-11.html

GCHQ QUANTUMTHEORY capabilities list:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-12.html

OLYMPUSFIRE:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-14.html

VALIDATOR:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-13.html

An overview of all of these articles is available in German:

http://www.spiegel.de/netzwelt/netzpolitik/quantumtheory-wie-die-nsa-weltweit-rechner-hackt-a-941149.html

Earlier this week, I also recently gave a talk titled “To Protect and Infect: part two” at CCC's 30C3. In the talk I explain a number of these topics - the video is a reasonable complement to the above stories:

https://www.youtube.com/watch?v=b0w36GAyZIA

There are quite a few news articles and most of them have focused on the iPhone backdoor known as DROPOUTJEEP - they largely miss the big picture asserting that the NSA needs physical access. This is a misunderstanding. The way that the NSA and GCHQ compromise devices with QUANTUMNATION does not require physical access - that is merely one way to compromise an iPhone. Generally the NSA and GCHQ compromise the phone through the network using QUANTUM/QUANTUMNATION/QUANTUMTHEORY related attack capabilities.

An example of a vulnerable Apple user is shown:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329-24.html

“note: QUANTUMNATION and standard QUANTUM tasking results in the same exploitation technique. The main difference is QUANTUNATION deploys a state 0 implant and is able to be submitted by the TOPI. Any ios device will always get VALIDATOR deployed.”

They're not talking about Cisco in that slide, I assure you.

Details on VALIDATOR:

http://www.spiegel.de/fotostrecke/nsa-dokumente-so-knackt-der-geheimdienst-internetkonten-fotostrecke-105326-13.html

Welcome to 2014!

nsa_and_gchq.txt · Last modified: 2014/01/06 12:26 by nik