SoylentNews is people
SoylentNews
Lisa Rein writes in the Washington Post that a new government review of what the Chinese hack of sensitive security clearance files of 21 million people means for national security is in — and some of the implications are quite grave. According to the Congressional Research Service, covert intelligence officers and their operations could be exposed and high-resolution fingerprints could be copied by criminals. Some suspect that the Chinese government may build a database of U.S. government employees that could help identify U.S. officials and their roles or that could help target individuals to gain access to additional systems or information. National security concerns include whether hackers could have obtained information that could help them identify clandestine and covert officers and operations (PDF).
CRS says that if the fingerprints in the background investigation files are of high enough quality, "depending on whose hands the fingerprints come into, they could be used for criminal or counterintelligence purposes." Fingerprints also could be trafficked on the black market for profit — or used to blow the covers of spies and other covert and clandestine officers, the research service found. And if they're compromised, fingerprints can't be reissued like a new credit card, the report says, making "recovery from the breach more challenging for some."
(Score: 2) by takyon on Thursday July 30 2015, @12:19PM
Traceroute is not the only means of authenticating an attacker. For example they could be looking at the vulnerabilities used and comparing them to other attackers. Given that the govt collects its own zero-days and pals around with Hacking Team, it's not much of a stretch.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by Yog-Yogguth on Thursday July 30 2015, @05:55PM
True but contrast that to Clapper's statement (or the “details” in the Congress-whatever “report”): it's obvious they have nothing of the sort, Clapper wouldn't be timid or shy (don't try to imagine that or you'll lose your bowels in both directions) and they're all in desperate need for “success” hence all the faked bs they push out which doesn't stand up to scrutiny.
It could genuinely be someone in China or the Chinese government —I have no way of knowing— but there is nothing at all which corroborates that. It could also be the work of a well hydrated Inuit in Sahara, that's equally plausible. Combine that with the fact that Clapper is a known liar (to Congress none the less thus a liar unto liars: it's liars all the way down/up) thus the entirely baseless claim of a “Chinese” hack should be openly ridiculed and derided and the sources of such statements spat upon with great big gobs of phlegm by everyone, bonus points if it's from orbit :) (it would need to be a really big gob to survive reentry).
Hacking Team has no credibility to lend to anything (nor does Clapper and the US government), not even if the hypothetical should turn out to be true because “discovery by zero-day” is no different to and undistinguishable from “faked discovery by zero-day”.
By the way have the bodies of dead Hacking Team members started to wash up on shores yet? I've been a bit under the weather and catching up on old news (as always) and there's /a lot/ of people out there expecting their deaths and/or warning them to “disappear”. Wonder if any of them have anything up their sleeve to try to save themselves, or maybe that would only guarantee them a slower and much more painful death?
N.B. I also read that Schneier now somehow is somewhat convinced North Korea did the Sony hack even though there's still no evidence. I call bullshit on that too: all it means is that there has been a lot of pressure and massaging of the message going on to make unsupported claims into “truths”. That's how it works when done “right”, we know that, it is documented by Snowden (and of course the idea is much older and has been used in more overt manner for hundreds if not thousands of years; it used to be called propaganda).
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))