Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.
posted by janrinok on Friday February 28 2014, @10:30PM   Printer-friendly
from the It's-not-illegal-if-governments-do-it dept.

AnonTechie writes:

"A surprising number of governments are now deploying their own custom malware and the end result could be chaos for the rest of us, F-Secure's malware chief Mikko Hypponen told the TrustyCon ( https://www.trustycon.org/ ) conference in San Francisco on Thursday.

'Governments writing viruses: today we sort of take that for granted but 10 years ago that would have been science fiction,' he told the public conference. 'If someone had come to me ten years ago and told me that by 2014 it will be commonplace for democratic Western governments to write viruses and actively deploy them against other governments, even friendly governments, I would have thought it was a movie plot. But that's exactly where we are today.'

http://www.scmagazine.com/trustycon-malware-expert -mikko-hypponen-kicks-off-conference-on-trust/arti cle/336089/"

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: -1, Offtopic) by Anonymous Coward on Friday February 28 2014, @10:34PM

    by Anonymous Coward on Friday February 28 2014, @10:34PM (#8848)

    Fat Porn Pidgeon of the day.

    • (Score: -1, Offtopic) by mrider on Friday February 28 2014, @10:42PM

      by mrider (3252) on Friday February 28 2014, @10:42PM (#8854)

      Is it plucked and covered with hot mullet?

      --

      Doctor: "Do you hear voices?"

      Me: "Only when my bluetooth is charged."

    • (Score: -1, Offtopic) by Anonymous Coward on Friday February 28 2014, @11:28PM

      by Anonymous Coward on Friday February 28 2014, @11:28PM (#8884)

      Congratulations on your first post sir. Unfortunately, your pathetic troll life has probably peaked, and it will be all downhill from this moment forward.

      • (Score: -1, Offtopic) by Anonymous Coward on Saturday March 01 2014, @01:24AM

        by Anonymous Coward on Saturday March 01 2014, @01:24AM (#8922)

        Thankyou for the congratulations, which will serve as encouragement for trolls everywhere.

  • (Score: 5, Interesting) by mrider on Friday February 28 2014, @10:37PM

    by mrider (3252) on Friday February 28 2014, @10:37PM (#8851)

    Not because GNU/Linux (or BSD, or etcetera) is "immune" to viruses (virii?), but because my Debian box is so different than another person's Gentoo box, or Slack box, or BSD, or whatever, that the government would nearly have to tailor the malware just for me.

    Whatever roadblocks I can put up are good so far as I'm concerned.

    --

    Doctor: "Do you hear voices?"

    Me: "Only when my bluetooth is charged."

    • (Score: 5, Funny) by mrbluze on Friday February 28 2014, @10:42PM

      by mrbluze (49) on Friday February 28 2014, @10:42PM (#8853) Journal

      No, they just hire a guy to grow a beard around his neck and make code commits that someone else writes for him, get him to a position of power, and then put malware into the kernel.

      --
      Do it yourself, 'cause no one else will do it yourself.
      • (Score: 5, Funny) by mrider on Friday February 28 2014, @10:48PM

        by mrider (3252) on Friday February 28 2014, @10:48PM (#8859)

        And then wait three years until that code makes it onto my box (running Debian stable). :)

        --

        Doctor: "Do you hear voices?"

        Me: "Only when my bluetooth is charged."

    • (Score: 4, Insightful) by crutchy on Friday February 28 2014, @10:50PM

      by crutchy (179) on Friday February 28 2014, @10:50PM (#8860) Homepage Journal

      there may be lots of different distributions and configurations, but the kernel is a common weak point (single point of failure).
      and torvalds is only one human living in the united states... he is not immune from manipulation by the government (i hear waterboarding can be convincing)

      • (Score: 1) by mrider on Friday February 28 2014, @11:24PM

        by mrider (3252) on Friday February 28 2014, @11:24PM (#8882)

        True. But unless the kernel is vulnerable to a remote exploit, then almost certainly the delivery mechanism that would work for you wouldn't work for me.

        --

        Doctor: "Do you hear voices?"

        Me: "Only when my bluetooth is charged."

        • (Score: 2, Insightful) by crutchy on Saturday March 01 2014, @01:18AM

          by crutchy (179) on Saturday March 01 2014, @01:18AM (#8919) Homepage Journal

          probably, but i doubt most linux users would review kernel source changes before updating, so if torvalds opted to insert some kind of remote exploit into the kernel (thanks to some friendly "enhanced interrogation" techniques) most would have no idea. a lot would, particularly the core kernel devs, but no doubt they would be targeted too in that scenario.

        • (Score: 4, Interesting) by Anonymous Coward on Saturday March 01 2014, @01:31AM

          by Anonymous Coward on Saturday March 01 2014, @01:31AM (#8924)

          The malware is in the hardware microcode. No amount of OS safeguarding will prevent a government organization taking over the hypervisor you never knew was running on your Intel CPU.

          • (Score: 2) by SMI on Saturday March 01 2014, @03:22AM

            by SMI (333) on Saturday March 01 2014, @03:22AM (#8948)

            I'm interested to know more, if you have any reference material. I checked the links in TFS, but didn't find anything. I'm about to buy a new laptop, and full virtualization support in the CPU is one of my requirements. Unfortunately, there isn't much available with an AMD chip these days, not even in the custom laptops I've looked at.

      • (Score: 2, Insightful) by DNied on Friday February 28 2014, @11:56PM

        by DNied (3409) on Friday February 28 2014, @11:56PM (#8895)

        there may be lots of different distributions and configurations, but the kernel is a common weak point (single point of failure).

        Not only that, but the core userland is pretty much the same stuff across Linux distros, with minimal customization.

        It would be an incredibly lucky coincidence if those slight distro-specific tweaks would somehow end up neutralizing the exact piece of malware to reach your machine.

      • (Score: 4, Insightful) by Runaway1956 on Saturday March 01 2014, @03:20AM

        by Runaway1956 (2926) Subscriber Badge on Saturday March 01 2014, @03:20AM (#8946) Journal

        The kernel isn't the single point of failure that you think. Just because I might run Debian doesn't mean that I am necessarily running a kernel packaged and released by Debian. We can, and some of us do, "roll out own" kernels. An exploit that exists on one Debian box, may not exist on another Debian box. And, of course, there are differences between distros. The paranoid who compiles all of his own software from source may share some vulnerabilities with the larger community, or he may even introduce some unique vulnerabilities, but you can't count on much or anything.

        --
        “I have become friends with many school shooters” - Tampon Tim Walz
      • (Score: 5, Insightful) by TheLink on Saturday March 01 2014, @04:09AM

        by TheLink (332) on Saturday March 01 2014, @04:09AM (#8961) Journal

        And you don't need to infect the kernel at all. All you need are "zero days" on common browsers/clients(IM etc) or common plugins (many Governments can MITM you if you're in their territory or they really really want to). Then the malware gets in and sets itself up to keep running - at, crontab, sneaky aliases, etc.

        Very few Linux users run their browsers using other accounts or sandbox their browsers (and do check if your sandbox is tight enough for such a scenario - the last I checked years ago Ubuntu's default apparmor browser sandbox was rather loose- but I've given up on Ubuntu for desktop stuff any more so I'm not bothered).

        So even if kernel or privilege escalation exploits would be nice, there's no need in most cases. The user's stuff- email, keys, IM, browser cache (for frame jobs and other stuff), etc would all be accessible already.

        There may be lots of different distros and configuration but in my experience writing cross platform stuff for linux and unix platforms (BSD, Solaris, AIX etc) a perl script can cope with most of that (one issue is SSL support across all those distros, but if you don't care about encrypting all your channels with SSL that's not a big problem- and even then there are usually workarounds with cli http clients).

        TIMTOWTDI is great for writing malware too ;).

      • (Score: 3, Interesting) by sjames on Saturday March 01 2014, @07:08AM

        by sjames (2882) on Saturday March 01 2014, @07:08AM (#9003) Journal

        The kernel isn't as interesting as it used to be. Getting the BIOS to run an exploit inside SMM or the BMC would be more interesting. Some BMCs have a JTAG connection to the system. This is especially dangerous since the BMC shares the main system's network port.

    • (Score: 5, Informative) by stormwyrm on Friday February 28 2014, @11:02PM

      by stormwyrm (717) on Friday February 28 2014, @11:02PM (#8867) Journal

      The proper plural of virus is viruses. If it were a Latin word, as in words like radius -> radii, 'virii' would rather be the second declension masculine plural of the non-existent word 'virius'. There is no attested classical Latin plural form for 'virus' (meaning 'poison' or 'venom'), as it was considered a mass noun, and even if there were one, it would most likely have been considered a second declension neuter noun, whose nominative plural would rather be 'vira'.

      --
      Numquam ponenda est pluralitas sine necessitate.
      • (Score: 1) by seandiggity on Friday February 28 2014, @11:11PM

        by seandiggity (639) on Friday February 28 2014, @11:11PM (#8874) Homepage

        Erasmus, is that you?

      • (Score: 2) by mrbluze on Saturday March 01 2014, @01:33AM

        by mrbluze (49) on Saturday March 01 2014, @01:33AM (#8926) Journal

        Viridae, actually.

        --
        Do it yourself, 'cause no one else will do it yourself.
        • (Score: 0) by Anonymous Coward on Saturday March 01 2014, @02:03AM

          by Anonymous Coward on Saturday March 01 2014, @02:03AM (#8929)

          The -idae suffix does not form a Latin plural, but is a formation from Greek (from εἶδος) that means 'in the form of', and is used in taxonomy to denote subclasses and families.

      • (Score: 0) by krishnoid on Saturday March 01 2014, @01:40AM

        by krishnoid (1156) on Saturday March 01 2014, @01:40AM (#8927)

        blah blah blah ...
          it would most likely have been considered a second declension neuter noun, blah blah blah 'vira'.

        'Vira' it is, then. Thanks for clarifying that -- I'll be sure to start using it with the security people I know.

    • (Score: 1, Insightful) by Anonymous Coward on Friday February 28 2014, @11:08PM

      by Anonymous Coward on Friday February 28 2014, @11:08PM (#8872)

      No, virii is Latin for "men".

      The correct English word is "viruses".

      On top of that, I would like to see us discontinue the use of Latin plurals in English. It's not 1500 anymore

      • (Score: 0) by Anonymous Coward on Saturday March 01 2014, @07:27AM

        by Anonymous Coward on Saturday March 01 2014, @07:27AM (#9007)
        Pompeii!
    • (Score: 2, Informative) by Asshole on Friday February 28 2014, @11:17PM

      by Asshole (159) on Friday February 28 2014, @11:17PM (#8876)

      If you remember this video http://www.youtube.com/watch?v=vILAlhwUgIU [youtube.com] then you know that Windows, OSX, Linux, and Freebsd are all compromised by NSA. So if you want to be truly safe, you should use OpenBSD.

      • (Score: 4, Insightful) by Runaway1956 on Saturday March 01 2014, @03:32AM

        by Runaway1956 (2926) Subscriber Badge on Saturday March 01 2014, @03:32AM (#8951) Journal

        *sigh*

        Understand, I'm not finding fault with you or your link. But, I was hoping to see a three to ten minute video, from which I might learn something. An hour long video is just to much. I bookmark these links, but I just never get back to them. Got anything similar that summarizes the presentation? "Executive summary" so to speak?

        And, before anyone asks, no, I don't watch Hollyweird movies. It's not a question of trading off some pointlessly spent time with the television to watch this video.

        --
        “I have become friends with many school shooters” - Tampon Tim Walz
        • (Score: 1) by Asshole on Saturday March 01 2014, @09:52PM

          by Asshole (159) on Saturday March 01 2014, @09:52PM (#9247)

          This is the only summary I could quickly find.
          http://tech.fortune.cnn.com/2013/12/31/apple-nsa-a ppelbaum-spiegel/ [cnn.com]
          Everything else is either a full transcript or does not cover enough of the talk.

          • (Score: 1) by Runaway1956 on Sunday March 02 2014, @05:56AM

            by Runaway1956 (2926) Subscriber Badge on Sunday March 02 2014, @05:56AM (#9418) Journal

            Thank you for that. I've just emailed my son with links to this discussion, the video, and the article you supplied just now. His life is at least as active as mine - but he may actually watch the entire video.

            --
            “I have become friends with many school shooters” - Tampon Tim Walz
    • (Score: 1) by mrider on Friday February 28 2014, @11:53PM

      by mrider (3252) on Friday February 28 2014, @11:53PM (#8893)

      To all of you that keep replying that the vulnerability can be hiding inside the kernel - or whatever - you miss the point. Unless my box is remotely exploitable, how do you deliver the virus? I almost certainly don't have the same vulnerability vectors as you.

      --

      Doctor: "Do you hear voices?"

      Me: "Only when my bluetooth is charged."

      • (Score: 5, Informative) by HiThere on Saturday March 01 2014, @12:03AM

        by HiThere (866) Subscriber Badge on Saturday March 01 2014, @12:03AM (#8898) Journal

        Well, Flash is a crossplatform delivery vector, and it appears that HTML5 will also be one. So is Java. I'm not sure about JavaScript, but with a few extensions (common) it probably is.

        It's true that the item delivered will need to be configured to run under your system, but if you're on the web, you can probably be compromised. If not this year, then next year.

        --
        Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
        • (Score: 3, Interesting) by mrider on Saturday March 01 2014, @12:10AM

          by mrider (3252) on Saturday March 01 2014, @12:10AM (#8900)

          Well, Flash is a crossplatform delivery vector, and it appears that HTML5 will also be one.

          Noscript.

           

          So is Java.

          Not installed.

           

          I'm not sure about JavaScript, but with a few extensions (common) it probably is.

          Noscript.

           

          It's true that the item delivered will need to be configured to run under your system, but if you're on the web, you can probably be compromised. If not this year, then next year.

          Undoubtedly. But you see what I mean about how my computer isn't standard?

          --

          Doctor: "Do you hear voices?"

          Me: "Only when my bluetooth is charged."

          • (Score: 3, Insightful) by tibman on Saturday March 01 2014, @12:38AM

            by tibman (134) Subscriber Badge on Saturday March 01 2014, @12:38AM (#8911)

            I use noscript as well and run FF within a sandboxie container. In linux i just use FF and don't really care.

            What do you do when you want to buy something? Constantly run into problems because the site you are buying from is actually using 3rd party services. None of those are whitelisted and die horribly. Adding them to the whitelist causes data to be resent and could cause an error : /

            --
            SN won't survive on lurkers alone. Write comments.
            • (Score: 4, Informative) by SMI on Saturday March 01 2014, @06:22AM

              by SMI (333) on Saturday March 01 2014, @06:22AM (#8985)

              I use (among other things) NoScript and RequestPolicy [mozilla.org], and when I want to buy something, of course I make sure to be aware of what is being allowed (both temporarily and permanently) and what is being blocked. In other words, I buy things online all the time and haven't had any problems or double charges. If a person doesn't understand how to use a chainsaw, that isn't the chainsaw's fault.

              • (Score: 1) by tibman on Sunday March 02 2014, @08:33AM

                by tibman (134) Subscriber Badge on Sunday March 02 2014, @08:33AM (#9448)

                I'll take a look at RequestPolicy. You might also like https://www.eff.org/https-everywhere [eff.org]

                --
                SN won't survive on lurkers alone. Write comments.
                • (Score: 2) by SMI on Sunday March 02 2014, @08:40AM

                  by SMI (333) on Sunday March 02 2014, @08:40AM (#9455)

                  Thanks, I'm already [soylentnews.org] using it, though I do appreciate the advice anyway.

          • (Score: 5, Insightful) by Koen on Saturday March 01 2014, @01:06AM

            by Koen (427) on Saturday March 01 2014, @01:06AM (#8916)

            Conclusion: if anybody wants to attack us soylentils (and pipedotters, technocrats & comp.miscfits), NoScript would be the perfect virus vector.

            --
            /. refugees on Usenet: comp.misc [comp.misc]
            • (Score: 0) by Anonymous Coward on Saturday March 01 2014, @07:29AM

              by Anonymous Coward on Saturday March 01 2014, @07:29AM (#9009)

              +1 Insightful, kingdom for mod points, you know the schtick.

      • (Score: 1) by sjames on Saturday March 01 2014, @07:42AM

        by sjames (2882) on Saturday March 01 2014, @07:42AM (#9012) Journal

        You'll get it in the BIOS itself, fresh fropm the factory that REALLY doesn't want to be 'audited'.

  • (Score: 4, Interesting) by strattitarius on Friday February 28 2014, @11:08PM

    by strattitarius (3191) on Friday February 28 2014, @11:08PM (#8871) Journal

    I can't decide if it is a miracle that we are able to live in such (relative) peace, with so many of use wandering the globe in a rather confident sense of security, or if it is a miracle that the greed and hate have not taken over to bring us to a time of nothing more than self preservation.

    Interestingly, the middle-class workers (me) seem to have achieved a pretty high level of securing physical needs only to be completely vulnerable as far as information and security of intellectual property, to include privacy.

    For example, I haven't locked the doors to my house in at least 4-5 years, even while living in one of the largest cities in the US. But I would never use a computer without a password, am paranoid to use facebook, and hate the fact that I am too lazy to run my own personal mail server (not that it would help much because everyone I email has yahoo or gmail).

    --
    Slashdot Beta Sucks. Soylent Alpha Rules. News at 11.
    • (Score: 0) by Anonymous Coward on Friday February 28 2014, @11:41PM

      by Anonymous Coward on Friday February 28 2014, @11:41PM (#8889)

      I haven't locked the doors to my house in at least 4-5 years

      What? Is this common?

      • (Score: 3, Interesting) by Runaway1956 on Saturday March 01 2014, @03:38AM

        by Runaway1956 (2926) Subscriber Badge on Saturday March 01 2014, @03:38AM (#8953) Journal

        I don't even have a key to my front door. I lost mine more than fifteen years ago, and when I thought to ask the wife for hers, she couldn't find it. The back door has a key, which is inserted into the lock, where my son left it when he installed the new door knob. I can't speak for anyone else, but people around here respect a closed door. Those people who don't respect a closed door are going to break in anyway. How hard is it to break a window, after all? Or, to kick in a door. There are plenty of videos on Youtube in which the police demonstrate just how easy it is to break into a house. Locked doors? Phhhtttt!!

        --
        “I have become friends with many school shooters” - Tampon Tim Walz
      • (Score: 1) by cafebabe on Monday March 03 2014, @04:21PM

        by cafebabe (894) on Monday March 03 2014, @04:21PM (#10099) Journal

        When 1/2 the population had a television, stealing a television was worthwhile. Nowadays, poor people have better televisions than rich people. Likewise for microwave ovens, mobile telephones [cellphones], food mixers and almost everything else.

        So, yeah, break in! But what are you gonna steal? Who are you gonna sell it to? For how much? And was it worth it?

        --
        1702845791×2
  • (Score: 3, Insightful) by rts008 on Friday February 28 2014, @11:14PM

    by rts008 (3001) on Friday February 28 2014, @11:14PM (#8875)

    Fiction has always been based on the creator's experiences and viewpoints.

    Reality can sometimes be unimaginable, otherwise we would expect it.

    New experiences means new understanding, unfortunately understanding comes after the fact.