Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Saturday October 21 2017, @11:50PM   Printer-friendly
from the def-protect($target): dept.

Submitted via IRC for TheMightyBuzzard

Canada's Communications Security Establishment (CSE) agency announced this week that the source code for one of its malware detection and analysis tools has been made public.

The Python-based tool released as open source by the spy agency is named Assemblyline and it was created within the CSE's Cyber Defence program. The organization says this is one of the tools it uses to protect the country's computer systems against advanced cyber threats.

Assemblyline allows defenders to automate the analysis of malicious files. The analysis process, which has been compared to a conveyor belt, involves assigning a unique identifier to files as they travel through the system, looking for signs of malicious functionality and extracting features for further analysis, generating alerts for malicious files and assigning them a score, and sending data to other protection systems so that identified threats can be neutralized.

[...] The CSE is not the only spy agency to release open source tools. Last year, the UK's Government Communications Headquarters (GCHQ) made available CyberChef, a tool that allows both technical and non-technical people to analyze encryption, compression and decompression, and data formats.

Assemblyline source code

Source: Canada's CSE Spy Agency Releases Malware Analysis Tool


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 1) by https on Sunday October 22 2017, @01:34AM

    by https (5248) on Sunday October 22 2017, @01:34AM (#585841) Journal

    Someone named a repository tool after the digital equivalent of a black hole.

    --
    Offended and laughing about it.
  • (Score: 0, Troll) by Runaway1956 on Sunday October 22 2017, @02:55AM (6 children)

    by Runaway1956 (2926) Subscriber Badge on Sunday October 22 2017, @02:55AM (#585852) Journal

    Now they've stolen and released Canada's Top Secret Protection Tools, and made it look like Canada is at fault!! Or something like that. We're just gonna have to nuke Russia.

    • (Score: 5, Insightful) by c0lo on Sunday October 22 2017, @03:44AM (5 children)

      by c0lo (156) Subscriber Badge on Sunday October 22 2017, @03:44AM (#585860) Journal

      We're just gonna have to nuke Russia.

      There's a problem with jesting like that: it trivialize the topic to the point of accepting it as normal.

      I'm already seeing AC-es here suggesting that US should show the world who's the master, do you really want this?

      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
      • (Score: 2) by Runaway1956 on Sunday October 22 2017, @06:21AM (4 children)

        by Runaway1956 (2926) Subscriber Badge on Sunday October 22 2017, @06:21AM (#585888) Journal

        Ehhh - AC's are kinda like me - they're going to do whatever they are going to do.

        I suppose a wee bit of background is in order. At work, we have this nutso guy in charge of our department. He's all the time telling us stupid shit, and even stupider shit that he wants us to do. His every order has to be evaluated, to decide whether it is rational. Some of my fellow workers just do what they're told, sometimes I do, sometimes I don't. When they comment on my - uhhh - lack of obedience, shall we say, I have a standard response. "Runaway is going to do whatever Runaway does."

        A for instance would be, working a weekend. All the rest of the people can get off work, go home, get some sleep (or drugs, or whatever) then come back to work. Me? I work third shift. Boss says it's "mandatory" that everyone work Saturday. Sometimes, I clock out at 7:30, sometimes I work an hour or two, sometimes, I might stay till noon. But, Runaway does whatever the hell he's going to do, and pays little mind to the nut in charge.

        So, Anonymous Coward and I have something in common.

        • (Score: 2) by c0lo on Sunday October 22 2017, @09:57AM (2 children)

          by c0lo (156) Subscriber Badge on Sunday October 22 2017, @09:57AM (#585914) Journal

          Ehhh - AC's are kinda like me - they're going to do whatever they are going to do.

          You can lead a horse to water...

          --
          https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
          • (Score: 2) by Runaway1956 on Sunday October 22 2017, @10:31AM (1 child)

            by Runaway1956 (2926) Subscriber Badge on Sunday October 22 2017, @10:31AM (#585925) Journal

            "You can lead a horse to water..." but if you take your eyes off of him, he'll drink your beer.

            • (Score: 2) by c0lo on Sunday October 22 2017, @12:13PM

              by c0lo (156) Subscriber Badge on Sunday October 22 2017, @12:13PM (#585939) Journal

              but if you take your eyes off of him, he'll drink your beer.

              Surprise... that's a vodka

              --
              https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
        • (Score: 2) by captain normal on Monday October 23 2017, @12:13AM

          by captain normal (2205) on Monday October 23 2017, @12:13AM (#586096)

          "...we have this nutso guy in charge of our department. He's all the time telling us stupid shit, and even stupider shit that he wants us to do. His every order has to be evaluated, to decide whether it is rational."
          What?...You work in the White House? Does explain a lot.

          --
          When life isn't going right, go left.
  • (Score: 3, Interesting) by c0lo on Sunday October 22 2017, @03:39AM (5 children)

    by c0lo (156) Subscriber Badge on Sunday October 22 2017, @03:39AM (#585857) Journal

    The Canadian spy agency seems to concentrate on defence first.
    Unlike NSA, preferring to shoot itself in the foot first (and ask questions later).

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
    • (Score: 4, Informative) by Anonymous Coward on Sunday October 22 2017, @04:41AM (2 children)

      by Anonymous Coward on Sunday October 22 2017, @04:41AM (#585869)

      CSE works hand-in-glove with the NSA and GCHQ, the leaders of the spy-on-all-citizens movement. Do we really trust software from any of that crew?

      • (Score: 0) by Anonymous Coward on Sunday October 22 2017, @08:39AM

        by Anonymous Coward on Sunday October 22 2017, @08:39AM (#585901)
        Yes, Canada is, along with the US, UK, New Zealand, and Australia, part of the Five Eyes [wikipedia.org].
      • (Score: 4, Interesting) by c0lo on Sunday October 22 2017, @09:55AM

        by c0lo (156) Subscriber Badge on Sunday October 22 2017, @09:55AM (#585913) Journal

        Do we really trust software from any of that crew?

        Is open-source, it's Python, one can verify if it is to be trusted or not.

        Did you know SELinux is an NSA creation? It has been accepted as "trust-able enough" and adopted in all major distributions - based on functionality and availability of source code.
        On the other side, new cryptography standards advanced by NSA were rejected by allied crypto experts [sky.com]

        --
        https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
    • (Score: 2) by davester666 on Sunday October 22 2017, @09:29AM (1 child)

      by davester666 (155) on Sunday October 22 2017, @09:29AM (#585909)

      Not really. The CSE is just as determined to have a file on every Canadian citizen as the NSA is doing on every US citizen, even though in both cases it's illegal.

      • (Score: 3, Insightful) by c0lo on Sunday October 22 2017, @09:43AM

        by c0lo (156) Subscriber Badge on Sunday October 22 2017, @09:43AM (#585910) Journal

        The "file on each citizen" is one issue, the preference to defence first, offence second is something different.

        --
        https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(1)