Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 11 submissions in the queue.
posted by on Wednesday April 12 2017, @01:58PM   Printer-friendly
from the look-at-all-the-wonderful-toys dept.

Last August, an unknown group called the Shadow Brokers released a bunch of NSA tools to the public. The common guesses were that the tools were discovered on an external staging server, and that the hack and release was the work of the Russians (back then, that wasn't controversial). This was me:

Okay, so let's think about the game theory here. Some group stole all of this data in 2013 and kept it secret for three years. Now they want the world to know it was stolen. Which governments might behave this way? The obvious list is short: China and Russia. Were I betting, I would bet Russia, and that it's a signal to the Obama Administration: "Before you even think of sanctioning us for the DNC hack, know where we've been and what we can do to you."

They published a second, encrypted, file. My speculation:

They claim to be auctioning off the rest of the data to the highest bidder. I think that's PR nonsense. More likely, that second file is random nonsense, and this is all we're going to get. It's a lot, though.

I was wrong. On November 1, the Shadow Brokers released some more documents, and two days ago they released the key to that original encrypted archive:

EQGRP-Auction-Files is CrDj"(;Va.*NdlnzB9M?@K2)#>deB7mN

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by DannyB on Wednesday April 12 2017, @05:05PM (8 children)

    by DannyB (5839) Subscriber Badge on Wednesday April 12 2017, @05:05PM (#492888) Journal

    Doesn't the NSA and other TLAs have opposing objectives?

    The NSA for example is to collect intelligence signals from foreign sources, and to protect our government signals from interception.

    The NSA uses exploits to get into foreign systems. To protect our systems, vulnerabilities need to be public so that vendors can patch and anti-malware tools can detect and block. These are conflicting objectives.

    Even if the two functions were split into two groups: (1) protect signals, and (2) gather signals; the protect group would constantly be undermining the gather group. And then vice versa: The gather group would get congressional authority to prevent the protect group from publishing certain vulnerabilities because it undermines the mission of gather. We end up with the same problem.

    If I believed that the NSA was working in our national interest, then I would be in favor of the gather mission. As it is, I lean far more in favor of the protect mission. But making our systems secure also means, even with with a delay, making foreign systems more secure.

    --
    Poverty exists not because we cannot feed the poor, but because we cannot satisfy the rich.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by bob_super on Wednesday April 12 2017, @05:45PM

    by bob_super (1357) on Wednesday April 12 2017, @05:45PM (#492926)

    The NSA does spend a lot of time reviewing and advising on security of military electronics.
    People with a Clearance get to know what the NSA found and deems high-risk or not worth keeping secret. They don't know what the NSA keeps to itself, but they can fix more issues than the rest of us (including the other guys).

  • (Score: 0) by Anonymous Coward on Wednesday April 12 2017, @06:04PM (1 child)

    by Anonymous Coward on Wednesday April 12 2017, @06:04PM (#492951)

    and to protect our government signals from interception

    What if the US government signal is communicating with Russia? (grin)

    • (Score: 2) by frojack on Wednesday April 12 2017, @06:21PM

      by frojack (1554) on Wednesday April 12 2017, @06:21PM (#492965) Journal

      What if the US government signal is communicating with Russia? (grin)

      I guarantee that such communications routinely exist and are routinely encrypted. Its SOP since the Eisenhower administration.
      Was there an actual point you were trying to make?

       

      --
      No, you are mistaken. I've always had this sig.
  • (Score: 2) by frojack on Wednesday April 12 2017, @06:48PM (3 children)

    by frojack (1554) on Wednesday April 12 2017, @06:48PM (#492977) Journal

    The NSA uses exploits to get into foreign systems.

    If that were only true, or if it were the only truth, there wouldn't be any controversy.
    But you can't have been paying attention for the last 5 years if you believe this.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 2) by DannyB on Wednesday April 12 2017, @07:46PM (2 children)

      by DannyB (5839) Subscriber Badge on Wednesday April 12 2017, @07:46PM (#493006) Journal

      Are you saying that the NSA had no part at all in either Flame or Stuxnet (and God only knows what else) and that exploits / vulnerabilities are not used to penetrate the targeted systems?

      Or am I not understanding you correctly?

      --
      Poverty exists not because we cannot feed the poor, but because we cannot satisfy the rich.
      • (Score: 2) by frojack on Wednesday April 12 2017, @08:06PM (1 child)

        by frojack (1554) on Wednesday April 12 2017, @08:06PM (#493025) Journal

        I was replying to your sentence which I quoted.

        That sentence is certainly true, and is the Congressionally-mandated mission of the NSA and CIA.

        The controversy arises because the Congressionally mandated prohibition against using these methods against US Citizens on US soil is being ignored, and that is what has triggered the whistle blowing.

        The NSA is not JUST using exploits to get into foreign systems.

        --
        No, you are mistaken. I've always had this sig.
        • (Score: 2) by DannyB on Wednesday April 12 2017, @09:25PM

          by DannyB (5839) Subscriber Badge on Wednesday April 12 2017, @09:25PM (#493072) Journal

          Ok, thanks for clarification. I am well aware of the domestic spying and am a frequent critic. For example where I wrote:

          If I believed that the NSA was working in our national interest

          Back when the Snowden revelations broke, there were people who thought building a massive domestic spying apparatus was just fine. The problem is that even if you trust the person in power (which I don't and didn't), imagine if one day that apparatus falls into the hands of an insane madman -- and I don't mean kim jong un. Building a massive domestic spying apparatus is not in our national interest.

          --
          Poverty exists not because we cannot feed the poor, but because we cannot satisfy the rich.
  • (Score: 2) by linkdude64 on Wednesday April 12 2017, @09:54PM

    by linkdude64 (5482) on Wednesday April 12 2017, @09:54PM (#493090)

    "Doesn't the NSA and other TLAs have opposing objectives?"

    If only it were as simple as them doing their jobs.

    They are also competing for funding. The bigger their cut of the taxpayer-funded pie, the more each agency can advance their own interests and "create demand" for their security services around the globe.

    OT:
    It's really interesting to see how the regime change is totally fucking with each agency's projected game plan, at least, it was for the past couple months. Now the MIC may have begun to regain control, but I'm still withholding opinions on the whole Syria thing. The dust has not nearly settled, yet MSM wants to say they can see clear paths to the future through the dustcloud as they spiral into irrelevance. Taking in their "reporting" is like drinking salt water.