Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday June 30 2017, @06:11PM   Printer-friendly
from the another-day-another-leak dept.

"Today, June 29th 2017, WikiLeaks publishes documents from the OutlawCountry project of the CIA that targets computers running the Linux operating system. OutlawCountry allows for the redirection of all outbound network traffic on the target computer to CIA controlled machines for ex- and infiltration purposes. The malware consists of a kernel module that creates a hidden netfilter table on a Linux target; with knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from an user or even system administrator.

The installation and persistence method of the malware is not described in detail in the document; an operator will have to rely on the available CIA exploits and backdoors to inject the kernel module into a target operating system. OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x; this module will only work with default kernels. Also, OutlawCountry v1.0 only supports adding covert DNAT rules to the PREROUTING chain."

https://www.wikileaks.org/vault7/#OutlawCountry

-- Leaked Documents :

= OutlawCountry v1.0 User Manual
https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_User_Manual/
(PDF) https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_User_Manual/OutlawCountry_v1_0_User_Manual.pdf

= OutlawCountry v1.0 Test Plan
https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_Test_Plan/
(PDF) https://www.wikileaks.org/vault7/document/OutlawCountry_v1_0_Test_Plan/OutlawCountry_v1_0_Test_Plan.pdf


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: -1, Troll) by Snotnose on Friday June 30 2017, @06:20PM (21 children)

    by Snotnose (1623) on Friday June 30 2017, @06:20PM (#533602)

    Hint: it's not because of it's superior code. No, it's because 95% of the computers hackers care about run Windows and haven't targeted Linux. Let Linux get a 20-25% share of the home market and just watch how things change.

    IMHO, much as I dislike Windows and Microsoft's attitude towards my machine, the fact is they've spent 30 years hardening their system. They're the most secure OS you can buy. If the hackers can get into as easily as they've proven they can, we're in for a world of hurt when they turn their eyes towards Linux.

    Macs are the same thing. Based on BSD, not enough market share for the hackers to target. Just wait....

    --
    I fondly remember the day I made sandcastles with my grandmother. Just wish I hadn't done it in the crematorium.
    Starting Score:    1  point
    Moderation   -2  
       Flamebait=1, Troll=5, Insightful=2, Informative=1, Underrated=1, Total=10
    Extra 'Troll' Modifier   0  

    Total Score:   -1  
  • (Score: 4, Insightful) by butthurt on Friday June 30 2017, @06:42PM (3 children)

    by butthurt (6141) on Friday June 30 2017, @06:42PM (#533616) Journal

    > [...] 95% of the computers hackers care about run Windows [...]

    Because attackers don't care about the computers in data centres, nor the computers in people's pockets. They only care about the ones on desks.

    • (Score: 4, Funny) by bob_super on Friday June 30 2017, @06:54PM (1 child)

      by bob_super (1357) on Friday June 30 2017, @06:54PM (#533621)

      I've been mining bitcoin on top500 machines for years, because the people running them just assumed that linux is too small of a target and didn't ever consider security...
      I hope that CIA tool being public doesn't get me booted from Oak Ridge, I already have to deal with Kim's friends slowing me down when they try to access nuke sim results.

      • (Score: 0) by Anonymous Coward on Saturday July 01 2017, @02:55AM

        by Anonymous Coward on Saturday July 01 2017, @02:55AM (#533805)

        Hey, is that my tax $$ paying the electric bill for your mining?

        Time to share the wealth...

    • (Score: 0) by Anonymous Coward on Saturday July 01 2017, @06:19AM

      by Anonymous Coward on Saturday July 01 2017, @06:19AM (#533831)

      Actually, they care about computers people use for ebanking nowadays, and those usually do indeed reside on desks (or in their pockets).

  • (Score: 0, Offtopic) by Anonymous Coward on Friday June 30 2017, @06:54PM (1 child)

    by Anonymous Coward on Friday June 30 2017, @06:54PM (#533622)

    Ask yourself which OS the people responsible for Grenfell Tower probably use. Think about whether those people have good judgement concerning technical matters. Then ask yourself if you want to use the same OS.

    • (Score: 2) by KGIII on Saturday July 01 2017, @05:07PM

      by KGIII (5261) on Saturday July 01 2017, @05:07PM (#533941) Journal

      Huh... I think this is the first time I've wished for a 'fucking retarded' moderation category.

      --
      "So long and thanks for all the fish."
  • (Score: 0) by Anonymous Coward on Friday June 30 2017, @07:00PM (3 children)

    by Anonymous Coward on Friday June 30 2017, @07:00PM (#533623)

    Don't most Windows "exploits" rely on the user installing some kind of screen saver or something so they can see some tits? Are there still princes in Africa who need financial assistance? Are there urgent notices from the Federal Department of Needful Revenue Internal Service I need to install a program at the link provided in the email to see?

    • (Score: 2) by Nerdfest on Friday June 30 2017, @07:07PM (2 children)

      by Nerdfest (80) on Friday June 30 2017, @07:07PM (#533627)

      There are still lots of drive-bys.

      • (Score: 1, Interesting) by Anonymous Coward on Friday June 30 2017, @07:35PM (1 child)

        by Anonymous Coward on Friday June 30 2017, @07:35PM (#533641)

        Oh right, I forget that Windows users install software for which each document opened is potentially a program in unto itself.

        I don't understand why exactly Microsoft Office users need a feature like that, but I'm a LibreOffice user when I'm not using LaTeX. Perhaps my use-case is different.

        Microsoft Office users must implicitly trust anybody who would send them documents. Seems a bit insane to me.

        • (Score: 0) by Anonymous Coward on Saturday July 01 2017, @03:48PM

          by Anonymous Coward on Saturday July 01 2017, @03:48PM (#533926)

          By design, what easier way to spread malware through a business? No one thinks a text document would be dangerous (non tech people)

  • (Score: 2) by RamiK on Friday June 30 2017, @07:39PM (2 children)

    by RamiK (1813) on Friday June 30 2017, @07:39PM (#533643)

    the fact is they've spent 30 years hardening their system

    Following that logic, it's safer to live is in the city's most patrolled streets over the suburbs.

    *insert car analogy here*

    --
    compiling...
    • (Score: 0) by Anonymous Coward on Friday June 30 2017, @08:19PM

      by Anonymous Coward on Friday June 30 2017, @08:19PM (#533668)
      The analogy is living in a city apartment in drug war area vs a trailer in some boring small town.

      Even _if_ the former has a slightly more secure design (steel doors, more compartmentalized), you're more likely to be screwed if you make a mistake than in the latter case.
    • (Score: 3, Touché) by Gaaark on Saturday July 01 2017, @03:06AM

      by Gaaark (41) Subscriber Badge on Saturday July 01 2017, @03:06AM (#533808) Journal

      Car analogy:

      MS has spent 30 years trying to get girls' pants off in the back of their Edsel, but is constantly getting some disease or other because MS's idea of security is a condom ripped to shreds when they replace a faulty fan belt with it.

      Good enough? ;)

      --
      --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
  • (Score: 0) by Anonymous Coward on Friday June 30 2017, @08:36PM

    by Anonymous Coward on Friday June 30 2017, @08:36PM (#533678)

    You can't claim that everything from dos to windows 10 is the same thing.

    Also as has been said, Linux and especially other unix based OS have been used in servers for just as long. Not every exploit is for desktops.

  • (Score: 1) by khallow on Friday June 30 2017, @09:26PM (1 child)

    by khallow (3766) Subscriber Badge on Friday June 30 2017, @09:26PM (#533706) Journal

    IMHO, much as I dislike Windows and Microsoft's attitude towards my machine, the fact is they've spent 30 years hardening their system.

    Linux and Unix systems have only been doing that for 50 years combined. And they actually bother to harden the system when they harden it.

    • (Score: 0) by Anonymous Coward on Saturday July 01 2017, @12:37AM

      by Anonymous Coward on Saturday July 01 2017, @12:37AM (#533772)

      And it can be hardened even more by the end user. Try that with Win10... You might as well pull the hard drive out and put it in a microwave oven, that's the only way to harden Windows

  • (Score: 0) by Anonymous Coward on Saturday July 01 2017, @03:54AM (3 children)

    by Anonymous Coward on Saturday July 01 2017, @03:54AM (#533812)

    Spend 30 years hardening your system, then find it's still micro and soft and there isn't enough viiagra to do any kind of a job at all with it.

    30 years of impotence. Maybe they need an Apple a day?

    Gimme a break, dude.
    30 years:
    1: http://www.zdnet.com/article/microsoft-hides-behind-linux-for-protection/ [zdnet.com]
    2: http://www.theregister.co.uk/2004/10/22/linux_v_windows_security/ [theregister.co.uk]
    3: http://www.theregister.co.uk/2004/10/22/security_report_windows_vs_linux/ [theregister.co.uk]

    30 years of FUD and misinformation and fudging reports and......

    (Sheesh, not allowed to put V_iagra in your post? "Lameness filter encountered. Post aborted!")

    • (Score: 3, Interesting) by kaszz on Saturday July 01 2017, @05:09AM (2 children)

      by kaszz (4211) on Saturday July 01 2017, @05:09AM (#533823) Journal

      Microsoft hides behind Linux for protection [zdnet.com]:

      Microsoft has employed Akamai's Linux-based servers to protect its Microsoft.com Web site and reduce the site's vulnerability

      Just proves their shit sucks. and they should stop peddling it onto others.

      • (Score: 2) by takyon on Saturday July 01 2017, @09:44PM (1 child)

        by takyon (881) <takyonNO@SPAMsoylentnews.org> on Saturday July 01 2017, @09:44PM (#533999) Journal

        Or it proves that Akamai is cheap and convenient because of their scale.

        --
        [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
        • (Score: 2) by kaszz on Sunday July 02 2017, @08:15AM

          by kaszz (4211) on Sunday July 02 2017, @08:15AM (#534117) Journal

          Sure, but if Microsoft has so great products. Then why don't they use their own cloud solution Azure with.. Windows? ;-)

  • (Score: 2) by mcgrew on Saturday July 01 2017, @03:49PM

    by mcgrew (701) <publish@mcgrewbooks.com> on Saturday July 01 2017, @03:49PM (#533927) Homepage Journal

    Linux is a kernal, not an OS, so this exploit should be able to pwn any Android device. There are a lot more Android devices than Windows devices; everyone who doesn't have an iPhone has Linux in their pockets and purses. Linux devices now outnumber Windows devices, just not on desks (unless you leave your tablet on a desk).

    --
    Free Martian whores! [mcgrewbooks.com]