SoylentNews is people
SoylentNews
Today, 9 November 2017, WikiLeaks publishes the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.
Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention. Using Hive even if an implant is discovered on a target computer, attributing it to the CIA is difficult by just looking at the communication of the malware with other servers on the internet. Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.
Hive can serve multiple operations using multiple implants on target computers. Each operation anonymously registers at least one cover domain (e.g. "perfectly-boring-looking-domain.com") for its own use. The server running the domain website is rented from commercial hosting providers as a VPS (virtual private server) and its software is customized according to CIA specifications. These servers are the public-facing side of the CIA back-end infrastructure and act as a relay for HTTP(S) traffic over a VPN connection to a "hidden" CIA server called 'Blot'.
The code shows how the CIA could impersonate Kaspersky Lab:
According to WikiLeaks, CIA used these fake certificates to impersonate existing entities including Kaspersky Lab. "The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated," noted WikiLeaks.
Also at The Register (follow-up).
(Score: 1, Insightful) by Anonymous Coward on Tuesday November 14 2017, @06:34PM (6 children)
this is because of the "cloud" and the myriad of registrations on a single IP and domain at a hosting provider.
back when companies controlled their hardware and services, it was possible to know who you were talking to.
now, for security purposes, you have to ferret out where the connections should be going and permit those, or at least document them, and then not allow connections to other stuff.
it shouldnt be so hard to use the internet and it didn't used to be when it wasnt run for profit
(Score: -1, Offtopic) by Anonymous Coward on Tuesday November 14 2017, @06:51PM (3 children)
i worked with tom sizemore and he is the fucking worst. just a greasy, unrepentantly gross manchild. i have several friends who've also worked with him, or p.a.'d on sets he's been the "star" of.
quick anecdote: ended up going for a ride with him on a film i was in (small role), because my friend - also a p.a. - had to drive him back to his house to find a shirt. we sat at his coffee table, covered in about 2409r782374 ash trays and seven boxes of half eaten mike & ikes. what seems like an hour later of uncomfortable stillness he comes barreling out of his bedroom, a little sweaty, panting, and drops fuckin STACKS of vhs tapes on the table in front of us. we were both pretty confused at the point. he then pops one in his combo vhs/dvd player and it's him getting blown by some poor chick with really fuckin terrible roots, he then puts the shirt over his slovenly body, turns to my friend and says, "this good?"
it is one of the most surreal, ridiculous moments of my life.
(Score: 0, Offtopic) by Anonymous Coward on Tuesday November 14 2017, @07:01PM
https://archive.4plebs.org/tv/thread/90220338/ [4plebs.org]
(Score: -1, Redundant) by Anonymous Coward on Tuesday November 14 2017, @08:03PM
i worked with Anonymous Coward and he is the fucking worst. just a greasy, unrepentantly gross manchild. i have several friends who've also worked with him, or p.a.'d on sets he's been the "star" of.
quick anecdote: ended up going for a ride with him on a film i was in (small role), because my friend - also a p.a. - had to drive him back to his house to find a shirt. we sat at his coffee table, covered in about 2409r782374 ash trays and seven boxes of half eaten mike & ikes. what seems like an hour later of uncomfortable stillness he comes barreling out of his bedroom, a little sweaty, panting, and drops fuckin STACKS of vhs tapes on the table in front of us. we were both pretty confused at the point. he then pops one in his combo vhs/dvd player and it's him getting blown by some poor chick with really fuckin terrible roots, he then puts the shirt over his slovenly body, turns to my friend and says, "this good?"
it is one of the most surreal, ridiculous moments of my life.
(Score: 1, Offtopic) by edIII on Wednesday November 15 2017, @12:23AM
I'm right there with you. That being said though, in my head it was Tom Sizemore playing the role of Tom Sizemore, and he nailed it. I did not need to suspend disbelief at all.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 3, Informative) by frojack on Tuesday November 14 2017, @07:04PM (1 child)
Profit had nothing to do with it.
You can't hearken back to those halcyon days of a research network (funded by the defense advanced research projects agency), and pretend that it got all dirty only when it move into a for profit universe.
Nor can you assume having your own IP range and inspecting every single bit of outgoing traffic against a master list was ever a solution, was ever actually practiced in the real world. We invented laptops for a reason fella!
When it was just you and your neighbor buddy talking on the tin-can-and-string telephone your mom's were still listening.
This whole idea of Certificates is just a symptom. Security was bolted onto the internet, and IP addresses could be spoofed and were never intended to be a personal identifier any more than a street sign was.
Its time to rethink this mess. I'm beginning to think these guys [temperednetworks.com] may actually have something in their implementation of identity defined networks (in depth pdf [temperednetworks.com]. Its been around a while. https://en.wikipedia.org/wiki/Host_Identity_Protocol [wikipedia.org]
No, you are mistaken. I've always had this sig.
(Score: 1, Insightful) by Anonymous Coward on Tuesday November 14 2017, @09:20PM
"it's time to rethink this mess"
I politely disagree. Fuck no. There exists no method, to make right what is crooked in such a way. Without totally rebooting whole of society, without merging Man and Machine, without executing every capitalist supporter of this horrible religion known as economics, the Internet will remain a slave to the commercial interests.
There is no saving that which doesn't want to be saved. There is no technical solution to a social problem. I'm sorry.