SoylentNews is people
SoylentNews
posted by
janrinok
on Friday February 28 2014, @10:30PM
from the It's-not-illegal-if-governments-do-it dept.
from the It's-not-illegal-if-governments-do-it dept.
AnonTechie writes:
"A surprising number of governments are now deploying their own custom malware and the end result could be chaos for the rest of us, F-Secure's malware chief Mikko Hypponen told the TrustyCon ( https://www.trustycon.org/ ) conference in San Francisco on Thursday.
'Governments writing viruses: today we sort of take that for granted but 10 years ago that would have been science fiction,' he told the public conference. 'If someone had come to me ten years ago and told me that by 2014 it will be commonplace for democratic Western governments to write viruses and actively deploy them against other governments, even friendly governments, I would have thought it was a movie plot. But that's exactly where we are today.'
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
I think we are in Rats' Alley where the dead men lost their bones.
-- T.S. Eliot
(Score: -1, Offtopic) by Anonymous Coward on Friday February 28 2014, @10:34PM
Fat Porn Pidgeon of the day.
(Score: -1, Offtopic) by mrider on Friday February 28 2014, @10:42PM
Is it plucked and covered with hot mullet?
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: -1, Offtopic) by Anonymous Coward on Friday February 28 2014, @11:28PM
Congratulations on your first post sir. Unfortunately, your pathetic troll life has probably peaked, and it will be all downhill from this moment forward.
(Score: -1, Offtopic) by Anonymous Coward on Saturday March 01 2014, @01:24AM
Thankyou for the congratulations, which will serve as encouragement for trolls everywhere.
(Score: 5, Interesting) by mrider on Friday February 28 2014, @10:37PM
Not because GNU/Linux (or BSD, or etcetera) is "immune" to viruses (virii?), but because my Debian box is so different than another person's Gentoo box, or Slack box, or BSD, or whatever, that the government would nearly have to tailor the malware just for me.
Whatever roadblocks I can put up are good so far as I'm concerned.
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 5, Funny) by mrbluze on Friday February 28 2014, @10:42PM
No, they just hire a guy to grow a beard around his neck and make code commits that someone else writes for him, get him to a position of power, and then put malware into the kernel.
Do it yourself, 'cause no one else will do it yourself.
(Score: 5, Funny) by mrider on Friday February 28 2014, @10:48PM
And then wait three years until that code makes it onto my box (running Debian stable). :)
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 4, Insightful) by crutchy on Friday February 28 2014, @10:50PM
there may be lots of different distributions and configurations, but the kernel is a common weak point (single point of failure).
and torvalds is only one human living in the united states... he is not immune from manipulation by the government (i hear waterboarding can be convincing)
(Score: 1) by mrider on Friday February 28 2014, @11:24PM
True. But unless the kernel is vulnerable to a remote exploit, then almost certainly the delivery mechanism that would work for you wouldn't work for me.
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 2, Insightful) by crutchy on Saturday March 01 2014, @01:18AM
probably, but i doubt most linux users would review kernel source changes before updating, so if torvalds opted to insert some kind of remote exploit into the kernel (thanks to some friendly "enhanced interrogation" techniques) most would have no idea. a lot would, particularly the core kernel devs, but no doubt they would be targeted too in that scenario.
(Score: 4, Interesting) by Anonymous Coward on Saturday March 01 2014, @01:31AM
The malware is in the hardware microcode. No amount of OS safeguarding will prevent a government organization taking over the hypervisor you never knew was running on your Intel CPU.
(Score: 2) by SMI on Saturday March 01 2014, @03:22AM
I'm interested to know more, if you have any reference material. I checked the links in TFS, but didn't find anything. I'm about to buy a new laptop, and full virtualization support in the CPU is one of my requirements. Unfortunately, there isn't much available with an AMD chip these days, not even in the custom laptops I've looked at.
(Score: 2, Insightful) by DNied on Friday February 28 2014, @11:56PM
Not only that, but the core userland is pretty much the same stuff across Linux distros, with minimal customization.
It would be an incredibly lucky coincidence if those slight distro-specific tweaks would somehow end up neutralizing the exact piece of malware to reach your machine.
(Score: 4, Insightful) by Runaway1956 on Saturday March 01 2014, @03:20AM
The kernel isn't the single point of failure that you think. Just because I might run Debian doesn't mean that I am necessarily running a kernel packaged and released by Debian. We can, and some of us do, "roll out own" kernels. An exploit that exists on one Debian box, may not exist on another Debian box. And, of course, there are differences between distros. The paranoid who compiles all of his own software from source may share some vulnerabilities with the larger community, or he may even introduce some unique vulnerabilities, but you can't count on much or anything.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 5, Insightful) by TheLink on Saturday March 01 2014, @04:09AM
And you don't need to infect the kernel at all. All you need are "zero days" on common browsers/clients(IM etc) or common plugins (many Governments can MITM you if you're in their territory or they really really want to). Then the malware gets in and sets itself up to keep running - at, crontab, sneaky aliases, etc.
Very few Linux users run their browsers using other accounts or sandbox their browsers (and do check if your sandbox is tight enough for such a scenario - the last I checked years ago Ubuntu's default apparmor browser sandbox was rather loose- but I've given up on Ubuntu for desktop stuff any more so I'm not bothered).
So even if kernel or privilege escalation exploits would be nice, there's no need in most cases. The user's stuff- email, keys, IM, browser cache (for frame jobs and other stuff), etc would all be accessible already.
There may be lots of different distros and configuration but in my experience writing cross platform stuff for linux and unix platforms (BSD, Solaris, AIX etc) a perl script can cope with most of that (one issue is SSL support across all those distros, but if you don't care about encrypting all your channels with SSL that's not a big problem- and even then there are usually workarounds with cli http clients).
TIMTOWTDI is great for writing malware too ;).
(Score: 3, Interesting) by sjames on Saturday March 01 2014, @07:08AM
The kernel isn't as interesting as it used to be. Getting the BIOS to run an exploit inside SMM or the BMC would be more interesting. Some BMCs have a JTAG connection to the system. This is especially dangerous since the BMC shares the main system's network port.
(Score: 5, Informative) by stormwyrm on Friday February 28 2014, @11:02PM
The proper plural of virus is viruses. If it were a Latin word, as in words like radius -> radii, 'virii' would rather be the second declension masculine plural of the non-existent word 'virius'. There is no attested classical Latin plural form for 'virus' (meaning 'poison' or 'venom'), as it was considered a mass noun, and even if there were one, it would most likely have been considered a second declension neuter noun, whose nominative plural would rather be 'vira'.
Numquam ponenda est pluralitas sine necessitate.
(Score: 1) by seandiggity on Friday February 28 2014, @11:11PM
Erasmus, is that you?
(Score: 2) by mrbluze on Saturday March 01 2014, @01:33AM
Viridae, actually.
Do it yourself, 'cause no one else will do it yourself.
(Score: 0) by Anonymous Coward on Saturday March 01 2014, @02:03AM
The -idae suffix does not form a Latin plural, but is a formation from Greek (from εἶδος) that means 'in the form of', and is used in taxonomy to denote subclasses and families.
(Score: 0) by krishnoid on Saturday March 01 2014, @01:40AM
blah blah blah ...
it would most likely have been considered a second declension neuter noun, blah blah blah 'vira'.
'Vira' it is, then. Thanks for clarifying that -- I'll be sure to start using it with the security people I know.
(Score: 1, Insightful) by Anonymous Coward on Friday February 28 2014, @11:08PM
No, virii is Latin for "men".
The correct English word is "viruses".
On top of that, I would like to see us discontinue the use of Latin plurals in English. It's not 1500 anymore
(Score: 0) by Anonymous Coward on Saturday March 01 2014, @07:27AM
(Score: 2, Informative) by Asshole on Friday February 28 2014, @11:17PM
If you remember this video http://www.youtube.com/watch?v=vILAlhwUgIU [youtube.com] then you know that Windows, OSX, Linux, and Freebsd are all compromised by NSA. So if you want to be truly safe, you should use OpenBSD.
(Score: 4, Insightful) by Runaway1956 on Saturday March 01 2014, @03:32AM
*sigh*
Understand, I'm not finding fault with you or your link. But, I was hoping to see a three to ten minute video, from which I might learn something. An hour long video is just to much. I bookmark these links, but I just never get back to them. Got anything similar that summarizes the presentation? "Executive summary" so to speak?
And, before anyone asks, no, I don't watch Hollyweird movies. It's not a question of trading off some pointlessly spent time with the television to watch this video.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 1) by Asshole on Saturday March 01 2014, @09:52PM
This is the only summary I could quickly find.a ppelbaum-spiegel/ [cnn.com]
http://tech.fortune.cnn.com/2013/12/31/apple-nsa-
Everything else is either a full transcript or does not cover enough of the talk.
(Score: 1) by Runaway1956 on Sunday March 02 2014, @05:56AM
Thank you for that. I've just emailed my son with links to this discussion, the video, and the article you supplied just now. His life is at least as active as mine - but he may actually watch the entire video.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 1) by mrider on Friday February 28 2014, @11:53PM
To all of you that keep replying that the vulnerability can be hiding inside the kernel - or whatever - you miss the point. Unless my box is remotely exploitable, how do you deliver the virus? I almost certainly don't have the same vulnerability vectors as you.
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 5, Informative) by HiThere on Saturday March 01 2014, @12:03AM
Well, Flash is a crossplatform delivery vector, and it appears that HTML5 will also be one. So is Java. I'm not sure about JavaScript, but with a few extensions (common) it probably is.
It's true that the item delivered will need to be configured to run under your system, but if you're on the web, you can probably be compromised. If not this year, then next year.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 3, Interesting) by mrider on Saturday March 01 2014, @12:10AM
Noscript.
Not installed.
Noscript.
Undoubtedly. But you see what I mean about how my computer isn't standard?
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 3, Insightful) by tibman on Saturday March 01 2014, @12:38AM
I use noscript as well and run FF within a sandboxie container. In linux i just use FF and don't really care.
What do you do when you want to buy something? Constantly run into problems because the site you are buying from is actually using 3rd party services. None of those are whitelisted and die horribly. Adding them to the whitelist causes data to be resent and could cause an error : /
SN won't survive on lurkers alone. Write comments.
(Score: 4, Informative) by SMI on Saturday March 01 2014, @06:22AM
I use (among other things) NoScript and RequestPolicy [mozilla.org], and when I want to buy something, of course I make sure to be aware of what is being allowed (both temporarily and permanently) and what is being blocked. In other words, I buy things online all the time and haven't had any problems or double charges. If a person doesn't understand how to use a chainsaw, that isn't the chainsaw's fault.
(Score: 1) by tibman on Sunday March 02 2014, @08:33AM
I'll take a look at RequestPolicy. You might also like https://www.eff.org/https-everywhere [eff.org]
SN won't survive on lurkers alone. Write comments.
(Score: 2) by SMI on Sunday March 02 2014, @08:40AM
Thanks, I'm already [soylentnews.org] using it, though I do appreciate the advice anyway.
(Score: 5, Insightful) by Koen on Saturday March 01 2014, @01:06AM
Conclusion: if anybody wants to attack us soylentils (and pipedotters, technocrats & comp.miscfits), NoScript would be the perfect virus vector.
/. refugees on Usenet: comp.misc [comp.misc]
(Score: 0) by Anonymous Coward on Saturday March 01 2014, @07:29AM
+1 Insightful, kingdom for mod points, you know the schtick.
(Score: 1) by sjames on Saturday March 01 2014, @07:42AM
You'll get it in the BIOS itself, fresh fropm the factory that REALLY doesn't want to be 'audited'.
(Score: 4, Interesting) by strattitarius on Friday February 28 2014, @11:08PM
I can't decide if it is a miracle that we are able to live in such (relative) peace, with so many of use wandering the globe in a rather confident sense of security, or if it is a miracle that the greed and hate have not taken over to bring us to a time of nothing more than self preservation.
Interestingly, the middle-class workers (me) seem to have achieved a pretty high level of securing physical needs only to be completely vulnerable as far as information and security of intellectual property, to include privacy.
For example, I haven't locked the doors to my house in at least 4-5 years, even while living in one of the largest cities in the US. But I would never use a computer without a password, am paranoid to use facebook, and hate the fact that I am too lazy to run my own personal mail server (not that it would help much because everyone I email has yahoo or gmail).
Slashdot Beta Sucks. Soylent Alpha Rules. News at 11.
(Score: 0) by Anonymous Coward on Friday February 28 2014, @11:41PM
What? Is this common?
(Score: 3, Interesting) by Runaway1956 on Saturday March 01 2014, @03:38AM
I don't even have a key to my front door. I lost mine more than fifteen years ago, and when I thought to ask the wife for hers, she couldn't find it. The back door has a key, which is inserted into the lock, where my son left it when he installed the new door knob. I can't speak for anyone else, but people around here respect a closed door. Those people who don't respect a closed door are going to break in anyway. How hard is it to break a window, after all? Or, to kick in a door. There are plenty of videos on Youtube in which the police demonstrate just how easy it is to break into a house. Locked doors? Phhhtttt!!
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 1) by cafebabe on Monday March 03 2014, @04:21PM
When 1/2 the population had a television, stealing a television was worthwhile. Nowadays, poor people have better televisions than rich people. Likewise for microwave ovens, mobile telephones [cellphones], food mixers and almost everything else.
So, yeah, break in! But what are you gonna steal? Who are you gonna sell it to? For how much? And was it worth it?
1702845791×2
(Score: 3, Insightful) by rts008 on Friday February 28 2014, @11:14PM
Fiction has always been based on the creator's experiences and viewpoints.
Reality can sometimes be unimaginable, otherwise we would expect it.
New experiences means new understanding, unfortunately understanding comes after the fact.