Bitcoin Forum

Other => Politics & Society => Topic started by: Wilikon on March 12, 2014, 06:18:43 PM



Title: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 12, 2014, 06:18:43 PM

https://i.imgur.com/ehMLOwf.jpg



After failing to infect targets with malware in spam emails, the U.S. National Security Agency has reportedly turned to Facebook.

According to a report by The Intercept, the NSA “disguises itself as a fake Facebook server” to perform “man-in-the-middle” and “man-on-the-side” attacks and spread malware. The Intercept is the first in a series of publications created by Pierre Omidyar‘s First Look Media.

Journalists Ryan Gallagher and Glenn Greenwald claim that Facebook users are tricked into visiting “what looks like an ordinary Facebook page.” From there, they claim, “the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.”

A Facebook spokesperson provided VentureBeat with the following statement:

“We have no evidence of this alleged activity. In any case, this method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year. If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected.”


A purportedly official animation, uploaded on Vimeo, reveals how the NSA conducts the Facebook hack:

https://vimeo.com/88822483

NSA’s Facebook targeting is reportedly a response to the declining success of other malware injection techniques. Previous techniques include the use of “spam emails that trick targets into clicking a malicious link.”

It’s noteworthy that the NSA has also allegedly posed as Google to gain access to user data.

This news follows NSA leaker Edward Snowden’s appearance at SXSW. During his talk, Snowden stated that the U.S. “needs a watchdog that watches Congress.” When asked if he was satisfied with the current NSA debate, Snowden made clear that he would serve again as a whistleblower if he had a second chance.

http://venturebeat.com/2014/03/12/the-nsa-reportedly-poses-as-facebook-to-spread-malware/


------------------------------------------------------
watching the vimeo link quick before it "disappears"...



Title: NSA’s automated hacking engine offers hands-free pwning of the world
Post by: Wilikon on March 12, 2014, 07:59:54 PM


https://i.imgur.com/EHiTnHR.jpg

With Turbine, no humans are required to exploit phones, PCs, routers, VPNs.

Since 2010, the National Security Agency has kept a push-button hacking system called Turbine that allows the agency to scale up the number of networks it has access to from hundreds to potentially millions. The news comes from new Edward Snowden documents published by Ryan Gallagher and Glenn Greenwald in The Intercept today. The leaked information details how the NSA has used Turbine to ramp up its hacking capacity to “industrial scale,” plant malware that breaks the security on virtual private networks (VPNs) and digital voice communications, and collect data and subvert targeted networks on a once-unimaginable scale.

Turbine is part of Turbulence, the collection of systems that also includes the Turmoil network surveillance system that feeds the NSA’s XKeyscore surveillance database. While it is controlled from NSA and GCHQ headquarters, it is a distributed set of attack systems equipped with packaged “exploits” that take advantage of the ability the NSA and GCHQ have to insert themselves as a “man in the middle” at Internet chokepoints. Using that position of power, Turbine can automate functions of Turbulence systems to corrupt data in transit between two Internet addresses, adding malware to webpages being viewed or otherwise attacking the communications stream.

Since Turbine went online in 2010, it has allowed the NSA to scale up from managing hundreds of hacking operations each day to handling millions of them. It does so by taking people out of the loop of managing attacks, instead using software to identify, target, and attack Internet-connected devices by installing malware referred to as “implants.” According to the documents, NSA analysts can simply specify the type of information required and let the system figure out how to get to it without having to know the details of the application being attacked.

The “selectors” that analysts can use to target victims through Turbine are significant. Using Turmoil as a targeting system, Turbine can look for identifying cookies from a number of Web services, including Google, Yahoo, Twitter, Facebook, Hotmail, and DoubleClick, as well as those from the Russian services Mail.ru, Rambler, and Yandex. Those cookies are all available for targeting purposes, as is user account information from a whole host of services.

https://i.imgur.com/OzRWmkS.png

Turmoil can also key in on Windows Update identifiers, software serial numbers passed over the Internet, and signatures from physical devices such as phones’ International Mobile Station Equipment Identity (IMEI) numbers and Wi-Fi MAC addresses. All of these things can be indexed as metadata by Turmoil and tied by other metadata to a specific target.

Once installed, implants give the NSA and GCHQ a way to extract data from the target, monitor its communications, or launch attacks against the network the target resides on. Turbine implants have even allowed the NSA and GCHQ to hack IPSec VPN connections by inserting an implant on routers that break VPNs’ key exchange process, opening virtually any VPN to direct surveillance.

Hammer time

The documents published today include slides from the NSA’s Turbulence team detailing the “phases” of the NSA’s capabilities to monitor VPN and Voice over IP (VoIP) traffic using a set of attacks known as Hammerstein and Hammerchant. Previously, it was known that the NSA could exploit the older Point to Point Tunneling Protocol (PPTP) for VPNs. But the new documents show how Turbine and Turbulence can be used to attack VPNs using the more secure Internet Protocol Security (IPSec) standard.

At the most basic level, Turbulence simply captures metadata from Internet Key Exchange (IKE) messages between systems connecting over an IPSec VPN. The NSA can apparently perform a “static tasking” against an IPSec VPN based on its IP addresses using the Hammerstein implant. (Hammerstein is a piece of malware injected into a router sitting in the path of the VPN traffic, which forwards key exchanges and encrypted data to a Turbulence system.)

Hammerstein allows the NSA and GCHQ to tap into networks that don’t pass through the Turbulence checkpoint. The data can then be pushed through a specialized VPN-cracking “blade” in the Turmoil server hardware to decrypt the content.

https://i.imgur.com/IdxBy1X.jpg

The Hammerchant implant does roughly the same thing with digital voice calls and video conferences that Hammerstein does with VPNs. It can intercept call traffic based on the SIP and H.323 protocols, allowing “call surveys” that collect metadata or capture the actual voice content.

Turbine added the capability of “dynamic tasking” to these attacks. It can send identifying information on the fly to Hammerstein or Hammerchant automatically based on a set of parameters set by an NSA operator with a few mouse clicks.

https://i.imgur.com/xyd04T3.jpg


Search and destroy

Other man-in-the-middle and “man on the side” attack systems are also tied into Turbine. Quantum Insert, the attack tool used to hack the networks of OPEC and the Belgian telecommunications company Belgacom, can also be controlled by Turbine by using webpage request data collected by Turmoil to automatically trigger an attack. Turbine can push an HTML request posing as a response from a visited site back through a Quantum Insert implant on a server or router closer to the server the request is sent to. It does this because of a microseconds-long response time advantage to convince the target’s browser that it’s the response being sought out. It then delivers malware that allows the NSA (or GCHQ) to poke around the target’s computer and network.

https://i.imgur.com/Fex9dD3.jpg

These capabilities give the NSA’s Tailored Access Operations (TAO) unit the ability to conduct not just tailored attacks, but multilayered, massive operations that can scoop up vast amounts of data not accessible via XKeyscore. As if that’s not enough, there’s also an attack tool designed for wholesale exploits of traffic passing through a specific Internet “choke point”—a peering point for a specific Internet Service Provider, an Internet exchange at a national border or at a submarine cable meeting point, or any other routing point on the Internet that could host an implant.

Called SecondDate, the capability was described in a 2012 NSA document as a tool “to influence real-time communications between client and server.” It has the ability to redirect Web browsers to the NSA’s FoxAcid malware servers, and it may have been used as part of an attack on Tor users. SecondDate can serve as part of a targeted attack, but it can also be used, according to NSA documents, for “mass exploitation potential for clients passing through network choke points.” In other words, SecondDate can be used in concert with the NSA’s other systems to attack whole swaths of the Internet, infecting systems with surveillance malware.

All of these capabilities give the NSA and GCHQ considerable reach. But they also run the risk of allowing others to stand on the agencies’ shoulders and take advantage of the exploits the NSA has already seeded into parts of the Internet’s infrastructure. Regardless of the scope of the NSA’s ongoing surveillance, the chance that someone else could hijack or repackage a capability like Hammerstein or SecondDate for criminal or other malicious means poses a risk to the entire Internet.

http://arstechnica.com/information-technology/2014/03/nsas-automated-hacking-engine-offers-hands-free-pwning-of-the-world/


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: TheButterZone on March 13, 2014, 12:30:07 AM
HTTPS?


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: tkbx on March 13, 2014, 01:06:00 AM
This is why we need Meshnet, people.
- ALL connections encrypted by protocol mandate
- Pseudo-anonymous in the same way as Bitcoin (when on a non-internet network, which is the end goal)
- Un-censorable
- Resistant to all disasters (the original intention of the Internet, now deemed "unimportant" because "there will never be a nuclear war, like, ever")
- Instead of sending your traffic to a routing center, then indirectly to the destination, your software router determines the best route to take.
- Because of the above point, if there are ever fiber cables for meshnets, inter-continental data transfer will be just as fast as it is now, while connections to people near you will be much faster.
- Meshnet access will be "freemium", with all users being able to access for free as long as they have a connection to their house already. Users could also pay faster peers to get high-end cable or fiber speeds.
https://projectmeshnet.org/

HTTPS?
Ahaha


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Bit_Happy on March 13, 2014, 03:48:09 AM
I thought they already had access to almost everything?   ???


Title: NSA reaches ‘into the past’ to retrieve, replay phone calls
Post by: Wilikon on March 18, 2014, 08:52:28 PM


https://i.imgur.com/w55APGP.jpg


The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.

A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere.

In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary.

The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage.

At the request of U.S. officials, The Washington Post is withholding details that could be used to identify the country where the system is being employed or other countries where its use was envisioned.

No other NSA program disclosed to date has swallowed a nation’s telephone network whole. Outside experts have sometimes described that prospect as disquieting but remote, with notable implications for a growing debate over the NSA’s practice of “bulk collection” abroad.

Bulk methods capture massive data flows “without the use of discriminants,” as President Obama put it in January. By design, they vacuum up all the data they touch — meaning that most of the conversations collected by RETRO would be irrelevant to U.S. national security interests.

In the view of U.S. officials, however, the capability is highly valuable.

In a statement, Caitlin Hayden, spokeswoman for the National Security Council, declined to comment on “specific alleged intelligence activities.” Speaking generally, she said “new or emerging threats” are “often hidden within the large and complex system of modern global communications, and the United States must consequently collect signals intelligence in bulk in certain circumstances in order to identify these threats.”

NSA spokeswoman Vanee Vines, in an e-mailed statement, said that “continuous and selective reporting of specific techniques and tools used for legitimate U.S. foreign intelligence activities is highly detrimental to the national security of the United States and of our allies, and places at risk those we are sworn to protect.

http://apps.washingtonpost.com/g/page/world/nsa-symbolizes-data-collection-program-with-wizard/880/


http://www.washingtonpost.com/world/national-security/nsa-surveillance-program-reaches-into-the-past-to-retrieve-replay-phone-calls/2014/03/18/226d2646-ade9-11e3-a49e-76adc9210f19_story.html





Title: Re: NSA reaches ‘into the past’ to retrieve, replay phone calls
Post by: Bit_Happy on March 18, 2014, 09:25:18 PM


https://i.imgur.com/w55APGP.jpg


The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.

A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere.

In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary.

The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage.

At the request of U.S. officials, The Washington Post is withholding details that could be used to identify the country where the system is being employed or other countries where its use was envisioned.

No other NSA program disclosed to date has swallowed a nation’s telephone network whole. Outside experts have sometimes described that prospect as disquieting but remote, with notable implications for a growing debate over the NSA’s practice of “bulk collection” abroad.

Bulk methods capture massive data flows “without the use of discriminants,” as President Obama put it in January. By design, they vacuum up all the data they touch — meaning that most of the conversations collected by RETRO would be irrelevant to U.S. national security interests.

In the view of U.S. officials, however, the capability is highly valuable.

In a statement, Caitlin Hayden, spokeswoman for the National Security Council, declined to comment on “specific alleged intelligence activities.” Speaking generally, she said “new or emerging threats” are “often hidden within the large and complex system of modern global communications, and the United States must consequently collect signals intelligence in bulk in certain circumstances in order to identify these threats.”

NSA spokeswoman Vanee Vines, in an e-mailed statement, said that “continuous and selective reporting of specific techniques and tools used for legitimate U.S. foreign intelligence activities is highly detrimental to the national security of the United States and of our allies, and places at risk those we are sworn to protect.

http://apps.washingtonpost.com/g/page/world/nsa-symbolizes-data-collection-program-with-wizard/880/


http://www.washingtonpost.com/world/national-security/nsa-surveillance-program-reaches-into-the-past-to-retrieve-replay-phone-calls/2014/03/18/226d2646-ade9-11e3-a49e-76adc9210f19_story.html


Almost looks like a clever parody, like onion.com.
This isn't real.....No it cannot be real.  
We live in a free country.  ::)


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: okaynow on March 18, 2014, 11:22:47 PM
@Bit_happy: we live in a free-for-all fairy tale. With dragons and whales, cyberalchemists & trolls man XD
it;s like 1984 minus the poetry.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: AnonyMint on March 18, 2014, 11:40:23 PM
We must redesign some of the protocol infrastructure of the internet.

When I say this, I am not talking about working through the W3.org (although I am listed as a contributor there to the design of CSS2.1).

No we need something more market based and immediate, analogous to how Netscape was setting de facto HTML standards in the 1990s.

I do have a specific action in plan. Something analogous to PirateBay's efforts but I think better and more general.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Luno on March 19, 2014, 08:31:42 AM
The NSA knows my score in Candy Crush? (It's my wife's profile, because FB is too ridiculous for me to have  profile on)


Title: Re: NSA reaches ‘into the past’ to retrieve, replay phone calls
Post by: Wilikon on March 19, 2014, 05:36:37 PM


https://i.imgur.com/w55APGP.jpg


The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden.

A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere.

In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary.

The call buffer opens a door “into the past,” the summary says, enabling users to “retrieve audio of interest that was not tasked at the time of the original call.” Analysts listen to only a fraction of 1 percent of the calls, but the absolute numbers are high. Each month, they send millions of voice clippings, or “cuts,” for processing and long-term storage.

At the request of U.S. officials, The Washington Post is withholding details that could be used to identify the country where the system is being employed or other countries where its use was envisioned.

No other NSA program disclosed to date has swallowed a nation’s telephone network whole. Outside experts have sometimes described that prospect as disquieting but remote, with notable implications for a growing debate over the NSA’s practice of “bulk collection” abroad.

Bulk methods capture massive data flows “without the use of discriminants,” as President Obama put it in January. By design, they vacuum up all the data they touch — meaning that most of the conversations collected by RETRO would be irrelevant to U.S. national security interests.

In the view of U.S. officials, however, the capability is highly valuable.

In a statement, Caitlin Hayden, spokeswoman for the National Security Council, declined to comment on “specific alleged intelligence activities.” Speaking generally, she said “new or emerging threats” are “often hidden within the large and complex system of modern global communications, and the United States must consequently collect signals intelligence in bulk in certain circumstances in order to identify these threats.”

NSA spokeswoman Vanee Vines, in an e-mailed statement, said that “continuous and selective reporting of specific techniques and tools used for legitimate U.S. foreign intelligence activities is highly detrimental to the national security of the United States and of our allies, and places at risk those we are sworn to protect.

http://apps.washingtonpost.com/g/page/world/nsa-symbolizes-data-collection-program-with-wizard/880/


http://www.washingtonpost.com/world/national-security/nsa-surveillance-program-reaches-into-the-past-to-retrieve-replay-phone-calls/2014/03/18/226d2646-ade9-11e3-a49e-76adc9210f19_story.html


Almost looks like a clever parody, like onion.com.
This isn't real.....No it cannot be real.  
We live in a free country.  ::)

First of all what are you going to do with all those talented jobless graphic artists? I have to admit: the NSA has a good sense of humor (at least the Design & Marketing dept. does). Don't forget the logo on the their spy satellite launched a while back

U.S. Spy Rocket Has Octopus-Themed 'Nothing Is Beyond Our Reach' Logo. Seriously.
http://www.forbes.com/sites/kashmirhill/2013/12/05/u-s-spy-rocket-launching-today-has-octopus-themed-nothing-is-beyond-our-reach-logo-seriously/

https://i.imgur.com/0ux1AoG.jpg


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Luno on March 19, 2014, 05:59:02 PM
Magic the gathering! NSA, Mark Karpeles, everything is a blur  :o


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 20, 2014, 01:00:49 AM
Magic the gathering! NSA, Mark Karpeles, everything is a blur  :o

If the NSA reads this forum and wants to punk Bitcoin it should have a giant Bitcoin logo + wallet address on its next spy satellite...


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Luno on March 20, 2014, 08:40:17 AM
They do read this forum, or a scraper is.

NSA employees are quite intelligent people, so they must have a highly sophisticated sense of humour. i would imagine that the "Bitcoin intel office" is the branch to be in, if you want to enjoy working for NSA.

They must be rolling around the floor laughing, short of breath, every hour of the day as they try to keep up with the massive amount of genuinely funny jokes on this forum.

As NSA also do industrial espionage, expect hearing Jimmy Fallon using your jokes on the tonight show too.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: bryant.coleman on March 20, 2014, 09:52:42 AM
I just hope that someone will just nuke the Whitehouse. Enough with this.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Luno on March 20, 2014, 10:22:22 AM
I just hope that someone will just nuke the Whitehouse. Enough with this.
All doubt aside; they are reading this thread now!


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: mexxer on March 20, 2014, 01:26:46 PM
are you surprised? I mean they do everything and i won't be surprised if every operation system send complete reports to NSA.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 20, 2014, 05:12:51 PM
I just hope that someone will just nuke the Whitehouse. Enough with this.
All doubt aside; they are reading this thread now!


Nah. NSA bitcointalk office knows bitcoiners would not waste their precious BTC buying an old USSR suitcase nuke on the black market.

https://www.youtube.com/watch?v=kR2IarjjmxE



Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Luno on March 22, 2014, 02:44:35 PM
are you surprised? I mean they do everything and i won't be surprised if every operation system send complete reports to NSA.

Always thought that the Suitcase Nuke's were a myth, thanks.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 22, 2014, 05:41:20 PM
are you surprised? I mean they do everything and i won't be surprised if every operation system send complete reports to NSA.

Always thought that the Suitcase Nuke's were a myth, thanks.

Well, since no one will admit, first, to build something as stupid a suitcase nuke, then, to be stupid enough to lose them in the wild is technically still a myth.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: AnonyMint on March 22, 2014, 06:48:30 PM
More security theater from Google Gmail:

http://technology.inquirer.net/35011/google-toughens-security-with-gmail-encryption

Don't forget the NSA has the SSL certificate companies in their backpocket, e.g. Verisign, etc..

HTTPS is worthless these days.

https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html

http://www.mail-archive.com/cryptography@metzdowd.com/msg12372.html

Bottom line is if you don't know the public key of the website from common knowledge shared by many other users of that web site, and enter it yourself into your browser (something which is never and probably can't be done today), then your communications are not immune to MITM attacks.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Swordsoffreedom on March 22, 2014, 07:35:26 PM
Magic the gathering! NSA, Mark Karpeles, everything is a blur  :o

Strangely enough I believe that the NSA will do anything to violate privacy in the name of security


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: predic on March 23, 2014, 04:33:54 PM
simple solution:
use computer in the library and not your home PC when you login to facebook, so, they can hack computer how much they want  :D


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 23, 2014, 04:44:23 PM
simple solution:
use computer in the library and not your home PC when you login to facebook, so, they can hack computer how much they want  :D

Solution:
Don't forget to cover the lens of that camera in that library and erase the recording with the time stamp when you logged in Facebook. Also the same rule applies to all the camera outside leading to that library. :D


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 25, 2014, 05:07:50 AM


When gov’t spies fake your company’s website, what can be done?
Intel agencies' techno-impersonations wouldn't be immune from trademark law.


A recent article by The Intercept showed how US and UK intelligence agencies have been impersonating the servers of companies like Facebook. In November, Der Spiegel noted that agencies created "bogus versions" of sites like Slashdot and LinkedIn to plant malware in targets' machines. "We are not happy that our intellectual property is being used in that way," LinkedIn's general counsel told Wired when asked about the techniques.

If whole-cloth copies of websites were used by competitors or scammers, they'd be—at a minimum—buried in lawsuits. But what, if anything, can companies do against government agencies about such impersonations? Turns out, there are avenues available to those who may be bold enough to use them.

"Passing off"

The best course of action for companies subject to impersonation by government snoops that utilized their graphical assets and logos would probably be through federal trademark law, as set forth in the Lanham Act. Unlike copyright infringement suits filed against the government, there are few procedural hurdles to filing a trademark suit, explained Jed Wakefield, an IP lawyer at Fenwick & West.

Copyright claims brought against the government must be filed in the US Court of Federal Claims, and the subject matter in question must have previously been registered with the Copyright Office—something companies don't typically do for their Web interfaces.

In contrast, under the Lanham Act, the government is expressly liable. The law clearly states, "As used in this paragraph, the term ‘any person’ includes the United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, or other persons acting for the United States and with the authorization and consent of the United States."

As a result, the creation of absolute replicas of a website or other graphical interface using a federally registered mark would violate basic trademark principles. "The Lanham Act prohibits using someone else’s source identifiers to deceive people," said Wakefield. "I don’t think anyone would believe that the government would be able to compete with a business by using its trademarks."

Even if something was merely added to an already existing company website, like a form to provide personal information that would route back to the government rather than the company, the government could be liable under a “passing off” tort theory under the Lanham Act. Under such a theory, an individual is prohibited from misrepresenting another’s goods or services as being his or her own. Hypothetically speaking, "If the NSA or a contractor did not replicate the mark but caused the services to change, there could be a passing off," explained Wakefield. "There have been cases where distributors alter the formula of a product in some way that would constitute passing off."

Wakefield explained that in most of these scenarios, the goal would be injunctive relief—that is, a court order getting the government to stop its behavior—rather than money damages.

Traditionally under trademark law, monetary damages are calculated as the profits gained by the infringer, which are presumed to be equal to the damages suffered by the trademark owner. This metric wouldn't be applicable in cases of government snooping, so the best available remedy in such a scenario would be for a court order that the government simply stop the practice.

Technology versus law

It's unlikely that any technology company would currently be willing to challenge the government's actions in court, but you never know. If revelations about corporate impersonation continue, companies might find such claims more desirable to litigate, if only to prevent the government from pulling off such conduct in the future.

Whether companies decide to pursue legal avenues or not, they would be wise to take technological precautions to prevent unnecessary snooping. While legal action can get political and public attention, there's little question that technological measures move faster.

For example, last year, Facebook activated HTTPS encryption, which Facebook spokesman Jay Nancarrow said should make malicious impersonation more difficult for snoops to circumvent in the future. Similarly, in 2010, Google made HTTPS encryption the default setting in Gmail, and last week it announced, "Gmail will always use an encrypted HTTPS connection when you check or send e-mail." In retrospect, Facebook and Google seem to have been behind the curve in failing to automatically activate HTTPS encryption for all users when they did. Using end-to-end encryption helps not only keep out government snoops, it protects against private phishing scams or other more straightforward security breaches.

http://arstechnica.com/tech-policy/2014/03/when-govt-spies-fake-your-companys-website-what-can-be-done/


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: skilo on March 26, 2014, 02:58:00 AM
I stopped using facebook about 3 years ago so i guess im not affected by this. :D


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: predic on March 26, 2014, 03:05:43 PM
we need one earthquake at NSA's headquarters in Ft. Meade, Md.,

but here is one nice news "no water=no nsa data center":
http://www.theverge.com/2013/12/6/5183060/anti-surveillance-activists-want-to-shut-off-the-water-to-the-nsas


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 26, 2014, 03:42:27 PM
I stopped using facebook about 3 years ago so i guess im not affected by this. :D

Hmm... Read the full title of the thread: (Not just Facebook)


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Swordsoffreedom on March 27, 2014, 07:51:10 AM
I stopped using facebook about 3 years ago so i guess im not affected by this. :D

Hmm... Read the full title of the thread: (Not just Facebook)

Wonder if internet technologies will just move beyond the sphere of government spying again in a few years namecoin Etherum projects heck even tor/onion routers on a larger scale as the protocols adapt


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: AnonyMint on March 29, 2014, 07:05:57 AM
http://www.youtube.com/watch?v=MGsalg2f9js#t=499

Quote from: Mark Suckerberg
Before most people were anonymous...


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Wilikon on March 30, 2014, 01:00:38 AM
http://www.youtube.com/watch?v=MGsalg2f9js#t=499

Quote from: Mark Suckerberg
Before most people were anonymous...

Voted Best NSA Spokesperson 2013


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: doriangray on March 30, 2014, 01:14:32 AM
If anything this is another piece of evidence that NSA's main targets are neither highly organized criminals or nor other kind of terrorists. Those would undoubtedly not use the same personal computer for something like facebook and their criminal activities.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Bit_Happy on March 30, 2014, 02:23:22 AM
Is NSA malware safer for me than blackhat hacker malware?


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: okaynow on March 30, 2014, 02:30:40 AM
Is NSA malware safer for me than blackhat hacker malware?
NSA malware is federally funded and internally checked and balanced.


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: Bit_Happy on March 30, 2014, 02:41:35 AM
Is NSA malware safer for me than blackhat hacker malware?
NSA malware is federally funded and internally checked and balanced.

That is true of the older type.
Now it's all black ops with no over-sight?


Title: Re: The NSA reportedly poses as Facebook to spread malware (Not just Facebook)
Post by: department on March 30, 2014, 08:31:58 AM
I stopped using facebook about 3 years ago so i guess im not affected by this. :D


They do read this forum, or a scraper is.

NSA employees are quite intelligent people, so they must have a highly sophisticated sense of humour. i would imagine that the "Bitcoin intel office" is the branch to be in, if you want to enjoy working for NSA.

They must be rolling around the floor laughing, short of breath, every hour of the day as they try to keep up with the massive amount of genuinely funny jokes on this forum.

As NSA also do industrial espionage, expect hearing Jimmy Fallon using your jokes on the tonight show too.