Top secret NSA catalog reveals US government has been secretly back dooring equipment from US compan - Polidicks

[IMG]http://cdn1.spiegel.de/images/image-584188-breitwandaufmacher-ompq.jpg[/IMG] [QUOTE]When it comes to modern firewalls for corporate computer networks, the world's second largest network equipment manufacturer doesn't skimp on praising its own work. According to Juniper Networks' online PR copy, the company's products are "ideal" for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company's special computers is "unmatched" and their firewalls are the "best-in-class." Despite these assurances, though, there is one attacker none of these products can fend off -- the United States' National Security Agency. Specialists at the intelligence organization succeeded years ago in penetrating the company's digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell. [B]A 50-Page Catalog[/B] These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives -- from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA's specialists seem already to have gotten past them. This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000. In the case of Juniper, the name of this particular digital lock pick is "FEEDTROUGH." This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive "across reboots and software upgrades." In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH "has been deployed on many target platforms." [B]Master Carpenters[/B] The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet. Some of the equipment available is quite inexpensive. A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an "active GSM base station" -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million. The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on. This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access. Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies. Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are "remotely installable" -- in other words, over the Internet. Others require a direct attack on an end-user device -- an "interdiction," as it is known in NSA jargon -- in order to install malware or bugging equipment. There is no information in the documents seen by SPIEGEL to suggest that the companies whose products are mentioned in the catalog provided any support to the NSA or even had any knowledge of the intelligence solutions. "Cisco does not work with any government to modify our equipment, nor to implement any so-called security 'back doors' in our products," the company said in a statement. Contacted by SPIEGEL reporters, officials at Western Digital, Juniper Networks and Huawei also said they had no knowledge of any such modifications. Meanwhile, Dell officials said the company "respects and complies with the laws of all countries in which it operates." -- They have continued to develop their arsenal. Some pages in the 2008 catalog, for example, list new systems for which no tools yet exist. However, the authors promise they are already hard at work developing new tools and that they will be "pursued for a future release". [/QUOTE] [url]http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html[/url]

This is going to cause a fucking disaster some day.

Okay, NSA, seriously, if you don't stop we're gonna insist you change your name to something sinister with mandatory punctuation like P.O.I.S.O.N. or something, and the head of the agency will need to be bald, smoke a cigar, have a monocle, and pet a really pampered cat.

An ordering catalog? This just sounds too silly to be real.

[QUOTE=ROFLBURGER;43354913]An ordering catalog? This just sounds too silly to be real.[/QUOTE] It's like the people behind all this think its a fucking joke.

Isn't the NSA supposed to be helping? I know they weren't before, but they sound more like a malicious hacking organization than a government organization.

It's a bit hard to get my head around, but let me know if I've got this right: pretty much all mainstream antivirus and brand machines are essentially pre-configured on a base software level for the NSA to plug in and start listening?

What's with the random ominous dark red lights in the windows of that complex? Maybe they're Skynet.

[QUOTE=Maloof?;43354952]It's a bit hard to get my head around, but let me know if I've got this right: pretty much all mainstream antivirus and brand machines are essentially pre-configured on a base software level for the NSA to plug in and start listening?[/QUOTE] You know how all US phone carriers have to have wiretaps for law enforcement to listen in? And how presumably the NSA's gone ahead and installed more wiretaps themselves? I don't think I'm [B]too[/B] paranoid, in light of this article, of suggesting that you should basically not trust [B]anything[/B] you can't kill with your bare hands if you have something you desperately want to hide from the US federal government that they want to know. The average citizen doesn't have anything specifically to worry about [B]unless[/B] they become a person of interest. The problem is, in the event that you become a person of interest, you have a lot of problems and extremely steep odds against you, and in a surveillance state, the chances of random bits of daily life matching up in a computer as a reason to mark you as a person of interest climb with every new capability added. And that's why the 4th Amendment exists. It just doesn't cover us foreigners. On a more serious note, [URL="http://www.rcrwireless.com/article/20121008/networks/u-s-government-issues-warning-huawei/"]I believe this means Huawei is owed an apology.[/URL]

[QUOTE=code_gs;43354949]Isn't the NSA supposed to be helping? I know they weren't before, but they sound more like a malicious hacking organization than a government organization.[/QUOTE] NSA is a agency in the U.S associated with foreign relations, there basically to help keep the U.S in touch with other nations, they aren't a relief organization or anything like that.

[QUOTE=lolo;43355015]NSA is a agency in the U.S associated with foreign relations, there basically to help keep the U.S in touch with other nations, they aren't a relief organization or anything like that.[/QUOTE] If by "keep the US in touch with other nations" you mean to be the nerve center for the US government's intelligence-gathering operations. What else do you think the National Security Agency does?

Considering past information that's come out, I think it's more likely that that NSA is aware and abusing of flaws in the software/hardware/firewall vs. pressuring the companies to provide a backdoor (Although I'm sure that's happened) The problem with backdoors is that they're visible from inspection, if the software/hardware/firewall behaves differently to certain kinds of input the system will show that, you can't hide it.

It's ok guys, it stops the terrorists! How many terrorists has it stopped? That's classified, you ask too many questions.

[QUOTE=lolo;43355015]NSA is a agency in the U.S associated with foreign relations, there basically to help keep the U.S in touch with other nations, they aren't a relief organization or anything like that.[/QUOTE] Uh, pretty sure that's the state department.

It isn't happening, it already happened!

And people try to fucking tell me that the NSA isn't a bad thing in its current state.

Loads of companies do this. British Intel employees are warned against using Lenovo because they fear backdoors (from china). Again everyone jumps at NSA because they're the bad guy, the reality is many countries do this. Its not about security its about spying on other governments it has been done for years in some form or another. "yeah but that makes them super evil" No it just makes them spies. These tactics are needed in the more globalised environment, if you restricted all surveillance and monitoring to your own country your spy agency would be near blind. US wants to stay top dog. That means knowing about things before they are made public so counters can be produced and they are not "caught on their back foot". Be this military, socially or economically. Stop being naive.

[QUOTE=U.S.S.R;43354998]What's with the random ominous dark red lights in the windows of that complex? Maybe they're Skynet.[/QUOTE]The red lights on the roofs are for aircraft.

[QUOTE=Sgt Doom;43355352]The red lights on the roofs are for aircraft.[/QUOTE] I mean the clusters that are behind the glass windows of the building and below the rooftops. Not the big bright ones. Either way, looks ominous.

thats a long thread title if i've ever seen one [img]http://puu.sh/63oia.png[/img]

[QUOTE=U.S.S.R;43355476]I mean the clusters that are behind the glass windows of the building and below the rooftops. Not the big bright ones. Either way, looks ominous.[/QUOTE] Those are what those of us in the NSA-watchdog community call "reflections".

NSA is more like some of those black-ops Intelligence sectors in Sci-Fi games and books, fucking amazing.

So does this affect people outside of the US?

[QUOTE=fruxodaily;43355573]So does this affect people outside of the US?[/QUOTE] It kinda affects the entire world. USA news, to me and many others I know, is the only "foreign" (loose term) news that will be read as if it were local news, and to be taken with the same immediate importance. America has stuck it's nose into everything, so subsequently the US owes everybody the attention it so desperately seeked.

I want to see who's going to point & laugh at Richard Stallman for being nuts now.

Call me a conspiracy freak and all, but the NSA has got to have some serious dirt on someone in order to let them do all this.

[QUOTE=Tools;43355811]Call me a conspiracy freak and all, but the NSA has got to have some serious dirt on someone in order to let them do all this.[/QUOTE] It's their job to have dirt on [I]everybody[/I]. The best surveillance state money can buy.

[QUOTE=code_gs;43354949]Isn't the NSA supposed to be helping? I know they weren't before, but they sound more like a malicious hacking organization than a government organization.[/QUOTE] The NSA was Lulzsec all along. God dammit.

Nice, they have Cisco and Juniper covered, so that's pretty much 99.999% of the Internet.

I guess I was the only one rather impressed by the sheer capabilities of our technological/computer based hacking and securing capabilities after reading through the potential the NSA seems to have?