Dec 31, 2013

New Leak Outlines How The NSA Hacks Your Computers

National Security Agency Seal
(Photo credit: DonkeyHotey)
An interesting report about one method the NSA's Tailored Access Operations (TAO) team hacks your computers using known vulnerabilities in the Internet as well as hardware and software.

Via AP:
Some of the attacks described by Der Spiegel exploit weaknesses in the architecture of the Internet to deliver malicious software to specific computers. Others take advantage of weaknesses in hardware or software distributed by some of the world's leading information technology companies, including Cisco Systems, Inc. and China's Huawei Technologies Ltd., the magazine reported.

Der Spiegel cited a 2008 mail order catalog-style list of vulnerabilities that NSA spies could exploit from companies such as Irvine, California-based Western Digital Corp. or Round Rock, Texas-based Dell Inc. The magazine said that suggested the agency was "compromising the technology and products of American companies."
That part is really not that shocking, as that is the typical way hackers gain administrator access to your computer. The shocking revelation is one way the NSA gains physical access to new hardware you purchase by intercepting your online computer equipment orders in transit to plant bugs or other spy equipment.
Old-fashioned methods get a mention too. Der Spiegel said that if the NSA tracked a target ordering a new computer or other electronic accessories, TAO could tap its allies in the FBI and the CIA, intercept the hardware in transit, and take it to a secret workshop where it could be discretely fitted with espionage software before being sent on its way.

Intercepting computer equipment in such a way is among the NSA's "most productive operations," and has helped harvest intelligence from around the world, one document cited by Der Spiegel stated.
The article also says that the NSA has the ability to spy on Microsoft crash reports.
One of the most striking reported revelations concerned the NSA's alleged ability to spy on Microsoft Corp.'s crash reports, familiar to many users of the Windows operating system as the dialogue box which pops up when a game freezes or a Word document dies. The reporting system is intended to help Microsoft engineers improve their products and fix bugs, but Der Spiegel said the NSA was also sifting through the reports to help spies break into machines running Windows. One NSA document cited by the magazine appeared to poke fun at Microsoft's expense, replacing the software giant's standard error report message with the words: "This information may be intercepted by a foreign sigint (signals intelligence) system to gather detailed information and better exploit your machine."
So the moral of the story might very well be as simple as purchasing your computer equipment locally, building your own computer and get rid of Microsoft Windows and switch to Linux!

What do you think about this? Let us know in the comments.
Enhanced by Zemanta

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam