an hour ago
Does it drive anyone else nuts when they throw in something related to the main article like this
"Security researchers also found that the threat actor attacked hotels, engineering companies, and law firms in Brazil, Burkina Faso, South Africa, Canada, Israel, France, Guatemala, Lithuania, Saudi Arabia, Taiwan, Thailand, and the United Kingdom."
but that isn't in the main article and they don't say where they got that information from?
5 hours ago
It used to be the US government worked to secure American communications. But between these backdoors and the NSA losing control of exploits thanks to the Shadow Brokers, they do more now to undermine American security than protect it.
5 hours ago
No, Intel agencies have always been too powerful and Truman saw it when disbanding the OSS (Office of strategic services) after WWII. Then, he begrudgingly created the CIA to compete in the cold war.
They've always undermined American security so they could have more information and power.
5 hours ago
> It used to be the US government worked to secure American communications.
When was this? As far as I remember (but I'm not that old to be honest), it seems to mostly been about the US government making sure the government has secure communications, while the rest get to fend for themselves.
21 minutes ago
I know there’s a mechanism for 3 letter agencies to get a warrant allowing them to break into insecure hardware owned by US citizens and companies, to patch said vulnerability.
The FBI did that recently[1]
[1] https://www.malwarebytes.com/blog/news/2024/02/fbi-removes-m...
4 hours ago
Fend for themselves, and if they don't cooperate with the wishes of the TLAs they get legal trouble nobody could possibly afford. And if you end up in the secret FISA courts, you basically can't get legal representation because it's secret, or ever really talk about it. Also there's no real oversight for this stuff because it's that secret.
3 hours ago
Both statements are simultaneously true.
The goal is to protect the physical and institutional USA (and equivalent for other countries' intel agencies); this requires making sure there's no successful conspiracies, from within or without, to destroy it; this requires all the things we here all agree are bad for digital security, including the security necessary to running e.g. electronic banking ledgers or votes.
I don't have any actual solutions here, that's just a description of the problem space as I understand it to be.
There's a bunch of US agencies sponsoring Tor, presumably to undermine hostile governments, even though there's also US agencies trying to subvert it.
5 hours ago
You misunderstood "American security" to mean "security of Americans" instead of the intended meaning "security of the American regime"
3 hours ago
you are not wrong, but this has always been the case, from the earliest times. Similar problems with the institution of the military. It calls for moving past the initial indignation, and engaging somehow.. otherwise you get the government you deserved, as they say.
4 hours ago
^ this guy is about to learn about the crypto wars.
2 hours ago
From the article: "if hackers gained access to service providers’ core routers, it would leave them in a powerful position to steal information..."
Sorry for the newbie question, but isn't most internet traffic end-to-end encrypted, these days? So what information would the hackers, or for that matter the "lawful intercept" system , have been able to steal? I do see how accessing routers would let intruders launch malwares, spoof other sites for phishing attacks, etc.
2 hours ago
On top of what you mentioned, they would have access to significant metadata, unencrypted traffic, and it is worth assuming that government agencies have the resources to acquire certificates and MITM high value information.
2 hours ago
Meta data of how many packets are going between two parties, when its going, and who else is getting the data at the same time. It is like the pizza traffic story at 10 pm.
6 hours ago
The article didn't say but I'm guessing the target could of been JSI Telecom. I knew some people that worked for JSI ~10 years ago and the US govt used their platform in a handful of organizations.
6 hours ago
Original WSJ story (unpaywalled): https://archive.is/RqwMQ
6 hours ago
Well, that's what happens when you deliberately compromise your own infrastructure with "lawful intercept" back doors.
6 hours ago
The CCP doesn't need the backdoor. The US intelligence agencies have to do the whole masquerade of freedom and liberty.
5 hours ago
Sounds like another government-approved leak to a compliant corporate media outlet by 'anonymous sources'. I don't know why the relevant government agencies don't just issue a press release unless they're unusually embarrassed by this apparent security failure. The other possibility is the story is no more true than all those 'anonymous source' leaks about Iraq's (nonexistent) chemical, biological and nuclear weapons programs from two decades ago.
If we're not going to accept Seymour Hersch's anonymously-sourced claim that the US Navy was involved in the destruction of the Nordstream pipelines, why accept this claim at face value either? For an example of reporting of a major hacking incident not reliant on anonymous government sources, see the OPM hack:
https://www.nytimes.com/2015/06/05/us/breach-in-a-federal-co...
Notably, the WSJ source report doesn't include any mention of reporters attempting to get official statements from the relevant US government agencies and being rebuffed. That smells like plausible deniability of the kind involved in the bogus Iraq WMD leaks.
4 hours ago
Tech imitates life. Hyenas specialized in chasing lions away from their prey.
2 hours ago
So maybe surveilling everything everywhere at all times has its downsides, TLAs?
3 hours ago
Happily, this kind of attack would not compromise secure communication with government mandated "secure intercept" technology, because of magic fairy dust reasons :-/
6 hours ago
Targeting wiretapping infrastructure may be a viable attack, but with how few details are available to the public, it's hard to estimate the impact. Just because a wiretapping platform was hacked doesn't mean any data was gathered, and if it really was, we don't know what kind of data.
Thanks to mobile networks, information can be anything from live internet traffic to live location information of cars and phones. However, I suspect if someone did a hack that juicy, carrier SOCs would've noticed immediately. This type of infrastructure isn't exactly hooked up to a public IP address somewhere.
5 hours ago
>However, I suspect if someone did a hack that juicy, carrier SOCs would've noticed immediately.
We're talking real deal nation-state actors targeting an industry where for the last few decades the only downside of being breached is having to say "oh oops, sorry" and maybe providing a year of credit monitoring. Security is something taken just seriously enough to avoid a ruling of negligence, but no more.
It is very optimistic to assume that carriers would immediately notice a breach by threat actors this sophisticated.
6 hours ago
> This type of infrastructure isn't exactly hooked up to a public IP address somewhere.
Without going into details, consider that sometimes they are, even with very large providers that you think should know better. Law enforcement’s got to get to them somehow.
And much of the documentation for these systems is publicly available. Search for your favorite enterprise company and for “lawful intercept”.
5 hours ago
I was going to comment basically this. Everything you could possibly want to know about how LI systems work is documented by the vendors online. It’s really just network interfaces that forward intercepted traffic to aggregators.
The thing about CSPs is their core business is edge routing. A majority of their core assets are going to be internet connected routers, and you’d actually be able to collect more data by owning some of those. The additional information you can get from LI (and the reason you often need a clearance to work on LI systems) is information about who law enforcement are running intercepts on.
Also, LI is just a regulatory cost centre for CSPs. It’s hilarious (or scary, depending on your perspective) how poorly those systems are maintained, and how often the break.
6 hours ago
> This type of infrastructure isn't exactly hooked up to a public IP address somewhere.
It's getting from point A to point B, and probably not via sneakernet. The details will make it more or less secure, but I'd be shocked if it's going through anything other than public internet pathways.
2 hours ago
They probably dont have a public ip but just spearfish a network engineer at these ISPs and you'll have access to the devices performing the legal intercept.
3 hours ago
I would just assume there's a cloud provider that handles all of the wiretapping services for both or all carriers. There's a single-point-of-failure for everything else nowadays anyway. Look at what happened with Crowdstrike, or Solarwinds, or any number of other big single-source providers. Nobody wants to maintain it in house, with predictable results.
2 hours ago
there is nothing like this. the closest thing to it is something called TTP (trusted third party), that works as intermediary between telco and law enforcement agencies. they perform wiretap order processing, setups actual wiretaps, collect/bundle and ship away to agencies wiretapped information. but there is a bunch of them and you (telco) don't have to use them
6 hours ago
> This type of infrastructure isn't exactly hooked up to a public IP address somewhere.
Snort.
6 hours ago
<< few details are available to the public, it's hard to estimate the impact.
Would it not be a good indicator that it may not be a great idea to begin with?
<< carrier SOCs would've noticed immediately.
I want to believe that. I do. But the longer I live in corporate, the more I think that we are experiencing a serious competency problem across the board.
an hour ago
ehh.. LI on routers has been (at least on one major vendor) designed to not be visible to end operators in the course of normal operation. there are ways to see it, but it involves either the actual LI mechanism or some esoteric debugs. And it probably wouldn't be obvious to SOCs if the implemented LI was legit or not.
So, the question of competence or otherwise may be mooted by virtue of simply not having proper visibility.
20 minutes ago
Fair point. I do not know enough in that area to argue further.