This is a very clever piece of work. It looks like innocuous error checking, but it’s really a back door. And it was slipped into the code outside the normal approval process, to avoid any possibility that the approval process would notice what was up.Me, I'm not so worried about stupid hackers. I lose sleep at night over really smart ones. They really are out to get you, and are very good at flying below the radar.
But the attempt didn’t work, because the Linux team was careful enough to notice that that this code was in the CVS repository without having gone through the normal approval process. Score one for Linux.
Could this have been an NSA attack? Maybe. But there were many others who had the skill and motivation to carry out this attack. Unless somebody confesses, or a smoking-gun document turns up, we’ll never know.
If I come across as paranoid, remember that I was professionally trained to be that way by the Finest Minds in the Free World.
HA! I read about this one the other day. Linux developers: Doing it right.
ReplyDeleteOoh... that's a T-Shirt!
ReplyDelete"Linux developers do it with a CMS."
They done good! :-)
ReplyDeleteNothing wrong with being paranoid - there are plenty of folks out there to get you. And speaking of paranoid . . . have a question.
ReplyDeleteAre any of your security friends wondering if the government is slipping something into your machine while you're signing up for Obamacare? It would seem like the perfect opportunity since the fast majority of folks will touch that site at one time or another.
Thoughts? Or am I just being overly paranoid?
The most they can do from a webpage standpoint is give you a tracking cookie and steal your info. Well, they already have your info. They don't need your bank account numbers or PIN (they have the former and don't need the latter) so there's nothing for them to gain. Having been watching the interwebs for the past several YEARS, they already know if you download illegal material or kiddy porn. They just can't get a warrant for it with it being fruit of the forbidden tree.
ReplyDeleteeiafinfo, that's tin foil hat talk. Of course, lately that just means that it's more than a little plausible.
ReplyDelete@tango
ReplyDeleteI have to strongly disagree with you there. They can also grab your MAC address and correlate it to your personal machine (very useful in other forms of tracking) and recall that TOR has been recently breached at least 2x by cookie usage.
So, yes they could use the exchange boards to keylog/ cookie/mac trace/ infect your machine. A few years ago I would have said it is not worth the effort for then to gather such data. I would have been wrong.
In the early 2k's I did a stint while switching from security to development as an engineer/ forensics tech for a high end PI firm in Dallas, TX. My motto eventually got adopted by the sales weasels: The question is not 'are you paranoid', it is 'are you paranoid enough'
But to what end? Tor is 50% compromised already. Just by the IP address alone, they know that it's you. Even with DHCP, if you don't think they've got the ability to get the exact 'who' of the other end of the line.... Sure they can get that, but I seriously doubt anything that can compromise the actual 'security' of the PC involved.
ReplyDeleteRemember, this website was cobbled together in a rush by the lowest bidder. This isn't NSA stuff and the NSA doesn't need it. The government is after your medical data anyway.
"You may think "Oh that could never happen... no-one would bother... isn't that kinda farfetched"... Ma'am, that's my job. I'm a professional paranoid, and I'm very good at it".
ReplyDeleteTo quote the movie Taken:
ReplyDeleteKim: Mom said your job made you paranoid.
Bryan: Well, my job made me aware.
There's a subtle difference.