The NSA 0wnz popular firewalls and 'secure' email services

How do they call that again?
Oh yes, a Trojan Horse.

[09:37] 75sausage: did some major tectonic shift occur last night and we are actually in china right now?
[09:38] 99ways2die: Nahh, you see.....all this time....the country labels on the maps were mis-labeled
[09:38] 75sausage: doh!


There is an unlisted Port in Windows server and Windows XP that is address at the Kernal level. The NSA can burrow into your computer and keylog without you knowing. The reason why no one has found this is that they haven't looked hard enough at monitoring CPU cycles.. or should I say missing cycles. The trick is.. when you have been bugged.. you won't know it. If you have a webcam and mic on you PC you offer them video access of who is at your computer... 

How do I know this.. You don't have the need to know... You just need to know that no one is safe.

So lets say we /dont/ have /any/ firewall installed. Would the NSA still be able to see our stuff, or do they need the firewall there to act as a trojan of sorts for them?

the source has been updated. It appears that the original poster of this information is potentially a Martian.


There is an unlisted Port in Windows server and Windows XP that is address at the Kernal level. The NSA can burrow into your computer and keylog without you knowing. The reason why no one has found this is that they haven't looked hard enough at monitoring CPU cycles.. or should I say missing cycles. The trick is.. when you have been bugged.. you won't know it. If you have a webcam and mic on you PC you offer them video access of who is at your computer... 

How do I know this.. You don't have the need to know... You just need to know that no one is safe.

So does this mean that terrorist are going to start using Linux?

I don't trust software-based firewalls. Far too easy to subvert - and since all of them tend to be closed-source, who know what might be in there?

No, for me, NAT is definitely my friend.

Oliver.

Linux is looking better all of the time...

Well now we need some enterprising young lad to go forth and gather us a list of a few security programs from outside of NSA's sphere of influence... Any takers? I certainly would do it but I am here in the US and you know how keen our search engines are on handing information to the government!

Way to spread unsubstantiated FUD there. Even if it's true, the source is at best exceptionally unreliable here. Unless you have some more sources for this, I'd suggest keeping your tinfoil hat to yourself, or at least prefacing with a big "Conspiracy theory alert!' in the sub-subject.

I'm sure they share a genuine interest as to what forums I'm signed up for. Oh no! What if they find out? They... Cancelled my order for 100 square metres of tinfoil!

Guess its a good thing i use a hardware firewall instead eh? Muhahahaha

(As opposed to complete hogwash)

I tend to doubt this exists - not because it would be terribly difficult to write, but because it would be a nuclear hand-grenade. Essentially, you could write a backdoor in only a few hundred bytes (granted - assembly code) that would allow remote access to machines. 99+% of the code required is already in the operating system (network code, shell, crypto,...) and the rest is minute. The problem with this is twofold: 1) Many, if not most, commercial networks are protected by Intrusion Detection systems, anomaly detection software and other network sniffing/sensing devices. 2) Packet logging is often done on critical systems and/or systems which are undergoing debugging/troubleshooting. 

Regardless of what you're doing, the packet has to cross the wire. It's not magic. For IP networks, this means that it must be some form of IP packet -- TCP/UDP/GRE/ICMP/.... in order to be delivered. So - the packet is detectable and loggable. You have to get the packet to its destination so... it has to be hiding as something fairly normal/benign. 

The reason it's a nuclear hand-grenade is all they have to do is get caught _once_ by a systems person on the target network, then they hand the people running the target network a potential attack vector with devastating potential. The people running the target networks are, at least in theory extremely dangerous - otherwise it wouldn't make sense to risk using such a tool -- but the risks of using the tool are legion. Essentially, you can pull the pin and toss the grenade - but you can't get out of your own blast radius.

FWIW, I've taken computer security, and have _written_ shellcode. I've also worked as a systems administrator in finance. 

Mumble

Even on hardware routers/firewalls. Scanning for open ports and the like does nothing if you have port knocking or the like.

If you can't see the source expect it to be compromised...

in response to the nuclear handgrenade comment: isn't is possible that the backdoor is somehow encrypted?

-------------------
Those Bastards
So lets say we /dont/ have /any/ firewall installed. Would the NSA still be able to see our stuff, or do they need the firewall there to act as a trojan of sorts for them?
posted by : Tim B, 21 December 2007
------------------

No. It's worse if you do not use a firewall at all. If you use a firewall you are just minimazing the amount of exposure you have, and potentially the amount of succesful compromisation attempts. 

In other words it makes it technically more difficult to have your system compromised, and it makes their life more & more difficult. So imagine in a large scale world wide web users raising their defenses, it will make the agents' lives impossible.

And keep one more thing in mind, how many people have the technical backround in those agencies or fake coorporations, to succeed in compromising a better and better protected system? NOTHING BUT A FEW. 

Plus they are increasing their chances of getting caught out of the amount of processess they are repeatedly executing.

Now compare that with the amount of webusers there are out there in the world. They will never have the time to process all that information, plus that information is constantly changing to new values plus they will never be able to reach that instantability. Man, they are destined to loose.

As a temporary solution I wouldn't be using any of the major antivirus "solutions" such as AOL, Norton, Mc Afee, Microsoft, nor any of their firewalls. And I would be definetely not using Zone alarm free or Pro as my firewall. - I mean those fools consider themselves good and arrivingly worthwile, such as Bush or OBAMA, and they are "politely" arguing themselves insistingly, to openly handing them over our trust. As if they are not going to self-destruct. Politely say to them: Go to hell!

For windows systems I would be using a multilayered approach with a decent antivirus, a firewall: 1 hardware and 1 software, several antispyware scanners (being careful with the potentially conflicting features), decent registry monitors and registry guards, a trustworthy Host Intrusion Prevention System, a trustworthy Hosts file, hijackthis utilities and also, I would be removing any toolbar, especially search engine toolbars and indexing services, avoiding using instant messengers (if you do use, use with consent, and just be very carefull, cause at the time of logging in, you are being logged!), avoiding entering the internet with an administrator's account to cut out rights, avoiding using file sharing programs, or any potentially risking program, plus a few more stuff.

In that way if something leaks, you have more chances of having it observed by another application or inspecting it your self.

The rule is that you can never achieve an 100% leak proof system.

For as far as GNU/Linux os is concerned, have in mind that some of its distributions or else different designer packages, are backdoored. So, be wise with which one you choose, and again you will not be 100% bulletproof. But you will be much safer and with less holes than a windows based system, along with some protection applications ofcourse. 

Lastly you need to build safe computing practices.

For any serious security-aware knowledgeable IT-person much of this is cheap crap. I know and use wireshark (formerly known as ethereal).
Even if 'backdoor' traffic would go over the wire as encrypted or maybe even steganographically hidden data, it would be SOOO heavily obvious and suspicious that MicroSoft would lose entire systems sales over it, because I, and many others like me, would notice that.

Also, one needs to understand, hardware, and I mean ALL hardware, can be monitored from the outside. This also applies for the newest M step Intel CPUs. It is still quite easy to monitor their IO and therefore show and reveal any code that shouldn't be there. To this the same scheme applies: If it would leak, Intel would lose many zeroes in sales immediately after.

As long as the hiding strategy is made up by humans, smarter opposing humans will find it. Do you really think the billions behind what the MPAA and RIAA want have less functional and less effective results than those behind what the NSA wants and does? No way.
Compare it with cracking Bluray. Money can't not buy better methods. Alien powers could, but that's about the only option available to have things go undetected by a smart kid in the Ukraine..