iftttwall

By now, thanks to Edward Snowden, it is common knowledge and not just conspiracy theory, that every bit of information sent out into the wired or wireless ether is scanned, probed, intercepted and ultimately recorded by the NSA and subsequently all such information is and can be used against any US citizen without a court of law (because the president’s pet secret NISA “court” is anything but). Sadly, in a country in which courtesy of peak social networking, exhibitionism has become an art form, the vast majority of Americans not only could not care less about Snowden’s sacrificial revelations, but in fact are delighted the at least someone, somewhere cares about that photo of last night’s dinner. However, it turns out that far from being a passive listener and recorder, the NSA is quite an active participant in using the internet. The weaponized internet.

Because as Wired reports, “The internet backbone — the infrastructure of networks upon which internet traffic travels — went from being a passive infrastructure for communication to an active weapon for attacks.” And the primary benefactor: the NSA – General Keith Alexander massive secret army – which has now been unleashed against enemies foreign, but mostly domestic.

Enter the QUANTUM program….

According to revelations about the QUANTUM program, the NSA can “shoot” (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, “It wasn’t us. And even if it was, you started it.”

 

If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgacom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own.

 

Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector.

… which is basically packet injection:

The QUANTUM codename is deliciously apt for a technique known as “packet injection,” which spoofs or forges packets to intercept them. The NSA’s wiretaps don’t even need to be silent; they just need to send a message that arrives at the target first. It works by examining requests and injecting a forged reply that appears to come from the real recipient so the victim acts on it.

 

The technology itself is actually pretty basic. And the same techniques that work on on a Wi-Fi network can work on a backbone wiretap. I personally coded up a packet-injector from scratch in a matter of hours five years ago, and it’s long been a staple of DefCon pranks.

Traditionally, packet injections has been used mostly for censorship purposes:

The most infamous use of packet injection prior to the Snowden leaks was censorship, where both internet service providers (ISPs) and the Great Firewall of China injected TCP reset packets (RST) to block undesired traffic. When a computer receives one of these injected RST packets, it closes the connection, believing that all communication is complete.

 

Although public disclosure forced ISPs to stop this behavior, China continues to censor with injected resets. It also injects the Domain Name System (DNS) — the system all computers use to turn names such as “www.facebook.com” into IP addresses — by inserting a fake reply whenever it sees a forbidden name. (It’s a process that has caused collateral damage by censoring non-Chinese internet traffic).

And user identification, especially in making Tor obsolete. That’s right: all users of Tor believing they hide behind the veil of anonymity – you aren’t.

User cookies, those inserted by both advertising networks and services, also serve as great identifiers for NSA targeting. Yet a web browser only reveals these cookies when communicating with such sites. A solution lies in the NSA’s QUANTUMCOOKIE attack, which they’ve utilized to de-anonymize Tor users.

 

A packet injector can reveal these cookies by replying to an unnoticed web fetch (such as a small image) with a HTTP 302 redirect pointing to the target site (such as Hotmail). The browser now thinks “hey, should really go visit Hotmail and ask it for this image”. In connecting to Hotmail, it reveals all non-secure cookies to the wiretap. This both identifies the user to the wiretap, and also allows the wiretap to use these cookies.

 

So for any webmail service that doesn’t require HTTPS encryption, QUANTUMCOOKIE also allows the wiretap to log in as the target and read the target’s mail. QUANTUMCOOKIE could also tag users, as the same redirection that extracts a cookie could also set or modify a cookie, enabling the NSA to actively track users of interest as they move across the network — although there is no indication yet that the NSA utilizes this technique.

But all of the above are largely passive interception and surveillance strategies. Where it gets interesting is when the NSA’s mission is…

User Attack

 

The NSA has a collection of FOXACID servers, designed to exploit visitors. Conceptually similar to Metasploit’s WebServer browser autopwn mode, these FOXACID servers probe any visiting browser for weaknesses to exploit.

 

All it takes is a single request from a victim passing a wiretap for exploitation to occur. Once the QUANTUM wiretap identifies the victim, it simply packet injects a 302 redirect to a FOXACID server. Now the victim’s browser starts talking to the FOXACID server, which quickly takes over the victim’s computer. The NSA calls this QUANTUMINSERT.

 

The NSA and GCHQ used this technique not only to target Tor users who read Inspire (reported to be an Al-Qaeda propaganda magazine in the English language) but also to gain a foothold within the Belgium telecommunication firm Belgacom, as a prelude to wiretapping Belgium phones.

 

One particular trick involved identifying the LinkedIn or Slashdot account of an intended target. Then when the QUANTUM system observed individuals visiting LinkedIn or Slashdot, it would examine the HTML returned to identify the user before shooting an exploit at the victim. Any page that identifies the users over HTTP would work equally well, as long as the NSA is willing to write a parser to extract user information from the contents of the page.

 

Other possible QUANTUM use cases include the following. These are speculative, as we have no evidence that the NSA, GCHQ, or others are utilizing these opportunities. Yet to security experts they are obvious extensions of the logic above.

 

HTTP cache poisoning.
Web browsers often cache critical scripts, such as the ubiquitous Google Analytics script ‘ga.js’. The packet injector can see a request for one of these scripts and instead respond with a malicious version, which will now run on numerous web pages. Since such scripts rarely change, the victim will continue to use the attacker’s script until either the server changes the original script or the browser clears its cache.

 

Zero-Exploit Exploitation. The FinFly “remote monitoring” hacking tool sold to governments includes exploit-free exploitation, where it modifies software downloads and updates to contain a copy of the FinFisher Spyware. Although Gamma International’s tool operates as a full man-in-the-middle, packet injection can reproduce the effect. The injector simply waits for the victim to attempt a file download, and replies with a 302 redirect to a new server. This new server fetches the original file, modifies it, and passes it on to the victim. When the victim runs the executable, they are now exploited — without the need for any actual exploits.

 

Mobile Phone Applications. Numerous Android and iOS applications fetch data through simple HTTP. In particular, the “Vulna” Android advertisement library was an easy target,  simply waiting for a request from the library and responding with an attack that can effectively completely control the victim’s phone. Although Google removed applications using this particular library, other advertisement libraries and applications can present similar vulnerabilities.

 

DNS-Derived Man-in-the-Middle. Some attacks, such as intercepting HTTPS traffic with a forged certificate, require a full man in the middle rather than a simple eavesdropper. Since every communication starts with a DNS request, and it is only a rare DNS resolver that cryptographically validates the reply with DNSSEC, a packet injector can simply see the DNS request and inject its own reply. This represents a capability upgrade, turning a man-on-the-side into a man-in-the-middle.

 

One possible use is to intercept HTTPS connections if the attacker has a certificate that the victim will accept, by simply redirecting the victim to the attacker’s server. Now the attacker’s server can complete the HTTPS connection. Another potential use involves intercepting and modifying email. The attacker simply packet-injects replies for the MX (Mailserver) entries corresponding to the target’s email. Now the target’s email will first pass through the attacker’s email server. This server could do more than just read the target’s incoming mail, it could also modify it to contain exploits.

 

Amplifying Reach. Large countries don’t need to worry about seeing an individual victim: odds are that a victim’s traffic will pass one wiretap in a short period of time. But smaller countries that wish to utilize the QUANTUMINSERT technique need to force victims traffic past their wiretaps. It’s simply a matter of buying the traffic: Simply ensure that local companies (such as the national airline) both advertise heavily and utilize in-country servers for hosting their ads. Then when a desired target views the advertisement, use packet injection to redirect them to the exploit server; just observe which IP a potential victim arrived from before deciding whether to attack. It’s like a watering hole attack where the attacker doesn’t need to corrupt the watering hole.

Can anything be done to prevent the NSA’s internet army from running over a world that spends the bulk of its time in its reaches? Not much:

The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary. Encryption doesn’t just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.

 

There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.

Alas, in the battle against the NSA, the biggest enemy is not the authoritarian state’s Super Big Brother, but apathy itself. It is that war that is by far the most important one, and which America has already lost.

via Zero Hedge http://feedproxy.google.com/~r/zerohedge/feed/~3/vaO-5hqZ-IU/story01.htm Tyler Durden

Submitted by Arthur Guschin via The Diplomat,

Within the last seven years 11 countries (Poland (2006), Russia (2008), Finland (2009), France (2009), Sweden (2010), Iceland (2011), Spain (2011), Denmark (2012), Singapore (2012), Canada (2012) and Japan (2013) have realized the need to appoint their own Arctic ambassadors. These ambassadors are used for analysis and situational assessments in the emerging “grand Arctic game,” with the ultimate aim of exploiting mineral resources and using the Arctic route for shipping cargo from Europe to Asia. In 2008, the U.S. Geological Survey released an assessment revealing that the Arctic accounts for about 13 percent of the world’s undiscovered oil, 30 percent of its undiscovered natural gas, and 20 percent of its undiscovered natural gas liquids. In other words, 90 billion barrels of oil, 1,669 trillion cubic feet of natural gas and 44 billion barrels of natural gas.

The potential commercial benefits of cargo transportation through the Arctic in comparison to the Suez Canal also seem appealing. In August and September 2009 two German heavy-lift vessels, MV Beluga Foresight and MV Beluga Fraternity carried a cargo of steel pipes from Arkhangelsk (Russia) to Nigeria using the Northern Sea Route. The new passage shortened the distance for 3000 nautical miles and reduced fuel consumption by 200 tons per vessel, resulting in savings of 600 000 U.S. dollars. A year later, the Hong Kong vessel MV Nordic Barents transported iron ore from Kirkenes (Norway) to Shanghai using the same route and cut expenses on $180,000. In 2012, 46 vessels carried more than 1.2 million tonnes of cargo through the Northern Sea Route, up 53 percent compared with 2011. In 2010, only four vessels used the route. Some researchers predict that 30 million tones of cargo will be shipped via the Northern Sea Route to 2020

China is the largest consumer and importer of energy resources in the world but its vast geographical distance from the Arctic limits Beijing’s opportunity – at least in contrast to Arctic Council members (Canada, Denmark, Finland, Iceland, Norway, Russia, Sweden and the U.S.) – to set the agenda and form a strategy for taking advantage of new Arctic opportunities. Nevertheless, China was the first Asian state to show interest and it has begun efforts to become a full member of the Arctic Council. Beijing argues that under the United Nations Convention on the Law of the Sea the Arctic Ocean is a shipping commons, and that climate change has negative consequences for Chinese food security, particularly with the flooding of its coastal regions.

In the meantime, China has stepped up Arctic and Antarctic research. Between 1985 and 2012, Beijing initiated five Arctic and 28 Antarctic expeditions. It has also built the state-owned Arctic Yellow River Station, and entered into an agreement with Finnish company Aker Arctic Technology to construct a second ice breaker by 2014, joining the MV Xu? Lóng that Beijing bought from Ukraine in 1993. Moreover, Chinese representatives take part in the Arctic Science Committee, Arctic Science Summit Week, Ny-Ålesund Science Managers Committee, and the International Polar Year project. However, “scientific” diplomacy alone will not seem to be helping China join the most influential and important Arctic organization ( the Arctic Council) as a permanent member state.

At present, China’s Arctic initiatives suggest that Beijing is eager to camouflage its true interests in the region with environmental monitoring, Arctic life protection and concerns about indigenous peoples. Beijing's rhetoric aims at defining the Arctic as an international zone where changes must make sense for all countries and climate change is a problem for the highest levels of diplomacy. Alongside France and Germany, China sees an oil spill in the Arctic similar to that which occurred in 2010 in the Gulf of Mexico would have disastrous outcomes for global security. So it is spending around $60 million annually on polar research, is building a China-Nordic Arctic Research Center in Shanghai, and plans to increase the research staff by a factor of five, to 1000.

At the same time, Beijing is dropping hints that China is not satisfied with the current balance of power in the Arctic region. The most striking issue in the polemic that represents Beijing's ambitions in the Arctic race is the identification of China as a “near-Arctic” state. This concept has already become ingrained in the lexicon of Chinese scientists who are responsible for Arctic research.

In fact, this approach looks rather prudent and far-sighted given the U.S. and Canadian obsession with Russian deeds in the region, such as its announcement of a new Arctic strategy, the presence of Russian air and naval assets in the frontier zone, and the planting of a Russian flag at the North Pole in 2007. Beijing has left it to Moscow to convey the image of dangerous neighbor, while it maintains the pattern of a peaceful state focused on neutral topics: sponsoring expeditions, conducting climate changing surveys, supporting the development of indigenous peoples, preserving local cultures, promoting sustainable development, campaigning against environment pollution, and promoting tourism.? By developing strong positions in these areas, China will not only be able to tap the knowledge of the international scientific community and put forth arguments to support the theory of climate change influence on China; it will also be able to collaborate with six organizations (Arctic Athabaskan Council; Aleut International Association; Gwich’in Council International; Inuit Circumpolar Council; Russian Association of Indigenous Peoples of the North; Saami Council) that represent indigenous peoples and have the status of permanent members of the Arctic Council. Thus, Beijing can lobby its interests in the Council not on a direct basis, but using a special channel that has already shown itself to be effective.

This scientific approach is a path for China to achieve its true goals in the Arctic, which lie in the economic realm. To start with, Beijing seeks a diversification of supply routes. The main route for China – the Strait of Malacca – is susceptible to piracy and terrorism. An Arctic Route would let China, first, reduce transportation expenses, second, diversify and secure its shipments, and third, diminish the risk of a U.S. Navy closure of the Strait in a conflict. Former chairman Hu Jintao was well aware of China’s supply vulnerabilities. According to Chinese analysts, by 2020 between 5 to 15 percent of Chin
ese foreign trade will be transported through the Northern Sea Route. Experts at the Norwegian transport company Tschudi Shipping Company estimate that the route from Kirkenes or Murmansk to Shanghai will reduce total sailing time by 16 days.

Meanwhile rising consumption is forcing Chinese companies to invest heavily in oil exploration and shipment, for example, from Africa and Brazil. Assumptions about Arctic natural resource deposits are thus attractive to Beijing. China National Petroleum Corporation became the third Rosneft partner (with Eni and Statoil) in the exploration of Zapadno-Prinovozemelsky (the Barents Sea), Yuzhno-Russky and Medynsko-Varandeysky structures (the Pechora Sea). It is evident that China will seek not only to get access to new oil fields but also to acquire modern drilling technology it currently lacks.

The second strategic resource for China is iron ore. Sinosteel and China Communication Corporation are already investors in the Isua project in Greeland, which will mine 15 million tonnes per year of iron ore pellets from 2015.

The third element in the Chinese economic strategy in the Arctic is a share of maritime resources, especially fish.?The U.S. National Oceanic and Atmospheric Administration has shown the region's potential in this regard. Access to fisheries is crucial for countries like Greenland and Iceland, which depend heavily on maritime resources for export earnings, and China has been very active in establishing bilateral economic contacts with these smaller members of the Arctic Council to ensure support for its permanent membership bid. These same tactics worked well in the Asia-Pacific, where China built strong investment relations with ASEAN members to help conclude a free trade agreement with ASEAN. In 2010, China provided Iceland with a $500 million-plus currency swap to support the struggling Iceland bank system. Also in 2010, Denmark signed deals with China worth $740 million in the areas of power, the green economy, agriculture and food security. In 2011, Denmark’s ambassador in China made a statement in support of a Chinese bid for permanent membership of the Arctic Council. The same position was expressed by the leaders of Greenland and Iceland. In January 2013, Swedish and even Norwegian (the spat of dissident Liu Xiaobo notwithstanding) representatives on the Arctic Council meeting in Tromsø declared a desire to start the process of discussing China's role in the Council.

In addition, China's financial aid to small countries will let Beijing participate in the Arctic infrastructure development that will be crucial for the year-round functioning of the Arctic Route. This encompasses port building, ship repair stations, transport hubs (for example, Ísafjörður in Iceland) and rescue centers.

Chinese international strategy in the Arctic will pursue solely pragmatic goals. Not only is economic prosperity as stake but also China's image as a potential global leader. While it talks up the impact of global warming on Chinese environment and food security, Beijing systematically and purposefully continues to encourage the economic dependence of small Artic states on China (such as the recent free trade agreement with Iceland) to earn support for a permanent member seat on the Arctic Council. Moreover, the high cost of projects to develop new oil infrastructure in the region force states to attract investors. This opens opportunities for China to develop influence and locks in future energy access. Next up, look for Beijing to begin negotiating route transit fees with Moscow.

via Zero Hedge http://feedproxy.google.com/~r/zerohedge/feed/~3/AmDjVurkz00/story01.htm Tyler Durden

We’ve previously noted that mass surveillance is killing American tech companies.

And Cisco just blamed its earnings slump on China’s disdain for NSA spying.

Security expert Bruce Schneier succinctly summed up the destruction of the American economy by the NSA’s surveillance yesterday:

Buy American doesn’t sell well anymore because it means give a copy to the NSA.

This is part of a bigger picture … the military-industrial complex (of which the NSA is a part) is killing the private sector economy. And see this.

Bonus:

World’s Most Dangerous Mission to Start In 3 Days

Removal of Fukushima Fuel Rods Hits a Bump … BEFORE It Even Starts

And if you need 2 seconds of comic relief:

Because … Dog

via Zero Hedge http://feedproxy.google.com/~r/zerohedge/feed/~3/wR-N97Iu50o/story01.htm George Washington

You know it’s bad when…

 

 

(h/t IBD via The Burning Platform)

via Zero Hedge http://feedproxy.google.com/~r/zerohedge/feed/~3/0Z3WmcYAXOU/story01.htm Tyler Durden

With the market ebullient at the prospect of more “miracles” from Yellen, we thought it worth dusting off the following brief clip discussing what it would mean to “end the Fed.” In order to answer this question, we examine countries throughout history that did not have an established central bank. So who performs the functions of a central bank in these countries? Professor White cites private institutions, including clearing house systems, banks, and financial companies, as the main actors in the monetary systems of countries without a central bank. Ultimately, he concludes that the Federal Reserve is not necessary. Evidence shows that nations can survive without a central bank. What the Federal Reserve does well can be done even better by private institutions, and the institution is capable of serious errors.

 

via Zero Hedge http://feedproxy.google.com/~r/zerohedge/feed/~3/tLg40fEgTrA/story01.htm Tyler Durden

Submitted by Lance Roberts of STA Wealth Management,

 

via Zero Hedge http://feedproxy.google.com/~r/zerohedge/feed/~3/iiQ1dtpR-N0/story01.htm Tyler Durden