Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Soooo.... A hacking group of ex NSA employees hacks the NSA and offers to sell the information to the highest bidder, and other ex NSA staff state the information is 'the keys to the kingdom..


No.

The "ShadowBrokers" are almost certainly are Russain-directed. And they were able to create this hack because they got the opportunity to use the byproduct of that country's debriefing of Edward Snowden. The tools and documents in the ShadowBrokers release all bear timestamps and codewords dating from 2013 - the same time Snowden defected to Russia.

The tools and exploits in the ShadowBrokers hack all make use of deficiencies that have long since been closed. The NSA itself has changed procedures in the wake of Snowden's defection to close any potential loopholes in its own defenses and procedures.

This release is more about public relations than it is about espionage.
 
  • Like
Reactions: Agilis
and people ask Europeans why u don't like Ameriguns....

If anything, the UK was pushing some really draconian bull crap. Like outlawing *any* encryption, and forcing back doors in *everything*.

It was painfully obvious that whoever drempt up that 'legislation' was on drugs, or had no idea how a computer works. It was roundly ridiculed by almost every tech company on the planet. Oddly, I think some came out to support it, but not many (if any).

They literally wanted to have everyone drop their drawers on the internet. So who pay for the economic damages of that boneheaded swerve to fantasyland?
[doublepost=1471868670][/doublepost]
No.

The "ShadowBrokers" are almost certainly are Russain-directed. And they were able to create this hack because they got the opportunity to use the byproduct of that country's debriefing of Edward Snowden. The tools and documents in the ShadowBrokers release all bear timestamps and codewords dating from 2013 - the same time Snowden defected to Russia.

The tools and exploits in the ShadowBrokers hack all make use of deficiencies that have long since been closed. The NSA itself has changed procedures in the wake of Snowden's defection to close any potential loopholes in its own defenses and procedures.

This release is more about public relations than it is about espionage.

So is Snowden a real traitor now? Just asking. So many people lauded him, and Assange, as 'Heroes', and now they seem to be Russia's bitches... Were they all along? It's odd that Russia has become the world leader in attacks on America, especially in an election year. Damn, too coincidental...
 
So you read one story and that the basis of EU security / data protection.

Well based on laws and actual facts and not what the UK government wants to do, EU is ahead.

Hey after Brexit, it's cute you still claim UK is EU.... ;) Now the stupid government can have thier way
Ummmmm. The UK is still in the EU. We haven't triggered article 50 and started the process yet. You better do some more research before you comment.

On topic, seems like the window of opportunity for Governments to keep the doors open on communication has majorily got very small. I just hope the people keep ahead of Governments until Governments actually employ people who understand technology and actually come up with some sensible laws.
 
The NSA itself has been proven porous. The tools they spent a fortune developing are in the wild. it is clear such tools should not be actively created because they will go wild.

Just look what has happened with Stingrays. Sheesh.

It seems the entity the constitution was developed to protect us from, has developed a wide range of workarounds. :D

The government is itself malicious code.
 
Another possibility suggested by NSA whistleblower Edward Snowden is that the malware toolkit was stolen from a "staging server" or segregated network outside the walls of the NSA, where it was used for conducting attacks. Snowden has also pointed to Russia as the chief suspect behind the leak.

It's an interesting point. There may be NSA servers that are essentially unhackable, due to their isolation. But if the NSA actually tries to use any of its spyware, it has to expose it to an external network, making it vulnerable.

"Security through obscurity" is a real thing; but government servers have zero obscurity, since they are highly valued targets that are of the focus of the best hackers in the world.
 
  • Like
Reactions: Al'sDad
How stupid does the American government think that the American people are? Anyone with even the most basic understanding of computer/network security could understand that, once there is a backdoor/master to something, it will eventually become known beyond those that should have it. I suspect that the FBI, NSA, etc. don't care about that as they only want their stuff secret anyway. What amazed me was the number of corporate executives, celebrities, etc. that came out against Apple "for the sake of fighting terrorism" or "it is only access for the US government, which you can trust", etc.
 
And you know it wouldn't have lasted long, the government ordered back door. The first time someone 'big' had their iPhone hacked, they would be demanding a 'hardened' iPhone with no back door, or would be rushing to kill it somehow.

They only wanted the back door, apparently, because the script kiddies at the NSA couldn't figure out how to hack it. It's sloppy. Like having programs and apps that are over 200MB. It's sloppy coding, and lazy programmers. o_O

I would really not be convinced at all that the NSA couldn't have hacked that phone. But they probably came to the same conclusion as many people did, that it was very very unlikely that anything useful would be found on that phone, and giving away the secret that they could hack it for very little gain didn't seem to be a good idea.
 
Soooo.... A hacking group of ex NSA employees hacks the NSA and offers to sell the information to the highest bidder, and other ex NSA staff state the information is 'the keys to the kingdom'

No offence America but I SERIOUSLY suggest you vet your security agency staff better! I mean the Navy Seal guy who breached his NDA and Official Secret Serviced Act agreement, by writing about his part in killing Bin Laden has had to give up all his royalties, because the US government sued him over but the secrets he leaked are still out in the open. Surely he should have been jailed?

Perhaps your military and security agency personal believe when they sign NDAs and Official Secret Service Acts it's optional and not mandatory to follow??

America really isn't very good at keeping secrets it seems....

Reading comprehension. Written by "Equation Group" (NSA), stolen by "Shadow Brokers".
 
How stupid does the American government think that the American people are? Anyone with even the most basic understanding of computer/network security could understand that, once there is a backdoor/master to something, it will eventually become known beyond those that should have it. I suspect that the FBI, NSA, etc. don't care about that as they only want their stuff secret anyway. What amazed me was the number of corporate executives, celebrities, etc. that came out against Apple "for the sake of fighting terrorism" or "it is only access for the US government, which you can trust", etc.

I am sure there were people that honestly thought the FBI could be trusted with something like this. I didn't; mostly for reasons of incompetence. If the same thing happened again, Apple could make a much stronger argument. Not "it is dangerous to let anyone have these keys, because we say so", but "it is dangerous to let anyone have these keys, because even the NSA has been hacked".
 
So you read one story and that the basis of EU security / data protection.

Well based on laws and actual facts and not what the UK government wants to do, EU is ahead.

Hey after Brexit, it's cute you still claim UK is EU.... ;) Now the stupid government can have thier way

Well, article 50 hasn't been activated, and even after activation the UK is still a member of the EU for 2 years.
 
"Told ya so"... lol That's the reply Apple will give out.

I'm guessing Apple will stay relatively quiet on this story until the next clash with the FBI, then they can say "I told you so". In the mean time, it is up to privacy minded Americans to talk to our friends and co-workers to explain to them why Apple was right to push back on the FBI demand a few months ago to create a tool for them to hack "just this one phone, just this one time." The next time the FBI demands Apple create a tool for them (and there will be a next time) it would be nice if more of the general public were on Apple's side.
 
Ummmmm. The UK is still in the EU. We haven't triggered article 50 and started the process yet. You better do some more research before you comment.

On topic, seems like the window of opportunity for Governments to keep the doors open on communication has majorily got very small. I just hope the people keep ahead of Governments until Governments actually employ people who understand technology and actually come up with some sensible laws.

The point is, article 50 will be triggered, therefore claiming the EU is represented by the UK politicians is silly. As the UK politicians can push this stupid law change once they leave the EU . Given Brexit, one should not be using the UK as a representative of EU, unless one does not understand what brexit was about
 
On one hand... well duh.

On the other hand, will this stop the push to undermine encryption with super-special backdoors and access 'only the good guys will get in order to keep us safe!'...? Sadly, probably not. Because hubris.
 
  • Like
Reactions: dwaltwhit
Well, article 50 hasn't been activated, and even after activation the UK is still a member of the EU for 2 years.

Do you see the irony of what brexit is though, being a finger to the EU about forced laws.....to quote the UK as a representative of EU laws in a stupid law they wanted to introduce .....which EU laws probably held it back ....
 
OK, so no doubt most of us are in agreement that providing back doors for NSA is self-defeating and silly. The question is how we get the message through to Congress....

You could start by emailing your President, Senators, and Representatives, both local and federal.
 
Do you see the irony of what brexit is though, being a finger to the EU about forced laws.....to quote the UK as a representative of EU laws in a stupid law they wanted to introduce .....which EU laws probably held it back ....
If you're talking about the snooping charter (or Draft Communications Data Bill), the EU never even intervened when it was being discussed (ironically by the current PM who was home secretary). So even to talk about EU blocking that law and us getting out to allow it through is stupid. The initial laws drafted even were confirmed as compatible with EU law from the highest law makers in EU.

Stop being pedantic about UK and EU. We're still in it, EU laws still affect us and any new changes will have to be applied to UK law until the end of the article 50 process. Security is one of the areas that's not enforced EU wide as there's too many implications trying to tie it together under all EU states.
 
If you're talking about the snooping charter (or Draft Communications Data Bill), the EU never even intervened when it was being discussed (ironically by the current PM who was home secretary). So even to talk about EU blocking that law and us getting out to allow it through is stupid. The initial laws drafted even were confirmed as compatible with EU law from the highest law makers in EU.

Stop being pedantic about UK and EU. We're still in it, EU laws still affect us and any new changes will have to be applied to UK law until the end of the article 50 process. Security is one of the areas that's not enforced EU wide as there's too many implications trying to tie it together under all EU states.

Pedantic? We officially voted to leave, and are in limbo what that actually means, cause our politicians did not expect the result, so spare me we are in the EU....cause it's very temporary...

Mind you many did not understand what Brexit was....and still expected the benfits of being in the EU....
 
What? In the UK where the government wants to force tech companies to decrypt protected devices? Oh yeah, we take security and privacy very seriously. Same thing with the France.
Compared to what flies in other places, we still come out on top.
Also, pretty sure the UK has laws that can nullify such attempts to screw privacy laws in courts, but I'm no lawyer.
Oh and then there is all the other countries in Europe.

So you read one story and that the basis of EU security / data protection.

Well based on laws and actual facts and not what the UK government wants to do, EU is ahead.

Hey after Brexit, it's cute you still claim UK is EU.... ;) Now the stupid government can have thier way
Brexit has yet to actually happen. Right now the UK is still in the EU and likely will be for at least another 2 years.
Just saying.

Glassed Silver:mac
 
  • Like
Reactions: sudo1996
The link between the revelation that ShadowBrokers had apparently hacked some NSA cyber warfare tools; and Apple's refusal to provide backdoors to their devices is thin - to say the least.

This story is very complicated, and pretty much impossible to get confirmation from any of the likely actors. The NSA isn't talking. The "Equation Group" doesn't really exist - it's just a name given by Eugene Kaspersky to a theoretical team he believes may work for the NSA. The ShadowBrokers don't really want to sell their exploit for a million bitcoins. And despite the comically bad ransom note they included, they really aren't Koreans or Chinese.

If the files revealed by the shadowBrokers are indeed genuine, and indeed sourced from an NSA group, then they show how technically advanced the NSA has gotten. They can apparently remotely take control of a hard drive, and then create an invisible partition to contain its own files. This would therefore theoretically survive a total formatting and re-writing of the drive; and would simply lie in wait to be reactivated. The files also suggest that the NSA group was able to exploit both iOS and OSX file systems. The NSA didn't need Apple to give them a backdoor. They already had a key.

Emphasis on the word had. Because the files released by the ShadowBrokers all date from 2013; and it is all but certain that Apple and other companies have closed the vulnerabilities in their systems.
 
  • Like
Reactions: Agilis
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.