0:00:00.380,0:00:05.670
Herald: Good morning to this last minute[br]edition to our “Fahrplan” today.
0:00:05.670,0:00:09.540
There will probably be time for a few[br]minutes of Q&A in the end, so you can
0:00:09.540,0:00:15.160
ask questions here or on IRC[br]and Twitter via our Signal Angels.
0:00:15.160,0:00:19.560
Please welcome Jake Appelbaum,[br]independent journalist,
0:00:19.560,0:00:23.510
for his talk[br]“To Protect And Infect Part 2”.
0:00:23.510,0:00:29.690
applause
0:00:29.690,0:00:35.840
Jacob: Okay. Alright. Thanks so much[br]for coming so early in the morning.
0:00:35.840,0:00:38.550
Or maybe not so early in the morning[br]for most of you apparently since
0:00:38.550,0:00:44.150
you’ve all been up for more than an hour.[br]But I’m gonna talk today a little bit
0:00:44.150,0:00:48.669
about some things that we’ve heard about[br]at the conference and I’m gonna talk a bit
0:00:48.669,0:00:52.740
about some things that you have not[br]probably ever heard about in your life and
0:00:52.740,0:00:55.680
are even worse than your worst nightmares.
0:00:55.680,0:01:00.200
So recently we heard a little bit about[br]some of the low-end corporate spying
0:01:00.200,0:01:04.900
that’s often billed as being sort of like[br]the hottest, most important stuff, so the
0:01:04.900,0:01:09.340
FinFisher, the HackingTeam, the VUPEN.[br]And sort of in that order it becomes
0:01:09.340,0:01:14.490
more sophisticated and more and more[br]tied in with the National Security Agency.
0:01:14.490,0:01:17.660
There are some Freedom of Information Act[br]requests that have gone out that actually
0:01:17.660,0:01:23.670
show VUPEN being an NSA contractor writing[br]exploits, that there are some ties there.
0:01:23.670,0:01:28.010
This sort of covers the… sort of…[br]the whole gamut, I believe,
0:01:28.010,0:01:31.650
which is that, you know you can buy these[br]like little pieces of forensics hardware.
0:01:31.650,0:01:35.240
And just as a sort of fun thing I bought[br]some of those and then I looked at
0:01:35.240,0:01:38.670
how they worked and I noticed that this[br]‘Mouse Jiggler’, you plug it in and
0:01:38.670,0:01:42.860
the idea is that it like keeps your screen[br]awake. So have any of you seen that
0:01:42.860,0:01:46.910
at all? It’s a piece of forensics hardware[br]so your screensaver doesn’t activate.
0:01:46.910,0:01:51.290
So I showed it to one of the systemd[br]developers, and now when you plug those
0:01:51.290,0:01:55.901
into a Linux box that runs systemd,[br]they automatically lock the screen
0:01:55.901,0:02:02.081
when it sees the USB ID.[br]applause
0:02:02.081,0:02:05.470
So when people talk about Free Software,[br]‘free as in freedom’, that’s part of
0:02:05.470,0:02:09.260
what they’re talking about. So there are[br]some other things which I’m not going
0:02:09.260,0:02:11.660
to really talk a lot about it because[br]basically this is all bullshit that
0:02:11.660,0:02:15.420
doesn’t really matter and we can defeat[br]all of that. This is individualized things
0:02:15.420,0:02:20.060
we can defend against. But I want[br]to talk a little bit about how it’s
0:02:20.060,0:02:23.960
not necessarily the case that because[br]they’re not the most fantastic, they’re
0:02:23.960,0:02:27.720
not the most sophisticated, that[br]therefore we shouldn’t worry about it.
0:02:27.720,0:02:31.320
This is Rafael. I met him when[br]I was in Oslo in Norway
0:02:31.320,0:02:36.449
for the Oslo Freedom Forum, and basically[br]he asked me to look at his computer
0:02:36.449,0:02:40.400
because he said, “You know, something[br]seems to be wrong with it. I think that
0:02:40.400,0:02:43.750
there’s something, you know,[br]slowing it down.” And I said:
0:02:43.750,0:02:46.260
“Well, I’m not going to find anything.[br]I don’t have any tools. We are just
0:02:46.260,0:02:49.580
going to like sit at the computer…”[br]And I looked at it, and it has to be
0:02:49.580,0:02:53.200
the lamest back door I’ve ever found. It[br]was basically a very small program that
0:02:53.200,0:02:56.980
would just run in a loop and take[br]screenshots. And it failed to upload
0:02:56.980,0:03:01.160
some of the screenshots, and so there were[br]8 GB of screenshots in his home directory.
0:03:01.160,0:03:04.570
laughter and applause[br]And I said, “I’m sorry to break it to you
0:03:04.570,0:03:09.440
but I think that you’ve been owned.[br]And… by a complete idiot.”
0:03:09.440,0:03:14.429
laughter[br]And he, he, yeah, he was,
0:03:14.429,0:03:17.829
he was really… actually, he felt really[br]violated and then he told me what he does,
0:03:17.829,0:03:21.080
which is he’s an investigative journalist[br]who works with top secret documents
0:03:21.080,0:03:25.680
all the time, with extreme, extreme[br]operational security to protect
0:03:25.680,0:03:30.820
his sources. But when it came to computing[br]J[ournalism] school failed him.
0:03:30.820,0:03:35.530
And as a result, he was compromised[br]pretty badly. He was not using
0:03:35.530,0:03:38.129
a specialized operating system like[br]Tails, which if you’re a journalist
0:03:38.129,0:03:40.910
and you’re not using Tails you should[br]probably be using Tails unless
0:03:40.910,0:03:44.410
you really know what you’re doing.[br]Apple did a pretty good job at
0:03:44.410,0:03:48.839
revoking this application, and it was, you[br]know, in theory it stopped, but there are
0:03:48.839,0:03:52.950
lots of samples from the same group[br]and this group that did this is tied to
0:03:52.950,0:03:57.670
a whole bunch of other attacks across[br]the world, actually, which is why
0:03:57.670,0:04:03.320
it’s connected up there with Operation[br]Hangover. The scary thing, though, is that
0:04:03.320,0:04:06.689
this summer, after we’d met, he was[br]actually arrested relating to some
0:04:06.689,0:04:11.238
of these things. And now, as[br]I understand it, he’s out, but,
0:04:11.238,0:04:14.690
you know, when you mess with a military[br]dictatorship it messes with you back.
0:04:14.690,0:04:18.900
So even though that’s one of the lamest[br]backdoors, his life is under threat.
0:04:18.900,0:04:23.519
So just simple things can cause serious,[br]serious harm to regular people that are
0:04:23.519,0:04:27.990
working for some kind of truth telling.[br]And that to me is really a big part
0:04:27.990,0:04:31.869
of my motivation for coming here to talk[br]about what I’m going to talk about next,
0:04:31.869,0:04:35.069
which is that for every person that we[br]learn about like Rafael, I think there are
0:04:35.069,0:04:39.530
lots of people we will never learn about,[br]and that’s, to me that’s very scary,
0:04:39.530,0:04:43.320
and I think we need to bring some[br]transparency, and that’s what we’re
0:04:43.320,0:04:47.130
going to talk about now. And I really want[br]to emphasize this point. Even though
0:04:47.130,0:04:50.839
they’re not technically impressive, they[br]are actually still harmful, and that,
0:04:50.839,0:04:55.410
that is really a key point to drive home.[br]I mean, some of the back doors that
0:04:55.410,0:04:59.849
I’ve seen are really not sophisticated,[br]they’re not really that interesting, and
0:04:59.849,0:05:03.640
in some cases they’re common off-the-shelf[br]purchases between businesses,
0:05:03.640,0:05:08.650
so it’s like business-to-business[br]exploitation software development.
0:05:08.650,0:05:13.490
I feel like that’s really kind of sad,[br]and I also think we can change this.
0:05:13.490,0:05:19.190
We can turn this around by exposing it.[br]So, what’s it all about, though?
0:05:19.190,0:05:24.219
Fundamentally it’s about control, baby,[br]and that is what we’re going to get into.
0:05:24.219,0:05:27.679
It’s not just about control of machines.[br]What happened with Rafael is about
0:05:27.679,0:05:31.520
control of people. And fundamentally[br]when we talk about things like internet
0:05:31.520,0:05:35.669
freedom and we talk about tactical[br]surveillance and strategic surveillance,
0:05:35.669,0:05:39.529
we’re talking about control of people[br]through the machinery that they use.
0:05:39.529,0:05:43.529
And this is a really, I think a really[br]kind of – you know I’m trying
0:05:43.529,0:05:46.979
to make you laugh a little bit because[br]what I’m going to show you today
0:05:46.979,0:05:53.219
is wrist-slitting depressing.[br]So. Part 2, or Act 2 of Part 2.
0:05:53.219,0:05:57.760
Basically the NSA, they want[br]to be able to spy on you, and
0:05:57.760,0:06:00.580
if they have 10 different options for[br]spying on you that you know about,
0:06:00.580,0:06:06.119
they have 13 ways of doing it and they[br]do all 13. So that’s a pretty scary thing,
0:06:06.119,0:06:11.329
and basically their goal is to have[br]total surveillance of everything that
0:06:11.329,0:06:15.339
they’re interested in. So there really[br]is no boundary to what they want to do.
0:06:15.339,0:06:19.020
There is only sometimes a boundary of[br]what they are funded to be able to do and
0:06:19.020,0:06:23.819
the amount of things they’re able to do at[br]scale. They seem to just do those things
0:06:23.819,0:06:27.199
without thinking too much about it. And[br]there are specific tactical things
0:06:27.199,0:06:30.690
where they have to target a group or an[br]individual, and those things seem limited
0:06:30.690,0:06:35.650
either by budgets or simply by their time.[br]And as we have released today
0:06:35.650,0:06:39.980
on Der Spiegel’s website, which it should[br]be live – I just checked, it should be live
0:06:39.980,0:06:44.350
for everyone here – we actually[br]show a whole bunch of details
0:06:44.350,0:06:49.780
about their budgets as well as the[br]individuals involved with the NSA
0:06:49.780,0:06:53.479
and the Tailored Access Operations group[br]in terms of numbers. So it should give you
0:06:53.479,0:06:58.889
a rough idea showing that there was a[br]small period of time in which the internet
0:06:58.889,0:07:02.589
was really free and we did not have people[br]from the U.S. military that were watching
0:07:02.589,0:07:07.029
over it and exploiting everyone on[br]it, and now we see every year
0:07:07.029,0:07:11.779
that the number of people who are hired to[br]break into people’s computers as part of
0:07:11.779,0:07:16.700
grand operations, those people are growing[br]day by day, actually. In every year
0:07:16.700,0:07:21.820
there are more and more people that are[br]allocated, and we see this growth. So
0:07:21.820,0:07:26.249
that’s the goal: non-attribution, and total[br]surveillance, and they want to do it
0:07:26.249,0:07:30.689
completely in the dark. The good[br]news is that they can’t. So,
0:07:30.689,0:07:34.849
now I’m going to show you a bit about it.[br]But first, before I show you any pictures,
0:07:34.849,0:07:38.989
I want to sort of give you the big picture[br]from the top down. So there is
0:07:38.989,0:07:43.249
a planetary strategic surveillance system,[br]and there – well, there are many of them
0:07:43.249,0:07:48.410
actually. Everything from I think[br]off-planetary surveillance gear, which is
0:07:48.410,0:07:51.749
probably the National Reconnaissance[br]Office and their satellite systems
0:07:51.749,0:07:54.669
for surveillance like the Keyhole[br]satellites – these are all things most,
0:07:54.669,0:07:58.389
for the most part we actually know about[br]these things. They’re on Wikipedia.
0:07:58.389,0:08:01.109
But I want to talk a little bit more about[br]the internet side of things because
0:08:01.109,0:08:04.639
I think that’s really fascinating. So[br]part of what we are releasing today
0:08:04.639,0:08:07.759
with ‘Der Spiegel’, or what has actually[br]been released – just to be clear
0:08:07.759,0:08:11.710
on the timeline, I’m not disclosing it[br]first, I’m working as an independent
0:08:11.710,0:08:15.340
journalist summarizing the work that we[br]have already released onto the internet
0:08:15.340,0:08:19.430
as part of a publication house that went[br]through a very large editorial process
0:08:19.430,0:08:23.710
in which we redacted all the names of[br]agents and information about those names,
0:08:23.710,0:08:26.159
including their phone numbers[br]and e-mail addresses.
0:08:26.159,0:08:29.019
applause
0:08:29.019,0:08:32.890
And I should say that I actually think[br]that the laws here are wrong,
0:08:32.890,0:08:36.810
because they are in favor of[br]an oppressor who is criminal.
0:08:36.810,0:08:41.160
So when we redact the names of people who[br]are engaged in criminal activity including
0:08:41.160,0:08:45.420
drone murder, we are actually not doing[br]the right thing, but I believe that
0:08:45.420,0:08:49.200
we should comply with the law in order[br]to continue to publish, and I think
0:08:49.200,0:08:55.740
that’s very important.[br]applause
0:08:55.740,0:09:00.030
We also redacted the names of[br]victims of NSA surveillance,
0:09:00.030,0:09:04.890
because we think that there’s a balance.[br]Unfortunately there is a serious problem
0:09:04.890,0:09:08.630
which is that the U.S. government asserts[br]that you don’t have standing to prove
0:09:08.630,0:09:12.270
that you’ve been surveilled unless[br]we release that kind of information,
0:09:12.270,0:09:15.040
but we don’t want to release that kind[br]of information in case it could be
0:09:15.040,0:09:18.680
a legitimate target, and we – I’m really[br]uncomfortable with that term, but let’s
0:09:18.680,0:09:22.280
say that there is a legitimate target, the[br]most legitimate target, and we didn’t want
0:09:22.280,0:09:25.900
to make that decision. But we[br]did also want to make sure
0:09:25.900,0:09:29.230
that we didn’t harm someone, but we[br]also wanted to show concrete examples.
0:09:29.230,0:09:32.470
So if you look at the ‘Spiegel’ stuff online,[br]we redacted the names even of those
0:09:32.470,0:09:36.490
who were victimized by the NSA’s[br]oppressive tactics, which I think
0:09:36.490,0:09:39.600
actually goes further than is necessary,[br]but I believe that it strikes
0:09:39.600,0:09:43.150
the right balance to ensure continued[br]publication and also to make sure
0:09:43.150,0:09:46.700
that people are not harmed and that[br]legitimate good things, however rare
0:09:46.700,0:09:52.090
they may be, they are also not harmed.[br]So if you’ve been targeted by the NSA
0:09:52.090,0:09:54.490
and you would have found out today[br]if we had taken a different decision,
0:09:54.490,0:09:59.190
I’m really sorry, but this is the thing[br]I think that keeps us alive,
0:09:59.190,0:10:02.200
so this is the choice that I think is the[br]right choice, and I think it’s also
0:10:02.200,0:10:06.310
the safest choice for everyone.[br]So that said, basically the NSA has
0:10:06.310,0:10:10.630
a giant dragnet surveillance system that[br]they call TURMOIL. TURMOIL is a passive
0:10:10.630,0:10:14.520
interception system. That passive[br]interception system essentially spans
0:10:14.520,0:10:17.980
the whole planet. Who here has heard[br]about the Merkel phone incident?
0:10:17.980,0:10:21.740
Some of you heard about Chancellor Merkel?[br]So we revealed that in ‘Der Spiegel’, and
0:10:21.740,0:10:25.770
what we found was that they tasked her[br]for surveillance. And I’ll talk a little bit
0:10:25.770,0:10:29.030
about that later. But basically the way[br]that this works is that they have this
0:10:29.030,0:10:34.020
huge passive set of sensors; and any data[br]that flows past it, they actually look at it.
0:10:34.020,0:10:37.880
So there was a time in the past where[br]surveillance meant looking at anything
0:10:37.880,0:10:43.010
at all. And now the NSA tries[br]to basically twist the words
0:10:43.010,0:10:46.780
of every person who speaks whatever[br]language they’re speaking in, and they
0:10:46.780,0:10:50.560
try to say that it’s only surveillance[br]if after they collect it and record it
0:10:50.560,0:10:55.500
to a database, and analyze it with[br]machines, only if – I think – an NSA agent
0:10:55.500,0:10:59.690
basically looks at it[br]personally and then clicks
0:10:59.690,0:11:03.750
“I have looked at this” do[br]they call it surveillance.
0:11:03.750,0:11:07.410
Fundamentally I really object to that[br]because if I ran a TURMOIL collection
0:11:07.410,0:11:10.220
system – that is passive signals[br]intelligence systems collecting data
0:11:10.220,0:11:14.120
from the whole planet, everywhere they[br]possibly can – I would go to prison
0:11:14.120,0:11:17.990
for the rest of my life.[br]That’s the balance, right?
0:11:17.990,0:11:21.520
Jefferson talks about this. He says, you[br]know, “That which the government[br]
0:11:21.520,0:11:25.160
is allowed to do but you are not, this is[br]a tyranny.” There are some exceptions
0:11:25.160,0:11:29.820
to that, but the CFAA in the United[br]States, the Computer Fraud and Abuse Act,
0:11:29.820,0:11:33.720
you know, it’s so draconian[br]for regular people,
0:11:33.720,0:11:38.260
and the NSA gets to do something like[br]intercepting 7 billion people all day long
0:11:38.260,0:11:42.820
with no problems, and the rest of us[br]are not even allowed to experiment
0:11:42.820,0:11:47.440
for improving the security of our own[br]lives without being put in prison
0:11:47.440,0:11:51.700
or under threat of serious indictment, and[br]that I think is a really important point.
0:11:51.700,0:11:55.730
So the TURMOIL system is a surveillance[br]system, and it is a dragnet surveillance
0:11:55.730,0:12:00.150
system that is a general warrant dragnet[br]surveillance if there ever was one.
0:12:00.150,0:12:04.030
And now we shot the British over this when[br]we started our revolution. We called them
0:12:04.030,0:12:06.970
“general writs of assistance.” These[br]were generalized warrants which
0:12:06.970,0:12:10.730
we considered to be a tyranny. And[br]TURMOIL is the digital version of a
0:12:10.730,0:12:15.410
general writ of assistance system. And[br]the general writ of assistance itself,
0:12:15.410,0:12:18.530
it’s not clear if it even exists, because[br]it’s not clear to me that a judge
0:12:18.530,0:12:21.910
would understand[br]anything that I just said.
0:12:21.910,0:12:27.310
applause
0:12:27.310,0:12:31.920
Okay, so now we’re gonna get scary.[br]So that’s just the passive stuff.
0:12:31.920,0:12:36.120
There exists another system that’s called[br]TURBINE, and we revealed about this system
0:12:36.120,0:12:41.040
in the ‘Spiegel’ publications[br]today as well. So if TURMOIL
0:12:41.040,0:12:47.210
is deep packet inspection, then[br]TURBINE is deep packet injection.
0:12:47.210,0:12:52.130
And it is the system that combined[br]together with a thing…
0:12:52.130,0:12:55.820
– with TURMOIL and TURBINE you can create[br]a platform which they have consolidated
0:12:55.820,0:13:01.900
which they call QFIRE. QFIRE is[br]essentially a way to programmatically
0:13:01.900,0:13:05.790
look at things that flow across the[br]internet that they see with TURMOIL
0:13:05.790,0:13:09.770
and then using TURBINE they’re able to[br]actually inject packets to try to do attacks,
0:13:09.770,0:13:13.720
and I’ll describe some of those attacks[br]in detail in a moment. But essentially
0:13:13.720,0:13:17.430
the interesting thing about QFIRE also[br]is that they have a thing that’s called
0:13:17.430,0:13:22.300
a diode. So if you have for[br]example a large number
0:13:22.300,0:13:24.670
of systems where you control them, you[br]might say: “Hey, what are you doing
0:13:24.670,0:13:27.590
on that backbone?”, “Hey, what’s going on[br]with these systems?” And they could say,
0:13:27.590,0:13:30.930
well, you know, we paid for access, we’re[br]doing this, it’s all legal, etcetera.
0:13:30.930,0:13:33.830
QFIRE has this really neat little detail[br]which is that they compromise
0:13:33.830,0:13:36.770
other people’s routers and then redirect[br]through them so that they can beat
0:13:36.770,0:13:40.160
the speed of light. And how[br]they do that is that they have
0:13:40.160,0:13:43.480
a passive sensor that’s nearby,[br]a thing that they can inject from.
0:13:43.480,0:13:47.649
And when they see that that thing sees[br]a selector that is interesting to them
0:13:47.649,0:13:51.689
or is doing a thing that they would like[br]to tamper with in some way, then they
0:13:51.689,0:13:55.350
take a packet, they encapsulate the[br]packet, they send it to the diode,
0:13:55.350,0:14:00.210
which might be your home router[br]potentially, and then that home router
0:14:00.210,0:14:05.410
decapsulates that packet and sends it out.[br]And because that is very close to you,
0:14:05.410,0:14:10.170
and let’s say you’re visiting Yahoo, then[br]the Yahoo packet will not beat you.
0:14:10.170,0:14:14.740
That is, they will not beat the NSA[br]or GCHQ. So it’s a race condition.
0:14:14.740,0:14:17.940
And so they basically are able to[br]control this whole system and then
0:14:17.940,0:14:23.250
to localize attacks in that[br]process. So that’s a pretty –
0:14:23.250,0:14:27.530
pretty scary stuff, actually. And while it[br]is a digital thing, I think it’s important
0:14:27.530,0:14:30.790
to understand that this is what Jefferson[br]talked about when he talked about tyranny.
0:14:30.790,0:14:34.300
This is turnkey tyranny, and it’s not that[br]it’s coming, it’s actually here. It’s just
0:14:34.300,0:14:38.210
merely the question about whether or not[br]they’ll use it in a way that we think is
0:14:38.210,0:14:42.480
a good way or not a good way. One[br]of the scariest parts about this is that
0:14:42.480,0:14:47.810
for this system or these sets of systems[br]to exist, we have been kept vulnerable.
0:14:47.810,0:14:51.500
So it is the case that if the Chinese,[br]if the Russians, if people here
0:14:51.500,0:14:55.980
wish to build this system, there’s nothing[br]that stops them. And in fact the NSA has
0:14:55.980,0:15:00.210
in a literal sense retarded the process[br]by which we would secure the internet
0:15:00.210,0:15:04.740
because it establishes a hegemony[br]of power, their power in secret,
0:15:04.740,0:15:08.760
to do these things. And in fact I’ve seen[br]evidence that shows that there are so many
0:15:08.760,0:15:12.320
compromises taking place between the[br]different Five Eyes signals intelligence
0:15:12.320,0:15:16.200
groups that they actually have lists that[br]explain, “If you see this back door
0:15:16.200,0:15:20.610
on the system, contact a friendly agency.[br]You’ve just recompromised the machine
0:15:20.610,0:15:24.760
of another person.” So[br]when we talk about this,
0:15:24.760,0:15:29.020
we have to consider that this is[br]designed for at-scale exploitation.
0:15:29.020,0:15:33.099
And as far as I can tell it’s being[br]used for at-scale exploitation.
0:15:33.099,0:15:38.541
Which is not really in my mind a[br]targeted particularized type of thing,
0:15:38.541,0:15:42.270
but rather it’s fishing operations.[br]It’s fishing expeditions. It’s
0:15:42.270,0:15:47.200
more like fishing crusades, if you will.[br]And in some cases, looking at the evidence
0:15:47.200,0:15:51.380
that seems to be what it is. Targeting[br]Muslims, I might add. Because that’s
0:15:51.380,0:15:54.800
what they’re interested in doing.[br]So that said, that’s the internet,
0:15:54.800,0:15:58.270
and we get all the way down to the bottom[br]and we get to the Close Access Operations
0:15:58.270,0:16:02.940
and Off-Net. Off-Net and Close Access[br]Operations are pretty scary things,
0:16:02.940,0:16:06.249
but basically this is what we would call a[br]black bag job. That’s where these guys,
0:16:06.249,0:16:10.260
they break into your house, they put[br]something in your computer and
0:16:10.260,0:16:13.350
they take other things out of your[br]computer. Here’s an example.
0:16:13.350,0:16:16.240
First top secret document[br]of the talk so far.
0:16:16.240,0:16:18.480
This is a Close Access Operations box.
0:16:18.480,0:16:22.470
It is basically car[br]metasploit for the NSA,
0:16:22.470,0:16:25.190
which is an interesting thing. But[br]basically they say that the attack is
0:16:25.190,0:16:30.140
undetectable, and it’s sadly[br]a laptop running free software.
0:16:30.140,0:16:34.890
It is injecting packets. And they say that[br]they can do this from as far away as
0:16:34.890,0:16:40.459
8 miles to inject packets, so presumably[br]using this they’re able to exploit
0:16:40.459,0:16:45.590
a kernel vulnerability of some kind,[br]parsing the wireless frames, and, yeah.
0:16:45.590,0:16:50.000
I’ve heard that they actually put this[br]hardware, from sources inside of the NSA
0:16:50.000,0:16:54.420
and inside of other[br]intelligence agencies, that
0:16:54.420,0:16:58.160
they actually put this type of hardware on[br]drones so that they fly them over areas
0:16:58.160,0:17:02.219
that they’re interested in and they[br]do mass exploitation of people.
0:17:02.219,0:17:05.579
Now, we don’t have a document[br]that substantiates that part, but
0:17:05.579,0:17:08.239
we do have this document that actually[br]claims that they’ve done it from up to
0:17:08.239,0:17:12.879
8 miles away. So that’s a really[br]interesting thing because it tells us
0:17:12.879,0:17:17.490
that they understand that common wireless[br]cards, probably running Microsoft Windows,
0:17:17.490,0:17:21.259
which is an American company, that they[br]know about vulnerabilities and they
0:17:21.259,0:17:25.369
keep them a secret to use them. This is[br]part of a constant theme of sabotaging
0:17:25.369,0:17:29.989
and undermining American companies and[br]American ingenuity. As an American,
0:17:29.989,0:17:33.419
while generally not a nationalist, I find[br]this disgusting, especially as someone
0:17:33.419,0:17:38.000
who writes free software and would[br]like my tax dollars to be spent
0:17:38.000,0:17:40.650
on improving these things. And when they[br]know about them I don’t want them
0:17:40.650,0:17:43.890
to keep them a secret because[br]all of us are vulnerable.
0:17:43.890,0:17:45.950
It’s a really scary thing.
0:17:45.950,0:17:52.270
applause
0:17:52.270,0:17:55.829
And it just so happens that at my house,[br]myself and many of my friends,
0:17:55.829,0:17:58.859
when we use wireless devices[br]– Andy knows what I’m talking about,
0:17:58.859,0:18:03.300
a few other people here –[br]all the time we have errors
0:18:03.300,0:18:07.950
in certain machines which are set up at[br]the house, in some cases as a honey pot
0:18:07.950,0:18:11.919
– thanks, guys – where kernel[br]panic after kernel panic,
0:18:11.919,0:18:15.659
exactly in the receive handler of the[br]Linux kernel where you would expect
0:18:15.659,0:18:19.619
this specific type of thing to take place.[br]So I think that if we talk about
0:18:19.619,0:18:23.369
the war coming home, we probably will[br]find that this is not just used in places
0:18:23.369,0:18:27.299
where there’s a literal war on but where[br]they decide that it would be useful,
0:18:27.299,0:18:31.730
including just parking outside your house.[br]Now I only have an hour today,
0:18:31.730,0:18:35.660
so I’m gonna have to go through some[br]other stuff pretty quickly. I want to make
0:18:35.660,0:18:40.679
a couple of points clear. This wasn’t[br]clear, even though it was written
0:18:40.679,0:18:46.280
in the New York Times by my dear friend[br]Laura Poitras, who is totally fantastic
0:18:46.280,0:18:51.520
by the way, and… you are great.[br]But 15 years of data retention –
0:18:51.520,0:18:55.769
applause
0:18:55.769,0:18:59.969
So the NSA has 15 years[br]of data retention.
0:18:59.969,0:19:03.649
It’s a really important point to[br]drive home. I joked with Laura
0:19:03.649,0:19:06.470
when she wrote the New York Times article[br]with James Risen, she should do the math
0:19:06.470,0:19:10.659
for other people and say “15 years”. She[br]said: “They can do the math on their own,
0:19:10.659,0:19:15.729
I believe in them”. I just wanna do the[br]math for you. 15 years, that’s scary!
0:19:15.729,0:19:19.559
I don’t ever remember voting on that,[br]I don’t ever remember even having
0:19:19.559,0:19:24.170
a public debate about it. And that[br]includes content as well as metadata.
0:19:24.170,0:19:30.090
So they use this metadata. They search[br]through this metadata retroactively.
0:19:30.090,0:19:33.599
They do what’s called ‘tasking’, that is,[br]they find a set of selectors – so that’s
0:19:33.599,0:19:38.090
a set of unique identifiers, e-mail[br]addresses, cookies, MAC addresses, IMEIs…
0:19:38.090,0:19:42.010
whatever is useful. Voice prints[br]potentially, depending on the system.
0:19:42.010,0:19:46.570
And then they basically[br]task those selectors
0:19:46.570,0:19:51.499
for specific activities. So that ties[br]together with some of the attacks
0:19:51.499,0:19:55.499
which I’ll talk about, but essentially[br]QUANTUMINSERTION and things that are
0:19:55.499,0:20:01.350
like QUANTUMINSERTION, they’re triggered[br]as part of the TURMOIL and TURBINE system
0:20:01.350,0:20:05.839
and the QFIRE system, and they’re all put[br]together so that they can automate
0:20:05.839,0:20:09.390
attacking people based on the plain[br]text traffic that transits the internet
0:20:09.390,0:20:13.299
or based on the source or[br]destination IP addresses.
0:20:13.299,0:20:16.270
This is a second top secret document.
0:20:16.270,0:20:21.310
This is an actual NSA lolcat
0:20:21.310,0:20:25.730
for the QUANTUMTHEORY program.
0:20:25.730,0:20:29.290
applause
0:20:29.290,0:20:33.150
You’ll notice it’s a black cat, hiding. Okay.
0:20:33.150,0:20:36.900
So there are a few people in the audience[br]that are still not terrified enough, and
0:20:36.900,0:20:40.270
there are a few people that as part[br]of their process for coping with
0:20:40.270,0:20:44.589
this horrible world that we have found[br]ourselves in, they will say the following:
0:20:44.589,0:20:48.259
“There’s no way they’ll ever find me. I’m[br]not interesting.” So I just want to dispel
0:20:48.259,0:20:52.879
that notion and show you a little bit[br]about how they do that. So we mentioned
0:20:52.879,0:20:56.899
TURMOIL, which is the dragnet surveillance,[br]and TURBINE, which is deep packet injection,
0:20:56.899,0:21:00.839
and QFIRE, where we tie it all together,[br]and this is an example of something which
0:21:00.839,0:21:03.839
I think actually demonstrates a crime but[br]I’m not sure, I’m not a lawyer, I’m
0:21:03.839,0:21:07.729
definitely not your lawyer, and I’m[br]certainly not the NSA’s lawyer.
0:21:07.729,0:21:11.511
But this is the MARINA system. This is[br]merely one of many systems where they
0:21:11.511,0:21:15.350
actually have full content as well as[br]metadata. Taken together, they do
0:21:15.350,0:21:19.160
contact chaining, where they find out you[br]guys are all in the same room with me
0:21:19.160,0:21:24.990
– which reminds me, let’s[br]see, I’ve got this phone…
0:21:24.990,0:21:31.040
Okay. That’s good. Let’s[br]turn that on. So now…
0:21:31.040,0:21:34.480
laughter[br]You’re welcome.
0:21:34.480,0:21:37.640
laughter[br]You have no idea!
0:21:37.640,0:21:40.379
laughter[br]But I just wanted to make sure that
0:21:40.379,0:21:44.069
if there was any question about whether[br]or not you are exempt from needing to do
0:21:44.069,0:21:47.689
something about this,[br]that that is dispelled.
0:21:47.689,0:21:53.489
applause
0:21:53.489,0:21:58.950
Okay? Cell phone’s on.[br]Great. So. Hey, guys!
0:21:58.950,0:22:02.760
laughter[br]So, the MARINA system is a
0:22:02.760,0:22:07.689
contact chaining system as well as a[br]system that has data, and in this case
0:22:07.689,0:22:12.849
what we see is in fact reverse contact[br]and forward contact graphing. So,
0:22:12.849,0:22:17.129
any lawyers in the audience? If there[br]are American citizens in this database,
0:22:17.129,0:22:21.140
is reverse targeting like this illegal?[br]Generally? Is it possible that that
0:22:21.140,0:22:26.420
could be considered illegal?[br]Someone from audience mumbling
0:22:26.420,0:22:29.330
Yeah, so, interesting. If it’s called[br]reverse contacts instead of
0:22:29.330,0:22:34.550
reverse targeting – yeah, exactly.[br]So, you’ll also notice the,
0:22:34.550,0:22:40.000
on the right-hand side, webcam photos.
0:22:40.000,0:22:43.779
So, just in case you’re wondering,[br]in this case this particular target,
0:22:43.779,0:22:47.480
I suppose that he did not or[br]she did not have a webcam.
0:22:47.480,0:22:50.400
Good for them. If not, you should follow[br]the EFF’s advice and you should put
0:22:50.400,0:22:54.460
a little sticker over your webcam. But[br]you’ll also note that they try to find
0:22:54.460,0:22:57.649
equivalent identifiers. So every time[br]there’s a linkable identifier that you
0:22:57.649,0:23:03.189
have on the internet, they try to put that[br]and tie it together and contact chain it,
0:23:03.189,0:23:08.090
and they try to show who you are among all[br]of these different potential identifiers –
0:23:08.090,0:23:11.189
if you have 5 e-mail addresses, they would[br]link them together – and then they try
0:23:11.189,0:23:14.300
to find out who all your friends are.[br]You’ll also note at the bottom here,
0:23:14.300,0:23:18.969
logins and passwords. So they’re[br]also doing dragnet surveillance
0:23:18.969,0:23:22.879
in which they extract – the feature set[br]extraction where they know semantically
0:23:22.879,0:23:26.459
what a login and a password is in a[br]particular protocol. And in this case
0:23:26.459,0:23:30.780
this guy is lucky, I suppose, and they[br]were not able to get passwords or webcam,
0:23:30.780,0:23:34.159
but you’ll note that they were able to get[br]his contacts and they were able to see
0:23:34.159,0:23:38.429
in fact 29, give or take,[br]received messages as well,
0:23:38.429,0:23:41.829
of which there are these things. Now in[br]this case we have redacted the e-mail
0:23:41.829,0:23:45.980
and instant messenger information,[br]but this is an example of how
0:23:45.980,0:23:49.720
laughs[br]you can’t hide from these things, and
0:23:49.720,0:23:54.400
thinking that they won’t find you[br]is a fallacy. So this is basically
0:23:54.400,0:23:59.219
the difference between taking one wire and[br]clipping onto it in a particularized
0:23:59.219,0:24:02.350
suspicious way where they’re really[br]interested, they have a particularized
0:24:02.350,0:24:05.609
suspicion, they think that someone is a[br]criminal, they think someone has taken
0:24:05.609,0:24:10.040
some serious steps that are illegal, and[br]instead what they do is they put all of us
0:24:10.040,0:24:14.220
under surveillance, record all of this[br]data that they possibly can, and then
0:24:14.220,0:24:17.829
they go looking through it. Now[br]in the case of Chancellor Merkel,
0:24:17.829,0:24:22.510
when we revealed NSRL 2002-388,[br]what we showed was that
0:24:22.510,0:24:26.369
they were spying on Merkel. And by their[br]own admission 3 hops away, that’s everyone
0:24:26.369,0:24:30.360
in the German Parliament[br]and everyone here.
0:24:30.360,0:24:35.930
So that’s pretty serious stuff. It also[br]happens that if you should be visiting
0:24:35.930,0:24:41.939
certain websites, especially if you’re[br]a Muslim, it is the case that you can be
0:24:41.939,0:24:47.059
attacked automatically by this system.[br]Right? So that would mean that
0:24:47.059,0:24:50.379
they would automatically start to break[br]into systems. That’s what they would call
0:24:50.379,0:24:55.430
‘untasked targeting’. Interesting idea[br]that they call that targeted surveillance.
0:24:55.430,0:24:58.669
To me that doesn’t really sound too[br]much like targeted surveillance unless
0:24:58.669,0:25:02.659
what you mean by carpet bombing, it – you[br]know, I mean it just – you know, like… it
0:25:02.659,0:25:07.780
just doesn’t… it doesn’t strike me right.[br]It’s not my real definition of ‘targeted’.
0:25:07.780,0:25:11.129
It’s not well defined. It’s not that a[br]judge has said, “Yes, this person is
0:25:11.129,0:25:14.579
clearly someone we should target.” Quite[br]the opposite. This is something where
0:25:14.579,0:25:19.460
some guy who has a system has decided to[br]deploy it and they do it however they like
0:25:19.460,0:25:22.539
whenever they would like. And while there[br]are some restrictions, it’s clear that
0:25:22.539,0:25:27.030
the details about these programs do not[br]trickle up. And even if they do, they
0:25:27.030,0:25:31.289
do not trickle up in a useful way. So[br]this is important, because members
0:25:31.289,0:25:36.049
of the U.S. Congress, they have no clue[br]about these things. Literally, in the case
0:25:36.049,0:25:42.599
of the technology. Ask a Congressman[br]about TCP/IP. Forget it.
0:25:42.599,0:25:46.559
You can’t even get a meeting with them.[br]I’ve tried. Doesn’t matter. Even if you
0:25:46.559,0:25:49.909
know the secret interpretation of Section[br]215 of the Patriot Act and you go
0:25:49.909,0:25:52.619
to Washington, D.C. and you meet with[br]their aides, they still won’t talk to you
0:25:52.619,0:25:56.000
about it. Part of that is because they[br]don’t have a clue, and another part of it
0:25:56.000,0:26:00.099
is because they can’t talk about it,[br]because they don’t have a political solution.
0:26:00.099,0:26:02.929
Absent a political solution, it’s very[br]difficult to get someone to admit that
0:26:02.929,0:26:06.370
there is a problem. Well, there is a[br]problem, so we’re going to create
0:26:06.370,0:26:09.649
a political problem and also talk[br]about some of the solutions.
0:26:09.649,0:26:12.589
The Cypherpunks generally have[br]come up with some of the solutions
0:26:12.589,0:26:16.610
when we talk about encrypting the entire[br]internet. That would end dragnet mass
0:26:16.610,0:26:20.719
surveillance in a sense, but it will[br]come back in a different sense
0:26:20.719,0:26:25.569
even with encryption. We need both[br]a marriage of a technical solution
0:26:25.569,0:26:30.580
and we need a political solution[br]to go with it, and if we don’t have
0:26:30.580,0:26:35.480
those 2 things, we will unfortunately be[br]stuck here. But at the moment the NSA,
0:26:35.480,0:26:40.489
basically, I feel, has more power than[br]anyone in the entire world – any one
0:26:40.489,0:26:44.800
agency or any one person. So Emperor[br]Alexander, the head of the NSA, really has
0:26:44.800,0:26:50.149
a lot of power. If they want to right now,[br]they’ll know that the IMEI of this phone
0:26:50.149,0:26:55.230
is interesting. It’s very warm, which is[br]another funny thing, and they would be
0:26:55.230,0:26:59.129
able to break into this phone almost[br]certainly and then turn on the microphone,
0:26:59.129,0:27:03.270
and all without a court.[br]So that to me is really scary.
0:27:03.270,0:27:06.889
And I especially dislike the fact that[br]if you were to be building these
0:27:06.889,0:27:10.550
types of things, they treat you as an[br]opponent, if you wish to be able to
0:27:10.550,0:27:14.000
fulfill the promises that you make to your[br]customers. And as someone who writes
0:27:14.000,0:27:18.159
security software[br]I think that’s bullshit.
0:27:18.159,0:27:22.179
So. Here’s how they do a bit of it.[br]So there are different programs.
0:27:22.179,0:27:25.860
So QUANTUMTHEORY, QUANTUMNATION,[br]QUANTUMBOT, QUANTUMCOPPER
0:27:25.860,0:27:29.389
and QUANTUMINSERT. You’ve heard of a few[br]of them. I’ll just go through them real quick.
0:27:29.389,0:27:33.449
QUANTUMTHEORY essentially has[br]a whole arsenal of zero-day exploits.
0:27:33.449,0:27:38.490
Then the system deploys what’s called[br]a SMOTH, or a seasoned moth.
0:27:38.490,0:27:43.540
And a seasoned moth is an[br]implant which dies after 30 days.
0:27:43.540,0:27:48.549
So I think that these guys either took a[br]lot of acid or read a lot of Philip K. Dick,
0:27:48.549,0:27:51.759
potentially both![br]applause
0:27:51.759,0:27:55.379
And they thought Philip K. Dick[br]wasn’t dystopian enough.
0:27:55.379,0:27:59.869
“Let’s get better at this”.[br]And after reading VALIS, I guess,
0:27:59.869,0:28:04.760
they went on, and they also have[br]as part of QUANTUMNATION
0:28:04.760,0:28:08.849
what’s called VALIDATOR or COMMONDEER.[br]Now these are first-stage payloads
0:28:08.849,0:28:13.940
that are done entirely in memory.[br]These exploits essentially are where they
0:28:13.940,0:28:18.279
look around to see if you have what are[br]called PSPs, and this is to see, like,
0:28:18.279,0:28:21.730
you know, if you have Tripwire, if you[br]have Aid, if you have some sort of
0:28:21.730,0:28:25.549
system tool that will detect if an[br]attacker is tampering with files or
0:28:25.549,0:28:28.659
something like this, like[br]a host intrusion detection system.
0:28:28.659,0:28:33.689
So VALIDATOR and COMMONDEER, which,[br]I mean, clearly the point of COMMONDEER,
0:28:33.689,0:28:36.659
while it’s misspelled here – it’s not[br]actually… I mean that’s the name
0:28:36.659,0:28:40.649
of the program… but the point is to make[br]a pun on commandeering your machine. So,
0:28:40.649,0:28:44.550
you know, when I think about the U.S.[br]Constitution in particular, we talk about
0:28:44.550,0:28:49.300
not allowing the quartering of[br]soldiers – and, gosh, you know?
0:28:49.300,0:28:53.629
Commandeering my computer sounds[br]a lot like a digital version of that, and
0:28:53.629,0:28:57.379
I find that’s a little bit confusing, and[br]mostly in that I don’t understand
0:28:57.379,0:29:01.219
how they get away with it. But part of it[br]is because until right now we didn’t know
0:29:01.219,0:29:05.679
about it, in public, which is why we’re[br]releasing this in the public interest,
0:29:05.679,0:29:09.400
so that we can have a better debate[br]about whether or not that counts, in fact,
0:29:09.400,0:29:14.189
as a part of this type of what I would[br]consider to be tyranny, or perhaps
0:29:14.189,0:29:18.719
you think it is a measured and reasonable[br]thing. I somehow doubt that. But
0:29:18.719,0:29:23.070
in any case, QUANTUMBOT is where[br]they hijack IRC bots, because why not?
0:29:23.070,0:29:26.490
They thought they would like to do[br]that, and an interesting point is that
0:29:26.490,0:29:31.320
they could in theory stop a lot[br]of these botnet attacks and
0:29:31.320,0:29:35.200
they have decided to maintain that[br]capability, but they’re not yet doing it
0:29:35.200,0:29:38.749
except when they feel like doing it for[br]experiments or when they do it to
0:29:38.749,0:29:42.699
potentially use them. It’s not clear[br]exactly how they use them. But
0:29:42.699,0:29:46.350
the mere fact of the matter is that that[br]suggests they’re even in fact able to do
0:29:46.350,0:29:49.850
these types of attacks, they’ve tested[br]these types of attacks against botnets.
0:29:49.850,0:29:53.879
And that’s the program you should FOIA[br]for. We’ve released a little bit of detail
0:29:53.879,0:29:57.890
about that today as well. And[br]QUANTUMCOPPER to me is really scary.
0:29:57.890,0:30:01.719
It’s essentially a thing that can[br]interfere with TCP/IP and it can do things
0:30:01.719,0:30:06.799
like corrupt file downloads. So if you[br]imagine the Great Firewall of China,
0:30:06.799,0:30:10.289
so-called – that’s for the whole planet.
0:30:10.289,0:30:14.319
So if the NSA wanted to tomorrow, they[br]could kill every anonymity system
0:30:14.319,0:30:20.259
that exists by just forcing everyone who[br]connects to an anonymity system to reset
0:30:20.259,0:30:24.750
just the same way that the Chinese do[br]right now in China with the Great Firewall
0:30:24.750,0:30:28.589
of China. So that’s like the NSA builds[br]the equivalent of the Great Firewall
0:30:28.589,0:30:33.999
of Earth. That’s, to me that’s[br]a really scary, heavy-handed thing,
0:30:33.999,0:30:39.080
and I’m sure they only use it for good.[br]clears throat
0:30:39.080,0:30:44.520
But, yeah. Back here in reality that to[br]me is a really scary thing, especially
0:30:44.520,0:30:48.610
because one of the ways that they are able[br]to have this capability, as I mentioned,
0:30:48.610,0:30:52.979
is these diodes. So what that suggests[br]is that they actually repurpose
0:30:52.979,0:30:56.260
other people’s machines in order to[br]reposition and to gain a capability
0:30:56.260,0:31:01.349
inside of an area where they actually[br]have no legitimacy inside of that area.
0:31:01.349,0:31:07.049
That to me suggests it is not only[br]heavy-handed, that they have probably some
0:31:07.049,0:31:12.289
tools to do that. You see where I’m going[br]with this. Well, QUANTUMINSERTION,
0:31:12.289,0:31:16.119
this is also an important point, because[br]this is what was used against Belgacom,
0:31:16.119,0:31:22.060
this is what’s used by a whole number of[br]unfortunately players in the game where
0:31:22.060,0:31:26.409
basically what they do is they inject[br]a packet. So you have a TCP connection,
0:31:26.409,0:31:30.169
Alice wants to talk to Bob, and for some[br]reason Alice and Bob have not heard
0:31:30.169,0:31:34.880
about TLS. Alice sends an HTTP[br]request to Bob. Bob is Yahoo.
0:31:34.880,0:31:40.799
NSA loves Yahoo. And basically they[br]inject a packet which will get to Alice
0:31:40.799,0:31:44.429
before Yahoo is able to respond, right?[br]And the thing is that if that was a
0:31:44.429,0:31:48.960
TLS connection, the man-on-the-side[br]attack would not succeed.
0:31:48.960,0:31:53.180
That’s really key. If they were using TLS,[br]the man-on-the-side attack could at best,
0:31:53.180,0:31:56.330
as far as we understand it at the moment,[br]they could tear down the TLS session but
0:31:56.330,0:31:59.659
they couldn’t actually actively inject.[br]So that’s a man-on-the-side attack.
0:31:59.659,0:32:05.349
We can end that attack with TLS.[br]When we deploy TLS everywhere
0:32:05.349,0:32:09.559
then we will end that kind of attack. So[br]there was a joke, you know, when you
0:32:09.559,0:32:12.820
download .mp3s, you ride with communism[br]– from the ’90s, some of you may
0:32:12.820,0:32:19.060
remember this. When you bareback with[br]the internet, you ride with the NSA.
0:32:19.060,0:32:24.450
applause
0:32:24.450,0:32:28.969
Or you’re getting a ride, going for[br]a ride. So the TAO infrastructure,
0:32:28.969,0:32:33.449
Tailored Access and Operations. Some[br]of the FOXACID URLs are public.
0:32:33.449,0:32:38.309
FOXACID is essentially like a watering[br]hole type of attack where you go to,
0:32:38.309,0:32:43.759
you go to a URL. QUANTUMINSERT[br]puts like an iframe or puts some code
0:32:43.759,0:32:46.729
in your web browser, which you then[br]execute, which then causes you to
0:32:46.729,0:32:50.569
load resources. One of the resources that[br]you load while you’re loading CNN.com,
0:32:50.569,0:32:55.180
for example, which is one of their[br]examples, they – you like that, by the way?
0:32:55.180,0:32:59.050
So, you know, that’s an extremist site. So[br]coughs
0:32:59.050,0:33:03.020
you might have heard about that. A lot of[br]Republicans in the United States read it.
0:33:03.020,0:33:08.130
So – right before they wage[br]illegal imperialist wars. So,
0:33:08.130,0:33:12.620
the point is that you go to a FOXACID[br]server and it basically does a survey
0:33:12.620,0:33:17.899
of your box and decides if it can break[br]into it or not, and then it does.
0:33:17.899,0:33:22.409
Yep, that’s basically it. And the FOXACID[br]URLs, a few of them are public.
0:33:22.409,0:33:27.139
Some of the details about that have been[br]made public, about how the structure
0:33:27.139,0:33:31.060
of the URLs are laid out and so on.[br]An important detail is that they pretend
0:33:31.060,0:33:34.340
that they’re Apache, but they actually[br]do a really bad job. So they’re
0:33:34.340,0:33:38.230
like Hacking Team, maybe it’s the same[br]guys, I doubt it though, the NSA wouldn’t
0:33:38.230,0:33:43.790
slum with scumbags like that, but…[br]Basically you can tell, you can find them,
0:33:43.790,0:33:47.610
because they aren’t really Apache servers.[br]They pretend to be, something else.
0:33:47.610,0:33:51.020
The other thing is that none of their[br]infrastructure is in the United States.
0:33:51.020,0:33:56.480
So, real quick anonymity question. You[br]have a set of things and you know that
0:33:56.480,0:34:01.919
a particular attacker never comes from one[br]place. Every country on the planet
0:34:01.919,0:34:06.439
potentially, but never one place. The[br]one place where most of the internet is.
0:34:06.439,0:34:10.050
What does that tell you in terms of[br]anonymity? It tells you usually that
0:34:10.050,0:34:14.960
they’re hiding something about that one[br]place. Maybe there’s a legal requirement
0:34:14.960,0:34:19.020
for this. It’s not clear to me. But what[br]is totally clear to me is that if you see
0:34:19.020,0:34:22.720
this type of infrastructure and it is not[br]in the United States, there is a chance,
0:34:22.720,0:34:28.289
especially today, that it’s the NSA’s[br]Tailored Access and Operations division.
0:34:28.289,0:34:34.490
And here’s an important point. When the[br]NSA can’t do it, they bring in GCHQ.
0:34:34.490,0:34:38.820
So, for example, for targeting certain[br]Gmail selectors, they can’t do it.
0:34:38.820,0:34:42.740
And in the documents we released today,[br]we show that they say: “If you have
0:34:42.740,0:34:46.800
a partner agreement form and you need to[br]target, there are some additional selectors
0:34:46.800,0:34:51.330
that become available should you[br]need them”. So when we have a limit
0:34:51.330,0:34:54.640
of an intelligence agency in the United[br]States, or here in Germany or
0:34:54.640,0:34:58.690
something like this, we have to recognize[br]that information is a currency
0:34:58.690,0:35:03.380
in an unregulated market. And these[br]guys, they trade that information, and
0:35:03.380,0:35:08.260
one of the ways they trade that is like[br]this. And they love Yahoo.
0:35:08.260,0:35:15.470
So, little breather?
0:35:15.470,0:35:18.630
It’s always good to make fun of[br]the GCHQ with Austin Powers!
0:35:18.630,0:35:22.200
laughter[br]Okay. Another classified document here.
0:35:22.200,0:35:27.310
That’s actual NSA OpenOffice or Powerpoint[br]clip art of their horrible headquarters
0:35:27.310,0:35:31.440
that you see in every news story, I can’t[br]wait to see a different photo of the NSA
0:35:31.440,0:35:38.470
someday. But you’ll notice right here they[br]explain how QUANTUM works. Now SSO is
0:35:38.470,0:35:43.200
a Special Source Operations site. So[br]you’ve seen U.S. embassies? Usually
0:35:43.200,0:35:46.430
the U.S. embassy has dielectric panels on[br]the roof, that’s what we showed in Berlin,
0:35:46.430,0:35:51.870
it was called “DAS NEST” on the cover[br]of ‘Der Spiegel’. That’s an SSO site.
0:35:51.870,0:35:55.900
So they see that this type of stuff is[br]taking place, they do an injection and
0:35:55.900,0:36:01.650
they try to beat the Yahoo packet back.[br]Now another interesting point is
0:36:01.650,0:36:07.820
that for the Yahoo packet to be beaten,[br]the NSA must impersonate Yahoo.
0:36:07.820,0:36:11.230
This is a really important detail because[br]what it tells us is that they are
0:36:11.230,0:36:16.300
essentially conscripting Yahoo and saying[br]that they are Yahoo. So they are
0:36:16.300,0:36:20.960
impersonating a U.S. company[br]to a U.S. company user
0:36:20.960,0:36:24.530
and they are not actually supposed[br]to be in this conversation at all.
0:36:24.530,0:36:29.140
And when they do it, then they of course[br]– basically if you’re using Yahoo,
0:36:29.140,0:36:32.620
you’re definitely going to get owned. So[br]– and I don’t just mean that in that
0:36:32.620,0:36:37.270
Yahoo is vulnerable, they are, but[br]I mean people that use Yahoo tend to
0:36:37.270,0:36:40.380
– maybe it’s a bad generalization,[br]but, you know – they’re not the most
0:36:40.380,0:36:43.150
security-conscious people on the planet,[br]they don’t keep their computers up to date,
0:36:43.150,0:36:47.220
I’m guessing, and that’s probably why[br]they love Yahoo so much. They also love
0:36:47.220,0:36:51.340
CNN.com, which is some other… I don’t know[br]what that says, it’s like a sociological
0:36:51.340,0:36:56.900
study of compromise. But that’s an[br]important detail. So the SSO site sniffs
0:36:56.900,0:36:59.820
and then they do some injection, they[br]redirect you to FOXACID. That’s for
0:36:59.820,0:37:04.261
web browser exploitation. They obviously[br]have other exploitation techniques.
0:37:04.261,0:37:08.930
Okay. So now. We all know[br]that cellphones are vulnerable.
0:37:08.930,0:37:13.530
Here’s an example. This is a base station
0:37:13.530,0:37:17.790
that the NSA has that, I think it’s the[br]first time ever anyone’s ever revealed
0:37:17.790,0:37:22.340
an NSA IMSI catcher. So, here it is.[br]Well, actually the second time, because
0:37:22.340,0:37:25.320
‘Der Spiegel’ did it this morning.[br]But you know what I mean.
0:37:25.320,0:37:30.300
applause
0:37:30.300,0:37:35.060
So they call it ‘Find, Fix and[br]Finish targeted handset users’.
0:37:35.060,0:37:38.940
Now it’s really important to understand[br]when they say “targeting” you would think
0:37:38.940,0:37:43.370
‘massive collection’, right? Because what[br]are they doing? They’re pretending to be
0:37:43.370,0:37:48.540
a base station. They want to overpower.[br]They want to basically be the phone
0:37:48.540,0:37:51.630
that you connect to… or the phone system[br]that you connect to. And that means
0:37:51.630,0:37:54.740
lots of people are going to connect[br]potentially. So it’s not just one
0:37:54.740,0:37:59.430
targeted user. So hopefully they have it[br]set up so that if you need to dial 911,
0:37:59.430,0:38:02.990
or here in Europe 112 – you know,[br]by the way, if you ever want to find
0:38:02.990,0:38:05.740
one of these things try to call different[br]emergency numbers and note which ones
0:38:05.740,0:38:09.960
route where. Just as a little detail.[br]Also note that sometimes if you go
0:38:09.960,0:38:14.420
to the Ecuadorian embassy you will receive[br]a welcome message from Uganda Telecom.
0:38:14.420,0:38:18.670
Because the British when they deployed[br]the IMSI catcher against Julian Assange
0:38:18.670,0:38:23.150
at the Ecuadorian embassy made the mistake[br]of not reconfiguring the spy gear they [had]
0:38:23.150,0:38:27.390
deployed in Uganda [before][br]when they deployed in London.[br]
0:38:27.390,0:38:33.330
applause
0:38:33.330,0:38:38.420
And this can be yours[br]for only US$ 175.800.
0:38:38.420,0:38:43.120
And this covers GSM and PCS and[br]DCS and a bunch of other stuff.
0:38:43.120,0:38:46.870
So basically if you use a cell phone[br]– forget it. It doesn’t matter
0:38:46.870,0:38:50.520
what you’re doing. The exception may[br]be Cryptophone and Redphone. In fact
0:38:50.520,0:38:54.660
I’d like to just give a shoutout to the[br]people who work on free software, and
0:38:54.660,0:38:57.640
software which is actually secure. Like[br]Moxie Marlinspike – I’m so sorry I mention
0:38:57.640,0:39:02.300
your name in my talk, but don’t worry,[br]your silence won’t protect you!
0:39:02.300,0:39:05.160
I think it’s really important to know[br]Moxie is one of the very few people
0:39:05.160,0:39:08.270
in the world who builds technologies that[br]is both free and open source, and
0:39:08.270,0:39:12.940
as far as I can tell he refuses to do[br]anything awful. No backdoors or anything.
0:39:12.940,0:39:18.170
And from what I can tell this proves[br]that we need things like that.
0:39:18.170,0:39:22.000
This is absolutely necessary because they[br]replace the infrastructure we connect to.
0:39:22.000,0:39:25.920
It’s like replacing the road that we would[br]walk on, and adding tons of spy gear.
0:39:25.920,0:39:30.250
And they do that too,[br]we’ll get to that. Okay.
0:39:30.250,0:39:33.601
So I’m gonna go a little quick through[br]these because I think it’s better that you
0:39:33.601,0:39:36.600
go online and you adjust. And I wanna[br]have a little bit of time for questions.
0:39:36.600,0:39:41.290
But basically here’s an example of how[br]even if you disable a thing the thing is
0:39:41.290,0:39:45.480
not really disabled. So if you have a WiFi[br]card in your computer the SOMBERKNAVE
0:39:45.480,0:39:51.080
program, which is another classified[br]document here, they basically repurpose
0:39:51.080,0:39:55.060
your WiFi gear. They say: “You’re not[br]using that WiFi card? We’re gonna scan
0:39:55.060,0:39:58.350
for WiFi nearby, we’re gonna exfiltrate[br]data by finding an open WiFi network
0:39:58.350,0:40:01.310
and we’re gonna jump on it”. So[br]they’re actually using other people’s
0:40:01.310,0:40:05.480
wireless networks in addition to having[br]this stuff in your computer. And this is
0:40:05.480,0:40:11.030
one of the ways they beat a so-called[br]air-gapped target computer.
0:40:11.030,0:40:14.400
Okay, so here’s some of the software[br]implants. Now we’re gonna name a bunch
0:40:14.400,0:40:18.800
of companies because – fuck those guys[br]basically, for collaborating when they do,
0:40:18.800,0:40:22.540
and fuck them for leaving us[br]vulnerable when they do.
0:40:22.540,0:40:26.030
applause
0:40:26.030,0:40:29.930
And I mean that in the most loving way[br]because some of them are victims, actually.
0:40:29.930,0:40:33.400
It’s important to note that we don’t[br]yet understand which is which.
0:40:33.400,0:40:36.930
So it’s important to name them, so that[br]they have to go on record, and so that
0:40:36.930,0:40:40.310
they can say where they are, and so[br]that they can give us enough rope
0:40:40.310,0:40:44.370
to hang themselves. I really want that to[br]happen because I think it’s important
0:40:44.370,0:40:47.820
to find out who collaborated and who[br]didn’t collaborate. In order to have truth
0:40:47.820,0:40:51.840
and reconciliation we need to start with[br]a little of truth. So STUCCOMONTANA
0:40:51.840,0:40:55.660
is basically BadBIOS if you guys have[br]heard about that. I feel very bad
0:40:55.660,0:40:59.070
for Dragos, he doesn’t really talk to me[br]right now. I think he might be kinda mad.
0:40:59.070,0:41:04.880
But after I was detained – by the[br]US Army on US soil, I might add –
0:41:04.880,0:41:08.490
they took a phone from me. Now it[br]shouldn’t matter but it did. They also
0:41:08.490,0:41:11.420
I think went after all my phone records so[br]they didn’t need to take the phone. But
0:41:11.420,0:41:14.170
for good measure, they just wanted[br]to try to intimidate me which is exactly
0:41:14.170,0:41:19.710
the wrong thing to do to me. But as he[br]told the story after that happened
0:41:19.710,0:41:23.180
all of his computers including his Xbox[br]were compromised. And he says
0:41:23.180,0:41:27.870
even to this day that some of those things[br]persist. And he talks about the BIOS.
0:41:27.870,0:41:32.990
Here’s a document that shows clearly[br]that they actually re-flash the BIOS
0:41:32.990,0:41:37.410
and they also have other techniques[br]including System Management Mode
0:41:37.410,0:41:42.260
related rootkits and that they have[br]persistence inside of the BIOS.
0:41:42.260,0:41:46.380
It’s an incredibly important point. This[br]is evidence that the thing that Dragos
0:41:46.380,0:41:50.150
talked about, maybe he doesn’t[br]have it, but it really does exist.
0:41:50.150,0:41:54.990
Now the question is how would he find it?[br]We don’t have the forensics tools yet.
0:41:54.990,0:41:58.420
We don’t really have the capabilities[br]widely deployed in the community
0:41:58.420,0:42:02.230
to be able to know that, and to be[br]able to find it. Here’s another one.
0:42:02.230,0:42:06.740
This one’s called SWAP. In this case it[br]replaces the Host Protected Area
0:42:06.740,0:42:11.580
of the hard drive, and you can see a[br]little graph where there’s target systems,
0:42:11.580,0:42:14.860
you see the internet, Interactive OPS, so[br]they’ve got like a guy who is hacking you
0:42:14.860,0:42:19.350
in real time, the People’s[br]Liberation Army… uh, NSA! And…
0:42:19.350,0:42:22.370
laughter[br]And you can see all of these different
0:42:22.370,0:42:25.190
things about it. Each one of these things,[br]including SNEAKERNET, these are
0:42:25.190,0:42:29.520
different programs, most of which we[br]revealed today in ‘Der Spiegel’.
0:42:29.520,0:42:32.880
But you’ll notice that it’s Windows,[br]Linux, FreeBSD and Solaris.
0:42:32.880,0:42:38.250
How many Al Qaeda people[br]use Solaris, do you suppose?
0:42:38.250,0:42:42.390
This tells you a really important point.[br]They are interested in compromising
0:42:42.390,0:42:46.960
the infrastructure of systems,[br]not just individual people.
0:42:46.960,0:42:50.460
They want to take control and[br]literally colonize those systems
0:42:50.460,0:42:55.490
with these implants. And that’s not part[br]of the discussion. People are not talking
0:42:55.490,0:42:59.880
about that because they don’t know about[br]that yet. But they should. Because
0:42:59.880,0:43:03.500
in addition to the fact that Sun is a U.S.[br]company which they are building
0:43:03.500,0:43:07.710
capabilities against – that to me, really,[br]it really bothers me; I can’t tell you
0:43:07.710,0:43:10.700
how much that bothers me – we also[br]see that they’re attacking Microsoft,
0:43:10.700,0:43:13.670
another U.S. company, and Linux and[br]FreeBSD, where there are a lot of people
0:43:13.670,0:43:15.900
that are building it from all around the[br]world. So they’re attacking not only
0:43:15.900,0:43:19.260
collective efforts and corporate[br]efforts, but basically every option
0:43:19.260,0:43:24.660
you possibly can, from end users[br]down to telecom core things.
0:43:24.660,0:43:28.830
Here’s another one, DEITYBOUNCE.[br]This is for Dell,
0:43:28.830,0:43:33.840
so Dell PowerEdge 1850,[br]2850, 1950, 2950…
0:43:33.840,0:43:37.910
RAID servers using any of the[br]following BIOS versions. Right?
0:43:37.910,0:43:41.950
So just in case you’re wondering, hey[br]Dell, why is that? Curious about that.
0:43:41.950,0:43:45.810
Love to hear your statements about it.[br]So if you write YARA sigs [signatures]
0:43:45.810,0:43:49.930
and you’re interested in looking[br]for NSA malware, look for things
0:43:49.930,0:43:55.080
that use RC6, so look for the constants[br]that you might find in RC6.
0:43:55.080,0:43:59.650
And when they run, if they emit UDP[br]traffic – we’ve actually seen a sample
0:43:59.650,0:44:03.620
of this but we were not able[br]to capture it, sadly, but
0:44:03.620,0:44:07.750
emitting UDP traffic that is encrypted.[br]You know, people that I’ve worked with
0:44:07.750,0:44:10.830
on things related to this, they’ve even,[br]they’ve had their house black bagged.
0:44:10.830,0:44:13.640
They’ve had pretty bad stuff happen[br]to them. That’s their story to tell.
0:44:13.640,0:44:19.170
But one of the interesting details is[br]that after those events occurred,
0:44:19.170,0:44:23.630
these types of things were seen. Ben[br]has a really bad idea for those guys,
0:44:23.630,0:44:27.310
I might add, because I wouldn’t have put[br]this slide in if that had not occurred.
0:44:27.310,0:44:29.880
But if you want to look for it, you’ll[br]find it. I know some people that have
0:44:29.880,0:44:33.860
looked with YARA sigs and they have[br]in fact found things related to this,
0:44:33.860,0:44:37.000
so I suspect a lot of malware researchers[br]in the near future are going to have
0:44:37.000,0:44:40.970
a lot of stuff to say about this[br]particular slide. I’ll leave that to them.
0:44:40.970,0:44:44.910
I think it’s very important to go looking[br]for these things, especially to find out
0:44:44.910,0:44:49.850
who is victimized by them. Here’s an[br]iPhone back door.
0:44:49.850,0:44:56.330
So DROPOUTJEEP, so[br]you can see it right there.
0:44:56.330,0:45:01.420
So, SMS, contact list retrieval,[br]voicemail, hot microphone,
0:45:01.420,0:45:06.850
camera capture, cell tower location. Cool.[br]Do you think Apple helped them with that?
0:45:06.850,0:45:10.140
I don’t know. I hope Apple will clarify[br]that. I think it’s really important
0:45:10.140,0:45:14.070
that Apple doesn’t. Here’s[br]a problem. I don’t really believe
0:45:14.070,0:45:18.290
that Apple didn’t help them. I can’t[br]prove it yet, but they literally claim
0:45:18.290,0:45:24.420
that any time they target an iOS device,[br]that it will succeed for implantation.
0:45:24.420,0:45:28.620
Either they have a huge collection of[br]exploits that work against Apple products,
0:45:28.620,0:45:31.730
meaning that they are hoarding[br]information about critical systems that
0:45:31.730,0:45:35.430
American companies produce[br]and sabotaging them,
0:45:35.430,0:45:40.080
or Apple sabotaged it themselves.[br]Not sure which one it is!
0:45:40.080,0:45:43.180
I’d like to believe that since Apple[br]didn’t join the PRISM program until
0:45:43.180,0:45:49.580
after Steve Jobs died that maybe it’s[br]just that they write shitty software.
0:45:49.580,0:45:52.960
We know that’s true![br]laughter
0:45:52.960,0:45:58.040
applause
0:45:58.040,0:46:02.320
Here’s a HVT, high-value target.[br]This is a high-value target
0:46:02.320,0:46:05.770
being targeted with a back door for[br]Windows CE Thuraya phones.
0:46:05.770,0:46:11.290
So if you have a Thuraya phone and you’re[br]wondering if it was secure – yeah maybe.
0:46:11.290,0:46:15.220
Good luck! Here’s one where they[br]replaced the hard drive firmware.
0:46:15.220,0:46:19.340
There was a talk at OHM this year[br][OHM2013] where a guy talked about
0:46:19.340,0:46:22.960
replacing hard drive firmware.[br]You were onto something.
0:46:22.960,0:46:25.850
You were really onto something. Whoever[br]you are, you were onto something.
0:46:25.850,0:46:29.540
Because the NSA has a program here,[br]IRATEMONK, and that’s exactly
0:46:29.540,0:46:32.600
what they do. They replace the firmware[br]in the hard drive, so it doesn’t matter
0:46:32.600,0:46:37.160
if you reformat the hard drive, you’re[br]done. The firmware itself can do
0:46:37.160,0:46:42.320
a whole bunch of stuff. So. Here are[br]the names of the hard drive companies
0:46:42.320,0:46:47.480
were it works: Western Digital, Seagate,[br]Maxtor and Samsung, and of course
0:46:47.480,0:46:52.380
they support FAT, NTFS, EXT3 and UFS.[br]They probably now have support for
0:46:52.380,0:46:56.490
additional file systems, but this is[br]what we can prove. Please note
0:46:56.490,0:47:00.770
at the bottom left and the bottom right:[br]“Status: Released and Deployed.
0:47:00.770,0:47:06.000
Ready for Immediate Delivery”.[br]And: “Unit Cost: $0”.
0:47:06.000,0:47:11.550
It’s free! No, you can’t get it.[br]It’s not free as in free software.
0:47:11.550,0:47:15.270
It’s free as in “You’re owned!”.[br]laughter
0:47:15.270,0:47:19.580
applause
0:47:19.580,0:47:22.930
I want to give a shoutout to Karsten Nohl[br]and Luca [Luca Melette] for their
0:47:22.930,0:47:26.460
incredible talk where they showed this[br]exact attack without knowing that
0:47:26.460,0:47:30.940
they had found it. Right?[br]They say – yeah, absolutely.
0:47:30.940,0:47:35.230
applause
0:47:35.230,0:47:39.300
Important point. The NSA says that when[br]they know about these things, that
0:47:39.300,0:47:42.350
nobody will come to harm, no one will be[br]able to find them, they’ll never be able
0:47:42.350,0:47:47.180
to be exploited by another third party.[br]Karsten found this exact vulnerability.
0:47:47.180,0:47:51.930
They were able to install a Java applet on[br]the SIM card without user interaction,
0:47:51.930,0:47:55.170
and it was based on the service provider’s[br]security configuration, which is exactly
0:47:55.170,0:47:58.740
what the NSA says here, and they talk[br]about attacking the same toolkit
0:47:58.740,0:48:02.760
inside of the phone; and Karsten[br]found the same vulnerability
0:48:02.760,0:48:07.140
and attacked it in the wild. This[br]is perfect evidence, not only of
0:48:07.140,0:48:10.960
how badass Karsten and Luca are[br]– they are, no question – but also about
0:48:10.960,0:48:16.210
how wrong the NSA is with this balance.[br]Because for every Karsten and Luca, there
0:48:16.210,0:48:21.420
are hundreds of people who are paid to do[br]this full-time and never tell us about it.
0:48:21.420,0:48:29.000
applause
0:48:29.000,0:48:32.760
Important detail. Do you see that[br]‘interdiction’ phrase right there?
0:48:32.760,0:48:35.770
“Through remote access” – in other[br]words, we broke into your computer –
0:48:35.770,0:48:40.420
“or interdiction” – in other words,[br]we stole your fucking mail. Now.
0:48:40.420,0:48:43.471
This is a really important point. We[br]all have heard about these paranoid
0:48:43.471,0:48:46.380
crazy people talking about people breaking[br]into their houses – that’s happened to me
0:48:46.380,0:48:49.700
a number of times – motherfuckers,[br]getting you back – it’s really important
0:48:49.700,0:48:53.460
to understand this process is[br]one that threatens all of us.
0:48:53.460,0:48:59.170
The sanctity of the postal system[br]has been violated. I mean – whoa!
0:48:59.170,0:49:02.340
God, it makes me so angry, you know?[br]You can’t even send a letter without
0:49:02.340,0:49:05.940
being spied on, but even worse that they[br]tamper with it! It’s not enough that
0:49:05.940,0:49:10.510
the U.S. Postal Service records all[br]of this information and keeps it
0:49:10.510,0:49:13.640
– that’s not enough. They also have to[br]tamper with the packages! So every time
0:49:13.640,0:49:18.050
you buy from Amazon, for example, every[br]time you buy anything on the internet,
0:49:18.050,0:49:22.230
there is the possibility that they will[br]actually take your package and change it.
0:49:22.230,0:49:25.340
One of the ways that I’ve heard that they[br]change it is that they will actually
0:49:25.340,0:49:29.800
take the case of your computer and they[br]will injection mold a hardware back door
0:49:29.800,0:49:33.680
into the case of the computer.[br]So that even if you were to look
0:49:33.680,0:49:37.350
at the motherboard or have it serviced,[br]you would not see this. It merely
0:49:37.350,0:49:42.120
just needs to be in the proximity[br]of the motherboard. So.
0:49:42.120,0:49:46.920
Let’s talk about hardware implants[br]that they will put into your devices.
0:49:46.920,0:49:52.160
Here’s one. This is called BULLDOZER.[br]It’s a PCI bus hardware implant.
0:49:52.160,0:49:55.740
Pretty scary, doesn’t look so great,[br]but let’s go on a little bit. Okay?
0:49:55.740,0:49:59.180
Here’s one where they actually exploit[br]the BIOS and System Management Mode.
0:49:59.180,0:50:02.480
There’s a big graph that shows all of[br]these various different interconnections,
0:50:02.480,0:50:06.360
which is important. Then they talk about[br]the long-range comms, INMARSAT, VSAT,
0:50:06.360,0:50:10.430
NSA MEANS and Future Capabilities. I think[br]NSA MEANS exists. Future Capabilities
0:50:10.430,0:50:14.860
seems self-explanatory. “This[br]hardware implant provides
0:50:14.860,0:50:19.860
2-way RF communication.” Interesting.[br]So you disable all the wireless cards,
0:50:19.860,0:50:23.420
whatever you need. There you go.[br]They just added a new one in there and
0:50:23.420,0:50:27.910
you don’t even know. Your system has no[br]clue about it. Here’s a hardware back door
0:50:27.910,0:50:31.800
which uses the I2C interface, because[br]no one in the history of time
0:50:31.800,0:50:35.160
other than the NSA probably has ever[br]used it. That’s good to know that finally
0:50:35.160,0:50:40.690
someone uses I2C for something[br]– okay, other than fan control. But,
0:50:40.690,0:50:43.890
look at that! It’s another American[br]company that they are sabotaging.
0:50:43.890,0:50:48.210
They understand that HP’s servers[br]are vulnerable, and they decided,
0:50:48.210,0:50:52.960
instead of explaining that this is[br]a problem, they exploit it. And IRONCHEF,
0:50:52.960,0:50:56.800
through interdiction, is one of[br]the ways that they will do that.
0:50:56.800,0:51:01.810
So I wanna really harp on this. Now it’s[br]not that I think European companies
0:51:01.810,0:51:06.950
are worth less. I suspect especially[br]after this talk that won’t be true,
0:51:06.950,0:51:10.480
in the literal stock sense, but I don’t[br]know. I think it’s really important
0:51:10.480,0:51:13.700
to understand that they are sabotaging[br]American companies because of the
0:51:13.700,0:51:17.950
so-called home-field advantage. The[br]problem is that as an American who writes
0:51:17.950,0:51:22.430
software, who wants to build hardware[br]devices, this really chills my expression
0:51:22.430,0:51:25.490
and it also gives me a problem, which[br]is that people say: “Why would I use
0:51:25.490,0:51:29.840
what you’re doing? You know,[br]what about the NSA?”
0:51:29.840,0:51:35.000
Man, that really bothers me.[br]I don’t deserve the Huawei taint,
0:51:35.000,0:51:39.260
and the NSA gives it. And President[br]Obama’s own advisory board
0:51:39.260,0:51:43.550
that was convened to understand the scope[br]of these things has even agreed with me
0:51:43.550,0:51:47.820
about this point, that this should not be[br]taking place, that hoarding of zero-day
0:51:47.820,0:51:52.640
exploits cannot simply happen without[br]thought processes that are reasonable
0:51:52.640,0:51:58.070
and rational and have an economic and[br]social valuing where we really think about
0:51:58.070,0:52:03.010
the broad-scale impact. Now.[br]I’m gonna go on to a little bit more.
0:52:03.010,0:52:07.230
Here’s where they attack SIM cards. This[br]is MONKEYCALENDAR. So it’s actually
0:52:07.230,0:52:11.670
the flow chart of how this would work.[br]So in other words, they told you all of
0:52:11.670,0:52:16.690
the ways in which you should be certainly,[br]you know, looking at this. So if you ever
0:52:16.690,0:52:22.090
see your handset emitting encrypted SMS[br]that isn’t Textsecure, you now have
0:52:22.090,0:52:27.350
a pretty good idea that it might be this.[br]Here’s another example. If you have
0:52:27.350,0:52:33.830
a computer in front of you… I highly[br]encourage you to buy the Samsung SGH-X480C
0:52:33.830,0:52:38.740
– that’s the preferred phone of the NSA[br]for attacking another person’s phone.
0:52:38.740,0:52:43.000
I’m not exactly sure why, but an important[br]point is, they add the back door, then
0:52:43.000,0:52:47.830
they send an SMS from a regular phone[br]– what does that tell you? What does that
0:52:47.830,0:52:51.670
tell you about the exploitation process?[br]It tells you that it’s actually something
0:52:51.670,0:52:55.060
which is pretty straightforward,[br]pretty easy to do, doesn’t require
0:52:55.060,0:52:59.220
specialized access to the telecoms once[br]they’ve gotten your phone compromised.
0:52:59.220,0:53:02.730
That to me suggests that other people[br]might find it, other people might use
0:53:02.730,0:53:06.680
these techniques. Okay, here’s a USB[br]hardware implant called COTTONMOUTH.
0:53:06.680,0:53:10.910
We released this in ‘Spiegel’ today as[br]well. See the little red parts. It will
0:53:10.910,0:53:14.100
provide a wireless bridge onto the[br]target network with the ability to load
0:53:14.100,0:53:18.640
exploit software. Here’s a little bit of[br]extra details about that. It actually
0:53:18.640,0:53:23.240
shows the graph at the bottom, how they do[br]this, how they get around, how they beat
0:53:23.240,0:53:27.370
the air gap with these things. And they[br]talk a bit about being GENIE compliant.
0:53:27.370,0:53:31.790
So GENIE, and for the rest of these[br]programs, these are – like DROPOUTJEEP
0:53:31.790,0:53:35.530
is part of the CHIMNEYPOOL programs,[br]and COTTONMOUTH is part of the rest of
0:53:35.530,0:53:41.130
these programs over here. These are huge[br]programs where they’re trying to beat
0:53:41.130,0:53:45.240
a whole bunch of different adversaries,[br]and different capabilities are required.
0:53:45.240,0:53:48.820
And this is one of the probably I think[br]more interesting ones, but here’s
0:53:48.820,0:53:53.460
the next revision of it where it’s in a[br]USB plug, not actually in the cable.
0:53:53.460,0:53:58.120
And look, 50 units for US$ 200,000.[br]It’s really cheap.
0:53:58.120,0:54:03.920
You like my editorializing there, I hope?[br]So, $200,000, okay.
0:54:03.920,0:54:08.740
And here’s where you look for it. If you[br]happen to have an x-ray machine,
0:54:08.740,0:54:14.450
look for an extra chip. And that’s[br]a HOWLERMONKEY radiofrequency transmitter.
0:54:14.450,0:54:18.750
Well what’s a HOWLERMONKEY? We’ll[br]talk about that in a second, but basically
0:54:18.750,0:54:23.730
this is for ethernet, here. This is the[br]FIREWALK. It can actually do injection
0:54:23.730,0:54:27.370
bidirectionally on the ethernet controller[br]into the network that it’s sitting on.
0:54:27.370,0:54:30.270
So it doesn’t even have to do things[br]directly to the computer. It can actually
0:54:30.270,0:54:33.800
inject packets directly into the network,[br]according to the specification sheet,
0:54:33.800,0:54:39.400
which we released today on[br]Der Spiegel’s website. As it says,
0:54:39.400,0:54:43.510
‘active injection of ethernet packets onto[br]the target network’. Here’s another one
0:54:43.510,0:54:50.020
from Dell with an actual FLUXBABBITT[br]hardware implant for the PowerEdge 2950.
0:54:50.020,0:54:55.360
This uses the JTAG debugging interface[br]of the server. Why did Dell leave
0:54:55.360,0:55:00.080
a JTAG debugging interface on these[br]servers? Interesting, right? Because,
0:55:00.080,0:55:04.060
it’s like leaving a vulnerability in. Is[br]that a bug door or a back door or
0:55:04.060,0:55:09.380
just a mistake? Well hopefully they will[br]change these things or at least make it so
0:55:09.380,0:55:12.730
that if you were to see this you would[br]know that you had some problems.
0:55:12.730,0:55:15.970
Hopefully Dell will release some[br]information about how to mitigate
0:55:15.970,0:55:19.640
this advanced persistent threat. Right?[br]Everything that the U.S. Government
0:55:19.640,0:55:25.190
accuse the Chinese of doing – which they[br]are also doing, I believe – we are learning
0:55:25.190,0:55:30.580
that the U.S. Government has been doing to[br]American companies. That to me is really
0:55:30.580,0:55:34.600
concerning, and we’ve had no public debate[br]about these issues, and in many cases
0:55:34.600,0:55:38.530
all the technical details are obfuscated[br]away and they are just completely
0:55:38.530,0:55:43.280
outside of the purview of discussions. In[br]this case we learn more about Dell, and
0:55:43.280,0:55:47.330
which models. And here’s the HOWLERMONKEY.[br]These are actually photographs
0:55:47.330,0:55:52.620
of the NSA implanted chips that they[br]have when they steal your mail.
0:55:52.620,0:55:55.590
So after they steal your mail they put[br]a chip like this into your computer.
0:55:55.590,0:56:00.190
So the one, the FIREWALK[br]one is the ethernet one, and
0:56:00.190,0:56:05.170
that’s an important one. You probably will[br]notice that these look pretty simple,
0:56:05.170,0:56:09.850
common off-the-shelf parts. So.
0:56:09.850,0:56:15.650
Whew! All right. Who here[br]is surprised by any of this?
0:56:15.650,0:56:20.881
waits for audience reaction[br]I’m really, really, really glad to see
0:56:20.881,0:56:24.640
that you’re not all cynical fuckers and[br]that someone here would admit
0:56:24.640,0:56:29.710
that they were surprised. Okay, who[br]here is not surprised? waits
0:56:29.710,0:56:34.510
I’m going to blow your fucking mind![br]laughter
0:56:34.510,0:56:39.240
Okay. We all know about TEMPEST,[br]right? Where the NSA pulls data
0:56:39.240,0:56:42.240
out of your computer, irradiate stuff[br]and then grab it, right? Everybody
0:56:42.240,0:56:44.251
who raised their hand and said they’re[br]not surprised, you already knew
0:56:44.251,0:56:49.370
about TEMPEST, right?[br]Right? Okay. Well.
0:56:49.370,0:56:53.460
What if I told you that the NSA had[br]a specialized technology for beaming
0:56:53.460,0:56:57.550
energy into you and to the computer[br]systems around you, would you believe
0:56:57.550,0:57:01.000
that that was real or would that be[br]paranoid speculation of a crazy person?
0:57:01.000,0:57:05.000
laughter[br]Anybody? You cynical guys
0:57:05.000,0:57:08.090
holding up your hand saying that you’re[br]not surprised by anything, raise your hand
0:57:08.090,0:57:12.100
if you would be unsurprised by that.[br]laughter
0:57:12.100,0:57:16.770
Good. And it’s not the same number.[br]It’s significantly lower. It’s one person.
0:57:16.770,0:57:23.710
Great. Here’s what they do with those[br]types of things. That exists, by the way.
0:57:23.710,0:57:29.910
When I told Julian Assange about this, he[br]said: “Hmm. I bet the people who were
0:57:29.910,0:57:33.890
around Hugo Chavez are going to wonder[br]what caused his cancer.” And I said:
0:57:33.890,0:57:37.490
“You know, I hadn’t considered that. But,[br]you know, I haven’t found any data
0:57:37.490,0:57:42.640
about human safety about these tools.[br]Has the NSA performed tests where they
0:57:42.640,0:57:48.070
actually show that radiating people[br]with 1 kW of RF energy
0:57:48.070,0:57:51.360
at short range is safe?”[br]laughter
0:57:51.360,0:57:56.450
My God! No, you guys think I’m[br]joking, right? Well, yeah, here it is.
0:57:56.450,0:58:00.720
This is a continuous wave generator,[br]a continuous wave radar unit.
0:58:00.720,0:58:05.250
You can detect its use because it’s[br]used between 1 and 2 GHz and
0:58:05.250,0:58:09.630
its bandwidth is up to 45 MHz,[br]user adjustable, 2 watts
0:58:09.630,0:58:12.790
using an internal amplifier. External[br]amplifier makes it possible to go
0:58:12.790,0:58:19.230
up to 1 kilowatt.
0:58:19.230,0:58:25.210
I’m just gonna let you take that[br]in for a moment. clears throat
0:58:25.210,0:58:31.840
Who’s crazy now?[br]laughter
0:58:31.840,0:58:35.010
Now, I’m being told I only have one[br]minute, so I’m going to have to go
0:58:35.010,0:58:39.480
a little bit quicker. I’m sorry. Here’s[br]why they do it. This is an implant
0:58:39.480,0:58:43.950
called RAGEMASTER. It’s part of the[br]ANGRYNEIGHBOR family of tools,
0:58:43.950,0:58:47.340
laughter[br]where they have a small device that they
0:58:47.340,0:58:52.490
put in line with the cable in your monitor[br]and then they use this radar system
0:58:52.490,0:58:57.070
to bounce a signal – this is not unlike[br]the Great Seal bug that [Leon] Theremin
0:58:57.070,0:59:01.060
designed for the KGB. So it’s good to[br]know we’ve finally caught up with the KGB,
0:59:01.060,0:59:06.540
but now with computers. They[br]send the microwave transmission,
0:59:06.540,0:59:10.700
the continuous wave, it reflects off of[br]this chip and then they use this device
0:59:10.700,0:59:15.320
to see your monitor.
0:59:15.320,0:59:20.780
Yep. So there’s the full life cycle.[br]First they radiate you,
0:59:20.780,0:59:24.500
then you die from cancer,[br]then you… win? Okay, so,
0:59:24.500,0:59:30.080
here’s the same thing, but this time for[br]keyboards, USB and PS/2 keyboards.
0:59:30.080,0:59:34.560
So the idea is that it’s a data[br]retro-reflector. Here’s another thing,
0:59:34.560,0:59:38.200
but this one, the TAWDRYYARD program, is[br]a little bit different. It’s a beacon, so
0:59:38.200,0:59:44.390
this is where probably then[br]they kill you with a drone.
0:59:44.390,0:59:48.910
That’s pretty scary stuff. They also have[br]this for microphones to gather room bugs
0:59:48.910,0:59:52.610
for room audio. Notice the bottom. It says[br]all components are common off the shelf
0:59:52.610,0:59:57.140
and are so non-attributable to the NSA.[br]Unless you have this photograph
0:59:57.140,1:00:01.700
and the product sheet. Happy hunting!
1:00:01.700,1:00:07.950
applause
1:00:07.950,1:00:12.380
And just to give you another idea, this is[br]a device they use to be able to actively
1:00:12.380,1:00:15.990
hunt people down. This is a hunting[br]device, right? Handheld finishing tool
1:00:15.990,1:00:22.910
used for geolocation targeting[br]handsets in the field. So!
1:00:22.910,1:00:28.860
Who was not surprised by this? I’m so[br]glad to have finally reached the point
1:00:28.860,1:00:33.240
where no one raised their hand except[br]that one guy who I think misheard me.
1:00:33.240,1:00:38.300
laughter[br]Or you’re brilliant. And
1:00:38.300,1:00:41.040
please stay in our community[br]and work on open research!
1:00:41.040,1:00:42.750
somebody off mike shouts:[br]Audience: Maybe he can add something!
1:00:42.750,1:00:47.310
Yeah! And if you work for the NSA,[br]I’d just like to encourage you
1:00:47.310,1:00:51.690
to leak more documents![br]laughter
1:00:51.690,1:00:58.202
applause, cheers
1:00:58.202,1:01:04.737
applause
1:01:04.737,1:01:11.588
applause
1:01:11.588,1:01:18.488
applause, cheers, whistles
1:01:18.488,1:01:25.258
applause, cheers, whistles, ovation
1:01:25.258,1:01:31.988
applause, ovation
1:01:31.988,1:01:38.748
applause, cheers, ovation
1:01:38.748,1:01:45.698
applause, ovation
1:01:45.698,1:01:48.820
Herald: Thank you very much, Jake.
1:01:48.820,1:01:52.760
Thank you. I’m afraid we ran[br]all out of time for the Q&A.
1:01:52.760,1:01:55.570
I’m very sorry for anyone[br]who wanted to ask questions.
1:01:55.570,1:01:58.400
Jacob: But we do have a press conference.[br]Well, if you guys… you know,
1:01:58.400,1:02:01.310
I’d say: “occupy the room for another[br]5 minutes”, or… know that there’s
1:02:01.310,1:02:04.220
a press conference room that will be[br]opened up, where we can all ask
1:02:04.220,1:02:07.260
as many questions as we want,[br]in 30 minutes, if you’re interested.
1:02:07.260,1:02:11.480
And I will basically be available until[br]I’m assassinated to answer questions.
1:02:11.480,1:02:18.600
laughter, applause[br]So…
1:02:18.600,1:02:22.250
in the immortal words of Julian Assange:[br]Remember, no matter what happens,
1:02:22.250,1:02:26.409
even if there’s a videotape of it,[br]it was murder! Thank you!
1:02:26.409,1:02:30.339
Herald: Thank you. Please give a warm[br]round of applause to Jake Appelbaum!
1:02:30.339,1:02:33.339
applause
1:02:33.339,1:02:37.796
silent postroll
1:02:37.796,1:02:42.403
Subtitles created by c3subtitles.de[br]in the year 2016. Join, and help us!