WEBVTT
00:00:00.380 --> 00:00:05.670
Herald: Good morning to this last minute
edition to our “Fahrplan” today.
00:00:05.670 --> 00:00:09.540
There will probably be time for a few
minutes of Q&A in the end, so you can
00:00:09.540 --> 00:00:15.160
ask questions here or on IRC
and Twitter via our Signal Angels.
00:00:15.160 --> 00:00:19.560
Please welcome Jake Appelbaum,
independent journalist,
00:00:19.560 --> 00:00:23.510
for his talk
“To Protect And Infect Part 2”.
00:00:23.510 --> 00:00:29.690
applause
00:00:29.690 --> 00:00:35.840
Jacob: Okay. Alright. Thanks so much
for coming so early in the morning.
00:00:35.840 --> 00:00:38.550
Or maybe not so early in the morning
for most of you apparently since
00:00:38.550 --> 00:00:44.150
you’ve all been up for more than an hour.
But I’m gonna talk today a little bit
00:00:44.150 --> 00:00:48.669
about some things that we’ve heard about
at the conference and I’m gonna talk a bit
00:00:48.669 --> 00:00:52.740
about some things that you have not
probably ever heard about in your life and
00:00:52.740 --> 00:00:55.680
are even worse than your worst nightmares.
00:00:55.680 --> 00:01:00.200
So recently we heard a little bit about
some of the low-end corporate spying
00:01:00.200 --> 00:01:04.900
that’s often billed as being sort of like
the hottest, most important stuff, so the
00:01:04.900 --> 00:01:09.340
FinFisher, the HackingTeam, the VUPEN.
And sort of in that order it becomes
00:01:09.340 --> 00:01:14.490
more sophisticated and more and more
tied in with the National Security Agency.
00:01:14.490 --> 00:01:17.660
There are some Freedom of Information Act
requests that have gone out that actually
00:01:17.660 --> 00:01:23.670
show VUPEN being an NSA contractor writing
exploits, that there are some ties there.
00:01:23.670 --> 00:01:28.010
This sort of covers the… sort of…
the whole gamut, I believe,
00:01:28.010 --> 00:01:31.650
which is that, you know you can buy these
like little pieces of forensics hardware.
00:01:31.650 --> 00:01:35.240
And just as a sort of fun thing I bought
some of those and then I looked at
00:01:35.240 --> 00:01:38.670
how they worked and I noticed that this
‘Mouse Jiggler’, you plug it in and
00:01:38.670 --> 00:01:42.860
the idea is that it like keeps your screen
awake. So have any of you seen that
00:01:42.860 --> 00:01:46.910
at all? It’s a piece of forensics hardware
so your screensaver doesn’t activate.
00:01:46.910 --> 00:01:51.290
So I showed it to one of the systemd
developers, and now when you plug those
00:01:51.290 --> 00:01:55.901
into a Linux box that runs systemd,
they automatically lock the screen
00:01:55.901 --> 00:02:02.081
when it sees the USB ID.
applause
00:02:02.081 --> 00:02:05.470
So when people talk about Free Software,
‘free as in freedom’, that’s part of
00:02:05.470 --> 00:02:09.260
what they’re talking about. So there are
some other things which I’m not going
00:02:09.260 --> 00:02:11.660
to really talk a lot about it because
basically this is all bullshit that
00:02:11.660 --> 00:02:15.420
doesn’t really matter and we can defeat
all of that. This is individualized things
00:02:15.420 --> 00:02:20.060
we can defend against. But I want
to talk a little bit about how it’s
00:02:20.060 --> 00:02:23.960
not necessarily the case that because
they’re not the most fantastic, they’re
00:02:23.960 --> 00:02:27.720
not the most sophisticated, that
therefore we shouldn’t worry about it.
00:02:27.720 --> 00:02:31.320
This is Rafael. I met him when
I was in Oslo in Norway
00:02:31.320 --> 00:02:36.449
for the Oslo Freedom Forum, and basically
he asked me to look at his computer
00:02:36.449 --> 00:02:40.400
because he said, “You know, something
seems to be wrong with it. I think that
00:02:40.400 --> 00:02:43.750
there’s something, you know,
slowing it down.” And I said:
00:02:43.750 --> 00:02:46.260
“Well, I’m not going to find anything.
I don’t have any tools. We are just
00:02:46.260 --> 00:02:49.580
going to like sit at the computer…”
And I looked at it, and it has to be
00:02:49.580 --> 00:02:53.200
the lamest back door I’ve ever found. It
was basically a very small program that
00:02:53.200 --> 00:02:56.980
would just run in a loop and take
screenshots. And it failed to upload
00:02:56.980 --> 00:03:01.160
some of the screenshots, and so there were
8 GB of screenshots in his home directory.
00:03:01.160 --> 00:03:04.570
laughter and applause
And I said, “I’m sorry to break it to you
00:03:04.570 --> 00:03:09.440
but I think that you’ve been owned.
And… by a complete idiot.”
00:03:09.440 --> 00:03:14.429
laughter
And he, he, yeah, he was,
00:03:14.429 --> 00:03:17.829
he was really… actually, he felt really
violated and then he told me what he does,
00:03:17.829 --> 00:03:21.080
which is he’s an investigative journalist
who works with top secret documents
00:03:21.080 --> 00:03:25.680
all the time, with extreme, extreme
operational security to protect
00:03:25.680 --> 00:03:30.820
his sources. But when it came to computing
J[ournalism] school failed him.
00:03:30.820 --> 00:03:35.530
And as a result, he was compromised
pretty badly. He was not using
00:03:35.530 --> 00:03:38.129
a specialized operating system like
Tails, which if you’re a journalist
00:03:38.129 --> 00:03:40.910
and you’re not using Tails you should
probably be using Tails unless
00:03:40.910 --> 00:03:44.410
you really know what you’re doing.
Apple did a pretty good job at
00:03:44.410 --> 00:03:48.839
revoking this application, and it was, you
know, in theory it stopped, but there are
00:03:48.839 --> 00:03:52.950
lots of samples from the same group
and this group that did this is tied to
00:03:52.950 --> 00:03:57.670
a whole bunch of other attacks across
the world, actually, which is why
00:03:57.670 --> 00:04:03.320
it’s connected up there with Operation
Hangover. The scary thing, though, is that
00:04:03.320 --> 00:04:06.689
this summer, after we’d met, he was
actually arrested relating to some
00:04:06.689 --> 00:04:11.238
of these things. And now, as
I understand it, he’s out, but,
00:04:11.238 --> 00:04:14.690
you know, when you mess with a military
dictatorship it messes with you back.
00:04:14.690 --> 00:04:18.900
So even though that’s one of the lamest
backdoors, his life is under threat.
00:04:18.900 --> 00:04:23.519
So just simple things can cause serious,
serious harm to regular people that are
00:04:23.519 --> 00:04:27.990
working for some kind of truth telling.
And that to me is really a big part
00:04:27.990 --> 00:04:31.869
of my motivation for coming here to talk
about what I’m going to talk about next,
00:04:31.869 --> 00:04:35.069
which is that for every person that we
learn about like Rafael, I think there are
00:04:35.069 --> 00:04:39.530
lots of people we will never learn about,
and that’s, to me that’s very scary,
00:04:39.530 --> 00:04:43.320
and I think we need to bring some
transparency, and that’s what we’re
00:04:43.320 --> 00:04:47.130
going to talk about now. And I really want
to emphasize this point. Even though
00:04:47.130 --> 00:04:50.839
they’re not technically impressive, they
are actually still harmful, and that,
00:04:50.839 --> 00:04:55.410
that is really a key point to drive home.
I mean, some of the back doors that
00:04:55.410 --> 00:04:59.849
I’ve seen are really not sophisticated,
they’re not really that interesting, and
00:04:59.849 --> 00:05:03.640
in some cases they’re common off-the-shelf
purchases between businesses,
00:05:03.640 --> 00:05:08.650
so it’s like business-to-business
exploitation software development.
00:05:08.650 --> 00:05:13.490
I feel like that’s really kind of sad,
and I also think we can change this.
00:05:13.490 --> 00:05:19.190
We can turn this around by exposing it.
So, what’s it all about, though?
00:05:19.190 --> 00:05:24.219
Fundamentally it’s about control, baby,
and that is what we’re going to get into.
00:05:24.219 --> 00:05:27.679
It’s not just about control of machines.
What happened with Rafael is about
00:05:27.679 --> 00:05:31.520
control of people. And fundamentally
when we talk about things like internet
00:05:31.520 --> 00:05:35.669
freedom and we talk about tactical
surveillance and strategic surveillance,
00:05:35.669 --> 00:05:39.529
we’re talking about control of people
through the machinery that they use.
00:05:39.529 --> 00:05:43.529
And this is a really, I think a really
kind of – you know I’m trying
00:05:43.529 --> 00:05:46.979
to make you laugh a little bit because
what I’m going to show you today
00:05:46.979 --> 00:05:53.219
is wrist-slitting depressing.
So. Part 2, or Act 2 of Part 2.
00:05:53.219 --> 00:05:57.760
Basically the NSA, they want
to be able to spy on you, and
00:05:57.760 --> 00:06:00.580
if they have 10 different options for
spying on you that you know about,
00:06:00.580 --> 00:06:06.119
they have 13 ways of doing it and they
do all 13. So that’s a pretty scary thing,
00:06:06.119 --> 00:06:11.329
and basically their goal is to have
total surveillance of everything that
00:06:11.329 --> 00:06:15.339
they’re interested in. So there really
is no boundary to what they want to do.
00:06:15.339 --> 00:06:19.020
There is only sometimes a boundary of
what they are funded to be able to do and
00:06:19.020 --> 00:06:23.819
the amount of things they’re able to do at
scale. They seem to just do those things
00:06:23.819 --> 00:06:27.199
without thinking too much about it. And
there are specific tactical things
00:06:27.199 --> 00:06:30.690
where they have to target a group or an
individual, and those things seem limited
00:06:30.690 --> 00:06:35.650
either by budgets or simply by their time.
And as we have released today
00:06:35.650 --> 00:06:39.980
on Der Spiegel’s website, which it should
be live – I just checked, it should be live
00:06:39.980 --> 00:06:44.350
for everyone here – we actually
show a whole bunch of details
00:06:44.350 --> 00:06:49.780
about their budgets as well as the
individuals involved with the NSA
00:06:49.780 --> 00:06:53.479
and the Tailored Access Operations group
in terms of numbers. So it should give you
00:06:53.479 --> 00:06:58.889
a rough idea showing that there was a
small period of time in which the internet
00:06:58.889 --> 00:07:02.589
was really free and we did not have people
from the U.S. military that were watching
00:07:02.589 --> 00:07:07.029
over it and exploiting everyone on
it, and now we see every year
00:07:07.029 --> 00:07:11.779
that the number of people who are hired to
break into people’s computers as part of
00:07:11.779 --> 00:07:16.700
grand operations, those people are growing
day by day, actually. In every year
00:07:16.700 --> 00:07:21.820
there are more and more people that are
allocated, and we see this growth. So
00:07:21.820 --> 00:07:26.249
that’s the goal: non-attribution, and total
surveillance, and they want to do it
00:07:26.249 --> 00:07:30.689
completely in the dark. The good
news is that they can’t. So,
00:07:30.689 --> 00:07:34.849
now I’m going to show you a bit about it.
But first, before I show you any pictures,
00:07:34.849 --> 00:07:38.989
I want to sort of give you the big picture
from the top down. So there is
00:07:38.989 --> 00:07:43.249
a planetary strategic surveillance system,
and there – well, there are many of them
00:07:43.249 --> 00:07:48.410
actually. Everything from I think
off-planetary surveillance gear, which is
00:07:48.410 --> 00:07:51.749
probably the National Reconnaissance
Office and their satellite systems
00:07:51.749 --> 00:07:54.669
for surveillance like the Keyhole
satellites – these are all things most,
00:07:54.669 --> 00:07:58.389
for the most part we actually know about
these things. They’re on Wikipedia.
00:07:58.389 --> 00:08:01.109
But I want to talk a little bit more about
the internet side of things because
00:08:01.109 --> 00:08:04.639
I think that’s really fascinating. So
part of what we are releasing today
00:08:04.639 --> 00:08:07.759
with ‘Der Spiegel’, or what has actually
been released – just to be clear
00:08:07.759 --> 00:08:11.710
on the timeline, I’m not disclosing it
first, I’m working as an independent
00:08:11.710 --> 00:08:15.340
journalist summarizing the work that we
have already released onto the internet
00:08:15.340 --> 00:08:19.430
as part of a publication house that went
through a very large editorial process
00:08:19.430 --> 00:08:23.710
in which we redacted all the names of
agents and information about those names,
00:08:23.710 --> 00:08:26.159
including their phone numbers
and e-mail addresses.
00:08:26.159 --> 00:08:29.019
applause
00:08:29.019 --> 00:08:32.890
And I should say that I actually think
that the laws here are wrong,
00:08:32.890 --> 00:08:36.810
because they are in favor of
an oppressor who is criminal.
00:08:36.810 --> 00:08:41.160
So when we redact the names of people who
are engaged in criminal activity including
00:08:41.160 --> 00:08:45.420
drone murder, we are actually not doing
the right thing, but I believe that
00:08:45.420 --> 00:08:49.200
we should comply with the law in order
to continue to publish, and I think
00:08:49.200 --> 00:08:55.740
that’s very important.
applause
00:08:55.740 --> 00:09:00.030
We also redacted the names of
victims of NSA surveillance,
00:09:00.030 --> 00:09:04.890
because we think that there’s a balance.
Unfortunately there is a serious problem
00:09:04.890 --> 00:09:08.630
which is that the U.S. government asserts
that you don’t have standing to prove
00:09:08.630 --> 00:09:12.270
that you’ve been surveilled unless
we release that kind of information,
00:09:12.270 --> 00:09:15.040
but we don’t want to release that kind
of information in case it could be
00:09:15.040 --> 00:09:18.680
a legitimate target, and we – I’m really
uncomfortable with that term, but let’s
00:09:18.680 --> 00:09:22.280
say that there is a legitimate target, the
most legitimate target, and we didn’t want
00:09:22.280 --> 00:09:25.900
to make that decision. But we
did also want to make sure
00:09:25.900 --> 00:09:29.230
that we didn’t harm someone, but we
also wanted to show concrete examples.
00:09:29.230 --> 00:09:32.470
So if you look at the ‘Spiegel’ stuff online,
we redacted the names even of those
00:09:32.470 --> 00:09:36.490
who were victimized by the NSA’s
oppressive tactics, which I think
00:09:36.490 --> 00:09:39.600
actually goes further than is necessary,
but I believe that it strikes
00:09:39.600 --> 00:09:43.150
the right balance to ensure continued
publication and also to make sure
00:09:43.150 --> 00:09:46.700
that people are not harmed and that
legitimate good things, however rare
00:09:46.700 --> 00:09:52.090
they may be, they are also not harmed.
So if you’ve been targeted by the NSA
00:09:52.090 --> 00:09:54.490
and you would have found out today
if we had taken a different decision,
00:09:54.490 --> 00:09:59.190
I’m really sorry, but this is the thing
I think that keeps us alive,
00:09:59.190 --> 00:10:02.200
so this is the choice that I think is the
right choice, and I think it’s also
00:10:02.200 --> 00:10:06.310
the safest choice for everyone.
So that said, basically the NSA has
00:10:06.310 --> 00:10:10.630
a giant dragnet surveillance system that
they call TURMOIL. TURMOIL is a passive
00:10:10.630 --> 00:10:14.520
interception system. That passive
interception system essentially spans
00:10:14.520 --> 00:10:17.980
the whole planet. Who here has heard
about the Merkel phone incident?
00:10:17.980 --> 00:10:21.740
Some of you heard about Chancellor Merkel?
So we revealed that in ‘Der Spiegel’, and
00:10:21.740 --> 00:10:25.770
what we found was that they tasked her
for surveillance. And I’ll talk a little bit
00:10:25.770 --> 00:10:29.030
about that later. But basically the way
that this works is that they have this
00:10:29.030 --> 00:10:34.020
huge passive set of sensors; and any data
that flows past it, they actually look at it.
00:10:34.020 --> 00:10:37.880
So there was a time in the past where
surveillance meant looking at anything
00:10:37.880 --> 00:10:43.010
at all. And now the NSA tries
to basically twist the words
00:10:43.010 --> 00:10:46.780
of every person who speaks whatever
language they’re speaking in, and they
00:10:46.780 --> 00:10:50.560
try to say that it’s only surveillance
if after they collect it and record it
00:10:50.560 --> 00:10:55.500
to a database, and analyze it with
machines, only if – I think – an NSA agent
00:10:55.500 --> 00:10:59.690
basically looks at it
personally and then clicks
00:10:59.690 --> 00:11:03.750
“I have looked at this” do
they call it surveillance.
00:11:03.750 --> 00:11:07.410
Fundamentally I really object to that
because if I ran a TURMOIL collection
00:11:07.410 --> 00:11:10.220
system – that is passive signals
intelligence systems collecting data
00:11:10.220 --> 00:11:14.120
from the whole planet, everywhere they
possibly can – I would go to prison
00:11:14.120 --> 00:11:17.990
for the rest of my life.
That’s the balance, right?
00:11:17.990 --> 00:11:21.520
Jefferson talks about this. He says, you
know, “That which the government
00:11:21.520 --> 00:11:25.160
is allowed to do but you are not, this is
a tyranny.” There are some exceptions
00:11:25.160 --> 00:11:29.820
to that, but the CFAA in the United
States, the Computer Fraud and Abuse Act,
00:11:29.820 --> 00:11:33.720
you know, it’s so draconian
for regular people,
00:11:33.720 --> 00:11:38.260
and the NSA gets to do something like
intercepting 7 billion people all day long
00:11:38.260 --> 00:11:42.820
with no problems, and the rest of us
are not even allowed to experiment
00:11:42.820 --> 00:11:47.440
for improving the security of our own
lives without being put in prison
00:11:47.440 --> 00:11:51.700
or under threat of serious indictment, and
that I think is a really important point.
00:11:51.700 --> 00:11:55.730
So the TURMOIL system is a surveillance
system, and it is a dragnet surveillance
00:11:55.730 --> 00:12:00.150
system that is a general warrant dragnet
surveillance if there ever was one.
00:12:00.150 --> 00:12:04.030
And now we shot the British over this when
we started our revolution. We called them
00:12:04.030 --> 00:12:06.970
“general writs of assistance.” These
were generalized warrants which
00:12:06.970 --> 00:12:10.730
we considered to be a tyranny. And
TURMOIL is the digital version of a
00:12:10.730 --> 00:12:15.410
general writ of assistance system. And
the general writ of assistance itself,
00:12:15.410 --> 00:12:18.530
it’s not clear if it even exists, because
it’s not clear to me that a judge
00:12:18.530 --> 00:12:21.910
would understand
anything that I just said.
00:12:21.910 --> 00:12:27.310
applause
00:12:27.310 --> 00:12:31.920
Okay, so now we’re gonna get scary.
So that’s just the passive stuff.
00:12:31.920 --> 00:12:36.120
There exists another system that’s called
TURBINE, and we revealed about this system
00:12:36.120 --> 00:12:41.040
in the ‘Spiegel’ publications
today as well. So if TURMOIL
00:12:41.040 --> 00:12:47.210
is deep packet inspection, then
TURBINE is deep packet injection.
00:12:47.210 --> 00:12:52.130
And it is the system that combined
together with a thing…
00:12:52.130 --> 00:12:55.820
– with TURMOIL and TURBINE you can create
a platform which they have consolidated
00:12:55.820 --> 00:13:01.900
which they call QFIRE. QFIRE is
essentially a way to programmatically
00:13:01.900 --> 00:13:05.790
look at things that flow across the
internet that they see with TURMOIL
00:13:05.790 --> 00:13:09.770
and then using TURBINE they’re able to
actually inject packets to try to do attacks,
00:13:09.770 --> 00:13:13.720
and I’ll describe some of those attacks
in detail in a moment. But essentially
00:13:13.720 --> 00:13:17.430
the interesting thing about QFIRE also
is that they have a thing that’s called
00:13:17.430 --> 00:13:22.300
a diode. So if you have for
example a large number
00:13:22.300 --> 00:13:24.670
of systems where you control them, you
might say: “Hey, what are you doing
00:13:24.670 --> 00:13:27.590
on that backbone?”, “Hey, what’s going on
with these systems?” And they could say,
00:13:27.590 --> 00:13:30.930
well, you know, we paid for access, we’re
doing this, it’s all legal, etcetera.
00:13:30.930 --> 00:13:33.830
QFIRE has this really neat little detail
which is that they compromise
00:13:33.830 --> 00:13:36.770
other people’s routers and then redirect
through them so that they can beat
00:13:36.770 --> 00:13:40.160
the speed of light. And how
they do that is that they have
00:13:40.160 --> 00:13:43.480
a passive sensor that’s nearby,
a thing that they can inject from.
00:13:43.480 --> 00:13:47.649
And when they see that that thing sees
a selector that is interesting to them
00:13:47.649 --> 00:13:51.689
or is doing a thing that they would like
to tamper with in some way, then they
00:13:51.689 --> 00:13:55.350
take a packet, they encapsulate the
packet, they send it to the diode,
00:13:55.350 --> 00:14:00.210
which might be your home router
potentially, and then that home router
00:14:00.210 --> 00:14:05.410
decapsulates that packet and sends it out.
And because that is very close to you,
00:14:05.410 --> 00:14:10.170
and let’s say you’re visiting Yahoo, then
the Yahoo packet will not beat you.
00:14:10.170 --> 00:14:14.740
That is, they will not beat the NSA
or GCHQ. So it’s a race condition.
00:14:14.740 --> 00:14:17.940
And so they basically are able to
control this whole system and then
00:14:17.940 --> 00:14:23.250
to localize attacks in that
process. So that’s a pretty –
00:14:23.250 --> 00:14:27.530
pretty scary stuff, actually. And while it
is a digital thing, I think it’s important
00:14:27.530 --> 00:14:30.790
to understand that this is what Jefferson
talked about when he talked about tyranny.
00:14:30.790 --> 00:14:34.300
This is turnkey tyranny, and it’s not that
it’s coming, it’s actually here. It’s just
00:14:34.300 --> 00:14:38.210
merely the question about whether or not
they’ll use it in a way that we think is
00:14:38.210 --> 00:14:42.480
a good way or not a good way. One
of the scariest parts about this is that
00:14:42.480 --> 00:14:47.810
for this system or these sets of systems
to exist, we have been kept vulnerable.
00:14:47.810 --> 00:14:51.500
So it is the case that if the Chinese,
if the Russians, if people here
00:14:51.500 --> 00:14:55.980
wish to build this system, there’s nothing
that stops them. And in fact the NSA has
00:14:55.980 --> 00:15:00.210
in a literal sense retarded the process
by which we would secure the internet
00:15:00.210 --> 00:15:04.740
because it establishes a hegemony
of power, their power in secret,
00:15:04.740 --> 00:15:08.760
to do these things. And in fact I’ve seen
evidence that shows that there are so many
00:15:08.760 --> 00:15:12.320
compromises taking place between the
different Five Eyes signals intelligence
00:15:12.320 --> 00:15:16.200
groups that they actually have lists that
explain, “If you see this back door
00:15:16.200 --> 00:15:20.610
on the system, contact a friendly agency.
You’ve just recompromised the machine
00:15:20.610 --> 00:15:24.760
of another person.” So
when we talk about this,
00:15:24.760 --> 00:15:29.020
we have to consider that this is
designed for at-scale exploitation.
00:15:29.020 --> 00:15:33.099
And as far as I can tell it’s being
used for at-scale exploitation.
00:15:33.099 --> 00:15:38.541
Which is not really in my mind a
targeted particularized type of thing,
00:15:38.541 --> 00:15:42.270
but rather it’s fishing operations.
It’s fishing expeditions. It’s
00:15:42.270 --> 00:15:47.200
more like fishing crusades, if you will.
And in some cases, looking at the evidence
00:15:47.200 --> 00:15:51.380
that seems to be what it is. Targeting
Muslims, I might add. Because that’s
00:15:51.380 --> 00:15:54.800
what they’re interested in doing.
So that said, that’s the internet,
00:15:54.800 --> 00:15:58.270
and we get all the way down to the bottom
and we get to the Close Access Operations
00:15:58.270 --> 00:16:02.940
and Off-Net. Off-Net and Close Access
Operations are pretty scary things,
00:16:02.940 --> 00:16:06.249
but basically this is what we would call a
black bag job. That’s where these guys,
00:16:06.249 --> 00:16:10.260
they break into your house, they put
something in your computer and
00:16:10.260 --> 00:16:13.350
they take other things out of your
computer. Here’s an example.
00:16:13.350 --> 00:16:16.240
First top secret document
of the talk so far.
00:16:16.240 --> 00:16:18.480
This is a Close Access Operations box.
00:16:18.480 --> 00:16:22.470
It is basically car
metasploit for the NSA,
00:16:22.470 --> 00:16:25.190
which is an interesting thing. But
basically they say that the attack is
00:16:25.190 --> 00:16:30.140
undetectable, and it’s sadly
a laptop running free software.
00:16:30.140 --> 00:16:34.890
It is injecting packets. And they say that
they can do this from as far away as
00:16:34.890 --> 00:16:40.459
8 miles to inject packets, so presumably
using this they’re able to exploit
00:16:40.459 --> 00:16:45.590
a kernel vulnerability of some kind,
parsing the wireless frames, and, yeah.
00:16:45.590 --> 00:16:50.000
I’ve heard that they actually put this
hardware, from sources inside of the NSA
00:16:50.000 --> 00:16:54.420
and inside of other
intelligence agencies, that
00:16:54.420 --> 00:16:58.160
they actually put this type of hardware on
drones so that they fly them over areas
00:16:58.160 --> 00:17:02.219
that they’re interested in and they
do mass exploitation of people.
00:17:02.219 --> 00:17:05.579
Now, we don’t have a document
that substantiates that part, but
00:17:05.579 --> 00:17:08.239
we do have this document that actually
claims that they’ve done it from up to
00:17:08.239 --> 00:17:12.879
8 miles away. So that’s a really
interesting thing because it tells us
00:17:12.879 --> 00:17:17.490
that they understand that common wireless
cards, probably running Microsoft Windows,
00:17:17.490 --> 00:17:21.259
which is an American company, that they
know about vulnerabilities and they
00:17:21.259 --> 00:17:25.369
keep them a secret to use them. This is
part of a constant theme of sabotaging
00:17:25.369 --> 00:17:29.989
and undermining American companies and
American ingenuity. As an American,
00:17:29.989 --> 00:17:33.419
while generally not a nationalist, I find
this disgusting, especially as someone
00:17:33.419 --> 00:17:38.000
who writes free software and would
like my tax dollars to be spent
00:17:38.000 --> 00:17:40.650
on improving these things. And when they
know about them I don’t want them
00:17:40.650 --> 00:17:43.890
to keep them a secret because
all of us are vulnerable.
00:17:43.890 --> 00:17:45.950
It’s a really scary thing.
00:17:45.950 --> 00:17:52.270
applause
00:17:52.270 --> 00:17:55.829
And it just so happens that at my house,
myself and many of my friends,
00:17:55.829 --> 00:17:58.859
when we use wireless devices
– Andy knows what I’m talking about,
00:17:58.859 --> 00:18:03.300
a few other people here –
all the time we have errors
00:18:03.300 --> 00:18:07.950
in certain machines which are set up at
the house, in some cases as a honey pot
00:18:07.950 --> 00:18:11.919
– thanks, guys – where kernel
panic after kernel panic,
00:18:11.919 --> 00:18:15.659
exactly in the receive handler of the
Linux kernel where you would expect
00:18:15.659 --> 00:18:19.619
this specific type of thing to take place.
So I think that if we talk about
00:18:19.619 --> 00:18:23.369
the war coming home, we probably will
find that this is not just used in places
00:18:23.369 --> 00:18:27.299
where there’s a literal war on but where
they decide that it would be useful,
00:18:27.299 --> 00:18:31.730
including just parking outside your house.
Now I only have an hour today,
00:18:31.730 --> 00:18:35.660
so I’m gonna have to go through some
other stuff pretty quickly. I want to make
00:18:35.660 --> 00:18:40.679
a couple of points clear. This wasn’t
clear, even though it was written
00:18:40.679 --> 00:18:46.280
in the New York Times by my dear friend
Laura Poitras, who is totally fantastic
00:18:46.280 --> 00:18:51.520
by the way, and… you are great.
But 15 years of data retention –
00:18:51.520 --> 00:18:55.769
applause
00:18:55.769 --> 00:18:59.969
So the NSA has 15 years
of data retention.
00:18:59.969 --> 00:19:03.649
It’s a really important point to
drive home. I joked with Laura
00:19:03.649 --> 00:19:06.470
when she wrote the New York Times article
with James Risen, she should do the math
00:19:06.470 --> 00:19:10.659
for other people and say “15 years”. She
said: “They can do the math on their own,
00:19:10.659 --> 00:19:15.729
I believe in them”. I just wanna do the
math for you. 15 years, that’s scary!
00:19:15.729 --> 00:19:19.559
I don’t ever remember voting on that,
I don’t ever remember even having
00:19:19.559 --> 00:19:24.170
a public debate about it. And that
includes content as well as metadata.
00:19:24.170 --> 00:19:30.090
So they use this metadata. They search
through this metadata retroactively.
00:19:30.090 --> 00:19:33.599
They do what’s called ‘tasking’, that is,
they find a set of selectors – so that’s
00:19:33.599 --> 00:19:38.090
a set of unique identifiers, e-mail
addresses, cookies, MAC addresses, IMEIs…
00:19:38.090 --> 00:19:42.010
whatever is useful. Voice prints
potentially, depending on the system.
00:19:42.010 --> 00:19:46.570
And then they basically
task those selectors
00:19:46.570 --> 00:19:51.499
for specific activities. So that ties
together with some of the attacks
00:19:51.499 --> 00:19:55.499
which I’ll talk about, but essentially
QUANTUMINSERTION and things that are
00:19:55.499 --> 00:20:01.350
like QUANTUMINSERTION, they’re triggered
as part of the TURMOIL and TURBINE system
00:20:01.350 --> 00:20:05.839
and the QFIRE system, and they’re all put
together so that they can automate
00:20:05.839 --> 00:20:09.390
attacking people based on the plain
text traffic that transits the internet
00:20:09.390 --> 00:20:13.299
or based on the source or
destination IP addresses.
00:20:13.299 --> 00:20:16.270
This is a second top secret document.
00:20:16.270 --> 00:20:21.310
This is an actual NSA lolcat
00:20:21.310 --> 00:20:25.730
for the QUANTUMTHEORY program.
00:20:25.730 --> 00:20:29.290
applause
00:20:29.290 --> 00:20:33.150
You’ll notice it’s a black cat, hiding. Okay.
00:20:33.150 --> 00:20:36.900
So there are a few people in the audience
that are still not terrified enough, and
00:20:36.900 --> 00:20:40.270
there are a few people that as part
of their process for coping with
00:20:40.270 --> 00:20:44.589
this horrible world that we have found
ourselves in, they will say the following:
00:20:44.589 --> 00:20:48.259
“There’s no way they’ll ever find me. I’m
not interesting.” So I just want to dispel
00:20:48.259 --> 00:20:52.879
that notion and show you a little bit
about how they do that. So we mentioned
00:20:52.879 --> 00:20:56.899
TURMOIL, which is the dragnet surveillance,
and TURBINE, which is deep packet injection,
00:20:56.899 --> 00:21:00.839
and QFIRE, where we tie it all together,
and this is an example of something which
00:21:00.839 --> 00:21:03.839
I think actually demonstrates a crime but
I’m not sure, I’m not a lawyer, I’m
00:21:03.839 --> 00:21:07.729
definitely not your lawyer, and I’m
certainly not the NSA’s lawyer.
00:21:07.729 --> 00:21:11.511
But this is the MARINA system. This is
merely one of many systems where they
00:21:11.511 --> 00:21:15.350
actually have full content as well as
metadata. Taken together, they do
00:21:15.350 --> 00:21:19.160
contact chaining, where they find out you
guys are all in the same room with me
00:21:19.160 --> 00:21:24.990
– which reminds me, let’s
see, I’ve got this phone…
00:21:24.990 --> 00:21:31.040
Okay. That’s good. Let’s
turn that on. So now…
00:21:31.040 --> 00:21:34.480
laughter
You’re welcome.
00:21:34.480 --> 00:21:37.640
laughter
You have no idea!
00:21:37.640 --> 00:21:40.379
laughter
But I just wanted to make sure that
00:21:40.379 --> 00:21:44.069
if there was any question about whether
or not you are exempt from needing to do
00:21:44.069 --> 00:21:47.689
something about this,
that that is dispelled.
00:21:47.689 --> 00:21:53.489
applause
00:21:53.489 --> 00:21:58.950
Okay? Cell phone’s on.
Great. So. Hey, guys!
00:21:58.950 --> 00:22:02.760
laughter
So, the MARINA system is a
00:22:02.760 --> 00:22:07.689
contact chaining system as well as a
system that has data, and in this case
00:22:07.689 --> 00:22:12.849
what we see is in fact reverse contact
and forward contact graphing. So,
00:22:12.849 --> 00:22:17.129
any lawyers in the audience? If there
are American citizens in this database,
00:22:17.129 --> 00:22:21.140
is reverse targeting like this illegal?
Generally? Is it possible that that
00:22:21.140 --> 00:22:26.420
could be considered illegal?
Someone from audience mumbling
00:22:26.420 --> 00:22:29.330
Yeah, so, interesting. If it’s called
reverse contacts instead of
00:22:29.330 --> 00:22:34.550
reverse targeting – yeah, exactly.
So, you’ll also notice the,
00:22:34.550 --> 00:22:40.000
on the right-hand side, webcam photos.
00:22:40.000 --> 00:22:43.779
So, just in case you’re wondering,
in this case this particular target,
00:22:43.779 --> 00:22:47.480
I suppose that he did not or
she did not have a webcam.
00:22:47.480 --> 00:22:50.400
Good for them. If not, you should follow
the EFF’s advice and you should put
00:22:50.400 --> 00:22:54.460
a little sticker over your webcam. But
you’ll also note that they try to find
00:22:54.460 --> 00:22:57.649
equivalent identifiers. So every time
there’s a linkable identifier that you
00:22:57.649 --> 00:23:03.189
have on the internet, they try to put that
and tie it together and contact chain it,
00:23:03.189 --> 00:23:08.090
and they try to show who you are among all
of these different potential identifiers –
00:23:08.090 --> 00:23:11.189
if you have 5 e-mail addresses, they would
link them together – and then they try
00:23:11.189 --> 00:23:14.300
to find out who all your friends are.
You’ll also note at the bottom here,
00:23:14.300 --> 00:23:18.969
logins and passwords. So they’re
also doing dragnet surveillance
00:23:18.969 --> 00:23:22.879
in which they extract – the feature set
extraction where they know semantically
00:23:22.879 --> 00:23:26.459
what a login and a password is in a
particular protocol. And in this case
00:23:26.459 --> 00:23:30.780
this guy is lucky, I suppose, and they
were not able to get passwords or webcam,
00:23:30.780 --> 00:23:34.159
but you’ll note that they were able to get
his contacts and they were able to see
00:23:34.159 --> 00:23:38.429
in fact 29, give or take,
received messages as well,
00:23:38.429 --> 00:23:41.829
of which there are these things. Now in
this case we have redacted the e-mail
00:23:41.829 --> 00:23:45.980
and instant messenger information,
but this is an example of how
00:23:45.980 --> 00:23:49.720
laughs
you can’t hide from these things, and
00:23:49.720 --> 00:23:54.400
thinking that they won’t find you
is a fallacy. So this is basically
00:23:54.400 --> 00:23:59.219
the difference between taking one wire and
clipping onto it in a particularized
00:23:59.219 --> 00:24:02.350
suspicious way where they’re really
interested, they have a particularized
00:24:02.350 --> 00:24:05.609
suspicion, they think that someone is a
criminal, they think someone has taken
00:24:05.609 --> 00:24:10.040
some serious steps that are illegal, and
instead what they do is they put all of us
00:24:10.040 --> 00:24:14.220
under surveillance, record all of this
data that they possibly can, and then
00:24:14.220 --> 00:24:17.829
they go looking through it. Now
in the case of Chancellor Merkel,
00:24:17.829 --> 00:24:22.510
when we revealed NSRL 2002-388,
what we showed was that
00:24:22.510 --> 00:24:26.369
they were spying on Merkel. And by their
own admission 3 hops away, that’s everyone
00:24:26.369 --> 00:24:30.360
in the German Parliament
and everyone here.
00:24:30.360 --> 00:24:35.930
So that’s pretty serious stuff. It also
happens that if you should be visiting
00:24:35.930 --> 00:24:41.939
certain websites, especially if you’re
a Muslim, it is the case that you can be
00:24:41.939 --> 00:24:47.059
attacked automatically by this system.
Right? So that would mean that
00:24:47.059 --> 00:24:50.379
they would automatically start to break
into systems. That’s what they would call
00:24:50.379 --> 00:24:55.430
‘untasked targeting’. Interesting idea
that they call that targeted surveillance.
00:24:55.430 --> 00:24:58.669
To me that doesn’t really sound too
much like targeted surveillance unless
00:24:58.669 --> 00:25:02.659
what you mean by carpet bombing, it – you
know, I mean it just – you know, like… it
00:25:02.659 --> 00:25:07.780
just doesn’t… it doesn’t strike me right.
It’s not my real definition of ‘targeted’.
00:25:07.780 --> 00:25:11.129
It’s not well defined. It’s not that a
judge has said, “Yes, this person is
00:25:11.129 --> 00:25:14.579
clearly someone we should target.” Quite
the opposite. This is something where
00:25:14.579 --> 00:25:19.460
some guy who has a system has decided to
deploy it and they do it however they like
00:25:19.460 --> 00:25:22.539
whenever they would like. And while there
are some restrictions, it’s clear that
00:25:22.539 --> 00:25:27.030
the details about these programs do not
trickle up. And even if they do, they
00:25:27.030 --> 00:25:31.289
do not trickle up in a useful way. So
this is important, because members
00:25:31.289 --> 00:25:36.049
of the U.S. Congress, they have no clue
about these things. Literally, in the case
00:25:36.049 --> 00:25:42.599
of the technology. Ask a Congressman
about TCP/IP. Forget it.
00:25:42.599 --> 00:25:46.559
You can’t even get a meeting with them.
I’ve tried. Doesn’t matter. Even if you
00:25:46.559 --> 00:25:49.909
know the secret interpretation of Section
215 of the Patriot Act and you go
00:25:49.909 --> 00:25:52.619
to Washington, D.C. and you meet with
their aides, they still won’t talk to you
00:25:52.619 --> 00:25:56.000
about it. Part of that is because they
don’t have a clue, and another part of it
00:25:56.000 --> 00:26:00.099
is because they can’t talk about it,
because they don’t have a political solution.
00:26:00.099 --> 00:26:02.929
Absent a political solution, it’s very
difficult to get someone to admit that
00:26:02.929 --> 00:26:06.370
there is a problem. Well, there is a
problem, so we’re going to create
00:26:06.370 --> 00:26:09.649
a political problem and also talk
about some of the solutions.
00:26:09.649 --> 00:26:12.589
The Cypherpunks generally have
come up with some of the solutions
00:26:12.589 --> 00:26:16.610
when we talk about encrypting the entire
internet. That would end dragnet mass
00:26:16.610 --> 00:26:20.719
surveillance in a sense, but it will
come back in a different sense
00:26:20.719 --> 00:26:25.569
even with encryption. We need both
a marriage of a technical solution
00:26:25.569 --> 00:26:30.580
and we need a political solution
to go with it, and if we don’t have
00:26:30.580 --> 00:26:35.480
those 2 things, we will unfortunately be
stuck here. But at the moment the NSA,
00:26:35.480 --> 00:26:40.489
basically, I feel, has more power than
anyone in the entire world – any one
00:26:40.489 --> 00:26:44.800
agency or any one person. So Emperor
Alexander, the head of the NSA, really has
00:26:44.800 --> 00:26:50.149
a lot of power. If they want to right now,
they’ll know that the IMEI of this phone
NOTE Paragraph
00:26:50.149 --> 00:26:55.230
is interesting. It’s very warm, which is
another funny thing, and they would be
00:26:55.230 --> 00:26:59.129
able to break into this phone almost
certainly and then turn on the microphone,
00:26:59.129 --> 00:27:03.270
and all without a court.
So that to me is really scary.
00:27:03.270 --> 00:27:06.889
And I especially dislike the fact that
if you were to be building these
00:27:06.889 --> 00:27:10.550
types of things, they treat you as an
opponent, if you wish to be able to
00:27:10.550 --> 00:27:14.000
fulfill the promises that you make to your
customers. And as someone who writes
00:27:14.000 --> 00:27:18.159
security software
I think that’s bullshit.
00:27:18.159 --> 00:27:22.179
So. Here’s how they do a bit of it.
So there are different programs.
00:27:22.179 --> 00:27:25.860
So QUANTUMTHEORY, QUANTUMNATION,
QUANTUMBOT, QUANTUMCOPPER
00:27:25.860 --> 00:27:29.389
and QUANTUMINSERT. You’ve heard of a few
of them. I’ll just go through them real quick.
00:27:29.389 --> 00:27:33.449
QUANTUMTHEORY essentially has
a whole arsenal of zero-day exploits.
00:27:33.449 --> 00:27:38.490
Then the system deploys what’s called
a SMOTH, or a seasoned moth.
00:27:38.490 --> 00:27:43.540
And a seasoned moth is an
implant which dies after 30 days.
00:27:43.540 --> 00:27:48.549
So I think that these guys either took a
lot of acid or read a lot of Philip K. Dick,
00:27:48.549 --> 00:27:51.759
potentially both!
applause
00:27:51.759 --> 00:27:55.379
And they thought Philip K. Dick
wasn’t dystopian enough.
00:27:55.379 --> 00:27:59.869
“Let’s get better at this”.
And after reading VALIS, I guess,
00:27:59.869 --> 00:28:04.760
they went on, and they also have
as part of QUANTUMNATION
00:28:04.760 --> 00:28:08.849
what’s called VALIDATOR or COMMONDEER.
Now these are first-stage payloads
00:28:08.849 --> 00:28:13.940
that are done entirely in memory.
These exploits essentially are where they
00:28:13.940 --> 00:28:18.279
look around to see if you have what are
called PSPs, and this is to see, like,
00:28:18.279 --> 00:28:21.730
you know, if you have Tripwire, if you
have Aid, if you have some sort of
00:28:21.730 --> 00:28:25.549
system tool that will detect if an
attacker is tampering with files or
00:28:25.549 --> 00:28:28.659
something like this, like
a host intrusion detection system.
00:28:28.659 --> 00:28:33.689
So VALIDATOR and COMMONDEER, which,
I mean, clearly the point of COMMONDEER,
00:28:33.689 --> 00:28:36.659
while it’s misspelled here – it’s not
actually… I mean that’s the name
00:28:36.659 --> 00:28:40.649
of the program… but the point is to make
a pun on commandeering your machine. So,
00:28:40.649 --> 00:28:44.550
you know, when I think about the U.S.
Constitution in particular, we talk about
00:28:44.550 --> 00:28:49.300
not allowing the quartering of
soldiers – and, gosh, you know?
00:28:49.300 --> 00:28:53.629
Commandeering my computer sounds
a lot like a digital version of that, and
00:28:53.629 --> 00:28:57.379
I find that’s a little bit confusing, and
mostly in that I don’t understand
00:28:57.379 --> 00:29:01.219
how they get away with it. But part of it
is because until right now we didn’t know
00:29:01.219 --> 00:29:05.679
about it, in public, which is why we’re
releasing this in the public interest,
00:29:05.679 --> 00:29:09.400
so that we can have a better debate
about whether or not that counts, in fact,
00:29:09.400 --> 00:29:14.189
as a part of this type of what I would
consider to be tyranny, or perhaps
00:29:14.189 --> 00:29:18.719
you think it is a measured and reasonable
thing. I somehow doubt that. But
00:29:18.719 --> 00:29:23.070
in any case, QUANTUMBOT is where
they hijack IRC bots, because why not?
00:29:23.070 --> 00:29:26.490
They thought they would like to do
that, and an interesting point is that
00:29:26.490 --> 00:29:31.320
they could in theory stop a lot
of these botnet attacks and
00:29:31.320 --> 00:29:35.200
they have decided to maintain that
capability, but they’re not yet doing it
00:29:35.200 --> 00:29:38.749
except when they feel like doing it for
experiments or when they do it to
00:29:38.749 --> 00:29:42.699
potentially use them. It’s not clear
exactly how they use them. But
00:29:42.699 --> 00:29:46.350
the mere fact of the matter is that that
suggests they’re even in fact able to do
00:29:46.350 --> 00:29:49.850
these types of attacks, they’ve tested
these types of attacks against botnets.
00:29:49.850 --> 00:29:53.879
And that’s the program you should FOIA
for. We’ve released a little bit of detail
00:29:53.879 --> 00:29:57.890
about that today as well. And
QUANTUMCOPPER to me is really scary.
00:29:57.890 --> 00:30:01.719
It’s essentially a thing that can
interfere with TCP/IP and it can do things
00:30:01.719 --> 00:30:06.799
like corrupt file downloads. So if you
imagine the Great Firewall of China,
00:30:06.799 --> 00:30:10.289
so-called – that’s for the whole planet.
00:30:10.289 --> 00:30:14.319
So if the NSA wanted to tomorrow, they
could kill every anonymity system
00:30:14.319 --> 00:30:20.259
that exists by just forcing everyone who
connects to an anonymity system to reset
00:30:20.259 --> 00:30:24.750
just the same way that the Chinese do
right now in China with the Great Firewall
00:30:24.750 --> 00:30:28.589
of China. So that’s like the NSA builds
the equivalent of the Great Firewall
00:30:28.589 --> 00:30:33.999
of Earth. That’s, to me that’s
a really scary, heavy-handed thing,
00:30:33.999 --> 00:30:39.080
and I’m sure they only use it for good.
clears throat
00:30:39.080 --> 00:30:44.520
But, yeah. Back here in reality that to
me is a really scary thing, especially
00:30:44.520 --> 00:30:48.610
because one of the ways that they are able
to have this capability, as I mentioned,
00:30:48.610 --> 00:30:52.979
is these diodes. So what that suggests
is that they actually repurpose
00:30:52.979 --> 00:30:56.260
other people’s machines in order to
reposition and to gain a capability
00:30:56.260 --> 00:31:01.349
inside of an area where they actually
have no legitimacy inside of that area.
00:31:01.349 --> 00:31:07.049
That to me suggests it is not only
heavy-handed, that they have probably some
00:31:07.049 --> 00:31:12.289
tools to do that. You see where I’m going
with this. Well, QUANTUMINSERTION,
00:31:12.289 --> 00:31:16.119
this is also an important point, because
this is what was used against Belgacom,
00:31:16.119 --> 00:31:22.060
this is what’s used by a whole number of
unfortunately players in the game where
00:31:22.060 --> 00:31:26.409
basically what they do is they inject
a packet. So you have a TCP connection,
00:31:26.409 --> 00:31:30.169
Alice wants to talk to Bob, and for some
reason Alice and Bob have not heard
00:31:30.169 --> 00:31:34.880
about TLS. Alice sends an HTTP
request to Bob. Bob is Yahoo.
00:31:34.880 --> 00:31:40.799
NSA loves Yahoo. And basically they
inject a packet which will get to Alice
00:31:40.799 --> 00:31:44.429
before Yahoo is able to respond, right?
And the thing is that if that was a
00:31:44.429 --> 00:31:48.960
TLS connection, the man-on-the-side
attack would not succeed.
00:31:48.960 --> 00:31:53.180
That’s really key. If they were using TLS,
the man-on-the-side attack could at best,
00:31:53.180 --> 00:31:56.330
as far as we understand it at the moment,
they could tear down the TLS session but
00:31:56.330 --> 00:31:59.659
they couldn’t actually actively inject.
So that’s a man-on-the-side attack.
00:31:59.659 --> 00:32:05.349
We can end that attack with TLS.
When we deploy TLS everywhere
00:32:05.349 --> 00:32:09.559
then we will end that kind of attack. So
there was a joke, you know, when you
00:32:09.559 --> 00:32:12.820
download .mp3s, you ride with communism
– from the ’90s, some of you may
00:32:12.820 --> 00:32:19.060
remember this. When you bareback with
the internet, you ride with the NSA.
00:32:19.060 --> 00:32:24.450
applause
00:32:24.450 --> 00:32:28.969
Or you’re getting a ride, going for
a ride. So the TAO infrastructure,
00:32:28.969 --> 00:32:33.449
Tailored Access and Operations. Some
of the FOXACID URLs are public.
00:32:33.449 --> 00:32:38.309
FOXACID is essentially like a watering
hole type of attack where you go to,
00:32:38.309 --> 00:32:43.759
you go to a URL. QUANTUMINSERT
puts like an iframe or puts some code
00:32:43.759 --> 00:32:46.729
in your web browser, which you then
execute, which then causes you to
00:32:46.729 --> 00:32:50.569
load resources. One of the resources that
you load while you’re loading CNN.com,
00:32:50.569 --> 00:32:55.180
for example, which is one of their
examples, they – you like that, by the way?
00:32:55.180 --> 00:32:59.050
So, you know, that’s an extremist site. So
coughs
00:32:59.050 --> 00:33:03.020
you might have heard about that. A lot of
Republicans in the United States read it.
00:33:03.020 --> 00:33:08.130
So – right before they wage
illegal imperialist wars. So,
00:33:08.130 --> 00:33:12.620
the point is that you go to a FOXACID
server and it basically does a survey
00:33:12.620 --> 00:33:17.899
of your box and decides if it can break
into it or not, and then it does.
00:33:17.899 --> 00:33:22.409
Yep, that’s basically it. And the FOXACID
URLs, a few of them are public.
00:33:22.409 --> 00:33:27.139
Some of the details about that have been
made public, about how the structure
00:33:27.139 --> 00:33:31.060
of the URLs are laid out and so on.
An important detail is that they pretend
00:33:31.060 --> 00:33:34.340
that they’re Apache, but they actually
do a really bad job. So they’re
00:33:34.340 --> 00:33:38.230
like Hacking Team, maybe it’s the same
guys, I doubt it though, the NSA wouldn’t
00:33:38.230 --> 00:33:43.790
slum with scumbags like that, but…
Basically you can tell, you can find them,
00:33:43.790 --> 00:33:47.610
because they aren’t really Apache servers.
They pretend to be, something else.
00:33:47.610 --> 00:33:51.020
The other thing is that none of their
infrastructure is in the United States.
00:33:51.020 --> 00:33:56.480
So, real quick anonymity question. You
have a set of things and you know that
00:33:56.480 --> 00:34:01.919
a particular attacker never comes from one
place. Every country on the planet
00:34:01.919 --> 00:34:06.439
potentially, but never one place. The
one place where most of the internet is.
00:34:06.439 --> 00:34:10.050
What does that tell you in terms of
anonymity? It tells you usually that
00:34:10.050 --> 00:34:14.960
they’re hiding something about that one
place. Maybe there’s a legal requirement
00:34:14.960 --> 00:34:19.020
for this. It’s not clear to me. But what
is totally clear to me is that if you see
00:34:19.020 --> 00:34:22.720
this type of infrastructure and it is not
in the United States, there is a chance,
00:34:22.720 --> 00:34:28.289
especially today, that it’s the NSA’s
Tailored Access and Operations division.
00:34:28.289 --> 00:34:34.490
And here’s an important point. When the
NSA can’t do it, they bring in GCHQ.
00:34:34.490 --> 00:34:38.820
So, for example, for targeting certain
Gmail selectors, they can’t do it.
00:34:38.820 --> 00:34:42.740
And in the documents we released today,
we show that they say: “If you have
00:34:42.740 --> 00:34:46.800
a partner agreement form and you need to
target, there are some additional selectors
00:34:46.800 --> 00:34:51.330
that become available should you
need them”. So when we have a limit
00:34:51.330 --> 00:34:54.640
of an intelligence agency in the United
States, or here in Germany or
00:34:54.640 --> 00:34:58.690
something like this, we have to recognize
that information is a currency
00:34:58.690 --> 00:35:03.380
in an unregulated market. And these
guys, they trade that information, and
00:35:03.380 --> 00:35:08.260
one of the ways they trade that is like
this. And they love Yahoo.
00:35:08.260 --> 00:35:15.470
So, little breather?
00:35:15.470 --> 00:35:18.630
It’s always good to make fun of
the GCHQ with Austin Powers!
00:35:18.630 --> 00:35:22.200
laughter
Okay. Another classified document here.
00:35:22.200 --> 00:35:27.310
That’s actual NSA OpenOffice or Powerpoint
clip art of their horrible headquarters
00:35:27.310 --> 00:35:31.440
that you see in every news story, I can’t
wait to see a different photo of the NSA
00:35:31.440 --> 00:35:38.470
someday. But you’ll notice right here they
explain how QUANTUM works. Now SSO is
00:35:38.470 --> 00:35:43.200
a Special Source Operations site. So
you’ve seen U.S. embassies? Usually
00:35:43.200 --> 00:35:46.430
the U.S. embassy has dielectric panels on
the roof, that’s what we showed in Berlin,
00:35:46.430 --> 00:35:51.870
it was called “DAS NEST” on the cover
of ‘Der Spiegel’. That’s an SSO site.
00:35:51.870 --> 00:35:55.900
So they see that this type of stuff is
taking place, they do an injection and
00:35:55.900 --> 00:36:01.650
they try to beat the Yahoo packet back.
Now another interesting point is
00:36:01.650 --> 00:36:07.820
that for the Yahoo packet to be beaten,
the NSA must impersonate Yahoo.
00:36:07.820 --> 00:36:11.230
This is a really important detail because
what it tells us is that they are
00:36:11.230 --> 00:36:16.300
essentially conscripting Yahoo and saying
that they are Yahoo. So they are
00:36:16.300 --> 00:36:20.960
impersonating a U.S. company
to a U.S. company user
00:36:20.960 --> 00:36:24.530
and they are not actually supposed
to be in this conversation at all.
00:36:24.530 --> 00:36:29.140
And when they do it, then they of course
– basically if you’re using Yahoo,
00:36:29.140 --> 00:36:32.620
you’re definitely going to get owned. So
– and I don’t just mean that in that
00:36:32.620 --> 00:36:37.270
Yahoo is vulnerable, they are, but
I mean people that use Yahoo tend to
00:36:37.270 --> 00:36:40.380
– maybe it’s a bad generalization,
but, you know – they’re not the most
00:36:40.380 --> 00:36:43.150
security-conscious people on the planet,
they don’t keep their computers up to date,
00:36:43.150 --> 00:36:47.220
I’m guessing, and that’s probably why
they love Yahoo so much. They also love
00:36:47.220 --> 00:36:51.340
CNN.com, which is some other… I don’t know
what that says, it’s like a sociological
00:36:51.340 --> 00:36:56.900
study of compromise. But that’s an
important detail. So the SSO site sniffs
00:36:56.900 --> 00:36:59.820
and then they do some injection, they
redirect you to FOXACID. That’s for
00:36:59.820 --> 00:37:04.261
web browser exploitation. They obviously
have other exploitation techniques.
00:37:04.261 --> 00:37:08.930
Okay. So now. We all know
that cellphones are vulnerable.
00:37:08.930 --> 00:37:13.530
Here’s an example. This is a base station
00:37:13.530 --> 00:37:17.790
that the NSA has that, I think it’s the
first time ever anyone’s ever revealed
00:37:17.790 --> 00:37:22.340
an NSA IMSI catcher. So, here it is.
Well, actually the second time, because
00:37:22.340 --> 00:37:25.320
‘Der Spiegel’ did it this morning.
But you know what I mean.
00:37:25.320 --> 00:37:30.300
applause
00:37:30.300 --> 00:37:35.060
So they call it ‘Find, Fix and
Finish targeted handset users’.
00:37:35.060 --> 00:37:38.940
Now it’s really important to understand
when they say “targeting” you would think
00:37:38.940 --> 00:37:43.370
‘massive collection’, right? Because what
are they doing? They’re pretending to be
00:37:43.370 --> 00:37:48.540
a base station. They want to overpower.
They want to basically be the phone
00:37:48.540 --> 00:37:51.630
that you connect to… or the phone system
that you connect to. And that means
00:37:51.630 --> 00:37:54.740
lots of people are going to connect
potentially. So it’s not just one
00:37:54.740 --> 00:37:59.430
targeted user. So hopefully they have it
set up so that if you need to dial 911,
00:37:59.430 --> 00:38:02.990
or here in Europe 112 – you know,
by the way, if you ever want to find
00:38:02.990 --> 00:38:05.740
one of these things try to call different
emergency numbers and note which ones
00:38:05.740 --> 00:38:09.960
route where. Just as a little detail.
Also note that sometimes if you go
00:38:09.960 --> 00:38:14.420
to the Ecuadorian embassy you will receive
a welcome message from Uganda Telecom.
00:38:14.420 --> 00:38:18.670
Because the British when they deployed
the IMSI catcher against Julian Assange
00:38:18.670 --> 00:38:23.150
at the Ecuadorian embassy made the mistake
of not reconfiguring the spy gear they [had]
00:38:23.150 --> 00:38:27.390
deployed in Uganda [before]
when they deployed in London.
00:38:27.390 --> 00:38:33.330
applause
00:38:33.330 --> 00:38:38.420
And this can be yours
for only US$ 175.800.
00:38:38.420 --> 00:38:43.120
And this covers GSM and PCS and
DCS and a bunch of other stuff.
00:38:43.120 --> 00:38:46.870
So basically if you use a cell phone
– forget it. It doesn’t matter
00:38:46.870 --> 00:38:50.520
what you’re doing. The exception may
be Cryptophone and Redphone. In fact
00:38:50.520 --> 00:38:54.660
I’d like to just give a shoutout to the
people who work on free software, and
00:38:54.660 --> 00:38:57.640
software which is actually secure. Like
Moxie Marlinspike – I’m so sorry I mention
00:38:57.640 --> 00:39:02.300
your name in my talk, but don’t worry,
your silence won’t protect you!
00:39:02.300 --> 00:39:05.160
I think it’s really important to know
Moxie is one of the very few people
00:39:05.160 --> 00:39:08.270
in the world who builds technologies that
is both free and open source, and
00:39:08.270 --> 00:39:12.940
as far as I can tell he refuses to do
anything awful. No backdoors or anything.
00:39:12.940 --> 00:39:18.170
And from what I can tell this proves
that we need things like that.
00:39:18.170 --> 00:39:22.000
This is absolutely necessary because they
replace the infrastructure we connect to.
00:39:22.000 --> 00:39:25.920
It’s like replacing the road that we would
walk on, and adding tons of spy gear.
00:39:25.920 --> 00:39:30.250
And they do that too,
we’ll get to that. Okay.
00:39:30.250 --> 00:39:33.601
So I’m gonna go a little quick through
these because I think it’s better that you
00:39:33.601 --> 00:39:36.600
go online and you adjust. And I wanna
have a little bit of time for questions.
00:39:36.600 --> 00:39:41.290
But basically here’s an example of how
even if you disable a thing the thing is
00:39:41.290 --> 00:39:45.480
not really disabled. So if you have a WiFi
card in your computer the SOMBERKNAVE
00:39:45.480 --> 00:39:51.080
program, which is another classified
document here, they basically repurpose
00:39:51.080 --> 00:39:55.060
your WiFi gear. They say: “You’re not
using that WiFi card? We’re gonna scan
00:39:55.060 --> 00:39:58.350
for WiFi nearby, we’re gonna exfiltrate
data by finding an open WiFi network
00:39:58.350 --> 00:40:01.310
and we’re gonna jump on it”. So
they’re actually using other people’s
00:40:01.310 --> 00:40:05.480
wireless networks in addition to having
this stuff in your computer. And this is
00:40:05.480 --> 00:40:11.030
one of the ways they beat a so-called
air-gapped target computer.
00:40:11.030 --> 00:40:14.400
Okay, so here’s some of the software
implants. Now we’re gonna name a bunch
00:40:14.400 --> 00:40:18.800
of companies because – fuck those guys
basically, for collaborating when they do,
00:40:18.800 --> 00:40:22.540
and fuck them for leaving us
vulnerable when they do.
00:40:22.540 --> 00:40:26.030
applause
00:40:26.030 --> 00:40:29.930
And I mean that in the most loving way
because some of them are victims, actually.
00:40:29.930 --> 00:40:33.400
It’s important to note that we don’t
yet understand which is which.
00:40:33.400 --> 00:40:36.930
So it’s important to name them, so that
they have to go on record, and so that
00:40:36.930 --> 00:40:40.310
they can say where they are, and so
that they can give us enough rope
00:40:40.310 --> 00:40:44.370
to hang themselves. I really want that to
happen because I think it’s important
00:40:44.370 --> 00:40:47.820
to find out who collaborated and who
didn’t collaborate. In order to have truth
00:40:47.820 --> 00:40:51.840
and reconciliation we need to start with
a little of truth. So STUCCOMONTANA
00:40:51.840 --> 00:40:55.660
is basically BadBIOS if you guys have
heard about that. I feel very bad
00:40:55.660 --> 00:40:59.070
for Dragos, he doesn’t really talk to me
right now. I think he might be kinda mad.
00:40:59.070 --> 00:41:04.880
But after I was detained – by the
US Army on US soil, I might add –
00:41:04.880 --> 00:41:08.490
they took a phone from me. Now it
shouldn’t matter but it did. They also
00:41:08.490 --> 00:41:11.420
I think went after all my phone records so
they didn’t need to take the phone. But
00:41:11.420 --> 00:41:14.170
for good measure, they just wanted
to try to intimidate me which is exactly
00:41:14.170 --> 00:41:19.710
the wrong thing to do to me. But as he
told the story after that happened
00:41:19.710 --> 00:41:23.180
all of his computers including his Xbox
were compromised. And he says
00:41:23.180 --> 00:41:27.870
even to this day that some of those things
persist. And he talks about the BIOS.
00:41:27.870 --> 00:41:32.990
Here’s a document that shows clearly
that they actually re-flash the BIOS
00:41:32.990 --> 00:41:37.410
and they also have other techniques
including System Management Mode
00:41:37.410 --> 00:41:42.260
related rootkits and that they have
persistence inside of the BIOS.
00:41:42.260 --> 00:41:46.380
It’s an incredibly important point. This
is evidence that the thing that Dragos
00:41:46.380 --> 00:41:50.150
talked about, maybe he doesn’t
have it, but it really does exist.
00:41:50.150 --> 00:41:54.990
Now the question is how would he find it?
We don’t have the forensics tools yet.
00:41:54.990 --> 00:41:58.420
We don’t really have the capabilities
widely deployed in the community
00:41:58.420 --> 00:42:02.230
to be able to know that, and to be
able to find it. Here’s another one.
00:42:02.230 --> 00:42:06.740
This one’s called SWAP. In this case it
replaces the Host Protected Area
00:42:06.740 --> 00:42:11.580
of the hard drive, and you can see a
little graph where there’s target systems,
00:42:11.580 --> 00:42:14.860
you see the internet, Interactive OPS, so
they’ve got like a guy who is hacking you
00:42:14.860 --> 00:42:19.350
in real time, the People’s
Liberation Army… uh, NSA! And…
00:42:19.350 --> 00:42:22.370
laughter
And you can see all of these different
00:42:22.370 --> 00:42:25.190
things about it. Each one of these things,
including SNEAKERNET, these are
00:42:25.190 --> 00:42:29.520
different programs, most of which we
revealed today in ‘Der Spiegel’.
00:42:29.520 --> 00:42:32.880
But you’ll notice that it’s Windows,
Linux, FreeBSD and Solaris.
00:42:32.880 --> 00:42:38.250
How many Al Qaeda people
use Solaris, do you suppose?
00:42:38.250 --> 00:42:42.390
This tells you a really important point.
They are interested in compromising
00:42:42.390 --> 00:42:46.960
the infrastructure of systems,
not just individual people.
00:42:46.960 --> 00:42:50.460
They want to take control and
literally colonize those systems
00:42:50.460 --> 00:42:55.490
with these implants. And that’s not part
of the discussion. People are not talking
00:42:55.490 --> 00:42:59.880
about that because they don’t know about
that yet. But they should. Because
00:42:59.880 --> 00:43:03.500
in addition to the fact that Sun is a U.S.
company which they are building
00:43:03.500 --> 00:43:07.710
capabilities against – that to me, really,
it really bothers me; I can’t tell you
00:43:07.710 --> 00:43:10.700
how much that bothers me – we also
see that they’re attacking Microsoft,
00:43:10.700 --> 00:43:13.670
another U.S. company, and Linux and
FreeBSD, where there are a lot of people
00:43:13.670 --> 00:43:15.900
that are building it from all around the
world. So they’re attacking not only
00:43:15.900 --> 00:43:19.260
collective efforts and corporate
efforts, but basically every option
00:43:19.260 --> 00:43:24.660
you possibly can, from end users
down to telecom core things.
00:43:24.660 --> 00:43:28.830
Here’s another one, DEITYBOUNCE.
This is for Dell,
00:43:28.830 --> 00:43:33.840
so Dell PowerEdge 1850,
2850, 1950, 2950…
00:43:33.840 --> 00:43:37.910
RAID servers using any of the
following BIOS versions. Right?
00:43:37.910 --> 00:43:41.950
So just in case you’re wondering, hey
Dell, why is that? Curious about that.
00:43:41.950 --> 00:43:45.810
Love to hear your statements about it.
So if you write YARA sigs [signatures]
00:43:45.810 --> 00:43:49.930
and you’re interested in looking
for NSA malware, look for things
00:43:49.930 --> 00:43:55.080
that use RC6, so look for the constants
that you might find in RC6.
00:43:55.080 --> 00:43:59.650
And when they run, if they emit UDP
traffic – we’ve actually seen a sample
00:43:59.650 --> 00:44:03.620
of this but we were not able
to capture it, sadly, but
00:44:03.620 --> 00:44:07.750
emitting UDP traffic that is encrypted.
You know, people that I’ve worked with
00:44:07.750 --> 00:44:10.830
on things related to this, they’ve even,
they’ve had their house black bagged.
00:44:10.830 --> 00:44:13.640
They’ve had pretty bad stuff happen
to them. That’s their story to tell.
00:44:13.640 --> 00:44:19.170
But one of the interesting details is
that after those events occurred,
00:44:19.170 --> 00:44:23.630
these types of things were seen. Ben
has a really bad idea for those guys,
00:44:23.630 --> 00:44:27.310
I might add, because I wouldn’t have put
this slide in if that had not occurred.
00:44:27.310 --> 00:44:29.880
But if you want to look for it, you’ll
find it. I know some people that have
00:44:29.880 --> 00:44:33.860
looked with YARA sigs and they have
in fact found things related to this,
00:44:33.860 --> 00:44:37.000
so I suspect a lot of malware researchers
in the near future are going to have
00:44:37.000 --> 00:44:40.970
a lot of stuff to say about this
particular slide. I’ll leave that to them.
00:44:40.970 --> 00:44:44.910
I think it’s very important to go looking
for these things, especially to find out
00:44:44.910 --> 00:44:49.850
who is victimized by them. Here’s an
iPhone back door.
00:44:49.850 --> 00:44:56.330
So DROPOUTJEEP, so
you can see it right there.
00:44:56.330 --> 00:45:01.420
So, SMS, contact list retrieval,
voicemail, hot microphone,
00:45:01.420 --> 00:45:06.850
camera capture, cell tower location. Cool.
Do you think Apple helped them with that?
00:45:06.850 --> 00:45:10.140
I don’t know. I hope Apple will clarify
that. I think it’s really important
00:45:10.140 --> 00:45:14.070
that Apple doesn’t. Here’s
a problem. I don’t really believe
00:45:14.070 --> 00:45:18.290
that Apple didn’t help them. I can’t
prove it yet, but they literally claim
00:45:18.290 --> 00:45:24.420
that any time they target an iOS device,
that it will succeed for implantation.
00:45:24.420 --> 00:45:28.620
Either they have a huge collection of
exploits that work against Apple products,
00:45:28.620 --> 00:45:31.730
meaning that they are hoarding
information about critical systems that
00:45:31.730 --> 00:45:35.430
American companies produce
and sabotaging them,
00:45:35.430 --> 00:45:40.080
or Apple sabotaged it themselves.
Not sure which one it is!
00:45:40.080 --> 00:45:43.180
I’d like to believe that since Apple
didn’t join the PRISM program until
00:45:43.180 --> 00:45:49.580
after Steve Jobs died that maybe it’s
just that they write shitty software.
00:45:49.580 --> 00:45:52.960
We know that’s true!
laughter
00:45:52.960 --> 00:45:58.040
applause
00:45:58.040 --> 00:46:02.320
Here’s a HVT, high-value target.
This is a high-value target
00:46:02.320 --> 00:46:05.770
being targeted with a back door for
Windows CE Thuraya phones.
00:46:05.770 --> 00:46:11.290
So if you have a Thuraya phone and you’re
wondering if it was secure – yeah maybe.
00:46:11.290 --> 00:46:15.220
Good luck! Here’s one where they
replaced the hard drive firmware.
00:46:15.220 --> 00:46:19.340
There was a talk at OHM this year
[OHM2013] where a guy talked about
00:46:19.340 --> 00:46:22.960
replacing hard drive firmware.
You were onto something.
00:46:22.960 --> 00:46:25.850
You were really onto something. Whoever
you are, you were onto something.
00:46:25.850 --> 00:46:29.540
Because the NSA has a program here,
IRATEMONK, and that’s exactly
00:46:29.540 --> 00:46:32.600
what they do. They replace the firmware
in the hard drive, so it doesn’t matter
00:46:32.600 --> 00:46:37.160
if you reformat the hard drive, you’re
done. The firmware itself can do
00:46:37.160 --> 00:46:42.320
a whole bunch of stuff. So. Here are
the names of the hard drive companies
00:46:42.320 --> 00:46:47.480
were it works: Western Digital, Seagate,
Maxtor and Samsung, and of course
00:46:47.480 --> 00:46:52.380
they support FAT, NTFS, EXT3 and UFS.
They probably now have support for
00:46:52.380 --> 00:46:56.490
additional file systems, but this is
what we can prove. Please note
00:46:56.490 --> 00:47:00.770
at the bottom left and the bottom right:
“Status: Released and Deployed.
00:47:00.770 --> 00:47:06.000
Ready for Immediate Delivery”.
And: “Unit Cost: $0”.
00:47:06.000 --> 00:47:11.550
It’s free! No, you can’t get it.
It’s not free as in free software.
00:47:11.550 --> 00:47:15.270
It’s free as in “You’re owned!”.
laughter
00:47:15.270 --> 00:47:19.580
applause
00:47:19.580 --> 00:47:22.930
I want to give a shoutout to Karsten Nohl
and Luca [Luca Melette] for their
00:47:22.930 --> 00:47:26.460
incredible talk where they showed this
exact attack without knowing that
00:47:26.460 --> 00:47:30.940
they had found it. Right?
They say – yeah, absolutely.
00:47:30.940 --> 00:47:35.230
applause
00:47:35.230 --> 00:47:39.300
Important point. The NSA says that when
they know about these things, that
00:47:39.300 --> 00:47:42.350
nobody will come to harm, no one will be
able to find them, they’ll never be able
00:47:42.350 --> 00:47:47.180
to be exploited by another third party.
Karsten found this exact vulnerability.
00:47:47.180 --> 00:47:51.930
They were able to install a Java applet on
the SIM card without user interaction,
00:47:51.930 --> 00:47:55.170
and it was based on the service provider’s
security configuration, which is exactly
00:47:55.170 --> 00:47:58.740
what the NSA says here, and they talk
about attacking the same toolkit
00:47:58.740 --> 00:48:02.760
inside of the phone; and Karsten
found the same vulnerability
00:48:02.760 --> 00:48:07.140
and attacked it in the wild. This
is perfect evidence, not only of
00:48:07.140 --> 00:48:10.960
how badass Karsten and Luca are
– they are, no question – but also about
00:48:10.960 --> 00:48:16.210
how wrong the NSA is with this balance.
Because for every Karsten and Luca, there
00:48:16.210 --> 00:48:21.420
are hundreds of people who are paid to do
this full-time and never tell us about it.
00:48:21.420 --> 00:48:29.000
applause
00:48:29.000 --> 00:48:32.760
Important detail. Do you see that
‘interdiction’ phrase right there?
00:48:32.760 --> 00:48:35.770
“Through remote access” – in other
words, we broke into your computer –
00:48:35.770 --> 00:48:40.420
“or interdiction” – in other words,
we stole your fucking mail. Now.
00:48:40.420 --> 00:48:43.471
This is a really important point. We
all have heard about these paranoid
00:48:43.471 --> 00:48:46.380
crazy people talking about people breaking
into their houses – that’s happened to me
00:48:46.380 --> 00:48:49.700
a number of times – motherfuckers,
getting you back – it’s really important
00:48:49.700 --> 00:48:53.460
to understand this process is
one that threatens all of us.
00:48:53.460 --> 00:48:59.170
The sanctity of the postal system
has been violated. I mean – whoa!
00:48:59.170 --> 00:49:02.340
God, it makes me so angry, you know?
You can’t even send a letter without
00:49:02.340 --> 00:49:05.940
being spied on, but even worse that they
tamper with it! It’s not enough that
00:49:05.940 --> 00:49:10.510
the U.S. Postal Service records all
of this information and keeps it
00:49:10.510 --> 00:49:13.640
– that’s not enough. They also have to
tamper with the packages! So every time
00:49:13.640 --> 00:49:18.050
you buy from Amazon, for example, every
time you buy anything on the internet,
00:49:18.050 --> 00:49:22.230
there is the possibility that they will
actually take your package and change it.
00:49:22.230 --> 00:49:25.340
One of the ways that I’ve heard that they
change it is that they will actually
00:49:25.340 --> 00:49:29.800
take the case of your computer and they
will injection mold a hardware back door
00:49:29.800 --> 00:49:33.680
into the case of the computer.
So that even if you were to look
00:49:33.680 --> 00:49:37.350
at the motherboard or have it serviced,
you would not see this. It merely
00:49:37.350 --> 00:49:42.120
just needs to be in the proximity
of the motherboard. So.
00:49:42.120 --> 00:49:46.920
Let’s talk about hardware implants
that they will put into your devices.
00:49:46.920 --> 00:49:52.160
Here’s one. This is called BULLDOZER.
It’s a PCI bus hardware implant.
00:49:52.160 --> 00:49:55.740
Pretty scary, doesn’t look so great,
but let’s go on a little bit. Okay?
00:49:55.740 --> 00:49:59.180
Here’s one where they actually exploit
the BIOS and System Management Mode.
00:49:59.180 --> 00:50:02.480
There’s a big graph that shows all of
these various different interconnections,
00:50:02.480 --> 00:50:06.360
which is important. Then they talk about
the long-range comms, INMARSAT, VSAT,
00:50:06.360 --> 00:50:10.430
NSA MEANS and Future Capabilities. I think
NSA MEANS exists. Future Capabilities
00:50:10.430 --> 00:50:14.860
seems self-explanatory. “This
hardware implant provides
00:50:14.860 --> 00:50:19.860
2-way RF communication.” Interesting.
So you disable all the wireless cards,
00:50:19.860 --> 00:50:23.420
whatever you need. There you go.
They just added a new one in there and
00:50:23.420 --> 00:50:27.910
you don’t even know. Your system has no
clue about it. Here’s a hardware back door
00:50:27.910 --> 00:50:31.800
which uses the I2C interface, because
no one in the history of time
00:50:31.800 --> 00:50:35.160
other than the NSA probably has ever
used it. That’s good to know that finally
00:50:35.160 --> 00:50:40.690
someone uses I2C for something
– okay, other than fan control. But,
00:50:40.690 --> 00:50:43.890
look at that! It’s another American
company that they are sabotaging.
00:50:43.890 --> 00:50:48.210
They understand that HP’s servers
are vulnerable, and they decided,
00:50:48.210 --> 00:50:52.960
instead of explaining that this is
a problem, they exploit it. And IRONCHEF,
00:50:52.960 --> 00:50:56.800
through interdiction, is one of
the ways that they will do that.
00:50:56.800 --> 00:51:01.810
So I wanna really harp on this. Now it’s
not that I think European companies
00:51:01.810 --> 00:51:06.950
are worth less. I suspect especially
after this talk that won’t be true,
00:51:06.950 --> 00:51:10.480
in the literal stock sense, but I don’t
know. I think it’s really important
00:51:10.480 --> 00:51:13.700
to understand that they are sabotaging
American companies because of the
00:51:13.700 --> 00:51:17.950
so-called home-field advantage. The
problem is that as an American who writes
00:51:17.950 --> 00:51:22.430
software, who wants to build hardware
devices, this really chills my expression
00:51:22.430 --> 00:51:25.490
and it also gives me a problem, which
is that people say: “Why would I use
00:51:25.490 --> 00:51:29.840
what you’re doing? You know,
what about the NSA?”
00:51:29.840 --> 00:51:35.000
Man, that really bothers me.
I don’t deserve the Huawei taint,
00:51:35.000 --> 00:51:39.260
and the NSA gives it. And President
Obama’s own advisory board
00:51:39.260 --> 00:51:43.550
that was convened to understand the scope
of these things has even agreed with me
00:51:43.550 --> 00:51:47.820
about this point, that this should not be
taking place, that hoarding of zero-day
00:51:47.820 --> 00:51:52.640
exploits cannot simply happen without
thought processes that are reasonable
00:51:52.640 --> 00:51:58.070
and rational and have an economic and
social valuing where we really think about
00:51:58.070 --> 00:52:03.010
the broad-scale impact. Now.
I’m gonna go on to a little bit more.
00:52:03.010 --> 00:52:07.230
Here’s where they attack SIM cards. This
is MONKEYCALENDAR. So it’s actually
00:52:07.230 --> 00:52:11.670
the flow chart of how this would work.
So in other words, they told you all of
00:52:11.670 --> 00:52:16.690
the ways in which you should be certainly,
you know, looking at this. So if you ever
00:52:16.690 --> 00:52:22.090
see your handset emitting encrypted SMS
that isn’t Textsecure, you now have
00:52:22.090 --> 00:52:27.350
a pretty good idea that it might be this.
Here’s another example. If you have
00:52:27.350 --> 00:52:33.830
a computer in front of you… I highly
encourage you to buy the Samsung SGH-X480C
00:52:33.830 --> 00:52:38.740
– that’s the preferred phone of the NSA
for attacking another person’s phone.
00:52:38.740 --> 00:52:43.000
I’m not exactly sure why, but an important
point is, they add the back door, then
00:52:43.000 --> 00:52:47.830
they send an SMS from a regular phone
– what does that tell you? What does that
00:52:47.830 --> 00:52:51.670
tell you about the exploitation process?
It tells you that it’s actually something
00:52:51.670 --> 00:52:55.060
which is pretty straightforward,
pretty easy to do, doesn’t require
00:52:55.060 --> 00:52:59.220
specialized access to the telecoms once
they’ve gotten your phone compromised.
00:52:59.220 --> 00:53:02.730
That to me suggests that other people
might find it, other people might use
00:53:02.730 --> 00:53:06.680
these techniques. Okay, here’s a USB
hardware implant called COTTONMOUTH.
00:53:06.680 --> 00:53:10.910
We released this in ‘Spiegel’ today as
well. See the little red parts. It will
00:53:10.910 --> 00:53:14.100
provide a wireless bridge onto the
target network with the ability to load
00:53:14.100 --> 00:53:18.640
exploit software. Here’s a little bit of
extra details about that. It actually
00:53:18.640 --> 00:53:23.240
shows the graph at the bottom, how they do
this, how they get around, how they beat
00:53:23.240 --> 00:53:27.370
the air gap with these things. And they
talk a bit about being GENIE compliant.
00:53:27.370 --> 00:53:31.790
So GENIE, and for the rest of these
programs, these are – like DROPOUTJEEP
00:53:31.790 --> 00:53:35.530
is part of the CHIMNEYPOOL programs,
and COTTONMOUTH is part of the rest of
00:53:35.530 --> 00:53:41.130
these programs over here. These are huge
programs where they’re trying to beat
00:53:41.130 --> 00:53:45.240
a whole bunch of different adversaries,
and different capabilities are required.
00:53:45.240 --> 00:53:48.820
And this is one of the probably I think
more interesting ones, but here’s
00:53:48.820 --> 00:53:53.460
the next revision of it where it’s in a
USB plug, not actually in the cable.
00:53:53.460 --> 00:53:58.120
And look, 50 units for US$ 200,000.
It’s really cheap.
00:53:58.120 --> 00:54:03.920
You like my editorializing there, I hope?
So, $200,000, okay.
00:54:03.920 --> 00:54:08.740
And here’s where you look for it. If you
happen to have an x-ray machine,
00:54:08.740 --> 00:54:14.450
look for an extra chip. And that’s
a HOWLERMONKEY radiofrequency transmitter.
00:54:14.450 --> 00:54:18.750
Well what’s a HOWLERMONKEY? We’ll
talk about that in a second, but basically
00:54:18.750 --> 00:54:23.730
this is for ethernet, here. This is the
FIREWALK. It can actually do injection
00:54:23.730 --> 00:54:27.370
bidirectionally on the ethernet controller
into the network that it’s sitting on.
00:54:27.370 --> 00:54:30.270
So it doesn’t even have to do things
directly to the computer. It can actually
00:54:30.270 --> 00:54:33.800
inject packets directly into the network,
according to the specification sheet,
00:54:33.800 --> 00:54:39.400
which we released today on
Der Spiegel’s website. As it says,
00:54:39.400 --> 00:54:43.510
‘active injection of ethernet packets onto
the target network’. Here’s another one
00:54:43.510 --> 00:54:50.020
from Dell with an actual FLUXBABBITT
hardware implant for the PowerEdge 2950.
00:54:50.020 --> 00:54:55.360
This uses the JTAG debugging interface
of the server. Why did Dell leave
00:54:55.360 --> 00:55:00.080
a JTAG debugging interface on these
servers? Interesting, right? Because,
00:55:00.080 --> 00:55:04.060
it’s like leaving a vulnerability in. Is
that a bug door or a back door or
00:55:04.060 --> 00:55:09.380
just a mistake? Well hopefully they will
change these things or at least make it so
00:55:09.380 --> 00:55:12.730
that if you were to see this you would
know that you had some problems.
00:55:12.730 --> 00:55:15.970
Hopefully Dell will release some
information about how to mitigate
00:55:15.970 --> 00:55:19.640
this advanced persistent threat. Right?
Everything that the U.S. Government
00:55:19.640 --> 00:55:25.190
accuse the Chinese of doing – which they
are also doing, I believe – we are learning
00:55:25.190 --> 00:55:30.580
that the U.S. Government has been doing to
American companies. That to me is really
00:55:30.580 --> 00:55:34.600
concerning, and we’ve had no public debate
about these issues, and in many cases
00:55:34.600 --> 00:55:38.530
all the technical details are obfuscated
away and they are just completely
00:55:38.530 --> 00:55:43.280
outside of the purview of discussions. In
this case we learn more about Dell, and
00:55:43.280 --> 00:55:47.330
which models. And here’s the HOWLERMONKEY.
These are actually photographs
00:55:47.330 --> 00:55:52.620
of the NSA implanted chips that they
have when they steal your mail.
00:55:52.620 --> 00:55:55.590
So after they steal your mail they put
a chip like this into your computer.
00:55:55.590 --> 00:56:00.190
So the one, the FIREWALK
one is the ethernet one, and
00:56:00.190 --> 00:56:05.170
that’s an important one. You probably will
notice that these look pretty simple,
00:56:05.170 --> 00:56:09.850
common off-the-shelf parts. So.
00:56:09.850 --> 00:56:15.650
Whew! All right. Who here
is surprised by any of this?
00:56:15.650 --> 00:56:20.881
waits for audience reaction
I’m really, really, really glad to see
00:56:20.881 --> 00:56:24.640
that you’re not all cynical fuckers and
that someone here would admit
00:56:24.640 --> 00:56:29.710
that they were surprised. Okay, who
here is not surprised? waits
00:56:29.710 --> 00:56:34.510
I’m going to blow your fucking mind!
laughter
00:56:34.510 --> 00:56:39.240
Okay. We all know about TEMPEST,
right? Where the NSA pulls data
00:56:39.240 --> 00:56:42.240
out of your computer, irradiate stuff
and then grab it, right? Everybody
00:56:42.240 --> 00:56:44.251
who raised their hand and said they’re
not surprised, you already knew
00:56:44.251 --> 00:56:49.370
about TEMPEST, right?
Right? Okay. Well.
00:56:49.370 --> 00:56:53.460
What if I told you that the NSA had
a specialized technology for beaming
00:56:53.460 --> 00:56:57.550
energy into you and to the computer
systems around you, would you believe
00:56:57.550 --> 00:57:01.000
that that was real or would that be
paranoid speculation of a crazy person?
00:57:01.000 --> 00:57:05.000
laughter
Anybody? You cynical guys
00:57:05.000 --> 00:57:08.090
holding up your hand saying that you’re
not surprised by anything, raise your hand
00:57:08.090 --> 00:57:12.100
if you would be unsurprised by that.
laughter
00:57:12.100 --> 00:57:16.770
Good. And it’s not the same number.
It’s significantly lower. It’s one person.
00:57:16.770 --> 00:57:23.710
Great. Here’s what they do with those
types of things. That exists, by the way.
00:57:23.710 --> 00:57:29.910
When I told Julian Assange about this, he
said: “Hmm. I bet the people who were
00:57:29.910 --> 00:57:33.890
around Hugo Chavez are going to wonder
what caused his cancer.” And I said:
00:57:33.890 --> 00:57:37.490
“You know, I hadn’t considered that. But,
you know, I haven’t found any data
00:57:37.490 --> 00:57:42.640
about human safety about these tools.
Has the NSA performed tests where they
00:57:42.640 --> 00:57:48.070
actually show that radiating people
with 1 kW of RF energy
00:57:48.070 --> 00:57:51.360
at short range is safe?”
laughter
00:57:51.360 --> 00:57:56.450
My God! No, you guys think I’m
joking, right? Well, yeah, here it is.
00:57:56.450 --> 00:58:00.720
This is a continuous wave generator,
a continuous wave radar unit.
00:58:00.720 --> 00:58:05.250
You can detect its use because it’s
used between 1 and 2 GHz and
00:58:05.250 --> 00:58:09.630
its bandwidth is up to 45 MHz,
user adjustable, 2 watts
00:58:09.630 --> 00:58:12.790
using an internal amplifier. External
amplifier makes it possible to go
00:58:12.790 --> 00:58:19.230
up to 1 kilowatt.
00:58:19.230 --> 00:58:25.210
I’m just gonna let you take that
in for a moment. clears throat
00:58:25.210 --> 00:58:31.840
Who’s crazy now?
laughter
00:58:31.840 --> 00:58:35.010
Now, I’m being told I only have one
minute, so I’m going to have to go
00:58:35.010 --> 00:58:39.480
a little bit quicker. I’m sorry. Here’s
why they do it. This is an implant
00:58:39.480 --> 00:58:43.950
called RAGEMASTER. It’s part of the
ANGRYNEIGHBOR family of tools,
00:58:43.950 --> 00:58:47.340
laughter
where they have a small device that they
00:58:47.340 --> 00:58:52.490
put in line with the cable in your monitor
and then they use this radar system
00:58:52.490 --> 00:58:57.070
to bounce a signal – this is not unlike
the Great Seal bug that [Leon] Theremin
00:58:57.070 --> 00:59:01.060
designed for the KGB. So it’s good to
know we’ve finally caught up with the KGB,
00:59:01.060 --> 00:59:06.540
but now with computers. They
send the microwave transmission,
00:59:06.540 --> 00:59:10.700
the continuous wave, it reflects off of
this chip and then they use this device
00:59:10.700 --> 00:59:15.320
to see your monitor.
00:59:15.320 --> 00:59:20.780
Yep. So there’s the full life cycle.
First they radiate you,
00:59:20.780 --> 00:59:24.500
then you die from cancer,
then you… win? Okay, so,
00:59:24.500 --> 00:59:30.080
here’s the same thing, but this time for
keyboards, USB and PS/2 keyboards.
00:59:30.080 --> 00:59:34.560
So the idea is that it’s a data
retro-reflector. Here’s another thing,
00:59:34.560 --> 00:59:38.200
but this one, the TAWDRYYARD program, is
a little bit different. It’s a beacon, so
00:59:38.200 --> 00:59:44.390
this is where probably then
they kill you with a drone.
00:59:44.390 --> 00:59:48.910
That’s pretty scary stuff. They also have
this for microphones to gather room bugs
00:59:48.910 --> 00:59:52.610
for room audio. Notice the bottom. It says
all components are common off the shelf
00:59:52.610 --> 00:59:57.140
and are so non-attributable to the NSA.
Unless you have this photograph
00:59:57.140 --> 01:00:01.700
and the product sheet. Happy hunting!
01:00:01.700 --> 01:00:07.950
applause
01:00:07.950 --> 01:00:12.380
And just to give you another idea, this is
a device they use to be able to actively
01:00:12.380 --> 01:00:15.990
hunt people down. This is a hunting
device, right? Handheld finishing tool
01:00:15.990 --> 01:00:22.910
used for geolocation targeting
handsets in the field. So!
01:00:22.910 --> 01:00:28.860
Who was not surprised by this? I’m so
glad to have finally reached the point
01:00:28.860 --> 01:00:33.240
where no one raised their hand except
that one guy who I think misheard me.
01:00:33.240 --> 01:00:38.300
laughter
Or you’re brilliant. And
01:00:38.300 --> 01:00:41.040
please stay in our community
and work on open research!
01:00:41.040 --> 01:00:42.750
somebody off mike shouts:
Audience: Maybe he can add something!
01:00:42.750 --> 01:00:47.310
Yeah! And if you work for the NSA,
I’d just like to encourage you
01:00:47.310 --> 01:00:51.690
to leak more documents!
laughter
01:00:51.690 --> 01:00:58.202
applause, cheers
01:00:58.202 --> 01:01:04.737
applause
01:01:04.737 --> 01:01:11.588
applause
01:01:11.588 --> 01:01:18.488
applause, cheers, whistles
01:01:18.488 --> 01:01:25.258
applause, cheers, whistles, ovation
01:01:25.258 --> 01:01:31.988
applause, ovation
01:01:31.988 --> 01:01:38.748
applause, cheers, ovation
01:01:38.748 --> 01:01:45.698
applause, ovation
01:01:45.698 --> 01:01:48.820
Herald: Thank you very much, Jake.
01:01:48.820 --> 01:01:52.760
Thank you. I’m afraid we ran
all out of time for the Q&A.
01:01:52.760 --> 01:01:55.570
I’m very sorry for anyone
who wanted to ask questions.
01:01:55.570 --> 01:01:58.400
Jacob: But we do have a press conference.
Well, if you guys… you know,
01:01:58.400 --> 01:02:01.310
I’d say: “occupy the room for another
5 minutes”, or… know that there’s
01:02:01.310 --> 01:02:04.220
a press conference room that will be
opened up, where we can all ask
01:02:04.220 --> 01:02:07.260
as many questions as we want,
in 30 minutes, if you’re interested.
01:02:07.260 --> 01:02:11.480
And I will basically be available until
I’m assassinated to answer questions.
01:02:11.480 --> 01:02:18.600
laughter, applause
So…
01:02:18.600 --> 01:02:22.250
in the immortal words of Julian Assange:
Remember, no matter what happens,
01:02:22.250 --> 01:02:26.409
even if there’s a videotape of it,
it was murder! Thank you!
01:02:26.409 --> 01:02:30.339
Herald: Thank you. Please give a warm
round of applause to Jake Appelbaum!
01:02:30.339 --> 01:02:33.339
applause
01:02:33.339 --> 01:02:37.796
silent postroll
NOTE Paragraph
01:02:37.796 --> 01:02:42.403
Subtitles created by c3subtitles.de
in the year 2016. Join, and help us!