More info on NSA activities.

Crivens

Moderator
Staff member
Moderator

Reaction score: 985
Messages: 1,986

To give you an idea about the storage size they build there, look here.
 

Goobie

New Member


Messages: 12

I wasn't entirely shocked when this news broke out. What does make me wonder is, what were all the people who drove by this thinking? There had to be some sort of explanation as to what the building was used for.
 

sossego

Retired from the forums

Reaction score: 144
Messages: 1,557

Have you ever stopped to observe others? Humans are self enamored self centered creatures that only seem to recognize those others and situations similar to themselves and their own.

E.g. http://news.slashdot.org/story/13/07/07/0123207/according-to-yougov-poll-snowden-support-declining-among-americans

Okay. When you actually do research you find that there are only 1000 answers accepted. Let's do the math: [313.9(10^6)]/10^3= 313,900 && 1/3139=0.00031857 . When something such as the story linked is published, it will affect people because Why should I think for myself when others can do it for me? exists in many of us.
 

Crivens

Moderator
Staff member
Moderator

Reaction score: 985
Messages: 1,986

If I were to drive past a place where some of these Letter-Soup-Agencies is currently building something, I'd want to make sure not to express more interest in it that does anyone else. Would you want to stick your neck out? These folks don't play fair.
 

Goobie

New Member


Messages: 12

I'm not saying stick your neck out and ask, I'm saying its a pretty big building, you'd think they'd offer some explanation. Or, do you think people jut didn't even bother thinking about it? I already know I'm screwed when it comes to a thought police future, but I also figured a lot of people were in the same boat.
 

cpm@

Moderator
Staff member
Moderator
Developer

Reaction score: 943
Messages: 2,140

This stopped being a secret: The financial elites have spent decades "manufacturing" in the shadow world secret government, which currently handles and springs largely economic and political world. However, it is necessary to control the thoughts of the masses, "killing" his critical sense. For this reason, the owners of the world launched a series of powerful institutions in order to perform certain operations of psychological warfare against the population.

 

fonz

Son of Beastie

Reaction score: 369
Messages: 2,560

Merged with one of the other threads. We've heard this song several times in quick succession now.
 

drhowarddrfine

Son of Beastie

Reaction score: 1,283
Messages: 3,327

I love articles like this. The accusations are based on a slide. The slide does nothing but show how a MITM attack could occur but does not say anything else. One of the articles says, "Google can't be happy about this!!" yet Google released this statement:
Google provided a short statement to Mother Jones reporter Josh Harkinson in response to his questions on the matter: "As for recent reports that the US government has found ways to circumvent our security systems, we have no evidence of any such thing ever occurring.
In fact, one of the articles state the NSA may not have even been involved:
It's not clear if the supposed attack in the Fantastico document was handled by the NSA or by its UK counterpart
Without bothering further, it appears all that is based on an article from a Brazilian newspaper that makes assumptions based on the slide but it's all conjecture. It's like claiming the US is planning a nuclear strike on a foreign country based on the fact that the US has such plans while ignoring that they are plans for defense and not intent to carry them out.

In the meantime, I still wake up in the morning. I go to work. I come home.
 

kpa

Beastie's Twin

Reaction score: 1,810
Messages: 6,318

MITM attacks are very hard to pull off (except on small scale) and are easily exposed when someone who knows what to look for becomes suspicious. Not a very credible story.
 

jrm@

Daemon
Developer

Reaction score: 473
Messages: 1,205

It's no smoking gun, but the title of the document is "How the attack was done" and it has the label "Legitimate Google Servers". If this document was actually authored at the NSA is surely seems like important evidence to me.
 

throAU

Aspiring Daemon

Reaction score: 147
Messages: 910

kpa said:
MITM attacks are very hard to pull off (except on small scale) and are easily exposed when someone who knows what to look for becomes suspicious. Not a very credible story.
Hmm.

My Steelhead device can MITM SSL traffic. It has to in order to accelerate it. I just need to install a certificate trusted by the end device on it.
 

tingo

Daemon

Reaction score: 429
Messages: 2,105

Same, same, but different. Any SSL proxy works by having one SSL session from the client to the proxy, and another session from the proxy to the server. And as you write, you need to have the correct certificate installed.
 

Crivens

Moderator
Staff member
Moderator

Reaction score: 985
Messages: 1,986

throAU said:
Hmm.

My Steelhead device can MITM SSL traffic. It has to in order to accelerate it. I just need to install a certificate trusted by the end device on it.
Interesting that there is a turnkey ready device for this. Yes, I know that you need to do this in order to cache static parts of SSL websites, but one question : What happens if the end user does not trust the certificate you have? Can you still MITM him? Or does his connection simply not go trough?

Background: I regulary go through the list of certificates my browser thinks are OK and delete any I do not want/know/trust. So the list of trusted certificates and trusted connections is pretty limited in my case.
 

Savagedlight

Well-Known Member

Reaction score: 97
Messages: 368

tingo said:
Same, same, but different. Any SSL proxy works by having one SSL session from the client to the proxy, and another session from the proxy to the server. And as you write, you need to have the correct certificate installed.
That's not much of a problem to do if you have the ability to generate trusted certificates. Plenty of U.S. companies have this ability; is it then such a big leap for them to do this?
 

tingo

Daemon

Reaction score: 429
Messages: 2,105

Savagedlight said:
That's not much of a problem to do if you have the ability to generate trusted certificates. Plenty of U.S. companies have this ability; is it then such a big leap for them to do this?
Well, you have to realize that the whole idea of SSL certificates is built on one core principle: trust. If you don't trust the parties in this (CAs, Certificate Issuers and so on) it doesn't work.
 
Top