“This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest.” “In contrast to GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic,” it states (emphasis original). Other travel information was obtained from itinerary texts sent by travel companies, even including cancellations and delays to travel plans. The agency was also able to extract geolocation data from more than 76,000 text messages a day, including from “requests by people for route info” and “setting up meetings”. Over 800,000 financial transactions, either through text-to-text payments or linking credit cards to phone users More than 110,000 names, from electronic business cards, which also included the ability to extract and save images. On average, each day the NSA was able to extract: More than 5 million missed-call alerts, for use in contact-chaining analysis (working out someone’s social network from who they contact and when) ![]() It is easy for them, to fake a base station for smartphones in their embassies. Given that the GCHQ apparently saves the plain text sms for years, it would not surprise me, if they also try to get the voice messages, for some targets. Perheps it would even be necessary, to implement a voice over ip function in android that encrypts the voice messages with a key stored only in the phone. I heavily think that stock android should also support such an encryption feature. So I can encrypt my sms when they are send to other cyanogen users. Tags: backdoors, BIOS, exploit of the day, exploits, malware, NSA, operating systems, security engineering In the comments, feel free to discuss how the exploit works, how we might detect it, how it has probably been improved since the catalog entry in 2008, and so on. It’s the exploit that FOXACID defaults to using. It’s the code name for a default, or basic, NSA exploit. We have already seen the codename VALIDATOR. General information about TAO and the catalog is here. Status: (U//FOUO) SIERRAMONTANA under development and is expected to be released by 30 November 2008. (TS//SI//REL) SIERRAMONTANA is the cover term for the persistence technique to deploy a DNT implant to Juniper M-Series routers. ![]() Upon system boot, the JUNOS operating system is modified in memory to run the implant, and provide persistent kernel modifications to support implant execution. (TS//SI//REL) SIERRAMONTANA must support all modern versions of JUNOS, which is a version of FreeBSD customized by Juniper. The modification will add the necessary software to the BIOS and modify its software to execute the SIERRAMONTANA implant at the end of its native System Management Mode (SMM) handler. The vector of attack is the modification of the target’s BIOS. (TS//SI//REL) Currently, the intended DNT Implant to persist is VALIDATOR, which must be run as a user process on the target operating system. ![]() The DNT implant will survive an upgrade or replacement of the operating system-including physically replacing the router’s compact flash card. (TS//SI//REL) SIERRAMONTANA provides persistence for DNT implants. Today’s implant from the NSA’s Tailored Access Operations (TAO) group implant catalog:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |