Der Spiegel has a good article on the NSA's Tailored Access Operations unit: basically, its hackers.
The article also has more details on how QUANTUM -- particularly, QUANTUMINSERT -- works.
Another article discusses the various tools TAO has at its disposal.
A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.
In the case of Juniper, the name of this particular digital lock pick is "FEEDTROUGH." This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive "across reboots and software upgrades." In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH "has been deployed on many target platforms."
Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of the latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.
There is no information in the documents seen by SPIEGEL to suggest that the companies whose products are mentioned in the catalog provided any support to the NSA or even had any knowledge of the intelligence solutions.
The German version of the article had a couple of pages from the 50-page catalog of tools; they're now on Cryptome. This seems to be the whole TOP SECRET catalog; there's a lot of really
We don't know what "ANT" stands for. Der Spiegel speculates that it "stands for Advanced or Access Network Technology."
Related is this list of NSA attack tools. And here is another article on TAO from October.
Legitimate Business Syndicate has been gracious enough to provide us with complete packet captures from the DEF CON 21 Capture the Flag contest! A big thanks to them and all the great teams who participated! Here is the first batch of those pcaps, all the traffic from Friday at the con. Saturday and Sunday's will be soon to follow so keep your eyes peeled!
They were also so kind as to include the tools and binaries from the game, which we have also included in a handy torrent file!
You can always find write-ups, file collections, and history of the DEF CON Capture the Flag competition on our CTF Page! Enjoy!
The man alleged to be "Dread Pirate Roberts," the founder and operator of the Silk Road—an online marketplace where bitcoins were traded for a range of goods and services, including drugs—was arrested by the FBI in San Francisco yesterday. The criminal complaint, released today, provides many details about how the site and its users relied on widespread anonymity technology, including Tor and Bitcoin.
The increased attention on this technology is a good reminder about how important it is not to blame these tools for the actions of a small portion of their users. The public wouldn't tolerate a campaign to malign the car because of its utility as a getaway vehicle for bank robbers; we must apply the same critical thinking to essential privacy-preserving technology.
In certain parts of the complaint, even the federal agent behind the investigation and the Justice Department attorney in charge of the case acknowledge this. In describing how Tor was required to access the Silk Road (the site was configured as a Tor hidden service), they state that "Tor has known legitimate uses". Similarly, "Bitcoins are not illegal in and of themselves and have known legitimate uses."
Elsewhere the complaint goes astray. For example, it asserts that the suspect's efforts to "'hide the identities of those that run Silk Road' reflect his awareness of the illegal nature of the Silk Road enterprise." Of course, that explanation overlooks the countless lawful reasons why a person would want to engage in anonymous speech—and in the process hide the identities of those behind the technical infrastructure—that don't involve breaking the law.
Similarly, the complaint's description of the bitcoin "tumbler" that the Silk Road employed to obscure the parties involved in each transaction is alarmingly limited. According to the complaint, "the only function served by such 'tumblers' is to assist with the laundering of criminal proceeds." Really, the purpose of a tumbler is to attempt to make a bitcoin transaction as anonymous and private as cash. Certainly one can take issue with Silk Road's use of the technology in particular. It's incredibly dangerous, though, to say that anonymous currency—whether bitcoins or traditional cash—is only of interest to drug dealers or money launderers.
It's essential that the use of encryption, anonymization techniques, and other privacy practices is not deemed a suspicious activity. Rather, it must be recognized as an essential element for practicing freedom of speech in a digital environment.
In some ways, the complaint provides encouragement to those who depend on this technology to engage in speech privately and anonymously. After all, it was human error, and the chance discovery of nine fake ID cards in a routine package inspection at the border, that led to the final round of investigation. This summer's revelations about the NSA's subverting certain cryptographic technologies have definitely heightened fears in the security community. Although there are still some unanswered questions about the investigation, it's a small relief that, for now, those fears weren't confirmed by the criminal complaint.
The point remains, however, that relegating these technologies by associating them only with their criminal use threatens to undermine their ability to enable important, lawful speech.
Unfortunately, we've witnessed that sort of demonization of technology before. We've seen it in attempts to target peer-to-peer protocols because they can be used for copyright infringement; in the outrageous stacking of penalties that can result in decades of possible prison time for violations of the Computer Fraud and Abuse Act; in the original "Crypto Wars" of the 1990s and their reprise today; and in many other places besides.
The allegations against the Silk Road are serious, and may get even more so as the case progresses to formal charges and a trial. But if the government puts undue weight on the suspect's use of technology, instead of the actual crimes of which he is accused, the public will be worse off for it.