And its a picture of a guy with a bandit mask and an AK-47. I don't know about you guys, but all my Tor activities are performed in my Halloween costume!
I honestly can't believe something this tacky would end up in a presentation. Is this supposed to be propaganda?
It's a powerpoint, doubtless put together by a middle-manager who thought some clipart would spice things up. Internal presentations at pretty much every company I've worked for have been just as tacky.
What stuff? Realistically illustrating terrorists in Powerpoint? Nobody is paying for MS Office prowess, and frankly at this point laughing at the NSA strikes me as hubristic at best.
In all fairness, most countries do. Watching South American leaders lately shows the exact same behavior. Find a foreign devil for everyone to rally against to hide domestic issues.
Soviets were not some bogeyman. They were real, their spies were real, and the international communist movement they sponsored was real.
Rosenbergs and others did spy for the Soviets. They did successfully transfer secrets related to the atomic bomb. And they were ideologically motivated.
Communist would have been a better word to use than Soviet. Soviet was relatively specific, but broad swaths of the world got labelled communist. While it's true that the Soviets were more than boogeymen, I think that the broader point stands that Americans (and everyone else really) tend to have some convenient, reductionist label to apply to "others" that is broadly taken as a synonym for "evildoer". "Terrorist" is the fashionable label today.
I may be reading you incorrectly, but I get the sense you consider what the US/West does somehow isn't ideologically motivated or that having any such motivations is inherently sinister? Of course they were, just like the US is ideologically motivated. Defending and furthering capitalist goals is no less ideologically motivated than defending and furthering communist goals.
> Replicants are like any other machine. They're either a benefit or a hazard. If they're a benefit, it's not my problem.
These people's job is to fight (their government's definition of) terrorists. It's not automatically in the job description to develop a nuanced view of terrorism, of various categories of hackers, etc. -- except to whatever degree it helps them to understand their enemy and thereby stop them.
People often do this even in jobs where the stakes are lower -- if you're running a struggling grocery store competing with a SuperWalMart, WalMart are the bad guys, even if the people who work at WalMart are perfectly nice people just trying to earn some money to raise a family.
Having said that, yes -- it's obviously particularly dangerous to go around branding anyone you have a problem with a terrorist.
I'm not sure. You can imagine that presentation in some run-of-the-mill crappy company meeting full of 9-5ers, but it's hard to imagine intelligent people with good educations presenting information to each other like that. I know there are all sorts of contractors, but would they really be discussing such weighty issues?
I thought it was more of a Zorro mask. It's very suspicious that the entire presentation seems to undermine the supposed severity of the issue with very silly names and pictures...
and a beard... like terrorists can be stereotyped like that. This is more than just propaganda, this is the mentality of the type of people who put these presentations together. That fact that whoever wrote this presentation has profiled people like this. I would wager that 99% of online "terrorists" are sitting around in jeans and t-shirts, on safe soil, have probably never handled a gun, let alone an AK-47 (or whatever that is on his back), probably don't have a beard. The ones financing them probably spend their life wearing a suit and tie and are either driving a top of the line vehicle or are driven everywhere in a top of the line vehicle.
If you look at the world around us and review the history of terrorism, most of it's been funded behind the scenes by one of the major superpowers, and you can't overlook the fact that a large portion of this has been by backed by the US. It's funny how when the US wants a government toppled, the terrorists are "friendly" and funded and armed by the US government, but when they're counter to US interests, they're suddenly part of the axis of evil and must be destroyed...
Perhaps if they stopped funding this ignorant behaviour and stopped supplying munitions to these terrorist interests, the problem would eventually go away... spend more on education and tolerance towards all points of view, enlightenment, the world would become a more peaceful place.
When will "democratic" governments eventually realize that money and greed is not the best approach to the furthering the human experience on this planet.
Sorry, didn't mean to get off on a rant there, but that one picture triggered a bit of annoyance.
And banks don't actually keep money in big cloth bags with dollar signs on them. It's just clip art, and to say that it speaks to the mindset of a type of people you probably don't really know much about. I would hasten to say that your stereotypes are probably no more grounded in reality than those of the straw men your attacking.
>"If you look at the world around us and review the history of terrorism, most of it's been funded behind the scenes by one of the major superpowers, and you can't overlook the fact that a large portion of this has been by backed by the US."
While this assertion is not completely baseless, it's simply not correct, but is the kind of empty-headed moral equivalence that gets tossed around to unanimous approval among a certain class who consider a shibboleth of sophistication.
To wit, in the history of terrorism, we see the Irish Republican Army, The Tamil Tigers, the Red Brigade, the Weather Underground, FALN, Baader Meinhof group, the Symbionese Liberation Army, the current Chechen groups, the Hindu and Muslim groups prior to the formation of Pakistan, and frankly many more -- all without super power support. While some national actors have stepped up to support terror groups, superpower, or even great power support has been the exception rather than the rule.
During the cold war, the USSR, the US and China fought a number of proxy wars, and supported opposition groups in various national civil wars, mostly in Asia, Africa and Central America. Additionally, the CIA engaged in specific assassinations of political leaders largely in Latin America but not really what anyone would consider terrorism by the current definition. You're statement that a large portion of terrorism has been backed by the United States would require expansive definitions of 'large portion', 'terrorism' or 'backed' to be true.
It's clearly intended as a joke. It's a slideshow shown to people with technological backgrounds. Most people in computer-based work have seen poorly selected stock photos like these to depict hackers/terrorists/whatever.
Depressingly, the document talks about plans to make Tor less reliable to dissuade people from using it:
> Could we set up a lot of really slow Tor nodes ... to degrade the quality of the network?
> Given CNE access to a web server make it painful for Tor users?
At least the document seems to confirm that GCHQ has a really, really hard time de-anonymising Tor users.
This could be countered by setting up a lot of fast nodes. Stealthier malicious nodes that selectively drop or tar-pit traffic though would be harder to fight...
I'm pretty sure Tor does smart peer profiling/selection to optimize for throughput. Lots of people run Tor relays on their silly little home DSLs and Tor still works.
Which is why the slide also talks about reporting as if being a high throughput node. i.e. Report back that you're handling a lot of traffic quickly while handling traffic very badly. Does Tor have protection against a node doing that?
Pretty sure it is. If you need serious anonymity, like if your life depends on it, get a botnet and use the trojaned PCs as proxies. Use public WiFi, and use cheap laptops that you replace regularly and/or VMs, and don't forget to fake your MAC address. Create multiple fake personas to confuse attackers. Have stuff you write rephrased by someone else, so they can't do a corpus analysis on your writings. Do as much offline as possible. If you have to transfer information, avoid the internet. Use dedicated lines, dialup, dead drops, etc. etc.
If I had a few million dollars to run compromized Tor nodes, and the ability to subpoena (and gag order) any Tor node operator in USA, UK and a couple of other major countries to give me their keys, I would be able to easily de-anonymize a large portion of the network.
It is commonly assumed that the NSA/CIA run a substantial portion of the exit nodes. Morever, they are a global adversary (one Tor is not designed to defeat).
Doesn't look like a very ethical/professional presentation. But then again, who said everyone's professional in all agencies. Its a conjecture to think our laws are systematically enforced by ethical folks.
They actually saw it as their job to make the experience of anyone using Tor difficult.
Isn't that kind of like the police deciding to make the roads full of potholes because that would make it more difficult for bank robbers to get away in a car.
Then again, considering the quality of the roads these days, maybe they are way ahead of me on that.
Police have to use the same roads. The presentation leads me to believe that they do not want to scare people away from Tor, so they can track at least some users, but probably/obviously have their own network/servers for anonymous connection that will not be impacted.
Otherwise yes, it seems stupid to make Tor unusable as a whole.
That Schneier article [1] is very technical and reveals quite a lot of interesting information. It was immediately flagged off HN front page by the flagging brigade [2]. It's highly recommended reading, though.
This should provide clear warning to anyone who might consider themselves a cypherpunk: Even if you don't think that you are at war with the US government, the US government (and likely most other governments) believes it is at war with you.
It's all part of the theatre and propaganda. Make the weak minded believe that everyone's the boogeyman. At least people on the internet can think critically and say "Er, this doesn't sound right"
Does anyone know what the QUANTUM attack they refer to is? It doesn't seem like quantum computing on the face of it; It looks like it may be a system used to disrupt traffic on the internet, possibly man in the middle attacks.
Edit: I found a reference to something called a "Quantum Insert" in an article related to GCHQ. They state the following:
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI"). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them
This is enabled by a very obvious flaw in the CA infrastructure that SSL/TLS is based upon. All it takes is someone with leverage over the top level certificate authority and the DNS servers you use and there's nothing you can do to detect that's what's going on. That's a huge and very obvious flaw in the system that anyone questioning what they can trust on the internet should have spotted a mile away.
"To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target's browser to visit a Foxacid server.
In the academic literature, these are called "man-on-the-middle" attacks, and have been known to the commercial and academic security communities. More specifically, they are examples of "man-on-the-side" attacks."
Read more here: www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity
Can we translate that to something sane? Is it "shorter BGP/more specific route announcement?" Or some kind of MITM by being directly in line? Assuming it is TCP traffic, just being "faster to respond" doesn't help all that much without some other logic.
If I were MITMing with full cooperation of only a subset of a network carrier, I'd probably go for some route announcement tricks; easier to interface with the rest of the organization, and due to lack of filtering internally, not much config change required. Would fail safely (== non-detectably), also, and could potentially be explained away as "oh, shit, some stupid ISP leaked routes".
(I guess you could give bad dns responses, too, and then go from there, but that sounds more detectable at the end user device, which is very undesirable.)
After reading many of these articles about the NSA I keep wondering if they have an office specifically tasked with thinking up code names for these projects. I personally would find it difficult to keep them all straight—this article, for example, contained a new one to me: ONIONBREATH.
Just an odd image in my mind of a group of top-security clearance, extremely well trained, able-minded people who think up silly code names like these.
The slides were from over a year ago, I'm sure a lot has changed since then. Also the timing of this is very suspect, obviously it's been in the news and the Guardian either want to run with this new line brought on by the Silk Road "bust", or they just want to "soothe" (take as you will) our worries with the network.
Would also love to know more about NEWTONS CRADLE, anyone heard of anything more specific?
When will everyone get off the bandwagon of referring to anyone that's willing to actually stand for their beliefs counter to U.S. interests a terrorist? It's gotten to the point where the word terrorist just makes me roll my eyes and say "whatever", I'm becoming desensitized to it, just like most of the UK did growing up in England during the height of IRA campaigns. After a while, it just became a tedious pain in the ass and everyone switched off.
I also quite like the point "Analytics: Cookie Leakage", like anyone that uses Tor doesn't use it in incognito mode with cookies disabled... or flushes their cookies before they use anything else...
... that either says they're stupid, or they're only after stupid terrorists... as if they're the ones they should really be concerned about.
I think Tor recommends surfing from a dedicated virtual machine, IIRC, which is probably the safest way to surf, though something like Flash or Java can still probably report the actual host IP.
114 comments
[ 4.8 ms ] story [ 150 ms ] threadAnd its a picture of a guy with a bandit mask and an AK-47. I don't know about you guys, but all my Tor activities are performed in my Halloween costume!
I honestly can't believe something this tacky would end up in a presentation. Is this supposed to be propaganda?
Page 4: Dumb Users (EPICFAIL)
Even better, on page 9: "Analytics: Dumb Users (EPICFAIL)"
We American's require a boogeyman.
In all fairness, most countries do. Watching South American leaders lately shows the exact same behavior. Find a foreign devil for everyone to rally against to hide domestic issues.
Rosenbergs and others did spy for the Soviets. They did successfully transfer secrets related to the atomic bomb. And they were ideologically motivated.
I may be reading you incorrectly, but I get the sense you consider what the US/West does somehow isn't ideologically motivated or that having any such motivations is inherently sinister? Of course they were, just like the US is ideologically motivated. Defending and furthering capitalist goals is no less ideologically motivated than defending and furthering communist goals.
> Replicants are like any other machine. They're either a benefit or a hazard. If they're a benefit, it's not my problem.
These people's job is to fight (their government's definition of) terrorists. It's not automatically in the job description to develop a nuanced view of terrorism, of various categories of hackers, etc. -- except to whatever degree it helps them to understand their enemy and thereby stop them.
People often do this even in jobs where the stakes are lower -- if you're running a struggling grocery store competing with a SuperWalMart, WalMart are the bad guys, even if the people who work at WalMart are perfectly nice people just trying to earn some money to raise a family.
Having said that, yes -- it's obviously particularly dangerous to go around branding anyone you have a problem with a terrorist.
I don't always hack, but when I do, I wear a balaclava
http://www.buzzfeed.com/copyranter/all-computer-hackers-wear...
That must be a really wierd job, doing tacky but still sophisticated illustrations for top secret internal presentations.
You pick a 'beard' and drag it onto the person, etc.
This similar looking one is all over the internet:
http://www.iconshock.com/img_jpg/SUPERVISTA/networking/jpg/2...
From a quick look this one seems more plausible than the absurd PRISM presentation.
Are you suggesting that the leaked PRISM presentations are not authentic?
Tor Stinks, ONIONBREATH, EPICFAIL
If you look at the world around us and review the history of terrorism, most of it's been funded behind the scenes by one of the major superpowers, and you can't overlook the fact that a large portion of this has been by backed by the US. It's funny how when the US wants a government toppled, the terrorists are "friendly" and funded and armed by the US government, but when they're counter to US interests, they're suddenly part of the axis of evil and must be destroyed...
Perhaps if they stopped funding this ignorant behaviour and stopped supplying munitions to these terrorist interests, the problem would eventually go away... spend more on education and tolerance towards all points of view, enlightenment, the world would become a more peaceful place.
When will "democratic" governments eventually realize that money and greed is not the best approach to the furthering the human experience on this planet.
Sorry, didn't mean to get off on a rant there, but that one picture triggered a bit of annoyance.
>"If you look at the world around us and review the history of terrorism, most of it's been funded behind the scenes by one of the major superpowers, and you can't overlook the fact that a large portion of this has been by backed by the US."
While this assertion is not completely baseless, it's simply not correct, but is the kind of empty-headed moral equivalence that gets tossed around to unanimous approval among a certain class who consider a shibboleth of sophistication.
To wit, in the history of terrorism, we see the Irish Republican Army, The Tamil Tigers, the Red Brigade, the Weather Underground, FALN, Baader Meinhof group, the Symbionese Liberation Army, the current Chechen groups, the Hindu and Muslim groups prior to the formation of Pakistan, and frankly many more -- all without super power support. While some national actors have stepped up to support terror groups, superpower, or even great power support has been the exception rather than the rule.
During the cold war, the USSR, the US and China fought a number of proxy wars, and supported opposition groups in various national civil wars, mostly in Asia, Africa and Central America. Additionally, the CIA engaged in specific assassinations of political leaders largely in Latin America but not really what anyone would consider terrorism by the current definition. You're statement that a large portion of terrorism has been backed by the United States would require expansive definitions of 'large portion', 'terrorism' or 'backed' to be true.
Drone strikes in Pakistan alone have killed thousands of civilians.
Many of the opposition groups you mentioned were backed by the US knowing that they committed and intended to commit terrorism and other war crimes.
http://www.washingtonsblog.com/2012/08/is-america-the-worlds...
it's expected to use steriotypical shoe-ins for concepts outside the scope of the presentation.
http://americablog.com/2013/09/nsa-outrage-star-trek-bridge....
(edited to remove broken image link)
> Could we set up a lot of really slow Tor nodes ... to degrade the quality of the network? > Given CNE access to a web server make it painful for Tor users?
At least the document seems to confirm that GCHQ has a really, really hard time de-anonymising Tor users.
> Critical mass of targets use Tor. Scaring them away from Tor might be counterproductive.
I'm so glad I have nothing to hide.
Conspiracy theories are fun!
> Critical mass of targets use Tor. Scaring them away from Tor might be counterproductive.
In other words, they'd rather only have to break one anonymization service instead of five.
Isn't that kind of like the police deciding to make the roads full of potholes because that would make it more difficult for bank robbers to get away in a car.
Then again, considering the quality of the roads these days, maybe they are way ahead of me on that.
Otherwise yes, it seems stupid to make Tor unusable as a whole.
Basic statistics tells us it is pure insanity to compromise our security for the noise that is "international terror".
For instance, what is (U)? Or (S), (SI), and (REL)?
There's a bunch more too:
http://en.wikipedia.org/wiki/Classified_information
http://en.wikipedia.org/wiki/Sensitive_Compartmented_Informa...
[1]http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa...
[2]https://news.ycombinator.com/item?id=6495771
https://news.ycombinator.com/item?id=5008829
https://news.ycombinator.com/item?id=5008267
I missed the disclosure on this one, is it in the FAQ or somewhere else?
Anyone know how to start identifying the FoxAcid servers and calling them out?
https://s3.amazonaws.com/s3.documentcloud.org/documents/8014...
http://s3.documentcloud.org/documents/801434/doc2.pdf
http://s3.documentcloud.org/documents/801435/doc3.pdf
It sounds dramatic because it is.
Edit: I found a reference to something called a "Quantum Insert" in an article related to GCHQ. They state the following:
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI"). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them
http://www.spiegel.de/international/europe/british-spy-agenc...
This might be what they are referring to, or a system that was built for targeting specific individuals.
In the academic literature, these are called "man-on-the-middle" attacks, and have been known to the commercial and academic security communities. More specifically, they are examples of "man-on-the-side" attacks."
Read more here: www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity
If I were MITMing with full cooperation of only a subset of a network carrier, I'd probably go for some route announcement tricks; easier to interface with the rest of the organization, and due to lack of filtering internally, not much config change required. Would fail safely (== non-detectably), also, and could potentially be explained away as "oh, shit, some stupid ISP leaked routes".
(I guess you could give bad dns responses, too, and then go from there, but that sounds more detectable at the end user device, which is very undesirable.)
ORBOT / Tor Router Project / Hide-my-ip-address / Tor Project and the bootable OS Tails.
Some of the more advanced Obfuscation for the tor project
Skype Morph - Hides Tor traffic in Skype packets mmm fun and worth a look
Someone better be working on tor Obfuscation with flash packets, no one is going to block those things.
/tinhat
I don't like that PG has relaxed the flagging so much. You can probably flag even tens of stories a day now without having your flagging removed.
I would totaly implement something like that if I were PG. Seems to fit the mindset of HN, as it also uses hellbans.
Just an odd image in my mind of a group of top-security clearance, extremely well trained, able-minded people who think up silly code names like these.
Would be a hell of a co-incidence if it wasn't a reference.
Would also love to know more about NEWTONS CRADLE, anyone heard of anything more specific?
... that either says they're stupid, or they're only after stupid terrorists... as if they're the ones they should really be concerned about.