Skip to comments.NSA Denies Allegations that it Infected Millions of PCs with Malware
Posted on 03/14/2014 9:05:57 AM PDT by John W
The NSA has not infected millions of computers with malware, it said in a statement on Thursday. It could though, it seems, as the agency made no attempt to deny the existence of an automated malware delivery system which appears in documents leaked by Edward Snowden this week.
According to the documents, the system, codenamed Turbine, is meant to allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.
A statement published to the NSAs official website on Thursday addresses the allegations, saying Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating US social media or other websites, are inaccurate.
(Excerpt) Read more at thewhir.com ...
Parse the words.
I believe them. Why would the lie about something like that?
They’ve seriously damaged any trust Americans had. They have become a joke.
A very dangerous joke with very dangerous tools at their disposal.
If you think you’re safe online, you’re wrong. I’m as tin-foil-hat as they come and have invested incredible amounts of personal funds to develop a heavily encrypted home network with personal email servers, etc., but I STILL believe they can infiltrate.
I only know one thing.
Snowden has other docs showing that they DID spread malware.
And now that they denied it, they will break in the next two weeks.
1.5 million is not “millions.” 1.99 million is not “millions.”
If its turned on they can see it.
The worst part about the NSA is their incompetence.
I want them to point out how many “terrorist plots” they’ve foiled by early detection with all their snooping around.
Odds are the number is zero or very close to it. In other words, they’re doing everything BUT their job.
9 new pieces of malware are created every second.
How much of it is the NSA?
Its what they (govt bureaucracies) do, they were created to find terrorist plots but aren’t finding any with their sources do they branched out to justify their jobs.
Notice they didn't say software. There's a difference.
> Im as tin-foil-hat as they come and have invested incredible amounts of personal funds to develop a heavily encrypted home network with personal email servers, etc., but I STILL believe they can infiltrate.
And you’d be 100% correct. They’ve had this ability for much longer than the average person might guess.
In 1998 a friend and I were discussing encrypted emails and we decided to check out the process. We went to a Norwegian website and downloaded their open source PGP program. We each installed it, exchanged public keys and we each sent each other a one line email to test it out.
Mine said “This is cool. We should check out the capabilities further.”
My friend’s email was similar and only one line long.
Within one day, we were each received an email from the FBI and asking to remove the encryption software from our PCs as it might contain viruses or malware and did not conform to US standards.
We took the software off our machines, but the question remains, “How did they detect the encrypted emails so fast?” It wasn’t even 24 hours later.
“It’s not malware, it bene-ware! - It’s *good* for you, it’s good for everybody!”
The “US Standards” being, that the FBI has a back door with which to read your emails? That kind of “US Standards” that the FBI is concerned about compliance with?
We used to joke that many of Microsoft's bugs were "undocumented features". With the way words are being redefined or dropped from the vocabulary, we might as well be living in Babel these days.
And if you don't believe them, just ask them. They'll tell you.
Scout's honor. Double pinky swear, and all that...
If you want to put all the NSA and CIA crap into a nice neat pile, how is it that they can vacuum American’s e-mails, Skype, web sites etc and not have a “clue” they share about the missing plane? It is probably the same reason the Madoff folks at SEC did not catch him...they really did look at porn more than their work. I bet all the “millenialls” that are not so much into marriage, patriotic things etc etc are into seeing what their “fellow” countrymen and women are doing behind closed doors instead of what they are doing in Malaysia or the Ukraine.
The NSA has NOT infected millions of your computers with malware!
Greenwald and Co have been playing this same rope a dope with these fools for nearly a year now. Release to story, wait for the denials from the agency and stooges in the house, senate and white house, then dump all of the proof onto them. It’s coming. They are probably waiting for a tool like mike rogers to spout off on how impossible this would be.
“Never believe anything until it has been officially denied.”
And it wasn't "them", but a proxy...
And as someone else points out, it's not malware, but spyware. It only becomes detrimental when they issue the commands.
Didn’t the NSA help foil a plot by Romney to overthrow the Obama Administration in 2012?
Yep, you gotta parse the words in this statement, and also note that it said “U.S. Companies,” not just “companies” in general.
It’s like wandering around in an Orwell nightmare.
Those emails are borne from what’s known as endpoint detection. Since endpoints are recognizable as IP addresses, obfuscation is difficult if not impossible. The point of encryption is not to obfuscate but to render the data transmitted impossible to read without the proper keys. It’s like intercepting a lockbox en route between two banks: without the proper keys or tools to brute force open the lock, it’s just a worthless box.
The reason you got the emails is because IT WORKS! The Federal government does not reach out to anyone via email, so your emails were not likely to have been legitimate. If the FBI wants to get in touch with you for something, they’ll show up with a warrant at your home or place of work. This has happened to me on more than one occasion, and learning how to say, “I plead the fifth” in several languages is convenient. Now that I’ve worked in IT security, however, they leave me alone since they know I know what they’re up to.
No network is impenetrable unless it’s off the public Internet. If they can get into my network, there’s not much they can do once they’re there.
Being able to see a machine and being able to know what it’s doing are two different things. I can go into any MDF or IDF in a business and watch every light on every switch blinking away. I know there’s a client on the end of that line, but that’s it. The idea behind encryption is to obfuscate the data being transmitted. If you want to go one step further, you use proxies to bounce your transmissions across numerous endpoints to create a garbled mess.
I’ve been involved in plenty of black hat operations and have seen what the NSA, CIA, and FBI see from their tools. I’m not saying that they don’t have tools none of us know about, but the technologies available to even the most secretive governments cannot work faster than the governance and functionality of protocols. You’re STILL bound by OSI, even if you know how to work around some of the layers.
“We have not recklessly infected any systems, we have diligently augmented them.”