Posted on 10/09/2013 10:34:00 AM PDT by shego
We've long suspected that the NSA, the world's premiere spy agency, was pretty good at breaking into computers. But now, thanks to an article by security expert Bruce Schneier—who is working with the Guardian to go through the Snowden documents—we have a much more detailed view of how the NSA uses exploits in order to infect the computers of targeted users. The template for attacking people with malware used by the NSA is in widespread use by criminals and fraudsters, as well as foreign intelligence agencies, so it's important to understand and defend against this threat to avoid being a victim to the plethora of attackers out there....
In order to accomplish the first step of getting a user to visit a site under your control, an attacker might email the victim text that contains a link to the website in question, in a so-called phishing attack. The NSA reportedly uses phishing attacks sometimes, but we've learned that this step usually proceeds via a so-called "man-in-the-middle" attack. The NSA controls a set of servers codenamed “Quantum” that sit on the Internet backbone, and these servers are used to redirect targets away from their intended destinations to still other NSA-controlled servers that are responsible for the injection of malware. So, for example, if a targeted user visits "yahoo.com", the target's browser will display the ordinary Yahoo! landing page but will actually be communicating with a server controlled by the NSA. This malicious version of Yahoo!'s website will tell the victim's browser to make a request in a background to another server controlled by the NSA which is used to deploy malware....
(Excerpt) Read more at eff.org ...
My name is unique enough that a Google search gives you some information about me, but given that all of that information is public record and there are no traces of me on social media, ever, I don’t worry too much about it. I just enjoy my privacy and work hard to maintain it. That means maintaining an enterprise-class server, software licensing, and all of the electricity bills associated with it.
Oh, that's amusing. Your browser is implicitly suggesting that someone might be trying a man-in-the-middle attack on you. Are you at an airport or some other public place? I constantly have to guard against government controlled access points trying to compromise my certificate chains so they can sniff all my traffic. However browser distributions are onto this tactic and will usually give you an opportunity to say, hey wait a minute here...
Who gets to define "wrong"?
bkmk
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.