I just recently came across this article, now a couple weeks old that elaborates on the NSA's work on implanted malware to further its goals of surveillance and social engineering.
I had seen a few articles around that hinted at some capabilities and avenues they were exploring. The implications of the Zero Hedge led me to believe that conventional tactics of using strong encryption and TOR alone would not be enough, because they intend to compromise endpoints with the malware.
The Intercept article pretty well confirms that suspicion:
"
The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.
One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.
An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.
The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That’s because the NSA’s malware gives the agency unfettered access to a target’s computer before the user protects their communications with encryption."
So, what to do? I can think of a couple things but I am not ready to throw them out there without a bit more research. I mostly wanted to get this out ASAP because commonly used turn-key systems may not be enough.
So beware, stay on your toes, and don't give up. Freedom is always worth it.
No comments:
Post a Comment