NSA And GCHQ
(via @ioerror and Der Spiegel)
Inside TAO: Documents Reveal Top NSA Hacking Unit:
Part 1: Documents Reveal Top NSA Hacking Unit:
Part 2: Targeting Mexico:
Part 3: The NSA's Shadow Network:
NSA's Secret Toolbox: Unit Offers Spy Gadgets for Every Need:
Shopping for Spy Gear: Catalog Advertises NSA Toolbox:
Interactive Graphic: The NSA's Spy Catalog:
http://www.spiegel.de/international/world/a-941262.html
Neue Dokumente: Der geheime Werkzeugkasten der NSA:
NSA-Programm “Quantumtheory”: Wie der US-Geheimdienst weltweit Rechner knackt:
Der Spiegel 1 / 2014:
https://magazin.spiegel.de/digital/index_SP.html#SP/2014/1/124188114 http://www.spiegel.de/spiegel/index-7629.html
TAO slides:
NSA QUANTUM Tasking Techniques for the R&T Analyst:
Yahoo! user targeting and attack example with QUANTUM:
QUANTUMTHEORY and related QUANTUM programs:
If you'd like to detect the QUANTUM INSERT, I suggest reading about the race condition details:
http://www.spiegel.de/fotostrecke/qfire-die-vorwaertsverteidigng-der-nsa-fotostrecke-105358-15.html
Details about the Man-On-The-Side with QUANTUM:
QFIRE (NSA-Geheimdokumente: “Vorwärtsverteidigung” mit QFIRE), TURMOIL, TURBINE, TURBULENCE:
http://www.spiegel.de/fotostrecke/qfire-die-vorwaersverteidigng-der-nsa-fotostrecke-105358.html
MARINA:
More MARINA details:
Catalog of equipment covering around ~50 programs:
Other slides covering FOXACID and more:
NSA QUANTUMTHEORY capabilities list:
GCHQ QUANTUMTHEORY capabilities list:
OLYMPUSFIRE:
VALIDATOR:
An overview of all of these articles is available in German:
Earlier this week, I also recently gave a talk titled “To Protect and Infect: part two” at CCC's 30C3. In the talk I explain a number of these topics - the video is a reasonable complement to the above stories:
https://www.youtube.com/watch?v=b0w36GAyZIA
There are quite a few news articles and most of them have focused on the iPhone backdoor known as DROPOUTJEEP - they largely miss the big picture asserting that the NSA needs physical access. This is a misunderstanding. The way that the NSA and GCHQ compromise devices with QUANTUMNATION does not require physical access - that is merely one way to compromise an iPhone. Generally the NSA and GCHQ compromise the phone through the network using QUANTUM/QUANTUMNATION/QUANTUMTHEORY related attack capabilities.
An example of a vulnerable Apple user is shown:
“note: QUANTUMNATION and standard QUANTUM tasking results in the same exploitation technique. The main difference is QUANTUNATION deploys a state 0 implant and is able to be submitted by the TOPI. Any ios device will always get VALIDATOR deployed.”
They're not talking about Cisco in that slide, I assure you.
Details on VALIDATOR:
Welcome to 2014!
nik