On Tue, Dec 31, 2013 at 06:14:56AM +0100, Hannes Frederic Sowa wrote: > On Mon, Dec 30, 2013 at 08:56:57PM -0500, [email protected] wrote: > > This talk is divided into two parts. Morgan Marquis-Boire and Claudio > > Guarnieri talking about the militarization of the internet in part one, > > including both targeted and dragnet surveillance in deep-packet > > inspection. (See also Citizen Labs' work on BlueCoat). In part two, > > Jake Appelbaum talks about some of the most hardcore and cutting-edge > > NSA surveillance tactics and equipment. (See also yesterday's Der > > Spiegel articles). > > > > Part 1: http://www.youtube.com/watch?v=XZYo9TPyNko > > > > Part 2: https://www.youtube.com/watch?v=b0w36GAyZIA > > Actually, somehow, I have a feeling of relief to see that major hardware > vendors don't seem to specifically work hand in hand with the NSA to > implement backdoors. I don't see that having a JTAG connector publicaly > accessible on a RAID controller as a hint for that. The other disclosures > also point to my conclusion that the NSA is mostly working on their > own. Of course, not all of Snowden's documents are released yet and > hence my feeling could be deceiving.
Also: >From the talk I got the impression, that attacks on iPhones always seem to work. The slide from der Spiegel shows that this infection only works via close access method and a remote infection path would be available in the future (the slide is from 2008, but we don't know if this actually exists now): http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/Handy/S3222_DROPOUTJEEP.jpg I guess the slide got accidentally chopped off in the talk or am I missing something? The UPD+RC6 story does not make sense to me, too (how could they know about the encryption algorithm if they didn't dissect the actual bytes). I also don't believe that current state of TLS would help much preventing those redirection attacks. Greetings, Hannes
