[Cryptography] Does NSA break in to endpoints (was Re: Bruce Schneier has gotten seriously spooked)
ianG
iang at iang.org
Sun Sep 8 06:50:55 EDT 2013
On 8/09/13 03:00 AM, Perry E. Metzger wrote:
> On Sat, 07 Sep 2013 09:33:28 +0100
> Brian Gladman <brg at gladman.plus.com> wrote:
>
>> On 07/09/2013 01:48, Chris Palmer wrote:
>>>> Q: "Could the NSA be intercepting downloads of open-source
>>>> encryption software and silently replacing these with their own
>>>> versions?"
>>>
>>> Why would they perform the attack only for encryption software? They
>>> could compromise people's laptops by spiking any popular app.
>>
>> Because NSA and GCHQ are much more interested in attacking
>> communictions in transit rather than attacking endpoints.
>
> Except, one implication of recent revelations is that stealing keys
> from endpoints has been a major activity of NSA in the last decade.
>
> I'm not going to claim that altering patches and software during
> download has been a major attack vector they've used for that -- I have
> no evidence for the contention whatsoever and besides, endpoints seem
> to be fairly vulnerable without such games -- but clearly attacking
> selected endpoints is now an NSA passtime.
The eye-opener for me was that they were investing and trying in every
known attack. They are acting like true economic attackers, try
everything, and select the one that generates the best ROI. Just like
the industrialised phishing/hacking gangs that emerged in the 2000s...
iang
More information about the cryptography
mailing list