Technical Info on NSA Techniques (and social engineering, robot overlords, Omidyar)

Remember how the one thing we’ve been missing so far was juicy technical details? Well, vive la France! Here are some of the ways (of middling sensitivity? Still nothing paradigm-shifting) courtesy the Le Monde leak —

HIGHLANDS — implants (software? hardware? unclear)
(this one is present at both French diplomatic missions in the US)

VAGRANT — collection of computer screens (TEMPEST equivalent?) (this one is present at the French mission to the UN)

MAGNETIC — sensor collection of magnetic empanations

(Explanation: low frequency magnetic fields are a PITA to shield, they go right through most Faraday cages and conventional shielding. Therefore, a “magnetic bug,” consisting of a magnetic field sensor with a fast response time, can pick them up and re-transmit them to a listening post)

MINERALIZE — collection from LAN implant

OCEAN — optical collection system for raster-based computer screens

(Explanation: when you sweep an electron beam across a CRT and vary the intensity… though the screen appears “solid” to the eye due to persistence of vision… the flickering off the walls of the room can actually be decoded to produce the original image)

LIFESAVER — imaging of the hard drive

GENIE — multi-stage operation; jumping the airgap etc (yes, they can jump an air gap)

BLACKHEART — collection from an FBI implant (yep, the French and everyone else has to fight off both the NSA and FBI — and everyone else too probably, only the NSA and FBI have a “special relationship”)

PBX — Public Branch Exchange Switch
(Explanation: I think the NSA goons that typed this screwed up, it should probably be “private branch exchange switch” — these systems are horribly vulnerable, see JMA’s telephone countersurveillance talk)

CRYPTO ENABLED — Collection derived from AO’s efforts to enable crypto

(Explanation: so this is them weakening crypto to make it easier to break?)

DROPMIRE — passive collection of emanations using an antenna
(Explanation: this is basic TEMPEST stuff. Could be a small antenna hidden nearby, maybe even in a “bug,” or a bigger better antenna offsite)

CUSTOMS — customs opportunities (grabbing people as they cross the border and searching their stuff?)

DROPMIRE (again) — laser printer collection using purely proximal access NOT implants
(Explanation: so this means they put an RF-sensing bug next to the EU’s cryptofax.)

DEWSWEEPER — USB hardware host tap that provides COVERT link over USB link into a target network. Operates with RF relay subsystem to provide wireless bridge into target network.
(Explanation: Hidden USB device in a host, that communicates with a “relay bug” in the office nearby… so it’s the NSA’s stealthier version of a Pwn Plug?)

RADON — bi-directional host tap that can inject Ethernet packets onto the same target. Allows bi-directional exploitation of denied networks using standard on-net tools.

(Explanation: Hardware gadget that lets them on an air-gapped network as if it wasn’t air-gapped. Nasty.)

Le Monde also released some more stats, suggesting that DRTBOX and WHITEBOX are by far their most used surveillance technologies. Unfortunately, we don’t know what the technologies behind these codenames are.

A really fantastic article on social engineering, social interaction, and people in general… if you’re an observer of humanity, a must read.

Robot overlords: Bitcoin as key to the autonomous corporation.

Another Omidyar interview. The guy comes across well enough, even if it’s couched in billionaire-speaking-to-the-press-ese.

and some usage stats:

%d bloggers like this: