The NSA’s Exceedingly Accurate Intel On The State of Hacker Conferences, and by the way they go after sysadmins too

“When I first went to Blackhat/Defcon, it was with the wide-eyed anticipation of, “I’m going to go listen to all of the talks that I can, soak up all of the information possible, and become a supar-1337-haxxor.” What a let-down of an experience that was. You find the most interesting topics and briefings, wait in lines to get a seat, and find yourself straining your ears to listen to someone that has basically nothing new to say. Most of the talks get hyped up exponentially past any amount of substance they actually provide, most of the “interactive sessions” end up in a “oh! woe is the state of the security industry!” chant, and leave the audience no better off than before.”

Yeah, that pretty much sums up the state of the public computer hacking community…

Also worth noting is, if you’re a sysadmin, you’ve got a target on your back where the NSA is concerned. They’ll pwn you in a heartbeat to get to someone they’re interested in. Just like all intelligence agencies do to any similar gatekeeper/administrator, if my research serves me right.

Interesting tidbit: the NSA hates email addresses that are hosted on your network (if you’re a sysadmin) because they can’t use those as an entree to QUANTUM injection, by watching for when you connect to webmail.

Interestingly enough as of the time of writing (December 2012) the numerous encrypted-by-default / HTTPS webmail services didn’t seem to be much of a hurdle for this anonymous SIGINT blogger.

https://firstlook.org/theintercept/article/2014/03/20/inside-nsa-secret-efforts-hunt-hack-system-administrators/ http://cryptome.org/2014/03/nsa-hunt-sysadmins.pdf

Advertisements
%d bloggers like this: