NYT: NSA Put 100,000 Radio Pathway "Backdoors" In PCs 324
retroworks writes "The New York Times has an interesting story on how NSA put transmitters into the USB input devices of PCs, allowing computers unplugged from the Internet to still be monitored, via radio, from up to 8 miles away. The article mainly reports NSA's use of the technology to monitor Chinese military, and minor headline reads 'No Domestic Use Seen.' The source of the data was evidently the leak from Edward J. Snowden."
wait a second.... (Score:5, Insightful)
Re:Where are they? (Score:5, Insightful)
I agree - however, there is the question of "who did they use them on?" and also that they were basically DESIGNED not to be detected.
Most people who they targeted probably were arrested or they never even thought they were a target. In that case they can recover their hardware.
The number of devices compromised is likely to be very small as a percentage of the devices out there. Almost certainly neither you or I have one of these devices in our kit. If we did have, how often have you popped open every keyboard/mouse/usb stick you own to make sure there's not something else in there that wasn't supposed to be?
And if they are in collusion with even a single manufacturer to produce a compromised device, then you may never know about the devices hidden functions until you do a chip-analysis of everything inside the device (probably involving decapping and analysing the whole thing which can take years and decades of expertise).
As such, it's unlikely you will ever see one, even with everyone on the Internet looking. That's also what I would expect if they were doing their job properly (or else these things would be discovered quickly and be useless to them).
Much more importantly - if this is true, and we even if we start to use only trusted hardware, this is just more reason to have more "open" machines.
Who knows what's inside a chip on your particular computer, even if it looks very similar to a mass-market item, if they could have got their hands on it and/or been the ones supplying it to you?
Re:Where are they? (Score:4, Insightful)
Re:Here's a silly question (Score:5, Insightful)
I'm dubious about the distance but remember that they are TARGETTING their devices.
As such, they could be on a roof 12km away with a whole array of receivers pointed to within inches of the radio source, and so 12km isn't as insane as it sounds. But it doesn't mean they have a commercially viable tech that others don't.
Pringles tins on wireless dongles - the range can be immense, and if you are good at antenna design, it can get insane. If you know to within-an-inch where you're supposed to be pointing at and/or can trigger it to do a one-off high-powered transmit to download information (by a similar one-off high-powered transmit from a distance), then it's not all that impossible.
But you're not going to see another 802.11 wireless revision out of their work. It's a whole different ball game.
Re:Skeptical about the 8 miles (Score:4, Insightful)
the signal will go that distance, the trick is having a receiver sensitive enough to pick it up
Re:Here's what I don't understand (Score:5, Insightful)
FTFA: Leaked documents show: "the program, code-named Quantum, has also been successful in inserting software into... trade institutions inside the European Union"
NSA propaganda reply: "Vanee Vines, an agency spokeswoman, said in a statement. 'We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.' "
The NSA really go out of their way to deny Industrial espionage, yet they have been caught targeting trade institutions in the EU. Yeah, I also suspect the NSA is lying as usual. From past marketing releases they really try to downplay Industrial Espionage as their motivation, which probably means it is their #1 bread and butter function.
Re:wait a second.... (Score:2, Insightful)
In the game of international intelligence, a foreign military asset is not "innocent." To presume it's so is to invite disaster. Anyone with an ounce of common sense and honesty can see and admit this. Which do you lack?
Re:Americans (Score:4, Insightful)
I'm from the Netherlands. Are you saying my government is spying on IBM and Microsoft? This is like being caught robbing a bank with an assault rifle, and then saying it's alright, because everyone steals something sometimes, 'Danny from down the road stole a piece of chocolate too!' or such. Newsflash for you: Most intelligence agencies spy on things that they believe are actual threats to their security. They don't go mass-intercept Facebook traffic in foreign countries of innocent people.
Now, I'm sure that intelligence agencies here do things they shouldn't do sometimes. And there are also a handful of other countries doing really shitty stuff from their intelligence agencies. I suggest we try to stop all of the wrongdoings, rather than just point and say 'they do it too!'
Re:Where are they? (Score:4, Insightful)
Re:Where are they? (Score:4, Insightful)
But they are not stepping forward. No one is. A transmitter with an eight mile range would be extremely easy to detect. Yet no one has found even one of the 100,000 supposedly installed. Maybe we should ask William of Ockham why they are not being detected.
Re:Where are they? (Score:5, Insightful)
You use this device to feed disinformation to your enemy.
You would make an incredibly bad intelligence agent.