Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
BLACK FRIDAY DEAL: Trust the World's Fastest VPN with Your Internet Security & Freedom--A Lifetime Subscription of PureVPN at $48 with coupon code "BFRIDAY20" ×
Canada Security

Canada's 'Super Secret Spy Agency' Is Releasing a Malware-Fighting Tool To the Public ( 66

Matthew Braga, reporting for CBC News: Canada's electronic spy agency says it is taking the "unprecedented step" of releasing one of its own cyber defence tools to the public, in a bid to help companies and organizations better defend their computers and networks against malicious threats. The Communications Security Establishment (CSE) rarely goes into detail about its activities -- both offensive and defensive -- and much of what is known about the agency's activities have come from leaked documents obtained by U.S. National Security Agency whistleblower Edward Snowden and published in recent years. But as of late, CSE has acknowledged it needs to do a better job of explaining to Canadians exactly what it does. Today, it is pulling back the curtain on an open-source malware analysis tool called Assemblyline that CSE says is used to protect the Canadian government's sprawling infrastructure each day. "It's a tool that helps our analysts know what to look at, because it's overwhelming for the number of people we have to be able to protect things," Scott Jones, who heads the agency's IT security efforts, said in an interview with CBC News. On the one hand, open sourcing Assemblyline's code is a savvy act of public relations, and Jones readily admits the agency is trying to shed its "super secret spy agency" reputation in the interest of greater transparency.
This discussion has been archived. No new comments can be posted.

Canada's 'Super Secret Spy Agency' Is Releasing a Malware-Fighting Tool To the Public

Comments Filter:
  • by PsychoSlashDot ( 207849 ) on Thursday October 19, 2017 @04:48PM (#55399713)
    As a Canadian, I'd just like to apologize for this.

    Wait. We didn't do anything wrong?

    I'd still like to apologize.
    • by beckett ( 27524 )
    • We all know Canada only does nice things like this to make other countries look bad. Not cool, Canada.
    • As a Canadian, I'd just like to apologize for this.

      As a Canadian, I'd also like to apologize while acknowledging that I am apologizing on land that was once owned by the Huron and Algonquin First Nations.

      • I can't wait for the current white guilt dad to pass. My kids are getting more native propaganda than actual useful instruction in school right now. Because all the problems with the treaties and reservation system will all be resolved if we just brainwash the white kids enough...

    • We apologize for the fault in the apologies. Those responsible have been sacked.

  • Collect it all.
    Share with other 5 eye nations. []
  • By releasing this to the general public, aren't they just inviting malware authors to reverse-engineer it, so they can write malware that does an end-run around it?
    • by Desler ( 1608317 )

      Why would they need to reverse engineer it when they have the code? Secondly, yes it might but at the same time that will help improve the tool.

      • For the same reason you need to reverse-engineer a competitor's engine even if they give you a complete working one. Just because you don't need to crack it to expose the code, that doesn't mean you understand why it works for free.
    • by Anonymous Coward

      Because it obviously means that this tool is no longer useful to them and that they have something better now?
      Otherwise they are really dumb.

  • It's @ []

    The service uses our generic icap interface to send files to the proxy server for analysis and report the results back to the user.

    So, does this mean I hack myself by the russians everytime I use it?

  • So what does it DO? (Score:4, Informative)

    by nuckfuts ( 690967 ) on Thursday October 19, 2017 @05:06PM (#55399867)

    From the article:

    "Assemblyline is described by CSE as akin to a conveyor belt: files go in, and a handful of small helper applications automatically comb through each one in search of malicious clues. On the way out, every file is given a score, which lets analysts sort old, familiar threats from the new and novel attacks that typically require a closer, more manual approach to analysis".

I THINK THEY SHOULD CONTINUE the policy of not giving a Nobel Prize for paneling. -- Jack Handley, The New Mexican, 1988.