NSA Chief Warns Of Pending Cyberattack… Which He Wants To Make Easier With Backdoors
from the ridiculous dept
NSA Director Admiral Mike Rogers has often seemed somewhat more reasonable than his predecessor, but he’s still not above spewing FUD. The latest is that, last week, he pulled out the favorite of surveillance state supporters everywhere: the pending cyberpocalypse, in which hackers take down the economy. Prepare for the “dramatic cyberattack” that is inevitably on the way:
The director of the National Security Agency issued a warning Thursday about cyberthreats emerging from other countries against networks running critical U.S. infrastructure systems.
Adm. Michael Rogers said he expects a major cyberattack against the U.S. in the next decade. ?It?s only a matter of the ?when,? not the ?if,? that we are going to see something dramatic,? he said.
Of course, as venture capitalist/entrepreneur Marc Andreessen pointed out in response, the best way to stop that from happening would be to not require that software have backdoors that can easily be hacked:
What would really help with this? Software without government-mandated backdoor security holes! http://t.co/ihRYvQbTIO
— Marc Andreessen (@pmarca) November 21, 2014
"You must build bulletproof software systems that foreign state hackers can never penetrate!" "But leave deliberate backdoors open for us!"
— Marc Andreessen (@pmarca) November 21, 2014
Filed Under: admiral michael rogers, backdoors, cyberattack, marc andreessen, nsa
Comments on “NSA Chief Warns Of Pending Cyberattack… Which He Wants To Make Easier With Backdoors”
He's right -- except for one small detail
There has been a major cyberattack — the news just broke yesterday: http://www.pcworld.com/article/2851472/symantec-identifies-sophisticated-stealthy-regin-malware.html and http://www.theregister.co.uk/2014/11/24/regin/ provide a quick guide to it.
Oh. That one small detail? It looks like the US and the UK are the ones behind this: http://www.zdnet.com/now-we-know-who-developed-state-sponsored-regin-malware-7000036111/
Oops.
Re: He's right -- except for one small detail
Thx for the links.
So the US has been involved in the 2 big attacks (stux and this one)? No wonder they are affraid people will attack them. If you keep punching someone chances are the person will fight back sooner or later.
Lets put in the backdoors so that after they have been used to take over our systems in a cyberattack we can attack right back; seems like a good plan.
This wouldn’t be the same “cyber-Pearl Harbor!” the government was trying to scare us with a couple of years ago, would it?
You’d think after years of being frightened somebody would have moved “critical U.S. infrastructure systems” off the fucking internet.
Re: Re:
Come on! Don’t you think that would take the fear away?
>Something will happen within the next ten years.
Frankly, i’m surprised it hasn’t happened yet. That bet is pretty conservative considering how insecure everything is.
The Golden Key
They want back doors that require a Golden Key.
Of course, these Golden Keys would never fall into the wrong hands*.
*wrong hands includes but is not limited to: the NSA, CIA, FIB, other government agencies, state and local police forces, and other criminal organizations.
Re: The Golden Key
I thought they’d said that they didn’t want back doors any more. Now they want magical front doors or … wands of polymorph or something.
Re: Re: The Golden Key
I remember those wands in Baldur’s Gate. Turned targets into squirrels. Is that what they really want?
Re: Re: Re: You'd have to be nuts not to
The ability to turn smartphone and computers into squirrels?
Who wouldn’t want that ability?
Re: Re: Re: The Golden Key
Is that what they really want?
No it’s more like the Cursed Potion of Speed:
“The character is out of control and will wander around and attack others (including allies) randomly.”
The director of the National Security Agency issued a warning Thursday about cyberthreats emerging from other countries against networks running critical U.S. infrastructure systems.
You know how you solve that problem? Don’t connect critical systems to the internet in the first place. If someone has to be physically at the location of the system in order to even be able to hack into it, that right there will eliminate the vast majority of threats.
If they really cared about keeping critical systems safe, that is what they would be pushing. Instead what are they pushing for? Less security, by introducing and making mandatory more vulnerabilities in those systems, and for no other reason than to make their jobs easier.
They don’t want critical systems to be secure, they want them to be vulnerable, as it gives them an excuse to swoop in and offer to ‘protect’ them.
Re: Re:
If you need remote access for monitoring and control, which usually has low data requirements, use a ring back/ring the control center on state change system. That way only the control center has the ability to control the system, and all anybody else can do is get it to ring the control center.
Re: Re: Re:
Still leaves open the most effective hacking method(social engineering), but it would at least be a better method than having the systems accessible directly from off-site.
Lead By Example
Perhaps Director Rogers could demonstrate his sincerity by installing back doors in intelligence agency systems for better congressional oversight.
OK...
Adm. Michael Rogers said he expects a major cyberattack against the U.S. in the next decade.
So, any year now…
Classic doublethink.
Make things more secure by making it less secure.
Par for the fucking course.
If you stare into a mirror and keep chanting “cyberwar, cyberwar” the headless ghost of a Chinese hacker will appear RIGHT BEHIND YOU!!!
Of course the NSA is pushing for backdoors! Haven’t you guys been reading about Regin, the newly disclosed nation-state malware that’s been backdooring GSM cellphone network infrastructure and backdooring cryptography expert computers?
http://www.securityweek.com/symantec-uncovers-stealthy-nation-state-cyber-attack-platform
https://threatpost.com/regin-cyberespionage-platform-also-spies-on-gsm-networks/109539
Telling the NSA and GCHQ to give up their backdoors, is like asking a crack addict to quit using crack.
The other interesting thing about the Regin backdoor, is all the cellphone tracking technology built into cellphones by law. Is now under hacker’s control.
Re: Re:
Given the choice between some hacker’s control and the government’s control, I’ll take the hacker’s. What’s he going to do? Demand my dirty pictures? Put smarmy ads on my phone? Steal my paltry few dollars?
And what would a government do? Monitor my communications/movements for the ever-shifting ‘suspicious behaviour’. Mark my location for the army of minimum wage armed thugs itching to play with their military-grade hardware. And, ultimately, put my data in an unsecured laptop left in the back of a car where some hacker will get it anyway.
Re: Re: Re:
Yeah, if only the government just wanted a fifty dollar GreenDot money transfer to “fix the computer” that is definitely going to crash in the next day or two.
Re: Re: Re:
Get abused &/or exploited by criminals;
Get abused &/or exploited by corporations;
Get abused &/or exploited by government;
What makes you think any of these are necessarily preferable to any of the others (aside from some deficiency of the imagination)?
Re: Re: Re: Re:
… the criminals at least are honest enough about their actions and don’t pretend that they’re screwing you over ‘for your own good’?
Re: Re: Re:2 Re:
Not to mention that you can actually fight criminals. That is what makes cops scarier. Even if they’re deep in the wrong you’re still screwed for fighting back.
Re: Re: Re:3 Re:
Yeah, I’ll take a mugger over a cop any day. I can defend myself from a mugger, trying to do the same with a cop is likely to get me hospitalized, killed, or thrown in prison.
Re: Re: Re: Re:
Criminals cannot “legally” throw you in jail or physically deprive you of all possessions or kill you. Corporations can but have to try pretty hard. Governments scarcely have to try at all.
They already been approved tons of everything to catch those in the War On Drugs. Funny how that hasn’t stopped anything. They’ve arrested so many that we have the worlds’ #1 amount of prisoner population. Yet we are still hearing from those the cry for every more access.
Russia and it’s various old satellites it gave up have been a steady source of malware for robbing banks electronically for better than a decade. They almost never catch the ones that did it. Same with credit cards.
Now pile on this pile that the US has owned up to distribution malware. Those little gems like Stuxnet or the recently discovered Regin. A/V companies say only a state sponsored program can deliver it at this level of complexity. Congress got the willies over China’s possible hacking of routers, banning them in the US. Then up comes a photo of the NSA doing the same damn thing.
Face it, the US escalated this and now they are running with a guilty conscious. The Pearl Harbor is the fear that others will do what the US has shown it can do. I’m getting to where I fear my government and their actions more than the hackers.
“Peedy-files and terrorists! Hackers behind every blade of grass! Doom closing its icy fingers around your throats, citizens of America! Now, turn over your encryption keys, so we can keep you niiiiice and safe…”
Re: That completely parses as...
.pd
As in bigdatablock.pd
Because Logic!
my last version of this post submitted prematurely without a message. All apologies.
No wait! Because lies!
There will be attacks – enabled by the backdoors.
-Self fulfilling prophecy-
Let’s face it, the people in charge of the security of this country are basically idiots. This is why they argue contrary to experts and common sense. In order for the government (made up of idiots) to do their jobs, it has to be easy.
Re: Re:
Idiocy would probably be an improvement actually, as you can educate an idiot, and as long as it’s a well meaning idiot, there’s at least a chance they’ll change when they are shown how their actions are just making things worse.
No, the NSA’s main problems are arrogance and indifference. They assume that no-one could possibly take advantage of the security weaknesses they create, and simply don’t care how much they screw over everyone else, as long as they can continue to do whatever they want to.
If the NSA is so competent at securing computers, why doesn’t the NSA start by securing all the government computers? They don’t even have to ask permission because the government already owns them. If the NSA can totally secure all the government computers, then I’ll consider letting them handle my security.
Re: Re:
Umm, no, I think I’d prefer it if the NSA wasn’t in control of all the government’s computers.
Problem: Your house will be burglarized within the next 10 years.
Solution: Install new locks on all doors and leave a key under the doormat so we can ensure your house is secure!
doh! 🙂
FBI wants a Golden Key, so they can give us a
Golden Shower on all of our rights.
It took him all this time to find out that Keith Alexander is working with the financial industry?
It is kind of funny...
10 years ago they were all like: “Every country should be like ours… the land of the free and democracy”
Today they are like: “FEEEEAR the world! because there might be people out there who are as bad as we are!”
as a hacker i applaud this move
teehee ….we wil get your back doors too , thanks to your govt….
and we wont tell you when we pwn you….enjoy
censorship on techdirt
OH MY
seems the web gods have turned shit up on this site to make it bend over…
as said as a actual hacker im laughing my ass off at this….can’t wait to test out all the apps after this passes and its like being back in the xp days for years we held a nice lil back door , heck sony even got hold of that rootkit….with process hiders and anti virus protecting it , WEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
good times….
Critical infrastructure to the nation should not be connected to the fucking internet. How difficult is this to comprehend?
Look!! In the Sky!! Its a Terrorist! No its a Cyber Terrorist!!
““It’s only a matter of the ‘when,’ not the ‘if,’ that we are going to see something dramatic,” he said. “
Oh absolutely.
As soon as the CIA and NSA can be reasonably sure that their crack Army Signals hacker team won’t get caught, and can make it appear to be an attack by ISIS/ISIL – they’ll be pulling another Electronic Pearl Harbor on the Good Old Gullible US citizenry for certain.
If they can fake a terrorist attack by ISIS/ISIL on American soil – so to speak – just think how the US public will be shitting their pants and demanding the USG protect them from the masked evil overlords of doom.
And it’ll work too. Every false flag op the USG has pulled since the Lucitania has worked like a charm, just like Goering said they would.
=====================================================
“Naturally, the common people don’t want war;
neither in Russia nor in England nor in America,
nor for that matter in Germany.
That is understood. But, after all, it is the leaders
of the country who determine the policy and
it is always a simple matter to drag the people
along, whether it is a democracy or a fascist
dictatorship or a Parliament or a Communist
dictatorship. Voice or no voice, the people can
always be brought to the bidding of the leaders.
That is easy. All you have to do is tell them
they are being attacked and denounce the
pacifists for lack of patriotism and exposing
the country to danger. It works the same way
in any country.”
– Hermann Goering, Nazi Reichsmarshall
===================================================
These guys spend probably three quarters of their time manufacturing possible false flag scenarios, for fun and profit. After all, there is no better “enemy” than the ones you create yourself, from whole cloth.
—