Pages:
Author

Topic: The NSA reportedly poses as Facebook to spread malware (Not just Facebook) (Read 4319 times)

newbie
Activity: 28
Merit: 0
I stopped using facebook about 3 years ago so i guess im not affected by this. Cheesy


They do read this forum, or a scraper is.

NSA employees are quite intelligent people, so they must have a highly sophisticated sense of humour. i would imagine that the "Bitcoin intel office" is the branch to be in, if you want to enjoy working for NSA.

They must be rolling around the floor laughing, short of breath, every hour of the day as they try to keep up with the massive amount of genuinely funny jokes on this forum.

As NSA also do industrial espionage, expect hearing Jimmy Fallon using your jokes on the tonight show too.
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
Is NSA malware safer for me than blackhat hacker malware?
NSA malware is federally funded and internally checked and balanced.

That is true of the older type.
Now it's all black ops with no over-sight?
hero member
Activity: 546
Merit: 500
PGP 9CB0902E
Is NSA malware safer for me than blackhat hacker malware?
NSA malware is federally funded and internally checked and balanced.
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
Is NSA malware safer for me than blackhat hacker malware?
hero member
Activity: 567
Merit: 503
If anything this is another piece of evidence that NSA's main targets are neither highly organized criminals or nor other kind of terrorists. Those would undoubtedly not use the same personal computer for something like facebook and their criminal activities.
legendary
Activity: 1176
Merit: 1001
minds.com/Wilikon
http://www.youtube.com/watch?v=MGsalg2f9js#t=499

Quote from: Mark Suckerberg
Before most people were anonymous...

Voted Best NSA Spokesperson 2013
hero member
Activity: 518
Merit: 521
http://www.youtube.com/watch?v=MGsalg2f9js#t=499

Quote from: Mark Suckerberg
Before most people were anonymous...
legendary
Activity: 2884
Merit: 1115
Leading Crypto Sports Betting & Casino Platform
I stopped using facebook about 3 years ago so i guess im not affected by this. Cheesy

Hmm... Read the full title of the thread: (Not just Facebook)

Wonder if internet technologies will just move beyond the sphere of government spying again in a few years namecoin Etherum projects heck even tor/onion routers on a larger scale as the protocols adapt
legendary
Activity: 1176
Merit: 1001
minds.com/Wilikon
I stopped using facebook about 3 years ago so i guess im not affected by this. Cheesy

Hmm... Read the full title of the thread: (Not just Facebook)
member
Activity: 76
Merit: 10
we need one earthquake at NSA's headquarters in Ft. Meade, Md.,

but here is one nice news "no water=no nsa data center":
http://www.theverge.com/2013/12/6/5183060/anti-surveillance-activists-want-to-shut-off-the-water-to-the-nsas
sr. member
Activity: 321
Merit: 250
I stopped using facebook about 3 years ago so i guess im not affected by this. Cheesy
legendary
Activity: 1176
Merit: 1001
minds.com/Wilikon


When gov’t spies fake your company’s website, what can be done?
Intel agencies' techno-impersonations wouldn't be immune from trademark law.


A recent article by The Intercept showed how US and UK intelligence agencies have been impersonating the servers of companies like Facebook. In November, Der Spiegel noted that agencies created "bogus versions" of sites like Slashdot and LinkedIn to plant malware in targets' machines. "We are not happy that our intellectual property is being used in that way," LinkedIn's general counsel told Wired when asked about the techniques.

If whole-cloth copies of websites were used by competitors or scammers, they'd be—at a minimum—buried in lawsuits. But what, if anything, can companies do against government agencies about such impersonations? Turns out, there are avenues available to those who may be bold enough to use them.

"Passing off"

The best course of action for companies subject to impersonation by government snoops that utilized their graphical assets and logos would probably be through federal trademark law, as set forth in the Lanham Act. Unlike copyright infringement suits filed against the government, there are few procedural hurdles to filing a trademark suit, explained Jed Wakefield, an IP lawyer at Fenwick & West.

Copyright claims brought against the government must be filed in the US Court of Federal Claims, and the subject matter in question must have previously been registered with the Copyright Office—something companies don't typically do for their Web interfaces.

In contrast, under the Lanham Act, the government is expressly liable. The law clearly states, "As used in this paragraph, the term ‘any person’ includes the United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, or other persons acting for the United States and with the authorization and consent of the United States."

As a result, the creation of absolute replicas of a website or other graphical interface using a federally registered mark would violate basic trademark principles. "The Lanham Act prohibits using someone else’s source identifiers to deceive people," said Wakefield. "I don’t think anyone would believe that the government would be able to compete with a business by using its trademarks."

Even if something was merely added to an already existing company website, like a form to provide personal information that would route back to the government rather than the company, the government could be liable under a “passing off” tort theory under the Lanham Act. Under such a theory, an individual is prohibited from misrepresenting another’s goods or services as being his or her own. Hypothetically speaking, "If the NSA or a contractor did not replicate the mark but caused the services to change, there could be a passing off," explained Wakefield. "There have been cases where distributors alter the formula of a product in some way that would constitute passing off."

Wakefield explained that in most of these scenarios, the goal would be injunctive relief—that is, a court order getting the government to stop its behavior—rather than money damages.

Traditionally under trademark law, monetary damages are calculated as the profits gained by the infringer, which are presumed to be equal to the damages suffered by the trademark owner. This metric wouldn't be applicable in cases of government snooping, so the best available remedy in such a scenario would be for a court order that the government simply stop the practice.

Technology versus law

It's unlikely that any technology company would currently be willing to challenge the government's actions in court, but you never know. If revelations about corporate impersonation continue, companies might find such claims more desirable to litigate, if only to prevent the government from pulling off such conduct in the future.

Whether companies decide to pursue legal avenues or not, they would be wise to take technological precautions to prevent unnecessary snooping. While legal action can get political and public attention, there's little question that technological measures move faster.

For example, last year, Facebook activated HTTPS encryption, which Facebook spokesman Jay Nancarrow said should make malicious impersonation more difficult for snoops to circumvent in the future. Similarly, in 2010, Google made HTTPS encryption the default setting in Gmail, and last week it announced, "Gmail will always use an encrypted HTTPS connection when you check or send e-mail." In retrospect, Facebook and Google seem to have been behind the curve in failing to automatically activate HTTPS encryption for all users when they did. Using end-to-end encryption helps not only keep out government snoops, it protects against private phishing scams or other more straightforward security breaches.

http://arstechnica.com/tech-policy/2014/03/when-govt-spies-fake-your-companys-website-what-can-be-done/
legendary
Activity: 1176
Merit: 1001
minds.com/Wilikon
simple solution:
use computer in the library and not your home PC when you login to facebook, so, they can hack computer how much they want  Cheesy

Solution:
Don't forget to cover the lens of that camera in that library and erase the recording with the time stamp when you logged in Facebook. Also the same rule applies to all the camera outside leading to that library. Cheesy
member
Activity: 76
Merit: 10
simple solution:
use computer in the library and not your home PC when you login to facebook, so, they can hack computer how much they want  Cheesy
legendary
Activity: 2884
Merit: 1115
Leading Crypto Sports Betting & Casino Platform
Magic the gathering! NSA, Mark Karpeles, everything is a blur  Shocked

Strangely enough I believe that the NSA will do anything to violate privacy in the name of security
hero member
Activity: 518
Merit: 521
More security theater from Google Gmail:

http://technology.inquirer.net/35011/google-toughens-security-with-gmail-encryption

Don't forget the NSA has the SSL certificate companies in their backpocket, e.g. Verisign, etc..

HTTPS is worthless these days.

https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html

http://www.mail-archive.com/[email protected]/msg12372.html

Bottom line is if you don't know the public key of the website from common knowledge shared by many other users of that web site, and enter it yourself into your browser (something which is never and probably can't be done today), then your communications are not immune to MITM attacks.
legendary
Activity: 1176
Merit: 1001
minds.com/Wilikon
are you surprised? I mean they do everything and i won't be surprised if every operation system send complete reports to NSA.

Always thought that the Suitcase Nuke's were a myth, thanks.

Well, since no one will admit, first, to build something as stupid a suitcase nuke, then, to be stupid enough to lose them in the wild is technically still a myth.
sr. member
Activity: 504
Merit: 250
are you surprised? I mean they do everything and i won't be surprised if every operation system send complete reports to NSA.

Always thought that the Suitcase Nuke's were a myth, thanks.
legendary
Activity: 1176
Merit: 1001
minds.com/Wilikon
I just hope that someone will just nuke the Whitehouse. Enough with this.
All doubt aside; they are reading this thread now!


Nah. NSA bitcointalk office knows bitcoiners would not waste their precious BTC buying an old USSR suitcase nuke on the black market.

https://www.youtube.com/watch?v=kR2IarjjmxE

full member
Activity: 126
Merit: 100
are you surprised? I mean they do everything and i won't be surprised if every operation system send complete reports to NSA.
Pages:
Jump to: