TechSpot

Snowden documents reveal the NSA's plan to use app stores to inject targets with malware

By Shawn Knight
May 21, 2015
Post New Reply
  1. nsa tablet smartphone malware apps spying irritant horn

    New documents from whistleblower Edward Snowden reveal the NSA had a plan in place to use app stores from Google and Samsung to deliver malware to mobile devices.

    Dubbed IRRITANT HORN, the plan was to seek out the path of web traffic to and from mobile application servers belonging to Google and Samsung. Once found, the NSA would conduct a man-in-the-middle attack in which it could silently load a target’s mobile device with the spying tools of its choice from its extensive catalog which includes tools to extract e-mails, texts, web search history, call records, videos, photos and more.

    nsa tablet smartphone malware apps spying irritant horn

    With the user connecting to an official app store, there would be no reason to suspect anything was up.

    As you may know, most major companies – Google and Samsung included – utilize Transport Layer Security, or TLS, to protect against such attacks. As The Verge points out, however, many in the security community suspect the NSA has long ago figured out how to circumvent TSL.

    The latest Snowden documents are dated between November 2011 and February 2012. It’s unclear if the plan was ever implemented although given that the slides are several years old at this point, I wouldn’t be surprised if they’re already using the attack or perhaps even a more sophisticated version.

    Another possible point of entry was revealed back in February when it came to light that multiple spying agencies have had access to SIM card encryption keys for years.

    Permalink to story.

     
  2. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,548   +2,894

    People pay for Malware protection against their own government. Tell me again how we are to trust our own government! They are continually crossing lines that shouldn't be crossed. If it is wrong for the general person to use Malware for any reason, it is wrong for them to do so as well.
     
  3. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 6,475   +2,033

    They probably implemented this a long time ago but it's strange there's no mention of them targeting Apple users. What makes them so special?
     
  4. MilwaukeeMike

    MilwaukeeMike TS Evangelist Posts: 2,750   +1,105

    If someone owes you $1000 and they say 'ok I'll pay you $1000, but I"ll pay you small payments over 20 years and the total of all the payments will add up to $1000 in 2035.' If you want the whole $1000 today, I'll only give you $600. You'd never agree to that because $1000 in 2035 is worth a lot less than $1000 in 2015 (not to mention you want your money now). But that's exactly how the govt pays out lottery winners. They're the only ones who can pay someone this way.

    Did you know they can pass tax laws RETROACTIVELY? So if tomorrow they decide to increase the tax rate on something they can make people pay it who wouldn't even have taken the action that triggered that tax had it existed back when they made the decision.

    The point is... being right has nothing to do with it.

    What I'm confused about it is this...
    New documents? Is he still working there? I'm assuming the media is just trickling out the news to keep us interested. I doubt any of it is new.
     
  5. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,548   +2,894

    You are comparing work ethics to a pay check. Not only that you are trying to validate one wrong with another wrong.
     
    yRaz likes this.
  6. cmbjive

    cmbjive TS Booster Posts: 777   +137

    The only wrong I see here is that Edward Snowden released documents that he shouldn't have and then high tailed it to China, the best protector of free speech, then sought and was granted asylum in Russia, that bastion of civil rights.
     
    misor likes this.
  7. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,548   +2,894

    Then you can't seem to fathom the concept these documents are concealed because they are evidence of wrong doings, and have nothing to do with security of our nation.
     
    SirChocula likes this.
  8. cmbjive

    cmbjive TS Booster Posts: 777   +137

    Oh, I can fathom it. I can also fathom that none of you gave a wit about this until after Edward Snowden dumped all of this stuff on everybody and, even after it has been dumped on everybody, it doesn't impact you an iota.
     
  9. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,548   +2,894

    That is where you are wrong both in assuming and in your final judgement.
     
  10. mattfrompa

    mattfrompa TS Guru Posts: 493   +23

    It absolutely is to keep us interested. If all the documents were released at once, there would be one huge story, and we would never hear of it again. But releasing over time keeps our gov in the hot seat, which it put itself there in the first place. How many would still argue the pentagon papers should not have been released? Even if one holds the opinion that Snowden should not have released anything, I think it is a far more difficult argument to say that the releases have not had a positive effect for citizens. It has been a wake up call for the US tech industry, and I would say that we are already better off because of it. The snowden leaks created global controversy, and its a conversation that I feel is long overdue. So don't get fatigued because there is yet "another" leak, but wonder if after it all, "land of the free..." still applies.
     
    SirChocula, cliffordcooley and yRaz like this.
  11. WangDangDoodle

    WangDangDoodle TS Addict Posts: 199   +71

    The KEY thing to remember here is this: If they CAN do it... it's ALREADY being done!
     
  12. MilwaukeeMike

    MilwaukeeMike TS Evangelist Posts: 2,750   +1,105

    yeah, I know... but it's too bad that the story that made the news isn't the one about the house passing a law that ends mass data collection. That's what really matters.

    http://www.usatoday.com/story/news/...om-act-nsa-surveillance-patriot-act/27235265/
     
    mattfrompa likes this.
  13. Jad Chaar

    Jad Chaar TS Evangelist Posts: 6,477   +965

    Yeah, they should stick to "Backdoors". Hey, at least this is only against "targeted" subjects supposedly.
     
  14. wiyosaya

    wiyosaya TS Evangelist Posts: 1,030   +267

    None, huh? Pretty strong words, I would say.

    When W's congress passed the Patriot Act, there was little doubt in my mind that it could easily be used, without consequences, to brand anyone a terrorist, and that the nation had become a nation run amok with fear where the government was willing to employ the techniques of terrorists in its so called war on terrorism. In addition, anyone branded as a terrorist had no rights - even residents of this nation whom are supposed to have, at a minimum, constitutional rights. How could that happen? Brand with terrorist and enemy combatant.

    There's a big difference between not giving a wit and not being able to do anything about it because the govt has run amok, of which the latter, as I see it, is the case.

    Snowden has simply pointed out the depth to which the paranoia has gone. I would not be surprised if there is still info in the files that he has that he has yet to release.
     
  15. cmbjive

    cmbjive TS Booster Posts: 777   +137

    Name someone who has illegitimately been labeled a terrorist and had their rights curtailed.

    Name how Edward Snowden document dump has made the United States safer and not harmed us in any way.

    Oh, and from Russia with love:

    http://www.reuters.com/article/2015/05/21/us-russia-internet-idUSKBN0O62H220150521

    Russia doesn't violate so-called civil liberties secretly, it does it in front of all to see. Snowden sure did choose a good benefactor.
     
  16. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,548   +2,894

    You are not looking at this from a
    http://www.quotecounterquote.com/2010/11/government-of-people-by-people-for.html
    perspective.

    I like this comment the best
    We are naive in believing the original quote. Especially now that we no longer have a clue as to how to participate, because of all the closed doors. We no longer have the right to participate because our government doesn't want our honest answers. And people like you are the reason why "the people" no longer has any power. You have relinquished your right to participate, and then challenging anyone else for their belief as to why they should participate.
     
  17. cmbjive

    cmbjive TS Booster Posts: 777   +137

    Cliffordcooley, I think you messed your post up, but no matter. I didn't relinquish any right of any kind. I'm perfectly fine with the NSA surveillance programs and I'm perfectly fine with them collecting phone metadata (not warrantessly tapping your phone calls as that is a different issue). Don't tell me about relinquishing my right to participate: I WANT government to do these activities behind closed doors as it government's job to protect us from all enemies foreign and domestic. You get back at me when the United States government blatantly violates the rights of its citizens in the same manner as Russia does its citizens then I will get behind you. Of course, the Supreme Court is about to do that right now when it suddenly finds within the Constitution that gays have a right to marry and it forces anyone who has a dissenting view to either adopt that view or be punished by the state. Is that fine with you?
     
  18. CrisisDog

    CrisisDog TS Booster Posts: 120   +17

    Nothing to see here folks. Pay no attention to the man behind the curtain....
     
  19. Chris Novak

    Chris Novak TS Rookie

    Probably easier to hack Android than iOS.....
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...