NSA Disguised Itself As Google To Spy

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
If this report is accurate, the NSA actually disguised itself as Google to spy on people. Let's face it, with the NSA's track record, this is totally within the realm of possibility.

The technique is particularly sly because the hackers then use the password to log in to the real banking site and then serve as a "man in the middle," receiving requests from the banking customer, passing them on to the bank site, and then returning requested info to the customer -- all the while collecting data for themselves, with neither the customer nor the bank realizing what's happening. Such attacks can be used against e-mail providers too.
 
I am talking completely different. Build it from scratch. New protocols, new interfaces, new everything.
 
I am talking completely different. Build it from scratch. New protocols, new interfaces, new everything.

Because that'll totally stop the NSA that has their own spy server-closets at all ISPs...
 
Because that'll totally stop the NSA that has their own spy server-closets at all ISPs...

Don't think you guys are getting it.

Current ISPs wouldn't have access. New. New. New. Jesus.
 
i hope the NSA increases spying, clearly bunch of shady people trying to hide illegal activities, that the NSA doesn't care about....

google still records more than NSA, and people use it :/
 
Government spies disguise themselves as corporate spies to spy on the people they're "protecting".

Awesome.

Funny thing is that so many people would be A-OK with Google scumming it up, but distrust their government more than they distrust Google. Neither one deserves so much as an inch of spare rope.
 
Funny thing is that so many people would be A-OK with Google scumming it up, but distrust their government more than they distrust Google. Neither one deserves so much as an inch of spare rope.

Swap it out with Microsoft, and I guarantee you the hatred would flow. Google has this weird immunity from tarnishing because of their image as a bunch of laid-back hipster cool guys, largely because of their political activism. The irony is rich, considering their sheer power.
 
Not surprising with cyber warfare. Besides political warfare from the US and Russia, there is also cyber warfare on the Internet. This is much more than spy games now.
 
Funny thing is that so many people would be A-OK with Google scumming it up, but distrust their government more than they distrust Google. Neither one deserves so much as an inch of spare rope.

Blame the education system for teaching people that the government is for the people. It's safe to say that people don't like feeling like they've been betrayed.
 
I do not blame the education system directly, I blame the government for warping the education system.
 
Don't think you guys are getting it.

Current ISPs wouldn't have access. New. New. New. Jesus.

It could happen and it could be profitable, many strong selling points can be made, especially to businesses.. question is, will the US government allow it? I think not, even if technically 'legal' they will be harassing said company to death. This is something many people do not get, US government is not up-front about repression unlike other countries.
A company like you think, might grow for a bit before its noticed, it would then be quickly destroyed by endless legal procedures, and possible IRS issues.. guaranteed it will be accused of aiding some kind of illegal activity.
 
Blame the education system for teaching people that the government is for the people. It's safe to say that people don't like feeling like they've been betrayed.

I mean for god sake how dare the schools teach something that Abraham Lincoln said!
 
A company like you think, might grow for a bit before its noticed, it would then be quickly destroyed by endless legal procedures, and possible IRS issues.. guaranteed it will be accused of aiding some kind of illegal activity.

And then linked to terrorist activity therefore be dismantled in the name of national security (national security, the one size fits all approach). National Security = need to know and no one including congress (at least some of the time) needs to know...lol. Transparency for accountability....get real! Not like Obama orginally ran on having a more transparent GOV anyway.
OBAMA+transparency+.jpg

................................................................................................


The US government loves you, every last one of you, think Santa or Jesus. It's precisely why it lets private bankers control the debt based fiat currency and has been at war for profit forever (I mean defending your freedom(s))...all because they just love you and want to protect you (from the people they're constantly starting shit with). Of course it has nothing to do with simply using you for up to half of your earnings in some form of taxation for the empire which the .001% of the worlds population control and constantly fight over while looking down to laugh at you every once in awhile because you still somehow think you have a say in anything important...being poor, powerless.

Oh shit, "The Voice" is back on and my mircowavable dinner is done. Forget what I said, Taco bell just released a new spicier taco. Now that's something to get excited about. That and god. Remember god blessed america so we have exceptionalism on our side, and now super spicy tacos.
 
Not like Obama orginally ran on having a more transparent GOV anyway.

If you ask Obama, it is. He has 100% instituted a means to make everything he does transparent to the people. IE: Everything he does is unseen by the public until it's too late.
 
Can remember reading years back about Google being an NSA front company and paid for much of development through various channels in earlier days.
You see with all this data, you have to be able to search it effectively.. that's the real key. Capturing it is relatively easy.

After all the Snowden stuff it seems much more plausible.
 
I'm still trying to understand why this is newsworthy. Fake SSL certificates are hardly new. In rare cases hackers manage to get their hands on certificates that are treated as genuine, but more often they use a fake certificate and the users click ok to accept the fake certificate anyway as long as it seems somewhat credible. Though to be honest I suspect that a considerable number of users wouldn't read the text and could just click accept even if it said that it was a fake certificate intended to fool you into giving away all your passwords.

A man in the middle attack is far from new as well.

Since signals intelligence is specifically the job of the NSA, the fact that they are using such techniques to spy should be obvious.
 
I'm still trying to understand why this is newsworthy.

Really? You're HONESTLY having a hard time grasping WHY our government developing and using man in the middle SSL attacks against the people is a newsworthy piece?
 
Since signals intelligence is specifically the job of the NSA, the fact that they are using such techniques to spy should be obvious.

And the fact that they're spying on us doesn't move you one millimeter? Christ, what a conditioned society they've created.
 
I'm still trying to understand why this is newsworthy. Fake SSL certificates are hardly new. In rare cases hackers manage to get their hands on certificates that are treated as genuine, but more often they use a fake certificate and the users click ok to accept the fake certificate anyway as long as it seems somewhat credible. Though to be honest I suspect that a considerable number of users wouldn't read the text and could just click accept even if it said that it was a fake certificate intended to fool you into giving away all your passwords.

A man in the middle attack is far from new as well.

Since signals intelligence is specifically the job of the NSA, the fact that they are using such techniques to spy should be obvious.
Yeah, what the NSA did is nothing new. It's common practice behind hackers and identity thieves to use these methods to steal sensitive financial and personal information from unsuspecting users. Other ways include script injection, malware/spyware, and phishing emails.

However, is this the most effective way to find terrorists and flag down terrorist activity by spying on the millions of Americans through online networks?

Is there another way to find the terrorists before they commit a terrorist act?

Al-Zawahari of Al-Qaeda already announced yesterday calling for attacks on the US from within the country. If in the case of Usama bin-Laden, he used couriers as his third-party of choice to deliver his messages to websites, news media, terrorist cells, and his other Al-Qaeda officers. They didn't find landline phone connections, internet access, or any sort of digital communication in his Abottobad compound in Pakistan. And, as the movie, "Zero-Dark-Thirty" make it sound as if true-- you cannot run a terrorist organization out of a cave. More often than not, they're most likely using internet cafes and public telephone pubs outside the US to communicate to terrorist cells in other countries and to those within the US itself.

So, how do we effectively intercept these communications? What if they are using regular parcel mail? VPN and encrypted email services?

How do we monitor and capture the right criminals without spying on the tens or hundreds of millions of Americans using the Internet in the US?

There has to be a more effective way to do so that doesn't require spying on the American people.

What the NSA has done and has become is doing something no better than your typical identity thief. It does seem effective especially when they come across a terrorist communique, but how often have they been successful at flagging such one down?

It's as if the terrorists are finding ways to outsmart the NSA and our counter-terrorist intelligence gathering or the NSA is getting desperate. So, unless there is someone here that is a counter-terrorist or intelligence expert, I'd like to hear if you guys know a more effective way to catch terrorists before they commit an act of terroristm. It seems like everyone on the Internet is a foreign-policy, intelligence gathering, and counter-terrorism expert and expect one to be. Other than that, it sounds like you're blowing hot steam with no actual knowledge on how terrorists communicate and work.
 
Here we go again, anyone actually read the source document this CNET report references?

Brazilian oil. The internal computer network of Petrobras, the Brazilian oil giant partly owned by the state, has been under surveillance by the NSA

It's a foreign business partly owned by Brazil. It's the NSA's job to do this, it's their mission and always has been. This is exactly what I have been trying to get across to you guys about these reporters. They are digging up everything they can and making stuff look bad when there is nothing there to begin with.
 
Here we go again, anyone actually read the source document this CNET report references?



It's a foreign business partly owned by Brazil. It's the NSA's job to do this, it's their mission and always has been. This is exactly what I have been trying to get across to you guys about these reporters. They are digging up everything they can and making stuff look bad when there is nothing there to begin with.

It's the NSA's job to commit wire fraud?
 
The NSA must see some freaky shit. I apologize in advance to whichever analyst has to watch that tentacle porn I am going to download tonight.
 
Also, that really fucked up cow porn from Monday evening... That must be because of my open WiFi network.
 
Here we go again, anyone actually read the source document this CNET report references?

I notice you never responded to the article I posted that said that only 2,000 of about 18,000 requests for phone records by the NSA from 2006-2009 could be justified, meaning that 88% could not be justified. Here's the post. Looking forward to hearing you explain how that's not a big deal.
 
I have no problem with the NSA spying on foreign entities. That's their job. The only part they screwed up was getting caught doing it.
 
"There have been rumors of the NSA and others using those kinds of MITM attacks," Mike Masnick writes on Techdirt, "but to have it confirmed that they're doing them against the likes of Google... is a big deal -- and something I would imagine does not make [Google] particularly happy."

Well maybe if Google could keep their private keys private :| and we could actually trust the chain of trust to the Root CAs we wouldn't be in this mess.

Without a proper chain of trust the web as we know it is fundamentally broken and something must be done to fix it.

I've been saying this for years, it puts the biggest smile on my face to see that it actually is making the news. I just hope it's not too late to do something about it, but with the apathy I see even in a forum like this it makes me sick :(
 
Can remember reading years back about Google being an NSA front company and paid for much of development through various channels in earlier days.
You see with all this data, you have to be able to search it effectively.. that's the real key. Capturing it is relatively easy.

After all the Snowden stuff it seems much more plausible.

No shit. I wouldn't be surprised if us goverment bought most of google's shares back in the day. No company in the world ever gets really big if it's not strongly supported by some government. Believing otherwise is naive. Shit doesn't just happen.
 
It's the NSA's job to commit wire fraud?

If a recently leaked document is any indication, the US National Security Agency -- or its UK counterpart -- appears to have put on a Google suit to gather intelligence.

First the lead in, the reporter has to guess who is doing what but of course suggests the most likely culprits that come to his mind. As long as he is guessing why not add everyone's name to the hat.

The actual source document.
http://news.cnet.com/8301-13578_3-57602701-38/nsa-disguised-itself-as-google-to-spy-say-reports/
And from this I quote:
However, a top secret presentation dated May 2012 is used by the NSA to train new agents step-by-step how to access and spy upon private computer networks – the internal networks of companies, governments, financial institutions – networks designed precisely to protect information.

The name of Petrobras – Brazil’s largest company – appears right at the beginning, under the title: “MANY TARGETS USE PRIVATE NETWORKS.”

Besides Petrobras, e-mail and internet services provider Google’s infrastructure is also listed as a target. The company, often named as collaborating with the NSA, is shown here as a victim.

A training presentation is not proof of or even a valid suggestion of an actual operation, it's just an example so a trainee has a sense of direction and facilitates the learning process. This is not proof of anything other then they are being trained on a technique.

That technique would be used against valid targets just as it could be used improperly.

The original linked document stops just shy of actually claiming this as proof of an attack here where they say "supposed attack", again, not proof of an attack.
It's not clear if the supposed attack in the Fantastico document was handled by the NSA or by its UK counterpart

Pagliusi concludes that this has been going on for a while: “There’s no place for amateurs in this area.”
He is right, they are not amateurs, but it still is far from proof that an operation took place and if one did take place what says that the target still was not legitimate and that the operation was not warranted?

Last Sunday, Fantastico showed exclusively how the President of Brazil is a direct target of espionage.

Every foreign leader is, this saying is very old;
"There may be friendly Nations, but there are no friendly Intelligence Agencies"
https://www.cia.gov/library/center-for-the-study-of-intelligence/kent-csi/vol45no5/html/v45i5a08p.htm

It proves that spying doesn’t have as its sole purpose the fight against terrorism. On this list of objectives are also diplomatic, political and economic information.
Useless hyperbole, Intelligence Services were spying before the term terrorist was ever applied to an individual or organization, before Vietnam, the Cold War, before WW2. Both sides in the American Civil War had spies. Mata Hari is long dead.
 
Back
Top