Web 3.0: Insecurity and Continuous Surveillance

The NSA appears to have hacked or bought its way into just about every system connected to the internet. The result is that anything connected to the internet should essentially be considered as compromised.

Der Spiegel has published an expose on the NSA’s hacking toolkit.   The NSA’s “digital plumbers” offer their services to other parts of the NSA through a catalog, reproduced here on Zerohedge. There are even prices for services offered.

Of particular note in this latest round of NSA revelations is the complicity of technology companies.  ANT (Advanced Technology Network [group]) offers malware and hardware for use on computers made by Cisco, Dell, Juniper, Hewlett-Packard and Huawei. What becomes clear is that the NSA doesn’t actually hack as much as they collaborate with and financially compensate technology providers on backdoor access into their technology.

Apple’s devices were singled out by Jacob Applebaum at a recent presentation to the 30th Chaos Communication Forum as being wholly compromised (here is a video of the actual presentation).  Apple has since denied complicity, but this strikes me as hollow, given the extent of the NSA’s work on the Apple platform.

As troubling as they are, the NSA’s digital surveillance activities should have been expected, whether by the NSA or someone else.  What this really reveals is that digital security is a total farce.  Good guys, bad guys, corporations, just about everybody wants to get the goods on some else for some reason.  Even if the NSA gets shut down, Pandora’s box has been hacked and compromised.

Welcome to Web 3.0.

Update Feb06: TomDispatch has a thorough expose on the overall state of insecurity and surveillance.

Update Feb24: Apple iOS security flaw looks suspiciously like it was an NSA backdoor inserted by an Apple developer.  The flaw, called “Gotofail,” allowed hackers or other actors — e.g. spies — access to theoretically secure data transmitted through wireless connections or along a shared network. Such data includes credit card numbers and other personal information passed on when establishing a connection between a customer and a merchant’s point of sale.  The flaw was a simple one, an “if” clause nested deep within lines of code.  Apple has vehemently asserted that it did not cooperate with the NSA to create backdoors in its devices.  This could have been an Apple employee operating on behalf of the NSA but unbeknownst to Apple, or Apple was, in fact, complicit with the NSA.  Who knows.

This entry was posted in spy vs spy. Bookmark the permalink.