It is entirely possible it is survivor bias on my part but I get the suspicion that a global sort of 'cyberwar' that has been rumbling along for years is heating up rapidly. I've seen a 10x increase in various scripted attacks being attempted (patch early and often folks!) and a number of APT level compromises of systems either staging malware or deploying it (see the latest bulletin on the Afghan government compromise). And of course the whole Free Syrian Army / ISIS / terrorist nom de jure attacks.
I can't shake the analogy to pictures from WW II where shop keepers were huddled in the back while soldiers fought from the front of the store. I see innocent servers being 'occupied' by enemy malware so that it can launch attacks on other servers further into a protected network.
Fortunately in this modern version of war you can "kick the soldiers out" of your server by bringing it down and re-imaging it. And they won't turn around and shoot you, but that is not all that comforting somehow.
> It is entirely possible it is survivor bias on my part but I get the suspicion that a global sort of 'cyberwar' that has been rumbling along for years is heating up rapidly.
It might have been a freudian slip or some kind of intuition, but when I was describing my life plans to my family, I said something along the lines of "I don't want to manage people, I want to stay on the front lines with the code." Except I don't want it to be scary, because I can't take anymore of that in my life. So what I really mean is "deploy knowledge bases" and that I choose to work in education. So I continue to stand on a soapbox of 'ethical coding' and I continue to request the ability to separate the responsibility of the developer from the technological applications to warfare. I just want to code difficult stuff, with intense mathematics and abstractions, and solve hard problems. I don't want people using that to hurt other people, and people who don't code don't seem to get that.
People wonder why I get depressed, and to a lot of people it probably looks super dumb and selfish, and I've lost a lot of friends over the years over things I couldn't really explain. People say I over-analyze things and that I think too much. Maybe I do, maybe I don't think enough. It's pretty easy for me to have these opinions when my life is stable.
It is a difficult place to operate from. One of the things that depressed me about robotics for a long time was all the investment in robots that could kill other people.
The logical conclusion though, is you can either own that problem and spend your efforts on developing and making available countermeasures to code that can kill, or you can let go of the problem. In a similar way when you have kids you want the best for them, but at some point you have to let them be the individuals they will be, for good or ill.
Letting go of that which you don't have influence over is, for me, the hardest part of being an adult.
> A novice asked the Master: "I perceive that one computer company is much larger than all others. It towers above its competition like a giant among dwarfs. Any one of its divisions could comprise an entire business. Why is this so?"
> The Master replied, "Why do you ask such foolish questions? That company is large because it is large. If it only made hardware, nobody would buy it. If it only made software, nobody would use it. If it only maintained systems, people would treat it like a servant. But because it combines all of these things, people think it one of the gods! By not seeking to strive, it conquers without effort."
Mark Pauline of Survival Research Labs gave a talk at SIGGRAPH some time during the 90's, about a project he was working on that involved enabling letting people operate lethal weapons over the Internet in an environment that somebody might actually get killed.
His goal was actually to provoke Congress to explicitly pass a law against tele-operating lethal robots.
I've heard opinions along the lines of "thinking too much" countless of times, at first it was kind of depressing but later I've concluded that if you just like to think and analyze things in your mind (which is not so popular thing to do when you consider general population, sadly), people who voice such (negative, I'd say) comments didn't really think about this deeply. Over-analying can be a serious problem (consider some forms of OCD), but when you can somehow control it (but not constrain) it's ok to think as much as one like ;).
Yea, the repetitive analysis usually stems from using the same model of which to analyze the data by. It's insufficient. That helps me turn it off, listen to other people, go about my life, learn new ways of thinking, connecting, interacting, helping, participating, and then I continue to re-evaluate myself, existence, and my place in it. I still can't shake the depression, though. Unless the entire world existed in a state of neutrality or bliss, I don't think I could. It's just an echo of sadness, something I have to distance myself from internally and examine scientifically, which allows me to remove it's control over me, and instead direct myself in ways I can improve the world, but, /shrug. I'm not perfect and I'm never going to exist perfectly and life is never going to be perfect, if perfect even could exist.
If it helps, I find that analysis helps stave off depression. Having a focus for something to intellectually chew on helps me a lot. So while I've been accused of over-analysis, sometimes it's simply me printing what I had been mulling over while idling; if I ever stopped doing that, I'd drown in my own mind.
I sometimes find it hard to differentiate between analysis and drowning in my own mind. I seem to purposefully pick problems that have no answers, and if I feel myself getting close to an answer, I make a mess of it. It's either fear of learning that I have lost the ability to succeed, or fear of actually succeeding. I never thought anything in the world could break me that much. I thought I would die before that happened. But it's all useless to think about, on the other hand. I feel like I'm searching for an 'it', without knowing what 'it' is - without using the world's point of views, perspectives, or ideas to define the value of 'it'. I do not know what will happen when I find it, or whether I will ever find it. Maybe I already have it, and I just don't know it.
I don't think that the scenario you're sketching here is far fetched at all. Code re-use and recycling inside technical companies is very common. If any code you wrote there turned out to be great/good at something you'd never know where it might end up. Perhaps in the processor of some killer robot in the future.
I wonder where the code that is running inside the drones today comes from. Some one who never meant to be involved in those things must have written either the compiler, specs or actual code that these things use to do their killing, I can't imagine any company (no matter how secure they might want to be) designing a completely new processor architecture and tools and compilers and all that from scratch.
I've had job offers for programming drones. I was involved with computer security for a while, and I still have a strong interest in every computational and mathematical aspect of it. I have friends that work on those things. I like those friends. I write code. I write math. We all think. We all share abstract models, different ways of thinking. It's not just code that gets turned into code. It's thought, and everything else too. I hate feeling like my thoughts can be used to hurt people. I hate feeling like the act of choosing to exist can cause harm, but looking at it that way is like saying a tapestry is no longer a tapestry when one thread is pulled from it.
I still love math, and I still love computer science. I just don't want to use it the way the a lot of the world uses it, and I don't know how much thinking I have to do before I can create code that I am satisfied over being both intelligent and humane. It's absolutely ridiculous, sometimes. Sometimes I can just stare at a cursor blinking on an IDE and feel like I'm falling into a void of 'what ifs'. Other times it is like there is no difference between myself and the machine. And then I wonder whether I'm thinking enough, again, or am I letting calculation and logic get the best of me. Have I abstracted this problem too much, too far away from reality? Does anything I think matter at all? My life continues to improve, but suffering still exists, and I feel like it is almost taboo to talk about in this way. But what is the point of existing if you can't actually make real improvements?
Have I abstracted this problem too much, too far away from reality?
I'll say. You could throw it in and go work as a coal-miner, but then you'd have to worry about the coal you mined being used to smelt steel that goes on to be manufactured as bomb casings. And so on. Certainly you shouldn't work on anything that offends you conscience, but the mere fact that something can be repurposed for warfare doesn't create moral responsibility.
This isn't to say that worrying about war or your personal purpose is misplaced GH Hardy opined that ballistics was 'repulsive' both because of the moral purpose and the triviality of the mathematics involved, and there are more musings on the ethics of that sub-branch of math here: http://www.augustana.ualberta.ca/~hackw/mp480/exhibit/ballis...
But as long as you're knowingly working on some sort of combat system, it's folly to beat yourself up over the limitations of foreseeability and the vague possibility that something you craft might turn out to have military utility which you din't intend at the time you conceived it. Instead, look for ways to provide utility in other areas.
I know. I might as well blame myself for breathing out air that is used by a tree that is used to build a house that houses the person who pushes the red button of destruction. It's like tunnel vision, following one path of articulation that follows the model of a logically sound abstraction. Things may be connected, but, causality with regards to the relations between mind to mind is very difficult to understand.
But you are right. I look to provide utility in areas where the net effect seems most likely to be positive. When I can't evaluate that entirely I just assume neutral or no effect, it sort of just dissipates over time, like a wave collapse function, assuming entropy, or some manner of mental equality among peers.
Of course then your country could lose a war because it had insufficient technology, and you'd get to wonder if you contributed to that (you would have, though so would everyone else).
Or because you didn't work on guidance systems, you could wonder if that was the reason the near miss which causes a lot of civilian deaths happened.
Or you could note that the use of military power is not really constrained by technical limitations and never has been, but the effect most certainly is, and start voting and advocating politically which would be more effective at stopping wars in every way.
But then you would have some much more direct responsibility for how the various conflicts turned out.
That's always the problem, is how much and in what way can you dedicate yourself? And is it more a waste to spend idle time analyzing this than actually doing something? But is it the doing that creates the problems?
I don't have the energy for that. These situations are so complicated and they never seem to get resolved. As soon as peace comes someone sees that as opportunity to manipulate (or is the perception of that what causes it to happen?)
I'd rather just stare at math and code, seriously, even if it doesn't talk back like a person. At least it's not crazy.
I'd draw the line at actually making the code, or sharing real theory with someone else.
I don't think that it's fair to condemn oneself because his/her ideas could potentially end-up sparking an idea about killer drones in someone-elses mind. In the end we're all very much alike, and it doesn't take much to transfer a few missing links if you know and they don't.
In the end the same laws of nature rule in all our heads, and while it seems like each and every one of us are our own compartmentalized observers, it's not until you think a good long while about the principle of locality(and most of the other fundamental laws) that you understand that it's the other way around.
Thinking this way for me is peaceful. I can't believe in god or another entity but to follow this chain of thought always leads me to consider that I'm part of something greater and more important than one single life can ever hope to be. I guess these days I see humanity more as some sort of super organism . Just as I emerge from individual cells so does humanity emerge from all the humans inside of it. I just try to do my part inside the greater of humanity, and I leave it at that.
> I wonder where the code that is running inside the drones today comes from.
I interviewed a candidate for a job once who wrote code for military drones. He didn't think it was bad that they were used to kill innocent people. In fact, he thought it was awesome. There are a lot of coders who have a low moral bar and will code anything for money. These are the people who write this kind of software.
Jim: Dr. Rawlin, do you remember how we had helped build the runway? If we died like the others, our bones would be IN the runway. In a way, it's OUR runway...
Dr. Rawlins: No it's THEIR runway, Jim! Try not to think so much! Try not to THINK so much!
One of my favorite quotes of all time when I dealt with similar issues myself, from Empire of the Sun.
I just sort of picture humanity as ants, building a little colony made of silicon and symbols. It's just nature, a natural outgrowth of our existence. It can manifest in any direction, and the direction it is supposed to go in is the one it does. It's more zen than happiness.
Did you even read the post? This has nothing to do with "cyberwar", "terrorism" and other scaremongering words you used.
His servers were taken over by law enforcement. You're free to call them cyberterrorists if you wish. These days it's hard to tell the difference in tactics between malicious rivals and your own government anyway.
I'm surprised that this comment has been voted to the top.
First, it has little to nothing to do with the comment posted, which concerns not a "cyberwar" but the possible police seizure of a Tor server. The assumption is it's either a false alarm or a police raid. No one thinks this was done by ISIS.
Second, a post using the word "cyberwar" in a non-ironic manner at the top of HN?! O tempora o mores!
So while your observation about an increased number of scripting attacks is interesting (assuming you did in fact establish a reliable baseline) it's in a strange place.
I don't know, sometimes something in an article triggers another stream of thought or tangent, and its a comments section, and other people might want to discuss that. I don't necessarily agree with the comment (as I have next to no visibility of this) but certainly don't mind reading comments on it. Maybe I'm wrongly using the site!
I like tangents on HN, too, and I like discussions. That wasn't my point. It was that the comment apparently misunderstood or didn't read the linked message.
Obviously I can't comment on why things get voted or don't get voted on, my observation is that people upvote comments they enjoy or agree with and down vote comments they disagee with and/or would rather not read. But I can respond to your other question.
> Did you mean to post elsewhere?
No, I meant to post it here.
The author, Thomas White, writes of losing control of his Tor exit node servers, not to this audience but to the folks who read the tor.user newsgroup. Robert, aka chummm, posted it here as being of interest to the community. His was one of a series of articles/notes being posted here that have described potentially state-actor level activity. And there has of course been quite a bit about the Sony hack in the news. I also happen to run a fairly large internet visible infrastructure which acts a weird sort of observation instrument for the network as well.
I presume that Robert submitted it here because he felt it was interesting, and a number of people concurred with him. And after reading the article of yet another person finding themselves on the receiving end of external forces trying to compromise their systems, it crossed some vaguely defined threshold for me between crystallized a thought that has been tugging at my subconscious for probably a month or more. That being that the the number of and frequency of penetration attacks is noticeably higher now than it was before. Yet I don't keep some sort of threat index or anything, I just get to see the number of things my automated defenses have fended off, or the clusters in the datacenter. And I allow that it is entirely possible for the combination of lots of computer intrusion in the news cycle has combined with perhaps a lot of bored teenagers on winter break or something to create something illusory. But as this story brought that observation to the forefront of my consciousness, I thought I would share what I was observing here, in the comments people are making about this story.
Yes, it's a very interesting post, and I'm glad it was posted here, regardless of how things turn out.
Your comment/observation is also very interesting, but had little to do with the Tor issues. So I was confused.
But I get sometimes things trigger tangentially related things, which is as you've said what happened here.
And thanks for addressing my comment is such a polite manner, especially after my snarky critique of your use of the word "cyberwar". Apologies for coming across in a negative manner, if you took it that way (except for the 'cyberwar' bit, I wasn't actually trying to be negative, I was mostly just confused about the comment's context).
> I'm surprised that this comment has been voted to the top.
Chuck's been around HN for a while, and has insightful comments frequently - that he posts this sort of "radical" comment implies that a non-nut is seriously considering it and quite possibly it's worth pondering as an idea.
Yes, my comment was that I didn't get why ChuckMcM posted it in this particular context, not who he was. I've also been around HN for a while, not always under this username.
These are pretty standard plays in seizing computers these days.
One should note that the grsec linux patchset has functionality to not load drivers for any plugged usb devices, as well as log when it happens, possibly resulting in action being taken.
If the server were configured to sleep unless the mouse is jiggled, it would already be asleep. Thus, using a "mouse jiggler" or similar is pointless, and risks detection.
Wouldn't surprise me if there's some standard procedure for police raids that doesn't distinguish between the two. Keep in mind it's generally not the experts who go out to the various locations.
TXT doesn't rely on the LPC bus on modern motherboards because the TPM is integrated into the Northbridge.
If any government agency can break TXT it'll be the NSA and I don't know if they are in the business of handing out their best exploits to random police teams at the moment.
How "modern" is modern? I understand there are some TPM implementations out there that are on-package, but there are still new servers being sold with TPM headers that I would expect to be easy to interpose.
Regardless, this whole thing turned out to be a false alarm due to a KVM device being attached.
Might be an interesting strategy to only allow one USB port to be used and if any other port is activated the machine self-wipes. Dell servers have an internal port along with the front and back externals.
>Will Wright, the creative mastermind behind SimCity and The Sims, spoke last, charming the crowd with a fluid mix of academic design insight and brash humor. "I'm convinced that if she was alive today, she'd be an Internet addict," Wright began. Citing television show Futurama as a key influence, Wright presented his idea for an Emily Dickinson desktop agent. Wright explained that, like a mix between Tamagotchi, the Microsoft Paper Clip, and Seaman, the Dickinson agent would be moody, portable, dependent, somewhat annoying, and observant of all your computer-based actions.
>Wright envisioned that the agent could be sold on USB memory sticks, in order to cleverly "backdoor" the program to unsuspecting customers. "USB Emily," as Wright dubbed the agent, would then interact with the user via IM, e-mail, and pop-up messages. USB Emily might snoop into the user's programs and documents in order to find keywords to comment upon or send poems about. Over time, the user would "slowly bootstrap a relationship with her."
>Referencing some of the emotional problems from which Dickinson suffered, Wright explained, "I want to put the player in the role of her psychotherapist." In one scenario, the player might help USB Emily through her problems and eventually befriend her. But in the two "degenerate cases," USB Emily might either become romantically obsessed with the user (a reference to her often erotic poetry) or fall into a suicidal depression (in which case the program might delete itself).
>Will Wright's was the final design up for consideration, and was a truly inspired idea. It included such charts as the one to the left, showing the overlap between Emily Dickinson readers and GTA players.
>Then he put forth his goals. He wanted to have the mood dependency and portability of a Tamagotchi, the helpful/annoyance of Clippy, and the relationship and creepy aspects of seaman.
>What he came up with was USB Emily Dickinson. The game would be a small program bundled with a USB memory drive, which is now a large business and an almost impulse buy. The "Emily" program would sit on the drive, and would occasionally interact with you in order to begin to derive an emotional relationship with you.
* These interactions would include Instant Messaging, email, and interruptions while writing. Over time, the program would develop a model of behavior depending on how you'd interacted with it. Will's thought was that, while you could eventually get her to a stable state it was more likely that she'd become romantically obsessed with you, or suicidally depressive. In the latter case, he said, she would have the option of deleting herself off the USB drive.
>To respect the license idea, again, Wright opined that the program could be adapted for any famous figure, and to have many different USB individuals operating on the same computer. If you had enough ports you could even have them interact with each other through natural language generation. Thus, you could slot drives to view a conversation between Marx, Twain, and Homer Simpson. While all of the ideas were stellar, Wright took home the first prize for the second year in a row.
Does ISIS really have the resources to carry out criminal computer activities? From what I understand, they are a group with limited technological advantage, and there is no way they could carry out a major attack on the Internet.
Must admit I'm slightly amused that this is even being considered as a plausible theory. They're busy executing elderly with AK47s...thats very far away from physically cracking open servers in a western data center and inserting USB devices with targeted attack software.
It is not merely the uneducated who can subscribe to extremist ideologies.
When the unskilled highschool grad gets off the plane and signs up, they are going to give him a rifle. When the engineer gets off the plane and announces himself as such, there is a chance that he will be put to better use.
>It is not merely the uneducated who can subscribe to extremist ideologies.
Indeed. And I'll happily concede that point. I (and many other) are just surprised at the thought process...physical hardware attack in (presumably a western data center)...and the thing that comes to mind is the ISIS??? Really if you tell me Russia I would have bought it. Same for China, Korea, Turkey etc...but jumping straight to the cliched CNN "terror org" that is the flavor of the month...please...
Sadly, the fastest route to martyrdom is quite literally by biting a bullet, so no, AK-47's all round. Keyboards don't have quite the same sacrificial qualities.
I can imagine that those AKs are just the front. There might be someone or some organizations that sponsor the extremists. Money or otherwise. People who might benefit from instability, hatred towards the US etc.
[Ace is having difficulty with throwing knives]
Ace Levy: Sir, I don't understand. Who needs a knife in a nuke fight anyway? All you gotta do is push a button, sir.
Career Sergeant Zim: Cease fire. Put your hand on that wall trooper. PUT YOUR HAND ON THAT WALL!
[Zim throws a knife and hits Ace's hand pinning it to the wall]
Career Sergeant Zim: The enemy can not push a button... if you disable his hand. Medic!
To assume the only adversary is ISIS would be extremely foolish. Any actors within a system side with particular groups and ideologies. The Tor project maintainers align to an ideology shared with many other groups, just as ISIS align with a shared ideology, NSA/FBI etc share another... More likely NSA/FBI/nation-state level, or a large hacking group, although the former has clear motive here. ISIS has little motive for this. Use your common sense.
Re: his edit, thank you for your compliment, but I just think there are more constructive ways to approach most conversations than accusing people of talking out of their ass, or calling them losers. :( If you truly were banned for arguing with someone important, that's unfortunate, but I saw two good reasons to ban you in your most recent three comments. Maybe I just caught you on a bad day.
With good reason, based on his posting history. It's pointless to warn someone like this that they are hell-banned. Any new account they make will suffer a similar fate within a small handful of posts.
I considered partnering with a data center owner in the US until I learned that his organisation was monitored by NSA for doing bad stuff in Syria. As you say, of course ISIS and similar organizations has supporters among "ordinary people" in EU and US.
Oh, the whole cyberwar situation is far from "hopeless". The truth is nobody to speak of has taken it seriously yet. Security is still mostly an afterthought, if that, almost everywhere you look. Even in nominally security-focused contexts. And much of the activity in places that really are security focused are built around an environment in which software must be assumed to basically be constructed out of styrofoam and radioactive waste, so they end up looking very restrictive in reaction to this reality.
I'm fairly convinced that if we all really tried we could secure things much better than they are today. The personal tripwire I've been watching for is when it finally becomes simply general knowledge that C is completely unsuitable to write security software in and C++ is pretty damned dangerous. (Many people know this, but a large contingent will still push back on that. Once we get serious about security, one of the things that will have to happen is C is going to have be evicted from its current privileged position.)
Lest I sound utopian, yes, this will require immense effort. My point is precisely that we've never really tried that level of effort yet, not that the effort will be low. There's no real reason that the Internet actually has to be made out of swiss cheese, but it will take a significant change of viewpoint before it will be resolved.
> Security is still mostly an afterthought, if that, almost everywhere you look... yes, this will require immense effort.
What I keep thinking, though, is, what would be the total dollar cost to make security a forethought, with information technology being pretty ubiquitous? I think it might actually have serious economic impact -- is it possible we literally can't afford security, as a society?
I think we could, because once we started down the path of taking security seriously, we would get better at it. What you see now is largely us not even trying. Well, just barely trying, maybe; not trying at all was the 70s. But there's still too many places where 'industry best practice' is insecure, and where even on places like HN you'll get serious fights over whether or not strong typing or even languages that prevent buffer overflows are worth it, to say nothing of what the industry at large thinks.
But there would have to be some pretty significant changes in our languages and how we program, and it probably would mean things like a certain slowing down of the rate of feature delivery.
In the long term, being unable to afford security is being unable to afford computerization at all, and the efficiency bonus is so great from computerization that it's hard to believe that we couldn't figure out how to make it work.
That's the thing. I know this is sacrilegious to say, but I wonder if the efficiency bonus from computerization really is so great, or would be, if it wasn't built on a pile of crap.
It's not ridiculous to say at all. But I think that even slow computerization is orders of magnitude better than without. And by slow, I mean like kiloflops. In all seriousness, people used to use punchcard machines and were damn glad for it, as the computers before that were even slower and more expensive. And a few generations of machines before that computers were people who computed.
We'd definitely still be using mechanical computers. But I could easily see lots of eye candy being stripped out to conserve cycles (after all, having a 3D desktop on a Pi isn't all that useful :)
Yeah, that's pretty much what I mean. We could live on a great deal less than we actually have now, and I mean, we could live quite effectively. The transition would hurt (or perhaps rather, will hurt), but in the end I think we'll all end up surprised by the fact it wasn't harder. Think Y2K here. Probably bigger than that, but in the end, more blip than crash.
Big blip, though. But at the current rate we're headed for that anyhow, regardless.
The problem with "how much" is this: as the dollar amount of loss increases, the distance between "the owners of the money" and "the people responsible for keeping it safe" also increases. I make sure I know where my wallet is, but Jeff in IT won't lose billions (or a clueless CIO, for that matter).
A serious security push might raise computing costs to the point where some low-margin computing activities become unprofitable or folks like Amazon push less into expansion/R&D to keep budgets balanced, but I think it's likely that most computerized activity would continue. Folks are gonna still gonna wanna watch Netflix or blog about cats.
>what would be the total dollar cost to make security a forethought
There isn't one. There are too many people involved who categorically refuse to consider security, and there is no way to fix that in a reasonable time frame. We'd need to fix the education problem and then wait for a whole generation of new people to go through it.
I agree about C and C++, but is there a language that exists today that you think would be better for writing security-conscious code? Should a language be invented that is specifically for writing security-conscious code?
Basically all modern languages with strict type systems do better than C or C++ when it comes to security. Anything JVM based can't be buffer overflowed or double-free/use-after-free exploited, for instance.
Now if you go with a weakly typed language like Javascript there are a whole other class of bugs that can bite you:
C is a great replacement for C. No, I don't mean that as a joke. Using C as a low level language and proving it correct via a higher level language gives you the performance of C without the security problems: http://sel4.systems/
It has already happened, you just don't know about it, and neither do I. I've had experience in the scene for many years. Though I don't go there these days, I can almost guarantee that the big players have long had their databases downloaded and spread throughout multiple nations.
Fortunately in this modern version of war you can "kick the soldiers out" of your server by bringing it down and re-imaging it. And they won't turn around and shoot you, but that is not all that comforting somehow.
Until "DeathRay3000" becomes a standard peripheral it is slightly comforting...
Overall, I worry more about the hacks I haven't detected than those I have. Re-imaging is a pain, but not as much as not knowing your server is secure.
A Dutch tech news site [1] published the news on their site and got in contact with the ISP Snel:
The ISP told Tweakers that the account of Thomas White was blocked due to a security policy of the company. The customer let a deadline for verification accidentally expire and logged in through KVM. "Some KVM's generate a USB event when you use it to set up a connection to the server, this is what the customer just notified." - according to the ISP Snel. Meanwhile, the man's account is released.
Few quick points (that I found most interesting, click link to read everything):
"The likelihood of this being the work of law enforcement seems to be lower than originally anticipated. This is good in many ways but asks more questions than it solves right now."
"Support staff at the ISP have confirmed to me there has been unauthorised access to my account. This could be down to the fact I access the control panel often via Tor (yes, using TLS before anybody asks), however it does raise the prospect of a non-LE person(s) being behind this but does not explain why a chassis intrusion was detected for example or anything else to do with on-board sensors."
"Again, at this moment in time I am under no gagging orders or unreasonably withholding information under orders."
Interesting to see this play out in realtime. This message just showed up in the thread[1]:
Node fingerprints are as follows, please blacklist ASAP. Some servers are
accessible via their KVM again but not networked.
D78AB0013D95AFA60757333645BAA03A169DF722
6F545A39D4849C9FE5B08A6D68C8B3478E4B608B
5E87B10B430BA4D9ADF1E1F01E69D3A137FB63C9
0824CE7D452B892D12E081D36E7415F85EA9988F
35961469646A623F9EE03B7B45296527A624AAFD
1EA968C956FBC00617655A35DA872D319E87C597
E5A21C42B0FDB88E1A744D9A0388EFB2A7A598CF
5D1CB4B3025F4D2810CF12AB7A8DDDD6FC10F139
722B4DF4848EC8C15302C7CF75B52C65BAE3843A
93CD9231C260558D77331162A5DC5A4C692F5344
A3C3D2664F5E92171359F71931AA2C0C74E2E65C
575B40EF095A0F2B13C83F8485AFC56453817ABF
27780F5112DEB64EA65F987079999B9DC055F7C0
54AA16946DB0CF7A8FA45F3B48A7D686FD1A1CEF
1EB8BDA15D27B3F9D4A2EDDA58357EA656150075
17A522BC05A0D115FC939B0271B8626AAFB1DDFF
1324EC51FBFA5FD1A11B94563E8D2A7999CD8F57
Update on twitter: https://twitter.com/CthulhuSec
"People have taken my mere suspicions way too seriously. I haven't even mentioned a specific agency and the theories are already flowing."
In the first original email, he writes "At this moment in time I am under no gagging orders or influence from external parties/agencies. If no update is provided within 48 hours you may draw your own conclusions."
Please may I call your attention that this canary paragraph is missing from the latest tor-talk update. Draw your own conclusions.
IF we take the strict differences of the phrasing, we could say he's reasonably withholding information by request. Incorporated with the timeframe, this could be anyone — but given his response and the extra 250+ twitter followers today, he's probably been reminded the cost of drawing conjecture in public.
I am thinking this guy is very exact and precise in his phrasing, especially with regards to a canary. He's a crypto-geek, anarchist and running an exit node and this crowd knows Alice is not Bob.
He knows what he says will be scrutinized by thousands. Why wouldn't he be very careful in what he says?
Based on his first canary vs the last, he could, as you say, "reasonably" be withholding information on request. Perhaps terrorists, kitty pr0n or the threat of jail is reason to him. Good resons, who knows.
He could also be under the control of someone that asks him to add new, lie or modify information.
Worse reasons, perhaps.
Either way his first canary reminded us that whatever he says now needs to be treated as possible disinformation.
Further, his subsequent posts to the mailing list[1] are missing the canary entirely, but everything has been addressed except for:
> 3. The DC has confirmed via Twitter that the servers were not
"accessed". Having been raided in the past I know indeed they can be
forced under Dutch law not to inform clients of raids, but I don't
feel this may be the case. With that being said, a chassis intrusion
indicator still must be addressed and I cannot find it in the logs
anymore. The DC company are not the people who I directly interact
with however so I am still awaiting a direct response form those we
host the server with.
Either way, it's not a direct raid or seizure, if anything a backdoor installed by someone at the DC, but honestly at this point you have to accept the possibility and either accept/balance/mitigate the risk or get new hardware.
> He knows what he says will be scrutinized by thousands. Why wouldn't he be very careful in what he says?
Because he's under time pressure?
If his paranoia was true (after all, paranoia doesn't mean they aren't after you), he could have had little time to get his message out before he would have lost his network access. At that moment, timeliness would have been more important than precision; what mattered was that the directory authority operators and mirror users knew that his servers were potentially compromised.
How did these criminals penetrate the ISP? Is there security footage? It should be no trouble to identify the perpetrators and have them arrested if their pictures are posted online.
Your comment is indicative of the crisis of legitimacy that has infected our governments, and most of the institutions of stability in our global society. It seems like a small thing; but once the perception that the forces of law and order are themselves lawless exceeds a certain critical threshold things begin to change rapidly. Indeed the United States itself came to be in the wake of the erosion of the legitimacy of Englands colonial government.
There won't be an announcement; but once that threshold is crossed events begin to move rapidly and forcefully and do not stop until a new arrangement of powers is found that society can scaffold itself upon. Who knows what will be the stable state of a world seeded with the idea of networks and knowledgable in their subversion and subornation.
I'd love to see some historical basis for this supposition that there is a natural counter balance to "lawless" power. First of all, your premise presupposes that there is some standard of "lawfulness" against which the existing power structure can be judged. If the powers that be are faithful to their own interests and rules then by definition they are lawful, since they create and administer the law. Your appeal to a higher morality (I assume, since I don't know what other standard there could be) makes a good muse for an artisan, but I see no evidence in the long, bloody history of our species that it acts as some sort of automatic restorer of natural order. Quite the contrary, in fact. It is the current state of affairs in some Western countries, in which the citizens have leave to consider whether their governments are lawful and ways to act if they are not, that is the exception.
I fear that we are talking past each other and have different readings of the same words; and vastly different conceptual backgrounds.
Map political science onto the sandpile model [1] to get a first order approximation of the framework of analysis I'm using from a macro perspective. On the micro level of individual perception; what matters isn't merely the perceived lawlessness of the elites and of the guardian castes, but the growing sense that "If you play by the rules; you're a sucker." And depending on your level of investment in the current order that sense can be a powerful motivator to working around limits that were introduced to promote institutional stability.
And if most peoples reality is that the ruleset they're working off of is largely economically workable only because it's technically illegal... that's inherently unstable.
Any institution can fail at any time, given the right trigger. The difference between a stable institution and an unstable one is the range of triggers that will destabilize it. When the legitimacy of an institution is threatened, this can only broaden that range.
So you're right to point out that there is no "threshold" as stated by the OP, however the frenzy with which the US government is undermining its own legitimacy as well as that of many other Western governments, does not bode well for our civilization (Western or otherwise).
olefoo mised two issues two issues - lawlessness and illegitimacy. Legitimacy in political science just refers to the public acceptance of authority (and the perception that everyone else accepts it too). In the US, that legitimacy happens to be tied to the belief that the authorities are bound by rules. Loss of legitimacy is a very serious issue for any political/legal system, but of course sometimes it doesn't lead to the collapse of the system, but rather a search for a new means to legitimate the old system - for example, the PRC's adoption of economic success as the basis of legitimacy rather than Communist ideology.
If there was a warrant, we should be able to get that information, and act on it, and figure out how to avoid it in the future.
Which comes to an interesting situation: if this was acted upon by NSL, here there's proof something happened, so how does that get explained without breaking the gag order?
Wonder what shenanigans the USB device is up to. A bootable drive for flashing backdoored bios/hdd firmware or keylogging? Snapshotting the HDDs? 0day'ing the kernel USB stack?
Probably just a USB stick with Second Look or a similar tool on it. Very first thing you do is dump the running memory on the system. Then you pull the drives, plug them into a write blocker, then image the drives.
Modifying anything before you have a complete forensic dump is a big no-no because you need to preserve evidence.
A Linux server (I'm guessing for no particular reason it's a Linux server) would have no reason to automount a USB stick, and its console would be at a login screen (so a HID device would gain nothing).
So my guess for the intrusion scenario would be a "cold boot" attack: plug a specially prepared USB stick, open the server case, short the reset pins in the motherboard (AFAIK, modern motherboards still have the pins for the reset button, even though modern cases don't have a reset button anymore), and tell the BIOS to boot from the USB stick. The USB stick then dumps the memory, which still has data from the previously running system (since it was an unclean shutdown), with some luck including cryptographic keys.
That scenario would also explain why he briefly saw the server back on the KVM: they might have been using the KVM to interact with the BIOS.
The defense against such a scenario would be to aggressively shut down all processes and kexec to a memory-wiping kernel as soon as any unexpected device (not only USB, but also PCI and others) is seen, or if the case is opened. Also make it send an alert message through the network with the details whenever it's triggered, to be able to diagnose why the server shut down without warning.
But there's another possible scenario: the "bureaucratic confusion" scenario. It's possible that the systems at his hosting location got confused, and thought he was no longer a client. The apparent intrusion would be a techie repurposing the servers for another client.
Seeing how this is a targeted attack on an exit node specifically they're not going to be interested in dumping whats on the system for evidence. Even an idiot will know that someone running a TOR exit node isn't going to be a big fan of logging traffic in detail. Has to be an attempt to keep the node running but in a compromised state...
When you are going to take control over a machine you have physical access to while it is running, you should always dump memory because it might, among other things, contain disc encryption keys.
> The Raytheon Company is a major American defense contractor and industrial corporation with core manufacturing concentrations in weapons and military and commercial electronics.
I understand that as I googled it before asking the question. It's advertised as a tool to analyze memory dump, not to take them, but I have no doubts they sell tools for that as well. If you know how they work, please tell.
The USG is not a monolithic entity. The State Department loves TOR, for the reasons you list, while Justice hates it. The Justice Department does not need State approval to get warrants and take down servers, nor do they need State approval to work with their foreign partners to do the same.
The US/EU governments run their own nodes. Why WOULDN'T they take down third parties that aren't willing to give them the access they need to sniff traffic? Their support of dissidents in other countries doesn't require private nodes to exist.
Feel free to drop the 'even' in that sentence. Just say the magic words 'child pornography' and the judge will go and install that bug himself. Tor has a very bad reputation in The Netherlands, I think just saying it's a Tor node might be enough reason for a judge to sign off on an eaves-dropping warrant.
Even on a more practical level, aren't all major hosting providers ones that follow standards where getting a USB drive onto a server would be extremely easy to trace back? Where was this guy keeping his servers?
Several nodes are going to go back online and are being requested to be un-blacklisted. "I have emailed some of the DirAuths to remove several nodes and IPs from the blacklist that we feel confident have not been breached or compromised in any way."
As the Tor community knew of a possible compromise in advance, what what is the purpose of this? Sounds like fear mongering by the TLAs with the aim to discredit anonymity within the network rather than actual malice.
Sorry, I think you misunderstood me... what I meant was - what is the purpose of the TLAs continuing with their raids if everyone knew it was about happen. That's what I meant by fear mongering.
It's possible that they suspect the servers are hosting other services/content and aren't just Tor exit nodes.
Other than that, I agree, I don't see what the point of this would be. Especially when there was some early warning. It is possible that the warning from a few days ago is entirely unrelated to this incident, though.
OK, they might simply seek control of those servers in preparation for some large-scale action. Or they are after some people who they know absolutely depend on Tor to operate. Just wild speculation though...
> Or they are after some people who they know absolutely depend on Tor to operate. Just wild speculation though...
Maybe this is related to the Sony hacks, the authorities could know about a forthcoming data leak or threat. Taking away a major source of anonymity could prevent the information getting out.
Off Topic: But out of curiosity what does a Tor hidden service keep in memory? Would there be any information that would uniquely identify the services it's running?
Given that they're often run in datacentres (either colocated or within a VM) - wouldn't a USB device capable of scraping RAM and dumping a list hosted .onions be quite practical for law enforcement purposes?
They're obviously finite amount of datacenters in each country/jurisdiction that accept bitcoin or sell VPSs.
What do you think is the business / legal risk of running few tor relays (no exit) nodes as a commercial company (UK or US based)?
One of my friends told me that he would be afraid of the potential of freezing company assets if someone start investigation and those nodes would be part of that case.
It is entirely possible it is survivor bias on my part but I get the suspicion that a global sort of 'cyberwar' that has been rumbling along for years is heating up rapidly. I've seen a 10x increase in various scripted attacks being attempted (patch early and often folks!) and a number of APT level compromises of systems either staging malware or deploying it (see the latest bulletin on the Afghan government compromise). And of course the whole Free Syrian Army / ISIS / terrorist nom de jure attacks.
I can't shake the analogy to pictures from WW II where shop keepers were huddled in the back while soldiers fought from the front of the store. I see innocent servers being 'occupied' by enemy malware so that it can launch attacks on other servers further into a protected network.
Fortunately in this modern version of war you can "kick the soldiers out" of your server by bringing it down and re-imaging it. And they won't turn around and shoot you, but that is not all that comforting somehow.