"Edward Snowden Reveals NSA's MonsterMind Program"

I'd like to say I've been been desensitized to being shocked but not to the value of being shocked. This though... shocks the hell outta me. Not that it exists but that someone somewhere approved this monster of a machine...facility.... township of a computer.


Popular Science

"The massive surveillance effort was bad enough, but Snowden was even more disturbed to discover a new, Strangelovian cyberwarfare program in the works, codenamed MonsterMind. The program, disclosed here for the first time, would automate the process of hunting for the beginnings of a foreign cyberattack. Software would constantly be on the lookout for traffic patterns indicating known or suspected attacks. When it detected an attack, MonsterMind would automatically block it from entering the country—a “kill” in cyber terminology.
Programs like this had existed for decades, but MonsterMind software would add a unique new capability: Instead of simply detecting and killing the malware at the point of entry, MonsterMind would automatically fire back, with no human involvement. That's a problem, Snowden says, because the initial attacks are often routed through computers in innocent third countries. “These attacks can be spoofed,” he says. “You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?”"


So much for Due process.

This is a strange revelation for software, or at least anti-malware software.

It sounds like a good idea but i think Edwards concerns are certainly valid. Any serious hacker or virus maker will know how to disguise the attack's origins unless of course they are using a remote control PC to launch it in the first place - so it makes the defense platform kind of defunct before it even does anything in the first place.

How about making networks more secure in the first place? Should that not be the prime idea?

Everyone of these leaks are a dent in the armor TPTB hoped we would never discover!

Keep them coming please! Perhaps with some acceleration at this point

The whole thing sounds a lot more like the Terminator movies with automated hunting and the beginnings of an attack. Maybe at the start is is just meant to stay in cyberspace, as the story goes. I would like to say I am shocked or surprised by such a program, but those days are gone.

a reply to: kwakakev

We'll just have to wait 5-10 years till robots are better developed than we will see software of likeness retaliating against humans in robot form.

Anyone who works with computers or software knows full well that there is almost always something wrong. Two things in the world that are infinite, the cosmos and human stupidity. Humans build the machine, humans design the software, humans maintain the software......what can possibly go wrong?

originally posted by: Rosinitiate
Anyone who works with computers or software knows full well that there is almost always something wrong. Two things in the world that are infinite, the cosmos and human stupidity. Humans build the machine, humans design the software, humans maintain the software......what can possibly go wrong?

Too right!

Where humans are involved, stuff can and will go wrong.

Sadly the criminals with a passion for chaos are more focused than the depressed guy with the job who works their ass off for a menial wage to prevent it.

a reply to: Biigs

Where humans are involved, stuff can and will go wrong.

It's not that it goes wrong (which it does) but holes come from the growing complexity. Networks and all their accompanying hardware and software is still in its infancy IMHO. The whole thing is becoming hugely complicated. Well beyond your everyday person to grasp. Thus you have two issues at work, fast complex growth and ignorance of the systems. Both these issues can be exploited by a smart person. When things grow to fast they may have holes in how they are built or mesh with other parts of a system and when you have ignorance well... that's easy to understand how it can be exploited.

As for automated defense systems, those are fine. A lot of attacks are from bots, zombie machines. Those are fair game for a return attack. Again, ignorant users are unwittingly being used for nefarious exploits. Automated attacks may shut them down, remove the malware, force them to stop using the same tools the bot netters use.

Two kinds of common attacks on a system, denial of service (botnets usually) and hacks. A single user attacking a machine is vulnerable because they have constant communication with the system they are attacking, they can be tracked. The longer they stay connected the greater the likelihood they will be traced. Automated defense systems could work just fine for both these accounts. Hollywood makes hackers sound far more wizard-like than they usually are.
Snowden talking about spoofing is much ado about nothing because it makes it sound like attacks cannot be traced to the sources and that just isn't true most of the time and again sometimes when under a big DDOS what you want to do is stop it. So attacking the bots is perfectly legitimate.


V

originally posted by: Antipathy17

That's a problem, Snowden says, because the initial attacks are often routed through computers in innocent third countries. “These attacks can be spoofed,” he says. “You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?”"


So much for Due process.

I guess they've determined
that there is no time for it....

and Russia needs to secure
their back door..

this type of thing is nothing new
buddy of mine wrote a program
many years ago

that did the same thing on a smaller scale
and would ring his pager every time it
knocked corrupted servers offline...
he even warned the people 1st
they had so long to address it...
& if they didn't ...tink offline

originally posted by: Biigs
This is a strange revelation for software, or at least anti-malware software.

It sounds like a good idea but i think Edwards concerns are certainly valid. Any serious hacker or virus maker will know how to disguise the attack's origins unless of course they are using a remote control PC to launch it in the first place - so it makes the defense platform kind of defunct before it even does anything in the first place.

How about making networks more secure in the first place? Should that not be the prime idea?

Ultimately, to attack any system, you have to direct internet traffic to that network. But there are third-party anti-DOS (Denial-Of-Service) services that will filter the traffic to your system for you, much like anti-spam filters. Their servers will kick in whenever data traffic reaches a particular threshold. A DOS attack itself requires a bot-net that allows the simultaneous coordination of thousands of computers to perform multiple network requests through one protocol or another; http, ftp, ntp.

In theory, they could send an equivalent amount of traffic back up to those individual IP addresses to jam their transmissions. Or even send a "magic packet" to shut down that hijacked node or server. Most ISP's also have shutdown systems in place where any PC sending out large amounts of internet traffic will be disconnected.

I would like to express my opinion that Popular Science belongs in a children's dentist office.

If the program were smart enough to sniff out attacks almost before they happen and instantly formulate a counter and send it without human involvement, could it not also be smart enough to detect the actual origin of the initial attack? I understand that someone could infiltrate a hospital and use a flash drive to send out the attack, but could not the computer program be smart enough to identify targets? Or smart enough to simply block the attack but do not counter?

These are questions I ask myself as a human. Maybe machines just aren't there yet. Why are we supposed to be afraid of this machine again?

originally posted by: elementalgrove
Everyone of these leaks are a dent in the armor TPTB hoped we would never discover!

How many more years from now will we be seeing supposed 'New' info leaked/released from him?

Not that I'm complaining just that it seems logical to assume that sooner or later he'll run out of material.

The skeptic in me wonders if he's been stretching the truth milking it for headlines now.

a reply to: SLAYER69

You and I alike. Make it seem like Russia and the US are fighting when it truth they are lying out the ass to us and shaking hands behind closed doors.

originally posted by: SLAYER69
The skeptic in me wonders if he's been stretching the truth milking it for headlines now.

How could they desensibilize the masses if everything would have been unleashed at the same time?

A little freedom there, a little fear there till one day, freedom lovers that have been raped from everything they have except their guns will realize that their guns have nothing to protect anymore.

Enen though Snowden's actions is everything patriotism should be, he's probably helping to pave the way to a NWO.

I think Snowden’s latest “revelation” is pretty lame. It kills me how so many folks just blindly accept anything he says as the Gospel, as though he’s the all-seeing, all-knowing tech warrior dedicated to saving the free world. Gee, maybe someone should tell the NSA about this spoofing thing Snowden talked about. Those cyber-dummies at NSA probably didn’t even think of that in their program. Thanks, Mr Snowden, you may have just saved the planet AGAIN.

Really, Snowden does seem to be running out of material, and his 15 minutes of fame is just about up. Desperate times call for desperate measures, I guess.

Look, I don’t like being spied on any more than anyone else. But personally, Snowden has yet to reveal anything that has suprised or shocked me in the least. What has shocked me most is the naivety shown by so many people about all this; especially since enactment of the Patriot Act. Maybe if more people paid attention to what’s going on in the world, instead of worrying about what the Kardashians are up to, we wouldn’t be blind-sided finding out what the government and major corporations are up to at our expense.

Let the good times roll...

a reply to: SLAYER69

Yes I absolutely agree! There seems to be no reason not to have a full disclosure at this point.

I try to give credit to the idea that they are doing it incrementally for some reason I am unaware of since I have not seen all of the documents, however I do find it funny that it is not full disclosure time. With these shady intelligence agencies you never can really know anything for certain. I do like that what I have been telling people since they passed the patriot act has been verified, I do not like the apathetic response!

I also like that the rest of the world is getting a clear confimation of what their intelligence agencies have known all along. I also may as well add that I may be naive, but I do hope that the Russian counterbalance to NATO/US/EU/IMF/WB/BIS/FED is legit and it does appear that Snowden may actively be helping with that. I have no way of knowing if he is a double agent or if Russia is on board with the banksters, after reading The Creature from Jekyll Island, I do believe they have waged war on Russia for a very long time and I do think they also created the monster known as Stalin. If this is true it give credence to the idea that Putin has a vendetta as well as most Russians who believe the conspiracy!

So yea time will tell, it was a wild time to choose to incarnate here on Earth!

originally posted by: SLAYER69

originally posted by: elementalgrove
Everyone of these leaks are a dent in the armor TPTB hoped we would never discover!

How many more years from now will we be seeing supposed 'New' info leaked/released from him?

Not that I'm complaining just that it seems logical to assume that sooner or later he'll run out of material.

The skeptic in me wonders if he's been stretching the truth milking it for headlines now.

Or in the alternative, making it seem like the US is much more powerful and advanced than they actually are. Think about that for a second. Anonymous hacks the Ferguson and Israeli computers (if it is actually true and Anon isn't CIA/NSA) and no one could stop it? Some times it just seems like accelerating BS...

The skeptic in all of us is a good thing ;-)

Cheers - Dave

originally posted by: kwakakev
The whole thing sounds a lot more like the Terminator movies with automated hunting and the beginnings of an attack. Maybe at the start is is just meant to stay in cyberspace, as the story goes. I would like to say I am shocked or surprised by such a program, but those days are gone.

Yes this is geting bad.
if you wright a book and terro you DIE!
say the wrong word and you DIE.
how long till the computer sees that humans are the problem?

originally posted by: elementalgrove
Everyone of these leaks are a dent in the armor TPTB hoped we would never discover!

I wouldn't go that far. I think some of the recent "leaks" ae intentional and designed to provoke a response. I suspect TBTB are now looking for trigger to throw us into the chaos of martial law.

originally posted by: Biigs
How about making networks more secure in the first place? Should that not be the prime idea?

Yes. Actually - they have become more secure, but we also use them a lot more than we used to do. And your networks are only part of the total infrastructure that you need for your data, of course. It's fairly useless to have secure networks if you run an insecure operating system or insecure end-user software.

The main "problem" is that nowadays "everything" needs to be "connected". This in effect makes everything that is connected at the reach of any sufficiently cunning culprit. So we'd better (re)learn the art of compartimentalization. If you have airgaps between your important internal networks and the Internet it is quite impossible for any MonsterMind or other related technique to "fire back" and it is also impossible for evildoers to use your network for their ugly business. Inside a secure network you should get rid of wireless alltogether. Just google "pringle wireless" to see why. Another usable technique you can use is what is know as "protocol change": instead of a direct TCP/IP connection, you'd use a tightly controlled connection of some other type, say a bi-channel USB connection. In the olden days we used serial lines. And of course, you don't use TCP/IP on it

BTW: MonsterMind seems a stupid idea - any attacker stupid enough to use his own resources to perform the attack deserves to be caught. Even script kiddies routinely use other folks computers to do their ugly job.