The NSA 0wnz popular firewalls and 'secure' email services

The NSA 0wnz popular firewalls and 'secure' email services

www.theinquirer.net

CRYPTOME reports that the US National Security Agency (NSA) has remote administrative access to several of the most popular Windows PC firewalls, and that it has also taken control of a number of supposedly "secure " email services within the past few months.

(visit the link for the full news article)


Related News Links:
cryptome.org

Related AboveTopSecret.com Discussion Threads:
Check if NSA warrantless surveillance is looking at your IP traffic

Apparently the firewall issues can be resolved by the user, anyone know how?

The real story here is that the NSA has "taken control" of "secure" email services:

Certain privacy/full session SSL email hosting services have been purchased/changed operational control by NSA and affiliates within the past few months, through private intermediary entities.

Hushmail: now fully owned by private entity NSA affiliate; has had informal relationship with NSA for a number of years that effectively provided NSA with real time access to Hushmail's hosting servers.

Safe-mail.net: Israeli-based, ironically privately lauded by NSA and US military several years ago for its sound implementation of SendMail with SSL webmail GUI frontend. Now provides mail server info to NSA in real time.

Guardster.com (SSH/SSL proxy): NSA contractors have "bought" full access rights to Guardster servers a few days ago. Separate but related: faciliated port sniffing of hosting servers at Everyones Internet, on NSA affiliates' behalf, has been ongoing for a number of months now.

Guardster has denied it's involved, but what would one expect them to say?

Instead of just spying on our communications, are they now seizing control?



www.theinquirer.net
(visit the link for the full news article)

What exactly do you think happens to the best hackers when they get busted?
They get jobs!

I had an interesting experience back when I was co-managing a web cafe. The RCMP contacted us about a suspect cyber stocker that they believed was in my cafe. The said they had a car across the street doing observation and the suspect had been sitting at machine number 6 "Carbon" (all our computers were named after elements). Thing is, the machine names were only visible on the network! They weren't labeled. Even if you were working at a station, you wouldn't know the computer's name unless you looked it up under networking properties (which customers couldn't do because we had all system admin functions locked off).

It occurred to me immediately that the only way the RCMP could have known the computer's network name was if they had hacked our firewall while tracking this guy.

Sooooo...
Me being me, I called him on it.
"So, ah, you hacked us, hu?".
"Er... I really can't discuss that".
"Don't worry, I'm interested in busting this guy too... I'd just like to know how the hell you got past the firewall!".
"I really can't talk about that".

Anyway, I dug up the e-mail this sick-o had written from Carbon's cashe and supplied the cops with a copy of a security tape showing the suspect sitting there at the time it was composed and sent. Got the sleezeball gone.

Really did give me something else to worry about, tho!
The guy that set up that firewall was really proud of it being "hack proof"!

[edit on 24-12-2007 by BitRaiser]

hey, what about the big ones? Gmail, yahoomail, Hotmail?
'couse, well, i dont think any alleged terrorist would by or pay for a web or e-mail service if the need such tools...

greetings!


--Jim Hero--

[edit on 24/12/07 by Jim.Hero]

Don't assume that anything you put on the net is secure.
If the NSA wants into gmail, they're gonna get in.
Your best defense is to have nothing "interesting" there.

By the way, even deleting items is no guarantee. An email sent to you or a Facebook entry can be propagated for up to 30 years after it's been deleted.

From what i read on the net, the access is thru Windows
Admin Access IP/TCP ports 1024-1030.

Some folks may be thinking software port forwarding
may eliminate the access. But the jury is still out on it.

You could try setting your firewall settings to block everything
on those ports instead of stealth, due a total block however
if the NSA is smart enough to do this sort of thing, then I'm
gonna assume it's not gonna be that easy to block it. They will
probably find a way around that block or since they have admin
access they can turn the ports back on from another port.

The only way to keep the SOB's out of your stuff is to
totally disconnect from the net.

My biggest thing is I can't believe those companies would
compromise their client's stuff in the name of national
security. Everybody who has a firewall has been betrayed
by the makers of the firewall. And here I thought I was secure
using symantec. Hell, I can't buy a good firewall now that is not
compromised by secret access by the NSA.

WHAT A CROCK OF SH!T !!!!

Thanks to the patriot act.

We can assure you that we do not cooperate with the NSA or any other government agency anywhere in the world. We invite whomever is making this statement to provide proof, rather than making a baseless accusation. With the same level of proof we can confidently state that whomever is saying this is an alien from Mars. The poster appears on the surface to be some type of conspiracy theorist and should be interpreted as such.


The Guardster Team

19 December 2007

Source

So whats the truth? And any other links as to show who actually started this "rumor"?

Actually there are legal limitations on how much you are allowed to encrypt a message over the internet. As I remember the limit for encryption is 512 bits . Why ? because it should be "crack-able" ... Anyway , if you still want your secure e-mail you can give it a try with a modiffied Linux E-mail server (do not use any of the public server, but create yours) . If your encryption is higher than 512 bits , someone will knok at your door

[edit on 24-12-2007 by sty]

this begs the question,what are other countries able to do?.

i imagine the chinese have armies of hackers,surely there a much bigger threat than some homegrown hacker?.how do you punish a chines hacker?,you cant extradite him,find him or anything!!

theres probably a huge cyber war going on right under our noses!!



[edit on 24-12-2007 by welivefortheson]

This is simply the latest revelation of a control system that has been in place since the end of WWII:

1947 the National Security Act(NSA) is empowered by congress. The the NSA inatiated the formation of the National Security Council (NSC) (president,vice-president,sec of state,sec of defense) The have the authority to usurp the US Constitution when there are concerns of "national security" as determined by the NSC.

The Department of War is renamed the Department of Defense(DOD)

The DOD forms DARPA( Defense Advanced Research Projects Agency )

DARPA creates the hardware structure of the internet.

I would think they put in a few back door security tools

Specifically, the WWW(world wide web) prefixes that overlay the internet, which are often mistaken for the internet itself.

Google mirrors everything created on the WWW.

What are the chances that this technology trickled down from the NSC?

That's an interesting reading

Can we have the list of the Firewalls concerned if it's not asking a lot.

Edit: Well i found out

MacAfee, Symantec and Zone Alarm
I guess this list is non exhaustive

Thankfully i've got any of them above

[edit on 24-12-2007 by themaster1]

How do you know that one of the many security "fixes" you get from Microsoft isnt actually opening up holes in your operating system? And how many non-public holes is there in the system, considering its not open source?

Linux is so good that I very much recommend switching to it. Installation is even easier than for windows these days.

Try Linux Mint.

I used Peerguardian 2, by Methlabs, which is now Phoenix labs I believe.

download here: phoenixlabs.org...

It auto updates for all kinds of ips to block each day: govt, spyware, educational, p2p & other categories too. Blocking is optional and can be turned on and off. This thing is so kickass that it even blocks common gaming services like ... MMORPGs like World of Warcraft or Anarchy Online, so you may have to disable it to run these kind of games. You'll know if it wont let you connect, lol.

It is better than a standard firewall in my opinion because it doesnt block -everything- , but what it does block, it blocks SPECIFICALLY, meaning that IP address would have to already be on the block list that the program comes with and auto-updates if selected to do so. This means they dont just have to get around a generic firewall, they have to get around what is essentially an IP banning. I know I know .. anonymous proxies.. but guess what, those are all included in the auto updates to the list as well. It blocks so much that it unintentionally blocks. For instance, students in dorms at universities across the globe will show up on my blocked list, and people trying to download from me on a P2P network from a government location in any country in the world and it blocks them. So you see places like Brazil, Netherlands, Vietnam, China, etc.

It is currently blocking 745,549,511 ips as of 11:39am, December 24th, 2007, EST.

OT: I gotta wait til December 28th to receive delivery of my new video card, demmit.

[edit on 12/24/2007 by runetang]

This is the exact same source reporting as in this thread. GIGO.

Don't buy the paranoid tabloid hype. Unless you're emailing Iran, noone at the NSA is sitting down and reading it. Chances are unless you've already gotten their attention for some reason, it's not even passing through a single mine.

Use a hardware firewall if you're that worried about them 0wn1ng j00r b0x3n. Should be using a hardware firewall anyway. Those software ones are easily compromised trash.

reply to post by apc

lol , i wonder how many of the ATS members are on the black list .. i would be disappointed if I am not in .