NSA Interception In Action? Tor Developer's Computer Gets Mysteriously Re-Routed To Virginia
from the a-slight-detour dept
So this one is odd. A core Tor developer, Andrea Shepard, recently ordered a computer from Amazon.com to her home in Seattle. Yet, as she tweeted last night, something odd happened on the way to delivering that package to her house:
You'd think #NSA shipment 'interdiction' would be more subtle... pic.twitter.com/KVCscLbdgG
— Andrea (@puellavulnerata) January 24, 2014
But that does not appear to be what happened here at all. As Kade from PrivacySOS pointed out, the final Alexandria address is the final delivery location, rather than the sign of something in process. Also, the fact that it bounced around and then went "out for delivery" to that address shows that it wasn't just popping in and out of a hub for delivery to Seattle.
There are some possible other explanations, including just a general screw-up on the part of Amazon. But given the revelations of how the NSA's TAO group does very targeted spying, that often involves getting access to computers being shipped to targets, combined with the fact that the NSA has made it clear that breaking Tor is a priority that has mostly stymied them, this certainly should raise multiple eyebrows.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: andrea shepard, computers, fbi, interception, nsa, routing, tor
Companies: amazon
Reader Comments
Subscribe: RSS
View by: Time | Thread
PFFFT! That's nothing! Check out THIS oddity:
http://www.smh.com.au/it-pro/security-it/large-chunk-of-chinese-internet-traffic-redirected -to-small-wyoming-building-20140123-hv9jg.html
Reality versus Mike: Technorati ranks Techdirt below 5000.
http://technorati.com/blogs/www.techdirt.com
So why does Mike claim "a consistent Technorati Technology Top 100 rating"?
http://www.techdirt.com/about.php
Just look at the sites Techdirt actually ranks with! What a hoot! :
5433. Free Samples and Coupons by Free �
free-stuff-finder.com
Recent: Free Dove Men Body Wash at Rite Aid �
07:52:07[i-705-7]
[ link to this | view in chronology ]
Re: PFFFT! That's nothing! Check out THIS oddity:
Debunked: http://www.theatlantic.com/technology/archive/2014/01/this-little-house-in-wyoming-didnt-just-get-fl ooded-with-web-traffic-from-china/283249/
Oh look, for all his talk about calling every story out here, it's OOTB who falls for bullshit stories.
[ link to this | view in chronology ]
Re: Re: PFFFT! That's nothing! Check out THIS oddity:
[ link to this | view in chronology ]
Re: Re: PFFFT! That's nothing! Check out THIS oddity:
[ link to this | view in chronology ]
Re: Re: Re: PFFFT! That's nothing! Check out THIS oddity:
[ link to this | view in chronology ]
Re: PFFFT! That's nothing! Check out THIS oddity:
[ link to this | view in chronology ]
Re: Re: PFFFT! That's nothing! Check out THIS oddity:
[ link to this | view in chronology ]
Creepy Spooky Dark
SPOOKY
Dark
[ link to this | view in chronology ]
I don't know about you, but if I saw that kind of thing, I'd start getting someone else to order my stuff for me.
[ link to this | view in chronology ]
Re:
No matter what ridiculous story you hear about their spying efforts, you are by default inclined to believe it instead of asking for proof anymore.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Not Domestic
This wasn't domestic. Several parts in the computer came from overseas. She had also recently called Canada so she was only one hop from a foreign potential terrorist.
[ link to this | view in chronology ]
Re: Re: Not Domestic
http://www.forbes.com/sites/jennifergranick/2013/08/14/nsa-dea-irs-lie-about-fact-that-america ns-are-routinely-spied-on-by-our-government-time-for-a-special-prosecutor-2/
http://www.huffingtonpos t.com/2013/08/05/dea-surveillance-cover-up_n_3706207.html
If these two articles don't prove to whatever dumb ass is still left posting to skeptic blogs about how 'smart people believe weird conspiracies' then that person is either a fucking retard or intentionally and solidly in denial.
....and these don't even mention what probably has been going on for years. The NSA's OWN "internal investigations" unit, which is designed as a Lysol Air Freshener to cover up the smell of bullshit. Anyway, in their own report was one incident where on their first day an NSA staffer looked up his ex girlfriend and proceeded to stalk her.
[ link to this | view in chronology ]
Re: Re: Re: Not Domestic
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
When the NSA does it, it's so that they can destroy you. Did you not read about the people who were stalked and harassed by BP for posting negative comments about the oil spill?
Who do you think provided that private investigator the private info? Parallel Construction baby, it's a bitch!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Solution: Burn the computer and get another from a safe vendor
Obviously you can't trust Amazon not to cooperate with unconstitutional searches and seizures.
I'm very glad now that my new computer I got for Christmas is from NewEgg instead of Amazon.
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
Don't even open it. Give it to security researchers. Somebody get a hold of Bruce Schneier. If he won't take a look, surely he knows who will.
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
You must have never heard of FVEY.
[ link to this | view in chronology ]
Re: Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
And you trust that employees of Newegg will risk charges of criminal contempt under 18 USC 402 by disobeying such orders? That they'll go to jail rather than compromise your privacy?
You do know private citizens don't get to decide what's constitutional or not, right?
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Rights
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
And clearly this isn't real: http://www.eweek.com/security/nsa-can-hack-you-even-if-you-arent-connected-to-the-internet.html
"The target machines first are compromised by way of a USB stick or tiny circuit board that broadcasts the information. ... The geniuses at the NSA with the remote radio access technology have extended the range to a staggering 8 miles."
So I'm sure it's perfectly safe.
[ link to this | view in chronology ]
Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
"TOR developers kinda use the internet."
Yeah, let me know when you're tired of riding a waffle.
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
Your post shows how much knowledge you have on the subject, which is next to none so why not just stop trying to bitch at people and move on.
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
Use them.
otherwise it's going to be read as just a load of blargha flargha... wait on second reading of your dribble it is just a load of Blargha flargha derpness.
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
She should disassemble the computer and take photos, post them online with the specs and ask people to do a once over on it.
If anyone finds any additional components it should then be offered up to a reputable security researcher so they can investigate exactly how it works.
Heck I'd offer it up to a researcher regardless so they could do a once over anyway in case any firmware is compromised.
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
The track record is likely a simple mix of indifferent arrogance, laziness and cheapness. Obviously the risk of a key logger is pretty high, with a trigger dump, either by direct physical contact or via remote contact on the already compromised internet connection.
However a background investigation must still be in action, it would be interesting to see what they are accusing her of to enable the false investigation.
Likely emigration will be the only escape as they work up to aiding terrorism charges so they can force compliance.
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
2) They send you a new one.
3) Repeat as often as they will comply.
4) Profit
[ link to this | view in chronology ]
Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Re: Re: Re: Solution: Burn the computer and get another from a safe vendor
[ link to this | view in chronology ]
Buy in person, pay in cash
[ link to this | view in chronology ]
Re: Buy in person, pay in cash
[ link to this | view in chronology ]
Re: Re: Buy in person, pay in cash
[ link to this | view in chronology ]
Re: Re: Re: Buy in person, pay in cash
Second of all, how do you know they do not do the exact same crap on store bought computers? If they were randomly adding spying hardware, you wouldn't be any safer when you buy from stores.
[ link to this | view in chronology ]
Re: Re: Re: Re: Buy in person, pay in cash
What physical plants? The hardware is diverted after it leaves the plant. It arrives at a spy shop where the modification is made, then sent out again.
The only point where a legal requirement comes into play is in the diversion -- and I'm not sure a warrant is needed there.
because these are, by their very nature, targeted operations. This sort of thing isn't done to every piece of hardware (that would have to be done at the manufacturing plant). This is done against particular people. They would have to know precisely which piece of hardware you'd be getting, in advance, to alter the sight one on the store shelf. Except maybe in very special circumstances, this isn't possible.
[ link to this | view in chronology ]
Re: Re: Buy in person, pay in cash
[ link to this | view in chronology ]
Re: Re: Re: Buy in person, pay in cash
[ link to this | view in chronology ]
Re: Buy in person, pay in cash
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
The NSA can replace the network jack on your computer with one that looks identical, but has an extra chip in it that talks to their servers.
It's impossible to find without careful X-Raying or destructive testing, and I doubt that this is the only component they can do that to.
[ link to this | view in chronology ]
Re: Re:
You don't have to go that far. Use a second computer running wireshark to analyze the traffic to/from the suspect one.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
You aren't going to find that on Wireshark.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Man, the NSA is really scrapping the bottom of the barrel for astroturf.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Keyboard?
[ link to this | view in chronology ]
However, now that this has gone public it will be interesting to see if it even gets delivered. If it's still in NSA HQ then you can bet they will undo whatever they have done before it gets sent.
[ link to this | view in chronology ]
Note that order was not for a laptop, but apparently for a replacement Lenovo keyboard.
[ link to this | view in chronology ]
Re:
I wouldn't be surprised if there is more elaborate stuff that uses undocumented features and backdoors though.
[ link to this | view in chronology ]
Re: Re:
If it's anything, it's probably a small chip that sits between the keyboard itself and the USB output. It then installs itself like a keyboard and uses some glitch (or possibly a back door) in the keyboard driver.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
You haven't been keeping up. It has been recently confirmed that the NSA does precisely this, by the NSA itself. They do say they don't do this domestically, but at this point, who would be foolish enough to take them at their word?
[ link to this | view in chronology ]
Re: czxc Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: czxc Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: czxc Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
http://en.gravatar.com/
I think you meant avatar.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
My understanding is the images generated for non-signed in users on Techdirt are from Gravatar.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
it's been at that point for years. Also, printers.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
I was answering a specific question about malware vectors. I was not talking about what may or may not have been done in this particular case. I am certainly not jumping to any conclusions.
The rest of your comment is hysterical, in both senses of the word. Snapshot of the keyboard? Why? It would reveal absolutely nothing, even if it had been compromised.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
https://www.youtube.com/watch?v=vILAlhwUgIU
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
NSA Liars
[ link to this | view in chronology ]
Re: NSA Liars
[ link to this | view in chronology ]
Re: Re: NSA Liars
[ link to this | view in chronology ]
Re: Re: NSA Liars
[ link to this | view in chronology ]
Re: Re: Re: NSA Liars
[ link to this | view in chronology ]
If any of this is remotely true it'll make me hesitant to buy anything electronic online, like my next computer. Back to buying parts and building my own after inspecting the components for odd looking bits hot glued to them.
[ link to this | view in chronology ]
A Contrarian View...
[ link to this | view in chronology ]
Zip+4 Address
[ link to this | view in chronology ]
Re: Zip+4 Address
Say what? TOR developer who orders from Amazon? Wait! Even can't black out her zip+4?
Something not right here.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Check some of your other SMDs onboard for flux from replacement, and look for other issues around network hardware.
Use another hard drive and ... problem solved.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Blame US Postal Service, not Amazon
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Though, I wouldn't trust UPS ether. They've taken to using USPS themselves for the last leg of the trip.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Even better lets see what frequencies they use!
[ link to this | view in chronology ]
Wow!
I've had a coffee machine that was supposed to be delivered from the west coast to the east one, reach Newark, cross the Atlantic and hit Paris and then piruet, go to Memphis and then merrily reach the East Coast. I thought it was a simple routing mistake and I still do. However, I would like to know how many of you think the French DGSE put some chip on it to check on my coffee-drinking habits.
[ link to this | view in chronology ]
Re: Wow!
No one here is saying with 100% certainty that the US government is behind it. We're just it's vary possible and this is how they might have done it.
[ link to this | view in chronology ]
Re: Wow!
On the other hand, you'd think that they wouldn't be so careless that the diversion would show up in the package tracking.
So, looking at it from an Occam point of view, it's pretty 50-50.
[ link to this | view in chronology ]
Re: Re: Wow!
Exactly Johnny. That is unless they want this knowledge publicized - again - promoting fear and paranoia about the very technology they once thought they dominated, but instead has been the primary source of their proverbial undoing when utilized by the common man.
[ link to this | view in chronology ]
Re: Re: Re: Wow!
[ link to this | view in chronology ]
Re: Wow!
[ link to this | view in chronology ]
Re: Wow!
[ link to this | view in chronology ]
Let's all calm down a little
Yes, it was misrouted to Alexandria, and a keyboard is an ideal place for a keylogger/keysniffer.
But there are plenty of legitimate (I mean non-government-connected) businesses and people there.
Most likely, this is nothing but a shipping mistake.
We shouldn't jump to conclusions on such thin evidence.
That said - it's worth further investigation. By all means, talk to Amazon and USPS and see what they say. And examine the keyboard carefully - looking for mechanical, electrical and RF anomalies. (Best to get an identical keyboard from another source for comparison.)
Probably you'll find nothing. If and only if you find evidence of tampering, THEN you have a smoking gun.
[ link to this | view in chronology ]
The new "Thanks, Obama."
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Hanlon's Razor
Keep in mind folks, this is the USPS (you know, the guys that go "postal" all the time) - chances are someone simply screwed up and delivered to the wrong address.
With that said, anyone interested in 40 acres of ocean front property I have in Arkansas?
[ link to this | view in chronology ]
Re: Hanlon's Razor
[ link to this | view in chronology ]
Zip-plus 4
Now we know which apt building you live in.
[ link to this | view in chronology ]
First, unsurprisingly, Andrea uses Linux. But that's not the point I want to make, in of itself. She's also a developer, familiar with tweaking source code, recompiling it, and using it in her daily activities.
Further, she also uses a metal attache case to transport her laptop, specifically because it acts as an excellent Faraday cage. (I don't know if she was just joking when she gave that as her reason for using the case, but she sounded quite serious!)
It wouldn't surprise me if somebody decided that it was too risky to try a software penetration (she alerted to the fact that my anti-virus falsely triggered on one of her emails, until I was able to demonstrate that it was normal activity), and somewhat difficult to remotely compromise one of her machines. They wouldn't even be sure that whatever bugs or backdoors they're using still exist, because she modifies and recompiles her own software on a regular basis. Conversely, a new hardware order would provide an excellent way to get access.
Is it possible that it's just a shipping shenanigan? Yes, of course. But it would not surprise me if somebody felt they had to go hardware to try and compromise Andrea's systems, that's all I'm saying.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: We need a revolution.
This is still more-or-less a democracy - people elect the criminals who authorize and defend this stuff.
As long as that continues to be the case, any revolution will fail. And if/when the electorate wakes up or finds their moral compass, then a revolution won't be necessary.
Revolutions tend to be bloody, killing a lot of innocents. Let's try to avoid it if we can. Especially so if the result is going to strengthen the state rather than weaken it.
[ link to this | view in chronology ]
To paraphrase a quote the movie, "The Guard"
[ link to this | view in chronology ]
Re: To paraphrase a quote the movie, "The Guard"
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
As great an opportunity as finding a tracking device to tear apart.
Congrats on winning the lottery, I look forward to my own "special software" on my next purchase.
[ link to this | view in chronology ]
Check the DNS
It's a pattern I've seen before, commented on NSA articles here on Techdirt, DSL got real slow. ISP couldn't fix it, next doors DSL was fine, changed the router, DSL back to normal speed. Comment again on Techdirt, DSL suddenly real slow again.
A tracert doesn't show any extra hops, but there is a huge gap in the routing delay, its very easy to hide extra hops so you cannot rely on tracert.
Switched to fibre, real fast, comment on techdirt, real slow again.
This time I tried messing with the DNS, switching to Google DNS and Open DNS etc. makes it real quick again.
IMHO, maybe the attacks are done via the DNS, returning new IP addresses for existing sites, then man in the middle that traffic.
How would it work with https traffic? I don't yet know, but https traffic suffered exactly the same.
[ link to this | view in chronology ]
Re: Check the DNS
[ link to this | view in chronology ]
Re: Re: Check the DNS
[ link to this | view in chronology ]
looks more like
My guess is more along the lines of someone trying to stoke the fire against NSA by setting things up. I suspect that the full order from Amazon includes a gift address that isn't showing.
[ link to this | view in chronology ]
http://arstechnica.com/information-technology/2013/12/inside-the-nsas-leaked-catalog-of-surveil lance-magic/
[ link to this | view in chronology ]
We've entered Third Reich territory. We're all living under a virtual occupation. Time to get the Resistance organised.
[ link to this | view in chronology ]
Re:
Either that, or a shipping company screwed up.
[ link to this | view in chronology ]
Similar Experience
Sacramento, CA
Los Angeles, CA
Atlanta, GA
Dallas, TX
Phoenix, AZ
You can call this crazy Fedex distribution routing, but I have NEVER seen anything remotely like this. I kept the product and will be having it analyzed.
[ link to this | view in chronology ]
And why is Andrea an Amazon supporter/customer?
She�s clearly one of the many who have made Amazon, et al, relevant and dragged the rest of us, who�ve watched in horror for at least a decade now, into a world where Amazon, Google, Apple, PayPal, eBay, Facebook, Twitter, et al, violate, hand in hand with the Fascist (for lack of a more horrific and current adjective) U$ Government, with impunity.
It�s also truly sickening to see so many of those Blawwgers!!! - who fervently aided in making Sly Con Valley the monster that it is � finally, way too late, talking against it with no apology, or recognition, that they trashed others as Luddites, Trolls� even, for at least a decade, whenever those Luddites expressed concerns re Amazon, Google, Apple, PayPal, eBay, Facebook, Twitter, et al, and the swift trajectory where someone like the sociopath Kurzweil (who has been connected with the Defense Industry for decades, to my understanding) is rapidly approaching his, Go Daddy!, 100% Mechanized World run and imagined by Thought Leader ! ...� Papas [only!], wet dream.
Post Script: And about kade? kade is well past the time in which he should explain why the ACLU has a Face Fiend page.
[ link to this | view in chronology ]
Mistrust of the Government
A few people (in the law, elected reps, management of the securocracy) have started the rot that is progressively destroying faith in government and business.
A slogan of the US, is mutating into something like:
Government of the sheople, by the devil, for the psychopaths.
Sad. I believe that the majority in the occupations that are starting to stink are decent people. The organisations that made this happen, are, in their present states, not fit for purpose in the current age.
[ link to this | view in chronology ]
First, the NSA would only want to intercept a keyboard to do data interception. But there is no reason for them to intercept the data of a tor developer, THE SOURCE CODE IS PUBLIC ALREADY. Unless they think the developer is themselves a terrorist they could care less what they type.
A keyboard would be useless for planting bugs in software. Even if they had the whole computer it would be extremely difficult to leverage that control to force the insertion of backdoors into the code (it would be much easier to hack into github or wherever the `canonical' version of the tor source is held and insert bugs there...even if there is no defacto canonical repository it would be extremely difficult to hide the introduced bugs from the developer while not disrupting the normal diff/compile/run development process).
If the NSA was sophisticated enough to implement this kind of extensive system compromise (all the tools used by the developer must appear to work normally EXCEPT the hash of any commit needs to include the modified source AND any commit needs to include the modifications BUT somehow when the developer turns the commit into a patch and examines it in ANY text editor it must not appear) they surely wouldn't screw up at the step where they divert the package.
[ link to this | view in chronology ]
Re: Peter Gerdes/This is totally ridiculous.
What rarified world, and/or lies, are you living in ...and/or promoting? so very late after the sun set and the gathering left ....until the piece is revisited?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
They will go after anyone
Don't let them get by with the line "
We only go after legitimate targets
I am a teacher and they went after me
I helped a friend write a complaint to a Judicial Ethics Commission pointing out
blatant fraud, and unethical conduct by a Judge and Amicus Attorney.
Approximately 4 days before the complaint was to be filed, I had 3 windows based computers on my home network rendered to Digit zeros with with evidence documents and other exhibits for the complaint destroyed.
At the time, I didn't really know what happened and just assumed it was a virus that hit my network and all I needed to do was to do were reinstalls of the computer operating systems and all would be well. I was wrong. Even to this day, I continue to have network and computer problems.
After the network attack, the windows computers were rendered as junk. I ordered a new Macbook Pro thinking that a new computer would solve the network problems. The network problems continued. Shortly after the new Macbook Pro was delivered to my home from the Apple online store, I discovered that the EFI Firmware Password had been set before it was delivered. Somebody had tampered with this computer before it arrived at my home. Apple stated that they did not know how this would have happened and they agreed to replace the computer with the one that I
am now using.
I continued to have problems.The recent NSA leaks confirmed my suspicions that I was targeted, but I still have a hard time believing that the government would do such a thing.
After the Snowden revelations, I was determined that I was going to find out for sure and press the issue with Apple. I could never get Apple to do any followup calls to address my issues. Before this
ordeal, I knew very little about computers, but I have educated myself to an extent and Apple cannot or will not answer my questions. When no Sr. Apple Technician in the United States will return my calls, it seems that all my calls to Applecare are routed to Applecare in Canada.
Recently a Sr. Level Apple Advisor in Canada stated to me that when Apple initially replaced the computer which had the firmware tampered with, they replaced it with a computer that did not have the standard operating system that it should have had. The replacement computer had a modified operating system installed.
Why would Apple do this? This is the question that I asked the Sr. Level Apple Advisor and he said he did not know why this was done nor did he know why or how the firmware was tampered with.
This has to stop
[ link to this | view in chronology ]
Re: They will go after anyone
What a bizarre story. What sort of teacher are you? That's a lot of effort to go to if it really was someone behind the scenes (either NSA or someone else, would be impossible to tell) targeting you.
I helped a friend write a complaint to a Judicial Ethics Commission pointing out
blatant fraud, and unethical conduct by a Judge and Amicus Attorney.
Approximately 4 days before the complaint was to be filed, I had 3 windows based computers on my home network rendered to Digit zeros with with evidence documents and other exhibits for the complaint destroyed.
Sounds much more likely to be someone involved with the court system, I don't see why the NSA would get involved with a case like that. Then again, we still don't know nearly everything about how they operate.
[ link to this | view in chronology ]
Woah! That is odd.
[ link to this | view in chronology ]
Re: Woah! That is odd.
Core developer? Are you sure?
[ link to this | view in chronology ]
Everybody knows..
[ link to this | view in chronology ]
Just Customs
Packages from overseas are routinely diverted to customs for inspection. They cannot inspect every package but it is not unusual for your package to be delayed until it is inspected.
[ link to this | view in chronology ]
Re: Just Customs
[ link to this | view in chronology ]