The internet is broken. And so is all your stuff. According to new leaked NSA documents, the agency have the capacity to read your screen and keyboard strokes remotely using tiny chips, which they might insert when your gear is being shipped to you.
That might make you think twice about buying hardware off the internet. But, never fear they have other ways of compromising your computer. It’s also just been revealed that they can masquerade as other websites – say your Yahoo! mail or CNN – to send malware to your machine. Once their malware is there, they’ve got unlimited access to you and your doings.
A room full of shocked hackers is a rarity, especially when the topic of conversation is cyber security. But that’s exactly what security expert Jacob Appelbaum got with new revelations about the NSA’s tactics as part of their Tailored Access Operations – TAO – programme at hacker congress 30c3 yesterday.
Referencing simultaneous publication of the information in German magazine Der Spiegel, during his talk “To Protect and Infect Part II” Appelbaum showed slides of some of the technical specs, with some chips – largely undetectable bugs that are read by being bombarded with continuous waves – the size of a thumbnail. You can see the details of all these NSA toys in a marvellous infographic from Der Speigel. What’s quite chilling is that most of this tech dates from 2007-8, which means we are only finding out about tech that’s 5 years old.
The scope of the TAO project is truly vast, encompassing foreign (to the US) embassies and high level politicians, and Der Speigel reports projected targets of 85,000 computers infected with TAO trojans by the end of this year.
None of this would be possible without some serious geekery. The revelations about TAO activities add weight to previous calls by high profile security specialists and activists at the same conference, including at a joint talk by Appelbaum and Julian Assange on Sunday night, for geeks and nerds to step back and query their consciences about how they earn their crust.
Of course, this might all seem a world away. A few things bring revelations like this home, though, including the fact that the NSA are calling all us – yes I’m one too – iPhone users “Zombies”. There’s a price to pay for seamless design and increasing invisibility of computers, and that price is knowing what is being done to you and your devices.