January 28, 2015
In this enormously important and informative talk, Jacob Appelbaum speaks at the 30th Annual Chaos Communication Congress in Hamburg during December of 2013.
Appelbaum was one of the few people who were given access to some of the Edward Snowden documents and some of the Top Secret documents, which his team had sanitized for the safety of all concerned are shown and discussed in this presentation, in tandem with their release that morning, in Germany’s mass-circulation newspaper, Der Spiegel.
This presentation revealed what Appelbaum calls the “wrist-slitting depressing” details about the NSA’s spy programs.
Classified files revealed a device that for $175,800 allows the NSA or another license client to construct a fake cell tower than can allow officials to eavesdrop on texts and talks alike.
Among other topics discussed, he said, NSA has secretly sabotaged US businesses by covertly – and perhaps sometimes with the cooperation of the tech industry – coming up with ways to exploit vulnerabilities in the products sold by major American companies, including Dell and Apple, among others.
For example, the following software implants have been made by the coroporations mentioned below in collaboration with NSA, whether wittingly or not and he’s naming them, in order to give themselves “A chance to hang themselves with their own rope” or else prove their innocence:
– VALIDATOR, COMMONDEER, OLYMPUS, UNITED RAKE, STUXNET (and many, many more), containing payloads for:
– #BADBIOS, SMM, iPhone
– Routers: (Juniper, Huawei, Cisco, etc.)
– SIM cards (remote, local)
– Hard drive firmware
He discusses an iPhone backdoor and how NSA documents revealed that all attempts to implant iOS devices were successful. Appelbaum would like to know whether or not Apple, Inc. collaborated with them in order to allow this to happen. He says that he would like to think that since Apple didn’t begin collaborating with PRISM until after Steve Jobs died, that maybe it’s just that they write “sh*tty software,” which would allow NSA to turn on a phone and enable its microphone.
He discusses an implant called IRATEMONK, which replaces the firmware in a mobile device’s hardrive and that the companies with cell phones which are vulnerable to this are Western Digital, Seagate, Maxdor and Samsung hard drives and that the supported file systems are: FAT, NTFS, EXT3 and UFS.
He goes on to describe hardware vulnerabilities to which Hewlett-Packard products are subject by another piece of NSA malware and then he says that, as an American software and hardware developer, that this is extremely maddening, as people from other countries would probably want to avoid US digital products, due to this NSA taint. He says that even Obama has agreed on this point.
And this has already borne out, for example in Brazil’s decision to turn down a large US fighter jet manufacturer’s bid in favor of an agreement with SAAB, where Brazilian engineers would develop the software, which would be proprietary to Brazil, without any NSA backdoors. Similarly, Brazil is in the process of creating an alternate Internet and that no US contractors will be allowed to be involved. Both cases represent several billions of dollars of lost income from businesses in the US, Brazil’s otherwise largest trading partner.
The Federal Computer Fraud and Abuse Act, or CFAA, has been used a handful of times just in 2013 alone to put away suspected hackers accused of modifying computer programs for arguably harmless crimes. This law is extremely draconian against the regular citizen, however, “the NSA gets to do something like intercepting 7 billion people all day long with no problems, and the rest of us are not even allowed to experiment for improving the security of own our lives without being put in prison or under threat of serious indictment.â€
â€œThis is what [Thomas] Jefferson talked about when he talked about tyranny,â€ he said. â€œThis is turnkey tyranny and it is here.â€
Not discussed in this talk is that his and his friends’ apartment had been broken into a series of times and that this scrutiny had detroyed his relationship with his girlfriend. The internet activist, journalist and cybersecurity specialist is a core member of the Tor encrypted network and has well-documented ties to WikiLeaks.
His decision to move to Berlin was made because he considered Germany to have better privacy protection, and because he felt unsafe in the US after repeated detentions at American airports following his trips abroad. In 2011 it was revealed, that the US government successfully forced Google and Sonic, a small Internet Service Provider from northern California, to fork over personal data from Appelbaum’s email account.
In sum, â€œ[NSA’s] strategy is undermining the Internet in a direct attempt to keep it insecure,â€ read one of Appelbaum’s slides.