Page 1 of 2

CIA targets Linux users.

Posted: Thu Aug 03, 2017 7:16 am
by Madmogone
Hi all, I have just been reading an article from a linux magazine about spying tools that the CIA has developed to spy on linux (open source) users. One is called "OutlawCountry", which installs itself onto the pc and then it creates a new entry in the iptables firewall configuration which then allows it to reroute all of the traffic through a data mining server.The other spyware is called "CherryBlossom" and it appears to target commercial/home routers. I wont go into details here but all relative info can be gotten from the https://wikileaks.org/vault7/document/O ... ser_Manual. ,and https://wikileaks.org/vault7/#Cherry Blossom., and at http://bit.ly/LXF227cia ,( not sure how to post the web addresses as links, will have to find out for future use, have never done it before). It all sounds very worrying. Would be interested in any one else,s views.Lets hope that there will be a patch somewhere along the line to overcome this issue. May be time to have a tin foil overcoat along with the tin foil hat (haha). Cheers all.

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 7:37 am
by altair4
viewtopic.php?f=61&t=248546
altair4 wrote:
Citizen229 wrote:It wasnt the english, it was the technospeak :D
The only relevant English part is this:
This new malware strain’s details have been leaked in the form of a user manual, which describes that OutlawCountry tool consists of a kernel module for Linux 2.6, using which CIA can modify the network traffic and redirect it for ex- and infiltration purposes.

The OutlawCountry’s prerequisites for operation are a compatible 64-bit CentOS/RHEL 6.x operating system, shell access and root access to the target, the target must have a “nat” netfilter table.
If you are running Red Hat Enterprise Linux 6 in your home I strongly suggest you update. :)

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 8:32 am
by Madmogone
HI all, Sorry for re-posting something that has been brought up already, must have missed that one somehow.But the CherryBlossom spyware may be of interest to people who use commercial equipement routers.Always keep up to date with security patches (if available) and you might stand a chance of keeping free from the spyware. I use Smoothwall Express 3.1 on a home built machine, so if any security patches are needed I stand a good chance of staying clear of the malware, as patches are available pretty quickly, which is not all ways the case with commercial gear. I suppose you could always re-flash them with one of the propriety o/s,s to have better peace of mind, if that gear will allow it to be re-flashed that is. Any how, all stay safe out there. Cheers.( solved my own problem, web addresses automatically become links by the looks of it.posting.php?mode=reply&f=58&t=251036#).

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 10:00 am
by samriggs
Supposedly they been targeting linux users for years, just like they target everything else, we had discussions about this before on the forum but the new maleware part is intertesing, will have to keep an eye out.
Thanks for the tidbit.

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 2:45 pm
by Hoser Rob
This is just so not news. There is not one OS in the world thatt those agencies don't have exploits for. They've had them for years.

It bugs me and it doesn't. While I don't like it, if all those guys were to stop their hacking today, there would still be all those other hackers out there. So what would I be doing differently?

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 5:30 pm
by samriggs
Hoser Rob wrote:So what would I be doing differently?
Probably the same as the rest of us....... nothing.

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 6:11 pm
by eddier
They're welcome! Waste of time and effort though!

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 8:15 pm
by Portreve
I think it's useful to keep a sense of perspective here.

As an overall demographic, GNU+Linux users tend to be more tech savvy and proactive about defending their systems than Windows and Mac OS X users. Moreover, coders constitute a significantly larger percentage of the desktop use population than in the other two OS platform communities.

Let's also not suddenly forever that this is one major advantage of having openly available sources code. People from around the world can be brought to bare on these issues, instead of being reliant on just a couple dozen (or however many) programmers.

Particularly in this day and age, people who insist on issuing proprietary OSs and programs are the crazy ones. If the code can't be peer-reviewed and audited, I won't touch it.

Re: CIA targets Linux users.

Posted: Thu Aug 03, 2017 9:05 pm
by jimallyn
“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. It’s a deeply anti social principle because rights are not just individual, they’re collective, and what may not have value to you today may have value to an entire population, an entire people, an entire way of life tomorrow. And if you don’t stand up for it, then who will?” - Edward Snowden

I have nothing to hide, but I don't appreciate people who can't mind their own business.

Re: CIA targets Linux users.

Posted: Fri Aug 04, 2017 7:24 am
by Madmogone
We all know that ALL governments around the world spy on their own people, some more than others, but to say that, that information on what (spy ware ) they use is not relevant to any one, I cannot agree with. Take the "CherryBlossom" spy ware that the CIA are using to gain access to commercial/home routers, if someone reading about that may then decide to use a non commercial router (build their own) with one of the many firewall/router O/S,s and thus will be a lot safer on line, I think It is worth mentioning on a forum, and also a lot safer from the general hacker who is up to no good.It all helps to inform people and then they can decide what to do or not do. At the end of the day, its all about staying as safe as possible on line.I have nothing to hide , but I want to make it as hard as possible for these people to find out that I have nothing to hide.

Re: CIA targets Linux users.

Posted: Fri Aug 04, 2017 7:35 am
by Pierre
the country to watch:
- is this one - Australia - - what the Fed Gov't has planned, for us lot.
it is said, that they will modify what the British Gov't has done .. ..

being on the end of a Long & Skinny pipe, is bad enough,
- we surely don't need the Fed Gov't to make it even worse.
http://www.afr.com/technology/web/nbn/g ... 801-gxmr8q
like that fiasco is. ..

or their New data Retention Laws
https://www.cnet.com/au/news/mandatory- ... arliament/

anyway, most people won't upgrade their router / modem,
let alone check it's software version, or flash the firmware .. .

Re: CIA targets Linux users.

Posted: Fri Aug 04, 2017 7:42 am
by MintBean
That's one attack vector. I strongly suspect they have a way in 'under' the OS using the CPU's management engine.
When you have infinitely deep pockets you don't have just one project where you can have 100.
https://www.youtube.com/watch?v=7gRsgkdfYJ8

Re: CIA targets Linux users.

Posted: Fri Aug 04, 2017 7:52 am
by mike acker
..."government monitoring of its employees, citizens, and news media -- to protect its own interests, not to protect us from terrorists -- is becomming as fact of life."
STONEWALLED (Sharyl Attkisson p 337)

Re: CIA targets Linux users.

Posted: Fri Aug 04, 2017 8:02 am
by Faust
samriggs wrote:
Hoser Rob wrote:So what would I be doing differently?
Probably the same as the rest of us....... nothing.
I have to disagree with you there .
I am not one of the " us " , and I'm guessing that there are many others on here that take the same view .

A simple first step is to take full control of your router , and that may mean buying a new one .
If I can't flash the firmware , install something like dd-wrt , or run pfSense , then I don't want it in my home.

As a general rule-of-thumb , if you are using the router supplied by your ISP it is pretty certain that it benefits " them " much more than it benefits the user .

Re: CIA targets Linux users.

Posted: Fri Aug 04, 2017 9:03 am
by 0x2620
http://i.imgur.com/uzSlO5p.png

Are all CIA hackers virgins?

Re: CIA targets Linux users.

Posted: Tue Aug 08, 2017 3:41 am
by CoffeeFiend
jimallyn wrote:“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. It’s a deeply anti social principle because rights are not just individual, they’re collective, and what may not have value to you today may have value to an entire population, an entire people, an entire way of life tomorrow. And if you don’t stand up for it, then who will?” - Edward Snowden

I have nothing to hide, but I don't appreciate people who can't mind their own business.
Well said! Say what you will about Snowden, he made a good point in that statement.

Re: CIA targets Linux users.

Posted: Wed Sep 06, 2017 6:43 pm
by Tomgin5
I make it a hobby to peruse a huge volume of highly useless information that it would take a dozen hackers to even make a dent in the volume of information I view. :mrgreen:

Re: CIA targets Linux users.

Posted: Wed Sep 06, 2017 7:59 pm
by revian
My take on the CIA spyware.. I don't care. If they want to waste their time spying on me, then I feel sorry for their sanity. I'm likely the most boring person on the planet and I don't do anything even remotely unlawful. It's their time to waste, I guess.

Re: CIA targets Linux users.

Posted: Fri Oct 13, 2017 11:23 pm
by Ham_Dude
jimallyn wrote:“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.
I have nothing to hide..... However I do have lots that I want to protect. There IS a difference

Re: CIA targets Linux users.

Posted: Sat Oct 14, 2017 1:55 am
by samriggs
Faust wrote:
samriggs wrote:
Hoser Rob wrote:So what would I be doing differently?
Probably the same as the rest of us....... nothing.
I have to disagree with you there .
I am not one of the " us " , and I'm guessing that there are many others on here that take the same view .

A simple first step is to take full control of your router , and that may mean buying a new one .
If I can't flash the firmware , install something like dd-wrt , or run pfSense , then I don't want it in my home.

As a general rule-of-thumb , if you are using the router supplied by your ISP it is pretty certain that it benefits " them " much more than it benefits the user .
By doing nothing differently I meant what I do on the internet, I keep firmware updated, all passwords are not in my computer but stored outside, I do regular back-ups etc etc etc... blah blah blah.... I do what I can to keep it as secure as I can but am I going to change my internet habits? nope!
Not that I do anything anyhow except my coding and art and play some games.
jimallyn wrote:“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. It’s a deeply anti social principle because rights are not just individual, they’re collective, and what may not have value to you today may have value to an entire population, an entire people, an entire way of life tomorrow. And if you don’t stand up for it, then who will?” - Edward Snowden

I have nothing to hide, but I don't appreciate people who can't mind their own business.
I fully agree agree with this, free will is extremely important to me and having other humans snooping just for the sake of some form of having power over another human is insane in my books, I seen Snowden's film and agree with a ton of it, snooping on everyone is nothing more then communism in my books for whatever excuse they try to use for doing it.
It's actually worst then big brother theories in my books it's someone constantly nagging you to pry into your life by force, like some insane neighbour who just opens the door and lets themself in then open the door bathroom door while your taking a dump just cause they can.
This kind of thing is psychotic and totally insane.

So don't take me wrong I am against such things but I will not change my surfing habits just cause some agent wants to follow me around like some insane stocker.
If this was a neighbour doing the same thing, it would be stocking and harassment and charges could be filed.