On 6/25/15, coderman <coderman@gmail.com> wrote:
[ fix your easily DoS'd gear chumps ] ...
2012 saw NSA deploy targeted attacks via presence within carrier networks (e.g. "in the towers" attacks) either the tactical DirtBoxen weren't up to snuff, or NSA felt the need to act direct. this was the first year DIRNSA ever spoke at DEF CON. regardless, the tower based attacks driven by TAO did not suffer these deficiencies and my ass was handed to me that next year. i'd like to know more about NSA TAO and FBI DITU cooperation, if any. my working theory is that TAO *should not ever* be operating against US citizens, and their techniques so sensitive that DITU is not allowed to co-opt their capabilities, either. from what i observed, DITU gets the "hand-me-down" sploits after they've been discovered, or lost effectiveness. FBI DITU cooperation with NSA SSO is operated under FISA, but this is primarily fiber taps and PRISM front-doors to corporate data stores. --- just to make it abundantly clear: keeping up to date against patched vulnerabilities is critical, as this window of opportunity to take advantage is regularly and successfully utilized by these console cowboys... why care about the hard stuff, if your lax habits make the easy sploits perfectly effective? so many "advanced targeted" attacks just use simple methods and known vulnerabilities. we've got to cover the basics before we even consider next steps/advanced protections! best regards, bear-poker-man