---------- Forwarded message ---------- From: coderman <coderman@gmail.com> Date: Tue, 16 Sep 2014 14:26:50 -0700 Subject: Re: [liberationtech] proof of tampering On 9/16/14, Jonathan Wilkes <> wrote:
... over a year after the initial Snowden-leak stories-- I'm curious if anyone has references to articles or papers that have researched and reproduced any of these exploits to show how they are used in practice to steal data, surveil, etc.
it is very difficult finding detailed, public research into this particular type of offensive reversing. public knowledge is constrained by: - lack of access. see list history regarding ability to even detect/observe the most advanced attacks. this is changing, however. c.f.: exposure of corporate level, middle school type contract kit: https://wikileaks.org/spyfiles4/ and the work of Morgan Marquis-Boire. The Stuxnet/Flame/Guass/Duqu/Skywiper/Mahdi analysis are still the only views of TAO/NSAlike campaigns. corrections welcome ;) - lack of skills+/-experience spanning domains required to dissect the attack across its many pivoting boundaries of enabling and transiting through hardware, devices, networks, and systems under attack. [a redditor could do a shiny graph showing how nearly every technologist with the expertise for world class malware analysis ends up under secret contract, private contract, or does something else outside of university, to varying proportions of each.] - lack of interest or time; the small subset left in consideration is only human, and a thorough reverse analysis of complex stealthy code eats your life in quarter or full years chunks. a passion for the subject only carriers so far... finally, to underscore the point as is so conveniently at fingertip, your mail immediately went to the spam trap, having violated who knows what in googbrain to indicate forgery or malicious intent. why aggressively stamp down a narrative when you can slowly bleed it into silent not-existing instead? good luck, and best regards,