On Mon, Dec 30, 2013 at 9:14 PM, Hannes Frederic Sowa <hannes@stressinduktion.org> wrote:
... Actually, somehow, I have a feeling of relief to see that major hardware vendors don't seem to specifically work hand in hand with the NSA to implement backdoors.
you're assuming this dump is exhaustive. this is a very specifically themed/focused release of top end tactics and exploits (essentially weaponized platforms for targeted attacks). Jake says as much about what they're dropping, which while impressive, has still gone through the "best interest of public safety scrutinizing and censorship" rigmarole. the indiscriminate, wholesale compromises are just getting started... these disclosures will have more impact: financially to the impacted vendors, effectively to IC as known vulnerable hardware and software is replaced, and to the public at large now exposed to even more essentially incomprehensible disclosures of vulnerability and compromise.
I don't see that having a JTAG connector publicaly accessible on a RAID controller as a hint for that. The other disclosures also point to my conclusion that the NSA is mostly working on their own. Of course, not all of Snowden's documents are released yet and hence my feeling could be deceiving.
this is just an example of how, when the NSA pursues "all means and methods in parallel, without restraint" seemingly innocuous oversights are intentionally leveraged and discouraged from remediation for use in tailored access (black bag / targeted) attacks.
I thought it could be worse.
it is worse. best regards, p.s. cryptome has lots of great docs on this and other 30C3 awesomeness: http://cryptome.org/ , http://cryptome.org/2013/12/nsa-catalog.zip