On Thu, Nov 28, 2013 at 8:14 AM, rysiek <rysiek@hackerspace.pl> wrote:
... So could we have the context now, please? :)
timeline: - 04/Aug/2011 DEF CON 19 begins! LulzSec, Anonymous, many other lower profile independent security enthusiasts and hacktivists (read: FBI and $TLA targets of interest) in attendance. presumably the large numbers of foreign attendees, the "exigent circumstances", and whatever other fig leaf legal justifications were applied, allowed the following events to occur on US soil against US citizens without warrants. - 05/Aug/2011 08:00 AM-midnight-+2hrs, 06/Aug/2011 08:00 AM-midnight-+2hrs, 07/Aug/2011 08:00 AM-midnight, 08/Aug/2011 08:00 AM-noon, DEF CON 19 hackers targeted en masse via active MitM on 2.5G/3G/4G bands. traditionally WiFi most hostile, this marked a distinct change in threat landscape at the conference. custom exploit automation and ex-filtration via DRT tech at high power levels on site. the MitM position was specifically leveraged for secondary attacks against vulnerable applications, update mechanisms, communications, and core OS functionality spanning PC and mobile systems. - 10/Aug/2011 attacks disclosed on full-disclosure list; we had been running custom ROMs and SDR kit through the conference, in addition to "performance analysis" on the MitM exploit system (spoiler alert: it was trivial to DoS via spoofed network endpoints and leases leading for "fork bomb" effect of exploit threads launched to service attacks against newly joining client on the network. among other weaknesses :) - 24/Jul/2012 coderman arrives in Las Vegas for DEF CON 20, clear view of Alexander's military transport on the tarmac. immediately upon landing all exceptionally hardened mobile test devices pwned via baseband attacks while in airplane mode. SDR and power monitoring gear confirms exploitation and ex-filtration. this was just the first in a series of impression baseband and sensor level attacks. coderman never hacked so hard nor so thoroughly before; proper fucked. (months and months of effort at Android kernel, system, and application level hardening for naught) - Jun+Jul+Aug+Sep+Oct+Nov/2013 the year of discontent, details emerge on $TLA offensive operations against domestic targets, the role of third party contractors and infosec industry collaborators in same. singular events once considered anomalies or inscrutable now viewed in the overall framework of understanding around pervasive in-security and offensive operations as national security imperative. ... which leaves us where we are now: with networks, systems, and software unable to defend against many of the attacks now unambiguously and entirely clear to the public at large. the ending to this tale yet to be determined! [choose your own adventure *grin*]