Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Syrian Government Uses Skype To Push Malware To Activists

Soulskill posted more than 2 years ago | from the call-was-coming-from-inside-the-internet dept.

Government 139

judgecorp writes "The Syrian government is using Skype as a channel to infect activists' systems with malware, installing Trojans and backdoors, according to security firm F-Secure. The evidence comes from a hard drive sent for analysis. 'The activist's system had become infected as a result of a Skype chat. The chat request came from a fellow activist. The problem was that the fellow activist had already been arrested and could not have started the chat. Initial infection occurred when the activist accepted a file called MACAddressChanger.exe over the chat. This utility was supposed to change the hardware MAC address of the system in order to bypass some monitoring tools. Instead, it dropped a file called silvia.exe which was a backdoor — a backdoor called "Xtreme RAT." Xtreme Rat is a full-blown malicious Remote Access Tool.'"

cancel ×

139 comments

are people really this stupid (0, Flamebait)

alen (225700) | more than 2 years ago | (#39892303)

it's 2012, don't accept any file from anyone unless the name and file type looks halfway legit and you can trust the person 100%

this is why the syrian army is dumping dead bodies in a river. the people are too dumb to exercise security

someone ask the greeks to teach them a lesson in security while revolting against an oppressive government

Re:are people really this stupid (5, Informative)

girlintraining (1395911) | more than 2 years ago | (#39892359)

When the file comes from a trusted source, it's not stupid. You have to trust someone eventually; The OS manufacturer (ie, Apple, Microsoft, etc.), the distributor (the person making the DVDs), etc. Trusting a friend isn't stupid, it's what most people would do. That's exactly why so many different worms try to propagate using a person's address book; Human trust networks.

It was only stupid that he didn't scan the file first, not that he accepted the download. And if said malware is custom-designed, it wouldn't be in any anti-malware/anti-virus definitions, and so he could do everything right and still wind up screwed. How many governments have asked that their malware not be added to the definition files again? ALL OF THEM.

Re:are people really this stupid (2)

TerraRasa (2573633) | more than 2 years ago | (#39892405)

If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them? Do these activists not use some super secret codes to tell each other they are who they say they are?

Re:are people really this stupid (5, Insightful)

Lunix Nutcase (1092239) | more than 2 years ago | (#39892511)

Because maybe he didn't actually know the person had been arrested to begin with? These political dissident arrests are not publically broadcasted, you know...

Re:are people really this stupid (3, Insightful)

alen (225700) | more than 2 years ago | (#39892707)

when the government is out to kill you, the way to operate is TRUST NO ONE. this is the way revolutionaries have operated for centuries. small cadre of leadership and you never trust anyone completely.

Re:are people really this stupid (5, Insightful)

Lunix Nutcase (1092239) | more than 2 years ago | (#39892781)

I you trust no one you can never form any groups. You eventually have to trust someone. Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.

Re:are people really this stupid (2)

slew (2918) | more than 2 years ago | (#39893891)

I you trust no one you can never form any groups. You eventually have to trust someone. Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.

Of course, you have to trust someone, but in a properly designed covert operation, that set of people is small (a so called "cell") or hierarchical (like a "handler") and you don't fully trust them either. If the cell is that small and the handlers only handle a few folks, the damage caused by misplacement of trust is limited. In this situation, if the cell or the cell's handler was compromized (e.g., arrested in this case), the other members of the cell might have known about it, or if they did not, the damage would be limited to their cell and not a large group.

This kind of stuff is covert operation 101. Even conventional forces have used it. For example, in WWII, the US and France used this Operation Jedburgh [wikipedia.org] . And if you are a Star Wars buff, Jedi is surprisingly similar to what they used to call these special force "Jeds"... Hmm... ;^)

Re:are people really this stupid (1)

rtfa-troll (1340807) | more than 2 years ago | (#39894265)

Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.

The problem here is that there seem to be a bunch of arm chair cryptographers who are advising these Syrian activists. It would be really really appreciated if those people that are doing this would try to understand the real consequences to real people and give some really careful advice about how to be more seriously secure.

I you trust no one you can never form any groups. You eventually have to trust someone.

The actual statement you were responding to was you never trust anyone completely.. That's a really really good thing. In fact; and this is where our "arm chair" advice is really breaking down; you should never trust even yourself completely.

  • If you do not have a list of the members of your organisation then you can not give it away; even under extreme torture
  • If your members seldom tell each other where they are, except on need, then the secret police will find it more difficult to pick them up.
  • if you poison your membership list with names of secret policemen, your enemies may pick up the wrong people (be very careful you don't end up telling them your plans :-) )
  • If you know who knows what it is easier to work out where your information is leaking from.
  • etc

Look at the IRA's cell structure which ensured that an arrested member should not know the names of more than those in his own cell. Basically we are talking about things like proper information security; assuming that your own computer is compromised by definition; using different levels of security, both in the computer and in code words and other things which mean that it's not just the computer you rely on.

What this is all talking about is limiting and reducing the need for trust. Ensuring that you limit damage. This seems to be a real problem with modern electronic activists.

Re:are people really this stupid (1)

cpu6502 (1960974) | more than 2 years ago | (#39892795)

If the U.S. revolutionaries had operated like that, we'd still be British. At some point you have to trust your fellow compatriots and share documents, otherwise you'll never get anything done.

BTW not even Fox Mulder followed the "Trust No One" mantra you quoted. He trusted his partner Scully. He trusted Deep throat and his partners. He trusted other conspiracy people he met along the way.

Re:are people really this stupid (1)

xerxesVII (707232) | more than 2 years ago | (#39893885)

He trusted the writers of his show to continue to write his lines.

Re:are people really this stupid (1)

girlintraining (1395911) | more than 2 years ago | (#39893267)

when the government is out to kill you, the way to operate is TRUST NO ONE. this is the way revolutionaries have operated for centuries. small cadre of leadership and you never trust anyone completely.

No, that's the way Fox Mulder operated, on a TV show. Revolutionaries are famous because they stood up publicly for an injustice. They won over the general populace with charisma, unwavering devotion to their cause, and courage. They didn't hide from their followers, or follow some anti-social creed.

Re:are people really this stupid (2)

alen (225700) | more than 2 years ago | (#39892717)

P.S.

you run a revolution like you set up a firewall. trust no one/block everything and accept trust on a case by case basis

Re:are people really this stupid (3, Insightful)

girlintraining (1395911) | more than 2 years ago | (#39892533)

If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them?

People occasionally get released from jail.

Do these activists not use some super secret codes to tell each other they are who they say they are?

No. They're political activists, not James Bond.

Re:are people really this stupid (2)

Lunix Nutcase (1092239) | more than 2 years ago | (#39892605)

Exactly. These people probably hooked up online and could have never even met face-to-face. There is no reason to expect that this guy necessarily would have known the other person was arrested. The secret police in countries
Ike Syria don't tell the world the names of people they arrest.

Re:are people really this stupid (1)

egamma (572162) | more than 2 years ago | (#39893749)

If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them?

Perhaps he had not heard that the other activist had been arrested? It's not like the Iranian government is going to advertise how much repression they are using.

Do these activists not use some super secret codes to tell each other they are who they say they are?

They are activists, not necessarily hax0rs or james bond types. C'Mon, they're using Skype to communicate.

Re:are people really this stupid (-1)

alen (225700) | more than 2 years ago | (#39892415)

the government is out to kill you and dump your body off a bridge

you accept a crazy exe file over skype from someone not in front of your face. how do you know where this person is. how do you know he's not arrested and having a gun pointed to his head

dumb dumb dumb

Re:are people really this stupid (1)

bmacs27 (1314285) | more than 2 years ago | (#39892625)

You could still be asking if he'd been compromised with a face to face meet. You need to trust something eventually. Further, I'm guessing you can trust physical meets much less than virtual meets given the situation in the street.

Re:are people really this stupid (0)

alen (225700) | more than 2 years ago | (#39892685)

face to face you can tell if the police beat him

and best case is you take a USB stick which you then scan on a stand alone computer suited for the task

Re:are people really this stupid (2)

Lunix Nutcase (1092239) | more than 2 years ago | (#39892721)

Sure, but whose to say that the person you meet face-to-face is the same person? The government could have easily killed the real person and had someone go in his place. Most of these dissidents probably met up online and would have no idea if they are meeting a real dissident or a government stooge. It's quite easy to criticize this person from your safe position thousands of miles away.

Re:are people really this stupid (1)

bmacs27 (1314285) | more than 2 years ago | (#39892773)

First of all, I'm guessing all of these guys look like the police beat them. Second of all, scan it how? Third of all, you ignored the part where they have to walk past the tank in the streets to hand off the USB stick.

Re:are people really this stupid (2)

girlintraining (1395911) | more than 2 years ago | (#39892669)

the government is out to kill you and dump your body off a bridge

That's disappointing. I insisted on being burned alive while they chanted "She's a witch!"

you accept a crazy exe file over skype from someone not in front of your face.

The file wasn't named crazy.exe, it was named something that, in that country, is a useful tool when you're using internet cafes and open wifi to communicate covertly: Mac address changer.

how do you know where this person is. how do you know he's not arrested and having a gun pointed to his head

Dude, this is the internet. For all you know, I'm a 7 line perl script that became sentient, crawled out of Rob Malda's server, built a robot exoskeleton, and now lives down a manhole in Brooklyn. That doesn't mean you just stop talking with people, or the rest of the world. Sometimes the benefits of communication, even in a hostile medium, outweigh the risks. As a political activist, you have to talk to strangers, and people who may not be who they say they are; How do they know you aren't the government spook... or sentient 7 line perl script?

A certain degree of trust is necessary in all communications.

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893137)

http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

Well, I fooled them! (1)

Anonymous Coward | more than 2 years ago | (#39892731)

Trusting a friend isn't stupid, it's what most people would do.

I let all my friends know that I'm untrustworthy and stupid. I also tell my friends that I don't trust them and that I think they're dummer than a bag of hammers. I got this whole security thinging down, baby!

Of course now, i don't have to worry about being infected by worms from friends because I have no friends.

Re:are people really this stupid (1)

cpu6502 (1960974) | more than 2 years ago | (#39892739)

>>>When the file comes from a trusted source, it's not stupid. You have to trust someone eventually

Exactly. If I got a file from a Ron Paul activist, and it was someone I knew, I'd run it without hesitation. How would I know the Paulbot friend had been arrested and his/her account was actually the DHS in disguise?

Re:are people really this stupid (1)

causality (777677) | more than 2 years ago | (#39893347)

>>>When the file comes from a trusted source, it's not stupid. You have to trust someone eventually

Exactly. If I got a file from a Ron Paul activist, and it was someone I knew, I'd run it without hesitation. How would I know the Paulbot friend had been arrested and his/her account was actually the DHS in disguise?

Eh I don't know about you, but if someone offered me a binary executable for the purpose of changing my MAC address, I would tell them "no thanks, I'll just use the built-in 'ifconfig' utility". I like that option better than playing amateur cloak-and-dagger.

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893747)

Exactly, I created a shell script to make it easier:

me@mycomputer:~$ more ~/bin/newmac
#!/bin/bash

sudo ifconfig ${1} down
sudo ifconfig ${1} hw ether ${2}
sudo ifconfig ${1} up

Example usage:

me@mycomputer:~$ newmac wlan0 00:19:d2:57:83:76

Re:are people really this stupid (1)

lightknight (213164) | more than 2 years ago | (#39893543)

"Exactly. If I got a file from a Ron Paul activist, and it was someone I knew, I'd run it without hesitation. How would I know the Paulbot friend had been arrested and his/her account was actually the DHS in disguise?" -> I do love the insinuation that the RP Libertarians would be engaged in some sort of subversive activity that somehow would require the attention of DHS (even the Amish get special love from DHS, because, you know, they pose some sort of a special threat, with all that barn-raising and selling of sweet corn from the back of a horse & buggy), but realistically, running executable set to you via a messenger service is almost never a good idea. I guess the way around that is to ask for a voice / video chat, and to have a single-use, personal code-word / phrase for "I've been caught."

Re:are people really this stupid (1)

Hatta (162192) | more than 2 years ago | (#39892825)

When the file comes from a trusted source, it's not stupid. You have to trust someone eventually

"Skype" isn't a trusted source. If you're dealing with a government that's out to get you, anything that isn't cryptographically signed is untrusted. Assume everything is untrusted until it's verifiably trustable.

Re:are people really this stupid (1)

Lunix Nutcase (1092239) | more than 2 years ago | (#39892877)

That's all well and good to say but ignores the reality of how these dissident mvements work in these third world countries. And just because something is cryptographically signed doesn't mean it's trustworthy. Whose to say the government doesn't have forged certs? These people are rag tag groups of people who meet up online, not cryptographic specialists.

Re:are people really this stupid (1)

Hatta (162192) | more than 2 years ago | (#39893211)

That's all well and good to say but ignores the reality of how these dissident mvements work in these third world countries.

The reality is that they're not educated enough to do it. There's no reason they couldn't be educated, if someone decided it was worthwhile. In cost benefit terms, it's absolutely worthwhile. So all that's needed is for the resistence to realize that and do some work.

And just because something is cryptographically signed doesn't mean it's trustworthy. Whose to say the government doesn't have forged certs?

This is a good point. The Syrian government could easily have acquired his private key when they arrested him, and beaten his passphrase out of him. To protect against that, they need a revocation certificate sent on a dead mans switch.

These people are rag tag groups of people who meet up online, not cryptographic specialists.

If your life depends on it, you think you'd take the time to figure out what you can do to protect yourself.

Re:are people really this stupid (1)

girlintraining (1395911) | more than 2 years ago | (#39893297)

If your life depends on it, you think you'd take the time to figure out what you can do to protect yourself.

Anonymity deflects more bullets than body armor. All cryptography does is compromise your anonymity.

Re:are people really this stupid (1)

Hatta (162192) | more than 2 years ago | (#39893367)

All cryptography does is compromise your anonymity.

Really? So if I post a private key in this thread, and you encrypt your response with that key, how does that compromise either of our anonymity?

Re:are people really this stupid (2)

girlintraining (1395911) | more than 2 years ago | (#39893149)

"Skype" isn't a trusted source. If you're dealing with a government that's out to get you, anything that isn't cryptographically signed is untrusted. Assume everything is untrusted until it's verifiably trustable.

Are you trying to get these people killed? Political activists don't show up at a meeting and spend the first half hour checking each other's credentials and signing each other's PGP keys. Why not? Anonymity is valued by the participants, who often exchange contact information under pseudonyms. Crytographically signing things means verifying the participants identity, which would make it easier for the government to identify and arrest the activists, not harder. With cryptographically signed communication, someone who's system or person had been compromised could have the communications proved beyond a doubt to have come from you.

If you are greatly outclassed by your opponent, your only protection is anonymity or (failing that), plausible deniability. The use of cryptography blows both of those away, and provides no additional protection in the process whatsoever: The government isn't going to use a multibillion dollar computer network to crack your encryption key, they're going to use brick and your face.. and when they're done with you, they'll probably put you in a feces-filled jail cell for the rest of your life because you were using crypto, which shows you were more than casually involved with the political subversives; you planned this out carefully (if badly). Most governments are a lot harsher on people who try to run from them than they are for people who can raise the defense they were in the wrong place at the wrong time, or just curious.

Re:are people really this stupid (3, Informative)

Hatta (162192) | more than 2 years ago | (#39893315)

Anonymity is valued by the participants, who often exchange contact information under pseudonyms. Crytographically signing things means verifying the participants identity

You don't have to completely identify yourself to get a benefit from cryptographic signatures. All you really need to know is that the Ahmed you corresponded with today is the same Ahmed you corresponded with last week. To do that, all you need to know is that the key used today is the same key that was used last week. This trivial precaution would have protected against this attack.

These guys aren't anonymous, they're pseudonymous. The key can be their pseudonym without compromising their actual identity in any way.

Re:are people really this stupid (1)

lightknight (213164) | more than 2 years ago | (#39893605)

More realistically, the best of kind of operational security is to assume that any security system will be compromised. All the cryptography in the world can't help you if they put a physical key-logger on your machine, while you're picking up groceries.

Re:are people really this stupid (1)

parlancex (1322105) | more than 2 years ago | (#39893179)

It was also kind of stupid that he thought he needed a 3rd party utility to change his system's MAC address, and also kind of stupid that he thought that this would provide any additional anonymity if he was already behind a home router; remote systems beyond your first gateway never see your layer 2 address.

Re:are people really this stupid (-1)

Anonymous Coward | more than 2 years ago | (#39893247)

When the file comes from a trusted source, it's not stupid.

No, what's stupid is being in such a precarious situation and still using an OS that doesn't provide built-in system tools for such basic things as configuring a NIC, including the MAC address, because said OS from Redmond assumes you're an idiot who would only be confused by such things since you hate learning and cannot RTFM or Google it. See, that's the scenario that had to happen first, before these activists could have even considered the risk of trusting an unknown .exe file. But not for that, the guy would have said "I don't need your .exe to do that, therefore I suspect you are not being honest with me." You see, for an activist under an oppressive regime who might have a need to fine-tune certain settings, Windows is a terrible choice. It is a stupid choice, even if it's great for the American reading this.

That kind of stupidity is a luxury you can't get away with when you have an oppressive government actively trying to get you. Then you can afford to be a drooling Joe Sixpack consumer-type who doesn't understand operating systems and network hardware so you use whatever requires the least understanding, like a lazy person with no desire to broaden his own horizons and educate himself unless strictly necessary to earn a living. These guys? Not so much. Different situation entirely. They cannot afford to be passive and intellectually lazy. They need a system that expects technical knowledge and provides the tools someone with such knowledge would need. I'm partial to Linux but any Unix or Unix-like OS (such as FreeBSD) would have avoided this situation entirely.

The idea that you should need an external, third-party executable file to FULLY configure your NIC is fucking absurd. *nix's "ifconfig" program has been able to do this for how many decades now, out of the box, no third-party software required?

Re:are people really this stupid (1)

dgower2 (1487929) | more than 2 years ago | (#39893633)

I sense a bit of hostility towards people less technical than yourself. I take it you don't provide technical support to anyone?

Re:are people really this stupid (1)

_0xd0ad (1974778) | more than 2 years ago | (#39893927)

using an OS that doesn't provide built-in system tools for such basic things as configuring a NIC, including the MAC address, because said OS from Redmond assumes you're an idiot who would only be confused by such things

Eh? My Windows must be broken, because I was able to do it just fine.

My Computer
Other Places, My Network Places
Network Tasks, View Network Connections
Right-click "Local Area Connection", Properties
Under "Connect using: Broadcom NetXtreme Gigabit Ethernet", Configure...
"Advanced" tab, "Locally Administered Address" property
Click the radio box on "value", type something.

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893619)

I can create a fully undetected trojan in ten minutes from any remote access Trojan.
The problem here was not knowing how to manually
change the physical address of thenic.

This is not the users fault..

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39892421)

someone ask the greeks to teach them a lesson in security while revolting against an oppressive government

Not nearly as opressive as they deserve.

Signed,

    The German taxpayer's.

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893313)

The German taxpayer's WHAT? Don't leave us hanging!

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893981)

The same germany who has a 80 billion euro debt toward Greece ?

Re:are people really this stupid (1)

K. S. Kyosuke (729550) | more than 2 years ago | (#39892431)

If you feel like running the binary someone just sent you, hash the binary and google the result. Chances are it will tell you something and it only costs you a few seconds. And if you're one of those people who aren't willing to run anything like that, not even in a sandbox, you can at least tell the sender that he's an iDiot, with a proof attached.

Re:are people really this stupid (1)

cpu6502 (1960974) | more than 2 years ago | (#39892871)

How do you do that when the programmers are changing the code (and therefore the hash) every week?

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893485)

You're looking for known-good software, not known-bad software. It's "difficult" to make a file that has the SHA1 hash of a good file but is indeed a bad file.

Re:are people really this stupid (1)

matunos (1587263) | more than 2 years ago | (#39892437)

You mean like if you think you're chatting with a fellow dissident and he sends you a tool named MACAddressChanger ostensibly to help you change your MAC address?

Your prescribed security measures are not only dumb in general, here in 2012, but they're completely oblivious of the story at hand.

And I'm pretty sure the Syrian army is dumping dead bodies because they are a frickin' army against a barely armed motley crew of civilians and defectors. You should probably live in a city being shelled by artillery and covered by snipers before you start criticizing others' security failures.

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39892611)

This is always the tired answer that every faceless boob posing as a super-geek gives to every Slashdot security breach story. Some user, or some admin, or some human somewhere is always too big of an idiot and did something stupid that the author would NEVER EVER do.

Nevermind that the author is posting from the air conditioned comfort of some university computer lab somewhere, access paid for either by his parents or some loan he will never pay back. Thinking of whether he will eat out of a vending machine or at one of the many garishly decorated sandwich shops bordering campus. Knowing full well that he will never be the subject of a Slashdot security breach story, not because he would NEVER EVER do anything that would allow a breach, but because no one cares enough to try to breach him in the first place.

So when Iranian centrifuges are destroyed by a worm in their control network, OP can sit back with smug laughter and claim that had he been in charge he'd have ruthlessly enforced an air gap. And if he were huddling in a scarcely furnished apart having to hide his every activity from armed troops, he double scanned and Google check the hash of every file he received, in a sandboxed VM running on BSD, of course.

Idiots.

Re:are people really this stupid (1)

dgower2 (1487929) | more than 2 years ago | (#39893781)

Excellent post!

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39892473)

Windoze users still fall for the jessicaalbanudes.jpg.exe trick. They don't call it point-and-drool for nothing!

Re:are people really this stupid (4, Funny)

Lundse (1036754) | more than 2 years ago | (#39892671)

Windoze users still fall for the jessicaalbanudes.jpg.exe trick. They don't call it point-and-drool for nothing!

Your hyperlink is not working, please repost!

Re:are people really this stupid (1)

bmacs27 (1314285) | more than 2 years ago | (#39892805)

LOL at comparing living under Bashar Al-Assad to retiring at 54.

Re:are people really this stupid (1)

sl4shd0rk (755837) | more than 2 years ago | (#39893153)

unless the name and file type looks halfway legit and you can trust the person 100%

did you even read the summary?
"The problem was that the fellow activist had already been arrested and could not have started the chat."

Re:are people really this stupid (0)

Anonymous Coward | more than 2 years ago | (#39893671)

it's 2012, don't accept any file from anyone unless the name and file type looks halfway legit and you can trust the person 100%

The victim was trying to change his MAC address, and he accepted a program called "MAC Address Changer" from someone he knew. I have absolutely no idea what kind of cognitive dysfunction you're afflicted with that would have caused you to take that lesson from this example. You need to see a doctor.

this is why the syrian army is dumping dead bodies in a river. the people are too dumb to exercise security

Seriously, even if you're just a really bad troll, there's something wrong with your brain. You are blaming people for being killed by the Syrian army because they're not careful enough when they download files through Skype.

The Syrian army is breaking into houses, killing people, dumping their body on the street, and then shooting anyone who tries to collect the body. And you're saying it's the victim's fault, because of computer viruses. Call a friend or family member and tell them that there's something wrong with you, and you need to be institutionalized for your own protection. Do it today.

Re:are people really this stupid (1)

crazyjj (2598719) | more than 2 years ago | (#39894253)

The Syrian government figured out the Achilles heal of any Muslim. Just call the file "Allah Akbar" and they'll blindly open it up.

Meanwhile in America (3, Insightful)

Overly Critical Guy (663429) | more than 2 years ago | (#39892315)

Meanwhile, the Obama administration is arguing that requiring warrants for cellphone records "cripples" investigators [reuters.com] . No malware needed here in the U.S. Just fearmongering.

Re:Meanwhile in America (0)

Anonymous Coward | more than 2 years ago | (#39892787)

Didn't take long before some jerk on this site started bashing America. Yeah I can see the similarities here.

Re:Meanwhile in America (0)

Anonymous Coward | more than 2 years ago | (#39892979)

I acknowledge your inability to refute the post.

Re:Meanwhile in America (2)

causality (777677) | more than 2 years ago | (#39893475)

Didn't take long before some jerk on this site started bashing America. Yeah I can see the similarities here.

Make no mistake, neutering the Fourth Amendment is a step towards a government like Syria's. It's what you would do if you admired Syria and wanted to eventually become like them.

I don't like him one bit, but I believe Obama is an intelligent man. He is more than smart enough to be aware of this.

Like the other AC said, we note you failed to refute the post.

Re:Meanwhile in America (1)

girlintraining (1395911) | more than 2 years ago | (#39893375)

Meanwhile, the Obama administration is arguing that requiring warrants for cellphone records "cripples" investigators. No malware needed here in the U.S. Just fearmongering.

When Obama starts looking the other way to the mobile raping vans to silence activist women and sends in the army to level neighborhoods of political undesireables, and we're all working at the new minimum wage of $4 an hour, I might be willing to entertain the idea that we're in the same boat as activists in Syria.

And besides, the President can argue that until he's blue in the face -- without congressional support, it's dead on arrival. Tell me, do you even know who your congressional representatives are? You're directing all this anger at a man who is nothing more than a figurehead while the people actually responsible for the decision go unnoticed.

Skype is not the key.... (4, Insightful)

mseeger (40923) | more than 2 years ago | (#39892319)

It is not Skype they use, but the gullibility of the users. Skype is only remotely involved...

Re:Skype is not the key.... (2)

sobachatina (635055) | more than 2 years ago | (#39892365)

Skype is only remotely involved...

+1 for the pun.

Re:Skype is not the key.... (1)

tobiasly (524456) | more than 2 years ago | (#39893453)

It is not Skype they use, but the gullibility of the users. Skype is only remotely involved...

No kidding, what a misleading title. Makes it sound like they're using some Skype vulnerability.

RAT (1)

CosaNostra Pizza Inc (1299163) | more than 2 years ago | (#39892337)

How do you say "Big Brother" in arabic?

Re:RAT (1)

K. S. Kyosuke (729550) | more than 2 years ago | (#39892457)

"Allah"?

Re:RAT (0)

girlintraining (1395911) | more than 2 years ago | (#39892703)

How do you say "Big Brother" in arabic?

"Fucking Americans."

Re:RAT (1)

Nidi62 (1525137) | more than 2 years ago | (#39893193)

How do you say "Big Brother" in arabic?

Uch kabir, roughly

Re:RAT (2)

Nidi62 (1525137) | more than 2 years ago | (#39893209)

How do you say "Big Brother" in arabic?

Uch kabir, roughly

Well, I guess Ukh kabir, to avoid confusion of pronunciation

Trust... (1)

Sez Zero (586611) | more than 2 years ago | (#39892363)

Initial infection occurred when the activist accepted a file called MACAddressChanger.exe over the chat.

Trust no one.

Re:Trust... (2)

bmacs27 (1314285) | more than 2 years ago | (#39892479)

The issue is that then you can't build any sort of a useful network. In the absence of trusted peers, there is no benefit to this sort of technology. Darknets suffer from the same vulnerability. Once the trusted circle has been infiltrated, security goes out the window.

Re:Trust... (1)

Sez Zero (586611) | more than 2 years ago | (#39893279)

Ok, how about "trust, but verify"?

Although, I wonder what it says about me that my "security model" is based on quotes from X-Files and Ronald Reagan?

Re:Trust... (1)

chill (34294) | more than 2 years ago | (#39892481)

Good luck in coordinating any sort of group activity with that mentality. If you go 100% lone wolf, your cause is lost and nothing of significance will change.

Re:Trust... (0)

Anonymous Coward | more than 2 years ago | (#39892583)

Exactly. *Someone* has to be trusted.

I'm trying to do my part be working on an open source solution that just requires a shared password (which is probably the most advanced method these rebels/activists could *actually* employ). Check it out at http://andrewcreed.com/keyshanc/

If you're skeptical, the source is at https://github.com/Networc/networc.github.com

Re:Trust... (1)

bmacs27 (1314285) | more than 2 years ago | (#39892687)

How is this any different than the government knowing his Skype password? A gun to the head of a trusted party blows a hole in just about any security measure. Basically you are counting on that person sacrificing their life to maintain the trust. That's a tough sell.

Re:Trust... (1)

Networc (2631409) | more than 2 years ago | (#39892861)

A gun to the head of a trusted party blows a hole in just about any security measure.

Well, if you want to use that example, then really "A gun to the head of a trusted party blows a hole in *every* security measure." Even if the encryption method is perfect, all the Syrian Army has to do is demand to know what the decrypted message was. And so, I guess the answer is to just give up. (BTW, I was the "anonymous coward" - wasn't logged in.)

Re:Trust... (1)

bmacs27 (1314285) | more than 2 years ago | (#39892963)

Not every security measure. There is always the kung fu double deke deus ex machina.

Re:Trust... (1)

chill (34294) | more than 2 years ago | (#39894071)

Trust is limited, not absolute. The model that seems to be the most workable in real-world situations is the clandestine cell system [wikipedia.org] .

If you're really interested, you also want to understand the concept of transitive trust [doublersolutions.com] . (Note: This link is not the most definitive example, but it works.)

The point is creating a system where the damage from a compromise, which is most likely inevitable, is compartmentalized and thus minimized.

Re:Trust... (1)

lightknight (213164) | more than 2 years ago | (#39893733)

Nonsense. Assuming you are engaging in some...parlaying with a foreign power, you can give Uncle Sam a call, and he'll find an arrangement that will work to his, and sometimes your, benefit. Does anyone know if the CIA has a 1-800 number? I ask, because the amount of armaments we ship abroad to various groups dissatisfied with their host governments is truly staggering, and it lends to some thought that they must have some operators and an order fulfillment system at Langley somewhere. I mean, my God, the amount DHS must spend on freight costs alone should raise some eyebrows whenever our Legislature reviews their annual budget.

Syrian activists use Skype to overthrow government (0)

Anonymous Coward | more than 2 years ago | (#39892387)

(In related news)

Bad Summary (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39892407)

"Syrian Government Uses Social Engineering To Push Malware To Activists."

They could be using e-mail for the same thing. Or other IM channels that offer direct connect. Or Dropbox. Or any other channel.

The clever bit is trying to convince people to download and run an unknown tool by impersonating someone they've imprisoned.

Re:Bad Summary (1)

sdnoob (917382) | more than 2 years ago | (#39892501)

the clever bit was done by the headline author, implying it was all microsoft's fault.

Re:Bad Summary (0)

Anonymous Coward | more than 2 years ago | (#39893051)

Didn't you read the comments in the article about Win 8 not having dvd playback built in by default? It's ALWAYS Micro$oft's fault.

the formula (1)

nimbius (983462) | more than 2 years ago | (#39892455)

is simple.
1. find current affair or topic of notice or interest to customers
2. find a vector for product placement
3. profit.
the article is perfect, it has no names or citations, no dates or other identifying information and cant have those used to refute it as it falls under the auspices of "well, its a war ya know." I wonder how many vodka tonics it took the guys at f-secure's marketing department before they came up with this crap.
the only thing this "report" serves to do is frighten the general public into purchasing anti virus software. on the bright side, it seems as though slashdot is getting better with slashvertisements!

Stupid Story (0)

Anonymous Coward | more than 2 years ago | (#39892461)

This really is a very stupid, uninteresting story.
Guy runs .exe that contains malware.
I would like to read interesting things, not completely uninteresting stories like this one.

Re:Stupid Story (0)

Anonymous Coward | more than 2 years ago | (#39892869)

Guy runs .exe that contains malware.
Western propaganda machine blames enemy government.

That is, indeed, not news.

Microsoft Security? (1)

The Asmodeus (18881) | more than 2 years ago | (#39892483)

*snarky MS comment on*
Well you knew this would happen shortly after Microsoft bought them....
*snarky MS comment off*

Turing Test Fail (0)

Anonymous Coward | more than 2 years ago | (#39892517)

How do you know the person at the other end of a remote chat is actually human?

If they REFUSE TO DOWNLOAD AND RUN ANY DANG FILE you give them.

May the Force be with the Rebels (1)

ackthpt (218170) | more than 2 years ago | (#39892549)

On this day and always.

Sandbox (0)

Anonymous Coward | more than 2 years ago | (#39892567)

See above.

To all Syrian Activists (4, Informative)

Kjellander (163404) | more than 2 years ago | (#39892935)

In order for this not to happen again do the following:

Stop using Windows and MacOSX.
Download and install Fedora F16.
When installing, encrypt the harddrive with a really hard to break password.
Install pidgin and off the record like this: 'yum install pidgin pidgin-otr'
Generate keys and verify them before communicating.
Be _very_ careful if who you usually talks to changes their key, they might have been arrested.
Never ever communicate in the clear.

Using this strategy you will not be immune, rubber-hose-cryptanalysis with still defeat this. Also you can be tracked so your oppresive government can see that you communicate, they will just not be able to read what you are saying. And not using major OSes will keep you away from the most common exploits and trojans.

Also, try to use TOR, HTTPS-everywhere and other good tools.

References:
https://fedoraproject.org/ [fedoraproject.org]
http://fr2.rpmfind.net//linux/RPM/fedora/16/x86_64/pidgin-otr-3.2.0-4.fc15.x86_64.html [rpmfind.net]
http://www.cypherpunks.ca/otr/ [cypherpunks.ca]

Good luck.

Re:To all Syrian Activists (1)

reve_etrange (2377702) | more than 2 years ago | (#39894031)

Install pidgin and off the record like this

Good advice. I was going to post something similar but you beat me to it.

What's so great about OTR? It doesn't just provide end-to-end encryption, but uses a model which supplies plausible deniability and perfect forward secrecy. That means that after an encrypted conversation is over, there is no way of associating it with you, and that if your keys are compromised past messages cannot then be decrypted.

the real problem (1)

LodCrappo (705968) | more than 2 years ago | (#39892985)

Misunderstanding of what a MAC address is and how they work, that is the crux of the issue.

why, i always accept files via Skype! (0)

Anonymous Coward | more than 2 years ago | (#39893021)

'cause i'm wee-todd-ed!

Tonight... (1)

Impy the Impiuos Imp (442658) | more than 2 years ago | (#39893189)

Next, on Real TV: When script kiddies go bad -- Real bad.

Shouldn't that read.... (1)

Dcnjoe60 (682885) | more than 2 years ago | (#39893381)

Shouldn't that read: Syrian Government Uses Microsoft Products To Push Malware To Activists since Microsoft owns Skype?

Maybe it's time to drop the free as in beer when talking about opensource and use free as in speech.

Re:Shouldn't that read.... (1)

reve_etrange (2377702) | more than 2 years ago | (#39894091)

I think it should read, "Syrian Government Uses Instant Messaging File Transfers to Push Malware to Activists."

Nothing about the attack couldn't have been done over AIM, or ICQ, or MSN, or IRC, or Jabber, because all of those protocols provide a means for exchanging files with other users.

Syrian government? You mean our government. (0)

Anonymous Coward | more than 2 years ago | (#39893411)

Seeing how the Syrian uprising and violence attributed to the military is actually is a CIA/Blackwater/Mossad [rt.com] driven coup, I have a hard time believing that this was the Syrian government. Even if it was, they are likely trying to flush out that element.

They should consider using GPG signatures (0)

Anonymous Coward | more than 2 years ago | (#39893813)

Actually, two signatures. A real signature that would identify a person to the community. And a fake one that could be given away when he eventually gets caught and tortured. As soon as the community spots the fake one in use, they would know that the person has been detained.....

MAC address changer = right-click, properties (0)

Anonymous Coward | more than 2 years ago | (#39893931)

Don't try to be sly on the internet if you don't know how it works.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...