Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI Says They're Now Working 24/7 To Investigate Hackers and Network Attacks

samzenpus posted about a year ago | from the better-late-than-never dept.

Security 74

An anonymous reader writes "The Federal Bureau of Investigation (FBI) is finally stepping up its game when it comes to hackers. Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago, but either way, the FBI is now hunting hackers 24/7." I'm happy that the FBI no longer has an investigation schedule when it comes to online crime, but I have to think that I'm not the only one who assumed they were doing this before.

cancel ×

74 comments

Pet peeve... (1)

Anonymous Coward | about a year ago | (#41809823)

can we get a 24/7 task-force after rachel from card services?

Better yet, seal team six.

Re:Pet peeve... (4, Funny)

MyLongNickName (822545) | about a year ago | (#41809991)

can we get a 24/7 task-force after rachel from card services?

Better yet, seal team six.

My understanding is this is the real reason that we sent a Seal team to Pakistan. Here is part of the transcript I intercepted.

Team Six: It appears intelligence was not accurate.
H Clinton: Oh no. You can't mean....
Team Six: No, it isn't Rachel, it is just Osama.
H Clinton: Damn
Team Six: Aborting mission....
Obama: Maybe we can get some good press out of this anyhow
H Clinton: Maybe.
Team Six: You want us to off him?
Obama: Yeah, what the heck. It won't be the same, but I am sure it will get me some points in the approval ratings. God knows I'm not doing well right now.
Team Six: You got it.

and that my friends is the rest of the story.

Re:Pet peeve... (0)

Anonymous Coward | about a year ago | (#41810023)

damn, she is one sneaky bitch!

Re:Pet peeve... (0)

Anonymous Coward | about a year ago | (#41810067)

Was that an excerpt from SEAL Team Six: The Novel (#1 in ongoing hit series) [amazon.com] ?

Re:Pet peeve... (1)

Paracelcus (151056) | about a year ago | (#41810975)

The busiest corpse in the terrorist industry!

And if you believe the governmental narrative, the proverbial bridge is still for sale!

Re:Pet peeve... (1)

Anonymous Coward | about a year and a half ago | (#41818169)

how can she possibly have time to call you when she's constantly on the phone with me?

Downshift in spambot activity (1)

smagruder (207953) | about a year ago | (#41809841)

I've been noticing a downshift lately of spambot activity on my websites. Maybe this is why?

Re:Downshift in spambot activity (1)

kelemvor4 (1980226) | about a year ago | (#41811699)

I've been noticing a downshift lately of spambot activity on my websites. Maybe this is why?

I think it's unlikely any actual good has come from increased law enforcement. It's more likely that your downshift is just coincidence.

Re:Downshift in spambot activity (1)

bentit (2763157) | about a year and a half ago | (#41815485)

A customer in France was claiming they were having trouble with their email....coincidence?

Re:Downshift in spambot activity (1)

smagruder (207953) | about a year and a half ago | (#41816385)

Why is that unlikely?

Re:Downshift in spambot activity (1)

SomePgmr (2021234) | about a year and a half ago | (#41819993)

I'm not the GP, but I'd guess the FBI wouldn't spend all of its time and resource tracking down, catching, and incarcerating thousands of random (and relatively harmless) spammers in Shantytown, Nigeria. At least not so much that you'd notice a big change by way of random sample.

More likely they're trying to deal with larger criminal operations developing malware and such to steal credit cards, and getting foreign law enforcement the appropriate info to deal with them. I could be wrong though... I don't work for them or anything.

Rly? (4, Interesting)

ugen (93902) | about a year ago | (#41809847)

Since this is /., I am not quite sure how to react - perhaps someone will enlighten me?

Do we *like* the idea that a federal agency is taking online crime seriously and increasing its investigative efforts? Or do we decry even larger invasion of privacy by the lead-fisted government into private citizens lives? Assuming, of course, that any investigation of online crimes would have to at a very least get access to various online resources, logs and data, most likely not voluntarily shared by many parties who go to great lengths to be difficult to identify. You know what *that* means.

Re:Rly? (4, Interesting)

Tanktalus (794810) | about a year ago | (#41809919)

Don't worry. Excepting Hawaii, the US working hours are only about 10 hours long (9AM on the East coast to 5PM on the West coast), the rest have been outsourced to India and China.

More seriously, if the FBI is using proper legal procedures, including valid (not secret) warrants, then fighting crime is perfectly valid. Well, assuming they're fighting what we'd call crime, I suppose. If they're going after small-time pirates for downloading the latest American Idol, it seems like a waste. If they're going after the guys actually trying to lure kids for child porn, or those trying to hack in to the federal government or one of the corporations that owns the federal government, then the question is why they weren't doing it before.

Re:Rly? (1)

Synerg1y (2169962) | about a year ago | (#41810263)

I'd imagine it would be to defend the government most likely, last I heard the private sector was still private. Now on a 24/7 timeline working 9-5... government hours, I think we come out to let's see... 1 hour of dedicated work a day.

Re:Rly? (1)

rtb61 (674572) | about a year and a half ago | (#41812263)

Quite simply 24/7 represents working a global internet environment. Attacks originate from all over the globe and the absolute best way to run a honey pot is to do it live, to be at the machine when the attack is occurring to more closely monitor it and to run 'hmm' counter investigations, on the attacking IP and adjoining IP address space. In the normal working day cycle you really are on tracking local attacks which of course is still important by keeping track of the opposite side of the world is more important considering the rampant corruption in those locations ie information from intelligence agencies is more likely to bleed of into organised crime.

Not to forget 'Anonymous' is a global target of mysterious mischief to the FBI all though after their last munificent blunder of their being the most active 'Anonymous' group on the internet, they are not playing any more. So 24/7 makes real good sense you can expect they will force some partnerships on the other side of the world in order to more readily facilitate that operation. You can either have pissed off agents with no family life working off preferred cycle or you can shift operations to a location where their off duty life is maintained whilst they are still running investigations in the US via the internet in the night cycle ie they would not be operating in the country, they would be just living in that country, whilst they are digitally operating in the US.

Now that's more effective lateral thinking, they also gain closer access to often ignored points of attack and well as local investigatory resources. http://www.youtube.com/watch?v=MHWLSypLFNM [youtube.com] . Like Canada no will not be accepted as an answer.

Re:Rly? (1)

dropadrop (1057046) | about a year ago | (#41810331)

As somebody who has often tried to get the FBI to investigate pretty clear hacking cases and only succeeded once, this does sound good.

Unfortunately it could also mean they will now be using even more of those scarse resourses to investigate something silly lowering my chances even further next time.

Re:Rly? (0)

Anonymous Coward | about a year ago | (#41810367)

Since this is /., I am not quite sure how to react - perhaps someone will enlighten me?

Do we *like* the idea that a federal agency is taking online crime seriously and increasing its investigative efforts? Or do we decry even larger invasion of privacy by the lead-fisted government into private citizens lives?

We suspect that there's a new boss who is throwing his predecessor under the bus.

Re:Rly? (2)

Mike Buddha (10734) | about a year ago | (#41810383)

It depends on who you want to troll.

Re:Rly? (1)

kelemvor4 (1980226) | about a year ago | (#41811705)

Since this is /., I am not quite sure how to react - perhaps someone will enlighten me?

Do we *like* the idea that a federal agency is taking online crime seriously and increasing its investigative efforts? Or do we decry even larger invasion of privacy by the lead-fisted government into private citizens lives? Assuming, of course, that any investigation of online crimes would have to at a very least get access to various online resources, logs and data, most likely not voluntarily shared by many parties who go to great lengths to be difficult to identify. You know what *that* means.

Yes

Re:Rly? (3, Insightful)

HPXX (1189589) | about a year ago | (#41811763)

I was about to post a longer post but changed my mind. The conclusion I reached was: No, we don't like this since we can't trust them. As you mentioned they will have to collect data, and they will misuse it. Once they have this data, they will stray away from the original purpose and be used for solving lesser (easier) crimes in order to bring statistics up.

How often is the data they collect actually used to attack and stop the source, rather than the distributors? Cutting a leg off won't do very much.

Re:Rly? (0)

Anonymous Coward | about a year ago | (#41812107)

Do we *like* the idea that a federal agency is taking online crime seriously and increasing its investigative efforts? Or do we decry even larger invasion of privacy by the lead-fisted government into private citizens lives?

Or do we go onto slashdot, post a false dichotomy clumsily disguised as another rhetorical rant, and get modded up +5 by default?

Re:Rly? (0)

Anonymous Coward | about a year and a half ago | (#41815403)

Since this is /., I am not quite sure how to react - perhaps someone will enlighten me?

Do we *like* the idea that a federal agency is taking online crime seriously and increasing its investigative efforts? Or do we decry even larger invasion of privacy by the lead-fisted government into private citizens lives? Assuming, of course, that any investigation of online crimes would have to at a very least get access to various online resources, logs and data, most likely not voluntarily shared by many parties who go to great lengths to be difficult to identify. You know what *that* means.

Telling you how to feel or what to think is exactly the opposite of enlightening you.

I'm not sure that's good news (5, Insightful)

Trepidity (597) | about a year ago | (#41809855)

Unless the FBI's rate of doing good vs. harm in cybersecurity significantly improves, I think I would've preferred the old schedule. Not sure we need a 24/7 task force dedicated to extraditing filesharers from other countries.

CHecks and balances (0)

Anonymous Coward | about a year ago | (#41810307)

I don't have that much of a problem with what the FBI is doing - BUT, I wish there were more checks and balances than a rubber stamping judge when shown a some sort FISA warrrant - and no, as far as I'M concerned, unless _I_ see it, it's a rubber stamp: I don't trust Government - period,

Yeah, yeah, yeah, terrorism - blah dee blah da.

Fuck off - J. Edgar Hoover and his blackmail operations - FBI has the burden of proof that they aren't assholes. They are the SECRET POLICE of the US of A - FUCK YOU! THEY have to prove that they are doing what they are doing for America's good.

Don't like it?!? Too fucking bad! Go work for the Russians you assholes.

As a Libertarian, I consider YOU the Terrorists!!

Re:CHecks and balances (1)

sumdumass (711423) | about a year and a half ago | (#41814243)

hmm... all this time I thought the NSA was the secret police in this nation.

Re:CHecks and balances (0)

Anonymous Coward | about a year and a half ago | (#41815455)

hmm... all this time I thought the NSA was the secret police in this nation.

My understanding is that NSA are cypher makers/breakers.

Re:CHecks and balances (1)

sumdumass (711423) | about a year and a half ago | (#41815719)

There is a lot that is thought to be unknown about the NSA. The running joke for the longest of time was that NSA stood for No Such Agency. It wasn't until relatively recently (1990s) the government commonly acknowledged it existed as a real agency. It was created by a memo to the director of the CIA, so for a while, it might not have legitimately existed as a government agency.

Part of their tasks besides cypher makers/breakers, is signals intelligence including covert operations in order to secure points of listening for foreign and terrorist entities (ivory bell for instance). They have been dispatched as parts of several different organizations at the same time while operating on their own independent organization possibly leading to confusion to what they actually do. This combined with the the agency largely being hidden/not widely known about is probably why there is so much mystery and conspiracy surrounding it (there is a lot of conspiracy). A lot of that has been debunked and a lot has been ignored and a lot is pure fiction created for artistic references in movies and books.

I was hoping people would get the No Such Agency reference as it is now a widely known secrete agency.

Re:I'm not sure that's good news (2)

Paracelcus (151056) | about a year ago | (#41811027)

They will continue to "catch" the same old dumbasses who like to take really cool sounding "hacker" names and let the people around them know how cool and powerful they are!

Re:I'm not sure that's good news (1)

Impy the Impiuos Imp (442658) | about a year ago | (#41811353)

A spy organization monitoring the situation would note the increase in "chatter" and activity in the US government, suggesting something is up.

I wonder.

Launch drone strikes (0)

Anonymous Coward | about a year ago | (#41809875)

The FBI needs to launch drone strikes on hackers. After all they are pointing out security risks and we cannot allow that.

Ah, the FBPI is born (0)

Anonymous Coward | about a year ago | (#41809883)

Federal Bureau of Proactive Investigation.

Whether this is a good or bad thing is another question, considering their alliances with certain corrupt groups in the past.

Callcentric (4, Interesting)

Tokolosh (1256448) | about a year ago | (#41809891)

I hope (vainly) that they are concentrating on real problems, like the DDoS attack on Callcentric. (http://www.dslreports.com/shownews/CallCentric-Victim-of-Devastating-TwoWeek-DDoS-Attack-121667?r=0.832118027416197)

But their priorities are pobably set by the MAFIAA.

Re:Callcentric (0)

Anonymous Coward | about a year ago | (#41811181)

But their priorities are probably set by the MAFIAA.

The politicians are the source of corruption -- the FBI is just following orders.

Re:Callcentric (0)

Anonymous Coward | about a year ago | (#41811365)

"The politicians are the source of corruption -- the FBI is just following orders."

When your boss is corrupt and you follow "orders" then you are also currupt.

Re:Callcentric (1)

Anonymous Coward | about a year ago | (#41811915)

Callcentric should have been better prepared for the situation they were in. I'm not saying they could have prevented it. I get that it was not a normal DDoS attack. However they are using the government to solve an Internet problem. The Internet IS the unregulated wild west no matter how much cooperation there is between governments. Stop treating it like you can rely on the government to solve the problem. You can't, you shouldn't, and take into account the unexpected. There were things that callcentric could have done to be better prepared. The thing that pissed me off was they blamed the hackers and put the responsibility for defense on the FBI.

The FBI can't fix callcentrics problems. Only callcentric can do that.

Define hacking (2)

arctus (2753027) | about a year ago | (#41809941)

The only mainstream hacking I ever hear about is usually "protest" hacking or "shock and awe" hacking against major organizations.

I really hope the FBI is focusing more on improving their own cyber warfare capability against countries such as China that may have insidious intentions for our vulnerabilities.

I mean, if Playstation Network gets hacked I guess its a sad day, but I really hope they're working above that level of hacking at this point.

Better watch out, FBI... (1)

Andy Prough (2730467) | about a year ago | (#41809955)

Anonymous might put their Guy Fawkes masks on and you'd have a full-blown 8-person protest outside the Hoover building.

Re:Better watch out, FBI... (0)

Anonymous Coward | about a year ago | (#41811035)

Anonymous might put their Guy Fawkes masks on and you'd have a full-blown 8-person protest outside the Hoover building.

Oh Plz
Easily over 9,000

Re:Better watch out, FBI... (1)

Bobfrankly1 (1043848) | about a year ago | (#41811433)

Anonymous might put their Guy Fawkes masks on and you'd have a full-blown 8-person protest outside the Hoover building.

They tried that today and got blown away...

Won't work (0)

Anonymous Coward | about a year ago | (#41809965)

They have proven track record of not being able to stop Rachel at Card Holder Services; so there is no chance they could stop a more determined foe.

Summary/Article Speculation (0)

Anonymous Coward | about a year ago | (#41809975)

> Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago

Anonymous? They haven't done anything remotely newsworthy in a while. And even when they were getting headlines, it was the same stale, useless, ineffectual stuff they've always done. No one's losing any sleep over websites being DOSed for 15 minutes. And why would the FBI, a DoJ agency, care what the SoD has to say? Here's a better idea, maybe it's got something to do with the relatively recent and growing influx of Iranian cyberattacks?

Hacking is a crime? (1)

Anonymous Coward | about a year ago | (#41810071)

I guess I should turn myself in. I changed the ascii characters in my copy of DOS "mission imp" back in 1981. I only did it so my game would look cool and different. Leniency please!

they JUST started this? (0)

Anonymous Coward | about a year ago | (#41810077)

Well shit, they weren't before?? Who the fuck was running that place??

In the US maybe... (0)

Anonymous Coward | about a year ago | (#41810139)

From personal experience I can say that even when the FBI has intel handed to them on a silver platter they simply don't care unless the compromised boxen are in the US. Having helped admin IRC networks for a very long time I can attest to the fact that someone at some point will foist a botnet onto your network. Don't bother calling the FBI if they are ADSL routers with poorly chosen defaults that happen to run Linux in a foreign country. Don't bother calling if the bot herders happen to appear to live in a foreign country either. If it's a standard botnet full of windows boxen good fucking luck because they won't give a shit either. Find them something that might make them famous though and call them, only after you've already secured the rights to the story.

Re:In the US maybe... (0)

Anonymous Coward | about a year ago | (#41810435)

From personal experience I can say that even when the FBI has intel handed to them on a silver platter they simply don't care unless the compromised boxen are in the US.

From personal experience I can say that even when the FBI has intel handed to them on a silver platter they simply don't care even when the compromised boxen are in the US.

Nothing new (4, Informative)

Anonymous Coward | about a year ago | (#41810151)

Unless something ridiculous has changed, they've had agents dedicated to computer crime 24/7 for the last 20 years.

From personal experience.

The only thing in the article that's noteworthy is their shifting focus to rapid attribution. That's an incredibly difficult goal, especially given the laws regarding search and seizure. If anything raises a red flag for me, it's this. Historically law enforcement in general has always been behind due to the very nature of crime. With Internet related crime this issue is only amplified. I would love to know how they're getting around the red tape that has always slowed down investigations of this type.

Re:Nothing new (1)

Anonymous Coward | about a year and a half ago | (#41812437)

I would love to know how they're getting around the red tape that has always slowed down investigations of this type.

By throwing due process and jurisdiction concerns into the shitter, wiping with the bill of rights, and flushing any semblance of justice down the toilet. But other than that, I have no strong feelings on the matter, herr komissar.

Cyber Criminals (0)

Anonymous Coward | about a year ago | (#41810191)

Get it straight they are Cyber-Criminals.
Hackers are not necessarily Criminals.
Cyber-Criminals are not necessarily Hackers.
Although some may be both.

So are they monitoring (1)

future assassin (639396) | about a year ago | (#41810205)

all the open door system at financial institutions to keep out the hackers instead of having those institutions fix the issue?

Fast & Furious? (1)

RoknrolZombie (2504888) | about a year ago | (#41810211)

I expect they'll release spyware into the wild so that they can track it to the nefarious types that use it. They'll figure out where it went when someone dies. That's how this shit works, isn't it?

FBI Ignores Internal Govt corruption (1)

Anonymous Coward | about a year ago | (#41810369)

I think the FBI should be spending it's time on internal government corruption.

Re:FBI Ignores Internal Govt corruption (1)

Penurious Penguin (2687307) | about a year ago | (#41810657)

Since I have no mod points to give, I offer you my earnest agreement. Funny, how the internal stuff just slips by, and how much the legal-system and the sports industry have in common. But I must correct you on one minor detail; they don't ignore it so much as they protect it.

Knock Knock Knocking on Spookys Door! (0, Interesting)

Anonymous Coward | about a year ago | (#41810505)

Nobody Seems To Notice and Nobody Seems To Care - Government & Stealth Malware

        In Response To Slashdot Article: Former Pentagon Analyst: China Has Backdoors To 80% of Telecoms 87

        How many rootkits does the US[2] use officially or unofficially?

        How much of the free but proprietary software in the US spies on you?

        Which software would that be?

        Visit any of the top freeware sites in the US, count the number of thousands or millions of downloads of free but proprietary software, much of it works, again on a proprietary Operating System, with files stored or in transit.

        How many free but proprietary programs have you downloaded and scanned entire hard drives, flash drives, and other media? Do you realize you are giving these types of proprietary programs complete access to all of your computer's files on the basis of faith alone?

        If you are an atheist, the comparison is that you believe in code you cannot see to detect and contain malware on the basis of faith! So you do believe in something invisible to you, don't you?

        I'm now going to touch on a subject most anti-malware, commercial or free, developers will DELETE on most of their forums or mailing lists:

        APT malware infecting and remaining in BIOS, on PCI and AGP devices, in firmware, your router (many routers are forced to place backdoors in their firmware for their government) your NIC, and many other devices.

        Where are the commercial or free anti-malware organizations and individual's products which hash and compare in the cloud and scan for malware for these vectors? If you post on mailing lists or forums of most anti-malware organizations about this threat, one of the following actions will apply: your post will be deleted and/or moved to a hard to find or 'deleted/junk posts' forum section, someone or a team of individuals will mock you in various forms 'tin foil hat', 'conspiracy nut', and my favorite, 'where is the proof of these infections?' One only needs to search Google for these threats and they will open your malware world view to a much larger arena of malware on devices not scanned/supported by the scanners from these freeware sites. This point assumed you're using the proprietary Microsoft Windows OS. Now, let's move on to Linux.

        The rootkit scanners for Linux are few and poor. If you're lucky, you'll know how to use chkrootkit (but you can use strings and other tools for analysis) and show the strings of binaries on your installation, but the results are dependent on your capability of deciphering the output and performing further analysis with various tools or in an environment such as Remnux Linux. None of these free scanners scan the earlier mentioned areas of your PC, either! Nor do they detect many of the hundreds of trojans and rootkits easily available on popular websites and the dark/deep web.

        Compromised defenders of Linux will look down their nose at you (unless they are into reverse engineering malware/bad binaries, Google for this and Linux and begin a valuable education!) and respond with a similar tone, if they don't call you a noob or point to verifying/downloading packages in a signed repo/original/secure source or checking hashes, they will jump to conspiracy type labels, ignore you, lock and/or shuffle the thread, or otherwise lead you astray from learning how to examine bad binaries. The world of Linux is funny in this way, and I've been a part of it for many years. The majority of Linux users, like the Windows users, will go out of their way to lead you and say anything other than pointing you to information readily available on detailed binary file analysis.

        Don't let them get you down, the information is plenty and out there, some from some well known publishers of Linux/Unix books. Search, learn, and share the information on detecting and picking through bad binaries. But this still will not touch the void of the APT malware described above which will survive any wipe of r/w media. I'm convinced, on both *nix and Windows, these pieces of APT malware are government in origin. Maybe not from the US, but most of the 'curious' malware I've come across in poisoned binaries, were written by someone with a good knowledge in English, some, I found, functioned similar to the now well known Flame malware. From my experience, either many forum/mailing list mods and malware developers/defenders are 'on the take', compromised themselves, and/or working for a government entity.

        Search enough, and you'll arrive at some lone individuals who cry out their system is compromised and nothing in their attempts can shake it of some 'strange infection'. These posts receive the same behavior as I said above, but often they are lone posts which receive no answer at all, AT ALL! While other posts are quickly and kindly replied to and the 'strange infection' posts are left to age and end up in a lost pile of old threads.

        If you're persistent, the usual challenge is to, "prove it or STFU" and if the thread is not attacked or locked/shuffled and you're lucky to reference some actual data, they will usually attack or ridicule you and further drive the discussion away from actual proof of APT infections.

        The market is ripe for an ambitious company or individual to begin demanding companies and organizations who release firmware and design hardware to release signed and hashed packages and pour this information into the cloud, so everyone's BIOS is checked, all firmware on routers, NICs, and other devices are checked, and malware identified and knowledge reported and shared openly.

        But even this will do nothing to stop backdoored firmware (often on commercial routers and other networked devices of real importance for government use - which again opens the possibility of hackers discovering these backdoors) people continue to use instead of refusing to buy hardware with proprietary firmware/software.

        Many people will say, "the only safe computer is the one disconnected from any network, wireless, wired, LAN, internet, intranet" but I have seen and you can search yourself for and read about satellite, RF, temperature, TEMPEST (is it illegal in your part of the world to SHIELD your system against some of these APT attacks, especially TEMPEST? And no, it's not simply a CRT issue), power line and many other attacks which can and do strike computers which have no active network connection, some which have never had any network connection. Some individuals have complained they receive APT attacks throughout their disconnected systems and they are ridiculed and labeled as a nutter. The information exists, some people have gone so far as to scream from the rooftops online about it, but they are nutters who must have some serious problems and this technology with our systems could not be possible.

        I believe most modern computer hardware is more powerful than many of us imagine, and a lot of these systems swept from above via satellite and other attacks. Some exploits take advantage of packet radio and some of your proprietary hardware. Some exploits piggyback and unless you really know what you're doing, and even then... you won't notice it.

        Back to the Windows users, a lot of them will dismiss any strange activity to, "that's just Windows!" and ignore it or format again and again only to see the same APT infected activity continue. Using older versions of sysinternals, I've observed very bizarre behavior on a few non networked systems, a mysterious chat program running which doesn't exist on the system, all communication methods monitored (bluetooth, your hard/software modems, and more), disk mirroring software running[1], scans running on different but specific file types, command line versions of popular Windows freeware installed on the system rather than the use of the graphical component, and more.

        [1] In one anonymous post on pastebin, claiming to be from an intel org, it blasted the group Anonymous, with a bunch of threats and information, including that their systems are all mirrored in some remote location anyway.

        [2] Or other government, US used in this case due to the article source and speculation vs. China. This is not to defend China, which is one messed up hell hole on several levels and we all need to push for human rights and freedom for China's people. For other, freer countries, however, the concentration camps exist but you wouldn't notice them, they originate from media, mostly your TV, and you don't even know it. As George Carlin railed about "Our Owners", "nobody seems to notice and nobody seems to care".

        [3] http://www.stallman.org/ [stallman.org]

        Try this yourself on a wide variety of internet forums and mailing lists, push for malware scanners to scan more than files, but firmware/BIOS. See what happens, I can guarantee it won't be pleasant, especially with APT cases.

        So scan away, or blissfully ignore it, but we need more people like RMS[3] in the world. Such individuals tend to be eccentric but their words ring true and clear about electronics and freedom.

        I believe we're mostly pwned, whether we would like to admit it or not, blind and pwned, yet fiercely holding to misinformation, often due to lack of self discovery and education, and "nobody seems to notice and nobody seems to care".

##

"It sound like some people I know who "Keep getting all these virus things no matter what I do!""

Remember the Sony BMG root kit?
Remember how no Antivirus detected it? Not even Anti root kit scanners?
Remember how only one tool initially detected it?

Now consider for a moment how many other government software/firmware moles/rootkits may be lingering within millions of people's proprietary systems (hardware/software-OS).

Wikileaks published a lot of information on companies willingly selling rootkits to governments and organizations. And do I really need to bring up HBGary?

So many fools using multiple proprietary scanners on their systems, the makers of which could all be in bed with big bro, the programs and/or updates could contain rootkits, and seriously, what the fsck is up with Microsoft and Flash both having so many remote exploits being patched all of the time?

The very products you trust, imo, could be the very e-poison from which you e-drink from.

To this day I laugh inside when twits tell me their system is "clean" because they scanned it with several proprietary tools.

Face it, even on Linux the quality of the root kit scanners are piss poor. You have to boot into a separate environment (like Remnux) to evaluate the malware, but most people won't do it, they'll wipe and reinstall and rely only on signatures which can be compromised. And when they find out they have an APT which continues to reinfect their computer(s)? Would they be intelligent enough to consider a firmware (PCI/BIOS) infection which survives hard drive wipes? Do they also have infected thumb drives laying around they plug into other computers around home and/or friends/family/work?

Chkrootkit has a function to list the strings of binaries, but it's up to you to determine whether or not the content of the strings are malicious. I've tried several root kit scanners on Linux and all of them are, imo, crippled pieces of trash. The crowd will yell back at you, "But most of these require root to exploit!" No, not at all, there are hundreds of ways to exploit a Linux box, many not requiring root, but a particular program/version. I won't even bite down on the subject of ways to subvert package managers. Heck, how many Linux repositories use SSL? SSH? Torrents with established "good" check sums for thousands of packages?

And I've not mentioned Flash and Adobe Reader for Linux and the past problems with those... and the NVidia driver for Linux, had in the past, one or two severe security issues whereby a remote exploit could take over the system! (Google it. The news of one exploit was in 2006.)

Our proprietary hardware and software are both at risk, and likely subverted world wide on millions of computers by governments and select organizations. The fact it takes years until a researcher trips over a particular piece of malware which none of the antivirus companies are detecting is inexcusable.

Were I head of a commercially developed antimalware company, I'd develop a website similar to Virus Total, but instead of the users uploading single files one by one, I'd give them a FOSS program which checked every part of their hardware, embedded and manually inserted, checksum the firmware (of all media drives, graphics cards, anything with firmware) and BIOS and tear apart the results, funneling them into separate result pages, each result for each component going to its own page for comparative results, rather than building a profile on one user's system. I would offer the users the option of publishing a one page result for their unique computer, but it would be opt-in only. Yes, checksum the firmware, including the router, and demand companies publish checksums and use GPG to sign their firmware, all of this information would go to the site as described. A massive database of important, but anonymously pulled and published information.

It's just going to get worse.

On the side, I've been saying to myself for years, IMO, "When Microsoft finally starts to show signs of weakness and loss of power over the OEMs, it will try and reinvent itself through crippled hardware and force others to beg at its door for access. They will, imo, follow the same route as Apple, tying software to hardware. I'm shocked it hasn't happened sooner." Then the reverse engineering can begin, just like the WINE project which was abandoned by Corel following Microsoft's involvement with Corel, despite the good word from some former people at Corel who said they would continue to develop WINE. It wasn't much longer until Corel Linux was **** canned, and the support for WINE dried up like a neglected grapevine.

People like to poke and laugh at people like RMS who are sane and their visions a philosophy to stand by and build upon. Sadly, it's mostly about 'image' in today's society. This is why, in part, you'll never see a true world leader elected who benefits the people and country as a whole, because it's just like high school, you only have a few choices between the approved popular cliques, the rest are shunned and ridiculed. So we have two, I would argue, controlled choices, the Republicans and Democrats, and we have two, I would maintain, jocks, Apple and Microsoft.

Bring on the 3-D printers and eventually the Star Trek like replicators, so we can put an end to the sweatshops in China and elsewhere, and to the two jocks in school.

Soon our future will be collaboration of FOSS and FOSH(ardware) and we won't sit idly by as the two jocks push their creations onto us, we will forge our own.

Oh, and you can kiss my ass Republicans and Democrats, whose power is only illuminated by controlled corporate media and further shaped by humor from The Daily Show, Colbert Report (they didn't have much to say during the last writer's strike, did they, yet people think they're so witty -- wrong! more corporate ****!) and SNL (why the fork wasn't stunk in SNL years ago is beyond me, it's like watching The Simpsons, someone left the building and forgot to turn off the light - I won't even dig into the, imo, illuminati Family Guy show).

The future is up to us, the power is in our hands, we only have to turn off the TV and stop swallowing the **** they feed us and join together to mature technology.

WTF were their hours BEFORE? (3, Funny)

crazyjj (2598719) | about a year ago | (#41810821)

Hello, you've reached the Federal Bureau of Investigation. If this call is cybercrime-related, please call back during business hours from 9 a.m. to 5 p.m. Eastern Standard time, Monday through Friday. If this call is related to a non-cybercrime investigation, please press "1" now for an agent. If this call is related to bizarre serial killers or UFO phenomena, please press "2" now for our X-files division. Or press "0" for an operator at any time.

No need to leave a callback number, we already know who you are.

They're open 24/7/365.25... (-1)

Anonymous Coward | about a year and a half ago | (#41812875)

...when they're on a men, women, and children barbequeing mission ala Waco.

Benghazi solved then? (1)

xxxJonBoyxxx (565205) | about a year ago | (#41810831)

>> the FBI is now hunting hackers 24/7

Is that because we finally figured out what happened in Benghazi?
http://online.wsj.com/article/SB10000872396390444620104578008922056244096.html [wsj.com]

How 'bout we figure out who let Sean Smith down first, eh?

Why? (0)

Anonymous Coward | about a year ago | (#41811935)

How 'bout we figure out who let Sean Smith down first, eh?

He's too white. Now if it were Saint Trayboon Martin then the FBI would be all over it.

Subnets? (0)

Anonymous Coward | about a year ago | (#41810867)

24/7? what kind of sick subnet is that? o_O

FBI going 7/24 on the Red Bull Gang? (1)

LifesABeach (234436) | about a year ago | (#41811171)

All I can say now is, "BUY shares in powered donut stocks, BUY, BUY, BUY!"

I predict.... (3, Insightful)

runeghost (2509522) | about a year ago | (#41811493)

that this will be almost as effective as the War On Drugs. At least for getting the FBI more funding and more power to ignore/violate/destroy civil liberties.

Yup! (0)

Anonymous Coward | about a year ago | (#41811527)

It's 1995 again...

Shit assignment (4, Funny)

hemo_jr (1122113) | about a year ago | (#41811557)

Notice to screw-ups, midnight to 8 am shifts have now opened up in hacker hunting squad. Get your act together or you will be assigned.

Re:Shit assignment (0)

Anonymous Coward | about a year ago | (#41812185)

Notice to screw-ups, midnight to 8 am shifts have now opened up in hacker hunting squad. Get your act together or you will be assigned.

Of all the posts so far, yours is the most deserving of a +5 Insightful. Or funny, because it is indeed both.

To those who don't RTFA, all this is about is the FBI opening up a new operations team. "FBI Cyber Division’s Cyber Watch command at Headquarters" will be available 24/7 as a sort of 'helpdesk' resource. Yawn.

They or someone need to kill the... (0)

Anonymous Coward | about a year ago | (#41811909)

...eclipsemediaonline fucks.

I would love to see the bastards behind eclipsemediaonline with their guts strewn out on the streets like the garbage they are. Spammers and adware writers need to be subjected to torture and medical experimentation as well as organ harvesting. We should also make it a habit to assassinate, but preferable capture and torture, people in foreign nations who are engaged in this crap as well. It's folly to think that all human life has value. If it's okay to bomb foreign nations into rubble then it's just as well to destroy these "people".

Re:They or someone need to kill the... (2)

Froggels (1724218) | about a year and a half ago | (#41814171)

They aren't "people". They are "foreign nationals". Please get your terminology straight.

Did you mean: (0)

Anonymous Coward | about a year and a half ago | (#41812383)

Donut Bureau?

reply (-1)

Anonymous Coward | about a year and a half ago | (#41814637)

Shanghai Shunky Machinery Co.,ltd is a famous manufacturer of crushing and screening equipments in China. We provide our customers complete crushing plant, including cone crusher, jaw crusher, impact crusher, VSI sand making machine, mobile crusher and vibrating screen. What we provide is not just the high value-added products, but also the first class service team and problems solution suggestions. Our crushers are widely used in the fundamental construction projects. The complete crushing plants are exported to Russia, Mongolia, middle Asia, Africa and other regions around the world.
http://www.mcrushingplant.com
http://www.crusher007.com
http://www.sand-making-machine.com
http://www.china-impact-crusher.com
http://www.cnshunky.com
http://www.bestssj.com
http://www.shunkyen.com
http://www.crusheren.com
http://www.crusher02.com
http://www.portablecrusherplant.net
http://www.csconecrusher.com

Too bad the FBI culture is anti-geek (1)

cpghost (719344) | about a year and a half ago | (#41815201)

The problem with every law enforcement agency, FBI included, is that they have an extremely geek-hostile culture. Could you imagine any red-blooded hacker doing work for and at the FBI, while at the same time being forced to wear those ugly black suits, tie, etc., and bow to the will of seriously brain dead lawyers higher up in the hierarchy? Sure, with some serious pay, the FBI could attract some average security professionals, but the real hackers, those with the required skills and mentality, would stay light years away of any bureaucratic organization, unless temporarily for the purpose of penetrating its internal structures for fun and profit.

Opinion on the role of government (1)

ALeader71 (687693) | about a year and a half ago | (#41815369)

Like the printing press, government is both a benefit and a hazard. Taking down mafia style botnets and guarding against attacks on our interconnected and networked physical infrastructure is a good thing. Using the Patriot Act to snoop on our communications looking for keywords or suspicious activities is a bad thing. How this evolves requires constant monitoring by an informed voting populace.

Re:Opinion on the role of government (1)

moeinvt (851793) | about a year and a half ago | (#41816665)

"Like the printing press, government is both a benefit and a hazard."

I think the benefit/hazard ratios of those two things are WAY out of balance.

For the printing press, I'd put the benefit/hazard ratio at about 99.999. For government, it's about 7.15e-04.

The printing press might have caused a few lost fingers in its day, but that's completely insignificant compared to the damage caused by government. Tens of millions of people tortured, murdered and imprisoned, trillions of dollars in property and environmental destruction and the theft of further trillions. We can put a few welfare programs and some scientific research into the benefit/hazard numerator however, so the ratio is non-zero.

How about some 9-5 on white collar crime? (1)

moeinvt (851793) | about a year and a half ago | (#41816513)

I wish they'd ignore some of the script kiddies vandalizing web pages and focus some of their resources on the "Epidemic of Fraud"(2003 FBI report) in the mortgage and financial markets. Maybe they could initiate some RICO investigations of the big banks due to the banks' well reported practice of forging and improperly notarizing thousands of lost note affidavits.

Re:How about some 9-5 on white collar crime? (0)

Anonymous Coward | about a year and a half ago | (#41819557)

Well it's a lot easier to prosecute teenagers than white collar criminals entrenched in politically backed organizations.

Their Pals At NSA and CIA (0)

Anonymous Coward | about a year and a half ago | (#41816627)

..could easily give them a handle on the bot-net Mafia. NSA does have the "total net picture" and all they need to do is to do a bit of datamining to discover the mafia.
  But hey, the CIA wants to gather intelligence by taking over botnets !

NSA data is being used to pressure those who voice their dissent with all the warmaking and the financial scams. Cybercrime is priority #69.

Its always the same. (0)

Anonymous Coward | about a year and a half ago | (#41826365)

Its always the same story. Instead of fixing the holes in the system just put everyone that see's the holes in jail. Security in obscurity is illogical.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...