Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware

samzenpus posted about 9 months ago | from the careful-what-you-click dept.

United Kingdom 335

An anonymous reader writes "Ars Technica reports how a Snowden leak shows British spy agency GCHQ spoofed LinkedIn and Slashdot so as to serve malware to targeted employees. From the article: 'Der Spiegel suggests that the Government Communications Headquarters (GCHQ), the British sister agency to the NSA, used spoofed versions of LinkedIn and Slashdot pages to serve malware to targets. This type of attack was also used to target “nine salaried employees” of the Organization of Petroleum Exporting Countries (OPEC), the global oil cartel.'"

cancel ×

335 comments

First infection (1)

starworks5 (139327) | about 9 months ago | (#45387065)

Viral Marketing to Governments.

Rogue governments !! (5, Insightful)

Taco Cowboy (5327) | about 9 months ago | (#45387651)

The term "Rogue" is used to denote "dishonest and/or unprincipled".

They used to put USSR, China, North Korea under the "Rogue Government" category.

Both the governments of the United States of American and that of Great Britain have proven to be DISHONEST _and_ UNPRINCIPLED !

IMHO, it's time we should include the government of the United States and that of United Kingdom under the "Rogue Government" category.

And btw, if you see the performance of John McCain, especially how he tried to blame Edward Snowden, you would understand how ludicrously pathetic American politicians have become ...

... McCain also said he was convinced that Snowden gave all of his information to Russia ...

As an American, I am beyond furious ...

Re:Rogue governments !! (4, Insightful)

Nerdfest (867930) | about 9 months ago | (#45387823)

McCain is a first class weasel to begin with. I remember watching one of the presidential debates, ranting about how the government had paid 40K$ or something for a lightbulb, not mentioning that it was for a planetarium projector.

Victims were alerted (5, Funny)

Anonymous Coward | about 9 months ago | (#45387067)

when the quality of the comments section significantly improved.

Re:Victims were alerted (4, Funny)

93 Escort Wagon (326346) | about 9 months ago | (#45387097)

when the quality of the comments section significantly improved.

Plus submissions were actually edited...

Re:Victims were alerted (1)

phrostie (121428) | about 9 months ago | (#45387177)

you just think you're Anonymous.

Their watching.

ROTFL

Re:Victims were alerted (4, Funny)

petteyg359 (1847514) | about 9 months ago | (#45387187)

Whose watching?

Re:Victims were alerted (3, Interesting)

ArcadeMan (2766669) | about 9 months ago | (#45387213)

They're watching what you're doing on your computer via their hidden cameras over there.

Re:Victims were alerted (1)

Anonymous Coward | about 9 months ago | (#45387227)

Their watching.

Whose watching?

Whoosh.

Re:Victims were alerted (2)

maxwell demon (590494) | about 9 months ago | (#45387301)

Whoosh watching?

Re:Victims were alerted (1)

binarylarry (1338699) | about 9 months ago | (#45387347)

Whoooo! Swatching!

Re:Victims were alerted (1)

Zaiff Urgulbunger (591514) | about 9 months ago | (#45387387)

Who wooshes the watchers though?

Re:Victims were alerted (0)

Anonymous Coward | about 9 months ago | (#45387857)

No. Who's on third.

Re:Victims were alerted (2)

lkernan (561783) | about 9 months ago | (#45387515)

See, no fake Slashdot could ever match the quality of comments like that.

Re:Victims were alerted (1)

mrchaotica (681592) | about 9 months ago | (#45387863)

I don't know!

(He's on third.)

Re:Victims were alerted (1)

Anonymous Coward | about 9 months ago | (#45387397)

You know, Wa Ching, the Chinese mole at GCHQ!
His brother is a lobbyist in America, Ca Ching!
Oh, and it's who's, not whose.

Re:Victims were alerted (5, Funny)

girlintraining (1395911) | about 9 months ago | (#45387685)

Whose watching?

The grammar police. We've had our eyes on you for some time.

Re:Victims were alerted (-1)

Anonymous Coward | about 9 months ago | (#45387191)

-1? Slashdot's been giving moderator points to the wrong people for a long time now. I wouldn't be surprised if /.'s been hacked.

first spoofed post (-1)

Anonymous Coward | about 9 months ago | (#45387073)

taste the frosty

hey, GCHQ employees (5, Funny)

Joining Yet Again (2992179) | about 9 months ago | (#45387075)

I know you're reading this.

You're smart. Smart enough to be able to work out who I am, probably without much trouble.

Why don't you do something productive?

Re:hey, GCHQ employees (1)

Anonymous Coward | about 9 months ago | (#45387133)

Why don't you do something productive?

They dont get paid to do that. They have gone the way of Gestapo, KGB and Stasi.

Re:hey, GCHQ employees (1)

cold fjord (826450) | about 9 months ago | (#45387197)

The Gestapo, KGB, and Stasi were mainly agencies of internal political repression, although the KGB also spied outside the country as well. Since the targets of surveillance were apparently outside the UK, it isn't really the same. That doesn't mean you can't find it disagreeable.

Re:hey, GCHQ employees (5, Insightful)

NettiWelho (1147351) | about 9 months ago | (#45387265)

The Gestapo, KGB, and Stasi were mainly agencies of internal political repression, although the KGB also spied outside the country as well. Since the targets of surveillance were apparently outside the UK, it isn't really the same. That doesn't mean you can't find it disagreeable.

Even if the anglosphere currently isn't openly corporate fascist that doesn't mean it wont be 5, 10, 15 or 20 years down the road. If they have years worth of supposedly private communiques from people thats is like Stasi's wet dream where the people being repressed write their own profile, willingly.
Once the thugs are in power they are not gonna delete that data, they are going to use it.

Re:hey, GCHQ employees (4, Interesting)

NettiWelho (1147351) | about 9 months ago | (#45387307)

And when they say they dont do domestic data gathering you shouldn't trust them. NSA was already caught wiht its hand in the cookie jar.

Re:hey, GCHQ employees (5, Insightful)

Spamalope (91802) | about 9 months ago | (#45387565)

And when they say they dont do domestic data gathering you shouldn't trust them. NSA was already caught wiht its hand in the cookie jar.

Semantics; Assuming it's not a baldfaced lie, they can 'partner' with the NSA then 'share resources' and they've got their hands on the results of domestic spying while only having encouraged and facilitated it themselves.

In the US, courts have ruled that corporate spying on individuals is legal so 'privatizing' the actual data gathering launders it into legality under this time honored principle: 'What are you gonna do about it, you're powerless'.

Re:hey, GCHQ employees (1)

Penguinisto (415985) | about 9 months ago | (#45387285)

Actually...

The KGB (Komitet gosudarstvennoy bezopasnosti) did the external spying, while the NKVD (Narodnyy Komissariat Vnutrennikh Del) did the internal stuff.

Re:hey, GCHQ employees (4, Informative)

NettiWelho (1147351) | about 9 months ago | (#45387365)

Actually...

The KGB (Komitet gosudarstvennoy bezopasnosti) did the external spying, while the NKVD (Narodnyy Komissariat Vnutrennikh Del) did the internal stuff.

Organization that used to be NKVD was castrated in 1950's with arrest of Beria and KGB inherited role of the political police.

Re:hey, GCHQ employees (3, Informative)

Anonymous Coward | about 9 months ago | (#45387563)

Skipping some renaming & reorganizations, the KGB was a successor to the NKVD which was a successor to OGPU which was a successor to the Checka.

The KGB owned internal troops, border guards, secret police, and external spies.

Both the KGB and GRU (military intelligence) spied abroad.

Re:hey, GCHQ employees (5, Interesting)

Joining Yet Again (2992179) | about 9 months ago | (#45387269)

It makes me sad.

My (long ago retired) father ended up as a relatively senior civil servant for his home country, working abroad and dealing with, to put it generally, import&export. Now he was once asked by his government if he would exploit the contacts he'd formed and cooperate in passing certain useful information to them as and when required. He refused.

I'm sure he'd have enjoyed greater job security in his latter years if he'd cooperated, but he did what was right - ultimately for him too, because being open and honest means a more relaxed life, where you are free to build what you want and speak about what you want.

Even if - and let's say your a stellar maths grad - you're given the most comfortable desk, access to the best machines and the company of a small subset of brilliant minds, your work won't go to improving human scholarship if you work for a secret service. It'll be kept under lock and key, deployed for the whim of the politicians of the day and their masters. And yes, you'll be indoctrinated with the mantra of every civil servant - "I'm not allowed an opinion because I'm only following orders". But that's only acceptable if your orders can ultimately be scrutinised by the general public on behalf of whom you are working.

And if you just enjoy playing god, well, go into the City, or start up your own business. If you're that good, then you can perform in plain sight, can't you?

Re:hey, GCHQ employees (0)

Anonymous Coward | about 9 months ago | (#45387331)

Well said, wish I had mod points.

It's not that simple ... (5, Insightful)

Taco Cowboy (5327) | about 9 months ago | (#45387839)

And if you just enjoy playing god, well, go into the City, or start up your own business. If you're that good, then you can perform in plain sight, can't you?

Speaking from experience here ... it's not that simple

I started to plan for my escape from China way back in the late 1960's because of the social madness created by Mao back then.

Thongs of mindless assholes with red armband parading on the street, waving that little red book and plunged the Chinese society into total darkness.

Those of us with brains knew that the things coming from Mao were bullshit, but those without brains who embraced Mao's bullshit outnumbered us 1000 to 1.

So we ran, and ran, and finally I got to Hongkong.

From Hongkong I ended up in the United States, and at that time, the U. S. of A. was a paradise, a place where brainy people get to do whatever they want to do without having fear of official repression.

Some 40 odd years have passed, and the United States is turning into just like Mao's China ...

Everything coming from Washington D.C. is pure bullshit, and the things I have noticed right now is that the mindless fucktards who bought into Washington D.C.'s bullshit are outnumbering those who know better.

While the society in the United States of American haven't plunged into darkness yet, there is no certainty that it won't.

When the controlling regime got desperate ~ (Mao's reign at that time was in danger of collapsing from within, motivating Mao in his encouragements to the mindless assholes with red armbands creating social havoc), ~ they will do anything to remain in charge.

And if (and when) the regime which is reigning over Washington D.C. (democrats _ and_ republicans) is in danger of collapsing, there is NO TELLING what they would do.

To make the matter worse ... they have a lot of very powerful tools Mao couldn't even begin to dream of 50 years ago.

I am an American now, and I am looking at my adopted country, the United States of America, with the same dismay as Mao's China, back in the 1960's.

They specifically chose these jobs (2)

Marrow (195242) | about 9 months ago | (#45387181)

so they wouldn't HAVE to be productive. All they have to do is listen and let the money roll in.

Re:hey, GCHQ employees (1)

cold fjord (826450) | about 9 months ago | (#45387239)

hey, GCHQ employees .... Why don't you do something productive?

They were apparently spying outside the country. Isn't that what most people here agree they're supposed to do?

I can see why it might be a matter of concern.

Iran says it has capability to force Europe to 'spend the winter in cold' [liveleak.com] - Published: 02.28.10

Iran could make European countries suffer by cutting off energy supplies and can target any adversary with its missiles, a senior Iranian military official said on Sunday.

Re:hey, GCHQ employees (1, Insightful)

Anonymous Coward | about 9 months ago | (#45387313)

1) There are foreign threats.
2) Our spies are principally spying on foreigners.
3) ????

The conservatives in all our countries are relying on to you stupidly assume that our spies are principally spying on foreign threats. But foreigners are not the same as foreign threats. If the GCHQ spies on Americans, and the NSA spies on Brits, then it's a closed loop. And we know that is happening.

The whole thing is all a big open question with lots of cloud hanging over it.

Re:hey, GCHQ employees (3, Insightful)

NettiWelho (1147351) | about 9 months ago | (#45387317)

Sending malware counts as a crime, not legal surveillance.

If the victims knew the identities of the perpetrators they would be eligible for extradition under the standing treaties.

Re:hey, GCHQ employees (3, Informative)

NicBenjamin (2124018) | about 9 months ago | (#45387641)

Sending malware counts as a crime, not legal surveillance.

If the victims knew the identities of the perpetrators they would be eligible for extradition under the standing treaties.

This has been repeated several times, but nobody has been able to name the treaty. In fact the last time I asked somebody brought up a non-governmental hacker.

This is a world of governments. What they do is legal, by definition, unless they have specific Constitutional or statutory bars on that particular behavior. Neither the US nor the UK has ever signed a treaty, or passed a law, that makes hacking in service of the government illegal.

Let me put it to you this way:
If US officials can't get extradited to Venezuela for participating in that minor coup attempt Venezuela had a decade pr so back, why could they be extradited for hacking?

It's not like a) the Venezuela coup worked so the new government loved the coupsters, or b) the Venezuelan government would have refrained from charging the CIA officers they were accusing if they thought anyone (literally anyone) would take it seriously.

Re:hey, GCHQ employees (3)

king neckbeard (1801738) | about 9 months ago | (#45387325)

Saying that the purpose of the GCHQ or NSA is to spy outside the country is like saying that the purpose of the military is to shoot and bomb people. That's what a large portion of what they do entails, but if it is justified in existence, it's going to need a lot more discretionary than that.

Re:hey, GCHQ employees (2)

girlintraining (1395911) | about 9 months ago | (#45387735)

Saying that the purpose of the GCHQ or NSA is to spy outside the country is like saying that the purpose of the military is to shoot and bomb people.

The NSA Mission Statement [nsa.gov] references Executive Order 12333 [archives.gov] , and I quote directly -- "2.2 Purpose. This Order is intended to enhance human and technical collection techniques, especially those undertaken abroad..." The GCHQ lacks a specific mission statement, because as you know, the British are terrible at getting to the point. The website is, however, full of committee-written documents and available in 9 different languages and makes a point of saying it's available to those who require "assistive devices". The NSA makes no such attempt; I guess that's social commentary.

And as to the military... for an organization whose purpose isn't to shoot and bomb people, they sure do shoot and bomb people a lot. In other news... If an NSA or GCHQ analyst ever reads your post... they'd laugh as hard as I did at your naivety, except part of the swearing in ceremony to become an employee requires they surgically remove the sense of humor.

Re:hey, GCHQ employees (4, Insightful)

Joining Yet Again (2992179) | about 9 months ago | (#45387369)

The concern is not whether spying activity is at home or abroad - any such distinction can be defeated with recriprocal agreements. The issue is that the targetting was of administrators at Internet exchanges.

And you're worried about Iran putting pressure on OPEC? Deal with your lack of domestic energy security. You had 40 years to wake up, but instead you sold everything off to mostly foreign concerns. Spying on OPEC is just doing dirty work for these businesses to ensure they profitably receive their fuels.

Re:hey, GCHQ employees (1)

cold fjord (826450) | about 9 months ago | (#45387539)

And you're worried about Iran putting pressure on OPEC? Deal with your lack of domestic energy security. You had 40 years to wake up, but instead you sold everything off to mostly foreign concerns. Spying on OPEC is just doing dirty work for these businesses to ensure they profitably receive their fuels.

Iran is a member of OPEC. Iran also threatens Europe both with missiles and with the ability to significantly reduce Europe's energy supplies. If you read my post you should have picked up on that. Limiting the ability of Iran to interrupt Europe's energy supplies limits the number of Europeans that will freeze to death in winter. Or was the question of profit your main concern?

Re:hey, GCHQ employees (1)

Joining Yet Again (2992179) | about 9 months ago | (#45387675)

Yes, but Iran isn't OPEC, so it still makes sense to say that it might put pressure on OPEC.

How exactly does spying on internal OPEC discussions stop them from deciding to limit supply to Britain, please? Is it so Britain can figure out ASAP how it should threaten Iran as a whole because a group has dared to exercise its right not to sell a product to private companies?

Of course it's a concern that Britain's energy policy has been directed toward maximising profit for energy companies rather than to securing domestically owned and located energy sources. Band-aid after band-aid won't solve the fact that Britain remains at the mercy of being "frozen to death" by OPEC (misdirected hyperbole yours - in fact, people are already freezing to death, and the numbers are expected to increase significantly this winter).

Now, recent moves toward fracking and building of new nuclear power stations have all involved foreign companies, which is only better in that we can in principle regulate in our interest and force nationalisation if absolutely necessary. In practice, the government ends up being subordinate to the needs of the energy companies - hence the spying!.

Genuine military threats from Iran are of course within the remit of spy agencies. That's not the same as sabre-rattling, but I simply don't know enough to say for sure whether Iran is a genuine military threat to Britain. FWIW, I have no evidence that it is.

Re:hey, GCHQ employees (0)

Anonymous Coward | about 9 months ago | (#45387621)

They were apparently spying outside the country. Isn't that what most people here agree they're supposed to do?

That destinction becomes a bad joke as "outside the country" might well include the US. And it's easy for the NSA to claim they don't to any domestic spying when the spy on UK citizens. After all the secret agencies share informations. We're all friends, after all, aren't we?

Don't Panic! (4, Funny)

Anonymous Coward | about 9 months ago | (#45387081)

Don't worry, this is the real Slashdot right here. I promise.

Re:Don't Panic! (5, Funny)

maxwell demon (590494) | about 9 months ago | (#45387255)

Yeah, the NSA version is here. [slashdot.org] ;-)

Do as I say, not as I do (4, Insightful)

Hamsterdan (815291) | about 9 months ago | (#45387105)

If I or any /. reader were to do the same, a pretty harsh sentence would await us.

HTTPS on Slashdot (5, Interesting)

tepples (727027) | about 9 months ago | (#45387155)

I wonder if it would have been as easy for GCHQ to get away with it if HTTPS on Slashdot weren't a subscriber-only perk. Facebook and Twitter have gone all HTTPS all the time; why can't Slashdot? If ads are the problem, Google recently opened AdSense to HTTPS sites [blogspot.com] .

Re:HTTPS on Slashdot (4, Insightful)

Anonymous Coward | about 9 months ago | (#45387245)

Given that the spooks have almost certainly compromised all the major Certificate Authorities and can issue their own certificates at-will, I'm going to go with "No, it wouldn't make the slightest bit of difference".

Re:HTTPS on Slashdot (1)

Anonymous Coward | about 9 months ago | (#45387443)

I think certificate pinning solves this provided your browser has seen the legitimate certificate previously.

Re:HTTPS on Slashdot (1)

mrchaotica (681592) | about 9 months ago | (#45387699)

What "legitimate certificate previously?" There is absolutely no reason that I'm aware of not to think the certificate authorities weren't compromised from the very beginning.

Re:HTTPS on Slashdot (1, Insightful)

AHuxley (892839) | about 9 months ago | (#45387549)

Re https ,br> Thats what smart people have been warning about for years. Once the nets basic cryptography is a junk standard thanks to gov - anyone can be anything online and its all perfectly trusted..
The ex staff, fired staff, mercenary, contractor - they all take the complex skill set with them and sell it.
Other govs, firms, foreigners with cash, faith groups with cash... thats why junk crypto is so useless - all the interesting people can pay to learn about the 'net' and always know to avoid it or create complex legends.
All the random silly people using terms and words they copy and past from other open news sites just get to fill gov databases tracking .com
Over time the UK will have a massive East German like database filled with many quotes and people. Did the rows of East German files alter the politics and mil of East Germany? i.e. great for tracking workers comments, people protesting outside churches.

Re:HTTPS on Slashdot (1, Interesting)

NicBenjamin (2124018) | about 9 months ago | (#45387835)

You do realize that the UK already has an obscene amount of data on it's people?

Londoners in particular, can be tracked individually by the police if they so choose. I don't think they even need a warrant. In theory they could decide they wanted to find out what some random hot chick does every day, and they'd be able to follow her everywhere she went for as long as she was in London.As long as she's in public she's on one of their cameras. For most people (ie: the ones who don't discuss their illegal activities by text message or email) that's a lot more threatening then anything that either GHCQ or the NSA could do on the internet. If you add in some stuff on their use of cell phone towers you get some things that are as threatening in theory, but in practice they won't become that big a deal. And it's not a big deal for pretty much the same reason the cameras aren't a big deal:

Analyzing that much data takes a lot of analysts. The Stasi employed one half of one percent of East Germany's population. To get that many analysts in the UK you'd need 300,000 of them. You only have 200k in your active duty military (altho with reserves that goes to 380k). With computers you could probably automate a some stuff, but as databases get more complex you a) need more database gurus to make sure the data/hardware/etc. all stays working, and b) need to have a lot of actual people looking at your results who are smart enough to notice garbage. You're still gonna need a literal British Army (~130k) of analysts. You only have 500k or so people employed in the Civil Service.

Yeah if you fuck up and break the law, you're truly fucked. They have everything. If you look like you broke the law the data could be great or (in rarer cases) it could really suck. There's a lot of it, so if you're innocent something probably shows you're innocent. Even if the cops hate you your barrister should get access to the data, and if he doesn't suck you will probably get off. If your barrister sucks, and the cops/prosecutors charge you anyway the data will make you look very guilty.

Re:HTTPS on Slashdot (0)

mstefanro (1965558) | about 9 months ago | (#45387475)

Because of the lack of widely adopted HTTPS, browsers are default-HTTP. So if you type https.example.com in your browser,
it will first try to access it by HTTP. Sure, the host is sometimes nice enough to redirect you immediately to HTTPS. But the
redirection happens over HTTP (because that's how you accessed the website). Therefore, a MITM can easily prevent such a
redirect and keep you in the HTTP land (see sslstrip tool), where attacks are a child's play. So unless your victims are paranoid enough to
check the address bar to make sure "https" appears, or manually write https:/// [https] in front of their links, or use an addon such as "HTTPS Everywhere", then providing HTTPS doesn't matter much.
What addons like HTTPS Everywhere do is they have a huge lists of websites known to support HTTPS, and they force the browser to go default-https instead.

In my opinion, good solutions would include:
a) make HTTPS-everywhere part of the browsers;
b) add some proper authentication and encryption in HTTP2.0 instead of bitching that it's the wrong layer. it's clear no-one is going to adopt HTTPS
        widely anytime soon; most websites require you to login, meaning you can perform encrypted key exchange (EKE) with them, which allows for two-way authentication, plus encryption optionally;
c) widely adoption of something like this: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security [wikipedia.org] - not very useful, but still an improvement

Re:HTTPS on Slashdot (1)

maxwell demon (590494) | about 9 months ago | (#45387599)

So if you type https.example.com in your browser, it will first try to access it by HTTP.

Of course, because you just happen to access a server called "https". Which is completely unrelated to the protocol you might want to use.
The correct way to use https is to write it as protocol: https://example.com/

Re:HTTPS on Slashdot (1)

mstefanro (1965558) | about 9 months ago | (#45387687)

No, I meant what I said. "https.example.com" is an example of a host supporting HTTPS, yet the browser accesses
it by default as "http://https.example.com". You don't seem to have understood what I said at all.

Default protocol (1)

tepples (727027) | about 9 months ago | (#45387757)

The correct way to use https is to write it as protocol

Yet user agents continue to automatically write http as protocol. So how should a server communicate to the user agent that the correct protocol for accessing the server is HTTPS, not HTTP? There is HTTP Strict Transport Security, but not all web sites are popular enough to get into all major browsers' preloaded STS lists for first-visit security.

Strict Transport Security (1)

tepples (727027) | about 9 months ago | (#45387797)

add some proper authentication and encryption in HTTP2.0 instead of bitching that it's the wrong layer.

The current HTTP 2.0 draft is based on SPDY, which operates in a TLS tunnel. This allows for secure HTTP basic authentication and TLS client certs. It also eliminates the IPv4 exhaustion excuse, as web browsers supporting SPDY will support SNI.

HTTP Strict Transport Security [wikipedia.org] - not very useful

In what way is it "not very useful"? Is it just that browsers' preloaded STS whitelists aren't nearly as big as the HTTPS Everywhere rulesets? (Disclosure: I use HTTPS Everywhere, and when I switched away from Go Daddy for my own web site, I made sure to pick a shared host that supported SNI, so that every visitor has a secure option save Android 2.x users and IE/XP users.)

Re:HTTPS on Slashdot (1)

KiloByte (825081) | about 9 months ago | (#45387943)

Even worse, browsers introduce regressions like a Chrome's misfeature than came to Firefox as browser.urlbar.trimURLs. It really needs to go, yet it not only exists but defaults to true.

Let's all vote on bugzilla bug #691147. Seriously, it's time to switch the default to https, rather than making everything but http a second-class citizen.

Re:Do as I say, not as I do (1)

NettiWelho (1147351) | about 9 months ago | (#45387169)

Spoofing websites is on the very low end of the scale of things theyre getting away with..

War crimes and crimes against humanity the Nazis were executed over come to mind.

Re:Do as I say, not as I do (1)

NicBenjamin (2124018) | about 9 months ago | (#45387661)

So?

If I decided to execute some dude I'd be in huge-ass trouble. Yet Texas does that shit all the damn time.

It's the government. The shit it does is legal by definition as long as the correct internal procedures are followed.

Spoofed slash dot was easy to spot (5, Funny)

OzPeter (195038) | about 9 months ago | (#45387113)

There were no dupes, and all TFS's had perfect spelling and grammar.

Re:Spoofed slash dot was easy to spot (1)

ganjadude (952775) | about 9 months ago | (#45387129)

or maybe "they" are the reason for so many more dupes!

Re:Spoofed slash dot was easy to spot (4, Funny)

jrumney (197329) | about 9 months ago | (#45387209)

There were no dupes, and all TFS's had perfect spelling and grammar.

Actually, that's the real one. If you're seeing dupes, misspellings and poor grammar, and the articles seem to be a bit behind other sites, then it is probably a rushed retyping of the original.

Re:Spoofed slash dot was easy to spot (0)

Anonymous Coward | about 9 months ago | (#45387235)

There were no dupes, and all TFS's had perfect spelling and grammar.

I know this is a joke, but for anyone who doesn't get it: The spoof pages would be a Man In The Middle attack. The site would look and behave identically, except that it contains additional javascript and/or activex/java-applets/flash that compromise your system when the page is loaded.

Re:Spoofed slash dot was easy to spot (1)

AHuxley (892839) | about 9 months ago | (#45387455)

What would that get them? Many OS would be running new updated heuristic behaviour tests as part of anti-virus settings just waiting for any such attempts?
i.e. get the browser and then what on a modern OS? Just pass the ip back and then?

Re:Spoofed slash dot was easy to spot (0)

Anonymous Coward | about 9 months ago | (#45387261)

The "Slashdot story" headlined "Obama in Row Over Health Service Programme" was an embarrassing tipoff, though.

Re:Spoofed slash dot was easy to spot (1)

cold fjord (826450) | about 9 months ago | (#45387379)

There were no dupes, and all TFS's had perfect spelling and grammar.

Dude, that wasn't pseudo-Slashdot, that was Lake Woebegone [wikipedia.org] .

""Well, that's the news from Lake Wobegon, where all the women are strong, all the men are good looking, and all the children are above average."" .... and of course, none of the stories are dupes, have afflicted grammar, or words misspelled. See you next week.

Re:Spoofed slash dot was easy to spot (1)

Opportunist (166417) | about 9 months ago | (#45387653)

Dupes? There are dupes?

Did you maybe have a deja vu? Or can you be certain that you didn't read it on a spoofed page?

Tell me when I made you paranoid enough.

Re:Spoofed slash dot was easy to spot (2)

nherm (889807) | about 9 months ago | (#45387759)

When I saw a CowboyNeal option in the poll I knew that the GCHQ set up us the spoof.

No doubt. (-1, Troll)

Anonymous Coward | about 9 months ago | (#45387131)

The idea that Snowden hasn't given any information to the Russians is, in fact, hilarious at best.

The real question is - what information?

"Yo, Vlad, I like how you did not authorize sexy to leave in the first place, but the NSA is in ur routers, readin' ur e-mail," isn't very damning, yet appears to be pretty much the only thing Snowden has been revealing.

Would that get him asylum? Sure, why not? Verified proof of something everyone knows is going on but nobody will admit to, that's thus capable of embarrassing the US on the world stage? Sure, that's probably worth a Visa (or whatever the Russian equivalent is).

Re:No doubt. (0)

Anonymous Coward | about 9 months ago | (#45387283)

Sure, that's probably worth a Visa (or whatever the Russian equivalent is).

The Russian equivalent of "visa" is... wait for it... "visa".

The word comes from the Latin "charta (paper) visa (seen)".

I knew it! (0)

Anonymous Coward | about 9 months ago | (#45387137)

The idiots around here couldn't be real!

Re:I knew it! (0)

Anonymous Coward | about 9 months ago | (#45387151)

The idiots around here couldn't be real!

You have got it backward.

The idiots are all quite real, it is the intelligent responses which
are fake.

Re:I knew it! (1)

Anonymous Coward | about 9 months ago | (#45387211)

The idiots are all quite real, it is the intelligent responses which are fake.

Luckily, we have folks like you to "keep it real" for us!

SSL (5, Informative)

dido (9125) | about 9 months ago | (#45387171)

I suppose using HTTPS would have helped even a little, if Slashdot ever bothered to do so. The victims might have noticed that the certificates changed, even if they did check out, most especially if they used HTTPS Everywhere [eff.org] . They couldn't just foist off an SSL cert for Slashdot signed by some other CA (or even the same CA) then: the SSL Observatory would have noticed the change in the certificate the way SSH notices that public keys to servers you connect to change. Unless of course Slashdot gave its (non-existent) private keys to GCHQ, in which case all bets are now off. Why browser SSL doesn't automatically cache certs the way SSH does and warn if there's a change that doesn't involve certificate expiry or revocation is something that isn't quite clear to me.

Re: SSL (5, Insightful)

Jakeula (1427201) | about 9 months ago | (#45387311)

SSL didn't seem to help LinkedIn. They use ssl and they successfully spoofed that.

Re:SSL (1)

gnoshi (314933) | about 9 months ago | (#45387335)

Being notified of the 'duplicate' responses from the server would have helped too. That's not a normal running condition.

I don't mind so much that browsers don't cache SSL certificates and notify of changes, but it is a shame that the server can't request that behaviour (using something like HSTS).

Re:SSL (0)

Anonymous Coward | about 9 months ago | (#45387343)

Why browser SSL doesn't automatically cache certs the way SSH does and warn if there's a change that doesn't involve certificate expiry or revocation is something that isn't quite clear to me.

Very few sites change their certificates at the exact time the old certificate expires. Most people change their certificates when it's convenient, which could be weeks before the old certificate expires. Your idea would result in a lot of false warnings that would train people to ignore those warnings.

And before you suggest that the warnings shouldn't happen, if there's less than a month till the old certificate expires, the bad guys would just make sure not to spoof the site until one month before the old certificate expires.

Re:SSL (0)

Anonymous Coward | about 9 months ago | (#45387433)

The NSA would certainly find a way to own the CAs.

Re:SSL (1)

gronofer (838299) | about 9 months ago | (#45387469)

The SSL Observatory wouldn't notice a change in certificate if it was only targetted against certain individuals. The CA system is counterproductive if compromising a single CA is all that it takes to disable SSL against any chosen target.

Re:SSL (2)

tomtomtom (580791) | about 9 months ago | (#45387471)

The victims might have noticed that the certificates changed, even if they did check out

Actually, only half the victims could have realised this (at least directly). The websites being spoofed are victims here as well - after all it does your reputation no good at all if someone spoofs your website to serve malware. Best case, you look like an incompetent admin; worst case, someone thinks you did it deliberately and starts telling a lot of their friends. It's akin to a murderer framing an innocent party for his crime - that innocent party is a victim of a crime too. I suspect these agencies have legal immunity unfortunately but if I had proof this had happened to a website I owned, I'd be thinking about what legal redress I could seek.

Turing Test for Slashdot (0)

Anonymous Coward | about 9 months ago | (#45387173)

Assuming the GCHG guys had egos and decided to spoof the site with their own content, instead of settling for a copy, what would the quality of their posts be like? Goofier or more scientific than the Dice Slashdot's? And what about the mods? Would they slip in a self-referential post like this one, or might that be considered too cute?

Re:Turing Test for Slashdot (0)

Anonymous Coward | about 9 months ago | (#45387333)

CIA will kick their bloody arse!

Salaried employees of OPEC are on here? (0)

Anonymous Coward | about 9 months ago | (#45387193)

Wow... I mean Linked In, fair enough, but spoofing Slashdot for nine OPEC employees?

Almost Cut My Hair (1)

wrackspurt (3028771) | about 9 months ago | (#45387195)

And I'm not feelin' up to par
It increases my paranoia
Like lookin' at my mirror and seein' a police car
But I'm not givin' in an inch to fear
'cause I promised myself this year
I feel like I owe it to someone

I bet a lot of /.ers are mentally running through some of their past posts right about now. Where did I leave that tinfoil?

What will they stoop to next? (2)

RDW (41497) | about 9 months ago | (#45387205)

That's a pretty sophisticated hack. Looks like they've gone as far as setting up an entire site that looks superficially like Slashdot, but is full of grotesquely dull stories apparently designed to warp the minds of unsuspecting IT professionals - obviously some sort of psyop strategy, but to what purpose?:

http://slashdot.org/topic/bi/ [slashdot.org]

Re:What will they stoop to next? (0)

Anonymous Coward | about 9 months ago | (#45387241)

They did a great job there - very convincing...

This page is having a slideshow that uses Javascript. Your browser either doesn't support Javascript or you have it turned off. To see this page as it is meant to appear please use a Javascript enabled browser.

... even down to being almost as useless as the real thing has become over the past few years.

Internet...broken? (1)

Anonymous Coward | about 9 months ago | (#45387247)

Time to start from scratch, and start a large-scale redesign of the Internet and its protocols, to try and better secure users from surveillance/attacks?

Tor and other fringe security protocols/networks won't cut it, and getting people to use very-user-unfriendly encryption tools won't happen - nothing short of a mammoth redesign, far surpassing the resources/scale of the IPv6 changeover, is going to come anywhere close to repairing the damage.

There's no going back now - it's already too late to salvage what we have, because it has already been completely and irrecoverably 'owned' - the NSA broke the Internet.

And still no SSL support fon /. (1)

xaosflux (917784) | about 9 months ago | (#45387289)

If /. had even basic ssl support, at least a possible forged certificate could have been revealed.

Anonymous? (0)

Anonymous Coward | about 9 months ago | (#45387291)

Should I now be known as Not-So-Anonymous Coward?

Waht about LinkedIn? (0)

Anonymous Coward | about 9 months ago | (#45387297)

It seems no one even cares about LinkedIn. Instead everyone makes snappy remarks about the /.'s comments section. I guess it's business as usual here.

Re:Waht about LinkedIn? (1)

Press2ToContinue (2424598) | about 9 months ago | (#45387303)

Linked-who-what?

Re:Waht about LinkedIn? (0)

Anonymous Coward | about 9 months ago | (#45387391)

Its the host that sends spam "on behalf" of every third-party contractor and support individual we have.

Please stop calling them Attacks (2)

Press2ToContinue (2424598) | about 9 months ago | (#45387353)

They are frauds. The NSA perpetrated a fraud with these actions. This helps to clarify that these acts are illegal. Fraud is illegal.

Thanks,

Re:Please stop calling them Attacks (1)

mysidia (191772) | about 9 months ago | (#45387589)

OK

The British spy agency GCHQ generated and sent fraudulent messages over the telecommunications network purporting to be from Linkedin and Slashdot to targeted employees' computers, through their internet connection; in order to deceive their targets and their computers' in order to exploit security vulnerabilities causing their computers to execute covertly planted software with a malicious intent.

After targets were defrauded into having covert malware planted on their computers; the software would then cause targets' computers to transmit their most private and sensitive information, against their will, without their permission or knowledge.

Unbelievable! (0)

Anonymous Coward | about 9 months ago | (#45387373)

The nerve of these guys! As a longtime Slashdot user, I immediately went over there and registered my displeasure: GCHQ [yan.mss.cn]

David Cameron (0)

Anonymous Coward | about 9 months ago | (#45387383)

David Cameron is an inbred piece of shit who should be gang raped then put to death for the greater good.

Also he is like AIDS in the middle of EU's butt with his whole country of peasants.

Good luck on exploiting me to all the GCHQ faggots.

DNS redirection for 24hrs (0)

Anonymous Coward | about 9 months ago | (#45387555)

then you just serve malware and redirect back, aint govt dns control great

Copyright Infringement? (1)

Lieutenant_Dan (583843) | about 9 months ago | (#45387697)

Hm, /. may have a valid case to chase after.

After all, they duplicated the site/logo/etc without the permission of the actual copyright owners.

It just strikes me... (1)

FishOuttaWater (1163787) | about 9 months ago | (#45387907)

...how very long a time the federal government would put me in jail if *I* got caught doing this.

Zero Wing meme contest (-1)

Anonymous Coward | about 9 months ago | (#45387913)

Dear fellow Slashdotters,

Since the creation of Slashdot in 1997, there has NEVER been a better story like this one to pull out a Zero Wing [wikipedia.org] reference. If you think otherwise, you must be new here. I, for one, welcome any suggestions which you can submit as a reply to this message. The first prize will be a +5 Insightful from the moderators.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...