Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Replicating the NSA's Gadgets Using Open Source

samzenpus posted about 2 months ago | from the spy-on-it-yourself dept.

Privacy 47

An anonymous reader writes "Wireless security researcher Michael Ossmann asked himself: 'Could I make the gadgets that the agency uses to monitor and locate mobile phones, tap USB and Ethernet connections, maintain persistent malware on PCs, communicate with malware across air gaps, and more, by just using open source software and hardware?' In this podcast he shares his insights on what to use — and how — to duplicate hardware devices found in the ANT catalog."

cancel ×

47 comments

Sorry! There are no comments related to the filter you selected.

No surprise here (1)

Anonymous Coward | about 2 months ago | (#47194593)

In abstract: technology is repeatable

I also wouldn't be surprised if some of the trinkets and software he's looking at were initially made by plugging together a few open source projects just like he's doing. The beta and release models probably have anything with an oppressive license removed, but internal alphas tend to be kludged together from anything available.

Re:No surprise here (4, Interesting)

ledow (319597) | about 2 months ago | (#47194761)

Indeed. My greatest use of Open Source, freeware, shareware and other kinds of "free" software is "what if"-type questions. They would be difficult to answer if all that existed were paid-for commercial solutions that you were then tied into.

Do we need Smoothwall in our large school? Hold on, let me bash out a squid + DansGuardian + iptables setup on an old office machine - look, it does roughly this. Great, should we buy the "commercial" product or is this more-than-enough for what we need (and I usually get both answers over time, depending on where I am)? Actually had one school use my box for 5 years rather than pay Smoothwall nearly a grand a year for updates.

Whoops, we're out of MS licenses and we bought a load of netbooks - there you go, have LibreOffice. While you're there, tell me what's wrong with it and why we couldn't just use that everywhere. Nobody ever came up with an answer to that, which really makes me question why we pay MS for Office.

My last one was digital signage. The school I work for had Powerpoints exported to MP4, then put onto a USB stick and plugged into an LG TV with looping turned on. Looked horrible but did the job. They knew it was the bare-bones and were looking for an all-in solution.

I put in a Xibo box as a test and asked if that was closer to what they wanted. Overnight, the LG TV become attached to a PC running Xibo Client. We've tested it running over RDP from a VM and even off a Raspberry Pi. It's bridged the gap between "an old TV showing something" and "stupendously expensive site-wide digital signage system" nicely. And in fact will probably be as far as we go. If we end up having ten displays showing more than 3 or 4 different schedules, I'll be amazed and it will indeed be time to move to a more commercially-supported package. But for now? A £100 TV and £25 for a RPi box with appropriate cabling. Seems to do the trick quite nicely.

We were going to buy a helpdesk system (don't quite know why). Stuck GLPI on, nobody's ever complained and I've been using GLPI for nearly 10 years in various places.

The beauty of open-source stuff is that you can prototype for free, find out whether there is some element that you will NEED to pay for (i.e. better customisability, more scalability, commercial support, etc.) and not worry about the licence interfering at any point. When you throw it all out, or push a working system into wider deployment, the licensing doesn't really affect you. The only point is does affect you is when you try to commercialise it yourself.

My first reaction upon being asked to do something is "Can I find a bit of free/open software that will do that?". If I can, then we can judge our real needs and requirement. If I can't, nothing lost - and it probably is something that takes a lot of commercial backing to make viable, but at least I know that.

Especially in schools, some bits of free/open software are ubiquitous precisely because they are "good enough" - GIMP, Irfanview, Audacity, Blender, etc.

And when prototyping anything, I tend to find someone's already beaten me to it, and usually by cobbling together open components.

Even the open-source projects, most of the time someone's just cobbled together a lot of other open-source projects and their functionality and just lumped them into one convenient package or written a front-end that relies on dozens of other projects in order to reduce the strain.

If the NSA *AREN'T* using open-source (or some agency-equivalent in a private secure codebase) in a modular manner to build both hardware and software for their "one-off" kinds of devices, then they really need to pull their finger out.

Re:No surprise here (1)

Anonymous Coward | about 2 months ago | (#47195733)

Actually had one school use my box for 5 years rather than pay Smoothwall nearly a grand a year for updates.

Nearly a grand a year is barely nothing. Especially for firewall updates. Thats what, 10 hours of your time over the course of a year? Did you do 10 hours a *year* to support your solution? If so you don't value your time enough.

Cobbling together open-source stuff is great, but it has to be a cost benefit analysis. 1 grand a year is peanuts for a product, support and updates.

Re:No surprise here (4, Interesting)

ledow (319597) | about 2 months ago | (#47196061)

£100 (GBP, notice, not USD) per hour in a school (note, UK schools are schools, for children, not universities or colleges)? You must be kidding.

And beside that, the box ran maintenance free for 5 years. The only changes we ever made were to block specific things we suddenly decided now needed to be blocked (and thus would have the same cost on the Smoothwall solution).

That was one of the points that stopped us buying - the fact that we'd not needed to maintain the "prototype" machine and it has just kept running. There was even a "what happens if the box dies" plan that never went into action because, well, it's still running now for all I know.

Please note also that Smoothwall will often charge a lot more - i.e. for a 19" rack mount box to install this junk on, and initial purchase price. The last quote I saw for a similar-size school this year was £9000 all-in for the first three years.

Given the 2 hours to build it (even compiling Squid from scratch to do transparent proxy properly), the other stuff it did, and the old office server it was running on, I work that out at £4500 an hour. If I was earning that, I wouldn't be working for Smoothwall or schools...

Re:No surprise here (0)

mythosaz (572040) | about 2 months ago | (#47196149)

Whoops, we're out of MS licenses and we bought a load of netbooks - there you go, have LibreOffice. While you're there, tell me what's wrong with it and why we couldn't just use that everywhere. Nobody ever came up with an answer to that, which really makes me question why we pay MS for Office.

Nobody? Are the people at your school dumb? There are plenty of reasons that LibreOffice is inferior to Microsoft Office. The discussion's been had a thousand times. LO might work for you and your students, but don't pretend that it's an apples-for-apples replacement.

My last one was digital signage. The school I work for had Powerpoints exported to MP4, then put onto a USB stick and plugged into an LG TV with looping turned on. Looked horrible but did the job. They knew it was the bare-bones and were looking for an all-in solution.

I put in a Xibo box as a test and asked if that was closer to what they wanted. Overnight, the LG TV become attached to a PC running Xibo Client. We've tested it running over RDP from a VM and even off a Raspberry Pi. It's bridged the gap between "an old TV showing something" and "stupendously expensive site-wide digital signage system" nicely. And in fact will probably be as far as we go. If we end up having ten displays showing more than 3 or 4 different schedules, I'll be amazed and it will indeed be time to move to a more commercially-supported package. But for now? A £100 TV and £25 for a RPi box with appropriate cabling. Seems to do the trick quite nicely.

Maybe I'm missing something, but it seems they had an simple solution, and you made it complicated. Perhaps you should have simply had them export the PowerPoint to a series of images, since those would have cycled nicely from the LG TV on the stick.

The beauty of open-source stuff is that you can prototype for free, find out whether there is some element that you will NEED to pay for (i.e. better customisability, more scalability, commercial support, etc.) and not worry about the licence interfering at any point. When you throw it all out, or push a working system into wider deployment, the licensing doesn't really affect you. The only point is does affect you is when you try to commercialise it yourself.

My first reaction upon being asked to do something is "Can I find a bit of free/open software that will do that?". If I can, then we can judge our real needs and requirement.

This I agree with, up to here...

If I can't, nothing lost.

Time has value. Your solutions above seem to include a lot of it.

Re:No surprise here (1)

Anonymous Coward | about 2 months ago | (#47196795)

Nobody? Are the people at your school dumb? There are plenty of reasons that LibreOffice is inferior to Microsoft Office.

That may (or may not) be true, but the question was why they couldn't use it everywhere, not why everyone can't use it. I personally haven't used Microsoft Office in over a decade and never missed it. Does that make me dumb, too?

Re:No surprise here (0)

mythosaz (572040) | about 2 months ago | (#47197853)

That wasn't his assertion.

He said:

Whoops, we're out of MS licenses and we bought a load of netbooks - there you go, have LibreOffice. While you're there, tell me what's wrong with it and why we couldn't just use that everywhere. Nobody ever came up with an answer to that, which really makes me question why we pay MS for Office.

It worked for his students, but nobody could think of a single reason why they couldn't use it everwhere. If that's true, they're dumb.

I personally haven't used Microsoft Office in over a decade and never missed it. Does that make me dumb, too?

This is the internet, and everyone's a special snowflake.

LibreOffice is only a substitute for Microsoft Office in a limited number of places. I'm happy that, for you, your needs are served by it.

Re:No surprise here (0)

Anonymous Coward | about 2 months ago | (#47198747)

It worked for his students, but nobody could think of a single reason why they couldn't use it everwhere. If that's true, they're dumb.

...or it filled all of their needs and they didn't need Microsoft Office. In which case, you're a fool who's assuming far too much. That does seem rather likely, in this case.

Re:No surprise here (0)

Anonymous Coward | about 2 months ago | (#47199381)

"...or it filled all of their needs and they didn't need Microsoft Office."

That's the thing isn't it. Laptops for school use. If everyone in the school is using the same product, then any funky compatibility/formatting irregularities won't really be an issue. It's unlikely they'll be doing anything more than plotting some points in a spreadsheet and maybe doing some slightly more complex nested if statements anyway.

Re:No surprise here (1)

TemporalBeing (803363) | about 2 months ago | (#47213721)

Whoops, we're out of MS licenses and we bought a load of netbooks - there you go, have LibreOffice. While you're there, tell me what's wrong with it and why we couldn't just use that everywhere. Nobody ever came up with an answer to that, which really makes me question why we pay MS for Office.

Nobody? Are the people at your school dumb? There are plenty of reasons that LibreOffice is inferior to Microsoft Office. The discussion's been had a thousand times. LO might work for you and your students, but don't pretend that it's an apples-for-apples replacement.

And there's plenty of reasons why it is also superior to Microsoft Office, but don't let that get in your way.

The only real compelling reason to continue using Microsoft Office is if you are tied to a specific feature set, plugin, etc used and supported by Microsoft Office. Most everything can be ported over with minimal effort.

laws of physics Yes, laws of your state, No (3, Insightful)

Anonymous Coward | about 2 months ago | (#47194613)

Yes, but anything messing with a cell phone is illegal unless you are above the law (law enforcement, Government etc.) It is even illegal to have a police scanner or radar detector in some (police) states.

Re:laws of physics Yes, laws of your state, No (1)

Chrisq (894406) | about 2 months ago | (#47195069)

Yes, but anything messing with a cell phone is illegal unless you are above the law (law enforcement, Government etc.)

Not your own cellphone for proof of concept surely?

Re:laws of physics Yes, laws of your state, No (1)

mariox19 (632969) | about 2 months ago | (#47195557)

surely?

You must be new around here. Let me be the first to welcome you to the United States of America.

Re:laws of physics Yes, laws of your state, No (0)

Anonymous Coward | about 2 months ago | (#47196375)

your Latin is off methinks

Re:laws of physics Yes, laws of your state, No (0)

Anonymous Coward | about 2 months ago | (#47195693)

Just buy one of those creditcard sized GPS modules with a cellphone included, for 20$ or so on aliexpress.
Add a prepaid sim to it an you can silently sms it and get the location back, with another sms you can listen in etc.

National Security (5, Insightful)

mfh (56) | about 2 months ago | (#47194621)

If the NSA does it, hey that's national security and they are allowed to do anything.

If you do it, you're going to be spending the rest of your life in a 10' cube for national security.

Re:National Security (0)

Anonymous Coward | about 2 months ago | (#47196595)

You must be new here. If you do it, you and your house will be democratized via a fancy model plane.

Re:National Security (0)

Anonymous Coward | about 2 months ago | (#47199733)

If it's on my property, including the immediate airspace over it, I can legally shoot it down.

Re:National Security (0)

Anonymous Coward | about 2 months ago | (#47200537)

You go ahead and shoot that plane down and tell us all how that works out for ya.

lately thats not been possible. (3, Interesting)

nimbius (983462) | about 2 months ago | (#47194649)

the NSA's gadgets, to date, have been secret courts and gag orders. Anyone with a crowbar and a laptop can certainly wiretap an entire neighborhood, but it takes real skill to engineer a series of legal and political precidents and procedures around the power to get away with it. so, lets take a stab at it slashdot!

what i propose is an open-source means of manufacturing consent at the senate and congressional levels of government. The license for ensuring the president and cabinet members acquiesce to everything from rendition to secret torture camps should probably be 3-clause BSD. Warrantless GPS surveillance can use GNU radio, but the technology to forcibly demand the tracking device be returned should be licensed GPLv3. Im still stumped as to how we're going to get a CC licensed version of a gag order from a secret court

parent post [score: 5, Frighteningly Accurate] (0)

Anonymous Coward | about 2 months ago | (#47196567)

funny cuz its true

Lets make problems worse. (3, Interesting)

jellomizer (103300) | about 2 months ago | (#47194671)

Why bother trying to solve problems, lets just make them so much worse.

OK yes the NSA did a lot of illegal things and used/misused tools to gather information that they shouldn't have, and they have a problem being a secret organization of having the correct checks and balances to keep them in place.
So instead of putting brain power into figuring out how to make such organizations more trustworthy and deserving to be trustworthy. Lets just take all their tools and tricks and give them to the general public. Where any kid with some free time and the trendy hatred of "The Man" can get their hands on it, and use it to cause all sorts of problems.

If you are concerned about your privacy giving these tools to the public is just a bad idea. Sure the black hat argument, if we break in then they will have to fix it and make it more secure... But can they really always do that, Not all software and PC's are equal in security needs.
But that is like saying we should all drive armored cars, carry guns, and live like a military personal because there are some kids who just want to destroy things because they can and makes them feel like a big man.

Re:Lets make problems worse. (0)

Anonymous Coward | about 2 months ago | (#47194823)

yeah, because using a decent authentication framework and encryption libraries
is just like driving and armored car with a 50 caliber mounted gun

if the NSA can make a thing, a teenager can make that thing, or a chinese spy,
or a retired polish postal worker. I don't understand how you people still
believe that ideas can only appear once and are somehow containable

Re:Lets make problems worse. (2)

drinkypoo (153816) | about 2 months ago | (#47194873)

instead of putting brain power into figuring out how to make such organizations more trustworthy and deserving to be trustworthy. Lets just take all their tools and tricks and give them to the general public

False dichotomy. Some believe that the only way to do the first thing is to do the second thing, not just in the interests of disclosure but also simply education. How are you going to learn to defend against the attacks without the attacks to practice against?

Re:Lets make problems worse. (0)

Anonymous Coward | about 2 months ago | (#47195591)

Yeah, if the NSA stuff become the stuff of script kiddies, then it is likely that defenses will HAVE to be erected.

No, This is the First Step in Fixing the Problem (3, Insightful)

Anonymous Coward | about 2 months ago | (#47194921)

OK yes the NSA did a lot of illegal things and used/misused tools to gather information that they shouldn't have, and they have a problem being a secret organization of having the correct checks and balances to keep them in place.
So instead of putting brain power into figuring out how to make such organizations more trustworthy and deserving to be trustworthy. Lets just take all their tools and tricks and give them to the general public. Where any kid with some free time and the trendy hatred of "The Man" can get their hands on it, and use it to cause all sorts of problems.

First, it can be argued that, to solve a problem, you must first understand it. Knowing how the NSA is violating our privacy at a technical level is the first step in preventing it.

Second, if having our Dear, Beloved Leaders violate our privacy and constitutional rights is not enough incentive to find solutions to these issues, then maybe having every script kiddie able to do the same might result in some resources being put into place to solve this problem, particularly with respect to corporations who have been actively facilitating this nonsense in the past (*cough* Microsoft, *cough* Cisco, etc.).

So while the short term pain might be a bit unpleasant, it seems to me the long term, much needed changes are probably well worth it.

Re:Lets make problems worse. (-1)

Anonymous Coward | about 2 months ago | (#47195317)

Only illegal thing they did was sometimes skip getting court orders.

Re:Lets make problems worse. (1)

TheCarp (96830) | about 2 months ago | (#47197345)

> If you are concerned about your privacy giving these tools to the public is just a bad idea. Sure the black hat
> argument, if we break in then they will have to fix it and make it more secure..

I think you believe your own straw man.

What is being assaulted here is the relative bubble the NSA operates in. You see, if the NSA develops a tool, that is them. Its tradecraft, its keeping us safe, its under control. They have it, we have no proof anyone else does. No "real" problem...just an "academic" problem of us whiny people complaining about "rights".

However, when someone produces it and shows how easy it is, its no longer the NSA in a vacuume, its anybody with a few bucks. `The thing is....this isn't special. If you really, truely want these devices, you can, for the most part, build them yourself with time. That is true now, it was true a few years ago.

The only real difference is how plausible the deniability is when someone claims that its hard or it requires sophistication to some huge level. It isn't true, its not been true for a while, and it is high time to dispel that myth.

Fact is, the risk is already out there. We already see specialized hardware attacks on ATMs. We have already seen "evil maid" attacks on laptops of Poker players: http://securitywatch.pcmag.com... [pcmag.com]

I don't think informing people with concrete examples of the real threats and popping the bubble around the NSA is really a bad thing. The "bad guys" of whatever flavor you imagine, already have these tools and no qualms about using them.

Re:Lets make problems worse. (0)

Anonymous Coward | about 2 months ago | (#47206817)

Making everything worse is like letting a alcoholic/drug user hit bottom.

Sure, 1% of the time they OD and don't come back, but telling someone addicted to something to try moderation simply does not work.

They need to see what happens when _everyone_ starts using their tools, methods and the rest to see why _they alone_ shouldn't be doing it.

Maybe we're the 1% who'll go down the rabbit hole, but I'd rather everyone be watching everyone and realize how wasteful it is than to try to pretend a cure is available for the ludicrous society whose idea of security becomes warped beyond all recognition.

Ok wait, hang on (3, Insightful)

Sycraft-fu (314770) | about 2 months ago | (#47194749)

Is there any evidence of this "air gap malware" crap? Yes I remember there was a preliminary story on Slashdot... I don't remember any followup, any proof, just some wild ass speculation.

Is there any evidence that such a thing actually exists?

Re:Ok wait, hang on (0)

Anonymous Coward | about 2 months ago | (#47194907)

Yes [pcworld.com]

there have also been multiple proofs of concept that don't rely on hardware implants, like this one. [arnnet.com.au]

Re:Ok wait, hang on (0)

Anonymous Coward | about 2 months ago | (#47194931)

I have a bridge to sell you...

Re:Ok wait, hang on (2)

fulldecent (598482) | about 2 months ago | (#47195035)

It is audio exfiltration, not audio infection. Not very oh-my-god stuff here.

Re:Ok wait, hang on (2)

Sycraft-fu (314770) | about 2 months ago | (#47195433)

The claim made was reinfection via audio. However, as I said, I've seen no proof. Nor, for that matter, any proof on the audio exfiltration malware. Just the one sensationalist preliminary article and no followup.

Hence why I'm interested if there is actually any more information, or if this is just more Internet echo chamber where one unfounded report becomes an Absolute Truth(tm).

Re:Ok wait, hang on (1)

phantomfive (622387) | about 2 months ago | (#47195877)

My understanding of the claim was that once the computer was infected, it used inaudible sound to communicate. Also, AFACT it was nothing more than an experimental project. Nothing particularly interesting.

Re:Ok wait, hang on (0)

Anonymous Coward | about 2 months ago | (#47198525)

> The claim made was reinfection via audio.

No, at least not from the guy who claimed it was happening to him. You do everyone a disservice by misrepresenting his claims. Maybe you are just genuinely ignorant or maybe you are doing it out of a sense of intellectual superiority, I don't know. But neither is a good reason.

Re:Ok wait, hang on (0)

Anonymous Coward | about 2 months ago | (#47195137)

Possibly.

I saw an air-gapped rapid prototype system built using two PCs communicating via the built-in speakers (baseband frequency outside of human hearing using software radio techniques).

So, I'd say it's possible but the conditions required for such as system would need to be optimal for a run of the mill computer (e.g. very short range, relatively high power). The actual bandwidth would be low, as well. As in ~bits per second bandwidth.

Does it exist in the wild, possibly. Would it be useful, don't know...

Re:Ok wait, hang on (0)

Anonymous Coward | about 2 months ago | (#47195569)

If you used 1kHz at the top of the audio range it would basically be inaudible. Even using only 2-QAM that's a good kbps. You'd have to be doing something seriously wrong to only get bits per second, like morse code or something.

This is a good way to get a bidirectional link between a phone and a home-made peripheral, too. On a wired link with 64-QAM over the full 20kHz (plus stereo) you could get up to 240kbps each way, which is overkill for most Arduino-type projects.

Re:Ok wait, hang on (2)

nospam007 (722110) | about 2 months ago | (#47195727)

"If you used 1kHz at the top of the audio range it would basically be inaudible. "

But it might annoy some teens, an added bonus.

Re:Ok wait, hang on (1)

rtb61 (674572) | about 2 months ago | (#47196085)

Air gap espionage I thought that was the pet project of the CIA, with MK Ultra suspected as still running as an off balance sheet semi-privatised but fully politicised entity, undoubtedly doing some very strange things, with some very strange people. Not so much cooperating with the NSA but in competition with them. One wanders if the NSA will start shifting some research efforts into that whole mind control area, as that is one remaining area that have as yet failed to tap.

Podcast Spam (3, Insightful)

ilikenwf (1139495) | about 2 months ago | (#47194783)

Really, this is just promotion of some podcast.

Just use GNU Radio... (0)

Anonymous Coward | about 2 months ago | (#47194975)

...it was funded in part through a CRC grant from the NSA.

(Yeah, I'd dig up the citation if I wasn't on my phone.)

Danger Will Robinson (-1)

Anonymous Coward | about 2 months ago | (#47195161)

Many of you (who haven't been living under a rock) are familiar with the argument against silver dental amalgams. It's widely known that they contain >50% inorganic mercury which later reacts in the human body causing, to name but a few: degenerative diseases such as Alzheimer's, insomnia, all kinds of neurological illnesses and much much more. Human evolution never developed a strategy for coping with these metals as it didn't need to and they are lethal. [1]

I bring it up because it is something which has affected our family greatly. My brother and hence our family were plagued with the results of depression and neurological illness over the years. I researched as much as I could and finally I discovered what I believe is the root cause (no pun intended). The mouth, teeth. I got a look inside my brothers mouth today and it's loaded with metals. I will follow-up with verification but its plain to see.

Dental amalgam controversy [1] [wikipedia.org]

We live in an age of information and people are waking up to the data that is all around them. The problems with fluoride and fluoridation of the water supply (Ireland's is the most fluoridated in Europe) are also being noticed as the lid is lifted on that issue as well.
Flouride alert [fluoridealert.org] [2].

Data on Ireland's fluoridated water supply, with evidence of it being the most fluoridated and thus toxic in Europe [fluoridefreewater.ie] [2]

Toothpaste: Most toothpaste (almost all) sold in Ireland contains fluoride in a concentrated form, and thus is even more dangerous than the tap water, which should at all times be filtered.
Issues with toothpastes [fluoridealert.org]

All of these issues affect you and your loved ones every day, and in the case of mercury fillings, the problem is potentially much more severe. It has had a very negative effect on my family, so this is my story.

Spying, no matter what justification, results in t (0)

Anonymous Coward | about 2 months ago | (#47197563)

As per subject line. Also just because non naturally understandable radio waves can pass through you, that gives you no right to use a device to understand the content of the transmission, if you are not the intended recipient of that transmission. If you do use equipment to understand the content not intended for you, then you are guilty, the punishment being death.

Spying subject line. (0)

Anonymous Coward | about 2 months ago | (#47197599)

Spying, no matter what justification, results in the death of the Spyer.

Please be careful (1)

ctrl-alt-canc (977108) | about 2 months ago | (#47197659)

Duplicating the gadget [wikipedia.org] can be very dangerous!

NSA has weakened national security (1)

IDtheTarget (1055608) | about 2 months ago | (#47203981)

I'm wondering when somebody in congress will initiate legal action against the NSA for weakening national security.

It's generally acknowledged by now that the NSA has intentionally weakened various cryptographic algorithms, including AES. I'm responsible for various WAN links at my organization, and they use AES-256 IPSec tunnels to secure the traffic. That traffic is extremely sensitive in nature. The NSA may have intended to only allow themselves to crack this encryption, but how am I supposed to know that some other hacker hasn't figured out how to take advantage of the NSA's actions? How do I tell my director that our data is secure, and that we're meeting state and federal regulatory requirements?

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>