This just in from the Edward Snowden vault of government secrets: The National Security Agency is breaking into "potentially millions of computers worldwide" and infecting them with malware "implants" as part of an effort that is increasingly relying on automated systems and not human oversight, according to a by First Look Media report published Wednesday.

And the NSA is pretending to be Facebook to get the job done.

"In some cases the NSA has masqueraded as a fake Facebook server, using the social-media site as a launching pad to infect a target's computer and exfiltrate files from a hard drive," First Look reported on Glenn Greenwald's Intercept channel, citing a classified slide presentation from 2009. "In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer's microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites."

As part of the "industrial-scale exploitation," the agency is leveraging Facebook's global appeal to trick targets into logging in to a doppelganger version of the site, a technique dubbed "Quantumhand."

The agency is able to trick target computers by transmitting "malicious data packets" that disguise it as the real Facebook, a process illustrated in this top-secret animation:

cont.
http://www.nationaljournal.com/tech/the-nsa-is-using-facebook-to-hack-into-your-computer-20140312

not me they aren't
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 www.facebook.net
127.0.0.1 www.facebook.org
127.0.0.1 connect.facebook.net
127.0.0.1 static.ak.facebook.com
127.0.0.1 s-static.ak.facebook.com

not me they aren't
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 www.facebook.net
127.0.0.1 www.facebook.org
127.0.0.1 connect.facebook.net
127.0.0.1 static.ak.facebook.com
127.0.0.1 s-static.ak.facebook.com

lmfao, genius use of host entries is genius.

I'm going to start making my own powerpoints and see how long it takes before they get posted here.

443799055445942272

quick, let me share this real fast

quick, let me share this real fast

LoL at the

http://t3.gstatic.com/images?q=tbn:ANd9GcTGM8h0aubhdxvRw8BfDTg-Cn3IoKHSYzrrv-8hiyLRmas0zSPd

I wonder how many times that story will be deleted from Facebook?

LoL at the

http://t3.gstatic.com/images?q=tbn:ANd9GcTGM8h0aubhdxvRw8BfDTg-Cn3IoKHSYzrrv-8hiyLRmas0zSPd

I wonder how many times that story will be deleted from Facebook?

CONSPIRACY THEORIST!!!

/sc

More on this from Greenwald and company here:

How the NSA Plans to Infect ‘Millions’ of Computers with Malware
https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/

Again, when talking about this, talk about the fact that the NSA is making it easy for Iran, Russia and China to get into American computers, in government and at defense contractors.

If you want a strong national defense you have to stop the NSA from eroding it.

Just said this in another thread:

You gotta Fight! For your Right! To Pri-iiii-vacy!

not me they aren't
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 www.facebook.net
127.0.0.1 www.facebook.org
127.0.0.1 connect.facebook.net
127.0.0.1 static.ak.facebook.com
127.0.0.1 s-static.ak.facebook.com

For those interested, a more complete version, although this may be out of date as well.


127.0.0.1 www.facebook.com www.connect.facebook.com graph.facebook.com connect.facebook.net badge.facebook.com badge.facebook.net

127.0.0.1 facebook.com
127.0.0.1 product.canonical.com
127.0.0.1 static.ak.facebook.com
127.0.0.1 api.facebook.com
127.0.0.1 api.ak.facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 register.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 pt-br.facebook.com
127.0.0.1 fr-fr.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 it-it.facebook.com
127.0.0.1 ar-ar.facebook.com
127.0.0.1 hi-in.facebook.com
127.0.0.1 zh-cn.facebook.com
127.0.0.1 developer.facebook.com
127.0.0.1 developers.facebook.com
127.0.0.1 apps.facebook.com
127.0.0.1 www-college.facebook.com
127.0.0.1 platform.ak.facebook.com
127.0.0.1 creative.ak.facebook.com
127.0.0.1 new.facebook.com
127.0.0.1 tr-tr.facebook.com
127.0.0.1 es-es.facebook.com
127.0.0.1 el-gr.facebook.com
127.0.0.1 sv-se.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 zh-hk.facebook.com
127.0.0.1 zh-tw.facebook.com
127.0.0.1 fi-fi.facebook.com
127.0.0.1 hs.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ru-ru.facebook.com
127.0.0.1 hr-hr.facebook.com
127.0.0.1 m.facebook.com
127.0.0.1 nl-nl.facebook.com
127.0.0.1 nb-no.facebook.com
127.0.0.1 ja-jp.facebook.com
127.0.0.1 ko-kr.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 sl-si.facebook.com
127.0.0.1 connect.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 pl-pl.facebook.com
127.0.0.1 secure.facebook.com
127.0.0.1 iphone.facebook.com
127.0.0.1 blog.facebook.com
127.0.0.1 0.channel24.facebook.com
127.0.0.1 s-static.ak.facebook.com
127.0.0.1 creativeupload.facebook.com
127.0.0.1 creativeupload-sf2p.facebook.com
127.0.0.1 upload.facebook.com
127.0.0.1 static.fbshare.me
127.0.0.1 sphotos.xx.fbcdn.net
127.0.0.1 sphotos-a.xx.fbcdn.net
127.0.0.1 sphotos-b.xx.fbcdn.net
127.0.0.1 sphotos-c.xx.fbcdn.net
127.0.0.1 sphotos-d.xx.fbcdn.net
127.0.0.1 sphotos-e.xx.fbcdn.net
127.0.0.1 xx-fbcdn-01-01-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-02-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-03-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-04-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-05-sjc1.facebook.com
127.0.0.1 www-slb-11-02-snc5.facebook.com

Facebook doesnt just use that name plus dot com or net at the end. They use what is called a CDN or Content Delivery Network. Those domains need to also be blocked.

FedBook...NSA spying on people using it...

Wow, imagine my shock at that news.

I'm perplexed why you say "the NSA" but not "the NASA".

They must need a nap. I'm not all that interesting.

They must need a nap. I'm not all that interesting.

Its not about you being interesting, its about control when you do something that becomes interesting, like become Libertarian.

Other side of the coin is they understand how to best present information to you in a manner that causes you to have the reaction they desire you to have.

not me they aren't
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 www.facebook.net
127.0.0.1 www.facebook.org
127.0.0.1 connect.facebook.net
127.0.0.1 static.ak.facebook.com
127.0.0.1 s-static.ak.facebook.com

Are your links safe ones? I just need to log on to facebook one time, to delete my account.

Are your links safe ones? I just need to log on to facebook one time, to delete my account.

On the one hand, the best link to use is:
https://www.facebook.com
That one is unlikely to be compromised by any ordinary hackers, and you can check the site's certificate to make sure it's really Facebook (or the NSA...see below).

On the other hand, depending on how sophisticated the NSA's phishing scheme is, it's possible that no link is safe from the kind of attacks discussed in this thread: A compromised DNS server for instance could redirect the correct URL to the incorrect IP address. Also, I'm not fully aware of the extent to which the NSA has compromised SSL/TLS, but I wouldn't be surprised if they could forge a certificate that makes it seem like a compromised site is the real Facebook. After attempting every exploit they can on your browser, they may then allow you to give them your username and password, log into the real Facebook FOR you, then forward the connection.

Not only do I not fully understand the implications of everything that has already been released, but there's more yet to come, and there's probably more that even Snowden never learned about. :-/

Are your links safe ones? I just need to log on to facebook one time, to delete my account.

Tech Explanation

127.0.0.1 means local host, or the source is the same as the destination. Each of the entries there makes sure that your computer does not talk to facebook because it cant. Your computer thinks it is facebook.

Just think, if the NSA wasn't spying on us, those resources could be used to find out what is going on in the world. Say missing airliners, or who is about to invade who, or who might be building bombs somewhere .... stuff like that.

not me they aren't
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com (http://www.facebook.com)
127.0.0.1 facebook.com
127.0.0.1 www.facebook.net (http://www.facebook.net)
127.0.0.1 www.facebook.org (http://www.facebook.org)
127.0.0.1 connect.facebook.net
127.0.0.1 static.ak.facebook.com
127.0.0.1 s-static.ak.facebook.com


For those interested, a more complete version, although this may be out of date as well.



Facebook doesnt just use that name plus dot com or net at the end. They use what is called a CDN or Content Delivery Network. Those domains need to also be blocked.

To be fair, if the NSA is using a fake facebook server, then blocking the real facebook servers will likely have no impact on the NSA's activities.

Just think, if the NSA wasn't spying on us, those resources could be used to find out what is going on in the world. Say missing airliners, or who is about to invade who, or who might be building bombs somewhere .... stuff like that.

Because they know terrorism is a lie. And whenever an act of true terrorism occurs, it is because we backed that person into a corner and stirred the hornets nest.

Our Government is run by serial killers & perverts.

On the one hand, the best link to use is:
https://www.facebook.com
That one is unlikely to be compromised by any ordinary hackers, and you can check the site's certificate to make sure it's really Facebook (or the NSA...see below).

On the other hand, depending on how sophisticated the NSA's phishing scheme is, it's possible that no link is safe from the kind of attacks discussed in this thread: A compromised DNS server for instance could redirect the correct URL to the incorrect IP address. Also, I'm not fully aware of the extent to which the NSA has compromised SSL/TLS, but I wouldn't be surprised if they could forge a certificate that makes it seem like a compromised site is the real Facebook. After attempting every exploit they can on your browser, they may then allow you to give them your username and password, log into the real Facebook FOR you, then forward the connection.

Not only do I not fully understand the implications of everything that has already been released, but there's more yet to come, and there's probably more that even Snowden never learned about. :-/

That's an awfully tough exploit though, as you have to know which DNS server your target is using and then hack it. I highly doubt that any 'legitimate' target for the NSA will be using their home ISP's DNS.

On that note, however, an application that you enter 5 different DNS servers, filters requests out of the NIC, and then tosses up a procede warning when the 5 have a serious IP mismatch might be an amazing idea.

I have been warning people like, forever, not to use Facebook - right?

Because they know terrorism is a lie. And whenever an act of true terrorism occurs, it is because we backed that person into a corner and stirred the hornets nest.

Our Government is run by serial killers & perverts.
That is how we knew the Soviets shot down KAL007. Over objection of everybody in the "intelligence community", Reagan released the voice intercepts of the Soviet air defense HQ and the fighters sent to intercept and then were ordered to destroy the target.

Talk about an "oops" moment for Soviet propaganda.

That's an awfully tough exploit though, as you have to know which DNS server your target is using and then hack it. I highly doubt that any 'legitimate' target for the NSA will be using their home ISP's DNS.

On that note, however, an application that you enter 5 different DNS servers, filters requests out of the NIC, and then tosses up a procede warning when the 5 have a serious IP mismatch might be an amazing idea.

Since the NSA is spoofing Facebook in a dragnet manner than a targeted manner, it stands to reason that if they decided to compromise DNS servers as part of the exploit, it would also be done with a broad brush to get "whoever they can" rather than ensnare a particular Facebook user. Whenever they want to target someone in particular, there are a lot more direct methods than tricking them into visiting a spoofed site. IIRC some of the old leaks demonstrated they've compromised some certificate authorities in their attacks on SSL, and considering they explicitly target system admins in general for root exploits (new leak), I wouldn't be surprised if they've compromised a lot of major DNS servers too only to occasionally "flip on" their changes when they want to get a new batch of dragnet victims through the browser.

Either way, I definitely agree that DNS-cross-checking can't hurt.

Speech must be protected. They are doing everything in their power to limit free speech on the internet because they know the spread of information is causing them to lose.

The Government is trying to implement laws slowly over time that prevents us from speaking our mind freely on the internet. The first phase will be hefty fines for slander. Meaning we can't talk shit about corporations freely if we want to. This is what the information gathering will be used for first.

They got caught with their pants down. Edward Snowden is a hero.

They = Old/timey King & Queen money passed down from generation to generation going back to...???

We need to encrypt the planet and use our human ingenuity not just for faster processors, but for the largest storage capacities we can possibly think of. We need encryption with a security level of as many bits as we can afford and upgrade it over time that runs on all devices and implemented in all services that we use on the internet. Then we need to develop a new kind of decentralized internet that doesn't require an ISP to connect to.

People need to stop being pussies and learn about encrypted communications. Sending your first PGP message is fun. Now we need that technology running in the background so you don't need to mess with it every time.

Speech is more powerful than weapons if you use it before they use their power. We know they like to kill dogs. Can we stop posting about it, grow a pair of balls, and do something about it?

Stop using their US Dollar. Get into commodities and crypto-currencies. You can buy everything you need with both. Making them hold their dollar bag puts things more in our favor as value is transferred.

Start communicating with friends and family with encryption. And show your friends and family how it works once you learn.

Just think, if the NSA wasn't spying on us, those resources could be used to find out what is going on in the world. Say missing airliners, or who is about to invade who, or who might be building bombs somewhere .... stuff like that.

Or they could have found Obama biden Laden, or Waldo, or Bigfoot even.

To be fair, if the NSA is using a fake facebook server, then blocking the real facebook servers will likely have no impact on the NSA's activities.

As long as your computer thinks it's the real FB server, then the hosts file solution does work.