[Dailydave] An anonymous posting

dave aitel dave at immunityinc.com
Tue Aug 16 09:34:21 EDT 2016


Note that the below is not from me. I know every time I do this ppl who
can't read are like "IT IS FROM YOU". But I have a strict personal rule
against pseudonyms; even my TF2 and Overwatch accounts are named
"DAVEAITEL".
-dave


----------------------------------------------------------------
Regarding the supposed Cisco firewall tool leak from NSA that was
publicly disclosed recently:

At a recent briefing, somebody said not to download or look at them
because if real, they would be TS//COMINT//NOFORN and against the law
for someone with a high level clearance to process on an uncertified system.

Someone else said that is not likely the case, because it would be
illegal for the real owners to use them. If real, they would be
classified as UNC//COMINT which sounds odd until you realise that is how
someone could avoid breaking the law when deploying such tools on the
unclassified internet.

This only applies to deployables like binaries - source code would still
be classified as TS//etc.

Other than the silliness above, state sponsored leaks of intrusion tools
should still be fair game to asses because if they were a sacred cow, it
would be handy for an adversary to pose as someone using the target's
own SIGINT agency's tools against them.  It's almost worth having a fake
leak since the supposed owners neither confirm nor deny anything, usually.

This is another one of those weird things that never makes into books or
the big screen. Kind of like how some countries insist that their spy
agencies comply with all the laws and regulations, so they have to
register a radio license for every RF surveillance device they deploy. 
This also means one of their staff has to act as an officer of the local
FCC equivalent who will register the radio licenses for them.  Obviously
no fees are charged, since it is just a government inter-departmental
transaction.

Honestly Dave, this is no joke.

Someday, someone will come out with a book of all sorts of this silly
stuff that doesn't actually debunk as much as demystify how things work
behind closed doors.

Cheers

-unohu


More information about the Dailydave mailing list