Schneier on Security
A blog covering security and security technology.
« Friday Squid Blogging: Squid Festival in Monterey |
| Transparency and Accountability »
May 13, 2013
2007 NSA Manual on Internet Hacking
Posted on May 13, 2013 at 8:15 AM
• 8 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I guess this is quite outdated !
The real interesting part of this is not the content, but things like this are being "liberated" from them and contractors. It's telling because the NSA, as a whole, is becoming too large and inept as a government organization. They are increasingly relying on contractors. Reports assert that 75% of their operational capability is now in the hands of contractors, many just a short distance from Ft. Meade.
The same goes for CIA. CIA Analysis and estimates are still largely done internally, with some help from other contractors, but the covert action side of the house is relying extensively on shady mercenary contractors, Craft, Triple Canopy, Xe.
A predictable result of this outsourcing one could opine are:
- Increasing screw ups by the contractors
- More outright theft and fraud by contractors
- Contractors working for multiple interests under the guise of "we're the government" (this is a real biggie).
- Increasing breaches of information and opsec (good for us)
- Even less oversight and recourse between the American people and these groups (There has been absolutely no oversight for quite some time.)
- More cowboy negligent actions because the contractor doesn't hold downside risk.
- In the longer view, it shows everything is falling apart.
- More aggressive tactics can and will be used.
Why do people call this "hacking"? I didn't see any coding in my skim of it. It seemed a lot more about using the tools that were available in 2007 (back when dinosaurs roamed the earth). Even the title "Untangling the Web" sounds like using a new tool with features you might not know about. The "Google Hacks" term is cited to come from O'Reilly, folks that have a hyperbolic desire to sell books through catchy titles, and are defined as "tips, tricks, techniques, and scripts that make Google more powerful and useful."
Terms have to mean something, and I don't think hacking means this.
They redacted the Cover artist's name, lol...and I smell a female who wrote this.
This could've been condensed to 50 pages. Pg. 396 for Stalker 101; Pg. 615 for sites. Some of the "tricks" were mildly interesting, exactly as Bruce said, but not worth a 650 page read.
Plus, they try to lead you to an online calculator; b/c we want you to put all your calculations online.
more spam boats on our blog? admin, do something. meanwhile, offensive security, anyone? what are legal connotations? if I hack you, and you hack me back, can.you sue?
some news here http://www.theverge.com/2013/5/9/4315228/...
Re: Contractor Issues:
This is an increasing problem, and is in general a result of our huge industrial military complex. For some reason (avoiding politics best I can here...) people decide we need to slash our budget but keep up our resources. The NSA could in-source these things, but the government rather pay more to people they 'know" to do it for them.
The reasons for this are... a bit unethical. But welcome to DC!
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.