Congress Investigating secrecy arround security flaw

News that do not fit in elswhere

Moderators: b1o, jkerr82508

User avatar
viking60
Über-Berserk
Posts: 9153
Joined: 14 Mar 2010, 16:34

Congress Investigating secrecy arround security flaw

Postby viking60 » 28 Jan 2018, 02:05

The US Congress wants to know why the Tech companies knew about the Intel CPU flaws since June 2017 and kept it secret until January 2018.

The U.S. House Energy and Commerce Committee sent letters to Apple, Amazon, AMD, Arm, Google, Intel and Microsoft asking why they agreed to keep details of the Meltdown and Spectre vulnerabilities secret.


Intel is dancing for joy and "welcomes the opportunity" to continue their dialogue with Congress. :liar:

Either they are lying - because it is obvious that nobody looks forward to something like that..or they have a really good reason for this monumental failure...like being instructed by government agencies to leave some back-doors open.

It is clear that they have expressed their wishes to that affect before.
OutlawCountry
30 June, 2017
Today, June 30th 2017, WikiLeaks publishes documents from the OutlawCountry project of the CIA that targets computers running the Linux operating system. OutlawCountry allows for the redirection of all outbound network traffic on the target computer to CIA controlled machines for ex- and infiltration purposes. The malware consists of a kernel module that creates a hidden netfilter table on a Linux target; with knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from an user or even system administrator.

The installation and persistence method of the malware is not described in detail in the document; an operator will have to rely on the available CIA exploits and backdoors to inject the kernel module into a target operating system. OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x; this module will only work with default kernels. Also, OutlawCountry v1.0 only supports adding covert DNAT rules to the PREROUTING chain.

So maybe they forgot to inform Congress. :confused

According to Wikileaks the agencies are not content with the "voluntary sharing" and created the ExpressLane project:
B But this 'voluntary sharing' obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.

ExpressLane is installed and run with the cover of upgrading the biometric software by OTS agents that visit the liaison sites. Liaison officers overseeing this procedure will remain unsuspicious, as the data exfiltration disguises behind a Windows installation splash screen..


Pure speculation - of course as it is if your Passwords have already been stolen - since there is no way of knowing.

More here
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
R_Head
Berserk
Posts: 2400
Joined: 17 Mar 2010, 15:40

Re: Congress Investigating secrecy arround security flaw

Postby R_Head » 29 Jan 2018, 02:04

Another Circus... they know, so why pretend they have no clue. The backdoor is there because they were told to do so. :twisted:

I wonder what Internet Port is used... :think:

User avatar
viking60
Über-Berserk
Posts: 9153
Joined: 14 Mar 2010, 16:34

Re: Congress Investigating secrecy arround security flaw

Postby viking60 » 29 Jan 2018, 02:17

I don't know.
The CPU flaw is un-traceable. All your info may be stolen and there is no way of knowing it.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
R_Head
Berserk
Posts: 2400
Joined: 17 Mar 2010, 15:40

Re: Congress Investigating secrecy arround security flaw

Postby R_Head » 29 Jan 2018, 20:32

FEBRUARY 17, 2011 | 11:31 AM

Here's the official list of attendees of Thursday evening's meeting of technology industry chiefs with President Obama in San Francisco. It includes many of Silicon Valley's biggest names.

John Doerr, partner, Kleiner Perkins Caufield & ByersCarol Bartz, president and CEO, Yahoo!John Chambers, CEO and chairman, Cisco SystemsDick Costolo, CEO, TwitterLarry Ellison, co-founder and CEO, OracleReed Hastings, CEO, NetFlixJohn Hennessy, president, Stanford UniversitySteve Jobs, chairman and CEO, AppleArt Levinson, chairman and former CEO, GenentechEric Schmidt, chairman and CEO, GoogleSteve Westly, managing partner and founder, Westly GroupMark Zuckerberg, founder, president and CEO, Facebook

From a description of the meeting by a White House official:

The meeting is a part of our ongoing dialogue with the business community on how we can work together to win the future, strengthen our economy, support entrepreneurship, increasing our exports, and get the American people back to work. The President and the business leaders will discuss our shared goal of promoting American innovation, and discuss his commitment to new investments in research and development, education and clean energy."


http://latimesblogs.latimes.com/technol ... thers.html

All techies salivated over this... to me was, what heck this joker is doing? I wonder Steve Jobs paid the ultimate price, he was very picky with his products :think:

User avatar
viking60
Über-Berserk
Posts: 9153
Joined: 14 Mar 2010, 16:34

Re: Congress Investigating secrecy arround security flaw

Postby viking60 » 02 Feb 2018, 00:41

This is me wearing my tinfoil hat two years ago:
:A
viewtopic.php?f=22&t=4014

Somehow - nothing about this has been able to calm me down.... :wall:
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
R_Head
Berserk
Posts: 2400
Joined: 17 Mar 2010, 15:40

Re: Congress Investigating secrecy arround security flaw

Postby R_Head » 02 Feb 2018, 13:09

That is not a Tin Foil thing. The conspiracy theory meme was coined by CIA back in the 60s. The purpose is to redicule anybody that has a different view and force people to stick what they are told.

I say, good post and good that you pointed out a vulnerability :cheers


Return to “General News”