Cryptome: NSA has access to Windows Mobile smartphones
November 1st, 2007 by Juha-Matti, Filed under: Web, Microsoft, Commentary, Privacy, Physical Security, Corporate Security
First time in history Cryptome.org has released information about the characteristics of NSA’s network surveillance.
According to the newest IP address listing
IP ranges published by Cryptome are used by NSA, by NSA’s private sector contractors, and by NSA-friendly non-US national government agencies to access both stand-alone systems and networks running Microsoft products.
The post continues:
This includes wireless wiretapping of “smart phones” running Microsoft Mobile. Microsoft remote administrative privileges allow “backdooring” into Microsoft operating systems via IP/TCP ports 1024 through 1030.
The site has published NSA-affiliated IP addresses since July ‘07. It’s not known if this mysterious source ‘A’ has connections to National Security Agency.
-
Are you scanning your site for vulnerabilities on a daily basis?
Subscribe
Subscribe
La NSA tiene acceso a tu PDA con Windows Mobile…
Cryptome ha publicado información de los rangos de IP usados por la NSA y las empresas privadas que trabajan para la misma. Estas direcciones IP se usan para acceder de forma remota y con privilegios administrativos (backdoors), en el sistema operativ…
Can regular readers of this blog like me avoid having these pesky news flashes aimed towards people with tin hats? For what are these worth? Wasn’t this supposed to be a security blog maintained by security experts?
If so, shouldn’t these experts have extra caution when validating their news sources?
Just a random quote from:
http://cryptome.org/nsa-ip-update3.htm
J. sends 26 July 2007:
Quote:
“A writes: Could someone explain to me, in simple terms, what the NSA-Affiliated IP Resources articles mean? What is the NSA doing at those addresses? What are they looking for? What does it mean to the average person?
Cryptome: We don’t know for sure what the data could be used for, but probably to track NSA spying on the on the Internet by way of cooperative service providers. And to out the service providers. Could be a hoax. Could be NSA providing the data, or pretending to use these routes, as a ruse to cover how internet spying is really done.”
Reading the various postings about NSA associated IP addresses it is quite obvious that almost everything posted about IP ranges is flaky.
Previous address ranges reported on cryptome have been tarted up by listing the associated DNS records - presumably it sounds much more authoritative to list the (publicly available) NS servers for an IP range than just the IP range. This does not in any way make the claims more plausible.
The actuality is that anyone can list an IP range and associated DNS servers and claim they is NSA related. What is lacking is the provable association between an IP range and a NSA operation.
Further reading into the cryptome archives shows that even port ranges are “NSA related”.
I emailed earlier to state some obvious flaws in the reported “NSA ranges” including the comment that they covered the entire IP4 range. I commented that it was either white hats or black hats feeding you false information. I now revise that assessment to include the tin foil hat brigade.
Until any of your anonymous contributors can come up with a provable association between an IP range or port range with NSA operations, the entire proposition is obviously a beat-up by, dare I say it, the tin-foil hat brigade.
Maybe someone at securiteam wants to have a look at the HTML source of this article, and then remove the links and secure the wordpress installation?
The administrator is aware and these links have been removed earlier today.
O.o