Phi Quyền Chính - Anarchism: The Tao Of Anarchy

The Tao of Anarchy: There is no God. There is no State. They are all superstitions that are established by the power-hunger psychopaths to divide, rule, and enslave us. It's only you and me, we are all true and real existence though in one short life. That is, We all are capable to freely interact with one another without coercion from anyone. We all are capable to take self-responsibility to find ways to live with one another in liberty, equality, harmony, and happiness before leaving this world forever. We all were born free and equal among all beings on this planet. We are not imprisoned in and by a place with a political name just because we were born there by chance. We are not chained to a set of indoctrinated beliefs that have been imposed upon us by so-called traditions. This Planet is home to all of us. No one owns it. We share the benefits from and responsibility to this Earth. We pledge no oath, no allegiance to no one; submit to no authority. We are all free and equal. The only obligation we all must undertake constantly with consistency is to respect the same freedoms and rights of others.

Nhận Định

Leaked NSA Malware Threatens Windows Users Around the World

The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware used by the NSA to attack computers around the world, today released another cache of what appears to be extremely potent (and previously unknown) software capable of breaking into systems running Windows. The software could give nearly anyone with sufficient technical knowledge the ability to wreak havoc on millions of Microsoft users.

The leak includes a litany of typically codenamed software “implants” with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT, capable of breaking into — and in some cases seizing control of — computers running version of the Windows operating system earlier than the most recent Windows 10. The vulnerable Windows versions ran more than 65 percent of desktop computers surfing the web last month, according to estimates from the tracking firm Net Market Share.

The crown jewel of the implant collection appears to be a program named FUZZBUNCH, which essentially automates the deployment of NSA malware, and would allow a member of agency’s Tailored Access Operations group to more easily infect a target from their desk.

via Matthew Hickey

According to security researcher and hacker Matthew Hickey, co-founder of Hacker House, the significance of what’s now publicly available, including “zero day” attacks on previously undisclosed vulnerabilities, cannot be overstated: “I don’t think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life,” he told The Intercept via Twitter DM, “and I have been involved in computer hacking and security for 20 years.” Affected computers will remain vulnerable until Microsoft releases patches for the zero-day vulnerabilities and, more crucially, until their owners then apply those patches.

“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”

Hickey provided The Intercept with a video of FUZZBUNCH being used to compromise a virtual computer running Windows Server 2008–an industry survey from 2016 cited this operating system as the most widely used of its kind.

https://player.vimeo.com/video/213263277?title=0&byline=0&portrait=0&badge=0&color=ff0179Susan Hennessey, an editor at Lawfare and former NSA attorney, wrote on Twitter that the leak will cause “immense harm to both U.S. intel interests and public security simultaneously.”

A Microsoft spokesperson told The Intercept “We are reviewing the report and will take the necessary actions to protect our customers.” We asked Microsoft if the NSA at any point offered to provide information that would help protect Windows users from these attacks, given that the leak has been threatened since August 2016, to which they replied “our focus at this time is reviewing the current report.” The company later clarified that “At this time, other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers.”

Update: April 15, 2017

Late Friday night, Microsoft published a blog post stating that after an analysis of the ShadowBrokers leak, it had determined that most of the vulnerabilities were patched in a series of Windows updates released in March — updates that security researchers who analyzed the NSA tools apparently neglected to install. This means the exploits in question were not in fact “zero days” and that anyone running the most recent updates on software still supported by Microsoft is safe from the ShadowBrokers arsenal. But the timing of the patch in question is interesting: If Microsoft truly did not receive any help from the NSA, as it claims, the fact that it fixed a litany of holes vulnerable to secret NSA tools exactly a month before those tools were made public is an amazingly fortunate coincidence (curiously, Microsoft skipped the usual acknowledgements section with the patch, which typically nods to how they were informed of the threats fixed in a given update). At any rate, this is certainly good news for Windows users who keep their computers up to date, good news for Microsoft, and still very bad news for the NSA.

Update: April 14, 2017
This post has been updated with an additional comment from Microsoft.

Top photo: People sit in front of devices running the Microsoft Windows 8 operating system at a press conference launch of the system in New York City, on Oct. 25, 2012.

Advertisements
%d bloggers like this: