Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

truedelphi

(32,324 posts)
Mon Mar 17, 2014, 05:10 PM Mar 2014

NSA likes Cookies as much as Cookie Monster -

If you run a computer that is hooked into the internet, then the NSA may be interested in you, especially if any cookies of your Tweets, FB posts etc have triggered such interest on their part:

https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/

From the article:
Blaze, the University of Pennsylvania surveillance expert, says the potential use of man-in-the-middle attacks on such a scale “seems very disturbing.” Such an approach would involve indiscriminately monitoring entire networks as opposed to targeting individual suspects.

“The thing that raises a red flag for me is the reference to ‘network choke points,’” he says. “That’s the last place that we should be allowing intelligence agencies to compromise the infrastructure – because that is by definition a mass surveillance technique.”

To deploy some of its malware implants, the NSA exploits security vulnerabilities in commonly used Internet browsers such as Mozilla Firefox and Internet Explorer.

The agency’s hackers also exploit security weaknesses in network routers and in popular software plugins such as Flash and Java to deliver malicious code onto targeted machines.

14 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
NSA likes Cookies as much as Cookie Monster - (Original Post) truedelphi Mar 2014 OP
To speak of cookies of your tweets, and posts etc. hootinholler Mar 2014 #1
Expand on your thought. truedelphi Mar 2014 #4
A true man in the middle attack can do much more than that hootinholler Mar 2014 #5
Got it, thanks. truedelphi Mar 2014 #6
I'm not going to claim to be one of the finer minds in computing hootinholler Mar 2014 #7
The Carlyle Group gotta get paid! Pholus Mar 2014 #2
Well it's not like money for such programs means any cut truedelphi Mar 2014 #9
I didn't read the article NuclearDem Mar 2014 #3
I think I know whatyou mean. And it truedelphi Mar 2014 #8
K & R !!! WillyT Mar 2014 #10
They got nothing on Zuckerberg. idendoit Mar 2014 #11
Well, sure. They're feeding the DEA surveillance data to catch people for smoking pot. Warren DeMontague Mar 2014 #12
Sounds like I better eat that last batch of cookies fast, truedelphi Mar 2014 #13
They already know. Warren DeMontague Mar 2014 #14

hootinholler

(26,449 posts)
1. To speak of cookies of your tweets, and posts etc.
Mon Mar 17, 2014, 05:21 PM
Mar 2014

Is meaningless. There are no such things. Cookies track state of a session with a web server, primarily your credentials. If you have the right cookie, you can do stuff. The man in the middle attack can then leverage that with the server, or feed you other cookies which may open up vulnerabilities on your machine because you trusted the server you think you are interacting with.

If you give a spook a cookie, he's gonna want your packets.

truedelphi

(32,324 posts)
4. Expand on your thought.
Mon Mar 17, 2014, 05:26 PM
Mar 2014

The statements I am reading in connection with the article I posted had to do with how if you are on a computer/internet session, and you (for instance) Retweet Roseanne Barr's tweet about legalizing hemp, then the word hemp in her tweet could be hooked into the code tracking the NSA is employing.

Is tracking in that manner a possibility or not? And if not, why not?

hootinholler

(26,449 posts)
5. A true man in the middle attack can do much more than that
Mon Mar 17, 2014, 05:38 PM
Mar 2014

Depending on the investment made in the sophistication of the 'middle man' software. In theory it could block your re-tweet and make it appear to you that it went out just fine, or edit your re-tweet to make you look foolish.

So tracking via these methods is a closer scrutiny than simply monitoring all traffic going across a network node.

It's not cookie manipulation doing that, was my point.

truedelphi

(32,324 posts)
6. Got it, thanks.
Mon Mar 17, 2014, 05:52 PM
Mar 2014

I think I knew it was more than mere cookie manipulation, but I no longer have access to some of the finer minds in computers. (Cancer having taken two such friends.) Good to know such people like yourself are on DU.

hootinholler

(26,449 posts)
7. I'm not going to claim to be one of the finer minds in computing
Mon Mar 17, 2014, 06:10 PM
Mar 2014


I've just been around a long time in computer years, like 3000 or so, assuming our year is 100 computer years.

Actually, having skimmed the article, I don't think cookies are involved in these techniques at all.

Pholus

(4,062 posts)
2. The Carlyle Group gotta get paid!
Mon Mar 17, 2014, 05:22 PM
Mar 2014

Total hoovering of our online lives is just a way for the BFEE to make mo money.

truedelphi

(32,324 posts)
9. Well it's not like money for such programs means any cut
Mon Mar 17, 2014, 06:14 PM
Mar 2014

Backs in other areas of our lives, she said sardonically.

Warren DeMontague

(80,708 posts)
12. Well, sure. They're feeding the DEA surveillance data to catch people for smoking pot.
Mon Mar 17, 2014, 08:18 PM
Mar 2014

Potheads like cookies, so cookies would be a logical thing to help the DEA figure out where to send the SWAT team, to arrest the cookie-eating pot smoker.

Warren DeMontague

(80,708 posts)
14. They already know.
Tue Mar 18, 2014, 04:49 PM
Mar 2014

The important thing to remember is that these extra constitutional powers are ONLY being used in extreme circumstances, so for instance when the DEA falsifies the evidence trail in the case of one of the many extremely dangerous cancer grannies being dragged to prison for eating a pot brownie, they are doing so to to keep you safe!

Latest Discussions»General Discussion»NSA likes Cookies as much...