To Infect and Protect

Jacob Appelbaum
speaks at the 30th Annual Chaos
Communication Congress at Hamburg
in December of 2013.

Appelbaum was one of the few people
who were given access to some of the
Top Secret Ed Snowden documents,
which his team sanitized for the safety
of all concerned. Many of the Top Secret
schematics and documents were shown and
discussed in this presentation, in tandem
with their release that morning in
Germany’s mass-circulation newspaper,
Der Spiegel.

This presentation reveals what Appelbaum
calls the “wrist-slitting depressing” details
about the NSA’s spy programs.

Among many other topics discussed, he said,
NSA has secretly sabotaged US businesses
by covertly – and perhaps sometimes with
the cooperation of the tech industry – coming
up with ways to exploit vulnerabilities in the
products sold by major American companies,
including Dell and Apple, among others.

For example, the following software implants
may have been made by the coroporations
mentioned below in collaboration with NSA,
whether wittingly or not and he’s naming
them, in order to give themselves “A chance to
hang themselves with their own rope” – or else
prove their innocence:

– VALIDATOR, COMMONDEER, OLYMPUS,
UNITED RAKE, STUXNET (and many, many more),
containing payloads for:
– #BADBIOS, SMM, iPhone
– Routers: (Juniper, Huawei, Cisco, etc.)
– SIM cards (remote, local)
– Hard drive firmware

He discusses an iPhone backdoor and how
NSA documents revealed that all attempts to
implant iOS devices were successful. Appelbaum
would like to know whether or not Apple, Inc.
collaborated with them, in order to allow this to
happen. He says that he would like to think that
since Apple didn’t begin collaborating with PRISM
until after Steve Jobs died, that maybe it’s just
that “they write sh*tty software,” which would
allow NSA to turn on a phone or iPad and enable
its microphone as a bugging device paid for by
YOU!

He discusses a malicious implant called
IRATEMONK, which replaces the firmware in a
mobile device’s hardrive and that the companies
with cell phones which are vulnerable to this are
Western Digital, Seagate, Maxdor and Samsung
hard drives and that the supported file systems
are: FAT, NTFS, EXT3 and UFS.

He goes on to describe hardware vulnerabilities,
to which Hewlett-Packard products are subject
by another piece of NSA malware and then he
says that, as an American software and
hardware developer, this is extremely
maddening, as clients from other countries
would probably want to avoid US digital
products, due to this NSA taint. He says
that even Obama has agreed on this point.

In fact, this has already borne out, in Brazil’s
decision to turn down a large US fighter jet
manufacturer’s bid in favor of a collaboration
with SAAB, whereby Brazilian engineers would
develop the software, which would be proprietary
to Brazil, without any NSA backdoors. Similarly,
Brazil is in the process of building an alternate
Internet and that all US contractors are banned
from the project. Both cases represent several
billions of dollars of lost income from businesses
in the US, Brazil’s otherwise largest trading
partner. It goes without saying that the Brazilian
government is completely replacing their
government platforms from Microsoft, with a
Linux-based system and proprietary software;
something my friend, John Barlow, Co-Founder
of the Electronic Frontier Foundation has been
advising Brazil to do for a decade.

The Federal Computer Fraud and Abuse Act, or
CFAA, has been used a handful of times just in
2013 alone to put away suspected hackers
accused of modifying computer programs for
arguably harmless crimes. This law is extremely
draconian against the regular citizen, however,
“the NSA gets to do something like intercepting
7 billion people all day long with no problems
– and the rest of us are not even allowed to
experiment with improving the security of own
our lives without being put in prison or under
threat of serious indictment.

“This is what [Thomas] Jefferson talked about
when he talked about tyranny,” he said. “This is
turnkey tyranny and it is here.”

Not discussed in this talk is that the apartments
of he and his friends’ had been broken into, a
series of times and that this harrassment had
destroyed his relationship with his girlfriend.

Appelbaum is an Internet activist, journalist and
cybersecurity specialist is a core member of the
Tor encrypted network. He is yet another mega-
genius who dropped out of High School.

His decision to move to Berlin was made because
he considered Germany to have better privacy
protection, and because he felt unsafe in the US
after repeated detentions at American airports,
where his computers and phones were seized
following his trips abroad.

In 2011, it was revealed, that the US government
successfully forced Google and Sonic, a small
Internet Service Provider from northern California,
to fork over personal data from Appelbaum’s email
account.

In sum, “[NSA’s] strategy is undermining the
Internet in a direct attempt to keep it insecure,”
reads one of Appelbaum’s slides.