The quiet threat: Cyber spies are already in your systems

Basil Chupin blchupin at iinet.net.au
Fri Jul 30 12:46:03 BST 2010 

On 30/07/2010 18:07, Dotan Cohen wrote:
> On Fri, Jul 30, 2010 at 09:02, Basil Chupin<blchupin at iinet.net.au>  wrote:
>    
>> You would need to check this out for yourself as I did not keep a copy
>> of the article(s) dealing with this.
>>
>>      
> I did google it, I found nothing but speculation that the possibility
> exists. That possibility exists in all software, ZA and Checkpoint
> were singled out because it is a non-US company that would have had
> software running on NSA computers.
>
>
>    
>> It all started when someone looked to see that his Windows system was
>> sending out data; he found that it was ZoneAlarm calling "home" to its 2
>> servers; the fellow then provided a quick "fix" for this; with ZoneAlarm
>> then admitting that an "oversight" had been programmed into ZA, and that
>> this has now been corrected.
>>
>>      
> I could name a dozen Windows programs that send data home without
> informing the user. For instance: Windows!
>
>
>    
>> As to when this occurred....I cannot remember now....days merge into
>> weeks, weeks into months.....
>>
>> The articles were not main stream though - they were IT media specific
>> at that time, like The Inquirer and/or The Register and even possibly
>> ZDNet -- I cannot remember, sorry.
>>
>>      
> TI and El Reg? that's about as reliable as The Onion. ZDNet more so,
> but even trolling /. I could not find info on this, I think that you
> can safely lay it to rest!
>    

If you so want - but it does not take away from what I stated.

I did find this which I posted in February 2008 to some friends:

QUOTE

As you know I use Linux (specifically openSUSE) and also use *Firefox* 
(browser) and *Thunderbird* (mail/newsgroup client) with additional 
security-providing addons (like *NoScript*).

In one of the mailing lists I participate in re Linux/openSUSE, a 
question came up about the security of Windows (ie, XP) [openSUSE has a 
VirtualBox which runs XP as a client so that you don't have to run XP as 
a seperate OS].

One of the participants in the forum works (it would appear) for the US 
Defence Dept and is/was looking after the US Defence network (last 
assignment Baghdad last year) which uses MS crap. Even though the 
network is NOT connected to the Internet it was nevertheless 'compromised'.

One thing led to another and this person made the statement, and asked 
the follow-up question, "Do you know why it takes MS so long to come up 
with a fix for any security hole found?". The answer is that while it 
takes MS a short time to plug up a security hole, it takes a LONG time 
to create/write code for a replacement security hole (called a 
"backdoor"). "Backdoors" are NOT accidental, but deliberate, in Windows 
according to him, and they are deliberate so that MS can spy on their 
customers. (In fact, the backdoors are something required by the US 
security agencies).

I then asked the question concerning how some of the well known 
firewalls sold for big $$$ for use with Windows -- for example the well 
known ZoneAlarm -- go about blocking the flow of traffic through these 
backdoors - if, in fact, they do block such backdoor traffic. I 
mentioned as an example that Zone Alarm was found 3 years ago to send 
info back to its 4 home base servers and the company (which is owned by 
the Israel spy agency, Mossad) quickly claimed that it was simply a 
"coding error" and plugged up THIS hole. I also mentioned that the 
Chinese government will not touch anything MS even with a 20-foot barge 
pole because it doesn't trust it.

The answer I got back was, "There, you already have the answer [to your 
question]."

Further, he said that the MS applications which are used to perpertrate 
'attacks' on users - ie backdoors - are *Internet Explorer*, *Outlook 
Express*, *IIS* and occasionally *Office*.

Another person, who admins a large system. came back and said NEVER, 
ever, use *ZoneAlarm*, *Norton* or *McAffee*.

He suggests Outlook from agnitum.com (and which I just downloaded 
[<name>, from our favourite site]).

Also on his list were Kaspersky and Lavasoft as suitable for use.


BTW, MS released some ~550 "fixes" to their s/ware last Tuesday -- but 
they do not give details about many of the fixes. What are they hiding?


For your information.


Ciao.

UNQUOTE



> That said, ZA in garbage. I had it running on a virtual machine that
> was not connected to the internet, but every now and then it would
> "block an intrusion". Right.

Whatever.....

BC

-- 

If nothing happens, nothing can go wrong.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/sounder/attachments/20100730/89f11272/attachment.htm

More information about the sounder mailing list