Any computer, anywhere?

/dev/ph0b0s phobos at panopticism.net
Sun Dec 8 11:11:18 UTC 2013


On 12/08, Warren Bailey wrote:
> http://m.washingtonpost.com/business/technology/2013/12/06/352ba174-5397-11e3-9e2c-e1d01116fd98_story.html
> 
> Noticed this tonight.. Not saying the WP is always on target, but what
> software could be installed via a browser on any computer to gather
> all of that data? And how would it be done without the OS speaking up
> about it? Far fetched.. Or do the Firefox / chrome guys have some
> 'splainin to do?

My first thought as I read the article Friday evening was that they were
attempting to exploit a vulnerability in a popular application (first
guess: Adobe Flash) in order to execute arbitrary code -- at which point
they have full control of the victim's PC and can do (or install)
whatever they want.

    "A software update to a program the surveillance software was
    planning to target, meanwhile, raised fears of a malfunction,
    forcing the FBI to refashion its malicious software before sending
    it to Mo’s computer."

However, the article also states that:

    "Federal magistrate Judge Kathleen M. Tafoya approved the FBI’s
    search warrant request on Dec. 11, 2012, ..."

    "The surveillance software was sent across the Internet on Dec. 14,
    2012 ..."

December 11, 2012 fell on a Tuesday. More specifically, it fell on the
second Tuesday of the month, a.k.a. "Patch Tuesday".

Perhaps it was a vulnerability in Microsoft Windows itself, then, that
they were attempting to exploit? Six of the seven vulnerabilities fixed
that month "could allow remote code execution". Internet Explorer and
Microsoft Office were among the affected software, according to
http://technet.microsoft.com/en-us/security/bulletin/ms12-dec.

    "... but the FBI’s program didn’t function properly, ..."

Oops.

/p




More information about the NANOG mailing list