[ale] The NSA has compromised httpd, ssh, TLS/SSL, and secure chat

Dustin Strickland dustin.h.strickland at gmail.com
Tue Sep 10 20:03:31 EDT 2013


On Mon 09 Sep 2013 10:20:21 AM EDT, Brian MacLeod wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 9/7/13 1:15 PM, LinuxGnome wrote:
>> ASL = Adrya Stembridge Lingo?
>>
>
>
> American
> Sign
> Language
>
>
> bnm
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQE4BAEBCAAiBQJSLdklGxhoa3A6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbQAKCRD5
> XCJY/q4Y6Gx+B/9HjHWnceyHU3bZ2f6I/JyDOfjdnrQ3FWcrSncD3vTRT/L2biEP
> jd5pYDyV1rplWKLcjD/AKKpsihKFqwDitS3pc/qkeaHXQFOmCuIZmsQL5gkLgLng
> s19NfPrjXh0bEeWVV6QdyZCMU9p15Nzc3O3fEt2tZNUpoPL73ot25SvQ8g1BgxuG
> I1vWR65mBpouvtHDvhOvqvN6Y1QRbeDiJTqaAdB5Iym/DOG9DNfm/pP/oOiGD3uS
> oGsfzOxKjjcq473pZ8ZV/WHZt8GEXPWMhJjBkioA3oeMPCElCuVOue5CF7kKxfV8
> zuJevChN+O4jWr42lRZUadUN3VWRO4s4e/FZ
> =6Vvi
> -----END PGP SIGNATURE-----
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

Surely you've all seen the articles going around about the new "TPM 2.0 
surveillance chip." I'm also sure that most of you realize it's 
bullshit. However, without having read the 2.0 specs to see if these 
things still apply, I present this link -- 
http://webcache.googleusercontent.com/search?q=cache:fRCiBUzr-j0J:www.cs.utexas.edu/lasr/download.php%3Fuid%3D17+&cd=9&hl=en&ct=clnk&gl=us

Apparently, someone figured out a way to use TPM chips to theoretically 
make malicious code completely invisible to an OS or hypervisor -- and 
by extension, any malware analysts. The NSA was also heavily involved 
in the creation of the TPM 2.0 specification. </tinfoilhat> Thoughts, 
anyone?


More information about the Ale mailing list