Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They actually use the their sniffing capabilities to capture error reports sent by windows... Then use that info to target the machine. What an advantage.


Yes, I think this must be the most interesting part of the report:

  In one internal graphic, they replaced the text of 
  Microsoft's original error message with one of their own 
  reading, "This information may be intercepted by a 
  foreign sigint system to gather detailed information and 
  better exploit your machine."
Does Microsoft's error reporting mechanism even use SSL?


Do you think the NSA doesn't either have Microsoft's private certs or has broke then already? I can't be bothered to find a source right now, but they already have all MS source code- so there's that too.


Why would I ask the question if I thought that they certainly didn't have those private keys?

It is an interesting question regardless - can anyone at my ISP read these error reports, too?


A... Genuine Advantage!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: