Does the CIA know Or Not?

Who Is “Satoshi Nakamoto”

A video titled, CIA Project Bitcoin: Is Bitcoin a CIA or NSA project? made by a group calling themselves the “CIA Project” surfaced on youtube. This group is dedicated in finding all the governments secret projects and making it public. And in this latest video, they are claiming that Bitcoin is actually the creation of the US National Security Agency (NSA).

Now don’t scoff it off as a conspiracy theory or ‘FUD’ and run away. Lets have a gander at what this group is claiming to be their biggest proof.

Satoshi Nakamoto- the name itself.

Now I do touch on this subject a little in my post here, so have a read of that as well to put some other very important pieces of this together.

Satoshi (meaning ‘clear thinking, or intelligent). Nakamoto is a common Japanese surname meaning “central origin or one who lives in the middle) This surname is commonly found in Ryukyu Islands of Japan, which is strongly associated with the Ryukyu Kingdon, a highly centralized kindgom that originated in the Okinawa Islands.  This Island in particular was known as the ‘the place where cannibals lived’….not sure if this gives any weight to Warren Buffets fantastic quote, where he equates Bitcoin mining to harvesting baby brains…

Combined, both names could be interpreted as “Central Intelligence”- could be, loosely. There is in fact a real Satoshi Nakamoto (well Dorian Satoshi Nakamoto) but he vehemently denies he’s the Bitcoin creator and even hired a lawyer to clear his name. How badly do people want to know who this guy is?

The next claim is that no one has actually met Satoshi Nakamoto in person or spoken on the phone with him or her or even them.  Even Gavin Bell (known as Gavin Andresen), who only has contact by email, never in person or over the phone.

Other evidence includes the fact that Bitcoin uses a common PRNG (crypto program) to create secure keys, which is itself believed to have an NSA backdoor. Numerous Reddit threads linking Bitcoin or Satoshi Nakamoto with the NSA have been removed; and that Bitcoin is not decentralized as it is being controlled by a small group which is led by Gavin Bell. Which is true, I’ve said it before that cryptocurrencies are not decentralized in the sense people assume, there is a central body controlling it, and right now with Bitcoin it’s the 80% hashing power Chinese mining farms and Gavin Bell.

But do the CIA Project’s claims have any merit? I think there is- even just a little, is still too much.

The NSA creating Bitcoin has been rumor for many years. People have questioned why it uses the SHA-256 hash function- which by the way we designed by the NSA and published by the National Institute for Standards and Technology..

The fact that the NSA is tied to SHA-256 leads some to assume it’s created a backdoor to the hash function that no one has ever identified, which allows it to spy on Bitcoin users.

“If you assume that the NSA did something to SHA-256, which no outside researcher has detected, what you get is the ability, with credible and detectable action, they would be able to forge transactions. The really scary thing is somebody finds a way to find collisions in SHA-256 really fast without brute-forcing it or using lots of hardware and then they take control of the network,” cryptography researcher Matthew D. Green of Johns Hopkins University said in a previous interview.

This alone makes it worrisome for Bitcoin users or Cyber security specialists. Snowden is very harsh on Bitcoin and says it’s being watched by government agencies- more on that in a different post.

And of course this comes just at the heels after the CIA refused to confirm or deny if they knew who Satoshi Nakamoto is- leaving many to speculate, if they know.  And like Snowden says, ‘they know’.

I myself didn’t want anything to do with Bitcoin in 2009 when my wife told me about it- because of the sheer nightmare that is security and fraud. (Of course I’m glad I reconsidered it and mined as much as I could back then), but it did have the distinct smell of ‘government’ even back then.

Then there’s recent news of 21e8….that’s for another post.

What do you think? Does this prove that Satoshi Nakamoto is actually the NSA? Or does it simply just add another layer of conspiracy theories to an already large mystery.

We may never know.

Cheers,
A.Yasir

Your Car, TV, Phone, Computer and Other Devices Spy On You

Years ago this would be called a “conspiracy theory” but now that the CIA’s “Vault 7” hacking tools have been released this is an established truth.  What’s more scary is the revelation applies to pretty much all computing devices and all OS’s.   The CIA has found exploits and used backdoors into the various devices.  I suspect the backdoors and some vulnerabilities were forcefully injected by the US government.  To make it more scary we have the NSA’s PRISM and this combined with the CIA dump is alarming because those entities combined with other governments surely have a lot more than what has been revealed.  It is not a stretch but rather insane to believe you are not likely being watched and listened to.  We haven’t even covered well funded, private hacking groups.

There are two issues here.  The first one is companies who willingly create vulnerabilities and backdoors at the request of governments and private groups.  The second issue is compounded by the first one where on top of that many products and companies also spy on their customers and also share that data with third party companies and governments at will without any disclosure or regulation.

It’s more than just following where you’ve gone and listening and watching you, the new smart vehicles can be hacked and likely have government mandated malware or backdoors.  Imagine if a government doesn’t like someone and they suddenly have a tragic accident.  There is absolutely no reason why this shouldn’t be the case and perhaps one day we may learn of cases of bizarre traffic accidents that were not really accidents at all.

On an interesting note the “Marble Framework” was released which is essentially an anti-forensic tool to make it difficult for malware and virus experts to attribute the code to the CIA or the US government.  The framework would essentially make it look like enemies of the US such as China, Russia, Iran, or North Korea were responsible for cyberattacks and malware that the US itself had created.

With all this it sounds hopeless but it is not, Edward Snowden famously stated “do not give up on encryption” as clearly not everything is hackable and compromised, there are steps we can take to prevent ourselves from being hacked by the government.  Edward Snowden’s comments and actions are of particular use, the fact that he still says to use encryption means there are ways to be secure.  We should also remember that he used the Tails distribution for communication and used OpenPGP, so it appears at least in the recent past, this was a secure and unbreakable way of communicating.

“What last year’s revelations showed us was irrefutable evidence that unencrypted communications on the internet are no longer safe. Any communications should be encrypted by default,” he said. — Edward Snowden

How can you protect yourself?  There are steps we can take but avoiding the usage of free, insecure services to communicate such as gmail,facebook,whatsapp and also avoiding products that spy on us.  Try to get an older TV or if you get a newer one rip it open and disable the microphone, wifi etc.  If you drive a vehicle consider again seeing if it is possible to disable some of the spying features on it or drive an older vehicle without technology that logs and calls home.  It’s time to get armed and follow certain procedures, avoid certain products and make it as a difficult as possible to be spied on.  Although the programs and hacking methods, groups like the CIA possess are incredible, not all are guaranteed to be successful especially on those who do not run default or standard settings.

Edward Snowden Says Bitcoin’s Downfall Is Public Ledger

I couldn’t have said it better myself although I have said as much about all cryptocurrencies which have a public ledger.   Edward Snowden made the comment at the Blockstack event in Berlin, Germany.   They are completely insecure and unsuitable for personal or business use in the long-term due to a lack of privacy.   There are other issues that Edward touched on such as extremely slow transaction times and many more I’ve talked about in other posts.

Snowden also predicted that a coin which fixes these various issues could be the one to replace Bitcoin.  While I fully agree privacy and security in Bitcoin and most other coins are an issue, aside from that most currencies are slow, inefficient, difficult to use and simply don’t work properly to send or receive payments.  This will all eventually be fixed but so far what I find is that some currencies fix one problem while ignoring the rest.

The NSA is spying on cryptocurrency including Bitcoin – Edward Snowden

Unsurprisingly Edward Snowden recently revealed to the world that the NSA is tracking cryptocurrency users including Bitcoin.  What makes it worse, but also not surprising is that they tricked users to install security software they wrote that actually feeds all of their private data, cryptokeys, back to the NSA directly.  It is soon going to be an absolutely necessity to increase your own security and to start using better, more secure coins that cannot be so easily tracked.  This is the equivalent of the government following you around and poking around your wallet and watching each transaction you do even with cash.  There’s no privacy anymore and ironically cryptocurrency is part of this reason, or shall we say at least, the majority of insecure, public, permissionless blockchain based currencies.    This could send the value of currencies like XMR/Monero skyrocketing as a Bitcoin alternative.  While Monero is in my opinion better in almost everyway to Bitcoin, it is still not the perfect coin as it does have some issues including the use of PoW and of course the whole public, permissionless issue, speed issues etc..

My Take On WannaCry

Reading media coverage of the WannaCry, ransomware attack has been excruciatingly frustrating because little to no information was offered on how infection happens and how to protect yourself.

This issue has been a bit frustrating and unhelpful as an IT professional and user if I didn’t find the right answers there is something seriously wrong.  I couldn’t find the important information in any of the mainstream articles so certainly a novice or amateur user would have no chance of protecting themselves.

How Did WannaCry Infect and Spread?

Long version here from Malwarebytes

One of the key ways is still the oldest “phishing” trick in the book, via e-mail which many users are tricked into opening infected attachments.  This was not readily available in media coverage and this simple warning or announcement could have prevented a lot of new infections.  I believe this is a key factor that has not been discussed since many networks will be behind NAT and external SMB services would be blocked, having users on the LAN install the worm is an easy way to get inside and spread the infection to areas that are hardened on the outside.

The more technical explanation there is an exploit called “ETERNALBLUE” which was a hacking tool leaked from the NSA which exploited a weakness in Microsoft’s implementation of SMB (Server Message Block/filesharing protocol).   This has been widely reported but the simple way to prevent automatic infection through this method has not.

Once infected the worm essentially scans your LAN and then the internet to spread the infection further which quickly multiplied the damage and scope of this attack.

How to protect yourself?

  1. First and foremost is to update your Microsoft Windows regardless of OS (whether you have XP, Vista, 7, 10, 12 or any Server) because all Microsoft versions are apparently impacted by MS17-010 ETERNALBLUE/WannaCry
  2. Disable SMB/Filesharing in Windows and if that is not possible at least use firewall settings to block SMB/filesharing/CIFS.
  3. If the above is not possible you should physically unplug any impacted machines from the network (it could be a simple as disabling all ports on your network/switch or even unplugging entire switches if possible).

Who is to blame?

There is plenty of blame to go around but currently a lot of it is coming from Microsoft who is blaming users for not patching and the NSA for hoarding these exploits and not notifying them or users beforehand.

In all fairness Microsoft did issue patches for even unsupported OS’s like Vista and XP on March 14th, 2017.

Many have mused that the NSA should have at last notified Microsoft the moment they realized their hacking tools were leaked.

At the end of the day the question is how could Microsoft have left open such a serious vulnerability for so long?  Was it an intentional backdoor and was it collaboration between Microsoft and the NSA or other third parties?

Some Can’t Patch

Some systems may be running on internal networks on their own LAN but were still infected so they wouldn’t be patched.  To make matters worse the chances are these would more likely be critical data and infrastructure that are impacted in this case.

Other machines are not managed properly or remotely and are deployed with internet access making them sitting ducks for these types of attacks.

There are also some who just don’t patch because the risk to impacting existing services is too great.  Although I would argue the risk is much higher to not patch and not upgrade or migrate your applications to a more secure platform if you get hit with ransomware like this.

These Issues Are Nothing New

With the Snowden revelations many have worried that US tech companies being forced to provide backdoor access to the NSA would be vulnerable should other hackers discovery the vulnerabilities or intentional backdoors on their own, or in this case when the tools and exploits were somehow leaked.

In the wider scope of things Microsoft has seen worms of this scale in the past, it’s nothing new.  There are no worldwide protocols for notifying users or defending against such worms and this will certainly become an increasingly problem with more and more devices online especially with IoT and so many devices that are connected that we don’t think about, and that don’t get patched or may not have an easy or automatic way of updating.