this post was submitted on 07 Dec 2024

340 points (100.0% liked)

memes

14700 readers

5610 users here now

Community rules

1. Be civil

No trolling, bigotry or other insulting / annoying behaviour

2. No politics

This is non-politics community. For political memes please go to [email protected]

3. No recent reposts

Check for reposts when posting a meme, you can only repost after 1 month

4. No bots

No bots without the express approval of the mods or the admins

5. No Spam/Ads

No advertisements or spam. This is an instance rule and the only way to live.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

[email protected] : Star Trek memes, chat and shitposts
[email protected] : Lemmy Shitposts, anything and everything goes.
[email protected] : Linux themed memes
[email protected] : for those who love comic stories.

founded 2 years ago

MODERATORS

[email protected]

340

Everyone gangsta until you realize everything has been deeply compromised (lemmy.zip)

submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/[email protected]

54 comments fedilink hide all child comments

The fun part is they don't know the extent of the comprise or how long it has been going on.

What happened is that CISA recently published a report stating that they think a lot of US telecommunications equipment has been compromised. It isn't a one time breach. They know that China has control over a unspecified amount of critical components. The malware China is using is extremely complex and very hard if not completely impossible to detect. China is very good at covering there tracks so even getting a sample of Malware is hard.

Because of all this, CISA is now recommending that people use encrypted messagers.

top 50 comments

sorted by: hot top controversial new old

[–] [email protected] 95 points 5 months ago (1 children)

This is why the old guard of tech and privacy was against a lot of the shenanigans you routinely encounter in any app or device. Bonus, the S in IoT stands for security.

[–] [email protected] 24 points 5 months ago

Security is last thing about Internet of thingS

[–] [email protected] 92 points 5 months ago (1 children)

Apparently, the hackers exploited the backdoor that was provided for "lawful surveillance" in the 3G spec. Imagine that.

[–] [email protected] 11 points 5 months ago (1 children)

My understanding is that the scope is totally unknown. I'm sure they exploited the crap out of those systems.

[–] [email protected] 14 points 5 months ago

At first, the F.B.I. and other investigators believed that China’s hackers used stolen passwords to focus mostly on the system that taps telephone conversations and texts under court orders. It is administered by a number of the nation’s telecommunications firms, including the three largest — Verizon, AT&T and T-Mobile. But in recent days, investigators have discovered how deeply China’s hackers had moved throughout the country by exploiting aging equipment and seams in the networks connecting disparate systems.

https://www.nytimes.com/2024/11/21/us/politics/china-hacking-telecommunications.html

Doesn’t look like they know (or are willing to share specifics as to) the full scope of the hack, but they seem to have a pretty good idea.

[–] [email protected] 32 points 5 months ago* (last edited 5 months ago) (4 children)

So what would be an encrypted messenger? Telegram or a Matrix app like Element? Asking cuz I've been kinda hinting to my friends that maybe we should move away from Facebook Messenger, but all we do is share memes and YouTube videos... Occasionally we'll fuck with their stupid AI and make it write all responses in cuneiform or call everyone "shitass"

Edit: I can't spell for shit

[–] [email protected] 58 points 5 months ago (2 children)

Not Telegram. Signal is a better choice which has been audited by third parties and produces internal transparency reports.

[–] [email protected] 26 points 5 months ago

And it's open source!

[–] [email protected] 15 points 5 months ago (1 children)

I've been leaning towards Matrix/Element, but I'll check out Signal and see what everyone else thinks. Thanks dood!

[–] [email protected] 18 points 5 months ago

Signal is pretty easy to get people into, too, I feel like.

[–] [email protected] 25 points 5 months ago (1 children)

Matrix is not always encrypted.

Signal, Simplex chat or any other well vetted messager. Avoid Telegram as it isn't encrypted and is tied to Russia.

[–] [email protected] 4 points 5 months ago* (last edited 5 months ago) (1 children)

Whut? When is matrix not encrypted somtetimes? Genuine question - I'm a matrix newbie and i thought that all was encrypted was the whole point O.o

[–] [email protected] 4 points 5 months ago* (last edited 5 months ago) (1 children)

On the transport level it is encrypted but not on the server. To get E2EE you need to turn it on.

[–] [email protected] 7 points 5 months ago

It's been on by default for many years now.

[–] [email protected] 13 points 5 months ago (1 children)

We have been down this road before. There's nothing out there beating or close enough to signal.

https://soatok.blog/2024/05/14/its-time-for-furries-to-stop-using-telegram/ https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/

[–] [email protected] 3 points 5 months ago* (last edited 5 months ago)

I'd argue Threema. The server code isn't open source, but the apps are auditable. You can use it without any other identifiers (phone number, email are optional). It comes from a private company, but they have had a good track record.

Edit: They also have a version on F-Droid, without proprietary components, that uses their own push protocol instead of Google's.

[–] [email protected] 3 points 5 months ago (1 children)

https://www.forbes.com/sites/zakdoffman/2024/12/03/fbi-warns-iphone-and-android-users-stop-sending-texts/

[–] [email protected] 3 points 5 months ago

Oh. How fun. yay

[–] [email protected] 25 points 5 months ago (1 children)

What, they weren't recommending encrypted communication before?

[–] [email protected] 59 points 5 months ago (1 children)

They didn't want to compromise their ability to spy on us easily.

[–] [email protected] 12 points 5 months ago (2 children)

Note even with all of this they only recommend they use encrypted messaging. We should merrily go along with fb messenger or sms or whatever they swear is good.

[–] [email protected] 8 points 5 months ago

They recommended Signal:

https://www.forbes.com/sites/zakdoffman/2024/12/03/fbi-warns-iphone-and-android-users-stop-sending-texts/

[–] [email protected] 3 points 5 months ago

btw messenger isn’t the worst case scenario. 1-1 chats are e2ee.

it’s still facebook and it sucks, but it’s not as bad as SMS/calls

[–] [email protected] 21 points 5 months ago (2 children)

What breach happened

[–] [email protected] 54 points 5 months ago* (last edited 5 months ago) (2 children)

It not about one breach

CISA recently published a report stating that they think a lot of US telecommunications equipment has been compromised. It isn't a one time breach. They know that China has control over a unspecified amount of critical components. The malware China is using is extremely complex and very hard if not completely impossible to detect. China is very good at covering there tracks so even getting a sample of Malware is hard. They are constantly evolving and adapting it so it is very tricky to pinpoint and clean systems.

Because of all this, CISA is now recommending that people use encrypted messagers. Usually the government wants unfeathered access to data so that's how you know it is very bad.

[–] [email protected] 15 points 5 months ago (2 children)

unfeathered

Bone apple tea?

[–] [email protected] 5 points 5 months ago (2 children)

France is bacon.

[–] [email protected] 3 points 5 months ago

Finkle is Einhorn!

[–] [email protected] 2 points 5 months ago (1 children)

Madam cure me.

[–] [email protected] 2 points 5 months ago

Should of, would of, could of.

[–] [email protected] 1 points 5 months ago

If not, that's the best autocorrect I've ever seen lol

[–] [email protected] 8 points 5 months ago

Do you have a link to the report?

[–] [email protected] 17 points 5 months ago (1 children)

Salt Typhoon.

[–] [email protected] 6 points 5 months ago (1 children)

Sodium Tsunami.

[–] [email protected] 5 points 5 months ago

NaCl Cyclone.

[–] [email protected] 7 points 5 months ago* (last edited 5 months ago) (1 children)

How much of this was delivered through the TikTok app?

[–] [email protected] 18 points 5 months ago (1 children)

None. It was built into the hardware. TikTok isn't telecommunications related

[–] [email protected] 6 points 5 months ago (1 children)

This was caused by lowest bidder decision making. Along with a tolerance for critical systems designed, developed and manufactured outside of North America and Western Europe. If a country doesn’t have a history of liberal democracy, they can never be fully trusted.

[–] [email protected] 1 points 5 months ago

I think trust is the problem honesty trust less and you won't have to worry as much.

[–] [email protected] 5 points 5 months ago (1 children)

I wouldn't be surprised if CISA, which was created under the Trump administration, is manufacturing consent for escalation with China.

[–] [email protected] 16 points 5 months ago (4 children)

Or more likely the US is terrible at security

[–] [email protected] 12 points 5 months ago

Meme mentions CISA and FBI but everyone knows NSA already has a master list of vulns that they juggle deciding if they're worth disclosing or better off keeping for themselves lol.

They sat on Eternal Blue for allegedly a decade. Any APT has plenty of time and money to spend attacking America's public infara when they don't even bother to cover the bargain basement stuff like the insanity that is Microsoft AD.

I wonder if China is any better with their hefty surveillance and firewall though. I wouldn't be completely surpised if some of their public infara is also exposed for the same reasons.

[–] [email protected] 5 points 5 months ago (1 children)

Occam's Razor

[–] [email protected] 2 points 5 months ago

What does Occam's Razor say about Saddam's weapons of mass destruction?

[–] [email protected] 3 points 5 months ago (1 children)

Buying cheap routers from china? No problem.

[–] [email protected] 4 points 5 months ago (2 children)

More like buying routers from Amazon

load more comments (2 replies)

[–] [email protected] 1 points 5 months ago (3 children)

That seems very unlikely. The people working at the NSA and CIA are fucking geniuses. Like bonafide, real-life, literal geniuses.

[–] [email protected] 2 points 5 months ago (1 children)

Their management however...

load more comments (1 replies)

[–] [email protected] 2 points 5 months ago

And they didn't build the telecom network

[–] [email protected] 1 points 5 months ago (1 children)

I HIGHLY doubt that

load more comments (1 replies)

load more comments