blog.pjhoodsco.org

PJHoodsCo Blog

All Posts

Information Security in Our World Today

03/26/2015 | By: Preston Hood | No Comments

Information security (InfoSec) is a very static yet dynamic field of study. One thing that is important to understand about information security is that over time it transforms, but the underline concept always remains the same: to protect information or data (bits) from unauthorized access. This is only the underlying concept of information security; there are many other parts to it. Several decades ago InfoSec was all about how secure of a lock you had on your physical data room. These days it has transformed quite-a-bit. Today we have the Internet; a large network of interconnected routers. With the Internet
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: ASD, ASIS, Australian Secret Intelligence Service, Australian Signals Directorate, Canadian Security Intelligence Service, CDIS, Central Intelligence Agency, Chief of Defence Intelligence, CIA, Communications Security Establishment, CSE, CSIS, DDIS, Defence Intelligence, Defence Intelligence Organisation, Defense Intelligence, Defense Intelligence Agency, DI, DIA, DIO, Directorate of Defence Intelligence and Security, FBI, Federal Bureau of Investigation, Five Eyes, FVEY, GCHQ, GCSB, Government Communications Headquarters, Government Communications Security Bureau, HUMINT, MI5, MI6, National Security Agency, New Zealand Security Intelligence Service, NSA, NZSIS, Secret Intelligence Service, Security Intelligence, SIGINT, and The Security Service.

49 Ways the NSA Can Spy On You

01/30/2015 | By: Preston Hood | 1 Comment

Over the past few months I have published all forty-nine of the NSA documents that were leaked by Edward Snowden to various media organizations on PJHoodsCo’s blog. I have included a link below to view a list of all the articles that contain these forty-nine NSA documents and a link to download all forty-nine of the documents in one compressed (zipped) file. These documents were released by the NSA to the rest of FVEY during the period of 2008 – 2009. Today FVEY (which includes Australia, Canada, New Zealand, the United Kingdom, and the United States) have much greater tactics
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: Five Eyes, FVEY, NSA, and NSA Devices.

NSA Device – STUCCOMONTANA

01/27/2015 | By: Preston Hood | No Comments

(TS//SI//REL) STUCCOMONTANA provides persistence for DNT implants. The DNT implant will survive and upgrade or replacement of the operating system – including physically replacing the router’s compact flash card. (S//SI//REL) STUCCOMONTANA Concept of Operations (TS//SI//REL) Currently, the intended DNT implant to persist is VALIDATOR, which must be run as a user process on the target operating system. The vector of attack is the modification of the target’s BIOS. The modification will add the necessary software to the BIOS and modify its software to execute the STUCCOMONTANA implant at the end of its native System Management Mode (SMM) handler. (TS//SI//REL) STUCCOMONTANA
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: NSA, NSA Devices, and STUCCOMONTANA.

NSA Device – PICASSO

01/26/2015 | By: Preston Hood | 2 Comments

(S//SI//REL) Modified GSM (target) handset that collects user data, location information and room audio. Command and data exfill is done from a laptop and regular phone via SMS – (Short Message Service), without alerting the target. (S//SI) Target Data via SMS: • Incoming call numbers • Outgoing call numbers • Recently registered networks • Recent Location Area Codes (LAC) • Cell power and Timing Advance information (GEO) • Recently Assigned TMSI, IMSI • Recent network authentication challenge responses • Recent successful PINs entered into the phone during the power-on cycle • SW version of PICASSO implant • ‘Hot-mic’ to
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: NSA, NSA Devices, and PICASSO.

NSA Device – IRONCHEF

01/23/2015 | By: Preston Hood | No Comments

(TS//SI//REL) IRONCHEF provides access persistence to target systems by exploiting the motherboard BIOS and utilizing System Management Mode (SMM) to communicate with a hardware implant that provides two-way RF communication. (TS//SI//REL) This technique supports the HP Proliant 380DL G5 server, onto which a hardware implant has been installed that communicates over the I2C Interface (WAGONBED). (TS//SI//REL) Through interdiction, IRONCHEF, a software CNE implant and the hardware implant are installed onto the system. If the software CNE implant is removed from the target machine, IRONCHEF is used to access the machine, determine the reason for removal of the software, and then
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: IRONCHEF, NSA, and NSA Devices.

NSA Device – GODSURGE

01/22/2015 | By: Preston Hood | No Comments

(TS//SI//REL) GODSURGE runs on the FLUXBABBITT hardware implant and provides software application persistence on Dell PowerEdge servers by exploiting the JTAG debugging interface of the server’s processors. (TS//SI//REL) FLUXBABBITT Hardware Implant for PowerEdge 2950 (TS//SI//REL) FLUXBABBITT Hardware Implant for PowerEdge 1950 (TS//SI//REL) This technique supports Dell PowerEdge 1950 and 2950 servers that use the Xeon 5100 and 5300 processor families. (TS//SI//REL) Through interdiction, the JTAG scan chain must be reconnected on the target system by removing the motherboard from the chassis and attaching the depopulated parts back onto the circuit board. After this step is complete, the hardware impant itself
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: GODSURGE, NSA, and NSA Devices.

The Future of Our Tor Nodes Project

01/21/2015 | By: PJHoodsCo | No Comments

Over the past year we have been working on a side project that we titled our ‘Tor Nodes’ project. Throughout this last year there have been many challenges that we have faced from this project and because of the current state of our company we have come to the conclusion to suspend the Tor Nodes project until a later date. This not-for-profit side project has been one of the slowest moving projects that we have ever created due to the lack of funding on our part and the Tor network’s history. Almost every provider that we have had or have
Read More

Categories: PJHoodsCo.

NSA Device – WISTFULTOLL

01/20/2015 | By: Preston Hood | No Comments

(TS//SI//REL) WISTFULTOLL is a UNITEDRAKE and STRAITBIZZARE plug-in used for harvesting and returning forensic information from a target using Windows Management Instrumentation (WMI) calls and Registry extractions. (TS//SI//REL) This plug-in supports systems running Microsoft Windows 2000, 2003, and XP. (TS//SI//REL) Through remote access or interdiction, WISTFULLTOLL is executed as either a UNITEDRAKE or STRAITBAZZARE plug-in or as a stand-alone executable. If used remotely, the extracted information is sent back to NSA through UNITEDRAKE or STRAITBAZZARE. Execution via interdiction may be accomplished by non-technical operator through use of a USB thumb drive, where extracted information will be saved to that thumb
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: NSA, NSA Devices, and WISTFULTOLL.

NSA Device – WATERWITCH

01/19/2015 | By: Preston Hood | No Comments

(S//SI) Hand held finishing tool used for geolocating targeted handsets in the field. (S//SI) Features: • Split display/controller for flexible deployment capability • External antenna for DFing target; internal antenna for communication with active interrogator • Multiple technology capability based on SDR Platform; currently UMTS, with GSM and CDMA2000 under development • Approximate size 3″ x 7.5″ x 1.25″ (radio), 2.5″ x 5″ x 0.75″ (display); radio shrink in planning stages • Display uses E-Ink technology for low light emissions (S//SI) Tactical Operators use WATERWITCH to locate handsets (last mile) where handset is connected to Typhon or similar equipment interrogator.
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: NSA, NSA Devices, and WATERWITCH.

NSA Device – TYPHON HX

01/16/2015 | By: Preston Hood | 1 Comment

(S//SI//FVEY) Base Station Router – Network-In-a-Box (NIB) supporting GSM bands 850/900/1800/1900 and associated full GSM signaling and call control. (S//SI//FVEY) Tactical SIGINT elements use this equipment to find, fix and finish targeted handset users. (S//SI) Target GSM handset registers with BSR unit. (S//SI) Operators are able to geolocate registered handsets, capturing the user. (S//SI//REL) The macro-class Typhon is a Network-In-a-Box (NIB), which includes all the necessary architecture to support Mobile Station call processing and SMS messaging in a stand-alone chassis with a pre-provisioning capability. (S//SI//REL) The Typhon system kit includes the amplified Typhon system, OAM&P Laptop, cables, antennas and AD/DC
Read More

Categories: Information Technology, IT Security, and Preston Hood.
Tags: NSA, NSA Devices, and TYPHON HX.