[scolson]

"...is run by the field agent directly from an USB stick; it requires administrator privileges..."

So?

This just in - people with physical and administrative access to a machine can install monitoring software - news at 11. Be sure to tell every MSP or Enterprise IT group to tune in.

[theEXTORTCIST]

Just because a threat vector is well known and not cutting edge does not make the SPECIFIC information of its existence, implementation, and capability completely worthless

[CalChris]

Just very very close to worthless. Other than CIA and security cams, I'm straining to figure out what is worthful about this story. Can you help us out?

[gutnor]

Confirmation that this is something real and not a theoretical risk. Similarly to Snowden, it wasn't newsworthy because it was possible and probably done, it was newsworthy because it existed and was currently done. (obviously the scope of this news is much more reduced)

If you are a US citizen, that tells you how you tax money is being spent. If you are a foreigner, you may have a few more ammunitions to get the funding for whatever security project you are working on.

Even on HN very few front page items are really worthy of anything more than procrastination material and it succeeded perfectly well at that: both you and I had better things to do than comment on this article.

That's a very blasé attitude btw, reminds me of the first time I have seen a wild tortoise, my family just commented: "yeah I see them all the time on TV, what's the interest?"

[CalChris]

Here's an article about hacking security cameras from 2012. It was the first hit on my google search.

https://www.wired.com/2012/05/cctv-hack/

This was public then and you can expect the black hats knew this years before. So again, what is new about this other than CIA? Yes, the CIA does these things; they wear black hats and that's also something we've known for quite some time.

Perhaps a more enlightening article would have been a wiki dump of manufacturers and distributors of these 'security' cameras not giving a shit about this problem.

But hey, Snowden.

[theEXTORTCIST]

From my comment, the SPECIFIC details of the tool's concepts of operation, implementation, and capability.

The field guide provides great detail on operations and limitations of a specific existing tool (sample GUI screen shots, potential detection threats from personal security products and full crash dumps, detection of cam software process restarts, abilities to stall NIC cards, abilities to BSOD, ability to corrupt existing files, limitations based on cam emulation, limitations of previously saved cam files, the tool's PE names(32bit wscupd.exe, 64bit running outside of system32 wermgr.exe. GUI.exe present in the same folder as above PEs), example of the log.txt file written to the attacking USB, information on differences between winXP requirements vs other systems(scanner.sys driver needs)).

[andrei_says_]

Could the warrantless search of laptops etc. at borders, and the demand for all passwords have something to do with such access?

[scolson]

First, that is CBP scooping up data at the border, not the CIA. If the CIA were targeting you, you would not know.

Second, CBP asks for your password. This is not the same as an administrator password, and certainly in the case of some business travelers, they may not know the admin creds.