TwitterFacebook

Is the XKeyScore Code Released in Germany Faked?

Expert analysis uncovers serious misrepresentations and possible fakery
Technology • Views: 26,443

Following up on our post about the wildly exaggerated claims made about the purported XKeyScore source code released in Germany this week by hacker Jacob Applebaum, here’s a very interesting post by cybersecurity expert Robert Graham with evidence that the code may have been at least partly faked: Errata Security: Validating XKeyScore Code.

The burning questions about the XKeyScore “source code” is whether it’s real, and whether it come from Snowden. The Grugq (@thegrugq) has some smart insight into this, and I have my own expertise with deep-packet-inspection code. I thought I’d write up our expert analysis to the questions.

TL;DR: we believe the code partly fake and that it came from the Snowden treasure trove.

A slightly longer summary is:

  1. The signatures are old (2011 to 2012), so it fits within the Snowden timeframe, and is unlikely to be a recent leak.
  2. The code is weird, as if they are snippets combined from training manuals rather than operational code. That would mean it is "fake".
  3. The story makes claims about the source that are verifiably false, leading us to believe that they may have falsified the origin of this source code.
  4. The code is so domain specific that it probably is, in some fashion, related to real XKeyScore code - if fake, it's not completely so.

Here’s a point that jumped out at me immediately upon looking at the code: all over the Internet, people are claiming that the code identifies linuxjournal.com as an “exremist forum” — but that’s simply false. As I tweeted two days ago:

Graham’s post agrees with this evaluation:

Another misrepresentation in the story is that the source calls the Linux Journal an extremist forum. That’s not true.

A comment does say that TAILS is “a comsec mechanism advocated by extremists on extremist forums”. This is true, as the picture (from the Grugq) demonstrates on the right: it’s a picture from an ISIS/jihad forum advocating the use of TAILS. But nowhere does it claim that the Linux Journal is one of those extremists — that’s something willfully made up by the authors of the story.

That the story already misrepresents the meaning of this source code hints that it may already be misrepresenting the provenance.

Exactly. Something smells very fishy here. Read the whole thing. And for those interested in the highly technical details, here’s Graham’s post going through the code line by line.

^ back to top ^

TwitterFacebook

Turn off all ads for a full year by subscribing!
Take advantage of our yearly subscription, and save 50% off the normal subscription price! One-year ad-free subscriptions are just $59.95. Turn off all ads for a full year by subscribing now and save!
Read more...

► LGF Headlines

  • Loading...

► Tweeted Articles

  • Loading...

► Tweeted Pages

  • Loading...

► Top 10 Comments

  • Loading...

► Bottom Comments

  • Loading...

► Recent Comments

  • Loading...

► Tools/Info

► Tag Cloud

► Contact

You must have Javascript enabled to use the contact form.
Your email:

Subject:

Message:


Messages may be published unless you request otherwise.
Tech Note:
Using the Contact Form
LGF Pages

This button leads to the main index of LGF Pages, our user-submitted articles. You can post your own LGF Pages simply by registering a free account with us.

Create a Page

This is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.

Or... you can just click this button to open the Pages posting window right away.

Last updated: 2015-02-13 1:58 pm PST

LGF User's Guide
Recent Pages
Fred72
Sheriff Mack, the ACA, and decency
From Conservative Reason, on the anti-Obamacare sheriff's GoFundMe page to cover his own medical expenses: It's being called ironic, and proof that the ACA is a necessary evil. But in fact, it's the exact opposite. Sheriff Mack took advantage of ...

1 hour, 19 minutes ago
Views: 45 • Comments: 0
Tweets: 0 • Rating: 0
John Vreeland
GOP Senator Imagines a Fantasy World in Which GOP Actually Governs.
Sen. Mark Kirk made a plea to his Republican colleagues on on Friday after the Senate passed a yearlong funding bill for the Department of Homeland Security. "Hopefully we're gonna end the attaching of bullshit to essential items of ...

1 hour, 45 minutes ago
Views: 62 • Comments: 0
Tweets: 0 • Rating: 0
Thanos
U.S. Congress Pursues Stopgap Funding to Avert Security Agency Shutdown
The U.S. Congress on Friday appeared to be headed toward approving a three-week-long stopgap funding bill for the domestic security agency that postpones the threat of a partial shutdown, but moves lawmakers no closer to a permanent solution. With ...

11 hours, 24 minutes ago
Views: 122 • Comments: 0
Tweets: 0 • Rating: 0
ಠ_ಠ
Edward Snowden, Glenn Greenwald and Laura Poitras doing a Reddit AMA
Earlier today interested Redditors posed questions to Poitras and Greenwald in Los Angeles, while Snowden posted from Moscow. A rare opportunity for average people to directly communicate with the (in)famous leaker.See the entire discussion HERE Redditor masondog13 asks: What's the ...

4 days, 4 hours ago
Views: 484 • Comments: 2
Tweets: 0 • Rating: 3
Rocky-in-Connecticut
Muslims Join Hands At Oslo’s Largest Synagogue
Wait a minute... watching Fox News and the Republican talking heads I learned that all Muslims are bad bad bad and in no way can Islam be interpreted as any sort of peaceful religion. news.yahoo.com OSLO (Reuters) - More than ...

6 days, 9 hours ago
Views: 745 • Comments: 2
Tweets: 7 • Rating: 5
BadExampleMan
Help Tel Aviv Roller Derby move forward!
For the last three years it's been my privilege to help coach a dedicated group of young women who have founded the first Women's Flat-Track Roller Derby league in Israel. They've learned, trained, fought, and worked unbelievably hard to bring ...

1 week ago
Views: 592 • Comments: 0
Tweets: 0 • Rating: 1
FemNaziBitch
link-#Domestic Violence, Mass Shootings, and Violent Crime
A recent study found that more than half of the 110 mass shootings in the United States between January 2009 and July 2014 included the murder of a current or former spouse, an intimate partner or a family member. ...

1 week, 2 days ago
Views: 716 • Comments: 2
Tweets: 0 • Rating: 3
Great White Snark
Federal Judge Rules Ban on Interstate Handgun Sales Unconstitutional
Added bold is all mine. this was an awkward way to go about gun control anyway. It clearly impacts the law abiding far more than felons, and is by that definition inefficient and intrusive at best. Gonna have to do ...

2 weeks, 2 days ago
Views: 1,297 • Comments: 3
Tweets: 0 • Rating: 3
Lumberhead
No Escape From History
It has been enlightening to watch this entire spectacle play out over the past week. It has indeed. Remarkably, comments that acknowledge verifiable history are treated as controversial. Meanwhile the complete denial of this history, both recent and long ...

2 weeks, 3 days ago
Views: 1,209 • Comments: 1
Tweets: 0 • Rating: 5
 Frank says:

Rain is good for you...
Rain is bad for electrical equipment... -- Outdoor concert, Jones Beach, NY, Circa 1984