NSA's Secret Toolbox: Unit Offers Spy Gadgets for Every Need --- The NSA has a secret unit that produces special equipment ranging from spyware for computers and cell phones to listening posts and USB sticks that work as bugging devices. Here are some excerpts from the intelligence agency's own catalog. --- Intercepting Packages and Manipulating Computers -- ANT's developers often seek to place their malicious code in BIOS, software located directly on a computer's motherboard that is the first thing to load when the computer is turned on. Even if the hard drive is wiped and a new operating system installed, ANT's malware continues to function, making it possible to later add other spyware back onto the computer. -- Many of these digital tools are "remotely installable," meaning they can be put in place over the Internet. Others, however, require direct intervention, known in NSA jargon as "interdiction." This means that brand new products being delivered by mail are secretly intercepted, and hardware or software implants installed on them. The package is forwarded to its intended destination only after this has been done. --- Windows Error Messages Potential Sources of Information -- One example of the creativity with which the TAO spies approach their work can be seen in a hacking method that exploits frequent errors on Microsoft Windows. Every user of the operating system is familiar with the window that pops up on screen when an internal problem is detected, asking the user to report the error to Microsoft with a click of the mouse. The window promises this communication will be "confidential and anonymous." -- For TAO specialists, these crash reports either were or continue to be a welcome source of potential information. When TAO selects a computer somewhere in the world as a target and enters its unique identifiers (an IP address, for example) into the corresponding database, intelligence agents are then automatically notified any time the operating system of that computer crashes and its user receives the prompt to report the problem to Microsoft. -- The automated crash reports are a "neat way" to gain "passive access" to a targeted machine, the presentation continues. Passive access means that, initially, only data the computer sends out into the Internet is captured and saved, but the computer itself is not yet manipulated. Still, even this passive access to error messages provides valuable insights into problems with a targeted person's computer and, thus, information on security holes that might be exploitable for planting malware or spyware on the unwitting victim's computer. -- Although the method appears to have little importance in practical terms, the NSA's agents still seem to enjoy it because it allows them to have a bit of a laugh at the expense of the Seattle-based software giant. In one internal graphic, they replaced the text of Microsoft's original error message with one of their own reading, "This information may be intercepted by a foreign sigint system to gather detailed information and better exploit your machine." ("Sigint" stands for "signals intelligence.") - More, Der Spiegel, at: http://www.spiegel.de/international/world/nsa-secret-toolbox-ant-unit-offers-spy-gadgets-for-every-need-a-941006.html