Hi Mark,
Thank you for your quick response ! I doesn't mean the leak by Edward Snowden. A group called Shadow Brokers hacked a least one NSA server. Edward Snowden thinks that it must be a NSA malware staging server. As far as I understand they spread some information and tools for free and want to have a lot of money to give away the rest. See these links as a start point to this story: http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers <http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers><https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/>https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/ [https://prod01-cdn06.cdn.firstlook.org/wp-uploads/sites/1/2016/08/NSA-drive-feature-hero.jpg]<https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> The NSA Leak Is Real, Snowden Documents Confirm<https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> theintercept.com A never-before-published NSA manual makes it clear that malware released by a hacker group this week came from the spy agency. [https://prod01-cdn06.cdn.firstlook.org/wp-uploads/sites/1/2016/08/NSA-drive-feature-hero.jpg]<https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> The NSA Leak Is Real, Snowden Documents Confirm<https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> theintercept.com A never-before-published NSA manual makes it clear that malware released by a hacker group this week came from the spy agency. [http://wi-images.condecdn.net/image/PJPdyP8z5km/crop/1020]<http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers> Hacking the hackers: everything you need to know about Shadow Brokers' attack on the NSA<http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers> www.wired.co.uk A mystery group claims to be selling malware and tools used by America's National Security Agency ________________________________ Von: Mark Thomas <[email protected]> Gesendet: Freitag, 26. August 2016 11:43 An: [email protected] Betreff: Re: Are Apache projects affected by the informations leaked by the NSA hack ? On 26/08/2016 10:13, Marco Esser wrote: > Hello All, > > i hope I´m posting my question to the right mailing list. I searched a long > time for as better place but din´t find one. > > > Does somebody analyze the available information from the NSA Hack regarding > influence on software developed in the apache projects ? I assume you mean the leaks by Edward Snowden. I don't recall seeing anything in the news regarding the NSA being hacked. I'm involved in the Apache security team and the Apache Tomcat project. I'm not aware of any analysis of the Snowden leak w.r.t. vulnerabilities in / back-doors in / influence on Apache software. > My special interest is to get knowledge about NSA hack tools or the try to > implement backdoors, etc in the following software used by my customers: > > Apache HTTP > Tomcat applicationserver > popular modules for both servers I've only investigated the Tomcat vulnerabilities in any depth. None of the issues I have seen in my long involvement in the Apache Tomcat project has been suggestive of a deliberate back door being placed in the code. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
