Flutterby™! : The computers are watching the watchmen watch the computers

Symantec is banging the drum about an espionage virus/malware tool they dub Regin, that's been around since 2008, and that they suggest must have been deployed by a government.

The Verge: Highly-complex malware has secretly spied on computers for years, say researchers: Trojan is likely state sponsored, has attacked Russian, Saudi internet providers and telecoms since 2008

Now might be a good time to re-read Ken Thompson's Reflections On Trusting Trust.

As I just wrote on Facebook:

So I need to dance a little carefully about what I've seen where, but this line stood out: "Attacks on telecoms companies appear to be designed to gain access to calls being routed through their infrastructure."

I have recently seen the output of some telecoms switching data, because that data was supposed to be XML, and the strict XML parser that was consuming that data was complaining about some really grotesque constructs in that data. Several people looking at that data said "oh, yeah, this stuff is just gross", but my first reaction was "I don't understand this whole system, but this looks like the side effects of an attack on some system" (which isn't this one, because this one is detecting it and complaining).

Telecom data is horrible. It's easy to send trash through Caller ID stuff. Not my field of expertise, but ... yeah ... I really suspect there are some gnarly overflows somewhere out there in the switches, and we all just think the data is trashy.