del.icio.us
blinklist
digg
Facebook
Furl
ma.gnolia
Newsvine
Pownce
reddit
StumbleUpon
Technorati
Twitter
Lizard Squad’s DDoS for sale, NSA breaks VPNs, our Kickstarter of the week & more!
It’s the last Tech Talk Today of 2014, see you next week!
Direct Download:
MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube
RSS Feeds:
MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed
Become a supporter on Patreon
Show Notes:
Lizard Squad’s Xbox Live, PSN attacks were a ‘marketing scheme’ for new DDoS service
The service, dubbed Lizard Stresser, launched early Tuesday morning via Twitter (redacted below) and is fully operational, a Lizard Squad member who goes by the alias “dragon” told the Daily Dot via a direct message on Twitter and subsequent conversation through the instant messaging service Jabber. Customers can use the service against any target they wish, including large websites or Internet services, such as PSN or Xbox Live. Dragon, who is listed as co-owner of the service, says the launch of Lizard Stresser will be the group’s last move before they “vanish off back to the caves where we came from.”
Once customers log into Lizard Squad’s new service, they are greeted by a list of the group’s accomplishments:
The cost of attacks range anywhere from $6 to $500, paid for with Bitcoin, the difficult-to-trace cryptocurrency. The most expensive tier offers 30,000 seconds of attack (a little more than 20 days), and costs just $130 per month. For $500, customers can launch unlimited attacks.
With the notoriety achieved from their attacks on Xbox Live and Playstation Network, Lizard Squad plans to utilize their huge social media reach to attract potential customers.
NSA has VPNs in Vulcan death grip—no, really, that’s what they call it
The National Security Agency’s Office of Target Pursuit (OTP) maintains a team of engineers dedicated to cracking the encrypted traffic of virtual private networks (VPNs) and has developed tools that could potentially uncloak the traffic in the majority of VPNs used to secure traffic passing over the Internet today, according to documents published this week by the German news magazine Der Speigel. A slide deck from a presentation by a member of OTP’s VPN Exploitation Team, dated September 13, 2010, details the process the NSA used at that time to attack VPNs—including tools with names drawn from Star Trek and other bits of popular culture.
When an IPSec VPN is identified and “tasked” by NSA analysts, according to the presentation, a “full take” of its traffic is stored in VULCANDEATHGRIP, a VPN data repository. There are similar, separate repositories for PPTP and SSL VPN traffic dubbed FOURSCORE and VULCANMINDMELD, respectively.
The NSA has a specific repository for capturing VPN metadata called TOYGRIPPE. The repository stores information on VPN sessions between systems of interest, including their “fingerprints” for specific machines and which VPN services they’ve connected to, their key exchanges, and other connection data. VPN “fingerprints” can also be extracted from XKEYSCORE, the NSA’s distributed “big data” store of all recently captured Internet traffic, to be used in identifying targets and developing an attack.
Newly published NSA documents show agency could grab all Skype traffic
The nature of the Skype data collection was spelled out in an NSA document dated August 2012 entitled “User’s Guide for PRISM Skype Collection.” The document details how to “task” the capture of voice communications from Skype by NSA’s NUCLEON system, which allows for text searches against captured voice communications. It also discusses how to find text chat and other data sent between clients in NSA’s PINWALE “digital network intelligence” database.
The full capture of voice traffic began in February of 2011 for “Skype in” and “Skype out” calls—calls between a Skype user and a land line or cellphone through a gateway to the public switched telephone network (PSTN), captured through warranted taps into Microsoft’s gateways. But in July of 2011, the NSA added the capability of capturing peer-to-peer Skype communications—meaning that the NSA gained the ability to capture peer-to-peer traffic and decrypt it using keys provided by Microsoft through the PRISM warrant request.
KICKSTATER OF THE WEEK: Next Keyboard – The Perfect Keyboard for iPhone by Next Keyboard — Kickstarter
A keyboard that puts more power at your fingertips with super fast editing, predictive typing, instant emojis, and beautiful themes!