anonymous – Jupiter Broadcasting

Allan’s Favorite Things | TechSNAP 246

chris — Thu, 24 Dec 2015 09:40:04 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

It’s a collection of Allan’s favorite moments from TechSNAP past.

Plus the week’s new stories in the roundup & much more!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Episode 24: Ultimate RAID

Before be became a ZFS addict, Allan explains all of the various RAID levels and what you would use them for
If you are not using ZFS, you probably want to watch this
This episode also contains the details of the BEAST attack on SSL, back in the beginning of what would turn out to be an unending onslaught on SSL and its implementations (OpenSSL and friends)

Episode 34: Allan’s ZFS Server Build

Allan shows off his first ZFS server build
16 TB SAS array (12 TB usable), separate 2×2 TB SATA mirrored UFS for the OS, because he didn’t trust root-on-ZFS yet
Paid for a RAID controller, which didn’t work well (was replaced with the onboard LSI HBA built into the motherboard)
Had a bunch of problems, with both Newegg, Adaptec, shipping, and configuration
If only I had known about iXsystems back then

Epsiode 78: Wire-Shark

With Chip-and-Pin finally arriving in the US, let us remember back to TechSNAP from September of 2012, when researchers at the University of Cambridge Computer Lab found a way to defraud the system
While the system is self is fairly secure, it relies on correct implementation, and many ATMs and PoS devices do not do it correctly
In this case a nounce (supposed to be a unique, unpredictable value), was just a counter or timestamp

Episode 128: Gentlemen, Start Your NGINX

Krebs covers crooks registering for your Social Security account, so they could redirect the direct deposits to their own account

Episode 100: 100% Uptime

Special in its own right, as our 100th episode
bit9 story
It was also the first time we mentioned Krebs (who I kept called Kerbs for the first few weeks until I was corrected enough times). At first I wasn’t even sure I liked Krebs, now I am quite the fan.

Episode 236: National Security Breaking Agency

Keylogging before computers
Great story from the Cold War

Round Up:

The post Allan's Favorite Things | TechSNAP 246 first appeared on Jupiter Broadcasting.

Anonymous Mailings | FauxShow 205

chris — Sun, 18 Jan 2015 19:06:55 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Angela and Chris read through the websites of popular anonymous mailings including the glitter and poop mailing services. This FauxShow contains explicit language.

Direct Download:

HD Video | Mobile Video | MP3 Audio | YouTube

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Torrent Feed | iTunes Feed

Fill out my Wufoo form!

— Show Notes —

WTR

Check out Women’s Tech Radio – Episode 9
Join the discussion for it on reddit here
Follow WTR on twitter: www.twitter.com/heywtr
Email WTR: wtr@jupiterbroadcasting.com

Follow Jupiter Broadcasting

See more pics: https://instagram.com/jupiterbroadcasting#
Sign up for Jupiter Signal: www.bit.ly/jupitersignal
Unfilter is on Patreon! https://www.patreon.com/unfilter
Tech Talk Today is on Patreon! https://www.patreon.com/jupitersignal

— Find the FauxShow! —

Facebook: https://www.facebook.com/thefauxshow
Twitter: https://www.twitter.com/angerz
G+: https://www.gplus.to/fauxshow
Subscribe to Jupiter Signal: https://www.bit.ly/jupitersignal
Jupiter Radio: https://jblive.info
Affiliates Firefox Extension: https://addons.mozilla.org/en-US/firefox/addon/jupiterbroadcasting/
Affiliates Chrome Extension: https://chrome.google.com/webstore/detail/bjekemhblnilimncanbehhjijdpjgimj
Donations: https://original.jupiterbroadcasting.net/donate
Shows & Shownotes: https://original.jupiterbroadcasting.net/show/fauxshow/

The post Anonymous Mailings | FauxShow 205 first appeared on Jupiter Broadcasting.

Drone Patrol | Unfilter 35

chris — Thu, 31 Jan 2013 22:40:29 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

The Department of Defence has signalled it’s dramatically increasing the size of its Cyber Command, but things are never as simple as it sounds.

You might have heard that this new “comprehensive” immigration reform being worked on hinges on increased border security that relies heavily on drones to hunt illegal immigrants. We look at the numbers.

And why the US might be in hot water over it’s excessive use of drones around the world very soon.

Speaking of the cloud…

A new report details the major invasion British internet users\’ privacy on popular \’cloud\’ services.

Plus your feedback, our follow up, and much much more in this week’s Unfilter.

Direct Download:

RSS Feeds:

Get Unfilter on your Android:

Browser Affiliate Extension:

Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Show Notes:

ACT ONE:

Follow the Team:

Call us: 1.425.312.1756

The post Drone Patrol | Unfilter 35 first appeared on Jupiter Broadcasting.

The Human Factor | TechSNAP 75

chris — Thu, 13 Sep 2012 15:46:38 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

It was a tough week for the cloud, we’ll run down the list and summarize what happened to the services we all depend on so much!

Plus a big batch of your questions, our answers, and a rocking round-up!

All that and a lot more, on this week’s TechSNAP.

Thanks to:

GoDaddy.com

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

SPECIAL OFFER! Save 20% off your order!
Code: go20off5

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

Direct Download:

RSS Feeds:

Support the Show:

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!
Grab our Chrome Extension and auto-tag your shopping session for us!

Fill out my Wufoo form!

Show Notes:

GoDaddy outage was caused by router snafu, not DDoS attack

GoDaddy’s services started to drop off of the internet
The outage lasted approximately 6 hours, from 10:00 PDT (17:00 UTC) and being fully restored about 16:00 PDT (23:00 UTC)
A twitter account, claiming to represent part of Anonymous, took responsibility, claiming to have launched a massive DDoS attack against GoDaddy
Some news outlets and blogs misunderstand what a DDoS attack is, and report that Anonymous has hacked GoDaddy
“We have determined the service outage was due to a series of internal network events that corrupted router data tables.” – Interim Godaddy CEO Scott Wagner
The issue was compounded because the downtime affected not only GoDaddy hosting customers, but also customers that only used GoDaddy for DNS
GoDaddy hosts 5 million web sites and manages a total of 52 million domain names
For example, the DNS for jupiterbroadcasting.com is hosted at GoDaddy, while the actual site resides at ScaleEngine, but because the DNS was down, viewers were unable to lookup the IP address of jupiterbroadcasting.com in order to connect to ScaleEngine
DNS caching will have helped reduce the effect of this downtime somewhat, especially for more popular sites, and for users coming from larger ISPs, the DNS records for JB have a TTL of 1 day, so users would only have issues reaching the site if the records had not yet been cached, or once the cache expired. At the time of this writing, the records for JB still had 28461 seconds left in my local Google Public DNS cache, but we not cached at my local OpenDNS
This event ruined GoDaddy’s previous 99.999% uptime record for DNS (99.999%, or 5 nines as it is called in the industry, allows for only 6 minutes of cumulative downtime in an entire year, compared to 4 nines, which allows about 53 minutes of downtime per year, or 99.9% which is nearly 9 hours)
GoDaddy uses Anycast for the DNS servers, this means that while it looks like each domain is only assigned to 2 DNS servers, each of those two IP addresses actually exists in multiple data centers around the world. Traffic is routed to the closest server, and if that servers route fails, after a few minutes the BGP routers at your ISP or an intervening transit provider route the traffic to the next closest server
However, due to what I assume was some human error after the failure of one or more network components, the routes that GoDaddy broadcasted to their upstream providers were in some way incorrect, and caused traffic to no longer reach the GoDaddy servers
Anycast is commonly used for DNS but is not very often used for TCP based services due to the fact that the routes can change at any time, and suddenly the same IP address points to a different server, and your connection is dropped. There are some cases where people have successfully used Anycast for short lived TCP connections
Additional Coverage
Go Daddy Site Outage Investigation Completed – GoDaddy.com

Blue Toad comes forward as the source of the leaked Apple UDIDs

Security researcher David Schuetz was analyzing the the data posted online, and found an unusually large number of devices that mentioned Blue Toad, 19 out of the 1 million records analyzed
Schuetz then contacted Blue Toad to report what he had found
Schuetz also said he couldn’t say conclusively if Anonymous’ claims about the FBI were false or true
Blue Toad makes apps for publishing companies, long known for collecting extensive data about their readers for market research and marketing purposes
Paul DeHart, CEO of Blue Toad said his firm would not be contacting individual consumers to notify them that their information had been compromised, instead leaving it up to individual publishers to contact readers as they see fit
The company’s forensic analysis claims to show the data had been stolen “in the past two weeks”
This is contrary to the original claim that the data was stolen from an FBI computer months ago

Feedback:

Techsnap drinking game
Windows Server 2012 review
Shoeboxed.com security sufficient for personal documents, eg. tax returns?
10 Char Password Enough?
Bad to use scripts to set stuff up?
Siemens Admits Issues
Are you a PHP programmer with time to spare for an open source security project? I am considering building an open source web service to handle sensitive information disclosure, and I am looking for some help building the site and API. email allan@jupiterbroadcasting.com

Round-Up:

The post The Human Factor | TechSNAP 75 first appeared on Jupiter Broadcasting.

Global Blackout a Hoax | TechSNAP 51

chris — Thu, 29 Mar 2012 19:34:40 +0000

Microsoft leads raids on the Zeus botnet and seizes their servers, Duqu still evolving and new details have been revealed.

And we bust Anonymous’ over-hyped Operation Global Blackout

All that and more, on this week’s episode of TechSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Limited time offer: $5.99 .coms, up to 5 domains! just use our code 599com7

Want to save money on your entire order? Use our code spring7 and save 15%!

Direct Download Links:

Support the Show:

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!
Grab our Chrome Extension and auto-tag your shopping session for us!

Show Notes:

Duqu still evolving

Researchers have recently discovered a newly compiled driver for the Duqu worm
Duqu is rather unique, as it appears to be a framework for building highly targeted malware to attack a specific target, as opposed to regular malware that is design to target as wide an array of victims as possible
Researchers believe that the number of victims targeted by Duqu could be as few as 50
The new mcd9x86.sys Duqu driver appears to be specifically designed to evade detection by the CrySysLab tool build by the Hungarian researchers who initially discovered Duqu
The new driver does not appear to contain any new functionality, however in addition to changing the signature to make it harder to detect, the new driver may have been necessary as the code signing certificate used to sign the old driver has been revoked
Researchers assisted by crowdsourced analysis and the reverse engineering sub reddit identified the language that parts of Duqu were written in as Object Oriented C, which is quite rare compared to C++
Researchers speculate that this means the authors of Duqu are older programmers, brought up in traditional C and did not trust the abstracted memory management and other features of C++ and were more comfortable writing C and using an OO framework

Microsoft launches operation b71, leads raid against Zeus Botnet

This week Microsoft lead a coalition raid against a set of Command and Control servers for the Zeus botnet
Microsoft was joined by the FS-ISAC (Financial Services – Information Sharing and Analysis Center), NACHA (the Electronic Payments Association), the ABA (American Bankers Association)
Microsoft and its co-plaintiffs filed for a temporary restraining order and a seizure order to confiscate the servers for the botnet
The court ordered the US Marshals to seize the servers from two data centers in Chicago, IL and Scranton, PA
The Marshals were accompanied by Microsoft’s lawyers and forensics experts to assist in identifying the machines and isolating the command and control systems
The court also ordered the Marshals to collect 4 hours of internet traffic bound for the C&C servers before disconnecting them
The court ordered all US based domain registrars associated with the domains microsoft identified as belonging to the botnet, to redirect them to a Microsoft controlled server
This is the first known case of a company using the RICO act to seize servers and domain names
Official Legal Filings
Security Week
Digital Underground – Interview
Microsoft Digital Crimes Unit Newsroom

Feedback:

Q: Simon from Australia writes to ask about the security implications of the DNS AXFR command

Xonotic Server Info

Name: JupiterColony / LAS Xonotic Server
IP: 176.31.45.139:26000

War Story:

When Kids Attack

In summer 1999, around June, just before my son was born I was working in tech support with IBM at night and during the days I was doing some freelance IT jobs. One job that consistently came up was teaching the basics of networking with Windows systems in some local schools. The course I wrote up covered a lot of ground and took 2 four hour sessions to complete.

The curriculum I decided upon started off with about an hour covering the components of a PC and their basic functions. I explained how the BIOS on the motherboard was a kind of “proto operating system” that allowed the hardware to be manipulated at a very low level. The next portion covered how to install an operating system and then add in specific software drivers to allow the hardware to be used effectively. The operating system of choice at this point was Windows 98. Despite that I spent a good 40% of that topic covering how DOS was the best solution for when Windows breaks. As part of the operating system tour I would make sure to cover things like the startup folder, the “new” msconfig tool, the “run” keys and the “run once” keys in the registry and even how to create keys that would allow applications to be run as if they were “services” by adding keys for them. By the end of that 4 hour session, my aim was to have the students leave with a solid and practical understanding of the magical mysteries inside a PC case. Most of the kids were in their mid-teens so keeping their interest from topic to topic was a challenge.

When the second session came up I would roll out basic networking using real world examples in the hope that abstract theory could be simplified with visuals from all around us. To

As you can see from that lot, there were some fairly heavy topics getting crunched down into oversimplified day to day, real world examples but it seemed to work. I continued running the course this way for months and at one point I was asked to do some more advanced topics as follow ups for the more interested students. There were maybe three or four of those follow ups done and I was quite happy to see the depth of question coming from the classes.

Some time later, maybe near to November, I got a panic call from the school principal of a college that was located about 10 minutes drive from my house. Apparently every computer in their lab was “going crazy”. None of the students were able to help and the IT Teacher was actually a carpenter who did work around the college and also had some basic computer skills. I agreed to help out and drove over a couple of hours before work to take a look.

Upon my arrival I noticed that every PC when turned on would go through the POST process, boot up Windows 98, barely load the icons on the desktop and would instantly start to shutdown. I was starting to see why they thought their computers were now possessed by some vengeful spirit of a mailman who got lost in the maze of network circuits inside the computers. Unfortunately, the solution was a little more mundane. Once I got a box into safe mode I was able to start pulling apart what was happening as Windows booted to the desktop. It seemed that someone had installed a Windows Resource Kit to every computer which included a nifty little Shutdown application. The culprit had then created a batch file that called the shutdown application and added that batch file to another hidden batch file in the Windows directory. A run once registry key was being created that would call the hidden batch file and trigger the process. It seemed that the run once registry key was being created by yet another batch file that was named in the autoexec.bat file. The end result of this mess was that just as Windows booted to the desktop, the shutdown command would activate and a boot loop would ensue. Doing a little more digging I was able to find yet another batch file that was inserting another reg entry into the Run key hive thus providing two different ways for the loop to be initiated.

I tried to explain the whole thing to the principal and while he struggled to understand the technical details, he did grasp the concept that this was a well thought out act of IT sabotage. Each computer used the same generic log on and so that offered no solution in identifying the saboteur. Unless the IT Teacher was an oscar winning actor, I was pretty sure that he wasn’t the guy. The only thing I could think of was a student and I started to suspect that it would be one of the ones that I had trained. The attack showed a good grasp of batch files and Windows start up processes but I had never shown a class how to use batch files to insert registry keys. Whoever had wrecked Windows 98 on the 70 or so computers in the college had done some research for themselves. I figured that the work to take out that number of computers would probably have taken me four or five minutes per PC for each of the 70 computers meaning somebody had to have taken around six hours to do all the sabotage work. Everything was fine at the end of the previous school day and so it had to be an after hours job. From there we spoke with the teachers who ran the after hours classes and it didn’t take long to find a student who was supposed to be in the library until around 10pm the previous night. The last teacher leaving the school said that the student had hung around since around 3pm until lock up and was supposedly working on an end of term project. When the principal brought the student to the IT room I was taken aback that it was one of the kids from my basic class who always seemed disinterested. I was truly expecting one of the kids from my advanced class to have been the culprit.

After some conversation it turned out that the student had sabotaged the PCs because his Math teacher had given them a tonne of homework for the next weekend and it meant that he wouldn’t have been able to take a girl to see Star Wars Episode 1 which was having a final screening that Saturday. I managed to get some more information from him about how he carried out the hack and it was a combination of taking the DOS training I gave him along with the Windows lessons and speaking to the father of one of his friends who was working in Microsoft doing localisation of their products. The Microsoft guy taught the student how to take the DOS commands and batch files and have them interact with the registry. A hacker was born. The principal suspended the kid and that was pretty much the end of it. I detailed how to fix the problem and left the work for the IT teacher and his backup, the maths teacher to do. So in some small way, I helped the kid to punish the maths teacher. I figured that it was the least I could do.

I don’t really know too much about how the student progressed from that point but I can tell you that I ran into him three years ago and a Windows 2008 Server industry-only event in Dublin by Microsoft. He was running the IT security for the event as part of his role with Microsoft. From little acorns, large Oak trees are born. I never decided whether the kid turned to the dark side from being denied a viewing of Star Wars on the big screen or from not getting that girl to go there with him but either way, rage lead to anger, anger lead to revenge and revenge lead to a nice paycheck.

Maybe there is a nugget of wisdom in that somewhere, probably not since it sounds like contrived crap but I just like how this kid took some basic lessons in IT, found them to be a toolset he could expand upon and then used it to get himself jobs in the industry. Awesome.

Round Up:

The post Global Blackout a Hoax | TechSNAP 51 first appeared on Jupiter Broadcasting.

Federal Bureau of Lulz | TechSNAP 48

chris — Thu, 08 Mar 2012 20:00:49 +0000

We cover the amazing story of how the FBI infiltrated and exposed LulzSec.

And in a retro war story, Microsoft miss more than just a leap day and we answer some of your feedback questions.

All that and on, on this week’s TechSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Super special savings for TechSNAP viewers only. Get a .co domain for only $7.99 (regular $29.99, previously $17.99). Use the GoDaddy Promo Code cofeb8 before the end of March to secure your own .co domain name for the same price as a .com.

Private Registration use code: march8

Pick your code and save:
cofeb8: .co domain for $7.99
techsnap7: $7.99 .com
techsnap10: 10% off
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans

Direct Download Links:

Subscribe via RSS and iTunes:

Support the Show:

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!

Show Notes:

LulzSec leader arrested more than 6 months ago, has been working for the FBI

Hector Xavier Monsegur (Sabu) was arrested by the FBI on June 7th, 2011
Sabu plead guilty to the following charges
Conspiracy to Engage in Computer Hacking—Anonymous
Conspiracy to Engage in Computer Hacking—Internet Feds
Conspiracy to Engage in Computer Hacking—LulzSec
Computer Hacking—Hack of HBGary
Computer Hacking—Hack of Fox
Computer hacking—Hack of Sony Pictures
Computer Hacking—Hack of PBS
Computer Hacking—Hack of Infraguard-Atlanta
Computer Hacking in Furtherance of Fraud
Conspiracy to Commit Access Device Fraud
Conspiracy to Commit Bank Fraud
Aggravated Identity Theft
Sabu’s complicity with authorities has been suspected for some time, leaking to him being doxed (having his personal information released) here
Sabu gave a number of interviews to reporters while under the control of the FBI, and was directed to feed them misinformation
The FBI alerted more than 300 companies and agencies to potential vulnerabilities that were discovered
Sabu was directed by the FBI to have attacks against the CIAs website ceased
The FBI provided Sabu with a server, on which other members of LulzSec were encouraged to dump stolen information, including copies of the StratFor data (emails, credit card numbers, etc)
Slashdot Coverage

Attackers breach Sony Records, steal unreleased Michael Jackson recordings

More than 50,000 files were copied by the attackers
Included in that were a large number of unreleased tracks that Sony paid the Michael Jackson estate 250 million dollars for in 2010
Other major names included in the breach: Jimi Hendrix, Paul Simon, the Foo Fighters and Avril Lavigne
The attack occurred shortly after the PSN breach in April of 2011, but was only announced recently
Two of the alleged attackers appeared in British court last week, after having been arrested in May of 2011

Security design flaw in libVTE writes your terminal buffer to disk

Terminals based on libVTE, which include gnome-terminal and xcfe4-terminal, may store your scrollback buffer to a plain file in /tmp, where it might be readable by others
libVTE v0.21.6 and later (since September 17th, 2009) are vulnerable
When libVTE starts, it created a file in /tmp (named vte.), and then immediately unlinks the file, this removes the file from the filesystem, however the file handle is still open, allowing libVTE to write your scrollback buffer to the file, and read it back if needed
The issue with this design is that the user is unaware that the data displayed in their terminal is being written to disk
Anyone with root or physical access to the machine could then possibly read the contents of your terminal sessions, even once they are closed
When you SSH in to a secure machine to do something, you would not expect a record of everything you are doing to be stored on your location machine
Your disk may contain your terminal buffers in its slack space, so be careful who else has access to your machine, and be sure to properly erase the disks before recycling them

Feedback:

Q: Sean (aka Jungle-Boogie) asks… Can you give me some tips to make SSH servers more secure?

Helpful Links:
SSH/OpenSSH/Configuring – Community Ubuntu Documentation
SSH Server: A more secure configuration – Ubuntu Forums

Q: Paolo asks… Are there any more security risks for connecting to the Internet using a static IP?

War Story:

It was October 1996. Microsoft Windows 95 was the relatively new kid on the block (at least over here in Ireland) and I had just accepted a job working at a PC retailer. After realising that my Chemistry degree was not going to get me a job that I’d actually want to have I trained up in electronic engineering and was building and testing emergency lighting systems when the chance to turn my computer hobby into a job presented itself. The company wanted me to build PCs, sell PCs and handle repairs when possible. It sounded like a good entry level position to get me into the industry.

The company wanted to ramp their sales up for the Christmas period and the demand was certainly there so I proposed an expansion of the operation. The retail unit had a small workshop in the back which was fine for one tech to work in, but that was about the limit. There was a Pharmacy near by that apparently had a warehouse out back that was unused. A couple of weeks later, after the holidays, we moved the system building operation into that warehouse. We took on 7 more people and I put together a crash course in PC building for them. My basic idea was to make a production line. One guy pulled the cases out of their packaging and prepped them for the next guy who setup the motherboards before passing it to the next guy who hooked up the drives and cables. I had two lines doing that and myself and one more guy in a side office doing quality control.

Once a PC got through quality control i.e. it booted up and POSTed properly, it was time to install the operating system. The guy who owned the company decided that every machine should be preloaded with a vanilla Windows 95 installation. I found that the fastest way to accomplish that with my limited knowledge at the time was to have a Windows 95 bootdisk that loaded up, formatted the hard disk and made it bootable, loaded up a parallel port Iomega Zipdrive config and then copied over the Windows 95 folder structure that I had taken from a pre-configured machine with an identical hardware spec. Ah, if only I had known then what I know now about drive cloning and sysprep etc. Anyway, the process worked for us and we were able to produce a built PC every 12 minutes with a further 15 mins for imaging. One computer ready for sale every 30 mins was pretty good for a rookie with a bunch of luddite minions…er…I mean assistants.

We kept up that pace for a couple of months with slight tweaks and improvements applied over that period. When I “cloned” that original PC operating system, I had been told that the product key was a “system builder key” that was good for 10,000 uses. Being a dumb ass, naive geek who just wanted to make more and more computers work, I never questioned that point. I even had the key written in huge letters on a banner above the door to the side office in the warehouse. In fact, it is still burned into my memory today: 13895-oem–001x05x–4xx37 (masked, it’s old but I don’t wanna get sued by MS).

The fun began when it turned out that over the course of our highly successful and prolific sales of computers, we had apparently sold one to an actual Microsoft employee. This guy was apparently going from store to store around the country and purchasing computers to see if they came with proper licences. One frosty day in April, some Microsoft suits and some police officers showed up at the retail office and announced that they were “raiding” the operation under suspicion of software piracy. The warehouse was a 5 minute walk from the office and when the raiders were walking around, the officer rang us in the warehouse to tell us what was happening. It was time to think fast or flee. I figured my brain moved faster than my body so I stood still and put my grey matter to work in the short amount of time that I had.

There were about 14 PCs on a wooden pallet at the door ready for sale. It dawned on me that those computers were all back in the original box that the cases arrived with. We moved the pallet to the start of the production line right beside the empty, unopened PC cases. I grabbed my lunch, hopped up onto the PCs and acted like I was on a break. A minute or so later, the raid party with Police accompaniment arrived and presented their warrant to search the warehouse. I told them to have at it and stayed on my “seat” to observe. One of the suits grabbed a few computers from inside the QC room and asked one of my helpers to hook it up to a monitor so it could be checked. The computer powered on, POSTed perfectly and then displayed a black screen proclaiming a lack of an operating system. The suit looked positively perplexed by this. He went through every PC in the stack outside the QC room over the course of an hour or so and every one did the exact same thing.

He consulted with his companion and they decided to question me about the computers. I explained that we would build them, test them thoroughly in the QC room and then send them up to the retail office to be sold. I told him how sometimes the hard disks were refurbs and might contain old data but we didn’t really have the time to format them all as the owner was such a damned slave driver. There was a little more questioning but for the most part, the guy looked genuinely disheartened. Afterwards, I thought about it and I think he had a “Geraldo Rivera with the Capone safe” scenario. He had probably bragged about busting this huge pirate operation and had fallen flat on his face.

He apologised for the inconvenience, thanked me for my cooperation and shook my hand. I jumped down off my pile of computers to see him, his companion and their police escort off the premises. The ordeal was over and we’d had a lucky escape. Every time that guy walked into the QC room he just had to look up and see the product key banner above the door and we would have been sunk. If he had looked at what I was sitting on and gotten even slightly curious then I was completely screwed. Suffice it to say, none of that happened and I got away with my deception.

I immediately started looking for my next job in the industry away from that particular style of PC business but I learned a valuable lesson that day – “hiding in plain sight really is the best approach sometimes”.

Round Up:

George Takei helps facebook debug some MySQL Scaling Issues
Chrome Hacked In 5 Minutes At Pwn2Own
Anonymous Hacked/WikiLeaks Released Stratfor Emails Were Stored On FBI Server
ISPs: No New Cybersecurity Regulations Needed
GitHub security incident highlights Ruby on Rails problem
Hacked school board election names drunken robot the winner in Washington DC
So anonymous supports were tricked in to installing a trojan, thinking they were donating their computer to be used as part of DDoS attacks
[Every last SNES DSP chip has been decapped and read directly; now fully emulated ]prol(https://byuu.org/articles/emulation/snes-coprocessors)
FBI Claims terrorists planning cyber attacks

The post Federal Bureau of Lulz | TechSNAP 48 first appeared on Jupiter Broadcasting.

NASA Hacked 5,400 Times? | TechSNAP 47

chris — Thu, 01 Mar 2012 20:20:13 +0000

NASA loses the keys to the International Space Station, Microsoft can’t figure out what day it is, and I laugh myself to tears over the lack of security at Stratfor

All that and more, on this week’s TechSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Private Registration use code: march8

Pick your code and save:
cofeb8: .co domain for $7.99
techsnap7: $7.99 .com
techsnap10: 10% off
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans

Direct Download Links:

Subscribe via RSS and iTunes:

Show Notes:

NASA laptop stolen, contained control algorithms for the International Space Station

In 2010 and 2011 NASA reported 5,408 computer security incidents ranging from the installation of malware on a computer, through the theft of devices and cyber attacks suspected to be from foreign intelligence agencies.
47 incidents were identified as Advance Persistent Threat attacks, and of these, 13 were successful in compromising the agency’s computer systems
In an example of such an incident, attackers from Chinese-based IP addresses gained full access to a number of key JPL systems giving them the ability to:
Modify, copy or delete sensitive files
Add, modify or delete user accounts for mission critical systems
Upload hacking tools (keyloggers, rootkits) to steal user credentials and thereby compromise other NASA systems
Modify or corrupt the system logs to conceal their actions
Some of the breaches have resulted in the unauthorized release of Personally Identifiable Information, the disclosure of sensitive export-controlled data and 3rd party intellectual property
Inspector General Testimony before Congress re: IT Security
Discovery News Coverage

Windows Azure suffers worldwide outage

The Microsoft Azure Cloud service was down for most of the day on February 29th
The Service Management system was down for over 9 hours
Azure Data Sync was down form 2012–02–29 08:00 through 2012–03–01 03:00 UTC
Microsoft says that the outage appears to have been caused by a leap year bug
“28 February, 2012 at 5:45 PM PST Windows Azure operations became aware of an issue impacting the compute service in a number of regions,”
“While final root cause analysis is in progress, this issue appears to be due to a time calculation that was incorrect for the leap year.”
Microsoft Azure Service Dashboard
The outage also effected the UK Government’s ‘G-Cloud’ CloudStore
TechWeek Europe Coverage
Slashdot Coverage – Outage – Root Cause
PCWorld – Previous Microsoft problems with Leap Years

Wikileaks releases the data stolen in the StratFor compromise

Feedback:

Q: Robert Bishop Writes: Can I Secure my network with multiple NAT routers to isolate a system?

War Story:

This is a war story with a difference, as it didn’t involve some crazy user doing some bat shit crazy thing with their computer. It was simply a call to one of the tech support agents where the user wanted to know the following:

“What is the exact chemical composition of the battery in the Thinkpad 760 XD?”
“What are the recommended disposal procedures for said battery?”
“Can you tell me what would happen to the battery if it ruptured in a vacuum environment?”
“If the battery were to overheat, how volatile would the liquid effluent be?”

I doubt the user could have even gotten the questions out and taken a breath before the agent put them on hold and ran for help. The agent walked over to the second level support area rather than call as per procedure. After a good five minutes of talking, nobody could really answer the questions and worse, we couldn’t figure out what part of the company might actually have those answers.

As with all good tech support strategies we decided a two pronged approach – the agent would get back on with the user and stall for time while the rest of us would frantically hunt down any possible source of information that could help. We told the agent to ask why the user needed such detailed information and if it was a weak answer to push for a callback to buy even more time.

Some twenty minutes later the agent came back over to us with some interesting details on what was going on. It was all a misunderstanding. The user was supposed to call some private support number at IBM and not the public number. Our enterprising young agent did pull a fast one and offer to transfer the user to the number directly. The user provided the number and the agent promptly connected the call, then hit mute and stayed on the line. An American accent answered, the user responded and provided an account code upon request.

The tech on the private number acknowledged that the user was calling from NASA – Blackhawk Technologies Subsidiary. Apparently the shuttle program had 4 of those laptops on each mission – 1 primary and 3 redundant backups just in case. Suddenly the tricky questions all made sense. And eavesdropping can kill curiosity can never be a bad thing, right?

Round Up:

Black March 2012
Cyberattack by Anonymous on the Vatican reveals insights
Anonymous members arrested after Interpol investigation
EFF releases browser plugin to help detect bogus SSL certificates
Verisign seizes .com domain registered via foreign Registrar on behalf of US Authorities. » blog2.easydns.org
Schmidt: UN treaty a ‘disaster’ for the internet
50% of Data Center Outages caused by vendors and non-data center staff
[Hall of Shame] Stratfor – Submitted by manwich2000 for using the password “stratfor” and getting hacked by Anonymous.

The post NASA Hacked 5,400 Times? | TechSNAP 47 first appeared on Jupiter Broadcasting.

Unsafe Wifi | TechSNAP 38

chris — Thu, 29 Dec 2011 19:09:08 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

A major implementation flaw in protected Wifi has been found, we’ll share the amazing details.

Also: A federally contracted think tank suffered a major breach this week, with needy charities being caught in the fall out!

Plus our end of year sign off, and so much more, in this week’s episode of TechSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

Direct Download Links:

Subscribe via RSS and iTunes:

Show Notes:

Breaking

New York Times subscriber list may have been compromised

This story was first reported minutes before the recording of this episode of TechSNAP, so further information and verification were not possible
An email was sent to users asking them to reconsider cancelling their home delivery subscription
The email seems to have been targeted at anyone with a NYTimes.com accounts, not just current home delivery subscribers
Some people who received the message say that the NYTimes was the only 3rd party that had their email address
The email appears to have a correct DKIM signature, meaning it was signed with the private key of the email.newyorktimes.com domain
The email was sent via Epsilon Interactive, a mass emailing company that has previously been compromised
NYTimes First Responses: Blog.NYTimes.com Twitter
Email Headers
It is unclear if the email was the result of the compromise of Epsilon’s servers (and the NYTimes private key), or was accidentally sent to all subscribers instead of the intended subset

WiFi Protected Setup (WPS) flaw exposes millions of devices to trivial attack

WPS was created to allow users to more easily setup secure wireless networks
WPS uses either an 8 digit PIN number, or a ‘push to connect’ button on both the AP and Client device
This security vulnerability specifically targets the 8 digit PIN number
The 8 digit PIN results in a key space of 10^8 (100 million) keys
However, the last digit in the PIN is actually a checksum, used to detect typographic errors
The attack described below exploits a flaw in WPS where the attacker is able to determine by the response from a failed attempt, that the first 4 digits of the PIN matched
This combined with the last digit being a checksum, effectively narrows the key space of possible PINs to 10^4 + 10^3 (11,000) keys
Even this key space should be enough to keep attackers out, however it was discovered that many devices do not implement any type of failed login banning, making brute force attacks much easier and faster
It was also observed that rapid brute force attempts also seemed to have a Denial of Service effect on the targeted AP, exhausting its processor time responding to the authentication requests
Affected vendors include: Belkin, Buffalo, D-Link, LinkSys, NetGear, TP-Link and ZyXel
As of yet, there have been no new firmware offerings to resolve this issue
DD-WRT does not support WPS so is not vulnerable
To work around the problem, you can disable WPS on your AP, or if it is supported, set a long lockout time for failed attempts
Technical Details
Vulnerability Announcement

GSM Phones vulnerable to hijacking

Security researcher Karsten Nohl, known for his research into exploiting GSM to tap/eavesdrop on mobile phone calls, is set to present new research that he says allows an attacker to impersonate your phone, making calls and sending text messages to expensive premium services operated by the attacker
Such attacks are commonly executed against corporate land line PBX systems, breaking in to systems and then placing expensive per-minute calls, collecting large sums of money, and then disappearing before the victim gets their next phone bill and notices the problem
In the days of dialup, computer viruses that cause your computer to much similar expensive phone calls in the middle of the night were also fairly common
The vulnerability only effects the older 2G GMS network, however most all phones still support GMS as a fallback when newer 3G networks are not available
“We can do it to hundreds of thousands of phones in a short time frame,” Nohl told Reuters
Security Research Labs (the company Nohl works for) runs a website where they rank the various mobile providers based on their ease of Impersonation, Interception and Tracking
“None of the networks protects users very well,” Nohl said.
SRLabs plans to release data collection software, allowing users to participate in data collection to grow the improve the database
SRLabs research is focused in Europe and did not review any North American telcos

Anonymous claims responsibility for compromise of StratFor website, releases customer information via pastebin

The website of US security think tank Strategic Forecasting Inc (Stratfor) was compromised by attackers under the banner of the Anonymous movement
Other members of Anonymous stated that the attack was not an official operation, and that because Stratfor is a media source, they are protected by freedom of the press, a highly valued principle in the Anonymous movement
The pastebin posts are only flagged as #antisec and #lulzxmas, and may have been falsely attributed to anonymous by the media
Stratfor has suspended the operation of its website and email
The attackers have obtained the credit card details, password, and addresses of 4000 of Startfor private clients
The attackers claimed to have stolen 200GB of data, including emails and research
The goal of the #lulzxmas campaign was apparently to make 1 million dollars in donations to charities using stolen credit cards
Other twitter posts claim the total number of stolen credit cards was in excess of 90,000. Of these, two lists containing 3956 items and 13,191 items respectively, have been published
The data is said to include the CVV values for the credit cards, it is against the PCI-DSS standard to store the CVV value specifically for this reason, so that when a database is compromised, the CVV value is NOT disclosed, so that online stores that use the CVV value can still prevent fraud
It also appears that the users’ passwords were stored in plain text. The data that was released via pastebin had the passwords MD5 hashed, but even if that is how they were stored in the database, that is insufficient protection
Most of these funds will likely be charged back, actually costing the charities money
Stratfor describes itself as a provider of strategic intelligence for business, economic, security and geopolitical affairs
Stratfor’s said that they were working with law enforcement to attempt to apprehend the attackers
“Stratfor’s relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me,” wrote Mr. Friedman (Chief Executive of Startfor) in an email to clients
“Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications,”
Purported Client List
Client Details

Round Up:

The post Unsafe Wifi | TechSNAP 38 first appeared on Jupiter Broadcasting.

Skype Exposes Pirates | TechSNAP 29

chris — Thu, 27 Oct 2011 18:43:12 +0000

Coming up on this week’s TechSNAP…

Researches have developed a way to tie your file sharing to your Skype account. We’ll share the details on how this works, and what you can do to prevent being tracked!

Plus we cover the Ultimate way to host your own email, and what happened when Chinese hackers took control of US Satellites!

All that and more, on this week’s episode of TechSNAP!

Direct Download Links:

Subscribe via RSS and iTunes:

[ad#shownotes]

Show Notes:

Audible.com:

Ready Player One

Suspected Chinese Military Hackers take control of US Satellites

On four separate occasions during 2007 and 2008 US satellites were hijacked by way of their ground control stations.
The effected satellites were Landsat–7 (Terrain Mapping and Satellite Photography, example 1 example 2) and Terra AM–1 (Climate and Environmental Monitoring, 2010 Hurricane Karl)
While the US does not directly accuse the Chinese government in writing, these types of actions are consistent with known war plans that involve disabling communications, command and control, and GPS satellites as a precursor to war.
In one incident with NASA’s Terra AM–1, “the responsible party achieved all steps required to command the satellite,” however the attackers never actually took control of the satellite.
It was not until the 2008 investigation that the previous compromises in 2007 were detected
This raises an important question, are the US military and other NATO members, too reliant of satellite communications and GPS?
In a recent NATO exercise called ‘Joint Warrior’, it was planned to jam GPS satellite signals, however the jamming was suspended after pressure on the governments over civilian safety concerns. Story

Researchers develop a procedure to link Skype users to their Bittorrent downloads

The tools developed by the researchers at New York University allow any to determine a strong correlation between bittorrent downloads and a specific skype user.
Importantly, unlike RIAA/MPAA law suites, the researchers consider the possibility of false positives because of multiple users behind NAT.
The researchers resolve this issue by probing both the skype and bittorrent clients after a correlation is suspected. By generating a response from both clients at nearly the same time and comparing the IP ID (similar to a sequence number) of the packets, if the ID numbers are close together, than it is extremely likely that the response was generated by the same physical machine. If the IDs are very different, then it is likely that the Skype and BitTorrent users are on different machines, and there is no correlation between them.
This same technique could be made to work with other VoIP and P2P applications, and could be used to gather enough evidence to conclusively prove a bittorrent user’s identity.
This situation can be mitigated by using the feature of some OS’s that randomizes the IP ID to prevent such tracking. (net.inet.ip.random_id in FreeBSD, separate ‘scrub random-id’ feature in the BSD PF firewall)
The discovery could also be prevented by fixing the skype client such that it will not reply with its IP address if the privacy settings do not allow calls from that user. The current system employed by the researches does not actually place a call to the user, just tricks skype into thinking that a call will be placed, and skype then leaks the sensitive information by returning its IP address or initiating a connection to the attacker.
Read the full research paper

NASDAQ web application Directors Desk hacked

Directors Desk is a web application designed to allow executives to share documents and other sensitive information
When NASDAQ was hacked in February, they did not believe that any customer data was stolen
The attackers implanted spyware into the Directors Desk application and were able to spy on the sensitive documents of publicly traded companies as they were passed back and forth through the system
This is another example of the Advanced Persistent Threat (APT) as we saw with the RSA and South Korea Telecom hacks, where the attackers went after a service provider (in his case NASDAQ) to compromise the ultimate targets, the publicly traded companies and their sensitive documents.
It is not known what if any protection or encryption systems were part of Directors Desk, but it seems that the application was obviously lacking some important security measures, including an Intrusion Detection System that would have detected the modifications to the application.

SEC says companies may need to disclose cyber attacks in regulatory filings

The new guidance from the SEC spells out some of the things that companies may need to disclose to investors and others, depending upon their situation.
Some of the potential items companies may need to disclose include:
Discussion of aspects of the registrant’s business or operations that give rise to material cybersecurity risks and the potential costs and consequences
To the extent the registrant outsources functions that have material cyber security risks, description of those functions and how the registrant addresses those risks
Description of cyber incidents experienced by the registrant that are individually, or in the aggregate, material, including a description of the costs and other consequences
Risks related to cyber incidents that may remain undetected for an extended period
“For example, if material intellectual property is stolen in a cyber attack, and the effects of the theft are reasonably likely to be material, the registrant should describe the property that was stolen and the effect of the attack on its results of operations, liquidity, and financial condition and whether the attack would cause reported financial information not to be indicative of future operating results or financial condition,” the statement says.
From the SEC guidance: The federal securities laws, in part, are designed to elicit disclosure of timely, comprehensive, and accurate information about risks and events that a reasonable investor would consider important to an investment decision”
CF Disclosure Guidance: Topic No. 2 – Cybersecurity

Feedback:

Q: Owning my own Email?
Roundcube – Free webmail for the masses
MailServer – Community Ubuntu Documentation
Postfix – Community Ubuntu Documentation
Setting up a Forwarding Account in the Email Control Center – GoDaddy Help Center (Remember to use the coupon code LINUX or LINUX20)
Google apps for your domain (free)

It is definitely advantageous to own the domain that your email address is on. On top of looking more professional than a hotmail, or even gmail address, it also allows you to choose your host and have full control over everything. There are some caveats though, of course you must remember to renew your domain name, else your email stops working (just ask Chris about that one), you also have to be careful about picking where to host your domain, having your site or email hosted by a less reputable service can result in your domain being included on blacklists and stopping delivery of your mail to some users. The biggest problem with hosting your own email, from your home, is that you must keep the server up 24/7, and it must have a reasonable static IP address. If you are going to host from your home, I recommend you get a ‘backup mx’ service, a backup mail server that will collect mail sent to you while you are offline, and then forward it to your server when it is back up. Even if you are using a dedicated server or VPS, this is important, because email is usually the most critical service on your server. The other major issue with hosting your email from home, is that most ISPs block port 25 inbound and outbound, to prevent infected computers from sending spam. This means that you will not be able to send or receive email to other servers. Usually your ISP will require you to have a more expensive business class connection with a dedicated static IP address in order to allow traffic on port 25. Also, a great many spam filtering systems, such as spamassassin, use blacklists that contain the IP ranges of all consumer/home Internet providers, designed to stop spam from virus infected machines, because email should not be send from individual client machines, but through the ISP or Domain email server.

Round Up:

The post Skype Exposes Pirates | TechSNAP 29 first appeared on Jupiter Broadcasting.

Classified Cloud | TechSNAP 15

chris — Thu, 21 Jul 2011 22:02:42 +0000

This week on, TechSNAP!

The UK Government is building a cloud of secrets, but can it ever possibly be secure enough?

Plus we’ll cover the FBI Arresting 16 suspected members of Anonymous, and being prepared when forced to decrypt your laptop!

All that and more on this week’s TechSNAP!

Direct Download Links:

Subscribe via RSS and iTunes:

[ad#shownotes]

Show Notes:

Thanks to the TechSNAP Redditors!

UK Government to use the Cloud to share Restricted Documents

Files will be hosted on the UK internal cloud, the Government Secure Application Environment (GSAE)
The system will allow civil servants, diplomats and other Government officials to share documents up to the secrecy level IL3, or Restricted
“Information marked as Restricted is at a level where the release of the material will have effects such as significant distress to individuals, adversely affecting the effectiveness of military operations, or to compromise law enforcement.”
The internal cloud will use SaaS software from established tech startup Huddle.
Planned upgrades to the GSAE and Huddle software will allow it to support IL4 or Confidential information
“The effects of releasing information marked as Confidential include considerable infringement on personal liberties, material damage to diplomatic relations, or to seriously disrupt day-to-day life in the country.”
A possible obstacle to the deployment of a cloud based system for storing classified information is that policy states that the end users must have local disk encryption to be allowed to access the documents

FBI Arrests 16 suspected members of Anonymous

14 of the arrests are related to the attacks on PayPal after they announced they would no longer accept donations on behalf of WikiLeaks
The defendants are charged with conspiracy to intentionally damage protected computers
The remaining arrests are related to attacks on InfraGard (Affiliated with the FBI) and a former AT&T Contractor who stole files from AT&T and gave them to members of LulzSec
Similar arrests were also made in the UK and the Netherlands
The charge of “intentional damage to a protected computer” is punishable by a maximum of 10 years in prison and a $250,000 fine, while conspiracy carries a maximum penalty of five years in prison and a $250,000 fine.

US General Criticizes Defense IT Infrastructure

The Military and Defense Department use far too many proprietary systems
During the 2nd invasion of Iraq, The Army and Marine Corps used different proprietary encrypted radios, and were therefore unable to communicate directly with each other, because of this, they had to be assigned to different areas of the country to avoid running in to each other
Proprietary systems meet the states requirements, but are not flexible and require a long time to modify or adapt the hardware and software.
The General places most of the blame on the procurement process, and contractors who design their systems to be proprietary.
The Federal CIO worries about the IT Cartel, a small group of companies that understand the Government IT Procurement process better than other companies, and get a disproportionate share of contracts.

DoJ asks Federal Judge to order Defendant to Decrypt Laptop

A woman being accused of mortgage fraud is contesting a court order that she provide the decryption key for her laptop
The laptop was seized during a raid of her home
This case could set the president, as no Appeals Court has yet ruled on whether such an order would violate a defendant’s 5th amendment right to not incriminate themselves.
The DoJ goes on to state that “Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these”. Failing to compel defendants amounts to a concession to potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence.
Prosecutors clarified that they were not asking for the pass phrase it self, and that the defendant would be allowed to enter the pass phrase on the computer without anyone looking over her shoulder
The U.S. Supreme Court already affirms that defendants can be forced to provide fingerprints, blood samples, or voice recordings, however past rulings have affirmed that a defendant cannot be forced to disclose the contents of their mind.
The EFF filed a brief supporting the rights of the defendant, stating “Decrypting the data on the laptop can be, in and of itself, a testimonial act–revealing control over a computer and the files on it“ and “Ordering the defendant to enter an encryption password puts them in the situation the Fifth Amendment was designed to prevent: having to choose between incriminating themselves, lying under oath, or risking contempt of court“
Submitted by: port-forward-podcast

Round-Up:

Bitcoin Blaster:

The post Classified Cloud | TechSNAP 15 first appeared on Jupiter Broadcasting.

Cyber Warfare | TechSNAP 13

chris — Thu, 07 Jul 2011 22:21:42 +0000

Since the start of this show, one constant theme keeps coming to light, a new age of Cyber warfare has begun.

In this week’s episode we cover what critical targets hackers and foreign governments might target to wage Cyber Warfare

Plus what major attacks have already taken place? Some of which we are just now learning the ramifications of…

All that and more, on this week’s TechSNAP!

Direct Download Links:

Subscribe via RSS and iTunes:

[ad#shownotes]

Show Notes:

Thanks to the TechSNAP Redditors!

No Q&A this week, but we’re doing a double dose next week, send in your feedback and questions!

Attacks on Government:

Topic: Anonymous hacks 100 Turkish Government Sites

As part of Operation Anti-Sec, Anonymous has compromised the Turkish governments network of sites, and locked the administrators out.
A number of the sites appear to be for Hospitals and other medical facilities
The group released a 20MB archive on ThePirateBay, a complete dump of the content of each of the compromised sites.
Many of the sites were defaced
In a Cyber Warfare type situation, these types of actions could disable critical government functions, everything from weather forecasts to tax filing.

Submitted by: Acidpunk

Topic: Florida Elections Database Hacked

The database contained the names, usernames and plaintext passwords of election workers and polling stations
Username was first initial, last name, and password was first initial, last initial and 4 numbers. These passwords are too predictable and horribly insecure.

Submitted by: Deathwalk

Topic: Attacks on RoK Gov might have been Drills by DPRK

Attacks that crippled South Korean (Republic of Korea) government websites in July 2009 and again in March 2011 might have been cyber warfare drills conducted by North Korea (Democratic People’s Republic of Korea)
Attacks were likely reconnaissance to start building a detailed plan of attack in the event of war.
Much of the attack came from within South Korea, it is speculated that the virus was left on a number of South Korean file sharing sites, and then the resulting botnet of infected computers was used to take down the government websites.

Attacks on Media:

Topic: Washington Post hacked, 1.27m email addresses leaked

The Washington Post’s Jobs site was compromised on June 27th and 28th
1.27 Million Usernames and email addresses were leaked
The Washington Post claims that no passwords or other personal information were stolen (were the passwords just hashed, and therefore ‘not disclosed’, or did the attackers not gain access to the passwords?)

Topic: Fox News Twitter hacked, False Obama Death Notice

The @foxnewspolitics twitter account was hijacked and false news of US President Obama’s assassination was posted.
As with all incidents of this nature, it is being investigated by the Secret Service
BBC Coverage

Submitted by: beyere5398 and LeifAndersen

The Future:

Topic: The Pentagon Establishes Cyber Warfare Retaliation Policy

The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war
Foreign directed hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military
If a cyber attack causes significant disruption (for example, to the power grid), or death, then the attackers will be met with conventional armed force.
New York Times coverage

Topic: More is happening than we actually know

By reverse engineering a crashed EP-3E Aries II reconnaissance plane, the Chinese were able to begin intercepting encrypted US Navy communications
A few weeks after President Obama’s election, the Chinese flooded communications links they knew were monitored by the NSA with unencrypted copies of intercepted communications, proving they had compromised American communications links.

Topic: Cyber Warfare will be constant and often subtle

The attacks on RSA earlier this year were not conclusively linked to Cyber Warfare, they could have been the work of a lone hacker, a small group, or an organized government
The RSA hack later led to the compromise of secure systems at Lockheed Martin and other US arms manufacturers.
Earlier this year we also saw the compromise of a large number of email accounts belonging to government and military officials. This type of reconnaissance can be used to gather information that would allow attackers to break in to more secured systems over time.
Many attacks go unnoticed, as the perpetrators keep the systems just to be used to launch future attacks from. As we saw in the RSA hack, the attackers used an offsite webserver they had compromised earlier to send the data to, to avoid connecting directly to RSA and possibly leaving a trail. They then destroyed the webserver, breaking the link back to them
In the past was have discussed the similar tactic of Island hopping, compromising an outward facing system such as a web, mail or monitoring server, or the desktop of a secretary or other lower level employee, and then slowly gathering more and more information in order to compromise the true targets of the attack.

Submitted by: Raventiger

Roundup:
South Korea army, University to start Cyber Defense major – Submitted by: refuse2speak
Anonymous hacks apple server, leaks usernames and hashed passwords
The Fog of Cyber Warfare – A battle without borders? – Submitted by: Raventiger
Chicago Mercantile Exchange Secrets and Source Code Leaked To China

Copies of vsftpd 2.3.4 downloaded from official mirrors contain backdoor – Submitted by: stmiller
Dropbox TOS gives them broad copyright license over your files – Submitted by: rakudave
Targeted phishing helped hackers earn 150 million in June – Submitted by: stmiller

Bitcoin BLASTER:
Lawyer Attempts To Trademark Bitcoin
First bitcoin app for Android, but is it safe?
BTCGuild suffers major DDoS Attack

Download & Comment:

The post Cyber Warfare | TechSNAP 13 first appeared on Jupiter Broadcasting.

anonymous – Jupiter Broadcasting

Allan’s Favorite Things | TechSNAP 246

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Round Up:

Anonymous Mailings | FauxShow 205

Direct Download:

RSS Feeds:

— Show Notes —

WTR

Follow Jupiter Broadcasting

— Find the FauxShow! —

Drone Patrol | Unfilter 35

Direct Download:

RSS Feeds:

Get Unfilter on your Android:

Browser Affiliate Extension:

Show Notes:

ACT ONE:

The Human Factor | TechSNAP 75

Thanks to:

Direct Download:

RSS Feeds:

Support the Show:

Show Notes:

Feedback:

Round-Up:

Global Blackout a Hoax | TechSNAP 51

Thanks to:

Direct Download Links:

Support the Show:

Show Notes:

Feedback:

War Story:

Round Up:

Federal Bureau of Lulz | TechSNAP 48

Thanks to:

Direct Download Links:

Support the Show:

Show Notes:

Feedback:

War Story:

Round Up:

NASA Hacked 5,400 Times? | TechSNAP 47

Thanks to:

Direct Download Links:

Show Notes:

Feedback:

War Story:

Round Up:

Unsafe Wifi | TechSNAP 38

Direct Download Links:

Show Notes:

Breaking

Round Up:

Skype Exposes Pirates | TechSNAP 29

Direct Download Links:

Show Notes:

Audible.com:

Feedback:

Round Up:

Classified Cloud | TechSNAP 15

Show Notes:

Round-Up:

Bitcoin Blaster:

Cyber Warfare | TechSNAP 13

Show Notes:

Attacks on Government:

Attacks on Media: Topic: Washington Post hacked, 1.27m email addresses leaked

The Future:

Download & Comment:

Attacks on Media:

Topic: Washington Post hacked, 1.27m email addresses leaked