One of the worlds most prolific spammers gets profiled & the technical details are fascinating. New Apple malware is getting everyones attention, but why iOS trusts the code is really the more fascinating story, we’ll explain.

Plus a great batch of questions, our answers & much much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Become a supporter on Patreon:

— Show Notes: —

MeetBSD

• MeetBSD2014 – UCL all of the things

Spammers are always developing new tactics

• Prolific spammer Michael Persaud has been caught sending spam yet again
• The 37-year-old from San Diego was the first spammer to have been criminally prosecuted, 13 years ago
• By following a string of clues in the details used to register 1100 new domains used to send spam, researcher Ron Guilmette was able to track the source of the spam back to Persuad
• What makes this case specially interesting was the technique used to send the spam
• The chain of events starts with a block of IP addresses getting added to a blacklist, and the owner of those IP addresses being notified of the fact
• The owner of the IP addresses was adamant that the spam was not coming from their network, as they do not host any spammers
• When Cisco provided evidence that the spam was in fact coming from their IP addresses, further investigation revealed that that block of addresses was not actually in use
• The block of IPs was not being announced via BGP by the owner of the IP space, thus the IPs were dormant (unannounced)
• The spammers had looked around the internet, found ranges of dormant IP addresses, and announced those themselves, in effect moving the hosting for that IP range to their hosting provider, instead of that of the owner
• This allowed the spammers to send spam from ‘clean’ IP addresses, that had never been used to send spam before
• The spammer in question claims he did not know the IP addresses were hijacked, that the ISP he was using was selling him ‘stolen’ IPs without his knowledge
• Persuad made this seem like a common occurrence, but it isn’t, and the researchers are not buying it

• “In 1998, Persaud was sued by AOL, which charged that he committed fraud by using various names to send millions of get-rich-quick spam messages to America Online customers. In 2001, the San Diego District Attorney’s office filed criminal charges against Persaud, alleging that he and an accomplice crashed a company’s email server after routing their spam through the company’s servers. In 2000, Persaud admitted to one felony count (PDF) of stealing from the U.S. government, after being prosecuted for fraud related to some asbestos removal work that he did for the U.S. Navy”

• Spam Nation: The Inside Story of Organized Cybercrime – from Global Epidemic to Your Front Door Audiobook | Brian Krebs | Audible.com

Google launches new network security testing tool: nogotofail

• SSL/TLS has seen a number of major vulnerabilities lately, including Heartbleed, Apple’s goto fail, GNUTLS and NSS both having certificate verification flaws, and most recently the POODLE vulnerability
• To help researchers and administrators test for these vulnerabilities, Google has released nogotofail, a new testing tool
• “allows developers to set up an infrastructure through which they can run known attacks against the target application. It has the ability to execute various attacks that require man-in-the-middle position, which is one of the key components of many of the known attacks on SSL/TLS, including POODLE, BEAST and others“
• “The core of nogotofail is the on path network MiTM named nogotofail.mitm that intercepts TCP traffic. It is designed to primarily run on path and centers around a set of handlers for each connection which are responsible for actively modifying traffic to test for vulnerabilities or passively look for issues. nogotofail is completely port agnostic and instead detects vulnerable traffic using DPI instead of based on port numbers. Additionally, because it uses DPI, it is capable of testing TLS/SSL traffic in protocols that use STARTTLS“
• The tool can be deployed on Clients, Routers, and VPNs to automatically detect connections between clients and servers that are vulnerable to any of the known flaws
• Project on GitHub

Feedback:

• Homeserver / SSH / Permissions or SPOUSAL APPROVAL

• Printers with public IPs?

• 10Gb NIC query

• ZFS on Linux and ECC RAM?

• Healthcare vendor negligent of POODLE

• Daniel Blair on Twitter: “Hey @ChrisLAS I am wearing my #TechSNAP 100th episode shirt while getting interviewed after #innovateordiedays https://t.co/4UwbBTJ0sl #rep”

Round-Up:

• WireLurker Mac OS X Malware Found, Shut Down
• New, harder to detect version of the Backoff Point-of-Sales malware found in the wild. Old version still infecting more than 1000 point of sales systems
• FBI Holds Secret Meeting To Scare Congress Into Backdooring Phone Encryption
• Linksys patches more routers for flaw found in July. Flaws Include allowing attackers to steal password database
• Secure Messaging Scorecard | Electronic Frontier Foundation
• Next weeks Microsoft Patch Tuesday will be a big one, 16 patches covering IE, Windows, Exchange, Office and more
• Swedish hacker finds ‘serious’ vulnerability in OS X Yosemite
• American Express proposes new tokenized payment cards, unique code for each merchant, transaction type, or device.

The post Apple Approved Malware | TechSNAP 187 first appeared on Jupiter Broadcasting.

It’s been a big week for Drones, in ACT1 we’ll tell you the latest on this growing new type of warfare. Plus the gift the courts gave to the telcos, and the latest in new cyber laws.

In ACT2: We go meme spotting this week, and unfilter the subtle ways the Industrial Media Complex applies pressure to public opinion.

In ACT3: After hitting the episode 20 mark, we\’ve reflected a bit on the show and have a few thoughts, and a few questions for you. If you\’ve enjoyed this show, please stay tuned.

All that and a heck of a lot more, on this week’s Unfilter!

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

HD Feed | Mobile Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Get Unfilter on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Show Notes:

ACT ONE:

• Warrantless Wiretapping at the Supreme Court

• Cybercrime law is suspended by Philippines court

• Copyright Scofflaws Beware: ISPs to Begin Monitoring Illicit File Sharing

• House opens hearing on consulate attack in Libya

• NATO makes plans to back Turkey over Syria spillover

Drone Update:

• Homeland Security Learns to Love Small Spy Drones
• Israel shoots down unidentified drone
  • Israel deploys missile defense system days after shooting down suspect drone over its skies
• American Women Wearing Pink and Protesting Pakistani Drone Strike
• UK government spends £2bn ($3.2bn US) on drones

ACT TWO: MEME SPOTTING

• TSA, leukemia patient tell conflicting accounts of pat-down

• Schools serve dinner to thousands in state

• Deaths rise to 12, with nearly 120 sickened in rare meningitis outbreak

• Lawmakers Focus on Small Drug Makers as Meningitis Death Toll Rises
• Calls for oversight grow as meningitis scare widens

ACT THREE:

If you have a perspective from outside the US, and can contribute regularly on our voicemail line, PLEASE DO. We want to improve our coverage of events outside our bubble. Please be our boots on the ground.

Call us: 1.425.312.1756

• What kind of coverage do you want of the Pres election/race? Do you want us to cover big stories in the race that happen between now and the election?

• What would you like to hear from our debate coverage?

• Send in your thoughts on the tweaked host format. Good and bad.

Follow the guys:

• Unfilter on Reddit
• Chris on Twitter
• Chase’s Geek and Gaming Network
• Chase on Twitter

The post Meme Spotting | Unfilter 21 first appeared on Jupiter Broadcasting.

STOked Season 2 Episode 6: We take it easy this week and invite you over to our STO party, we join up with Jupiter Force in our not-so-awesome attempt to take on the big bad Crystalline Entity. We discuss the new Engineering Reports, The Infected mission, some new tease screen shots of future ships, Cryptic’s new release calendar, and so much more!

PLUS – Our suggested DOs and DON’Ts for taking on Crystalline Entity!

Our STOked App:

Grab the STOked iPhone/iPod App and download STOked plus bonus content on the go!

NEWS:
“The Infected” — released!! https://www.startrekonline.com/node/1239
Skipped the Test Server, and it shows (very glitchy)
Primary bugs include — untargetable borg, UI lock-out, movement control issues.
The STF instance is very, very difficult. Watch for a more thorough review, including Tips & Tricks, on next week’s STOked!
Also includes a cross-faction team mechanism for Borg DSE fights in Gamma Orionis. Feds can fight alongside KDF in a tentative alliance.
“Engineering Reports” — new feature on Cryptic’s Forums https://forums.startrekonline.com/showthread.php?t=132122
Basically a status report on the Behind-the-Scenes work going on at Cryptic.
Separate into categories: In Development, In Testing, and Under Investigation
The most recent report includes features we didn’t know about!
Changing your @ name, “Romulan Temple” fleet action, Off-duty outfits, Neutral-faction social areas
Teaser screenshots from DStahl: https://forums.startrekonline.com/showpost.php?p=2290118&postcount=181
New PvP ground map, new Fed ship (science?), new Klingon cruiser
Billing Issues being addressed: https://forums.startrekonline.com/showthread.php?p=2311163#post2311163
$30 charges have been refunded.
12-month charges are being fixed on a case-by-case basis.
Cryptic admits, billing server just couldn’t handle the Day 1 rush and these subs were the lucky ones that got screwed up.
Release Calendar Now Available: https://startrekonline.com/calendar
Tentative schedule — per Rekhan: https://forums.startrekonline.com/showthread.php?p=2311880#post2311880
Ask Cryptic — MORE KLINGONS! https://www.startrekonline.com/node/1275
More customization of avatars and ships is on the way. (but no Gorn females)
Possibility of “High-End” (T5?) ships being based on Gorn/Orion/Naussican designs, but nothing in the low/mid range.
New Klingon computer voice & music coming soon.
More melee weapons in “an upcoming update”: More bat’leth variants, mek’leth, Andorian Ushaan, katana, and more. Also the “Nausiccan Energy Lance”
3-sided PvP maps! And another mention of neutral-faction social areas.
Confirmation of “Unique Episodes” … but timeline is “down the road” which is pretty distant. This is in addition to Fleet Actions, Star Clusters and STFs for Klingon players.

MATH / MEDIA – Combined!

Taking Down the Crystalline Entity — Tips, Tactics and a Walkthru

Preparation Suggestions:
Disruptors and Plasma are the best energy types (the CE and its shards have no shields and no subsystems)
Do not use Mines or Boarding Parties. Do not use Heavy Plasma/Tricobalt torpedoes once the entity is at 30% (explanation below)
Beam Weapons are superior to cannons due to the amount of maneuvering required for this fight.
Set your energy settings to: Weapon 50 / Shield 25 / Engine 100 / Aux 25
This will usually allow you to outrun the Fragments, in case they cannot be killed quickly enough. Always remain at full speed.
Shields are useless against the Fragments, and the CE’s beams do not hit hard enough to generally worry about.

Do NOT use the following abilities:
Any “Dispersal Patterns”
Mines are a very bad idea against the CE (explanation below)
Boarding Parties
For the same reasons as Mines (explanation below), in addition to the fact that the CE has no subsystems.
Any ability that provides buffs against incoming damage
The damage dealt by Fragments is huge, and should simply be outright avoided. Use these ability slots to better control the battle, and deal damage.
Any ability that targets/disables a subsystem, shield, or special ability on the enemy (e.g. Charged Particle Burst)
Holds — the CE seems to be immune to Viral Matrix, and there are too many targets for Tractor Beam or Viral to generally be useful vs. Fragments.
Ramming Speed
If you impact a Fragment on the way inbound, you will die and deal zero damage against the CE. The damage is very low even if you do manage to impact the CE itself.

DO use the following abilities:
Scramble Sensors
This causes all Fragments affected to hold still for the duration. They will not target eachother, but they will also not target YOU and not move.
Gravity Well, Tractor Repulsors, Photonic Shockwave
All of these abilities will slow or prevent the movement of Fragments toward your ship.

Battle Walkthrough

Upon entering a new instance, proceed forward AS A FLEET toward the Crystalline Entity.

Positioning is important!
Try to remain as close to 10km away from the CE at all times.
Agree upon a direction to circle the entity (clockwise or counter-clockwise)
Stay at the midpoint so you can see all incoming shards (not above or below the CE)

Situational Awareness is important!
If a fleetmate is being followed by a cluster of shards and gets killed, those will switch to the nearest target which COULD BE YOU. Stay alert!

Now that the battle is joined, it’s a fairly straight-forward conflict until the CE reaches 30-32% hull. Up until that point, he will only employ two basic abilities:

1) Crystalline Beam — inflicts heavy beam-based damage on a random high-threat target, every few seconds.
2) Spawn Shards — spawns 3-5 “Crystalline Fragments” which will spread out from the CE and begin following nearby enemies. These follow basic threat principles, and will change targets if you shoot at them.

Upon reaching 30-32% hull, the Crystalline Entity goes into “Survival Mode” and stops spawning normal Fragments. In their place, it will begin spawning “Large Crystalline Fragments” which follow a few special rules.

They are faster than the previous basic fragments.
They deal much more damage than basic fragments.
…but most importantly!
If they impact any object (ship, mine, shuttle, heavy plasma, or tricobalt) they will destroy themselves and turn into 3 “Small Crystalline Fragments”

If these Small Crystalline Fragments spawn, they will immediately fly back toward the CE. Upon reaching it, they are devoured and heal the CE for 1% of its total hullpoints.

The ideal strategy is (roughly) as follows:

Split your team’s efforts between damaging the CE, and killing Fragments.
Most of your party should be focused on Fragments. There’s no rush to down the CE quickly.
It is acceptable to use Heavy Plasma and Tricobalt torpedoes against the CE until it reaches about 40% hullpoints, but Mines should always be avoided as they cannot be “undeployed” and are a very large hazard once the CE goes into Survival Mode, due to the risk of impact against rouge Large Crystalline Fragments.
Small Crystalline Fragments and Large Crystalline Fragments are always high priority targets, in that order of importance.
Though it IS possible to drag along a cloud of Fragments behind you and not kill them, this tactic generally results in an excessive number of uncontrolled Fragments.
Keep moving, but clean up your Fragments along the way.

Step 3) Profit!

The post STOked s02e06: Crystalline Catastrophe first appeared on Jupiter Broadcasting.

STOked Season 1 Episode 12: We cover the massive amount of new details for game tactics, we discuss a surprise glimpse at full on Galaxy Class saucer separation in game, and just how it might work in game. Then we go over the best details in our interview round up with Cryptic staff, plus we reveal a few more beta details sent to us from our anonymous tipsters.

Then – We cover some of the all time best screen shots, and pick out the details that we think are important.

Plus so much more!

This Week’s Links & Notes:

Episode 12

News:

-Cryptic launches brand new interactive web design
https://www.startrekonline.com

-Open Beta date announced, Starting January 12, 2010 thru January 26, 2010
https://www.massively.com/2009/11/19/star-trek-online-open-beta-dates-announced/

Beta Leaks:
-Multiple confirmations that STO works just fine under Bootcamp on Macs.
-Received some screenshots of a work-in-progress on a game manual.
-Latest patch improved graphics. New screenies just look like they added a glow or filter.
-Still no playable Klingons or Bridges

Panel Question: Micro-Transactions

-Are you ok with paying for in-game upgrades/mods
-NCsoft is selling Super Booster IV and Hero-Con Re-Cap in City of Heroes, $9.99
-All characters on the account get the upgrade/boost

-Would you be ok with these kinds of upgrades in STO?
-Does it make the game unfair because people with spare money can get an un-fair advantage?
-Do you think if STO takes off, Cryptic might consider this? — Note from Jeremy: These are already confirmed to be present in STO.
-Quote from Zinc: “Star Trek will have micro-transactions, but most of those will be cosmetic things. Some will augment gameplay, but won’t replace any gameplay.”

Articles:

-Ship Q&A @ Massively
https://www.massively.com/2009/11/16/ships-star-trek-online-community-qanda-answers/
-All ships of the same class/tier have the same stats. (T4 Escorts = identical, except cosmetics)
-Confirmed plans to add more ships
“Escorts are the quick-moving, precision-striking ships of the fleet. They’re not as hardy as other ships, but they’re tough to hit and can fit cannons, which are high-damage, almost sniper-style weapons. Cruisers are big ships with a big crew and huge engines that provide them lots of power, so they can fit a lot of guns, send big boarding parties and repair their hull and subsystems very quickly. And Science ships can detect cloaked vessels, use tractor beams to hold other ships in place and expose a weak side, take out shields with powerful tachyon beams, and lend aid to other ships in need. “

-Ground Combat Q&A @ TTH
https://www.tentonhammer.com/node/76794
-“Each episode is a 5 act instance. Within those five acts, 3-5 ground maps.”
-Flanking confirmed.
-Episodes (60/40) // Patrol Missions (almost 100% space) // Star Clusters (50/50, and contains many non-combat areas to explore)
-Most melee attacks ignore shields
-All weapons have 3 attacks: Primary (steady dmg), Secondary (special effects) and Melee (usually w/ knockback).
-“Replay Mechanism” — helping someone do a mission you’ve already completed, will give you a secondary reward.

-Maximum PC interviews Zinc
https://www.maximumpc.com/article/web_exclusive/star_trek_online_interview

-There are surrenders, in main storylines. (no ship explosion)
-Death in space = return to spawn point w/ “some damage to your systems”
-Crew level affects hull regeneration. You can USE crew as boarding parties against enemies, or repair (healing) parties to allies.
-Each boff can get up to 4 abilities (1 per rank) on top-rank stations.
-Maximum abilities is 6 boffs, 12 abilities available (station limits).
I-f <5 players, team leader assigns boff slots for ground combat. -There ARE large away missions with multiple teams - all captains (no boffs) -"Security Escort" ability (from a kit) beams in a team of "highly aggressive redshirts." mwahaha -"We don't have levels..." but there are 5 ranks w/ 10 subranks each... so really, they DO have levels. -There will be some randomly generated content (Genesis), but most seems to be handed off to designers to finish. -4 Sector Hubs: Fed, Klingon, Romulan, Borg (4 seasons coincide)
Videos:

-New video @ official site: “Starship Tactics (part one)” https://www.startrekonline.com/videos
Note: Look how much smoother the footage is!
-AoE torpedo explosion!
-Floating combat text confirmed

-New video on IGN: “Starship Tactics (part two)”
https://pc.ign.com/dor/objects/14270158/star-trek-online/videos/startrekonline_trl_starshiptacticspt2_111909.html
“Resourceful captains will also be able to utilize and recognize the different classes of starships: Cruisers for tanks, Science vessels for Support, and Escorts for lightning strikes.”
-TNG Enterprise bridge shot! (@0:50sec)
-Boarding parties: Launch shuttles, which then work internally on the enemy ship to disable systems and decrease efficiency of repairs/shield regen.
-But then the ship blows up? Those better have been worthless redshirts…
-Saucer separation? Glitched, but shown @ about 2:55… a Galaxy class without a saucer, and a nearby ship that might be the detached saucer.

Vertical Slice.tv — Eurogamer footage
https://www.youtube.com/watch?v=uF_uhGz4PY8

Screenshots:

MMORPG.com — Part 4
https://www.mmorpg.com/gamelist.cfm/game/352/feature/3734

IGN.com – 8 new shots
https://uk.media.pc.ign.com/media/142/14270158/imgs_1.html

Curse.com – 5 new shots
https://www.curse.com/articles/sto-en-news/611128.aspx

The post Space & Ground Tactics | STOked S01 E12 first appeared on Jupiter Broadcasting.