Topic: SECURITY - on December 19, 2011 at 11:43:00 AM CET
Why Do We Have To Break The DNS?
Last month, we posted our position piece on the Stop Online Piracy Act, also known as SOPA or the E-Parasite Act. In this post, I’m going to examine the technical details of the act and how it relates to the operation of the global Domain Name System (DNS).
SOPA proposes the idea of using DNS-based filtering by Internet Service Providers (ISPs) as a means to remove U.S. support of a foreign infringing website.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 18, 2011 at 12:04:00 PM CET
History of Hacking
During the 1970′s, the phone phreaks or phone hackers appeared: they learned ways to hack the telephonic system and make phone calls for free.
John Draper built a ‘blue box’ that could do this and the Esquire magazine published an article on how to build them. Fascinated by this discovery, two kids, Steve Wozniak and Steve Jobs, decided to sell these blue boxes, starting a business friendship which resulted in the founding of Apple.
Getting their laughs and skills from hacking and cracking into primitive computers and exploiting the Arpanet (predecessor to the internet), they created a novelty that would become the target of federal crackdown in years to come.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 18, 2011 at 11:57:00 AM CET
Army Arrested Manning Based on Unconfirmed Chat Logs
The military arrested alleged WikiLeaks source Bradley Manning last year in Iraq based in large part on unconfirmed information that former hacker Adrian Lamo had gleaned from his chats with Manning, according to the government’s first witness in Manning’s hearing.
Special Agent Toni Graham, an investigator with the Army’s Criminal Investigation Division and the first witness called on Saturday, testified that she relied on information provided by Lamo, identified in court only as a confidential informant, that a video of an Army helicopter attack that Manning allegedly gave to WikiLeaks and that WikiLeaks published in April 2010 was a classified video.
Graham said she did not verify this was true before submitting an affidavit that was the basis for ordering Manning into confinement that lasted more than a year and a half before this week’s hearing.
wired.com Bradley Manning hearing: court told of Iraq unit's intelligence security chaos Army: Manning Kept a Copy of His Chatroom Confession Manning-Lamo Chat Logs Revealed
... Link (0 comments) ... Comment
Topic: SECURITY - on December 17, 2011 at 12:01:00 PM CET
US spy drone hijacked with GPS spoof hack, report says
The US stealth drone broadcast last week on Iranian state television was captured by spoofing its GPS coordinates, a hack that tricked the bird into landing in Iranian territory instead of where it was programmed to touch down, The Christian Science Monitor reported.
The 1700-word article cited an unnamed Iranian engineer who said he's studying the inner workings of the American bat-wing RQ-170 Sentinel that recently went missing over Iranian airspace. He said the spoofing technique made the craft “land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center.
theregister.co.uk techspot.com Debka: Whoever hacked the drone, hacked the CIA Lost U.S. Drone Was Monitoring Iranian Nuclear Facilities, Sources Say dailytech.com Did Iran hijack the 'beast'? Iran Shows Off Downed US RQ-170 Sentinel Spy Drone [youtube] IN-DEPTH PHOTO ANALYSIS OF THE SUPPOSED RQ-170 SENTINEL DRONE IN IRANIAN HANDSComputer Virus Hits U.S. Drone Fleet [October 8, 2011] April, 2011 report identifying problems with drone communications including the risk of jamming and "lost link" events CIA Drone Run On Warez [Oct 14, 2010] Insurgents Hack U.S. Drones [December 18, 2009] Professor Gets 4 Years in Prison for Sharing Drone Plans With Students [July 4, 2009]
Interference issues [wiki] TERCOM [wiki]
... Link (0 comments) ... Comment
Topic: SECURITY - on December 16, 2011 at 9:49:00 AM CET
iBahn, supplier of hotel internet services, denies breach
iBahn, a provider of internet services to some 3,000 hotels worldwide, denied on Thursday a news report that its network was breached by hackers.
Bloomberg wrote that a highly skilled group of hackers based in China, which U.S. investigators have called "Byzantine Foothold," attacked iBahn, citing unnamed sources, including one U.S intelligence official.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 13, 2011 at 3:29:00 PM CET
FBI says hackers hit key services in three US cities
The infrastructure systems of three US cities have been attacked, according to the Federal Bureau of Investigation.
At a recent cybersecurity conference, Michael Welch, deputy assistant director of the FBI's cyber division, said hackers had accessed crucial water and power services.
The hackers could theoretically have dumped sewage into a lake or shut off the power to a shopping mall, he said.
Industrial control systems are becoming an increasing target for hackers.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 12, 2011 at 10:10:00 AM CET
"Hacker"-Dokumentation auf 3sat
Sie programmieren Viren und brechen in Firmen-Netzwerke ein: Hacker sind die umstrittenen Helden der Digitalisierung. Weil sie oft am Rande der Legalität handeln, ist es schwierig, sie zu filmen. Alexander Biedermann hat es mit der TV-Doku "Hacker" trotzdem versucht - mit gemischten Ergebnissen.
Aufzeichnungen auf Papier? Nie wieder, sagt Steffen Wernéry, einer der Urgesteine des Chaos Computer Clubs (CCC). Nachdem die Hacker in den achtziger Jahren nur mit Hilfe ihrer Computer die Hamburger Sparkasse über das BTX-System ausrauben konnten, durchsuchten Ermittler seine Wohnung. Dabei fanden sie belastendes Material, er musste für 66 Tage ins Gefängnis. Damit all das nicht noch einmal passiert, macht er nun keine Notizen mehr. Auch im Internet ist er nicht präsent - alles ansatzweise Heikle macht er nur noch persönlich.
Wernéry hat sich aus der Öffentlichkeit zurückgezogen. In Hamburg betreut der Alt-Hacker nun Bunker für den Zivilschutz, der Zugang zu den riesigen Anlagen aus dem Kalten Krieg bringt schließlich Vorteile: Hier kann er massenhaft Schlüssel lagern. Seit einem Hacker-Treffen in New York hat er eine Leidenschaft fürs Knacken von Schlössern, möglichst ohne Einbruchsspuren. Für sein Hobby, das Lockpicking, hat er 1997 einen Verein gegründet, die Sportsfreunde der Sperrtechnik. Wie er so durch seine Bunker zieht, wirkt er seltsam aus Raum und Zeit gefallen - ein Motiv, das sich durch den Film zieht.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 11, 2011 at 5:06:00 PM CET
The Art Of Profiling Cybercriminals
He's a white, 37-year-old engineer in your organization, and he feels justified in selling out your intellectual property to a foreign country because he's miffed about getting overlooked for a promotion. He has had a history of mental health problems, and his marriage is on the rocks as he faces personal financial issues.
Those are some of the common characteristics of the perfect storm for a typical malicious insider who steals and profits from his organization's trade secrets, according to a new report authored by psychologists with expertise in risk management and forensic psychology. The "Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property" research paper by Drs. Eric Shaw and Harley Stock was commissioned by Symantec and draws from real-world malicious insider cases.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 3, 2011 at 12:20:00 PM CET
10 Ways to Protect Your Privacy Online
What’s your biggest fear? For some it’s being stuck in an elevator. Others (like me) are terrified of spiders. Lately it seems, though, that many people are most afraid of losing control of their privacy on the Internet. Anyone with a Facebook account has experienced some level of privacy violation, whether it was several years ago when Facebook sent user data to third-party sites for marketing, or recently when Facebook added a “ticker” into the design of the website that alerted your friends of your activity in real time. Other social networks, such as Twitter, LinkedIn, and Google+ can present your information just as publicly. The Library of Congress is even archiving every public tweet sent via Twitter. These issues may not concern you, but they probably should, as anyone can use your data from social networks to sell to marketing companies, and other companies are cross-analyzing social profiles to create an eerily comprehensive profile of habits, personality, and tendencies without even knowing you personally.
Protecting your privacy is easy and only requires a common-sense approach. Some organizations, like the EFF, offer advanced tips for those who are especially tech savvy to reduce privacy invasion. Our tips are perhaps more basic — but can help prevent a huge disaster if you don’t follow them.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 3, 2011 at 12:17:00 PM CET
Verbotene Trojaner für die Behörden
Der Trojaner-Hersteller DigiTask hat seine Spähsoftware mit illegalen Zusatzfunktionen angeboten - und nannte sie in seiner Präsentation folgerichtig „forbidden features“. Das geht aus Dokumenten hervor, die Wikileaks veröffentlicht hat.
.... Dokumente zeigen nun, dass der deutsche Trojaner-Hersteller DigiTask wusste, dass seine Spähprogramme die gesetzlichen Regeln unterlaufen können. Trotzdem hat er die Programme mit illegalen Zusatzfunktionen angeboten. In internen Dokumenten, die von Wikileaks veröffentlicht wurden, preist die Firma DigiTask ausdrücklich „verbotene Anwendungen“ – in ihrer Präsentation als „forbidden features“ – ihrer Programme an.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 2, 2011 at 5:03:00 PM CET
Anti-Terror-Paket AT
Bundesgesetz, mit dem das Sicherheitspolizeigesetz, das Polizeikooperationsgesetz und das Bundesgesetz über die Einrichtung und Organisation des Bundesamts zur Korruptionsprävention und Korruptionsbekämpfung geändert werden (SPG-Novelle 2011)
Gesetzestext / PDF, 178 KB . HTML, 92 KB
Vorblatt und Erläuterungen / PDF, 185 KB . HTML, 116 KB
Textgegenüberstellung / PDF-IMAGE, 259 KB
Sicherheitspolizeigesetz, Polizeikooperationsgesetz u.a., Änderung
Ministerialentwurf betreffend ein Bundesgesetz, mit dem das Sicherheitspolizeigesetz, das Polizeikooperationsgesetz und das Bundesgesetz über die Einrichtung und Organisation des Bundesamtes zur Korruptionsprävention und Korruptionsbekämpfung geändert werden.
Gesetzestext / PDF, 41 KB
Materialien - Vorblatt und Erläuterungen / PDF, 92 KB
Materialien - Textgegenüberstellung / PDF, 125 KB
Begleitschreiben / PDF, 166 KB . HTML, 28 KB
... Link (0 comments) ... Comment
Topic: SECURITY - on December 2, 2011 at 2:05:00 PM CET
WikiLeaks Unveils 160 Firms' Surveillance Gear Sales Docs, Still No Submissions System
WikiLeaks is still in the secret-spilling business. But not, apparently, in the business of accepting those secrets through the anonymous dropbox that was once its trademark.
The site on Thursday unveiled a new trove of 287 documents it’s calling the Spy Files, a collection of 160 digital surveillance firms’ marketing materials, price lists and catalogues, a joint effort with Bugged Planet, The Bureau of Investigative Journalism, and Privacy International, and with a new cadre of media partners including the Washington Post, the Hindu, the Italian paper L’Espresso and the French news outlet OWNI. The documents, sorted by company name and dozens of types of surveillance such as spyware, Wifi interception, and cellphone forensics are broken down on a new section of WikiLeaks’ site.
... Link (0 comments) ... Comment
