Bigger doesn't imply better. Bigger often is a sign of obesity, of lost control, of overcomplexity, of cancerous cells
| Home | Switchboard | Unix Administration | Red Hat | TCP/IP Networks | Neoliberalism | Toxic Managers | |
|
May the source be with you, but remember the KISS principle ;-) Bigger doesn't imply better. Bigger often is a sign of obesity, of lost control, of overcomplexity, of cancerous cells |
|||||||
|
|
Microsoft is the king of software complexity and Windows becomes more complicated with each new version. Features get added. The UI gets "improved". Privacy disappears. Security gets tightened. Windows 10 is this respect is a disaster and I do not recommend upgrade to it from Windows 7 unless you are using your PC purely for entertainment.
Typically in enterprise environment you get Windows laptop with the "'standard" for a given enterprise version of Windows (typically one version down from the current). Now you need to adapt it to the needs of system administration. Which is challenging, especially if you administer mostly Unix/Linux servers.
Windows 7 is also not without problems and in comparison with XP SP3 was the fist OS when Microsoft went (slightly) downhill and while all features were provided without significantly increasing power consumption or decreasing performance it essentially accomplished little over Windows XP. As for the ease of recognizing, recognizing and working with new devices was a definite step back. It was far more capricious. Propensity to self-destruct with age in this version of Windows is less pronounced then in case of Windows XP
Windows 10 marks at important stage in Microsoft OS development -- Microsoft lost control of the complexity and was essentially buried under avalanche of created complex subsystems and wrong architectural decisions. The removal off start menu was probably the greatest blunder. This is the first in a long line of Microsoft operating systems which can be called one step forward -- two steps back. Problems with subsystems due to patches are systemic. Looking at system messages log gives impression that in Microsoft left hand no longer knows what right hand is doing and no amount of testing now can help.
As touch is unimportant for a laptop and mostly useless for desktop, I will also say that a decent Windows 7 laptop still holds it own against newer version of Windows (both 8.1 -- the most common in enterprise environment as of 2017, and Windows 10). Also with Windows 10 Microsoft became really intrusive in privacy space. In customer version starting from Windows 8 the default is to login to your Hotmail account.
One interesting feature of Windows that makes it more Unix like is Powershell which is modelled on Korn shell.
Another is possibility to install Ubuntu or OpenSuse in Win 10 Install the Linux Subsystem on Windows 10
|
|
This page contains the recommendations for the enhancement "default" Windows installation with some additional, mostly command line, utilities. Sometimes your corporate policy is restrictive and you need to jump through the hoops to get those listed below. In some case may be installing Virtual Machine with Linux might be the path of less resistance.
Anyway here is the recommended list:
Quickly Copy Error and Display Messages
...copy the CLIP.EXE file from a Windows Server 2003 into your system's path (best if placed in %systemroot%\system32 folder). You can also get the file from HERE (14kb)
For Windows XP and Windows 7 only:
|
|
Switchboard | ||||
| Latest | |||||
| Past week | |||||
| Past month | |||||
 |
 |
 |
ihatewinter </> , 2018-11-05T17:52:15-05:00Nov 07, 2018 | arstechnica.com
President Rouhani's phone "bugged," attacks against network infrastructure claimed.
Sean Gallagher - 11/5/2018, 5:10 PM
reader commentsLast week, Iran's chief of civil defense claimed that the Iranian government had fought off Israeli attempts to infect computer systems with what he described as a new version of Stuxnet -- the malware reportedly developed jointly by the US and Israel that targeted Iran's uranium-enrichment program. Gholamreza Jalali, chief of the National Passive Defense Organization (NPDO), told Iran's IRNA news service, "Recently, we discovered a new generation of Stuxnet which consisted of several parts... and was trying to enter our systems."
On November 5, Iran Telecommunications Minister Mohammad-Javad Azari Jahromi accused Israel of being behind the attack, and he said that the malware was intended to "harm the country's communication infrastructures." Jahromi praised "technical teams" for shutting down the attack, saying that the attackers "returned empty-handed." A report from Iran's Tasnim news agency quoted Deputy Telecommunications Minister Hamid Fattahi as stating that more details of the cyber attacks would be made public soon.
Jahromi said that Iran would sue Israel over the attack through the International Court of Justice. The Iranian government has also said it would sue the US in the ICJ over the reinstatement of sanctions. Israel has remained silent regarding the accusations .
The claims come a week after the NPDO's Jalali announced that President Hassan Rouhani's cell phone had been "tapped" and was being replaced with a new, more secure device. This led to a statement by Iranian Supreme Leader Ayatollah Ali Khamenei, exhorting Iran's security apparatus to "confront infiltration through scientific, accurate, and up-to-date action."
While Iran protests the alleged attacks -- about which the Israeli government has been silent -- Iranian hackers have continued to conduct their own cyber attacks. A recent report from security tools company Carbon Black based on data from the company's incident-response partners found that Iran had been a significant source of attacks in the third quarter of this year, with one incident-response professional noting, "We've seen a lot of destructive actions from Iran and North Korea lately, where they've effectively wiped machines they suspect of being forensically analyzed."
SymmetricChaos </> , 2018-11-05T17:16:46-05:00 I feel like governments still think of cyber warfare as something that doesn't really count and are willing to be dangerously provocative in their use of it. ihatewinter , 2018-11-05T17:27:06-05:00 Another day in international politics. Beats lobbing bombs at each other. +13 ( +16 / -3 ) fahrenheit_ak </> , 2018-11-05T17:46:44-05:00
corey_1967 wrote:revision0 , 2018-11-05T17:48:22-05:00 Israeli hackers?The twin pillars of Iran's foreign policy - America is evil and Wipe Israel off the map - do not appear to be serving the country very well.
They serve Iran very well, America is an easy target to gather support against, and Israel is more than willing to play the bad guy (for a bunch of reasons including Israels' policy of nuclear hegemony in the region and historical antagonism against Arab states).Go on!
Quote:
Israeli hackers offered Cambridge Analytica, the data collection firm that worked on U.S. President Donald Trump's election campaign, material on two politicians who are heads of state, the Guardian reported Wednesday, citing witnesses.Quote:
For $20M, These Israeli Hackers Will Spy On Any Phone On The PlanetQuote:
While Israelis are not necessarily number one in technical skills -- that award goes to Russian hackers -- Israelis are probably the best at thinking on their feet and adjusting to changing situations on the fly, a trait essential for success in a wide range of areas, including cyber-security, said Forzieri. "In modern attacks, the human factor -- for example, getting someone to click on a link that will install malware -- constitutes as much as 85% of a successful attack," he said.+5 ( +9 / -4 )
dramamoose wrote:thorpe wrote:Agree. While Israel is not about to win Humanitarian Nation of the year Award any time soon, I don't see it going to Iran in a close vote tally either.The pro-Israel trolls out in front of this comment section...You don't have to be pro-Israel to be anti-Iran. Far from it. I think many of Israel's actions in Palestine are reprehensible, but I also know to (rightly) fear an Islamic dictatorship who is actively funding terrorism groups and is likely a few years away from having a working nuclear bomb, should they resume research (which the US actions seem likely to cause).
The US created the Islamic Republic of Iran by holding a cruel dictator in power rather than risking a slide into communism. We should be engaging diplomatically, rather than trying sanctions which clearly don't work. But I don't think that the original Stuxnet was a bad idea, nor do I think that intense surveillance of what could be a potentially very dangerous country is a bad one either.
If the Israelis (slash US) did in fact target civilian infrastructure, that's a problem. Unless, of course, they were bugging them for espionage purposes.
|
|
|
Nov 06, 2018 | it.slashdot.org
(zdnet.com) 62 Researchers have found flaws that can be exploited to bypass hardware encryption in well known and popular SSD drives. Master passwords and faulty standards implementations allow attackers access to encrypted data without needing to know the user-chosen password.
SSDs from Micron (Crucial) and Samsung are affected. These are SSDs that support hardware-level encryption via a local built-in chip, separate from the main CPU. Some of these devices have a factory-set master password that bypasses the user-set password, while other SSDs store the encryption key on the hard drive, from where it can be retrieved. The issue is worse on Windows, where BitLocker defers software-level encryption to hardware encryption-capable SSDs, meaning user data is vulnerable to attacks without the user's knowledge. More in the research paper .
|
|
|
Nov 02, 2018 | sputniknews.com
A US government employee with an apparent addiction to Russian pornography is causing a headache at the US Geological Survey (USGS) after infecting their network with malware. The USGS's Office of Inspector General (OIG) released a report October 17 detailing the compromise. The employee was apparently visiting pornography sites on his government-issued laptop, which is how the malware was contracted and spread through the network.
The employee, whose name is redacted from the report, visited thousands of pornographic websites. "Many of the 9,000 web pages [redacted] visited routed through websites that originated in Russia and contained malware," the report says.
"Most of the larger porn sites are not actively trying to install malware on your device, because that would interrupt their business model of getting you to come back to the site, click and view ads, and subscribe to their premium content," web developer and technologist Chris Garaffa told Sputnik News Tuesday. "However, third-party ad networks that do not properly screen the ads they run can be exploited to serve malware along with the ad. This applies not just to porn sites but to any site with advertisements on it."
"I recommend people use a safer browser like Mozilla Firefox or Brave, along with an ad-blocker add-on like uBlock Origin to help mitigate the risks -- regardless of what content they're viewing," Garaffa added.
According to the government's analysis, a number of pornographic images were saved on an unauthorized USB device and the employee's personal Android phone, which also got infected with the malware.
USGS is under the Department of Interior (DOI), which prohibits employees from viewing or distributing pornography on government computers. Employees are also banned from connecting their personal devices to government computers or networks, another rule that was violated by the employee.
The DOI conducts IT security training once a year, during which employees sign a statement saying they understand those rules. The employee attended those annual training events and the OIG "confirmed he agreed to the Rules of Behavior for several years prior."
The OIG recommended that USGS step up its monitoring of employee web usage, block pornographic websites and prevent unauthorized USB devices from being used on all employee computers. It gave USGS 90 days to indicate whether it plans on implementing those recommendations.
According to NextGov, a number of US government agencies have had similar scandals in recent history, including the Environmental Protection Agency, the Securities and Exchange Commission, the Internal Revenue Service and about a dozen others .
Representative Mark Meadows (R-NC) has on three occasions introduced legislation banning the viewing of pornography on federal government computers, NextGov notes. It isn't clear why the bills have failed to come to fruition.
"If your employer owns your phone, computer or even just the network you're connecting to, they have the legal right to monitor, log and save records of what you're typing, what websites you're visiting, the content of the emails you send -- even on your personal accounts -- and the right to look at your screen," Garaffa said.
"Employees should effectively keep in mind that they currently have no legal right to privacy when using a company-owned device or network," he added.
|
|
|
Nov 02, 2018 | sputniknews.com
The head of Iran's civil defense agency announced on Sunday that a new version of the Stuxnet virus, believed to be a US-Israeli creation, had been found by Iranian authorities. The announcement came amid news that President Hassan Rouhani's phone had been bugged and a call for increased defenses to "confront infiltration." "Recently we discovered a new generation of Stuxnet which consisted of several parts and was trying to enter our systems," announced Brigadier General Gholamreza Jalali, head of Iranian civil defense, Reuters reported. He gave no further details, such as whom the Iranian government believes to be behind the attack or how much damage it had caused.
The original Stuxnet virus targeted nuclear centrifuges at Iran's Natanz Uranium Enrichment Facility in June 2009, when it caused about 20 percent of the facility's centrifuges to spin out of control until they broke. It's widely believed to have been a joint creation by the US and Israel.
The Times of Israel noted that Israeli officials have refused to discuss what role, if any, they played in either Stuxnet operation.
That same day, Iranian Supreme Leader Ayatollah Ali Khamenei said Sunday, "In the face of the enemy's complex practices, our civil defense should confront infiltration through scientific, accurate and up-to-date action."
Iranian Students News Agency (ISNA) then reported on Monday that Rouhani's cell phone had recently been discovered to be bugged, citing Jalali as saying that Rouhani's phone would be replaced with a more secure device. Again, Jalali made no indication as to who was believed to be behind the wire tap .
Still, Israel seems to be name on everyone's lips. The news is only one episode in a rapid succession of moves between Israel and Iran, with Israel's Mossad intelligence agency saying on Wednesday it had thwarted an Iranian murder plot in Denmark against three members of the Arab Struggle Movement for the Liberation of Ahvaz, an organization connected to those who carried out a terrorist attack during a military parade in the Iranian city of Ahvaz on September 22, killing 25 people.
Earlier this year, Israel claimed it had accomplished a vast cyber-heist, stealing an archive that Israel claimed documented Tehran's continuing nuclear weapons program. Israeli Prime Minister Benjamin Netanyahu presented those claims to the UN in September.
"What Iran hides, Israel will find," Netanyahu declared in his UN speech at the time.
Lex W. PorterWhat kind of sick people put viruses in nuclear power stations? The same kind that shoot kids with sniper rifles while their citizens watch and cheer, I guess. Straight up criminal rogue regime...John Mason
Who else could it be but one of the dirty 4, US, UK, France or Israel who have been involved in creating global chaos.
|
|
|
Mar 23, 2017 | www.zerohedge.com
Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.
Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.
"DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.
Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.
Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise
TheMeatTrapper Mar 23, 2017 10:20 AMManthong froze25 Mar 23, 2017 10:27 AMThey should change the name of the company to CIApple. The millenials can then line up for them in the cold.
http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
PrayingMantis mtl4 Mar 23, 2017 11:59 AMIt appears that some real patriots are blowing the lid off of the pervasive evil.
The Amendments only clarified what is the law of the land.
I F'NG WANT THEM ADHERED TO.
Start with the 4 th one and then work your way up and down.
http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
JRobby brianshell Mar 23, 2017 11:05 AM Get your red iPhone! On sale this week!!!! Brand new color! Red!!!!!http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
mtl4 Manthong Mar 23, 2017 11:14 AM After seeing this, any wonder why Shillary was so stuck on using Blackberry?!I think Blackberry really missed a huge opportunity as the anti-eavesdropping cell phone platform.
http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
wren Manthong Mar 23, 2017 12:41 PM... "Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008."
... time to ditch those CiApple devices ... now you know why the Canadian Blackberry was killed off the US market ... they wouldn't play the US alphabet agencies' surveillance game ...
http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
brianshell kavlar Mar 23, 2017 2:21 PM Ban dual nationals in government.http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
WillyGroper JRobby Mar 23, 2017 1:31 PMI knew it was a publicity hoax when Apple didn't want to allow the feds access to the phone that was used by the killers in the San Bernadillo Massacre. Like Apple really cares about giving your info to the feds...
Apple is a shit proprietary company that has somehow convinced people around the world that their product is as important as eating, and costs you as much to have an iPhone as it costs you to buy food each month. Oh but it has a camera and these really cool weather apps that cuss at you, and my selfie stick is made for the iPhone 7, but they will be coming out with an iPhone 8 soon. I sure hope my selfie stick works with it!
"Hi, my name is Lisa and I am in like 7th grade. Other kids in my class only have the iPhone 5, but I have the new iPhone 7. I go to school with such pathetic loooserrs. Everyone in my school is jealous of me and my new iPhone 7, cause it shows that my parents really care about me, because, you know, they spent a lot of money on me for this phone so it must show they like, really care, right?
And the other kids in school chant my name as I walk down the halls because they're like so jealous of how much my parents love me. They are jealous because I'm like really rich, really cool, and my parents really love me too."
http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
went to the site from SGT...interesting seeeyeyah rabbit hole runs decades back.
of course the usual suspects.
https://www.muckrock.com/news/archives/2017/mar/20/cia-waffled-promise-destroy-records/
AldousHuxley d brianshell •Mar 23, 2017 4:46 PM
Latina Lover froze25 Mar 23, 2017 10:32 AMSmartphone won't make you smarter when all you do on it is chatting about superficial issues.
Idiots paying $500 every year to talk to other idiots is why Apple has $700B market cap.
http://ads.pubmatic.com/AdServer/js/showad.js#PIX&kdntuid=1&p=52041
In a honest country where the rule of law applies to all, USA prisons would be filled with CIA and NSA operatives. Instead, we live in a banana republic, without the bananas.
|
|
|
Oct 11, 2018 | thenewkremlinstooge.wordpress.com
et Al October 5, 2018 at 4:00 am
The Register: Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?
https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/Who's your money on? Bloomberg's sources? Apple? Amazon? Super Micro?
####
Hit the comments. Quite a few very good points made, namely 'Why now?' (its da Chinese!) as it supposed occurred some years ago, the US breaks this kind of story when it knows it will shortly be fingered for doing the same (the US did a demo SCADA attack for the media before the STUXNET story broke), if it was done it would have only been on select machines etc. etc.
Euractiv: Apple, Amazon deny Bloomberg report on Chinese hardware attack
https://www.euractiv.com/section/cybersecurity/news/apple-amazon-deny-bloomberg-report-on-chinese-hardware-attack/There was a headlining (which of course I cannot find now*) saying that the US is calling on the UK, EU & Japan should get together and take on China economically. Why does the might US need help? It's quite an admission. This is at the same time that the US is targeting EU companies that do business with Russia and also telling Brussels that they do not agree with its very modest proposals for WTO reform.** There's no balance. They're all over the place, no to mention their spokespersons going tonto and shooting off their mouths so casually (US NATO Amb).
The more you look at all the current revelations, who they are made by, the way they are all being fed to the press and the demands now being made, it looks more and more that the Euro-Atfantacists are making another concerted and desperate campaign to retain some sort of influence. The UK is leaving the EU. Even if it rejoins, it won't be a 'special partner'. The fact that the USA-insane Netherlands and the UK are running their stories together shows us that the target is the rest of Europe, just as outgoing Pres of the EU J-C Juncker has said that Europe's best interests are with a security treaty with Russia. BTW, Finland's Stubb is putting himself forward to replace Juncker
* et voila! US, EU should 'clean the house' and deal with China – US ambassador
https://www.euractiv.com/section/eu-china/news/us-eu-should-clean-the-house-and-deal-with-china-us-ambassador/** US says it cannot support some of EU's ideas for WTO reform
https://www.euractiv.com/section/economy-jobs/news/us-says-it-cannot-support-some-of-eus-ideas-for-wto-reform/
|
|
|
Oct 07, 2018 | freethoughtblogs.com
Bob Moore asks me to comment on an article about propaganda and security/intelligence. [ article ] This is going to be a mixture of opinion and references to facts; I'll try to be clear which is which.
Yesterday several NATO countries ran a concerted propaganda campaign against Russia. The context for it was a NATO summit in which the U.S. presses for an intensified cyberwar against NATO's preferred enemy.
On the same day another coordinated campaign targeted China. It is aimed against China's development of computer chip manufacturing further up the value chain. Related to this is U.S. pressure on Taiwan, a leading chip manufacturer, to cut its ties with its big motherland.
It is true that the US periodically makes a big push regarding "messaging" about hacking. Whether or not it constitutes a "propaganda campaign" depends on how we choose to interpret things and the labels we attach to them -- "propaganda campaign" has a lot of negative connotations and one person's "outreach effort" is an other's "propaganda." An ultra-nationalist or an authoritarian submissive who takes the government's word for anything would call it "outreach."
There has been an ongoing campaign on the part of the US, to get out the idea that China, Russia, North Korea, and Iran have massive armies of hackers that are constantly looking to steal American secrets. The absurdity of the US' claims is pretty obvious. As I pointed out in my book The Myth of Homeland Security (2004) [ wc ] claims such as that the Chinese had "40,000 highly trained hackers" are flat-out absurd and ignore the reality of hacking; that's four army corps. Hackers don't engage in "human wave" attacks.
"The Great US/China Cyberwar of 2010" is one cyberwar that didn't happen, but was presaged with a run-up of lots of claims that the Chinese were hacking all over the place. I'm perfectly willing to accept the possibility that there was Chinese hacking activity, but in the industry there was no indication of an additional level of attack or significance.
One thing that did happen in 2010 around the same time as the nonexistent cyberwar was China and Russia proposed trilateral talks with the US to attempt to define appropriate limits on state-sponsored hacking. The US flatly rejected the proposal, but there was virtually no coverage of that in the US media at the time. The UN also called for a cyberwar treaty framework, and the effort was killed by the US. [ wired ] What's fascinating and incomprehensible to me is that, whenever the US feels that its ability to claim pre-emptive cyberwar is challenged, it responds with a wave of claims about Chinese (or Russian or North Korean) cyberwar aggression.
John Negroponte, former director of US intelligence, said intelligence agencies in the major powers would be the first to "express reservations" about such an accord.
US ideology is that "we don't start wars" -- it's always looking for an excuse to go to war under the rubric of self-defense, so I see these sorts of claims as justification in advance for unilateral action. I also see it as a sign of weakness; if the US were truly the superpower it claims it is, it would simply accept its imperial mantle and stop bothering to try to justify anything. I'm afraid we may be getting close to that point.
My assumption has always been that the US is projecting its own actions on other nations. At the time when the US was talking the loudest about Chinese cyberwar, the US and Israel had launched STUXNET against the Iranian enrichment plant at Natanz, and the breeder reactor at Bushehr (which happens to be just outside of a large city; the attack took some of its control systems and backup generators offline). Attacks on nuclear power facilities are a war crime under international humanitarian law, which framework the US is signatory to but has not committed to actually follow. This sort of activity happens at the same time that the US distributes talking-points to the media about the danger of Russian hackers crashing the US power grid. I don't think we can psychoanalyze an entire government and I think psychoanalysis is mostly nonsense -- but it's tempting to accuse the US of "projection."
The anti-Russian campaign is about alleged Russian spying, hacking and influence operations. Britain and the Netherland took the lead. Britain accused Russia's military intelligence service (GRU) of spying attempts against the Organisation for the Prohibition of Chemical Weapons (OPCW) in The Hague and Switzerland, of spying attempts against the British Foreign Office, of influence campaigns related to European and the U.S. elections, and of hacking the international doping agency WADA. British media willingly helped to exaggerate the claims: [ ]
The Netherland [sic] for its part released a flurry of information about the alleged spying attempts against the OPCW in The Hague. It claims that four GRU agents traveled to The Hague on official Russian diplomatic passports to sniff out the WiFi network of the OPCW. (WiFi networks are notoriously easy to hack. If the OPCW is indeed using such it should not be trusted with any security relevant issues.) The Russian officials were allegedly very secretive, even cleaning out their own hotel trash, while they, at the same, time carried laptops with private data and even taxi receipts showing their travel from a GRU headquarter in Moscow to the airport. Like in the Skripal/Novichok saga the Russian spies are, at the same time, portrayed as supervillains and hapless amateurs. Real spies are neither.
The U.S. Justice Department added to the onslaught by issuing new indictments (pdf) against alleged GRU agents dubiously connected to several alleged hacking incidents . As none of those Russians will ever stand in front of a U.S. court the broad allegations will never be tested.
There's a lot there, and I think the interpretation is a bit over-wrought, but it's mostly accurate. The US and the UK (and other NATO allies, as necessary) clearly coordinate when it comes to talking points. Claims of Chinese cyberwar in the US press will be followed by claims in the UK and Australian press, as well. My suspicion is that this is not the US Government and UK Government coordinating a story -- it's the intelligence agencies doing it. My opinion is that the intelligence services are fairly close to a "deep state" -- the CIA and NSA are completely out of control and the CIA has gone far toward building its own military, while the NSA has implemented completely unrestricted surveillance worldwide.
All of this stuff happens against the backdrop of Klein, Binney, Snowden, and the Vault 7 revelations, as well as solid attribution identifying the NSA as "equation group" and linking the code-tree of NSA-developed malware to STUXNET, FLAME, and DUQU. While the attribution that "Fancy Bear is the GRU" has been made and is probably fairly solid, the attribution of NSA malware and CIA malware is rock solid; the US has even admitted to deploying STUXNET -- Obama bragged about it. When Snowden's revelations outlined how the NSA had eavesdropped on Angela Merkel's cellphone, the Germans expressed shock and Barack Obama remarkably truthfully said "that's how these things are done" and blew the whole thing off by saying that the NSA wasn't eavesdropping on Merkel any more. [ bbc ]
It's hard to keep score because everything is pretty vague, but it sounds like the US has been dramatically out-spending and out-acting the other nations that it accuses of being prepared for cyberwar. I tend to be extremely skeptical of US claims because: bomber gap, missile gap, gulf of Tonkin, Iraq WMD, Afghanistan, Libya and every other aggressive attack by the US which was blamed on its target. The reason I assume the US is the most aggressive actor in cyberspace is because the US has done a terrible job of protecting its tool-sets and operational security: it's hard not to see the US is prepared for cyberwar, when both the NSA and the CIA leak massive collections of advanced tools.
Meanwhile, where are the leaks of Russian and Chinese tools? They have been few and far between, if there have been any at all. Does this mean that the Russians and Chinese have amazingly superior tradecraft, if not tools? I don't know. My observation is that the NSA and CIA have been horribly sloppy and have clearly spent a gigantic amount of money preparing to compromise both foreign and domestic systems -- that's bad enough. With friends like the NSA and CIA, who needs Russians and Chinese?
The article does not have great depth to its understanding of the situation, I'm afraid. So it comes off as a bit heavy on the recent news while ignoring the long-term trends. For example:
The allegations of Chinese supply chain attacks are of course just as hypocritical as the allegations against Russia. The very first know case of computer related supply chain manipulation goes back to 1982 :
A CIA operation to sabotage Soviet industry by duping Moscow into stealing booby-trapped software was spectacularly successful when it triggered a huge explosion in a Siberian gas pipeline, it emerged yesterday.
I wrote a piece about the "Farewell Dossier" in 2004. [ mjr ] Re-reading it, it comes off as skeptical but waffly. I think that it's self-promotion by the CIA and exaggerates considerably ("look how clever we are!") at a time when the CIA was suffering an attention and credibility deficit after its shitshow performance under George Tenet. But the first known cases of computer related supply chain manipulation go back to the 70s and 80s -- the NSA even compromised Crypto AG's Hagelin M-209 system (a mechanical ciphering machine) in order to read global communications encrypted with that product. You can imagine Crypto AG's surprise when the Iranian secret police arrested one of their sales reps for selling backdoor'd crypto -- the NSA had never told them about the backdoor, naturally. The CIA was also on record for producing Xerox machines destined for the USSR, which had recorders built into them So, while the article is portraying the historical sweep of NSA dirty tricks, they're only looking at the recent ones. Remember: the NSA also weakened the elliptic curve crypto library in RSA's Bsafe implementation, paying RSADSI $13 million to accept their tweaked code.
Why haven't we been hearing about the Chinese and Russians doing that sort of thing? There are four options:
- The Russians and Chinese are doing it, they're just so darned good nobody has caught them until just recently.
- The Russians and Chinese simply resort to using existing tools developed by the hacking/cybercrime community and rely on great operational security rather than fancy tools.
- The Russian and Chinese efforts are relatively tiny compared to the massive efforts the US expends tens of billions of dollars on. The US spends about $50bn on its intelligence agencies, while the entire Russian Department of Defense budget is about $90bn (China is around $139bn) -- maybe the Russians and Chinese have such a small footprint because they are much smaller operations?
- Something else.
That brings us to the recent kerfuffle about taps on the Supermicro motherboards. That's not unbelievable at all -- not in a world where we discover that Intel has built a parallel management CPU into every CPU since 2008, and that there is solid indications that other processors have similar backdoors.
Was the Intel IME a "backdoor" or just "a bad idea"? Well, that's tricky. Let me put my tinfoil hat on: making a backdoor look like a sloppily developed product feature would be the competent way to write a backdoor. Making it as sneaky as the backdoor in the Via is unnecessary -- incompetence is eminently believable.
&
(kaspersky)
I believe all of these stories (including the Supermicro) are the tip of a great big, ugly iceberg. The intelligence community has long known that software-only solutions are too mutable, and are easy to decompile and figure out. They have wanted to be in the BIOS of systems -- on the motherboard -- for a long time. If you go back to 2014, we have disclosures about the NSA malware that hides in hard drive BIOS: [ vice ] [ vice ] That appears to have been in progress around 2000/2001.
Of note, the group recovered two modules belonging to EquationDrug and GrayFish that were used to reprogram hard drives to give the attackers persistent control over a target machine. These modules can target practically every hard drive manufacturer and brand on the market, including Seagate, Western Digital, Samsung, Toshiba, Corsair, Hitachi and more. Such attacks have traditionally been difficult to pull off, given the risk in modifying hard drive software, which may explain why Kaspersky could only identify a handful of very specific targets against which the attack was used, where the risk was worth the reward.
But Equation Group's malware platforms have other tricks, too. GrayFish, for example, also has the ability to install itself into computer's boot record -- software that loads even before the operating system itself -- and stores all of its data inside a portion of the operating system called the registry, where configuration data is normally stored.EquationDrug was designed for use on older Windows operating systems, and "some of the plugins were designed originally for use on Windows 95/98/ME" -- versions of Windows so old that they offer a good indication of the Equation Group's age.
This is not a very good example of how to establish a "malware gap" since it just makes the NSA look like they are incapable of keeping a secret. If you want an idea how bad it is, Kaspersky labs' analysis of the NSA's toolchain is a good example of how to do attribution correctly. Unfortunately for the US agenda, that solid attribution points toward Fort Meade in Maryland. [kaspersky]
Let me be clear: I think we are fucked every which way from the start. With backdoors in the BIOS, backdoors on the CPU, and wireless cellular-spectrum backdoors, there are probably backdoors in the GPUs and the physical network controllers, as well. Maybe the backdoors in the GPU come from the GRU and maybe the backdoors in the hard drives come from NSA, but who cares? The upshot is that all of our systems are so heinously compromised that they can only be considered marginally reliable. It is, literally, not your computer: it's theirs. They'll let you use it so long as your information is interesting to them.
Do I believe the Chinese are capable of doing such a thing? Of course. Is the GRU? Probably. Mossad? Sure. NSA? Well-documented attribution points toward NSA. Your computer is a free-fire zone. It has been since the mid 1990s, when the NSA was told "no" on the Clipper chip and decided to come up with its own Plan B, C, D, and E. Then, the CIA came up with theirs. Etc. There are probably so many backdoors in our systems that it's a miracle it works at all.
From my 2012 RSA conference lecture "Cyberwar, you're doing it wrong."
The problem is that playing in this space is the purview of governments. Nobody in the cybercrime or hacking world need tools like these. The intelligence operatives have huge budgets, compared to a typical company's security budget, and it's unreasonable to expect any business to invest such a level of effort on defending itself. So what should companies do? They should do exactly what they are doing: expect the government to deal with it; that's what governments are for. The problem with that strategy is that their government isn't on their side, either! It's Hobbes' playground.
In case you think I am engaging in hyperbole, I assure you I am not. If you want another example of the lengths (and willingness to bypass the law) "they" are willing to go, consider 'stingrays' that are in operation in every major US city and outside of every interesting hotel and high tech park. Those devices are not passive -- they actively inject themselves into the call set-up between your phone and your carrier -- your data goes through the stingray, or it doesn't go at all. If there are multiple stingrays, then your latency goes through the roof. "They" don't care. Are the stingrays NSA, FBI, CIA, Mossad, GRU, or PLA? Probably a bit of all of the above depending on where and when.
Whenever the US gets caught with its pants down around its ankles, it blames the Chinese or the Russians because they have done a good job of building the idea that the most serious hackers on the planet at the Chinese. I don't believe that we're seeing complex propaganda campaigns that are tied to specific incidents -- I think we see ongoing organic propaganda campaigns that all serve the same end: protect the agencies, protect their budgets, justify their existence, and downplay their incompetence.
So, with respect to "propaganda" I would say that the US intelligence community has been consistently pushing a propaganda agenda against the US government, and the citizens in order to justify its actions and defend its budget.
The government also engages in propaganda, and is influenced by the intelligence community's propaganda as well. And the propaganda campaigns work because everyone involved assumes, "well, given what the NSA has been able to do, I should assume the Chinese can do likewise." That's a perfectly reasonable assumption and I think it's probably true that the Chinese have capabilities. The situation is what Chuck Spinney calls "A self-licking ice cream cone" -- it's a justifying structure that makes participation in endless aggression seem like a sensible thing to do. And, when there's inevitably a disaster, it's going to be like a cyber-9/11 and will serve as a justification for even more unrestrained aggression.
Want to see what it looks like? A thousand thanks to Commentariat member [redacted] for this link. If you don't like video, there's an article here. [ toms ]
https://www.youtube.com/embed/_eSAF_qT_FY
Is this an NSA backdoor, or normal incompetence? Is Intel Management Engine an NSA-inspired backdoor, or did some system engineers at Intel think that was a good idea? There are other scary indications of embedded compromise: the CIA's Vault7 archive included code that appeared to be intended to embed in the firmware of "smart" flatscreen TVs. That would make every LG flat panel in every hotel room, a listening device just waiting to be turned on.
We know the Chinese didn't do that particular bug but why wouldn't they do something similar, in something else? China is the world's oldest mature culture -- they literally wrote the book on strategy -- Americans acting as though it's a great surprise to learn that the Chinese are not stupid, it's just the parochialism of a 250 year-old culture looking at a 3,000 year-old culture and saying "wow, you guys haven't been asleep at the switch after all!"
WIRED on cyberspace treaties [ wired ]
Comments
Pierce R. Butler says
What little I've been able to find out the new Trump™ cybersecurity plan is that it doesn't involve any defense, just massive retribution against (perceived) foes.
Funny how those obsessed with "false flag" operations work so hard to invite more of same.
Marcus Ranum says
Pierce R. Butler@#1:
What little I've been able to find out the new Trump™ cybersecurity plan is that it doesn't involve any defense, just massive retribution against (perceived) foes.Yes. Since 2001, as far as most of us can tell, federal cybersecurity spend has been 80% offense, 20% defense. And a lot of the offensive spend has been aimed at We, The People.
Cat Mara says
Your mention of Operation Sundevil and Kevin Mitnick in a previous post made me think that maybe the reason we haven't seen the kind of leaks from the Russian and Chinese hacking operations that we've seem from the NSA is that they're running a "Kevin Mitnick style" operation; that is, relying less on technical solutions and using instead old-fashioned "social engineering" and other low-tech forms of espionage (like running troll farms on social media). I mean, I've seen interviews with retired US intelligence people since the 90s complain that since the late 1980s, the intelligence agencies have been crippled by management in love with hi-tech "SIGINT" solutions to problems that never deliver and neglecting old-fashioned "HUMINT" intelligence-gathering.
The thing is, Kevin Mitnick got away with a lot of what he did because people didn't take security seriously then, and still don't. On a similar nostalgia vibe, I remember reading an article by Keith Bostic (one of the researchers who helped in the analysis of the Morris worm that took down a significant chunk of the Internet back in 1988) where he did a follow-up a year or so afterwards and some depressing number of organisations that had been hit by it still hadn't patched the holes that had let the worm infect them in the first place.
Marcus Ranum says
Cat Mara@#3:
Your mention of Operation Sundevil and Kevin Mitnick in a previous post made me think that maybe the reason we haven't seen the kind of leaks from the Russian and Chinese hacking operations that we've seem from the NSA is that they're running a "Kevin Mitnick style" operation; that is, relying less on technical solutions and using instead old-fashioned "social engineering" and other low-tech forms of espionage (like running troll farms on social media).I think that's right, to a high degree. What if Edward Snowden was an agent provocateur instead of a well-meaning naive kid? A tremendous amount of damage could be done, as well as stealing the US' expensive toys. The Russians have been very good at doing exactly that sort of operation, since WWII. The Chinese are, if anything, more subtle than the Russians.
The Chinese attitude, as expressed to me by someone who might be a credible source is, "why are you picking a fight with us? We don't care, you're too far away for us to threaten you, we both have loads of our own fish to fry. To them, the US is young, hyperactive, and stupid.
The FBI is not competent, at all, against old-school humint intelligence-gathering. Compared to the US' cyber-toys, the old ways are probably more efficient and cost effective. China's intelligence community is also much more team-oriented than the CIA/NSA; they're actually a disciplined operation under the strategic control of policy-makers. That, by the way, is why Russians and Chinese stare in amazement when Americans ask things like "Do you think Putin knew about this?" What a stupid question! It's an autocracy; they don't have intelligence operatives just going an deciding "it's a nice day to go to England with some Novichok." The entire American attitude toward espionage lacks maturity.
On a similar nostalgia vibe, I remember reading an article by Keith Bostic (one of the researchers who helped in the analysis of the Morris worm that took down a significant chunk of the Internet back in 1988) where he did a follow-up a year or so afterwards and some depressing number of organisations that had been hit by it still hadn't patched the holes that had let the worm infect them in the first place.
That as an exciting time. We were downstream from University of Maryland, which got hit pretty badly. Pete Cottrel and Chris Torek from UMD were also in on Bostic's dissection. We were doing uucp over TCP for our email (that changed pretty soon after the worm) and our uucp queue blew up. I cured the worm with a reboot into single-user mode and a quick 'rm -f' in the uucp queue.
Bob Moore says
Thanks. I appreciate your measured analysis and the making explicit of the bottom line: " agencies, protect their budgets, justify their existence, and downplay their incompetence."
|
|
|
Oct 05, 2018 | www.moonofalabama.org
daffyDuct , Oct 5, 2018 8:35:21 PM | link
The SuperMicro chips may be an alleged use of the Intel Management Engine (or the AMD equivalent).From Bloomberg: https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
"In simplified terms, the implants on Supermicro hardware manipulated the core operating instructions that tell the server what to do as data move across a motherboard, two people familiar with the chips' operation say. This happened at a crucial moment, as small bits of the operating system were being stored in the board's temporary memory en route to the server's central processor, the CPU. The implant was placed on the board in a way that allowed it to effectively edit this information queue, injecting its own code or altering the order of the instructions the CPU was meant to follow. Deviously small changes could create disastrous effects.
The illicit chips could do all this because they were connected to the baseboard management controller, a kind of superchip that administrators use to remotely log in to problematic servers, giving them access to the most sensitive code even on machines that have crashed or are turned off."
From Wikipedia: https://en.wikipedia.org/wiki/Intel_Management_Engine
"The Intel Management Engine (ME), also known as the Manageability Engine, is an autonomous subsystem that has been incorporated in virtually all of Intel's processor chipsets since 2008. The subsystem primarily consists of proprietary firmware running on a separate microprocessor that performs tasks during boot-up, while the computer is running, and while it is asleep.As long as the chipset or SoC is connected to current (via battery or power supply), it continues to run even when the system is turned off. Intel claims the ME is required to provide full performance. Its exact workings are largely undocumented and its code is obfuscated using confidential huffman tables stored directly in hardware, so the firmware does not contain the information necessary to decode its contents. Intel's main competitor AMD has incorporated the equivalent AMD Secure Technology (formally called Platform Security Processor) in virtually all of its post-2013 CPUs.
The Electronic Frontier Foundation (EFF) and security expert Damien Zammit accuse the ME of being a backdoor and a privacy concern. Zammit states that the ME has full access to memory (without the parent CPU having any knowledge); has full access to the TCP/IP stack and can send and receive network packets independent of the operating system, thus bypassing its firewall. Intel asserts that it "does not put back doors in its products" and that its products do not "give Intel control or access to computing systems without the explicit permission of the end user."
|
|
|
Oct 04, 2018 | it.slashdot.org
Taco Cowboy ( 5327 ) , Tuesday May 29, 2012 @12:17AM ( #40139317 ) JournalIt's a scam !! ( Score: 5 , Informative)http://erratasec.blogspot.com/2012/05/bogus-story-no-chinese-backdoor-in.html [blogspot.com]
Bogus story: no Chinese backdoor in military chip"Today's big news is that researchers have found proof of Chinese manufacturers putting backdoors in American chips that the military uses. This is false. While they did find a backdoor in a popular FPGA chip, there is no evidence the Chinese put it there, or even that it was intentionally malicious.Furthermore, the Actel ProAsic3 FPGA chip isn't fabricated in China at all !!
jhoegl ( 638955 ) , Monday May 28, 2012 @01:30PM ( #40136003 )khasim ( 1285 ) writes: < brandioch.conner@gmail.com > on Monday May 28, 2012 @01:48PM ( #40136097 )Fear mongering ( Score: 5 , Insightful)It sells...
Particularly in a press release like that. ( Score: 5 , Insightful)That entire article reads more like a press release with FUD than anything with any facts.
Which chip?
Which manufacturer?
Which US customer?No facts and LOTS of claims. It's pure FUD.
(Not that this might not be a real concern. But the first step is getting past the FUD and marketing materials and getting to the real facts.)
ArsenneLupin ( 766289 ) , Tuesday May 29, 2012 @01:11AM ( #40139489 )Re:Particularly in a press release like that. ( Score: 5 , Informative)A quick google showed that that this is indeed the chip, but the claims are "slightly" overblown [blogspot.com]
Anonymous Coward , Monday May 28, 2012 @02:14PM ( #40136273 )Most likely inserted by Microsemi/Actel not fab ( Score: 5 , Informative)1) Read the paper http://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf
2) This is talking about FPGAs designed by Microsemi/Actel.
3) The article focuses on the ProAsic3 chips but says all the Microsemi/Actel chips tested had the same backdoor including but not limited to Igloo, Fusion and Smartfusion.
4) FPGAs give JTAG access to their internals for programming and debugging but many of the access methods are proprietary and undocumented. (security through obscurity)
5) Most FPGAs have features that attempt to prevent reverse engineering by disabling the ability to read out critical stuff.
6) These chips have a secret passphrase (security through obscurity again) that allows you to read out the stuff that was supposed to be protected.
7) These researchers came up with a new way of analyzing the chip (pipeline emission analysis) to discover the secret passphrase. More conventional analysis (differential power analysis) was not sensitive enough to reveal it.This sounds a lot (speculation on my part) like a deliberate backdoor put in for debug purposes, security through obscurity at it's best. It doesn't sound like something secret added by the chip fab company, although time will tell. Just as embedded controller companies have gotten into trouble putting hidden logins into their code thinking they're making the right tradeoff between convenience and security, this hardware company seems to have done the same.
Someone forgot to tell the marketing droids though and they made up a bunch of stuff about how the h/w was super secure.
JimCanuck ( 2474366 ) , Monday May 28, 2012 @04:45PM ( #40137217 )Re:Most likely inserted by Microsemi/Actel not fab ( Score: 5 , Interesting)I don't think anyone fully understands JTAG, there are a lot of different versions of it mashed together on the typical hardware IC. Regardless if its a FPGA, microcontroller or otherwise. The so called "back door" can only be accessed through the JTAG port as well, so unless the military installed a JTAG bridge to communicate to the outside world and left it there, well then the "backdoor" is rather useless.
Something that can also be completely disabled by setting the right fuse inside the chip itself to disable all JTAG connections. Something that is considered standard practice on IC's with a JTAG port available once assembled into their final product and programmed.
Plus according to Microsemi's own website, all military and aerospace qualified versions of their parts are still made in the USA. So this "researcher" used commercial parts, which depending on the price point can be made in the plant in Shanghai or in the USA at Microsemi's own will.
The "researcher" and the person who wrote the article need to spend some time reading more before talking.
emt377 ( 610337 ) , Monday May 28, 2012 @07:02PM ( #40137873 )Re:Most likely inserted by Microsemi/Actel not fab ( Score: 4 , Insightful)The so called "back door" can only be accessed through the JTAG port as well, so unless the military installed a JTAG bridge to communicate to the outside world and left it there, well then the "backdoor" is rather useless.With pin access to the FPGA it's trivial to hook it up, no bridges or transceivers needed. If it's a BGA then get a breakout/riser board that provides pin access. This is off-the-shelf stuff. This means if the Chinese military gets their hands on the hardware they can reverse engineer it. They won't have to lean very hard on the manufacturer for them to cough up every last detail. In China you just don't say no to such requests if you know what's good for you and your business.
JimCanuck ( 2474366 ) , Monday May 28, 2012 @11:05PM ( #40139083 )Re:Most likely inserted by Microsemi/Actel not fab ( Score: 4 , Interesting)Not being readable even when someone has the device in hand is exactly what these secure FPGAs are meant to protect against!It's not a non-issue. It's a complete failure of a product to provide any advantages over non-secure equivalents.
You clearly have NOT used a FPGA or similar. First the ProASIC3 the article focuses on is the CHEAPEST product in the product line (some of that model line reach down to below a dollar each). But beyond that
... Devices are SECURED by processes, such as blowing the JTAG fuses in the device which makes them operation only, and unreadable. They are secureable, if you follow the proper processes and methods laid out by the manufacturer of the specific chip. Just because a "research paper" claims there is other then standard methods of JTAG built into the JTAG doesn't mean that the device doesn't secure as it should, nor does it mean this researcher who is trying to peddle his own product is anything but biased in this situation.
nospam007 ( 722110 ) * , Monday May 28, 2012 @02:39PM ( #40136445 )Re:What did the military expect? ( Score: 4 , Interesting)"Even if this case turns out to be a false alarm, allowing a nation that you repeatedly refer to as a 'near-peer competitor' to build parts of your high-tech weaponry is idiotic."
Not to mention the non-backdoor ones.
'Bogus electronic parts from China have infiltrated critical U.S. defense systems and equipment, including Navy helicopters and a commonly used Air Force cargo aircraft, a new report says.'
http://articles.dailypress.com/2012-05-23/news/dp-nws-counterfeit-chinese-parts-20120523_1_fake-chinese-parts-counterfeit-parts-air-force-c-130j [dailypress.com]
0123456 ( 636235 ) , Monday May 28, 2012 @02:04PM ( #40136219 )Re:Should only buy military components from allies ( Score: 3 , Funny)The US military should have a strict policy of only buying military parts from sovereign, free, democratic countries with a long history of friendship, such as Israel, Canada, Europe, Japan and South Korea.Didn't the US and UK governments sell crypto equipment they knew they could break to their 'allies' during the Cold War?
tlhIngan ( 30335 ) writes: < slashdot@[ ]f.net ['wor' in gap] > on Monday May 28, 2012 @03:30PM ( #40136781 )Re:Should only buy military components from allies ( Score: 5 , Insightful)Second problem.... 20 years ago the DOD had their own processor manufacturing facilities, IC chips, etc. They were shut down in favor of commercial equipment because some idiot decided it was better to have an easier time buying replacement parts at Radioshack than buying quality military-grade components that could last in austere environments. (Yes, speaking from experience). Servers and workstations used to be built from the ground up at places like Tobyhanna Army Depot. Now, servers and workstations are bought from Dell.Fabs are expensive. The latest generation nodes cost billions of dollars to set up and billions more to run. If they aren't cranking chips out 24/7, they're literally costing money. Yes, I know it's hte military, but I'm sure people have a hard time justifying $10B every few years just to fab a few chips. One of the biggest developments in the 90s was the development of foundries that let anyone with a few tens of millions get in the game of producing chips rather than requiring billions in startup costs. Hence the startup of tons of fabless companies selling chips.
OK, another option is to buy a cheap obsolete fab and make chips that way - much cheaper to run, but we're also talking maybe 10+ year old technology, at which point the chips are going to be slower and take more power.
Also, building your own computer from the ground up is expensive - either you buy the designs of your servers from say, Intel, or design your own. If you buy it, it'll be expensive and probably require your fab to be upgraded (or you get stuck with an old design - e.g., Pentium (the original) - which Intel bought back from the DoD because the DoD had been debugging it over the decade). If you went with the older cheaper fab, the design has to be modified to support that technology (you cannot just take a design and run with it - you have to adapt your chip to the foundry you use).
If you roll your own, that becomes a support nightmare because now no one knows the system.
And on the taxpayer side - I'm sure everyone will question why you're spending billions running a fab that's only used at 10% capacity - unless you want the DoD getting into the foundry business with its own issues.
Or, why is the military spending so much money designing and running its own computer architecture and support services when they could buy much cheaper machines from Dell and run Linux on them?
Hell, even if the DoD had budget for that, some bean counter will probably do the same so they can save money from one side and use it to buy more fighter jets or something.
30+ years ago, defense spending on electronics formed a huge part of the overall electronics spending. These days, defense spending is but a small fraction - it's far more lucrative to go after the consumer market than the military - they just don't have the economic clout they once had. End result is the military is forced to buy COTS ICs, or face stuff like a $0.50 chip costing easily $50 or more for same just because the military is a bit-player for semiconductors
__aaltlg1547 ( 2541114 ) , Monday May 28, 2012 @02:29PM ( #40136361 )Genda ( 560240 ) writes: < <ten.tog> <ta> <teiram> > on Monday May 28, 2012 @03:46PM ( #40136857 ) JournalRe:Should only buy military components from allies ( Score: 2 )Anybody remember Jonathan Pollard?
Re:Should only buy military components from allies ( Score: 2 )You do know that the Mossad has been caught stealing and collecting American Top Secrets. In fact most of the nations above save perhaps Canada have at one time or another been caught either spying on us, or performing dirty deeds cheap against America's best interest. I'd say for the really classified stuff, like the internal security devices that monitor everything else... homegrown only thanks, and add that any enterprising person who's looking to get paid twice by screwing with the hardware or selling secrets to certified unfriendlies get's to cools their heels for VERY LONG TIME.
NixieBunny ( 859050 ) , Monday May 28, 2012 @01:34PM ( #40136025 ) HomepageThe actual article ( Score: 5 , Informative)The original article is here. [cam.ac.uk] It refers to an Actel ProAsic3 chip, which is an FPGA with internal EEPROM to store the configuration.
Anonymous Coward , Monday May 28, 2012 @02:09PM ( #40136249 )Re:The actual article ( Score: 5 , Interesting)From your much more useful link,
We investigated the PA3 backdoor problem through Internet searches, software and hardware analysis and found that this particular backdoor is not a result of any mistake or an innocent bug, but is instead a deliberately inserted and well thought-through backdoor that is crafted into, and part of, the PA3 security system. We analysed other Microsemi/Actel products and found they all have the same deliberate backdoor. Those products include, but are not limited to: Igloo, Fusion and Smartfusion.we have found that the PA3 is used in military products such as weapons, guidance, flight control, networking and communications. In industry it is used in nuclear power plants, power distribution, aerospace, aviation, public transport and automotive products. This permits a new and disturbing possibility of a large scale Stuxnet-type attack via a network or the Internet on the silicon itself. If the key is known, commands can be embedded into a worm to scan for JTAG, then to attack and reprogram the firmware remotely.emphasis mine. Key is retrieved using the backdoor. Frankly, if this is true, Microsemi/Actel should get complete ban from all government contracts, including using their chips in any item build for use by the government.
NixieBunny ( 859050 ) , Monday May 28, 2012 @02:44PM ( #40136487 ) HomepageRe:The actual article ( Score: 3 )I would not be surprised if it's a factory backdoor that's included in all their products, but is not documented and is assumed to not be a problem because it's not documented.
With regard to reprogramming the chip remotely or by the FPGA itself via the JTAG port: A secure system is one that can't reprogram itself.
When I was designing VMEbus computer boards for a military subcontractor many years ago, every board had a JTAG connector that required the use of another computer with a special cable plugged into the board to perform reprogramming of the FPGAs. None of this update-by-remote-control crap.
Blackman-Turkey ( 1115185 ) , Monday May 28, 2012 @02:19PM ( #40136305 )Re:The actual article ( Score: 3 , Informative)No source approved [dla.mil] for Microsemi (Actel) qualified chips in China. If you use non-approved sources then, well, shit happens (although how this HW backdoor would be exploited is kind of unclear).
It seems that People's Republic of China has been misidentified with Taiwan (Republic of China).
6031769 ( 829845 ) , Monday May 28, 2012 @01:35PM ( #40136031 ) Homepage JournalWait and see ( Score: 5 , Informative)Either the claims will be backed up by independently reproduced tests or they won't. But, given his apparent track record in this area and the obvious scrutiny this would bring, Skorobogatov must have been sure of his results before announcing this.
Here's his publications list from his University home page, FWIW: http://www.cl.cam.ac.uk/~sps32/#Publications [cam.ac.uk]
Anonymous Coward , Monday May 28, 2012 @01:36PM ( #40136039 )samzenpus will be looking for a new job soon ( Score: 3 , Funny)Even though this story has been blowing-up on Twitter, there are a few caveats. The backdoor doesn't seem to have been confirmed by anyone else, Skorobogatov is a little short on details, and he is trying to sell the scanning technology used to uncover the vulnerability.Hey hey HEY! You stop that right this INSTANT, samzenpus! This is Slashdot! We'll have none of your "actual investigative research" nonsense around here! Fear mongering to sell ad space, mister, and that's ALL! Now get back to work! We need more fluffy space-filling articles like that one about the minor holiday labeling bug Microsoft had in the UK! That's what we want to see more of!
laing ( 303349 ) , Monday May 28, 2012 @02:08PM ( #40136243 )Requires Physical Access ( Score: 5 , Informative)The back-door described in the white paper requires access to the JTAG (1149.1) interface to exploit. Most deployed systems do not provide an active external interface for JTAG. With physical access to a "secure" system based upon these parts, the techniques described in the white paper allow for a total compromise of all IP within. Without physical access, very little can be done to compromise systems based upon these parts.
vlm ( 69642 ) , Monday May 28, 2012 @03:34PM ( #40136807 )Where was it designed in? ( Score: 3 )Where was this undocumented feature/bug designed in? I see plenty of "I hate China" posts, it would be quite hilarious if the fedgov talked the US mfgr into adding this backdoor, then the Chinese built it as designed. Perhaps the plan all along was to blame the Chinese if they're caught.
These are not military chips. They are FPGAs that happen to be used occasionally for military apps. Most of them are sold for other, more commercially exploitable purposes.
time961 ( 618278 ) , Monday May 28, 2012 @03:51PM ( #40136887 )Big risk is to "secret sauce" for comms & cryp ( Score: 5 , Informative)This is a physical-access backdoor. You have to have your hands on the hardware to be able to use JTAG. It's not a "remote kill switch" driven by a magic data trigger, it's a mechanism that requires use of a special connector on the circuit board to connect to a dedicated JTAG port that is simply neither used nor accessible in anything resembling normal operation.
That said, it's still pretty bad, because hardware does occasionally end up in the hands of unfriendlies (e.g., crashed drones). FPGAs like these are often used to run classified software radio algorithms with anti-jam and anti-interception goals, or to run classified cryptographic algorithms. If those algorithms can be extracted from otherwise-dead and disassembled equipment, that would be bad--the manufacturer's claim that the FPGA bitstream can't be extracted might be part of the system's security certification assumptions. If that claim is false, and no other counter-measures are place, that could be pretty bad.
Surreptitiously modifying a system in place through the JTAG port is possible, but less of a threat: the adversary would have to get access to the system and then return it without anyone noticing. Also, a backdoor inserted that way would have to co-exist peacefully with all the other functions of the FPGA, a significant challenge both from an intellectual standpoint and from a size/timing standpoint--the FPGA may just not have enough spare capacity or spare cycles. They tend to be packed pretty full, 'coz they're expensive and you want to use all the capacity you have available to do clever stuff.
Fnord666 ( 889225 ) , Monday May 28, 2012 @09:16PM ( #40138557 ) JournalRe:Big risk is to "secret sauce" for comms & c ( Score: 4 , Insightful)This is a physical-access backdoor. You have to have your hands on the hardware to be able to use JTAG. It's not a "remote kill switch" driven by a magic data trigger, it's a mechanism that requires use of a special connector on the circuit board to connect to a dedicated JTAG port that is simply neither used nor accessible in anything resembling normal operation.Surreptitiously modifying a system in place through the JTAG port is possible, but less of a threat: the adversary would have to get access to the system and then return it without anyone noticing.
As someone else mentioned in another post, physical access can be a bit of a misnomer. Technically all that is required is for a computer to be connected via the JTAG interface in order to exploit this. This might be a diagnostic computer for example. If that diagnostic computer were to be infected with a targeted payload, there is your physical access.
nurb432 ( 527695 ) , Monday May 28, 2012 @02:43PM ( #40136477 ) Homepage Journalrtfa-troll ( 1340807 ) , Monday May 28, 2012 @03:22PM ( #40136743 )Re:Is it called JTAG? ( Score: 2 )I agree it most likely wasn't malicious, but its more than careless, its irresponsible, especially when dealing with military contracts.
Re:No China link yet, probably a US backdoor ( Score: 2 )There is no China link to the backdoor yet.The page with a link to the final paper actually does mention China. However, it's an American design from a US company. I suspect we will find the backdoor was in the original plans. It will be interesting to see however.
|
|
|
Oct 04, 2018 | www.zerohedge.com
Today, Bloomberg BusinessWeek published a story claiming that AWS was aware of modified hardware or malicious chips in SuperMicro motherboards in Elemental Media's hardware at the time Amazon acquired Elemental in 2015, and that Amazon was aware of modified hardware or chips in AWS's China Region.
As we shared with Bloomberg BusinessWeek multiple times over the last couple months, this is untrue. At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems. Nor have we engaged in an investigation with the government.
There are so many inaccuracies in this article as it relates to Amazon that they're hard to count. We will name only a few of them here. First, when Amazon was considering acquiring Elemental, we did a lot of due diligence with our own security team, and also commissioned a single external security company to do a security assessment for us as well. That report did not identify any issues with modified chips or hardware. As is typical with most of these audits, it offered some recommended areas to remediate, and we fixed all critical issues before the acquisition closed. This was the sole external security report commissioned. Bloomberg has admittedly never seen our commissioned security report nor any other (and refused to share any details of any purported other report with us).
The article also claims that after learning of hardware modifications and malicious chips in Elemental servers, we conducted a network-wide audit of SuperMicro motherboards and discovered the malicious chips in a Beijing data center. This claim is similarly untrue. The first and most obvious reason is that we never found modified hardware or malicious chips in Elemental servers. Aside from that, we never found modified hardware or malicious chips in servers in any of our data centers. And, this notion that we sold off the hardware and datacenter in China to our partner Sinnet because we wanted to rid ourselves of SuperMicro servers is absurd. Sinnet had been running these data centers since we launched in China, they owned these data centers from the start, and the hardware we "sold" to them was a transfer-of-assets agreement mandated by new China regulations for non-Chinese cloud providers to continue to operate in China.
Amazon employs stringent security standards across our supply chain – investigating all hardware and software prior to going into production and performing regular security audits internally and with our supply chain partners. We further strengthen our security posture by implementing our own hardware designs for critical components such as processors, servers, storage systems, and networking equipment.
Security will always be our top priority. AWS is trusted by many of the world's most risk-sensitive organizations precisely because we have demonstrated this unwavering commitment to putting their security above all else. We are constantly vigilant about potential threats to our customers, and we take swift and decisive action to address them whenever they are identified.
– Steve Schmidt, Chief Information Security Officer
Trumptards are IDIOTs
CashMcCall , 5 hours ago
CashMcCall , 5 hours agoTRUMPTARDS have an enormous amount of surplus time on their hands to forward their Harry Potter Styled Conspiracies.
APPLE AND AMAZON DENIED THE STORY. STORY OVER... GET IT CREEPY?
Urban Roman , 5 hours agoWhile TRUMPTARDS were posting their Conspiracy Theories and the "TrumpEXPERTS" were embellishing the ridiculous story with their lavish accounts of chip bug design, I was enjoying a Bloomberg windfall.
Having confirmed early that the story was False since AMAZON and APPLE BOTH DENIED IT... and their stock was not moving, I turned to Supermicro which was plunging and down over 50%. I checked the options, and noted they were soft, so I put in bids for long shares and filled blocks at 9 from two accounts.
The moronic TRUMPTARD Conspiracy posts continued, Supermicro is now up over 13.
That is the difference between having a brain in your head or having TRUMPTARD **** FOR BRAINS...
Chairman , 5 hours agoOn second thought, this story is just ********. Note that the BBG story never mentions the backdoors that were talked about for over a decade, nor did they mention Mr. Snowden's revelation that those backdoors do exist, and are being used, by the surveillance state.
Since the Chinese factories are manufacturing these things, they'd have all the specs and the blobs and whatever else they need, and would never require a super-secret hardware chip like this. Maybe this MITM chip exists, and maybe it doesn't. But there's nothing to keep China from using the ME on any recent Intel chip, or the equivalent on any recent AMD chip, anywhere.
The purpose of this article is to scare you away from using Huawei or ZTE for anything, and my guess is that it is because those companies did not include these now-standard backdoors in their equipment. Maybe they included Chinese backdoors instead, but again, they wouldn't need a tiny piece of hardware for this MITM attack, since modern processors are all defective by design.
DisorderlyConduct , 4 hours agoI think I will start implementing this as an interview question. If a job candidate is stupid enough to believe this **** then they will not work for me.
Kendle C , 5 hours agoWell, hmmm, could be. To update a PCB is actually really poor work. I would freak my biscuits if I received one of my PCBs with strange pads, traces or parts.
To substitute a part is craftier. To change the content of a part is harder, and nigh impossible to detect without xray.
Even craftier is to change VHDL code in an OTP chip or an ASIC. The package and internal structure is the same but the fuses would be burned different. No one would likely detect this unless they were specifically looking for it.
AllBentOutOfShape , 5 hours agoWell written propaganda fails to prove claims. Everybody in networking and IT knows that switches and routers have access to root, built in, often required by government, backdoors. Scripts are no big thing often used to speed up updates, backups, and troubleshooting. So when western manufacturers began shoveling their work to Taiwan and China, with them they sent millions of text files, including instructions for backdoor access, the means and technology (to do what this **** article is claiming) to modify the design, even classes with default password and bypass operations for future techs. We were shoveling hand over foot designs as fast as we could...all for the almighty dollar while stiffing American workers. So you might say greed trumped security and that fault lies with us. So stuff this cobbled together propaganda piece, warmongering ****.
skunzie , 6 hours agoZH has definitely been co-oped. This is just the latest propaganda ******** article of the week they've come out with. I'm seeing more and more articles sourced from well known propaganda outlets in recent months.
PrivetHedge , 6 hours agoReminds me of how the US pulled off covert espionage of the Russians in the 70's using Xerox copiers. The CIA inserted trained Xerox copy repairmen to handle repairs on balky copiers in Russian embassies, etc. When a machine was down the technician inserted altered motherboards which would transmit future copies directly to the CIA. This is a cautionary tale for companies to cover their achilles heel (weakest point) as that is generally the easiest way to infiltrate the unsuspecting company.
CashMcCall , 6 hours agoWhat another huge load of bollocks from our pharisee master morons.
I guess they think we're as stupid as they are.
smacker , 7 hours agoBut but but the story came from one of the chosen money changers Bloomberg... everyone knows a *** would never lie or print a false story at the market open
Stinkbug 1 , 7 hours agoWith all the existing ***** chips and backdoors on our computers and smartphones planted by the CIA, NSA, M$, Goolag & friends, and now this chip supposedly from China, it won't be long before there's no space left in RAM and on mobos for the chips that actually make the device do what we bought it to do.
I Write Code , 7 hours agothis was going on 20 years ago when it was discovered that digital picture frames from china were collecting passwords and sending them back. it was just a test, so didn't get much press.
now they have the kinks worked out, and are ready for the coup de grace.
ChecksandBalances , 7 hours agoFedPool , 7 hours agoThis story seemed to die. Did anyone find anything indicating someone on our side has actually got a look at the malicious chip, assuming it exists? Technical blogs have nothing, only news rags like NewsMaxx. If 30 companies had these chips surely someone has one. This might be one huge fake news story. Why Bloomberg would publish it is kind of odd.
underlying , 7 hours agoProbably a limited evaluation operation to gauge the population's appetite for war. Pentagram market research. They're probably hitting all of the comment sections around the web as we speak. Don't forget to wave 'hi'.
Heya warmongers. No, we don't want a war yet, k thanks.
Urban Roman , 5 hours agoSince were on the topic let's take a look at the scope hacking tools known to the general public known prior to the Supermicro Server Motherboard Hardware Exploit; (P.S. What the **** do you expect when you have Chinese state owned enterprises, at minimum quasi state owned enterprises in special economic development zones controlled by the Chinese communist party, building motherboards?)
Snowden NSA Leaks published in the gaurdian/intercept
https://www.theguardian.com/us-news/the-nsa-files
Wikileaks Vault 7 etc....
Spector/Meltdown vulnerability exploits
https://leeneubecker.com/grc-releases-test-tool-spectre-and-meltdown-vulnerabilities/
Random list compiled by TC bitches
https://techcrunch.com/2017/03/09/names-and-definitions-of-leaked-cia-hacking-tools/
This does not include the private/corporate sector hacking pen testing resources and suites which are abundant and easily available to **** up the competition in their own right.
Moribundus , 8 hours agoExactly. Why would they ever need a super-micro-man-in-the-middle-chip?
Maybe this 'chip' serves some niche in their spycraft, but the article in the keypost ignores a herd of elephants swept under the carpet, and concentrates on a literal speck of dust.
Dr. Acula , 8 hours agoA US-funded biomedical laboratory in Georgia may have conducted bioweapons research under the guise of a drug test, which claimed the lives of at least 73 subjects...new documents "allow us to take a fresh look" at outbreaks of African swine fever in southern Russia in 2007-2018, which "spread from the territory of Georgia into the Russian Federation, European nations and China. The infection strain in the samples collected from animals killed by the disease in those nations was identical to the Georgia-2007 strain." https://www.rt.com/news/440309-us-georgia-toxic-bioweapon-test/
"In a Senate testimony this past February, six major US intelligence heads warned that American citizens shouldn't use Huawei and ZTE products and services." - https://www.theverge.com/2018/5/2/17310870/pentagon-ban-huawei-zte-phones-retail-stores-military-bases
Are these the same intelligence agencies that complain about Russian collusion and cover up 9/11 and pizzagate?
|
|
|
Sep 04, 2018 | news.slashdot.org
msmash on Tuesday September 04, 2018 @10:50AM from the how-about-that deptWest Virginia's Attorney General Patrick Morrisey, who's currently running for U.S. Senate, announced Tuesday that he's partnering with two local community and technical colleges to connect senior citizens with college students for free cybersecurity training .
The announcement comes amid rising cyber scams, many of which are targeted at elderly.
|
|
|
Aug 22, 2018 | www.howtogeek.com
October 4th, 2016
When you frequently use a long-standing and convenient feature in Windows, then suddenly see it removed from the latest version, it can be very frustrating. How do you get the missing feature back? Today's SuperUser Q&A post has some helpful solutions to a reader's "recent file" woes.
Today's Question & Answer session comes to us courtesy of SuperUser -- a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
The QuestionSuperUser reader Mr. Boy wants to know how to get the "All Recent Files" list back in Windows 10:
I can find the listings for recent items, but these only seem to let me see recent items opened by a particular app. For example, I can look at Microsoft Word's icon and see the documents recently opened in it.
I am unable to find a simple "these are the last ten documents/files opened with any application", which is very useful if I have not pinned the apps in question to my taskbar. This feature used to exist in Windows XP as "My Recent Documents":
Is there a way to get this functionality back in Windows 10? For example, I open doc.docx, sheet.xlsl, options.txt, picture.bmp, etc. with different apps and then see these items all listed in one place indicating the files that I have most recently accessed?
How do you get the "All Recent Files" list functionality back in Windows 10?
The AnswerSuperUser contributors Techie007 and thilina R have the answer for us. First up, Techie007:
I believe that the new way of thinking at Microsoft during the Start Menu's redesign process was that if you want to access "files", then you should open the File Explorer to access them instead of the Start Menu.
To that end, when you open the File Explorer, it will default to Quick Access , which includes a list of Recent Files like the example shown here:
Followed by the answer from thilina R:
Method 1: Use the Run Dialog Box
- Open the Run Dialog Box with the keyboard shortcut Windows Key+R
- Enter shell:recent
This will open the folder listing all of your recent items. The list can be quite long and may contain items that are not as recent, and you may even want to delete some of them.
Note: The contents of the Recent Items folder is different from the contents of the File Explorer entry Recent Places, which contains folders that have been recently visited rather than files. They often have quite different contents.
Method 2: Make a Desktop Shortcut to the Recent Items Folder
If you like (or need) to look at the contents of the Recent Items folder on a frequent basis, you may want to create a shortcut on your desktop:
- Right-click on the desktop
- In the Context Menu , choose New
- Select Shortcut
- In the box, "type the location of the item", enter %AppData%\Microsoft\Windows\Recent\
- Click Next
- Name the shortcut Recent Items or a different name if desired
- Click Finish
You can also pin this shortcut to the taskbar or place it in another convenient location.
Method 3: Add Recent Items to the Quick Access Menu
The Quick Access Menu (also called the Power User's Menu ) is another possible place to add an entry for Recent Items . This is the menu opened by the keyboard shortcut Windows Key+X . Use the path:
- %AppData%\Microsoft\Windows\Recent\
Contrary to what some articles on the Internet say, you cannot simply add shortcuts to the folder that is used by the Quick Access Menu . For security reasons, Windows will not allow additions unless the shortcuts contain certain code. The utility Windows Key+X menu editor takes care of that problem.
Source: Three Ways to Easily Access Your Most Recent Documents and Files in Windows 8.x [Gizmo's Freeware] Note: The original article was for Windows 8.1, but this works on Windows 10 at the time of writing this.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here .
Image/Screenshot Credit: Techie007 (SuperUser)
|
|
|
Aug 22, 2018 | www.moonofalabama.org
librul | Aug 21, 2018 11:04:43 PM | 48
Can we see Microsoft's actions today as a salespitch?
The Defense Department on Thursday officially began accepting proposals for its highly-anticipated Joint Enterprise Defense Infrastructure cloud contract. The JEDI contract will be awarded to a single cloud provider -- an issue many tech companies rallied against -- and will be valued at up to $10 billion over 10 years, according to the final request for proposal. The contract itself will put a commercial company in charge of hosting and distributing mission-critical workloads and classified military secrets to warfighters around the globe in a single war cloud.As some of the biggest U.S. technology companies have lined up to bid on the $10 billion contract to create a massive Pentagon cloud computing network, the behind-the-scenes war to win it has turned ugly.In the running are Amazon Web Services, IBM and Microsoft. Winning this contract gives the winner an advantage in winning future related contracts.
|
|
|
Aug 02, 2018 | turcopolier.typepad.com
richardstevenhack -> Bill Herschel , a day ago
Yes, PostgreSQL is very good. It's open source, meaning the source code is available for inspection, so if there was anything suspicious about it, it would likely have been caught before now. Of course, bugs and security issues might well remain, regardless.Russians make a lot of good software. Their computer training in universities has always been first rate.
This is similar to the big issue over the Kaspersky company, a major manufacturer of a high-quality antimalware suite, being Russian. The US has made it a big issue, passing regulations that prohibit US government offices from using it, forcing Kaspersky to consider moving to Switzerland. I don't think many people in the infosec community have any concerns about Kaspersky being Russian. They've been in the antimalware business for quite a while and always get top marks in the independent antimalware tests.
There was a big row over Kaspersky's software actually doing its job and detecting malware on an NSA officer's personal workstation at home, where he was conducting development in an unauthorized manner. The software did as it is designed, which is upload the suspicious software to Kaspersky's servers for analysis. This was represented by the US government as some sort of "spying for the Russian intelligence community" by Kaspersky. The US government also made a big deal over the fact that Kaspersky does work with the Russian government on computer security issues, as one would expect of such a company.
The whole thing is just another example of "Russian Derangement Syndrome."
|
|
|
Aug 01, 2018 | turcopolier.typepad.com
- richardstevenhack -> Bill Herschel , a day ago
Yes, PostgreSQL is very good. It's open source, meaning the source code is available for inspection, so if there was anything suspicious about it, it would likely have been caught before now. Of course, bugs and security issues might well remain, regardless.Russians make a lot of good software. Their computer training in universities has always been first rate.
This is similar to the big issue over the Kaspersky company, a major manufacturer of a high-quality antimalware suite, being Russian. The US has made it a big issue, passing regulations that prohibit US government offices from using it, forcing Kaspersky to consider moving to Switzerland. I don't think many people in the infosec community have any concerns about Kaspersky being Russian. They've been in the antimalware business for quite a while and always get top marks in the independent antimalware tests.
There was a big row over Kaspersky's software actually doing its job and detecting malware on an NSA officer's personal workstation at home, where he was conducting development in an unauthorized manner. The software did as it is designed, which is upload the suspicious software to Kaspersky's servers for analysis. This was represented by the US government as some sort of "spying for the Russian intelligence community" by Kaspersky. The US government also made a big deal over the fact that Kaspersky does work with the Russian government on computer security issues, as one would expect of such a company.
The whole thing is just another example of "Russian Derangement Syndrome."
|
|
|
Jul 05, 2018 | www.theamericanconservative.com
...Stuxnet, which was thought to be a joint American-Israeli assault on Iran's nuclear program. And there are reports of U.S. attempts to similarly hamper North Korean missile development. Some consider such direct attacks on other governments to be akin to acts of war. Would Washington join Moscow in a pledge to become a good cyber citizen?
|
|
|
Jun 19, 2018 | www.zerohedge.com
A 29-year-old former CIA computer engineer, Joshua Adam Schulte, was indicted Monday by the Department of Justice on charges of masterminding the largest leak of classified information in the spy agency's history .
Schulte, who created malware for the U.S. Government to break into adversaries computers, has been sitting in jail since his August 24, 2017 arrest on unrelated charges of posessing and transporting child pornography - which was discovered in a search of his New York apartment after Schulte was named as the prime suspect in the cyber-breach one week after WikiLeaks published the "Vault 7" series of classified files. Schulte was arrested and jailed on the child porn charges while the DOJ ostensibly built their case leading to Monday's additional charges.
[I]nstead of charging Mr. Schulte in the breach, referred to as the Vault 7 leak, prosecutors charged him last August with possessing child pornography, saying agents had found 10,000 illicit images on a server he created as a business in 2009 while studying at the University of Texas at Austin.
Court papers quote messages from Mr. Schulte that suggest he was aware of the encrypted images of children being molested by adults on his computer, though he advised one user, "Just don't put anything too illegal on there." - New York Times
Monday's DOJ announcement adds new charges related to stealing classified national defense information from the Central Intelligence Agency in 2016 and transmitting it to WikiLeaks ("Organization-1").
The Vault 7 release - a series of 24 documents which began to publish on March 7, 2017 - reveal that the CIA had a wide variety of tools to use against adversaries, including the ability to "spoof" its malware to appear as though it was created by a foreign intelligence agency , as well as the ability to take control of Samsung Smart TV's and surveil a target using a "Fake Off" mode in which they appear to be powered down while eavesdropping.
The CIA's hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity .
...
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from .
UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques . - WikiLeaks
Schulte previously worked for the NSA before joining the CIA, then "left the intelligence community in 2016 and took a job in the private sector," according to a statement reviewed in May by The Washington Post .
Schulte also claimed that he reported "incompetent management and bureaucracy" at the CIA to that agency's inspector general as well as a congressional oversight committee. That painted him as a disgruntled employee, he said, and when he left the CIA in 2016, suspicion fell upon him as "the only one to have recently departed [the CIA engineering group] on poor terms," Schulte wrote. - WaPo
Part of that investigation, reported WaPo, has been analyzing whether the Tor network - which allows internet users to hide their location (in theory) "was used in transmitting classified information."
In other hearings in Schulte's case, prosecutors have alleged that he used Tor at his New York apartment, but they have provided no evidence that he did so to disclose classified information. Schulte's attorneys have said that Tor is used for all kinds of communications and have maintained that he played no role in the Vault 7 leaks. - WaPo
Schulte says he's innocent: " Due to these unfortunate coincidences the FBI ultimately made the snap judgment that I was guilty of the leaks and targeted me," Schulte said. He launched Facebook and GoFundMe pages to raise money for his defense, which despite a $50 million goal, has yet to r eceive a single donation.
The Post noted in May, the Vault 7 release was one of the most significant leaks in the CIA's history , "exposing secret cyberweapons and spying techniques that might be used against the United States, according to current and former intelligence officials."The CIA's toy chest includes:
- Tools code named " Marble " can misdirect forensic investigators from attributing viruses, trojans and hacking attacks to their agency by inserted code fragments in foreign languages. The tool was in use as recently as 2016. Per the WikiLeaks release:
"The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages."
- iPads / iPhones / Android devices and Smart TV's are all susceptible to hacks and malware. The agency's "Dark Matter" project reveals that the CIA has been bugging "factory fresh" iPhones since at least 2008 through suppliers. Another, " Sonic Screwdriver " allows the CIA to execute code on a Mac laptop or desktop while it's booting up.
- The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB) , which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
- The Obama administration promised to disclose all serious vulnerabilities they found to Apple, Google, Microsoft, and other US-based manufacturers. The US Government broke that commitment.
"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.
- The Frankfurt consulate is a major CIA hacking base of operations .
In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.
CIA hackers operating out of the Frankfurt consulate ( "Center for Cyber Intelligence Europe" or CCIE) are given diplomatic ("black") passports and State Department cover.
- Instant messaging encryption is a joke.
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.
- The CIA laughs at Anti-Virus / Anti-Malware programs.
CIA hackers developed successful attacks against most well known anti-virus programs. These are documented in AV defeats , Personal Security Products , Detecting and defeating PSPs and PSP/Debugger/RE Avoidance . For example, Comodo was defeated by CIA malware placing itself in the Window's "Recycle Bin" . While Comodo 6.x has a "Gaping Hole of DOOM" .
You can see the entire Vault7 release here .
A DOJ statement involving the Vault7 charges reads:
"Joshua Schulte, a former employee of the CIA, allegedly used his access at the agency to transmit classified material to an outside organization . During the course of this investigation, federal agents also discovered alleged child pornography in Schulte's New York City residence ," said Manhattan U.S. Attorney Geoffrey S. Berman.
On March 7, 2017, Organization-1 released on the Internet classified national defense material belonging to the CIA (the "Classified Information"). In 2016, SCHULTE, who was then employed by the CIA, stole the Classified Information from a computer network at the CIA and later transmitted it to Organization-1. SCHULTE also intentionally caused damage without authorization to a CIA computer system by granting himself unauthorized access to the system, deleting records of his activities, and denying others access to the system . SCHULTE subsequently made material false statements to FBI agents concerning his conduct at the CIA.
Schulte faces 135 years in prison if convicted on all 13 charges:
- Illegal Gathering of National Defense Information, 18 U.S.C. §§ 793(b) and 2
- Illegal Transmission of Lawfully Possessed National Defense Information, 18 U.S.C. §§ 793(d) and 2
- Illegal Transmission of Unlawfully Possessed National Defense Information, 18 U.S.C. §§ 793(e) and 2
- Unauthorized Access to a Computer To Obtain Classified Information, 18 U.S.C. §§ 1030(a)(1) and 2
- Theft of Government Property, 18 U.S.C. §§ 641 and 2
- Unauthorized Access of a Computer to Obtain Information from a Department or Agency of the United States, 18 U.S.C. §§ 1030(a)(2) and 2
- Causing Transmission of a Harmful Computer Program, Information, Code, or Command, 18 U.S.C. §§ 1030(a)(5) and 2
- Making False Statements, 18 U.S.C. §§ 1001 and 2
- Obstruction of Justice, 18 U.S.C. §§ 1503 and 2
- Receipt of Child Pornography, 18 U.S.C. §§ 2252A(a)(2)(B), (b)(1), and 2
- Possession of Child Pornography, 18 U.S.C. §§ 2252A(a)(5)(B), (b)(2), and 2
- Transportation of Child Pornography, 18 U.S.C. § 2252A(a)(1)
- Criminal Copyright Infringement, 17 U.S.C. § 506(a)(1)(A) and 18 U.S.C. § 2319(b)(1)
Billy the Poet -> Anarchyteez Mon, 06/18/2018 - 22:50 Permalink
A Sentinel -> Billy the Poet Mon, 06/18/2018 - 22:59 PermalinkSo Schulte was framed for kiddie porn because he released information about how the CIA can frame innocent people for computer crime.
A Sentinel -> CrabbyR Mon, 06/18/2018 - 23:46 PermalinkThat seems very likely.
Seems like everyone has kiddy porn magically appear and get discovered after they piss off the deep state bastards.
And the best part is that it's probably just the deep state operatives' own private pedo collections that they use to frame anyone who they don't like.
CrabbyR -> A Sentinel Tue, 06/19/2018 - 00:07 PermalinkI was thinking about the advancement of the technology necessary for that. They can do perfect fake stills already.
My thought is that you will soon need to film yourself 24/7 (with timestamps, shared with a blockchain-like verifiably) so that you can disprove fake video evidence by having a filmed alibi.
peopledontwanttruth -> Anarchyteez Mon, 06/18/2018 - 22:50 Permalinkgood point but creepy to think it can get that bad
secretargentman -> peopledontwanttruth Mon, 06/18/2018 - 22:51 PermalinkFunny how all these whistleblowers are being held for child pornography until trial.
But we have evidence of government officials and Hollyweird being involved in this perversion and they walk among us
chunga -> secretargentman Mon, 06/18/2018 - 23:12 PermalinkThose kiddy porn charges are extremely suspect, IMO.
A Sentinel -> chunga Mon, 06/18/2018 - 23:42 PermalinkIt's so utterly predictable.
The funny* thing is I believe gov, particularly upper levels, is chock full of pedophiles.
* It isn't funny, my contempt for the US gov grows practically by the hour.
SybilDefense -> A Sentinel Tue, 06/19/2018 - 00:33 PermalinkI said pretty much the same. I further speculated that it was their own porn that they use for framing operations.
cankles' server -> holdbuysell Mon, 06/18/2018 - 22:57 PermalinkIronically, every single ex gov whistle blower (/pedophile) has the exact same kiddie porn data on their secret server (hidden in plane view at the apartment). Joe CIA probably has a zip drive preloaded with titled data sets like "Podesta's Greatest Hits", "Hillary's Honey bunnies" or "Willy go to the zoo". Like the mix tapes you used to make for a new gal you were trying to date. Depending upon the mood of the agent in charge, 10,000 images of Weiner's "Warm Pizza" playlist magically appear on the server in 3-2-1... Gotcha!
These false fingerprint tactics were all over the trump accusations which started the whole Russia Russia Russia ordeal. And the Russia ordeal was conceptualized in a paid report to Podesta by the Bensenson Group called the Salvage Program when it was appearant that Trump could possible win and the DNC needed ideas on how to throw the voters off at the polls. Russia is coming /Red dawn was #1 or #2 on the list of 7 recommended ploys. The final one was crazy.. If Trump appeared to win the election, imagery of Jesus and an Alien Invasion was to be projected into the skies to cause mass panic and create a demand for free zanex to be handed out to the panic stricken.
Don't forget Black Lives Matters. That was idea #4 of this Bensenson report, to create civil unrest and a race war. Notice how BLM and Antifa manically disappeared after Nov 4. All a ploy by the Dems & the deep state to remain in control of the countrys power.
Back to the topic at hand. Its a wonder he didn't get Seth Riched. Too many porn servers and we will begin to question the legitimacy. Oh wait...
You won't find any kiddie porn on Hillary's or DeNiros laptop. Oh its there. You just will never ever hear about it.
BGO Mon, 06/18/2018 - 22:43 PermalinkThe Vault 7 release - a series of 24 documents which began to publish on March 7, 2017 - reveal that the CIA had a wide variety of tools to use against adversaries, including the ability to "spoof" its malware to appear as though it was created by a foreign intelligence agency ....
It probably can spoof child porn as well.
Is he charged with copyright infringement for pirating child porn?
Never One Roach -> BGO Mon, 06/18/2018 - 22:44 PermalinkThe intel community sure has a knack for sussing out purveyors of child pornography. It's probably just a coincidence govt agencies and child pornography are inextricably linked.
NotBuyingIt -> BGO Mon, 06/18/2018 - 23:09 PermalinkSounds like he may be a friend of Uncle Joe Biden whom we know is "very, very friendly" with the children.
DoctorFix -> BGO Mon, 06/18/2018 - 23:18 PermalinkIt's very easy for a criminal spook to plant child porn on some poor slob's machine - especially when they want to keep him on the hook to sink his ass for something bigger in the future. Who knows... this guy may have done some shit but I'm willing to bet he was entirely targeted by these IC assholes. Facing 135 years in prison... yet that baggy ass cunt Hillary walks free...
MadHatt Mon, 06/18/2018 - 22:43 PermalinkFunny how they always seem to have a "sting" operation in progress when there's anyone the DC rats want to destroy but strangely, or not, silent as the grave when one of the special people are fingered.
navy62802 -> MadHatt Mon, 06/18/2018 - 23:30 PermalinkTransportation of Child Pornography, 18 U.S.C. § 2252A(a)(1)
Uhh... what? He stole CIA child porn?
MadHatt -> navy62802 Tue, 06/19/2018 - 00:29 PermalinkNah ... that's the shit they planted on him for an excuse to make an arrest.
Never One Roach Mon, 06/18/2018 - 22:44 PermalinkIf he stole all their hacking apps, wouldn't that be enough to arrest him?
_triplesix_ Mon, 06/18/2018 - 22:46 PermalinkThat list of federal crimes is almost as long as Comey's list of Hillary Clinton's federal crimes.
_triplesix_ Mon, 06/18/2018 - 22:46 PermalinkOf all these things the C_A can do, it doesn't take a brain surgeon to realize that planting CP on a computer of someone you don't like would be a piece of cake, comparatively speaking.
Giant Meteor -> _triplesix_ Mon, 06/18/2018 - 22:51 PermalinkOf all these things the C_A can do, it doesn't take a brain surgeon to realize that planting CP on a computer of someone you don't like would be a piece of cake, comparatively speaking.
PigMan Mon, 06/18/2018 - 22:50 PermalinkIt probably comes standard now buried within systems, like a sleeper cell. Just waiting for the right infraction and trigger to be pulled ..
ConnectingTheDots Mon, 06/18/2018 - 22:56 PermalinkDid he also leak that the CIA's favorite tactic is to plant kiddie porn on their targets computer?
Chupacabra-322 Mon, 06/18/2018 - 23:14 PermalinkThe alphabet agencies would never hack someone's computer.
The alphabet agencies would never spy on US citizens (at least not wittingly)
The alphabet agencies would never plant physical evidence.
The alphabet agencies would never lie under oath.
The alphabet agencies would never have an agenda.
The alphabet agencies would never provide the media with false information.
/s
ZIRPdiggler -> Chupacabra-322 Tue, 06/19/2018 - 00:29 PermalinkThe "Spoofing" or Digital Finger Print & Parallel Construction tools that can be used against Governments, Individuals, enemies & adversaries are Chilling.
The CIA can not only hack into anything -- they can download any "evidence" they want onto your phone or computer. Child pornography, national secrets, you name it. Then they can blackmail you, threatening prosecution for whatever crap they have planted, then "found" on your computer. They can also "spoof" the source of such downloads -- for instance, if they want to "prove" that something on your computer (or Donald Trump's computer) came from a "Russian source" -- they can spoof the IP address of a Russian source.
The take-away: no digital evidence the CIA or NSA produces on any subject whatsoever can be trusted. No digital evidence should be acceptable in any case where the government has an interest, because they have the complete ability to fabricate and implant any evidence on any iphone or computer. And worse: they have intentionally created these digital vulnerabilities and pushed them onto the whole world via Microsoft and Google. Government has long been at war with liberty, claiming that we need to give up liberty to be secure. Now we learn that they have been deliberately sabotaging our security, in order to augment their own power. Time to shut down the CIA and all the other spy agencies. They're not keeping us free OR secure, and they're doing it deliberately. Their main function nowadays seems to be lying us into wars against countries that never attacked us, and had no plans to do so.
The Echelon Computer System Catch Everything
The Flagging goes to Notify the Appropriate Alphabet,,,...Key Words Phrases...Algorithms,...It all gets sucked up and chewed on and spat out to the surmised computed correct departments...That simple.
Effective immediately defund, Eliminate & Supeona it's Agents, Officials & Dept. Heads in regard to the Mass Surveillance, Global Espionage Spying network & monitoring of a President Elect by aforementioned Agencies & former President Obama, AG Lynch & DIA James Clapper, CIA John Breanan.
#SethRich
#Vault7
#UMBRAGE
moobra Mon, 06/18/2018 - 23:45 PermalinkSince 911, they've been "protecting" the shit out of us. "protecting" away every last fiber of liberty. Was watching some fact-based media about the CIA's failed plan to install Yeltsin's successor via a Wallstreet banking cartel bet (see, LTCM implosion). The ultimate objectives were to rape and loot post-Soviet Russian resources and enforce regime change. It's such a tired playbook at this point. Who DOESNT know about this sort of affront? Apparently even nobel prize economists cant prevent a nation from failing lol. The ultimate in vanity; our gubmint and its' shadow controllers.
ZIRPdiggler Tue, 06/19/2018 - 00:05 PermalinkThis is because people who are smart enough to write walware for the CIA send messages in the clear about child porn and are too dumb to encrypt images with a key that would take the lifetime of the universe to break.
Next his mother will be found to have a tax problem and his brother's credit rating zeroed out.
Meanwhile Comey will be found to have been "careless".
AGuy -> ZIRPdiggler Tue, 06/19/2018 - 00:36 PermalinkYeah I don't believe for a second that this guy had anything to do with child porn. Not like Obama and his hotdogs or Clintons at pedo island, or how bout uncle pervie podesta? go after them, goons and spooks. They (intelligence agencies) falsely accuse people of exactly what they are ass-deep in. loses credibility with me when the CIA clowns or NSA fuck ups accuse anyone of child porn; especially one of their former employees who is 'disgruntled'. LOL. another spook railroad job done on a whistleblower. fuck the CIA and all 17 alphabet agencies who spy on us 24/7. Just ask, if you want to snoop on me. I may even tell you what I'm up to because I have nothing that I would hide since, I don't give a shit about you or whether you approve of what I am doing.
rgraf Tue, 06/19/2018 - 00:05 Permalink"Yeah I don't believe for a second that this guy had anything to do with child porn."
Speculation by my part: He was running a Tor server, and the porn originated from other Tor users. If that is the case ( it would be easy for law enforcement to just assume it was his) law enforcement enjoys a quick and easy case.
ZIRPdiggler -> rgraf Tue, 06/19/2018 - 00:09 PermalinkThey shouldn't be spying, and they shouldn't keep any secrets from the populace. If they weren't doing anything wrong, they have nothing to hide.
Blue Steel 309 Tue, 06/19/2018 - 00:53 PermalinkIt really doesn't matter if someone wants to hide. That is their right. Only Nazi's like our spy agencies would use the old Gestapo line, "If you have nothing to hide then you have nothing to worry about. Or better yet, you should let me turn your life upside down if you have nothing to hide. " Bullshit! It's none of their fucking business. How bout that? Spooks and secret clowns CAN and DO frame anybody for whatever or murder whomever they wish. So why WOULDNT people be afraid when government goons start sticking their big snouts into their lives??? They can ruin your life for the sake of convenience. Zee Furor is not pleased with your attitude, comrade.
Vault 7 proves that most digital evidence should be inadmissible in court, yet I don't see anyone publishing articles about this problem.
|
|
|
May 20, 2018 | bogdan.org.ua
12th June 2016
If you had ever seen the not-so-descriptive error message
A required CD/DVD drive device driver is missing ,
then you have been trying to install Windows 7 (possibly using a bootable flash drive) on a recent laptop or desktop.There are two major obstacles for a somewhat-dated Windows 7 when it sees modern hardware:
- USB 3.0
- SSDs and newer disk drives in general
Fortunately, both problems are easy to fix.
Just follow the steps below; skip steps 1 and 2 if you already have a bootable Win7 flash drive.
Read the rest of this entry "
|
|
|
Apr 16, 2018 | www.washingtonpost.com
The unusual public warning from the White House, U.S. agencies and Britain's National Cyber Security Center follows a years-long effort to monitor the threat. The targets number in the millions, officials say, and include "primarily government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors."
... ... ...
These network devices make "ideal targets," said Manfra, Homeland Security's assistant secretary for cybersecurity and communications. Most traffic within a company or between organizations traverses them. So a hacker can monitor, modify or disrupt it, she said. And they're usually not secured at the same level as a network server.
"Once you own the router, you own the traffic that's traversing the router," she said.
... ... ...
Ellen Nakashima is a national security reporter for The Washington Post. She covers cybersecurity, surveillance, counterterrorism and intelligence issues. She has also served as a Southeast Asia correspondent and covered the White House and Virginia state politics. She joined The Post in 1995. Follow @nakashimae
jedediah smytheson, 3 hours ago
It is appropriate to reveal and decry misbehavior in cyberspace. What is not appropriate is our leaders ignoring their own responsibility to secure government networks. The sad fact is that senior leaders in government do not understand the issue and are unwilling to accept any inconvenience. The Federal government has lost huge amounts of very sensitive data of AT LEAST 100 million citizens. If I remember correctly, OPM lost 23 million electronic security clearance forms (SF 86s) with personal information not only of the person being processed for a clearance, but also of the members of that person's family. That's how I came up with over 100 million. And what was the result? Well, no one was held accountable or responsible for this incredible breach of security. More importantly, the networks are still not well secured. In summary, we will be hacked continuously until someone in Government takes this seriously and puts more resources into securing the networks rather than turning the public's attention away from their own incompetence and focusing on our adversaries.
bluefrog, 4 hours ago
Haha ... the U.K. who secretly tapped the fiber optic cables running under the Atlantic Ocean to record EVERYONE's private data is now advising against hackers! A degenerate country operating on the basis of lies and deceit, I don't trust them as far as I can throw them.
hkbctkny, 4 hours ago
This is really nothing new [ https://www.us-cert.gov/ncas/alerts/TA18-106A ] - most of this has been going on forever, even skript kiddies were on it back in the day.
The only part that might be news is if there's evidence of a concerted, targeted campaign from one very organized actor. Haven't seen the evidence presented, though, and my scans are basically what they've always been: hundreds and hundreds from residential CPE and other compromised machines from all over the world.
Update your firmware - even old devices can be updated, for the most part; turn off remote mgt (!), change the password to something that YOU set.
Make it challenging, at least.
4 hours ago
Really no different from the NSA and GCHQ..........
|
|
|
Mar 27, 2018 | it.slashdot.org
(vice.com) The story of Azimuth Security, a tiny startup in Australia, provides a rare peek inside the secretive industry that helps government hackers get around encryption . Azimuth is part of an opaque, little known corner of the intelligence world made of hackers who develop and sell expensive exploits to break into popular technologies like iOS, Chrome, Android and Tor.
|
|
|
Mar 27, 2018 | tech.slashdot.org
(theguardian.com) an anonymised, aggregate dataset of 57bn Facebook friendships . From a report: Facebook provided the dataset of "every friendship formed in 2011 in every country in the world at the national aggregate level" to Kogan's University of Cambridge laboratory for a study on international friendships published in Personality and Individual Differences in 2015. Two Facebook employees were named as co-authors of the study, alongside researchers from Cambridge, Harvard and the University of California, Berkeley. Kogan was publishing under the name Aleksandr Spectre at the time. A University of Cambridge press release on the study's publication noted that the paper was "the first output of ongoing research collaborations between Spectre's lab in Cambridge and Facebook." Facebook did not respond to queries about whether any other collaborations occurred. "The sheer volume of the 57bn friend pairs implies a pre-existing relationship," said Jonathan Albright, research director at the Tow Center for Digital Journalism at Columbia University. "It's not common for Facebook to share that kind of data. It suggests a trusted partnership between Aleksandr Kogan/Spectre and Facebook."
|
|
|
Mar 27, 2018 | tech.slashdot.org
(howtogeek.com) I'm getting sick of Windows 10's auto-installing apps. Apps like Facebook are now showing up out of nowhere, and even displaying notifications begging for me to use them. I didn't install the Facebook app, I didn't give it permission to show notifications, and I've never even used it. So why is it bugging me? Windows 10 has always been a little annoying about these apps, but it wasn't always this bad. Microsoft went from "we pinned a few tiles, but the apps aren't installed until you click them" to "the apps are now automatically installed on your PC" to " the automatically installed apps are now sending you notifications ." It's ridiculous.
|
|
|
Mar 27, 2018 | it.slashdot.org
(vice.com) spyware to everyday consumers and wiped their servers, deleting photos captured from monitored devices. A year later, the hacker has done it again . Motherboard: Thursday, the hacker said he started wiping some cloud servers that belong to Retina-X Studios, a Florida-based company that sells spyware products targeted at parents and employers, but that are also used by people to spy on their partners without their consent. Retina-X was one of two companies that were breached last year in a series of hacks that exposed the fact that many otherwise ordinary people surreptitiously install spyware on their partners' and children's phones in order to spy on them. This software has been called "stalkerware" by some.
|
|
|
Mar 27, 2018 | hardware.slashdot.org
(bbc.com) BeauHD on Monday February 19, 2018 @06:00AM from the crypto-cash dept. dryriver shares a report from BBC: News organizations have tried many novel ways to make readers pay -- but this idea is possibly the most audacious yet. If a reader chooses to block its advertising, U.S. publication Salon will use that person's computer to mine for Monero , a cryptocurrency similar to Bitcoin. Creating new tokens of a cryptocurrency typically requires complex calculations that use up a lot of computing power. Salon told readers: "We intend to use a small percentage of your spare processing power to contribute to the advancement of technological discovery, evolution and innovation." The site is making use of CoinHive, a controversial mining tool that was recently used in an attack involving government websites in the UK, U.S. and elsewhere. However, unlike that incident, where hackers took control of visitors' computers to mine cryptocurrency, Salon notifies users and requires them to agree before the tool begins mining.
|
|
|
Mar 27, 2018 | yro.slashdot.org
(torrentfreak.com) Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure . Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.
|
|
|
Mar 27, 2018 | yro.slashdot.org
(techcrunch.com) BeauHD on Tuesday March 06, 2018 @03:00AM from the head-held-high dept. MoviePass CEO Mitch Lowe told an audience at a Hollywood event last Friday that the app tracks moviegoers' locations before and after each show they watch . "We get an enormous amount of information," Lowe said. "We watch how you drive from home to the movies. We watch where you go afterwards." His talk at the Entertainment Finance Forum was entitled "Data is the New Oil: How will MoviePass Monetize It?" TechCrunch reports: It's no secret that MoviePass is planning on making hay out of the data collected through its service. But what I imagined, and what I think most people imagined, was that it would be interesting next-generation data about ticket sales, movie browsing, A/B testing on promotions in the app and so on. I didn't imagine that the app would be tracking your location before you even left your home, and then follow you while you drive back or head out for a drink afterwards. Did you? It sure isn't in the company's privacy policy , which in relation to location tracking discloses only a "single request" when selecting a theater, which will "only be used as a means to develop, improve, and personalize the service." Which part of development requires them to track you before and after you see the movie? A MoviePass representative said in a statement to TechCrunch: "We are exploring utilizing location-based marketing as a way to help enhance the overall experience by creating more opportunities for our subscribers to enjoy all the various elements of a good movie night. We will not be selling the data that we gather. Rather, we will use it to better inform how to market potential customer benefits including discounts on transportation, coupons for nearby restaurants, and other similar opportunities."
|
|
|
Mar 27, 2018 | it.slashdot.org
(bleepingcomputer.com) A massive survey of nearly 1,200 IT security practitioners and decision makers across 17 countries reveals that half the people who fell victim to ransomware infections last year were able to recover their files after paying the ransom demand. The survey, carried out by research and marketing firm CyberEdge Group, reveals that paying the ransom demand, even if for desperate reasons, does not guarantee that victims will regain access to their files . Timely backups are still the most efficient defense against possible ransomware infections, as it allows easy recovery. The survey reveals that 55% of all responders suffered a ransomware infection in 2017, compared to the previous year's study, when 61% experienced similar incidents. Of all the victims who suffered ransomware infections, CyberEdge discovered that 61.3% opted not to pay the ransom at all. Some lost files for good (8%), while the rest (53.3%) managed to recover files, either from backups or by using ransomware decrypter applications. Of the 38.7% who opted to pay the ransom, a little less than half (19.1%) recovered their files using the tools provided by the ransomware authors.
|
|
|
Mar 27, 2018 | tech.slashdot.org
(theatlantic.com) Already in 2010, it felt like a malicious attention market where people treated friends as latent resources to be optimized. Compulsion rather than choice devoured people's time. Apps like FarmVille sold relief for the artificial inconveniences they themselves had imposed. In response, I made a satirical social game called Cow Clicker. Players clicked a cute cow, which mooed and scored a "click." Six hours later, they could do so again. They could also invite friends' cows to their pasture, buy virtual cows with real money, compete for status, click to send a real cow to the developing world from Oxfam, outsource clicks to their toddlers with a mobile app, and much more. It became strangely popular, until eventually, I shut the whole thing down in a bovine rapture -- the "cowpocalypse." It's kind of a complicated story .
But one worth revisiting today, in the context of the scandal over Facebook's sanctioning of user-data exfiltration via its application platform. It's not just that abusing the Facebook platform for deliberately nefarious ends was easy to do (it was). But worse, in those days, it was hard to avoid extracting private data, for years even, without even trying. I did it with a silly cow game. Cow Clicker is not an impressive work of software. After all, it was a game whose sole activity was clicking on cows. I wrote the principal code in three days, much of it hunched on a friend's couch in Greenpoint, Brooklyn. I had no idea anyone would play it, although over 180,000 people did, eventually. And yet, if you played Cow Clicker, even just once, I got enough of your personal data that, for years, I could have assembled a reasonably sophisticated profile of your interests and behavior. I might still be able to; all the data is still there, stored on my private server, where Cow Clicker is still running, allowing players to keep clicking where a cow once stood, before my caprice raptured them into the digital void.
|
|
|
Mar 27, 2018 | it.slashdot.org
BeauHD on Monday March 12, 2018 @08:10PM from the under-the-radar dept. An anonymous reader quotes a report from Engadget: Security researchers at Kaspersky Lab have discovered what's likely to be another state-sponsored malware strain, and this one is more advanced than most. Nicknamed Slingshot, the code spies on PCs through a multi-layer attack that targets MikroTik routers . It first replaces a library file with a malicious version that downloads other malicious components, and then launches a clever two-pronged attack on the computers themselves. One, Canhadr, runs low-level kernel code that effectively gives the intruder free rein, including deep access to storage and memory; the other, GollumApp, focuses on the user level and includes code to coordinate efforts, manage the file system and keep the malware alive. Kaspersky describes these two elements as "masterpieces," and for good reason. For one, it's no mean feat to run hostile kernel code without crashes. Slingshot also stores its malware files in an encrypted virtual file system, encrypts every text string in its modules, calls services directly (to avoid tripping security software checks) and even shuts components down when forensic tools are active. If there's a common method of detecting malware or identifying its behavior, Slingshot likely has a defense against it. It's no wonder that the code has been active since at least 2012 -- no one knew it was there. Recent MikroTik router firmware updates should fix the issue. However, there's concern that other router makers might be affected.
|
|
|
Mar 24, 2018 | www.nakedcapitalism.com
Yves here. Not new to anyone who has been paying attention, but a useful recap with some good observations at the end, despite deploying the cringe-making trope of businesses having DNA. That legitimates the notion that corporations are people.By Ivan Manokha, a departmental lecturer in the Oxford Department of International Development. He is currently working on power and obedience in the late-modern political economy, particularly in the context of the development of new technologies of surveillance. Originally published at openDemocracy
The current social mobilization against Facebook resembles the actions of activists who, in opposition to neoliberal globalization, smash a McDonald's window during a demonstration.
On March 17, The Observer of London and The New York Times announced that Cambridge Analytica, the London-based political and corporate consulting group, had harvested private data from the Facebook profiles of more than 50 million users without their consent. The data was collected through a Facebook-based quiz app called thisisyourdigitallife, created by Aleksandr Kogan, a University of Cambridge psychologist who had requested and gained access to information from 270,000 Facebook members after they had agreed to use the app to undergo a personality test, for which they were paid through Kogan's company, Global Science Research.
But as Christopher Wylie, a twenty-eight-year-old Canadian coder and data scientist and a former employee of Cambridge Analytica, stated in a video interview , the app could also collect all kinds of personal data from users, such as the content that they consulted, the information that they liked, and even the messages that they posted.
In addition, the app provided access to information on the profiles of the friends of each of those users who agreed to take the test, which enabled the collection of data from more than 50 million.
All this data was then shared by Kogan with Cambridge Analytica, which was working with Donald Trump's election team and which allegedly used this data to target US voters with personalised political messages during the presidential campaign. As Wylie, told The Observer, "we built models to exploit what we knew about them and target their inner demons."
'Unacceptable Violation'
Following these revelations the Internet has been engulfed in outrage and government officials have been quick to react. On March 19, Antonio Tajani President of the European Parliament Antonio Tajani, stated in a twitter message that misuse of Facebook user data "is an unacceptable violation of our citizens' privacy rights" and promised an EU investigation. On March 22, Wylie communicated in a tweet that he accepted an invitation to testify before the US House Intelligence Committee, the US House Judiciary Committee and UK Parliament Digital Committee. On the same day Israel's Justice Ministry informed Facebook that it was opening an investigation into possible violations of Israelis' personal information by Facebook.
While such widespread condemnation of Facebook and Cambridge Analytica is totally justified, what remains largely absent from the discussion are broader questions about the role of data collection, processing and monetization that have become central in the current phase of capitalism, which may be described as 'platform capitalism', as suggested by the Canadian writer and academic Nick Srnicek in his recent book .
Over the last decade the growth of platforms has been spectacular: today, the top 4 enterprises in Forbes's list of most valuable brands are platforms, as are eleven of the top twenty. Most recent IPOs and acquisitions have involved platforms, as have most of the major successful startups. The list includes Apple, Google, Microsoft, Facebook, Twitter, Amazon, eBay, Instagram, YouTube, Twitch, Snapchat, WhatsApp, Waze, Uber, Lyft, Handy, Airbnb, Pinterest, Square, Social Finance, Kickstarter, etc. Although most platforms are US-based, they are a really global phenomenon and in fact are now playing an even more important role in developing countries which did not have developed commercial infrastructures at the time of the rise of the Internet and seized the opportunity that it presented to structure their industries around it. Thus, in China, for example, many of the most valuable enterprises are platforms such as Tencent (owner of the WeChat and QQ messaging platforms) and Baidu (China's search engine); Alibaba controls 80 percent of China's e-commerce market through its Taobao and Tmall platforms, with its Alipay platform being the largest payments platform in China.
The importance of platforms is also attested by the range of sectors in which they are now dominant and the number of users (often numbered in millions and, in some cases, even billions) regularly connecting to their various cloud-based services. Thus, to name the key industries, platforms are now central in Internet search (Google, Yahoo, Bing); social networking (Facebook, LinkedIn, Instagram, Snapchat); Internet auctions and retail (eBay, Taobao, Amazon, Alibaba); on-line financial and human resource functions (Workday, Upwork, Elance, TaskRabbit), urban transportation (Uber, Lyft, Zipcar, BlaBlaCar), tourism (Kayak, Trivago, Airbnb), mobile payment (Square Order, PayPal, Apple Pay, Google Wallet); and software development (Apple's App Store, Google Play Store, Windows App store). Platform-based solutions are also currently being adopted in more traditional sectors, such as industrial production (GE, Siemens), agriculture (John Deere, Monsanto) and even clean energy (Sungevity, SolarCity, EnerNOC).
User Profiling -- Good-Bye to Privacy
These platforms differ significantly in terms of the services that they offer: some, like eBay or Taobao simply allow exchange of products between buyers and sellers; others, like Uber or TaskRabbit, allow independent service providers to find customers; yet others, like Apple or Google allow developers to create and market apps.
However, what is common to all these platforms is the central role played by data, and not just continuous data collection, but its ever more refined analysis in order to create detailed user profiles and rankings in order to better match customers and suppliers or increase efficiency.
All this is done in order to use data to create value in some way another (to monetize it by selling to advertisers or other firms, to increase sales, or to increase productivity). Data has become 'the new oil' of global economy, a new commodity to be bought and sold at a massive scale, and with this development, as a former Harvard Business School professor Shoshana Zuboff has argued , global capitalism has become 'surveillance capitalism'.
What this means is that platform economy is a model of value creation which is completely dependant on continuous privacy invasions and, what is alarming is that we are gradually becoming used to this.
Most of the time platform providers keep track of our purchases, travels, interest, likes, etc. and use this data for targeted advertising to which we have become accustomed. We are equally not that surprised when we find out that, for example, robotic vacuum cleaners collect data about types of furniture that we have and share it with the likes of Amazon so that they can send us advertisements for pieces of furniture that we do not yet possess.
There is little public outcry when we discover that Google's ads are racially biased as, for instance, a Harvard professor Latanya Sweeney found by accident performing a search. We are equally hardly astonished that companies such as Lenddo buy access to people's social media and browsing history in exchange for a credit score. And, at least in the US, people are becoming accustomed to the use of algorithms, developed by private contractors, by the justice system to take decisions on sentencing, which often result in equally unfair and racially biased decisions .
The outrage provoked by the Cambridge Analytica is targeting only the tip of the iceberg. The problem is infinitely larger as there are countless equally significant instances of privacy invasions and data collection performed by corporations, but they have become normalized and do not lead to much public outcry.
DNA
Today surveillance is the DNA of the platform economy; its model is simply based on the possibility of continuous privacy invasions using whatever means possible. In most cases users agree, by signing the terms and conditions of service providers, so that their data may be collected, analyzed and even shared with third parties (although it is hardly possible to see this as express consent given the size and complexity of these agreements -- for instance, it took 8 hours and 59 minutes for an actor hired by the consumer group Choice to read Amazon Kindle's terms and conditions). In other instances, as in the case of Kogan's app, the extent of the data collected exceeds what was stated in the agreement.
But what is important is to understand that to prevent such scandals in the future it is not enough to force Facebook to better monitor the use of users' data in order to prevent such leaks as in the case of Cambridge Analytica. The current social mobilization against Facebook resembles the actions of activists who, in opposition to neoliberal globalization, smash a McDonald's window during a demonstration.
What we need is a total redefinition of the right to privacy (which was codified as a universal human right in 1948, long before the Internet), to guarantee its respect, both offline and online.
What we need is a body of international law that will provide regulations and oversight for the collection and use of data.
What is required is an explicit and concise formulation of terms and conditions which, in a few sentences, will specify how users' data will be used.
It is important to seize the opportunity presented by the Cambridge Analytica scandal to push for these more fundamental changes.
Arizona Slim , , March 24, 2018 at 7:38 am
Steve H. , , March 24, 2018 at 8:05 amI am grateful for my spidey sense. Thanks, spidey sense, for ringing the alarm bells whenever I saw one of those personality tests on Facebook. I never took one.
Annieb , , March 24, 2018 at 2:02 pmFirst they came for
The most efficient strategy is to be non-viable . They may come for you eventually, but someone else gets to be the canary, and you haven't wasted energy in the meantime. TOR users didn't get that figured out.
ChrisPacific , , March 25, 2018 at 4:07 pmNever took the personality test either, but now I now that all of my friends who did unknowingly gave up my personal information too. I read an article somewhere about this over a year ago so it's really old news. Sent the link to a few people who didn't care. But now that they all know that Cambridge Analytical used FB data in support of the Trump campaign it's all over the mainstream and people are upset.
HotFlash , , March 24, 2018 at 3:13 pmYou can disable that (i.e., prevent friends from sharing your info with third parties) in the privacy options. But the controls are not easy to find and everything is enabled by default.
Octopii , , March 24, 2018 at 8:06 amI haven't FB'd in years and certainly never took any such test, but if any of my friends, real or FB, did, and my info was shared, can I sue? If not, why not?
Samuel Conner , , March 24, 2018 at 8:16 amEveryone thought I was paranoid as I discouraged them from moving backups to the cloud, using trackers, signing up for grocery store clubs, using real names and addresses for online anything, etc. They thought I was overreacting when I said we need European-style privacy laws in this country. People at work thought my questions about privacy for our new location-based IoT plans were not team-based thinking.
And it turns out after all this that they still think I'm extreme. I guess it will have to get worse.
Collins , , March 24, 2018 at 9:14 amIn a first for me, there are surface-mount resistors in the advert at the top of today's NC links page. That is way out of the ordinary; what I usually see are books or bicycle parts; things I have recently purchased or searched.
But a couple of days ago I had a SKYPE conversation with a sibling about a PC I was scavenging for parts, and surface mount resistors (unscavengable) came up. I suspect I have been observed without my consent and am not too happy about it. As marketing, it's a bust; in the conversation I explicitly expressed no interest in such components as I can't install them. I suppose I should be glad for this indication of something I wasn't aware was happening.
Samuel Conner , , March 24, 2018 at 10:15 amHad you used your computer keyboard previously to search for 'surface mount resistors', or was the trail linking you & resistors entirely verbal?
Abi , , March 25, 2018 at 3:24 pmNo keyboard search. I never so much as think about surface mount components; the inquiry was raised by my sibling and I responded. Maybe its coincidental, but it seems quite odd.
I decided to click through to the site to generate a few pennies for NC and at least feel like I was punishing someone for snooping on me.
ChiGal in Carolina , , March 25, 2018 at 10:12 amIts been happening to me a lot recently on my Instagram, I don't like pictures or anything, but whenever I have a conversation with someone on my phone, I start seeing ads of what I spoke about
Eureka Springs , , March 24, 2018 at 8:44 amI thought it came out a while ago that Skype captures and retains all the dialogue and video of convos using it.
Pelham , , March 24, 2018 at 9:13 amWhat we need is a total redefinition of the right to privacy (which was codified as a universal human right in 1948, long before the Internet), to guarantee its respect, both offline and online.
Are we, readers of this post, or citizens of the USA supposed to think there is anything binding in declarations? Or anything from the UN if at all inconvenient for that matter?
https://www.un.org/en/universal-declaration-human-rights/
Article 12.No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
Platforms like facebook allow individuals to 'spy' on each other and people love it. When I was a kid i always marveled at how some households would leave a police scanner on 24/7. With the net we have this writ large with baby, puppy and tv dinner photos. Not to forget it's a narcissist paradise. I have friends who I've tried to gently over time inject tidbits of info like this article provides for many years and they still just refuse to try and get it. If they looked over their shoulder and saw how many people/entities are literally following them everywhere they go, they would become rabid gun owners (don't tread on me!) overnight, but the invisible hand/eye registers not at all.
albert , , March 24, 2018 at 6:27 pmA side note: If Facebook and other social media were to assume ANY degree of responsibility for content appearing on their platforms, they would be acknowledging their legal liability for ALL content.
Hence they would be legally responsible just as newspapers are. And major newspapers have on-staff lawyers and editors exquisitely attuned to the possibility of libelous content so they can avoid ruinous lawsuits.
If the law were applied as it should be, Facebook and its brethren wouldn't last five minutes before being sued into oblivion.
PlutoniumKun , , March 24, 2018 at 9:52 am" being sued into oblivion ." If only.
Non-liability is a product of the computer age. I remember having to agree with Microsofts policy to absolve them of -any- liability when using their software. If they had their druthers, -no- company would be liable for -anything-. It's called a 'perfect world'.
Companies that host 'social media' should not have to bear any responsibility for their users content. Newspapers employ writers and fact checkers. They are set up to monitor their staff for accuracy (Okay, in theory). So you can sue them and even their journalist employees. Being liable (and not sued) allows them to brag about how truthful they are. Reputations are a valuable commodity these days.
In the case of 'social media' providers, liability falls on the authors of their own comments, which is only fair, in my view. However, I would argue that those 'providers' should -not- be considered 'media' like newspapers, and their members should not be considered 'journalists'.
Also, those providers are private companies, and are free to edit, censor, or delete anything on their site. And of course it's automated. Some conservative Facebook members were complaining about being banned. Apparently, there a certain things you can't say on Facebook.
AFAIC, the bottom line is this: Many folks tend to believe everything they read online. They need to learn the skill of critical thinking. And realize that the Internet can be a vast wasteland; a digital garbage dump.
Why are our leaders so concerned with election meddling? Isn't our propaganda better than the Russians? We certainly pay a lot for it.
. .. . .. -- .saurabh , , March 24, 2018 at 11:43 amIt seems even Elon Musk is now rebelling against Facebook.
Musk Takes Down the Tesla and SpaceX Facebook Pages.
Today, Musk also made fun of Sonos for not being as committed as he was to the anti-Facebook cause after the connected-speaker maker said it would pull ads from the platform -- but only for a week.
"Wow, a whole week. Risky " Musk tweeted.
Jim Thomson , , March 25, 2018 at 9:39 amMusk, like Trump, knows he does not need to advertise because a fawning press will dutifully report on everything he does and says, no matter how dumb.
Daniel Mongan , , March 24, 2018 at 10:14 amThis is rich.
I can't resist: It takes a con to know a con.
(not the most insightful comment)JimTan , , March 24, 2018 at 11:12 amA thoughtful post, thanks for that. May I recommend you take a look at "All You Can Pay" (NationBooks 2015) for a more thorough treatment of the subject, together with a proposal on how to re-balance the equation. Full disclosure, I am a co-author.
JCC , , March 24, 2018 at 11:29 amPeople are starting to download copies of their Facebook data to get an understanding of how much information is being collected from them.
oh , , March 24, 2018 at 1:44 pmA reminder: https://www.youtube.com/watch?v=iRT9On7qie8
I saw this video back in 2007. It was originally put together by a Sarah Lawrence student who was working on her paper on social media. The ties of all the original investors to IN-Q-Tel scared me off and I decided to stay away from Facebook.
But it isn't just FB. Amazon, Twitter, Google, LinkedIn, Apple, Microsoft and many others do the same, and we are all caught up in it whether we agree to participate or not.
Anyone watch the NCAA Finals and see all the ads from Google about being "The Official Cloud of the NCAA"? They were flat out bragging, more or less, about surveillance of players. for the NCAA.
Platform Capitalism is a mild description, it is manipulation based on Surveillance Capitalism, pure and simple. The Macro pattern of Corporate Power subsuming the State across every area is fascinating to watch, but a little scary.
HotFlash , , March 24, 2018 at 3:27 pmCaveat Emptor: If you watch YouTube, they'll only add to the information that they already have on you!
Craig H. , , March 24, 2018 at 12:21 pmJust substitute "hook" for 'you" in the URL, you get the same video, no ads, and they claim not to track you. YMMV
Ed , , March 24, 2018 at 2:50 pmPrivacy no longer a social norm, says Facebook founder; Guardian; 10 January 2010
The Right to Privacy; Warren & Brandeis; Harvard Law Review; 15 December 1890
It was amusing that the top Google hit for the Brandeis article was JSTOR which requires us to surrender personal detail to access their site. To hell with that.
The part I like about the Brandeis privacy story is the motivation was some Manhattan rich dicks thought the gossip writers snooping around their wedding party should mind their own business. (Apparently whether this is actually true or just some story made up by somebody being catty at Brandeis has been the topic of gigabytes of internet flame wars but I can't ever recall seeing any of those.)
Craig H. , , March 24, 2018 at 3:42 pmhttps://www.zerohedge.com/news/2018-03-23/digital-military-industrial-complex-exposed
" Two young psychologists are central to the Cambridge Analytica story. One is Michal Kosinski, who devised an app with a Cambridge University colleague, David Stillwell, that measures personality traits by analyzing Facebook "likes." It was then used in collaboration with the World Well-Being Project, a group at the University of Pennsylvania's Positive Psychology Center that specializes in the use of big data to measure health and happiness in order to improve well-being. The other is Aleksandr Kogan, who also works in the field of positive psychology and has written papers on happiness, kindness, and love (according to his résumé, an early paper was called "Down the Rabbit Hole: A Unified Theory of Love"). He ran the Prosociality and Well-being Laboratory, under the auspices of Cambridge University's Well-Being Institute.
Despite its prominence in research on well-being, Kosinski's work, Cadwalladr points out, drew a great deal of interest from British and American intelligence agencies and defense contractors, including overtures from the private company running an intelligence project nicknamed "Operation KitKat" because a correlation had been found between anti-Israeli sentiments and liking Nikes and KitKats. Several of Kosinski's co-authored papers list the US government's Defense Advanced Research Projects Agency, or DARPA, as a funding source. His résumé boasts of meetings with senior figures at two of the world's largest defense contractors, Boeing and Microsoft, both companies that have sponsored his research. He ran a workshop on digital footprints and psychological assessment for the Singaporean Ministry of Defense.
For his part, Aleksandr Kogan established a company, Global Science Research, that contracted with SCL, using Facebook data to map personality traits for its work in elections (Kosinski claims that Kogan essentially reverse-engineered the app that he and Stillwell had developed). Kogan's app harvested data on Facebook users who agreed to take a personality test for the purposes of academic research (though it was, in fact, to be used by SCL for non-academic ends). But according to Wylie, the app also collected data on their entire -- and nonconsenting -- network of friends. Once Cambridge Analytica and SCL had won contracts with the State Department and were pitching to the Pentagon, Wylie became alarmed that this illegally-obtained data had ended up at the heart of government, along with the contractors who might abuse it.
This apparently bizarre intersection of research on topics like love and kindness with defense and intelligence interests is not, in fact, particularly unusual. It is typical of the kind of dual-use research that has shaped the field of social psychology in the US since World War II.
Much of the classic, foundational research on personality, conformity, obedience, group polarization, and other such determinants of social dynamics -- while ostensibly civilian -- was funded during the cold war by the military and the CIA. The cold war was an ideological battle, so, naturally, research on techniques for controlling belief was considered a national security priority. This psychological research laid the groundwork for propaganda wars and for experiments in individual "mind control."
The pioneering figures from this era -- for example, Gordon Allport on personality and Solomon Asch on belief conformity -- are still cited in NATO psy-ops literature to this day .."
This is an issue which has frustrated me greatly. In spite of the fact that the country's leading psychologist (at the very least one of them -- ex-APA president Seligman) has been documented taking consulting fees from Guantanamo and Black Sites goon squads, my social science pals refuse to recognize any corruption at the core of their so-called replicated quantitative research.
I have asked more than five people to point at the best critical work on the Big 5 Personality theory and they all have told me some variant of "it is the only way to get consistent numbers". Not one has ever retreated one step or been receptive to the suggestion that this might indicate some fallacy in trying to assign numbers to these properties.
They eat their own dog food all the way and they seem to be suffering from a terrible malnutrition. At least the anthropologists have Price . (Most of that book can be read for free in installments at Counterpunch.)
|
|
|
Mar 23, 2018 | www.theamericanconservative.com
Slingshot . The malware targeted Latvian-made Internet routers popular in the Middle East, Africa, and Southeast Asia.Kaspersky's reports reveal that the malware had been active since at least 2012, and speculates that it was government-made, owing to its sophistication and its use of novel techniques rarely seen elsewhere.
Those investigating the matter further have drawn the conclusion that Slingshot was developed by the U.S. government, with some reports quoting former officials as connecting it to the Pentagon's JSOC special forces. For those following the cyber security and malware sphere, this is a huge revelation, putting the U.S. government in the hot seat for deploying cyber attacks that harm a much greater range of innocent users beyond their intended targets.
Kaspersky's own findings note that the code was written in English, using a driver flaw to allow the implanting of various types of spyware. Among those mentioned by Moscow-based Kaspersky was an implant named "GOLLUM," which notably was mentioned in one of the leaked Edward Snowden documents .
Further findings suggest that Slingshot had common code with only two other known pieces of software, both malwares, which were attributed to the NSA and CIA, respectively, by analysts. Though various U.S. agencies are all denying comment, things are clearly pointing uncomfortably in their direction.
Cyberscoop , one of the first news outlets to break the story, reported a mixed reaction among officials. Some noted that Kaspersky Labs was simply doing what a security company is supposed to do. Others, however, were less agreeable, suggesting it was an intentional attempt by Kaspersky to undermine U.S. security.
The argument, as far as it goes, is that given the ostensible target areas -- the Middle East, North Africa, Afghanistan -- Kaspersky should have concluded it was related to the War on Terror and sat on their findings. The Trump administration already views Kaspersky as a sort of hostile actor -- banning the use of Kaspersky products by any government or civilian federal contractor in December, citing Kremlin influence (a charge that has been vehemently denied by the company). This just gives them more justification for seeing Kaspersky as an adversary in the space.
Unfortunately for the Russian company, some American retailers have even followed suit, pulling the software from the shelves on the grounds that it's Russian, and that therefore suspect.
There has been no clear evidence that Kaspersky's software was serving as a backdoor for Russian intelligence, though it was reported last fall that sensitive documents were stolen from a National Security Agency (NSA) contractor's laptop via its Kaspersky-made antivirus software . In a statement at the time, the company said, "Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts." Turns out that Israeli spies, spying on the Russian spies, disclosed the intrusion to U.S. officials.
Kaspersky has consistently ranked near the top of antivirus ratings from virtually all third-party reviewers. The company has sold its products to nearly 400 million users worldwide, with 60 percent in the U.S. and Western Europe. Until now, Kaspersky was being used by several major agencies in the federal government, including the State Department and Department of Defense.
Ironically, this new Slingshot issue itself appears just to be a testament to how well the company's security works at digging up extremely dangerous malware. It also underscores the uneasy reality that the U.S. has been engaging in its own brand of cyber warfare all along.
Any claims that a specific piece of U.S. malware -- in this case, Slingshot -- was targeting only al-Qaeda or ISIS bad guys is disingenuous as well. The exploit on routers is hitting an entire region, infecting an untold number of innocent people . Internet cafés are said to have been hit in this, meaning everyone going into the cafes is at risk.
Malware is not a precision munition, it hits wide targets and spreads out to bystanders. This is particularly disturbing to note if, as some reports are indicating, this malware was Pentagon in origin.
U.S. civilian government surveillance is already doing great harm to general Internet security, and does so by remaining in denial about the balance of good to harm that is being done. The U.S. military, by contrast, has shown its willingness to inflict major harm on innocents in pursuit of any war goal. As they start hitting regions with malware, all bets are off on how far it will spread.
Security companies like Kaspersky Labs only afford the private user limited protection from all of this malware, because they're constantly playing catch-up, finding new variants and new exploits that the various pieces of software are using. Slingshot, for instance, went undetected for six solid years .
The discovery means fixes can finally be implemented for the routers and the computers. Novel exploits like this are rarely a one-time fix, however, as a slew of similar exploits from other sources tend to crop up after one gets taken out. It's a never-ending battle.
In August, President Trump made U.S. Cyber Command a formal military command , reflecting the growing view of the Internet as a military objective. Much as America's other battlefields result in collateral damage on the ground, the cyberwar is going to have a deleterious impact on day-to-day life in cyberspace. The big questions are how bad things will get, and how quickly.
Jason Ditz is news editor at Antiwar.com , a nonprofit organization dedicated to the cause of non-interventionism. In addition to TAC, his work has appeared in Forbes, Toronto Star, Minneapolis Star-Tribune, Providence Journal, Daily Caller, Washington Times and Detroit Free Press.
|
|
|
Mar 21, 2018 | consortiumnews.com
JWalters , March 19, 2018 at 10:46 pm
backwardsevolution , March 19, 2018 at 4:29 pmIn a casual conversation at a party a computer science researcher from a leading university commented that the vast majority of "denial of service" attacks in this country are done by the federal government. That would probably be the CIA covert ops in service to the bankster oligarchy. The Israelis are also known to have cyber warfare capabilities, and are a central part of the oligarchy, judging by their clear control of the MSM.
It makes complete sense that the oligarchy would do everything it could to harass and slow down the opposition, even if just to frustrate them to the point of giving up. I'm glad you are reporting your experiences here; it will help the site administrators deal with the problem.
A few years ago there was a Zionist mole(s) at Disqus who deleted posts that were too informative about Israel, especially those with links to highly informative articles. After an open discussion of the problem it eventually disappeared.
Realist , March 19, 2018 at 4:47 pmRealist -- occasionally this happens to me and, yes, it is most frustrating. What I am doing more often now (but sometimes I still forget) is copying my text before hitting "Post Comment". If it disappears, at least you still have it and can try again. If this occurs, I go completely off the site, and then come back on and post again. Does this just happen on posts that took you a long time to get finished? I ask this because I've found that if I type some words, go away and start making dinner (or whatever), and my comment is not posted for several hours, then sometimes it does this.
I sure hope you get it figured out because your posts are always wonderful to read.
backwardsevolution , March 19, 2018 at 6:18 pmThis has been happening systematically to anything I post today. Both long and short entries. I copy the text, then post it. When I see it appear or even see it under moderation, I have assumed it would stand and so delete the copy rather than save it -- that space goes to the next composition. So, everything "disappeared" today is gone. Most of the stuff disappeared has to do with our supposed rights of free speech and the intrusion of the intelligence agencies into our lives and our liberties. Guess who I suspect of sabotaging these calls to be vigilant against attacks on our freedoms? Good gravy, they are becoming relentless in trying to control every jot and tittle of the narrative. The entire MSM is not enough for them, even web sites with a microscopic audience are now in their sights. I don't know what else to make of a problem that has become routine, not just sporadic.
Skip Scott , March 19, 2018 at 7:29 pmYou're just too good, Realist! You make too much sense! If there is a "they" out there who are censoring, of course they'd go after someone like you. Take a break, kick back, then see what happens tomorrow. If it continues, then maybe you could make a few calls.
robjira , March 19, 2018 at 9:58 pmSorry to hear of your difficulties, Realist. Don't give up yet. Your posts are a very valuable part of this website. I do suspect outside interference. This site and ICH are both under attack, and probably others as well. I hope Nat and Tom Feeley can afford some good techies to mount a good defense.
Paul E. Merrell, J.D. , March 19, 2018 at 9:59 pmI agree with be and Skip, Realist. The same thing happened to me (and I'm not even a frequent commentator here); sometimes it takes days for a post(s) to appear. This sometime can be triggered by multiple links, extensive text formatting, etc. (you probably already know all this).
Anyway, be has it right; take a breather for a while. If something more nefarious is really happening, wear it like a medal; if your comments are disappeared, that as good as confirms you're on target. Your commentary is really insightful, and nothing freaks them out more than an informed opinion.
Peace.backwardsevolution , March 19, 2018 at 10:15 pmTo paraphrase someone: "Never attribute to malice that which can be attributed to a bug in the software."
Litchfield , March 20, 2018 at 9:09 amPaul E. Merrell -- "Never attribute to malice that which can be attributed to a bug in the software."
Quite true. I was having trouble going on Paul Craig Roberts' site for about a month (and another site, but I can't remember which one). I said to my son, "What the heck? Are they shutting down access to this site?" My son came onto my computer and within about two minutes he had me set right again. He said it had to do with my Internet security company. Who knew? Certainly not me! Thank goodness for tech-literate children.
freedom lover , March 20, 2018 at 3:39 pm" even web sites with a microscopic audience are now in their sights."
Maybe "microscopic," but with the potential to be magnified and multiplied. I have been puzzled as to why some posts have shown up as being in moderation and others not. But have not systematically followed up to see what happened. I assume comments at this site are moderated in some way, but why would that result in the patchy appearance of an actual "under moderation" signal?
Sam F , March 19, 2018 at 8:47 pmNot just this website but very common if you try to post anything on RT.
I also noticed several comments here that had been deleted after I refreshed the screen. They appeared to have attracted the "anti-semitism" accusation, so perhaps other hackers are involved.
Sam F , March 19, 2018 at 8:40 pm
Litchfield , March 20, 2018 at 9:12 amWhile at first skeptical of the hacking hypothesis, I realized its similarity to what I have seen for two months on RT.
RT is apparently being copied to "mirror sites" likely controlled by US agencies, so that they can run spy scripts when the stories are viewed. My PC runs far slower after checking any story on RT, and the browser must be restarted to regain normal speed. No other website has this problem, and certainly RT would not want to annoy their viewers by doing that themselves.
Most likely the secret agency scripts are sending files and browsing information to government spies.
It may be that CN is now being copied into hacked "mirror sites" by those who control the web DNS service that identifies the web server address for named websites. That would be a US secret agency. I have wondered whether such agencies are responsible for the trolls who have annoyed commenters here for several months. It may be that they are controlling the commentary now as well, to make political dossiers.
Realist , March 20, 2018 at 5:01 pm"My PC runs far slower after checking any story on RT, and the browser must be restarted to regain normal speed. "
I have noticed this as well. I don't check RT all that often, but one time I wanted to see what Peter Lavelle had been up to lately with CrossTalk, so went to RT. This was awhile ago so I can't recall the exact details, but I think my browser generally froze up and I had to reboot my laptop. Of course it made me a bit paranoid and I wondered what was going on at RT.
Inthebyte , March 20, 2018 at 11:27 amI've often noticed a great delay in RT loading. I'll have to focus on the effect you described. Sometimes I get a "service not available" notice for CN which usually resolves within no more than a half hour.
Zachary Smith , March 20, 2018 at 12:51 pmI agree about RT. When I log on there everything slows to a crawl, or flat doesn't navigate. Thanks for the comment. Now I know I'm being gas lighted. Another site with all of these problems is Information Clearing House who are hacked repeatedly.
Sam F , March 19, 2018 at 8:42 pmMy PC runs far slower after checking any story on RT, and the browser must be restarted to regain normal speed. No other website has this problem, and certainly RT would not want to annoy their viewers by doing that themselves.
I'm running three script-blocker addons as I type this, and a fourth will be enabled again after making this post. The latter one does something to the CN site, and unless disabled any comment goes to the bottom of the page. My Firefox browser (which I'm using now) has the cache set to "0", and also to "never remember history". This slows it somewhat, but I figure the trade-off is worthwhile.
I review four "Russian" sites and have noticed they're chock-full of annoying ads and scripts. One of them I suspect is being run for income, for there is no coherent "message" along with most of the headlines being clickbait material. But I return there because sometimes they have a story worth more investigation.
geeyp , March 20, 2018 at 12:28 amWhile at first skeptical of the hacking hypothesis, I should note what I have seen for two months on RT.
RT is apparently being copied to "mirror sites" likely controlled by US agencies, so that they can run spy scripts when the stories are viewed. My PC runs far slower after checking any story on RT, and the browser must be restarted to regain normal speed. No other website has this problem, and certainly RT would not want to annoy their viewers by doing that themselves.
Most likely the secret agency scripts are sending files and browsing information to government spies.
It may be that CN is now being copied into hacked "mirror sites" by those who control the web DNS service that identifies the web server address for named websites. That would be a US secret agency. I have wondered whether such agencies are responsible for the trolls who have annoyed commenters here for several months. It may be that they are controlling the commentary now as well, to make political dossiers.
Litchfield , March 20, 2018 at 9:13 amNothing much secret regarding the secret agencies. Didn't I read that Google and Face. (same company with Y.T.) have fairly recently hired 10,000 new employees for just this purpose? I ,too, have had plenty of issues with the RT.com site. It is not RT causing the issues. Truth hurts these evil P.O.S. And, also I have wondered regarding the ISP involvement. On the article topic, I was quite angered when I read his Tweet over the weekend; that punk has got nerve and needs to wear an orange jumpsuit.
Sam F , March 20, 2018 at 11:50 amWhat is the ISP movement?
Skeptigal , March 20, 2018 at 4:26 amThe ISP may or may not be involved, but the DNS is involved in creating fake (or real) "mirror sites." DNS (distributed name service) has its own servers all over, which translate text URLs (xxx.com ) to numeric internet (IP) addresses. So when you request the site, your local DNS server gives you the address based upon its updates from other sources, including the "mirror" sites used for heavily-used websites.
I do not yet know the processes used to update DNS servers which would be tampered to create fake mirror sites, or exactly how this would be controlled, except that secret agencies would know this and would have such control. Others might be able to do this as well.
Realist , March 20, 2018 at 11:23 pmSorry, I know you're frustrated but I couldn't help but giggle at your indignant replies. They are hilarious. Your comments may have ended up in the spam folder. If you contact them they will restore your comments. Good luck! :)
Using the British standard, I'm going to assume you are responsible for all the trouble unless you prove otherwise.
|
|
|
Mar 16, 2018 | www.linuxtoday.com
12 comments If you (or someone you know) ever forget your Windows password, you'll be glad to know aboutchntpw, a neat Linux utility that you can use to reset a Windows password. For this how-to, I created a Windows virtual machine and set the password topass123on my user account,Archit-PC. I also created a Live USB with Fedora 27 using the Fedora Media Writer application.Here are the steps, along with screenshots, to guide you through the quick and super easy process of resetting your Windows password with
chntpw.1. Attach the Live USB to your PC and restart from the login screen, as shown below:
2. Boot from the Live USB and click on Try Fedora :
3. Log out from
live-userand log intoroot. This step is not necessary, but I prefer to use therootuser to bypass any permission issues:4. Install the
chntpwutility with the following command (you'll need a live internet connection for this):sudo dnf install -y chntpw5. Check which partition should be mounted by
sfdisk -l...:and mount that partition (e.g.,
/dev/sda2) with the following command:sudo mount /dev/sda2 /mnt/Microsoft/Change the current directory to the
configdirectory:cd /mnt/Microsoft/Windows/System32/config/Also, check the user records in the Security Account Manager (SAM) database:
passwordreset_mount-3.png
6. Edit the SAM database with the command:
sudo chntpw -i SAMThen type
passwordreset_username-1.png1(forEdit user data and passwords):
And type your user account name (i.e.,
passwordreset_username-2.pngArchit-PCin this example) for the username:
7. Type
passwordreset_clear-1.png1to clear the user password or2to set a new password for theArchit-PCuser, then quit and save the changes:
passwordreset_clear-2.png
8. Reboot to Windows. If you selected
1above, you'll see there's no password required to log in. Just clickSign inand you will be logged in:That's all there is to it! I hope this will be helpful if you ever need to reset a Windows password.
|
|
|
Mar 07, 2018 | www.thegatewaypundit.com
Brennan is a scum bag, he over saw the CIA as they sought to become the premier Gov. Agency.https://wikileaks.org/ciav7p1/
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force -- its own substantial fleet of hackers. The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.
By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
|
|
|
Feb 20, 2018 | www.globalresearch.ca
US-UK Accuse Russia of "NotPetya" Cyberattack, Offer Zero Evidence By Ulson Gunnar Global Research, February 19, 2018 Region: Europe , Russia and FSU , USA Theme: Intelligence , Media Disinformation
The US and European press have both published stories accusing the Russian government, and in particular, the Russian military, of the so-called "NotPetya" cyberattack which targeted information technology infrastructure in Ukraine.
The Washington Post in an article titled, " UK blames Russian military for 'malicious' cyberattack ," would report:
Britain and the United States blamed the Russian government on Thursday for a cyberattack that hit businesses across Europe last year, with London accusing Moscow of "weaponizing information" in a new kind of warfare. Foreign Minister Tariq Ahmad said "the U.K. government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyberattack of June 2017." The fast-spreading outbreak of data-scrambling software centered on Ukraine, which is embroiled in a conflict with Moscow-backed separatists in the country's east. It spread to companies that do business with Ukraine, including U.S. pharmaceutical company Merck, Danish shipping firm A.P. Moller-Maersk and FedEx subsidiary TNT.
British state media, the BBC, would report in its article, " UK and US blame Russia for 'malicious' NotPetya cyber-attack ," that:
The Russian military was directly behind a "malicious" cyber-attack on Ukraine that spread globally last year, the US and Britain have said.
The BBC also added that:
On Thursday the UK government took the unusual step of publicly accusing the Russia military of being behind the attack. "The UK and its allies will not tolerate malicious cyber activity," the foreign office said in a statement. Later, the White House also pointed the finger at Russia.
Yet despite this "unusual step of publicly accusing the Russian military of being behind the attack," neither the US nor the British media provided the public with any evidence, at all, justifying the accusations. The official statement released by the British government would claim:
The UK's National Cyber Security Centre assesses that the Russian military was almost certainly responsible for the destructive NotPetya cyber-attack of June 2017. Given the high confidence assessment and the broader context, the UK government has made the judgement that the Russian government – the Kremlin – was responsible for this cyber-attack.
Claiming that the Russian military was "almost certainly responsible," is not the same as being certain the Russian military was responsible. And such phrases as "almost certainly" have been used in the past by the United States and its allies to launch baseless accusations ahead of what would otherwise be entirely unprovoked aggression against targeted states, in this case, Russia. The White House would also release a statement claiming:
In June 2017, the Russian military launched the most destructive and costly cyber-attack in history. The attack, dubbed "NotPetya," quickly spread worldwide, causing billions of dollars in damage across Europe, Asia, and the Americas. It was part of the Kremlin's ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia's involvement in the ongoing conflict. This was also a reckless and indiscriminate cyber-attack that will be met with international consequences.
Considering claims that this is the "most destructive and costly cyber-attack in history, " it would seem imperative to establish evidence beyond doubt of who was responsible. No Evidence From Governments Confirmed to Possess the Means to Fabricate Attribution Yet, so far, this has not been done. Claims that Russia's military was behind the attacks seems to be built solely upon private analysts who have suggested the attacks appear to have originated in Russia.
However, as it was revealed by Wikileaks in its Vault 7 release , exposing cyber hacking tools used by the US Central Intelligence Agency (CIA), the origin of attacks can be forged. USA Today in an article titled, " WikiLeaks: CIA hacking group 'UMBRAGE' stockpiled techniques from other hackers ," would admit:
A division of the Central Intelligence Agency stockpiled hacking techniques culled from other hackers, giving the agency the ability to leave behind the "fingerprints" of the outside hackers when it broke into electronic devices, the anti-secrecy group WikiLeaks alleges as it released thousands of documents Tuesday.
The article continues by pointing out:
The documents also suggest that one of the agency's divisions – the Remote Development Branch's UMBRAGE Group – may have been cataloguing hacking methods from outside hackers, including in Russia, that would have allowed the agency to mask their identity by employing the method during espionage. "With UMBRAGE and related projects the CIA cannot only increase its total number of attack types, but also misdirect attribution by leaving behind the 'fingerprints' of the groups that the attack techniques were stolen from," Wikileaks said in a statement.
Not only does this ability allow the CIA to carry out espionage that if discovered would be attributed to other parties, it also allows the CIA to conduct attacks the US government and its allies can then blame on foreign states for the purpose of politically maligning them, and even justifying otherwise indefensible acts of aggression, either militarily, or in the realm of cyberspace.
Evidence provided by the UK and US governments would have to establish Russia's role in the "NotPetya" cyberattack beyond mere attribution, since this is now confirmed to be possible to forge. The UK and US governments have failed to provide any evidence at all, likely because all it can offer is mere attribution which skeptics could easily point out might have been forged. NATO Had Been Preparing "Offensive" Cyber Weapons
As previously reported , NATO had been in the process of creating and preparing to deploy what it called an "offensive defense" regarding cyber warfare. Reuters in an article titled, " NATO mulls 'offensive defense' with cyber warfare rules ," would state:
A group of NATO allies are considering a more muscular response to state-sponsored computer hackers that could involve using cyber attacks to bring down enemy networks, officials said.
Reuters would also report:
The doctrine could shift NATO's approach from being defensive to confronting hackers that officials say Russia, China and North Korea use to try to undermine Western governments and steal technology.
It has been repeatedly pointed out how the US, UK and other NATO members have repeatedly used false pretexts to justify military aggression carried out with conventional military power. Examples include fabricated evidence of supposed "weapons of mass destruction (WMD)" preceding the 2003 US invasion of Iraq and the so-called "humanitarian war" launched against Libya in 2011 built on fabricated accounts from US and European rights advocates.
With UMBRAGE, the US and its allies now possess the ability to fabricate evidence in cyberspace, enabling them to accuse targeted nations of cyber attacks they never carried out, to justify the deployment of "offensive" cyber weapons NATO admits it has prepared ahead of time. While the US and European media have warned the world of a "cyber-911″ it appears instead we are faced with "cyber-WMD claims" rolled out to justify a likewise "cyber-Iraq War" using cyber weapons the US and its NATO allies have been preparing and seeking to use for years. Were Russia to really be behind the "NotPetya" cyberattack, the US and its allies have only themselves to blame for decades spent undermining their own credibility with serial instances of fabricating evidence to justify its serial military aggression. Establishing that Russia was behind the "NotPetya" cyberattack, however, will require more evidence than mere "attribution" the CIA can easily forge.
*
Ulson Gunnar is a New York-based geopolitical analyst and writer especially for the online magazine " New Eastern Outlook ".
All images in this article are from the author.
|
|
|
Feb 19, 2018 | www.unz.com
renfro, February 19, 2018 at 7:38 am GMT
Poor Russia cant get a break, neither can Americans get a break from this USA 'get Russia' monkey circus. The monkeys now reach back a year ago to get Russia on a cyber attack.White House blames Russia for 'reckless' NotPetya cyber attack
https://www.reuters.com/ russia /white-house-blames-russia-for-reckless-notpetya-c… ;
3 days ago -- WASHINGTON/LONDON (Reuters) -- The White House on Thursday blamed Russia for the devastating 'NotPetya' cyber attack last year , joining the British government in condemning Moscow for unleashing a virus that crippled parts of Ukraine's infrastructure and damaged computers in countries across the
Best advice for Americans believe nothing, trust nothing that issues from a government.
The experts:
John McAfee, founder of an anti-virus firm, said: "When the FBI or when any other agency says the Russians did it or the Chinese did something or the Iranians did something -- that's a fallacy," said McAfee.
"Any hacker capable of breaking into something is extraordinarily capable of hiding their tracks. If I were the Chinese and I wanted to make it look like the Russians did it I would use Russian language within the code. "I would use Russian techniques of breaking into organisations so there is simply no way to assign a source for any attack -- this is a fallacy."
I can promise you -- if it looks like the Russians did it, then I can guarantee you it was not the Russians."
Wikileaks has released a number of CIA cyber tools it had obtained. These included software specifically designed to create false attributions.
|
|
|
Feb 16, 2018 | www.moonofalabama.org
Late last night the White House accused the Russian military of having launched the destructive "NotPetya" malware which in June 2017 hit many global companies:
Statement from the Press SecretaryIn June 2017, the Russian military launched the most destructive and costly cyber-attack in history.
The attack, dubbed "NotPetya," quickly spread worldwide, causing billions of dollars in damage across Europe, Asia, and the Americas. It was part of the Kremlin's ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia's involvement in the ongoing conflict. This was also a reckless and indiscriminate cyber-attack that will be met with international consequences.
The statement has the same quality as earlier statements about Spain sinking the Maine or about Saddam's Weapons of Mass Destruction had.
Neither the U.S. nor anyone else has presented ANY evidence of ANY Russian involvement in the creation or distribution of the NotPetya malware. The U.S. is simply asserting this while presenting nothing to back it up.
There is, in general, no attribution possible for any such cyber attack. As John McAfee, founder of an anti-virus firm, said :
"When the FBI or when any other agency says the Russians did it or the Chinese did something or the Iranians did something – that's a fallacy," said McAfee.
...
" Any hacker capable of breaking into something is extraordinarily capable of hiding their tracks. If I were the Chinese and I wanted to make it look like the Russians did it I would use Russian language within the code. "I would use Russian techniques of breaking into organisations so there is simply no way to assign a source for any attack – this is a fallacy."
...
I can promise you – if it looks like the Russians did it, then I can guarantee you it was not the Russians ."I agree with McAfee's statement. The CIA must likewise agree. Wikileaks has released a number of CIA cyber tools it had obtained. These included software specifically designed to create false attributions:
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.
Nearly all "attributes" used for attributing a cyber attack can be easily faked to accuse a party not involved in the attack.
The British National Cyber Security Center, part of the British computer spying organisation GCHQ, also claims that the Russian military is " almost certainly " responsible for the NotPetya attack. Canada and the Australians also chipped in .
But note - these are NOT independent sources. They are, together with New Zealand, part of the of the " Five Eyes " spying alliance. From NSA files released by Edward Snowden we know that the Five Eyes are practically led by the U.S. National Security Agency:
One internal document quotes the head of the NSA, Lieutenant General Keith Alexander, on a visit to Menwith Hill in June 2008, asking: "Why can't we collect all the signals all the time? Sounds like a good summer project for Menwith."Menwith Hill is a Royal Airforce spying station and part of the GCHQ infrastructure. That the head of the NSA can assign "summer projects" to it shows where the real power lies.
The Russian government strongly rejects the accusations.
NotPetya was a destructive virus that masked as ransomware. It was based on attacking tools which originally had been developed by the NSA but were later anonymously published by someone calling himself Shadow-Broker. One of several attack vectors NotPetya used was the update mechanism of some tax accounting software which is common in Ukraine and Russia. But the attack soon spread globally :
The attack hit Ukraine central bank, government computers, airports, the Kiev metro, the state power distributor Ukrenergo, Chernobyl's radiation monitoring system, and other machines in the country. It also affected Russian oil giant Rosneft, DLA Piper law firm, U.S. biopharmaceutical giant Merck, British advertiser WPP, and Danish shipping and energy company Maersk, among others.The biggest damaged through NotPetya occurred at the Danish shipping company Maersk which had to completely reboot its entire infrastructure and lost some $250-300 million due to the attack.
The question one must always ask when such accusations are made is: Why would the accused do this?
In January the U.S. attribution claims about the NotPetya malware were prelaunched through the Washington Post :
The CIA has attributed to Russian military hackers a cyberattack that crippled computers in Ukraine last year, an effort to disrupt that country's financial system amid its ongoing war with separatists loyal to the Kremlin.
...
The GRU military spy agency created NotPetya, the CIA concluded with "high confidence" in November, according to classified reports cited by U.S. intelligence officials.
...
The hackers worked for the military spy service's GTsST, or Main Center for Special Technology, the CIA reported. That unit is highly involved in the GRU's cyberattack program, including the enabling of influence operations.What could have been the motive of the "Russian military" to release a (badly written) malware that destroys computer-files of random companies all over the world including at the all important Russian oil-giant Rosneft . To assume that Ukraine's financial system was the target is almost certainly wrong. There is also no evidence that this was the case. Ukraine's Central Bank was just one of thousands of victims of the attack.
Only some 50% of the affected companies were in Ukraine. Most of them were not financial firms. The attack was initiated through an update mechanism of an accounting software that is also used in Russia. That original attack vector was probably chosen simply because it was easy to use. The accounting software company had a lousy security protection. The first infected computers then applied a different mechanism to spread the malware to other machines. The attack was launched on a Ukrainian national holiday which is not optimal if one wants to spread it as wide as possible throughout the Ukraine.
That the Ukraine and Russia were hit first by the malware was also likely just a time-of-day question. The timeline shows that the U.S. and most of western-Europe were still asleep when the virus started to proliferate. The anti-virus organizations, the Russian company Kaspersky among them , took only a few hours to diagnose the attacking software. A solution to prevent further damage was found within some twelve hours. By the time the U.S. working day started anti-virus companies were already releasing advise and protective code against it. If the attack had not been stopped by protective software it would have effected many more computers. Most of these would not have been in the Ukraine.
The U.S. attribution of the NotPetya attack to some Russian organization is extremely doubtful. In general a certain attribution of any such cyber attack is impossible. It is easy for any sophisticated virus writer to modify the code so that it looks as if it was written by some third party. The CIA even develops tools to do exactly that.
The attacking software seemed to be of relatively low quality. It was a badly designed mishmash created from earlier known malware and spy tools. It was not confined to a certain country or target. It can at best be described as an act of random vandalism on a global scale. There is no discernible motive for any Russian state organizations to release such nonsense.
In 2009 Russia offered an international treaty to prohibit cyber attacks. It was the U.S. under Obama which rejected it as "unnecessary" while it was expanding its own attack capabilities.
The U.S. government has launched a Cold War 2.0 against Russia. The motive for that seems to be mostly monetary. Hunting a few 'terrorists' does not justify big military budgets, opposing a nuclear power does.
The now released accusations against Russia have as much foundation in reality as the claims of alleged Iraqi WMDs. We can only hope that these new accusations will have less severe consequences.
Posted by b on February 16, 2018 at 04:30 AM | Permalink
Comments
uncle tungsten , Feb 16, 2018 4:53:27 AM | 1
Trump has made a fool of himself by agreeing to be the mouth for some looney security briefing. Why the White House releasing this? why not the NSA or some slightly distant body so the president can be kept clear of blowback if the accusation is proven to be wrong (as it has and was at the time of its spread). A gullible fool is spouting at the behest of the five anuses. They certainly aren't eyes with that sh!t coming out.igybundy , Feb 16, 2018 5:44:44 AM | 2Some of the smartest hackers I seen are Russians, although a lot of kids will just do it for kicks, professionals would have a target rather than random targets that can back fire aka how the US does things as we seen off their Iranian attack.Jen , Feb 16, 2018 5:55:09 AM | 3Kaspersky being the best of the best, Kremlin would know and would make great effort to make sure they stay as far away from them as possible. To give it a fighting chance. That Kaspersky found it so fast shows it was not Russian. Since you want them to be last on the list to know about it. Kaspersky for some strange reason also works with their partners in the US/UK etc sharing information. So Russians themselves would work to defeat a Russian attack even if its made. Which any smart cookie would say is self defeating and they would not waste the effort to try.
Could the attack have been co-ordinated by parties in different countries but in the same time zone or in neighbouring time zones, with one or two of these being the same time zones that European Russia is in?Ian , Feb 16, 2018 6:11:01 AM | 4It seems possible that at least one of these parties might be based in Ukraine. For Ukrainian-based pro-Maidan cyber-hackers to release the virus on a Ukrainian public holiday, when most major public and private institutions and businesses are closed, but Russian ones are not, would make sense. Another party could be based in a different country with sophisticated cyber-technology and experience in creating and spreading cyber-viruses that is in the same time zone as Ukraine. Israel comes to mind.
I don't believe anything will come of it. I see these accusations as petty attempts to get under Russia's skin. Frankly, I can't see anybody believing the crap that comes out of Washington's mouth, especially after what Snowden/Wikileaks has revealed to the public.Me , Feb 16, 2018 6:30:32 AM | 5These Russians are so badass!Partisan , Feb 16, 2018 6:35:18 AM | 6
I'm beginning to wish to be a Russian. :)
"Some of the smartest hackers I seen are Russians, ....."Red Ryder , Feb 16, 2018 6:49:23 AM | 7I am curious where have you seen them?
Second thing which I've never understood about hacking is, why all this noise about it. It is like a pc and network infrastructures are like holly grail and untouchable. The fetishization of this particular technology which comes from the west is unbearable, it is like the life on earth depend on it. Than can not be further from the truth. The US behaves as the owner and guardian of the IT sector, and they handsomely profited from it.
If someone leave its nodes exposed or on the Internet than it is their fault, why not hack it. To hell with them. If someone leave sensitive documents on server than again that's the owner problem, and so on. It is not a bigger crime than "regular" spying activity.
The Russian hacking is beyond the point. Two big powers, capitalist countries with almost identical political structure are competing in the world arena. One of them in decline big time, the second one resurgent but stagnant in development and to gain wider influence. The USA is clearly unable to bribe (as used to) Russia although countries such North Korea still suffer from their collusion in the Security council.
Hacking someone's IT infrastructure is mature skill and there is nothing new in it so just like everything else everything the US and its organs are saying is plain lie. Now, the problem is that after a lie follow some kind of coercion. It that doesn't work - if you are small and defenseless country - than they will kill you.
There are at least two tactics in cyberwarfare (which this is).Partisan , Feb 16, 2018 7:01:48 AM | 8
First, to attack and destroy infrastructure of an enemy or opponent or resistant vassal.
Second, to place blame on others for the use of cyber as a weapon.The US is at cyber war with Russia and China. This is not Cold War.
Neither was Stuxnet. That was cyber war on Iran. It got out beyond Iran because its careless design sought Seimens equipment everywhere on the Internet. It went to many other countries far beyond Iran and attacked the equipment there.This malware was not well-designed either. It may have been meant for Russian targets. Rosneft is a huge economic target.
But this campaign using NotPetya had the value of being a Tactic #1 attack + #2 failure against Russia. The CIA got to blame Russia even though the intended damage was quickly reversed by Kaspersky. The irony is they attacked a nation with the best resources to combat and defend against the weapon they used.
But make no mistake, the CyperWars are well underway. The US is sloppy, just like all their Hegemon efforts are seriously flawed in classic terms of execution. The Russians are far more elegant with cyber, as anyone who knows their software experts or products over the years.
"But make no mistake, the CyperWars are well underway."Partisan , Feb 16, 2018 7:14:33 AM | 9I doubt, I doubt very much. If there is a one than it is manufactured.
No vital and nationally sensitive or strategic IT nodes are exposed to the public net. All this is bizarre and narrative created by the Deep State for idiots. Probably ~60% of drugs infested Amerikkans do no care. The rest: https://medium.com/incerto/the-intellectual-yet-idiot-13211e2d0577 are somewhat interested. We can argue whether for domestic (in the light of another shooting, if true) or international purposes (Syria, Iraq, Iran), or both.
The Class War is the Marx's term that is taboo and forbidden in capitalist's world everywhere and in particular in the US where is social oppression and inequality is the greatest in the world by far.Partisan , Feb 16, 2018 7:33:59 AM | 10Maintain all kind of spins and propaganda along with political oppression i.e. help of political police the American version of the Nazi's Gestapo is crucial for the ruling class and regime.
While the looting of the drugged and non-drugged Americans continue unabated.
I would say that only 10% of the Amerikkans have clue what's hacking about, and very small percentage understand in technical terms and details. Sadly, it is NOT important and even more important those question should not be asked! Questioning the highest authority is no, no. The more convoluted the better.integer , Feb 16, 2018 8:02:09 AM | 11Now when the statement is out of the WH we might except refined follow up by the National Security organs, TNYT, TWP, etc. An intended audience are https://en.wikipedia.org/wiki/Little_Eichmanns
It is very good that you posted that photo of Collin Powell in the context of the article. It says it a lot, if not all.
In a Euromaidan Press article dated November 2nd, 2016, the hackers state enthusiastically "Ukrainian hackers have a rather high level of work. So the help of the USA I don't know, why would we need it? We have all the talent and special means for this. And I don't think that the USA or any NATO country would make such sharp movements in international politics."Christian Chuba , Feb 16, 2018 8:15:13 AM | 12From: Untying PropOrNot: Who They Are and a Look at 2017's Biggest Fake News Story
On the Tucker Carlson Show an FBI agent defended the fact that they could not identify the school shooter, prior to the event, even after he was reported, because his one post did not identify himself explicitly. Also, the threat was not enough to open an investigation.Partisan , Feb 16, 2018 8:23:03 AM | 13So now the same group of people claim the ability to discover that people are 'Russian Trolls' from a specific building in St. Petersburg simply based on the content of purely political posts to facebook and twitter.
By following, little bit, the US National Security operation called Cryptocurrency (ies), allegedly based in South Korea and Japan I noticed numbers of hacking of the companies' web sites that are in this, let-call-it-business.Partisan , Feb 16, 2018 9:06:43 AM | 14The most famous hacking was one of Mt.Gox (Japan based) one, where the French nationals was the business' principal. A money never was recovered, and hacker is still unknown!? I guess the place of business and the CEO meant (all US' client states) to give legitimacy to cryptocurrency and lure fools into buying the "fog". But where did "investors" money goes? Not to brilliant Russians...and how could that be? There is a lot of money in game, real money.
Is the National Security State agencies has transfered looting from the domestic soil to international one with help of the virtual reality. No trace of hackers, none!?
I use the term The US National Security State (or Deep State) and its apparatus as synonymous to the Nazi Reich Main Security Office. Both of them, while differ in the methods and size, the goals and objectives are the same.integer , Feb 16, 2018 9:12:50 AM | 15Having just had a quick look into the NotPetya attack, it appears to have began on the morning of the day before Ukraine's Constitution Day, and originated from the update server of a Ukrainian tax accounting program called MeDoc. I expect this was another Ukrainian false flag; a cyber warfare version of MH17. Sharp movements in international politics indeed.Partisan , Feb 16, 2018 9:23:02 AM | 16integer | Feb 16, 2018 9:12:50 AM | 15susetta , Feb 16, 2018 9:53:35 AM | 17Meaning what? A client state was forced into this in order (to blame Russkies) to get another tranches of loan from the IMF?
Well that may mean that, under the new dictact (now the Unites States will not just use its nuclear weapons as a response if the other party used them; now the United States has declared that it will use nuclear weapons if, say, there should be a virus attack on its networks), that the United States is about to declare war on Russia and proceed to nuke it.AriusArmenian , Feb 16, 2018 11:59:07 AM | 20"We can only hope that these new accusations will have less severe consequences."Petri Krohn , Feb 16, 2018 12:01:35 PM | 21The russophobic fake news push is not letting up and now the Trump administration has jumped on board. And on top of targeting Iran has also ramped up targeting China.
This is how the last Cold War ramped up. The public was softened up by the media to fear the USSR. It's a symptom of a disease in its psyche spreading throughout the West.
We see through this nonsense but I fear we underestimate the danger. This Cold War v2 is already much hotter then v1. The West is approaching the throat of the East (Russia, China, Iran, and others), and unfortunately for the world the West feels (it has limited capability to think) it must prevail over the East or faces extinction. And what does that suggest might happen?
CrowdStrike said Russians known as Fancy Bear hacked the DNC. U.S. Department of Homeland Security identified one of the "Russian" malware tools used and named it "Grizzly Steppe" or "PAS tool PHP web kit". Later it was also found to attack U.S. power utilities.james , Feb 16, 2018 12:04:41 PM | 22I tracked down the creator of the malware and found out that he was a 23-year old Ukrainian university student at the Poltava National Technical University.
Did a Ukrainian University Student Create Grizzly Steppe?3) The profexer site presents a SSL certificate that identifies it as pro-os.ru and gives an email address...
Almost a year later the New York Times reported the same story, but did not name the Ukrainian hacker.
In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian HackingBut while Profexer's online persona vanished, a flesh-and-blood person has emerged: a fearful man who the Ukrainian police said turned himself in early this year, and has now become a witness for the F.B.I.
Mr. Gerashchenko described the author only in broad strokes, to protect his safety, as a young man from a provincial Ukrainian city. He confirmed that the author turned himself in to the police and was cooperating as a witness in the D.N.C. investigation. "He was a freelancer and now he is a valuable witness," Mr. Gerashchenko said.
"Fancy Bear" is not the Russian military intelligence agency GRU or any other Russian government agency. It is simply a collection of hacking tools available online on Runet , the Russian language part of the Internet and the Russian language darknet.
thanks b.. more of the same bullshit.. "The U.S. is simply asserting this while presenting nothing to back it up."Shakesvshav , Feb 16, 2018 12:13:40 PM | 24from b's post - "In 2009 Russia offered an international treaty to prohibit cyber attacks. It was the U.S. under Obama which rejected it as "unnecessary" while it was expanding its own attack capabilities."
this from the link in the above quote..
"The United States argues that a treaty is unnecessary. It instead advocates improved cooperation among international law-enforcement groups. If these groups cooperate to make cyberspace more secure against criminal intrusions, their work will also make cyberspace more secure against military campaigns, American officials say."
5 eyes is doing such a great job of being like some stupid chorus line in a bad movie... all of them are beholden to the usa and the usa, as noted above - doesn't need any proof... what does that say about the usa?
willful blindness...
A small cause for celebration here in the UK: https://www.hackread.com/british-hacker-lauri-love-will-not-be-extradited-to-usa/james , Feb 16, 2018 12:18:58 PM | 25@24 shakesvshav - it's a good thing they weren't caught up in some allegation based in sweden which the swedes wanted to drop, but the uk/usa discouraged them from doing... i am thinking of julian assange here - stuck in the eqaudor embassy in the uk.. craig murray did a couple of articles on this the past few days which kind of makes one want to puke especially if one lives in the uk...J Swift , Feb 16, 2018 12:22:15 PM | 26nice to see an opportunity for celebration come your way!
@integer 15 " I expect this was another Ukrainian false flag; a cyber warfare version of MH17"Not as crazy as it sounds. Hell, the CIA and SBU literally share a building! And this code apparently does not have the hallmark elegance of Russian hackers. Why not get a good swipe at Russian businesses, while destroying enough data (evidence) in Ukraine to cover a multitude of sins (just like at least one of the ammo dump explosions is strongly suspected as having been intentionally set to cover up missing inventory which now no doubt resides in Syria). And then the icing on the cake is to get to blame Russia and try to bolster rapidly failing support for sanctions. A lot more plausible than a half-baked Russian attack.
|
|
|
Feb 16, 2018 | www.moonofalabama.org
xor | Feb 16, 2018 2:54:51 PM | 33
There indeed doesn't seem to be a motive to why the Russian authorities would launch a cyber attack that economically disrupts both itself, allies and other countries. Either the virus writers didn't care for a solution, hoped that a solution that never works might panic the victims even more so they make more cash transfers or enjoyed reaping money while seeing their victims suffer of something where there is no solution for. The last 2 reasons are short term because news that there is no solution for the ransomware will stop victims from making cash transfers. More convincing would be a cyber attack initiated by USA authorities that would hit already crumbling Ukraine businesses even further and create even more mistrust between Ukraine and Russia.
And the USA has indeed thoroughly developed means to falsely laying blame for cyber attacks it actually performs itself (next to it's proven credentials of falsely laying blame with chemical and terrorist attacks). On 31 March 2017:
WikiLeaks published hundreds of more files from the Vault 7 series today which, it claims, show how CIA can mask its hacking attacks to make it look like it came from other countries, including Russia, China, North Korea and Iran.
Dubbed "Marble," the part 3 of CIA files contains 676 source code files of a secret anti-forensic Marble Framework, which is basically an obfuscator or a packer used to hide the true source of CIA malware.
The CIA's Marble Framework tool includes a variety of different algorithm with foreign language text intentionally inserted into the malware source code to fool security analysts and falsely attribute attacks to the wrong nation.
...
The White House has condemned the revelations made by Wikileaks, saying that those responsible for leaking classified information from the agency should be held accountable by the law.
WikiLeaks Reveals 'Marble' Source Code that CIA Used to Frame Russia and China
There indeed doesn't seem to be a motive to why the Russian authorities would launch a cyber attack that economically disrupts both itself, allies and other countries. Either the virus writers didn't care for a solution, hoped that a solution that never works might panic the victims even more so they make more cash transfers or enjoyed reaping money while seeing their victims suffer of something where there is no solution for. The last 2 reasons are short term because news that there is no solution for the ransomware will stop victims from making cash transfers. More convincing would be a cyber attack initiated by USA authorities that would hit already crumbling Ukraine businesses even further and create even more mistrust between Ukraine and Russia.Source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.And the USA has indeed thoroughly developed means to falsely laying blame for cyber attacks it actually performs itself (next to it's proven credentials of falsely laying blame with chemical and terrorist attacks). On 31 March 2017:
WikiLeaks published hundreds of more files from the Vault 7 series today which, it claims, show how CIA can mask its hacking attacks to make it look like it came from other countries, including Russia, China, North Korea and Iran.
Dubbed "Marble," the part 3 of CIA files contains 676 source code files of a secret anti-forensic Marble Framework, which is basically an obfuscator or a packer used to hide the true source of CIA malware.
The CIA's Marble Framework tool includes a variety of different algorithm with foreign language text intentionally inserted into the malware source code to fool security analysts and falsely attribute attacks to the wrong nation.
...
The White House has condemned the revelations made by Wikileaks, saying that those responsible for leaking classified information from the agency should be held accountable by the law.
WikiLeaks Reveals 'Marble' Source Code that CIA Used to Frame Russia and China div
The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.When the White House (doesn't matter who's ostensibly in charge) claims leaker's like Julian Assange should be accountable by the law, it of course means the malleable arbitrary law which none of the serpents in the White House, Langley, ... are accountable to.
|
|
|
failedevolution.blogspot.gr
The latest Wikileaks Vault7 release reveals details of the CIA's alleged Cherry Blossom project, a scheme that uses wireless devices to access users' internet activity.As cyber security expert John McAfee told to RT and Natasha Sweatte:
Virtually, every router that's in use in the American home are accessible to hackers, to the CIA, that they can take over the control of the router, they can monitor all of the traffic, and worse, they can download malware into any device that is connected to that router.
I personally, never connect to any Wi-Fi system, I use the LTE on my phone. That's the only way that I can be secure because every router in America has been compromised.
We've been warning about it for years, nobody pays attention until something like WikiLeaks comes up and says 'look, this is what's happening'. And it is devastating in terms of the impact on American privacy because once the router is compromised and it infects the cell phones that are attached, your laptop, your desktop computer, your tablet, then they become compromised and [someone] can watch the data, start listening to conversations, start watching through the cameras on these devices.
We are in a situation with our government where they know everything about us and we know nothing about what the government is doing. They have the right to privacy and secrecy, but the individual does not, anymore.
|
|
|
Jan 03, 2018 | www.truth-out.org
WannaCry and Petya both owe their effectiveness to a Microsoft Windows security vulnerability that had been found by the NSA and code named EternalBlue, which was stolen and released by a group calling themselves the Shadow Brokers. US agencies losing control of their hacking tools has been a recurring theme in 2017. First companies, hospitals, and government agencies find themselves targeted by re-purposed NSA exploits that we all rushed to patch , then Wikileaks published Vault 7 , a collection of CIA hacking tools that had been leaked to them, following it up with the publication of source code for tools in Vault 8.
...In December, Citizen Lab published a report documenting the Ethiopian government's ongoing efforts to spy on journalists and dissidents, this time with the help of software provided by Cyberbit, an Israeli company. The report also tracked Cyberbit as their salespeople demonstrated their surveillance product to governments including France, Vietnam, Kazakhstan, Rwanda, Serbia, and Nigeria. Other perennial bad actors also made a splash this year, including Vietnam, whose government was linked to Ocean Lotus, or APT 32 in a report from FireEye . The earliest known samples from this actor were found by EFF in 2014 , when they were used to target our activists and researchers.
Eva Galperin is EFF's Director of Cybersecurity. Prior to 2007, when she came to work for EFF, Eva worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations from SFSU. Her work is primarily focused on providing privacy and security for vulnerable populations around the world.
|
|
|
Nov 18, 2017 | msdn.microsoft.com
Before we get to this year's list of FREE eBooks, a few answers to common questions I receive during my FREE EBOOK GIVEAWAY:
- How many can you download?
- ANSWER: As many as you want! This is a FREE eBook giveaway, so please download as many as interest you.
- Wow, there are a LOT listed here. Is there a way to download all of them at once?
- ANSWER: Yes, please see the note below on how to do this.
- Can I share a link to your post to let others know about this giveaway?
- ANSWER: Yes, please do share the good news with anyone you feel could benefit from this.
- I know you said they are "Free," but what's the catch?
- ANSWER: There is no catch. They really are FREE . This consider it a, "Thank you," for being a reader of my blog and a customer or partner of Microsoft.
- Ok, so if they are free and you're encouraging us to share this with others, can I post a link to your post here on sites like Reddit, FatWallet, and other deal share sites to let them know, or is that asking too much?
- ANSWER: Please do. In fact, I would encourage you to share a link to this post on any deal site you feel their users could benefit from the FREE eBooks and resources included below. Again, I WANT to give away MILLIONS of FREE eBooks!
- Are these "time-bombed" versions of the eBooks that stop working after a certain amount of time or reads?
- ANSWER: No, these are the full resources for you to use.
Ok, ready for some FREE eBooks? Below is the collection I am posting this year (which includes a ton of new eBooks & resources, as well as some of the favorites from previous years):
... ... ...
PowerShell Microsoft Dynamics GP 2015 R2 PowerShell Users Guide PowerShell PowerShell Integrated Scripting Environment 3.0 PowerShell Simplify Group Policy administration with Windows PowerShell PowerShell Windows PowerShell 3.0 Examples PowerShell Windows PowerShell 3.0 Language Quick Reference PowerShell WINDOWS POWERSHELL 4.0 LANGUAGE QUICK REFERENCE PowerShell Windows PowerShell 4.0 Language Reference Examples PowerShell Windows PowerShell Command Builder User's Guide PowerShell Windows PowerShell Desired State Configuration Quick Reference PowerShell WINDOWS POWERSHELL INTEGRATED SCRIPTING ENVIRONMENT 4.0 PowerShell Windows PowerShell Web Access PowerShell WMI in PowerShell 3.0 PowerShell WMI in Windows PowerShell 4.0
