• belsec censored in some financial and public institutions

    Yeah I am a very dangerous hacker for them

    blocked so you can't read it when you are working there

    and you should be reading this because it is part of your job of what you should know to be able to function and to re-act the right way and to know where to look for information or to know if something has happened that changed all what you did know before

    are you blocked at your work ?  let it be known in the comments .....

  • when publishing excell tables, did you erase the hidden personal data (and metadata)

    Responding to a FOI request often requires making sure no personal data in included. But when releasing information contained in pivot tables [a data summarisation tool - http://en.wikipedia.org/wiki/Pivot_table], extra care is needed. The ICO has recently fined Islington Council £70,000 for breach of the Data Protection Act, which resulted from the Council not understanding that personal data was disclosed in its response to a FOI request. The ICO says that Microsoft Excel and other spreadsheet programs retain a copy of the source data used, and this information is hidden from view, but easily accessible.

    In the case of Islington Council, personal details of over 2,000 residents were accidently released online in response to a FOI request made through the What Do They Know (WDTK) website, which lists responses from public authorities.  According to the ICO, Islington Council used the tables to show statistics on how housing had been allocated to residents, but failed to remove the source data, and so sensitive personal data about tenants was revealed.

    this is England, not Belgium

    here they are talking about a fine of 10.000 Euro (or 7.000 pounds) which is 10%

    I am sure that in England you don't forget their fine of nearly 100.000 Euro......

  • belgian central EID registration system was under attack

    we don't say it was hacked

    only that it was attacked  ATTACKED NOT HACKED

    some hacker thought that he had entrance or could change some page and posted his 'success' here


    but when the service went back to take the screenshot the only thing they saw here


    was this

    ype Exception report


    description The server encountered an internal error () that prevented it from fulfilling this request.


    javax.servlet.ServletException: java.lang.NullPointerException

    root cause


    note The full stack trace of the root cause is available in the JBoss Web/3.0.0-CR2 logs.

    yep they publish all the technical details that hackers would need to see what they did wrong or what they missed

    and not the 404 page oops and no technical information online (why)

    and in contrast to their name, they are no newbies


    if you have a public interface you will be attacked even if they will not be hacked and you should work from this knowledge out and not publish all that technical information online as if nothing can happen to you

  • spies using lasertechnology to read Snowden documents ?

    The U.K.’s Government Communications Headquarters, or GCHQ, claimed that Russia or China could hack into the Guardian’s IT network and access the documents.


    Although the Guardian insisted that the documents were not stored on its network and were secure, an intelligence agency expert argued that they were still vulnerable.


    To illustrate how the information was still at risk, he told editors that foreign agents could train a laser on “a plastic cup in the room where the work was being carried out … to pick up the vibrations of what was being said” there. Vibrations on windows could similarly be monitored remotely by laser.

    than we are all insecure if this is possible

    because the only secure room in that case would be a bunkered room in the basement

    they have them in some embassies and governmental buildings

  • Big brother is called Facebook and they follow us through your photos

    read this it is scary

    "Facebook Inc. is considering incorporating most of its 1 billion-plus members’ profile photos into its growing facial recognition database, expanding the scope of the social network’s controversial technology.

    The possible move, which Facebook revealed in an update to its data use policy on Thursday, is intended to improve the performance of its “Tag Suggest” feature. The feature uses facial recognition technology to speed up the process of labeling or “tagging” friends and acquaintances who appear in photos posted on the network.

    will have to change my profile picture, maybe have to take one of a mask

    do never place pics on Facebook of demonstrations and actions or dissidents

    and people tagging pics is also part of this technology

    oh yes and in another article some time ago, one you have placed pics they will always stay on the Facebook servers even if you have destroyed them ...

    so who can guarantee what will happen with this system and all of its knowledge

  • NSA is trying to break the cryptologic keys and getting close

    somewhere hidden in the 43 pages of 178 that were leaked today is this sentence that was picked up by Wired because when they wrote the article about the enormous NSA datacenter that is being built, there was the question why one would want to hold so much data (of which much today is not necessarily readable)

    “Also,” Clapper writes in a line marked “top secret,” “we are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit internet traffic.”


    The Post’s article doesn’t detail the “groundbreaking cryptanalytic capabilities” Clapper mentions, and there’s no elaboration in the portion of the document published by the paper. But the document shows that 21 percent of the intelligence budget — around $11 billion — is dedicated to the Consolidated Cryptologic Program that staffs 35,000 employees in the NSA and the armed forces.

    so when you break an encryption key all the messages that were protected with that key become readable and it is handy to have them nearby in your datacenter - even if takes a year to process them all (you will never know what you will find and even if it is old news for the analysts it may change the way they have interpreted events and the way they should analyse or interpret events, people or policies in the future)

    the only way to keep things secret is by destroying it quickly afterwards (and by keeping things off digital things or networks)

  • the most important fact for network administrators about the kelihos bot

    A final point to make about this threat is that it makes no attempt to hide exactly how loud it is regarding network activity.  We noted a spike in TCP traffic across a distinct 563 IP addresses in the span of two minutes.  Network administrators should take extra care in monitoring users with anomalous levels of traffic.  A single node giving off so much traffic to different services in such a small window could be used to identify potential victims.

    this means that normal services or connections may have problems

  • spammers are fans of Facebook Fan pages to spam you with and kill facebook itself in the end

    Spammers seem to have little care as to what they set up spam fan sites for – the team noted one for victims of the Boston terrorist bombing, but said that the spammers they contacted insisted they were doing nothing wrong.

    "Facebook doesn't ban us, simply because we generate the content on Facebook itself. Everyday I materialize funny, and interesting content full of phrases and so forth that is shared and liked by thousands of users," said one in a Skype conversation.

    "Without the fan pages Facebook would be an empty place. Tell me how many links do you see shared by your friends on your timeline everyday? You see – the answer is simple."

    so let's look at the business thing explained here

    it are the fanpages that make the traffic

    it are the fanpages that are now being used massively by spammers - evently sending visitors outside Facebook

    and so it is Facebook that is losing

    * visitors, eyeballs and advertising

    *money because it has to invest ever more in antispamming and staff

    * users because they are getting tired by those spammers hidden in fanpages that are just blasting stuff to their 'walls' they will stop reading at one time

    one solution

    make it one click easy to stop some-one from publishing on your wall (public or private) - just a button to click (off my wall) so that people can do it themselves and quickly

  • on the internet nobody knows I am a dog (old school) or just ugly (today)

    would you date this woman if you would see here and wouldn't be helped and scammed by her daughter

    Karen Vasseur

    Tracy Vasseur

    really sexy no ?

    Denver-based Karen Vasseur, 63, and daughter Tracy, 42, tricked victims into thinking they were talking to US service personnel looking for love.


    The prolific scammers duped 374 victims in the US and 40 other countries.


    "Not only did this mother-daughter duo break the law, they broke hearts worldwide," police said.

  • this is why you need a real databreachlaw in Europe and Belgium

    they won't do it they aren't legally obliged to do it

    "Recent research by AlienVault revealed that only 2% of surveyed EU companies would be willing to go public should they suffer a security breach. 38% opted to inform the relevant authorities and 31% said they would tell their employees. A mere 11% said they would share the information with the security community.

    90% of all breaches aren't even shared with the security community or the other potential victims

    98% would even NOT inform their customers

  • how to bomb your way to a no-fly zone in #Syria the easy and cheap way

    Meanwhile, another analysis making the Pentagon rounds shows there is a more realistic military option. It comes from Christopher Harmer, a former Naval aviator now at the Institute for the Study of War, a Washington think-tank. The plan has been examined and broadly endorsed by retired four-star General Jack Keane, one of the architects of the 2007 "surge" that saved the day in Iraq.


    Mr. Harmer starts with the proposition that the Syrian air force is far from mighty, with only 100 or so planes and perhaps only 50 of them still operational. They fly from only six major airfields controlled by the regime. "The Syrian air force is this close to being defeated," he says, holding his thumb and forefinger an inch apart.


    These columns have endorsed a no-fly zone in Syria, but Mr. Harmer says that isn't necessary. Target those six airfields—their runways, bomb and fuel depots, control tower and radars—and you can essentially shut down the bombing raids that have so harmed the opposition. Going after the aircraft would also be desirable but is unnecessary if the Syrians can't sustain flight operations. The U.S. might need to attack the airfields again if the Syrians are able to repair and rebuild, but similar sorties could do the job.


    Even better, Mr. Harmer says all of this can be done by using standoff weapons like Tomahawk cruise missiles and air-to-surface missiles like the JASSM. No U.S. pilot would be put in harm's way, since no aircraft would have to enter Syrian air space. The attack also wouldn't require taking down Syria's air defenses, which he says in any case are far less capable than advertised.

  • why everything those specialists said about energy and Russia untill recently is false now

    Five years ago, peak oil theorists predicted that global production would soon hit its high-water mark and then decline inexorably, with the U.S. growing even more dependent on overseas energy imports. Those trends seemed to play into Putin’s hands. What he didn’t anticipate was that U.S. oil production—thanks to horizontal drilling and hydraulic fracturing technology, in which pressurized water and chemicals are blasted into rocks to release energy—would increase 46 percent. That equals the entire output of Nigeria, estimates Daniel Yergin, vice chairman of consulting firm IHS. “Think of it like a non-OPEC country appearing in North Dakota or southern Texas,” Yergin told executives at the St. Petersburg forum in June.


    Between now and 2018, North America will provide 40 percent of new supplies through the development of light, tight oil and oil sands, while the contribution from the Organization of Petroleum Exporting Countries will slip to 30 percent, according to the International Energy Agency, which also sees the U.S. emerging as the biggest oil producer by 2020 and a net exporter of oil by about 2030. Meanwhile, the agency trimmed global fuel demand estimates for the next four years.


    The U.S. is also on pace to add 2 trillion cubic feet per year of natural gas once three just-approved LNG projects start operating, an 8 percent increase in total U.S. capacity based on 2012 production levels. More LNG facilities are coming onstream in Australia, South Korea, Mozambique, and Tanzania. Yergin predicts natural gas, both conventional and liquefied, will be the No. 1 energy source by the end of 2030.


    Russia’s worry is twofold: An expanding supply of affordable LNG, which is transported by ship, is forcing Gazprom to either cut prices or lose share. (Weird and surprising fact: As American utilities shift to gas, displaced U.S. coal is flooding into European markets. The U.S. may supplant Russia as the world’s No. 3 coal exporter by yearend, according to Goldman Sachs (GS).) Second, the Russian gas giant is under pressure to adopt spot-market pricing instead of tying its prices to oil. In June, Gazprom agreed to revise its gas contracts with German utility RWE after losing an arbitration case; it’s renegotiating supply contracts with other utilities, including Eni (ENI:IM) and EconGas. The European Union is also drafting an antitrust complaint against Gazprom for abusing its dominant position, say three people familiar with the probe who asked not to be named. The company declined to comment. Longer term, the Russians may even have to contend with shale energy assets being developed by Western oil majors in Poland, Ukraine, and Lithuania, all Gazprom profit sanctuaries.

    If you don't preview the impossible and just make your rationale on what is possible today, than you will never have a clear vision about tomorrow

    if US production plants in for example the petrochemical sector are LEAVING china (as do carmakers) and are going back to the US it is because of the low energyprices now that fracking is there

    if the US Is making more new jobs than ever before and its tradebalance is swifting it is because there is fracking

    if the Middle East dictatorships with all that oil can't blackmail the US anymore with cutting oil or driving up the prices, it is because there is fracking

    if Putin has now more internal economical and financial problems than he can deal with, it is because of fracking

    fracking gas and oil made the consultants freak out about their predictions

    only there are billions invested at some time solely based upon their experience, insight and vision

    (at the same time look at the downfall of the BRIC countries that is happening every day before our eyes because they just reaped the money for years while our so bright industralists offshored our production and are now faced with a very difficult situation as those countries with little oil production have to import oil in odllars while their currencies are sliding away every day making energy coests higher every day)

  • and you are amazed attacks against java are popular and still increasing

    A new round of attacks on Java 6 in web browsers follow a proof of concept (PoC) exploit for the flaw that was published last week, according to Hirvonen.

    “PoC for CVE-2013-2463 was released last week, now it's exploited in the wild. No patch for JRE6... Uninstall or upgrade to JRE7 update 25,” Hirvonen tweeted.

    In a later tweet, he noted that the exploit was integrated into the Neutrino exploit kit -- one of dozens of kits for sale that bundle exploits for bugs in popular software to net victims.

    Hirvonen’s advice to either upgrade to the latest Java 7 or uninstall Java (if the person is running Java 6) is based on Oracle’s decision not to release new security updates for Java 6 to the public after moving it to “end of public updates” status this April.

    Like many of the 40 Java flaws that Oracle acknowledged in its June update, the bug being exploited by Neutrino actually affected Java 7 Update 21 (and earlier) as well as Java 6 Update 45 (and earlier), and was also exploitable via the Java browser plugin.

    But while anyone using Java 7 could move to Java 7 Update 25, only customers paying Oracle for long term Java support can access and install Java 6 Update 51 -- the latest Java 6 update.

    Enterprise customers on “premium support” can expect Java 6 updates through to December this year, while Oracle’s “Extended Support” customers will receive updates to December 2016 and “Sustaining Support” customers can expect updates indefinitely.

    If you are still on java6 because some java developers never bothered to write the necessary qualitycode that would have worked with java7 (it worked than and so everybody was happy and paid the bills and forgot about all the other issues in development with a longterm vision) - GET OFF IT NOW AND UPGRADE

  • how to pay nearly no royalties on US music before 1972

    Sound recordings were not given federal copyright protection until 1972 and instead relied on individual US states' laws for protection. SoundExchange claims that Sirius reduced its royalty payments by between 10 and 15 per cent, corresponding with the number of pre-1972 recordings played through Sirius's service.

    According to the group, during the same time it was underpaying royalties, SiriusXM grew its subscribers from 17 million to 24 million and revenues from $2.06bn to $3.4bn. ?

    So you just have to check out the system and know who is responsable for what (the state of the firm who produced the record, the state of the musician or of the copyrightholder now ) and how much you should pay for that music depending on the system and if you are lucky (as some commercial online radio's with specialist easylistening, of (ONLY) US jazz, blues, and 60's music, rockn' billy, country and classical music are) than you can survive without paying more to play the music than you get adveritising and subscribers and become rich

    at the other royalties shouldn't be milked for centuries to come, which isn't the same as making it public domain because as investments in production and marketing have been paid off a thousand times all the royalties that are still coming in are just being used for the too high salaries of executives and too much blablabla staff, to pay new untalented groups or too old stars who only survive because there are today not so many alternatives

    it would be better if part of these royalties should be used to digitalize the musical history and cultural heritage because with each change of format some say 30 to 40% of all products made on one material aren't converted into another (you can find for example on Youtube personally digitalized vinyl and cassettess or VHS that the firms would never digitalize because there is no market for it while the material itself is culturally and artistically amazing (and maybe even historically relevant) - and vinyl lovers know that they can still find versions and lp's that have not been digitalized or have been in a very rudimentary way or too professional (so it doesn't sound like the recording at the time because it has been remastered)

    reading the documents of the plaintiffs and now it is clear why pre1972 recordings are being re-mastered, not to f.... them up but because so they fall under the present copyright and royalties, so this means that those stations would need to have the real ORIGINAL recordings if they don't want to pay, well vinyl collectors here is your market again (thought it was collapsing under the digitalisation movement online, now all these webstations need to have the orginal vinyl recordings online and a player in their studio, linked to their server)

  • if Google would have done what Microsoft did it would have become the next Microsoft

    The dominance of Android in the global smartphone market has not always been a positive for Google, which gives the software away for free. Google does not make a dime from Xiaomi or most other mainland Chinese-made Android phones, since they do not carry the Google Play store and use search engines other than Google’s.

    the difference is that - before the complaints of the European union and the US instances - it had locked the browser and still tries to into the OS (luckily for technological progress Firefox made it easy to install and is much more userfriendly than IE and evolves quicker) and Chrome has some good stuff but on the privacy-security side there are some big problems that they (just as Apple) don't want to resolve because they say they are functions (cleartext passwords for example)

    the other difference is that the search engine Bing they tried to integrate also only to see that this didn't really work but Bing is not really a good searchengine compared to Google and next to Google there is none

    the third problem is that although Google is fucking up its own Playstore by having a too lax oversight and quality control (even if the one of Apple is mostly propaganda and luck as was proven recently - something they are now saying they will change and revise) the other - especially Chinese (because of the huge number of mobile internet users versus computerbased internet access) ) playstores are even more

    if Android has one single biggest failure that in term could bring it down if Microsoft can make the software to app change with windows 8 (or should we wait for windows9 so everything is as it should be with windows10 ? ) than it is the unbelievable insecurity of its appstores and the absent levels of warning and protection in the OS itself (and you have to remember that this is the same mobile that is used for ebanking and (double) identification)

    but Google would be a true gigant now if instead of giving it free without any strings it would have integrated its own searchengine as default as a changeable but standard integrated searchengine which only the user could change (and not the producer) and if it would have done the same for its own playstore (or warehouse of playstores)

    too late to go back on it - unless it markets a secure stable enterprise version of android in which security, privacy and stability (and control) are the cornerstone

    and nobody would be able to copy that ....

  • Syrian electronic Army delivered the accounts from viber, tango.me and truecaller to the regime

    Last time we spoke, you said the Syrian Electronic Army had no contact with the Syrian government. Is that still the case?
    We contacted the Syrian government lately to deliver the databases of Viber.com, Tango.me, and TrueCaller.com.


    And why would these websites be important to the Syrian government?
    Huge numbers of terrorists use Viber and Tango for contacting (communication).

    so virtual security is really about real physical security, point final

  • DDOS malware that detects and bypasses DDOS defenses

    the cat and mouse game again

    The last time I wrote about Drive it was still following the old model of DirtJumper-variant phone-homes and all the communications were in plaintext. I recently discovered a new variant that diverges from the DirtJumper-variant phone home and adds a number of new attacks, including one that attempts to bypass some known mitigation techniques that it calls -smart and appears to be one of the first pieces of DDoS malware that attempts to detect mitigations being used and bypass them.

  • flickr.com from yahoo gives ONE TERRA FREE PHOTOHOSTING (Picasa's Google 600 dollars)

    I have to read it again to believe it

    but there I went to control it and it was true

    it is just another name for unlimited hosting

    and a publicity for never go anywhere else, stop looking

    not only is it one of the biggest collections and communities of photofanatics and collectors

    it also has a web2.0 interface and functions

    tip : before uploading make your new sets in the interface for sets not for uploads otherwise it won't work

    so yahoo is getting more traffic again than Google

    well their mail is more private than the contextual analyzing of the content of your mails in Google

    their flickr environnement and hosting is now much better than picasa which can cost you a lot of money if you would like more than they offer for free

    and in news, it is just news as we are used to it, filtered, selected, packaged and presented with just the most interesting things (not the most original or important things) above and that goes for the whole line of news - whatever the subject

    so for the moment, Yahoo seems to have three winning products, news, mail and pics

  • revenge porn specifically outlawed and punished if this proposal becomes law

    California is considering a law that would make it illegal to post "revenge porn" in the US state.


    The state assembly bill would make it a crime to post pictures of anyone online in a state of full or partial undress.


    Crucially, the latest version of the bill makes it illegal to post pictures even with that person's consent.


    But prosecutors would have to prove "the intent to cause serious emotional distress, and [that] the other person suffers serious emotional distress".


    First offenders could expect up to six months in jail, a $1,000 (£645) fine, or both.

    this could be helpful in a few cases that made the Belgian media (and in any other country)

  • the two basic options for a military action in Syria

    Photo de Batoul Yori.


    1. bomb the military airports (there are about 52 of them left) except those who store the chemical weapons

    * the neighborhoods around won't be bombed as much

    * some of the airports may be overrun by the rebels, getting arms (if anything is left after the bombing)

    * there is a de facto no flyzone because nearly nothing flies anymore

    2. bomb Damascus (the military and governmental centers that is)

    * holding Damascus at any cost is what makes them do things like this

    * those decisions are taken in Damascus

    * the rebels can strengthen their position in Damascus or even advance


    well it will be on wednesday or after friday (the day of prayers because you don't want a bunch of radical preachers all over the world calling this friday to protest against the US

    it means that the terrorism risk for Europe has increased or didn't diminish