09/30/2014

Shellshock or Bashbug : the 5 essential things you have to know (or don't want to know)

what you have to know (forget the hundreds of articles that are polluting the internet and hiding the essential information)

1. the code we are talking about is 22 years old and has been written without keeping into mind any standard or control or securitytest or whatever

if you can't replace it you are in big trouble

2. the attacks have started the 2nd of september, the vulnerability was discovered around the 10th and the patching started 2 weeks later (and will be an ongoing process)

there are for the moment millions of scans and attacks going on so if you have a reason to worry about your infrastructure or data, than you should follow this up

if you don't have an IPS and WAF you are just naked, waiting to be raped digitally by some attackers

3. we are now at our 2nd patch because the first wasn't working but at the same moment we are for the moment at 6 official vulnerabilities of which 2 are SECRET (which doesn't mean that they aren't being used for the moment but it is better to keep them secret for the time being before they become common knowledge of the attackers)

you should receive a permanent immediate update from your essential information sources for your products and the general internet security sources like https://isc.sans.org because the situation can change or calm down at first to explode afterwards at any moment (as you are reading this)

4. there is for the moment not much coordination so information is going around at an ever increasing speed and not everybody understands the difference between the different kinds of attacks, vulnerabilities, exploits and that a vulnerability that even if it can be attacked doesn't mean that it always can be exploited

5. there is nothing like this and we are not prepared because you can't be prepared for situations like this, you can only try to limit your risks. People who have put everything on the cloud and thought that cheaper opensource products were better than products with some support behind it will now get value for their money. A Return on Investment of a million against one

Expect everything because everything is possible (with up to half a billion machines that eventually could be attacked and even if only 3% can be exploited this makes an enormous base for botnets and malware)

and my last thought is

which opensource code is next ?

more links at

https://www.diigo.com/list/mailforlen/Security/6n0ke5g 

Rss feed is here https://www.diigo.com/rss/list?u_name=Mailforlen&uri=...

Permalink | |  Print |  Facebook | | | | Pin it! |

09/19/2014

Netflix and Belgacom should work together in Belgium

Belgacom delivers digital tvsetupboxen in Belgium but just as with Telenet the other Partner of this Oligopoly (with some smaller players) they didn't deliver something that is anything near the démonstrations and présentations that they were giving at the start to political and technological influencers

* we have a very very small number of free tv channels (70) which is the double of what we had before but which is nothing compared to the hundred of tv channels  in the air and offered on the US cable networks

* there are few or no open air or public information tvstations while it was announced that by going digital we could install this kind of open media as is the case in the US

* there is only a connection to a few internetservices while with Chromecast at 30 Euro I can have the whole internet and my laptop on the TV

* there is no permanent Library of films, series and documentaries or concerts and the film passports of Belgacom are just boring (compared to the internet)

and so I could go on and on

so netflix on Belgacom would be interesting

and maybe after Netflix there maybe some or hundreds of other services of packages you could chose from ?

because once you have tried one transportation model, there are others (for example why not American Football or other sports or live concerts etc.....)

If it is on the internet and it can be connected to the Digital TVnetwork than where is the problem

otherwise the problem will be that when people look outside (on the internet) they will see a whole new world of information, sports and animation that they should be able to find through their digital tv

Belgacom should maybe also understand that mainstream tv has become enormously boring and repetitive

If Belgacom doesn't do it (and maybe get a lower price for its members and use the economy of scale) than my Chromecast and laptop will do it (as they already do) but the quality will not be the same

Permalink | |  Print |  Facebook | | | | Pin it! |

#scotland everywhere else they would call that a landslide

look at the turnout

loot at the difference

compare with the Québec vote (only 60K difference)

and the massive mediahype campaign that gave the impression that Yes was closing the gap (which it wasn't in fact if you look at the opinion polls )

for example the last month

http://whatscotlandthinks.org/questions/should-scotland-b...

but ok here is what CNN made of it

which in fact was 48% for

and the final result is

based on the polls you could say that the undecided finally voted NO (which is now a good campaignbook for other countries faced with such referendums - keep the undecided undediced untill the last moment and give them enough reasons to have some fear of adventure and risk and you will win)

but when you look at the geography (and even the Turnout in the Yes bastions was lower than exepcted) and this was contrary to what was announced in the media by the Yes organisation (which shows again that just as in the US presidential élections that groundwork organisations responsable for the turnout on the day itself are a very important sometimes determining factor)

also remember that for the first time even 16year olds were invited and mobilised to vote by the scottish government

but the Scottish seperatists haven't really given up because they say that they are defeated .... for now

but the UK is now going through a very complex period of constitutional reform and federalisation (like we know in Belgium) which will change the country for the coming 300 years. THe country didn't know a french revolution and has still today some very rigid and ancient institutions (House of Lords for example).

the split in the country is also political in which England is becoming a conversative euroseptic bastion while the North and Welch are more leftwing and labour oriented (the Scottish educational system is different than the one in England giving more people access to higher education)

but this after the election next year and nobody has any idea how those will go - especially with the euroseptics UKIP making inroads in the Conservative strongholds

it also means that other seperatist movements in Europe have learnt that even a referendum that has been prepared during two years and that is led by a very popular local political party (SNP) and leader against a very unpopular central government and leader and in which all the local resources have been used to their full extent can't be a won

because if you can't do it in Scotland, why should it work in Flanders, Basque, North of Italy or Spain....

the main reason the undecided voted NO was because of the sentiment of Financial insecurity and dangers and that is something that you can never counter if there are enough reasons for that fear

and the fact that even if Scotland voted Yes it would have taken another 6 years of very dangerous negotiations before it could declare itself independent is something that has only reinforced that feeling because in 6 years a lot of things can happen or can be discovered that will change everything

and for historians, this is a map of the desintegration of the English empire over time  http://www.theguardian.com/news/datablog/gallery/2014/sep...

and finally, one dream is totally scattered in the nationalist discourse

there is NO ONE Scotlands, there are at least two of them and the non-seperatists have won with a clear majority (any US president or party in a twoparty winner-takes-all election would sign for that result) just as there is not one UK or one Spain or one whatever region, language or people

it is time for those 19th century ideas to go to the dustbin of history because we see what happens if one mad leader with nuclear weapons and massive troops does with that, hé Putin  (this is different from decentralisation which is a democratic process which doesn't have to be nationalistic in tone or intent)

 

Permalink | |  Print |  Facebook | | | | Pin it! |

09/11/2014

#ukraine this is why there may be war again next week(end)

hundreds of Russian military trucks and tanks are crossing the border

the Russians have also consolidated about 100 km of Ukranian border for free passage

troops are being refreshed by being sent back to Russia while new fresh troops are arriving in Russia (in time for the weekend or join the other troops next week)

the Russians are also digging in and extending their grasp of the territory

and why next week

not because of the sanctions but because Putin is mad as hell about this and unpredictable as he is may be capable to launch new attacks and operations in the weekend or next week to put pressure on the US and Ukraine

the spoiler who is not invited to the party ....

source http://www.odessatalk.com/2014/09/grandstanding-consequences/

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine Russia increased the occupied territory enormously during the last 24h of truce

why would you need war if you can continue to advance and have your strategic goals accomplished during a truce ?

what will the next one be ?

Mariupol during the weekend maybe ?

Everything is looking this way

Permalink | |  Print |  Facebook | | | | Pin it! |

for the first time we knew what it was like to be like a jew (and we're not)

we are not jewish - I am even not religious

but at the side of my wife there is maybe some jewish grand-grand parent but we don't know

we only know that my wife has a bigger nose and that throughout her family the women got names that may be viewed as jewish

today my youngest daughter came back from school where an arabic kid of 12 year had refused to talk to her because she had 'a jewish head' and some other f.... words along with it

my daughter said we should understand because he is palestinian .... but no we won't

we are not jewish and even if we were, you don't just refuse contact or to speak to some-one only because he or she looks like whatever and you don't insult someone else for something we have nothing to do with in any case

so all of a fact we become jewish because the nose is a bit bigger and for this palestinian this is a jewish head

jews were killed for that under Hitler and in Rwanda people were also killed for that (their big or small nose)

nah, we are going to have a good talk with the school, the teacher, the professor in islamic religion and his parents because we won't accept this

at the other side I explained to my wife that this is the first time she understood what it is to be a jew - a real jew - even if you are peaceful and open and democratic and not some-one just out to kill the palestinians and every peaceplan

a jew who is afraid to go against the 'popular guy', who doesn't know how to protect himself without attracting too much attention and who doesn't know on who he or she may count to defend him or that it won't make much difference and will in most cases hope that it will just pass without too much harm

we don't accept any racism, anti-semitism or any discrimination - that is the way we educate our children

It is not what you are that is important, but how are and if you are a racist or just stupid than you stay like that whatever you are, even if they are 'the same' as we are (or think we are)

this is profound and strange experience

jews will say that this is just normal, they have become used to it and that they just let it pass

it is the reason why there will always be a need for Israel even if that doesn't explain all the violence and occupations

but no, we don't and we won't - this has no place here and not in a school

Permalink | |  Print |  Facebook | | | | Pin it! |

09/10/2014

#ukraine #moldavia #estonia look at this map and you will see immediately why shit happens today

you have sometimes just to look at a map like a military planner or an imperialistic ruler would look to see the obvious

Estonia can only be the next victim because it has a long border with Russia and if you take or destabilize Estonia you can have enough influence on Latvia and maybe Lithuania. This is why Estonia is quickly becoming the next point of attention (and of preparation in case if something starts happening). You also have to consider that they have a big minority of Russians and that there are already patriotic Russian seperatists active for a long time.

Ukraine : well if Ukraine is integrated with the European Union and eventially NATO the map totally changes. Have a good look at the map and imagine Ukraine not being part of or associated with Russia. Bielarus would be more or less surrounded by western democracies and it would only be a matter of time untill it would feel that influence and at least would start to become more democratic and pluralistic and market orientated.

Moldavia and transdistrn would be much more difficult to hold on to if Ukraine became totally European and eventually associated with NATO. The rogue public would be a Russiancontrolled island surrounded by NATO or westernized armies.

and if you look at the black sea - at a moment in which Russia is investing billions in warships and started a war over Crimea you see that the strategic advantage will change if the coastline of Ukraine falls into the hands of the prorussian militias and the russian army in Ukraine.

You also see why the ex Yougoslavian republics will become member of the European Union in the end

and this makes (except for Norwegen) the map more or less complete

and Moscow is not so far from the Ukranian border making the Russian first strike impossible or much too dangerous  even if Russian generals have placed it on the table now

this is the big endgame the global strategy all the rest is day-to-day politics and news

moldavia will not join NATO for the moment but as Putin is doing very hard his best to scare everybody, this is the map of NATO members and candidates and those who are not a member yet

Permalink | |  Print |  Facebook | | | | Pin it! |

Leaked (mostly) Russian gmailaccounts - Google says it knows what happened

According to the Russia-based CNews a spokesperson for the Russian office of Google Svetlana Anurova said: "experts now understand what happened in the case". She also urged users to "select strong passwords and be sure to use a two-step authentication".
http://www.news965.com/news/news/local/google-investigati...

aside from the strong passwords and the double authentification

what happened

was it possible to do some bruteforcing on the servers

was traffic to the server intercepted

was it phishing

if you know what happened

you have to say what happened even if you have fucked up

this is what real trust is based on

that it may happen but will never happen again (the same thing)

Permalink | |  Print |  Facebook | | | | Pin it! |

SHA1 certificates aren't secure enough for Google, you have to upgrade

source https://blog.globalsignblog.com/blog/google-to-display-wa...

Permalink | |  Print |  Facebook | | | | Pin it! |

#leak update 1 : 5 million mostly Russian GMail accounts leaked with passwords (download)

this is the download for now 

https://mega.co.nz/#!rgFDDRSD!QyyLxZNnR8i9fF_aNkKI-wUIUV3...

Do not try them because if you try them you may be doing something illegal in your country.

UPDATE 1 : it seems now that it are mostly Russian users so a local Gmail server will have been compromised or it is an infection or phishing campaign in Russia which has resulted to this file (and added with Junk to inflate the numbers and to increase the media attention because who cares about a few thousand of even a million Gmail accounts)

but in Reddit there are also others who have found their passwords in it and they didn't live in Russia

First it is a collection of old stuff, stupid stuff and working stuff (around 60% says some anonymous tester for what it is Worth)

Secondly it is time to add your telephone number to your Google account as double authentification (and keep your mobile from downloading unknown apps and malware)

Losing your emailaddress is something very essential because you will lose the possbility to change other passwords, verify changes and transactions and your contacts may receive trusted malware and spam. In mailboxes you can also find personal information that you can use to bypass other securityquestions or passwords to other services and networks or interesting contacts for social engineering

and what is more important your gmail account also gives you access to youtube (have porn), your surfhistory and plenty of other resources

GMAIL is the single biggest security failure of an unique passwords for many services (lose it all at once)

you can suppose that passwordchecking software is already busy trying the same passwords on other services and on Gmail.

Use always an unique password for your email.

Permalink | |  Print |  Facebook | | | | Pin it! |

how the new malware bypasses url-blocking by proxies and webfilters

As per “Malware Traffic Analysis” blog, similar infection chain is seen from www.techo-bloc.com too. In both the cases, the Javascript file in the compromised server is modified to serve the exploit kit. The initial redirection server 192.185.16.158 has been used widely in recent web infections. It appears to be a website hosting server and belongs to the company HOSTGATOR according to the recent DomainTools lookup. Various domains of innocent users from music industry and law firms are used as “redirection” link in the infection chain. The target exploit server (95.163.121.188) is hosted in Russia. This is a sinkhole that is connected to many such varying domain names. All of these names have some substring “cdn” in them. Once the bad actors get access to an account/server they just create a corresponding “cdn” domain entry under that domain and use it to point to the target exploit server. This way they can bypass a lot of the URL categorization and URL blacklisting technologies.
http://www.cyphort.com/blog/israeli-security-think-tank-w... 

never expect your enemy to be passive and not to be always on the lookout for a bypass and to use it massively as long as it works as a window of opportunity because it takes a long time before you have found a way to block these automatically and afterwards to distribute it to all of your installations

oh and what is more, only one URL blockers knows the command and control server of this tool

but it is already distributing malware since at least march 2014

source http://totalhash.com/analysis/60c5632656bef4f5e42a6f4805c...

as is proven in this other analysis

http://support.clean-mx.de/clean-mx/viruses.php?sort=firs...

so an URL can have various malicious downloads for some time that are detected but will not be stopped as a bad URL by most of them

big opportunity for their zerodays

I just block all traffic to Russia on my network - point final

Permalink | |  Print |  Facebook | | | | Pin it! |

Today is internet slowdown day (when your ISP decides what you can view for free)

go here https://www.battleforthenet.com/sept10th/

Permalink | |  Print |  Facebook | | | | Pin it! |

pingly wants to change email forever

"Here are a few of the shortcomings we've identified with email and how Pingly plans to fix them:

 

 

Shortcoming #1:

 

Right now anyone can send you an email which is part of the beauty and simplicity of email, but that has also been abused.

 

Pingly has a feature called "Connections" so that you can still receive messages from anyone, but Connections let you choose who and what is important. Think of it like friending someone on Facebook or following someone on Twitter so that it allows special priority and notifications to you.

 

 

 

 

Shortcoming #2:

 

Messages sent to you via email come in all forms, shapes and sizes. Text and HTML, confirmation and RSVP, download a file or print tickets. Those are all great things, but on the downside, because there aren't specific message formats, you the user are required to digest each message to figure out what the sender is trying to convey to you or which action to take.

 

Pingly breaks messages down into different types such as: Conversation, Calendar event, Action required, etc. This way the messages are pre-digested for you in a familiar format that makes it easy for you to see the important information and take an action.

 

 

 

 

Shortcoming #3:

 

Email runs on older protocols like IMAP and SMTP that are around 30 years old and are hard for developers to work with.

 

Pingly provides a REST API to developers to make creating apps around email or extending Pingly a breeze.
http://blog.pingly.com/email-20

not the first try and surely not the last one and too early too tell

the best thing would be if the big mailservers and webmails would incorporate this thinking in their products as a side-service you could use or not - and it could become a Facebook breaker for the private and familly stuff which is much more difficult to manage on Facebook ever more complicated privacy and access controls

Permalink | |  Print |  Facebook | | | | Pin it! |

the strategic battle for the Antartic is in full swing, Russia building strategic Fort

source http://io9.com/russia-is-building-a-star-fort-on-this-str...

My note : Alaska, Canada - with the melting Ice and the warming of the earth it has gone another way on the diplomatic military front where the cold war in setting in again and relations are becoming colder by the week

look at this map, military it is all about location, location and location

with the modern warfare and electronic monitoring possibilities you have here a very strategic position

Permalink | |  Print |  Facebook | | | | Pin it! |

Google doesn't want you to block even malicious ads in their appstore

source http://news.yahoo.com/disconnect-mobile-yanked-again-goog...

mynote : what do you expect from the super privacy- thief amongst thiefs...

and they don't check or control the apps for malicious code or privacy incursions before they are accepted at the appstore - neither does Apple by the way

Permalink | |  Print |  Facebook | | | | Pin it! |

the smallest best kitchen in the world

source https://homes.yahoo.com/blogs/spaces/the-2-foot-by-2-foot...

Permalink | |  Print |  Facebook | | | | Pin it! |

The military strategy of China is now informationwarfare centered

"Xi Jinping, head of the Chinese Communist Party, is calling on China’s military to focus on innovation and information warfare. He declared the world is seeing a “new military revolution.”

 

“We should cast off the paradigm of mechanized warfare and embrace an approach to war featuring information technology,” Xi said, during a meeting of the Political Bureau of the Chinese Communist Party (CCP) Central Committee.

 

Xi gave his speech on Friday. His statements were reported by China’s state-run news agency Xinhua on Sunday.
http://www.theepochtimes.com/n3/926297-china-calls-for-mi...

this does also involve electronic warfare as you have to intercept and disrupt the electronic communications and Tools of the enemy - even if you are not shooting at each other :)

it also means much more 'reconnaissance' and 'intelligence' (cyberespionage)

Permalink | |  Print |  Facebook | | | | Pin it! |

why western firms are not locating top managment and secret information in China anymore

"The many frustrations of doing business in China have made some difference in the plans to move executives here — choking air pollution, countless regulations that favor local competitors and weak protection for intellectual property. A rising wave of economic nationalism has also manifested itself in large-scale raids on the Chinese offices of multinationals in the automotive, pharmaceutical and technology sectors. Police officials are copying large numbers of computer hard drives and interrogating employees without allowing access to legal advice.

More important, many multinationals are starting to pay renewed attention to Southeast Asia, which is showing signs of revival 17 years after the Asian financial crisis. They have found it hard to do that from Shanghai or Beijing. Each major city has no more than one flight a day to Jakarta, Indonesia, for example. And China’s diplomatic and trade ties to Southeast Asia have been strained by its increasingly assertive claims to control over practically all of the South China Sea.
http://www.nytimes.com/2014/09/10/business/international/...

China is only part of Asia of which is has very strained political and military relations for the moment, sometimes binkering on the edge of conflicts and incidents and talk of war

Having your secret business information in China involves enormous investments in its security and transporting it to China needs something like the Unbreakable Laptop (Sophos) or other high secure transportation

Permalink | |  Print |  Facebook | | | | Pin it! |

09/09/2014

#ukraine Russian landing ships arriving in the black sea

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine russia used tactical missiles in Ukraine before the ceasefire

source http://maidantranslations.com/2014/09/09/yuriy-butusov-evidence-confirms-that-ukraine-is-fighting-against-regular-russian-army/

Permalink | |  Print |  Facebook | | | | Pin it! |

1 2 3 4 5 Next